Print this page
fixup .text where possible
7127 remove -Wno-missing-braces from Makefile.uts
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/des/des_crypt.c
+++ new/usr/src/uts/common/des/des_crypt.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 *
21 21 */
22 22 /*
23 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 25 */
26 26
27 27 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
28 28 /* All Rights Reserved */
29 29
30 30 /*
31 31 * Portions of this source code were derived from Berkeley 4.3 BSD
32 32 * under license from the Regents of the University of California.
33 33 */
34 34
35 35 /*
36 36 * des_crypt.c, DES encryption library routines
37 37 */
38 38
39 39 #include <sys/errno.h>
40 40 #include <sys/modctl.h>
41 41
42 42 #include <sys/systm.h>
43 43 #include <sys/cmn_err.h>
44 44 #include <sys/ddi.h>
45 45 #include <sys/crypto/common.h>
46 46 #include <sys/crypto/spi.h>
47 47 #include <sys/sysmacros.h>
48 48 #include <sys/strsun.h>
49 49 #include <sys/note.h>
50 50 #include <modes/modes.h>
51 51 #define _DES_IMPL
52 52 #include <des/des_impl.h>
53 53
54 54 #include <sys/types.h>
55 55 #include <rpc/des_crypt.h>
56 56 #include <des/des.h>
57 57
58 58 #ifdef sun_hardware
59 59 #include <sys/ioctl.h>
60 60 #ifdef _KERNEL
61 61 #include <sys/conf.h>
62 62 static int g_desfd = -1;
63 63 #define getdesfd() (cdevsw[11].d_open(0, 0) ? -1 : 0)
64 64 #define ioctl(a, b, c) (cdevsw[11].d_ioctl(0, b, c, 0) ? -1 : 0)
65 65 #else
66 66 #define getdesfd() (open("/dev/des", 0, 0))
67 67 #endif /* _KERNEL */
68 68 #endif /* sun */
69 69
70 70 static int common_crypt(char *key, char *buf, size_t len,
71 71 unsigned int mode, struct desparams *desp);
72 72
73 73 extern int _des_crypt(char *buf, size_t len, struct desparams *desp);
74 74
75 75 extern struct mod_ops mod_cryptoops;
76 76
77 77 /*
78 78 * Module linkage information for the kernel.
79 79 */
80 80 static struct modlmisc modlmisc = {
81 81 &mod_miscops,
|
↓ open down ↓ |
81 lines elided |
↑ open up ↑ |
82 82 "des encryption",
83 83 };
84 84
85 85 static struct modlcrypto modlcrypto = {
86 86 &mod_cryptoops,
87 87 "DES Kernel SW Provider"
88 88 };
89 89
90 90 static struct modlinkage modlinkage = {
91 91 MODREV_1,
92 - &modlmisc,
93 - &modlcrypto,
94 - NULL
92 + { &modlmisc,
93 + &modlcrypto,
94 + NULL
95 + }
95 96 };
96 97
97 98 #define DES_MIN_KEY_LEN DES_MINBYTES
98 99 #define DES_MAX_KEY_LEN DES_MAXBYTES
99 100 #define DES3_MIN_KEY_LEN DES3_MAXBYTES /* no CKK_DES2 support */
100 101 #define DES3_MAX_KEY_LEN DES3_MAXBYTES
101 102
102 103 #ifndef DES_MIN_KEY_LEN
103 104 #define DES_MIN_KEY_LEN 0
104 105 #endif
105 106
106 107 #ifndef DES_MAX_KEY_LEN
107 108 #define DES_MAX_KEY_LEN 0
108 109 #endif
109 110
110 111 #ifndef DES3_MIN_KEY_LEN
111 112 #define DES3_MIN_KEY_LEN 0
112 113 #endif
113 114
114 115 #ifndef DES3_MAX_KEY_LEN
115 116 #define DES3_MAX_KEY_LEN 0
116 117 #endif
117 118
118 119
119 120 /*
120 121 * Mechanism info structure passed to KCF during registration.
