2002-10-04 20:31:23 +00:00
|
|
|
/* $FreeBSD$ */
|
|
|
|
/* $OpenBSD: cryptodev.h,v 1.31 2002/06/11 11:14:29 beck Exp $ */
|
|
|
|
|
2005-01-07 02:29:27 +00:00
|
|
|
/*-
|
2002-10-04 20:31:23 +00:00
|
|
|
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
|
2007-03-21 03:42:51 +00:00
|
|
|
* Copyright (c) 2002-2006 Sam Leffler, Errno Consulting
|
2002-10-04 20:31:23 +00:00
|
|
|
*
|
|
|
|
* This code was written by Angelos D. Keromytis in Athens, Greece, in
|
|
|
|
* February 2000. Network Security Technologies Inc. (NSTI) kindly
|
|
|
|
* supported the development of this code.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2000 Angelos D. Keromytis
|
|
|
|
*
|
|
|
|
* Permission to use, copy, and modify this software with or without fee
|
|
|
|
* is hereby granted, provided that this entire notice is included in
|
|
|
|
* all source code copies of any software which is or includes a copy or
|
|
|
|
* modification of this software.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
|
|
|
|
* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
|
|
|
|
* MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
|
|
|
|
* PURPOSE.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2001 Theo de Raadt
|
2014-12-12 19:56:36 +00:00
|
|
|
* Copyright (c) 2014 The FreeBSD Foundation
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Portions of this software were developed by John-Mark Gurney
|
|
|
|
* under sponsorship of the FreeBSD Foundation and
|
|
|
|
* Rubicon Communications, LLC (Netgate).
|
2002-10-04 20:31:23 +00:00
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
*
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. The name of the author may not be used to endorse or promote products
|
|
|
|
* derived from this software without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
|
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
|
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* Effort sponsored in part by the Defense Advanced Research Projects
|
|
|
|
* Agency (DARPA) and Air Force Research Laboratory, Air Force
|
|
|
|
* Materiel Command, USAF, under agreement number F30602-01-2-0537.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _CRYPTO_CRYPTO_H_
|
|
|
|
#define _CRYPTO_CRYPTO_H_
|
|
|
|
|
|
|
|
#include <sys/ioccom.h>
|
|
|
|
|
2018-07-13 23:46:07 +00:00
|
|
|
#ifdef _KERNEL
|
|
|
|
#include <opencrypto/_cryptodev.h>
|
2019-02-10 21:27:03 +00:00
|
|
|
#include <sys/_task.h>
|
2018-07-13 23:46:07 +00:00
|
|
|
#endif
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
/* Some initial values */
|
|
|
|
#define CRYPTO_DRIVERS_INITIAL 4
|
|
|
|
#define CRYPTO_SW_SESSIONS 32
|
|
|
|
|
2006-06-04 14:20:47 +00:00
|
|
|
/* Hash values */
|
|
|
|
#define NULL_HASH_LEN 16
|
|
|
|
#define MD5_HASH_LEN 16
|
|
|
|
#define SHA1_HASH_LEN 20
|
|
|
|
#define RIPEMD160_HASH_LEN 20
|
2018-07-09 07:26:12 +00:00
|
|
|
#define SHA2_224_HASH_LEN 28
|
2006-06-04 14:20:47 +00:00
|
|
|
#define SHA2_256_HASH_LEN 32
|
|
|
|
#define SHA2_384_HASH_LEN 48
|
|
|
|
#define SHA2_512_HASH_LEN 64
|
|
|
|
#define MD5_KPDK_HASH_LEN 16
|
|
|
|
#define SHA1_KPDK_HASH_LEN 20
|
2015-08-04 17:47:11 +00:00
|
|
|
#define AES_GMAC_HASH_LEN 16
|
2018-08-17 00:30:04 +00:00
|
|
|
#define POLY1305_HASH_LEN 16
|
2019-02-15 03:46:39 +00:00
