Add CRD_F_KEY_EXPLICIT which allows the key to be changed per

operation, just like it was possible to change the IV. Currently supported on Hifn and software engines only. Approved by: sam@
2004-02-02 17:06:34 +00:00 · 2004-02-02 17:06:34 +00:00 · c740ae4b46
commit c740ae4b46
parent af30114b09
3 changed files with 13 additions and 0 deletions
--- a/sys/dev/hifn/hifn7751.c
+++ b/sys/dev/hifn/hifn7751.c
@ -2437,6 +2437,8 @@ hifn_process(void *arg, struct cryptop *crp, int hint)
 			}
 		}

+		if (enccrd->crd_flags & CRD_F_KEY_EXPLICIT)
+			cmd->cry_masks |= HIFN_CRYPT_CMD_NEW_KEY;
 		cmd->ck = enccrd->crd_key;
 		cmd->cklen = enccrd->crd_klen >> 3;

--- a/sys/opencrypto/cryptodev.h
+++ b/sys/opencrypto/cryptodev.h
@ -227,6 +227,7 @@ struct cryptodesc {
 					   place, so don't copy. */
 #define	CRD_F_IV_EXPLICIT	0x04	/* IV explicitly provided */
 #define	CRD_F_DSA_SHA_NEEDED	0x08	/* Compute SHA-1 of buffer for DSA */
+#define	CRD_F_KEY_EXPLICIT	0x10	/* Key explicitly provided */
 #define CRD_F_COMP		0x0f    /* Set when doing compression */

 	struct cryptoini	CRD_INI; /* Initialization/context data */
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@ -148,6 +148,16 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
 		}
 	}

+	if (crd->crd_flags & CRD_F_KEY_EXPLICIT) {
+		int error; 
+
+		if (sw->sw_kschedule)
+			exf->zerokey(&(sw->sw_kschedule));
+		error = exf->setkey(&sw->sw_kschedule,
+				crd->crd_key, crd->crd_klen / 8);
+		if (error)
+			return (error);
+	}
 	ivp = iv;

 	if (outtype == CRYPTO_BUF_CONTIG) {