modes.h revision 7188:b5eb53fb3905
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#ifndef _COMMON_CRYPTO_MODES_H 27#define _COMMON_CRYPTO_MODES_H 28 29#pragma ident "%Z%%M% %I% %E% SMI" 30 31#ifdef __cplusplus 32extern "C" { 33#endif 34 35#include <sys/strsun.h> 36#include <sys/systm.h> 37#include <sys/sysmacros.h> 38#include <sys/types.h> 39#include <sys/errno.h> 40#include <sys/rwlock.h> 41#include <sys/kmem.h> 42#include <sys/crypto/common.h> 43#include <sys/crypto/impl.h> 44 45#define ECB_MODE 0x00000002 46#define CBC_MODE 0x00000004 47#define CTR_MODE 0x00000008 48#define CCM_MODE 0x00000010 49 50/* 51 * cc_keysched: Pointer to key schedule. 52 * 53 * cc_keysched_len: Length of the key schedule. 54 * 55 * cc_remainder: This is for residual data, i.e. data that can't 56 * be processed because there are too few bytes. 57 * Must wait until more data arrives. 58 * 59 * cc_remainder_len: Number of bytes in cc_remainder. 60 * 61 * cc_iv: Scratch buffer that sometimes contains the IV. 62 * 63 * cc_lastblock: Scratch buffer. 64 * 65 * cc_lastp: Pointer to previous block of ciphertext. 66 * 67 * cc_copy_to: Pointer to where encrypted residual data needs 68 * to be copied. 69 * 70 * cc_flags: PROVIDER_OWNS_KEY_SCHEDULE 71 * When a context is freed, it is necessary 72 * to know whether the key schedule was allocated 73 * by the caller, or internally, e.g. an init routine. 74 * If allocated by the latter, then it needs to be freed. 75 * 76 * ECB_MODE, CBC_MODE, CTR_MODE, or CCM_MODE 77 */ 78struct common_ctx { 79 void *cc_keysched; 80 size_t cc_keysched_len; 81 uint64_t cc_iv[2]; 82 uint64_t cc_lastblock[2]; 83 uint64_t cc_remainder[2]; 84 size_t cc_remainder_len; 85 uint8_t *cc_lastp; 86 uint8_t *cc_copy_to; 87 uint32_t cc_flags; 88}; 89 90typedef struct common_ctx ecb_ctx_t; 91typedef struct common_ctx cbc_ctx_t; 92typedef struct common_ctx common_ctx_t; 93 94typedef struct ctr_ctx { 95 struct common_ctx ctr_common; 96 uint32_t ctr_tmp[4]; 97} ctr_ctx_t; 98 99/* 100 * ctr_cb Counter block. 101 * 102 * ctr_counter_mask Mask of counter bits in the last 8 bytes of the 103 * counter block. 104 */ 105 106#define ctr_keysched ctr_common.cc_keysched 107#define ctr_keysched_len ctr_common.cc_keysched_len 108#define ctr_cb ctr_common.cc_iv 109#define ctr_counter_mask ctr_common.cc_lastblock[0] 110#define ctr_remainder ctr_common.cc_remainder 111#define ctr_remainder_len ctr_common.cc_remainder_len 112#define ctr_lastp ctr_common.cc_lastp 113#define ctr_copy_to ctr_common.cc_copy_to 114#define ctr_flags ctr_common.cc_flags 115 116/* 117 * 118 * ccm_mac_len: Stores length of the MAC in CCM mode. 119 * ccm_mac_buf: Stores the intermediate value for MAC in CCM encrypt. 120 * In CCM decrypt, stores the input MAC value. 121 * ccm_data_len: Length of the plaintext for CCM mode encrypt, or 122 * length of the ciphertext for CCM mode decrypt. 123 * ccm_processed_data_len: 124 * Length of processed plaintext in CCM mode encrypt, 125 * or length of processed ciphertext for CCM mode decrypt. 126 * ccm_processed_mac_len: 127 * Length of MAC data accumulated in CCM mode decrypt. 128 * 129 * ccm_pt_buf: Only used in CCM mode decrypt. It stores the 130 * decrypted plaintext to be returned when 131 * MAC verification succeeds in decrypt_final. 132 * Memory for this should be allocated in the AES module. 133 * 134 */ 135typedef struct ccm_ctx { 136 struct common_ctx ccm_common; 137 uint32_t ccm_tmp[4]; 138 size_t ccm_mac_len; 139 uint64_t ccm_mac_buf[2]; 140 size_t ccm_data_len; 141 size_t ccm_processed_data_len; 142 size_t ccm_processed_mac_len; 143 uint8_t *ccm_pt_buf; 144 uint64_t ccm_mac_input_buf[2]; 145} ccm_ctx_t; 146 147#define ccm_keysched ccm_common.cc_keysched 148#define ccm_keysched_len ccm_common.cc_keysched_len 149#define ccm_cb ccm_common.cc_iv 150#define ccm_counter_mask ccm_common.cc_lastblock[0] 151#define ccm_remainder ccm_common.cc_remainder 152#define ccm_remainder_len ccm_common.cc_remainder_len 153#define ccm_lastp ccm_common.cc_lastp 154#define ccm_copy_to ccm_common.cc_copy_to 155#define ccm_flags ccm_common.cc_flags 156 157typedef struct aes_ctx { 158 union { 159 ecb_ctx_t acu_ecb; 160 cbc_ctx_t acu_cbc; 161 ctr_ctx_t acu_ctr; 162#ifdef _KERNEL 163 ccm_ctx_t acu_ccm; 164#endif 165 } acu; 166} aes_ctx_t; 167 168#define