From nobody Thu Dec 16 22:09:26 2021 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 99A7318D95AE; Thu, 16 Dec 2021 22:09:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JFR9M1jHpz3C85; Thu, 16 Dec 2021 22:09:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 015A71068B; Thu, 16 Dec 2021 22:09:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BGM9Q12089134; Thu, 16 Dec 2021 22:09:26 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BGM9QLF089133; Thu, 16 Dec 2021 22:09:26 GMT (envelope-from git) Date: Thu, 16 Dec 2021 22:09:26 GMT Message-Id: <202112162209.1BGM9QLF089133@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: 246982c196f4 - main - crypto: Consistently use AES instead of Rijndael128 for the AES-CBC cipher. List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 246982c196f4283b0ccfdb113c0e89588e95bf2c Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1639692567; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6qzr6h7+fcyPZ/UwAVUWVAc//2gLVbXliD7z9T43+uc=; b=F/P3V/3zo31y1bRRM7veEbgtTU17gjaJy1nGnOeEHnxX9ratveJ1zOFg5MFMufM9QA4cIo NjnZNe5WrWLq8zkmZbkcJ/wNCsUQ91lBEYOjkSccGFJSRvq7OdDTE3+qwHQOu4iFNOu9Re exkHt3PsRi4tE6XlIsLRaIL3EX2tWB0lOU5joww8zyMrLZN/qrRKrPZU7ff7tz10GDMswV F19aRLBa7vzjvZB2c2Vr7Iq63JUJSCU4Mn0m9CmAtkY1D4XQWlRg17AaQJDdgP8ZhR9FSW 9y0DzghFuIxuPr0oiBwGosP9LLTGac0rpG6IWrITDwMJLQ7kN6BzxbsMas3l/w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639692567; a=rsa-sha256; cv=none; b=xBcgx+7o+Dmpo2+sbgTmd+wV/3ibnaSZYCRfk1PfnxysUbMWu5bhI0j7LW47MWEpMyEEnu 5V6RUwKYgwOxN7Sydj6WUAc9clc1dPvWbogwuHkGwApb32jyfZBSjkhfSkPvNonuzeZwox Brb+v8mukjRoSxjL1DLEC9M+nvpxX3iI2WQnyu1DMHAI4/Cr3YY9TFIozg2dPLxwHbwYQg r1Mkp5EvJigBCD6Bk6DzUm7T9Qza43Nt0qxe9AyL/A1k4duqbrFw5r9J/01KTTOIjsTqa8 V8QNMWXzyrpmwn/9v/wySYzt1X7ZsPcyJWNTiIgrB7lu60gqBIcXETXCJ1IvFQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=246982c196f4283b0ccfdb113c0e89588e95bf2c commit 246982c196f4283b0ccfdb113c0e89588e95bf2c Author: John Baldwin AuthorDate: 2021-12-16 21:47:27 +0000 Commit: John Baldwin CommitDate: 2021-12-16 21:47:27 +0000 crypto: Consistently use AES instead of Rijndael128 for the AES-CBC cipher. Reviewed by: markj Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D33486 --- sys/netipsec/key.c | 2 +- sys/opencrypto/crypto.c | 4 +-- sys/opencrypto/cryptodev.c | 2 +- sys/opencrypto/xform.c | 2 +- .../{xform_rijndael.c => xform_aes_cbc.c} | 32 +++++++++++----------- sys/opencrypto/xform_enc.h | 2 +- 6 files changed, 22 insertions(+), 22 deletions(-) diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index 9b3d10e28902..168ec3441faf 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -590,7 +590,7 @@ static struct supported_ealgs { int sadb_alg; const struct enc_xform *xform; } supported_ealgs[] = { - { SADB_X_EALG_AES, &enc_xform_rijndael128 }, + { SADB_X_EALG_AES, &enc_xform_aes_cbc }, { SADB_EALG_NULL, &enc_xform_null }, { SADB_X_EALG_AESCTR, &enc_xform_aes_icm }, { SADB_X_EALG_AESGCM16, &enc_xform_aes_nist_gcm }, diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c index 1fe8a1377157..d1b627df8232 100644 --- a/sys/opencrypto/crypto.c +++ b/sys/opencrypto/crypto.c @@ -559,8 +559,8 @@ crypto_cipher(const struct crypto_session_params *csp) { switch (csp->csp_cipher_alg) { - case CRYPTO_RIJNDAEL128_CBC: - return (&enc_xform_rijndael128); + case CRYPTO_AES_CBC: + return (&enc_xform_aes_cbc); case CRYPTO_AES_XTS: return (&enc_xform_aes_xts); case CRYPTO_AES_ICM: diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index 7f52b57fe5e0..d8a5f4116876 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -346,7 +346,7 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop) txform = NULL; break; case CRYPTO_AES_CBC: - txform = &enc_xform_rijndael128; + txform = &enc_xform_aes_cbc; break; case CRYPTO_AES_XTS: txform = &enc_xform_aes_xts; diff --git a/sys/opencrypto/xform.c b/sys/opencrypto/xform.c index 48482d0ca2ce..aed5b7638e43 100644 --- a/sys/opencrypto/xform.c +++ b/sys/opencrypto/xform.c @@ -73,7 +73,7 @@ MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); /* Include the encryption algorithms */ #include "xform_null.c" -#include "xform_rijndael.c" +#include "xform_aes_cbc.c" #include "xform_aes_icm.c" #include "xform_aes_xts.c" #include "xform_cml.c" diff --git a/sys/opencrypto/xform_rijndael.c b/sys/opencrypto/xform_aes_cbc.c similarity index 76% rename from sys/opencrypto/xform_rijndael.c rename to sys/opencrypto/xform_aes_cbc.c index 685e53640c48..38b7aeb33ec2 100644 --- a/sys/opencrypto/xform_rijndael.c +++ b/sys/opencrypto/xform_aes_cbc.c @@ -53,41 +53,41 @@ __FBSDID("$FreeBSD$"); #include #include -static int rijndael128_setkey(void *, const uint8_t *, int); -static void rijndael128_encrypt(void *, const uint8_t *, uint8_t *); -static void rijndael128_decrypt(void *, const uint8_t *, uint8_t *); +static int aes_cbc_setkey(void *, const uint8_t *, int); +static void aes_cbc_encrypt(void *, const uint8_t *, uint8_t *); +static void aes_cbc_decrypt(void *, const uint8_t *, uint8_t *); /* Encryption instances */ -const struct enc_xform enc_xform_rijndael128 = { - .type = CRYPTO_RIJNDAEL128_CBC, - .name = "Rijndael-128/AES", +const struct enc_xform enc_xform_aes_cbc = { + .type = CRYPTO_AES_CBC, + .name = "AES-CBC", .ctxsize = sizeof(rijndael_ctx), - .blocksize = RIJNDAEL128_BLOCK_LEN, - .ivsize = RIJNDAEL128_BLOCK_LEN, - .minkey = RIJNDAEL_MIN_KEY, - .maxkey = RIJNDAEL_MAX_KEY, - .encrypt = rijndael128_encrypt, - .decrypt = rijndael128_decrypt, - .setkey = rijndael128_setkey, + .blocksize = AES_BLOCK_LEN, + .ivsize = AES_BLOCK_LEN, + .minkey = AES_MIN_KEY, + .maxkey = AES_MAX_KEY, + .encrypt = aes_cbc_encrypt, + .decrypt = aes_cbc_decrypt, + .setkey = aes_cbc_setkey, }; /* * Encryption wrapper routines. */ static void -rijndael128_encrypt(void *key, const uint8_t *in, uint8_t *out) +aes_cbc_encrypt(void *key, const uint8_t *in, uint8_t *out) { rijndael_encrypt(key, in, out); } static void -rijndael128_decrypt(void *key, const uint8_t *in, uint8_t *out) +aes_cbc_decrypt(void *key, const uint8_t *in, uint8_t *out) { rijndael_decrypt(key, in, out); } static int -rijndael128_setkey(void *sched, const uint8_t *key, int len) +aes_cbc_setkey(void *sched, const uint8_t *key, int len) { if (len != 16 && len != 24 && len != 32) diff --git a/sys/opencrypto/xform_enc.h b/sys/opencrypto/xform_enc.h index 1912e6900481..c998e06d4944 100644 --- a/sys/opencrypto/xform_enc.h +++ b/sys/opencrypto/xform_enc.h @@ -81,7 +81,7 @@ struct enc_xform { extern const struct enc_xform enc_xform_null; -extern const struct enc_xform enc_xform_rijndael128; +extern const struct enc_xform enc_xform_aes_cbc; extern const struct enc_xform enc_xform_aes_icm; extern const struct enc_xform enc_xform_aes_nist_gcm; extern const struct enc_xform enc_xform_aes_nist_gmac;