Page MenuHomeFreeBSD
Differential D22784 Diff 65761 head/share/man/man9/crypto.9

Changeset View

Standalone View

View Options

head/share/man/man9/crypto.9

Show All 20 Lines
.Dt CRYPTO 9 .Dt CRYPTO 9
.Os .Os
.Sh NAME .Sh NAME
.Nm crypto .Nm crypto
.Nd API for cryptographic services in the kernel .Nd API for cryptographic services in the kernel
.Sh SYNOPSIS .Sh SYNOPSIS
.In opencrypto/cryptodev.h .In opencrypto/cryptodev.h
.Ft int32_t .Ft int32_t
.Fn crypto_get_driverid device_t size_t int .Fn crypto_get_driverid "device_t dev" "size_t session_size" "int flags"
.Ft int .Ft int
.Fn crypto_register uint32_t int uint16_t uint32_t "int \*[lp]*\*[rp]\*[lp]void *, uint32_t *, struct cryptoini *\*[rp]" "int \*[lp]*\*[rp]\*[lp]void *, uint64_t\*[rp]" "int \*[lp]*\*[rp]\*[lp]void *, struct cryptop *\*[rp]" "void *" .Fn crypto_register "uint32_t driverid" "int alg" "uint16_t maxoplen" "uint32_t flags"
.Ft int .Ft int
.Fn crypto_kregister uint32_t int uint32_t "int \*[lp]*\*[rp]\*[lp]void *, struct cryptkop *\*[rp]" "void *" .Fn crypto_kregister "uint32_t driverid" "int kalg" "uint32_t flags"
.Ft int .Ft int
.Fn crypto_unregister uint32_t int .Fn crypto_unregister "uint32_t driverid" "int alg"
.Ft int .Ft int
.Fn crypto_unregister_all uint32_t .Fn crypto_unregister_all "uint32_t driverid"
.Ft void .Ft void
.Fn crypto_done "struct cryptop *" .Fn crypto_done "struct cryptop *crp"
.Ft void .Ft void
.Fn crypto_kdone "struct cryptkop *" .Fn crypto_kdone "struct cryptkop *krp"
.Ft int .Ft int
.Fn crypto_find_driver "const char *" .Fn crypto_find_driver "const char *match"
.Ft int .Ft int
.Fn crypto_newsession "crypto_session_t *" "struct cryptoini *" int .Fn crypto_newsession "crypto_session_t *cses" "struct cryptoini *cri" "int crid"
.Ft int .Ft int
.Fn crypto_freesession crypto_session_t .Fn crypto_freesession "crypto_session_t cses"
.Ft int .Ft int
.Fn crypto_dispatch "struct cryptop *" .Fn crypto_dispatch "struct cryptop *crp"
.Ft int .Ft int
.Fn crypto_kdispatch "struct cryptkop *" .Fn crypto_kdispatch "struct cryptkop *krp"
.Ft int .Ft int
.Fn crypto_unblock uint32_t int .Fn crypto_unblock "uint32_t driverid" "int what"
.Ft "struct cryptop *" .Ft "struct cryptop *"
.Fn crypto_getreq int .Fn crypto_getreq "int num"
.Ft void .Ft void
.Fn crypto_freereq void .Fn crypto_freereq "struct cryptop *crp"
.Bd -literal .Bd -literal
#define CRYPTO_SYMQ 0x1 #define CRYPTO_SYMQ 0x1
#define CRYPTO_ASYMQ 0x2 #define CRYPTO_ASYMQ 0x2
#define EALG_MAX_BLOCK_LEN 16 #define EALG_MAX_BLOCK_LEN 16
struct cryptoini { struct cryptoini {
int cri_alg; int cri_alg;
▲ Show 20 LinesShow All 89 Lines▼ Show 20 Lines
request may be re-submitted immediately with the new session. request may be re-submitted immediately with the new session.
Errors are only returned to the invoking function if not Errors are only returned to the invoking function if not
enough information to call the callback is available (meaning, there enough information to call the callback is available (meaning, there
was a fatal error in verifying the arguments). was a fatal error in verifying the arguments).
For session initialization and teardown no callback mechanism is used. For session initialization and teardown no callback mechanism is used.
.Pp .Pp
The The
.Fn crypto_find_driver .Fn crypto_find_driver
function may be called to return the specific id of the provided name. returns the driver id of the device whose name matches
If the specified driver could not be found, the returned id is -1. .Fa match .
.Fa match
can either be the exact name of a device including the unit
or the driver name without a unit.
In the latter case,
the id of the first device with the matching driver name is returned.
If no matching device is found,
the value -1 is returned.
.Pp .Pp
The The
.Fn crypto_newsession .Fn crypto_newsession
routine is called by consumers of cryptographic services (such as the routine is called by consumers of cryptographic services (such as the
.Xr ipsec 4 .Xr ipsec 4
stack) that wish to establish a new session with the framework. stack) that wish to establish a new session with the framework.
The second argument contains all the necessary information for The
.Fa cri
argument points to a
.Vt cryptoini
structure containing all the necessary information for
the driver to establish the session. the driver to establish the session.
The third argument is either a specific driver id, or one or both The
of .Fa crid
argument is either a specific driver id or a bitmask of flags.
The flags are
.Dv CRYPTOCAP_F_HARDWARE , .Dv CRYPTOCAP_F_HARDWARE ,
to select hardware devices, to select hardware devices,
or or
.Dv CRYPTOCAP_F_SOFTWARE , .Dv CRYPTOCAP_F_SOFTWARE ,
to select software devices. to select software devices.
If both are specified, a hardware device will be returned If both are specified, hardware devices are preferred over software
before a software device will be. devices.
On success, the value pointed to by the first argument will be the opaque On success, the opaque session handle of the new session will be stored in
session handle. .Fa *cses .
The various fields in the The
.Vt cryptoini .Vt cryptoini
structure are: structure pointed to by
.Fa cri
contains these fields:
.Bl -tag -width ".Va cri_next" .Bl -tag -width ".Va cri_next"
.It Va cri_alg .It Va cri_alg
Contains an algorithm identifier. An algorithm identifier.
Currently supported algorithms are: Currently supported algorithms are:
.Pp .Pp
.Bl -tag -width ".Dv CRYPTO_RIPEMD160_HMAC" -compact .Bl -tag -width ".Dv CRYPTO_RIPEMD160_HMAC" -compact
.It Dv CRYPTO_AES_128_NIST_GMAC .It Dv CRYPTO_AES_128_NIST_GMAC
.It Dv CRYPTO_AES_192_NIST_GMAC .It Dv CRYPTO_AES_192_NIST_GMAC
.It Dv CRYPTO_AES_256_NIST_GMAC .It Dv CRYPTO_AES_256_NIST_GMAC
.It Dv CRYPTO_AES_CBC .It Dv CRYPTO_AES_CBC
.It Dv CRYPTO_AES_CCM_16
.It Dv CRYPTO_AES_CCM_CBC_MAC
.It Dv CRYPTO_AES_ICM .It Dv CRYPTO_AES_ICM
.It Dv CRYPTO_AES_NIST_GCM_16 .It Dv CRYPTO_AES_NIST_GCM_16
