diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2003-12-26 10:04:50 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2003-12-26 10:04:50 +0000 |
| commit | ac5246212226814e8b03e7512be199dac32a532c (patch) | |
| tree | e7b5164341a69fd13b7b3b9ee5cdcee7df6bb47a /sys/uvm/uvm_swap_encrypt.c | |
| parent | 90be396b80c572ac188b368f01a78bd5d1ae84c1 (diff) | |
- use 1/2 space for rijndael context in ipsec
- rijndael_set_key_enc_only() sets up context for encryption only
- rijndael_set_key() always sets up full context
- rijndaelKeySetupDec() gets back original protoype
- uvm: use _enc_only() interface
with hshoexer@, ok deraadt@
Diffstat (limited to 'sys/uvm/uvm_swap_encrypt.c')
| -rw-r--r-- | sys/uvm/uvm_swap_encrypt.c | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/sys/uvm/uvm_swap_encrypt.c b/sys/uvm/uvm_swap_encrypt.c index bf1f3a14363..1816cc1578a 100644 --- a/sys/uvm/uvm_swap_encrypt.c +++ b/sys/uvm/uvm_swap_encrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_swap_encrypt.c,v 1.11 2002/07/02 19:38:55 nate Exp $ */ +/* $OpenBSD: uvm_swap_encrypt.c,v 1.12 2003/12/26 10:04:49 markus Exp $ */ /* * Copyright 1999 Niels Provos <provos@citi.umich.edu> @@ -43,7 +43,7 @@ #include <uvm/uvm.h> struct swap_key *kcur = NULL; -rijndael_ctx swap_key; +rijndael_ctx swap_ctxt; int uvm_doswapencrypt = 0; u_int uvm_swpkeyscreated = 0; @@ -138,7 +138,7 @@ swap_encrypt(struct swap_key *key, caddr_t src, caddr_t dst, count /= sizeof(u_int32_t); iv[0] = block >> 32; iv[1] = block; iv[2] = ~iv[0]; iv[3] = ~iv[1]; - rijndael_encrypt(&swap_key, (u_char *)iv, (u_char *)iv); + rijndael_encrypt(&swap_ctxt, (u_char *)iv, (u_char *)iv); iv1 = iv[0]; iv2 = iv[1]; iv3 = iv[2]; iv4 = iv[3]; for (; count > 0; count -= 4) { @@ -150,7 +150,7 @@ swap_encrypt(struct swap_key *key, caddr_t src, caddr_t dst, * Do not worry about endianess, it only needs to decrypt * on this machine */ - rijndael_encrypt(&swap_key, (u_char *)ddst, (u_char *)ddst); + rijndael_encrypt(&swap_ctxt, (u_char *)ddst, (u_char *)ddst); iv1 = ddst[0]; iv2 = ddst[1]; iv3 = ddst[2]; @@ -183,7 +183,7 @@ swap_decrypt(struct swap_key *key, caddr_t src, caddr_t dst, count /= sizeof(u_int32_t); iv[0] = block >> 32; iv[1] = block; iv[2] = ~iv[0]; iv[3] = ~iv[1]; - rijndael_encrypt(&swap_key, (u_char *)iv, (u_char *)iv); + rijndael_encrypt(&swap_ctxt, (u_char *)iv, (u_char *)iv); iv1 = iv[0]; iv2 = iv[1]; iv3 = iv[2]; iv4 = iv[3]; for (; count > 0; count -= 4) { @@ -191,7 +191,7 @@ swap_decrypt(struct swap_key *key, caddr_t src, caddr_t dst, ddst[1] = niv2 = dsrc[1]; ddst[2] = niv3 = dsrc[2]; ddst[3] = niv4 = dsrc[3]; - rijndael_decrypt(&swap_key, (u_char *)ddst, (u_char *)ddst); + rijndael_decrypt(&swap_ctxt, (u_char *)ddst, (u_char *)ddst); ddst[0] ^= iv1; ddst[1] ^= iv2; ddst[2] ^= iv3; @@ -212,14 +212,17 @@ swap_key_prepare(struct swap_key *key, int encrypt) { /* Check if we have prepared for this key already, * if we only have the encryption schedule, we have - * to recompute ang get the decryption schedule also + * to recompute and get the decryption schedule also */ - if (kcur == key && (encrypt || swap_key.decrypt)) + if (kcur == key && (encrypt || !swap_ctxt.enc_only)) return; - rijndael_set_key(&swap_key, (u_char *)key->key, - sizeof(key->key) * 8, - encrypt); + if (encrypt) + rijndael_set_key_enc_only(&swap_ctxt, (u_char *)key->key, + sizeof(key->key) * 8); + else + rijndael_set_key(&swap_ctxt, (u_char *)key->key, + sizeof(key->key) * 8); kcur = key; } @@ -236,7 +239,7 @@ swap_key_cleanup(struct swap_key *key) return; /* Zero out the subkeys */ - memset(&swap_key, 0, sizeof(swap_key)); + memset(&swap_ctxt, 0, sizeof(swap_ctxt)); kcur = NULL; } |