Print this page
fixup .text where possible
7127 remove -Wno-missing-braces from Makefile.uts
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/crypto/io/skein_mod.c
+++ new/usr/src/uts/common/crypto/io/skein_mod.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://opensource.org/licenses/CDDL-1.0.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2013 Saso Kiselkov. All rights reserved.
24 24 */
25 25
26 26 #include <sys/modctl.h>
27 27 #include <sys/crypto/common.h>
28 28 #include <sys/crypto/spi.h>
29 29 #include <sys/strsun.h>
30 30 #include <sys/sysmacros.h>
31 31 #include <sys/systm.h>
32 32 #define SKEIN_MODULE_IMPL
33 33 #include <sys/skein.h>
34 34
35 35 /*
36 36 * Like the sha2 module, we create the skein module with two modlinkages:
37 37 * - modlmisc to allow direct calls to Skein_* API functions.
38 38 * - modlcrypto to integrate well into the Kernel Crypto Framework (KCF).
39 39 */
40 40 static struct modlmisc modlmisc = {
|
↓ open down ↓ |
40 lines elided |
↑ open up ↑ |
41 41 &mod_miscops,
42 42 "Skein Message-Digest Algorithm"
43 43 };
44 44
45 45 static struct modlcrypto modlcrypto = {
46 46 &mod_cryptoops,
47 47 "Skein Kernel SW Provider"
48 48 };
49 49
50 50 static struct modlinkage modlinkage = {
51 - MODREV_1, &modlmisc, &modlcrypto, NULL
51 + MODREV_1, { &modlmisc, &modlcrypto, NULL }
52 52 };
53 53
54 54 static crypto_mech_info_t skein_mech_info_tab[] = {
55 55 {CKM_SKEIN_256, SKEIN_256_MECH_INFO_TYPE,
56 56 CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
57 57 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
58 58 {CKM_SKEIN_256_MAC, SKEIN_256_MAC_MECH_INFO_TYPE,
59 59 CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
60 60 CRYPTO_KEYSIZE_UNIT_IN_BYTES},
61 61 {CKM_SKEIN_512, SKEIN_512_MECH_INFO_TYPE,
62 62 CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
63 63 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
64 64 {CKM_SKEIN_512_MAC, SKEIN_512_MAC_MECH_INFO_TYPE,
65 65 CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
66 66 CRYPTO_KEYSIZE_UNIT_IN_BYTES},
67 67 {CKM_SKEIN1024, SKEIN1024_MECH_INFO_TYPE,
68 68 CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
69 69 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
70 70 {CKM_SKEIN1024_MAC, SKEIN1024_MAC_MECH_INFO_TYPE,
71 71 CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
72 72 CRYPTO_KEYSIZE_UNIT_IN_BYTES}
73 73 };
74 74
75 75 static void skein_provider_status(crypto_provider_handle_t, uint_t *);
76 76
77 77 static crypto_control_ops_t skein_control_ops = {
78 78 skein_provider_status
79 79 };
80 80
81 81 static int skein_digest_init(crypto_ctx_t *, crypto_mechanism_t *,
82 82 crypto_req_handle_t);
83 83 static int skein_digest(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
84 84 crypto_req_handle_t);
85 85 static int skein_update(crypto_ctx_t *, crypto_data_t *, crypto_req_handle_t);
86 86 static int skein_final(crypto_ctx_t *, crypto_data_t *, crypto_req_handle_t);
87 87 static int skein_digest_atomic(crypto_provider_handle_t, crypto_session_id_t,
88 88 crypto_mechanism_t *, crypto_data_t *, crypto_data_t *,
89 89 crypto_req_handle_t);
90 90
91 91 static crypto_digest_ops_t skein_digest_ops = {
92 92 skein_digest_init,
93 93 skein_digest,
94 94 skein_update,
95 95 NULL,
96 96 skein_final,
97 97 skein_digest_atomic
98 98 };
99 99
100 100 static int skein_mac_init(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *,
101 101 crypto_spi_ctx_template_t, crypto_req_handle_t);
