c3ff54cc39
for counter mode), and AES-GCM. Both of these modes have been added to the aesni module. Included is a set of tests to validate that the software and aesni module calculate the correct values. These use the NIST KAT test vectors. To run the test, you will need to install a soon to be committed port, nist-kat that will install the vectors. Using a port is necessary as the test vectors are around 25MB. All the man pages were updated. I have added a new man page, crypto.7, which includes a description of how to use each mode. All the new modes and some other AES modes are present. It would be good for someone else to go through and document the other modes. A new ioctl was added to support AEAD modes which AES-GCM is one of them. Without this ioctl, it is not possible to test AEAD modes from userland. Add a timing safe bcmp for use to compare MACs. Previously we were using bcmp which could leak timing info and result in the ability to forge messages. Add a minor optimization to the aesni module so that single segment mbufs don't get copied and instead are updated in place. The aesni module needs to be updated to support blocked IO so segmented mbufs don't have to be copied. We require that the IV be specified for all calls for both GCM and ICM. This is to ensure proper use of these functions. Obtained from: p4: //depot/projects/opencrypto Relnotes: yes Sponsored by: FreeBSD Foundation Sponsored by: NetGate
123 lines
3.7 KiB
C
123 lines
3.7 KiB
C
/* $FreeBSD$ */
|
|
/* $OpenBSD: xform.h,v 1.8 2001/08/28 12:20:43 ben Exp $ */
|
|
|
|
/*-
|
|
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
|
|
*
|
|
* This code was written by Angelos D. Keromytis in Athens, Greece, in
|
|
* February 2000. Network Security Technologies Inc. (NSTI) kindly
|
|
* supported the development of this code.
|
|
*
|
|
* Copyright (c) 2000 Angelos D. Keromytis
|
|
* Copyright (c) 2014 The FreeBSD Foundation
|
|
* All rights reserved.
|
|
*
|
|
* Portions of this software were developed by John-Mark Gurney
|
|
* under sponsorship of the FreeBSD Foundation and
|
|
* Rubicon Communications, LLC (Netgate).
|
|
*
|
|
* Permission to use, copy, and modify this software without fee
|
|
* is hereby granted, provided that this entire notice is included in
|
|
* all source code copies of any software which is or includes a copy or
|
|
* modification of this software.
|
|
*
|
|
* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
|
|
* IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
|
|
* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
|
|
* MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
|
|
* PURPOSE.
|
|
*/
|
|
|
|
#ifndef _CRYPTO_XFORM_H_
|
|
#define _CRYPTO_XFORM_H_
|
|
|
|
#include <sys/md5.h>
|
|
#include <crypto/sha1.h>
|
|
#include <crypto/sha2/sha2.h>
|
|
#include <opencrypto/rmd160.h>
|
|
#include <opencrypto/gmac.h>
|
|
|
|
/* Declarations */
|
|
struct auth_hash {
|
|
int type;
|
|
char *name;
|
|
u_int16_t keysize;
|
|
u_int16_t hashsize;
|
|
u_int16_t ctxsize;
|
|
u_int16_t blocksize;
|
|
void (*Init) (void *);
|
|
void (*Setkey) (void *, const u_int8_t *, u_int16_t);
|
|
void (*Reinit) (void *, const u_int8_t *, u_int16_t);
|
|
int (*Update) (void *, const u_int8_t *, u_int16_t);
|
|
void (*Final) (u_int8_t *, void *);
|
|
};
|
|
|
|
/* XXX use a define common with other hash stuff ! */
|
|
#define AH_ALEN_MAX 64 /* max authenticator hash length */
|
|
|
|
struct enc_xform {
|
|
int type;
|
|
char *name;
|
|
u_int16_t blocksize;
|
|
u_int16_t ivsize;
|
|
u_int16_t minkey, maxkey;
|
|
void (*encrypt) (caddr_t, u_int8_t *);
|
|
void (*decrypt) (caddr_t, u_int8_t *);
|
|
int (*setkey) (u_int8_t **, u_int8_t *, int len);
|
|
void (*zerokey) (u_int8_t **);
|
|
void (*reinit) (caddr_t, u_int8_t *);
|
|
};
|
|
|
|
struct comp_algo {
|
|
int type;
|
|
char *name;
|
|
size_t minlen;
|
|
u_int32_t (*compress) (u_int8_t *, u_int32_t, u_int8_t **);
|
|
u_int32_t (*decompress) (u_int8_t *, u_int32_t, u_int8_t **);
|
|
};
|
|
|
|
union authctx {
|
|
MD5_CTX md5ctx;
|
|
SHA1_CTX sha1ctx;
|
|
RMD160_CTX rmd160ctx;
|
|
SHA256_CTX sha256ctx;
|
|
SHA384_CTX sha384ctx;
|
|
SHA512_CTX sha512ctx;
|
|
struct aes_gmac_ctx aes_gmac_ctx;
|
|
};
|
|
|
|
extern struct enc_xform enc_xform_null;
|
|
extern struct enc_xform enc_xform_des;
|
|
extern struct enc_xform enc_xform_3des;
|
|
extern struct enc_xform enc_xform_blf;
|
|
extern struct enc_xform enc_xform_cast5;
|
|
extern struct enc_xform enc_xform_skipjack;
|
|
extern struct enc_xform enc_xform_rijndael128;
|
|
extern struct enc_xform enc_xform_aes_icm;
|
|
extern struct enc_xform enc_xform_aes_nist_gcm;
|
|
extern struct enc_xform enc_xform_aes_nist_gmac;
|
|
extern struct enc_xform enc_xform_aes_xts;
|
|
extern struct enc_xform enc_xform_arc4;
|
|
extern struct enc_xform enc_xform_camellia;
|
|
|
|
extern struct auth_hash auth_hash_null;
|
|
extern struct auth_hash auth_hash_key_md5;
|
|
extern struct auth_hash auth_hash_key_sha1;
|
|
extern struct auth_hash auth_hash_hmac_md5;
|
|
extern struct auth_hash auth_hash_hmac_sha1;
|
|
extern struct auth_hash auth_hash_hmac_ripemd_160;
|
|
extern struct auth_hash auth_hash_hmac_sha2_256;
|
|
extern struct auth_hash auth_hash_hmac_sha2_384;
|
|
extern struct auth_hash auth_hash_hmac_sha2_512;
|
|
extern struct auth_hash auth_hash_nist_gmac_aes_128;
|
|
extern struct auth_hash auth_hash_nist_gmac_aes_192;
|
|
extern struct auth_hash auth_hash_nist_gmac_aes_256;
|
|
|
|
extern struct comp_algo comp_algo_deflate;
|
|
|
|
#ifdef _KERNEL
|
|
#include <sys/malloc.h>
|
|
MALLOC_DECLARE(M_XDATA);
|
|
#endif
|
|
#endif /* _CRYPTO_XFORM_H_ */
|