Module Name: src
Committed By: drochner
Date: Mon May 23 13:51:10 UTC 2011
Modified Files:
src/sys/opencrypto: cryptodev.c cryptodev.h cryptosoft.c
cryptosoft_xform.c xform.c xform.h
Log Message:
add an AES-CTR xform, from OpenBSD
To generate a diff of this commit:
cvs rdiff -u -r1.58 -r1.59 src/sys/opencrypto/cryptodev.c
cvs rdiff -u -r1.21 -r1.22 src/sys/opencrypto/cryptodev.h
cvs rdiff -u -r1.32 -r1.33 src/sys/opencrypto/cryptosoft.c
cvs rdiff -u -r1.17 -r1.18 src/sys/opencrypto/cryptosoft_xform.c
cvs rdiff -u -r1.24 -r1.25 src/sys/opencrypto/xform.c
cvs rdiff -u -r1.15 -r1.16 src/sys/opencrypto/xform.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/opencrypto/cryptodev.c
diff -u src/sys/opencrypto/cryptodev.c:1.58 src/sys/opencrypto/cryptodev.c:1.59
--- src/sys/opencrypto/cryptodev.c:1.58 Mon May 23 13:46:54 2011
+++ src/sys/opencrypto/cryptodev.c Mon May 23 13:51:10 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptodev.c,v 1.58 2011/05/23 13:46:54 drochner Exp $ */
+/* $NetBSD: cryptodev.c,v 1.59 2011/05/23 13:51:10 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */
/* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */
@@ -64,7 +64,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.58 2011/05/23 13:46:54 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.59 2011/05/23 13:51:10 drochner Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -1521,6 +1521,9 @@
case CRYPTO_AES_CBC:
txform = &enc_xform_rijndael128;
break;
+ case CRYPTO_AES_CTR:
+ txform = &enc_xform_aes_ctr;
+ break;
case CRYPTO_NULL_CBC:
txform = &enc_xform_null;
break;
Index: src/sys/opencrypto/cryptodev.h
diff -u src/sys/opencrypto/cryptodev.h:1.21 src/sys/opencrypto/cryptodev.h:1.22
--- src/sys/opencrypto/cryptodev.h:1.21 Mon May 16 10:18:52 2011
+++ src/sys/opencrypto/cryptodev.h Mon May 23 13:51:10 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptodev.h,v 1.21 2011/05/16 10:18:52 drochner Exp $ */
+/* $NetBSD: cryptodev.h,v 1.22 2011/05/23 13:51:10 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.2.2.6 2003/07/02 17:04:50 sam Exp $ */
/* $OpenBSD: cryptodev.h,v 1.33 2002/07/17 23:52:39 art Exp $ */
@@ -138,7 +138,8 @@
#define CRYPTO_SHA2_384_HMAC 24
#define CRYPTO_SHA2_512_HMAC 25
#define CRYPTO_CAMELLIA_CBC 26
-#define CRYPTO_ALGORITHM_MAX 26 /* Keep updated - see below */
+#define CRYPTO_AES_CTR 27
+#define CRYPTO_ALGORITHM_MAX 27 /* Keep updated - see below */
/* Algorithm flags */
#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
Index: src/sys/opencrypto/cryptosoft.c
diff -u src/sys/opencrypto/cryptosoft.c:1.32 src/sys/opencrypto/cryptosoft.c:1.33
--- src/sys/opencrypto/cryptosoft.c:1.32 Mon May 23 13:46:54 2011
+++ src/sys/opencrypto/cryptosoft.c Mon May 23 13:51:10 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptosoft.c,v 1.32 2011/05/23 13:46:54 drochner Exp $ */
+/* $NetBSD: cryptosoft.c,v 1.33 2011/05/23 13:51:10 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/cryptosoft.c,v 1.2.2.1 2002/11/21 23:34:23 sam Exp $ */
/* $OpenBSD: cryptosoft.c,v 1.35 2002/04/26 08:43:50 deraadt Exp $ */
@@ -24,7 +24,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.32 2011/05/23 13:46:54 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.33 2011/05/23 13:51:10 drochner Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -702,6 +702,9 @@