102 102 static int skein_mac_atomic(crypto_provider_handle_t, crypto_session_id_t,
103 103 crypto_mechanism_t *, crypto_key_t *, crypto_data_t *, crypto_data_t *,
104 104 crypto_spi_ctx_template_t, crypto_req_handle_t);
105 105
106 106 static crypto_mac_ops_t skein_mac_ops = {
107 107 skein_mac_init,
108 108 NULL,
109 109 skein_update, /* using regular digest update is OK here */
110 110 skein_final, /* using regular digest final is OK here */
111 111 skein_mac_atomic,
112 112 NULL
113 113 };
114 114
|
↓ open down ↓ |
53 lines elided |
↑ open up ↑ |
115 115 static int skein_create_ctx_template(crypto_provider_handle_t,
116 116 crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t *,
117 117 size_t *, crypto_req_handle_t);
118 118 static int skein_free_context(crypto_ctx_t *);
119 119
120 120 static crypto_ctx_ops_t skein_ctx_ops = {
121 121 skein_create_ctx_template,
122 122 skein_free_context
123 123 };
124 124
125 -static crypto_ops_t skein_crypto_ops = {
126 - &skein_control_ops,
127 - &skein_digest_ops,
128 - NULL,
129 - &skein_mac_ops,
130 - NULL,
131 - NULL,
132 - NULL,
133 - NULL,
134 - NULL,
135 - NULL,
136 - NULL,
137 - NULL,
138 - NULL,
139 - &skein_ctx_ops,
140 - NULL,
141 - NULL,
142 - NULL
143 -};
125 +static crypto_ops_t skein_crypto_ops = {{{{{{
126 + &skein_control_ops,
127 + &skein_digest_ops,
128 + NULL,
129 + &skein_mac_ops,
130 + NULL,
131 + NULL,
132 + NULL,
133 + NULL,
134 + NULL,
135 + NULL,
136 + NULL,
137 + NULL,
138 + NULL,
139 + &skein_ctx_ops }, /* cou_v1 */
140 + NULL }, /* cou_v2 */
141 + NULL }, /* cou_v3 */
142 + NULL } /* cou_v4 */
143 +}};
144 144
145 -static crypto_provider_info_t skein_prov_info = {
145 +static crypto_provider_info_t skein_prov_info = {{{{
146 146 CRYPTO_SPI_VERSION_4,
147 147 "Skein Software Provider",
148 148 CRYPTO_SW_PROVIDER,
149 149 {&modlinkage},
150 150 NULL,
151 151 &skein_crypto_ops,
152 152 sizeof (skein_mech_info_tab) / sizeof (crypto_mech_info_t),
153 153 skein_mech_info_tab
154 -};
154 +}}}};
155 155
156 156 static crypto_kcf_provider_handle_t skein_prov_handle = 0;
157 157
158 158 typedef struct skein_ctx {
159 159 skein_mech_type_t sc_mech_type;
160 160 size_t sc_digest_bitlen;
161 161 union {
162 162 Skein_256_Ctxt_t sc_256;
163 163 Skein_512_Ctxt_t sc_512;
164 164 Skein1024_Ctxt_t sc_1024;
165 165 } sc_u;
166 166 } skein_ctx_t;
167 167 #define SKEIN_CTX(_ctx_) ((skein_ctx_t *)((_ctx_)->cc_provider_private))
168 168 #define SKEIN_CTX_LVALUE(_ctx_) (_ctx_)->cc_provider_private
169 169 #define SKEIN_OP(_skein_ctx, _op, ...) \
170 170 do { \
171 171 skein_ctx_t *sc = (_skein_ctx); \
172 172 switch (sc->sc_mech_type) { \
173 173 case SKEIN_256_MECH_INFO_TYPE: \
174 174 case SKEIN_256_MAC_MECH_INFO_TYPE: \
175 175 (void) Skein_256_ ## _op(&sc->sc_u.sc_256, \
176 176 __VA_ARGS__); \
177 177 break; \
178 178 case SKEIN_512_MECH_INFO_TYPE: \
179 179 case SKEIN_512_MAC_MECH_INFO_TYPE: \
180 180 (void) Skein_512_ ## _op(&sc->sc_u.sc_512, \
181 181 __VA_ARGS__); \
182 182 break; \
183 183 case SKEIN1024_MECH_INFO_TYPE: \
184 184 case SKEIN1024_MAC_MECH_INFO_TYPE: \
185 185 (void) Skein1024_ ## _op(&sc->sc_u.sc_1024, \
186 186 __VA_ARGS__); \
187 187 break; \
188 188 } \
189 189 _NOTE(CONSTCOND) \
190 190 } while (0)
191 191
192 192 static int
193 193 skein_get_digest_bitlen(const crypto_mechanism_t *mechanism, size_t *result)
194 194 {
195 195 if (mechanism->cm_param != NULL) {
196 196 /*LINTED(E_BAD_PTR_CAST_ALIGN)*/
