The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=1c9b25a5e8b536905b2a707159986f1a4b37f91c
commit 1c9b25a5e8b536905b2a707159986f1a4b37f91c Author: John Baldwin <[email protected]> AuthorDate: 2021-12-17 21:58:58 +0000 Commit: John Baldwin <[email protected]> CommitDate: 2021-12-17 21:58:58 +0000 cryptosoft: Reuse 'blk' to hold the initial nonce in swcr_gmac. Reusing the storage removes the need for an additional explicit_bzero. Reviewed by: markj Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D33526 --- sys/opencrypto/cryptosoft.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c index 6f03902498b1..8d39eec19b88 100644 --- a/sys/opencrypto/cryptosoft.c +++ b/sys/opencrypto/cryptosoft.c @@ -320,7 +320,6 @@ swcr_gmac(const struct swcr_session *ses, struct cryptop *crp) uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))]; u_char *blk = (u_char *)blkbuf; u_char tag[GMAC_DIGEST_LEN]; - u_char iv[AES_BLOCK_LEN]; struct crypto_buffer_cursor cc; const u_char *inblk; union authctx ctx; @@ -345,9 +344,9 @@ swcr_gmac(const struct swcr_session *ses, struct cryptop *crp) /* Initialize the IV */ ivlen = AES_GCM_IV_LEN; - crypto_read_iv(crp, iv); + crypto_read_iv(crp, blk); - axf->Reinit(&ctx, iv, ivlen); + axf->Reinit(&ctx, blk, ivlen); crypto_cursor_init(&cc, &crp->crp_buf); crypto_cursor_advance(&cc, crp->crp_payload_start); for (resid = crp->crp_payload_length; resid >= blksz; resid -= len) { @@ -392,7 +391,6 @@ swcr_gmac(const struct swcr_session *ses, struct cryptop *crp) } explicit_bzero(blkbuf, sizeof(blkbuf)); explicit_bzero(tag, sizeof(tag)); - explicit_bzero(iv, sizeof(iv)); return (error); }
