From owner-p4-projects@FreeBSD.ORG Sun Nov 16 05:40:46 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id C1300E6B; Sun, 16 Nov 2014 05:40:46 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 83658E69 for ; Sun, 16 Nov 2014 05:40:46 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 70671B18 for ; Sun, 16 Nov 2014 05:40:46 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sAG5ek15043446 for ; Sun, 16 Nov 2014 05:40:46 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sAG5ek3P043443 for perforce@freebsd.org; Sun, 16 Nov 2014 05:40:46 GMT (envelope-from jmg@freebsd.org) Date: Sun, 16 Nov 2014 05:40:46 GMT Message-Id: <201411160540.sAG5ek3P043443@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202876 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Nov 2014 05:40:47 -0000 http://p4web.freebsd.org/@@1202876?ac=10 Change 1202876 by jmg@jmg_carbon2 on 2014/11/16 05:40:36 for some reason, when I access mbuf directly, things don't work... more investigation is needed... Simplify how IV's are calculated.. There needs to be more work in this area... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#15 edit Differences ... ==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#15 (text+ko) ==== @@ -382,6 +382,7 @@ uint8_t *addr; if (crp->crp_flags & CRYPTO_F_IMBUF) { + goto alloc; m = (struct mbuf *)crp->crp_buf; if (m->m_next != NULL) goto alloc; @@ -505,7 +506,7 @@ switch (enccrd->crd_alg) { case CRYPTO_AES_CBC: case CRYPTO_AES_ICM: - ivlen = 16; + ivlen = AES_BLOCK_LEN; break; case CRYPTO_AES_XTS: ivlen = 8; @@ -517,21 +518,13 @@ /* Setup ses->iv */ bzero(ses->iv, sizeof ses->iv); - if (encflag) { - if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0) - bcopy(enccrd->crd_iv, ses->iv, ivlen); - else - arc4rand(ses->iv, ivlen, 0); - if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) - crypto_copyback(crp->crp_flags, crp->crp_buf, - enccrd->crd_inject, ivlen, ses->iv); - } else { - if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0) - bcopy(enccrd->crd_iv, ses->iv, ivlen); - else - crypto_copydata(crp->crp_flags, crp->crp_buf, - enccrd->crd_inject, ivlen, ses->iv); - } + if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0) + bcopy(enccrd->crd_iv, ses->iv, ivlen); + else if (encflag && ((enccrd->crd_flags & CRD_F_IV_PRESENT) != 0)) + arc4rand(ses->iv, ivlen, 0); + else + crypto_copydata(crp->crp_flags, crp->crp_buf, + enccrd->crd_inject, ivlen, ses->iv); if (authcrd != NULL && !encflag) crypto_copydata(crp->crp_flags, crp->crp_buf,