summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--share/man/man4/Makefile3
-rw-r--r--share/man/man4/crypto.4113
-rw-r--r--share/man/man4/hifn.4111
-rw-r--r--share/man/man4/ubsec.499
-rw-r--r--share/man/man9/Makefile2
-rw-r--r--share/man/man9/crypto.9591
6 files changed, 918 insertions, 1 deletions
diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile
index 49a57ae..a6afc65 100644
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@@ -28,6 +28,7 @@ MAN= aac.4 \
ccd.4 \
cd.4 \
ch.4 \
+ crypto.4 \
csa.4 \
cue.4 \
da.4 \
@@ -51,6 +52,7 @@ MAN= aac.4 \
gre.4 \
gusc.4 \
gx.4 \
+ hifn.4 \
ichsmb.4 \
icmp.4 \
icmp6.4 \
@@ -185,6 +187,7 @@ MAN= aac.4 \
tun.4 \
twe.4 \
txp.4 \
+ ubsec.4 \
ucom.4 \
udbp.4 \
udp.4 \
diff --git a/share/man/man4/crypto.4 b/share/man/man4/crypto.4
new file mode 100644
index 0000000..5471134
--- /dev/null
+++ b/share/man/man4/crypto.4
@@ -0,0 +1,113 @@
+.\" $OpenBSD: crypto.4,v 1.4 2002/09/12 07:15:03 deraadt Exp $
+.\" $FreeBSD$
+.\"
+.\" Copyright (c) 2001 Theo de Raadt
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. The name of the author may not be used to endorse or promote products
+.\" derived from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd October 3, 2002
+.Dt CRYPTO 4
+.Os
+.Sh NAME
+.Nm crypto
+.Nd hardware crypto access driver
+.Sh SYNOPSIS
+.Nm device crypto
+.Sh DESCRIPTION
+The
+.Nm
+driver provides userland applications access to hardware crypto support
+via the kernel.
+The
+.Pa /dev/crypto
+device node primarily operates in an
+.Xr ioctl 2
+based model, permitting a variety of applications to query device capabilities,
+submit transactions, and get results.
+.Pp
+If
+.Ar count
+given in the specification, and is greater than 0, a maximum of one
+.Nm crypto
+device is created.
+.Pp
+The following
+.Xr ioctl 2
+calls apply only to the
+.Nm crypto
+devices:
+.Bl -tag -width CIOCGSESSION
+.It Dv CIOCGSESSION
+Setup a new crypto session for a new type of operation.
+.It Dv CIOCFSESSION
+Free a previously established session.
+.It Dv CIOCCRYPT
+Perform a crypto operation against a previously setup session.
+.El
+.Pp
+.Sh FEATURES
+Depending on hardware being present, the following symmetric and
+assymetric cryptographic features are potentially available from
+.Pa /dev/crypto :
+.Pp
+.Bl -tag -compact -width CRYPTO_RIPEMD160_HMAC -offset indent
+.It CRYPTO_DES_CBC
+.It CRYPTO_3DES_CBC
+.It CRYPTO_BLF_CBC
+.It CRYPTO_CAST_CBC
+.It CRYPTO_SKIPJACK_CBC
+.It CRYPTO_MD5_HMAC
+.It CRYPTO_SHA1_HMAC
+.It CRYPTO_RIPEMD160_HMAC
+.It CRYPTO_MD5_KPDK
+.It CRYPTO_SHA1_KPDK
+.It CRYPTO_AES_CBC
+.It CRYPTO_ARC4
+.It CRYPTO_MD5
+.It CRYPTO_SHA1
+.It CRK_MOD_EXP
+.It CRK_MOD_EXP_CRT
+.It CRK_DSA_SIGN
+.It CRK_DSA_VERIFY
+.It CRK_DH_COMPUTE_KEY
+.El
+.Pp
+.Sh FILES
+.Bl -tag -width /dev/crypto -compact
+.It Pa /dev/crypto
+crypto access device
+.El
+.Sh SEE ALSO
+.Xr hifn 4 ,
+.Xr ubsec 4 ,
+.Xr crypto 9
+.Sh HISTORY
+The
+.Nm
+driver first appeared in
+OpenBSD 3.0.
