From 29fe41ddd714bae92a09fd4098fad614945bedf5 Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Mon, 20 Apr 2020 22:24:49 +0000 Subject: [PATCH] Retire the CRYPTO_F_IV_GENERATE flag. The sole in-tree user of this flag has been retired, so remove this complexity from all drivers. While here, add a helper routine drivers can use to read the current request's IV into a local buffer. Use this routine to replace duplicated code in nearly all drivers. Reviewed by: cem Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D24450 --- share/man/man9/Makefile | 1 + share/man/man9/crypto_driver.9 | 10 +++++++- share/man/man9/crypto_request.9 | 12 +--------- sys/crypto/aesni/aesni.c | 9 +------- sys/crypto/armv8/armv8_crypto.c | 9 +------- sys/crypto/ccp/ccp_hardware.c | 8 +------ sys/crypto/via/padlock_cipher.c | 8 +------ sys/dev/cesa/cesa.c | 13 ++--------- sys/dev/cxgbe/crypto/t4_crypto.c | 28 ++--------------------- sys/dev/glxsb/glxsb.c | 8 +------ sys/dev/hifn/hifn7751.c | 16 +++---------- sys/dev/safe/safe.c | 11 +-------- sys/dev/sec/sec.c | 14 ++---------- sys/dev/ubsec/ubsec.c | 10 +------- sys/mips/cavium/cryptocteon/cryptocteon.c | 7 +----- sys/mips/nlm/dev/sec/nlmsec.c | 6 +---- sys/opencrypto/crypto.c | 15 ++---------- sys/opencrypto/cryptodev.h | 13 ++++++++++- sys/opencrypto/cryptosoft.c | 25 +++----------------- 19 files changed, 46 insertions(+), 177 deletions(-) diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile index bfdef71f828..a27ef130d1f 100644 --- a/share/man/man9/Makefile +++ b/share/man/man9/Makefile @@ -904,6 +904,7 @@ MLINKS+=crypto_driver.9 crypto_apply.9 \ crypto_driver.9 crypto_done.9 \ crypto_driver.9 crypto_get_driverid.9 \ crypto_driver.9 crypto_get_driver_session.9 \ + crypto_driver.9 crypto_read_iv.9 \ crypto_driver.9 crypto_unblock.9 \ crypto_driver.9 crypto_unregister_all.9 \ crypto_driver.9 CRYPTODEV_FREESESSION.9 \ diff --git a/share/man/man9/crypto_driver.9 b/share/man/man9/crypto_driver.9 index 99260062020..095a7677818 100644 --- a/share/man/man9/crypto_driver.9 +++ b/share/man/man9/crypto_driver.9 @@ -30,7 +30,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 27, 2020 +.Dd April 20, 2020 .Dt CRYPTO_DRIVER 9 .Os .Sh NAME @@ -62,6 +62,8 @@ .Fn crypto_get_driverid "device_t dev" "size_t session_size" "int flags" .Ft void * .Fn crypto_get_driver_session "crypto_session_t crypto_session" +.Ft void +.Fn crypto_read_iv "struct cryptop *crp" "void *iv" .Ft int .Fn crypto_unblock "uint32_t driverid" "int what" .Ft int @@ -261,6 +263,12 @@ The bytes are written starting at an offset of .Fa off bytes in the request's data buffer. .Pp +.Fn crypto_read_iv +copies the IV or nonce for +.Fa crp +into the the local buffer pointed to by +.Fa iv . +.Pp A driver calls .Fn crypto_done to mark the request diff --git a/share/man/man9/crypto_request.9 b/share/man/man9/crypto_request.9 index 4e6dfddfda3..008581d69bb 100644 --- a/share/man/man9/crypto_request.9 +++ b/share/man/man9/crypto_request.9 @@ -30,7 +30,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 27, 2020 +.Dd April 20, 2020 .Dt CRYPTO_REQUEST 9 .Os .Sh NAME @@ -226,16 +226,6 @@ and .Fa crp_digest_start should be left as zero. .Pp -An encryption request using an IV stored in the IV region may set -.Dv CRYPTO_F_IV_GENERATE -in -.Fa crp_flags -to request that the driver generate a random IV. -Note that -.Dv CRYPTO_F_IV_GENERATE -cannot be used with decryption operations or in combination with -.Dv CRYPTO_F_IV_SEPARATE . -.Pp Requests that store part, but not all, of the IV in the data buffer should store the partial IV in the data buffer and