crypto:Sync version differences

1.fix type warning for compile
2.hamc key can less than specified length
3.add new version algorithms to cryptodev
    sha256hmac
    sha384hmac
    sha512hmac
    aes128gmac

Signed-off-by: anjiahao <anjiahao@xiaomi.com>
This commit is contained in:
anjiahao 2022-10-22 15:50:43 +08:00 committed by Xiang Xiao
parent c7d347c7f0
commit acd3350554
13 changed files with 128 additions and 200 deletions

View File

@ -28,8 +28,7 @@
#include <sys/types.h>
#include <sys/systm.h>
#include <sys/stdint.h>
#include "aes.h"
#include <crypto/aes.h>
static inline void
enc32le(void *dst, uint32_t x)

View File

@ -10,7 +10,7 @@
#include <sys/types.h>
#include <sys/systm.h>
#include <crypto/cast.h>
#include <crypto/castsb.h>
#include "castsb.h"
/* Macros to access 8-bit bytes out of a 32-bit word */
#define U_INT8_Ta(x) ( (u_int8_t) (x>>24) )

View File

@ -19,7 +19,6 @@
#include <sys/systm.h>
#include <lib/libkern/libkern.h>
#include <crypto/chacha_private.h>
#include <crypto/poly1305.h>
#include <crypto/chachapoly.h>
@ -90,7 +89,7 @@ Chacha20_Poly1305_Reinit(void *xctx, const uint8_t *iv, uint16_t ivlen)
int
Chacha20_Poly1305_Update(void *xctx, const uint8_t *data, uint16_t len)
{
static const char zeroes[POLY1305_BLOCK_LEN];
static const unsigned char zeroes[POLY1305_BLOCK_LEN];
CHACHA20_POLY1305_CTX *ctx = xctx;
size_t rem;
@ -126,22 +125,22 @@ chacha20poly1305_encrypt(
const uint8_t key[CHACHA20POLY1305_KEY_SIZE]
) {
poly1305_state poly1305_ctx;
chacha_ctx chacha_ctx;
chacha_ctx ctx;
union {
uint8_t b0[CHACHA20POLY1305_KEY_SIZE];
uint64_t lens[2];
} b = { { 0 } };
uint64_t le_nonce = htole64(nonce);
chacha_keysetup(&chacha_ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
chacha_ivsetup(&chacha_ctx, (uint8_t *) &le_nonce, NULL);
chacha_encrypt_bytes(&chacha_ctx, b.b0, b.b0, sizeof(b.b0));
chacha_keysetup(&ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
chacha_ivsetup(&ctx, (uint8_t *) &le_nonce, NULL);
chacha_encrypt_bytes(&ctx, b.b0, b.b0, sizeof(b.b0));
poly1305_init(&poly1305_ctx, b.b0);
poly1305_update(&poly1305_ctx, ad, ad_len);
poly1305_update(&poly1305_ctx, pad0, (0x10 - ad_len) & 0xf);
chacha_encrypt_bytes(&chacha_ctx, (uint8_t *) src, dst, src_len);
chacha_encrypt_bytes(&ctx, (uint8_t *) src, dst, src_len);
poly1305_update(&poly1305_ctx, dst, src_len);
poly1305_update(&poly1305_ctx, pad0, (0x10 - src_len) & 0xf);
@ -152,7 +151,7 @@ chacha20poly1305_encrypt(
poly1305_finish(&poly1305_ctx, dst + src_len);
explicit_bzero(&chacha_ctx, sizeof(chacha_ctx));
explicit_bzero(&ctx, sizeof(chacha_ctx));
explicit_bzero(&b, sizeof(b));
}
@ -167,7 +166,7 @@ chacha20poly1305_decrypt(
const uint8_t key[CHACHA20POLY1305_KEY_SIZE]
) {
poly1305_state poly1305_ctx;
chacha_ctx chacha_ctx;
chacha_ctx ctx;
int ret;
size_t dst_len;
union {
@ -180,9 +179,9 @@ chacha20poly1305_decrypt(
if (src_len < CHACHA20POLY1305_AUTHTAG_SIZE)
return 0;
chacha_keysetup(&chacha_ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
chacha_ivsetup(&chacha_ctx, (uint8_t *) &le_nonce, NULL);
chacha_encrypt_bytes(&chacha_ctx, b.b0, b.b0, sizeof(b.b0));
chacha_keysetup(&ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
chacha_ivsetup(&ctx, (uint8_t *) &le_nonce, NULL);
chacha_encrypt_bytes(&ctx, b.b0, b.b0, sizeof(b.b0));
poly1305_init(&poly1305_ctx, b.b0);
poly1305_update(&poly1305_ctx, ad, ad_len);
@ -200,9 +199,9 @@ chacha20poly1305_decrypt(
ret = timingsafe_bcmp(b.mac, src + dst_len, CHACHA20POLY1305_AUTHTAG_SIZE);
if (!ret)
chacha_encrypt_bytes(&chacha_ctx, (uint8_t *) src, dst, dst_len);
chacha_encrypt_bytes(&ctx, (uint8_t *) src, dst, dst_len);
explicit_bzero(&chacha_ctx, sizeof(chacha_ctx));
explicit_bzero(&ctx, sizeof(ctx));
explicit_bzero(&b, sizeof(b));
return !ret;

