Author: jhb Date: Mon Apr 20 22:20:26 2020 New Revision: 360135 URL: https://svnweb.freebsd.org/changeset/base/360135
Log: Generate IVs directly in esp_output. This is the only place that uses CRYPTO_F_IV_GENERATE. All crypto drivers currently duplicate the same boilerplate code to handle this case. Doing the generation directly removes complexity from drivers. It also simplifies support for separate input and output buffers. Reviewed by: cem Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D24449 Modified: head/sys/netipsec/xform_esp.c Modified: head/sys/netipsec/xform_esp.c ============================================================================== --- head/sys/netipsec/xform_esp.c Mon Apr 20 19:16:10 2020 (r360134) +++ head/sys/netipsec/xform_esp.c Mon Apr 20 22:20:26 2020 (r360135) @@ -813,10 +813,9 @@ esp_output(struct mbuf *m, struct secpolicy *sp, struc crp->crp_payload_length = m->m_pkthdr.len - (skip + hlen + alen); crp->crp_op = CRYPTO_OP_ENCRYPT; - /* Encryption operation. */ + /* Generate IV / nonce. */ + ivp = &crp->crp_iv[0]; if (SAV_ISCTRORGCM(sav)) { - ivp = &crp->crp_iv[0]; - /* GCM IV Format: RFC4106 4 */ /* CTR IV Format: RFC3686 4 */ /* Salt is last four bytes of key, RFC4106 8.1 */ @@ -833,8 +832,9 @@ esp_output(struct mbuf *m, struct secpolicy *sp, struc m_copyback(m, skip + hlen - sav->ivlen, sav->ivlen, &ivp[4]); crp->crp_flags |= CRYPTO_F_IV_SEPARATE; } else if (sav->ivlen != 0) { + arc4rand(ivp, sav->ivlen, 0); crp->crp_iv_start = skip + hlen - sav->ivlen; - crp->crp_flags |= CRYPTO_F_IV_GENERATE; + m_copyback(m, crp->crp_iv_start, sav->ivlen, ivp); } /* Callback parameters */ _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
