Changeset View
Changeset View
Standalone View
Standalone View
sys/opencrypto/xform_chacha20_poly1305.c
Show First 20 Lines • Show All 93 Lines • ▼ Show 20 Lines | chacha20_poly1305_crypt(void *vctx, const uint8_t *in, uint8_t *out) | ||||
else | else | ||||
error = crypto_stream_chacha20_xor_ic(out, in, | error = crypto_stream_chacha20_xor_ic(out, in, | ||||
CHACHA20_NATIVE_BLOCK_LEN, ctx->nonce, ctx->ic, ctx->key); | CHACHA20_NATIVE_BLOCK_LEN, ctx->nonce, ctx->ic, ctx->key); | ||||
KASSERT(error == 0, ("%s failed: %d", __func__, error)); | KASSERT(error == 0, ("%s failed: %d", __func__, error)); | ||||
ctx->ic++; | ctx->ic++; | ||||
} | } | ||||
static void | static void | ||||
chacha20_poly1305_crypt_multi(void *vctx, const uint8_t *in, uint8_t *out, size_t len) | |||||
{ | |||||
struct chacha20_poly1305_ctx *ctx = vctx; | |||||
int error __diagused; | |||||
KASSERT(len % CHACHA20_NATIVE_BLOCK_LEN == 0, ("%s: invalid length", | |||||
__func__)); | |||||
if (ctx->ietf) | |||||
error = crypto_stream_chacha20_ietf_xor_ic(out, in, len, | |||||
ctx->nonce, ctx->ic, ctx->key); | |||||
else | |||||
error = crypto_stream_chacha20_xor_ic(out, in, len, ctx->nonce, | |||||
ctx->ic, ctx->key); | |||||
markj: Isn't it supposed to be incremented by the number of blocks? | |||||
Done Inline ActionsOoh, yes. jhb: Ooh, yes. | |||||
Done Inline ActionsUnfortunately I wasn't able to test this via cryptocheck since I've only changed "plain" ciphers to use the multi hooks so far. :-/ I might need to go ahead and convert the AEAD ciphers to use multi just so I can get test coverage. jhb: Unfortunately I wasn't able to test this via cryptocheck since I've only changed "plain"… | |||||
KASSERT(error == 0, ("%s failed: %d", __func__, error)); | |||||
ctx->ic += len / CHACHA20_NATIVE_BLOCK_LEN; | |||||
} | |||||
static void | |||||
chacha20_poly1305_crypt_last(void *vctx, const uint8_t *in, uint8_t *out, | chacha20_poly1305_crypt_last(void *vctx, const uint8_t *in, uint8_t *out, | ||||
size_t len) | size_t len) | ||||
{ | { | ||||
struct chacha20_poly1305_ctx *ctx = vctx; | struct chacha20_poly1305_ctx *ctx = vctx; | ||||
int error __diagused; | int error __diagused; | ||||
if (ctx->ietf) | if (ctx->ietf) | ||||
Show All 27 Lines | const struct enc_xform enc_xform_chacha20_poly1305 = { | ||||
.name = "ChaCha20-Poly1305", | .name = "ChaCha20-Poly1305", | ||||
.ctxsize = sizeof(struct chacha20_poly1305_ctx), | .ctxsize = sizeof(struct chacha20_poly1305_ctx), | ||||
.blocksize = 1, | .blocksize = 1, | ||||
.native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | .native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | ||||
.ivsize = CHACHA20_POLY1305_IV_LEN, | .ivsize = CHACHA20_POLY1305_IV_LEN, | ||||
.minkey = CHACHA20_POLY1305_KEY, | .minkey = CHACHA20_POLY1305_KEY, | ||||
.maxkey = CHACHA20_POLY1305_KEY, | .maxkey = CHACHA20_POLY1305_KEY, | ||||
.macsize = POLY1305_HASH_LEN, | .macsize = POLY1305_HASH_LEN, | ||||
.encrypt = chacha20_poly1305_crypt, | |||||
.decrypt = chacha20_poly1305_crypt, | |||||
.setkey = chacha20_poly1305_setkey, | .setkey = chacha20_poly1305_setkey, | ||||
.reinit = chacha20_poly1305_reinit, | .reinit = chacha20_poly1305_reinit, | ||||
.encrypt = chacha20_poly1305_crypt, | |||||
.decrypt = chacha20_poly1305_crypt, | |||||
.encrypt_multi = chacha20_poly1305_crypt_multi, | |||||
.decrypt_multi = chacha20_poly1305_crypt_multi, | |||||
.encrypt_last = chacha20_poly1305_crypt_last, | .encrypt_last = chacha20_poly1305_crypt_last, | ||||
.decrypt_last = chacha20_poly1305_crypt_last, | .decrypt_last = chacha20_poly1305_crypt_last, | ||||
.update = chacha20_poly1305_update, | .update = chacha20_poly1305_update, | ||||
.final = chacha20_poly1305_final, | .final = chacha20_poly1305_final, | ||||
}; | }; | ||||
static int | static int | ||||
xchacha20_poly1305_setkey(void *vctx, const uint8_t *key, int len) | xchacha20_poly1305_setkey(void *vctx, const uint8_t *key, int len) | ||||
Show All 35 Lines | const struct enc_xform enc_xform_xchacha20_poly1305 = { | ||||
.name = "XChaCha20-Poly1305", | .name = "XChaCha20-Poly1305", | ||||
.ctxsize = sizeof(struct xchacha20_poly1305_ctx), | .ctxsize = sizeof(struct xchacha20_poly1305_ctx), | ||||
.blocksize = 1, | .blocksize = 1, | ||||
.native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | .native_blocksize = CHACHA20_NATIVE_BLOCK_LEN, | ||||
.ivsize = XCHACHA20_POLY1305_IV_LEN, | .ivsize = XCHACHA20_POLY1305_IV_LEN, | ||||
.minkey = XCHACHA20_POLY1305_KEY, | .minkey = XCHACHA20_POLY1305_KEY, | ||||
.maxkey = XCHACHA20_POLY1305_KEY, | .maxkey = XCHACHA20_POLY1305_KEY, | ||||
.macsize = POLY1305_HASH_LEN, | .macsize = POLY1305_HASH_LEN, | ||||
.encrypt = chacha20_poly1305_crypt, | |||||
.decrypt = chacha20_poly1305_crypt, | |||||
.setkey = xchacha20_poly1305_setkey, | .setkey = xchacha20_poly1305_setkey, | ||||
.reinit = xchacha20_poly1305_reinit, | .reinit = xchacha20_poly1305_reinit, | ||||
.encrypt = chacha20_poly1305_crypt, | |||||
.decrypt = chacha20_poly1305_crypt, | |||||
.encrypt_multi = chacha20_poly1305_crypt_multi, | |||||
.decrypt_multi = chacha20_poly1305_crypt_multi, | |||||
.encrypt_last = chacha20_poly1305_crypt_last, | .encrypt_last = chacha20_poly1305_crypt_last, | ||||
.decrypt_last = chacha20_poly1305_crypt_last, | .decrypt_last = chacha20_poly1305_crypt_last, | ||||
.update = chacha20_poly1305_update, | .update = chacha20_poly1305_update, | ||||
.final = chacha20_poly1305_final, | .final = chacha20_poly1305_final, | ||||
}; | }; |
Isn't it supposed to be incremented by the number of blocks?