View File

@ -59,9 +59,9 @@ struct csession {
u_int32_t ses;
u_int32_t cipher;
struct enc_xform *txform;
const struct enc_xform *txform;
u_int32_t mac;
struct auth_hash *thash;
const struct auth_hash *thash;
caddr_t key;
int keylen;
@ -105,8 +105,8 @@ struct csession *csefind(struct fcrypt *, u_int);
int csedelete(struct fcrypt *, struct csession *);
struct csession *cseadd(struct fcrypt *, struct csession *);
struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, u_int64_t,
caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *,
struct auth_hash *);
caddr_t, u_int64_t, u_int32_t, u_int32_t, const struct enc_xform *,
const struct auth_hash *);
int csefree(struct csession *);
int cryptodev_op(struct csession *, struct crypt_op *, struct proc *);
@ -143,8 +143,8 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
struct csession *cse;
struct session_op *sop;
struct crypt_op *cop;
struct enc_xform *txform = NULL;
struct auth_hash *thash = NULL;
const struct enc_xform *txform = NULL;
const struct auth_hash *thash = NULL;
u_int64_t sid;
u_int32_t ses;
int error = 0;
@ -155,9 +155,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
switch (sop->cipher) {
case 0:
break;
case CRYPTO_DES_CBC:
txform = &enc_xform_des;
break;
case CRYPTO_3DES_CBC:
txform = &enc_xform_3des;
break;
@ -168,7 +165,7 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
txform = &enc_xform_cast5;
break;
case CRYPTO_AES_CBC:
txform = &enc_xform_rijndael128;
txform = &enc_xform_aes;
break;
case CRYPTO_AES_CTR:
txform = &enc_xform_aes_ctr;
@ -176,9 +173,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
case CRYPTO_AES_XTS:
txform = &enc_xform_aes_xts;
break;
case CRYPTO_ARC4:
txform = &enc_xform_arc4;
break;
case CRYPTO_NULL:
txform = &enc_xform_null;
break;
@ -189,7 +183,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
switch (sop->mac) {
case 0:
break;
#if 0
case CRYPTO_MD5_HMAC:
thash = &auth_hash_hmac_md5_96;
break;
@ -199,13 +192,18 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
case CRYPTO_RIPEMD160_HMAC:
thash = &auth_hash_hmac_ripemd_160_96;
break;
case CRYPTO_MD5:
thash = &auth_hash_md5;
case CRYPTO_SHA2_256_HMAC:
thash = &auth_hash_hmac_sha2_256_128;
break;
case CRYPTO_SHA1:
thash = &auth_hash_sha1;
case CRYPTO_SHA2_384_HMAC:
thash = &auth_hash_hmac_sha2_384_192;
break;
case CRYPTO_SHA2_512_HMAC:
thash = &auth_hash_hmac_sha2_512_256;
break;
case CRYPTO_AES_128_GMAC:
thash = &auth_hash_gmac_aes_128;
break;
#endif
default:
return (EINVAL);
}
@ -234,7 +232,7 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
if (thash) {
cria.cri_alg = thash->type;
cria.cri_klen = sop->mackeylen * 8;
if (sop->mackeylen != thash->keysize) {
if (sop->mackeylen > thash->keysize) {
error = EINVAL;
goto bail;
}
@ -660,7 +658,8 @@ cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p)
{
struct file *f;
struct fcrypt *fcr;
int fd, error;
int fd;
int error = 0;
switch (cmd) {
case CRIOGET:
@ -725,7 +724,7 @@ cseadd(struct fcrypt *fcr, struct csession *cse)
struct csession *
csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac,
struct enc_xform *txform, struct auth_hash *thash)
const struct enc_xform *txform, const struct auth_hash *thash)
{
struct csession *cse;
@ -741,6 +740,7 @@ csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
cse->mac = mac;
cse->txform = txform;
cse->thash = thash;
cse->error = 0;
cseadd(fcr, cse);
return (cse);
}

