diff options
| author | pjd <pjd@FreeBSD.org> | 2010-09-23 11:46:53 +0000 |
|---|---|---|
| committer | pjd <pjd@FreeBSD.org> | 2010-09-23 11:46:53 +0000 |
| commit | 7c5b734f64e42e6d5b7864578947df2fe8b2149b (patch) | |
| tree | c06ddbde35f7ece57d32ac7be27cb707f591721f /sys/crypto | |
| parent | 65e42dc379712a52d91f5c14ec2909f9c42fa098 (diff) | |
| download | FreeBSD-src-7c5b734f64e42e6d5b7864578947df2fe8b2149b.zip FreeBSD-src-7c5b734f64e42e6d5b7864578947df2fe8b2149b.tar.gz | |
Add support for CRD_F_KEY_EXPLICIT flag.
MFC after: 1 week
Diffstat (limited to 'sys/crypto')
| -rw-r--r-- | sys/crypto/aesni/aesni_wrap.c | 48 |
1 files changed, 32 insertions, 16 deletions
diff --git a/sys/crypto/aesni/aesni_wrap.c b/sys/crypto/aesni/aesni_wrap.c index 496b59b..e09185d 100644 --- a/sys/crypto/aesni/aesni_wrap.c +++ b/sys/crypto/aesni/aesni_wrap.c @@ -105,13 +105,12 @@ aesni_decrypt_ecb(int rounds, const void *key_schedule, size_t len, } } -int -aesni_cipher_setup(struct aesni_session *ses, struct cryptoini *encini) +static int +aesni_cipher_setup_common(struct aesni_session *ses, const uint8_t *key, + int keylen) { - struct thread *td; - int error; - switch (encini->cri_klen) { + switch (keylen) { case 128: ses->rounds = AES128_ROUNDS; break; @@ -124,18 +123,28 @@ aesni_cipher_setup(struct aesni_session *ses, struct cryptoini *encini) default: return (EINVAL); } + + aesni_set_enckey(key, ses->enc_schedule, ses->rounds); + aesni_set_deckey(ses->enc_schedule, ses->dec_schedule, ses->rounds); + arc4rand(ses->iv, sizeof(ses->iv), 0); - td = curthread; - error = fpu_kern_enter(td, &ses->fpu_ctx, FPU_KERN_NORMAL); - if (error == 0) { - aesni_set_enckey(encini->cri_key, ses->enc_schedule, - ses->rounds); - aesni_set_deckey(ses->enc_schedule, ses->dec_schedule, - ses->rounds); - arc4rand(ses->iv, sizeof(ses->iv), 0); - fpu_kern_leave(td, &ses->fpu_ctx); - } - return (error); + return (0); +} + +int +aesni_cipher_setup(struct aesni_session *ses, struct cryptoini *encini) +{ + struct thread *td; + int error; + + td = curthread; + error = fpu_kern_enter(td, &ses->fpu_ctx, FPU_KERN_NORMAL); + if (error == 0) { + error = aesni_cipher_setup_common(ses, encini->cri_key, + encini->cri_klen); + fpu_kern_leave(td, &ses->fpu_ctx); + } + return (error); } int @@ -154,6 +163,13 @@ aesni_cipher_process(struct aesni_session *ses, struct cryptodesc *enccrd, error = fpu_kern_enter(td, &ses->fpu_ctx, FPU_KERN_NORMAL); if (error != 0) goto out; + + if ((enccrd->crd_flags & CRD_F_KEY_EXPLICIT) != 0) { + error = aesni_cipher_setup_common(ses, enccrd->crd_key, + enccrd->crd_klen); + if (error != 0) + goto out; + } if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0) { if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0) |
