Remove incomplete support for plain MD5 from OCF.

Although a few drivers supported this algorithm, there were never any in-kernel consumers. cryptosoft and cryptodev never supported it, and there was not a software xform auth_hash for it. Reviewed by: cem Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D24767
2020-05-11 20:40:30 +00:00 · 2020-05-11 20:40:30 +00:00 · 9b5631807e
commit 9b5631807e
parent 4bde63536c
10 changed files with 3 additions and 39 deletions
--- a/share/man/man4/hifn.4
+++ b/share/man/man4/hifn.4
@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 19, 2009
+.Dd May 11, 2020
 .Dt HIFN 4
 .Os
 .Sh NAME
@ -57,7 +57,7 @@ driver supports various cards containing the Hifn 7751, 7951,
 The
 .Nm
 driver registers itself to accelerate DES, Triple-DES,
-AES (7955 and 7956 only), ARC4, MD5,
+AES (7955 and 7956 only), ARC4,
 MD5-HMAC, SHA1, and SHA1-HMAC operations for
 .Xr ipsec 4
 and
--- a/share/man/man9/crypto.9
+++ b/share/man/man9/crypto.9
@ -17,7 +17,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 27, 2020
+.Dd May 11, 2020
 .Dt CRYPTO 9
 .Os
 .Sh NAME
@ -106,7 +106,6 @@ The following authentication algorithms are supported:
 .It Dv CRYPTO_AES_NIST_GMAC
 .It Dv CRYPTO_BLAKE2B
 .It Dv CRYPTO_BLAKE2S
-.It Dv CRYPTO_MD5
 .It Dv CRYPTO_MD5_HMAC
 .It Dv CRYPTO_MD5_KPDK
 .It Dv CRYPTO_NULL_HMAC
--- a/sys/dev/cesa/cesa.c
+++ b/sys/dev/cesa/cesa.c
@ -1607,7 +1607,6 @@ cesa_auth_supported(struct cesa_softc *sc,
 		    sc->sc_soc_id == MV_DEV_88F6810))
 			return (false);
 		/* FALLTHROUGH */
-	case CRYPTO_MD5:
 	case CRYPTO_MD5_HMAC:
 	case CRYPTO_SHA1:
 	case CRYPTO_SHA1_HMAC:
@ -1686,12 +1685,6 @@ cesa_newsession(device_t dev, crypto_session_t cses,
 	}

 	switch (csp->csp_auth_alg) {
-	case CRYPTO_MD5:
-		cs->cs_mblen = 1;
-		cs->cs_hlen = (csp->csp_auth_mlen == 0) ? MD5_HASH_LEN :
-		    csp->csp_auth_mlen;
-		cs->cs_config |= CESA_CSHD_MD5;
-		break;
 	case CRYPTO_MD5_HMAC:
 		cs->cs_mblen = MD5_BLOCK_LEN;
 		cs->cs_hlen = (csp->csp_auth_mlen == 0) ? MD5_HASH_LEN :
--- a/sys/dev/hifn/hifn7751.c
+++ b/sys/dev/hifn/hifn7751.c
@ -2315,7 +2315,6 @@ hifn_auth_supported(struct hifn_softc *sc,
 	}
 		
 	switch (csp->csp_auth_alg) {
-	case CRYPTO_MD5:
 	case CRYPTO_SHA1:
 		break;
 	case CRYPTO_MD5_HMAC:
@ -2524,11 +2523,6 @@ hifn_process(device_t dev, struct cryptop *crp, int hint)
 		cmd->base_masks |= HIFN_BASE_CMD_MAC;

