Changeset View
Changeset View
Standalone View
Standalone View
head/sys/opencrypto/cryptodev.c
| Show First 20 Lines • Show All 380 Lines • ▼ Show 20 Lines | #define SES2(p) ((struct session2_op *)p) | ||||
| crypto_session_t cses; | crypto_session_t cses; | ||||
| u_int32_t ses; | u_int32_t ses; | ||||
| int error = 0, crid; | int error = 0, crid; | ||||
| #ifdef COMPAT_FREEBSD32 | #ifdef COMPAT_FREEBSD32 | ||||
| struct session2_op sopc; | struct session2_op sopc; | ||||
| struct crypt_op copc; | struct crypt_op copc; | ||||
| struct crypt_kop kopc; | struct crypt_kop kopc; | ||||
| #endif | #endif | ||||
| static struct timeval arc4warn, blfwarn, castwarn, deswarn, md5warn; | |||||
| static struct timeval skipwarn, tdeswarn; | |||||
| static struct timeval warninterval = { .tv_sec = 60, .tv_usec = 0 }; | |||||
| switch (cmd) { | switch (cmd) { | ||||
| case CIOCGSESSION: | case CIOCGSESSION: | ||||
| case CIOCGSESSION2: | case CIOCGSESSION2: | ||||
| #ifdef COMPAT_FREEBSD32 | #ifdef COMPAT_FREEBSD32 | ||||
| case CIOCGSESSION32: | case CIOCGSESSION32: | ||||
| case CIOCGSESSION232: | case CIOCGSESSION232: | ||||
| if (cmd == CIOCGSESSION32) { | if (cmd == CIOCGSESSION32) { | ||||
| session_op_from_32(data, (struct session_op *)&sopc); | session_op_from_32(data, (struct session_op *)&sopc); | ||||
| sop = (struct session_op *)&sopc; | sop = (struct session_op *)&sopc; | ||||
| } else if (cmd == CIOCGSESSION232) { | } else if (cmd == CIOCGSESSION232) { | ||||
| session2_op_from_32(data, &sopc); | session2_op_from_32(data, &sopc); | ||||
| sop = (struct session_op *)&sopc; | sop = (struct session_op *)&sopc; | ||||
| } else | } else | ||||
| #endif | #endif | ||||
| sop = (struct session_op *)data; | sop = (struct session_op *)data; | ||||
| switch (sop->cipher) { | switch (sop->cipher) { | ||||
| case 0: | case 0: | ||||
| break; | break; | ||||
| case CRYPTO_DES_CBC: | case CRYPTO_DES_CBC: | ||||
| if (ratecheck(&deswarn, &warninterval)) | |||||
| gone_in(13, "DES cipher via /dev/crypto"); | |||||
| txform = &enc_xform_des; | txform = &enc_xform_des; | ||||
| break; | break; | ||||
| case CRYPTO_3DES_CBC: | case CRYPTO_3DES_CBC: | ||||
| if (ratecheck(&tdeswarn, &warninterval)) | |||||
| gone_in(13, "3DES cipher via /dev/crypto"); | |||||
| txform = &enc_xform_3des; | txform = &enc_xform_3des; | ||||
| break; | break; | ||||
| case CRYPTO_BLF_CBC: | case CRYPTO_BLF_CBC: | ||||
| if (ratecheck(&blfwarn, &warninterval)) | |||||
| gone_in(13, "Blowfish cipher via /dev/crypto"); | |||||
| txform = &enc_xform_blf; | txform = &enc_xform_blf; | ||||
| break; | break; | ||||
| case CRYPTO_CAST_CBC: | case CRYPTO_CAST_CBC: | ||||
| if (ratecheck(&castwarn, &warninterval)) | |||||
| gone_in(13, "CAST128 cipher via /dev/crypto"); | |||||
| txform = &enc_xform_cast5; | txform = &enc_xform_cast5; | ||||
| break; | break; | ||||
| case CRYPTO_SKIPJACK_CBC: | case CRYPTO_SKIPJACK_CBC: | ||||
| if (ratecheck(&skipwarn, &warninterval)) | |||||
| gone_in(13, "Skipjack cipher via /dev/crypto"); | |||||
| txform = &enc_xform_skipjack; | txform = &enc_xform_skipjack; | ||||
| break; | break; | ||||
| case CRYPTO_AES_CBC: | case CRYPTO_AES_CBC: | ||||
| txform = &enc_xform_rijndael128; | txform = &enc_xform_rijndael128; | ||||
| break; | break; | ||||
| case CRYPTO_AES_XTS: | case CRYPTO_AES_XTS: | ||||
| txform = &enc_xform_aes_xts; | txform = &enc_xform_aes_xts; | ||||
| break; | break; | ||||
| case CRYPTO_NULL_CBC: | case CRYPTO_NULL_CBC: | ||||
| txform = &enc_xform_null; | txform = &enc_xform_null; | ||||
| break; | break; | ||||
| case CRYPTO_ARC4: | case CRYPTO_ARC4: | ||||
| if (ratecheck(&arc4warn, &warninterval)) | |||||
| gone_in(13, "ARC4 cipher via /dev/crypto"); | |||||
| txform = &enc_xform_arc4; | txform = &enc_xform_arc4; | ||||
| break; | break; | ||||
| case CRYPTO_CAMELLIA_CBC: | case CRYPTO_CAMELLIA_CBC: | ||||
| txform = &enc_xform_camellia; | txform = &enc_xform_camellia; | ||||
| break; | break; | ||||
| case CRYPTO_AES_ICM: | case CRYPTO_AES_ICM: | ||||
| txform = &enc_xform_aes_icm; | txform = &enc_xform_aes_icm; | ||||
| break; | break; | ||||
| Show All 12 Lines | default: | ||||
| SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | ||||
| return (EINVAL); | return (EINVAL); | ||||
| } | } | ||||
| switch (sop->mac) { | switch (sop->mac) { | ||||
| case 0: | case 0: | ||||
| break; | break; | ||||
| case CRYPTO_MD5_HMAC: | case CRYPTO_MD5_HMAC: | ||||
| if (ratecheck(&md5warn, &warninterval)) | |||||
| gone_in(13, | |||||
| "MD5-HMAC authenticator via /dev/crypto"); | |||||
| thash = &auth_hash_hmac_md5; | thash = &auth_hash_hmac_md5; | ||||
| break; | break; | ||||
| case CRYPTO_POLY1305: | case CRYPTO_POLY1305: | ||||
| thash = &auth_hash_poly1305; | thash = &auth_hash_poly1305; | ||||
| break; | break; | ||||
| case CRYPTO_SHA1_HMAC: | case CRYPTO_SHA1_HMAC: | ||||
| thash = &auth_hash_hmac_sha1; | thash = &auth_hash_hmac_sha1; | ||||
| break; | break; | ||||
| ▲ Show 20 Lines • Show All 1,043 Lines • Show Last 20 Lines | |||||