Page MenuHomeFreeBSD
Files F142750333

D2936.id6529.diff
No OneTemporary
Actions

D2936.id6529.diff
View Options

Index: lib/libipsec/pfkey_dump.c
===================================================================
--- lib/libipsec/pfkey_dump.c
+++ lib/libipsec/pfkey_dump.c
@@ -187,6 +187,9 @@
#ifdef SADB_X_EALG_AESCTR
{ SADB_X_EALG_AESCTR, "aes-ctr", },
#endif
+#ifdef SADB_X_EALG_AESGCM16
+ { SADB_X_EALG_AESGCM16, "aes-gcm-16", },
+#endif
#ifdef SADB_X_EALG_CAMELLIACBC
{ SADB_X_EALG_CAMELLIACBC, "camellia-cbc", },
#endif
Index: sbin/setkey/setkey.8
===================================================================
--- sbin/setkey/setkey.8
+++ sbin/setkey/setkey.8
@@ -627,11 +627,12 @@
3des-deriv 192 no document
rijndael-cbc 128/192/256 rfc3602
aes-ctr 160/224/288 draft-ietf-ipsec-ciph-aes-ctr-03
+aes-gcm-16 160/224/288 rfc4106
camellia-cbc 128/192/256 rfc4312
.Ed
.Pp
Note that the first 128/192/256 bits of a key for
-.Li aes-ctr
+.Li aes-ctr or aes-gcm-16
will be used as AES key, and remaining 32 bits will be used as nonce.
.Pp
The following are the list of compression algorithms that can be used
Index: sbin/setkey/token.l
===================================================================
--- sbin/setkey/token.l
+++ sbin/setkey/token.l
@@ -168,6 +168,7 @@
<S_ENCALG>rijndael-cbc { yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC); }
<S_ENCALG>camellia-cbc { yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); }
+<S_ENCALG>aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC); }
/* compression algorithms */
{hyphen}C { return(F_COMP); }
Index: sys/amd64/conf/PUNK
===================================================================
--- sys/amd64/conf/PUNK
+++ /dev/null
@@ -1,223 +0,0 @@
-#
-# PUNK -- X230 Specific kernel configuration (non debug)
-#
-# For more information on this file, please read the config(5) manual page,
-# and/or the handbook section on Kernel Configuration Files:
-#
-# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
-#
-# The handbook is also available locally in /usr/share/doc/handbook
-# if you've installed the doc distribution, otherwise always see the
-# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
-# latest information.
-#
-# An exhaustive list of options and more detailed explanations of the
-# device lines is also present in the ../../conf/NOTES and NOTES files.
-# If you are in doubt as to the purpose or necessity of a line, check first
-# in NOTES.
-#
-# $FreeBSD$
-
-cpu HAMMER
-ident GENERIC
-
-makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
-makeoptions WITH_CTF=1 # Run ctfconvert(1) for DTrace support
-
-options SCHED_ULE # ULE scheduler
-options PREEMPTION # Enable kernel thread preemption
-options INET # InterNETworking
-options INET6 # IPv6 communications protocols
-options TCP_OFFLOAD # TCP offload
-options SCTP # Stream Control Transmission Protocol
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_ACL # Support for access control lists
-options UFS_DIRHASH # Improve performance on big directories
-options UFS_GJOURNAL # Enable gjournal-based UFS journaling
-options QUOTA # Enable disk quotas for UFS
-options MD_ROOT # MD is a potential root device
-options NFSCL # New Network Filesystem Client
-options NFSD # New Network Filesystem Server
-options NFSLOCKD # Network Lock Manager
-options NFS_ROOT # NFS usable as /, requires NFSCL
-options MSDOSFS # MSDOS Filesystem
-options CD9660 # ISO 9660 Filesystem
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options GEOM_RAID # Soft RAID functionality.
-options GEOM_LABEL # Provides labelization
-options COMPAT_FREEBSD32 # Compatible with i386 binaries
-options COMPAT_FREEBSD7 # Compatible with FreeBSD7
-options COMPAT_FREEBSD9 # Compatible with FreeBSD9
-options COMPAT_FREEBSD10 # Compatible with FreeBSD10
-options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI
-options KTRACE # ktrace(1) support
-options STACK # stack(9) support
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed.
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
-options AUDIT # Security event auditing
-options CAPABILITY_MODE # Capsicum capability mode
-options CAPABILITIES # Capsicum capabilities
-options MAC # TrustedBSD MAC Framework
-options KDTRACE_FRAME # Ensure frames are compiled in
-options KDTRACE_HOOKS # Kernel DTrace hooks
-options DDB_CTF # Kernel ELF linker loads CTF data
-options INCLUDE_CONFIG_FILE # Include this file in kernel
-
-# Debugging support. Always need this:
-options KDB # Enable kernel debugger support.
-options KDB_TRACE # Print a stack trace for a panic.
-# For full debugger support use (turn off in stable branch):
-options DDB # Support DDB.
-options GDB # Support remote GDB.
-
-# Make an SMP-capable kernel by default
-options SMP # Symmetric MultiProcessor Kernel
-
-# CPU frequency control
-device cpufreq
-
-# Bus support.
-device acpi
-options ACPI_DMAR
-device pci
-
-# Floppy drives
-device fdc
-
-# ATA controllers
-device ahci # AHCI-compatible SATA controllers
-options ATA_STATIC_ID # Static device numbering
-
-# SCSI (for some virtual devices)
-device scbus # SCSI bus (required for ATA/SCSI)
-device da # Direct Access (disks)
-device pass # Passthrough device (direct ATA/SCSI access)
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device kbdmux # keyboard multiplexer
-
-device vga # VGA video card driver
-options VESA # Add support for VESA BIOS Extensions (VBE)
-
-device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-options SC_PIXEL_MODE # add support for the raster text mode
-
-
-# vt is the new video console driver
-device vt
-device vt_vga
-device vt_efifb
-
-device agp # support several AGP chipsets
-
-# PCCARD (PCMCIA) support
-# PCMCIA and cardbus bridge support
-device cbb # cardbus (yenta) bridge
-device pccard # PC Card (16-bit) bus
-device cardbus # CardBus (32-bit) bus
-
-# Serial (COM) ports
-device uart # Generic UART driver
-
-# PCI Ethernet NICs.
