Update to FreeBSD stable/12 2019-01-16

Git mirror commit 4ff7d8141f665693dd8b17090d410604888f1e9a. Update #3472.
author: Sebastian Huber <sebastian.huber@embedded-brains.de> 2019-01-21 09:45:46 +0100
committer: Sebastian Huber <sebastian.huber@embedded-brains.de> 2019-01-21 10:00:40 +0100
commit: aec8db05b216a102e334d131b7a71f1514b04679 (patch)
tree: f9343da918ce3585a1ce469d53d4d54d79ca8cc6 /freebsd/sys/crypto
parent: dpaa: Use if_transmit instead of legacy if_start (diff)
download: rtems-libbsd-aec8db05b216a102e334d131b7a71f1514b04679.tar.bz2
3 files changed, 18 insertions, 26 deletions
diff --git a/freebsd/sys/crypto/chacha20/chacha.c b/freebsd/sys/crypto/chacha20/chacha.c
index 154726c2..3ce5310a 100644
--- a/freebsd/sys/crypto/chacha20/chacha.c
+++ b/freebsd/sys/crypto/chacha20/chacha.c
@@ -130,10 +130,8 @@ chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u_int bytes)
 
   for (;;) {
     if (bytes < 64) {
-#ifndef KEYSTREAM_ONLY
       for (i = 0;i < bytes;++i) tmp[i] = m[i];
       m = tmp;
-#endif
       ctarget = c;
       c = tmp;
     }
diff --git a/freebsd/sys/crypto/chacha20/chacha.h b/freebsd/sys/crypto/chacha20/chacha.h
index 73548331..e67cc812 100644
--- a/freebsd/sys/crypto/chacha20/chacha.h
+++ b/freebsd/sys/crypto/chacha20/chacha.h
@@ -12,7 +12,10 @@ Public domain.
 #define CHACHA_H
 
 #include <sys/types.h>
-#include <crypto/chacha20/_chacha.h>
+
+struct chacha_ctx {
+	u_int input[16];
+};
 
 #define CHACHA_MINKEYLEN 	16
 #define CHACHA_NONCELEN		8
@@ -20,10 +23,10 @@ Public domain.
 #define CHACHA_STATELEN		(CHACHA_NONCELEN+CHACHA_CTRLEN)
 #define CHACHA_BLOCKLEN		64
 
-#ifdef CHACHA_EMBED
-#define LOCAL static
-#else
+#ifdef _KERNEL
 #define LOCAL
+#else
+#define LOCAL static
 #endif
 
 LOCAL void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits);
diff --git a/freebsd/sys/crypto/rijndael/rijndael-api-fst.c b/freebsd/sys/crypto/rijndael/rijndael-api-fst.c
index 30816c80..1ae535a5 100644
--- a/freebsd/sys/crypto/rijndael/rijndael-api-fst.c
+++ b/freebsd/sys/crypto/rijndael/rijndael-api-fst.c
@@ -38,6 +38,7 @@ typedef u_int8_t	BYTE;
 
 int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen,
 	const char *keyMaterial) {
+	u_int8_t cipherKey[RIJNDAEL_MAXKB];
 
 	if (key == NULL) {
 		return BAD_KEY_INSTANCE;
@@ -60,12 +61,13 @@ int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen,
 	}
 
 	/* initialize key schedule: */
+	memcpy(cipherKey, key->keyMaterial, keyLen/8);
 	if (direction == DIR_ENCRYPT) {
-		key->Nr = rijndaelKeySetupEnc(key->rk, key->keyMaterial, keyLen);
+		key->Nr = rijndaelKeySetupEnc(key->rk, cipherKey, keyLen);
 	} else {
-		key->Nr = rijndaelKeySetupDec(key->rk, key->keyMaterial, keyLen);
+		key->Nr = rijndaelKeySetupDec(key->rk, cipherKey, keyLen);
 	}
-	rijndaelKeySetupEnc(key->ek, key->keyMaterial, keyLen);
+	rijndaelKeySetupEnc(key->ek, cipherKey, keyLen);
 	return TRUE;
 }
 
@@ -186,7 +188,6 @@ int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
 		return BAD_CIPHER_STATE;
 	}
 
-	explicit_bzero(block, sizeof(block));
 	return 128*numBlocks;
 }
 
@@ -259,7 +260,6 @@ int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
 		return BAD_CIPHER_STATE;
 	}
 
-	explicit_bzero(block, sizeof(block));
 	return 16*(numBlocks + 1);
 }
 
@@ -359,13 +359,12 @@ int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key,
 		return BAD_CIPHER_STATE;
 	}
 
-	explicit_bzero(block, sizeof(block));
 	return 128*numBlocks;
 }
 
 int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
 		const BYTE *input, int inputOctets, BYTE *outBuffer) {
-	int i, numBlocks, padLen, rval;
+	int i, numBlocks, padLen;
 	u_int8_t block[16];
 	u_int32_t iv[4];
 
@@ -395,13 +394,11 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
 		rijndaelDecrypt(key->rk, key->Nr, input, block);
 		padLen = block[15];
 		if (padLen >= 16) {
-			rval = BAD_DATA;
-			goto out;
+			return BAD_DATA;
 		}
 		for (i = 16 - padLen; i < 16; i++) {
 			if (block[i] != padLen) {
-				rval = BAD_DATA;
-				goto out;
+				return BAD_DATA;
 			}
 		}
 		memcpy(outBuffer, block, 16 - padLen);
@@ -429,13 +426,11 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
 		((u_int32_t*)block)[3] ^= iv[3];
 		padLen = block[15];
 		if (padLen <= 0 || padLen > 16) {
-			rval = BAD_DATA;
-			goto out;
+			return BAD_DATA;
 		}
 		for (i = 16 - padLen; i < 16; i++) {
 			if (block[i] != padLen) {
-				rval = BAD_DATA;
-				goto out;
+				return BAD_DATA;
 			}
 		}
 		memcpy(outBuffer, block, 16 - padLen);
@@ -445,9 +440,5 @@ int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
 		return BAD_CIPHER_STATE;
 	}
 
-	rval = 16*numBlocks - padLen;
-
-out:
-	explicit_bzero(block, sizeof(block));
-	return rval;
+	return 16*numBlocks - padLen;
 }
author	Sebastian Huber <sebastian.huber@embedded-brains.de>	2019-01-21 09:45:46 +0100
committer	Sebastian Huber <sebastian.huber@embedded-brains.de>	2019-01-21 10:00:40 +0100
commit	aec8db05b216a102e334d131b7a71f1514b04679 (patch)
tree	f9343da918ce3585a1ce469d53d4d54d79ca8cc6 /freebsd/sys/crypto
parent	dpaa: Use if_transmit instead of legacy if_start (diff)
download	rtems-libbsd-aec8db05b216a102e334d131b7a71f1514b04679.tar.bz2