View File

@ -103,7 +103,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
{
unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN], *idat;
unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
struct enc_xform *exf;
const struct enc_xform *exf;
int i, k, j, blks, ind, count, ivlen;
struct mbuf *m = NULL;
struct uio *uio = NULL;
@ -150,7 +150,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
* handling themselves.
*/
if (exf->reinit)
exf->reinit(sw->sw_kschedule, iv);
exf->reinit((caddr_t)sw->sw_kschedule, iv);
if (outtype == CRYPTO_BUF_MBUF) {
/* Find beginning of data */
@ -171,10 +171,10 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
/* Actual encryption/decryption */
if (exf->reinit) {
if (crd->crd_flags & CRD_F_ENCRYPT) {
exf->encrypt(sw->sw_kschedule,
exf->encrypt((caddr_t)sw->sw_kschedule,
blk);
} else {
exf->decrypt(sw->sw_kschedule,
exf->decrypt((caddr_t)sw->sw_kschedule,
blk);
}
} else if (crd->crd_flags & CRD_F_ENCRYPT) {
@ -182,7 +182,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
for (j = 0; j < blks; j++)
blk[j] ^= ivp[j];
exf->encrypt(sw->sw_kschedule, blk);
exf->encrypt((caddr_t)sw->sw_kschedule, blk);
/*
* Keep encrypted block for XOR'ing
@ -198,7 +198,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
nivp = (ivp == iv) ? iv2 : iv;
bcopy(blk, nivp, blks);
exf->decrypt(sw->sw_kschedule, blk);
exf->decrypt((caddr_t)sw->sw_kschedule, blk);
/* XOR with previous block */
for (j = 0; j < blks; j++)
@ -422,7 +422,7 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
struct swcr_data *sw, caddr_t buf, int outtype)
{
unsigned char aalg[AALG_MAX_RESULT_LEN];
struct auth_hash *axf;
const struct auth_hash *axf;
union authctx ctx;
int err;
@ -464,27 +464,13 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
axf->Update(&ctx, aalg, axf->hashsize);
axf->Final(aalg, &ctx);
break;
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
if (sw->sw_octx == NULL)
return EINVAL;
axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
axf->Final(aalg, &ctx);
break;
case CRYPTO_MD5:
case CRYPTO_SHA1:
axf->Final(aalg, &ctx);
break;
}
/* Inject the authentication data */
if (outtype == CRYPTO_BUF_MBUF)
COPYBACK(outtype, buf, crd->crd_inject, axf->authsize, aalg);
COPYBACK(outtype, buf, crd->crd_inject, axf->hashsize, aalg);
else
bcopy(aalg, crp->crp_mac, axf->authsize);
bcopy(aalg, crp->crp_mac, axf->hashsize);
return 0;
}
@ -502,8 +488,8 @@ swcr_authenc(struct cryptop *crp)
union authctx ctx;
struct cryptodesc *crd, *crda = NULL, *crde = NULL;
struct swcr_data *sw, *swa, *swe = NULL;
struct auth_hash *axf = NULL;
struct enc_xform *exf = NULL;
const struct auth_hash *axf = NULL;
const struct enc_xform *exf = NULL;
struct mbuf *m = NULL;
struct uio *uio = NULL;
caddr_t buf = (caddr_t)crp->crp_buf;
@ -523,6 +509,7 @@ swcr_authenc(struct cryptop *crp)
switch (sw->sw_alg) {
case CRYPTO_AES_GCM_16:
case CRYPTO_AES_GMAC:
case CRYPTO_CHACHA20_POLY1305:
swe = sw;
crde = crd;
exf = swe->sw_exf;
@ -531,6 +518,7 @@ swcr_authenc(struct cryptop *crp)
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
case CRYPTO_CHACHA20_POLY1305_MAC:
swa = sw;
crda = crd;
axf = swa->sw_axf;
@ -609,7 +597,7 @@ swcr_authenc(struct cryptop *crp)
}
if (exf->reinit)
exf->reinit(swe->sw_kschedule, iv);
exf->reinit((caddr_t)swe->sw_kschedule, iv);
/* Do encryption/decryption with MAC */
for (i = 0; i < crde->crd_len; i += blksz) {
@ -618,11 +606,11 @@ swcr_authenc(struct cryptop *crp)
bzero(blk, blksz);
COPYDATA(outtype, buf, crde->crd_skip + i, len, blk);
if (crde->crd_flags & CRD_F_ENCRYPT) {
exf->encrypt(swe->sw_kschedule, blk);
exf->encrypt((caddr_t)swe->sw_kschedule, blk);