-device em # Intel PRO/1000 Gigabit Ethernet Family
-device igb # Intel PRO/1000 PCIE Server Gigabit Family
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-device miibus # MII bus support
-
-# Wireless NIC cards
-device wlan # 802.11 support
-options IEEE80211_DEBUG # enable debug msgs
-options IEEE80211_AMPDU_AGE # age frames in AMPDU reorder q's
-options IEEE80211_SUPPORT_MESH # enable 802.11s draft support
-device wlan_wep # 802.11 WEP support
-device wlan_ccmp # 802.11 CCMP support
-device wlan_tkip # 802.11 TKIP support
-device wlan_amrr # AMRR transmit rate control algorithm
-device an # Aironet 4500/4800 802.11 wireless NICs.
-device ath # Atheros NICs
-device ath_pci # Atheros pci/cardbus glue
-device ath_hal # pci/cardbus chip support
-options AH_SUPPORT_AR5416 # enable AR5416 tx/rx descriptors
-options AH_AR5416_INTERRUPT_MITIGATION # AR5416 interrupt mitigation
-options ATH_ENABLE_11N # Enable 802.11n support for AR5416 and later
-device ath_rate_sample # SampleRate tx rate control for ath
-device ipw # Intel 2100 wireless NICs.
-device iwi # Intel 2200BG/2225BG/2915ABG wireless NICs.
-device iwn # Intel 4965/1000/5000/6000 wireless NICs.
-device malo # Marvell Libertas wireless NICs.
-device mwl # Marvell 88W8363 802.11n wireless NICs.
-device ral # Ralink Technology RT2500 wireless NICs.
-device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-device wpi # Intel 3945ABG wireless NICs.
-
-# Pseudo devices.
-device loop # Network loopback
-device random # Entropy device
-device padlock_rng # VIA Padlock RNG
-device rdrand_rng # Intel Bull Mountain RNG
-device ether # Ethernet support
-device vlan # 802.1Q VLAN support
-device tun # Packet tunnel.
-device md # Memory "disks"
-device gif # IPv6 and IPv4 tunneling
-device firmware # firmware assist module
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-# USB support
-options USB_DEBUG # enable debug msgs
-device uhci # UHCI PCI->USB interface
-device ohci # OHCI PCI->USB interface
-device ehci # EHCI PCI->USB interface (USB 2.0)
-device xhci # XHCI PCI->USB interface (USB 3.0)
-device usb # USB Bus (required)
-device ukbd # Keyboard
-device umass # Disks/Mass storage - Requires scbus and da
-
-# Sound support
-device sound # Generic sound driver (required)
-device snd_cmi # CMedia CMI8338/CMI8738
-device snd_csa # Crystal Semiconductor CS461x/428x
-device snd_emu10kx # Creative SoundBlaster Live! and Audigy
-device snd_es137x # Ensoniq AudioPCI ES137x
-device snd_hda # Intel High Definition Audio
-device snd_ich # Intel, NVidia and other ICH AC'97 Audio
-device snd_via8233 # VIA VT8233x Audio
-
-# MMC/SD
-device mmc # MMC/SD bus
-device mmcsd # MMC/SD memory card
-device sdhci # Generic PCI SD Host Controller
-
-# VirtIO support
-device virtio # Generic VirtIO bus (required)
-device virtio_pci # VirtIO PCI device
-device vtnet # VirtIO Ethernet device
-device virtio_blk # VirtIO Block device
-device virtio_scsi # VirtIO SCSI device
-device virtio_balloon # VirtIO Memory Balloon device
-
-# Netmap provides direct access to TX/RX rings on supported NICs
-device netmap # netmap(4) support
-
Index: sys/crypto/aesni/aesni.h
===================================================================
--- sys/crypto/aesni/aesni.h
+++ sys/crypto/aesni/aesni.h
@@ -65,7 +65,6 @@
int used;
uint32_t id;
TAILQ_ENTRY(aesni_session) next;
- struct fpu_kern_ctx *fpu_ctx;
};
/*
Index: sys/crypto/aesni/aesni.c
===================================================================
--- sys/crypto/aesni/aesni.c
+++ sys/crypto/aesni/aesni.c
@@ -50,20 +50,39 @@
#include <opencrypto/gmac.h>
struct aesni_softc {
+ int dieing;
int32_t cid;
uint32_t sid;
TAILQ_HEAD(aesni_sessions_head, aesni_session) sessions;
struct rwlock lock;
+ struct {
+ struct mtx_padalign ctx_mtx;
+ struct fpu_kern_ctx *ctx_fpu;
+ } aesni_ctxar[MAXCPU];
};
+#define AQUIRE_CTX(sc, i, ctx) \
+ do { \
+ (i) = PCPU_GET(cpuid); \
+ mtx_lock(&(sc)->aesni_ctxar[(i)].ctx_mtx); \
+ (ctx) = (sc)->aesni_ctxar[(i)].ctx_fpu; \
+ } while (0)
+#define RELEASE_CTX(sc, i, ctx) \
+ do { \
+ mtx_unlock(&(sc)->aesni_ctxar[(i)].ctx_mtx); \
+ (i) = -1; \
+ (ctx) = NULL; \
+ } while (0)
+
static int aesni_newsession(device_t, uint32_t *sidp, struct cryptoini *cri);
static int aesni_freesession(device_t, uint64_t tid);
