src - FreeBSD source tree

diff options


context:
space:
mode:

author	John Baldwin <jhb@FreeBSD.org>	2020-05-11 21:34:29 +0000
committer	John Baldwin <jhb@FreeBSD.org>	2020-05-11 21:34:29 +0000
commit	0e00c709d7f1cdaeb584d244df9534bcdd0ac527 (patch)
tree	23d89d0624d4de7dca540e363018ca0c9bfdcb2e /sys/dev
parent	32075647ef7fedb53479d3872960d9ae40e86491 (diff)

Remove support for DES and Triple DES from OCF.

It no longer has any in-kernel consumers via OCF. smbfs still uses single DES directly, so sys/crypto/des remains for that use case. Reviewed by: cem Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D24773

Notes

Notes: svn path=/head/; revision=360933

Diffstat (limited to 'sys/dev')

-rw-r--r--

sys/dev/cesa/cesa.c

-rw-r--r--

sys/dev/hifn/hifn7751.c

-rw-r--r--

sys/dev/safe/safe.c

-rw-r--r--

sys/dev/sec/sec.c

4 files changed, 0 insertions, 131 deletions

diff --git a/sys/dev/cesa/cesa.c b/sys/dev/cesa/cesa.c
index eb7ef532ab76..782a37cdc8e2 100644
--- a/sys/dev/cesa/cesa.c
+++ b/sys/dev/cesa/cesa.c

@@ -1577,14 +1577,6 @@ cesa_cipher_supported(const struct crypto_session_params *csp)

if (csp->csp_ivlen != AES_BLOCK_LEN)

return (false);

break;

- case CRYPTO_DES_CBC:

- if (csp->csp_ivlen != DES_BLOCK_LEN)

- return (false);

- break;

- case CRYPTO_3DES_CBC:

- if (csp->csp_ivlen != DES3_BLOCK_LEN)

- return (false);

- break;

default:

return (false);

}

@@ -1673,15 +1665,6 @@ cesa_newsession(device_t dev, crypto_session_t cses,

cs->cs_config |= CESA_CSHD_AES | CESA_CSHD_CBC;

cs->cs_ivlen = AES_BLOCK_LEN;

break;

- case CRYPTO_DES_CBC:

- cs->cs_config |= CESA_CSHD_DES | CESA_CSHD_CBC;

- cs->cs_ivlen = DES_BLOCK_LEN;

- break;

- case CRYPTO_3DES_CBC:

- cs->cs_config |= CESA_CSHD_3DES | CESA_CSHD_3DES_EDE |

- CESA_CSHD_CBC;

- cs->cs_ivlen = DES3_BLOCK_LEN;

- break;

}

switch (csp->csp_auth_alg) {

diff --git a/sys/dev/hifn/hifn7751.c b/sys/dev/hifn/hifn7751.c
index b090316d86a3..bd234db134f3 100644
--- a/sys/dev/hifn/hifn7751.c
+++ b/sys/dev/hifn/hifn7751.c

@@ -1604,14 +1604,6 @@ hifn_write_command(struct hifn_command *cmd, u_int8_t *buf)

if (using_crypt && cmd->cry_masks & HIFN_CRYPT_CMD_NEW_KEY) {

switch (cmd->cry_masks & HIFN_CRYPT_CMD_ALG_MASK) {

- case HIFN_CRYPT_CMD_ALG_3DES:

- bcopy(cmd->ck, buf_pos, HIFN_3DES_KEY_LENGTH);

- buf_pos += HIFN_3DES_KEY_LENGTH;

- break;

- case HIFN_CRYPT_CMD_ALG_DES:

- bcopy(cmd->ck, buf_pos, HIFN_DES_KEY_LENGTH);

- buf_pos += HIFN_DES_KEY_LENGTH;

- break;

case HIFN_CRYPT_CMD_ALG_AES:

* AES keys are variable 128, 192 and

@@ -2328,8 +2320,6 @@ hifn_cipher_supported(struct hifn_softc *sc,

switch (sc->sc_ena) {

case HIFN_PUSTAT_ENA_2:

switch (csp->csp_cipher_alg) {

- case CRYPTO_3DES_CBC:

- break;

case CRYPTO_AES_CBC:

if ((sc->sc_flags & HIFN_HAS_AES) == 0)

return (false);

@@ -2343,13 +2333,6 @@ hifn_cipher_supported(struct hifn_softc *sc,

}

return (true);

}

- /*FALLTHROUGH*/

- case HIFN_PUSTAT_ENA_1:

- switch (csp->csp_cipher_alg) {

- case CRYPTO_DES_CBC:

- return (true);

- }

- break;

}

return (false);

}

@@ -2448,16 +2431,6 @@ hifn_process(device_t dev, struct cryptop *crp, int hint)

cmd->base_masks |= HIFN_BASE_CMD_DECODE;

cmd->base_masks |= HIFN_BASE_CMD_CRYPT;

switch (csp->csp_cipher_alg) {

- case CRYPTO_DES_CBC:

- cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES |

- HIFN_CRYPT_CMD_MODE_CBC |

- HIFN_CRYPT_CMD_NEW_IV;

