crypto:Sync version differences
1.fix type warning for compile 2.hamc key can less than specified length 3.add new version algorithms to cryptodev sha256hmac sha384hmac sha512hmac aes128gmac Signed-off-by: anjiahao <anjiahao@xiaomi.com>
This commit is contained in:
parent
c7d347c7f0
commit
acd3350554
@ -28,8 +28,7 @@
|
||||
#include <sys/types.h>
|
||||
#include <sys/systm.h>
|
||||
#include <sys/stdint.h>
|
||||
|
||||
#include "aes.h"
|
||||
#include <crypto/aes.h>
|
||||
|
||||
static inline void
|
||||
enc32le(void *dst, uint32_t x)
|
||||
|
@ -10,7 +10,7 @@
|
||||
#include <sys/types.h>
|
||||
#include <sys/systm.h>
|
||||
#include <crypto/cast.h>
|
||||
#include <crypto/castsb.h>
|
||||
#include "castsb.h"
|
||||
|
||||
/* Macros to access 8-bit bytes out of a 32-bit word */
|
||||
#define U_INT8_Ta(x) ( (u_int8_t) (x>>24) )
|
||||
|
@ -19,7 +19,6 @@
|
||||
#include <sys/systm.h>
|
||||
#include <lib/libkern/libkern.h>
|
||||
|
||||
#include <crypto/chacha_private.h>
|
||||
#include <crypto/poly1305.h>
|
||||
#include <crypto/chachapoly.h>
|
||||
|
||||
@ -90,7 +89,7 @@ Chacha20_Poly1305_Reinit(void *xctx, const uint8_t *iv, uint16_t ivlen)
|
||||
int
|
||||
Chacha20_Poly1305_Update(void *xctx, const uint8_t *data, uint16_t len)
|
||||
{
|
||||
static const char zeroes[POLY1305_BLOCK_LEN];
|
||||
static const unsigned char zeroes[POLY1305_BLOCK_LEN];
|
||||
CHACHA20_POLY1305_CTX *ctx = xctx;
|
||||
size_t rem;
|
||||
|
||||
@ -126,22 +125,22 @@ chacha20poly1305_encrypt(
|
||||
const uint8_t key[CHACHA20POLY1305_KEY_SIZE]
|
||||
) {
|
||||
poly1305_state poly1305_ctx;
|
||||
chacha_ctx chacha_ctx;
|
||||
chacha_ctx ctx;
|
||||
union {
|
||||
uint8_t b0[CHACHA20POLY1305_KEY_SIZE];
|
||||
uint64_t lens[2];
|
||||
} b = { { 0 } };
|
||||
uint64_t le_nonce = htole64(nonce);
|
||||
|
||||
chacha_keysetup(&chacha_ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
|
||||
chacha_ivsetup(&chacha_ctx, (uint8_t *) &le_nonce, NULL);
|
||||
chacha_encrypt_bytes(&chacha_ctx, b.b0, b.b0, sizeof(b.b0));
|
||||
chacha_keysetup(&ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
|
||||
chacha_ivsetup(&ctx, (uint8_t *) &le_nonce, NULL);
|
||||
chacha_encrypt_bytes(&ctx, b.b0, b.b0, sizeof(b.b0));
|
||||
poly1305_init(&poly1305_ctx, b.b0);
|
||||
|
||||
poly1305_update(&poly1305_ctx, ad, ad_len);
|
||||
poly1305_update(&poly1305_ctx, pad0, (0x10 - ad_len) & 0xf);
|
||||
|
||||
chacha_encrypt_bytes(&chacha_ctx, (uint8_t *) src, dst, src_len);
|
||||
chacha_encrypt_bytes(&ctx, (uint8_t *) src, dst, src_len);
|
||||
|
||||
poly1305_update(&poly1305_ctx, dst, src_len);
|
||||
poly1305_update(&poly1305_ctx, pad0, (0x10 - src_len) & 0xf);
|
||||
@ -152,7 +151,7 @@ chacha20poly1305_encrypt(
|
||||
|
||||
poly1305_finish(&poly1305_ctx, dst + src_len);
|
||||
|
||||
explicit_bzero(&chacha_ctx, sizeof(chacha_ctx));
|
||||
explicit_bzero(&ctx, sizeof(chacha_ctx));
|
||||
explicit_bzero(&b, sizeof(b));
|
||||
}
|
||||
|
||||
@ -167,7 +166,7 @@ chacha20poly1305_decrypt(
|
||||
const uint8_t key[CHACHA20POLY1305_KEY_SIZE]
|
||||
) {
|
||||
poly1305_state poly1305_ctx;
|
||||
chacha_ctx chacha_ctx;
|
||||
chacha_ctx ctx;
|
||||
int ret;
|
||||
size_t dst_len;
|
||||
union {
|
||||
@ -180,9 +179,9 @@ chacha20poly1305_decrypt(
|
||||
if (src_len < CHACHA20POLY1305_AUTHTAG_SIZE)
|
||||
return 0;
|
||||
|
||||
chacha_keysetup(&chacha_ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
|
||||
chacha_ivsetup(&chacha_ctx, (uint8_t *) &le_nonce, NULL);
|
||||
chacha_encrypt_bytes(&chacha_ctx, b.b0, b.b0, sizeof(b.b0));
|
||||