.It Dv CRYPTO_AES_NIST_GMAC .It Dv CRYPTO_AES_NIST_GMAC
.It Dv CRYPTO_AES_XTS .It Dv CRYPTO_AES_XTS
.It Dv CRYPTO_ARC4 .It Dv CRYPTO_ARC4
.It Dv CRYPTO_BLAKE2B
.It Dv CRYPTO_BLAKE2S
.It Dv CRYPTO_BLF_CBC .It Dv CRYPTO_BLF_CBC
.It Dv CRYPTO_CAMELLIA_CBC .It Dv CRYPTO_CAMELLIA_CBC
.It Dv CRYPTO_CAST_CBC .It Dv CRYPTO_CAST_CBC
.It Dv CRYPTO_CHACHA20
.It Dv CRYPTO_DEFLATE_COMP .It Dv CRYPTO_DEFLATE_COMP
.It Dv CRYPTO_DES_CBC .It Dv CRYPTO_DES_CBC
.It Dv CRYPTO_3DES_CBC .It Dv CRYPTO_3DES_CBC
.It Dv CRYPTO_MD5 .It Dv CRYPTO_MD5
.It Dv CRYPTO_MD5_HMAC .It Dv CRYPTO_MD5_HMAC
.It Dv CRYPTO_MD5_KPDK .It Dv CRYPTO_MD5_KPDK
.It Dv CRYPTO_NULL_HMAC .It Dv CRYPTO_NULL_HMAC
.It Dv CRYPTO_NULL_CBC .It Dv CRYPTO_NULL_CBC
.It Dv CRYPTO_POLY1305
.It Dv CRYPTO_RIPEMD160
.It Dv CRYPTO_RIPEMD160_HMAC .It Dv CRYPTO_RIPEMD160_HMAC
.It Dv CRYPTO_SHA1 .It Dv CRYPTO_SHA1
.It Dv CRYPTO_SHA1_HMAC .It Dv CRYPTO_SHA1_HMAC
.It Dv CRYPTO_SHA1_KPDK .It Dv CRYPTO_SHA1_KPDK
.It Dv CRYPTO_SHA2_224
.It Dv CRYPTO_SHA2_224_HMAC
.It Dv CRYPTO_SHA2_256
.It Dv CRYPTO_SHA2_256_HMAC .It Dv CRYPTO_SHA2_256_HMAC
.It Dv CRYPTO_SHA2_384
.It Dv CRYPTO_SHA2_384_HMAC .It Dv CRYPTO_SHA2_384_HMAC
.It Dv CRYPTO_SHA2_512
.It Dv CRYPTO_SHA2_512_HMAC .It Dv CRYPTO_SHA2_512_HMAC
.It Dv CRYPTO_SKIPJACK_CBC .It Dv CRYPTO_SKIPJACK_CBC
.El .El
.It Va cri_klen .It Va cri_klen
Specifies the length of the key in bits, for variable-size key For variable-size key algorithms, the length of the key in bits.
algorithms.
.It Va cri_mlen .It Va cri_mlen
Specifies how many bytes from the calculated hash should be copied back. If non-zero, truncate the calculated hash to this many bytes.
0 means entire hash.
.It Va cri_key .It Va cri_key
Contains the key to be used with the algorithm. The key to be used.
.It Va cri_iv .It Va cri_iv
Contains an explicit initialization vector (IV), if it does not prefix An explicit initialization vector if it does not prefix
the data. the data.
This field is ignored during initialization This field is ignored during initialization
.Pq Nm crypto_newsession . .Pq Nm crypto_newsession .
If no IV is explicitly passed (see below on details), a random IV is used If no IV is explicitly passed (see below on details), a random IV is used
by the device driver processing the request. by the device driver processing the request.
.It Va cri_next .It Va cri_next
Contains a pointer to another Pointer to another
.Vt cryptoini .Vt cryptoini
structure. structure.
Multiple such structures may be linked to establish multi-algorithm sessions This is used to establish dual-algorithm sessions, such as combining a
.Xr ( ipsec 4 cipher with a MAC.
is an example consumer of such a feature).
.El .El
.Pp .Pp
The The
.Vt cryptoini .Vt cryptoini
structure and its contents will not be modified by the framework (or structure and its contents will not be modified or referenced by the
the drivers used). framework or any cryptographic drivers.
The memory associated with
.Fa cri
can be released once
.Fn crypto_newsession
returns.
.Pp .Pp
.Fn crypto_freesession .Fn crypto_freesession
is called with the session handle returned by is called with the session handle returned by
.Fn crypto_newsession .Fn crypto_newsession
to free the session. to free the session.