case CRYPTO_CAMELLIA_CBC:
txf = &swcr_enc_xform_camellia;
goto enccommon;
+ case CRYPTO_AES_CTR:
+ txf = &swcr_enc_xform_aes_ctr;
+ goto enccommon;
case CRYPTO_NULL_CBC:
txf = &swcr_enc_xform_null;
goto enccommon;
@@ -889,6 +892,7 @@
case CRYPTO_SKIPJACK_CBC:
case CRYPTO_RIJNDAEL128_CBC:
case CRYPTO_CAMELLIA_CBC:
+ case CRYPTO_AES_CTR:
case CRYPTO_NULL_CBC:
txf = swd->sw_exf;
@@ -1017,6 +1021,7 @@
case CRYPTO_SKIPJACK_CBC:
case CRYPTO_RIJNDAEL128_CBC:
case CRYPTO_CAMELLIA_CBC:
+ case CRYPTO_AES_CTR:
if ((crp->crp_etype = swcr_encdec(crd, sw,
crp->crp_buf, type)) != 0)
goto done;
@@ -1084,6 +1089,7 @@
REGISTER(CRYPTO_CAST_CBC);
REGISTER(CRYPTO_SKIPJACK_CBC);
REGISTER(CRYPTO_CAMELLIA_CBC);
+ REGISTER(CRYPTO_AES_CTR);
REGISTER(CRYPTO_NULL_CBC);
REGISTER(CRYPTO_MD5_HMAC);
REGISTER(CRYPTO_MD5_HMAC_96);
Index: src/sys/opencrypto/cryptosoft_xform.c
diff -u src/sys/opencrypto/cryptosoft_xform.c:1.17 src/sys/opencrypto/cryptosoft_xform.c:1.18
--- src/sys/opencrypto/cryptosoft_xform.c:1.17 Mon May 23 13:46:54 2011
+++ src/sys/opencrypto/cryptosoft_xform.c Mon May 23 13:51:10 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: cryptosoft_xform.c,v 1.17 2011/05/23 13:46:54 drochner Exp $ */
+/* $NetBSD: cryptosoft_xform.c,v 1.18 2011/05/23 13:51:10 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */
/* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */
@@ -40,7 +40,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: cryptosoft_xform.c,v 1.17 2011/05/23 13:46:54 drochner Exp $");
+__KERNEL_RCSID(1, "$NetBSD: cryptosoft_xform.c,v 1.18 2011/05/23 13:51:10 drochner Exp $");
#include <crypto/blowfish/blowfish.h>
#include <crypto/cast128/cast128.h>
@@ -89,6 +89,7 @@
static int skipjack_setkey(u_int8_t **, const u_int8_t *, int);
static int rijndael128_setkey(u_int8_t **, const u_int8_t *, int);
static int cml_setkey(u_int8_t **, const u_int8_t *, int);
+static int aes_ctr_setkey(u_int8_t **, const u_int8_t *, int);
static void des1_encrypt(void *, u_int8_t *);
static void des3_encrypt(void *, u_int8_t *);
static void blf_encrypt(void *, u_int8_t *);
@@ -103,6 +104,7 @@
static void skipjack_decrypt(void *, u_int8_t *);
static void rijndael128_decrypt(void *, u_int8_t *);
static void cml_decrypt(void *, u_int8_t *);
+static void aes_ctr_crypt(void *, u_int8_t *);
static void des1_zerokey(u_int8_t **);
static void des3_zerokey(u_int8_t **);
static void blf_zerokey(u_int8_t **);
@@ -110,6 +112,8 @@
static void skipjack_zerokey(u_int8_t **);
static void rijndael128_zerokey(u_int8_t **);
static void cml_zerokey(u_int8_t **);
+static void aes_ctr_zerokey(u_int8_t **);
+static void aes_ctr_reinit(void *, const u_int8_t *);
static void null_init(void *);
static int null_update(void *, const u_int8_t *, u_int16_t);
@@ -198,6 +202,15 @@
NULL
};
+static const struct swcr_enc_xform swcr_enc_xform_aes_ctr = {
+ &enc_xform_aes_ctr,
+ aes_ctr_crypt,
+ aes_ctr_crypt,
+ aes_ctr_setkey,
+ aes_ctr_zerokey,
+ aes_ctr_reinit
+};
+
static const struct swcr_enc_xform swcr_enc_xform_arc4 = {
&enc_xform_arc4,
NULL,
@@ -625,6 +638,78 @@
*sched = NULL;
}
+#define AESCTR_NONCESIZE 4
+#define AESCTR_IVSIZE 8
+#define AESCTR_BLOCKSIZE 16
+
+struct aes_ctr_ctx {
+ /* need only encryption half */
+ u_int32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)];
+ u_int8_t ac_block[AESCTR_BLOCKSIZE];
+ int ac_nr;
+};
