git: 246982c196f4 - main - crypto: Consistently use AES instead of Rijndael128 for the AES-CBC cipher.

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: John Baldwin <jhb_at_FreeBSD.org>
Date: Thu, 16 Dec 2021 22:09:26 UTC
The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=246982c196f4283b0ccfdb113c0e89588e95bf2c

commit 246982c196f4283b0ccfdb113c0e89588e95bf2c
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-12-16 21:47:27 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-12-16 21:47:27 +0000

    crypto: Consistently use AES instead of Rijndael128 for the AES-CBC cipher.
    
    Reviewed by:    markj
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D33486
---
 sys/netipsec/key.c                                 |  2 +-
 sys/opencrypto/crypto.c                            |  4 +--
 sys/opencrypto/cryptodev.c                         |  2 +-
 sys/opencrypto/xform.c                             |  2 +-
 .../{xform_rijndael.c => xform_aes_cbc.c}          | 32 +++++++++++-----------
 sys/opencrypto/xform_enc.h                         |  2 +-
 6 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index 9b3d10e28902..168ec3441faf 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -590,7 +590,7 @@ static struct supported_ealgs {
 	int sadb_alg;
 	const struct enc_xform *xform;
 } supported_ealgs[] = {
-	{ SADB_X_EALG_AES,		&enc_xform_rijndael128 },
+	{ SADB_X_EALG_AES,		&enc_xform_aes_cbc },
 	{ SADB_EALG_NULL,		&enc_xform_null },
 	{ SADB_X_EALG_AESCTR,		&enc_xform_aes_icm },
 	{ SADB_X_EALG_AESGCM16,		&enc_xform_aes_nist_gcm },
diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c
index 1fe8a1377157..d1b627df8232 100644
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@@ -559,8 +559,8 @@ crypto_cipher(const struct crypto_session_params *csp)
 {
 
 	switch (csp->csp_cipher_alg) {
-	case CRYPTO_RIJNDAEL128_CBC:
-		return (&enc_xform_rijndael128);
+	case CRYPTO_AES_CBC:
+		return (&enc_xform_aes_cbc);
 	case CRYPTO_AES_XTS:
 		return (&enc_xform_aes_xts);
 	case CRYPTO_AES_ICM:
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index 7f52b57fe5e0..d8a5f4116876 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -346,7 +346,7 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop)
 		txform = NULL;
 		break;
 	case CRYPTO_AES_CBC:
-		txform = &enc_xform_rijndael128;
+		txform = &enc_xform_aes_cbc;
 		break;
 	case CRYPTO_AES_XTS:
 		txform = &enc_xform_aes_xts;
diff --git a/sys/opencrypto/xform.c b/sys/opencrypto/xform.c
index 48482d0ca2ce..aed5b7638e43 100644
--- a/sys/opencrypto/xform.c
+++ b/sys/opencrypto/xform.c
@@ -73,7 +73,7 @@ MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers");
 
 /* Include the encryption algorithms */
 #include "xform_null.c"
-#include "xform_rijndael.c"
+#include "xform_aes_cbc.c"
 #include "xform_aes_icm.c"
 #include "xform_aes_xts.c"
 #include "xform_cml.c"
diff --git a/sys/opencrypto/xform_rijndael.c b/sys/opencrypto/xform_aes_cbc.c
similarity index 76%
rename from sys/opencrypto/xform_rijndael.c
rename to sys/opencrypto/xform_aes_cbc.c
index 685e53640c48..38b7aeb33ec2 100644
--- a/sys/opencrypto/xform_rijndael.c
+++ b/sys/opencrypto/xform_aes_cbc.c
@@ -53,41 +53,41 @@ __FBSDID("$FreeBSD$");
 #include <crypto/rijndael/rijndael.h>
 #include <opencrypto/xform_enc.h>
 
-static	int rijndael128_setkey(void *, const uint8_t *, int);
-static	void rijndael128_encrypt(void *, const uint8_t *, uint8_t *);
-static	void rijndael128_decrypt(void *, const uint8_t *, uint8_t *);
+static	int aes_cbc_setkey(void *, const uint8_t *, int);
+static	void aes_cbc_encrypt(void *, const uint8_t *, uint8_t *);
+static	void aes_cbc_decrypt(void *, const uint8_t *, uint8_t *);
 
 /* Encryption instances */
-const struct enc_xform enc_xform_rijndael128 = {
-	.type = CRYPTO_RIJNDAEL128_CBC,
-	.name = "Rijndael-128/AES",
+const struct enc_xform enc_xform_aes_cbc = {
+	.type = CRYPTO_AES_CBC,
+	.name = "AES-CBC",
 	.ctxsize = sizeof(rijndael_ctx),
-	.blocksize = RIJNDAEL128_BLOCK_LEN,
-	.ivsize = RIJNDAEL128_BLOCK_LEN,
-	.minkey = RIJNDAEL_MIN_KEY,
-	.maxkey = RIJNDAEL_MAX_KEY,
-	.encrypt = rijndael128_encrypt,
-	.decrypt = rijndael128_decrypt,
-	.setkey = rijndael128_setkey,
+	.blocksize = AES_BLOCK_LEN,
+	.ivsize = AES_BLOCK_LEN,
+	.minkey = AES_MIN_KEY,
+	.maxkey = AES_MAX_KEY,
+	.encrypt = aes_cbc_encrypt,
+	.decrypt = aes_cbc_decrypt,
+	.setkey = aes_cbc_setkey,
 };
 
 /*
  * Encryption wrapper routines.
  */
 static void
-rijndael128_encrypt(void *key, const uint8_t *in, uint8_t *out)
+aes_cbc_encrypt(void *key, const uint8_t *in, uint8_t *out)
 {
 	rijndael_encrypt(key, in, out);
 }
 
 static void
-rijndael128_decrypt(void *key, const uint8_t *in, uint8_t *out)
+aes_cbc_decrypt(void *key, const uint8_t *in, uint8_t *out)
 {
 	rijndael_decrypt(key, in, out);
 }
 
 static int
-rijndael128_setkey(void *sched, const uint8_t *key, int len)
+aes_cbc_setkey(void *sched, const uint8_t *key, int len)
 {
 
 	if (len != 16 && len != 24 && len != 32)
diff --git a/sys/opencrypto/xform_enc.h b/sys/opencrypto/xform_enc.h
index 1912e6900481..c998e06d4944 100644
--- a/sys/opencrypto/xform_enc.h
+++ b/sys/opencrypto/xform_enc.h
@@ -81,7 +81,7 @@ struct enc_xform {
 
 
 extern const struct enc_xform enc_xform_null;
-extern const struct enc_xform enc_xform_rijndael128;
+extern const struct enc_xform enc_xform_aes_cbc;
 extern const struct enc_xform enc_xform_aes_icm;
 extern const struct enc_xform enc_xform_aes_nist_gcm;
 extern const struct enc_xform enc_xform_aes_nist_gmac;