1/*- 2 * Copyright (C) 2001-2003 by NBMK Encryption Technologies. 3 * All rights reserved. 4 * 5 * NBMK Encryption Technologies provides no support of any kind for 6 * this software. Questions or concerns about it may be addressed to 7 * the members of the relevant open-source community at 8 * <tech-crypto@netbsd.org>. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions are 12 * met: 13 * 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 17 * 2. Redistributions in binary form must reproduce the above 18 * copyright notice, this list of conditions and the following 19 * disclaimer in the documentation and/or other materials provided 20 * with the distribution. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35/***************************************************************************** 36 * @(#) n8_cb_ea.h 1.65@(#) 37 *****************************************************************************/ 38 39/*****************************************************************************/ 40/** @file n8_cb_ea.h 41 * @brief Header file for E/A command block generation. 42 * 43 * Contains functions prototypes for n8_cb_ea.c 44 * 45 *****************************************************************************/ 46 47/***************************************************************************** 48 * Revision history: 49 * 08/18/03 brr Combine Encrypt/Decrypt command block generators for SSL, 50 * TLS, & IPsec. 51 * 05/20/03 brr Eliminate obsolete include files. 52 * 09/10/02 brr Set command complete bit on last command block. 53 * 03/26/02 brr Allocate the data buffer as part of the API request. 54 * 01/12/02 bac Changed signature for cb_ea_hashEnd to add n8_IVSrc_t. 55 * 10/30/01 bac Standardized cb load context function names. 56 * 10/16/01 spm IKE APIs: removed key physical addr parms 57 * 10/15/01 spm IKE APIs: removed virtual pointers to msg from IKE cb arg 58 * lists. Had to keep the virtual pointers to key, since 59 * there needs to be a copy of the key into the command block 60 * itself. 61 * 10/15/01 bac Changed some signatures to correctly use unsigned ints. 62 * 10/11/01 hml Added the protos for cb_ea_hashCompleteMessage and 63 * cb_ea_TLSHandshakeHash as well as some associated 64 * #defines. 65 * 09/21/01 bac Corrected signature on cb_ea_encrypt to take physical 66 * addresses. 67 * 09/20/01 bac The interface to the command block generators changed and now 68 * accept the command block buffer. 69 * 09/18/01 bac Massive changes to support model where the caller allocates 70 * the command buffer. Lots of reorganization and renaming to be 71 * more standard. 72 * 09/17/01 spm Truncated lines >80 chars. 73 * 09/07/01 spm Added support for IKE API Extensions. 74 * 07/26/01 mel Deleted open SSL dependency. 75 * 06/25/01 bac More on conversion to use physical memory. 76 * 06/19/01 bac Corrected signatures for use of physical addresses. 77 * 05/22/01 bac Changed SSL Encrypt and Decrypt commands to pass 78 * packets instead of buffers. 79 * 05/21/01 bac Converted to use N8_ContextHandle_t and N8_Packet_t 80 * with integrated cipher and hash packet. 81 * 05/09/01 bac Added prototype for cb_ea_SSLEncryptAuthenticate. 82 * 04/01/01 bac Original version. 