static void aesni_freesession_locked(struct aesni_softc *sc,
struct aesni_session *ses);
-static int aesni_cipher_setup(struct aesni_session *ses,
+static int aesni_cipher_setup(struct aesni_softc *sc, struct aesni_session *ses,
struct cryptoini *encini);
-static int aesni_cipher_process(struct aesni_session *ses,
- struct cryptodesc *enccrd, struct cryptodesc *authcrd, struct cryptop *crp);
+static int aesni_cipher_process(struct aesni_softc *sc,
+ struct aesni_session *ses, struct cryptodesc *enccrd,
+ struct cryptodesc *authcrd, struct cryptop *crp);
MALLOC_DEFINE(M_AESNI, "aesni_data", "AESNI Data");
@@ -99,8 +118,10 @@
aesni_attach(device_t dev)
{
struct aesni_softc *sc;
+ size_t i;
sc = device_get_softc(dev);
+ sc->dieing = 0;
TAILQ_INIT(&sc->sessions);
sc->sid = 1;
sc->cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE |
@@ -110,6 +131,21 @@
return (ENOMEM);
}
+ for (i = 0; i < nitems(sc->aesni_ctxar); i++) {
+ mtx_init(&sc->aesni_ctxar[i].ctx_mtx, "aesnifpumtx", NULL,
+ MTX_DEF|MTX_NEW);
+ sc->aesni_ctxar[i].ctx_fpu = fpu_kern_alloc_ctx(
+ FPU_KERN_NORMAL | FPU_KERN_NOWAIT); /* XXX - drop _NOWAIT */
+ if (sc->aesni_ctxar[i].ctx_fpu == NULL) {
+ while (i-- > 0) {
+ fpu_kern_free_ctx(sc->aesni_ctxar[i].ctx_fpu);
+ sc->aesni_ctxar[i].ctx_fpu = NULL;
+ }
+
+ return (ENOMEM);
+ }
+ }
+
rw_init(&sc->lock, "aesni_lock");
crypto_register(sc->cid, CRYPTO_AES_CBC, 0, 0);
crypto_register(sc->cid, CRYPTO_AES_ICM, 0, 0);
@@ -126,6 +162,7 @@
{
struct aesni_softc *sc;
struct aesni_session *ses;
+ size_t i;
sc = device_get_softc(dev);
rw_wlock(&sc->lock);
@@ -137,14 +174,20 @@
return (EBUSY);
}
}
+ sc->dieing = 1;
while ((ses = TAILQ_FIRST(&sc->sessions)) != NULL) {
TAILQ_REMOVE(&sc->sessions, ses, next);
- fpu_kern_free_ctx(ses->fpu_ctx);
free(ses, M_AESNI);
}
rw_wunlock(&sc->lock);
- rw_destroy(&sc->lock);
crypto_unregister_all(sc->cid);
+ rw_destroy(&sc->lock);
+
+ for (i = 0; i < nitems(sc->aesni_ctxar); i++) {
+ mtx_destroy(&sc->aesni_ctxar[i].ctx_mtx);
+ fpu_kern_free_ctx(sc->aesni_ctxar[i].ctx_fpu);
+ sc->aesni_ctxar[i].ctx_fpu = NULL;
+ }
return (0);
}
@@ -195,6 +238,10 @@
}
rw_wlock(&sc->lock);
+ if (sc->dieing) {
+ rw_wunlock(&sc->lock);
+ return (EINVAL);
+ }
/*
* Free sessions goes first, so if first session is used, we need to
* allocate one.
@@ -206,13 +253,6 @@
rw_wunlock(&sc->lock);
return (ENOMEM);
}
- ses->fpu_ctx = fpu_kern_alloc_ctx(FPU_KERN_NORMAL |
- FPU_KERN_NOWAIT);
- if (ses->fpu_ctx == NULL) {
- free(ses, M_AESNI);
- rw_wunlock(&sc->lock);
- return (ENOMEM);
- }
ses->id = sc->sid++;
} else {
TAILQ_REMOVE(&sc->sessions, ses, next);
@@ -222,7 +262,7 @@
rw_wunlock(&sc->lock);
ses->algo = encini->cri_alg;
- error = aesni_cipher_setup(ses, encini);
+ error = aesni_cipher_setup(sc, ses, encini);
if (error != 0) {
CRYPTDEB("setup failed");
rw_wlock(&sc->lock);
@@ -238,15 +278,12 @@
static void
aesni_freesession_locked(struct aesni_softc *sc, struct aesni_session *ses)
{
- struct fpu_kern_ctx *ctx;
uint32_t sid;
sid = ses->id;
TAILQ_REMOVE(&sc->sessions, ses, next);
- ctx = ses->fpu_ctx;
*ses = (struct aesni_session){};
ses->id = sid;
- ses->fpu_ctx = ctx;
TAILQ_INSERT_HEAD(&sc->sessions, ses, next);
}
@@ -356,7 +393,7 @@
goto out;
}
- error = aesni_cipher_process(ses, enccrd, authcrd, crp);
+ error = aesni_cipher_process(sc, ses, enccrd, authcrd, crp);
if (error != 0)
goto out;
@@ -428,19 +465,31 @@
MODULE_DEPEND(aesni, crypto, 1, 1, 1);
static int
-aesni_cipher_setup(struct aesni_session *ses, struct cryptoini *encini)
+aesni_cipher_setup(struct aesni_softc *sc, struct aesni_session *ses,
+ struct cryptoini *encini)
{
struct thread *td;
+ struct fpu_kern_ctx *ctx;
int error;
+ int kt, ctxidx;
+
+ kt = is_fpu_kern_thread(0);
+ if (!kt) {
+ td = curthread;
+ AQUIRE_CTX(sc, ctxidx, ctx);
+ error = fpu_kern_enter(td, ctx, FPU_KERN_NORMAL|FPU_KERN_KTHR);
+ if (error != 0)
+ goto out;
+ }
- td = curthread;
- error = fpu_kern_enter(td, ses->fpu_ctx, FPU_KERN_NORMAL |
- FPU_KERN_KTHR);
- if (error != 0)
- return (error);
error = aesni_cipher_setup_common(ses, encini->cri_key,
encini->cri_klen);
- fpu_kern_leave(td, ses->fpu_ctx);
+
+ if (!kt) {
+ fpu_kern_leave(td, ctx);
+out:
+ RELEASE_CTX(sc, ctxidx, ctx);
+ }
return (error);
}
@@ -448,14 +497,16 @@
* authcrd contains the associated date.