197 197 skein_param_t *param = (skein_param_t *)mechanism->cm_param;
198 198
199 199 if (mechanism->cm_param_len != sizeof (*param) ||
200 200 param->sp_digest_bitlen == 0) {
201 201 return (CRYPTO_MECHANISM_PARAM_INVALID);
202 202 }
203 203 *result = param->sp_digest_bitlen;
204 204 } else {
205 205 switch (mechanism->cm_type) {
206 206 case SKEIN_256_MECH_INFO_TYPE:
207 207 *result = 256;
208 208 break;
209 209 case SKEIN_512_MECH_INFO_TYPE:
210 210 *result = 512;
211 211 break;
212 212 case SKEIN1024_MECH_INFO_TYPE:
213 213 *result = 1024;
214 214 break;
215 215 default:
216 216 return (CRYPTO_MECHANISM_INVALID);
217 217 }
218 218 }
219 219 return (CRYPTO_SUCCESS);
220 220 }
221 221
222 222 int
223 223 _init(void)
224 224 {
225 225 int error;
226 226
227 227 if ((error = mod_install(&modlinkage)) != 0)
228 228 return (error);
229 229
230 230 /*
231 231 * Try to register with KCF - failure shouldn't unload us, since we
232 232 * still may want to continue providing misc/skein functionality.
233 233 */
234 234 (void) crypto_register_provider(&skein_prov_info, &skein_prov_handle);
235 235
236 236 return (0);
237 237 }
238 238
239 239 int
240 240 _info(struct modinfo *modinfop)
241 241 {
242 242 return (mod_info(&modlinkage, modinfop));
243 243 }
244 244
245 245 /*
246 246 * KCF software provider control entry points.
247 247 */
248 248 /* ARGSUSED */
249 249 static void
250 250 skein_provider_status(crypto_provider_handle_t provider, uint_t *status)
251 251 {
252 252 *status = CRYPTO_PROVIDER_READY;
253 253 }
254 254
255 255 /*
256 256 * General Skein hashing helper functions.
257 257 */
258 258
259 259 /*
260 260 * Performs an Update on a context with uio input data.
261 261 */
262 262 static int
263 263 skein_digest_update_uio(skein_ctx_t *ctx, const crypto_data_t *data)
264 264 {
265 265 off_t offset = data->cd_offset;
266 266 size_t length = data->cd_length;
267 267 uint_t vec_idx;
268 268 size_t cur_len;
269 269 const uio_t *uio = data->cd_uio;
270 270
271 271 /* we support only kernel buffer */
272 272 if (uio->uio_segflg != UIO_SYSSPACE)
273 273 return (CRYPTO_ARGUMENTS_BAD);
274 274
275 275 /*
276 276 * Jump to the first iovec containing data to be
277 277 * digested.
278 278 */
279 279 for (vec_idx = 0; vec_idx < uio->uio_iovcnt &&
280 280 offset >= uio->uio_iov[vec_idx].iov_len;
281 281 offset -= uio->uio_iov[vec_idx++].iov_len)
282 282 ;
283 283 if (vec_idx == uio->uio_iovcnt) {
284 284 /*
285 285 * The caller specified an offset that is larger than the
286 286 * total size of the buffers it provided.
287 287 */
288 288 return (CRYPTO_DATA_LEN_RANGE);
289 289 }
290 290
291 291 /*
292 292 * Now do the digesting on the iovecs.
293 293 */
294 294 while (vec_idx < uio->uio_iovcnt && length > 0) {
295 295 cur_len = MIN(uio->uio_iov[vec_idx].iov_len - offset, length);
296 296 SKEIN_OP(ctx, Update, (uint8_t *)uio->uio_iov[vec_idx].iov_base
297 297 + offset, cur_len);
298 298 length -= cur_len;
299 299 vec_idx++;
300 300 offset = 0;
301 301 }
302 302
303 303 if (vec_idx == uio->uio_iovcnt && length > 0) {
304 304 /*
305 305 * The end of the specified iovec's was reached but
306 306 * the length requested could not be processed, i.e.
307 307 * The caller requested to digest more data than it provided.
308 308 */
309 309 return (CRYPTO_DATA_LEN_RANGE);
310 310 }
311 311
312 312 return (CRYPTO_SUCCESS);
313 313 }
314 314
315 315 /*
316 316 * Performs a Final on a context and writes to a uio digest output.
