Page MenuHomeFreeBSD
Differential D18520 Diff 51944 sys/opencrypto/cryptosoft.c

Changeset View

Standalone View

View Options

sys/opencrypto/cryptosoft.c

Show First 20 LinesShow All 500 Lines▼ Show 20 Linesswcr_authenc(struct cryptop *crp)
struct swcr_session *ses; struct swcr_session *ses;
struct cryptodesc *crd, *crda = NULL, *crde = NULL; struct cryptodesc *crd, *crda = NULL, *crde = NULL;
struct swcr_data *sw, *swa, *swe = NULL; struct swcr_data *sw, *swa, *swe = NULL;
struct auth_hash *axf = NULL; struct auth_hash *axf = NULL;
struct enc_xform *exf = NULL; struct enc_xform *exf = NULL;
caddr_t buf = (caddr_t)crp->crp_buf; caddr_t buf = (caddr_t)crp->crp_buf;
uint32_t *blkp; uint32_t *blkp;
int aadlen, blksz, i, ivlen, len, iskip, oskip, r; int aadlen, blksz, i, ivlen, len, iskip, oskip, r;
int isccm = 0;
ivlen = blksz = iskip = oskip = 0; ivlen = blksz = iskip = oskip = 0;
ses = crypto_get_driver_session(crp->crp_session); ses = crypto_get_driver_session(crp->crp_session);
for (crd = crp->crp_desc; crd; crd = crd->crd_next) { for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
for (i = 0; i < nitems(ses->swcr_algorithms) && for (i = 0; i < nitems(ses->swcr_algorithms) &&
ses->swcr_algorithms[i].sw_alg != crd->crd_alg; i++) ses->swcr_algorithms[i].sw_alg != crd->crd_alg; i++)
; ;
if (i == nitems(ses->swcr_algorithms)) if (i == nitems(ses->swcr_algorithms))
return (EINVAL); return (EINVAL);
sw = &ses->swcr_algorithms[i]; sw = &ses->swcr_algorithms[i];
switch (sw->sw_alg) { switch (sw->sw_alg) {
case CRYPTO_AES_CCM_16:
isccm = 1;
case CRYPTO_AES_NIST_GCM_16: case CRYPTO_AES_NIST_GCM_16:
case CRYPTO_AES_NIST_GMAC: case CRYPTO_AES_NIST_GMAC:
swe = sw; swe = sw;
crde = crd; crde = crd;
exf = swe->sw_exf; exf = swe->sw_exf;
ivlen = 12; ivlen = 12;
break; break;
case CRYPTO_AES_128_CCM_CBC_MAC:
case CRYPTO_AES_192_CCM_CBC_MAC:
case CRYPTO_AES_256_CCM_CBC_MAC:
isccm = 1;
case CRYPTO_AES_128_NIST_GMAC: case CRYPTO_AES_128_NIST_GMAC:
case CRYPTO_AES_192_NIST_GMAC: case CRYPTO_AES_192_NIST_GMAC:
case CRYPTO_AES_256_NIST_GMAC: case CRYPTO_AES_256_NIST_GMAC:
swa = sw; swa = sw;
crda = crd; crda = crd;
axf = swa->sw_axf; axf = swa->sw_axf;
if (swa->sw_ictx == 0) if (swa->sw_ictx == 0)
return (EINVAL); return (EINVAL);
bcopy(swa->sw_ictx, &ctx, axf->ctxsize); bcopy(swa->sw_ictx, &ctx, axf->ctxsize);
blksz = axf->blocksize; blksz = axf->blocksize;
break; break;
default: default:
return (EINVAL); return (EINVAL);
} }
} }
