opencrypto: Integrate Chacha20 algorithm into OCF
Mostly this is a thin shim around existing code to integrate with enc_xform and cryptosoft (+ cryptodev). Expand the cryptodev buffer used to match that of Chacha20's native block size as a performance enhancement for chacha20_xform_crypt_multi.
This commit is contained in:
parent
e5818a53db
commit
61590291a8
@ -662,6 +662,8 @@ crypto/blowfish/bf_ecb.c optional ipsec | ipsec_support
|
|||||||
crypto/blowfish/bf_skey.c optional crypto | ipsec | ipsec_support
|
crypto/blowfish/bf_skey.c optional crypto | ipsec | ipsec_support
|
||||||
crypto/camellia/camellia.c optional crypto | ipsec | ipsec_support
|
crypto/camellia/camellia.c optional crypto | ipsec | ipsec_support
|
||||||
crypto/camellia/camellia-api.c optional crypto | ipsec | ipsec_support
|
crypto/camellia/camellia-api.c optional crypto | ipsec | ipsec_support
|
||||||
|
crypto/chacha20/chacha.c optional crypto | ipsec | ipsec_support
|
||||||
|
crypto/chacha20/chacha-sw.c optional crypto | ipsec | ipsec_support
|
||||||
crypto/des/des_ecb.c optional crypto | ipsec | ipsec_support | netsmb
|
crypto/des/des_ecb.c optional crypto | ipsec | ipsec_support | netsmb
|
||||||
crypto/des/des_setkey.c optional crypto | ipsec | ipsec_support | netsmb
|
crypto/des/des_setkey.c optional crypto | ipsec | ipsec_support | netsmb
|
||||||
crypto/rc4/rc4.c optional netgraph_mppc_encryption | kgssapi
|
crypto/rc4/rc4.c optional netgraph_mppc_encryption | kgssapi
|
||||||
|
78
sys/crypto/chacha20/chacha-sw.c
Normal file
78
sys/crypto/chacha20/chacha-sw.c
Normal file
@ -0,0 +1,78 @@
|
|||||||
|
/* This file is in the public domain. */
|
||||||
|
|
||||||
|
#include <sys/cdefs.h>
|
||||||
|
__FBSDID("$FreeBSD$");
|
||||||
|
|
||||||
|
#include <crypto/chacha20/chacha.h>
|
||||||
|
#include <opencrypto/xform_enc.h>
|
||||||
|
|
||||||
|
static int
|
||||||
|
chacha20_xform_setkey(u_int8_t **sched, u_int8_t *key, int len)
|
||||||
|
{
|
||||||
|
struct chacha_ctx *ctx;
|
||||||
|
|
||||||
|
if (len != CHACHA_MINKEYLEN && len != 32)
|
||||||
|
return (EINVAL);
|
||||||
|
|
||||||
|
ctx = malloc(sizeof(*ctx), M_CRYPTO_DATA, M_NOWAIT | M_ZERO);
|
||||||
|
*sched = (void *)ctx;
|
||||||
|
if (ctx == NULL)
|
||||||
|
return (ENOMEM);
|
||||||
|
|
||||||
|
chacha_keysetup(ctx, key, len * 8);
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
chacha20_xform_reinit(caddr_t key, u_int8_t *iv)
|
||||||
|
{
|
||||||
|
struct chacha_ctx *ctx;
|
||||||
|
|
||||||
|
ctx = (void *)key;
|
||||||
|
chacha_ivsetup(ctx, iv + 8, iv);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
chacha20_xform_zerokey(u_int8_t **sched)
|
||||||
|
{
|
||||||
|
struct chacha_ctx *ctx;
|
||||||
|
|
||||||
|
ctx = (void *)*sched;
|
||||||
|
explicit_bzero(ctx, sizeof(*ctx));
|
||||||
|
free(ctx, M_CRYPTO_DATA);
|
||||||
|
*sched = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
chacha20_xform_crypt(caddr_t cctx, u_int8_t *bytes)
|
||||||
|
{
|
||||||
|
struct chacha_ctx *ctx;
|
||||||
|
|
||||||
|
ctx = (void *)cctx;
|
||||||
|
chacha_encrypt_bytes(ctx, bytes, bytes, 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
chacha20_xform_crypt_multi(void *vctx, uint8_t *bytes, size_t len)
|
||||||
|
{
|
||||||
|
struct chacha_ctx *ctx;