*/
static int
-aesni_cipher_process(struct aesni_session *ses, struct cryptodesc *enccrd,
- struct cryptodesc *authcrd, struct cryptop *crp)
+aesni_cipher_process(struct aesni_softc *sc, struct aesni_session *ses,
+ struct cryptodesc *enccrd, struct cryptodesc *authcrd, struct cryptop *crp)
{
uint8_t tag[GMAC_DIGEST_LEN];
+ struct fpu_kern_ctx *ctx;
struct thread *td;
uint8_t *buf, *authbuf;
int error, allocated, authallocated;
int ivlen, encflag;
+ int kt, ctxidx;
encflag = (enccrd->crd_flags & CRD_F_ENCRYPT) == CRD_F_ENCRYPT;
@@ -478,11 +529,14 @@
}
}
- td = curthread;
- error = fpu_kern_enter(td, ses->fpu_ctx, FPU_KERN_NORMAL |
- FPU_KERN_KTHR);
- if (error != 0)
- goto out1;
+ kt = is_fpu_kern_thread(0);
+ if (!kt) {
+ td = curthread;
+ AQUIRE_CTX(sc, ctxidx, ctx);
+ error = fpu_kern_enter(td, ctx, FPU_KERN_NORMAL|FPU_KERN_KTHR);
+ if (error != 0)
+ goto out2;
+ }
if ((enccrd->crd_flags & CRD_F_KEY_EXPLICIT) != 0) {
error = aesni_cipher_setup_common(ses, enccrd->crd_key,
@@ -577,7 +631,12 @@
}
out:
- fpu_kern_leave(td, ses->fpu_ctx);
+ if (!kt) {
+ fpu_kern_leave(td, ctx);
+out2:
+ RELEASE_CTX(sc, ctxidx, ctx);
+ }
+
out1:
if (allocated) {
bzero(buf, enccrd->crd_len);
Index: sys/crypto/aesni/aesni_ghash.c
===================================================================
--- sys/crypto/aesni/aesni_ghash.c
+++ sys/crypto/aesni/aesni_ghash.c
@@ -67,7 +67,6 @@
#ifdef _KERNEL
#include <crypto/aesni/aesni.h>
-#include <crypto/aesni/aesni_os.h>
#else
#include <stdint.h>
#endif
Index: sys/net/pfkeyv2.h
===================================================================
--- sys/net/pfkeyv2.h
+++ sys/net/pfkeyv2.h
@@ -343,6 +343,9 @@
#define SADB_X_AALG_SHA2_512 7
#define SADB_X_AALG_RIPEMD160HMAC 8
#define SADB_X_AALG_AES_XCBC_MAC 9 /* draft-ietf-ipsec-ciph-aes-xcbc-mac-04 */
+#define SADB_X_AALG_AES128GMAC 11 /* RFC4543 + Errata1821 */
+#define SADB_X_AALG_AES192GMAC 12
+#define SADB_X_AALG_AES256GMAC 13
/* private allocations should use 249-255 (RFC2407) */
#define SADB_X_AALG_MD5 249 /* Keyed MD5 */
#define SADB_X_AALG_SHA 250 /* Keyed SHA */
@@ -360,8 +363,12 @@
#define SADB_X_EALG_BLOWFISHCBC 7
#define SADB_X_EALG_RIJNDAELCBC 12
#define SADB_X_EALG_AES 12
+#define SADB_X_EALG_AESGCM8 18 /* RFC4106 */
+#define SADB_X_EALG_AESGCM12 19
+#define SADB_X_EALG_AESGCM16 20
/* private allocations - based on RFC4312/IANA assignment */
#define SADB_X_EALG_CAMELLIACBC 22
+#define SADB_X_EALG_AESGMAC 23 /* RFC4543 + Errata1821 */
/* private allocations should use 249-255 (RFC2407) */
#define SADB_X_EALG_SKIPJACK 249 /*250*/ /* for IPSEC */
#define SADB_X_EALG_AESCTR 250 /*249*/ /* draft-ietf-ipsec-ciph-aes-ctr-03 */
Index: sys/netipsec/xform_ah.c
===================================================================
--- sys/netipsec/xform_ah.c
+++ sys/netipsec/xform_ah.c
@@ -82,11 +82,11 @@
(((sav)->flags & SADB_X_EXT_OLD) ? \
sizeof (struct ah) : sizeof (struct ah) + sizeof (u_int32_t))
/*
- * Return authenticator size in bytes. The old protocol is known
- * to use a fixed 16-byte authenticator. The new algorithm use 12-byte
- * authenticator.
+ * Return authenticator size in bytes, based on a field in the
+ * algorithm descriptor.
*/
-#define AUTHSIZE(sav) ah_authsize(sav)
+#define AUTHSIZE(sav) \
+ ((sav->flags & SADB_X_EXT_OLD) ? 16 : (sav)->tdb_authalgxform->hashsize)
VNET_DEFINE(int, ah_enable) = 1; /* control flow of packets with AH */
VNET_DEFINE(int, ah_cleartos) = 1; /* clear ip_tos when doing AH calc */
@@ -112,27 +112,6 @@
static int ah_input_cb(struct cryptop*);
static int ah_output_cb(struct cryptop*);
-static int
-ah_authsize(struct secasvar *sav)
-{
-
- IPSEC_ASSERT(sav != NULL, ("%s: sav == NULL", __func__));
-
- if (sav->flags & SADB_X_EXT_OLD)
- return 16;
-
- switch (sav->alg_auth) {
- case SADB_X_AALG_SHA2_256:
- return 16;
- case SADB_X_AALG_SHA2_384:
- return 24;
- case SADB_X_AALG_SHA2_512:
- return 32;
- default:
- return AH_HMAC_HASHLEN;
- }
- /* NOTREACHED */
-}
/*
* NB: this is public for use by the PF_KEY support.
*/
@@ -160,6 +139,12 @@
return &auth_hash_hmac_sha2_384;
case SADB_X_AALG_SHA2_512:
return &auth_hash_hmac_sha2_512;
+ case SADB_X_AALG_AES128GMAC:
+ return &auth_hash_nist_gmac_aes_128;
+ case SADB_X_AALG_AES192GMAC:
+ return &auth_hash_nist_gmac_aes_192;
+ case SADB_X_AALG_AES256GMAC:
+ return &auth_hash_nist_gmac_aes_256;
}
return NULL;
}
Index: sys/netipsec/xform_esp.c
===================================================================
--- sys/netipsec/xform_esp.c
+++ sys/netipsec/xform_esp.c
@@ -121,6 +121,12 @@
return &enc_xform_null;
case SADB_X_EALG_CAMELLIACBC:
return &enc_xform_camellia;
+ case SADB_X_EALG_AESCTR:
+ return &enc_xform_aes_icm;
+ case SADB_X_EALG_AESGCM16:
+ return &enc_xform_aes_nist_gcm;
+ case SADB_X_EALG_AESGMAC:
+ return &enc_xform_aes_nist_gmac;
}
return NULL;
}
@@ -198,7 +204,7 @@
* the ESP header will be processed incorrectly. The
* compromise is to force it to zero here.
*/
- sav->ivlen = (txform == &enc_xform_null ? 0 : txform->blocksize);
+ sav->ivlen = (txform == &enc_xform_null ? 0 : txform->ivsize);
sav->iv = (caddr_t) malloc(sav->ivlen, M_XDATA, M_WAITOK);
key_randomfill(sav->iv, sav->ivlen); /*XXX*/
@@ -215,11 +221,46 @@
sav->tdb_xform = xsp;
sav->tdb_encalgxform = txform;
+ /*
+ * Whenever AES-GCM is used for encryption, one
+ * of the AES authentication algorithms is chosen
+ * as well, based on the key size.
