Add support for changing IVs in sessions

2 files changed, 23 insertions, 0 deletions

diff --git a/crypto.4 b/crypto.4
index 0dc21e9431f..c2d1102b538 100644
--- a/crypto.4
+++ b/crypto.4
@@ -571,6 +571,10 @@ member.
 The following input attributes are recognized:
 
 .RS
+.IP \fBNCR_ATTR_IV\fP
+Only used for some operations and algorithms.
+Optional,
+IV from session initialization or left from last update is used if not present.
 .IP \fBNCR_ATTR_UPDATE_INPUT_DATA\fP
 A
 .B struct ncr_session_input_data
diff --git a/ncr-sessions.c b/ncr-sessions.c
index 41f8a4c9000..460df6f637c 100644
--- a/ncr-sessions.c
+++ b/ncr-sessions.c
@@ -661,6 +661,7 @@ static int get_userbuf2(struct session_item_st *ses, struct nlattr *tb[],
 static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses,
 			       struct nlattr *tb[], int compat)
 {
+	const struct nlattr *nla;
 	int ret;
 	struct session_item_st* sess;
 	struct scatterlist *isg = NULL;
@@ -703,6 +704,15 @@ static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses,
 				goto fail;
 			}
 
+			if (sess->algorithm->is_symmetric
+			    && sess->algorithm->needs_iv) {
+				nla = tb[NCR_ATTR_IV];
+				if (nla != NULL)
+					cryptodev_cipher_set_iv(&sess->cipher,
+								nla_data(nla),
+								nla_len(nla));
+			}
+
 			ret = _ncr_session_encrypt(sess, isg, isg_cnt, isg_size, 
 				osg, osg_cnt, &osg_size);
 			if (ret < 0) {
@@ -731,6 +741,15 @@ static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses,
 				goto fail;
 			}
 
+			if (sess->algorithm->is_symmetric
+			    && sess->algorithm->needs_iv) {
+				nla = tb[NCR_ATTR_IV];
+				if (nla != NULL)
+					cryptodev_cipher_set_iv(&sess->cipher,
+								nla_data(nla),
+								nla_len(nla));
+			}
+
 			ret = _ncr_session_decrypt(sess, isg, isg_cnt, isg_size, 
 				osg, osg_cnt, &osg_size);
 			if (ret < 0) {