+
+static void
+aes_ctr_crypt(void *key, u_int8_t *blk)
+{
+ struct aes_ctr_ctx *ctx;
+ u_int8_t keystream[AESCTR_BLOCKSIZE];
+ int i;
+
+ ctx = key;
+ /* increment counter */
+ for (i = AESCTR_BLOCKSIZE - 1;
+ i >= AESCTR_NONCESIZE + AESCTR_IVSIZE; i--)
+ if (++ctx->ac_block[i]) /* continue on overflow */
+ break;
+ rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream);
+ for (i = 0; i < AESCTR_BLOCKSIZE; i++)
+ blk[i] ^= keystream[i];
+ memset(keystream, 0, sizeof(keystream));
+}
+
+int
+aes_ctr_setkey(u_int8_t **sched, const u_int8_t *key, int len)
+{
+ struct aes_ctr_ctx *ctx;
+
+ if (len < AESCTR_NONCESIZE)
+ return EINVAL;
+
+ ctx = malloc(sizeof(struct aes_ctr_ctx), M_CRYPTO_DATA,
+ M_NOWAIT|M_ZERO);
+ if (!ctx)
+ return ENOMEM;
+ ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (const u_char *)key,
+ (len - AESCTR_NONCESIZE) * 8);
+ if (!ctx->ac_nr) { /* wrong key len */
+ aes_ctr_zerokey((u_int8_t **)&ctx);
+ return EINVAL;
+ }
+ memcpy(ctx->ac_block, key + len - AESCTR_NONCESIZE, AESCTR_NONCESIZE);
+ *sched = (void *)ctx;
+ return 0;
+}
+
+void
+aes_ctr_zerokey(u_int8_t **sched)
+{
+
+ memset(*sched, 0, sizeof(struct aes_ctr_ctx));
+ free(*sched, M_CRYPTO_DATA);
+ *sched = NULL;
+}
+
+void
+aes_ctr_reinit(void *key, const u_int8_t *iv)
+{
+ struct aes_ctr_ctx *ctx = key;
+
+ memcpy(ctx->ac_block + AESCTR_NONCESIZE, iv, AESCTR_IVSIZE);
+ /* reset counter */
+ memset(ctx->ac_block + AESCTR_NONCESIZE + AESCTR_IVSIZE, 0, 4);
+}
+
/*
* And now for auth.
*/
Index: src/sys/opencrypto/xform.c
diff -u src/sys/opencrypto/xform.c:1.24 src/sys/opencrypto/xform.c:1.25
--- src/sys/opencrypto/xform.c:1.24 Mon May 23 13:46:54 2011
+++ src/sys/opencrypto/xform.c Mon May 23 13:51:10 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: xform.c,v 1.24 2011/05/23 13:46:54 drochner Exp $ */
+/* $NetBSD: xform.c,v 1.25 2011/05/23 13:51:10 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */
/* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */
@@ -40,7 +40,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.24 2011/05/23 13:46:54 drochner Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.25 2011/05/23 13:51:10 drochner Exp $");
#include <sys/param.h>
#include <sys/malloc.h>
@@ -135,6 +135,11 @@
16, 16, 8, 32
};
+const struct enc_xform enc_xform_aes_ctr = {
+ CRYPTO_AES_CTR, "AES-CTR",
+ 16, 8, 16+4, 32+4
+};
+
/* Authentication instances */
const struct auth_hash auth_hash_null = {
CRYPTO_NULL_HMAC, "NULL-HMAC",
Index: src/sys/opencrypto/xform.h
diff -u src/sys/opencrypto/xform.h:1.15 src/sys/opencrypto/xform.h:1.16
--- src/sys/opencrypto/xform.h:1.15 Mon May 23 13:46:54 2011
+++ src/sys/opencrypto/xform.h Mon May 23 13:51:10 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: xform.h,v 1.15 2011/05/23 13:46:54 drochner Exp $ */
+/* $NetBSD: xform.h,v 1.16 2011/05/23 13:51:10 drochner Exp $ */
/* $FreeBSD: src/sys/opencrypto/xform.h,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */
/* $OpenBSD: xform.h,v 1.10 2002/04/22 23:10:09 deraadt Exp $ */
@@ -70,6 +70,7 @@
extern const struct enc_xform enc_xform_rijndael128;
extern const struct enc_xform enc_xform_arc4;
extern const struct enc_xform enc_xform_camellia;
+extern const struct enc_xform enc_xform_aes_ctr;
extern const struct auth_hash auth_hash_null;
extern const struct auth_hash auth_hash_md5;