chacha_keysetup(&ctx, key, CHACHA20POLY1305_KEY_SIZE * 8);
|
||||
chacha_ivsetup(&ctx, (uint8_t *) &le_nonce, NULL);
|
||||
chacha_encrypt_bytes(&ctx, b.b0, b.b0, sizeof(b.b0));
|
||||
poly1305_init(&poly1305_ctx, b.b0);
|
||||
|
||||
poly1305_update(&poly1305_ctx, ad, ad_len);
|
||||
@ -200,9 +199,9 @@ chacha20poly1305_decrypt(
|
||||
|
||||
ret = timingsafe_bcmp(b.mac, src + dst_len, CHACHA20POLY1305_AUTHTAG_SIZE);
|
||||
if (!ret)
|
||||
chacha_encrypt_bytes(&chacha_ctx, (uint8_t *) src, dst, dst_len);
|
||||
chacha_encrypt_bytes(&ctx, (uint8_t *) src, dst, dst_len);
|
||||
|
||||
explicit_bzero(&chacha_ctx, sizeof(chacha_ctx));
|
||||
explicit_bzero(&ctx, sizeof(ctx));
|
||||
explicit_bzero(&b, sizeof(b));
|
||||
|
||||
return !ret;
|
||||
|
@ -59,9 +59,9 @@ struct csession {
|
||||
u_int32_t ses;
|
||||
|
||||
u_int32_t cipher;
|
||||
struct enc_xform *txform;
|
||||
const struct enc_xform *txform;
|
||||
u_int32_t mac;
|
||||
struct auth_hash *thash;
|
||||
const struct auth_hash *thash;
|
||||
|
||||
caddr_t key;
|
||||
int keylen;
|
||||
@ -105,8 +105,8 @@ struct csession *csefind(struct fcrypt *, u_int);
|
||||
int csedelete(struct fcrypt *, struct csession *);
|
||||
struct csession *cseadd(struct fcrypt *, struct csession *);
|
||||
struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, u_int64_t,
|
||||
caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *,
|
||||
struct auth_hash *);
|
||||
caddr_t, u_int64_t, u_int32_t, u_int32_t, const struct enc_xform *,
|
||||
const struct auth_hash *);
|
||||
int csefree(struct csession *);
|
||||
|
||||
int cryptodev_op(struct csession *, struct crypt_op *, struct proc *);
|
||||
@ -143,8 +143,8 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
struct csession *cse;
|
||||
struct session_op *sop;
|
||||
struct crypt_op *cop;
|
||||
struct enc_xform *txform = NULL;
|
||||
struct auth_hash *thash = NULL;
|
||||
const struct enc_xform *txform = NULL;
|
||||
const struct auth_hash *thash = NULL;
|
||||
u_int64_t sid;
|
||||
u_int32_t ses;
|
||||
int error = 0;
|
||||
@ -155,9 +155,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
switch (sop->cipher) {
|
||||
case 0:
|
||||
break;
|
||||
case CRYPTO_DES_CBC:
|
||||
txform = &enc_xform_des;
|
||||
break;
|
||||
case CRYPTO_3DES_CBC:
|
||||
txform = &enc_xform_3des;
|
||||
break;
|
||||
@ -168,7 +165,7 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
txform = &enc_xform_cast5;
|
||||
break;
|
||||
case CRYPTO_AES_CBC:
|
||||
txform = &enc_xform_rijndael128;
|
||||
txform = &enc_xform_aes;
|
||||
break;
|
||||
case CRYPTO_AES_CTR:
|
||||
txform = &enc_xform_aes_ctr;
|
||||
@ -176,9 +173,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
case CRYPTO_AES_XTS:
|
||||
txform = &enc_xform_aes_xts;
|
||||
break;
|
||||
case CRYPTO_ARC4:
|
||||
txform = &enc_xform_arc4;
|
||||
break;
|
||||
case CRYPTO_NULL:
|
||||
txform = &enc_xform_null;
|
||||
break;
|
||||
@ -189,7 +183,6 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
switch (sop->mac) {
|
||||
case 0:
|
||||
break;
|
||||
#if 0
|
||||
case CRYPTO_MD5_HMAC:
|
||||
thash = &auth_hash_hmac_md5_96;
|
||||
break;
|
||||
@ -199,13 +192,18 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
case CRYPTO_RIPEMD160_HMAC:
|
||||
thash = &auth_hash_hmac_ripemd_160_96;
|
||||
break;
|
||||
case CRYPTO_MD5:
|
||||
thash = &auth_hash_md5;
|
||||
case CRYPTO_SHA2_256_HMAC:
|
||||
thash = &auth_hash_hmac_sha2_256_128;
|
||||
break;
|
||||
case CRYPTO_SHA1:
|
||||
thash = &auth_hash_sha1;
|
||||
case CRYPTO_SHA2_384_HMAC:
|
||||
thash = &auth_hash_hmac_sha2_384_192;
|
||||