|
|
|
#define AES_CBC_MAC_HASH_LEN 16
|
2006-06-04 14:25:16 +00:00
|
|
|
/* Maximum hash algorithm result length */
|
|
|
|
#define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
|
|
|
|
|
2018-07-09 07:21:37 +00:00
|
|
|
#define MD5_BLOCK_LEN 64
|
|
|
|
#define SHA1_BLOCK_LEN 64
|
|
|
|
#define RIPEMD160_BLOCK_LEN 64
|
2018-07-09 07:26:12 +00:00
|
|
|
#define SHA2_224_BLOCK_LEN 64
|
2018-07-09 07:21:37 +00:00
|
|
|
#define SHA2_256_BLOCK_LEN 64
|
|
|
|
#define SHA2_384_BLOCK_LEN 128
|
|
|
|
#define SHA2_512_BLOCK_LEN 128
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
/* HMAC values */
|
2006-06-04 14:20:47 +00:00
|
|
|
#define NULL_HMAC_BLOCK_LEN 64
|
2006-06-04 14:29:42 +00:00
|
|
|
/* Maximum HMAC block length */
|
2018-07-09 07:21:37 +00:00
|
|
|
#define HMAC_MAX_BLOCK_LEN SHA2_512_BLOCK_LEN /* Keep this updated */
|
2006-06-04 14:20:47 +00:00
|
|
|
#define HMAC_IPAD_VAL 0x36
|
|
|
|
#define HMAC_OPAD_VAL 0x5C
|
2015-07-09 18:16:35 +00:00
|
|
|
/* HMAC Key Length */
|
2015-08-04 17:47:11 +00:00
|
|
|
#define AES_128_GMAC_KEY_LEN 16
|
|
|
|
#define AES_192_GMAC_KEY_LEN 24
|
|
|
|
#define AES_256_GMAC_KEY_LEN 32
|
2019-02-15 03:46:39 +00:00
|
|
|
#define AES_128_CBC_MAC_KEY_LEN 16
|
|
|
|
#define AES_192_CBC_MAC_KEY_LEN 24
|
|
|
|
#define AES_256_CBC_MAC_KEY_LEN 32
|
2002-10-04 20:31:23 +00:00
|
|
|
|
2018-08-17 00:30:04 +00:00
|
|
|
#define POLY1305_KEY_LEN 32
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
/* Encryption algorithm block sizes */
|
2015-08-04 17:47:11 +00:00
|
|
|
#define NULL_BLOCK_LEN 4 /* IPsec to maintain alignment */
|
2015-07-09 18:16:35 +00:00
|
|
|
#define DES_BLOCK_LEN 8
|
|
|
|
#define DES3_BLOCK_LEN 8
|
|
|
|
#define BLOWFISH_BLOCK_LEN 8
|
|
|
|
#define SKIPJACK_BLOCK_LEN 8
|
|
|
|
#define CAST128_BLOCK_LEN 8
|
|
|
|
#define RIJNDAEL128_BLOCK_LEN 16
|
|
|
|
#define AES_BLOCK_LEN 16
|
2015-07-14 07:45:18 +00:00
|
|
|
#define AES_ICM_BLOCK_LEN 1
|
2015-07-09 18:16:35 +00:00
|
|
|
#define ARC4_BLOCK_LEN 1
|
|
|
|
#define CAMELLIA_BLOCK_LEN 16
|
2018-03-29 04:02:50 +00:00
|
|
|
#define CHACHA20_NATIVE_BLOCK_LEN 64
|
|
|
|
#define EALG_MAX_BLOCK_LEN CHACHA20_NATIVE_BLOCK_LEN /* Keep this updated */
|
2015-07-09 18:16:35 +00:00
|
|
|
|
|
|
|
/* IV Lengths */
|
|
|
|
|
|
|
|
#define ARC4_IV_LEN 1
|
2015-07-14 07:45:18 +00:00
|
|
|
#define AES_GCM_IV_LEN 12
|
2015-07-09 18:16:35 +00:00
|
|
|
#define AES_XTS_IV_LEN 8
|
|
|
|
#define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */
|
|
|
|
|
|
|
|
/* Min and Max Encryption Key Sizes */
|
|
|
|
#define NULL_MIN_KEY 0
|
|
|
|
#define NULL_MAX_KEY 256 /* 2048 bits, max key */
|
|
|
|
#define DES_MIN_KEY 8
|
|
|
|
#define DES_MAX_KEY DES_MIN_KEY
|
|
|
|
#define TRIPLE_DES_MIN_KEY 24
|
|
|
|
#define TRIPLE_DES_MAX_KEY TRIPLE_DES_MIN_KEY
|
|
|
|
#define BLOWFISH_MIN_KEY 5
|
|
|
|
#define BLOWFISH_MAX_KEY 56 /* 448 bits, max key */
|
|
|
|
#define CAST_MIN_KEY 5
|
|
|
|
#define CAST_MAX_KEY 16
|
|
|
|
#define SKIPJACK_MIN_KEY 10
|
|
|
|
#define SKIPJACK_MAX_KEY SKIPJACK_MIN_KEY
|
|
|
|
#define RIJNDAEL_MIN_KEY 16
|
|
|
|
#define RIJNDAEL_MAX_KEY 32
|
2015-07-14 07:45:18 +00:00
|
|
|
#define AES_MIN_KEY RIJNDAEL_MIN_KEY
|
|
|
|
#define AES_MAX_KEY RIJNDAEL_MAX_KEY
|
|
|
|
#define AES_XTS_MIN_KEY (2 * AES_MIN_KEY)
|
|
|
|
