-/* $OpenBSD: cryptodev.h,v 1.59 2014/08/20 06:23:03 mikeb Exp $ */
+/* $OpenBSD: cryptodev.h,v 1.60 2014/12/28 10:02:37 tedu Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
#define CRYPTO_MD5_HMAC 6
#define CRYPTO_SHA1_HMAC 7
#define CRYPTO_RIPEMD160_HMAC 8
-#define CRYPTO_MD5_KPDK 9
-#define CRYPTO_SHA1_KPDK 10
#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
#define CRYPTO_ARC4 12
-/* $OpenBSD: cryptosoft.c,v 1.71 2014/07/13 23:24:47 deraadt Exp $ */
+/* $OpenBSD: cryptosoft.c,v 1.72 2014/12/28 10:02:37 tedu Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
axf->Final(aalg, &ctx);
break;
- case CRYPTO_MD5_KPDK:
- case CRYPTO_SHA1_KPDK:
- if (sw->sw_octx == NULL)
- return EINVAL;
-
- axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
- axf->Final(aalg, &ctx);
- break;
-
case CRYPTO_MD5:
case CRYPTO_SHA1:
axf->Final(aalg, &ctx);
(*swd)->sw_axf = axf;
break;
- case CRYPTO_MD5_KPDK:
- axf = &auth_hash_key_md5;
- goto auth2common;
-
- case CRYPTO_SHA1_KPDK:
- axf = &auth_hash_key_sha1;
- auth2common:
- (*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
- M_NOWAIT);
- if ((*swd)->sw_ictx == NULL) {
- swcr_freesession(i);
- return ENOBUFS;
- }
-
- /* Store the key so we can "append" it to the payload */
- (*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA,
- M_NOWAIT);
- if ((*swd)->sw_octx == NULL) {
- swcr_freesession(i);
- return ENOBUFS;
- }
-
- (*swd)->sw_klen = cri->cri_klen / 8;
- bcopy(cri->cri_key, (*swd)->sw_octx, cri->cri_klen / 8);
- axf->Init((*swd)->sw_ictx);
- axf->Update((*swd)->sw_ictx, cri->cri_key,
- cri->cri_klen / 8);
- axf->Final(NULL, (*swd)->sw_ictx);
- (*swd)->sw_axf = axf;
- break;
-
case CRYPTO_MD5:
axf = &auth_hash_md5;
goto auth3common;
}
break;
- case CRYPTO_MD5_KPDK:
- case CRYPTO_SHA1_KPDK:
- axf = swd->sw_axf;
-
- if (swd->sw_ictx) {
- explicit_bzero(swd->sw_ictx, axf->ctxsize);
- free(swd->sw_ictx, M_CRYPTO_DATA, 0);
- }
- if (swd->sw_octx) {
- explicit_bzero(swd->sw_octx, swd->sw_klen);
- free(swd->sw_octx, M_CRYPTO_DATA, 0);
- }
- break;
-
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
case CRYPTO_SHA2_256_HMAC:
case CRYPTO_SHA2_384_HMAC:
case CRYPTO_SHA2_512_HMAC:
- case CRYPTO_MD5_KPDK:
- case CRYPTO_SHA1_KPDK:
case CRYPTO_MD5:
case CRYPTO_SHA1:
if ((crp->crp_etype = swcr_authcompute(crp, crd, sw,
algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
- algs[CRYPTO_MD5_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
- algs[CRYPTO_SHA1_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
-/* $OpenBSD: xform.c,v 1.44 2013/08/25 14:26:56 jsing Exp $ */
+/* $OpenBSD: xform.c,v 1.45 2014/12/28 10:02:37 tedu Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr),
(void (*)(u_int8_t *, void *)) AES_GMAC_Final