axf->Update(&ctx, blk, len);
} else {
axf->Update(&ctx, blk, len);
exf->decrypt(swe->sw_kschedule, blk);
exf->decrypt((caddr_t)swe->sw_kschedule, blk);
}
COPYBACK(outtype, buf, crde->crd_skip + i, len, blk);
}
@ -640,6 +628,15 @@ swcr_authenc(struct cryptop *crp)
*blkp = htobe32(crde->crd_len * 8);
axf->Update(&ctx, blk, blksz);
break;
case CRYPTO_CHACHA20_POLY1305_MAC:
/* length block */
bzero(blk, axf->hashsize);
blkp = (uint32_t *)blk;
*blkp = htole32(aadlen);
blkp = (uint32_t *)blk + 2;
*blkp = htole32(crde->crd_len);
axf->Update(&ctx, blk, axf->hashsize);
break;
}
/* Finalize MAC */
@ -662,7 +659,7 @@ swcr_compdec(struct cryptodesc *crd, struct swcr_data *sw,
caddr_t buf, int outtype)
{
u_int8_t *data, *out;
struct comp_algo *cxf;
const struct comp_algo *cxf;
int adj;
u_int32_t result;
@ -737,9 +734,9 @@ int
swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
{
struct swcr_data **swd;
struct auth_hash *axf;
struct enc_xform *txf;
struct comp_algo *cxf;
const struct auth_hash *axf;
const struct enc_xform *txf;
const struct comp_algo *cxf;
u_int32_t i;
int k;
@ -792,9 +789,6 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
}
switch (cri->cri_alg) {
case CRYPTO_DES_CBC:
txf = &enc_xform_des;
goto enccommon;
case CRYPTO_3DES_CBC:
txf = &enc_xform_3des;
goto enccommon;
@ -804,8 +798,8 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
case CRYPTO_CAST_CBC:
txf = &enc_xform_cast5;
goto enccommon;
case CRYPTO_RIJNDAEL128_CBC:
txf = &enc_xform_rijndael128;
case CRYPTO_AES_CBC:
txf = &enc_xform_aes;
goto enccommon;
case CRYPTO_AES_CTR:
txf = &enc_xform_aes_ctr;
@ -820,6 +814,9 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
txf = &enc_xform_aes_gmac;
(*swd)->sw_exf = txf;
break;
case CRYPTO_CHACHA20_POLY1305:
txf = &enc_xform_chacha20_poly1305;
goto enccommon;
case CRYPTO_NULL:
txf = &enc_xform_null;
goto enccommon;
@ -832,8 +829,9 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
return EINVAL;
}
}
if (txf->setkey((*swd)->sw_kschedule, cri->cri_key,
cri->cri_klen / 8) < 0) {
if (txf->setkey((*swd)->sw_kschedule,
(uint8_t *)cri->cri_key,
cri->cri_klen / 8) < 0) {
swcr_freesession(i);
return EINVAL;
}
@ -876,7 +874,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
cri->cri_key[k] ^= HMAC_IPAD_VAL;
axf->Init((*swd)->sw_ictx);
axf->Update((*swd)->sw_ictx, cri->cri_key,
axf->Update((*swd)->sw_ictx, (uint8_t *)cri->cri_key,
cri->cri_klen / 8);
axf->Update((*swd)->sw_ictx, hmac_ipad_buffer,
axf->blocksize - (cri->cri_klen / 8));
@ -885,7 +883,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
cri->cri_key[k] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
axf->Init((*swd)->sw_octx);
axf->Update((*swd)->sw_octx, cri->cri_key,
axf->Update((*swd)->sw_octx, (uint8_t *)cri->cri_key,
cri->cri_klen / 8);
axf->Update((*swd)->sw_octx, hmac_opad_buffer,
axf->blocksize - (cri->cri_klen / 8));
@ -895,55 +893,6 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
(*swd)->sw_axf = axf;
break;
case CRYPTO_MD5_KPDK:
axf = &auth_hash_key_md5;
goto auth2common;
case CRYPTO_SHA1_KPDK:
axf = &auth_hash_key_sha1;
auth2common:
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
M_NOWAIT);
if ((*swd)->sw_ictx == NULL) {
swcr_freesession(i);
return ENOBUFS;
}
/* Store the key so we can "append" it to the payload */
(*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA,
M_NOWAIT);
if ((*swd)->sw_octx == NULL) {
swcr_freesession(i);
return ENOBUFS;
}
(*swd)->sw_klen = cri->cri_klen / 8;
bcopy(cri->cri_key, (*swd)->sw_octx, cri->cri_klen / 8);
axf->Init((*swd)->sw_ictx);
axf->Update((*swd)->sw_ictx, cri->cri_key,
cri->cri_klen / 8);
axf->Final(NULL, (*swd)->sw_ictx);
(*swd)->sw_axf = axf;