+The
+.Nm
+driver was imported to FreeBSD in 5.0.
diff --git a/share/man/man4/hifn.4 b/share/man/man4/hifn.4
new file mode 100644
index 0000000..539d2e8
--- /dev/null
+++ b/share/man/man4/hifn.4
@@ -0,0 +1,111 @@
+.\" $OpenBSD: hifn.4,v 1.32 2002/09/26 07:55:40 miod Exp $
+.\" $FreeBSD$
+.\"
+.\" Copyright (c) 2000 Theo de Raadt
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. The name of the author may not be used to endorse or promote products
+.\" derived from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd October 3, 2002
+.Dt HIFN 4
+.Os
+.Sh NAME
+.Nm hifn
+.Nd Hifn 7751/7951/7811 crypto accelerator
+.Sh SYNOPSIS
+.Nm device hifn
+.Sh DESCRIPTION
+The
+.Nm
+driver supports various cards containing the Hifn 7751, Hifn 7951, or
+Hifn 7811
+chipsets, such as
+.Bl -tag -width namenamenamena -offset indent
+.It Invertex AEON
+No longer being made.
+Came as 128KB SRAM model, or 2MB DRAM model.
+.It Hifn 7751
+Reference board with 512KB SRAM.
+.It PowerCrypt
+See
+.Pa http://www.powercrypt.com/ .
+Comes with 512KB SRAM.
+.It XL-Crypt
+See
+.Pa http://www.powercrypt.com/ .
+Only board based on 7811 (which is faster than 7751 and has
+a random number generator).
+.It NetSec 7751
+See
+.Pa http://www.netsec.net/ .
+Supports the most IPsec sessions, with 1MB SRAM.
+.It Soekris Engineering vpn1201 and vpn1211
+See
+.Pa http://www.soekris.com/ .
+Contains a 7951 and supports symmetric and random number operations.
+.El
+.Pp
+The
+.Nm
+driver registers itself to accelerate DES, Triple-DES, ARC4, MD5,
+MD5-HMAC, SHA1, and SHA1-HMAC operations for
+.Xr ipsec 4
+and
+.Xr crypto 4 .
+.Pp
+The
+.Tn Hifn 7951
+and
+.Tn Hifn 7811
+will also supply data to the kernel
+.Xr random 4
+subsystem.
+.Sh BUGS
+The 7751 chip starts out at initialization by only supporting compression.
+A proprietary algorithm, which has been reverse engineered, is required to
+unlock the cryptographic functionality of the chip.
+It is possible for vendors to make boards which have a lock ID not known
+to the driver, but all vendors currently just use the obvious ID which is
+13 bytes of 0.
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr crypto 4 ,
+.Xr intro 4 ,
+.Xr ipsec 4 ,
+.Xr random 4 ,
+.Xr crypto 9
+.Sh CAVEATS
+The Hifn 9751 shares the same PCI id.
+This chip is basically a 7751, but with the cryptographic functions missing.
+Instead, the 9751 is only capable of doing compression.
+Since we do not currently attempt to use any of these chips to do
+compression, the 9751-based cards are not useful.
+.Sh HISTORY
+The
+.Nm
+device driver appeared in
+OpenBSD 2.7.
