Changeset View
Changeset View
Standalone View
Standalone View
head/sys/crypto/aesni/aesni.c
Show First 20 Lines • Show All 248 Lines • ▼ Show 20 Lines | |||||
} | } | ||||
static int | static int | ||||
aesni_probesession(device_t dev, const struct crypto_session_params *csp) | aesni_probesession(device_t dev, const struct crypto_session_params *csp) | ||||
{ | { | ||||
struct aesni_softc *sc; | struct aesni_softc *sc; | ||||
sc = device_get_softc(dev); | sc = device_get_softc(dev); | ||||
if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT)) != 0) | if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD)) != | ||||
0) | |||||
return (EINVAL); | return (EINVAL); | ||||
switch (csp->csp_mode) { | switch (csp->csp_mode) { | ||||
case CSP_MODE_DIGEST: | case CSP_MODE_DIGEST: | ||||
if (!aesni_auth_supported(sc, csp)) | if (!aesni_auth_supported(sc, csp)) | ||||
return (EINVAL); | return (EINVAL); | ||||
break; | break; | ||||
case CSP_MODE_CIPHER: | case CSP_MODE_CIPHER: | ||||
if (!aesni_cipher_supported(sc, csp)) | if (!aesni_cipher_supported(sc, csp)) | ||||
▲ Show 20 Lines • Show All 426 Lines • ▼ Show 20 Lines | aesni_cipher_crypt(struct aesni_session *ses, struct cryptop *crp, | ||||
if (buf == NULL) | if (buf == NULL) | ||||
return (ENOMEM); | return (ENOMEM); | ||||
outallocated = false; | outallocated = false; | ||||
authallocated = false; | authallocated = false; | ||||
authbuf = NULL; | authbuf = NULL; | ||||
if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16 || | if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16 || | ||||
csp->csp_cipher_alg == CRYPTO_AES_CCM_16) { | csp->csp_cipher_alg == CRYPTO_AES_CCM_16) { | ||||
if (crp->crp_aad != NULL) | |||||
authbuf = crp->crp_aad; | |||||
else | |||||
authbuf = aesni_cipher_alloc(crp, crp->crp_aad_start, | authbuf = aesni_cipher_alloc(crp, crp->crp_aad_start, | ||||
crp->crp_aad_length, &authallocated); | crp->crp_aad_length, &authallocated); | ||||
if (authbuf == NULL) { | if (authbuf == NULL) { | ||||
error = ENOMEM; | error = ENOMEM; | ||||
goto out; | goto out; | ||||
} | } | ||||
} | } | ||||
if (CRYPTO_HAS_OUTPUT_BUFFER(crp)) { | if (CRYPTO_HAS_OUTPUT_BUFFER(crp)) { | ||||
outbuf = crypto_buffer_contiguous_subsegment(&crp->crp_obuf, | outbuf = crypto_buffer_contiguous_subsegment(&crp->crp_obuf, | ||||
▲ Show 20 Lines • Show All 135 Lines • ▼ Show 20 Lines | if (ses->hmac) { | ||||
/* Inner hash: (K ^ IPAD) || data */ | /* Inner hash: (K ^ IPAD) || data */ | ||||
ses->hash_init(&sctx); | ses->hash_init(&sctx); | ||||
for (i = 0; i < keylen; i++) | for (i = 0; i < keylen; i++) | ||||
hmac_key[i] = key[i] ^ HMAC_IPAD_VAL; | hmac_key[i] = key[i] ^ HMAC_IPAD_VAL; | ||||
for (i = keylen; i < sizeof(hmac_key); i++) | for (i = keylen; i < sizeof(hmac_key); i++) | ||||
hmac_key[i] = 0 ^ HMAC_IPAD_VAL; | hmac_key[i] = 0 ^ HMAC_IPAD_VAL; | ||||
ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ||||
crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length, | if (crp->crp_aad != NULL) | ||||
ses->hash_update, &sctx); | ses->hash_update(&sctx, crp->crp_aad, | ||||
crp->crp_aad_length); | |||||
else | |||||
crypto_apply(crp, crp->crp_aad_start, | |||||
crp->crp_aad_length, ses->hash_update, &sctx); | |||||
if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | ||||
CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | ||||
crypto_apply_buf(&crp->crp_obuf, | crypto_apply_buf(&crp->crp_obuf, | ||||
crp->crp_payload_output_start, | crp->crp_payload_output_start, | ||||
crp->crp_payload_length, | crp->crp_payload_length, | ||||
ses->hash_update, &sctx); | ses->hash_update, &sctx); | ||||
else | else | ||||
crypto_apply(crp, crp->crp_payload_start, | crypto_apply(crp, crp->crp_payload_start, | ||||
crp->crp_payload_length, ses->hash_update, &sctx); | crp->crp_payload_length, ses->hash_update, &sctx); | ||||
ses->hash_finalize(res, &sctx); | ses->hash_finalize(res, &sctx); | ||||
/* Outer hash: (K ^ OPAD) || inner hash */ | /* Outer hash: (K ^ OPAD) || inner hash */ | ||||
ses->hash_init(&sctx); | ses->hash_init(&sctx); | ||||
for (i = 0; i < keylen; i++) | for (i = 0; i < keylen; i++) | ||||
hmac_key[i] = key[i] ^ HMAC_OPAD_VAL; | hmac_key[i] = key[i] ^ HMAC_OPAD_VAL; | ||||
for (i = keylen; i < sizeof(hmac_key); i++) | for (i = keylen; i < sizeof(hmac_key); i++) | ||||
hmac_key[i] = 0 ^ HMAC_OPAD_VAL; | hmac_key[i] = 0 ^ HMAC_OPAD_VAL; | ||||
ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ||||
ses->hash_update(&sctx, res, ses->hash_len); | ses->hash_update(&sctx, res, ses->hash_len); | ||||
ses->hash_finalize(res, &sctx); | ses->hash_finalize(res, &sctx); | ||||
explicit_bzero(hmac_key, sizeof(hmac_key)); | explicit_bzero(hmac_key, sizeof(hmac_key)); | ||||
} else { | } else { | ||||
ses->hash_init(&sctx); | ses->hash_init(&sctx); | ||||
crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length, | if (crp->crp_aad != NULL) | ||||
ses->hash_update, &sctx); | ses->hash_update(&sctx, crp->crp_aad, | ||||
crp->crp_aad_length); | |||||
else | |||||
crypto_apply(crp, crp->crp_aad_start, | |||||
crp->crp_aad_length, ses->hash_update, &sctx); | |||||
if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | ||||
CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | ||||
crypto_apply_buf(&crp->crp_obuf, | crypto_apply_buf(&crp->crp_obuf, | ||||
crp->crp_payload_output_start, | crp->crp_payload_output_start, | ||||
crp->crp_payload_length, | crp->crp_payload_length, | ||||
ses->hash_update, &sctx); | ses->hash_update, &sctx); | ||||
else | else | ||||
crypto_apply(crp, crp->crp_payload_start, | crypto_apply(crp, crp->crp_payload_start, | ||||
Show All 18 Lines |