Changeset View
Changeset View
Standalone View
Standalone View
head/sys/opencrypto/cryptodev.c
Show First 20 Lines • Show All 380 Lines • ▼ Show 20 Lines | #define SES2(p) ((struct session2_op *)p) | ||||
crypto_session_t cses; | crypto_session_t cses; | ||||
u_int32_t ses; | u_int32_t ses; | ||||
int error = 0, crid; | int error = 0, crid; | ||||
#ifdef COMPAT_FREEBSD32 | #ifdef COMPAT_FREEBSD32 | ||||
struct session2_op sopc; | struct session2_op sopc; | ||||
struct crypt_op copc; | struct crypt_op copc; | ||||
struct crypt_kop kopc; | struct crypt_kop kopc; | ||||
#endif | #endif | ||||
static struct timeval arc4warn, blfwarn, castwarn, deswarn, md5warn; | |||||
static struct timeval skipwarn, tdeswarn; | |||||
static struct timeval warninterval = { .tv_sec = 60, .tv_usec = 0 }; | |||||
switch (cmd) { | switch (cmd) { | ||||
case CIOCGSESSION: | case CIOCGSESSION: | ||||
case CIOCGSESSION2: | case CIOCGSESSION2: | ||||
#ifdef COMPAT_FREEBSD32 | #ifdef COMPAT_FREEBSD32 | ||||
case CIOCGSESSION32: | case CIOCGSESSION32: | ||||
case CIOCGSESSION232: | case CIOCGSESSION232: | ||||
if (cmd == CIOCGSESSION32) { | if (cmd == CIOCGSESSION32) { | ||||
session_op_from_32(data, (struct session_op *)&sopc); | session_op_from_32(data, (struct session_op *)&sopc); | ||||
sop = (struct session_op *)&sopc; | sop = (struct session_op *)&sopc; | ||||
} else if (cmd == CIOCGSESSION232) { | } else if (cmd == CIOCGSESSION232) { | ||||
session2_op_from_32(data, &sopc); | session2_op_from_32(data, &sopc); | ||||
sop = (struct session_op *)&sopc; | sop = (struct session_op *)&sopc; | ||||
} else | } else | ||||
#endif | #endif | ||||
sop = (struct session_op *)data; | sop = (struct session_op *)data; | ||||
switch (sop->cipher) { | switch (sop->cipher) { | ||||
case 0: | case 0: | ||||
break; | break; | ||||
case CRYPTO_DES_CBC: | case CRYPTO_DES_CBC: | ||||
if (ratecheck(&deswarn, &warninterval)) | |||||
gone_in(13, "DES cipher via /dev/crypto"); | |||||
txform = &enc_xform_des; | txform = &enc_xform_des; | ||||
break; | break; | ||||
case CRYPTO_3DES_CBC: | case CRYPTO_3DES_CBC: | ||||
if (ratecheck(&tdeswarn, &warninterval)) | |||||
gone_in(13, "3DES cipher via /dev/crypto"); | |||||
txform = &enc_xform_3des; | txform = &enc_xform_3des; | ||||
break; | break; | ||||
case CRYPTO_BLF_CBC: | case CRYPTO_BLF_CBC: | ||||
if (ratecheck(&blfwarn, &warninterval)) | |||||
gone_in(13, "Blowfish cipher via /dev/crypto"); | |||||
txform = &enc_xform_blf; | txform = &enc_xform_blf; | ||||
break; | break; | ||||
case CRYPTO_CAST_CBC: | case CRYPTO_CAST_CBC: | ||||
if (ratecheck(&castwarn, &warninterval)) | |||||
gone_in(13, "CAST128 cipher via /dev/crypto"); | |||||
txform = &enc_xform_cast5; | txform = &enc_xform_cast5; | ||||
break; | break; | ||||
case CRYPTO_SKIPJACK_CBC: | case CRYPTO_SKIPJACK_CBC: | ||||
if (ratecheck(&skipwarn, &warninterval)) | |||||
gone_in(13, "Skipjack cipher via /dev/crypto"); | |||||
txform = &enc_xform_skipjack; | txform = &enc_xform_skipjack; | ||||
break; | break; | ||||
case CRYPTO_AES_CBC: | case CRYPTO_AES_CBC: | ||||
txform = &enc_xform_rijndael128; | txform = &enc_xform_rijndael128; | ||||
break; | break; | ||||
case CRYPTO_AES_XTS: | case CRYPTO_AES_XTS: | ||||
txform = &enc_xform_aes_xts; | txform = &enc_xform_aes_xts; | ||||
break; | break; | ||||
case CRYPTO_NULL_CBC: | case CRYPTO_NULL_CBC: | ||||
txform = &enc_xform_null; | txform = &enc_xform_null; | ||||
break; | break; | ||||
case CRYPTO_ARC4: | case CRYPTO_ARC4: | ||||
if (ratecheck(&arc4warn, &warninterval)) | |||||
gone_in(13, "ARC4 cipher via /dev/crypto"); | |||||
txform = &enc_xform_arc4; | txform = &enc_xform_arc4; | ||||
break; | break; | ||||
case CRYPTO_CAMELLIA_CBC: | case CRYPTO_CAMELLIA_CBC: | ||||
txform = &enc_xform_camellia; | txform = &enc_xform_camellia; | ||||
break; | break; | ||||
case CRYPTO_AES_ICM: | case CRYPTO_AES_ICM: | ||||
txform = &enc_xform_aes_icm; | txform = &enc_xform_aes_icm; | ||||
break; | break; | ||||
Show All 12 Lines | default: | ||||
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
switch (sop->mac) { | switch (sop->mac) { | ||||
case 0: | case 0: | ||||
break; | break; | ||||
case CRYPTO_MD5_HMAC: | case CRYPTO_MD5_HMAC: | ||||
if (ratecheck(&md5warn, &warninterval)) | |||||
gone_in(13, | |||||
"MD5-HMAC authenticator via /dev/crypto"); | |||||
thash = &auth_hash_hmac_md5; | thash = &auth_hash_hmac_md5; | ||||
break; | break; | ||||
case CRYPTO_POLY1305: | case CRYPTO_POLY1305: | ||||
thash = &auth_hash_poly1305; | thash = &auth_hash_poly1305; | ||||
break; | break; | ||||
case CRYPTO_SHA1_HMAC: | case CRYPTO_SHA1_HMAC: | ||||
thash = &auth_hash_hmac_sha1; | thash = &auth_hash_hmac_sha1; | ||||
break; | break; | ||||
▲ Show 20 Lines • Show All 1,043 Lines • Show Last 20 Lines |