Remove "HMAC" from <HASH>_HMAC_BLOCK_LEN macro names

The block size is a property of the underlying hash algorithm, and has
nothing to do with the HMAC construction.

No functional change.
This commit is contained in:
Conrad Meyer 2018-07-09 07:21:37 +00:00
parent b393a8ace6
commit 590adc1bc2
11 changed files with 43 additions and 42 deletions

View File

@ -57,7 +57,7 @@ struct aesni_session {
uint8_t dec_schedule[AES_SCHED_LEN] __aligned(16);
uint8_t xts_schedule[AES_SCHED_LEN] __aligned(16);
/* Same as the SHA256 Blocksize. */
uint8_t hmac_key[SHA1_HMAC_BLOCK_LEN] __aligned(16);
uint8_t hmac_key[SHA1_BLOCK_LEN] __aligned(16);
int algo;
int rounds;
/* uint8_t *ses_ictx; */

View File

@ -35,7 +35,7 @@
* SHA3-224 is the next largest block size, at 1152 bits. However, crypto(4)
* doesn't support any SHA3 hash, so SHA2 is the constraint:
*/
#define CCP_HASH_MAX_BLOCK_SIZE (SHA2_512_HMAC_BLOCK_LEN)
#define CCP_HASH_MAX_BLOCK_SIZE (SHA2_512_BLOCK_LEN)
#define CCP_AES_MAX_KEY_LEN (AES_XTS_MAX_KEY)
#define CCP_MAX_CRYPTO_IV_LEN 32 /* GCM IV + GHASH context */

View File

@ -83,10 +83,10 @@ static void padlock_sha256_final(uint8_t *hash, struct padlock_sha_ctx *ctx);
static struct auth_hash padlock_hmac_sha1 = {
.type = CRYPTO_SHA1_HMAC,
.name = "HMAC-SHA1",
.keysize = SHA1_HMAC_BLOCK_LEN,
.keysize = SHA1_BLOCK_LEN,
.hashsize = SHA1_HASH_LEN,
.ctxsize = sizeof(struct padlock_sha_ctx),
.blocksize = SHA1_HMAC_BLOCK_LEN,
.blocksize = SHA1_BLOCK_LEN,
.Init = (void (*)(void *))padlock_sha_init,
.Update = (int (*)(void *, const uint8_t *, uint16_t))padlock_sha_update,
.Final = (void (*)(uint8_t *, void *))padlock_sha1_final,
@ -95,10 +95,10 @@ static struct auth_hash padlock_hmac_sha1 = {
static struct auth_hash padlock_hmac_sha256 = {
.type = CRYPTO_SHA2_256_HMAC,
.name = "HMAC-SHA2-256",
.keysize = SHA2_256_HMAC_BLOCK_LEN,
.keysize = SHA2_256_BLOCK_LEN,
.hashsize = SHA2_256_HASH_LEN,
.ctxsize = sizeof(struct padlock_sha_ctx),
.blocksize = SHA2_256_HMAC_BLOCK_LEN,
.blocksize = SHA2_256_BLOCK_LEN,
.Init = (void (*)(void *))padlock_sha_init,
.Update = (int (*)(void *, const uint8_t *, uint16_t))padlock_sha_update,
.Final = (void (*)(uint8_t *, void *))padlock_sha256_final,