if (crde == NULL || crda == NULL) if (crde == NULL || crda == NULL)
return (EINVAL); return (EINVAL);
if (crde->crd_alg == CRYPTO_AES_NIST_GCM_16 && if ((crde->crd_alg == CRYPTO_AES_NIST_GCM_16 ||
crde->crd_alg == CRYPTO_AES_CCM_16) &&
(crde->crd_flags & CRD_F_IV_EXPLICIT) == 0) (crde->crd_flags & CRD_F_IV_EXPLICIT) == 0)
return (EINVAL); return (EINVAL);
if (crde->crd_klen != crda->crd_klen) if (crde->crd_klen != crda->crd_klen)
return (EINVAL); return (EINVAL);
/* Initialize the IV */ /* Initialize the IV */
if (crde->crd_flags & CRD_F_ENCRYPT) { if (crde->crd_flags & CRD_F_ENCRYPT) {
Show All 14 Lines if (crde->crd_flags & CRD_F_IV_EXPLICIT)
bcopy(crde->crd_iv, iv, ivlen); bcopy(crde->crd_iv, iv, ivlen);
else { else {
/* Get IV off buf */ /* Get IV off buf */
crypto_copydata(crp->crp_flags, buf, crde->crd_inject, crypto_copydata(crp->crp_flags, buf, crde->crd_inject,
ivlen, iv); ivlen, iv);
} }
} }
if (swa) {
switch (swa->sw_alg) {
case CRYPTO_AES_128_CCM_CBC_MAC:
case CRYPTO_AES_192_CCM_CBC_MAC:
case CRYPTO_AES_256_CCM_CBC_MAC:
/*
* AES CCM-CBC needs to know the length of
* both the auth data, and payload data, before
* doing the auth computation.
*/
ctx.aes_cbc_mac_ctx.authDataLength = crda->crd_len;
ctx.aes_cbc_mac_ctx.cryptDataLength = crde->crd_len;
break;
}
}
/* Supply MAC with IV */ /* Supply MAC with IV */
if (axf->Reinit) if (axf->Reinit)
axf->Reinit(&ctx, iv, ivlen); axf->Reinit(&ctx, iv, ivlen);
/* Supply MAC with AAD */ /* Supply MAC with AAD */
aadlen = crda->crd_len; aadlen = crda->crd_len;
for (i = iskip; i < crda->crd_len; i += blksz) { for (i = iskip; i < crda->crd_len; i += blksz) {
Show All 19 Lines for (i = 0; i < crde->crd_len; i += len) {
} else } else
len = blksz; len = blksz;
len = MIN(crde->crd_len - i, len); len = MIN(crde->crd_len - i, len);
if (len < blksz) if (len < blksz)
bzero(blk, blksz); bzero(blk, blksz);
crypto_copydata(crp->crp_flags, buf, crde->crd_skip + i, len, crypto_copydata(crp->crp_flags, buf, crde->crd_skip + i, len,
blk); blk);
if (crde->crd_flags & CRD_F_ENCRYPT) { if (crde->crd_flags & CRD_F_ENCRYPT) {
if (isccm)
axf->Update(&ctx, blk, len);
if (exf->encrypt_multi != NULL) if (exf->encrypt_multi != NULL)
exf->encrypt_multi(swe->sw_kschedule, blk, exf->encrypt_multi(swe->sw_kschedule, blk,
len); len);
else else
exf->encrypt(swe->sw_kschedule, blk); exf->encrypt(swe->sw_kschedule, blk);
if (!isccm)
axf->Update(&ctx, blk, len); axf->Update(&ctx, blk, len);