121 122 */
122 123 static crypto_mech_info_t des_mech_info_tab[] = {
123 124 /* DES_ECB */
124 125 {SUN_CKM_DES_ECB, DES_ECB_MECH_INFO_TYPE,
125 126 CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC |
126 127 CRYPTO_FG_DECRYPT | CRYPTO_FG_DECRYPT_ATOMIC,
127 128 DES_MIN_KEY_LEN, DES_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES},
128 129 /* DES_CBC */
129 130 {SUN_CKM_DES_CBC, DES_CBC_MECH_INFO_TYPE,
130 131 CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC |
131 132 CRYPTO_FG_DECRYPT | CRYPTO_FG_DECRYPT_ATOMIC,
132 133 DES_MIN_KEY_LEN, DES_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES},
133 134 /* DES3_ECB */
134 135 {SUN_CKM_DES3_ECB, DES3_ECB_MECH_INFO_TYPE,
135 136 CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC |
136 137 CRYPTO_FG_DECRYPT | CRYPTO_FG_DECRYPT_ATOMIC,
137 138 DES3_MIN_KEY_LEN, DES3_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES},
138 139 /* DES3_CBC */
139 140 {SUN_CKM_DES3_CBC, DES3_CBC_MECH_INFO_TYPE,
140 141 CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC |
141 142 CRYPTO_FG_DECRYPT | CRYPTO_FG_DECRYPT_ATOMIC,
142 143 DES3_MIN_KEY_LEN, DES3_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES}
143 144 };
144 145
145 146 /* operations are in-place if the output buffer is NULL */
146 147 #define DES_ARG_INPLACE(input, output) \
147 148 if ((output) == NULL) \
148 149 (output) = (input);
149 150
150 151 static void des_provider_status(crypto_provider_handle_t, uint_t *);
151 152
152 153 static crypto_control_ops_t des_control_ops = {
153 154 des_provider_status
154 155 };
155 156
156 157 static int
157 158 des_common_init(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *,
158 159 crypto_spi_ctx_template_t, crypto_req_handle_t);
159 160 static int des_common_init_ctx(des_ctx_t *, crypto_spi_ctx_template_t *,
160 161 crypto_mechanism_t *, crypto_key_t *, des_strength_t, int);
161 162 static int des_encrypt_final(crypto_ctx_t *, crypto_data_t *,
162 163 crypto_req_handle_t);
163 164 static int des_decrypt_final(crypto_ctx_t *, crypto_data_t *,
164 165 crypto_req_handle_t);
165 166
166 167 static int des_encrypt(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
167 168 crypto_req_handle_t);
168 169 static int des_encrypt_update(crypto_ctx_t *, crypto_data_t *,
169 170 crypto_data_t *, crypto_req_handle_t);
170 171 static int des_encrypt_atomic(crypto_provider_handle_t, crypto_session_id_t,
171 172 crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
172 173 crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
173 174
174 175 static int des_decrypt(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
175 176 crypto_req_handle_t);
176 177 static int des_decrypt_update(crypto_ctx_t *, crypto_data_t *,
177 178 crypto_data_t *, crypto_req_handle_t);
178 179 static int des_decrypt_atomic(crypto_provider_handle_t, crypto_session_id_t,
179 180 crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
180 181 crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
181 182
182 183 static crypto_cipher_ops_t des_cipher_ops = {
183 184 des_common_init,
184 185 des_encrypt,
185 186 des_encrypt_update,
186 187 des_encrypt_final,
187 188 des_encrypt_atomic,
188 189 des_common_init,
189 190 des_decrypt,
190 191 des_decrypt_update,
191 192 des_decrypt_final,
192 193 des_decrypt_atomic
193 194 };
194 195
195 196 static int des_create_ctx_template(crypto_provider_handle_t,
196 197 crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t *,
197 198 size_t *, crypto_req_handle_t);
198 199 static int des_free_context(crypto_ctx_t *);
199 200
200 201 static crypto_ctx_ops_t des_ctx_ops = {
201 202 des_create_ctx_template,
202 203 des_free_context
203 204 };
204 205
205 206 static int des_key_check(crypto_provider_handle_t, crypto_mechanism_t *,
206 207 crypto_key_t *);
207 208
|
↓ open down ↓ |
103 lines elided |
↑ open up ↑ |
208 209 static crypto_key_ops_t des_key_ops = {
209 210 NULL,
210 211 NULL,
211 212 NULL,
212 213 NULL,
213 214 NULL,
214 215 des_key_check
215 216 };
216 217
217 218 static crypto_ops_t des_crypto_ops = {
218 - &des_control_ops,
219 - NULL,
220 - &des_cipher_ops,
221 - NULL,
222 - NULL,
223 - NULL,
224 - NULL,
225 - NULL,
226 - NULL,
227 - NULL,
228 - NULL,
229 - &des_key_ops,
230 - NULL,
231 - &des_ctx_ops,
232 - NULL,
233 - NULL,
234 - NULL
219 + .co_control_ops = &des_control_ops,
220 + .co_cipher_ops = &des_cipher_ops,
221 + .co_key_ops = &des_key_ops,
222 + .co_ctx_ops = &des_ctx_ops
235 223 };
236 224
237 -static crypto_provider_info_t des_prov_info = {
225 +static crypto_provider_info_t des_prov_info = {{{{
238 226 CRYPTO_SPI_VERSION_4,
239 227 "DES Software Provider",
240 228 CRYPTO_SW_PROVIDER,
241 229 {&modlinkage},
242 230 NULL,
243 231 &des_crypto_ops,
244 232 sizeof (des_mech_info_tab)/sizeof (crypto_mech_info_t),
245 233 des_mech_info_tab
246 -};
234 +}}}};
247 235
248 236 static crypto_kcf_provider_handle_t des_prov_handle = NULL;
249 237
250 238 int
251 239 _init(void)
252 240 {
253 241 int ret;
254 242
255 243 if ((ret = mod_install(&modlinkage)) != 0)
256 244 return (ret);
257 245
258 246 /*
259 247 * Register with KCF. If the registration fails, kcf will log an
260 248 * error but do not uninstall the module, since the functionality
261 249 * provided by misc/des should still be available.