View File

@ -471,26 +471,26 @@ cesa_set_mkey(struct cesa_session *cs, int alg, const uint8_t *mkey, int mklen)
switch (alg) {
case CRYPTO_MD5_HMAC:
MD5Init(&md5ctx);
MD5Update(&md5ctx, ipad, MD5_HMAC_BLOCK_LEN);
MD5Update(&md5ctx, ipad, MD5_BLOCK_LEN);
memcpy(hin, md5ctx.state, sizeof(md5ctx.state));
MD5Init(&md5ctx);
MD5Update(&md5ctx, opad, MD5_HMAC_BLOCK_LEN);
MD5Update(&md5ctx, opad, MD5_BLOCK_LEN);
memcpy(hout, md5ctx.state, sizeof(md5ctx.state));
break;
case CRYPTO_SHA1_HMAC:
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, ipad, SHA1_HMAC_BLOCK_LEN);
SHA1Update(&sha1ctx, ipad, SHA1_BLOCK_LEN);
memcpy(hin, sha1ctx.h.b32, sizeof(sha1ctx.h.b32));
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, opad, SHA1_HMAC_BLOCK_LEN);
SHA1Update(&sha1ctx, opad, SHA1_BLOCK_LEN);
memcpy(hout, sha1ctx.h.b32, sizeof(sha1ctx.h.b32));
break;
case CRYPTO_SHA2_256_HMAC:
SHA256_Init(&sha256ctx);
SHA256_Update(&sha256ctx, ipad, SHA2_256_HMAC_BLOCK_LEN);
SHA256_Update(&sha256ctx, ipad, SHA2_256_BLOCK_LEN);
memcpy(hin, sha256ctx.state, sizeof(sha256ctx.state));
SHA256_Init(&sha256ctx);
SHA256_Update(&sha256ctx, opad, SHA2_256_HMAC_BLOCK_LEN);
SHA256_Update(&sha256ctx, opad, SHA2_256_BLOCK_LEN);
memcpy(hout, sha256ctx.state, sizeof(sha256ctx.state));
break;
default:
@ -1684,7 +1684,7 @@ cesa_newsession(device_t dev, uint32_t *sidp, struct cryptoini *cri)
cs->cs_config |= CESA_CSHD_MD5;
break;
case CRYPTO_MD5_HMAC:
cs->cs_mblen = MD5_HMAC_BLOCK_LEN;
cs->cs_mblen = MD5_BLOCK_LEN;
cs->cs_hlen = (mac->cri_mlen == 0) ? MD5_HASH_LEN :
mac->cri_mlen;
cs->cs_config |= CESA_CSHD_MD5_HMAC;
@ -1698,7 +1698,7 @@ cesa_newsession(device_t dev, uint32_t *sidp, struct cryptoini *cri)
cs->cs_config |= CESA_CSHD_SHA1;
break;
case CRYPTO_SHA1_HMAC:
cs->cs_mblen = SHA1_HMAC_BLOCK_LEN;
cs->cs_mblen = SHA1_BLOCK_LEN;
cs->cs_hlen = (mac->cri_mlen == 0) ? SHA1_HASH_LEN :
mac->cri_mlen;
cs->cs_config |= CESA_CSHD_SHA1_HMAC;
@ -1706,7 +1706,7 @@ cesa_newsession(device_t dev, uint32_t *sidp, struct cryptoini *cri)
cs->cs_config |= CESA_CSHD_96_BIT_HMAC;
break;
case CRYPTO_SHA2_256_HMAC:
cs->cs_mblen = SHA2_256_HMAC_BLOCK_LEN;
cs->cs_mblen = SHA2_256_BLOCK_LEN;
cs->cs_hlen = (mac->cri_mlen == 0) ? SHA2_256_HASH_LEN :
mac->cri_mlen;
cs->cs_config |= CESA_CSHD_SHA2_256_HMAC;

View File

@ -655,13 +655,13 @@ safe_setup_mackey(struct safe_session *ses, int algo, caddr_t key, int klen)
if (algo == CRYPTO_MD5_HMAC) {
MD5Init(&md5ctx);
MD5Update(&md5ctx, key, klen);
MD5Update(&md5ctx, hmac_ipad_buffer, MD5_HMAC_BLOCK_LEN - klen);
MD5Update(&md5ctx, hmac_ipad_buffer, MD5_BLOCK_LEN - klen);
bcopy(md5ctx.state, ses->ses_hminner, sizeof(md5ctx.state));
} else {
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, key, klen);
SHA1Update(&sha1ctx, hmac_ipad_buffer,
SHA1_HMAC_BLOCK_LEN - klen);
SHA1_BLOCK_LEN - klen);
bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32));
}
@ -671,13 +671,13 @@ safe_setup_mackey(struct safe_session *ses, int algo, caddr_t key, int klen)
if (algo == CRYPTO_MD5_HMAC) {
MD5Init(&md5ctx);
MD5Update(&md5ctx, key, klen);
MD5Update(&md5ctx, hmac_opad_buffer, MD5_HMAC_BLOCK_LEN - klen);
MD5Update(&md5ctx, hmac_opad_buffer, MD5_BLOCK_LEN - klen);
bcopy(md5ctx.state, ses->ses_hmouter, sizeof(md5ctx.state));
} else {
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, key, klen);
SHA1Update(&sha1ctx, hmac_opad_buffer,
SHA1_HMAC_BLOCK_LEN - klen);
SHA1_BLOCK_LEN - klen);
bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32));
}