+The
+.Nm
+device driver was imported to FreeBSD in 5.0.
diff --git a/share/man/man4/ubsec.4 b/share/man/man4/ubsec.4
new file mode 100644
index 0000000..2ec4258
--- /dev/null
+++ b/share/man/man4/ubsec.4
@@ -0,0 +1,99 @@
+.\" $OpenBSD: ubsec.4,v 1.18 2002/09/26 07:55:41 miod Exp $
+.\" $FreeBSD$
+.\"
+.\" Copyright (c) 2000 Jason L. Wright (jason@thought.net)
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by Jason L. Wright
+.\" 4. The name of the author may not be used to endorse or promote products
+.\" derived from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd October 3, 2002
+.Dt UBSEC 4
+.Os
+.Sh NAME
+.Nm ubsec
+.Nd Broadcom and BlueSteel uBsec 5x0x crypto accelerator
+.Sh SYNOPSIS
+.Nm device ubsec
+.Sh DESCRIPTION
+The
+.Nm
+driver supports cards containing any of the following chips:
+.Bl -tag -width "Broadcom BCM5821" -offset indent
+.It Bluesteel 5501
+The original chipset, no longer made. This extremely rare unit
+was not very fast, lacked a RNG, and had a number of other bugs.
+.It Bluesteel 5601
+A faster and fixed version of the original, with a random number
+unit and large number engine added.
+.It Broadcom BCM5801
+A BCM5805 without public key engine or random number generator.
+.It Broadcom BCM5802
+A slower version of the BCM5805.
+.It Broadcom BCM5805
+Faster version of Bluesteel 5601.
+.It Broadcom BCM5820
+64 bit version of the chip, and significantly more advanced.
+.It Broadcom BCM5821
+Faster version of the BCM5820.
+.It Broadcom BCM5822
+Faster version of the BCM5820.
+.El
+.Pp
+The
+.Nm
+driver registers itself to accelerate DES, Triple-DES, MD5-HMAC,
+and SHA1-HMAC operations for
+.Xr ipsec 4
+and
+.Xr crypto 4 .
+.Pp
+On those models which contain a public key engine (almost all of the
+more recent ones), this feature is registered with the
+.Xr crypto 4
+subsystem.
+.Pp
+On all models except the Bluesteel 5501 and Broadcom 5801, the driver
+registers itself to provide random data to the
+.Xr random 4
+subsystem.
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr crypto 4 ,
+.Xr intro 4 ,
+.Xr ipsec 4 ,
+.Xr random 4 ,
+.Xr crypto 9
+.Sh HISTORY
+The
+.Nm
+device driver appeared in
+OpenBSD 2.8.
+The
+.Nm
+device driver was imported to FreeBSD in 5.0.
+.Sh BUGS
+The BCM5801 and BCM5802 have not actually been tested.
diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index c24e53c..229e036 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -27,7 +27,7 @@ MAN= BUF_LOCK.9 BUF_LOCKFREE.9 BUF_LOCKINIT.9 BUF_REFCNT.9 \
bus_generic_shutdown.9 bus_release_resource.9 \
byteorder.9 \
cd.9 cdevsw_add.9 cdevsw_remove.9 condvar.9 copy.9 \
- critical_enter.9 \
+ critical_enter.9 crypto.9 \
devclass.9 devclass_add_driver.9 devclass_find.9 \
devclass_get_device.9 devclass_get_devices.9 \
devclass_get_maxunit.9 devclass_get_name.9 devclass_get_softc.9 \
diff --git a/share/man/man9/crypto.9 b/share/man/man9/crypto.9
new file mode 100644
index 0000000..93d3ddf
--- /dev/null
+++ b/share/man/man9/crypto.9
@@ -0,0 +1,591 @@
+.\" $OpenBSD: crypto.9,v 1.19 2002/07/16 06:31:57 angelos Exp $
+.\" $FreeBSD$
+.\"
+.\" The author of this man page is Angelos D. Keromytis (angelos@cis.upenn.edu)
+.\"
+.\" Copyright (c) 2000, 2001 Angelos D. Keromytis
+.\"
+.\" Permission to use, copy, and modify this software with or without fee
+.\" is hereby granted, provided that this entire notice is included in
+.\" all source code copies of any software which is or includes a copy or
+.\" modification of this software.
+.\"
+.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
+.\" IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
+.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
+.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
+.\" PURPOSE.
