From nobody Thu Dec 16 22:09:30 2021
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id B69B118D9814;
	Thu, 16 Dec 2021 22:09:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JFR9R10tRz3C8G;
	Thu, 16 Dec 2021 22:09:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 63BD8103B0;
	Thu, 16 Dec 2021 22:09:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BGM9UKG089213;
	Thu, 16 Dec 2021 22:09:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BGM9Uwa089212;
	Thu, 16 Dec 2021 22:09:30 GMT
	(envelope-from git)
Date: Thu, 16 Dec 2021 22:09:30 GMT
Message-Id: <202112162209.1BGM9Uwa089212@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 2cd838281b44 - main - cryptosoft: Remove CBC handling from swcr_encdec.
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 2cd838281b44e337236b0606e89fb5bf58e86032
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1639692571;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rPs2nLXo+B/f9w/YcwU2b58xCD+a+qiAEs7ga9eo1es=;
	b=JX98acGdcb0lioZL1oa4OvqU6fz41eEpVo+EWebxzDRCO11S0450G0RhlLCjh1lg+3OYdO
	8DRwnyFW6Hf1LqqTESZtUs4PJOITfxq68cgmipygb9Z78BHW/X0oiYxQ9M8+uzjbKxKL1m
	hN0mu2QTGOC3ZNEFEkkQISXx2laWrFCF48tITpnJOHX+KxZ8Q4gEdHzFkVsumb0QA+nVId
	vGi1aQ1LVQBUV/abc7ZWWx9xq25Ahu8sP1FjvLFGF+QwbLivOnMmF6rbZsz5sJ+DZSG0Kp
	bJ89+x9Bcxh/K0mKWouf8bCQw5RseDWs2NihiHc6yOL5v7BsLxYfmENYGzv+4Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639692571; a=rsa-sha256; cv=none;
	b=mGhBez08KUhsFkLQUjqI3jXkqXuztZJbWKb7/JbWkKPvcONYFWXy4QLQu2djnA/IQBL3jU
	S0IfdBT+u9O3VltoZ5ByZyEzJAlnGurJgWIEjRVRQ9Fhrr5m7bVqa1xpjYE9qSEHSglKYw
	DPXj+mRdvUqU63cl/tkmDgObSdySZKlw235qrgL4HxTaHqU1MZNzXdBD8ixtBDEaphUj/T
	7tVNqXYVNWg2qN9ngXh7aTj5EyZg+txaJTEJb3SKjP+vIBemKw3J9bZsyc1xP6BIgg5uYw
	rnnImA9/kqA64EP9d2M7Ek1yJJ9/Ytjx+FEo3k+bW7koz8+87m95hEt7mcjbGA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=2cd838281b44e337236b0606e89fb5bf58e86032

commit 2cd838281b44e337236b0606e89fb5bf58e86032
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-12-16 21:48:15 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-12-16 21:48:15 +0000

    cryptosoft: Remove CBC handling from swcr_encdec.
    
    All of the CBC ciphers now handle block chaining in the enc_xform.
    
    Reviewed by:    markj
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D33489
---
 sys/opencrypto/cryptosoft.c | 65 ++++++---------------------------------------
 1 file changed, 8 insertions(+), 57 deletions(-)

diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index ebbc90aac05b..62dae55f1537 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -100,14 +100,13 @@ swcr_null(const struct swcr_session *ses, struct cryptop *crp)
 static int
 swcr_encdec(const struct swcr_session *ses, struct cryptop *crp)
 {
-	unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN];
-	unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
+	unsigned char blk[EALG_MAX_BLOCK_LEN];
 	const struct crypto_session_params *csp;
 	const struct enc_xform *exf;
 	const struct swcr_encdec *sw;
 	void *ctx;
 	size_t inlen, outlen;
-	int i, blks, resid;
+	int blks, resid;
 	struct crypto_buffer_cursor cc_in, cc_out;
 	const unsigned char *inblk;
 	unsigned char *outblk;
@@ -142,17 +141,8 @@ swcr_encdec(const struct swcr_session *ses, struct cryptop *crp)
 	} else
 		memcpy(ctx, sw->sw_ctx, exf->ctxsize);
 
-	crypto_read_iv(crp, iv);
-
-	if (exf->reinit) {
-		/*
-		 * xforms that provide a reinit method perform all IV
-		 * handling themselves.
-		 */
-		exf->reinit(ctx, iv, csp->csp_ivlen);
-	}
-
-	ivp = iv;
+	crypto_read_iv(crp, blk);
+	exf->reinit(ctx, blk, csp->csp_ivlen);
 
 	crypto_cursor_init(&cc_in, &crp->crp_buf);
 	crypto_cursor_advance(&cc_in, crp->crp_payload_start);
@@ -186,45 +176,11 @@ swcr_encdec(const struct swcr_session *ses, struct cryptop *crp)
 		if (outlen < blks)
 			outblk = blk;
 
-		/*
-		 * Ciphers without a 'reinit' hook are assumed to be
-		 * used in CBC mode where the chaining is done here.
-		 */
-		if (exf->reinit != NULL) {
-			if (encrypting)
-				exf->encrypt(ctx, inblk, outblk);
-			else
-				exf->decrypt(ctx, inblk, outblk);
-		} else if (encrypting) {
-			/* XOR with previous block */
-			for (i = 0; i < blks; i++)
-				outblk[i] = inblk[i] ^ ivp[i];
-
-			exf->encrypt(ctx, outblk, outblk);
-
-			/*
-			 * Keep encrypted block for XOR'ing
-			 * with next block
-			 */
-			memcpy(iv, outblk, blks);
-			ivp = iv;
-		} else {	/* decrypt */
-			/*
-			 * Keep encrypted block for XOR'ing
-			 * with next block
-			 */
-			nivp = (ivp == iv) ? iv2 : iv;
-			memcpy(nivp, inblk, blks);
-
+		if (encrypting)
+			exf->encrypt(ctx, inblk, outblk);
+		else
 			exf->decrypt(ctx, inblk, outblk);
 
-			/* XOR with previous block */
-			for (i = 0; i < blks; i++)
-				outblk[i] ^= ivp[i];
-
-			ivp = nivp;
-		}
-
 		if (inlen < blks) {
 			inblk = crypto_cursor_segment(&cc_in, &inlen);
 		} else {
@@ -249,10 +205,7 @@ swcr_encdec(const struct swcr_session *ses, struct cryptop *crp)
 	if (resid > 0) {
 		KASSERT(exf->native_blocksize != 0,
 		    ("%s: partial block of %d bytes for cipher %s",
-		    __func__, i, exf->name));
-		KASSERT(exf->reinit != NULL,
-		    ("%s: partial block cipher %s without reinit hook",
-		    __func__, exf->name));
+		    __func__, resid, exf->name));
 		KASSERT(resid < blks, ("%s: partial block too big", __func__));
 
 		inblk = crypto_cursor_segment(&cc_in, &inlen);
@@ -275,8 +228,6 @@ swcr_encdec(const struct swcr_session *ses, struct cryptop *crp)
 
 	explicit_bzero(ctx, exf->ctxsize);
 	explicit_bzero(blk, sizeof(blk));
-	explicit_bzero(iv, sizeof(iv));
-	explicit_bzero(iv2, sizeof(iv2));
 	return (0);
 }