#define AES_XTS_MAX_KEY (2 * AES_MAX_KEY)
|
2015-07-09 18:16:35 +00:00
|
|
|
#define ARC4_MIN_KEY 1
|
|
|
|
#define ARC4_MAX_KEY 32
|
|
|
|
#define CAMELLIA_MIN_KEY 8
|
|
|
|
#define CAMELLIA_MAX_KEY 32
|
2002-10-04 20:31:23 +00:00
|
|
|
|
2014-12-12 19:56:36 +00:00
|
|
|
/* Maximum hash algorithm result length */
|
2015-07-09 18:16:35 +00:00
|
|
|
#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */
|
2014-12-12 19:56:36 +00:00
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
#define CRYPTO_ALGORITHM_MIN 1
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTO_DES_CBC 1
|
|
|
|
#define CRYPTO_3DES_CBC 2
|
|
|
|
#define CRYPTO_BLF_CBC 3
|
|
|
|
#define CRYPTO_CAST_CBC 4
|
|
|
|
#define CRYPTO_SKIPJACK_CBC 5
|
|
|
|
#define CRYPTO_MD5_HMAC 6
|
|
|
|
#define CRYPTO_SHA1_HMAC 7
|
|
|
|
#define CRYPTO_RIPEMD160_HMAC 8
|
|
|
|
#define CRYPTO_MD5_KPDK 9
|
|
|
|
#define CRYPTO_SHA1_KPDK 10
|
|
|
|
#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
|
|
|
|
#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
|
|
|
|
#define CRYPTO_ARC4 12
|
2002-10-04 20:31:23 +00:00
|
|
|
#define CRYPTO_MD5 13
|
|
|
|
#define CRYPTO_SHA1 14
|
2006-05-17 18:24:17 +00:00
|
|
|
#define CRYPTO_NULL_HMAC 15
|
|
|
|
#define CRYPTO_NULL_CBC 16
|
|
|
|
#define CRYPTO_DEFLATE_COMP 17 /* Deflate compression algorithm */
|
|
|
|
#define CRYPTO_SHA2_256_HMAC 18
|
|
|
|
#define CRYPTO_SHA2_384_HMAC 19
|
|
|
|
#define CRYPTO_SHA2_512_HMAC 20
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTO_CAMELLIA_CBC 21
|
2010-09-23 11:52:32 +00:00
|
|
|
#define CRYPTO_AES_XTS 22
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTO_AES_ICM 23 /* commonly known as CTR mode */
|
|
|
|
#define CRYPTO_AES_NIST_GMAC 24 /* cipher side */
|
|
|
|
#define CRYPTO_AES_NIST_GCM_16 25 /* 16 byte ICV */
|
|
|
|
#define CRYPTO_AES_128_NIST_GMAC 26 /* auth side */
|
|
|
|
#define CRYPTO_AES_192_NIST_GMAC 27 /* auth side */
|
|
|
|
#define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */
|
Import Blake2 algorithms (blake2b, blake2s) from libb2
The upstream repository is on github BLAKE2/libb2. Files landed in
sys/contrib/libb2 are the unmodified upstream files, except for one
difference: secure_zero_memory's contents have been replaced with
explicit_bzero() only because the previous implementation broke powerpc
link. Preferential use of explicit_bzero() is in progress upstream, so
it is anticipated we will be able to drop this diff in the future.
sys/crypto/blake2 contains the source files needed to port libb2 to our
build system, a wrapped (limited) variant of the algorithm to match the API
of our auth_transform softcrypto abstraction, incorporation into the Open
Crypto Framework (OCF) cryptosoft(4) driver, as well as an x86 SSE/AVX
accelerated OCF driver, blake2(4).
Optimized variants of blake2 are compiled for a number of x86 machines
(anything from SSE2 to AVX + XOP). On those machines, FPU context will need
to be explicitly saved before using blake2(4)-provided algorithms directly.
Use via cryptodev / OCF saves FPU state automatically, and use via the
auth_transform softcrypto abstraction does not use FPU.
The intent of the OCF driver is mostly to enable testing in userspace via
/dev/crypto. ATF tests are added with published KAT test vectors to
validate correctness.