 		switch (csp->csp_auth_alg) {
-		case CRYPTO_MD5:
-			cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
-			    HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
-			    HIFN_MAC_CMD_POS_IPSEC;
-                       break;
 		case CRYPTO_MD5_HMAC:
 			cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
 			    HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
--- a/sys/dev/sec/sec.c
+++ b/sys/dev/sec/sec.c
@ -1180,7 +1180,6 @@ sec_auth_supported(struct sec_softc *sc,
 		if (csp->csp_auth_klen > SEC_MAX_KEY_LEN)
 			return (false);
 		break;
-	case CRYPTO_MD5:
 	case CRYPTO_SHA1:
 		break;
 	default:
@ -1530,7 +1529,6 @@ static bool
 sec_mdeu_can_handle(u_int alg)
 {
 	switch (alg) {
-	case CRYPTO_MD5:
 	case CRYPTO_SHA1:
 	case CRYPTO_MD5_HMAC:
 	case CRYPTO_SHA1_HMAC:
@ -1554,8 +1552,6 @@ sec_mdeu_config(const struct crypto_session_params *csp, u_int *eu, u_int *mode,
 	switch (csp->csp_auth_alg) {
 	case CRYPTO_MD5_HMAC:
 		*mode |= SEC_MDEU_MODE_HMAC;
-		/* FALLTHROUGH */
-	case CRYPTO_MD5:
 		*eu = SEC_EU_MDEU_A;
 		*mode |= SEC_MDEU_MODE_MD5;
 		*hashlen = MD5_HASH_LEN;
--- a/sys/mips/nlm/dev/sec/nlmsec.c
+++ b/sys/mips/nlm/dev/sec/nlmsec.c
@ -376,7 +376,6 @@ xlp_sec_auth_supported(const struct crypto_session_params *csp)
 {

 	switch (csp->csp_auth_alg) {
-	case CRYPTO_MD5:
 	case CRYPTO_SHA1:
 	case CRYPTO_MD5_HMAC:
 	case CRYPTO_SHA1_HMAC:
--- a/sys/mips/nlm/dev/sec/nlmseclib.c
+++ b/sys/mips/nlm/dev/sec/nlmseclib.c
@ -273,10 +273,6 @@ nlm_get_digest_param(struct xlp_sec_command *cmd,
    const struct crypto_session_params *csp)
 {
 	switch(csp->csp_auth_alg) {
-	case CRYPTO_MD5:
-		cmd->hashalg  = NLM_HASH_MD5;
-		cmd->hashmode = NLM_HASH_MODE_SHA1;
-		break;
 	case CRYPTO_SHA1:
 		cmd->hashalg  = NLM_HASH_SHA;
 		cmd->hashmode = NLM_HASH_MODE_SHA1;
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@ -550,10 +550,6 @@ crypto_auth_hash(const struct crypto_session_params *csp)
 		return (&auth_hash_key_md5);
 	case CRYPTO_SHA1_KPDK:
 		return (&auth_hash_key_sha1);
-#ifdef notyet
-	case CRYPTO_MD5:
-		return (&auth_hash_md5);
-#endif
 	case CRYPTO_SHA1:
 		return (&auth_hash_sha1);
 	case CRYPTO_SHA2_224:
@ -704,7 +700,6 @@ static enum alg_type {
 	[CRYPTO_SHA1_KPDK] = ALG_KEYED_DIGEST,
 	[CRYPTO_AES_CBC] = ALG_CIPHER,
 	[CRYPTO_ARC4] = ALG_CIPHER,
-	[CRYPTO_MD5] = ALG_DIGEST,
 	[CRYPTO_SHA1] = ALG_DIGEST,
 	[CRYPTO_NULL_HMAC] = ALG_DIGEST,
 	[CRYPTO_NULL_CBC] = ALG_CIPHER,
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@ -506,11 +506,6 @@ cryptof_ioctl(
 				return (EINVAL);
 			}
 			break;
-#ifdef notdef
-		case CRYPTO_MD5:
-			thash = &auth_hash_md5;
-			break;
-#endif
 		case CRYPTO_SHA1:
 			thash = &auth_hash_sha1;
 			break;
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@ -980,9 +980,6 @@ swcr_setup_auth(struct swcr_session *ses,
 		if (csp->csp_mode == CSP_MODE_DIGEST)
 			ses->swcr_process = swcr_authcompute;
 		break;
-#ifdef notdef
-	case CRYPTO_MD5:
-#endif
 	case CRYPTO_SHA1:
 	case CRYPTO_SHA2_224:
 	case CRYPTO_SHA2_256: