Changeset View
Changeset View
Standalone View
Standalone View
head/sys/crypto/aesni/aesni.c
| Show First 20 Lines • Show All 248 Lines • ▼ Show 20 Lines | |||||
| } | } | ||||
| static int | static int | ||||
| aesni_probesession(device_t dev, const struct crypto_session_params *csp) | aesni_probesession(device_t dev, const struct crypto_session_params *csp) | ||||
| { | { | ||||
| struct aesni_softc *sc; | struct aesni_softc *sc; | ||||
| sc = device_get_softc(dev); | sc = device_get_softc(dev); | ||||
| if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT)) != 0) | if ((csp->csp_flags & ~(CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD)) != | ||||
| 0) | |||||
| return (EINVAL); | return (EINVAL); | ||||
| switch (csp->csp_mode) { | switch (csp->csp_mode) { | ||||
| case CSP_MODE_DIGEST: | case CSP_MODE_DIGEST: | ||||
| if (!aesni_auth_supported(sc, csp)) | if (!aesni_auth_supported(sc, csp)) | ||||
| return (EINVAL); | return (EINVAL); | ||||
| break; | break; | ||||
| case CSP_MODE_CIPHER: | case CSP_MODE_CIPHER: | ||||
| if (!aesni_cipher_supported(sc, csp)) | if (!aesni_cipher_supported(sc, csp)) | ||||
| ▲ Show 20 Lines • Show All 426 Lines • ▼ Show 20 Lines | aesni_cipher_crypt(struct aesni_session *ses, struct cryptop *crp, | ||||
| if (buf == NULL) | if (buf == NULL) | ||||
| return (ENOMEM); | return (ENOMEM); | ||||
| outallocated = false; | outallocated = false; | ||||
| authallocated = false; | authallocated = false; | ||||
| authbuf = NULL; | authbuf = NULL; | ||||
| if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16 || | if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16 || | ||||
| csp->csp_cipher_alg == CRYPTO_AES_CCM_16) { | csp->csp_cipher_alg == CRYPTO_AES_CCM_16) { | ||||
| if (crp->crp_aad != NULL) | |||||
| authbuf = crp->crp_aad; | |||||
| else | |||||
| authbuf = aesni_cipher_alloc(crp, crp->crp_aad_start, | authbuf = aesni_cipher_alloc(crp, crp->crp_aad_start, | ||||
| crp->crp_aad_length, &authallocated); | crp->crp_aad_length, &authallocated); | ||||
| if (authbuf == NULL) { | if (authbuf == NULL) { | ||||
| error = ENOMEM; | error = ENOMEM; | ||||
| goto out; | goto out; | ||||
| } | } | ||||
| } | } | ||||
| if (CRYPTO_HAS_OUTPUT_BUFFER(crp)) { | if (CRYPTO_HAS_OUTPUT_BUFFER(crp)) { | ||||
| outbuf = crypto_buffer_contiguous_subsegment(&crp->crp_obuf, | outbuf = crypto_buffer_contiguous_subsegment(&crp->crp_obuf, | ||||
| ▲ Show 20 Lines • Show All 135 Lines • ▼ Show 20 Lines | if (ses->hmac) { | ||||
| /* Inner hash: (K ^ IPAD) || data */ | /* Inner hash: (K ^ IPAD) || data */ | ||||
| ses->hash_init(&sctx); | ses->hash_init(&sctx); | ||||
| for (i = 0; i < keylen; i++) | for (i = 0; i < keylen; i++) | ||||
| hmac_key[i] = key[i] ^ HMAC_IPAD_VAL; | hmac_key[i] = key[i] ^ HMAC_IPAD_VAL; | ||||
| for (i = keylen; i < sizeof(hmac_key); i++) | for (i = keylen; i < sizeof(hmac_key); i++) | ||||
| hmac_key[i] = 0 ^ HMAC_IPAD_VAL; | hmac_key[i] = 0 ^ HMAC_IPAD_VAL; | ||||
| ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ||||
| crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length, | if (crp->crp_aad != NULL) | ||||
| ses->hash_update, &sctx); | ses->hash_update(&sctx, crp->crp_aad, | ||||
| crp->crp_aad_length); | |||||
| else | |||||
| crypto_apply(crp, crp->crp_aad_start, | |||||
| crp->crp_aad_length, ses->hash_update, &sctx); | |||||
| if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | ||||
| CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | ||||
| crypto_apply_buf(&crp->crp_obuf, | crypto_apply_buf(&crp->crp_obuf, | ||||
| crp->crp_payload_output_start, | crp->crp_payload_output_start, | ||||
| crp->crp_payload_length, | crp->crp_payload_length, | ||||
| ses->hash_update, &sctx); | ses->hash_update, &sctx); | ||||
| else | else | ||||
| crypto_apply(crp, crp->crp_payload_start, | crypto_apply(crp, crp->crp_payload_start, | ||||
| crp->crp_payload_length, ses->hash_update, &sctx); | crp->crp_payload_length, ses->hash_update, &sctx); | ||||
| ses->hash_finalize(res, &sctx); | ses->hash_finalize(res, &sctx); | ||||
| /* Outer hash: (K ^ OPAD) || inner hash */ | /* Outer hash: (K ^ OPAD) || inner hash */ | ||||
| ses->hash_init(&sctx); | ses->hash_init(&sctx); | ||||
| for (i = 0; i < keylen; i++) | for (i = 0; i < keylen; i++) | ||||
| hmac_key[i] = key[i] ^ HMAC_OPAD_VAL; | hmac_key[i] = key[i] ^ HMAC_OPAD_VAL; | ||||
| for (i = keylen; i < sizeof(hmac_key); i++) | for (i = keylen; i < sizeof(hmac_key); i++) | ||||
| hmac_key[i] = 0 ^ HMAC_OPAD_VAL; | hmac_key[i] = 0 ^ HMAC_OPAD_VAL; | ||||
| ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ses->hash_update(&sctx, hmac_key, sizeof(hmac_key)); | ||||
| ses->hash_update(&sctx, res, ses->hash_len); | ses->hash_update(&sctx, res, ses->hash_len); | ||||
| ses->hash_finalize(res, &sctx); | ses->hash_finalize(res, &sctx); | ||||
| explicit_bzero(hmac_key, sizeof(hmac_key)); | explicit_bzero(hmac_key, sizeof(hmac_key)); | ||||
| } else { | } else { | ||||
| ses->hash_init(&sctx); | ses->hash_init(&sctx); | ||||
| crypto_apply(crp, crp->crp_aad_start, crp->crp_aad_length, | if (crp->crp_aad != NULL) | ||||
| ses->hash_update, &sctx); | ses->hash_update(&sctx, crp->crp_aad, | ||||
| crp->crp_aad_length); | |||||
| else | |||||
| crypto_apply(crp, crp->crp_aad_start, | |||||
| crp->crp_aad_length, ses->hash_update, &sctx); | |||||
| if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | if (CRYPTO_HAS_OUTPUT_BUFFER(crp) && | ||||
| CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) | ||||
| crypto_apply_buf(&crp->crp_obuf, | crypto_apply_buf(&crp->crp_obuf, | ||||
| crp->crp_payload_output_start, | crp->crp_payload_output_start, | ||||
| crp->crp_payload_length, | crp->crp_payload_length, | ||||
| ses->hash_update, &sctx); | ses->hash_update, &sctx); | ||||
| else | else | ||||
| crypto_apply(crp, crp->crp_payload_start, | crypto_apply(crp, crp->crp_payload_start, | ||||
| Show All 18 Lines | |||||