+.\"
+.Dd October 3, 2002
+.Dt CRYPTO 9
+.Os
+.Sh NAME
+.Nm crypto
+.Nd API for cryptographic services in the kernel
+.Sh SYNOPSIS
+.Fd #include <crypto/cryptodev.h>
+.Ft int32_t
+.Fn crypto_get_driverid "u_int8_t"
+.Ft int
+.Fn crypto_register "u_int32_t" "int" "u_int16_t" "u_int32_t" "int (*)(u_int32_t *, struct cryptoini *)" "int (*)(u_int64_t)" "int (*)(struct cryptop *)"
+.Ft int
+.Fn crypto_kregister "u_int32_t" "int" "u_int32_t" "int (*)(struct cryptkop *)"
+.Ft int
+.Fn crypto_unregister "u_int32_t" "int"
+.Ft void
+.Fn crypto_done "struct cryptop *"
+.Ft void
+.Fn crypto_kdone "struct cryptkop *"
+.Ft int
+.Fn crypto_newsession "u_int64_t *" "struct cryptoini *" "int"
+.Ft int
+.Fn crypto_freesession "u_int64_t"
+.Ft int
+.Fn crypto_dispatch "struct cryptop *"
+.Ft int
+.Fn crypto_kdispatch "struct cryptkop *"
+.Ft struct cryptop *
+.Fn crypto_getreq "int"
+.Ft void
+.Fn crypto_freereq "void"
+.Bd -literal
+
+#define EALG_MAX_BLOCK_LEN 16
+
+struct cryptoini {
+ int cri_alg;
+ int cri_klen;
+ int cri_rnd;
+ caddr_t cri_key;
+ u_int8_t cri_iv[EALG_MAX_BLOCK_LEN];
+ struct cryptoini *cri_next;
+};
+
+struct cryptodesc {
+ int crd_skip;
+ int crd_len;
+ int crd_inject;
+ int crd_flags;
+ struct cryptoini CRD_INI;
+ struct cryptodesc *crd_next;
+};
+
+struct cryptop {
+ u_int64_t crp_sid;
+ int crp_ilen;
+ int crp_olen;
+ int crp_alloctype;
+ int crp_etype;
+ int crp_flags;
+ caddr_t crp_buf;
+ caddr_t crp_opaque;
+ struct cryptodesc *crp_desc;
+ int (*crp_callback) (struct cryptop *);
+ struct cryptop *crp_next;
+ caddr_t crp_mac;
+};
+
+struct crparam {
+ caddr_t crp_p;
+ u_int crp_nbits;
+};
+
+#define CRK_MAXPARAM 8
+
+struct cryptkop {
+ u_int krp_op; /* ie. CRK_MOD_EXP or other */
+ u_int krp_status; /* return status */
+ u_short krp_iparams; /* # of input parameters */
+ u_short krp_oparams; /* # of output parameters */
+ u_int krp_pad1;
+ struct crparam krp_param[CRK_MAXPARAM];
+ struct crparam krp_kvp[CRK_MAXPARAM];
+
+ u_int32_t krp_hid;
+ int (*krp_callback)(struct cryptkop *);
+ struct cryptkop *krp_next;
+};
+.Ed
+.br
+.Sh DESCRIPTION
+.Nm
+is a framework for drivers of cryptographic hardware to register with
+the kernel so
+.Dq consumers
+(other kernel subsystems, and eventually
+users through an appropriate device) are able to make use of it.
+Drivers register with the framework the algorithms they support,
+and provide entry points (functions) the framework may call to
+establish, use, and tear down sessions.
+Sessions are used to cache cryptographic information in a particular driver
+(or associated hardware), so initialization is not needed with every request.
+Consumers of cryptographic services pass a set of
+descriptors that instruct the framework (and the drivers registered
+with it) of the operations that should be applied on the data (more
+than one cryptographic operation can be requested).
+.Pp
+Keying operations are supported as well.
+Unlike the symmetric operators described above,
+these sessionless commands perform mathematical operations using
+input and output parameters.
