summaryrefslogtreecommitdiffstats
path: root/sys/crypto/aesni/aesni_hash.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/crypto/aesni/aesni_hash.c')
-rw-r--r--sys/crypto/aesni/aesni_hash.c186
1 files changed, 186 insertions, 0 deletions
diff --git a/sys/crypto/aesni/aesni_hash.c b/sys/crypto/aesni/aesni_hash.c
new file mode 100644
index 0000000..84125aa
--- /dev/null
+++ b/sys/crypto/aesni/aesni_hash.c
@@ -0,0 +1,186 @@
+/*-
+ * Copyright (c) 2015 Ermal LUÇI <eri@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/malloc.h>
+
+#include <opencrypto/cryptosoft.h> /* for hmac_ipad_buffer and hmac_opad_buffer */
+#include <opencrypto/xform.h>
+
+#include "aesni.h"
+
+MALLOC_DECLARE(M_AESNI);
+
+/*
+ * Implementation notes.
+ *
+ * We implement all HMAC algorithms provided by crypto(9) framework so aesni can work
+ * with ipsec(4) for AES-CBC/AES-XTS
+ *
+ * This code was stolen from dev/glxsb/aesni_hash.c
+ */
+
+static void
+aesni_hash_key_setup(struct aesni_session *ses, caddr_t key, int klen)
+{
+ struct auth_hash *axf;
+ int i;
+
+ klen /= 8;
+ axf = ses->ses_axf;
+
+ for (i = 0; i < klen; i++)
+ key[i] ^= HMAC_IPAD_VAL;
+
+ axf->Init(ses->ses_ictx);
+ axf->Update(ses->ses_ictx, key, klen);
+ axf->Update(ses->ses_ictx, hmac_ipad_buffer, axf->blocksize - klen);
+
+ for (i = 0; i < klen; i++)
+ key[i] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
+
+ axf->Init(ses->ses_octx);
+ axf->Update(ses->ses_octx, key, klen);
+ axf->Update(ses->ses_octx, hmac_opad_buffer, axf->blocksize - klen);
+
+ for (i = 0; i < klen; i++)
+ key[i] ^= HMAC_OPAD_VAL;
+}
+
+/*
+ * Compute keyed-hash authenticator.
+ */
+static int
+aesni_authcompute(struct aesni_session *ses, struct cryptodesc *crd,
+ caddr_t buf, int flags)
+{
+ u_char hash[HASH_MAX_LEN];
+ struct auth_hash *axf;
+ union authctx ctx;
+ int error;
+
+ axf = ses->ses_axf;
+ bcopy(ses->ses_ictx, &ctx, axf->ctxsize);
+ error = crypto_apply(flags, buf, crd->crd_skip, crd->crd_len,
+ (int (*)(void *, void *, unsigned int))axf->Update, (caddr_t)&ctx);
+ if (error != 0)
+ return (error);
+ axf->Final(hash, &ctx);
+
+ bcopy(ses->ses_octx, &ctx, axf->ctxsize);
+ axf->Update(&ctx, hash, axf->hashsize);
+ axf->Final(hash, &ctx);
+
+ /* Inject the authentication data */
+ crypto_copyback(flags, buf, crd->crd_inject,
+ ses->ses_mlen == 0 ? axf->hashsize : ses->ses_mlen, hash);
+
+ return (0);
+}
+
+int
+aesni_hash_setup(struct aesni_session *ses, struct cryptoini *macini)
+{
+
+ ses->ses_mlen = macini->cri_mlen;
+
+ /* Find software structure which describes HMAC algorithm. */
+ switch (macini->cri_alg) {
+ case CRYPTO_NULL_HMAC:
+ ses->ses_axf = &auth_hash_null;
+ break;
+ case CRYPTO_MD5_HMAC:
+ ses->ses_axf = &auth_hash_hmac_md5;
+ break;
+ case CRYPTO_SHA1_HMAC:
+ ses->ses_axf = &auth_hash_hmac_sha1;
+ break;
+ case CRYPTO_SHA2_256_HMAC:
+ ses->ses_axf = &auth_hash_hmac_sha2_256;
+ break;
+ case CRYPTO_SHA2_384_HMAC:
+ ses->ses_axf = &auth_hash_hmac_sha2_384;
+ break;
+ case CRYPTO_SHA2_512_HMAC:
+ ses->ses_axf = &auth_hash_hmac_sha2_512;
+ break;
+ default:
+ return EINVAL;
+ break;
+ }
+
+ /* Allocate memory for HMAC inner and outer contexts. */
+ ses->ses_ictx = malloc(ses->ses_axf->ctxsize, M_AESNI,
+ M_ZERO | M_NOWAIT);
+ if (ses->ses_ictx == NULL)
+ return (ENOMEM);
+ ses->ses_octx = malloc(ses->ses_axf->ctxsize, M_AESNI,
+ M_ZERO | M_NOWAIT);
+ if (ses->ses_octx == NULL) {
+ free(ses->ses_ictx, M_AESNI);
+ return (ENOMEM);
+ }
+
+ /* Setup key if given. */
+ if (macini->cri_key != NULL) {
+ aesni_hash_key_setup(ses, macini->cri_key,
+ macini->cri_klen);
+ }
+ return (0);
+}
+
+int
+aesni_hash_process(struct aesni_session *ses, struct cryptodesc *maccrd,
+ struct cryptop *crp)
+{
+ int error;
+
+ if ((maccrd->crd_flags & CRD_F_KEY_EXPLICIT) != 0)
+ aesni_hash_key_setup(ses, maccrd->crd_key, maccrd->crd_klen);
+
+ error = aesni_authcompute(ses, maccrd, crp->crp_buf, crp->crp_flags);
+ return (error);
+}
+
+void
+aesni_hash_free(struct aesni_session *ses)
+{
+
+ if (ses->ses_ictx != NULL) {
+ bzero(ses->ses_ictx, ses->ses_axf->ctxsize);
+ free(ses->ses_ictx, M_AESNI);
+ ses->ses_ictx = NULL;
+ }
+ if (ses->ses_octx != NULL) {
+ bzero(ses->ses_octx, ses->ses_axf->ctxsize);
+ free(ses->ses_octx, M_AESNI);
+ ses->ses_octx = NULL;
+ }
+}
OpenPOWER on IntegriCloud