git: cryptoapi - constify IV and pass-in IV length as well
Michael Neumann
mneumann at crater.dragonflybsd.org
Mon Apr 21 03:53:08 PDT 2025
commit df22c5bb39650210ea37d22ae42049c9a1f1d910
Author: Michael Neumann <mneumann at ntecs.de>
Date: Sat Apr 19 18:43:45 2025 +0200
cryptoapi - constify IV and pass-in IV length as well
* This only affects XTS mode as CBC never mutated the IV.
* Never pass-in data of unknown length.
* In case of XTS, add a tweak to the contex, similar to what
FreeBSD does.
* Get rid of crypto_cipher_iv union type. simplify.
* Also ensure that, in case we pass in a "too short" IV,
we never read beyond the end of the passed-in IV. Zero-pad
it in that case.
Summary of changes:
sys/crypto/cryptoapi/cryptoapi.c | 172 +++++++++++++++++++++++----------------
sys/crypto/cryptoapi/cryptoapi.h | 24 ++----
2 files changed, 109 insertions(+), 87 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/df22c5bb39650210ea37d22ae42049c9a1f1d910
--
DragonFly BSD source repository
More information about the Commits
mailing list