break;
case CRYPTO_MD5:
axf = &auth_hash_md5;
goto auth3common;
case CRYPTO_SHA1:
axf = &auth_hash_sha1;
auth3common:
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
M_NOWAIT);
if ((*swd)->sw_ictx == NULL) {
swcr_freesession(i);
return ENOBUFS;
}
axf->Init((*swd)->sw_ictx);
(*swd)->sw_axf = axf;
break;
case CRYPTO_AES_128_GMAC:
axf = &auth_hash_gmac_aes_128;
goto auth4common;
@ -954,6 +903,11 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
case CRYPTO_AES_256_GMAC:
axf = &auth_hash_gmac_aes_256;
goto auth4common;
case CRYPTO_CHACHA20_POLY1305_MAC:
axf = &auth_hash_chacha20_poly1305;
auth4common:
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
M_NOWAIT);
@ -962,7 +916,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
return ENOBUFS;
}
axf->Init((*swd)->sw_ictx);
axf->Setkey((*swd)->sw_ictx, cri->cri_key,
axf->Setkey((*swd)->sw_ictx, (uint8_t *)cri->cri_key,
cri->cri_klen / 8);
(*swd)->sw_axf = axf;
break;
@ -993,8 +947,8 @@ int
swcr_freesession(u_int64_t tid)
{
struct swcr_data *swd;
struct enc_xform *txf;
struct auth_hash *axf;
const struct enc_xform *txf;
const struct auth_hash *axf;
u_int32_t sid = ((u_int32_t) tid) & 0xffffffff;
if (sid > swcr_sesnum || swcr_sessions == NULL ||
@ -1009,7 +963,6 @@ swcr_freesession(u_int64_t tid)
swcr_sessions[sid] = swd->sw_next;
switch (swd->sw_alg) {
case CRYPTO_DES_CBC:
case CRYPTO_3DES_CBC:
case CRYPTO_BLF_CBC:
case CRYPTO_CAST_CBC:
@ -1018,6 +971,7 @@ swcr_freesession(u_int64_t tid)
case CRYPTO_AES_XTS:
case CRYPTO_AES_GCM_16:
case CRYPTO_AES_GMAC:
case CRYPTO_CHACHA20_POLY1305:
case CRYPTO_NULL:
txf = swd->sw_exf;
@ -1045,25 +999,10 @@ swcr_freesession(u_int64_t tid)
}
break;
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
axf = swd->sw_axf;
if (swd->sw_ictx) {
explicit_bzero(swd->sw_ictx, axf->ctxsize);
free(swd->sw_ictx, M_CRYPTO_DATA, 0);
}
if (swd->sw_octx) {
explicit_bzero(swd->sw_octx, swd->sw_klen);
free(swd->sw_octx, M_CRYPTO_DATA, 0);
}
break;
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
case CRYPTO_MD5:
case CRYPTO_SHA1:
case CRYPTO_CHACHA20_POLY1305_MAC:
axf = swd->sw_axf;
if (swd->sw_ictx) {
@ -1135,7 +1074,6 @@ swcr_process(struct cryptop *crp)
switch (sw->sw_alg) {
case CRYPTO_NULL:
break;
case CRYPTO_DES_CBC:
case CRYPTO_3DES_CBC:
case CRYPTO_BLF_CBC:
case CRYPTO_CAST_CBC:
@ -1152,10 +1090,6 @@ swcr_process(struct cryptop *crp)
case CRYPTO_SHA2_256_HMAC:
case CRYPTO_SHA2_384_HMAC:
case CRYPTO_SHA2_512_HMAC:
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
case CRYPTO_MD5:
case CRYPTO_SHA1:
if ((crp->crp_etype = swcr_authcompute(crp, crd, sw,
crp->crp_buf, type)) != 0)
goto done;
@ -1166,6 +1100,8 @@ swcr_process(struct cryptop *crp)
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
case CRYPTO_CHACHA20_POLY1305:
case CRYPTO_CHACHA20_POLY1305_MAC:
crp->crp_etype = swcr_authenc(crp);
goto done;
@ -1207,17 +1143,12 @@ swcr_init(void)
bzero(algs, sizeof(algs));
algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_BLF_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_CAST_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_MD5_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_XTS] = CRYPTO_ALG_FLAG_SUPPORTED;
@ -1231,6 +1162,8 @@ swcr_init(void)
algs[CRYPTO_AES_128_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_192_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_256_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_CHACHA20_POLY1305] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_CHACHA20_POLY1305_MAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_ESN] = CRYPTO_ALG_FLAG_SUPPORTED;
crypto_register(swcr_id, algs, swcr_newsession,

