Changeset View
Changeset View
Standalone View
Standalone View
sys/crypto/aesni/aesni.c
/*- | /*- | ||||
* Copyright (c) 2005-2008 Pawel Jakub Dawidek <pjd@FreeBSD.org> | * Copyright (c) 2005-2008 Pawel Jakub Dawidek <pjd@FreeBSD.org> | ||||
* Copyright (c) 2010 Konstantin Belousov <kib@FreeBSD.org> | * Copyright (c) 2010 Konstantin Belousov <kib@FreeBSD.org> | ||||
* Copyright (c) 2014 The FreeBSD Foundation | * Copyright (c) 2014-2021 The FreeBSD Foundation | ||||
* Copyright (c) 2017 Conrad Meyer <cem@FreeBSD.org> | * Copyright (c) 2017 Conrad Meyer <cem@FreeBSD.org> | ||||
* All rights reserved. | * All rights reserved. | ||||
* | * | ||||
* Portions of this software were developed by John-Mark Gurney | * Portions of this software were developed by John-Mark Gurney | ||||
* under sponsorship of the FreeBSD Foundation and | * under sponsorship of the FreeBSD Foundation and | ||||
* Rubicon Communications, LLC (Netgate). | * Rubicon Communications, LLC (Netgate). | ||||
* | * | ||||
* Portions of this software were developed by Ararat River | |||||
* Consulting, LLC under sponsorship of the FreeBSD Foundation. | |||||
* | |||||
* Redistribution and use in source and binary forms, with or without | * Redistribution and use in source and binary forms, with or without | ||||
* modification, are permitted provided that the following conditions | * modification, are permitted provided that the following conditions | ||||
* are met: | * are met: | ||||
* 1. Redistributions of source code must retain the above copyright | * 1. Redistributions of source code must retain the above copyright | ||||
* notice, this list of conditions and the following disclaimer. | * notice, this list of conditions and the following disclaimer. | ||||
* 2. Redistributions in binary form must reproduce the above copyright | * 2. Redistributions in binary form must reproduce the above copyright | ||||
* notice, this list of conditions and the following disclaimer in the | * notice, this list of conditions and the following disclaimer in the | ||||
* documentation and/or other materials provided with the distribution. | * documentation and/or other materials provided with the distribution. | ||||
▲ Show 20 Lines • Show All 294 Lines • ▼ Show 20 Lines | case CRYPTO_AES_CCM_16: | ||||
break; | break; | ||||
default: | default: | ||||
CRYPTDEB("invalid CCM key length"); | CRYPTDEB("invalid CCM key length"); | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
if (csp->csp_auth_mlen != 0 && | if (csp->csp_auth_mlen != 0 && | ||||
csp->csp_auth_mlen != AES_CBC_MAC_HASH_LEN) | csp->csp_auth_mlen != AES_CBC_MAC_HASH_LEN) | ||||
return (EINVAL); | return (EINVAL); | ||||
if (csp->csp_ivlen != AES_CCM_IV_LEN || | if (!sc->has_aes) | ||||
!sc->has_aes) | |||||
return (EINVAL); | return (EINVAL); | ||||
break; | break; | ||||
default: | default: | ||||
return (EINVAL); | return (EINVAL); | ||||
} | } | ||||
break; | break; | ||||
case CSP_MODE_ETA: | case CSP_MODE_ETA: | ||||
if (!aesni_auth_supported(sc, csp) || | if (!aesni_auth_supported(sc, csp) || | ||||
▲ Show 20 Lines • Show All 302 Lines • ▼ Show 20 Lines | |||||
{ | { | ||||
const struct crypto_session_params *csp; | const struct crypto_session_params *csp; | ||||
struct fpu_kern_ctx *ctx; | struct fpu_kern_ctx *ctx; | ||||
int error, ctxidx; | int error, ctxidx; | ||||
bool kt; | bool kt; | ||||
csp = crypto_get_params(crp->crp_session); | csp = crypto_get_params(crp->crp_session); | ||||
switch (csp->csp_cipher_alg) { | switch (csp->csp_cipher_alg) { | ||||
case CRYPTO_AES_CCM_16: | |||||
if (crp->crp_payload_length > ccm_max_payload_length(csp)) | |||||
return (EMSGSIZE); | |||||
/* FALLTHROUGH */ | |||||
case CRYPTO_AES_ICM: | case CRYPTO_AES_ICM: | ||||
case CRYPTO_AES_NIST_GCM_16: | case CRYPTO_AES_NIST_GCM_16: | ||||
case CRYPTO_AES_CCM_16: | |||||
if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) | if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) | ||||
return (EINVAL); | return (EINVAL); | ||||
break; | break; | ||||
case CRYPTO_AES_CBC: | case CRYPTO_AES_CBC: | ||||
case CRYPTO_AES_XTS: | case CRYPTO_AES_XTS: | ||||
/* CBC & XTS can only handle full blocks for now */ | /* CBC & XTS can only handle full blocks for now */ | ||||
if ((crp->crp_payload_length % AES_BLOCK_LEN) != 0) | if ((crp->crp_payload_length % AES_BLOCK_LEN) != 0) | ||||
return (EINVAL); | return (EINVAL); | ||||
▲ Show 20 Lines • Show All 271 Lines • Show Last 20 Lines |