modes.h revision 7188:b5eb53fb3905 
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef	_COMMON_CRYPTO_MODES_H
27#define	_COMMON_CRYPTO_MODES_H
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31#ifdef	__cplusplus
32extern "C" {
33#endif
34
35#include <sys/strsun.h>
36#include <sys/systm.h>
37#include <sys/sysmacros.h>
38#include <sys/types.h>
39#include <sys/errno.h>
40#include <sys/rwlock.h>
41#include <sys/kmem.h>
42#include <sys/crypto/common.h>
43#include <sys/crypto/impl.h>
44
45#define	ECB_MODE			0x00000002
46#define	CBC_MODE			0x00000004
47#define	CTR_MODE			0x00000008
48#define	CCM_MODE			0x00000010
49
50/*
51 * cc_keysched:		Pointer to key schedule.
52 *
53 * cc_keysched_len:	Length of the key schedule.
54 *
55 * cc_remainder:	This is for residual data, i.e. data that can't
56 *			be processed because there are too few bytes.
57 *			Must wait until more data arrives.
58 *
59 * cc_remainder_len:	Number of bytes in cc_remainder.
60 *
61 * cc_iv:		Scratch buffer that sometimes contains the IV.
62 *
63 * cc_lastblock:	Scratch buffer.
64 *
65 * cc_lastp:		Pointer to previous block of ciphertext.
66 *
67 * cc_copy_to:		Pointer to where encrypted residual data needs
68 *			to be copied.
69 *
70 * cc_flags:		PROVIDER_OWNS_KEY_SCHEDULE
71 *			When a context is freed, it is necessary
72 *			to know whether the key schedule was allocated
73 *			by the caller, or internally, e.g. an init routine.
74 *			If allocated by the latter, then it needs to be freed.
75 *
76 *			ECB_MODE, CBC_MODE, CTR_MODE, or CCM_MODE
77 */
78struct common_ctx {
79	void *cc_keysched;
80	size_t cc_keysched_len;
81	uint64_t cc_iv[2];
82	uint64_t cc_lastblock[2];
83	uint64_t cc_remainder[2];
84	size_t cc_remainder_len;
85	uint8_t *cc_lastp;
86	uint8_t *cc_copy_to;
87	uint32_t cc_flags;
88};
89
90typedef struct common_ctx ecb_ctx_t;
91typedef struct common_ctx cbc_ctx_t;
92typedef struct common_ctx common_ctx_t;
93
94typedef struct ctr_ctx {
95	struct common_ctx ctr_common;
96	uint32_t ctr_tmp[4];
97} ctr_ctx_t;
98
99/*
100 * ctr_cb                Counter block.
101 *
102 * ctr_counter_mask      Mask of counter bits in the last 8 bytes of the
103 *                       counter block.
104 */
105
106#define	ctr_keysched		ctr_common.cc_keysched
107#define	ctr_keysched_len	ctr_common.cc_keysched_len
108#define	ctr_cb			ctr_common.cc_iv
109#define	ctr_counter_mask	ctr_common.cc_lastblock[0]
110#define	ctr_remainder		ctr_common.cc_remainder
111#define	ctr_remainder_len	ctr_common.cc_remainder_len
112#define	ctr_lastp		ctr_common.cc_lastp
113#define	ctr_copy_to		ctr_common.cc_copy_to
114#define	ctr_flags		ctr_common.cc_flags
115
116/*
117 *
118 * ccm_mac_len:		Stores length of the MAC in CCM mode.
119 * ccm_mac_buf:		Stores the intermediate value for MAC in CCM encrypt.
120 *			In CCM decrypt, stores the input MAC value.
121 * ccm_data_len:	Length of the plaintext for CCM mode encrypt, or
122 *			length of the ciphertext for CCM mode decrypt.
123 * ccm_processed_data_len:
124 *			Length of processed plaintext in CCM mode encrypt,
125 *			or length of processed ciphertext for CCM mode decrypt.
126 * ccm_processed_mac_len:
127 *			Length of MAC data accumulated in CCM mode decrypt.
128 *
129 * ccm_pt_buf:		Only used in CCM mode decrypt.  It stores the
130 *			decrypted plaintext to be returned when
131 *			MAC verification succeeds in decrypt_final.
132 *			Memory for this should be allocated in the AES module.