+ */
+ if (sav->alg_enc == SADB_X_EALG_AESGCM16) {
+ switch (keylen) {
+ case AES_128_HMAC_KEY_LEN:
+ sav->alg_auth = SADB_X_AALG_AES128GMAC;
+ sav->tdb_authalgxform = &auth_hash_nist_gmac_aes_128;
+ break;
+ case AES_192_HMAC_KEY_LEN:
+ sav->alg_auth = SADB_X_AALG_AES192GMAC;
+ sav->tdb_authalgxform = &auth_hash_nist_gmac_aes_192;
+ break;
+ case AES_256_HMAC_KEY_LEN:
+ sav->alg_auth = SADB_X_AALG_AES256GMAC;
+ sav->tdb_authalgxform = &auth_hash_nist_gmac_aes_256;
+ break;
+ default:
+ DPRINTF(("%s: invalid key length %u"
+ "for algorithm %s\n", __func__,
+ keylen, txform->name));
+
+ return EINVAL;
+ }
+ bzero(&cria, sizeof(cria));
+ cria.cri_alg = sav->tdb_authalgxform->type;
+ cria.cri_klen = _KEYBITS(sav->key_enc) + 4;
+ cria.cri_key = sav->key_enc->key_data;
+ }
+
/* Initialize crypto session. */
bzero(&crie, sizeof (crie));
crie.cri_alg = sav->tdb_encalgxform->type;
crie.cri_klen = _KEYBITS(sav->key_enc);
crie.cri_key = sav->key_enc->key_data;
+ if (sav->alg_enc == SADB_X_EALG_AESGCM16)
+ arc4rand(crie.cri_iv, sav->ivlen, 0);
+
/* XXX Rounds ? */
if (sav->tdb_authalgxform && sav->tdb_encalgxform) {
@@ -289,7 +330,6 @@
m_freem(m);
return EINVAL;
}
-
/* XXX don't pullup, just copy header */
IP6_EXTHDR_GET(esp, struct newesp *, m, skip, sizeof (struct newesp));
@@ -302,18 +342,7 @@
else
hlen = sizeof (struct newesp) + sav->ivlen;
/* Authenticator hash size */
- if (esph != NULL) {
- switch (esph->type) {
- case CRYPTO_SHA2_256_HMAC:
- case CRYPTO_SHA2_384_HMAC:
- case CRYPTO_SHA2_512_HMAC:
- alen = esph->hashsize/2;
- break;
- default:
- alen = AH_HMAC_HASHLEN;
- break;
- }
- }
+ alen = esph ? esph->hashsize : 0;
/*
* Verify payload length is multiple of encryption algorithm
@@ -325,13 +354,15 @@
*/
plen = m->m_pkthdr.len - (skip + hlen + alen);
if ((plen & (espx->blocksize - 1)) || (plen <= 0)) {
- DPRINTF(("%s: payload of %d octets not a multiple of %d octets,"
- " SA %s/%08lx\n", __func__,
- plen, espx->blocksize, ipsec_address(&sav->sah->saidx.dst,
- buf, sizeof(buf)), (u_long) ntohl(sav->spi)));
- ESPSTAT_INC(esps_badilen);
- m_freem(m);
- return EINVAL;
+ if (!espx || sav->alg_enc != SADB_X_EALG_AESGCM16) {
+ DPRINTF(("%s: payload of %d octets not a multiple of %d octets,"
+ " SA %s/%08lx\n", __func__,
+ plen, espx->blocksize, ipsec_address(&sav->sah->saidx.dst,
+ buf, sizeof(buf)), (u_long) ntohl(sav->spi)));
+ ESPSTAT_INC(esps_badilen);
+ m_freem(m);
+ return EINVAL;
+ }
}
/*
@@ -377,12 +408,20 @@
/* Authentication descriptor */
crda->crd_skip = skip;
- crda->crd_len = m->m_pkthdr.len - (skip + alen);
+ if (espx && espx->type == CRYPTO_AES_NIST_GCM_16)
+ crda->crd_len = hlen - sav->ivlen;
+ else
+ crda->crd_len = m->m_pkthdr.len - (skip + alen);
crda->crd_inject = m->m_pkthdr.len - alen;
crda->crd_alg = esph->type;
- crda->crd_key = sav->key_auth->key_data;
- crda->crd_klen = _KEYBITS(sav->key_auth);
+ if (espx && (espx->type == CRYPTO_AES_NIST_GCM_16)) {
+ crda->crd_key = sav->key_enc->key_data;
+ crda->crd_klen = _KEYBITS(sav->key_enc);
+ } else {
+ crda->crd_key = sav->key_auth->key_data;
+ crda->crd_klen = _KEYBITS(sav->key_auth);
+ }
/* Copy the authenticator */
m_copydata(m, m->m_pkthdr.len - alen, alen,
@@ -420,6 +459,9 @@
crde->crd_alg = espx->type;
crde->crd_key = sav->key_enc->key_data;
crde->crd_klen = _KEYBITS(sav->key_enc);
+ if (espx && (espx->type == CRYPTO_AES_NIST_GCM_16))
+ crde->crd_flags |= CRD_F_IV_EXPLICIT;
+
/* XXX Rounds ? */
return (crypto_dispatch(crp));
@@ -489,16 +531,7 @@
/* If authentication was performed, check now. */
if (esph != NULL) {
- switch (esph->type) {
- case CRYPTO_SHA2_256_HMAC:
- case CRYPTO_SHA2_384_HMAC:
- case CRYPTO_SHA2_512_HMAC:
- alen = esph->hashsize/2;
- break;
- default:
- alen = AH_HMAC_HASHLEN;
- break;
- }
+ alen = esph->hashsize;
AHSTAT_INC(ahs_hist[sav->alg_auth]);
/* Copy the authenticator from the packet */
m_copydata(m, m->m_pkthdr.len - alen, alen, aalg);
@@ -663,22 +696,13 @@
* NB: The null encoding transform has a blocksize of 4
* so that headers are properly aligned.