+.Pp
+Since the consumers may not be associated with a process, drivers may
+not use
+.Xr tsleep 9 .
+The same holds for the framework.
+Thus, a callback mechanism is used
+to notify a consumer that a request has been completed (the
+callback is specified by the consumer on an per-request basis).
+The callback is invoked by the framework whether the request was
+successfully completed or not.
+An error indication is provided in the latter case.
+A specific error code,
+.Er EAGAIN ,
+is used to indicate that a session number has changed and that the
+request may be re-submitted immediately with the new session number.
+Errors are only returned to the invoking function if not
+enough information to call the callback is available (meaning, there
+was a fatal error in verifying the arguments).
+For session initialization and teardown there is no callback mechanism used.
+.br
+.Pp
+The
+.Fn crypto_newsession
+routine is called by consumers of cryptographic services (such as the
+.Xr ipsec 4
+stack) that wish to establish a new session with the framework.
+On success, the first argument will contain the Session Identifier (SID).
+The second argument contains all the necessary information for
+the driver to establish the session.
+The third argument indicates whether a
+hardware driver (1) should be used or not (0).
+The various fields in the
+.Fa cryptoini
+structure are:
+.Bl -tag -width foobarmoocow
+.It Fa cri_alg
+Contains an algorithm identifier.
+Currently supported algorithms are:
+.Bd -literal
+CRYPTO_DES_CBC
+CRYPTO_3DES_CBC
+CRYPTO_BLF_CBC
+CRYPTO_CAST_CBC
+CRYPTO_SKIPJACK_CBC
+CRYPTO_MD5_HMAC
+CRYPTO_SHA1_HMAC
+CRYPTO_RIPEMD160_HMAC
+CRYPTO_MD5_KPDK
+CRYPTO_SHA1_KPDK
+CRYPTO_AES_CBC
+CRYPTO_ARC4
+CRYPTO_MD5
+CRYPTO_SHA1
+.Ed
+.Pp
+.It Fa cri_klen
+Specifies the length of the key in bits, for variable-size key
+algorithms.
+.It Fa cri_rnd
+Specifies the number of rounds to be used with the algorithm, for
+variable-round algorithms.
+.It Fa cri_key
+Contains the key to be used with the algorithm.
+.It Fa cri_iv
+Contains an explicit initialization vector (IV), if it does not prefix
+the data.
+This field is ignored during initialization.
+If no IV is explicitly passed (see below on details), a random IV is used
+by the device driver processing the request.
+.It Fa cri_next
+Contains a pointer to another
+.Fa cryptoini
+structure.
+Multiple such structures may be linked to establish multi-algorithm sessions
+.Pf ( Xr ipsec 4
+is an example consumer of such a feature).
+.El
+.Pp
+The
+.Fa cryptoini
+structure and its contents will not be modified by the framework (or
+the drivers used).
+Subsequent requests for processing that use the
+SID returned will avoid the cost of re-initializing the hardware (in
+essence, SID acts as an index in the session cache of the driver).
+.Pp
+.Fn crypto_freesession
+is called with the SID returned by
+.Fn crypto_newsession
+to disestablish the session.
+.Pp
+.Fn crypto_dispatch
+is called to process a request.
+The various fields in the
+.Fa cryptop
+structure are:
+.Bl -tag -width crp_alloctype
+.It Fa crp_sid
+Contains the SID.
+.It Fa crp_ilen
+Indicates the total length in bytes of the buffer to be processed.
+.It Fa crp_olen
+On return, contains the total length of the result.
+For symmetric crypto operations, this will be the same as the input length.
+.It Fa crp_alloctype
+Indicates the type of buffer, as used in the kernel
+.Xr malloc 9
+routine.
+This will be used if the framework needs to allocate a new
+buffer for the result (or for re-formatting the input).
+.It Fa crp_callback
+This routine is invoked upon completion of the request, whether
+successful or not.