|
||||||
|
|
||||||
|
ctx = vctx;
|
||||||
|
chacha_encrypt_bytes(ctx, bytes, bytes, len);
|
||||||
|
}
|
||||||
|
|
||||||
|
struct enc_xform enc_xform_chacha20 = {
|
||||||
|
.type = CRYPTO_CHACHA20,
|
||||||
|
.name = "chacha20",
|
||||||
|
.blocksize = 1,
|
||||||
|
.ivsize = CHACHA_NONCELEN + CHACHA_CTRLEN,
|
||||||
|
.minkey = CHACHA_MINKEYLEN,
|
||||||
|
.maxkey = 32,
|
||||||
|
.encrypt = chacha20_xform_crypt,
|
||||||
|
.decrypt = chacha20_xform_crypt,
|
||||||
|
.setkey = chacha20_xform_setkey,
|
||||||
|
.zerokey = chacha20_xform_zerokey,
|
||||||
|
.reinit = chacha20_xform_reinit,
|
||||||
|
.encrypt_multi = chacha20_xform_crypt_multi,
|
||||||
|
.decrypt_multi = chacha20_xform_crypt_multi,
|
||||||
|
};
|
@ -10,6 +10,7 @@
|
|||||||
.PATH: ${SRCTOP}/sys/crypto/siphash
|
.PATH: ${SRCTOP}/sys/crypto/siphash
|
||||||
.PATH: ${SRCTOP}/sys/crypto/skein
|
.PATH: ${SRCTOP}/sys/crypto/skein
|
||||||
.PATH: ${SRCTOP}/sys/crypto/blake2
|
.PATH: ${SRCTOP}/sys/crypto/blake2
|
||||||
|
.PATH: ${SRCTOP}/sys/crypto/chacha20
|
||||||
.PATH: ${SRCTOP}/sys/contrib/libb2
|
.PATH: ${SRCTOP}/sys/contrib/libb2
|
||||||
|
|
||||||
KMOD = crypto
|
KMOD = crypto
|
||||||
@ -41,6 +42,8 @@ CFLAGS.blake2s-ref.c += -I${SRCTOP}/sys/crypto/blake2 -DSUFFIX=_ref
|
|||||||
CFLAGS.blake2-sw.c += -I${SRCTOP}/sys/crypto/blake2
|
CFLAGS.blake2-sw.c += -I${SRCTOP}/sys/crypto/blake2
|
||||||
CWARNFLAGS.blake2b-ref.c += ${NO_WCAST_QUAL}
|
CWARNFLAGS.blake2b-ref.c += ${NO_WCAST_QUAL}
|
||||||
CWARNFLAGS.blake2s-ref.c += ${NO_WCAST_QUAL}
|
CWARNFLAGS.blake2s-ref.c += ${NO_WCAST_QUAL}
|
||||||
|
SRCS += chacha.c
|
||||||
|
SRCS += chacha-sw.c
|
||||||
SRCS += opt_param.h cryptodev_if.h bus_if.h device_if.h
|
SRCS += opt_param.h cryptodev_if.h bus_if.h device_if.h
|
||||||
SRCS += opt_ddb.h
|
SRCS += opt_ddb.h
|
||||||
|
|
||||||
|
@ -443,6 +443,9 @@ cryptof_ioctl(
|
|||||||
case CRYPTO_AES_NIST_GCM_16:
|
case CRYPTO_AES_NIST_GCM_16:
|
||||||
txform = &enc_xform_aes_nist_gcm;
|
txform = &enc_xform_aes_nist_gcm;
|
||||||
break;
|
break;
|
||||||
|
case CRYPTO_CHACHA20:
|
||||||
|
txform = &enc_xform_chacha20;
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
CRYPTDEB("invalid cipher");
|
CRYPTDEB("invalid cipher");
|
||||||
|
@ -112,7 +112,8 @@
|
|||||||
#define AES_ICM_BLOCK_LEN 1
|
#define AES_ICM_BLOCK_LEN 1
|
||||||
#define ARC4_BLOCK_LEN 1
|
#define ARC4_BLOCK_LEN 1
|
||||||
#define CAMELLIA_BLOCK_LEN 16
|
#define CAMELLIA_BLOCK_LEN 16
|
||||||
#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
|
#define CHACHA20_NATIVE_BLOCK_LEN 64
|
||||||
|
#define EALG_MAX_BLOCK_LEN CHACHA20_NATIVE_BLOCK_LEN /* Keep this updated */
|
||||||
|
|
||||||
/* IV Lengths */
|
/* IV Lengths */
|
||||||
|
|
||||||
@ -180,7 +181,8 @@
|
|||||||
#define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */
|
#define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */
|
||||||
#define CRYPTO_BLAKE2B 29 /* Blake2b hash */
|
#define CRYPTO_BLAKE2B 29 /* Blake2b hash */
|
||||||
#define CRYPTO_BLAKE2S 30 /* Blake2s hash */
|
#define CRYPTO_BLAKE2S 30 /* Blake2s hash */
|
||||||
#define CRYPTO_ALGORITHM_MAX 30 /* Keep updated - see below */
|
#define CRYPTO_CHACHA20 31 /* Chacha20 stream cipher */
|
||||||
|