pass the full IV separately in .Fa crp_iv . diff --git a/sys/crypto/aesni/aesni.c b/sys/crypto/aesni/aesni.c index 284f460b841..c823e431235 100644 --- a/sys/crypto/aesni/aesni.c +++ b/sys/crypto/aesni/aesni.c @@ -704,14 +704,7 @@ aesni_cipher_crypt(struct aesni_session *ses, struct cryptop *crp, aesni_cipher_setup_common(ses, csp, crp->crp_cipher_key, csp->csp_cipher_klen); - /* Setup iv */ - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(iv, crp->crp_iv, csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, iv); + crypto_read_iv(crp, iv); switch (csp->csp_cipher_alg) { case CRYPTO_AES_CBC: diff --git a/sys/crypto/armv8/armv8_crypto.c b/sys/crypto/armv8/armv8_crypto.c index caaecc25486..21b3fa2f71d 100644 --- a/sys/crypto/armv8/armv8_crypto.c +++ b/sys/crypto/armv8/armv8_crypto.c @@ -335,14 +335,7 @@ armv8_crypto_cipher_process(struct armv8_crypto_session *ses, panic("armv8: new cipher key"); } - /* Setup iv */ - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(iv, crp->crp_iv, csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, iv); + crypto_read_iv(crp, iv); /* Do work */ switch (csp->csp_cipher_alg) { diff --git a/sys/crypto/ccp/ccp_hardware.c b/sys/crypto/ccp/ccp_hardware.c index 113c3ca7489..a2ca8e1cb71 100644 --- a/sys/crypto/ccp/ccp_hardware.c +++ b/sys/crypto/ccp/ccp_hardware.c @@ -1353,13 +1353,7 @@ ccp_collect_iv(struct cryptop *crp, const struct crypto_session_params *csp, char *iv) { - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(iv, crp->crp_iv, csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, iv); + crypto_read_iv(crp, iv); /* * If the input IV is 12 bytes, append an explicit counter of 1. diff --git a/sys/crypto/via/padlock_cipher.c b/sys/crypto/via/padlock_cipher.c index da5463c905d..863ad54454c 100644 --- a/sys/crypto/via/padlock_cipher.c +++ b/sys/crypto/via/padlock_cipher.c @@ -209,13 +209,7 @@ padlock_cipher_process(struct padlock_session *ses, struct cryptop *crp, cw->cw_filler2 = 0; cw->cw_filler3 = 0; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, AES_BLOCK_LEN, 0); - crypto_copyback(crp, crp->crp_iv_start, AES_BLOCK_LEN, iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(iv, crp->crp_iv, AES_BLOCK_LEN); - else - crypto_copydata(crp, crp->crp_iv_start, AES_BLOCK_LEN, iv); + crypto_read_iv(crp, iv); if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { cw->cw_direction = PADLOCK_DIRECTION_ENCRYPT; diff --git a/sys/dev/cesa/cesa.c b/sys/dev/cesa/cesa.c index d4e056d2a09..44cf77a8acc 100644 --- a/sys/dev/cesa/cesa.c +++ b/sys/dev/cesa/cesa.c @@ -1791,17 +1791,8 @@ cesa_process(device_t dev, struct cryptop *crp, int hint) CESA_LOCK(sc, sessions); cesa_sync_desc(sc, BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); - if (csp->csp_cipher_alg != 0) { - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(cr->cr_csd->csd_iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, - cr->cr_csd->csd_iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(cr->cr_csd->csd_iv, crp->crp_iv, csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, - cr->cr_csd->csd_iv); - } + if (csp->csp_cipher_alg != 0) + crypto_read_iv(crp, cr->cr_csd->csd_iv); if (crp->crp_cipher_key != NULL) { memcpy(cs->cs_key, crp->crp_cipher_key, diff --git a/sys/dev/cxgbe/crypto/t4_crypto.c b/sys/dev/cxgbe/crypto/t4_crypto.c index d11de329559..7a57dfed2e3 100644 --- a/sys/dev/cxgbe/crypto/t4_crypto.c +++ b/sys/dev/cxgbe/crypto/t4_crypto.c @@ -665,19 +665,7 @@ ccr_blkcipher(struct ccr_softc *sc, struct ccr_session *s, struct cryptop *crp) crwr = wrtod(wr); memset(crwr, 0, wr_len); - /* - * Read