.Pp .Pp
.Fn crypto_dispatch .Fn crypto_dispatch
is called to process a request. is called to process a request.
The various fields in the The various fields in the
.Vt cryptop .Vt cryptop
structure are: structure are:
.Bl -tag -width ".Va crp_callback" .Bl -tag -width ".Va crp_callback"
.It Va crp_session .It Va crp_session
Contains the session handle. The session handle.
.It Va crp_ilen .It Va crp_ilen
Indicates the total length in bytes of the buffer to be processed. The total length in bytes of the buffer to be processed.
.It Va crp_olen .It Va crp_olen
On return, contains the total length of the result. On return, contains the total length of the result.
For symmetric crypto operations, this will be the same as the input length. For symmetric crypto operations, this will be the same as the input length.
This will be used if the framework needs to allocate a new This will be used if the framework needs to allocate a new
buffer for the result (or for re-formatting the input). buffer for the result (or for re-formatting the input).
.It Va crp_callback .It Va crp_callback
This routine is invoked upon completion of the request, whether Callback routine invoked when a request is completed via
successful or not. .Fn crypto_done .
It is invoked through the The callback routine should inspect the
.Fn crypto_done
routine.
If the request was not successful, an error code is set in the
.Va crp_etype .Va crp_etype
field. to determine if the request was successfully completed.
It is the responsibility of the callback routine to set the appropriate
.Xr spl 9
level.
.It Va crp_etype .It Va crp_etype
Contains the error type, if any errors were encountered, or zero if The error type, if any errors were encountered, or zero if
the request was successfully processed. the request was successfully processed.
If the If the
.Er EAGAIN .Er EAGAIN
error code is returned, the session handle has changed (and has been recorded error code is returned, the session handle has changed (and has been recorded
in the in the
.Va crp_session .Va crp_session
field). field).
The consumer should record the new session handle and use it in all subsequent The consumer should record the new session handle and use it in all subsequent
requests. requests.
In this case, the request may be re-submitted immediately. In this case, the request may be re-submitted immediately.
This mechanism is used by the framework to perform This mechanism is used by the framework to perform
session migration (move a session from one driver to another, because session migration (move a session from one driver to another, because
of availability, performance, or other considerations). of availability, performance, or other considerations).
.Pp .Pp
Note that this field only makes sense when examined by This field is only valid in the context of the callback routine specified by
the callback routine specified in
.Va crp_callback . .Va crp_callback .
Errors are returned to the invoker of Errors are returned to the invoker of
.Fn crypto_process .Fn crypto_process
only when enough information is not present to call the callback only when enough information is not present to call the callback
routine (i.e., if the pointer passed is routine (i.e., if the pointer passed is
.Dv NULL .Dv NULL
or if no callback routine was specified). or if no callback routine was specified).
.It Va crp_flags .It Va crp_flags
Is a bitmask of flags associated with this request. A bitmask of flags associated with this request.
Currently defined flags are: Currently defined flags are:
.Bl -tag -width ".Dv CRYPTO_F_CBIFSYNC" .Bl -tag -width ".Dv CRYPTO_F_CBIFSYNC"
.It Dv CRYPTO_F_IMBUF .It Dv CRYPTO_F_IMBUF
The buffer pointed to by The buffer is an mbuf chain pointed to by
.Va crp_buf .Va crp_mbuf .
is an mbuf chain.
.It Dv CRYPTO_F_IOV .It Dv CRYPTO_F_IOV
The buffer pointed to by The buffer is a
.Va crp_buf
is an
.Vt uio .Vt uio
structure. structure pointed to by
.Va crp_uio .
.It Dv CRYPTO_F_BATCH .It Dv CRYPTO_F_BATCH
Batch operation if possible. Batch operation if possible.
.It Dv CRYPTO_F_CBIMM .It Dv CRYPTO_F_CBIMM
Do callback immediately instead of doing it from a dedicated kernel thread. Do callback immediately instead of doing it from a dedicated kernel thread.