317 317 */
318 318 static int
319 319 skein_digest_final_uio(skein_ctx_t *ctx, crypto_data_t *digest,
320 320 crypto_req_handle_t req)
321 321 {
322 322 off_t offset = digest->cd_offset;
323 323 uint_t vec_idx;
324 324 uio_t *uio = digest->cd_uio;
325 325
326 326 /* we support only kernel buffer */
327 327 if (uio->uio_segflg != UIO_SYSSPACE)
328 328 return (CRYPTO_ARGUMENTS_BAD);
329 329
330 330 /*
331 331 * Jump to the first iovec containing ptr to the digest to be returned.
332 332 */
333 333 for (vec_idx = 0; offset >= uio->uio_iov[vec_idx].iov_len &&
334 334 vec_idx < uio->uio_iovcnt;
335 335 offset -= uio->uio_iov[vec_idx++].iov_len)
336 336 ;
337 337 if (vec_idx == uio->uio_iovcnt) {
338 338 /*
339 339 * The caller specified an offset that is larger than the
340 340 * total size of the buffers it provided.
341 341 */
342 342 return (CRYPTO_DATA_LEN_RANGE);
343 343 }
344 344 if (offset + CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen) <=
345 345 uio->uio_iov[vec_idx].iov_len) {
346 346 /* The computed digest will fit in the current iovec. */
347 347 SKEIN_OP(ctx, Final,
348 348 (uchar_t *)uio->uio_iov[vec_idx].iov_base + offset);
349 349 } else {
350 350 uint8_t *digest_tmp;
351 351 off_t scratch_offset = 0;
352 352 size_t length = CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen);
353 353 size_t cur_len;
354 354
355 355 digest_tmp = kmem_alloc(CRYPTO_BITS2BYTES(
356 356 ctx->sc_digest_bitlen), crypto_kmflag(req));
357 357 if (digest_tmp == NULL)
358 358 return (CRYPTO_HOST_MEMORY);
359 359 SKEIN_OP(ctx, Final, digest_tmp);
360 360 while (vec_idx < uio->uio_iovcnt && length > 0) {
361 361 cur_len = MIN(uio->uio_iov[vec_idx].iov_len - offset,
362 362 length);
363 363 bcopy(digest_tmp + scratch_offset,
364 364 uio->uio_iov[vec_idx].iov_base + offset, cur_len);
365 365
366 366 length -= cur_len;
367 367 vec_idx++;
368 368 scratch_offset += cur_len;
369 369 offset = 0;
370 370 }
371 371 kmem_free(digest_tmp, CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen));
372 372
373 373 if (vec_idx == uio->uio_iovcnt && length > 0) {
374 374 /*
375 375 * The end of the specified iovec's was reached but
376 376 * the length requested could not be processed, i.e.
377 377 * The caller requested to digest more data than it
378 378 * provided.
379 379 */
380 380 return (CRYPTO_DATA_LEN_RANGE);
381 381 }
382 382 }
383 383
384 384 return (CRYPTO_SUCCESS);
385 385 }
386 386
387 387 /*
388 388 * Performs an Update on a context with mblk input data.
389 389 */
390 390 static int
391 391 skein_digest_update_mblk(skein_ctx_t *ctx, crypto_data_t *data)
392 392 {
393 393 off_t offset = data->cd_offset;
394 394 size_t length = data->cd_length;
395 395 mblk_t *mp;
396 396 size_t cur_len;
397 397
398 398 /* Jump to the first mblk_t containing data to be digested. */
399 399 for (mp = data->cd_mp; mp != NULL && offset >= MBLKL(mp);
400 400 offset -= MBLKL(mp), mp = mp->b_cont)
401 401 ;
402 402 if (mp == NULL) {
403 403 /*
404 404 * The caller specified an offset that is larger than the
405 405 * total size of the buffers it provided.
406 406 */
407 407 return (CRYPTO_DATA_LEN_RANGE);
408 408 }
409 409
410 410 /* Now do the digesting on the mblk chain. */
411 411 while (mp != NULL && length > 0) {
412 412 cur_len = MIN(MBLKL(mp) - offset, length);
413 413 SKEIN_OP(ctx, Update, mp->b_rptr + offset, cur_len);
414 414 length -= cur_len;
415 415 offset = 0;
416 416 mp = mp->b_cont;
417 417 }
418 418
419 419 if (mp == NULL && length > 0) {
420 420 /*
421 421 * The end of the mblk was reached but the length requested
422 422 * could not be processed, i.e. The caller requested
423 423 * to digest more data than it provided.