the existing IV from the request or generate a random - * one if none is provided. - */ - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, s->blkcipher.iv_len, 0); - crypto_copyback(crp, crp->crp_iv_start, s->blkcipher.iv_len, - iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(iv, crp->crp_iv, s->blkcipher.iv_len); - else - crypto_copydata(crp, crp->crp_iv_start, s->blkcipher.iv_len, - iv); + crypto_read_iv(crp, iv); /* Zero the remainder of the IV for AES-XTS. */ memset(iv + s->blkcipher.iv_len, 0, iv_len - s->blkcipher.iv_len); @@ -968,19 +956,7 @@ ccr_eta(struct ccr_softc *sc, struct ccr_session *s, struct cryptop *crp) crwr = wrtod(wr); memset(crwr, 0, wr_len); - /* - * Read the existing IV from the request or generate a random - * one if none is provided. - */ - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, s->blkcipher.iv_len, 0); - crypto_copyback(crp, crp->crp_iv_start, s->blkcipher.iv_len, - iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(iv, crp->crp_iv, s->blkcipher.iv_len); - else - crypto_copydata(crp, crp->crp_iv_start, s->blkcipher.iv_len, - iv); + crypto_read_iv(crp, iv); /* Zero the remainder of the IV for AES-XTS. */ memset(iv + s->blkcipher.iv_len, 0, iv_len - s->blkcipher.iv_len); diff --git a/sys/dev/glxsb/glxsb.c b/sys/dev/glxsb/glxsb.c index 0e80b1dba2a..b8a83533099 100644 --- a/sys/dev/glxsb/glxsb.c +++ b/sys/dev/glxsb/glxsb.c @@ -659,13 +659,7 @@ glxsb_crypto_encdec(struct cryptop *crp, struct glxsb_session *ses, else control = SB_CTL_DEC; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(op_iv, sizeof(op_iv), 0); - crypto_copyback(crp, crp->crp_iv_start, sizeof(op_iv), op_iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(op_iv, crp->crp_iv, sizeof(op_iv)); - else - crypto_copydata(crp, crp->crp_iv_start, sizeof(op_iv), op_iv); + crypto_read_iv(crp, op_iv); offset = 0; tlen = crp->crp_payload_length; diff --git a/sys/dev/hifn/hifn7751.c b/sys/dev/hifn/hifn7751.c index 7f188976709..ae642383860 100644 --- a/sys/dev/hifn/hifn7751.c +++ b/sys/dev/hifn/hifn7751.c @@ -2431,7 +2431,7 @@ hifn_process(device_t dev, struct cryptop *crp, int hint) struct hifn_softc *sc = device_get_softc(dev); struct hifn_command *cmd = NULL; const void *mackey; - int err, ivlen, keylen; + int err, keylen; struct hifn_session *ses; ses = crypto_get_driver_session(crp->crp_session); @@ -2485,18 +2485,8 @@ hifn_process(device_t dev, struct cryptop *crp, int hint) err = EINVAL; goto errout; } - if (csp->csp_cipher_alg != CRYPTO_ARC4) { - ivlen = csp->csp_ivlen; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(cmd->iv, ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, ivlen, - cmd->iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(cmd->iv, crp->crp_iv, ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, ivlen, - cmd->iv); - } + if (csp->csp_cipher_alg != CRYPTO_ARC4) + crypto_read_iv(crp, cmd->iv); if (crp->crp_cipher_key != NULL) cmd->ck = crp->crp_cipher_key; diff --git a/sys/dev/safe/safe.c b/sys/dev/safe/safe.c index 99f16de56c5..80e938155b0 100644 --- a/sys/dev/safe/safe.c +++ b/sys/dev/safe/safe.c @@ -894,16 +894,7 @@ safe_process(device_t dev, struct cryptop *crp, int hint) * in the state record and set the hash/crypt offset to * copy both the header+IV. */ - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(re->re_sastate.sa_saved_iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, - re->re_sastate.sa_saved_iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(re->re_sastate.sa_saved_iv, crp->crp_iv, - csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, - re->re_sastate.sa_saved_iv); + crypto_read_iv(crp, re->re_sastate.sa_saved_iv); cmd0 |= SAFE_SA_CMD0_IVLD_STATE; if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { diff --git a/sys/dev/sec/sec.c b/sys/dev/sec/sec.c index 3b3ea001806..50f2e425657 100644 --- a/sys/dev/sec/sec.c +++ b/sys/dev/sec/sec.c @@ -1285,18 +1285,8 @@ sec_process(device_t dev, struct cryptop *crp, int hint) desc->sd_error = 0; desc->sd_crp = crp; - if (csp->csp_cipher_alg != 0) { - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(desc->sd_desc->shd_iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, - desc->sd_desc->shd_iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(desc->sd_desc->shd_iv, crp->crp_iv, - csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, - desc->sd_desc->shd_iv); - } + if (csp->csp_cipher_alg != 0) + crypto_read_iv(crp, desc->sd_desc->shd_iv); if (crp->crp_cipher_key != NULL) memcpy(ses->ss_key, crp->crp_cipher_key, csp->csp_cipher_klen); diff --git a/sys/dev/ubsec/ubsec.c b/sys/dev/ubsec/ubsec.c index e4b324e05f8..bb5c1fe74c9 100644 --- a/sys/dev/ubsec/ubsec.c +++ b/sys/dev/ubsec/ubsec.c @@ -1043,15 +1043,7 @@ ubsec_process(device_t dev, struct cryptop *crp, int hint) ctx.pc_flags |= htole16(UBS_PKTCTX_ENC_3DES); - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(ctx.pc_iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, - csp->csp_ivlen, ctx.pc_iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(ctx.pc_iv, crp->crp_iv, csp->csp_ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, - ctx.pc_iv); + crypto_read_iv(crp, ctx.pc_iv); if (!CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { ctx.pc_flags |= htole16(UBS_PKTCTX_INBOUND); diff --git a/sys/mips/cavium/cryptocteon/cryptocteon.c b/sys/mips/cavium/cryptocteon/cryptocteon.c index 2e1535fd230..56030979f24 100644 --- a/sys/mips/cavium/cryptocteon/cryptocteon.c +++ b/sys/mips/cavium/cryptocteon/cryptocteon.c @@ -365,12 +365,7 @@ cryptocteon_process(device_t dev, struct cryptop *crp, int hint) } if (csp->csp_cipher_alg != 0) { - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv_data, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, - iv_data); - ivp = iv_data; - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) + if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) ivp = crp->crp_iv; else { crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, diff --git a/sys/mips/nlm/dev/sec/nlmsec.c b/sys/mips/nlm/dev/sec/nlmsec.c index 092011916c8..bb32238cbc3 100644 --- a/sys/mips/nlm/dev/sec/nlmsec.c +++ b/sys/mips/nlm/dev/sec/nlmsec.c @@ -470,11 +470,7 @@ xlp_copyiv(struct xlp_sec_softc *sc, struct xlp_sec_command *cmd, crp = cmd->crp; if (csp->csp_cipher_alg != CRYPTO_ARC4) { - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(cmd->iv, csp->csp_ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, csp->csp_ivlen, - cmd->iv); - } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) + if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) memcpy(cmd->iv, crp->crp_iv, csp->csp_ivlen); } } diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c index ca6db921378..36a7f887d9b 100644 --- a/sys/opencrypto/crypto.c +++ b/sys/opencrypto/crypto.c @@ -1280,14 +1280,6 @@ crp_sanity(struct cryptop *crp) ("invalid ETA op %x", crp->crp_op)); break; } - KASSERT((crp->crp_flags & CRYPTO_F_IV_GENERATE) == 0 || - crp->crp_op == CRYPTO_OP_ENCRYPT || - crp->crp_op == (CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST), - ("IV_GENERATE set for non-encryption operation %x", crp->crp_op)); - KASSERT((crp->crp_flags & - (CRYPTO_F_IV_SEPARATE | CRYPTO_F_IV_GENERATE)) != - (CRYPTO_F_IV_SEPARATE | CRYPTO_F_IV_GENERATE), - ("crp with both IV_SEPARATE and IV_GENERATE set")); KASSERT(crp->crp_buf_type >= CRYPTO_BUF_CONTIG && crp->crp_buf_type <= CRYPTO_BUF_MBUF, ("invalid crp buffer type %d", crp->crp_buf_type)); @@ -1305,9 +1297,8 @@ crp_sanity(struct cryptop *crp) ("AAD region in request not supporting AAD")); } if (csp->csp_ivlen == 0) { - KASSERT((crp->crp_flags & - (CRYPTO_F_IV_SEPARATE | CRYPTO_F_IV_GENERATE)) == 0, - ("IV_GENERATE or IV_SEPARATE set when IV isn't used")); + KASSERT((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0, + ("IV_SEPARATE set when IV isn't used")); KASSERT(crp->crp_iv_start == 0, ("crp_iv_start set when IV isn't used")); } else if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) { @@ -1361,8 +1352,6 @@ crypto_dispatch(struct cryptop *crp) crp_sanity(crp); #endif - /* TODO: Handle CRYPTO_F_IV_GENERATE so drivers don't have to. */ - cryptostats.cs_ops++; #ifdef CRYPTO_TIMING diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h index f9aa8a053c3..9600d64b5cf 100644 --- a/sys/opencrypto/cryptodev.h +++ b/sys/opencrypto/cryptodev.h @@ -454,7 +454,6 @@ struct cryptop { * if CRYPTO_F_ASYNC flags is set */ #define CRYPTO_F_IV_SEPARATE 0x0200 /* Use crp_iv[] as IV. */ -#define CRYPTO_F_IV_GENERATE 0x0400 /* Generate a random IV and store. */ int crp_op; @@ -611,5 +610,17 @@ int crypto_apply(struct cryptop *crp, int off, int len, void *crypto_contiguous_subsegment(struct cryptop *crp, size_t skip, size_t len); +static __inline void +crypto_read_iv(struct cryptop *crp, void *iv) +{ + const struct crypto_session_params *csp; + + csp = crypto_get_params(crp->crp_session); + if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) + memcpy(iv, crp->crp_iv, csp->csp_ivlen); + else + crypto_copydata(crp, crp->crp_iv_start, csp->csp_ivlen, iv); +} + #endif /* _KERNEL */ #endif /* _CRYPTO_CRYPTO_H_ */ diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c index e98f710a4e5..849a24dfbe2 100644 --- a/sys/opencrypto/cryptosoft.c +++ b/sys/opencrypto/cryptosoft.c @@ -133,14 +133,7 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp) (crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) return (EINVAL); - /* IV explicitly provided ? */ - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - bcopy(crp->crp_iv, iv, ivlen); - else if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, ivlen, iv); - } else - crypto_copydata(crp, crp->crp_iv_start, ivlen, iv); + crypto_read_iv(crp, iv); if (crp->crp_cipher_key != NULL) { if (sw->sw_kschedule) @@ -510,15 +503,9 @@ swcr_gmac(struct swcr_session *ses, struct cryptop *crp) bcopy(swa->sw_ictx, &ctx, axf->ctxsize); blksz = axf->blocksize; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) - return (EINVAL); - /* Initialize the IV */ ivlen = AES_GCM_IV_LEN; - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - bcopy(crp->crp_iv, iv, ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, ivlen, iv); + crypto_read_iv(crp, iv); axf->Reinit(&ctx, iv, ivlen); for (i = 0; i < crp->crp_payload_length; i += blksz) { @@ -669,15 +656,9 @@ swcr_ccm_cbc_mac(struct swcr_session *ses, struct cryptop *crp) bcopy(swa->sw_ictx, &ctx, axf->ctxsize); blksz = axf->blocksize; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) - return (EINVAL); - /* Initialize the IV */ ivlen = AES_CCM_IV_LEN; - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - bcopy(crp->crp_iv, iv, ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, ivlen, iv); + crypto_read_iv(crp, iv); /* * AES CCM-CBC-MAC needs to know the length of both the auth