Changeset View
Changeset View
Standalone View
Standalone View
sys/dev/cxgbe/crypto/t4_crypto.c
Show First 20 Lines • Show All 1,518 Lines • ▼ Show 20 Lines | out: | ||||
zfree(kschedule, M_CCR); | zfree(kschedule, M_CCR); | ||||
zfree(auth_ctx, M_CCR); | zfree(auth_ctx, M_CCR); | ||||
explicit_bzero(block, sizeof(block)); | explicit_bzero(block, sizeof(block)); | ||||
explicit_bzero(digest, sizeof(digest)); | explicit_bzero(digest, sizeof(digest)); | ||||
crp->crp_etype = error; | crp->crp_etype = error; | ||||
crypto_done(crp); | crypto_done(crp); | ||||
} | } | ||||
static int | |||||
ccr_ccm_hmac_ctrl(unsigned int authsize) | |||||
{ | |||||
switch (authsize) { | |||||
case 4: | |||||
return (SCMD_HMAC_CTRL_PL1); | |||||
case 6: | |||||
return (SCMD_HMAC_CTRL_PL2); | |||||
case 8: | |||||
return (SCMD_HMAC_CTRL_DIV2); | |||||
case 10: | |||||
return (SCMD_HMAC_CTRL_TRUNC_RFC4366); | |||||
case 12: | |||||
return (SCMD_HMAC_CTRL_IPSEC_96BIT); | |||||
case 14: | |||||
return (SCMD_HMAC_CTRL_PL3); | |||||
case 16: | |||||
return (SCMD_HMAC_CTRL_NO_TRUNC); | |||||
default: | |||||
__assert_unreachable(); | |||||
} | |||||
} | |||||
static void | static void | ||||
generate_ccm_b0(struct cryptop *crp, u_int hash_size_in_response, | generate_ccm_b0(struct cryptop *crp, u_int hash_size_in_response, | ||||
const char *iv, char *b0) | const char *iv, char *b0) | ||||
{ | { | ||||
u_int i, payload_len, L; | u_int i, payload_len, L; | ||||
/* NB: L is already set in the first byte of the IV. */ | /* NB: L is already set in the first byte of the IV. */ | ||||
memcpy(b0, iv, CCM_B0_SIZE); | memcpy(b0, iv, CCM_B0_SIZE); | ||||
▲ Show 20 Lines • Show All 243 Lines • ▼ Show 20 Lines | crwr->sec_cpl.aadstart_cipherstop_hi = htobe32( | ||||
V_CPL_TX_SEC_PDU_CIPHERSTOP_HI(0)); | V_CPL_TX_SEC_PDU_CIPHERSTOP_HI(0)); | ||||
crwr->sec_cpl.cipherstop_lo_authinsert = htobe32( | crwr->sec_cpl.cipherstop_lo_authinsert = htobe32( | ||||
V_CPL_TX_SEC_PDU_CIPHERSTOP_LO(0) | | V_CPL_TX_SEC_PDU_CIPHERSTOP_LO(0) | | ||||
V_CPL_TX_SEC_PDU_AUTHSTART(cipher_start) | | V_CPL_TX_SEC_PDU_AUTHSTART(cipher_start) | | ||||
V_CPL_TX_SEC_PDU_AUTHSTOP(cipher_stop) | | V_CPL_TX_SEC_PDU_AUTHSTOP(cipher_stop) | | ||||
V_CPL_TX_SEC_PDU_AUTHINSERT(auth_insert)); | V_CPL_TX_SEC_PDU_AUTHINSERT(auth_insert)); | ||||
/* These two flits are actually a CPL_TLS_TX_SCMD_FMT. */ | /* These two flits are actually a CPL_TLS_TX_SCMD_FMT. */ | ||||
hmac_ctrl = ccr_hmac_ctrl(AES_CBC_MAC_HASH_LEN, hash_size_in_response); | hmac_ctrl = ccr_ccm_hmac_ctrl(hash_size_in_response); | ||||
crwr->sec_cpl.seqno_numivs = htobe32( | crwr->sec_cpl.seqno_numivs = htobe32( | ||||
V_SCMD_SEQ_NO_CTRL(0) | | V_SCMD_SEQ_NO_CTRL(0) | | ||||
V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | | V_SCMD_PROTO_VERSION(SCMD_PROTO_VERSION_GENERIC) | | ||||
V_SCMD_ENC_DEC_CTRL(op_type) | | V_SCMD_ENC_DEC_CTRL(op_type) | | ||||
V_SCMD_CIPH_AUTH_SEQ_CTRL(op_type == CHCR_ENCRYPT_OP ? 0 : 1) | | V_SCMD_CIPH_AUTH_SEQ_CTRL(op_type == CHCR_ENCRYPT_OP ? 0 : 1) | | ||||
V_SCMD_CIPH_MODE(SCMD_CIPH_MODE_AES_CCM) | | V_SCMD_CIPH_MODE(SCMD_CIPH_MODE_AES_CCM) | | ||||
V_SCMD_AUTH_MODE(SCMD_AUTH_MODE_CBCMAC) | | V_SCMD_AUTH_MODE(SCMD_AUTH_MODE_CBCMAC) | | ||||
V_SCMD_HMAC_CTRL(hmac_ctrl) | | V_SCMD_HMAC_CTRL(hmac_ctrl) | | ||||
▲ Show 20 Lines • Show All 659 Lines • ▼ Show 20 Lines | case CSP_MODE_AEAD: | ||||
case CRYPTO_AES_NIST_GCM_16: | case CRYPTO_AES_NIST_GCM_16: | ||||
if (csp->csp_ivlen != AES_GCM_IV_LEN) | if (csp->csp_ivlen != AES_GCM_IV_LEN) | ||||
return (EINVAL); | return (EINVAL); | ||||
if (csp->csp_auth_mlen < 0 || | if (csp->csp_auth_mlen < 0 || | ||||
csp->csp_auth_mlen > AES_GMAC_HASH_LEN) | csp->csp_auth_mlen > AES_GMAC_HASH_LEN) | ||||
return (EINVAL); | return (EINVAL); | ||||
break; | break; | ||||
case CRYPTO_AES_CCM_16: | case CRYPTO_AES_CCM_16: | ||||
if (csp->csp_auth_mlen < 0 || | |||||
csp->csp_auth_mlen > AES_CBC_MAC_HASH_LEN) | |||||
return (EINVAL); | |||||
break; | break; | ||||
default: | default: | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
break; | break; | ||||
case CSP_MODE_ETA: | case CSP_MODE_ETA: | ||||
if (!ccr_auth_supported(csp) || !ccr_cipher_supported(csp)) | if (!ccr_auth_supported(csp) || !ccr_cipher_supported(csp)) | ||||
return (EINVAL); | return (EINVAL); | ||||
▲ Show 20 Lines • Show All 495 Lines • Show Last 20 Lines |