View File

@ -859,13 +859,13 @@ ubsec_setup_mackey(struct ubsec_session *ses, int algo, caddr_t key, int klen)
if (algo == CRYPTO_MD5_HMAC) {
MD5Init(&md5ctx);
MD5Update(&md5ctx, key, klen);
MD5Update(&md5ctx, hmac_ipad_buffer, MD5_HMAC_BLOCK_LEN - klen);
MD5Update(&md5ctx, hmac_ipad_buffer, MD5_BLOCK_LEN - klen);
bcopy(md5ctx.state, ses->ses_hminner, sizeof(md5ctx.state));
} else {
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, key, klen);
SHA1Update(&sha1ctx, hmac_ipad_buffer,
SHA1_HMAC_BLOCK_LEN - klen);
SHA1_BLOCK_LEN - klen);
bcopy(sha1ctx.h.b32, ses->ses_hminner, sizeof(sha1ctx.h.b32));
}
@ -875,13 +875,13 @@ ubsec_setup_mackey(struct ubsec_session *ses, int algo, caddr_t key, int klen)
if (algo == CRYPTO_MD5_HMAC) {
MD5Init(&md5ctx);
MD5Update(&md5ctx, key, klen);
MD5Update(&md5ctx, hmac_opad_buffer, MD5_HMAC_BLOCK_LEN - klen);
MD5Update(&md5ctx, hmac_opad_buffer, MD5_BLOCK_LEN - klen);
bcopy(md5ctx.state, ses->ses_hmouter, sizeof(md5ctx.state));
} else {
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, key, klen);
SHA1Update(&sha1ctx, hmac_opad_buffer,
SHA1_HMAC_BLOCK_LEN - klen);
SHA1_BLOCK_LEN - klen);
bcopy(sha1ctx.h.b32, ses->ses_hmouter, sizeof(sha1ctx.h.b32));
}

View File

@ -83,16 +83,17 @@
/* Maximum hash algorithm result length */
#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
#define MD5_BLOCK_LEN 64
#define SHA1_BLOCK_LEN 64
#define RIPEMD160_BLOCK_LEN 64
#define SHA2_256_BLOCK_LEN 64
#define SHA2_384_BLOCK_LEN 128
#define SHA2_512_BLOCK_LEN 128
/* HMAC values */
#define NULL_HMAC_BLOCK_LEN 64
#define MD5_HMAC_BLOCK_LEN 64
#define SHA1_HMAC_BLOCK_LEN 64
#define RIPEMD160_HMAC_BLOCK_LEN 64
#define SHA2_256_HMAC_BLOCK_LEN 64
#define SHA2_384_HMAC_BLOCK_LEN 128
#define SHA2_512_HMAC_BLOCK_LEN 128
/* Maximum HMAC block length */
#define HMAC_MAX_BLOCK_LEN SHA2_512_HMAC_BLOCK_LEN /* Keep this updated */
#define HMAC_MAX_BLOCK_LEN SHA2_512_BLOCK_LEN /* Keep this updated */
#define HMAC_IPAD_VAL 0x36
#define HMAC_OPAD_VAL 0x5C
/* HMAC Key Length */

View File

@ -59,10 +59,10 @@ static int MD5Update_int(void *, const u_int8_t *, u_int16_t);
struct auth_hash auth_hash_hmac_md5 = {
.type = CRYPTO_MD5_HMAC,
.name = "HMAC-MD5",
.keysize = MD5_HMAC_BLOCK_LEN,
.keysize = MD5_BLOCK_LEN,
.hashsize = MD5_HASH_LEN,
.ctxsize = sizeof(MD5_CTX),
.blocksize = MD5_HMAC_BLOCK_LEN,
.blocksize = MD5_BLOCK_LEN,
.Init = (void (*) (void *)) MD5Init,
.Update = MD5Update_int,
.Final = (void (*) (u_int8_t *, void *)) MD5Final,

