Changeset View
Changeset View
Standalone View
Standalone View
sys/opencrypto/xform_chacha20_poly1305.c
| Show First 20 Lines • Show All 93 Lines • ▼ Show 20 Lines | chacha20_poly1305_crypt(void *vctx, const uint8_t *in, uint8_t *out) | ||||
| else | else | ||||
| error = crypto_stream_chacha20_xor_ic(out, in, | error = crypto_stream_chacha20_xor_ic(out, in, | ||||
| CHACHA20_NATIVE_BLOCK_LEN, ctx->nonce, ctx->ic, ctx->key); | CHACHA20_NATIVE_BLOCK_LEN, ctx->nonce, ctx->ic, ctx->key); | ||||
| KASSERT(error == 0, ("%s failed: %d", __func__, error)); | KASSERT(error == 0, ("%s failed: %d", __func__, error)); | ||||
| ctx->ic++; | ctx->ic++; | ||||
| } | } | ||||
| static void | static void | ||||
| chacha20_poly1305_crypt_multi(void *vctx, const uint8_t *in, uint8_t *out, size_t len) | |||||
| { | |||||
| struct chacha20_poly1305_ctx *ctx = vctx; | |||||
| int error __diagused; | |||||
| KASSERT(len % CHACHA20_NATIVE_BLOCK_LEN == 0, ("%s: invalid length", | |||||
| __func__)); | |||||
| if (ctx->ietf) | |||||
| error = crypto_stream_chacha20_ietf_xor_ic(out, in, len, | |||||
| ctx->nonce, ctx->ic, ctx->key); | |||||
| else | |||||
| error = crypto_stream_chacha20_xor_ic(out, in, len, ctx->nonce, | |||||
| ctx->ic, ctx->key); | |||||
markj: Isn't it supposed to be incremented by the number of blocks? | |||||
Done Inline ActionsOoh, yes. jhb: Ooh, yes. | |||||
Done Inline ActionsUnfortunately I wasn't able to test this via cryptocheck since I've only changed "plain" ciphers to use the multi hooks so far. :-/ I might need to go ahead and convert the AEAD ciphers to use multi just so I can get test coverage. jhb: Unfortunately I wasn't able to test this via cryptocheck since I've only changed "plain"… | |||||
| KASSERT(error == 0, ("%s failed: %d", __func__, error)); | |||||
| ctx->ic += len / CHACHA20_NATIVE_BLOCK_LEN; | |||||
| } | |||||
| static void | |||||
| chacha20_poly1305_crypt_last(void *vctx, const uint8_t *in, uint8_t *out, | chacha20_poly1305_crypt_last(void *vctx, const uint8_t *in, uint8_t *out, | ||||
| size_t len) | size_t len) | ||||
| { | { | ||||
| struct chacha20_poly1305_ctx *ctx = vctx; | struct chacha20_poly1305_ctx *ctx = vctx; | ||||
| int error __diagused; | int error __diagused; | ||||
| if (ctx->ietf) | if (ctx->ietf) | ||||
| Show All 27 Lines | const struct enc_xform enc_xform_chacha20_poly1305 = { | ||||
| .name = "ChaCha20-Poly1305", | .name = "ChaCha20-Poly1305", | ||||
| .ctxsize = sizeof(struct chacha20_poly1305_ctx), | .ctxsize = sizeof(struct chacha20_poly1305_ctx), | ||||
| .blocksize = 1, | .blocksize = 1, | ||||
| .native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | .native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | ||||
| .ivsize = CHACHA20_POLY1305_IV_LEN, | .ivsize = CHACHA20_POLY1305_IV_LEN, | ||||
| .minkey = CHACHA20_POLY1305_KEY, | .minkey = CHACHA20_POLY1305_KEY, | ||||
| .maxkey = CHACHA20_POLY1305_KEY, | .maxkey = CHACHA20_POLY1305_KEY, | ||||
| .macsize = POLY1305_HASH_LEN, | .macsize = POLY1305_HASH_LEN, | ||||
| .encrypt = chacha20_poly1305_crypt, | |||||
| .decrypt = chacha20_poly1305_crypt, | |||||
| .setkey = chacha20_poly1305_setkey, | .setkey = chacha20_poly1305_setkey, | ||||
| .reinit = chacha20_poly1305_reinit, | .reinit = chacha20_poly1305_reinit, | ||||
| .encrypt = chacha20_poly1305_crypt, | |||||
| .decrypt = chacha20_poly1305_crypt, | |||||
| .encrypt_multi = chacha20_poly1305_crypt_multi, | |||||
| .decrypt_multi = chacha20_poly1305_crypt_multi, | |||||
| .encrypt_last = chacha20_poly1305_crypt_last, | .encrypt_last = chacha20_poly1305_crypt_last, | ||||
| .decrypt_last = chacha20_poly1305_crypt_last, | .decrypt_last = chacha20_poly1305_crypt_last, | ||||
| .update = chacha20_poly1305_update, | .update = chacha20_poly1305_update, | ||||
| .final = chacha20_poly1305_final, | .final = chacha20_poly1305_final, | ||||
| }; | }; | ||||
| static int | static int | ||||
| xchacha20_poly1305_setkey(void *vctx, const uint8_t *key, int len) | xchacha20_poly1305_setkey(void *vctx, const uint8_t *key, int len) | ||||
| Show All 35 Lines | const struct enc_xform enc_xform_xchacha20_poly1305 = { | ||||
| .name = "XChaCha20-Poly1305", | .name = "XChaCha20-Poly1305", | ||||
| .ctxsize = sizeof(struct xchacha20_poly1305_ctx), | .ctxsize = sizeof(struct xchacha20_poly1305_ctx), | ||||
| .blocksize = 1, | .blocksize = 1, | ||||
| .native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | .native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | ||||
| .ivsize = XCHACHA20_POLY1305_IV_LEN, | .ivsize = XCHACHA20_POLY1305_IV_LEN, | ||||
| .minkey = XCHACHA20_POLY1305_KEY, | .minkey = XCHACHA20_POLY1305_KEY, | ||||
| .maxkey = XCHACHA20_POLY1305_KEY, | .maxkey = XCHACHA20_POLY1305_KEY, | ||||
| .macsize = POLY1305_HASH_LEN, | .macsize = POLY1305_HASH_LEN, | ||||
| .encrypt = chacha20_poly1305_crypt, | |||||
| .decrypt = chacha20_poly1305_crypt, | |||||
| .setkey = xchacha20_poly1305_setkey, | .setkey = xchacha20_poly1305_setkey, | ||||
| .reinit = xchacha20_poly1305_reinit, | .reinit = xchacha20_poly1305_reinit, | ||||
| .encrypt = chacha20_poly1305_crypt, | |||||
| .decrypt = chacha20_poly1305_crypt, | |||||
| .encrypt_multi = chacha20_poly1305_crypt_multi, | |||||
| .decrypt_multi = chacha20_poly1305_crypt_multi, | |||||
| .encrypt_last = chacha20_poly1305_crypt_last, | .encrypt_last = chacha20_poly1305_crypt_last, | ||||
| .decrypt_last = chacha20_poly1305_crypt_last, | .decrypt_last = chacha20_poly1305_crypt_last, | ||||
| .update = chacha20_poly1305_update, | .update = chacha20_poly1305_update, | ||||
| .final = chacha20_poly1305_final, | .final = chacha20_poly1305_final, | ||||
| }; | }; | ||||
Isn't it supposed to be incremented by the number of blocks?