upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 00:32:25 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

update the documentation of the _IV_ flags... _IV_PRESENT doesn't

Browse source 
mean what you think it should...  This will be fixed in the future
with a flag rename, but document what the flag really does and make
the _IV_ flags clear what their presents (or lack there of) means...

Reviewed by:	gnn, eri (both earlier version)
This commit is contained in:
John-Mark Gurney 2015-07-03 00:37:16 +00:00
parent 4e21b8cf6b
commit 2ca5eb5d2d
1 changed files with 10 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
share/man/man9/crypto.9
View file

@ -17,7 +17,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd December 12, 2014
.Dd July 2, 2015
.Dt CRYPTO 9
.Os
.Sh NAME
@ -333,13 +333,13 @@ on the input buffer.
The various fields are:
.Bl -tag -width ".Va crd_inject"
.It Va crd_iv
The field where IV should be provided when the
When the flag
.Dv CRD_F_IV_EXPLICIT
flag is given.
is set, this field contains the IV.
.It Va crd_key
When the
.Dv CRD_F_KEY_EXPLICIT
flag is given, the
flag is set, the
.Va crd_key
points to a buffer with encryption or authentication key.
.It Va crd_alg
@ -370,15 +370,14 @@ The following flags are defined:
For encryption algorithms, this bit is set when encryption is required
(when not set, decryption is performed).
.It Dv CRD_F_IV_PRESENT
For encryption, this bit is set when the IV already
precedes the data, so the
.Va crd_inject
value will be ignored and no IV will be written in the buffer.
Otherwise, the IV used to encrypt the packet will be written
at the location pointed to by
.\" This flag name has nothing to do w/ it's behavior, fix the name.
For encryption, if this bit is not set the IV used to encrypt the packet
will be written at the location pointed to by
.Va crd_inject .
The IV length is assumed to be equal to the blocksize of the
encryption algorithm.
For encryption, if this bit is set, nothing is done.
For decryption, this flag has no meaning.
Applications that do special
.Dq "IV cooking" ,
such as the half-IV mode in
@ -388,7 +387,7 @@ This flag is typically used in conjunction with the
.Dv CRD_F_IV_EXPLICIT
flag.
.It Dv CRD_F_IV_EXPLICIT
For encryption algorithms, this bit is set when the IV is explicitly
This bit is set when the IV is explicitly
provided by the consumer in the
.Va crd_iv
field.