+It is invoked through the
+.Fn crypto_done
+routine.
+If the request was not successful, an error code is set in the
+.Fa crp_etype
+field.
+It is the responsibility of the callback routine to set the appropriate
+.Xr spl 9
+level.
+.It Fa crp_etype
+Contains the error type, if any errors were encountered, or zero if
+the request was successfully processed.
+If the
+.Er EAGAIN
+error code is returned, the SID has changed (and has been recorded in the
+.Fa crp_sid
+field).
+The consumer should record the new SID and use it in all subsequent requests.
+In this case, the request may be re-submitted immediately.
+This mechanism is used by the framework to perform
+session migration (move a session from one driver to another, because
+of availability, performance, or other considerations).
+.Pp
+Note that this field only makes sense when examined by
+the callback routine specified in
+.Fa crp_callback .
+Errors are returned to the invoker of
+.Fn crypto_process
+only when enough information is not present to call the callback
+routine (i.e., if the pointer passed is
+.Dv NULL
+or if no callback routine was specified).
+.It Fa crp_flags
+Is a bitmask of flags associated with this request.
+Currently defined flags are:
+.Bl -tag -width CRYPTO_F_IMBUF
+.It Dv CRYPTO_F_IMBUF
+The buffer pointed to by
+.Fa crp_buf
+is an mbuf chain.
+.El
+.Pp
+.It Fa crp_buf
+Points to the input buffer.
+On return (when the callback is invoked),
+it contains the result of the request.
+The input buffer may be an mbuf
+chain or a contiguous buffer (of a type identified by
+.Fa crp_alloctype ) ,
+depending on
+.Fa crp_flags .
+.It Fa crp_opaque
+This is passed through the crypto framework untouched and is
+intended for the invoking application's use.
+.It Fa crp_desc
+This is a linked list of descriptors.
+Each descriptor provides
+information about what type of cryptographic operation should be done
+on the input buffer.
+The various fields are:
+.Bl -tag -width=crd_inject
+.It Fa crd_skip
+The offset in the input buffer where processing should start.
+.It Fa crd_len
+How many bytes, after
+.Fa Fa crd_skip ,
+should be processed.
+.It Fa crd_inject
+Offset from the beginning of the buffer to insert any results.
+For encryption algorithms, this is where the initialization vector
+(IV) will be inserted when encrypting or where it can be found when
+decrypting (subject to
+.Fa Fa crd_flags ) .
+For MAC algorithms, this is where the result of the keyed hash will be
+inserted.
+.It Fa crd_flags
+The following flags are defined:
+.Bl -tag -width CRD_F_IV_EXPLICIT
+.It Dv CRD_F_ENCRYPT
+For encryption algorithms, this bit is set when encryption is required
+(when not set, decryption is performed).
+.It Dv CRD_F_IV_PRESENT
+For encryption algorithms, this bit is set when the IV already
+precedes the data, so the
+.Fa crd_inject
+value will be ignored and no IV will be written in the buffer.
+Otherwise, the IV used to encrypt the packet will be written
+at the location pointed to by
+.Fa crd_inject .
+The IV length is assumed to be equal to the blocksize of the
+encryption algorithm.
+Some applications that do special
+.Dq IV cooking ,
+such as the half-IV mode in
+.Xr ipsec 4 ,
+can use this flag to indicate that the IV should not be written on the packet.
+This flag is typically used in conjunction with the
+.Dv CRD_F_IV_EXPLICIT
+flag.
+.It Dv CRD_F_IV_EXPLICIT
+For encryption algorithms, this bit is set when the IV is explicitly
+provided by the consumer in the
+.Fa crd_iv
+fields.
+Otherwise, for encryption operations the IV is provided for by
+the driver used to perform the operation, whereas for decryption
+operations it is pointed to by the
+.Fa crd_inject
+field.
+This flag is typically used when the IV is calculated
+.Dq on the fly
+by the consumer, and does not precede the data (some
+.Xr ipsec 4
+configurations, and the encrypted swap are two such examples).