83 ****************************************************************************/ 84#include "n8_ea_common.h" 85#include "n8_hash.h" 86#include "n8_enqueue_common.h" /* contains encryption/authentication queue 87 * declarations */ 88#include "n8_packet.h" /* contains packet declarations */ 89#include "n8_packet_IPSec.h" /* contains IPSec packet declarations */ 90#include "n8_ssltls.h" 91#include "n8_pub_context.h" 92#include "n8_pub_symmetric.h" 93 94/* N8_RC4_t 95 * ARC4 key declaration. This structure is the same as 96 * RC4_KEY from rc4.h. OpenSSL configure should not use RC4_CHAR or 97 * RC4_LONG when using NetOctave hw.*/ 98typedef struct 99{ 100 unsigned int x,y; 101 unsigned int data[256]; 102} N8_RC4_t; 103 104 105/* define for the number of hashes necessary to create a given output length. 106 * __OL is the desired output length. __HL is the length generated per hash 107 * operation. */ 108#define N8_HASHES_REQUIRED(__OL, __HL) (CEIL((__OL), (__HL))) 109#define N8_SHA1_HASHES_REQUIRED(__OL) (N8_HASHES_REQUIRED((__OL), EA_SHA1_Hash_Length)) 110#define N8_MD5_HASHES_REQUIRED(__OL) (N8_HASHES_REQUIRED((__OL), EA_MD5_Hash_Length)) 111/* when generating material for TLS, the spec requires that the first result be 112 * discarded -- thus the extra hash required. */ 113#define N8_SHA1_HASHES_REQUIRED_TLS(__OL) (N8_SHA1_HASHES_REQUIRED((__OL)) + 1) 114#define N8_MD5_HASHES_REQUIRED_TLS(__OL) (N8_MD5_HASHES_REQUIRED((__OL)) + 1) 115 116/* defines indicating the number of command blocks for each computation */ 117#define N8_CB_EA_HASHCOMPLETEMESSAGE_NUMCMDS 1 118#define N8_CB_EA_HASHPARTIAL_NUMCMDS 1 119#define N8_CB_EA_HASHEND_NUMCMDS 1 120#define N8_CB_EA_SSLKEYMATERIALHASH_NUMCMDS 1 121#define N8_CB_EA_SSLENCRYPTAUTHENTICATE_NUMCMDS 1 122#define N8_CB_EA_SSLDECRYPTVERIFY_NUMCMDS 1 123#define N8_CB_EA_TLSENCRYPTAUTHENTICATE_NUMCMDS 1 124#define N8_CB_EA_TLSDECRYPTVERIFY_NUMCMDS 1 125#define N8_CB_EA_TLSKEYMATERIALHASH_NUMCMDS(__L) \ 126 (2*(N8_SHA1_HASHES_REQUIRED_TLS(__L) + N8_MD5_HASHES_REQUIRED_TLS(__L))) 127#define N8_CB_EA_IKEPRF_NUMCMDS 1 128#define N8_CB_EA_IKESKEYIDEXPAND_NUMCMDS 1 129#define N8_CB_EA_IKEKEYMATERIALEXPAND_NUMCMDS 1 130#define N8_CB_EA_IKEENCRYPTKEYEXPAND_NUMCMDS 1 131#define N8_CB_EA_CLEARCONTEXT_NUMCMDS 1 132#define N8_CB_EA_WRITECONTEXT_NUMCMDS 1 133#define N8_CB_EA_READCONTEXT_NUMCMDS 1 134#define N8_CB_EA_CLEARCONTEXT_NUMCMDS 1 135#define N8_CB_EA_ENCRYPT_NUMCMDS 1 136#define N8_CB_EA_DECRYPT_NUMCMDS 1 137#define N8_CB_EA_LOADARC4KEYTOCONTEXT_NUMCMDS 1 138#define N8_CB_EA_LOADARC4KEYONLY_NUMCMDS 1 139#define N8_CB_EA_LOADDESKEYTOCONTEXT_NUMCMDS 1 140#define N8_CB_EA_LOADDESKEYONLY_NUMCMDS 1 141#define N8_CB_EA_LOADIPSECKEYTOCONTEXT_NUMCMDS 1 142#define N8_CB_EA_IPSECENCRYPTAUTHENTICATE_NUMCMDS 1 143#define N8_CB_EA_IPSECDECRYPTVERIFY_NUMCMDS 1 144#define N8_CB_EA_IPSECDECRYPTVERIFY_NUMCMDS 1 145#define N8_CB_EA_PRECOMPUTE_MD5_NUMCMDS 2 146#define N8_CB_EA_HASHHMACEND_NUMCMDS 1 147#define N8_CB_EA_FINISHTLSHANDSHAKE_NUMCMDS 4 148#define N8_CB_EA_CERTTLSHANDSHAKE_NUMCMDS 2 149#define N8_CB_EA_SSLSHANDSHAKEHASH_NUMCMDS 4 150 151/* The length of both "client finished" and 152 "server finished" */ 153#define N8_TLS_ROLE_STRING_LENGTH 15 154 155 156/* function prototypes */ 157N8_Status_t