Changeset View
Changeset View
Standalone View
Standalone View
sys/opencrypto/xform_aes_icm.c
Show First 20 Lines • Show All 49 Lines • ▼ Show 20 Lines | |||||
#include <sys/cdefs.h> | #include <sys/cdefs.h> | ||||
__FBSDID("$FreeBSD$"); | __FBSDID("$FreeBSD$"); | ||||
#include <opencrypto/xform_enc.h> | #include <opencrypto/xform_enc.h> | ||||
static int aes_icm_setkey(void *, const uint8_t *, int); | static int aes_icm_setkey(void *, const uint8_t *, int); | ||||
static void aes_icm_crypt(void *, const uint8_t *, uint8_t *); | static void aes_icm_crypt(void *, const uint8_t *, uint8_t *); | ||||
static void aes_icm_crypt_last(void *, const uint8_t *, uint8_t *, size_t); | static void aes_icm_crypt_last(void *, const uint8_t *, uint8_t *, size_t); | ||||
static void aes_icm_reinit(void *, const uint8_t *); | static void aes_icm_reinit(void *, const uint8_t *, size_t); | ||||
static void aes_gcm_reinit(void *, const uint8_t *); | static void aes_gcm_reinit(void *, const uint8_t *, size_t); | ||||
static void aes_ccm_reinit(void *, const uint8_t *); | static void aes_ccm_reinit(void *, const uint8_t *, size_t); | ||||
/* Encryption instances */ | /* Encryption instances */ | ||||
const struct enc_xform enc_xform_aes_icm = { | const struct enc_xform enc_xform_aes_icm = { | ||||
.type = CRYPTO_AES_ICM, | .type = CRYPTO_AES_ICM, | ||||
.name = "AES-ICM", | .name = "AES-ICM", | ||||
.ctxsize = sizeof(struct aes_icm_ctx), | .ctxsize = sizeof(struct aes_icm_ctx), | ||||
.blocksize = 1, | .blocksize = 1, | ||||
.native_blocksize = AES_BLOCK_LEN, | .native_blocksize = AES_BLOCK_LEN, | ||||
Show All 40 Lines | const struct enc_xform enc_xform_ccm = { | ||||
.encrypt_last = aes_icm_crypt_last, | .encrypt_last = aes_icm_crypt_last, | ||||
.decrypt_last = aes_icm_crypt_last, | .decrypt_last = aes_icm_crypt_last, | ||||
}; | }; | ||||
/* | /* | ||||
* Encryption wrapper routines. | * Encryption wrapper routines. | ||||
*/ | */ | ||||
static void | static void | ||||
aes_icm_reinit(void *key, const uint8_t *iv) | aes_icm_reinit(void *key, const uint8_t *iv, size_t ivlen) | ||||
markj: I think it'd be a bit nicer to call it `ivlen` here and below. | |||||
{ | { | ||||
struct aes_icm_ctx *ctx; | struct aes_icm_ctx *ctx; | ||||
ctx = key; | ctx = key; | ||||
bcopy(iv, ctx->ac_block, AESICM_BLOCKSIZE); | KASSERT(ivlen <= sizeof(ctx->ac_block), | ||||
("%s: ivlen too large", __func__)); | |||||
bcopy(iv, ctx->ac_block, ivlen); | |||||
} | } | ||||
static void | static void | ||||
aes_gcm_reinit(void *key, const uint8_t *iv) | aes_gcm_reinit(void *key, const uint8_t *iv, size_t ivlen) | ||||
{ | { | ||||
struct aes_icm_ctx *ctx; | struct aes_icm_ctx *ctx; | ||||
aes_icm_reinit(key, iv); | KASSERT(ivlen == AES_GCM_IV_LEN, | ||||
("%s: invalid IV length", __func__)); | |||||
aes_icm_reinit(key, iv, ivlen); | |||||
ctx = key; | ctx = key; | ||||
/* GCM starts with 2 as counter 1 is used for final xor of tag. */ | /* GCM starts with 2 as counter 1 is used for final xor of tag. */ | ||||
bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4); | bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4); | ||||
ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2; | ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2; | ||||
} | } | ||||
static void | static void | ||||
aes_ccm_reinit(void *key, const uint8_t *iv) | aes_ccm_reinit(void *key, const uint8_t *iv, size_t ivlen) | ||||
{ | { | ||||
struct aes_icm_ctx *ctx; | struct aes_icm_ctx *ctx; | ||||
KASSERT(ivlen == AES_CCM_IV_LEN, | |||||
("%s: invalid IV length", __func__)); | |||||
ctx = key; | ctx = key; | ||||
/* CCM has flags, then the IV, then the counter, which starts at 1 */ | /* CCM has flags, then the IV, then the counter, which starts at 1 */ | ||||
bzero(ctx->ac_block, sizeof(ctx->ac_block)); | bzero(ctx->ac_block, sizeof(ctx->ac_block)); | ||||
/* 3 bytes for length field; this gives a nonce of 12 bytes */ | /* 3 bytes for length field; this gives a nonce of 12 bytes */ | ||||
ctx->ac_block[0] = (15 - AES_CCM_IV_LEN) - 1; | ctx->ac_block[0] = (15 - AES_CCM_IV_LEN) - 1; | ||||
bcopy(iv, ctx->ac_block+1, AES_CCM_IV_LEN); | bcopy(iv, ctx->ac_block+1, AES_CCM_IV_LEN); | ||||
ctx->ac_block[AESICM_BLOCKSIZE - 1] = 1; | ctx->ac_block[AESICM_BLOCKSIZE - 1] = 1; | ||||
▲ Show 20 Lines • Show All 44 Lines • Show Last 20 Lines |
I think it'd be a bit nicer to call it ivlen here and below.