Date: Mon, 10 Nov 2014 09:44:38 +0000 (UTC) From: Dag-Erling Smørgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r274340 - in head/sys: crypto/rijndael dev/random geom/bde Message-ID: <201411100944.sAA9icnN061962@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Mon Nov 10 09:44:38 2014 New Revision: 274340 URL: https://svnweb.freebsd.org/changeset/base/274340 Log: Constify the AES code and propagate to consumers. This allows us to update the Fortuna code to use SHAd-256 as defined in FS&K. Approved by: so (self) Modified: head/sys/crypto/rijndael/rijndael-api-fst.c head/sys/crypto/rijndael/rijndael-api-fst.h head/sys/dev/random/fortuna.c head/sys/dev/random/hash.c head/sys/dev/random/hash.h head/sys/geom/bde/g_bde.h Modified: head/sys/crypto/rijndael/rijndael-api-fst.c ============================================================================== --- head/sys/crypto/rijndael/rijndael-api-fst.c Mon Nov 10 09:11:23 2014 (r274339) +++ head/sys/crypto/rijndael/rijndael-api-fst.c Mon Nov 10 09:44:38 2014 (r274340) @@ -34,7 +34,8 @@ __FBSDID("$FreeBSD$"); typedef u_int8_t BYTE; -int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) { +int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, + const char *keyMaterial) { u_int8_t cipherKey[RIJNDAEL_MAXKB]; if (key == NULL) { @@ -83,7 +84,7 @@ int rijndael_cipherInit(cipherInstance * } int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer) { + const BYTE *input, int inputLen, BYTE *outBuffer) { int i, k, numBlocks; u_int8_t block[16], iv[4][4]; @@ -198,7 +199,7 @@ int rijndael_blockEncrypt(cipherInstance * @return length in octets (not bits) of the encrypted output buffer. */ int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputOctets, BYTE *outBuffer) { + const BYTE *input, int inputOctets, BYTE *outBuffer) { int i, numBlocks, padLen; u_int8_t block[16], *iv, *cp; @@ -261,7 +262,7 @@ int rijndael_padEncrypt(cipherInstance * } int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputLen, BYTE *outBuffer) { + const BYTE *input, int inputLen, BYTE *outBuffer) { int i, k, numBlocks; u_int8_t block[16], iv[4][4]; @@ -360,7 +361,7 @@ int rijndael_blockDecrypt(cipherInstance } int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key, - BYTE *input, int inputOctets, BYTE *outBuffer) { + const BYTE *input, int inputOctets, BYTE *outBuffer) { int i, numBlocks, padLen; u_int8_t block[16]; u_int32_t iv[4]; Modified: head/sys/crypto/rijndael/rijndael-api-fst.h ============================================================================== --- head/sys/crypto/rijndael/rijndael-api-fst.h Mon Nov 10 09:11:23 2014 (r274339) +++ head/sys/crypto/rijndael/rijndael-api-fst.h Mon Nov 10 09:44:38 2014 (r274340) @@ -56,18 +56,18 @@ typedef struct { /* c /* Function prototypes */ -int rijndael_makeKey(keyInstance *, u_int8_t, int, char *); +int rijndael_makeKey(keyInstance *, u_int8_t, int, const char *); int rijndael_cipherInit(cipherInstance *, u_int8_t, char *); -int rijndael_blockEncrypt(cipherInstance *, keyInstance *, u_int8_t *, int, - u_int8_t *); -int rijndael_padEncrypt(cipherInstance *, keyInstance *, u_int8_t *, int, - u_int8_t *); - -int rijndael_blockDecrypt(cipherInstance *, keyInstance *, u_int8_t *, int, - u_int8_t *); -int rijndael_padDecrypt(cipherInstance *, keyInstance *, u_int8_t *, int, - u_int8_t *); +int rijndael_blockEncrypt(cipherInstance *, keyInstance *, const u_int8_t *, + int, u_int8_t *); +int rijndael_padEncrypt(cipherInstance *, keyInstance *, const u_int8_t *, + int, u_int8_t *); + +int rijndael_blockDecrypt(cipherInstance *, keyInstance *, const u_int8_t *, + int, u_int8_t *); +int rijndael_padDecrypt(cipherInstance *, keyInstance *, const u_int8_t *, + int, u_int8_t *); #endif /* __RIJNDAEL_API_FST_H */ Modified: head/sys/dev/random/fortuna.c ============================================================================== --- head/sys/dev/random/fortuna.c Mon Nov 10 09:11:23 2014 (r274339) +++ head/sys/dev/random/fortuna.c Mon Nov 10 09:44:38 2014 (r274340) @@ -27,13 +27,11 @@ /* This implementation of Fortuna is based on the descriptions found in * ISBN 0-471-22357-3 "Practical Cryptography" by Ferguson and Schneier - * ("K&S"). + * ("F&S"). * - * The above book is superceded by ISBN 978-0-470-47424-2 "Cryptography - * Engineering" by Ferguson, Schneier and Kohno ("FS&K"). - * - * This code has not yet caught up with FS&K, but differences are not - * expected to be complex. + * The above book is superseded by ISBN 978-0-470-47424-2 "Cryptography + * Engineering" by Ferguson, Schneier and Kohno ("FS&K"). The code has + * not yet fully caught up with FS&K. */ #include <sys/cdefs.h> @@ -252,12 +250,9 @@ reseed(uint8_t *junk, u_int length) mtx_assert(&random_reseed_mtx, MA_OWNED); #endif - /* F&S - K = Hd(K|s) where Hd(m) is H(H(m)) */ + /* FS&K - K = Hd(K|s) where Hd(m) is H(H(0^512|m)) */ randomdev_hash_init(&context); -#if 0 - /* FS&K defines Hd(m) as H(H(0^512|m)) */ - randomdev_hash_iterate(&context, zero_region, KEYSIZE); -#endif + randomdev_hash_iterate(&context, zero_region, 512/8); randomdev_hash_iterate(&context, &fortuna_state.key, sizeof(fortuna_state.key)); randomdev_hash_iterate(&context, junk, length); randomdev_hash_finish(&context, hash); @@ -270,7 +265,7 @@ reseed(uint8_t *junk, u_int length) /* Unblock the device if it was blocked due to being unseeded */ if (uint128_is_zero(fortuna_state.counter.whole)) random_adaptor_unblock(); - /* F&S - C = C + 1 */ + /* FS&K - C = C + 1 */ uint128_increment(&fortuna_state.counter.whole); } Modified: head/sys/dev/random/hash.c ============================================================================== --- head/sys/dev/random/hash.c Mon Nov 10 09:11:23 2014 (r274339) +++ head/sys/dev/random/hash.c Mon Nov 10 09:44:38 2014 (r274340) @@ -60,7 +60,7 @@ randomdev_hash_init(struct randomdev_has /* Iterate the hash */ void -randomdev_hash_iterate(struct randomdev_hash *context, void *data, size_t size) +randomdev_hash_iterate(struct randomdev_hash *context, const void *data, size_t size) { SHA256_Update(&context->sha, data, size); @@ -81,7 +81,7 @@ randomdev_hash_finish(struct randomdev_h * data. Use CBC mode for better avalanche. */ void -randomdev_encrypt_init(struct randomdev_key *context, void *data) +randomdev_encrypt_init(struct randomdev_key *context, const void *data) { rijndael_cipherInit(&context->cipher, MODE_CBC, NULL); @@ -93,7 +93,7 @@ randomdev_encrypt_init(struct randomdev_ * a multiple of BLOCKSIZE. */ void -randomdev_encrypt(struct randomdev_key *context, void *d_in, void *d_out, u_int length) +randomdev_encrypt(struct randomdev_key *context, const void *d_in, void *d_out, u_int length) { rijndael_blockEncrypt(&context->cipher, &context->key, d_in, length*8, d_out); Modified: head/sys/dev/random/hash.h ============================================================================== --- head/sys/dev/random/hash.h Mon Nov 10 09:11:23 2014 (r274339) +++ head/sys/dev/random/hash.h Mon Nov 10 09:44:38 2014 (r274340) @@ -42,9 +42,9 @@ struct randomdev_key { /* Big! Make sta }; void randomdev_hash_init(struct randomdev_hash *); -void randomdev_hash_iterate(struct randomdev_hash *, void *, size_t); +void randomdev_hash_iterate(struct randomdev_hash *, const void *, size_t); void randomdev_hash_finish(struct randomdev_hash *, void *); -void randomdev_encrypt_init(struct randomdev_key *, void *); -void randomdev_encrypt(struct randomdev_key *context, void *, void *, u_int); +void randomdev_encrypt_init(struct randomdev_key *, const void *); +void randomdev_encrypt(struct randomdev_key *context, const void *, void *, u_int); #endif Modified: head/sys/geom/bde/g_bde.h ============================================================================== --- head/sys/geom/bde/g_bde.h Mon Nov 10 09:11:23 2014 (r274339) +++ head/sys/geom/bde/g_bde.h Mon Nov 10 09:44:38 2014 (r274340) @@ -182,7 +182,7 @@ AES_init(cipherInstance *ci) } static __inline void -AES_makekey(keyInstance *ki, int dir, u_int len, void *key) +AES_makekey(keyInstance *ki, int dir, u_int len, const void *key) { int error; @@ -191,7 +191,7 @@ AES_makekey(keyInstance *ki, int dir, u_ } static __inline void -AES_encrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len) +AES_encrypt(cipherInstance *ci, keyInstance *ki, const void *in, void *out, u_int len) { int error; @@ -200,7 +200,7 @@ AES_encrypt(cipherInstance *ci, keyInsta } static __inline void -AES_decrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len) +AES_decrypt(cipherInstance *ci, keyInstance *ki, const void *in, void *out, u_int len) { int error;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411100944.sAA9icnN061962>