5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 #include <pthread.h>
28 #include <stdlib.h>
29 #include <string.h>
30 #include <strings.h>
31 #include <sys/types.h>
32 #include <security/cryptoki.h>
33 #include <aes_impl.h>
34 #include "softSession.h"
35 #include "softObject.h"
36 #include "softCrypt.h"
37 #include "softOps.h"
38
39 /*
40 * Allocate context for the active encryption or decryption operation, and
41 * generate AES key schedule to speed up the operation.
42 */
43 CK_RV
44 soft_aes_crypt_init_common(soft_session_t *session_p,
471 /*
472 * Even though success means we've encrypted all of the input,
473 * we should still behave like the other functions and return
474 * the encrypted length in pulEncryptedLen
475 */
476 *pulEncryptedLen = ulDataLen;
477 }
478 } /* end switch */
479
480 if (update)
481 return (CKR_OK);
482
483 /*
484 * The following code will be executed if the caller is
485 * soft_encrypt() or an error occurred. The encryption
486 * operation will be terminated so we need to do some cleanup.
487 */
488 cleanup:
489 (void) pthread_mutex_lock(&session_p->session_mutex);
490 aes_ctx = (aes_ctx_t *)soft_aes_ctx->aes_cbc;
491 if (aes_ctx != NULL) {
492 bzero(aes_ctx->ac_keysched, aes_ctx->ac_keysched_len);
493 free(soft_aes_ctx->aes_cbc);
494 }
495
496 bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
497 free(soft_aes_ctx->key_sched);
498 free(session_p->encrypt.context);
499 session_p->encrypt.context = NULL;
500 (void) pthread_mutex_unlock(&session_p->session_mutex);
501
502 return (rv);
503 }
504
505
506 /*
507 * soft_aes_decrypt_common()
508 *
509 * Arguments:
510 * session_p: pointer to soft_session_t struct
511 * pEncrypted: pointer to the input data to be decrypted
512 * ulEncryptedLen: length of the input data
513 * pData: pointer to the output data
514 * pulDataLen: pointer to the length of the output data
515 * Update: boolean flag indicates caller is soft_decrypt
516 * or soft_decrypt_update
517 *
518 * Description:
834 * Even though success means we've decrypted all of the input,
835 * we should still behave like the other functions and return
836 * the decrypted length in pulDataLen
837 */
838 *pulDataLen = ulEncryptedLen;
839
840 }
841 } /* end switch */
842
843 if (update)
844 return (CKR_OK);
845
846 /*
847 * The following code will be executed if the caller is
848 * soft_decrypt() or an error occurred. The decryption
849 * operation will be terminated so we need to do some cleanup.
850 */
851 cleanup:
852 (void) pthread_mutex_lock(&session_p->session_mutex);
853 aes_ctx = (aes_ctx_t *)soft_aes_ctx->aes_cbc;
854 if (aes_ctx != NULL) {
855 bzero(aes_ctx->ac_keysched, aes_ctx->ac_keysched_len);
856 free(soft_aes_ctx->aes_cbc);
857 }
858
859 bzero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
860 free(soft_aes_ctx->key_sched);
861 free(session_p->decrypt.context);
862 session_p->decrypt.context = NULL;
863 (void) pthread_mutex_unlock(&session_p->session_mutex);
864
865 return (rv);
866 }
867
868
869 /*
870 * Allocate and initialize a context for AES CBC mode of operation.
871 */
872 void *
873 aes_cbc_ctx_init(void *key_sched, size_t size, uint8_t *ivec)
874 {
875
876 cbc_ctx_t *cbc_ctx;
877
878 if ((cbc_ctx = calloc(1, sizeof (cbc_ctx_t))) == NULL)
879 return (NULL);
880
881 cbc_ctx->cbc_keysched = key_sched;
|
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
25 * Copyright (c) 2018, Joyent, Inc.
26 */
27
28 #include <pthread.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <strings.h>
32 #include <sys/types.h>
33 #include <security/cryptoki.h>
34 #include <aes_impl.h>
35 #include "softSession.h"
36 #include "softObject.h"
37 #include "softCrypt.h"
38 #include "softOps.h"
39
40 /*
41 * Allocate context for the active encryption or decryption operation, and
42 * generate AES key schedule to speed up the operation.
43 */
44 CK_RV
45 soft_aes_crypt_init_common(soft_session_t *session_p,
472 /*
473 * Even though success means we've encrypted all of the input,
474 * we should still behave like the other functions and return
475 * the encrypted length in pulEncryptedLen
476 */
477 *pulEncryptedLen = ulDataLen;
478 }
479 } /* end switch */
480
481 if (update)
482 return (CKR_OK);
483
484 /*
485 * The following code will be executed if the caller is
486 * soft_encrypt() or an error occurred. The encryption
487 * operation will be terminated so we need to do some cleanup.
488 */
489 cleanup:
490 (void) pthread_mutex_lock(&session_p->session_mutex);
491 aes_ctx = (aes_ctx_t *)soft_aes_ctx->aes_cbc;
492 switch (mechanism) {
493 case CKM_AES_ECB:
494 freezero(aes_ctx, sizeof (ecb_ctx_t));
495 break;
496 case CKM_AES_CMAC:
497 case CKM_AES_CBC:
498 case CKM_AES_CBC_PAD:
499 freezero(aes_ctx, sizeof (cbc_ctx_t));
500 break;
501 case CKM_AES_CTR:
502 freezero(aes_ctx, sizeof (ctr_ctx_t));
503 break;
504 }
505 freezero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
506 freezero(session_p->encrypt.context, sizeof (soft_aes_ctx_t));
507 session_p->encrypt.context = NULL;
508 (void) pthread_mutex_unlock(&session_p->session_mutex);
509
510 return (rv);
511 }
512
513
514 /*
515 * soft_aes_decrypt_common()
516 *
517 * Arguments:
518 * session_p: pointer to soft_session_t struct
519 * pEncrypted: pointer to the input data to be decrypted
520 * ulEncryptedLen: length of the input data
521 * pData: pointer to the output data
522 * pulDataLen: pointer to the length of the output data
523 * Update: boolean flag indicates caller is soft_decrypt
524 * or soft_decrypt_update
525 *
526 * Description:
842 * Even though success means we've decrypted all of the input,
843 * we should still behave like the other functions and return
844 * the decrypted length in pulDataLen
845 */
846 *pulDataLen = ulEncryptedLen;
847
848 }
849 } /* end switch */
850
851 if (update)
852 return (CKR_OK);
853
854 /*
855 * The following code will be executed if the caller is
856 * soft_decrypt() or an error occurred. The decryption
857 * operation will be terminated so we need to do some cleanup.
858 */
859 cleanup:
860 (void) pthread_mutex_lock(&session_p->session_mutex);
861 aes_ctx = (aes_ctx_t *)soft_aes_ctx->aes_cbc;
862 free(aes_ctx);
863 freezero(soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len);
864 freezero(session_p->decrypt.context, sizeof (soft_aes_ctx_t));
865 session_p->decrypt.context = NULL;
866 (void) pthread_mutex_unlock(&session_p->session_mutex);
867
868 return (rv);
869 }
870
871
872 /*
873 * Allocate and initialize a context for AES CBC mode of operation.
874 */
875 void *
876 aes_cbc_ctx_init(void *key_sched, size_t size, uint8_t *ivec)
877 {
878
879 cbc_ctx_t *cbc_ctx;
880
881 if ((cbc_ctx = calloc(1, sizeof (cbc_ctx_t))) == NULL)
882 return (NULL);
883
884 cbc_ctx->cbc_keysched = key_sched;
|