5 files changed, 50 insertions, 76 deletions

diff --git a/share/man/man9/crypto.9 b/share/man/man9/crypto.9
index 6bacdb87e16..6f77a37fd09 100644
--- a/share/man/man9/crypto.9
+++ b/share/man/man9/crypto.9
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: crypto.9,v 1.39 2015/11/13 12:28:04 mikeb Exp $
+.\"	$OpenBSD: crypto.9,v 1.40 2015/11/13 15:29:55 naddy Exp $
 .\"
 .\" The author of this man page is Angelos D. Keromytis (angelos@cis.upenn.edu)
 .\"
@@ -139,7 +139,6 @@ CRYPTO_CAST_CBC
 CRYPTO_AES_CBC
 CRYPTO_AES_CTR
 CRYPTO_AES_XTS
-CRYPTO_ARC4
 .Ed
 .Pp
 Authentication algorithms are:
diff --git a/sys/crypto/cryptodev.h b/sys/crypto/cryptodev.h
index ce2e09817a2..76d9f53ebd2 100644
--- a/sys/crypto/cryptodev.h
+++ b/sys/crypto/cryptodev.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cryptodev.h,v 1.65 2015/11/13 12:21:16 mikeb Exp $	*/
+/*	$OpenBSD: cryptodev.h,v 1.66 2015/11/13 15:29:55 naddy Exp $	*/
 
 /*
  * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
@@ -92,24 +92,23 @@
 #define CRYPTO_RIPEMD160_HMAC	8
 #define CRYPTO_RIJNDAEL128_CBC	11 /* 128 bit blocksize */
 #define CRYPTO_AES_CBC		11 /* 128 bit blocksize -- the same as above */
-#define CRYPTO_ARC4		12
-#define CRYPTO_DEFLATE_COMP	13 /* Deflate compression algorithm */
-#define CRYPTO_NULL		14
-#define CRYPTO_LZS_COMP		15 /* LZS compression algorithm */
-#define CRYPTO_SHA2_256_HMAC	16
-#define CRYPTO_SHA2_384_HMAC	17
-#define CRYPTO_SHA2_512_HMAC	18
-#define CRYPTO_AES_CTR		19
-#define CRYPTO_AES_XTS		20
-#define CRYPTO_AES_GCM_16	21
-#define CRYPTO_AES_128_GMAC	22
-#define CRYPTO_AES_192_GMAC	23
-#define CRYPTO_AES_256_GMAC	24
-#define CRYPTO_AES_GMAC		25
-#define CRYPTO_CHACHA20_POLY1305	26
-#define CRYPTO_CHACHA20_POLY1305_MAC	27
-#define CRYPTO_ESN		28 /* Support for Extended Sequence Numbers */
-#define CRYPTO_ALGORITHM_MAX	28 /* Keep updated */
+#define CRYPTO_DEFLATE_COMP	12 /* Deflate compression algorithm */
+#define CRYPTO_NULL		13
+#define CRYPTO_LZS_COMP		14 /* LZS compression algorithm */
+#define CRYPTO_SHA2_256_HMAC	15
+#define CRYPTO_SHA2_384_HMAC	16
+#define CRYPTO_SHA2_512_HMAC	17
+#define CRYPTO_AES_CTR		18
+#define CRYPTO_AES_XTS		19
+#define CRYPTO_AES_GCM_16	20
+#define CRYPTO_AES_128_GMAC	21
+#define CRYPTO_AES_192_GMAC	22
+#define CRYPTO_AES_256_GMAC	23
+#define CRYPTO_AES_GMAC		24
+#define CRYPTO_CHACHA20_POLY1305	25
+#define CRYPTO_CHACHA20_POLY1305_MAC	26
+#define CRYPTO_ESN		27 /* Support for Extended Sequence Numbers */
+#define CRYPTO_ALGORITHM_MAX	27 /* Keep updated */
 
 /* Algorithm flags */
 #define	CRYPTO_ALG_FLAG_SUPPORTED	0x01 /* Algorithm is supported */
diff --git a/sys/crypto/xform.c b/sys/crypto/xform.c
index 14aa68bbef9..6d16a025f46 100644
--- a/sys/crypto/xform.c
+++ b/sys/crypto/xform.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: xform.c,v 1.52 2015/11/13 12:21:16 mikeb Exp $	*/
+/*	$OpenBSD: xform.c,v 1.53 2015/11/13 15:29:55 naddy Exp $	*/
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr),
@@ -232,15 +232,6 @@ struct enc_xform enc_xform_chacha20_poly1305 = {
 	chacha20_reinit
 };
 