crypto_copyback(crp->crp_flags, buf, crypto_copyback(crp->crp_flags, buf,
crde->crd_skip + i, len, blk); crde->crd_skip + i, len, blk);
} else { } else {
if (isccm)
exf->decrypt(swe->sw_kschedule, blk);
axf->Update(&ctx, blk, len); axf->Update(&ctx, blk, len);
} }
} }
/* Do any required special finalization */ /* Do any required special finalization */
switch (crda->crd_alg) { switch (crda->crd_alg) {
case CRYPTO_AES_128_NIST_GMAC: case CRYPTO_AES_128_NIST_GMAC:
case CRYPTO_AES_192_NIST_GMAC: case CRYPTO_AES_192_NIST_GMAC:
Show All 14 Linesswcr_authenc(struct cryptop *crp)
/* Validate tag */ /* Validate tag */
if (!(crde->crd_flags & CRD_F_ENCRYPT)) { if (!(crde->crd_flags & CRD_F_ENCRYPT)) {
crypto_copydata(crp->crp_flags, buf, crda->crd_inject, crypto_copydata(crp->crp_flags, buf, crda->crd_inject,
axf->hashsize, uaalg); axf->hashsize, uaalg);
r = timingsafe_bcmp(aalg, uaalg, axf->hashsize); r = timingsafe_bcmp(aalg, uaalg, axf->hashsize);
if (r == 0) { if (r == 0) {
/* tag matches, decrypt data */ /* tag matches, decrypt data */
if (isccm && exf->reinit)
exf->reinit(swe->sw_kschedule, iv);
for (i = 0; i < crde->crd_len; i += blksz) { for (i = 0; i < crde->crd_len; i += blksz) {
len = MIN(crde->crd_len - i, blksz); len = MIN(crde->crd_len - i, blksz);
if (len < blksz) if (len < blksz)
bzero(blk, blksz); bzero(blk, blksz);
crypto_copydata(crp->crp_flags, buf, crypto_copydata(crp->crp_flags, buf,
crde->crd_skip + i, len, blk); crde->crd_skip + i, len, blk);
exf->decrypt(swe->sw_kschedule, blk); exf->decrypt(swe->sw_kschedule, blk);
crypto_copyback(crp->crp_flags, buf, crypto_copyback(crp->crp_flags, buf,
▲ Show 20 LinesShow All 133 Lines▼ Show 20 Lines case CRYPTO_AES_XTS:
txf = &enc_xform_aes_xts; txf = &enc_xform_aes_xts;
goto enccommon; goto enccommon;
case CRYPTO_AES_ICM: case CRYPTO_AES_ICM:
txf = &enc_xform_aes_icm; txf = &enc_xform_aes_icm;
goto enccommon; goto enccommon;
case CRYPTO_AES_NIST_GCM_16: case CRYPTO_AES_NIST_GCM_16:
txf = &enc_xform_aes_nist_gcm; txf = &enc_xform_aes_nist_gcm;
goto enccommon; goto enccommon;
case CRYPTO_AES_CCM_16:
txf = &enc_xform_ccm;
goto enccommon;
case CRYPTO_AES_NIST_GMAC: case CRYPTO_AES_NIST_GMAC:
txf = &enc_xform_aes_nist_gmac; txf = &enc_xform_aes_nist_gmac;
swd->sw_exf = txf; swd->sw_exf = txf;
break; break;
case CRYPTO_CAMELLIA_CBC: case CRYPTO_CAMELLIA_CBC:
txf = &enc_xform_camellia; txf = &enc_xform_camellia;
goto enccommon; goto enccommon;
case CRYPTO_NULL_CBC: case CRYPTO_NULL_CBC:
▲ Show 20 LinesShow All 128 Lines▼ Show 20 Lines auth3common:
return ENOBUFS; return ENOBUFS;
} }
axf->Init(swd->sw_ictx); axf->Init(swd->sw_ictx);
swd->sw_mlen = cri->cri_mlen; swd->sw_mlen = cri->cri_mlen;
swd->sw_axf = axf; swd->sw_axf = axf;
break; break;
case CRYPTO_AES_128_CCM_CBC_MAC:
axf = &auth_hash_ccm_cbc_mac_128;
goto auth4common;
case CRYPTO_AES_192_CCM_CBC_MAC:
axf = &auth_hash_ccm_cbc_mac_192;
goto auth4common;
case CRYPTO_AES_256_CCM_CBC_MAC:
axf = &auth_hash_ccm_cbc_mac_256;
goto auth4common;
case CRYPTO_AES_128_NIST_GMAC: case CRYPTO_AES_128_NIST_GMAC:
axf = &auth_hash_nist_gmac_aes_128; axf = &auth_hash_nist_gmac_aes_128;
goto auth4common; goto auth4common;
case CRYPTO_AES_192_NIST_GMAC: case CRYPTO_AES_192_NIST_GMAC:
axf = &auth_hash_nist_gmac_aes_192; axf = &auth_hash_nist_gmac_aes_192;
goto auth4common; goto auth4common;
▲ Show 20 LinesShow All 83 Lines▼ Show 20 Lines for (i = 0; i < nitems(ses->swcr_algorithms); i++) {
case CRYPTO_RIJNDAEL128_CBC: case CRYPTO_RIJNDAEL128_CBC:
case CRYPTO_AES_XTS: case CRYPTO_AES_XTS:
case CRYPTO_AES_ICM: case CRYPTO_AES_ICM:
case CRYPTO_AES_NIST_GCM_16: case CRYPTO_AES_NIST_GCM_16:
case CRYPTO_AES_NIST_GMAC: case CRYPTO_AES_NIST_GMAC:
case CRYPTO_CAMELLIA_CBC: case CRYPTO_CAMELLIA_CBC:
case CRYPTO_NULL_CBC: case CRYPTO_NULL_CBC:
case CRYPTO_CHACHA20: case CRYPTO_CHACHA20:
case CRYPTO_AES_CCM_16:
txf = swd->sw_exf; txf = swd->sw_exf;
if (swd->sw_kschedule) if (swd->sw_kschedule)
txf->zerokey(&(swd->sw_kschedule)); txf->zerokey(&(swd->sw_kschedule));
break; break;
case CRYPTO_MD5_HMAC: case CRYPTO_MD5_HMAC:
case CRYPTO_SHA1_HMAC: case CRYPTO_SHA1_HMAC:
case CRYPTO_SHA2_224_HMAC: case CRYPTO_SHA2_224_HMAC:
case CRYPTO_SHA2_256_HMAC: case CRYPTO_SHA2_256_HMAC:
case CRYPTO_SHA2_384_HMAC: case CRYPTO_SHA2_384_HMAC:
case CRYPTO_SHA2_512_HMAC: case CRYPTO_SHA2_512_HMAC:
case CRYPTO_RIPEMD160_HMAC: case CRYPTO_RIPEMD160_HMAC:
case CRYPTO_NULL_HMAC: case CRYPTO_NULL_HMAC:
case CRYPTO_AES_128_CCM_CBC_MAC:
case CRYPTO_AES_192_CCM_CBC_MAC:
case CRYPTO_AES_256_CCM_CBC_MAC:
axf = swd->sw_axf; axf = swd->sw_axf;
if (swd->sw_ictx) { if (swd->sw_ictx) {
bzero(swd->sw_ictx, axf->ctxsize); bzero(swd->sw_ictx, axf->ctxsize);
free(swd->sw_ictx, M_CRYPTO_DATA); free(swd->sw_ictx, M_CRYPTO_DATA);
} }
if (swd->sw_octx) { if (swd->sw_octx) {
bzero(swd->sw_octx, axf->ctxsize); bzero(swd->sw_octx, axf->ctxsize);
▲ Show 20 LinesShow All 121 Lines▼ Show 20 Lines for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