cb_ea_writeContext(API_Request_t *req_p, 158 EA_CMD_BLOCK_t *cb_p, 159 const unsigned int contextIndex, 160 const N8_Buffer_t *bufferToWrite_p, 161 const unsigned int length); 162 163N8_Status_t cb_ea_readContext(API_Request_t *req_p, 164 EA_CMD_BLOCK_t *cb_p, 165 const unsigned int contextIndex, 166 const uint32_t bufferToRead_a, 167 const unsigned int length); 168 169N8_Status_t cb_ea_loadARC4KeyToContext(API_Request_t *req_p, 170 EA_CMD_BLOCK_t *cb_p, 171 const N8_Packet_t *packetObject_p, 172 const N8_CipherInfo_t *cipher_p, 173 const N8_HashAlgorithm_t hashAlgorithm, 174 EA_ARC4_CTX *ctx_p, 175 const uint32_t ctx_a, 176 EA_CMD_BLOCK_t **next_cb_pp); 177 178N8_Status_t cb_ea_loadDESKeyToContext(API_Request_t *req_p, 179 EA_CMD_BLOCK_t *cb_p, 180 const N8_Packet_t *packetObject_p, 181 const N8_CipherInfo_t *cipherInfo_p, 182 const N8_HashAlgorithm_t hashAlgorithm, 183 EA_SSL30_CTX *ctx_p, 184 const uint32_t ctx_a, 185 EA_CMD_BLOCK_t **next_cb_pp); 186 187N8_Status_t cb_ea_loadIPsecKeyToContext(API_Request_t *req_p, 188 EA_CMD_BLOCK_t *cb_p, 189 const unsigned int contextIndex, 190 const N8_CipherInfo_t *cipherInfo_p, 191 EA_IPSEC_CTX *IPSec_ctx_p, 192 const uint32_t IPSec_ctx_a, 193 EA_CMD_BLOCK_t **next_cb_pp); 194 195N8_Status_t cb_ea_hashPartial(API_Request_t *req_p, 196 EA_CMD_BLOCK_t *cb_p, 197 const N8_HashObject_t *obj_p, 198 const n8_IVSrc_t ivSrc, 199 const uint32_t hashMsg_a, 200 const unsigned int msgLength, 201 const uint32_t result_a, 202 EA_CMD_BLOCK_t **next_cb_pp, 203 int lastCmdBlock); 204 205N8_Status_t cb_ea_hashEnd(API_Request_t *req_p, 206 EA_CMD_BLOCK_t *cb_p, 207 const N8_HashObject_t *obj_p, 208 const n8_IVSrc_t ivSrc, 209 const uint32_t hashMsg_a, 210 const unsigned int msgLength, 211 const uint32_t result_a, 212 EA_CMD_BLOCK_t **next_cb_pp, 213 int lastCmdBlock); 214 215N8_Status_t cb_ea_hashHMACEnd(API_Request_t *req_p, 216 EA_CMD_BLOCK_t *cb_p, 217 const N8_HashObject_t *obj_p, 218 const uint32_t hashMsg_a, 219 const unsigned int msgLength, 220 const uint32_t result_a, 221 EA_CMD_BLOCK_t **next_cb_pp); 222 223N8_Status_t cb_ea_SSLKeyMaterialHash(API_Request_t *req_p, 224 EA_CMD_BLOCK_t *cb_p, 225 const uint32_t key_a, 226 const int keyLength, 227 const N8_Buffer_t *random_p, 228 const int outputLength, 229 const uint32_t result_a); 230 231N8_Status_t cb_ea_SSL(EA_CMD_BLOCK_t *cb_p, 232 N8_Packet_t *packetObj_p, 233 const N8_SSLTLSPacket_t *packet_p, 234 const uint32_t input_a, 235 const uint32_t result_a, 236 const unsigned int opCode); 237 238N8_Status_t cb_ea_TLSKeyMaterialHash(API_Request_t *req_p, 239 EA_CMD_BLOCK_t *cb_p, 240 const N8_Buffer_t *msg_p, 241 const uint32_t msg_a, 242 const int dataLength, 243 N8_Buffer_t *hmacKey_p, 244 const uint32_t hmacKey_a, 245 const int keyLength, 246 const int outputLength, 247 const uint32_t pseudorandomStream1_a, 248 const uint32_t pseudorandomStream2_a, 249 const int keyLen); 250 251N8_Status_t cb_ea_IKEPrf(API_Request_t *req_p, 252 EA_CMD_BLOCK_t *cb_p, 253 const N8_HashAlgorithm_t alg, 254 const uint32_t kMsg_a, 255 const uint32_t msgLength, 256 const N8_Buffer_t *kKey_p, 257 const uint32_t keyLength, 258 const uint32_t kRes_a); 259 260N8_Status_t cb_ea_IKESKEYIDExpand(API_Request_t *req_p, 261 EA_CMD_BLOCK_t *cb_p, 262 const N8_HashAlgorithm_t alg, 263 const uint32_t kMsg_a, 264 const uint32_t msgLength, 265 const N8_Buffer_t *kKey_p, 266 const uint32_t keyLength, 267 const uint32_t kSKEYIDd_a); 268 269N8_Status_t cb_ea_IKEKeyMaterialExpand(API_Request_t *req_p, 270 EA_CMD_BLOCK_t *cb_p, 271 const N8_HashAlgorithm_t alg, 272 const uint32_t kMsg_a, 273 const uint32_t msgLength, 274 const N8_Buffer_t *kKey_p, 275 const uint32_t keyLength, 276 const uint32_t kRes_a, 277 const uint32_t i_count); 278 279N8_Status_t cb_ea_IKEEncryptKeyExpand(API_Request_t *req_p, 280 EA_CMD_BLOCK_t *cb_p, 281 const N8_HashAlgorithm_t alg, 282 const uint32_t kMsg_a, 283 const uint32_t msgLength, 284 const N8_Buffer_t *kKey_p, 285 const uint32_t keyLength, 286 const uint32_t kRes_a, 287 const uint32_t i_count); 288 289N8_Status_t cb_ea_TLS(EA_CMD_BLOCK_t *cb_p, 290 N8_Packet_t *packetObj_p, 291 const N8_SSLTLSPacket_t *packet_p, 292 const uint32_t input_a, 293 const uint32_t result_a, 294 const unsigned int opCode); 295 296void cb_ea_IPsec (EA_CMD_BLOCK_t *cb_p, 297 const N8_Packet_t *packetObject_p, 298 const uint32_t encryptedPacket_a, 299 const uint32_t result_a, 300 const unsigned int encryptedPacketLength, 301 const int SPI, 302 const unsigned int opCode); 303 304N8_Status_t cb_ea_loadARC4keyOnly(API_Request_t *req_p, 305 EA_CMD_BLOCK_t *cb_p, 306 const N8_ContextHandle_t *contextHandle_p, 307 const N8_EncryptCipher_t *cipher_p); 308 309N8_Status_t cb_ea_loadDESkeyOnly(API_Request_t *req_p, 310 EA_CMD_BLOCK_t *cb_p, 311 const N8_ContextHandle_t *contextHandle_p, 312 const N8_EncryptCipher_t *cipherInfo_p); 313 314N8_Status_t cb_ea_encrypt(const API_Request_t *req_p, 315 EA_CMD_BLOCK_t *cb_p, 316 N8_EncryptObject_t *encryptObject_p, 317 const uint32_t message_a, 318 const uint32_t encryptedMessage_a, 319 const int messageLength); 320 321N8_Status_t cb_ea_decrypt(API_Request_t *req_p, 322 EA_CMD_BLOCK_t *cb_p, 323 N8_EncryptObject_t *encryptObject_p, 324 const uint32_t encryptedMessage_a, 325 const uint32_t message_a, 326 const unsigned int encryptedMessageLength); 327 328N8_Status_t cb_ea_hashCompleteMessage(API_Request_t *req_p, 329 EA_CMD_BLOCK_t *cb_p, 330 const N8_HashObject_t *obj_p, 331 const uint32_t hashMsg_a, 332 const unsigned int msgLength, 333 const uint32_t result_a); 334N8_Status_t 335cb_ea_TLSHandshakeHash(API_Request_t *req_p, 336 N8_HashProtocol_t protocol, 337 uint32_t resMD5_a, 338 uint32_t hashMsgMD5_a, 339 N8_HashObject_t *hashMsgMD5_p, 340 int md5Length, 341 uint32_t resSHA1_a, 342 uint32_t hashMsgSHA1_a, 343 N8_HashObject_t *hashMsgSHA1_p, 344 int sha1Length, 345 uint32_t resMD5PRF_a, 346 uint32_t resSHA1PRF_a, 347 const N8_Buffer_t *key_p, 348 int keyLength, 349 uint32_t roleStr_a); 350 351 352N8_Status_t cb_ea_SSLHandshakeHash(API_Request_t *req_p, 353 EA_CMD_BLOCK_t *cb_p, 354 N8_HashObject_t *hObjMD5_p, 355 uint32_t innerResult_md5_a, 356 uint32_t hashMsgMD5_a, 357 int hashingLength_md5, 358 N8_HashObject_t *hObjSHA_p, 359 uint32_t innerResult_sha_a, 360 uint32_t hashMsgSHA_a, 361 int hashingLength_sha, 362 uint32_t endresMD5_a, 363 uint32_t endresSHA1_a, 364 uint32_t outerMsgMD5_a, 365 unsigned int outer_md5Length, 366 uint32_t outerMsgSHA1_a, 367 unsigned int outer_shaLength); 368 369