They're not exposed via PF_KEY so I assume they were used directly
via /dev/crypto. There's no code that uses them and by now no new
code should.
OK?
Index: sys/crypto/cryptodev.h
===================================================================
RCS file: /cvs/src/sys/crypto/cryptodev.h,v
retrieving revision 1.64
diff -u -p -r1.64 cryptodev.h
--- sys/crypto/cryptodev.h 12 Nov 2015 16:57:00 -0000 1.64
+++ sys/crypto/cryptodev.h 12 Nov 2015 17:06:42 -0000
@@ -93,25 +93,23 @@
#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
#define CRYPTO_ARC4 12
-#define CRYPTO_MD5 13
-#define CRYPTO_SHA1 14
-#define CRYPTO_DEFLATE_COMP 15 /* Deflate compression algorithm */
-#define CRYPTO_NULL 16
-#define CRYPTO_LZS_COMP 17 /* LZS compression algorithm */
-#define CRYPTO_SHA2_256_HMAC 18
-#define CRYPTO_SHA2_384_HMAC 19
-#define CRYPTO_SHA2_512_HMAC 20
-#define CRYPTO_AES_CTR 21
-#define CRYPTO_AES_XTS 22
-#define CRYPTO_AES_GCM_16 23
-#define CRYPTO_AES_128_GMAC 24
-#define CRYPTO_AES_192_GMAC 25
-#define CRYPTO_AES_256_GMAC 26
-#define CRYPTO_AES_GMAC 27
-#define CRYPTO_CHACHA20_POLY1305 28
-#define CRYPTO_CHACHA20_POLY1305_MAC 29
-#define CRYPTO_ESN 30 /* Support for Extended Sequence Numbers */
-#define CRYPTO_ALGORITHM_MAX 30 /* Keep updated */
+#define CRYPTO_DEFLATE_COMP 13 /* Deflate compression algorithm */
+#define CRYPTO_NULL 14
+#define CRYPTO_LZS_COMP 15 /* LZS compression algorithm */
+#define CRYPTO_SHA2_256_HMAC 16
+#define CRYPTO_SHA2_384_HMAC 17
+#define CRYPTO_SHA2_512_HMAC 18
+#define CRYPTO_AES_CTR 19
+#define CRYPTO_AES_XTS 20
+#define CRYPTO_AES_GCM_16 21
+#define CRYPTO_AES_128_GMAC 22
+#define CRYPTO_AES_192_GMAC 23
+#define CRYPTO_AES_256_GMAC 24
+#define CRYPTO_AES_GMAC 25
+#define CRYPTO_CHACHA20_POLY1305 26
+#define CRYPTO_CHACHA20_POLY1305_MAC 27
+#define CRYPTO_ESN 28 /* Support for Extended Sequence Numbers */
+#define CRYPTO_ALGORITHM_MAX 28 /* Keep updated */
/* Algorithm flags */
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported
*/
Index: sys/crypto/cryptosoft.c
===================================================================
RCS file: /cvs/src/sys/crypto/cryptosoft.c,v
retrieving revision 1.77
diff -u -p -r1.77 cryptosoft.c
--- sys/crypto/cryptosoft.c 12 Nov 2015 16:57:00 -0000 1.77
+++ sys/crypto/cryptosoft.c 12 Nov 2015 17:06:43 -0000
@@ -463,11 +463,6 @@ swcr_authcompute(struct cryptop *crp, st
axf->Update(&ctx, aalg, axf->hashsize);
axf->Final(aalg, &ctx);
break;
-
- case CRYPTO_MD5:
- case CRYPTO_SHA1:
- axf->Final(aalg, &ctx);
- break;
}
/* Inject the authentication data */
@@ -900,24 +895,6 @@ swcr_newsession(u_int32_t *sid, struct c
(*swd)->sw_axf = axf;
break;
- case CRYPTO_MD5:
- axf = &auth_hash_md5;
- goto auth3common;
-
- case CRYPTO_SHA1:
- axf = &auth_hash_sha1;