View File

@ -68,7 +68,7 @@ typedef struct des_ks_struct
#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
void des_encrypt2(u_int32_t *data,des_key_schedule ks, int enc);
void des_encrypt2(u_int32_t *data,caddr_t ks, int enc);
#define ITERATIONS 16

View File

@ -50,8 +50,8 @@
#include "des_locl.h"
void
des_ecb3_encrypt(des_cblock (*input), des_cblock (*output),
des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3,
des_ecb3_encrypt(caddr_t (*input), caddr_t (*output),
caddr_t ks1, caddr_t ks2, caddr_t ks3,
int encrypt)
{
register u_int32_t l0, l1;

View File

@ -51,7 +51,7 @@
#include "spr.h"
void
des_encrypt2(u_int32_t *data, des_key_schedule ks, int encrypt)
des_encrypt2(u_int32_t *data, caddr_t ks, int encrypt)
{
register u_int32_t l, r, t, u;
#ifdef DES_USE_PTR

View File

@ -61,7 +61,7 @@ aes_key_wrap(aes_key_wrap_ctx *ctx, const u_int8_t *P, size_t n, u_int8_t *C)
memcpy(&B[0], A, 8);
memcpy(&B[1], R, 8);
/* B = AES(K, B) */
AES_Encrypt(&ctx->ctx, (caddr_t)B, (caddr_t)B);
AES_Encrypt(&ctx->ctx, (uint8_t *)B, (uint8_t *)B);
/* MSB(64, B) = MSB(64, B) ^ t */
B[0] ^= htobe64(t);
/* A = MSB(64, B) */
@ -96,7 +96,7 @@ aes_key_unwrap(aes_key_wrap_ctx *ctx, const u_int8_t *C, u_int8_t *P, size_t n)
/* B = MSB(64, B) | R[i] */
memcpy(&B[1], R, 8);
/* B = AES-1(K, B) */
AES_Decrypt(&ctx->ctx, (caddr_t)B, (caddr_t)B);
AES_Decrypt(&ctx->ctx, (uint8_t *)B, (uint8_t *)B);
/* A = MSB(64, B) */
memcpy(A, &B[0], 8);
/* R[i] = LSB(64, B) */

View File

@ -8,7 +8,7 @@
#include <sys/types.h>
#include <sys/systm.h>
#include "poly1305.h"
#include <crypto/poly1305.h>
/*
* poly1305 implementation using 32 bit * 32 bit = 64 bit multiplication

