- use 1/2 space for rijndael context in ipsec

- rijndael_set_key() always sets up full context - rijndaelKeySetupDec() gets back original protoype Reviewed by: sam Obtained from: OpenBSD
svn path=/head/; revision=143408
2024-12-18 10:35:55 +00:00 · 2005-03-11 12:45:09 +00:00 · 2005-03-11 12:45:09 +00:00 · a40be31edb · 2020-12-20 02:59:44 +00:00
commit a40be31edb
parent 941266174e
3 changed files with 14 additions and 25 deletions
--- a/sys/opencrypto/rijndael.c
+++ b/sys/opencrypto/rijndael.c
@ -809,17 +809,13 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int
 * @return	the number of rounds for the given cipher key size.
 */
 static int
-rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits,
+rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) {
    int have_encrypt) {
 	int Nr, i, j;
 	u32 temp;
-	if (have_encrypt) {
+	/* expand the cipher key: */
-		Nr = have_encrypt;
+	Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);
-	} else {
+
 		/* expand the cipher key: */
 		Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);
 	}
 	/* invert the order of the round keys: */
 	for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) {
 		temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
@ -1217,17 +1213,11 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16
 }
 void
-rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt)
+rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits)
 {
 	ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits);
-	if (encrypt) {
+	rijndaelKeySetupDec(ctx->dk, key, bits);
-		ctx->decrypt = 0;
+	ctx->enc_only = 0;
 		memset(ctx->dk, 0, sizeof(ctx->dk));
 	} else {
 		ctx->decrypt = 1;
 		memcpy(ctx->dk, ctx->ek, sizeof(ctx->dk));
 		rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr);
 	}
 }
 void
--- a/sys/opencrypto/rijndael.h
+++ b/sys/opencrypto/rijndael.h
@ -39,13 +39,13 @@ typedef unsigned int	u32;
 /*  The structure for key information */
 typedef struct {
-	int	decrypt;
+	int	enc_only;		/* context contains only encrypt schedule */
 	int	Nr;			/* key-length-dependent number of rounds */
 	u32	ek[4*(MAXNR + 1)];	/* encrypt key schedule */
 	u32	dk[4*(MAXNR + 1)];	/* decrypt key schedule */
 } rijndael_ctx;
-void	 rijndael_set_key(rijndael_ctx *, u_char *, int, int);
+void	 rijndael_set_key(rijndael_ctx *, u_char *, int);
 void	 rijndael_decrypt(rijndael_ctx *, u_char *, u_char *);
 void	 rijndael_encrypt(rijndael_ctx *, u_char *, u_char *);
--- a/sys/opencrypto/xform.c
+++ b/sys/opencrypto/xform.c
@ -503,7 +503,7 @@ rijndael128_encrypt(caddr_t key, u_int8_t *blk)
 static void
 rijndael128_decrypt(caddr_t key, u_int8_t *blk)
 {
-	rijndael_decrypt(((rijndael_ctx *) key) + 1, (u_char *) blk,
+	rijndael_decrypt(((rijndael_ctx *) key), (u_char *) blk,
 	    (u_char *) blk);
 }
@ -512,12 +512,11 @@ rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len)
 {
 	int err;
-	MALLOC(*sched, u_int8_t *, 2 * sizeof(rijndael_ctx), M_CRYPTO_DATA,
+	MALLOC(*sched, u_int8_t *, sizeof(rijndael_ctx), M_CRYPTO_DATA,
 	    M_NOWAIT|M_ZERO);
 	if (*sched != NULL) {
-		rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key, len * 8, 1);
+		rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key,
-		rijndael_set_key(((rijndael_ctx *) *sched) + 1, (u_char *) key,
+		    len * 8);
 		    len * 8, 0);
 		err = 0;
 	} else
 		err = ENOMEM;
@ -527,7 +526,7 @@ rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len)
 static void
 rijndael128_zerokey(u_int8_t **sched)
 {
-	bzero(*sched, 2 * sizeof(rijndael_ctx));
+	bzero(*sched, sizeof(rijndael_ctx));
 	FREE(*sched, M_CRYPTO_DATA);
 	*sched = NULL;
 }