+.It Dv CRD_F_COMP
+For compression algorithms, this bit is set when compression is required (when
+not set, decompression is performed).
+.El
+.It Fa CRD_INI
+This
+.Fa cryptoini
+structure will not be modified by the framework or the device drivers.
+Since this information accompanies every cryptographic
+operation request, drivers may re-initialize state on-demand
+(typically an expensive operation).
+Furthermore, the cryptographic
+framework may re-route requests as a result of full queues or hardware
+failure, as described above.
+.It Fa crd_next
+Point to the next descriptor.
+Linked operations are useful in protocols such as
+.Xr ipsec 4 ,
+where multiple cryptographic transforms may be applied on the same
+block of data.
+.El
+.El
+.Pp
+.Fn crypto_getreq
+allocates a
+.Fa cryptop
+structure with a linked list of as many
+.Fa cryptodesc
+structures as were specified in the argument passed to it.
+.Pp
+.Fn crypto_freereq
+deallocates a structure
+.Fa cryptop
+and any
+.Fa cryptodesc
+structures linked to it.
+Note that it is the responsibility of the
+callback routine to do the necessary cleanups associated with the
+opaque field in the
+.Fa cryptop
+structure.
+.Pp
+.Fn crypto_kdispatch
+is called to perform a keying operation.
+The various fields in the
+.Fa crytokop
+structure are:
+.Bl -tag -width crp_alloctype
+.It Fa krp_op
+Operation code, such as CRK_MOD_EXP.
+.It Fa krp_status
+Return code.
+This errno-style variable indicates whether lower level reasons
+for operation failure.
+.It Fa krp_iparams
+Number if input parameters to the specified operation.
+Note that each operation has a (typically hardwired) number of such parameters.
+.It Fa krp_oparams
+Number if output parameters from the specified operation.
+Note that each operation has a (typically hardwired) number of such parameters.
+.It Fa krp_kvp
+An array of kernel memory blocks containing the parameters.
+.It Fa krp_hid
+Identifier specifying which low-level driver is being used.
+.It Fa krp_callback
+Callback called on completion of a keying operation.
+.El
+.Sh DRIVER-SIDE API
+The
+.Fn crypto_get_driverid ,
+.Fn crypto_register ,
+.Fn crypto_kregister ,
+.Fn crypto_unregister ,
+and
+.Fn crypto_done
+routines are used by drivers that provide support for cryptographic
+primitives to register and unregister with the kernel crypto services
+framework.
+Drivers must first use the
+.Fn crypto_get_driverid
+function to acquire a driver identifier, specifying the
+.Fa cc_flags
+as an argument (normally 0, but software-only drivers should specify
+.Dv CRYPTOCAP_F_SOFTWARE Ns ).
+For each algorithm the driver supports, it must then call
+.Fn crypto_register .
+The first two arguments are the driver and algorithm identifiers.
+The next two arguments specify the largest possible operator length (in bits,
+important for public key operations) and flags (e.g., whether an hardware RNG is
+available) for this algorithm.
+The last three arguments must be provided in the first call to
+.Fn crypto_register
+and are ignored in all subsequent calls.
+They are pointers to three
+driver-provided functions that the framework may call to establish new
+cryptographic context with the driver, free already established
+context, and ask for a request to be processed (encrypt, decrypt,
+etc.)
+.Fn crypto_unregister
+is called by drivers that wish to withdraw support for an algorithm.
+The two arguments are the driver and algorithm identifiers, respectively.
+Typically, drivers for
+.Xr pcmcia 4
+crypto cards that are being ejected will invoke this routine for all
+algorithms supported by the card.
+If called with
+.Dv CRYPTO_ALGORITHM_ALL ,
+all algorithms registered for a driver will be unregistered in one go
+and the driver will be disabled (no new sessions will be allocated on
+that driver, and any existing sessions will be migrated to other
+drivers).
+The same will be done if all algorithms associated with a driver are
+unregistered one by one.