Reviewed by: jhb, markj
Obtained from: github BLAKE2/libb2
Differential Revision: https://reviews.freebsd.org/D14662
2018-03-21 16:18:14 +00:00
|
|
|
#define CRYPTO_BLAKE2B 29 /* Blake2b hash */
|
|
|
|
#define CRYPTO_BLAKE2S 30 /* Blake2s hash */
|
2018-03-29 04:02:50 +00:00
|
|
|
#define CRYPTO_CHACHA20 31 /* Chacha20 stream cipher */
|
2018-07-09 07:26:12 +00:00
|
|
|
#define CRYPTO_SHA2_224_HMAC 32
|
2018-07-09 07:28:13 +00:00
|
|
|
#define CRYPTO_RIPEMD160 33
|
|
|
|
#define CRYPTO_SHA2_224 34
|
|
|
|
#define CRYPTO_SHA2_256 35
|
|
|
|
#define CRYPTO_SHA2_384 36
|
|
|
|
#define CRYPTO_SHA2_512 37
|
2018-08-17 00:30:04 +00:00
|
|
|
#define CRYPTO_POLY1305 38
|
2019-02-15 03:46:39 +00:00
|
|
|
#define CRYPTO_AES_CCM_CBC_MAC 39 /* auth side */
|
|
|
|
#define CRYPTO_ALGORITHM_MAX 39 /* Keep updated - see below */
|
2014-12-12 19:56:36 +00:00
|
|
|
|
2015-07-09 18:16:35 +00:00
|
|
|
#define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \
|
2014-12-12 19:56:36 +00:00
|
|
|
(x) <= CRYPTO_ALGORITHM_MAX)
|
2002-10-04 20:31:23 +00:00
|
|
|
|
|
|
|
/* Algorithm flags */
|
|
|
|
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
|
|
|
|
#define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */
|
|
|
|
#define CRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */
|
|
|
|
|
2007-03-21 03:42:51 +00:00
|
|
|
/*
|
|
|
|
* Crypto driver/device flags. They can set in the crid
|
|
|
|
* parameter when creating a session or submitting a key
|
|
|
|
* op to affect the device/driver assigned. If neither
|
|
|
|
* of these are specified then the crid is assumed to hold
|
|
|
|
* the driver id of an existing (and suitable) device that
|
|
|
|
* must be used to satisfy the request.
|
|
|
|
*/
|
|
|
|
#define CRYPTO_FLAG_HARDWARE 0x01000000 /* hardware accelerated */
|
|
|
|
#define CRYPTO_FLAG_SOFTWARE 0x02000000 /* software implementation */
|
|
|
|
|
|
|
|
/* NB: deprecated */
|
2002-10-04 20:31:23 +00:00
|
|
|
struct session_op {
|
|
|
|
u_int32_t cipher; /* ie. CRYPTO_DES_CBC */
|
|
|
|
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
|
|
|
|
|
|
|
|
u_int32_t keylen; /* cipher key */
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t key;
|
2002-10-04 20:31:23 +00:00
|
|
|
int mackeylen; /* mac key */
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t mackey;
|
2002-10-04 20:31:23 +00:00
|
|
|
|
|
|
|
u_int32_t ses; /* returns: session # */
|
|
|
|
};
|
|
|
|
|
2018-07-18 00:56:25 +00:00
|
|
|
/*
|
|
|
|
* session and crypt _op structs are used by userspace programs to interact
|
|
|
|
* with /dev/crypto. Confusingly, the internal kernel interface is named
|
|
|
|
* "cryptop" (no underscore).
|
|
|
|
*/
|
2007-03-21 03:42:51 +00:00
|
|
|
struct session2_op {
|
|
|
|
u_int32_t cipher; /* ie. CRYPTO_DES_CBC */
|
|
|
|
u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */
|
|
|
|
|
|
|
|
u_int32_t keylen; /* cipher key */
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t key;
|
2007-03-21 03:42:51 +00:00
|
|
|
int mackeylen; /* mac key */
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t mackey;
|
2007-03-21 03:42:51 +00:00
|
|
|
|
|
|
|
u_int32_t ses; /* returns: session # */
|
|
|
|
int crid; /* driver id + flags (rw) */
|
|
|
|
int pad[4]; /* for future expansion */
|
|
|
|
};
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
struct crypt_op {
|
|
|
|
u_int32_t ses;
|
|
|
|
u_int16_t op; /* i.e. COP_ENCRYPT */
|
|
|
|
#define COP_ENCRYPT 1
|
|
|
|
#define COP_DECRYPT 2
|
2003-02-23 07:25:48 +00:00
|
|
|
u_int16_t flags;
|
2017-09-22 00:21:58 +00:00
|
|
|
#define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */
|
|
|
|
#define COP_F_BATCH 0x0008 /* Batch op if possible */
|
2002-10-04 20:31:23 +00:00
|
|
|
u_int len;
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t src; /* become iov[] inside kernel */
|
|
|
|
caddr_t dst;
|
2002-10-04 20:31:23 +00:00
|
|
|
caddr_t mac; /* must be big enough for chosen MAC */
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t iv;
|
2002-10-04 20:31:23 +00:00
|
|
|
};
|
|
|
|
|
2014-12-12 19:56:36 +00:00
|
|
|
/* op and flags the same as crypt_op */
|
|
|
|
struct crypt_aead {
|
|
|
|
u_int32_t ses;
|
|
|
|
u_int16_t op; /* i.e. COP_ENCRYPT */
|
|
|
|
u_int16_t flags;
|
|
|
|
u_int len;
|
|
|
|
u_int aadlen;
|
|
|
|
u_int ivlen;
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t src; /* become iov[] inside kernel */
|
|
|
|
caddr_t dst;
|
|
|
|
c_caddr_t aad; /* additional authenticated data */
|
2014-12-12 19:56:36 +00:00
|
|
|
caddr_t tag; /* must fit for chosen TAG length */
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t iv;
|
2014-12-12 19:56:36 +00:00
|
|
|
};
|
|
|
|
|
2007-03-21 03:42:51 +00:00
|
|
|
/*
|
|
|
|
* Parameters for looking up a crypto driver/device by
|
|
|
|
* device name or by id. The latter are returned for
|
|
|
|
* created sessions (crid) and completed key operations.