424 424 */
425 425 return (CRYPTO_DATA_LEN_RANGE);
426 426 }
427 427
428 428 return (CRYPTO_SUCCESS);
429 429 }
430 430
431 431 /*
432 432 * Performs a Final on a context and writes to an mblk digest output.
433 433 */
434 434 static int
435 435 skein_digest_final_mblk(skein_ctx_t *ctx, crypto_data_t *digest,
436 436 crypto_req_handle_t req)
437 437 {
438 438 off_t offset = digest->cd_offset;
439 439 mblk_t *mp;
440 440
441 441 /* Jump to the first mblk_t that will be used to store the digest. */
442 442 for (mp = digest->cd_mp; mp != NULL && offset >= MBLKL(mp);
443 443 offset -= MBLKL(mp), mp = mp->b_cont)
444 444 ;
445 445 if (mp == NULL) {
446 446 /* caller specified offset is too large */
447 447 return (CRYPTO_DATA_LEN_RANGE);
448 448 }
449 449
450 450 if (offset + CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen) <= MBLKL(mp)) {
451 451 /* The digest will fit in the current mblk. */
452 452 SKEIN_OP(ctx, Final, mp->b_rptr + offset);
453 453 } else {
454 454 /* Split the digest up between the individual buffers. */
455 455 uint8_t *digest_tmp;
456 456 off_t scratch_offset = 0;
457 457 size_t length = CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen);
458 458 size_t cur_len;
459 459
460 460 digest_tmp = kmem_alloc(CRYPTO_BITS2BYTES(
461 461 ctx->sc_digest_bitlen), crypto_kmflag(req));
462 462 if (digest_tmp == NULL)
463 463 return (CRYPTO_HOST_MEMORY);
464 464 SKEIN_OP(ctx, Final, digest_tmp);
465 465 while (mp != NULL && length > 0) {
466 466 cur_len = MIN(MBLKL(mp) - offset, length);
467 467 bcopy(digest_tmp + scratch_offset,
468 468 mp->b_rptr + offset, cur_len);
469 469 length -= cur_len;
470 470 mp = mp->b_cont;
471 471 scratch_offset += cur_len;
472 472 offset = 0;
473 473 }
474 474 kmem_free(digest_tmp, CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen));
475 475 if (mp == NULL && length > 0) {
476 476 /* digest too long to fit in the mblk buffers */
477 477 return (CRYPTO_DATA_LEN_RANGE);
478 478 }
479 479 }
480 480
481 481 return (CRYPTO_SUCCESS);
482 482 }
483 483
484 484 /*
485 485 * KCF software provider digest entry points.
486 486 */
487 487
488 488 /*
489 489 * Initializes a skein digest context to the configuration in `mechanism'.
490 490 * The mechanism cm_type must be one of SKEIN_*_MECH_INFO_TYPE. The cm_param
491 491 * field may contain a skein_param_t structure indicating the length of the
492 492 * digest the algorithm should produce. Otherwise the default output lengths
493 493 * are applied (32 bytes for Skein-256, 64 bytes for Skein-512 and 128 bytes
494 494 * for Skein-1024).
495 495 */
496 496 static int
497 497 skein_digest_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
498 498 crypto_req_handle_t req)
499 499 {
500 500 int error = CRYPTO_SUCCESS;
501 501
502 502 if (!VALID_SKEIN_DIGEST_MECH(mechanism->cm_type))
503 503 return (CRYPTO_MECHANISM_INVALID);
504 504
505 505 SKEIN_CTX_LVALUE(ctx) = kmem_alloc(sizeof (*SKEIN_CTX(ctx)),
506 506 crypto_kmflag(req));
507 507 if (SKEIN_CTX(ctx) == NULL)
508 508 return (CRYPTO_HOST_MEMORY);
509 509
510 510 SKEIN_CTX(ctx)->sc_mech_type = mechanism->cm_type;
511 511 error = skein_get_digest_bitlen(mechanism,
512 512 &SKEIN_CTX(ctx)->sc_digest_bitlen);
513 513 if (error != CRYPTO_SUCCESS)
514 514 goto errout;
515 515 SKEIN_OP(SKEIN_CTX(ctx), Init, SKEIN_CTX(ctx)->sc_digest_bitlen);
516 516
517 517 return (CRYPTO_SUCCESS);
518 518 errout:
519 519 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
520 520 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
521 521 SKEIN_CTX_LVALUE(ctx) = NULL;
522 522 return (error);
523 523 }
524 524
525 525 /*
526 526 * Executes a skein_update and skein_digest on a pre-initialized crypto
527 527 * context in a single step. See the documentation to these functions to
528 528 * see what to pass here.