262 250 *
263 251 */
264 252 (void) crypto_register_provider(&des_prov_info, &des_prov_handle);
265 253
266 254 return (0);
267 255 }
268 256
269 257
270 258 int
271 259 _info(struct modinfo *modinfop)
272 260 {
273 261 return (mod_info(&modlinkage, modinfop));
274 262 }
275 263
276 264 /*
277 265 * Copy 8 bytes
278 266 */
279 267 #define COPY8(src, dst) { \
280 268 char *a = (char *)dst; \
281 269 char *b = (char *)src; \
282 270 *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
283 271 *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
284 272 }
285 273
286 274 /*
287 275 * Copy multiple of 8 bytes
288 276 */
289 277 #define DESCOPY(src, dst, len) { \
290 278 char *a = (char *)dst; \
291 279 char *b = (char *)src; \
292 280 int i; \
293 281 for (i = (size_t)len; i > 0; i -= 8) { \
294 282 *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
295 283 *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
296 284 } \
297 285 }
298 286
299 287 /*
300 288 * CBC mode encryption
301 289 */
302 290 /* ARGSUSED */
303 291 int
304 292 cbc_crypt(char *key, char *buf, size_t len, unsigned int mode, char *ivec)
305 293 {
306 294 int err = 0;
307 295 struct desparams dp;
308 296
309 297 dp.des_mode = CBC;
310 298 COPY8(ivec, dp.des_ivec);
311 299 err = common_crypt(key, buf, len, mode, &dp);
312 300 COPY8(dp.des_ivec, ivec);
313 301 return (err);
314 302 }
315 303
316 304
317 305 /*
318 306 * ECB mode encryption
319 307 */
320 308 /* ARGSUSED */
321 309 int
322 310 ecb_crypt(char *key, char *buf, size_t len, unsigned int mode)
323 311 {
324 312 int err = 0;
325 313 struct desparams dp;
326 314
327 315 dp.des_mode = ECB;
328 316 err = common_crypt(key, buf, len, mode, &dp);
329 317 return (err);
330 318 }
331 319
332 320
333 321
334 322 /*
335 323 * Common code to cbc_crypt() & ecb_crypt()
336 324 */
337 325 static int
338 326 common_crypt(char *key, char *buf, size_t len, unsigned int mode,
339 327 struct desparams *desp)
340 328 {
341 329 int desdev;
342 330
343 331 if ((len % 8) != 0 || len > DES_MAXDATA)
344 332 return (DESERR_BADPARAM);
345 333
346 334 desp->des_dir =
347 335 ((mode & DES_DIRMASK) == DES_ENCRYPT) ? ENCRYPT : DECRYPT;
348 336
349 337 desdev = mode & DES_DEVMASK;
350 338 COPY8(key, desp->des_key);
351 339
352 340 #ifdef sun_hardware
353 341 if (desdev == DES_HW) {
354 342 int res;
355 343
356 344 if (g_desfd < 0 &&
357 345 (g_desfd == -1 || (g_desfd = getdesfd()) < 0))
358 346 goto software; /* no hardware device */
359 347
360 348 /*
361 349 * hardware
362 350 */
363 351 desp->des_len = len;
364 352 if (len <= DES_QUICKLEN) {
365 353 DESCOPY(buf, desp->des_data, len);
366 354 res = ioctl(g_desfd, DESIOCQUICK, (char *)desp);
367 355 DESCOPY(desp->des_data, buf, len);
368 356 } else {
369 357 desp->des_buf = (uchar_t *)buf;
370 358 res = ioctl(g_desfd, DESIOCBLOCK, (char *)desp);
371 359 }
372 360 return (res == 0 ? DESERR_NONE : DESERR_HWERROR);
373 361 }
374 362 software:
375 363 #endif
376 364 /*
377 365 * software
378 366 */
379 367 if (!_des_crypt(buf, len, desp))
380 368 return (DESERR_HWERROR);
381 369
382 370 return (desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE);
383 371 }
384 372
385 373 /*
386 374 * Initialize key schedules for DES and DES3
387 375 */
388 376 static int
389 377 init_keysched(crypto_key_t *key, void *newbie, des_strength_t strength)
390 378 {
391 379 uint8_t corrected_key[DES3_KEYSIZE];
392 380
393 381 /*
394 382 * Only keys by value are supported by this module.
