Changeset View
Changeset View
Standalone View
Standalone View
sys/opencrypto/crypto.c
Show First 20 Lines • Show All 594 Lines • ▼ Show 20 Lines | crypto_cipher(const struct crypto_session_params *csp) | ||||
case CRYPTO_CAMELLIA_CBC: | case CRYPTO_CAMELLIA_CBC: | ||||
return (&enc_xform_camellia); | return (&enc_xform_camellia); | ||||
case CRYPTO_NULL_CBC: | case CRYPTO_NULL_CBC: | ||||
return (&enc_xform_null); | return (&enc_xform_null); | ||||
case CRYPTO_CHACHA20: | case CRYPTO_CHACHA20: | ||||
return (&enc_xform_chacha20); | return (&enc_xform_chacha20); | ||||
case CRYPTO_AES_CCM_16: | case CRYPTO_AES_CCM_16: | ||||
return (&enc_xform_ccm); | return (&enc_xform_ccm); | ||||
case CRYPTO_CHACHA20_POLY1305: | |||||
return (&enc_xform_chacha20_poly1305); | |||||
default: | default: | ||||
return (NULL); | return (NULL); | ||||
} | } | ||||
} | } | ||||
static struct cryptocap * | static struct cryptocap * | ||||
crypto_checkdriver(uint32_t hid) | crypto_checkdriver(uint32_t hid) | ||||
{ | { | ||||
▲ Show 20 Lines • Show All 75 Lines • ▼ Show 20 Lines | static enum alg_type { | ||||
[CRYPTO_RIPEMD160] = ALG_DIGEST, | [CRYPTO_RIPEMD160] = ALG_DIGEST, | ||||
[CRYPTO_SHA2_224] = ALG_DIGEST, | [CRYPTO_SHA2_224] = ALG_DIGEST, | ||||
[CRYPTO_SHA2_256] = ALG_DIGEST, | [CRYPTO_SHA2_256] = ALG_DIGEST, | ||||
[CRYPTO_SHA2_384] = ALG_DIGEST, | [CRYPTO_SHA2_384] = ALG_DIGEST, | ||||
[CRYPTO_SHA2_512] = ALG_DIGEST, | [CRYPTO_SHA2_512] = ALG_DIGEST, | ||||
[CRYPTO_POLY1305] = ALG_KEYED_DIGEST, | [CRYPTO_POLY1305] = ALG_KEYED_DIGEST, | ||||
[CRYPTO_AES_CCM_CBC_MAC] = ALG_KEYED_DIGEST, | [CRYPTO_AES_CCM_CBC_MAC] = ALG_KEYED_DIGEST, | ||||
[CRYPTO_AES_CCM_16] = ALG_AEAD, | [CRYPTO_AES_CCM_16] = ALG_AEAD, | ||||
[CRYPTO_CHACHA20_POLY1305] = ALG_AEAD, | |||||
}; | }; | ||||
static enum alg_type | static enum alg_type | ||||
alg_type(int alg) | alg_type(int alg) | ||||
{ | { | ||||
if (alg < nitems(alg_types)) | if (alg < nitems(alg_types)) | ||||
return (alg_types[alg]); | return (alg_types[alg]); | ||||
▲ Show 20 Lines • Show All 128 Lines • ▼ Show 20 Lines | case CSP_MODE_AEAD: | ||||
/* | /* | ||||
* XXX: Would be nice to have a better way to get this | * XXX: Would be nice to have a better way to get this | ||||
* value. | * value. | ||||
*/ | */ | ||||
switch (csp->csp_cipher_alg) { | switch (csp->csp_cipher_alg) { | ||||
case CRYPTO_AES_NIST_GCM_16: | case CRYPTO_AES_NIST_GCM_16: | ||||
case CRYPTO_AES_CCM_16: | case CRYPTO_AES_CCM_16: | ||||
case CRYPTO_CHACHA20_POLY1305: | |||||
if (csp->csp_auth_mlen > 16) | if (csp->csp_auth_mlen > 16) | ||||
return (false); | return (false); | ||||
break; | break; | ||||
} | } | ||||
break; | break; | ||||
case CSP_MODE_ETA: | case CSP_MODE_ETA: | ||||
if (!alg_is_cipher(csp->csp_cipher_alg)) | if (!alg_is_cipher(csp->csp_cipher_alg)) | ||||
return (false); | return (false); | ||||
▲ Show 20 Lines • Show All 457 Lines • ▼ Show 20 Lines | KASSERT(crp->crp_op == CRYPTO_OP_COMPUTE_DIGEST || | ||||
("invalid digest op %x", crp->crp_op)); | ("invalid digest op %x", crp->crp_op)); | ||||
break; | break; | ||||
case CSP_MODE_AEAD: | case CSP_MODE_AEAD: | ||||
KASSERT(crp->crp_op == | KASSERT(crp->crp_op == | ||||
(CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST) || | (CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST) || | ||||
crp->crp_op == | crp->crp_op == | ||||
(CRYPTO_OP_DECRYPT | CRYPTO_OP_VERIFY_DIGEST), | (CRYPTO_OP_DECRYPT | CRYPTO_OP_VERIFY_DIGEST), | ||||
("invalid AEAD op %x", crp->crp_op)); | ("invalid AEAD op %x", crp->crp_op)); | ||||
if (csp->csp_cipher_alg == CRYPTO_AES_NIST_GCM_16) | |||||
KASSERT(crp->crp_flags & CRYPTO_F_IV_SEPARATE, | KASSERT(crp->crp_flags & CRYPTO_F_IV_SEPARATE, | ||||
("GCM without a separate IV")); | ("AEAD without a separate IV")); | ||||
if (csp->csp_cipher_alg == CRYPTO_AES_CCM_16) | |||||
KASSERT(crp->crp_flags & CRYPTO_F_IV_SEPARATE, | |||||
("CCM without a separate IV")); | |||||
break; | break; | ||||
case CSP_MODE_ETA: | case CSP_MODE_ETA: | ||||
KASSERT(crp->crp_op == | KASSERT(crp->crp_op == | ||||
(CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST) || | (CRYPTO_OP_ENCRYPT | CRYPTO_OP_COMPUTE_DIGEST) || | ||||
crp->crp_op == | crp->crp_op == | ||||
(CRYPTO_OP_DECRYPT | CRYPTO_OP_VERIFY_DIGEST), | (CRYPTO_OP_DECRYPT | CRYPTO_OP_VERIFY_DIGEST), | ||||
("invalid ETA op %x", crp->crp_op)); | ("invalid ETA op %x", crp->crp_op)); | ||||
break; | break; | ||||
▲ Show 20 Lines • Show All 984 Lines • Show Last 20 Lines |