529 529 */
530 530 static int
531 531 skein_digest(crypto_ctx_t *ctx, crypto_data_t *data, crypto_data_t *digest,
532 532 crypto_req_handle_t req)
533 533 {
534 534 int error = CRYPTO_SUCCESS;
535 535
536 536 ASSERT(SKEIN_CTX(ctx) != NULL);
537 537
538 538 if (digest->cd_length <
539 539 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen)) {
540 540 digest->cd_length =
541 541 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
542 542 return (CRYPTO_BUFFER_TOO_SMALL);
543 543 }
544 544
545 545 error = skein_update(ctx, data, req);
546 546 if (error != CRYPTO_SUCCESS) {
547 547 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
548 548 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
549 549 SKEIN_CTX_LVALUE(ctx) = NULL;
550 550 digest->cd_length = 0;
551 551 return (error);
552 552 }
553 553 error = skein_final(ctx, digest, req);
554 554
555 555 return (error);
556 556 }
557 557
558 558 /*
559 559 * Performs a skein Update with the input message in `data' (successive calls
560 560 * can push more data). This is used both for digest and MAC operation.
561 561 * Supported input data formats are raw, uio and mblk.
562 562 */
563 563 /*ARGSUSED*/
564 564 static int
565 565 skein_update(crypto_ctx_t *ctx, crypto_data_t *data, crypto_req_handle_t req)
566 566 {
567 567 int error = CRYPTO_SUCCESS;
568 568
569 569 ASSERT(SKEIN_CTX(ctx) != NULL);
570 570
571 571 switch (data->cd_format) {
572 572 case CRYPTO_DATA_RAW:
573 573 SKEIN_OP(SKEIN_CTX(ctx), Update,
574 574 (uint8_t *)data->cd_raw.iov_base + data->cd_offset,
575 575 data->cd_length);
576 576 break;
577 577 case CRYPTO_DATA_UIO:
578 578 error = skein_digest_update_uio(SKEIN_CTX(ctx), data);
579 579 break;
580 580 case CRYPTO_DATA_MBLK:
581 581 error = skein_digest_update_mblk(SKEIN_CTX(ctx), data);
582 582 break;
583 583 default:
584 584 error = CRYPTO_ARGUMENTS_BAD;
585 585 }
586 586
587 587 return (error);
588 588 }
589 589
590 590 /*
591 591 * Performs a skein Final, writing the output to `digest'. This is used both
592 592 * for digest and MAC operation.
593 593 * Supported output digest formats are raw, uio and mblk.
594 594 */
595 595 /*ARGSUSED*/
596 596 static int
597 597 skein_final(crypto_ctx_t *ctx, crypto_data_t *digest, crypto_req_handle_t req)
598 598 {
599 599 int error = CRYPTO_SUCCESS;
600 600
601 601 ASSERT(SKEIN_CTX(ctx) != NULL);
602 602
603 603 if (digest->cd_length <
604 604 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen)) {
605 605 digest->cd_length =
606 606 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
607 607 return (CRYPTO_BUFFER_TOO_SMALL);
608 608 }
609 609
610 610 switch (digest->cd_format) {
611 611 case CRYPTO_DATA_RAW:
612 612 SKEIN_OP(SKEIN_CTX(ctx), Final,
613 613 (uint8_t *)digest->cd_raw.iov_base + digest->cd_offset);
614 614 break;
615 615 case CRYPTO_DATA_UIO:
616 616 error = skein_digest_final_uio(SKEIN_CTX(ctx), digest, req);
617 617 break;
618 618 case CRYPTO_DATA_MBLK:
619 619 error = skein_digest_final_mblk(SKEIN_CTX(ctx), digest, req);
620 620 break;
621 621 default:
622 622 error = CRYPTO_ARGUMENTS_BAD;
623 623 }
624 624
625 625 if (error == CRYPTO_SUCCESS)
626 626 digest->cd_length =
627 627 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
628 628 else
629 629 digest->cd_length = 0;
630 630
631 631 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
632 632 kmem_free(SKEIN_CTX(ctx), sizeof (*(SKEIN_CTX(ctx))));
633 633 SKEIN_CTX_LVALUE(ctx) = NULL;
634 634
635 635 return (error);
636 636 }
637 637
638 638 /*
639 639 * Performs a full skein digest computation in a single call, configuring the
640 640 * algorithm according to `mechanism', reading the input to be digested from
641 641 * `data' and writing the output to `digest'.