395 383 */
396 384 switch (key->ck_format) {
397 385 case CRYPTO_KEY_RAW:
398 386 if (strength == DES && key->ck_length != DES_MAXBITS)
399 387 return (CRYPTO_KEY_SIZE_RANGE);
400 388 if (strength == DES3 && key->ck_length != DES3_MAXBITS)
401 389 return (CRYPTO_KEY_SIZE_RANGE);
402 390 break;
403 391 default:
404 392 return (CRYPTO_KEY_TYPE_INCONSISTENT);
405 393 }
406 394
407 395 /*
408 396 * Fix parity bits.
409 397 * Initialize key schedule even if key is weak.
410 398 */
411 399 if (key->ck_data == NULL)
412 400 return (CRYPTO_ARGUMENTS_BAD);
413 401
414 402 des_parity_fix(key->ck_data, strength, corrected_key);
415 403 des_init_keysched(corrected_key, strength, newbie);
416 404 return (CRYPTO_SUCCESS);
417 405 }
418 406
419 407 /*
420 408 * KCF software provider control entry points.
421 409 */
422 410 /* ARGSUSED */
423 411 static void
424 412 des_provider_status(crypto_provider_handle_t provider, uint_t *status)
425 413 {
426 414 *status = CRYPTO_PROVIDER_READY;
427 415 }
428 416
429 417 /*
430 418 * KCF software provider encrypt entry points.
431 419 */
432 420 static int
433 421 des_common_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
434 422 crypto_key_t *key, crypto_spi_ctx_template_t template,
435 423 crypto_req_handle_t req)
436 424 {
437 425
438 426 des_strength_t strength;
439 427 des_ctx_t *des_ctx = NULL;
440 428 int rv;
441 429 int kmflag;
442 430
443 431 /*
444 432 * Only keys by value are supported by this module.
445 433 */
446 434 if (key->ck_format != CRYPTO_KEY_RAW) {
447 435 return (CRYPTO_KEY_TYPE_INCONSISTENT);
448 436 }
449 437
450 438 kmflag = crypto_kmflag(req);
451 439 /* Check mechanism type and parameter length */
452 440 switch (mechanism->cm_type) {
453 441 case DES_ECB_MECH_INFO_TYPE:
454 442 des_ctx = ecb_alloc_ctx(kmflag);
455 443 /* FALLTHRU */
456 444 case DES_CBC_MECH_INFO_TYPE:
457 445 if (mechanism->cm_param != NULL &&
458 446 mechanism->cm_param_len != DES_BLOCK_LEN)
459 447 return (CRYPTO_MECHANISM_PARAM_INVALID);
460 448 if (key->ck_length != DES_MAXBITS)
461 449 return (CRYPTO_KEY_SIZE_RANGE);
462 450 strength = DES;
463 451 if (des_ctx == NULL)
464 452 des_ctx = cbc_alloc_ctx(kmflag);
465 453 break;
466 454 case DES3_ECB_MECH_INFO_TYPE:
467 455 des_ctx = ecb_alloc_ctx(kmflag);
468 456 /* FALLTHRU */
469 457 case DES3_CBC_MECH_INFO_TYPE:
470 458 if (mechanism->cm_param != NULL &&
471 459 mechanism->cm_param_len != DES_BLOCK_LEN)
472 460 return (CRYPTO_MECHANISM_PARAM_INVALID);
473 461 if (key->ck_length != DES3_MAXBITS)
474 462 return (CRYPTO_KEY_SIZE_RANGE);
475 463 strength = DES3;
476 464 if (des_ctx == NULL)
477 465 des_ctx = cbc_alloc_ctx(kmflag);
478 466 break;
479 467 default:
480 468 return (CRYPTO_MECHANISM_INVALID);
481 469 }
482 470
483 471 if ((rv = des_common_init_ctx(des_ctx, template, mechanism, key,
484 472 strength, kmflag)) != CRYPTO_SUCCESS) {
485 473 crypto_free_mode_ctx(des_ctx);
486 474 return (rv);
487 475 }
488 476
489 477 ctx->cc_provider_private = des_ctx;
490 478
491 479 return (CRYPTO_SUCCESS);
492 480 }
493 481
494 482 static void
495 483 des_copy_block64(uint8_t *in, uint64_t *out)
496 484 {
497 485 if (IS_P2ALIGNED(in, sizeof (uint64_t))) {