-struct enc_xform enc_xform_arc4 = {
-	CRYPTO_ARC4, "ARC4",
-	1, 1, 1, 32, 0,
-	NULL,
-	NULL,
-	NULL,
-	NULL
-};
-
 struct enc_xform enc_xform_null = {
 	CRYPTO_NULL, "NULL",
 	4, 0, 0, 256, 0,
diff --git a/sys/crypto/xform.h b/sys/crypto/xform.h
index d04839b0ec8..a8417b77991 100644
--- a/sys/crypto/xform.h
+++ b/sys/crypto/xform.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: xform.h,v 1.26 2015/11/13 12:21:16 mikeb Exp $	*/
+/*	$OpenBSD: xform.h,v 1.27 2015/11/13 15:29:55 naddy Exp $	*/
 
 /*
  * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
@@ -86,7 +86,6 @@ extern struct enc_xform enc_xform_aes_gcm;
 extern struct enc_xform enc_xform_aes_gmac;
 extern struct enc_xform enc_xform_aes_xts;
 extern struct enc_xform enc_xform_chacha20_poly1305;
-extern struct enc_xform enc_xform_arc4;
 extern struct enc_xform enc_xform_null;
 
 extern struct auth_hash auth_hash_hmac_md5_96;
diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c
index 862e59a0497..45a163c9181 100644
--- a/sys/dev/pci/hifn7751.c
+++ b/sys/dev/pci/hifn7751.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: hifn7751.c,v 1.172 2015/11/13 12:21:16 mikeb Exp $	*/
+/*	$OpenBSD: hifn7751.c,v 1.173 2015/11/13 15:29:55 naddy Exp $	*/
 