133 *
134 */
135typedef struct ccm_ctx {
136	struct common_ctx ccm_common;
137	uint32_t ccm_tmp[4];
138	size_t ccm_mac_len;
139	uint64_t ccm_mac_buf[2];
140	size_t ccm_data_len;
141	size_t ccm_processed_data_len;
142	size_t ccm_processed_mac_len;
143	uint8_t *ccm_pt_buf;
144	uint64_t ccm_mac_input_buf[2];
145} ccm_ctx_t;
146
147#define	ccm_keysched		ccm_common.cc_keysched
148#define	ccm_keysched_len	ccm_common.cc_keysched_len
149#define	ccm_cb			ccm_common.cc_iv
150#define	ccm_counter_mask	ccm_common.cc_lastblock[0]
151#define	ccm_remainder		ccm_common.cc_remainder
152#define	ccm_remainder_len	ccm_common.cc_remainder_len
153#define	ccm_lastp		ccm_common.cc_lastp
154#define	ccm_copy_to		ccm_common.cc_copy_to
155#define	ccm_flags		ccm_common.cc_flags
156
157typedef struct aes_ctx {
158	union {
159		ecb_ctx_t acu_ecb;
160		cbc_ctx_t acu_cbc;
161		ctr_ctx_t acu_ctr;
162#ifdef _KERNEL
163		ccm_ctx_t acu_ccm;
164#endif
165	} acu;
166} aes_ctx_t;
167
168#define	ac_flags		acu.acu_ecb.cc_flags
169#define	ac_remainder_len	acu.acu_ecb.cc_remainder_len
170#define	ac_keysched		acu.acu_ecb.cc_keysched
171#define	ac_keysched_len		acu.acu_ecb.cc_keysched_len
172#define	ac_iv			acu.acu_ecb.cc_iv
173#define	ac_lastp		acu.acu_ecb.cc_lastp
174#define	ac_pt_buf		acu.acu_ccm.ccm_pt_buf
175#define	ac_mac_len		acu.acu_ccm.ccm_mac_len
176#define	ac_data_len		acu.acu_ccm.ccm_data_len
177#define	ac_processed_mac_len	acu.acu_ccm.ccm_processed_mac_len
178#define	ac_processed_data_len	acu.acu_ccm.ccm_processed_data_len
179
180typedef struct blowfish_ctx {
181	union {
182		ecb_ctx_t bcu_ecb;
183		cbc_ctx_t bcu_cbc;
184	} bcu;
185} blowfish_ctx_t;
186
187#define	bc_flags		bcu.bcu_ecb.cc_flags
188#define	bc_remainder_len	bcu.bcu_ecb.cc_remainder_len
189#define	bc_keysched		bcu.bcu_ecb.cc_keysched
190#define	bc_keysched_len		bcu.bcu_ecb.cc_keysched_len
191#define	bc_iv			bcu.bcu_ecb.cc_iv
192#define	bc_lastp		bcu.bcu_ecb.cc_lastp
193
194typedef struct des_ctx {
195	union {
196		ecb_ctx_t dcu_ecb;
197		cbc_ctx_t dcu_cbc;
198	} dcu;
199} des_ctx_t;
200
201#define	dc_flags		dcu.dcu_ecb.cc_flags
202#define	dc_remainder_len	dcu.dcu_ecb.cc_remainder_len
203#define	dc_keysched		dcu.dcu_ecb.cc_keysched
204#define	dc_keysched_len		dcu.dcu_ecb.cc_keysched_len
205#define	dc_iv			dcu.dcu_ecb.cc_iv
206#define	dc_lastp		dcu.dcu_ecb.cc_lastp
207
208extern int ecb_cipher_contiguous_blocks(cbc_ctx_t *, char *, size_t,
209    crypto_data_t *, size_t, int (*cipher)(const void *, const uint8_t *,
210    uint8_t *));
211
212extern int cbc_encrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t,
213    crypto_data_t *, size_t,
214    int (*encrypt)(const void *, const uint8_t *, uint8_t *),
215    void (*copy_block)(uint8_t *, uint8_t *),
216    void (*xor_block)(uint8_t *, uint8_t *));
217
218extern int cbc_decrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t,
219    crypto_data_t *, size_t,
220    int (*decrypt)(const void *, const uint8_t *, uint8_t *),
221    void (*copy_block)(uint8_t *, uint8_t *),
222    void (*xor_block)(uint8_t *, uint8_t *));
223
224extern int ctr_mode_contiguous_blocks(ctr_ctx_t *, char *, size_t,
225    crypto_data_t *, size_t,
226    int (*cipher)(const void *, const uint8_t *, uint8_t *),
227    void (*xor_block)(uint8_t *, uint8_t *));
228
229extern int ccm_mode_encrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t,
230    crypto_data_t *, size_t,
231    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
232    void (*copy_block)(uint8_t *, uint8_t *),
233    void (*xor_block)(uint8_t *, uint8_t *));
234
235extern int ccm_mode_decrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t,
236    crypto_data_t *, size_t,
237    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
238    void (*copy_block)(uint8_t *, uint8_t *),
239    void (*xor_block)(uint8_t *, uint8_t *));
240
241int ccm_encrypt_final(ccm_ctx_t *, crypto_data_t *, size_t,
242    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
243    void (*xor_block)(uint8_t *, uint8_t *));
244
245extern int ccm_decrypt_final(ccm_ctx_t *, crypto_data_t *, size_t,
246    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
247    void (*copy_block)(uint8_t *, uint8_t *),
248    void (*xor_block)(uint8_t *, uint8_t *));
249
250extern int ctr_mode_final(ctr_ctx_t *, crypto_data_t *,
251    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *));
252
253extern int cbc_init_ctx(cbc_ctx_t *, char *, size_t, size_t,
254    void (*copy_block)(uint8_t *, uint64_t *));
255
256extern int ctr_init_ctx(ctr_ctx_t *, ulong_t, uint8_t *,
257    void (*copy_block)(uint8_t *, uint8_t *));
258
259extern int ccm_init_ctx(ccm_ctx_t *, char *, int, boolean_t, size_t,
260    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
261    void (*xor_block)(uint8_t *, uint8_t *));
262
263extern void calculate_ccm_mac(ccm_ctx_t *, uint8_t *,
264    int (*encrypt_block)(const void *, const uint8_t *, uint8_t *));
265
266extern void crypto_init_ptrs(crypto_data_t *, void **, offset_t *);
267extern void crypto_get_ptrs(crypto_data_t *, void **, offset_t *,
268    uint8_t **, size_t *, uint8_t **, size_t);
269
270extern void *ecb_alloc_ctx(int);
271extern void *cbc_alloc_ctx(int);
272extern void *ctr_alloc_ctx(int);
273extern void *ccm_alloc_ctx(int);
274extern void crypto_free_mode_ctx(void *);
275
276#ifdef	__cplusplus
277}
278#endif
279
280#endif	/* _COMMON_CRYPTO_MODES_H */
281