| g_eli_crypto.c (275732) | g_eli_crypto.c (293306) |
|---|---|
| 1/*- 2 * Copyright (c) 2005-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 11 unchanged lines hidden (view full) --- 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 2005-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 11 unchanged lines hidden (view full) --- 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27#include <sys/cdefs.h> |
| 28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli_crypto.c 275732 2014-12-12 19:56:36Z jmg $"); | 28__FBSDID("$FreeBSD: head/sys/geom/eli/g_eli_crypto.c 293306 2016-01-07 05:47:34Z allanjude $"); |
| 29 30#include <sys/param.h> 31#ifdef _KERNEL 32#include <sys/systm.h> 33#include <sys/kernel.h> 34#include <sys/malloc.h> 35#else 36#include <stdint.h> --- 179 unchanged lines hidden (view full) --- 216{ 217 218 /* We prefer AES-CBC for metadata protection. */ 219 if (algo == CRYPTO_AES_XTS) 220 algo = CRYPTO_AES_CBC; 221 222 return (g_eli_crypto_cipher(algo, 0, data, datasize, key, keysize)); 223} | 29 30#include <sys/param.h> 31#ifdef _KERNEL 32#include <sys/systm.h> 33#include <sys/kernel.h> 34#include <sys/malloc.h> 35#else 36#include <stdint.h> --- 179 unchanged lines hidden (view full) --- 216{ 217 218 /* We prefer AES-CBC for metadata protection. */ 219 if (algo == CRYPTO_AES_XTS) 220 algo = CRYPTO_AES_CBC; 221 222 return (g_eli_crypto_cipher(algo, 0, data, datasize, key, keysize)); 223} |
| 224 225void 226g_eli_crypto_hmac_init(struct hmac_ctx *ctx, const uint8_t *hkey, 227 size_t hkeylen) 228{ 229 u_char k_ipad[128], key[128]; 230 SHA512_CTX lctx; 231 u_int i; 232 233 bzero(key, sizeof(key)); 234 if (hkeylen == 0) 235 ; /* do nothing */ 236 else if (hkeylen <= 128) 237 bcopy(hkey, key, hkeylen); 238 else { 239 /* If key is longer than 128 bytes reset it to key = SHA512(key). */ 240 SHA512_Init(&lctx); 241 SHA512_Update(&lctx, hkey, hkeylen); 242 SHA512_Final(key, &lctx); 243 } 244 245 /* XOR key with ipad and opad values. */ 246 for (i = 0; i < sizeof(key); i++) { 247 k_ipad[i] = key[i] ^ 0x36; 248 ctx->k_opad[i] = key[i] ^ 0x5c; 249 } 250 bzero(key, sizeof(key)); 251 /* Perform inner SHA512. */ 252 SHA512_Init(&ctx->shactx); 253 SHA512_Update(&ctx->shactx, k_ipad, sizeof(k_ipad)); 254 bzero(k_ipad, sizeof(k_ipad)); 255} 256 257void 258g_eli_crypto_hmac_update(struct hmac_ctx *ctx, const uint8_t *data, 259 size_t datasize) 260{ 261 262 SHA512_Update(&ctx->shactx, data, datasize); 263} 264 265void 266g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize) 267{ 268 u_char digest[SHA512_MDLEN]; 269 SHA512_CTX lctx; 270 271 SHA512_Final(digest, &ctx->shactx); 272 /* Perform outer SHA512. */ 273 SHA512_Init(&lctx); 274 SHA512_Update(&lctx, ctx->k_opad, sizeof(ctx->k_opad)); 275 bzero(ctx, sizeof(*ctx)); 276 SHA512_Update(&lctx, digest, sizeof(digest)); 277 SHA512_Final(digest, &lctx); 278 bzero(&lctx, sizeof(lctx)); 279 /* mdsize == 0 means "Give me the whole hash!" */ 280 if (mdsize == 0) 281 mdsize = SHA512_MDLEN; 282 bcopy(digest, md, mdsize); 283 bzero(digest, sizeof(digest)); 284} 285 286void 287g_eli_crypto_hmac(const uint8_t *hkey, size_t hkeysize, const uint8_t *data, 288 size_t datasize, uint8_t *md, size_t mdsize) 289{ 290 struct hmac_ctx ctx; 291 292 g_eli_crypto_hmac_init(&ctx, hkey, hkeysize); 293 g_eli_crypto_hmac_update(&ctx, data, datasize); 294 g_eli_crypto_hmac_final(&ctx, md, mdsize); 295} | |