break;
|
||||
case CRYPTO_SHA2_512_HMAC:
|
||||
thash = &auth_hash_hmac_sha2_512_256;
|
||||
break;
|
||||
case CRYPTO_AES_128_GMAC:
|
||||
thash = &auth_hash_gmac_aes_128;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
return (EINVAL);
|
||||
}
|
||||
@ -234,7 +232,7 @@ cryptof_ioctl(struct file *fp, u_long cmd, caddr_t data, struct proc *p)
|
||||
if (thash) {
|
||||
cria.cri_alg = thash->type;
|
||||
cria.cri_klen = sop->mackeylen * 8;
|
||||
if (sop->mackeylen != thash->keysize) {
|
||||
if (sop->mackeylen > thash->keysize) {
|
||||
error = EINVAL;
|
||||
goto bail;
|
||||
}
|
||||
@ -660,7 +658,8 @@ cryptoioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p)
|
||||
{
|
||||
struct file *f;
|
||||
struct fcrypt *fcr;
|
||||
int fd, error;
|
||||
int fd;
|
||||
int error = 0;
|
||||
|
||||
switch (cmd) {
|
||||
case CRIOGET:
|
||||
@ -725,7 +724,7 @@ cseadd(struct fcrypt *fcr, struct csession *cse)
|
||||
struct csession *
|
||||
csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
|
||||
caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac,
|
||||
struct enc_xform *txform, struct auth_hash *thash)
|
||||
const struct enc_xform *txform, const struct auth_hash *thash)
|
||||
{
|
||||
struct csession *cse;
|
||||
|
||||
@ -741,6 +740,7 @@ csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
|
||||
cse->mac = mac;
|
||||
cse->txform = txform;
|
||||
cse->thash = thash;
|
||||
cse->error = 0;
|
||||
cseadd(fcr, cse);
|
||||
return (cse);
|
||||
}
|
||||
|
@ -103,7 +103,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
|
||||
{
|
||||
unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN], *idat;
|
||||
unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
|
||||
struct enc_xform *exf;
|
||||
const struct enc_xform *exf;
|
||||
int i, k, j, blks, ind, count, ivlen;
|
||||
struct mbuf *m = NULL;
|
||||
struct uio *uio = NULL;
|
||||
@ -150,7 +150,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
|
||||
* handling themselves.
|
||||
*/
|
||||
if (exf->reinit)
|
||||
exf->reinit(sw->sw_kschedule, iv);
|
||||
exf->reinit((caddr_t)sw->sw_kschedule, iv);
|
||||
|
||||
if (outtype == CRYPTO_BUF_MBUF) {
|
||||
/* Find beginning of data */
|
||||
@ -171,10 +171,10 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
|
||||
/* Actual encryption/decryption */
|
||||
if (exf->reinit) {
|
||||
if (crd->crd_flags & CRD_F_ENCRYPT) {
|
||||
exf->encrypt(sw->sw_kschedule,
|
||||
exf->encrypt((caddr_t)sw->sw_kschedule,
|
||||
blk);
|
||||
} else {
|
||||
exf->decrypt(sw->sw_kschedule,
|
||||
exf->decrypt((caddr_t)sw->sw_kschedule,
|
||||
blk);
|
||||
}
|
||||
} else if (crd->crd_flags & CRD_F_ENCRYPT) {
|
||||
@ -182,7 +182,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
|
||||
for (j = 0; j < blks; j++)
|
||||
blk[j] ^= ivp[j];
|
||||
|
||||
exf->encrypt(sw->sw_kschedule, blk);
|
||||
exf->encrypt((caddr_t)sw->sw_kschedule, blk);
|
||||
|
||||
/*
|
||||
* Keep encrypted block for XOR'ing
|
||||
@ -198,7 +198,7 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
|
||||
nivp = (ivp == iv) ? iv2 : iv;
|
||||
bcopy(blk, nivp, blks);
|
||||
|
||||
exf->decrypt(sw->sw_kschedule, blk);
|
||||
exf->decrypt((caddr_t)sw->sw_kschedule, blk);
|
||||
|
||||
/* XOR with previous block */
|
||||
for (j = 0; j < blks; j++)
|
||||
@ -422,7 +422,7 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
|
||||
struct swcr_data *sw, caddr_t buf, int outtype)
|
||||
{
|
||||
unsigned char aalg[AALG_MAX_RESULT_LEN];
|
||||
struct auth_hash *axf;
|
||||
const struct auth_hash *axf;
|
||||
union authctx ctx;
|
||||