View File

@ -59,10 +59,10 @@ static int RMD160Update_int(void *, const u_int8_t *, u_int16_t);
struct auth_hash auth_hash_hmac_ripemd_160 = {
.type = CRYPTO_RIPEMD160_HMAC,
.name = "HMAC-RIPEMD-160",
.keysize = RIPEMD160_HMAC_BLOCK_LEN,
.keysize = RIPEMD160_BLOCK_LEN,
.hashsize = RIPEMD160_HASH_LEN,
.ctxsize = sizeof(RMD160_CTX),
.blocksize = RIPEMD160_HMAC_BLOCK_LEN,
.blocksize = RIPEMD160_BLOCK_LEN,
.Init = (void (*)(void *)) RMD160Init,
.Update = RMD160Update_int,
.Final = (void (*)(u_int8_t *, void *)) RMD160Final,

View File

@ -61,10 +61,10 @@ static void SHA1Final_int(u_int8_t *, void *);
struct auth_hash auth_hash_hmac_sha1 = {
.type = CRYPTO_SHA1_HMAC,
.name = "HMAC-SHA1",
.keysize = SHA1_HMAC_BLOCK_LEN,
.keysize = SHA1_BLOCK_LEN,
.hashsize = SHA1_HASH_LEN,
.ctxsize = sizeof(SHA1_CTX),
.blocksize = SHA1_HMAC_BLOCK_LEN,
.blocksize = SHA1_BLOCK_LEN,
.Init = SHA1Init_int,
.Update = SHA1Update_int,
.Final = SHA1Final_int,

View File

@ -63,10 +63,10 @@ static int SHA512Update_int(void *, const u_int8_t *, u_int16_t);
struct auth_hash auth_hash_hmac_sha2_256 = {
.type = CRYPTO_SHA2_256_HMAC,
.name = "HMAC-SHA2-256",
.keysize = SHA2_256_HMAC_BLOCK_LEN,
.keysize = SHA2_256_BLOCK_LEN,
.hashsize = SHA2_256_HASH_LEN,
.ctxsize = sizeof(SHA256_CTX),
.blocksize = SHA2_256_HMAC_BLOCK_LEN,
.blocksize = SHA2_256_BLOCK_LEN,
.Init = (void (*)(void *)) SHA256_Init,
.Update = SHA256Update_int,
.Final = (void (*)(u_int8_t *, void *)) SHA256_Final,
@ -75,10 +75,10 @@ struct auth_hash auth_hash_hmac_sha2_256 = {
struct auth_hash auth_hash_hmac_sha2_384 = {
.type = CRYPTO_SHA2_384_HMAC,
.name = "HMAC-SHA2-384",
.keysize = SHA2_384_HMAC_BLOCK_LEN,
.keysize = SHA2_384_BLOCK_LEN,
.hashsize = SHA2_384_HASH_LEN,
.ctxsize = sizeof(SHA384_CTX),
.blocksize = SHA2_384_HMAC_BLOCK_LEN,
.blocksize = SHA2_384_BLOCK_LEN,
.Init = (void (*)(void *)) SHA384_Init,
.Update = SHA384Update_int,
.Final = (void (*)(u_int8_t *, void *)) SHA384_Final,
@ -87,10 +87,10 @@ struct auth_hash auth_hash_hmac_sha2_384 = {
struct auth_hash auth_hash_hmac_sha2_512 = {
.type = CRYPTO_SHA2_512_HMAC,
.name = "HMAC-SHA2-512",
.keysize = SHA2_512_HMAC_BLOCK_LEN,
.keysize = SHA2_512_BLOCK_LEN,
.hashsize = SHA2_512_HASH_LEN,
.ctxsize = sizeof(SHA512_CTX),
.blocksize = SHA2_512_HMAC_BLOCK_LEN,
.blocksize = SHA2_512_BLOCK_LEN,
.Init = (void (*)(void *)) SHA512_Init,
.Update = SHA512Update_int,
.Final = (void (*)(u_int8_t *, void *)) SHA512_Final,