case CRYPTO_BLAKE2B: case CRYPTO_BLAKE2B:
case CRYPTO_BLAKE2S: case CRYPTO_BLAKE2S:
case CRYPTO_POLY1305: case CRYPTO_POLY1305:
if ((crp->crp_etype = swcr_authcompute(crd, sw, if ((crp->crp_etype = swcr_authcompute(crd, sw,
crp->crp_buf, crp->crp_flags)) != 0) crp->crp_buf, crp->crp_flags)) != 0)
goto done; goto done;
break; break;
case CRYPTO_AES_CCM_16:
case CRYPTO_AES_NIST_GCM_16: case CRYPTO_AES_NIST_GCM_16:
case CRYPTO_AES_NIST_GMAC: case CRYPTO_AES_NIST_GMAC:
case CRYPTO_AES_128_NIST_GMAC: case CRYPTO_AES_128_NIST_GMAC:
case CRYPTO_AES_192_NIST_GMAC: case CRYPTO_AES_192_NIST_GMAC:
case CRYPTO_AES_256_NIST_GMAC: case CRYPTO_AES_256_NIST_GMAC:
case CRYPTO_AES_128_CCM_CBC_MAC:
case CRYPTO_AES_192_CCM_CBC_MAC:
case CRYPTO_AES_256_CCM_CBC_MAC:
crp->crp_etype = swcr_authenc(crp); crp->crp_etype = swcr_authenc(crp);
goto done; goto done;
case CRYPTO_DEFLATE_COMP: case CRYPTO_DEFLATE_COMP:
if ((crp->crp_etype = swcr_compdec(crd, sw, if ((crp->crp_etype = swcr_compdec(crd, sw,
crp->crp_buf, crp->crp_flags)) != 0) crp->crp_buf, crp->crp_flags)) != 0)
goto done; goto done;
else else
▲ Show 20 LinesShow All 69 Lines▼ Show 20 Lines#define REGISTER(alg) \
REGISTER(CRYPTO_RIJNDAEL128_CBC); REGISTER(CRYPTO_RIJNDAEL128_CBC);
REGISTER(CRYPTO_AES_XTS); REGISTER(CRYPTO_AES_XTS);
REGISTER(CRYPTO_AES_ICM); REGISTER(CRYPTO_AES_ICM);
REGISTER(CRYPTO_AES_NIST_GCM_16); REGISTER(CRYPTO_AES_NIST_GCM_16);
REGISTER(CRYPTO_AES_NIST_GMAC); REGISTER(CRYPTO_AES_NIST_GMAC);
REGISTER(CRYPTO_AES_128_NIST_GMAC); REGISTER(CRYPTO_AES_128_NIST_GMAC);
REGISTER(CRYPTO_AES_192_NIST_GMAC); REGISTER(CRYPTO_AES_192_NIST_GMAC);
REGISTER(CRYPTO_AES_256_NIST_GMAC); REGISTER(CRYPTO_AES_256_NIST_GMAC);
REGISTER(CRYPTO_CAMELLIA_CBC); REGISTER(CRYPTO_CAMELLIA_CBC);
grahamperrinUnsubmitted
Not Done
Inline Actions

Nit: ragged. (White space?)

grahamperrin: Nit: ragged. (White space?)
REGISTER(CRYPTO_DEFLATE_COMP); REGISTER(CRYPTO_DEFLATE_COMP);
REGISTER(CRYPTO_BLAKE2B); REGISTER(CRYPTO_BLAKE2B);
REGISTER(CRYPTO_BLAKE2S); REGISTER(CRYPTO_BLAKE2S);
REGISTER(CRYPTO_CHACHA20); REGISTER(CRYPTO_CHACHA20);
REGISTER(CRYPTO_AES_CCM_16);
REGISTER(CRYPTO_AES_128_CCM_CBC_MAC);
REGISTER(CRYPTO_AES_192_CCM_CBC_MAC);
REGISTER(CRYPTO_AES_256_CCM_CBC_MAC);
REGISTER(CRYPTO_POLY1305); REGISTER(CRYPTO_POLY1305);
#undef REGISTER #undef REGISTER
return 0; return 0;
} }
static int static int
swcr_detach(device_t dev) swcr_detach(device_t dev)
Show All 37 Lines