int err;
|
||||
|
||||
@ -464,27 +464,13 @@ swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
|
||||
axf->Update(&ctx, aalg, axf->hashsize);
|
||||
axf->Final(aalg, &ctx);
|
||||
break;
|
||||
|
||||
case CRYPTO_MD5_KPDK:
|
||||
case CRYPTO_SHA1_KPDK:
|
||||
if (sw->sw_octx == NULL)
|
||||
return EINVAL;
|
||||
|
||||
axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
|
||||
axf->Final(aalg, &ctx);
|
||||
break;
|
||||
|
||||
case CRYPTO_MD5:
|
||||
case CRYPTO_SHA1:
|
||||
axf->Final(aalg, &ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
/* Inject the authentication data */
|
||||
if (outtype == CRYPTO_BUF_MBUF)
|
||||
COPYBACK(outtype, buf, crd->crd_inject, axf->authsize, aalg);
|
||||
COPYBACK(outtype, buf, crd->crd_inject, axf->hashsize, aalg);
|
||||
else
|
||||
bcopy(aalg, crp->crp_mac, axf->authsize);
|
||||
bcopy(aalg, crp->crp_mac, axf->hashsize);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -502,8 +488,8 @@ swcr_authenc(struct cryptop *crp)
|
||||
union authctx ctx;
|
||||
struct cryptodesc *crd, *crda = NULL, *crde = NULL;
|
||||
struct swcr_data *sw, *swa, *swe = NULL;
|
||||
struct auth_hash *axf = NULL;
|
||||
struct enc_xform *exf = NULL;
|
||||
const struct auth_hash *axf = NULL;
|
||||
const struct enc_xform *exf = NULL;
|
||||
struct mbuf *m = NULL;
|
||||
struct uio *uio = NULL;
|
||||
caddr_t buf = (caddr_t)crp->crp_buf;
|
||||
@ -523,6 +509,7 @@ swcr_authenc(struct cryptop *crp)
|
||||
switch (sw->sw_alg) {
|
||||
case CRYPTO_AES_GCM_16:
|
||||
case CRYPTO_AES_GMAC:
|
||||
case CRYPTO_CHACHA20_POLY1305:
|
||||
swe = sw;
|
||||
crde = crd;
|
||||
exf = swe->sw_exf;
|
||||
@ -531,6 +518,7 @@ swcr_authenc(struct cryptop *crp)
|
||||
case CRYPTO_AES_128_GMAC:
|
||||
case CRYPTO_AES_192_GMAC:
|
||||
case CRYPTO_AES_256_GMAC:
|
||||
case CRYPTO_CHACHA20_POLY1305_MAC:
|
||||
swa = sw;
|
||||
crda = crd;
|
||||
axf = swa->sw_axf;
|
||||
@ -609,7 +597,7 @@ swcr_authenc(struct cryptop *crp)
|
||||
}
|
||||
|
||||
if (exf->reinit)
|
||||
exf->reinit(swe->sw_kschedule, iv);
|
||||
exf->reinit((caddr_t)swe->sw_kschedule, iv);
|
||||
|
||||
/* Do encryption/decryption with MAC */
|
||||
for (i = 0; i < crde->crd_len; i += blksz) {
|
||||
@ -618,11 +606,11 @@ swcr_authenc(struct cryptop *crp)
|
||||
bzero(blk, blksz);
|
||||
COPYDATA(outtype, buf, crde->crd_skip + i, len, blk);
|
||||
if (crde->crd_flags & CRD_F_ENCRYPT) {
|
||||
exf->encrypt(swe->sw_kschedule, blk);
|
||||
exf->encrypt((caddr_t)swe->sw_kschedule, blk);
|
||||
axf->Update(&ctx, blk, len);
|
||||
} else {
|
||||
axf->Update(&ctx, blk, len);
|
||||
exf->decrypt(swe->sw_kschedule, blk);
|
||||
exf->decrypt((caddr_t)swe->sw_kschedule, blk);
|
||||
}
|
||||
COPYBACK(outtype, buf, crde->crd_skip + i, len, blk);
|
||||
}
|
||||
@ -640,6 +628,15 @@ swcr_authenc(struct cryptop *crp)
|
||||
*blkp = htobe32(crde->crd_len * 8);
|
||||
axf->Update(&ctx, blk, blksz);
|
||||
break;
|
||||
case CRYPTO_CHACHA20_POLY1305_MAC:
|
||||
/* length block */
|
||||
bzero(blk, axf->hashsize);
|
||||
blkp = (uint32_t *)blk;
|
||||
*blkp = htole32(aadlen);
|
||||
blkp = (uint32_t *)blk + 2;
|
||||
*blkp = htole32(crde->crd_len);
|
||||
axf->Update(&ctx, blk, axf->hashsize);
|
||||
break;
|
||||
}
|
||||
|
||||
/* Finalize MAC */
|
||||
@ -662,7 +659,7 @@ swcr_compdec(struct cryptodesc *crd, struct swcr_data *sw,
|
||||
caddr_t buf, int outtype)
|
||||
{
|
||||
u_int8_t *data, *out;
|
||||
struct comp_algo *cxf;
|
||||
const struct comp_algo *cxf;
|
||||
int adj;
|
||||
u_int32_t result;
|
||||
|
||||
@ -737,9 +734,9 @@ int
|
||||
swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
{
|
||||
struct swcr_data **swd;
|
||||
struct auth_hash *axf;
|
||||
struct enc_xform *txf;
|
||||
struct comp_algo *cxf;
|
||||
const struct auth_hash *axf;
|
||||
const struct enc_xform *txf;
|
||||
const struct comp_algo *cxf;
|
||||
u_int32_t i;
|
||||
int k;
|
||||
|
||||
@ -792,9 +789,6 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
}
|
||||
|
||||
switch (cri->cri_alg) {
|
||||
case CRYPTO_DES_CBC:
|
||||
txf = &enc_xform_des;
|
||||
goto enccommon;
|
||||
case CRYPTO_3DES_CBC:
|
||||
txf = &enc_xform_3des;
|
||||
goto enccommon;
|
||||
@ -804,8 +798,8 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
case CRYPTO_CAST_CBC:
|
||||
txf = &enc_xform_cast5;
|
||||
goto enccommon;
|
||||
case CRYPTO_RIJNDAEL128_CBC:
|
||||
txf = &enc_xform_rijndael128;
|
||||
case CRYPTO_AES_CBC:
|
||||
txf = &enc_xform_aes;
|
||||
goto enccommon;
|
||||
case CRYPTO_AES_CTR:
|
||||
txf = &enc_xform_aes_ctr;
|
||||
@ -820,6 +814,9 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
txf = &enc_xform_aes_gmac;
|
||||
(*swd)->sw_exf = txf;
|
||||
break;
|
||||
case CRYPTO_CHACHA20_POLY1305:
|
||||
txf = &enc_xform_chacha20_poly1305;
|
||||
goto enccommon;
|
||||
case CRYPTO_NULL:
|
||||
txf = &enc_xform_null;
|
||||
goto enccommon;
|
||||
@ -832,8 +829,9 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
return EINVAL;
|
||||
}
|
||||
}
|
||||
if (txf->setkey((*swd)->sw_kschedule, cri->cri_key,
|
||||
cri->cri_klen / 8) < 0) {
|
||||
if (txf->setkey((*swd)->sw_kschedule,
|
||||
(uint8_t *)cri->cri_key,
|
||||
cri->cri_klen / 8) < 0) {
|
||||
swcr_freesession(i);
|
||||
return EINVAL;
|
||||
}
|
||||
@ -876,7 +874,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
cri->cri_key[k] ^= HMAC_IPAD_VAL;
|
||||
|
||||
axf->Init((*swd)->sw_ictx);
|
||||
axf->Update((*swd)->sw_ictx, cri->cri_key,
|
||||
axf->Update((*swd)->sw_ictx, (uint8_t *)cri->cri_key,
|
||||
cri->cri_klen / 8);
|
||||
axf->Update((*swd)->sw_ictx, hmac_ipad_buffer,
|
||||
axf->blocksize - (cri->cri_klen / 8));
|
||||
@ -885,7 +883,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
cri->cri_key[k] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
|
||||
|
||||
axf->Init((*swd)->sw_octx);
|
||||
axf->Update((*swd)->sw_octx, cri->cri_key,
|
||||
axf->Update((*swd)->sw_octx, (uint8_t *)cri->cri_key,
|
||||
cri->cri_klen / 8);
|
||||
axf->Update((*swd)->sw_octx, hmac_opad_buffer,
|
||||
axf->blocksize - (cri->cri_klen / 8));
|
||||
@ -895,55 +893,6 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
(*swd)->sw_axf = axf;
|
||||
break;
|
||||
|
||||
case CRYPTO_MD5_KPDK:
|
||||
axf = &auth_hash_key_md5;
|
||||
goto auth2common;
|
||||
|
||||
case CRYPTO_SHA1_KPDK:
|
||||
axf = &auth_hash_key_sha1;
|
||||
auth2common:
|
||||
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
|
||||
M_NOWAIT);
|
||||
if ((*swd)->sw_ictx == NULL) {
|
||||
swcr_freesession(i);
|
||||
return ENOBUFS;
|
||||
}
|
||||
|
||||
/* Store the key so we can "append" it to the payload */
|
||||
(*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA,
|
||||
M_NOWAIT);
|
||||
if ((*swd)->sw_octx == NULL) {
|
||||
swcr_freesession(i);
|
||||
return ENOBUFS;
|
||||
}
|
||||
|
||||
(*swd)->sw_klen = cri->cri_klen / 8;
|
||||
bcopy(cri->cri_key, (*swd)->sw_octx, cri->cri_klen / 8);
|
||||
axf->Init((*swd)->sw_ictx);
|
||||
axf->Update((*swd)->sw_ictx, cri->cri_key,
|
||||
cri->cri_klen / 8);
|
||||
axf->Final(NULL, (*swd)->sw_ictx);
|
||||
(*swd)->sw_axf = axf;
|
||||
break;
|
||||
|
||||
case CRYPTO_MD5:
|
||||
axf = &auth_hash_md5;
|
||||
