diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/plugins/crypto_ia32/aes_cbc.c | 39 | ||||
-rw-r--r-- | src/plugins/crypto_ia32/aesni.h | 3 | ||||
-rw-r--r-- | src/vnet/crypto/crypto.c | 2 |
3 files changed, 28 insertions, 16 deletions
diff --git a/src/plugins/crypto_ia32/aes_cbc.c b/src/plugins/crypto_ia32/aes_cbc.c index 281cc83705a..091f7b6a539 100644 --- a/src/plugins/crypto_ia32/aes_cbc.c +++ b/src/plugins/crypto_ia32/aes_cbc.c @@ -95,10 +95,12 @@ aesni_ops_enc_aes_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], vm->thread_index); int rounds = AESNI_KEY_ROUNDS (ks); u8 dummy[8192]; - u8 *src[4], *dst[4], *key[4]; + u8 *src[4] = { }; + u8 *dst[4] = { }; + u8 *key[4] = { }; u32x4 dummy_mask, len = { }; u32 i, j, count, n_left = n_ops; - __m128i r[4], k[4][rounds + 1]; + __m128i r[4] = { }, k[4][rounds + 1]; more: for (i = 0; i < 4; i++) @@ -187,22 +189,30 @@ aesni_ops_dec_aes_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops, aesni_key_size_t ks) { int rounds = AESNI_KEY_ROUNDS (ks); - u8 *last_key = 0; - u32 i; + vnet_crypto_op_t *op = ops[0]; + u32 n_left = n_ops; + u8 *last_key; __m128i k[rounds + 1]; - for (i = 0; i < n_ops; i++) + ASSERT (n_ops >= 1); + +key_expand: + last_key = op->key; + aes_key_expand (k, op->key, ks); + aes_key_enc_to_dec (k, ks); + +decrypt: + aes_cbc_dec (k, op->src, op->dst, op->iv, op->len, rounds); + op->status = VNET_CRYPTO_OP_STATUS_COMPLETED; + + if (--n_left) { - vnet_crypto_op_t *op = ops[i]; + op += 1; if (last_key != op->key) - { - aes_key_expand (k, op->key, ks); - last_key = op->key; - aes_key_enc_to_dec (k, rounds); - } - aes_cbc_dec (k, op->src, op->dst, op->iv, op->len, rounds); - op->status = VNET_CRYPTO_OP_STATUS_COMPLETED; + goto key_expand; + goto decrypt; } + return n_ops; } @@ -237,7 +247,8 @@ crypto_ia32_aesni_cbc_init (vlib_main_t * vm) { for (int i = 0; i < 4; i++) { - if (read(fd, ptd->cbc_iv, sizeof (ptd->cbc_iv)) < 0) + if (read(fd, ptd->cbc_iv, sizeof (ptd->cbc_iv)) != + sizeof (ptd->cbc_iv)) { err = clib_error_return_unix (0, "'/dev/urandom' read failure"); goto error; diff --git a/src/plugins/crypto_ia32/aesni.h b/src/plugins/crypto_ia32/aesni.h index 077889ae903..28e09fc5c51 100644 --- a/src/plugins/crypto_ia32/aesni.h +++ b/src/plugins/crypto_ia32/aesni.h @@ -195,8 +195,9 @@ aes_key_expand (__m128i * k, u8 * key, aesni_key_size_t ks) static_always_inline void -aes_key_enc_to_dec (__m128i * k, aesni_key_size_t rounds) +aes_key_enc_to_dec (__m128i * k, aesni_key_size_t ks) { + int rounds = AESNI_KEY_ROUNDS (ks); __m128i r; r = k[rounds]; diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c index 3dcb2ec33bd..9d0ad8b13ca 100644 --- a/src/vnet/crypto/crypto.c +++ b/src/vnet/crypto/crypto.c @@ -30,7 +30,7 @@ vnet_crypto_process_ops_call_handler (vlib_main_t * vm, if (cm->ops_handlers[opt] == 0) { - while (n_ops) + while (n_ops--) { ops[0]->status = VNET_CRYPTO_OP_STATUS_FAIL_NO_HANDLER; ops++; |