ac_flags acu.acu_ecb.cc_flags 169#define ac_remainder_len acu.acu_ecb.cc_remainder_len 170#define ac_keysched acu.acu_ecb.cc_keysched 171#define ac_keysched_len acu.acu_ecb.cc_keysched_len 172#define ac_iv acu.acu_ecb.cc_iv 173#define ac_lastp acu.acu_ecb.cc_lastp 174#define ac_pt_buf acu.acu_ccm.ccm_pt_buf 175#define ac_mac_len acu.acu_ccm.ccm_mac_len 176#define ac_data_len acu.acu_ccm.ccm_data_len 177#define ac_processed_mac_len acu.acu_ccm.ccm_processed_mac_len 178#define ac_processed_data_len acu.acu_ccm.ccm_processed_data_len 179 180typedef struct blowfish_ctx { 181 union { 182 ecb_ctx_t bcu_ecb; 183 cbc_ctx_t bcu_cbc; 184 } bcu; 185} blowfish_ctx_t; 186 187#define bc_flags bcu.bcu_ecb.cc_flags 188#define bc_remainder_len bcu.bcu_ecb.cc_remainder_len 189#define bc_keysched bcu.bcu_ecb.cc_keysched 190#define bc_keysched_len bcu.bcu_ecb.cc_keysched_len 191#define bc_iv bcu.bcu_ecb.cc_iv 192#define bc_lastp bcu.bcu_ecb.cc_lastp 193 194typedef struct des_ctx { 195 union { 196 ecb_ctx_t dcu_ecb; 197 cbc_ctx_t dcu_cbc; 198 } dcu; 199} des_ctx_t; 200 201#define dc_flags dcu.dcu_ecb.cc_flags 202#define dc_remainder_len dcu.dcu_ecb.cc_remainder_len 203#define dc_keysched dcu.dcu_ecb.cc_keysched 204#define dc_keysched_len dcu.dcu_ecb.cc_keysched_len 205#define dc_iv dcu.dcu_ecb.cc_iv 206#define dc_lastp dcu.dcu_ecb.cc_lastp 207 208extern int ecb_cipher_contiguous_blocks(cbc_ctx_t *, char *, size_t, 209 crypto_data_t *, size_t, int (*cipher)(const void *, const uint8_t *, 210 uint8_t *)); 211 212extern int cbc_encrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t, 213 crypto_data_t *, size_t, 214 int (*encrypt)(const void *, const uint8_t *, uint8_t *), 215 void (*copy_block)(uint8_t *, uint8_t *), 216 void (*xor_block)(uint8_t *, uint8_t *)); 217 218extern int cbc_decrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t, 219 crypto_data_t *, size_t, 220 int (*decrypt)(const void *, const uint8_t *, uint8_t *), 221 void (*copy_block)(uint8_t *, uint8_t *), 222 void (*xor_block)(uint8_t *, uint8_t *)); 223 224extern int ctr_mode_contiguous_blocks(ctr_ctx_t *, char *, size_t, 225 crypto_data_t *, size_t, 226 int (*cipher)(const void *, const uint8_t *, uint8_t *), 227 void (*xor_block)(uint8_t *, uint8_t *)); 228 229extern int ccm_mode_encrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t, 230 crypto_data_t *, size_t, 231 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 232 void (*copy_block)(uint8_t *, uint8_t *), 233 void (*xor_block)(uint8_t *, uint8_t *)); 234 235extern int ccm_mode_decrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t, 236 crypto_data_t *, size_t, 237 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 238 void (*copy_block)(uint8_t *, uint8_t *), 239 void (*xor_block)(uint8_t *, uint8_t *)); 240 241int ccm_encrypt_final(ccm_ctx_t *, crypto_data_t *, size_t, 242 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 243 void (*xor_block)(uint8_t *, uint8_t *)); 244 245extern int ccm_decrypt_final(ccm_ctx_t *, crypto_data_t *, size_t, 246 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 247 void (*copy_block)(uint8_t *, uint8_t *), 248 void (*xor_block)(uint8_t *, uint8_t *)); 249 250extern int ctr_mode_final(ctr_ctx_t *, crypto_data_t *, 251 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *)); 252 253extern int cbc_init_ctx(cbc_ctx_t *, char *, size_t, size_t, 254 void (*copy_block)(uint8_t *, uint64_t *)); 255 256extern int ctr_init_ctx(ctr_ctx_t *, ulong_t, uint8_t *, 257 void (*copy_block)(uint8_t *, uint8_t *)); 258 259extern int ccm_init_ctx(ccm_ctx_t *, char *, int, boolean_t, size_t, 260 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 261 void (*xor_block)(uint8_t *, uint8_t *)); 262 263extern void calculate_ccm_mac(ccm_ctx_t *, uint8_t *, 264 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *)); 265 266extern void crypto_init_ptrs(crypto_data_t *, void **, offset_t *); 267extern void crypto_get_ptrs(crypto_data_t *, void **, offset_t *, 268 uint8_t **, size_t *, uint8_t **, size_t); 269 270extern void *ecb_alloc_ctx(int); 271extern void *cbc_alloc_ctx(int); 272extern void *ctr_alloc_ctx(int); 273extern void *ccm_alloc_ctx(int); 274extern void crypto_free_mode_ctx(void *); 275 276#ifdef __cplusplus 277} 278#endif 279 280#endif /* _COMMON_CRYPTO_MODES_H */ 281