642 642 * Supported input/output formats are raw, uio and mblk.
643 643 */
644 644 /*ARGSUSED*/
645 645 static int
646 646 skein_digest_atomic(crypto_provider_handle_t provider,
647 647 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
648 648 crypto_data_t *data, crypto_data_t *digest, crypto_req_handle_t req)
649 649 {
650 650 int error;
651 651 skein_ctx_t skein_ctx;
652 652 crypto_ctx_t ctx;
653 653 SKEIN_CTX_LVALUE(&ctx) = &skein_ctx;
654 654
655 655 /* Init */
656 656 if (!VALID_SKEIN_DIGEST_MECH(mechanism->cm_type))
657 657 return (CRYPTO_MECHANISM_INVALID);
658 658 skein_ctx.sc_mech_type = mechanism->cm_type;
659 659 error = skein_get_digest_bitlen(mechanism, &skein_ctx.sc_digest_bitlen);
660 660 if (error != CRYPTO_SUCCESS)
661 661 goto out;
662 662 SKEIN_OP(&skein_ctx, Init, skein_ctx.sc_digest_bitlen);
663 663
664 664 if ((error = skein_update(&ctx, data, digest)) != CRYPTO_SUCCESS)
665 665 goto out;
666 666 if ((error = skein_final(&ctx, data, digest)) != CRYPTO_SUCCESS)
667 667 goto out;
668 668
669 669 out:
670 670 if (error == CRYPTO_SUCCESS)
671 671 digest->cd_length =
672 672 CRYPTO_BITS2BYTES(skein_ctx.sc_digest_bitlen);
673 673 else
674 674 digest->cd_length = 0;
675 675 bzero(&skein_ctx, sizeof (skein_ctx));
676 676
677 677 return (error);
678 678 }
679 679
680 680 /*
681 681 * Helper function that builds a Skein MAC context from the provided
682 682 * mechanism and key.
683 683 */
684 684 static int
685 685 skein_mac_ctx_build(skein_ctx_t *ctx, crypto_mechanism_t *mechanism,
686 686 crypto_key_t *key)
687 687 {
688 688 int error;
689 689
690 690 if (!VALID_SKEIN_MAC_MECH(mechanism->cm_type))
691 691 return (CRYPTO_MECHANISM_INVALID);
692 692 if (key->ck_format != CRYPTO_KEY_RAW)
693 693 return (CRYPTO_ARGUMENTS_BAD);
694 694 ctx->sc_mech_type = mechanism->cm_type;
695 695 error = skein_get_digest_bitlen(mechanism, &ctx->sc_digest_bitlen);
696 696 if (error != CRYPTO_SUCCESS)
697 697 return (error);
698 698 SKEIN_OP(ctx, InitExt, ctx->sc_digest_bitlen, 0, key->ck_data,
699 699 CRYPTO_BITS2BYTES(key->ck_length));
700 700
701 701 return (CRYPTO_SUCCESS);
702 702 }
703 703
704 704 /*
705 705 * KCF software provide mac entry points.
706 706 */
707 707 /*
708 708 * Initializes a skein MAC context. You may pass a ctx_template, in which
709 709 * case the template will be reused to make initialization more efficient.
710 710 * Otherwise a new context will be constructed. The mechanism cm_type must
711 711 * be one of SKEIN_*_MAC_MECH_INFO_TYPE. Same as in skein_digest_init, you
712 712 * may pass a skein_param_t in cm_param to configure the length of the
713 713 * digest. The key must be in raw format.