*/
- blks = espx->blocksize; /* IV blocksize */
+ blks = espx->ivsize; /* IV blocksize */
/* XXX clamp padding length a la KAME??? */
padding = ((blks - ((rlen + 2) % blks)) % blks) + 2;
if (esph)
- switch (esph->type) {
- case CRYPTO_SHA2_256_HMAC:
- case CRYPTO_SHA2_384_HMAC:
- case CRYPTO_SHA2_512_HMAC:
- alen = esph->hashsize/2;
- break;
- default:
- alen = AH_HMAC_HASHLEN;
- break;
- }
+ alen = esph->hashsize;
else
alen = 0;
@@ -706,6 +730,8 @@
error = EPFNOSUPPORT;
goto bad;
}
+ DPRINTF(("%s: skip %d hlen %d rlen %d padding %d alen %d blksd %d\n",
+ __func__, skip, hlen, rlen, padding, alen, blks));
if (skip + hlen + rlen + padding + alen > maxpacketsize) {
DPRINTF(("%s: packet in SA %s/%08lx got too big "
"(len %u, max len %u)\n", __func__,
@@ -820,6 +846,8 @@
crde->crd_alg = espx->type;
crde->crd_key = sav->key_enc->key_data;
crde->crd_klen = _KEYBITS(sav->key_enc);
+ if (espx->type == CRYPTO_AES_NIST_GCM_16)
+ crde->crd_flags |= CRD_F_IV_EXPLICIT;
/* XXX Rounds ? */
} else
crda = crp->crp_desc;
@@ -854,13 +882,22 @@
if (esph) {
/* Authentication descriptor. */
crda->crd_skip = skip;
- crda->crd_len = m->m_pkthdr.len - (skip + alen);
+ if (espx && espx->type == CRYPTO_AES_NIST_GCM_16)
+ crda->crd_len = hlen - sav->ivlen;
+ else
+ crda->crd_len = m->m_pkthdr.len - (skip + alen);
crda->crd_inject = m->m_pkthdr.len - alen;
/* Authentication operation. */
crda->crd_alg = esph->type;
- crda->crd_key = sav->key_auth->key_data;
- crda->crd_klen = _KEYBITS(sav->key_auth);
+ if (espx && espx->type == CRYPTO_AES_NIST_GCM_16) {
+ crda->crd_key = sav->key_enc->key_data;
+ crda->crd_klen = _KEYBITS(sav->key_enc);
+ } else {
+ crda->crd_key = sav->key_auth->key_data;
+ crda->crd_klen = _KEYBITS(sav->key_auth);
+ }
+
}
return crypto_dispatch(crp);
@@ -953,6 +990,11 @@
case CRYPTO_SHA2_512_HMAC:
alen = esph->hashsize/2;
break;
+ case CRYPTO_AES_128_GMAC:
+ case CRYPTO_AES_192_GMAC:
+ case CRYPTO_AES_256_GMAC:
+ alen = esph->hashsize;
+ break;
default:
alen = AH_HMAC_HASHLEN;
break;
Index: sys/opencrypto/cryptodev.h
===================================================================
--- sys/opencrypto/cryptodev.h
+++ sys/opencrypto/cryptodev.h
@@ -78,6 +78,7 @@
#define SHA2_512_HASH_LEN 64
#define MD5_KPDK_HASH_LEN 16
#define SHA1_KPDK_HASH_LEN 20
+#define AES_HASH_LEN 16
/* Maximum hash algorithm result length */
#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
@@ -93,21 +94,67 @@
#define HMAC_MAX_BLOCK_LEN SHA2_512_HMAC_BLOCK_LEN /* Keep this updated */
#define HMAC_IPAD_VAL 0x36
#define HMAC_OPAD_VAL 0x5C
+/* HMAC Key Length */
+#define NULL_HMAC_KEY_LEN 0
+#define MD5_HMAC_KEY_LEN 16
+#define SHA1_HMAC_KEY_LEN 20
+#define RIPEMD160_HMAC_KEY_LEN 20
+#define SHA2_256_HMAC_KEY_LEN 32
+#define SHA2_384_HMAC_KEY_LEN 48
+#define SHA2_512_HMAC_KEY_LEN 64
+#define AES_128_HMAC_KEY_LEN 16
+#define AES_192_HMAC_KEY_LEN 24
+#define AES_256_HMAC_KEY_LEN 32
/* Encryption algorithm block sizes */
-#define NULL_BLOCK_LEN 4
-#define DES_BLOCK_LEN 8
-#define DES3_BLOCK_LEN 8
-#define BLOWFISH_BLOCK_LEN 8
-#define SKIPJACK_BLOCK_LEN 8
-#define CAST128_BLOCK_LEN 8
-#define RIJNDAEL128_BLOCK_LEN 16
-#define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN
-#define CAMELLIA_BLOCK_LEN 16
-#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
+#define NULL_BLOCK_LEN 4
+#define DES_BLOCK_LEN 8
+#define DES3_BLOCK_LEN 8
+#define BLOWFISH_BLOCK_LEN 8
+#define SKIPJACK_BLOCK_LEN 8
+#define CAST128_BLOCK_LEN 8
+#define RIJNDAEL128_BLOCK_LEN 16
+#define AES_BLOCK_LEN 16
+#define AES_MIN_BLOCK_LEN 1
+#define ARC4_BLOCK_LEN 1
+#define CAMELLIA_BLOCK_LEN 16
+#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
+
+/* IV Lengths */
+
+#define ARC4_IV_LEN 1
+#define AES_IV_LEN 12
+#define AES_XTS_IV_LEN 8
+#define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */
+
+#define AES_CTR_NONCE_SIZE 4
+
+/* Min and Max Encryption Key Sizes */
+#define NULL_MIN_KEY 0
+#define NULL_MAX_KEY 256 /* 2048 bits, max key */
+#define DES_MIN_KEY 8
+#define DES_MAX_KEY DES_MIN_KEY
+#define TRIPLE_DES_MIN_KEY 24
+#define TRIPLE_DES_MAX_KEY TRIPLE_DES_MIN_KEY
+#define BLOWFISH_MIN_KEY 5
+#define BLOWFISH_MAX_KEY 56 /* 448 bits, max key */
+#define CAST_MIN_KEY 5
+#define CAST_MAX_KEY 16
+#define SKIPJACK_MIN_KEY 10
+#define SKIPJACK_MAX_KEY SKIPJACK_MIN_KEY
+#define RIJNDAEL_MIN_KEY 16
+#define RIJNDAEL_MAX_KEY 32
