Changeset View
Changeset View
Standalone View
Standalone View
sys/opencrypto/cryptodev.c
Show First 20 Lines • Show All 97 Lines • ▼ Show 20 Lines | struct session2_op32 { | ||||
uint32_t cipher; | uint32_t cipher; | ||||
uint32_t mac; | uint32_t mac; | ||||
uint32_t keylen; | uint32_t keylen; | ||||
uint32_t key; | uint32_t key; | ||||
int mackeylen; | int mackeylen; | ||||
uint32_t mackey; | uint32_t mackey; | ||||
uint32_t ses; | uint32_t ses; | ||||
int crid; | int crid; | ||||
int pad[4]; | int ivlen; | ||||
int maclen; | |||||
int pad[2]; | |||||
}; | }; | ||||
struct crypt_op32 { | struct crypt_op32 { | ||||
uint32_t ses; | uint32_t ses; | ||||
uint16_t op; | uint16_t op; | ||||
uint16_t flags; | uint16_t flags; | ||||
u_int len; | u_int len; | ||||
uint32_t src, dst; | uint32_t src, dst; | ||||
Show All 36 Lines | |||||
} | } | ||||
static void | static void | ||||
session2_op_from_32(const struct session2_op32 *from, struct session2_op *to) | session2_op_from_32(const struct session2_op32 *from, struct session2_op *to) | ||||
{ | { | ||||
session_op_from_32((const struct session_op32 *)from, to); | session_op_from_32((const struct session_op32 *)from, to); | ||||
CP(*from, *to, crid); | CP(*from, *to, crid); | ||||
CP(*from, *to, ivlen); | |||||
CP(*from, *to, maclen); | |||||
} | } | ||||
static void | static void | ||||
session_op_to_32(const struct session2_op *from, struct session_op32 *to) | session_op_to_32(const struct session2_op *from, struct session_op32 *to) | ||||
{ | { | ||||
CP(*from, *to, cipher); | CP(*from, *to, cipher); | ||||
CP(*from, *to, mac); | CP(*from, *to, mac); | ||||
▲ Show 20 Lines • Show All 419 Lines • ▼ Show 20 Lines | if (csp.csp_auth_klen != 0) { | ||||
CRYPTDEB("invalid mac key"); | CRYPTDEB("invalid mac key"); | ||||
SDT_PROBE1(opencrypto, dev, ioctl, error, | SDT_PROBE1(opencrypto, dev, ioctl, error, | ||||
__LINE__); | __LINE__); | ||||
goto bail; | goto bail; | ||||
} | } | ||||
csp.csp_auth_key = mackey; | csp.csp_auth_key = mackey; | ||||
} | } | ||||
if (csp.csp_auth_alg == CRYPTO_AES_NIST_GMAC) | if (csp.csp_auth_alg == CRYPTO_AES_NIST_GMAC) | ||||
markj: Why is this assignment needed? It is done again below. | |||||
Done Inline ActionsOops, an earlier leftover from my first cut at doing this. jhb: Oops, an earlier leftover from my first cut at doing this. | |||||
csp.csp_ivlen = AES_GCM_IV_LEN; | csp.csp_ivlen = AES_GCM_IV_LEN; | ||||
if (csp.csp_auth_alg == CRYPTO_AES_CCM_CBC_MAC) | if (csp.csp_auth_alg == CRYPTO_AES_CCM_CBC_MAC) | ||||
csp.csp_ivlen = AES_CCM_IV_LEN; | csp.csp_ivlen = AES_CCM_IV_LEN; | ||||
} | } | ||||
if (sop->ivlen != 0) { | |||||
if (csp.csp_ivlen == 0) { | |||||
CRYPTDEB("does not support an IV"); | |||||
error = EINVAL; | |||||
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | |||||
goto bail; | |||||
} | |||||
csp.csp_ivlen = sop->ivlen; | |||||
} | |||||
if (sop->maclen != 0) { | |||||
if (!(thash != NULL || csp.csp_mode == CSP_MODE_AEAD)) { | |||||
CRYPTDEB("does not support a MAC"); | |||||
error = EINVAL; | |||||
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | |||||
goto bail; | |||||
} | |||||
csp.csp_auth_mlen = sop->maclen; | |||||
} | |||||
crid = sop->crid; | crid = sop->crid; | ||||
error = checkforsoftware(&crid); | error = checkforsoftware(&crid); | ||||
if (error) { | if (error) { | ||||
CRYPTDEB("checkforsoftware"); | CRYPTDEB("checkforsoftware"); | ||||
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | ||||
goto bail; | goto bail; | ||||
} | } | ||||
error = crypto_newsession(&cses, &csp, crid); | error = crypto_newsession(&cses, &csp, crid); | ||||
if (error) { | if (error) { | ||||
CRYPTDEB("crypto_newsession"); | CRYPTDEB("crypto_newsession"); | ||||
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); | ||||
goto bail; | goto bail; | ||||
} | } | ||||
cse = malloc(sizeof(struct csession), M_XDATA, M_WAITOK | M_ZERO); | cse = malloc(sizeof(struct csession), M_XDATA, M_WAITOK | M_ZERO); | ||||
mtx_init(&cse->lock, "cryptodev", "crypto session lock", MTX_DEF); | mtx_init(&cse->lock, "cryptodev", "crypto session lock", MTX_DEF); | ||||
refcount_init(&cse->refs, 1); | refcount_init(&cse->refs, 1); | ||||
cse->key = key; | cse->key = key; | ||||
cse->mackey = mackey; | cse->mackey = mackey; | ||||
cse->cses = cses; | cse->cses = cses; | ||||
cse->txform = txform; | cse->txform = txform; | ||||
if (thash != NULL) | if (sop->maclen != 0) | ||||
cse->hashsize = sop->maclen; | |||||
else if (thash != NULL) | |||||
cse->hashsize = thash->hashsize; | cse->hashsize = thash->hashsize; | ||||
else if (csp.csp_cipher_alg == CRYPTO_AES_NIST_GCM_16) | else if (csp.csp_cipher_alg == CRYPTO_AES_NIST_GCM_16) | ||||
cse->hashsize = AES_GMAC_HASH_LEN; | cse->hashsize = AES_GMAC_HASH_LEN; | ||||
else if (csp.csp_cipher_alg == CRYPTO_AES_CCM_16) | else if (csp.csp_cipher_alg == CRYPTO_AES_CCM_16) | ||||
cse->hashsize = AES_CBC_MAC_HASH_LEN; | cse->hashsize = AES_CBC_MAC_HASH_LEN; | ||||
else if (csp.csp_cipher_alg == CRYPTO_CHACHA20_POLY1305) | else if (csp.csp_cipher_alg == CRYPTO_CHACHA20_POLY1305) | ||||
cse->hashsize = POLY1305_HASH_LEN; | cse->hashsize = POLY1305_HASH_LEN; | ||||
cse->ivsize = csp.csp_ivlen; | cse->ivsize = csp.csp_ivlen; | ||||
▲ Show 20 Lines • Show All 768 Lines • Show Last 20 Lines |
Why is this assignment needed? It is done again below.