+.Pp
+The calling convention for the three driver-supplied routines is:
+.Bd -literal
+int (*newsession) (u_int32_t *, struct cryptoini *);
+int (*freesession) (u_int64_t);
+int (*process) (struct cryptop *);
+int (*kprocess) (struct cryptkop *);
+.Ed
+.Pp
+On invocation, the first argument to
+.Fn newsession
+contains the driver identifier obtained via
+.Fn crypto_get_driverid .
+On successfully returning, it should contain a driver-specific session
+identifier.
+The second argument is identical to that of
+.Fn crypto_newsession .
+.Pp
+The
+.Fn freesession
+routine takes as argument the SID (which is the concatenation of the
+driver identifier and the driver-specific session identifier).
+It should clear any context associated with the session (clear hardware
+registers, memory, etc.).
+.Pp
+The
+.Fn process
+routine is invoked with a request to perform crypto processing.
+This routine must not block, but should queue the request and return
+immediately.
+Upon processing the request, the callback routine should be invoked.
+In case of error, the error indication must be placed in the
+.Fa crp_etype
+field of the
+.Fa cryptop
+structure.
+When the request is completed, or an error is detected, the
+.Fn process
+routine should invoked
+.Fn crypto_done .
+Session migration may be performed, as mentioned previously.
+.Pp
+The
+.Fn kprocess
+routine is invoked with a request to perform crypto key processing.
+This routine must not block, but should queue the request and return
+immediately.
+Upon processing the request, the callback routine should be invoked.
+In case of error, the error indication must be placed in the
+.Fa krp_status
+field of the
+.Fa cryptkop
+structure.
+When the request is completed, or an error is detected, the
+.Fn kprocess
+routine should invoked
+.Fn crypto_kdone .
+.Sh RETURN VALUES
+.Fn crypto_register ,
+.Fn crypto_kregister ,
+.Fn crypto_unregister ,
+.Fn crypto_newsession ,
+and
+.Fn crypto_freesession
+return 0 on success, or an error code on failure.
+.Fn crypto_get_driverid
+returns a non-negative value on error, and \-1 on failure.
+.Fn crypto_getreq
+returns a pointer to a
+.Fa cryptop
+structure and
+.Dv NULL
+on failure.
+.Fn crypto_dispatch
+returns
+.Er EINVAL
+is its argument or the callback function was
+.Dv NULL ,
+and 0 otherwise.
+The callback is provided with an error code in case of failure, in the
+.Fa crp_etype
+field.
+.Sh FILES
+.Bl -tag -width sys/crypto/crypto.c
+.It Pa sys/crypto/crypto.c
+most of the framework code
+.El
+.Sh SEE ALSO
+.Xr ipsec 4 ,
+.Xr pcmcia 4 ,
+.Xr malloc 9 ,
+.Xr tsleep 9
+.Sh HISTORY
+The cryptographic framework first appeared in
+OpenBSD 2.7
+and was written by Angelos D. Keromytis <angelos@openbsd.org>.
+.Sh BUGS
+The framework currently assumes that all the algorithms in a
+.Fn crypto_newsession
+operation must be available by the same driver.
+If that's not the case, session initialization will fail.
+.Pp
+The framework also needs a mechanism for determining which driver is
+best for a specific set of algorithms associated with a session.
+Some type of benchmarking is in order here.
+.Pp
+Multiple instances of the same algorithm in the same session are not
+supported.
+Note that 3DES is considered one algorithm (and not three
+instances of DES).
+Thus, 3DES and DES could be mixed in the same request.
+.Pp
+A queue for completed operations should be implemented and processed
+at some software
+.Xr spl 9
+level, to avoid overall system latency issues, and potential kernel
+stack exhaustion while processing a callback.
+.Pp
+When SMP time comes, we will support use of a second processor (or
+more) as a crypto device (this is actually AMP, but we need the same
+basic support).
OpenPOWER on IntegriCloud