a12b47f4cd
- crypto_apply() is only used for reading a buffer to compute a digest, so change the data pointer to a const pointer. - To better match m_apply(), change the data pointer type to void * and the length from uint16_t to u_int. The length field in particular matters as none of the apply logic was splitting requests larger than UINT16_MAX. - Adjust the auth_xform Update callback to match the function prototype passed to crypto_apply() and crypto_apply_buf(). This removes the needs for casts when using the Update callback. - Change the Reinit and Setkey callbacks to also use a u_int length instead of uint16_t. - Update auth transforms for the changes. While here, use C99 initializers for auth_hash structures and avoid casts on callbacks. Reviewed by: cem Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D25171
92 lines
2.1 KiB
C
92 lines
2.1 KiB
C
/* This file is in the public domain. */
|
|
|
|
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
#include <opencrypto/xform_auth.h>
|
|
#include <opencrypto/xform_poly1305.h>
|
|
|
|
#include <sodium/crypto_onetimeauth_poly1305.h>
|
|
|
|
struct poly1305_xform_ctx {
|
|
struct crypto_onetimeauth_poly1305_state state;
|
|
};
|
|
CTASSERT(sizeof(union authctx) >= sizeof(struct poly1305_xform_ctx));
|
|
|
|
CTASSERT(POLY1305_KEY_LEN == crypto_onetimeauth_poly1305_KEYBYTES);
|
|
CTASSERT(POLY1305_HASH_LEN == crypto_onetimeauth_poly1305_BYTES);
|
|
|
|
void
|
|
Poly1305_Init(void *polyctx)
|
|
{
|
|
/* Nop */
|
|
}
|
|
|
|
void
|
|
Poly1305_Setkey(struct poly1305_xform_ctx *polyctx,
|
|
const uint8_t key[__min_size(POLY1305_KEY_LEN)], size_t klen)
|
|
{
|
|
int rc;
|
|
|
|
if (klen != POLY1305_KEY_LEN)
|
|
panic("%s: Bogus keylen: %u bytes", __func__, (unsigned)klen);
|
|
|
|
rc = crypto_onetimeauth_poly1305_init(&polyctx->state, key);
|
|
if (rc != 0)
|
|
panic("%s: Invariant violated: %d", __func__, rc);
|
|
}
|
|
|
|
static void
|
|
xform_Poly1305_Setkey(void *ctx, const uint8_t *key, u_int klen)
|
|
{
|
|
Poly1305_Setkey(ctx, key, klen);
|
|
}
|
|
|
|
int
|
|
Poly1305_Update(struct poly1305_xform_ctx *polyctx, const void *data,
|
|
size_t len)
|
|
{
|
|
int rc;
|
|
|
|
rc = crypto_onetimeauth_poly1305_update(&polyctx->state, data, len);
|
|
if (rc != 0)
|
|
panic("%s: Invariant violated: %d", __func__, rc);
|
|
return (0);
|
|
}
|
|
|
|
static int
|
|
xform_Poly1305_Update(void *ctx, const void *data, u_int len)
|
|
{
|
|
return (Poly1305_Update(ctx, data, len));
|
|
}
|
|
|
|
void
|
|
Poly1305_Final(uint8_t digest[__min_size(POLY1305_HASH_LEN)],
|
|
struct poly1305_xform_ctx *polyctx)
|
|
{
|
|
int rc;
|
|
|
|
rc = crypto_onetimeauth_poly1305_final(&polyctx->state, digest);
|
|
if (rc != 0)
|
|
panic("%s: Invariant violated: %d", __func__, rc);
|
|
}
|
|
|
|
static void
|
|
xform_Poly1305_Final(uint8_t *digest, void *ctx)
|
|
{
|
|
Poly1305_Final(digest, ctx);
|
|
}
|
|
|
|
struct auth_hash auth_hash_poly1305 = {
|
|
.type = CRYPTO_POLY1305,
|
|
.name = "Poly-1305",
|
|
.keysize = POLY1305_KEY_LEN,
|
|
.hashsize = POLY1305_HASH_LEN,
|
|
.ctxsize = sizeof(struct poly1305_xform_ctx),
|
|
.blocksize = crypto_onetimeauth_poly1305_BYTES,
|
|
.Init = Poly1305_Init,
|
|
.Setkey = xform_Poly1305_Setkey,
|
|
.Update = xform_Poly1305_Update,
|
|
.Final = xform_Poly1305_Final,
|
|
};
|