#define CRYPTO_ALGORITHM_MAX 31 /* Keep updated - see below */
|
||||||
|
|
||||||
#define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \
|
#define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \
|
||||||
(x) <= CRYPTO_ALGORITHM_MAX)
|
(x) <= CRYPTO_ALGORITHM_MAX)
|
||||||
|
@ -830,6 +830,9 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
|
|||||||
case CRYPTO_NULL_CBC:
|
case CRYPTO_NULL_CBC:
|
||||||
txf = &enc_xform_null;
|
txf = &enc_xform_null;
|
||||||
goto enccommon;
|
goto enccommon;
|
||||||
|
case CRYPTO_CHACHA20:
|
||||||
|
txf = &enc_xform_chacha20;
|
||||||
|
goto enccommon;
|
||||||
enccommon:
|
enccommon:
|
||||||
if (cri->cri_key != NULL) {
|
if (cri->cri_key != NULL) {
|
||||||
error = txf->setkey(&((*swd)->sw_kschedule),
|
error = txf->setkey(&((*swd)->sw_kschedule),
|
||||||
@ -1056,6 +1059,7 @@ swcr_freesession_locked(device_t dev, u_int64_t tid)
|
|||||||
case CRYPTO_AES_NIST_GMAC:
|
case CRYPTO_AES_NIST_GMAC:
|
||||||
case CRYPTO_CAMELLIA_CBC:
|
case CRYPTO_CAMELLIA_CBC:
|
||||||
case CRYPTO_NULL_CBC:
|
case CRYPTO_NULL_CBC:
|
||||||
|
case CRYPTO_CHACHA20:
|
||||||
txf = swd->sw_exf;
|
txf = swd->sw_exf;
|
||||||
|
|
||||||
if (swd->sw_kschedule)
|
if (swd->sw_kschedule)
|
||||||
@ -1185,6 +1189,7 @@ swcr_process(device_t dev, struct cryptop *crp, int hint)
|
|||||||
case CRYPTO_AES_XTS:
|
case CRYPTO_AES_XTS:
|
||||||
case CRYPTO_AES_ICM:
|
case CRYPTO_AES_ICM:
|
||||||
case CRYPTO_CAMELLIA_CBC:
|
case CRYPTO_CAMELLIA_CBC:
|
||||||
|
case CRYPTO_CHACHA20:
|
||||||
if ((crp->crp_etype = swcr_encdec(crd, sw,
|
if ((crp->crp_etype = swcr_encdec(crd, sw,
|
||||||
crp->crp_buf, crp->crp_flags)) != 0)
|
crp->crp_buf, crp->crp_flags)) != 0)
|
||||||
goto done;
|
goto done;
|
||||||
@ -1298,6 +1303,7 @@ swcr_attach(device_t dev)
|
|||||||
REGISTER(CRYPTO_DEFLATE_COMP);
|
REGISTER(CRYPTO_DEFLATE_COMP);
|
||||||
REGISTER(CRYPTO_BLAKE2B);
|
REGISTER(CRYPTO_BLAKE2B);
|
||||||
REGISTER(CRYPTO_BLAKE2S);
|
REGISTER(CRYPTO_BLAKE2S);
|
||||||
|
REGISTER(CRYPTO_CHACHA20);
|
||||||
#undef REGISTER
|
#undef REGISTER
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -51,7 +51,7 @@
|
|||||||
struct enc_xform {
|
struct enc_xform {
|
||||||
int type;
|
int type;
|
||||||
char *name;
|
char *name;
|
||||||
u_int16_t blocksize;
|
u_int16_t blocksize; /* Required input block size -- 1 for stream ciphers. */
|
||||||
u_int16_t ivsize;
|
u_int16_t ivsize;
|
||||||
u_int16_t minkey, maxkey;
|
u_int16_t minkey, maxkey;
|
||||||
void (*encrypt) (caddr_t, u_int8_t *);
|
void (*encrypt) (caddr_t, u_int8_t *);
|
||||||
@ -83,6 +83,7 @@ extern struct enc_xform enc_xform_aes_nist_gmac;
|
|||||||
extern struct enc_xform enc_xform_aes_xts;
|
extern struct enc_xform enc_xform_aes_xts;
|
||||||
extern struct enc_xform enc_xform_arc4;
|
extern struct enc_xform enc_xform_arc4;
|
||||||
extern struct enc_xform enc_xform_camellia;
|
extern struct enc_xform enc_xform_camellia;
|
||||||
|
extern struct enc_xform enc_xform_chacha20;
|
||||||
|
|
||||||
struct aes_icm_ctx {
|
struct aes_icm_ctx {
|
||||||
u_int32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)];
|
u_int32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)];
|
||||||
|
Loading…
Reference in New Issue
Block a user