};
-struct auth_hash auth_hash_key_md5 = {
- CRYPTO_MD5_KPDK, "Keyed MD5",
- 0, 16, 16, sizeof(MD5_CTX), 0,
- (void (*)(void *)) MD5Init, NULL, NULL,
- MD5Update_int,
- (void (*)(u_int8_t *, void *)) MD5Final
-};
-
-struct auth_hash auth_hash_key_sha1 = {
- CRYPTO_SHA1_KPDK, "Keyed SHA1",
- 0, 20, 20, sizeof(SHA1_CTX), 0,
- (void (*)(void *)) SHA1Init, NULL, NULL,
- SHA1Update_int,
- (void (*)(u_int8_t *, void *)) SHA1Final
-};
-
struct auth_hash auth_hash_md5 = {
CRYPTO_MD5, "MD5",
0, 16, 16, sizeof(MD5_CTX), 0,
-/* $OpenBSD: xform.h,v 1.23 2013/08/25 14:26:56 jsing Exp $ */
+/* $OpenBSD: xform.h,v 1.24 2014/12/28 10:02:37 tedu Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
extern struct auth_hash auth_hash_md5;
extern struct auth_hash auth_hash_sha1;
-extern struct auth_hash auth_hash_key_md5;
-extern struct auth_hash auth_hash_key_sha1;
extern struct auth_hash auth_hash_hmac_md5_96;
extern struct auth_hash auth_hash_hmac_sha1_96;
extern struct auth_hash auth_hash_hmac_ripemd_160_96;
-/* $OpenBSD: pfkeyv2.h,v 1.64 2013/10/24 18:50:16 deraadt Exp $ */
+/* $OpenBSD: pfkeyv2.h,v 1.65 2014/12/28 10:02:37 tedu Exp $ */
/*
* @(#)COPYRIGHT 1.1 (NRL) January 1998
*
#define SADB_X_AALG_AES128GMAC 9
#define SADB_X_AALG_AES192GMAC 10
#define SADB_X_AALG_AES256GMAC 11
-#define SADB_X_AALG_MD5 249
-#define SADB_X_AALG_SHA1 250
-#define SADB_AALG_MAX 250
+#define SADB_AALG_MAX 11
#define SADB_EALG_NONE 0
#define SADB_X_EALG_DES_IV64 1
-/* $OpenBSD: pfkeyv2_convert.c,v 1.44 2014/12/19 17:14:40 tedu Exp $ */
+/* $OpenBSD: pfkeyv2_convert.c,v 1.45 2014/12/28 10:02:37 tedu Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@keromytis.org)
*
case CRYPTO_AES_256_GMAC:
sadb_sa->sadb_sa_auth = SADB_X_AALG_AES256GMAC;
break;
-
- case CRYPTO_MD5_KPDK:
- sadb_sa->sadb_sa_auth = SADB_X_AALG_MD5;
- break;
-
- case CRYPTO_SHA1_KPDK:
- sadb_sa->sadb_sa_auth = SADB_X_AALG_SHA1;
- break;
}
}
-/* $OpenBSD: ip_ah.c,v 1.113 2014/12/19 17:14:40 tedu Exp $ */
+/* $OpenBSD: ip_ah.c,v 1.114 2014/12/28 10:02:37 tedu Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
thash = &auth_hash_hmac_sha2_512_256;
break;
- case SADB_X_AALG_MD5:
- thash = &auth_hash_key_md5;
- break;
-
- case SADB_X_AALG_SHA1:
- thash = &auth_hash_key_sha1;
- break;
-
default:
DPRINTF(("ah_init(): unsupported authentication algorithm %d specified\n", ii->ii_authalg));
return EINVAL;
ip->ip_tos = 0;
ip->ip_ttl = 0;
ip->ip_sum = 0;
-
- /*
- * On input, fix ip_len which has been byte-swapped
- * at ip_input().
- */
- if (alg == CRYPTO_MD5_KPDK || alg == CRYPTO_SHA1_KPDK)
- ip->ip_off &= htons(IP_DF);
- else
- ip->ip_off = 0;
+ ip->ip_off = 0;
ptr = mtod(m, unsigned char *) + sizeof(struct ip);
projects / openbsd / commitdiff