+#define AES_MIN_KEY 16
+#define AES_MAX_KEY 32
+#define AES_XTS_MIN_KEY 32
+#define AES_XTS_MAX_KEY 64
+#define ARC4_MIN_KEY 1
+#define ARC4_MAX_KEY 32
+#define CAMELLIA_MIN_KEY 8
+#define CAMELLIA_MAX_KEY 32
/* Maximum hash algorithm result length */
-#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
+#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
#define CRYPTO_ALGORITHM_MIN 1
#define CRYPTO_DES_CBC 1
@@ -141,7 +188,7 @@
#define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */
#define CRYPTO_ALGORITHM_MAX 28 /* Keep updated - see below */
-#define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \
+#define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \
(x) <= CRYPTO_ALGORITHM_MAX)
/* Algorithm flags */
Index: sys/opencrypto/xform.c
===================================================================
--- sys/opencrypto/xform.c
+++ sys/opencrypto/xform.c
@@ -154,7 +154,7 @@
struct enc_xform enc_xform_null = {
CRYPTO_NULL_CBC, "NULL",
/* NB: blocksize of 4 is to generate a properly aligned ESP header */
- NULL_BLOCK_LEN, NULL_BLOCK_LEN, 0, 256, /* 2048 bits, max key */
+ NULL_BLOCK_LEN, NULL_BLOCK_LEN, NULL_MIN_KEY, NULL_MAX_KEY,
null_encrypt,
null_decrypt,
null_setkey,
@@ -164,7 +164,7 @@
struct enc_xform enc_xform_des = {
CRYPTO_DES_CBC, "DES",
- DES_BLOCK_LEN, DES_BLOCK_LEN, 8, 8,
+ DES_BLOCK_LEN, DES_BLOCK_LEN, DES_MIN_KEY, DES_MAX_KEY,
des1_encrypt,
des1_decrypt,
des1_setkey,
@@ -174,7 +174,8 @@
struct enc_xform enc_xform_3des = {
CRYPTO_3DES_CBC, "3DES",
- DES3_BLOCK_LEN, DES3_BLOCK_LEN, 24, 24,
+ DES3_BLOCK_LEN, DES3_BLOCK_LEN, TRIPLE_DES_MIN_KEY,
+ TRIPLE_DES_MAX_KEY,
des3_encrypt,
des3_decrypt,
des3_setkey,
@@ -184,7 +185,8 @@
struct enc_xform enc_xform_blf = {
CRYPTO_BLF_CBC, "Blowfish",
- BLOWFISH_BLOCK_LEN, BLOWFISH_BLOCK_LEN, 5, 56 /* 448 bits, max key */,
+ BLOWFISH_BLOCK_LEN, BLOWFISH_BLOCK_LEN, BLOWFISH_MIN_KEY,
+ BLOWFISH_MAX_KEY,
blf_encrypt,
blf_decrypt,
blf_setkey,
@@ -194,7 +196,7 @@
struct enc_xform enc_xform_cast5 = {
CRYPTO_CAST_CBC, "CAST-128",
- CAST128_BLOCK_LEN, CAST128_BLOCK_LEN, 5, 16,
+ CAST128_BLOCK_LEN, CAST128_BLOCK_LEN, CAST_MIN_KEY, CAST_MAX_KEY,
cast5_encrypt,
cast5_decrypt,
cast5_setkey,
@@ -204,7 +206,8 @@
struct enc_xform enc_xform_skipjack = {
CRYPTO_SKIPJACK_CBC, "Skipjack",
- SKIPJACK_BLOCK_LEN, SKIPJACK_BLOCK_LEN, 10, 10,
+ SKIPJACK_BLOCK_LEN, SKIPJACK_BLOCK_LEN, SKIPJACK_MIN_KEY,
+ SKIPJACK_MAX_KEY,
skipjack_encrypt,
skipjack_decrypt, skipjack_setkey,
skipjack_zerokey,
@@ -213,7 +216,8 @@
struct enc_xform enc_xform_rijndael128 = {
CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES",
- RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, 16, 32,
+ RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, RIJNDAEL_MIN_KEY,
+ RIJNDAEL_MAX_KEY,
rijndael128_encrypt,
rijndael128_decrypt,
rijndael128_setkey,
@@ -223,7 +227,7 @@
struct enc_xform enc_xform_aes_icm = {
CRYPTO_AES_ICM, "AES-ICM",
- RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, 16, 32,
+ RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, AES_MIN_KEY, AES_MAX_KEY,
aes_icm_crypt,
aes_icm_crypt,
aes_icm_setkey,
@@ -233,7 +237,7 @@
struct enc_xform enc_xform_aes_nist_gcm = {
CRYPTO_AES_NIST_GCM_16, "AES-GCM",
- 1, 12, 16, 32,
+ AES_MIN_BLOCK_LEN, AES_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
aes_icm_crypt,
aes_icm_crypt,
aes_icm_setkey,
@@ -243,7 +247,7 @@
struct enc_xform enc_xform_aes_nist_gmac = {
CRYPTO_AES_NIST_GMAC, "AES-GMAC",
- 1, 12, 16, 32,
+ AES_MIN_BLOCK_LEN, AES_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
NULL,
NULL,
NULL,
@@ -253,7 +257,7 @@
struct enc_xform enc_xform_aes_xts = {
CRYPTO_AES_XTS, "AES-XTS",
- RIJNDAEL128_BLOCK_LEN, 8, 32, 64,
+ AES_MIN_BLOCK_LEN, AES_XTS_IV_LEN, AES_XTS_MIN_KEY, AES_XTS_MAX_KEY,
aes_xts_encrypt,
aes_xts_decrypt,
aes_xts_setkey,
@@ -263,7 +267,7 @@
struct enc_xform enc_xform_arc4 = {
CRYPTO_ARC4, "ARC4",
- 1, 1, 1, 32,
+ ARC4_BLOCK_LEN, ARC4_IV_LEN, ARC4_MIN_KEY, ARC4_MAX_KEY,
NULL,
NULL,
NULL,
@@ -273,7 +277,8 @@
struct enc_xform enc_xform_camellia = {
CRYPTO_CAMELLIA_CBC, "Camellia",
- CAMELLIA_BLOCK_LEN, CAMELLIA_BLOCK_LEN, 8, 32,
+ CAMELLIA_BLOCK_LEN, CAMELLIA_BLOCK_LEN, CAMELLIA_MIN_KEY,
+ CAMELLIA_MAX_KEY,
cml_encrypt,
cml_decrypt,
cml_setkey,
@@ -284,67 +289,67 @@
/* Authentication instances */
struct auth_hash auth_hash_null = { /* NB: context isn't used */
CRYPTO_NULL_HMAC, "NULL-HMAC",
- 0, NULL_HASH_LEN, sizeof(int), NULL_HMAC_BLOCK_LEN,
+ NULL_HMAC_KEY_LEN, NULL_HASH_LEN, sizeof(int), NULL_HMAC_BLOCK_LEN,
null_init, null_reinit, null_reinit, null_update, null_final
};
struct auth_hash auth_hash_hmac_md5 = {
CRYPTO_MD5_HMAC, "HMAC-MD5",
- 16, MD5_HASH_LEN, sizeof(MD5_CTX), MD5_HMAC_BLOCK_LEN,
+ MD5_HMAC_KEY_LEN, MD5_HASH_LEN, sizeof(MD5_CTX), MD5_HMAC_BLOCK_LEN,
(void (*) (void *)) MD5Init, NULL, NULL, MD5Update_int,
(void (*) (u_int8_t *, void *)) MD5Final
};
struct auth_hash auth_hash_hmac_sha1 = {
CRYPTO_SHA1_HMAC, "HMAC-SHA1",
- 20, SHA1_HASH_LEN, sizeof(SHA1_CTX), SHA1_HMAC_BLOCK_LEN,
+ SHA1_HMAC_KEY_LEN, SHA1_HASH_LEN, sizeof(SHA1_CTX), SHA1_HMAC_BLOCK_LEN,
SHA1Init_int, NULL, NULL, SHA1Update_int, SHA1Final_int
};
struct auth_hash auth_hash_hmac_ripemd_160 = {
CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160",
- 20, RIPEMD160_HASH_LEN, sizeof(RMD160_CTX), RIPEMD160_HMAC_BLOCK_LEN,
+ RIPEMD160_HMAC_KEY_LEN, RIPEMD160_HASH_LEN, sizeof(RMD160_CTX), RIPEMD160_HMAC_BLOCK_LEN,
(void (*)(void *)) RMD160Init, NULL, NULL, RMD160Update_int,
(void (*)(u_int8_t *, void *)) RMD160Final
};
struct auth_hash auth_hash_key_md5 = {
CRYPTO_MD5_KPDK, "Keyed MD5",
- 0, MD5_KPDK_HASH_LEN, sizeof(MD5_CTX), 0,
+ NULL_HMAC_KEY_LEN, MD5_KPDK_HASH_LEN, sizeof(MD5_CTX), 0,
(void (*)(void *)) MD5Init, NULL, NULL, MD5Update_int,
(void (*)(u_int8_t *, void *)) MD5Final
};
struct auth_hash auth_hash_key_sha1 = {
CRYPTO_SHA1_KPDK, "Keyed SHA1",
- 0, SHA1_KPDK_HASH_LEN, sizeof(SHA1_CTX), 0,
+ NULL_HMAC_KEY_LEN, SHA1_KPDK_HASH_LEN, sizeof(SHA1_CTX), 0,
SHA1Init_int, NULL, NULL, SHA1Update_int, SHA1Final_int
};
struct auth_hash auth_hash_hmac_sha2_256 = {
CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
- 32, SHA2_256_HASH_LEN, sizeof(SHA256_CTX), SHA2_256_HMAC_BLOCK_LEN,
+ SHA2_256_HMAC_KEY_LEN, SHA2_256_HASH_LEN, sizeof(SHA256_CTX), SHA2_256_HMAC_BLOCK_LEN,
(void (*)(void *)) SHA256_Init, NULL, NULL, SHA256Update_int,
(void (*)(u_int8_t *, void *)) SHA256_Final
};
struct auth_hash auth_hash_hmac_sha2_384 = {
CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384",
- 48, SHA2_384_HASH_LEN, sizeof(SHA384_CTX), SHA2_384_HMAC_BLOCK_LEN,
+ SHA2_384_HMAC_KEY_LEN, SHA2_384_HASH_LEN, sizeof(SHA384_CTX), SHA2_384_HMAC_BLOCK_LEN,
(void (*)(void *)) SHA384_Init, NULL, NULL, SHA384Update_int,
(void (*)(u_int8_t *, void *)) SHA384_Final
};
struct auth_hash auth_hash_hmac_sha2_512 = {
CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512",
- 64, SHA2_512_HASH_LEN, sizeof(SHA512_CTX), SHA2_512_HMAC_BLOCK_LEN,
+ SHA2_512_HMAC_KEY_LEN, SHA2_512_HASH_LEN, sizeof(SHA512_CTX), SHA2_512_HMAC_BLOCK_LEN,
(void (*)(void *)) SHA512_Init, NULL, NULL, SHA512Update_int,
(void (*)(u_int8_t *, void *)) SHA512_Final
};
struct auth_hash auth_hash_nist_gmac_aes_128 = {
CRYPTO_AES_128_NIST_GMAC, "GMAC-AES-128",
- 16, 16, sizeof(struct aes_gmac_ctx), GMAC_BLOCK_LEN,
+ AES_128_HMAC_KEY_LEN, AES_HASH_LEN, sizeof(struct aes_gmac_ctx), GMAC_BLOCK_LEN,
(void (*)(void *)) AES_GMAC_Init,
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
@@ -354,7 +359,7 @@
struct auth_hash auth_hash_nist_gmac_aes_192 = {
CRYPTO_AES_192_NIST_GMAC, "GMAC-AES-192",
- 24, 16, sizeof(struct aes_gmac_ctx), GMAC_BLOCK_LEN,
+ AES_192_HMAC_KEY_LEN, AES_HASH_LEN, sizeof(struct aes_gmac_ctx), GMAC_BLOCK_LEN,
(void (*)(void *)) AES_GMAC_Init,
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
@@ -364,7 +369,7 @@
struct auth_hash auth_hash_nist_gmac_aes_256 = {
CRYPTO_AES_256_NIST_GMAC, "GMAC-AES-256",
- 32, 16, sizeof(struct aes_gmac_ctx), GMAC_BLOCK_LEN,
+ AES_256_HMAC_KEY_LEN, AES_HASH_LEN, sizeof(struct aes_gmac_ctx), GMAC_BLOCK_LEN,
(void (*)(void *)) AES_GMAC_Init,
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey,
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
Index: usr.bin/netstat/ipsec.c
===================================================================
--- usr.bin/netstat/ipsec.c
+++ usr.bin/netstat/ipsec.c
@@ -157,6 +157,9 @@
#ifdef SADB_X_EALG_AESCTR
{ SADB_X_EALG_AESCTR, "aes-ctr", },
#endif
+#ifdef SADB_X_EALG_AESGCM16
+ { SADB_X_EALG_AESGCM16, "aes-gcm-16", },
+#endif
{ -1, NULL },
};

File Metadata

Mime Type
text/plain
Expires
Sat, Jan 24, 2:41 AM (5 h, 30 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
27892991
Default Alt Text
D2936.id6529.diff (38 KB)

Event Timeline