goto auth3common;
|
||||
|
||||
case CRYPTO_SHA1:
|
||||
axf = &auth_hash_sha1;
|
||||
auth3common:
|
||||
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
|
||||
M_NOWAIT);
|
||||
if ((*swd)->sw_ictx == NULL) {
|
||||
swcr_freesession(i);
|
||||
return ENOBUFS;
|
||||
}
|
||||
|
||||
axf->Init((*swd)->sw_ictx);
|
||||
(*swd)->sw_axf = axf;
|
||||
break;
|
||||
|
||||
case CRYPTO_AES_128_GMAC:
|
||||
axf = &auth_hash_gmac_aes_128;
|
||||
goto auth4common;
|
||||
@ -954,6 +903,11 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
|
||||
case CRYPTO_AES_256_GMAC:
|
||||
axf = &auth_hash_gmac_aes_256;
|
||||
goto auth4common;
|
||||
|
||||
case CRYPTO_CHACHA20_POLY1305_MAC:
|
||||
axf = &auth_hash_chacha20_poly1305;
|
||||
|
||||
auth4common:
|
||||
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
|
||||
M_NOWAIT);
|
||||
@ -962,7 +916,7 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
|
||||
return ENOBUFS;
|
||||
}
|
||||
axf->Init((*swd)->sw_ictx);
|
||||
axf->Setkey((*swd)->sw_ictx, cri->cri_key,
|
||||
axf->Setkey((*swd)->sw_ictx, (uint8_t *)cri->cri_key,
|
||||
cri->cri_klen / 8);
|
||||
(*swd)->sw_axf = axf;
|
||||
break;
|
||||
@ -993,8 +947,8 @@ int
|
||||
swcr_freesession(u_int64_t tid)
|
||||
{
|
||||
struct swcr_data *swd;
|
||||
struct enc_xform *txf;
|
||||
struct auth_hash *axf;
|
||||
const struct enc_xform *txf;
|
||||
const struct auth_hash *axf;
|
||||
u_int32_t sid = ((u_int32_t) tid) & 0xffffffff;
|
||||
|
||||
if (sid > swcr_sesnum || swcr_sessions == NULL ||
|
||||
@ -1009,7 +963,6 @@ swcr_freesession(u_int64_t tid)
|
||||
swcr_sessions[sid] = swd->sw_next;
|
||||
|
||||
switch (swd->sw_alg) {
|
||||
case CRYPTO_DES_CBC:
|
||||
case CRYPTO_3DES_CBC:
|
||||
case CRYPTO_BLF_CBC:
|
||||
case CRYPTO_CAST_CBC:
|
||||
@ -1018,6 +971,7 @@ swcr_freesession(u_int64_t tid)
|
||||
case CRYPTO_AES_XTS:
|
||||
case CRYPTO_AES_GCM_16:
|
||||
case CRYPTO_AES_GMAC:
|
||||
case CRYPTO_CHACHA20_POLY1305:
|
||||
case CRYPTO_NULL:
|
||||
txf = swd->sw_exf;
|
||||
|
||||
@ -1045,25 +999,10 @@ swcr_freesession(u_int64_t tid)
|
||||
}
|
||||
break;
|
||||
|
||||
case CRYPTO_MD5_KPDK:
|
||||
case CRYPTO_SHA1_KPDK:
|
||||
axf = swd->sw_axf;
|
||||
|
||||
if (swd->sw_ictx) {
|
||||
explicit_bzero(swd->sw_ictx, axf->ctxsize);
|
||||
free(swd->sw_ictx, M_CRYPTO_DATA, 0);
|
||||
}
|
||||
if (swd->sw_octx) {
|
||||
explicit_bzero(swd->sw_octx, swd->sw_klen);
|
||||
free(swd->sw_octx, M_CRYPTO_DATA, 0);
|
||||
}
|
||||
break;
|
||||
|
||||
case CRYPTO_AES_128_GMAC:
|
||||
case CRYPTO_AES_192_GMAC:
|
||||
case CRYPTO_AES_256_GMAC:
|
||||
case CRYPTO_MD5:
|
||||
case CRYPTO_SHA1:
|
||||
case CRYPTO_CHACHA20_POLY1305_MAC:
|
||||
axf = swd->sw_axf;
|
||||
|
||||
if (swd->sw_ictx) {
|
||||
@ -1135,7 +1074,6 @@ swcr_process(struct cryptop *crp)
|
||||
switch (sw->sw_alg) {
|
||||
case CRYPTO_NULL:
|
||||
break;
|
||||
case CRYPTO_DES_CBC:
|
||||
case CRYPTO_3DES_CBC:
|
||||
case CRYPTO_BLF_CBC:
|
||||
case CRYPTO_CAST_CBC:
|
||||
@ -1152,10 +1090,6 @@ swcr_process(struct cryptop *crp)
|
||||
case CRYPTO_SHA2_256_HMAC:
|
||||
case CRYPTO_SHA2_384_HMAC:
|
||||
case CRYPTO_SHA2_512_HMAC:
|
||||
case CRYPTO_MD5_KPDK:
|
||||
case CRYPTO_SHA1_KPDK:
|
||||
case CRYPTO_MD5:
|
||||
case CRYPTO_SHA1:
|
||||
if ((crp->crp_etype = swcr_authcompute(crp, crd, sw,
|
||||
crp->crp_buf, type)) != 0)
|
||||
goto done;
|
||||
@ -1166,6 +1100,8 @@ swcr_process(struct cryptop *crp)
|
||||
case CRYPTO_AES_128_GMAC:
|
||||
case CRYPTO_AES_192_GMAC:
|
||||
case CRYPTO_AES_256_GMAC:
|
||||
case CRYPTO_CHACHA20_POLY1305:
|
||||
case CRYPTO_CHACHA20_POLY1305_MAC:
|
||||
crp->crp_etype = swcr_authenc(crp);
|
||||
goto done;
|
||||
|
||||
@ -1207,17 +1143,12 @@ swcr_init(void)
|
||||
|
||||
bzero(algs, sizeof(algs));
|
||||
|
||||
algs[CRYPTO_DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_3DES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_BLF_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_CAST_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_MD5_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_RIPEMD160_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_MD5_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_SHA1_KPDK] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_RIJNDAEL128_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_XTS] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
@ -1231,6 +1162,8 @@ swcr_init(void)
|
||||
algs[CRYPTO_AES_128_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_192_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_256_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_CHACHA20_POLY1305] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_CHACHA20_POLY1305_MAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_ESN] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
|
||||
crypto_register(swcr_id, algs, swcr_newsession,
|
||||
|
@ -68,7 +68,7 @@ typedef struct des_ks_struct
|
||||
#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
|
||||
|
||||
|
||||
void des_encrypt2(u_int32_t *data,des_key_schedule ks, int enc);
|
||||
void des_encrypt2(u_int32_t *data,caddr_t ks, int enc);
|
||||
|
||||
|
||||
#define ITERATIONS 16
|
||||
|
@ -50,8 +50,8 @@
|
||||
#include "des_locl.h"
|
||||
|
||||
void
|
||||
des_ecb3_encrypt(des_cblock (*input), des_cblock (*output),
|
||||
des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3,
|
||||
des_ecb3_encrypt(caddr_t (*input), caddr_t (*output),
|
||||
caddr_t ks1, caddr_t ks2, caddr_t ks3,
|
||||
int encrypt)
|
||||
{
|
||||
register u_int32_t l0, l1;
|
||||
|
@ -51,7 +51,7 @@
|
||||
#include "spr.h"
|
||||
|
||||
void
|
||||
des_encrypt2(u_int32_t *data, des_key_schedule ks, int encrypt)
|
||||
des_encrypt2(u_int32_t *data, caddr_t ks, int encrypt)
|
||||
{
|
||||
register u_int32_t l, r, t, u;
|
||||
#ifdef DES_USE_PTR
|
||||
|
@ -61,7 +61,7 @@ aes_key_wrap(aes_key_wrap_ctx *ctx, const u_int8_t *P, size_t n, u_int8_t *C)
|
||||
memcpy(&B[0], A, 8);
|
||||
memcpy(&B[1], R, 8);
|
||||
/* B = AES(K, B) */
|
||||
AES_Encrypt(&ctx->ctx, (caddr_t)B, (caddr_t)B);
|
||||
AES_Encrypt(&ctx->ctx, (uint8_t *)B, (uint8_t *)B);
|
||||
/* MSB(64, B) = MSB(64, B) ^ t */
|
||||
B[0] ^= htobe64(t);
|
||||
/* A = MSB(64, B) */
|
||||
@ -96,7 +96,7 @@ aes_key_unwrap(aes_key_wrap_ctx *ctx, const u_int8_t *C, u_int8_t *P, size_t n)
|
||||
/* B = MSB(64, B) | R[i] */
|
||||
memcpy(&B[1], R, 8);
|
||||
/* B = AES-1(K, B) */
|
||||
AES_Decrypt(&ctx->ctx, (caddr_t)B, (caddr_t)B);
|
||||
AES_Decrypt(&ctx->ctx, (uint8_t *)B, (uint8_t *)B);
|
||||
/* A = MSB(64, B) */
|
||||
memcpy(A, &B[0], 8);
|
||||
/* R[i] = LSB(64, B) */
|
||||
|
@ -8,7 +8,7 @@
|
||||
#include <sys/types.h>
|
||||
#include <sys/systm.h>
|
||||
|
||||
#include "poly1305.h"
|
||||
#include <crypto/poly1305.h>
|
||||
|
||||
/*
|
||||
* poly1305 implementation using 32 bit * 32 bit = 64 bit multiplication
|
||||
|
@ -66,6 +66,8 @@
|
||||
#include <crypto/gmac.h>
|
||||
#include <crypto/chachapoly.h>
|
||||
|
||||
#include "des_locl.h"
|
||||
|
||||
extern void des_ecb3_encrypt(caddr_t, caddr_t, caddr_t, caddr_t, caddr_t, int);
|
||||
|
||||
int des_set_key(void *, caddr_t);
|
||||