|
|
|
|
*/
|
|
|
|
struct crypt_find_op {
|
|
|
|
int crid; /* driver id + flags */
|
|
|
|
char name[32]; /* device/driver name */
|
|
|
|
};
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
/* bignum parameter, in packed bytes, ... */
|
|
|
|
struct crparam {
|
|
|
|
caddr_t crp_p;
|
|
|
|
u_int crp_nbits;
|
|
|
|
};
|
|
|
|
|
|
|
|
#define CRK_MAXPARAM 8
|
|
|
|
|
|
|
|
struct crypt_kop {
|
|
|
|
u_int crk_op; /* ie. CRK_MOD_EXP or other */
|
|
|
|
u_int crk_status; /* return status */
|
|
|
|
u_short crk_iparams; /* # of input parameters */
|
|
|
|
u_short crk_oparams; /* # of output parameters */
|
2007-03-21 03:42:51 +00:00
|
|
|
u_int crk_crid; /* NB: only used by CIOCKEY2 (rw) */
|
2002-10-04 20:31:23 +00:00
|
|
|
struct crparam crk_param[CRK_MAXPARAM];
|
|
|
|
};
|
|
|
|
#define CRK_ALGORITM_MIN 0
|
|
|
|
#define CRK_MOD_EXP 0
|
|
|
|
#define CRK_MOD_EXP_CRT 1
|
|
|
|
#define CRK_DSA_SIGN 2
|
|
|
|
#define CRK_DSA_VERIFY 3
|
|
|
|
#define CRK_DH_COMPUTE_KEY 4
|
|
|
|
#define CRK_ALGORITHM_MAX 4 /* Keep updated - see below */
|
|
|
|
|
|
|
|
#define CRF_MOD_EXP (1 << CRK_MOD_EXP)
|
|
|
|
#define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
|
|
|
|
#define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
|
|
|
|
#define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
|
|
|
|
#define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* done against open of /dev/crypto, to get a cloned descriptor.
|
|
|
|
* Please use F_SETFD against the cloned descriptor.
|
|
|
|
*/
|
|
|
|
#define CRIOGET _IOWR('c', 100, u_int32_t)
|
2007-03-21 03:42:51 +00:00
|
|
|
#define CRIOASYMFEAT CIOCASYMFEAT
|
|
|
|
#define CRIOFINDDEV CIOCFINDDEV
|
2002-10-04 20:31:23 +00:00
|
|
|
|
|
|
|
/* the following are done against the cloned descriptor */
|
|
|
|
#define CIOCGSESSION _IOWR('c', 101, struct session_op)
|
|
|
|
#define CIOCFSESSION _IOW('c', 102, u_int32_t)
|
|
|
|
#define CIOCCRYPT _IOWR('c', 103, struct crypt_op)
|
|
|
|
#define CIOCKEY _IOWR('c', 104, struct crypt_kop)
|
|
|
|
#define CIOCASYMFEAT _IOR('c', 105, u_int32_t)
|
2007-03-21 03:42:51 +00:00
|
|
|
#define CIOCGSESSION2 _IOWR('c', 106, struct session2_op)
|
|
|
|
#define CIOCKEY2 _IOWR('c', 107, struct crypt_kop)
|
|
|
|
#define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op)
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CIOCCRYPTAEAD _IOWR('c', 109, struct crypt_aead)
|
2002-10-04 20:31:23 +00:00
|
|
|
|
2003-01-03 06:16:59 +00:00
|
|
|
struct cryptotstat {
|
|
|
|
struct timespec acc; /* total accumulated time */
|
|
|
|
struct timespec min; /* min time */
|
|
|
|
struct timespec max; /* max time */
|
|
|
|
u_int32_t count; /* number of observations */
|
|
|
|
};
|
|
|
|
|
|
|
|
struct cryptostats {
|
|
|
|
u_int32_t cs_ops; /* symmetric crypto ops submitted */
|
|
|
|
u_int32_t cs_errs; /* symmetric crypto ops that failed */
|
|
|
|
u_int32_t cs_kops; /* asymetric/key ops submitted */
|
|
|
|
u_int32_t cs_kerrs; /* asymetric/key ops that failed */
|
|
|
|
u_int32_t cs_intrs; /* crypto swi thread activations */
|
|
|
|
u_int32_t cs_rets; /* crypto return thread activations */
|
|
|
|
u_int32_t cs_blocks; /* symmetric op driver block */
|
|
|
|
u_int32_t cs_kblocks; /* symmetric op driver block */
|
|
|
|
/*
|
|
|
|
* When CRYPTO_TIMING is defined at compile time and the
|
|
|
|
* sysctl debug.crypto is set to 1, the crypto system will
|
|
|
|
* accumulate statistics about how long it takes to process
|
|
|
|
* crypto requests at various points during processing.
