mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-25 10:01:02 +01:00
stand: fix build after recent opencrypto changes
Pass the ivlen along through, and just drop this KASSERT() if we're
building _STANDALONE for the time being.
Fixes: 1833d6042c
("crypto: Permit variable-sized IVs ...")
This commit is contained in:
parent
10ff414c14
commit
d586c978b9
@ -345,7 +345,7 @@ geli_io(struct geli_dev *gdev, geli_op_t enc, off_t offset, u_char *buf,
|
||||
g_eli_key_fill(&gdev->sc, &gkey, keyno);
|
||||
|
||||
error = geliboot_crypt(gdev->sc.sc_ealgo, enc, pbuf, secsize,
|
||||
gkey.gek_key, gdev->sc.sc_ekeylen, iv);
|
||||
gkey.gek_key, gdev->sc.sc_ekeylen, iv, sizeof(iv));
|
||||
|
||||
if (error != 0) {
|
||||
explicit_bzero(&gkey, sizeof(gkey));
|
||||
|
@ -36,7 +36,7 @@
|
||||
|
||||
int
|
||||
geliboot_crypt(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
|
||||
const u_char *key, size_t keysize, u_char *iv)
|
||||
const u_char *key, size_t keysize, u_char *iv, size_t ivlen)
|
||||
{
|
||||
keyInstance aeskey;
|
||||
cipherInstance cipher;
|
||||
@ -81,7 +81,7 @@ geliboot_crypt(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
|
||||
ctxp = &xtsctx;
|
||||
|
||||
enc_xform_aes_xts.setkey(ctxp, key, xts_len / 8);
|
||||
enc_xform_aes_xts.reinit(ctxp, iv);
|
||||
enc_xform_aes_xts.reinit(ctxp, iv, ivlen);
|
||||
|
||||
switch (enc) {
|
||||
case GELI_DECRYPT:
|
||||
@ -113,7 +113,8 @@ g_eli_crypto_cipher(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
|
||||
u_char iv[keysize];
|
||||
|
||||
explicit_bzero(iv, sizeof(iv));
|
||||
return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv));
|
||||
return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv,
|
||||
sizeof(iv)));
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -68,6 +68,6 @@ struct geli_dev {
|
||||
};
|
||||
|
||||
int geliboot_crypt(u_int algo, geli_op_t enc, u_char *data, size_t datasize,
|
||||
const u_char *key, size_t keysize, u_char *iv);
|
||||
const u_char *key, size_t keysize, u_char *iv, size_t ivlen);
|
||||
|
||||
#endif /* _GELIBOOT_INTERNAL_H_ */
|
||||
|
@ -83,8 +83,10 @@ aes_xts_reinit(void *key, const uint8_t *iv, size_t ivlen)
|
||||
uint64_t blocknum;
|
||||
u_int i;
|
||||
|
||||
#ifndef _STANDALONE
|
||||
KASSERT(ivlen == sizeof(blocknum),
|
||||
("%s: invalid IV length", __func__));
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Prepare tweak as E_k2(IV). IV is specified as LE representation
|
||||
|
Loading…
Reference in New Issue
Block a user