@ -311,13 +313,13 @@ const struct comp_algo comp_algo_deflate = {
|
||||
void
|
||||
des3_encrypt(caddr_t key, u_int8_t *blk)
|
||||
{
|
||||
des_ecb3_encrypt(blk, blk, key, key + 128, key + 256, 1);
|
||||
des_ecb3_encrypt((caddr_t)blk, (caddr_t)blk, key, key + 128, key + 256, 1);
|
||||
}
|
||||
|
||||
void
|
||||
des3_decrypt(caddr_t key, u_int8_t *blk)
|
||||
{
|
||||
des_ecb3_encrypt(blk, blk, key + 256, key + 128, key, 0);
|
||||
des_ecb3_encrypt((caddr_t)blk, (caddr_t)blk, key + 256, key + 128, key, 0);
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -82,35 +82,30 @@
|
||||
/* Maximum hash algorithm result length */
|
||||
#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
|
||||
|
||||
#define CRYPTO_DES_CBC 1
|
||||
#define CRYPTO_3DES_CBC 2
|
||||
#define CRYPTO_BLF_CBC 3
|
||||
#define CRYPTO_CAST_CBC 4
|
||||
#define CRYPTO_MD5_HMAC 6
|
||||
#define CRYPTO_SHA1_HMAC 7
|
||||
#define CRYPTO_RIPEMD160_HMAC 8
|
||||
#define CRYPTO_MD5_KPDK 9
|
||||
#define CRYPTO_SHA1_KPDK 10
|
||||
#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
|
||||
#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
|
||||
#define CRYPTO_ARC4 12
|
||||
#define CRYPTO_MD5 13
|
||||
#define CRYPTO_SHA1 14
|
||||
#define CRYPTO_DEFLATE_COMP 15 /* Deflate compression algorithm */
|
||||
#define CRYPTO_NULL 16
|
||||
#define CRYPTO_LZS_COMP 17 /* LZS compression algorithm */
|
||||
#define CRYPTO_SHA2_256_HMAC 18
|
||||
#define CRYPTO_SHA2_384_HMAC 19
|
||||
#define CRYPTO_SHA2_512_HMAC 20
|
||||
#define CRYPTO_AES_CTR 21
|
||||
#define CRYPTO_AES_XTS 22
|
||||
#define CRYPTO_AES_GCM_16 23
|
||||
#define CRYPTO_AES_128_GMAC 24
|
||||
#define CRYPTO_AES_192_GMAC 25
|
||||
#define CRYPTO_AES_256_GMAC 26
|
||||
#define CRYPTO_AES_GMAC 27
|
||||
#define CRYPTO_ESN 28 /* Support for Extended Sequence Numbers */
|
||||
#define CRYPTO_ALGORITHM_MAX 28 /* Keep updated */
|
||||
#define CRYPTO_3DES_CBC 1
|
||||
#define CRYPTO_BLF_CBC 2
|
||||
#define CRYPTO_CAST_CBC 3
|
||||
#define CRYPTO_MD5_HMAC 4
|
||||
#define CRYPTO_SHA1_HMAC 5
|
||||
#define CRYPTO_RIPEMD160_HMAC 6
|
||||
#define CRYPTO_RIJNDAEL128_CBC 7 /* 128 bit blocksize */
|
||||
#define CRYPTO_AES_CBC 7 /* 128 bit blocksize -- the same as above */
|
||||
#define CRYPTO_DEFLATE_COMP 8 /* Deflate compression algorithm */
|
||||
#define CRYPTO_NULL 9
|
||||
#define CRYPTO_SHA2_256_HMAC 11
|
||||
#define CRYPTO_SHA2_384_HMAC 12
|
||||
#define CRYPTO_SHA2_512_HMAC 13
|
||||
#define CRYPTO_AES_CTR 14
|
||||
#define CRYPTO_AES_XTS 15
|
||||
#define CRYPTO_AES_GCM_16 16
|
||||
#define CRYPTO_AES_128_GMAC 17
|
||||
#define CRYPTO_AES_192_GMAC 18
|
||||
#define CRYPTO_AES_256_GMAC 19
|
||||
#define CRYPTO_AES_GMAC 20
|
||||
#define CRYPTO_CHACHA20_POLY1305 21
|
||||
#define CRYPTO_CHACHA20_POLY1305_MAC 22
|
||||
#define CRYPTO_ESN 23 /* Support for Extended Sequence Numbers */
|
||||
#define CRYPTO_ALGORITHM_MAX 23 /* Keep updated */
|
||||
|
||||
/* Algorithm flags */
|
||||
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
|
||||
|
@ -32,15 +32,15 @@ struct swcr_data {
|
||||
u_int8_t *SW_ictx;
|
||||
u_int8_t *SW_octx;
|
||||
u_int32_t SW_klen;
|
||||
struct auth_hash *SW_axf;
|
||||
const struct auth_hash *SW_axf;
|
||||
} SWCR_AUTH;
|
||||
struct {
|
||||
u_int8_t *SW_kschedule;
|
||||
struct enc_xform *SW_exf;
|
||||
const struct enc_xform *SW_exf;
|
||||
} SWCR_ENC;
|
||||
struct {
|
||||
u_int32_t SW_size;
|
||||
struct comp_algo *SW_cxf;
|
||||
const struct comp_algo *SW_cxf;
|
||||
} SWCR_COMP;
|
||||
} SWCR_UN;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user