- break;

- case CRYPTO_3DES_CBC:

- cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_3DES |

- HIFN_CRYPT_CMD_MODE_CBC |

- HIFN_CRYPT_CMD_NEW_IV;

- break;

case CRYPTO_AES_CBC:

cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_AES |

HIFN_CRYPT_CMD_MODE_CBC |

diff --git a/sys/dev/safe/safe.c b/sys/dev/safe/safe.c
index 80e938155b09..48dfbf68130c 100644
--- a/sys/dev/safe/safe.c
+++ b/sys/dev/safe/safe.c

@@ -694,20 +694,6 @@ safe_cipher_supported(struct safe_softc *sc,

{

switch (csp->csp_cipher_alg) {

- case CRYPTO_DES_CBC:

- case CRYPTO_3DES_CBC:

- if ((sc->sc_devinfo & SAFE_DEVINFO_DES) == 0)

- return (false);

- if (csp->csp_ivlen != 8)

- return (false);

- if (csp->csp_cipher_alg == CRYPTO_DES_CBC) {

- if (csp->csp_cipher_klen != 8)

- return (false);

- } else {

- if (csp->csp_cipher_klen != 24)

- return (false);

- }

- break;

case CRYPTO_AES_CBC:

if ((sc->sc_devinfo & SAFE_DEVINFO_AES) == 0)

return (false);

@@ -866,14 +852,6 @@ safe_process(device_t dev, struct cryptop *crp, int hint)

safe_setup_enckey(ses, crp->crp_cipher_key);

switch (csp->csp_cipher_alg) {

- case CRYPTO_DES_CBC:

- cmd0 |= SAFE_SA_CMD0_DES;

- cmd1 |= SAFE_SA_CMD1_CBC;

- break;

- case CRYPTO_3DES_CBC:

- cmd0 |= SAFE_SA_CMD0_3DES;

- cmd1 |= SAFE_SA_CMD1_CBC;

- break;

case CRYPTO_AES_CBC:

cmd0 |= SAFE_SA_CMD0_AES;

cmd1 |= SAFE_SA_CMD1_CBC;

diff --git a/sys/dev/sec/sec.c b/sys/dev/sec/sec.c
index 1ea5039f18ae..9aec4163724f 100644
--- a/sys/dev/sec/sec.c
+++ b/sys/dev/sec/sec.c

@@ -106,12 +106,6 @@ static int sec_aesu_make_desc(struct sec_softc *sc,

const struct crypto_session_params *csp, struct sec_desc *desc,

struct cryptop *crp);

-/* DEU */

-static bool sec_deu_newsession(const struct crypto_session_params *csp);

-static int sec_deu_make_desc(struct sec_softc *sc,

- const struct crypto_session_params *csp, struct sec_desc *desc,

- struct cryptop *crp);

/* MDEU */

static bool sec_mdeu_can_handle(u_int alg);

static int sec_mdeu_config(const struct crypto_session_params *csp,

@@ -154,10 +148,6 @@ static struct sec_eu_methods sec_eus[] = {

sec_aesu_make_desc,

{

- sec_deu_newsession,

- sec_deu_make_desc,

- },

- {

sec_mdeu_newsession,

sec_mdeu_make_desc,

@@ -1147,12 +1137,6 @@ sec_cipher_supported(const struct crypto_session_params *csp)

if (csp->csp_ivlen != AES_BLOCK_LEN)

return (false);

break;

- case CRYPTO_DES_CBC:

- case CRYPTO_3DES_CBC:

- /* DEU */

- if (csp->csp_ivlen != DES_BLOCK_LEN)

- return (false);

- break;

default:

return (false);

}

@@ -1474,55 +1458,6 @@ sec_aesu_make_desc(struct sec_softc *sc,

return (error);

}

-/* DEU */

-static bool

-sec_deu_newsession(const struct crypto_session_params *csp)

- switch (csp->csp_cipher_alg) {

- case CRYPTO_DES_CBC:

- case CRYPTO_3DES_CBC:

- return (true);

- default:

- return (false);

- }

-static int

-sec_deu_make_desc(struct sec_softc *sc, const struct crypto_session_params *csp,

- struct sec_desc *desc, struct cryptop *crp)

- struct sec_hw_desc *hd = desc->sd_desc;

- int error;

- hd->shd_eu_sel0 = SEC_EU_DEU;

- hd->shd_mode0 = SEC_DEU_MODE_CBC;

- switch (csp->csp_cipher_alg) {

- case CRYPTO_3DES_CBC:

- hd->shd_mode0 |= SEC_DEU_MODE_TS;

- break;

- case CRYPTO_DES_CBC:

- break;

- default:

- return (EINVAL);

- }

- if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) {

- hd->shd_mode0 |= SEC_DEU_MODE_ED;

- hd->shd_dir = 0;

- } else

- hd->shd_dir = 1;

- if (csp->csp_mode == CSP_MODE_ETA)

- error = sec_build_common_s_desc(sc, desc, csp, crp);

- else

- error = sec_build_common_ns_desc(sc, desc, csp, crp);

- return (error);

/* MDEU */

static bool