|
|
|
|
*/
|
|
|
|
struct cryptotstat cs_invoke; /* crypto_dipsatch -> crypto_invoke */
|
|
|
|
struct cryptotstat cs_done; /* crypto_invoke -> crypto_done */
|
|
|
|
struct cryptotstat cs_cb; /* crypto_done -> callback */
|
|
|
|
struct cryptotstat cs_finis; /* callback -> callback return */
|
|
|
|
};
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
#ifdef _KERNEL
|
2014-12-12 19:56:36 +00:00
|
|
|
|
|
|
|
#if 0
|
2018-03-26 22:31:29 +00:00
|
|
|
#define CRYPTDEB(s, ...) do { \
|
|
|
|
printf("%s:%d: " s "\n", __FILE__, __LINE__, ## __VA_ARGS__); \
|
|
|
|
} while (0)
|
2014-12-12 19:56:36 +00:00
|
|
|
#else
|
2018-03-26 22:31:29 +00:00
|
|
|
#define CRYPTDEB(...) do { } while (0)
|
2014-12-12 19:56:36 +00:00
|
|
|
#endif
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
/* Standard initialization structure beginning */
|
|
|
|
struct cryptoini {
|
|
|
|
int cri_alg; /* Algorithm to use */
|
|
|
|
int cri_klen; /* Key length, in bits */
|
2006-05-17 18:24:17 +00:00
|
|
|
int cri_mlen; /* Number of bytes we want from the
|
|
|
|
entire hash. 0 means all. */
|
2002-10-04 20:31:23 +00:00
|
|
|
caddr_t cri_key; /* key to use */
|
|
|
|
u_int8_t cri_iv[EALG_MAX_BLOCK_LEN]; /* IV to use */
|
|
|
|
struct cryptoini *cri_next;
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Describe boundaries of a single crypto operation */
|
|
|
|
struct cryptodesc {
|
|
|
|
int crd_skip; /* How many bytes to ignore from start */
|
|
|
|
int crd_len; /* How many bytes to process */
|
|
|
|
int crd_inject; /* Where to inject results, if applicable */
|
|
|
|
int crd_flags;
|
|
|
|
|
|
|
|
#define CRD_F_ENCRYPT 0x01 /* Set when doing encryption */
|
|
|
|
#define CRD_F_IV_PRESENT 0x02 /* When encrypting, IV is already in
|
|
|
|
place, so don't copy. */
|
|
|
|
#define CRD_F_IV_EXPLICIT 0x04 /* IV explicitly provided */
|
|
|
|
#define CRD_F_DSA_SHA_NEEDED 0x08 /* Compute SHA-1 of buffer for DSA */
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRD_F_COMP 0x0f /* Set when doing compression */
|
2004-02-02 17:06:34 +00:00
|
|
|
#define CRD_F_KEY_EXPLICIT 0x10 /* Key explicitly provided */
|
2002-10-04 20:31:23 +00:00
|
|
|
|
|
|
|
struct cryptoini CRD_INI; /* Initialization/context data */
|
2014-12-12 19:56:36 +00:00
|
|
|
#define crd_esn CRD_INI.cri_esn
|
|
|
|
#define crd_iv CRD_INI.cri_iv
|
|
|
|
#define crd_key CRD_INI.cri_key
|
|
|
|
#define crd_alg CRD_INI.cri_alg
|
|
|
|
#define crd_klen CRD_INI.cri_klen
|
2002-10-04 20:31:23 +00:00
|
|
|
|
|
|
|
struct cryptodesc *crd_next;
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Structure describing complete operation */
|
|
|
|
struct cryptop {
|
|
|
|
TAILQ_ENTRY(cryptop) crp_next;
|
|
|
|
|
2017-11-03 10:27:22 +00:00
|
|
|
struct task crp_task;
|
|
|
|
|
2018-07-18 00:56:25 +00:00
|
|
|
crypto_session_t crp_session; /* Session */
|
2002-10-04 20:31:23 +00:00
|
|
|
int crp_ilen; /* Input data total length */
|
|
|
|
int crp_olen; /* Result total length */
|
|
|
|
|
|
|
|
int crp_etype; /*
|
|
|
|
* Error type (zero means no error).
|
|
|
|
* All error codes except EAGAIN
|
|
|
|
* indicate possible data corruption (as in,
|
|
|
|
* the data have been touched). On all
|
2018-07-18 00:56:25 +00:00
|
|
|
* errors, the crp_session may have changed
|
2002-10-04 20:31:23 +00:00
|
|
|
* (reset to a new one), so the caller
|
|
|
|
* should always check and use the new
|
|
|
|
* value on future requests.