View File

@ -66,6 +66,8 @@
#include <crypto/gmac.h>
#include <crypto/chachapoly.h>
#include "des_locl.h"
extern void des_ecb3_encrypt(caddr_t, caddr_t, caddr_t, caddr_t, caddr_t, int);
int des_set_key(void *, caddr_t);
@ -311,13 +313,13 @@ const struct comp_algo comp_algo_deflate = {
void
des3_encrypt(caddr_t key, u_int8_t *blk)
{
des_ecb3_encrypt(blk, blk, key, key + 128, key + 256, 1);
des_ecb3_encrypt((caddr_t)blk, (caddr_t)blk, key, key + 128, key + 256, 1);
}
void
des3_decrypt(caddr_t key, u_int8_t *blk)
{
des_ecb3_encrypt(blk, blk, key + 256, key + 128, key, 0);
des_ecb3_encrypt((caddr_t)blk, (caddr_t)blk, key + 256, key + 128, key, 0);
}
int

View File

@ -82,35 +82,30 @@
/* Maximum hash algorithm result length */
#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
#define CRYPTO_DES_CBC 1
#define CRYPTO_3DES_CBC 2
#define CRYPTO_BLF_CBC 3
#define CRYPTO_CAST_CBC 4
#define CRYPTO_MD5_HMAC 6
#define CRYPTO_SHA1_HMAC 7
#define CRYPTO_RIPEMD160_HMAC 8
#define CRYPTO_MD5_KPDK 9
#define CRYPTO_SHA1_KPDK 10
#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
#define CRYPTO_ARC4 12
#define CRYPTO_MD5 13
#define CRYPTO_SHA1 14
#define CRYPTO_DEFLATE_COMP 15 /* Deflate compression algorithm */
#define CRYPTO_NULL 16
#define CRYPTO_LZS_COMP 17 /* LZS compression algorithm */
#define CRYPTO_SHA2_256_HMAC 18
#define CRYPTO_SHA2_384_HMAC 19
#define CRYPTO_SHA2_512_HMAC 20
#define CRYPTO_AES_CTR 21
#define CRYPTO_AES_XTS 22
#define CRYPTO_AES_GCM_16 23
#define CRYPTO_AES_128_GMAC 24
#define CRYPTO_AES_192_GMAC 25
#define CRYPTO_AES_256_GMAC 26
#define CRYPTO_AES_GMAC 27
#define CRYPTO_ESN 28 /* Support for Extended Sequence Numbers */
#define CRYPTO_ALGORITHM_MAX 28 /* Keep updated */
#define CRYPTO_3DES_CBC 1
#define CRYPTO_BLF_CBC 2
#define CRYPTO_CAST_CBC 3
#define CRYPTO_MD5_HMAC 4
#define CRYPTO_SHA1_HMAC 5
#define CRYPTO_RIPEMD160_HMAC 6
#define CRYPTO_RIJNDAEL128_CBC 7 /* 128 bit blocksize */
#define CRYPTO_AES_CBC 7 /* 128 bit blocksize -- the same as above */
#define CRYPTO_DEFLATE_COMP 8 /* Deflate compression algorithm */
#define CRYPTO_NULL 9
#define CRYPTO_SHA2_256_HMAC 11
#define CRYPTO_SHA2_384_HMAC 12
#define CRYPTO_SHA2_512_HMAC 13
#define CRYPTO_AES_CTR 14
#define CRYPTO_AES_XTS 15
#define CRYPTO_AES_GCM_16 16
#define CRYPTO_AES_128_GMAC 17
#define CRYPTO_AES_192_GMAC 18
#define CRYPTO_AES_256_GMAC 19
#define CRYPTO_AES_GMAC 20
#define CRYPTO_CHACHA20_POLY1305 21
#define CRYPTO_CHACHA20_POLY1305_MAC 22
#define CRYPTO_ESN 23 /* Support for Extended Sequence Numbers */
#define CRYPTO_ALGORITHM_MAX 23 /* Keep updated */
/* Algorithm flags */
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */

View File

@ -32,15 +32,15 @@ struct swcr_data {
u_int8_t *SW_ictx;
u_int8_t *SW_octx;
u_int32_t SW_klen;
struct auth_hash *SW_axf;
const struct auth_hash *SW_axf;
} SWCR_AUTH;
struct {
u_int8_t *SW_kschedule;
struct enc_xform *SW_exf;
const struct enc_xform *SW_exf;
} SWCR_ENC;
struct {
u_int32_t SW_size;
struct comp_algo *SW_cxf;
const struct comp_algo *SW_cxf;
} SWCR_COMP;
} SWCR_UN;