714 714 */
715 715 static int
716 716 skein_mac_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
717 717 crypto_key_t *key, crypto_spi_ctx_template_t ctx_template,
718 718 crypto_req_handle_t req)
719 719 {
720 720 int error;
721 721
722 722 SKEIN_CTX_LVALUE(ctx) = kmem_alloc(sizeof (*SKEIN_CTX(ctx)),
723 723 crypto_kmflag(req));
724 724 if (SKEIN_CTX(ctx) == NULL)
725 725 return (CRYPTO_HOST_MEMORY);
726 726
727 727 if (ctx_template != NULL) {
728 728 bcopy(ctx_template, SKEIN_CTX(ctx),
729 729 sizeof (*SKEIN_CTX(ctx)));
730 730 } else {
731 731 error = skein_mac_ctx_build(SKEIN_CTX(ctx), mechanism, key);
732 732 if (error != CRYPTO_SUCCESS)
733 733 goto errout;
734 734 }
735 735
736 736 return (CRYPTO_SUCCESS);
737 737 errout:
738 738 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
739 739 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
740 740 return (error);
741 741 }
742 742
743 743 /*
744 744 * The MAC update and final calls are reused from the regular digest code.
745 745 */
746 746
747 747 /*ARGSUSED*/
748 748 /*
749 749 * Same as skein_digest_atomic, performs an atomic Skein MAC operation in
750 750 * one step. All the same properties apply to the arguments of this
751 751 * function as to those of the partial operations above.
752 752 */
753 753 static int
754 754 skein_mac_atomic(crypto_provider_handle_t provider,
755 755 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
756 756 crypto_key_t *key, crypto_data_t *data, crypto_data_t *mac,
757 757 crypto_spi_ctx_template_t ctx_template, crypto_req_handle_t req)
758 758 {
759 759 /* faux crypto context just for skein_digest_{update,final} */
760 760 int error;
761 761 crypto_ctx_t ctx;
762 762 skein_ctx_t skein_ctx;
763 763 SKEIN_CTX_LVALUE(&ctx) = &skein_ctx;
764 764
765 765 if (ctx_template != NULL) {
766 766 bcopy(ctx_template, &skein_ctx, sizeof (skein_ctx));
767 767 } else {
768 768 error = skein_mac_ctx_build(&skein_ctx, mechanism, key);
769 769 if (error != CRYPTO_SUCCESS)
770 770 goto errout;
771 771 }
772 772
773 773 if ((error = skein_update(&ctx, data, req)) != CRYPTO_SUCCESS)
774 774 goto errout;
775 775 if ((error = skein_final(&ctx, mac, req)) != CRYPTO_SUCCESS)
776 776 goto errout;
777 777
778 778 return (CRYPTO_SUCCESS);
779 779 errout:
780 780 bzero(&skein_ctx, sizeof (skein_ctx));
781 781 return (error);
782 782 }
783 783
784 784 /*
785 785 * KCF software provider context management entry points.
786 786 */
787 787
788 788 /*
789 789 * Constructs a context template for the Skein MAC algorithm. The same
790 790 * properties apply to the arguments of this function as to those of
791 791 * skein_mac_init.
792 792 */
793 793 /*ARGSUSED*/
794 794 static int
795 795 skein_create_ctx_template(crypto_provider_handle_t provider,
796 796 crypto_mechanism_t *mechanism, crypto_key_t *key,
797 797 crypto_spi_ctx_template_t *ctx_template, size_t *ctx_template_size,
798 798 crypto_req_handle_t req)
799 799 {
800 800 int error;
801 801 skein_ctx_t *ctx_tmpl;
802 802
803 803 ctx_tmpl = kmem_alloc(sizeof (*ctx_tmpl), crypto_kmflag(req));
804 804 if (ctx_tmpl == NULL)
805 805 return (CRYPTO_HOST_MEMORY);
806 806 error = skein_mac_ctx_build(ctx_tmpl, mechanism, key);
807 807 if (error != CRYPTO_SUCCESS)
808 808 goto errout;
809 809 *ctx_template = ctx_tmpl;
810 810 *ctx_template_size = sizeof (*ctx_tmpl);
811 811
812 812 return (CRYPTO_SUCCESS);
813 813 errout:
814 814 bzero(ctx_tmpl, sizeof (*ctx_tmpl));
815 815 kmem_free(ctx_tmpl, sizeof (*ctx_tmpl));
816 816 return (error);
817 817 }
818 818
819 819 /*
820 820 * Frees a skein context in a parent crypto context.
821 821 */
822 822 static int
823 823 skein_free_context(crypto_ctx_t *ctx)
824 824 {
825 825 if (SKEIN_CTX(ctx) != NULL) {
826 826 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
827 827 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
828 828 SKEIN_CTX_LVALUE(ctx) = NULL;
829 829 }
830 830
831 831 return (CRYPTO_SUCCESS);
832 832 }
|
↓ open down ↓ |
668 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX