Changeset View
Changeset View
Standalone View
Standalone View
sys/opencrypto/cryptosoft.c
Context not available. | |||||
caddr_t buf = (caddr_t)crp->crp_buf; | caddr_t buf = (caddr_t)crp->crp_buf; | ||||
uint32_t *blkp; | uint32_t *blkp; | ||||
int aadlen, blksz, i, ivlen, len, iskip, oskip, r; | int aadlen, blksz, i, ivlen, len, iskip, oskip, r; | ||||
int isccm = 0; | |||||
ivlen = blksz = iskip = oskip = 0; | ivlen = blksz = iskip = oskip = 0; | ||||
Context not available. | |||||
return (EINVAL); | return (EINVAL); | ||||
switch (sw->sw_alg) { | switch (sw->sw_alg) { | ||||
case CRYPTO_AES_CCM_16: | |||||
isccm = 1; | |||||
case CRYPTO_AES_NIST_GCM_16: | case CRYPTO_AES_NIST_GCM_16: | ||||
case CRYPTO_AES_NIST_GMAC: | case CRYPTO_AES_NIST_GMAC: | ||||
swe = sw; | swe = sw; | ||||
Context not available. | |||||
exf = swe->sw_exf; | exf = swe->sw_exf; | ||||
ivlen = 12; | ivlen = 12; | ||||
break; | break; | ||||
case CRYPTO_AES_128_CCM_CBC_MAC: | |||||
case CRYPTO_AES_192_CCM_CBC_MAC: | |||||
case CRYPTO_AES_256_CCM_CBC_MAC: | |||||
isccm = 1; | |||||
case CRYPTO_AES_128_NIST_GMAC: | case CRYPTO_AES_128_NIST_GMAC: | ||||
case CRYPTO_AES_192_NIST_GMAC: | case CRYPTO_AES_192_NIST_GMAC: | ||||
case CRYPTO_AES_256_NIST_GMAC: | case CRYPTO_AES_256_NIST_GMAC: | ||||
Context not available. | |||||
if (crde == NULL || crda == NULL) | if (crde == NULL || crda == NULL) | ||||
return (EINVAL); | return (EINVAL); | ||||
if (crde->crd_alg == CRYPTO_AES_NIST_GCM_16 && | if ((crde->crd_alg == CRYPTO_AES_NIST_GCM_16 || | ||||
crde->crd_alg == CRYPTO_AES_CCM_16) && | |||||
(crde->crd_flags & CRD_F_IV_EXPLICIT) == 0) | (crde->crd_flags & CRD_F_IV_EXPLICIT) == 0) | ||||
return (EINVAL); | return (EINVAL); | ||||
Context not available. | |||||
} | } | ||||
} | } | ||||
if (swa) { | |||||
switch (swa->sw_alg) { | |||||
case CRYPTO_AES_128_CCM_CBC_MAC: | |||||
case CRYPTO_AES_192_CCM_CBC_MAC: | |||||
case CRYPTO_AES_256_CCM_CBC_MAC: | |||||
/* | |||||
* AES CCM-CBC needs to know the length of | |||||
* both the auth data, and payload data, before | |||||
* doing the auth computation. | |||||
*/ | |||||
ctx.aes_cbc_mac_ctx.authDataLength = crda->crd_len; | |||||
ctx.aes_cbc_mac_ctx.cryptDataLength = crde->crd_len; | |||||
break; | |||||
} | |||||
} | |||||
/* Supply MAC with IV */ | /* Supply MAC with IV */ | ||||
if (axf->Reinit) | if (axf->Reinit) | ||||
axf->Reinit(&ctx, iv, ivlen); | axf->Reinit(&ctx, iv, ivlen); | ||||
Context not available. | |||||
crypto_copydata(crp->crp_flags, buf, crde->crd_skip + i, len, | crypto_copydata(crp->crp_flags, buf, crde->crd_skip + i, len, | ||||
blk); | blk); | ||||
if (crde->crd_flags & CRD_F_ENCRYPT) { | if (crde->crd_flags & CRD_F_ENCRYPT) { | ||||
if (isccm) | |||||
axf->Update(&ctx, blk, len); | |||||
if (exf->encrypt_multi != NULL) | if (exf->encrypt_multi != NULL) | ||||
exf->encrypt_multi(swe->sw_kschedule, blk, | exf->encrypt_multi(swe->sw_kschedule, blk, | ||||
len); | len); | ||||
else | else | ||||
exf->encrypt(swe->sw_kschedule, blk); | exf->encrypt(swe->sw_kschedule, blk); | ||||
axf->Update(&ctx, blk, len); | if (!isccm) | ||||
axf->Update(&ctx, blk, len); | |||||
crypto_copyback(crp->crp_flags, buf, | crypto_copyback(crp->crp_flags, buf, | ||||
crde->crd_skip + i, len, blk); | crde->crd_skip + i, len, blk); | ||||
} else { | } else { | ||||
if (isccm) | |||||
exf->decrypt(swe->sw_kschedule, blk); | |||||
axf->Update(&ctx, blk, len); | axf->Update(&ctx, blk, len); | ||||
} | } | ||||
} | } | ||||
Context not available. | |||||
r = timingsafe_bcmp(aalg, uaalg, axf->hashsize); | r = timingsafe_bcmp(aalg, uaalg, axf->hashsize); | ||||
if (r == 0) { | if (r == 0) { | ||||
/* tag matches, decrypt data */ | /* tag matches, decrypt data */ | ||||
if (isccm && exf->reinit) | |||||
exf->reinit(swe->sw_kschedule, iv); | |||||
for (i = 0; i < crde->crd_len; i += blksz) { | for (i = 0; i < crde->crd_len; i += blksz) { | ||||
len = MIN(crde->crd_len - i, blksz); | len = MIN(crde->crd_len - i, blksz); | ||||
if (len < blksz) | if (len < blksz) | ||||
Context not available. | |||||
case CRYPTO_AES_NIST_GCM_16: | case CRYPTO_AES_NIST_GCM_16: | ||||
txf = &enc_xform_aes_nist_gcm; | txf = &enc_xform_aes_nist_gcm; | ||||
goto enccommon; | goto enccommon; | ||||
case CRYPTO_AES_CCM_16: | |||||
txf = &enc_xform_ccm; | |||||
goto enccommon; | |||||
case CRYPTO_AES_NIST_GMAC: | case CRYPTO_AES_NIST_GMAC: | ||||
txf = &enc_xform_aes_nist_gmac; | txf = &enc_xform_aes_nist_gmac; | ||||
(*swd)->sw_exf = txf; | (*swd)->sw_exf = txf; | ||||
Context not available. | |||||
break; | break; | ||||
#endif | #endif | ||||
case CRYPTO_AES_128_CCM_CBC_MAC: | |||||
axf = &auth_hash_ccm_cbc_mac_128; | |||||
goto auth4common; | |||||
case CRYPTO_AES_192_CCM_CBC_MAC: | |||||
axf = &auth_hash_ccm_cbc_mac_192; | |||||
goto auth4common; | |||||
case CRYPTO_AES_256_CCM_CBC_MAC: | |||||
axf = &auth_hash_ccm_cbc_mac_256; | |||||
goto auth4common; | |||||
case CRYPTO_AES_128_NIST_GMAC: | case CRYPTO_AES_128_NIST_GMAC: | ||||
axf = &auth_hash_nist_gmac_aes_128; | axf = &auth_hash_nist_gmac_aes_128; | ||||
goto auth4common; | goto auth4common; | ||||
Context not available. | |||||
goto done; | goto done; | ||||
break; | break; | ||||
case CRYPTO_AES_CCM_16: | |||||
case CRYPTO_AES_NIST_GCM_16: | case CRYPTO_AES_NIST_GCM_16: | ||||
case CRYPTO_AES_NIST_GMAC: | case CRYPTO_AES_NIST_GMAC: | ||||
case CRYPTO_AES_128_NIST_GMAC: | case CRYPTO_AES_128_NIST_GMAC: | ||||
case CRYPTO_AES_192_NIST_GMAC: | case CRYPTO_AES_192_NIST_GMAC: | ||||
case CRYPTO_AES_256_NIST_GMAC: | case CRYPTO_AES_256_NIST_GMAC: | ||||
case CRYPTO_AES_128_CCM_CBC_MAC: | |||||
case CRYPTO_AES_192_CCM_CBC_MAC: | |||||
case CRYPTO_AES_256_CCM_CBC_MAC: | |||||
crp->crp_etype = swcr_authenc(crp); | crp->crp_etype = swcr_authenc(crp); | ||||
goto done; | goto done; | ||||
Context not available. | |||||
REGISTER(CRYPTO_BLAKE2B); | REGISTER(CRYPTO_BLAKE2B); | ||||
REGISTER(CRYPTO_BLAKE2S); | REGISTER(CRYPTO_BLAKE2S); | ||||
REGISTER(CRYPTO_CHACHA20); | REGISTER(CRYPTO_CHACHA20); | ||||
REGISTER(CRYPTO_AES_CCM_16); | |||||
REGISTER(CRYPTO_AES_128_CCM_CBC_MAC); | |||||
REGISTER(CRYPTO_AES_192_CCM_CBC_MAC); | |||||
REGISTER(CRYPTO_AES_256_CCM_CBC_MAC); | |||||
#undef REGISTER | #undef REGISTER | ||||
return 0; | return 0; | ||||
Context not available. |