.It Dv CRYPTO_F_DONE .It Dv CRYPTO_F_DONE
Operation completed. Operation completed.
.It Dv CRYPTO_F_CBIFSYNC .It Dv CRYPTO_F_CBIFSYNC
Do callback immediately if operation is synchronous (that the driver Do callback immediately if operation is synchronous (that the driver
Show All 9 Lines
on different processors. on different processors.
.It Dv CRYPTO_F_ASYNC_KEEPORDER .It Dv CRYPTO_F_ASYNC_KEEPORDER
Dispatch callbacks in the same order they are posted. Dispatch callbacks in the same order they are posted.
Only relevant if the Only relevant if the
.Dv CRYPTO_F_ASYNC .Dv CRYPTO_F_ASYNC
flag is set and if the operation is synchronous. flag is set and if the operation is synchronous.
.El .El
.It Va crp_buf .It Va crp_buf
Points to the input buffer. Data buffer unless
On return (when the callback is invoked), .Dv CRYPTO_F_IMBUF
it contains the result of the request. or
The input buffer may be an mbuf .Dv CRYPTO_F_IOV
chain or a contiguous buffer, is set in
depending on
.Va crp_flags . .Va crp_flags .
The length in bytes is set in
.Va crp_ilen .
.It Va crp_mbuf
Data buffer mbuf chain when
.Dv CRYPTO_F_IMBUF
is set in
.Va crp_flags .
.It Va crp_uio
.Vt struct uio
data buffer when
.Dv CRYPTO_F_IOV
is set in
.Va crp_flags .
.It Va crp_opaque .It Va crp_opaque
This is passed through the crypto framework untouched and is Cookie passed through the crypto framework untouched.
It is
intended for the invoking application's use. intended for the invoking application's use.
.It Va crp_desc .It Va crp_desc
This is a linked list of descriptors. A linked list of descriptors.
Each descriptor provides Each descriptor provides
information about what type of cryptographic operation should be done information about what type of cryptographic operation should be done
on the input buffer. on the input buffer.
The various fields are: The various fields are:
.Bl -tag -width ".Va crd_inject" .Bl -tag -width ".Va crd_inject"
.It Va crd_iv .It Va crd_iv
When the flag When the flag
.Dv CRD_F_IV_EXPLICIT .Dv CRD_F_IV_EXPLICIT
▲ Show 20 LinesShow All 57 Lines▼ Show 20 Lines
field. field.
Otherwise, for encryption operations the IV is provided for by Otherwise, for encryption operations the IV is provided for by
the driver used to perform the operation, whereas for decryption the driver used to perform the operation, whereas for decryption
operations the offset of the IV is provided by the operations the offset of the IV is provided by the
.Va crd_inject .Va crd_inject
field. field.
This flag is typically used when the IV is calculated This flag is typically used when the IV is calculated
.Dq "on the fly" .Dq "on the fly"
by the consumer, and does not precede the data (some by the consumer, and does not precede the data.
.Xr ipsec 4
configurations, and the encrypted swap are two such examples).
.It Dv CRD_F_KEY_EXPLICIT .It Dv CRD_F_KEY_EXPLICIT
For encryption and authentication (MAC) algorithms, this bit is set when the key For encryption and authentication (MAC) algorithms, this bit is set when the key
is explicitly provided by the consumer in the is explicitly provided by the consumer in the
.Va crd_key .Va crd_key
field for the given operation. field for the given operation.
Otherwise, the key is taken at newsession time from the Otherwise, the key is taken at newsession time from the
.Va cri_key .Va cri_key
field. field.
Show All 20 Lines
where multiple cryptographic transforms may be applied on the same where multiple cryptographic transforms may be applied on the same
block of data. block of data.
.El .El
.El .El
.Pp .Pp
.Fn crypto_getreq .Fn crypto_getreq
allocates a allocates a
.Vt cryptop .Vt cryptop
structure with a linked list of as many structure with a linked list of
.Fa num
.Vt cryptodesc .Vt cryptodesc
structures as were specified in the argument passed to it. structures.