- auth3common:
- (*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
- M_NOWAIT);
- if ((*swd)->sw_ictx == NULL) {
- swcr_freesession(i);
- return ENOBUFS;
- }
-
- axf->Init((*swd)->sw_ictx);
- (*swd)->sw_axf = axf;
- break;
-
case CRYPTO_AES_128_GMAC:
axf = &auth_hash_gmac_aes_128;
goto auth4common;
@@ -1028,8 +1005,6 @@ swcr_freesession(u_int64_t tid)
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
case CRYPTO_CHACHA20_POLY1305_MAC:
- case CRYPTO_MD5:
- case CRYPTO_SHA1:
axf = swd->sw_axf;
if (swd->sw_ictx) {
@@ -1118,8 +1093,6 @@ swcr_process(struct cryptop *crp)
case CRYPTO_SHA2_256_HMAC:
case CRYPTO_SHA2_384_HMAC:
case CRYPTO_SHA2_512_HMAC:
- case CRYPTO_MD5:
- case CRYPTO_SHA1:
if ((crp->crp_etype = swcr_authcompute(crp, crd, sw,
crp->crp_buf, type)) != 0)
goto done;
@@ -1179,8 +1152,6 @@ swcr_init(void)
algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
- algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
- algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_XTS] = CRYPTO_ALG_FLAG_SUPPORTED;
Index: sys/crypto/xform.c
===================================================================
RCS file: /cvs/src/sys/crypto/xform.c,v
retrieving revision 1.51
diff -u -p -r1.51 xform.c
--- sys/crypto/xform.c 7 Nov 2015 17:46:49 -0000 1.51
+++ sys/crypto/xform.c 12 Nov 2015 17:06:43 -0000
@@ -329,22 +329,6 @@ struct auth_hash auth_hash_chacha20_poly
Chacha20_Poly1305_Final
};
-struct auth_hash auth_hash_md5 = {
- CRYPTO_MD5, "MD5",
- 0, 16, 16, sizeof(MD5_CTX), 0,
- (void (*) (void *)) MD5Init, NULL, NULL,
- MD5Update_int,
- (void (*) (u_int8_t *, void *)) MD5Final
-};
-
-struct auth_hash auth_hash_sha1 = {
- CRYPTO_SHA1, "SHA1",
- 0, 20, 20, sizeof(SHA1_CTX), 0,
- (void (*)(void *)) SHA1Init, NULL, NULL,
- SHA1Update_int,
- (void (*)(u_int8_t *, void *)) SHA1Final
-};
-
/* Compression instance */
struct comp_algo comp_algo_deflate = {
CRYPTO_DEFLATE_COMP, "Deflate",
Index: sys/crypto/xform.h
===================================================================
RCS file: /cvs/src/sys/crypto/xform.h,v
retrieving revision 1.25
diff -u -p -r1.25 xform.h
--- sys/crypto/xform.h 3 Nov 2015 01:31:36 -0000 1.25
+++ sys/crypto/xform.h 12 Nov 2015 17:06:43 -0000
@@ -89,8 +89,6 @@ extern struct enc_xform enc_xform_chacha
extern struct enc_xform enc_xform_arc4;
extern struct enc_xform enc_xform_null;
-extern struct auth_hash auth_hash_md5;
-extern struct auth_hash auth_hash_sha1;
extern struct auth_hash auth_hash_hmac_md5_96;
extern struct auth_hash auth_hash_hmac_sha1_96;
extern struct auth_hash auth_hash_hmac_ripemd_160_96;
Index: sys/dev/pci/hifn7751.c
===================================================================
RCS file: /cvs/src/sys/dev/pci/hifn7751.c,v
retrieving revision 1.171
diff -u -p -r1.171 hifn7751.c
