From owner-svn-src-all@freebsd.org Fri May 22 20:52:37 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 90A0A2DC652; Fri, 22 May 2020 20:52:37 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49TJb93Gkwz3cPc; Fri, 22 May 2020 20:52:37 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 52E1E2457B; Fri, 22 May 2020 20:52:37 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 04MKqbTM065913; Fri, 22 May 2020 20:52:37 GMT (envelope-from jhb@FreeBSD.org) Received: (from jhb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 04MKqbJW065912; Fri, 22 May 2020 20:52:37 GMT (envelope-from jhb@FreeBSD.org) Message-Id: <202005222052.04MKqbJW065912@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jhb set sender to jhb@FreeBSD.org using -f From: John Baldwin Date: Fri, 22 May 2020 20:52:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r361404 - head/sys/crypto/ccp X-SVN-Group: head X-SVN-Commit-Author: jhb X-SVN-Commit-Paths: head/sys/crypto/ccp X-SVN-Commit-Revision: 361404 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 May 2020 20:52:37 -0000 Author: jhb Date: Fri May 22 20:52:36 2020 New Revision: 361404 URL: https://svnweb.freebsd.org/changeset/base/361404 Log: Remove a workaround for GCM requests with an empty payload. This was copied from ccr(4) (which does require the workaround), but is reportedly not needed for ccp(4). Discussed with: cem Sponsored by: Netflix Modified: head/sys/crypto/ccp/ccp.c Modified: head/sys/crypto/ccp/ccp.c ============================================================================== --- head/sys/crypto/ccp/ccp.c Fri May 22 19:09:43 2020 (r361403) +++ head/sys/crypto/ccp/ccp.c Fri May 22 20:52:36 2020 (r361404) @@ -113,67 +113,6 @@ ccp_populate_sglist(struct sglist *sg, struct cryptop return (error); } -/* - * Handle a GCM request with an empty payload by performing the - * operation in software. - */ -static void -ccp_gcm_soft(struct ccp_session *s, struct cryptop *crp) -{ - struct aes_gmac_ctx gmac_ctx; - char block[GMAC_BLOCK_LEN]; - char digest[GMAC_DIGEST_LEN]; - char iv[AES_BLOCK_LEN]; - int i, len; - - /* - * This assumes a 12-byte IV from the crp. See longer comment - * above in ccp_gcm() for more details. - */ - if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) { - crp->crp_etype = EINVAL; - goto out; - } - memcpy(iv, crp->crp_iv, 12); - *(uint32_t *)&iv[12] = htobe32(1); - - /* Initialize the MAC. */ - AES_GMAC_Init(&gmac_ctx); - AES_GMAC_Setkey(&gmac_ctx, s->blkcipher.enckey, s->blkcipher.key_len); - AES_GMAC_Reinit(&gmac_ctx, iv, sizeof(iv)); - - /* MAC the AAD. */ - for (i = 0; i < crp->crp_aad_length; i += sizeof(block)) { - len = imin(crp->crp_aad_length - i, sizeof(block)); - crypto_copydata(crp, crp->crp_aad_start + i, len, block); - bzero(block + len, sizeof(block) - len); - AES_GMAC_Update(&gmac_ctx, block, sizeof(block)); - } - - /* Length block. */ - bzero(block, sizeof(block)); - ((uint32_t *)block)[1] = htobe32(crp->crp_aad_length * 8); - AES_GMAC_Update(&gmac_ctx, block, sizeof(block)); - AES_GMAC_Final(digest, &gmac_ctx); - - if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { - crypto_copyback(crp, crp->crp_digest_start, sizeof(digest), - digest); - crp->crp_etype = 0; - } else { - char digest2[GMAC_DIGEST_LEN]; - - crypto_copydata(crp, crp->crp_digest_start, sizeof(digest2), - digest2); - if (timingsafe_bcmp(digest, digest2, sizeof(digest)) == 0) - crp->crp_etype = 0; - else - crp->crp_etype = EBADMSG; - } -out: - crypto_done(crp); -} - static int ccp_probe(device_t dev) { @@ -643,11 +582,6 @@ ccp_process(device_t dev, struct cryptop *crp, int hin error = ccp_authenc(qp, s, crp); break; case GCM: - if (crp->crp_payload_length == 0) { - mtx_unlock(&qp->cq_lock); - ccp_gcm_soft(s, crp); - return (0); - } if (s->pending != 0) { error = EAGAIN; break;