.Pp .Pp
.Fn crypto_freereq .Fn crypto_freereq
deallocates a structure deallocates a structure
.Vt cryptop .Vt cryptop
and any and any
.Vt cryptodesc .Vt cryptodesc
structures linked to it. structures linked to it.
Note that it is the responsibility of the Note that it is the responsibility of the
Show All 13 Lines
.Dv CRK_MOD_EXP . .Dv CRK_MOD_EXP .
.It Va krp_status .It Va krp_status
Return code. Return code.
This This
.Va errno Ns -style .Va errno Ns -style
variable indicates whether lower level reasons variable indicates whether lower level reasons
for operation failure. for operation failure.
.It Va krp_iparams .It Va krp_iparams
Number if input parameters to the specified operation. Number of input parameters to the specified operation.
Note that each operation has a (typically hardwired) number of such parameters. Note that each operation has a (typically hardwired) number of such parameters.
.It Va krp_oparams .It Va krp_oparams
Number if output parameters from the specified operation. Number of output parameters from the specified operation.
Note that each operation has a (typically hardwired) number of such parameters. Note that each operation has a (typically hardwired) number of such parameters.
.It Va krp_kvp .It Va krp_kvp
An array of kernel memory blocks containing the parameters. An array of kernel memory blocks containing the parameters.
.It Va krp_hid .It Va krp_hid
Identifier specifying which low-level driver is being used. Identifier specifying which low-level driver is being used.
.It Va krp_callback .It Va krp_callback
Callback called on completion of a keying operation. Callback called on completion of a keying operation.
.El .El
Show All 20 Lines
.Dv CRYPTOCAP_F_SOFTWARE .Dv CRYPTOCAP_F_SOFTWARE
or or
.Dv CRYPTOCAP_F_HARDWARE .Dv CRYPTOCAP_F_HARDWARE
must be specified. must be specified.
The The
.Dv CRYPTOCAP_F_SYNC .Dv CRYPTOCAP_F_SYNC
may also be specified, and should be specified if the driver does all of may also be specified, and should be specified if the driver does all of
it's operations synchronously. it's operations synchronously.
Drivers must pass the size of their session struct as the second argument. Drivers must pass the size of their session structure as the second argument.
An appropriately sized memory will be allocated by the framework, zeroed, and An appropriately sized memory will be allocated by the framework, zeroed, and
passed to the driver's passed to the driver's
.Fn newsession .Fn newsession
method. method.
.Pp .Pp
For each algorithm the driver supports, it must then call For each algorithm the driver supports, it must then call
.Fn crypto_register . .Fn crypto_register .
The first two arguments are the driver and algorithm identifiers. The first two arguments are the driver and algorithm identifiers.
The next two arguments specify the largest possible operator length (in bits, The next two arguments specify the largest possible operator length (in bits,
important for public key operations) and flags for this algorithm. important for public key operations) and flags for this algorithm.
The last four arguments must be provided in the first call to
.Fn crypto_register
and are ignored in all subsequent calls.
They are pointers to three
driver-provided functions that the framework may call to establish new
cryptographic context with the driver, free already established
context, and ask for a request to be processed (encrypt, decrypt,
etc.); and an opaque parameter to pass when calling each of these routines.
.Pp .Pp
.Fn crypto_unregister .Fn crypto_unregister
is called by drivers that wish to withdraw support for an algorithm. is called by drivers that wish to withdraw support for an algorithm.
The two arguments are the driver and algorithm identifiers, respectively. The two arguments are the driver and algorithm identifiers, respectively.
Typically, drivers for Typically, drivers for
PCMCIA PCMCIA
crypto cards that are being ejected will invoke this routine for all crypto cards that are being ejected will invoke this routine for all
algorithms supported by the card. algorithms supported by the card.
▲ Show 20 LinesShow All 163 LinesShow Last 20 Lines