--- sys/dev/pci/hifn7751.c 10 Sep 2015 18:10:34 -0000 1.171
+++ sys/dev/pci/hifn7751.c 12 Nov 2015 17:06:44 -0000
@@ -294,8 +294,6 @@ hifn_attach(struct device *parent, struc
algs[CRYPTO_ARC4] = CRYPTO_ALG_FLAG_SUPPORTED;
/*FALLTHROUGH*/
case HIFN_PUSTAT_ENA_1:
- algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
- algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
@@ -1863,8 +1861,6 @@ hifn_newsession(u_int32_t *sidp, struct
for (c = cri; c != NULL; c = c->cri_next) {
switch (c->cri_alg) {
- case CRYPTO_MD5:
- case CRYPTO_SHA1:
case CRYPTO_MD5_HMAC:
case CRYPTO_SHA1_HMAC:
if (mac)
@@ -1986,9 +1982,7 @@ hifn_process(struct cryptop *crp)
if (crd2 == NULL) {
if (crd1->crd_alg == CRYPTO_MD5_HMAC ||
- crd1->crd_alg == CRYPTO_SHA1_HMAC ||
- crd1->crd_alg == CRYPTO_SHA1 ||
- crd1->crd_alg == CRYPTO_MD5) {
+ crd1->crd_alg == CRYPTO_SHA1_HMAC) {
maccrd = crd1;
enccrd = NULL;
} else if (crd1->crd_alg == CRYPTO_DES_CBC ||
@@ -2007,9 +2001,7 @@ hifn_process(struct cryptop *crp)
}
} else {
if ((crd1->crd_alg == CRYPTO_MD5_HMAC ||
- crd1->crd_alg == CRYPTO_SHA1_HMAC ||
- crd1->crd_alg == CRYPTO_MD5 ||
- crd1->crd_alg == CRYPTO_SHA1) &&
+ crd1->crd_alg == CRYPTO_SHA1_HMAC) &&
(crd2->crd_alg == CRYPTO_DES_CBC ||
crd2->crd_alg == CRYPTO_3DES_CBC ||
crd2->crd_alg == CRYPTO_AES_CBC ||
@@ -2023,9 +2015,7 @@ hifn_process(struct cryptop *crp)
crd1->crd_alg == CRYPTO_AES_CBC ||
crd1->crd_alg == CRYPTO_3DES_CBC) &&
(crd2->crd_alg == CRYPTO_MD5_HMAC ||
- crd2->crd_alg == CRYPTO_SHA1_HMAC ||
- crd2->crd_alg == CRYPTO_MD5 ||
- crd2->crd_alg == CRYPTO_SHA1) &&
+ crd2->crd_alg == CRYPTO_SHA1_HMAC) &&
(crd1->crd_flags & CRD_F_ENCRYPT)) {
enccrd = crd1;
maccrd = crd2;
@@ -2132,21 +2122,11 @@ hifn_process(struct cryptop *crp)
cmd->base_masks |= HIFN_BASE_CMD_MAC;
switch (maccrd->crd_alg) {
- case CRYPTO_MD5:
- cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
- HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
- HIFN_MAC_CMD_POS_IPSEC;
- break;
case CRYPTO_MD5_HMAC:
cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
HIFN_MAC_CMD_POS_IPSEC | HIFN_MAC_CMD_TRUNC;
break;
- case CRYPTO_SHA1:
- cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1 |
- HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
- HIFN_MAC_CMD_POS_IPSEC;
- break;
case CRYPTO_SHA1_HMAC:
cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1 |
HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
@@ -2338,11 +2318,7 @@ hifn_callback(struct hifn_softc *sc, str
for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
int len;
- if (crd->crd_alg == CRYPTO_MD5)
- len = 16;
- else if (crd->crd_alg == CRYPTO_SHA1)
- len = 20;
- else if (crd->crd_alg == CRYPTO_MD5_HMAC ||
+ if (crd->crd_alg == CRYPTO_MD5_HMAC ||
crd->crd_alg == CRYPTO_SHA1_HMAC)
len = 12;
else