|
|
|
|
*/
|
|
|
|
int crp_flags;
|
|
|
|
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTO_F_IMBUF 0x0001 /* Input/output are mbuf chains */
|
|
|
|
#define CRYPTO_F_IOV 0x0002 /* Input/output are uio */
|
2003-06-30 05:09:32 +00:00
|
|
|
#define CRYPTO_F_BATCH 0x0008 /* Batch op if possible */
|
|
|
|
#define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */
|
|
|
|
#define CRYPTO_F_DONE 0x0020 /* Operation completed */
|
|
|
|
#define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */
|
2017-11-03 10:27:22 +00:00
|
|
|
#define CRYPTO_F_ASYNC 0x0080 /* Dispatch crypto jobs on several threads
|
|
|
|
* if op is synchronous
|
|
|
|
*/
|
|
|
|
#define CRYPTO_F_ASYNC_KEEPORDER 0x0100 /*
|
|
|
|
* Dispatch the crypto jobs in the same
|
|
|
|
* order there are submitted. Applied only
|
|
|
|
* if CRYPTO_F_ASYNC flags is set
|
|
|
|
*/
|
2002-10-04 20:31:23 +00:00
|
|
|
|
2018-01-16 19:41:18 +00:00
|
|
|
union {
|
|
|
|
caddr_t crp_buf; /* Data to be processed */
|
|
|
|
struct mbuf *crp_mbuf;
|
|
|
|
struct uio *crp_uio;
|
|
|
|
};
|
2018-01-11 18:09:24 +00:00
|
|
|
void * crp_opaque; /* Opaque pointer, passed along */
|
2002-10-04 20:31:23 +00:00
|
|
|
struct cryptodesc *crp_desc; /* Linked list of processing descriptors */
|
|
|
|
|
|
|
|
int (*crp_callback)(struct cryptop *); /* Callback function */
|
|
|
|
|
2003-01-03 06:16:59 +00:00
|
|
|
struct bintime crp_tstamp; /* performance time stamp */
|
2017-11-03 10:27:22 +00:00
|
|
|
uint32_t crp_seq; /* used for ordered dispatch */
|
|
|
|
uint32_t crp_retw_id; /*
|
|
|
|
* the return worker to be used,
|
|
|
|
* used for ordered dispatch
|
|
|
|
*/
|
2002-10-04 20:31:23 +00:00
|
|
|
};
|
|
|
|
|
2017-11-03 10:27:22 +00:00
|
|
|
#define CRYPTOP_ASYNC(crp) \
|
|
|
|
(((crp)->crp_flags & CRYPTO_F_ASYNC) && \
|
2018-07-18 00:56:25 +00:00
|
|
|
crypto_ses2caps((crp)->crp_session) & CRYPTOCAP_F_SYNC)
|
2017-11-03 10:27:22 +00:00
|
|
|
#define CRYPTOP_ASYNC_KEEPORDER(crp) \
|
|
|
|
(CRYPTOP_ASYNC(crp) && \
|
|
|
|
(crp)->crp_flags & CRYPTO_F_ASYNC_KEEPORDER)
|
|
|
|
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTO_BUF_CONTIG 0x0
|
|
|
|
#define CRYPTO_BUF_IOV 0x1
|
|
|
|
#define CRYPTO_BUF_MBUF 0x2
|
2002-10-04 20:31:23 +00:00
|
|
|
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTO_OP_DECRYPT 0x0
|
|
|
|
#define CRYPTO_OP_ENCRYPT 0x1
|
2002-10-04 20:31:23 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Hints passed to process methods.
|
|
|
|
*/
|
|
|
|
#define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */
|
|
|
|
|
|
|
|
struct cryptkop {
|
|
|
|
TAILQ_ENTRY(cryptkop) krp_next;
|
|
|
|
|
|
|
|
u_int krp_op; /* ie. CRK_MOD_EXP or other */
|
|
|
|
u_int krp_status; /* return status */
|
|
|
|
u_short krp_iparams; /* # of input parameters */
|
|
|
|
u_short krp_oparams; /* # of output parameters */
|
2007-03-21 03:42:51 +00:00
|
|
|
u_int krp_crid; /* desired device, etc. */
|
2002-10-04 20:31:23 +00:00
|
|
|
u_int32_t krp_hid;
|
|
|
|
struct crparam krp_param[CRK_MAXPARAM]; /* kvm */
|
|
|
|
int (*krp_callback)(struct cryptkop *);
|
|
|
|
};
|
|
|
|
|
2018-07-18 00:56:25 +00:00
|
|
|
uint32_t crypto_ses2hid(crypto_session_t crypto_session);
|
|
|
|
uint32_t crypto_ses2caps(crypto_session_t crypto_session);
|
|
|
|
void *crypto_get_driver_session(crypto_session_t crypto_session);
|
2003-06-27 20:07:10 +00:00
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
MALLOC_DECLARE(M_CRYPTO_DATA);
|
|
|
|
|
2018-07-18 00:56:25 +00:00
|
|
|
extern int crypto_newsession(crypto_session_t *cses, struct cryptoini *cri, int hard);
|
|
|
|
extern void crypto_freesession(crypto_session_t cses);
|
2014-12-12 19:56:36 +00:00
|
|
|
#define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE
|
|
|
|
#define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE
|
|
|
|
#define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */
|
2018-07-18 00:56:25 +00:00
|
|
|
extern int32_t crypto_get_driverid(device_t dev, size_t session_size,
|
|
|
|
int flags);
|
2007-03-21 03:42:51 +00:00
|
|
|
extern int crypto_find_driver(const char *);
|
|
|
|
extern device_t crypto_find_device_byhid(int hid);
|
|
|
|
extern int crypto_getcaps(int hid);
|
2002-10-04 20:31:23 +00:00
|
|
|
extern int crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen,
|
2007-03-21 03:42:51 +00:00
|
|
|
u_int32_t flags);
|
|
|
|
extern int crypto_kregister(u_int32_t, int, u_int32_t);
|
2002-10-04 20:31:23 +00:00
|
|
|
extern int crypto_unregister(u_int32_t driverid, int alg);
|
|
|
|
extern int crypto_unregister_all(u_int32_t driverid);
|
|
|
|
extern int crypto_dispatch(struct cryptop *crp);
|
|
|
|
extern int crypto_kdispatch(struct cryptkop *);
|
|
|
|
#define CRYPTO_SYMQ 0x1
|
|
|
|
#define CRYPTO_ASYMQ 0x2
|
|
|
|
extern int crypto_unblock(u_int32_t, int);
|
|
|
|
extern void crypto_done(struct cryptop *crp);
|
|
|
|
extern void crypto_kdone(struct cryptkop *);
|
|
|
|
extern int crypto_getfeat(int *);
|
|
|
|
|
|
|
|
extern void crypto_freereq(struct cryptop *crp);
|
|
|
|
extern struct cryptop *crypto_getreq(int num);
|
|
|
|
|
|
|
|
extern int crypto_usercrypto; /* userland may do crypto requests */
|
|
|
|
extern int crypto_userasymcrypto; /* userland may do asym crypto reqs */
|
|
|
|
extern int crypto_devallowsoft; /* only use hardware crypto */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Crypto-related utility routines used mainly by drivers.
|
|
|
|
*
|
|
|
|
* XXX these don't really belong here; but for now they're
|
|
|
|
* kept apart from the rest of the system.
|
|
|
|
*/
|
|
|
|
struct uio;
|
|
|
|
extern void cuio_copydata(struct uio* uio, int off, int len, caddr_t cp);
|
2017-05-09 18:28:42 +00:00
|
|
|
extern void cuio_copyback(struct uio* uio, int off, int len, c_caddr_t cp);
|
2014-12-12 19:56:36 +00:00
|
|
|
extern int cuio_getptr(struct uio *uio, int loc, int *off);
|
2006-05-17 17:58:05 +00:00
|
|
|
extern int cuio_apply(struct uio *uio, int off, int len,
|
2006-05-17 18:24:17 +00:00
|
|
|
int (*f)(void *, void *, u_int), void *arg);
|
2006-06-04 22:15:13 +00:00
|
|
|
|
2014-12-12 19:56:36 +00:00
|
|
|
struct mbuf;
|
|
|
|
struct iovec;
|
2015-07-07 18:45:32 +00:00
|
|
|
extern int crypto_mbuftoiov(struct mbuf *mbuf, struct iovec **iovptr,
|
2014-12-12 19:56:36 +00:00
|
|
|
int *cnt, int *allocated);
|
|
|
|
|
2006-06-04 22:15:13 +00:00
|
|
|
extern void crypto_copyback(int flags, caddr_t buf, int off, int size,
|
2017-05-09 18:28:42 +00:00
|
|
|
c_caddr_t in);
|
2006-06-04 22:15:13 +00:00
|
|
|
extern void crypto_copydata(int flags, caddr_t buf, int off, int size,
|
|
|
|
caddr_t out);
|
|
|
|
extern int crypto_apply(int flags, caddr_t buf, int off, int len,
|
|
|
|
int (*f)(void *, void *, u_int), void *arg);
|
2018-01-16 19:41:18 +00:00
|
|
|
|
2018-12-13 04:40:53 +00:00
|
|
|
extern void *crypto_contiguous_subsegment(int, void *, size_t, size_t);
|
|
|
|
|
2002-10-04 20:31:23 +00:00
|
|
|
#endif /* _KERNEL */
|
|
|
|
#endif /* _CRYPTO_CRYPTO_H_ */
|