 /*
  * Invertex AEON / Hifn 7751 driver
@@ -291,7 +291,6 @@ hifn_attach(struct device *parent, struct device *self, void *aux)
 	switch (ena) {
 	case HIFN_PUSTAT_ENA_2:
 		algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
-		algs[CRYPTO_ARC4] = CRYPTO_ALG_FLAG_SUPPORTED;
 		/*FALLTHROUGH*/
 	case HIFN_PUSTAT_ENA_1:
 		algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
@@ -1870,7 +1869,6 @@ hifn_newsession(u_int32_t *sidp, struct cryptoini *cri)
 		case CRYPTO_DES_CBC:
 		case CRYPTO_3DES_CBC:
 		case CRYPTO_AES_CBC:
-		case CRYPTO_ARC4:
 			if (cry)
 				return (EINVAL);
 			cry = 1;
@@ -1987,8 +1985,7 @@ hifn_process(struct cryptop *crp)
 			enccrd = NULL;
 		} else if (crd1->crd_alg == CRYPTO_DES_CBC ||
 		    crd1->crd_alg == CRYPTO_3DES_CBC ||
-		    crd1->crd_alg == CRYPTO_AES_CBC ||
-		    crd1->crd_alg == CRYPTO_ARC4) {
+		    crd1->crd_alg == CRYPTO_AES_CBC) {
 			if ((crd1->crd_flags & CRD_F_ENCRYPT) == 0)
 				cmd->base_masks |= HIFN_BASE_CMD_DECODE;
 			maccrd = NULL;
@@ -2004,16 +2001,14 @@ hifn_process(struct cryptop *crp)
 		     crd1->crd_alg == CRYPTO_SHA1_HMAC) &&
 		    (crd2->crd_alg == CRYPTO_DES_CBC ||
 		     crd2->crd_alg == CRYPTO_3DES_CBC ||
-		     crd2->crd_alg == CRYPTO_AES_CBC ||
-		     crd2->crd_alg == CRYPTO_ARC4) &&
+		     crd2->crd_alg == CRYPTO_AES_CBC) &&
 		    ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) {
 			cmd->base_masks = HIFN_BASE_CMD_DECODE;
 			maccrd = crd1;
 			enccrd = crd2;
 		} else if ((crd1->crd_alg == CRYPTO_DES_CBC ||
-		     crd1->crd_alg == CRYPTO_ARC4 ||
-		     crd1->crd_alg == CRYPTO_AES_CBC ||
-		     crd1->crd_alg == CRYPTO_3DES_CBC) &&
+		     crd1->crd_alg == CRYPTO_3DES_CBC ||
+		     crd1->crd_alg == CRYPTO_AES_CBC) &&
 		    (crd2->crd_alg == CRYPTO_MD5_HMAC ||
 		     crd2->crd_alg == CRYPTO_SHA1_HMAC) &&
 		    (crd1->crd_flags & CRD_F_ENCRYPT)) {
@@ -2032,9 +2027,6 @@ hifn_process(struct cryptop *crp)
 		cmd->enccrd = enccrd;
 		cmd->base_masks |= HIFN_BASE_CMD_CRYPT;
 		switch (enccrd->crd_alg) {
-		case CRYPTO_ARC4:
-			cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_RC4;
-			break;
 		case CRYPTO_DES_CBC:
 			cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES |
 			    HIFN_CRYPT_CMD_MODE_CBC |
@@ -2054,41 +2046,35 @@ hifn_process(struct cryptop *crp)
 			err = EINVAL;
 			goto errout;
 		}
-		if (enccrd->crd_alg != CRYPTO_ARC4) {
-			ivlen = ((enccrd->crd_alg == CRYPTO_AES_CBC) ?
-			    HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
-			if (enccrd->crd_flags & CRD_F_ENCRYPT) {
-				if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
-					bcopy(enccrd->crd_iv, cmd->iv, ivlen);
-				else
-					arc4random_buf(cmd->iv, ivlen);
-
-				if ((enccrd->crd_flags & CRD_F_IV_PRESENT)
-				    == 0) {
-					if (crp->crp_flags & CRYPTO_F_IMBUF)
-						err =
-						    m_copyback(cmd->srcu.src_m,
-						    enccrd->crd_inject,
-						    ivlen, cmd->iv, M_NOWAIT);
-					else if (crp->crp_flags & CRYPTO_F_IOV)
-						cuio_copyback(cmd->srcu.src_io,
-						    enccrd->crd_inject,
-						    ivlen, cmd->iv);
-					if (err)
-						goto errout;
-				}
-			} else {
-				if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
-					bcopy(enccrd->crd_iv, cmd->iv, ivlen);
-				else if (crp->crp_flags & CRYPTO_F_IMBUF)
-					m_copydata(cmd->srcu.src_m,
+		ivlen = ((enccrd->crd_alg == CRYPTO_AES_CBC) ?
+		    HIFN_AES_IV_LENGTH : HIFN_IV_LENGTH);
+		if (enccrd->crd_flags & CRD_F_ENCRYPT) {
+			if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
+				bcopy(enccrd->crd_iv, cmd->iv, ivlen);
+			else
+				arc4random_buf(cmd->iv, ivlen);
+
+			if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) {
+				if (crp->crp_flags & CRYPTO_F_IMBUF)
+					err = m_copyback(cmd->srcu.src_m,
 					    enccrd->crd_inject,
-					    ivlen, cmd->iv);
+					    ivlen, cmd->iv, M_NOWAIT);
 				else if (crp->crp_flags & CRYPTO_F_IOV)
-					cuio_copydata(cmd->srcu.src_io,
+					cuio_copyback(cmd->srcu.src_io,
 					    enccrd->crd_inject,
 					    ivlen, cmd->iv);
+				if (err)
+					goto errout;
 			}
+		} else {
+			if (enccrd->crd_flags & CRD_F_IV_EXPLICIT)
+				bcopy(enccrd->crd_iv, cmd->iv, ivlen);
+			else if (crp->crp_flags & CRYPTO_F_IMBUF)
+				m_copydata(cmd->srcu.src_m,
+				    enccrd->crd_inject, ivlen, cmd->iv);
+			else if (crp->crp_flags & CRYPTO_F_IOV)
+				cuio_copydata(cmd->srcu.src_io,
+				    enccrd->crd_inject, ivlen, cmd->iv);
 		}
 
 		cmd->ck = enccrd->crd_key;