498 486 /* LINTED: pointer alignment */
499 487 out[0] = *(uint64_t *)&in[0];
500 488 } else {
501 489 uint64_t tmp64;
502 490
503 491 #ifdef _BIG_ENDIAN
504 492 tmp64 = (((uint64_t)in[0] << 56) |
505 493 ((uint64_t)in[1] << 48) |
506 494 ((uint64_t)in[2] << 40) |
507 495 ((uint64_t)in[3] << 32) |
508 496 ((uint64_t)in[4] << 24) |
509 497 ((uint64_t)in[5] << 16) |
510 498 ((uint64_t)in[6] << 8) |
511 499 (uint64_t)in[7]);
512 500 #else
513 501 tmp64 = (((uint64_t)in[7] << 56) |
514 502 ((uint64_t)in[6] << 48) |
515 503 ((uint64_t)in[5] << 40) |
516 504 ((uint64_t)in[4] << 32) |
517 505 ((uint64_t)in[3] << 24) |
518 506 ((uint64_t)in[2] << 16) |
519 507 ((uint64_t)in[1] << 8) |
520 508 (uint64_t)in[0]);
521 509 #endif /* _BIG_ENDIAN */
522 510
523 511 out[0] = tmp64;
524 512 }
525 513 }
526 514
527 515 /* ARGSUSED */
528 516 static int
529 517 des_encrypt(crypto_ctx_t *ctx, crypto_data_t *plaintext,
530 518 crypto_data_t *ciphertext, crypto_req_handle_t req)
531 519 {
532 520 int ret;
533 521
534 522 des_ctx_t *des_ctx;
535 523
536 524 /*
537 525 * Plaintext must be a multiple of the block size.
538 526 * This test only works for non-padded mechanisms
539 527 * when blocksize is 2^N.
540 528 */
541 529 if ((plaintext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
542 530 return (CRYPTO_DATA_LEN_RANGE);
543 531
544 532 ASSERT(ctx->cc_provider_private != NULL);
545 533 des_ctx = ctx->cc_provider_private;
546 534
547 535 DES_ARG_INPLACE(plaintext, ciphertext);
548 536
549 537 /*
550 538 * We need to just return the length needed to store the output.
551 539 * We should not destroy the context for the following case.
552 540 */
553 541 if (ciphertext->cd_length < plaintext->cd_length) {
554 542 ciphertext->cd_length = plaintext->cd_length;
555 543 return (CRYPTO_BUFFER_TOO_SMALL);
556 544 }
557 545
558 546 /*
559 547 * Do an update on the specified input data.
560 548 */
561 549 ret = des_encrypt_update(ctx, plaintext, ciphertext, req);
562 550 ASSERT(des_ctx->dc_remainder_len == 0);
563 551 (void) des_free_context(ctx);
564 552
565 553 /* LINTED */
566 554 return (ret);
567 555 }
568 556
569 557 /* ARGSUSED */
570 558 static int
571 559 des_decrypt(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
572 560 crypto_data_t *plaintext, crypto_req_handle_t req)
573 561 {
574 562 int ret;
575 563
576 564 des_ctx_t *des_ctx;
577 565
578 566 /*
579 567 * Ciphertext must be a multiple of the block size.
580 568 * This test only works for non-padded mechanisms
581 569 * when blocksize is 2^N.
582 570 */
583 571 if ((ciphertext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
584 572 return (CRYPTO_ENCRYPTED_DATA_LEN_RANGE);
585 573
586 574 ASSERT(ctx->cc_provider_private != NULL);
587 575 des_ctx = ctx->cc_provider_private;
588 576
589 577 DES_ARG_INPLACE(ciphertext, plaintext);
590 578
591 579 /*
592 580 * We need to just return the length needed to store the output.
593 581 * We should not destroy the context for the following case.
594 582 */
595 583 if (plaintext->cd_length < ciphertext->cd_length) {
596 584 plaintext->cd_length = ciphertext->cd_length;
597 585 return (CRYPTO_BUFFER_TOO_SMALL);
598 586 }
599 587
600 588 /*
601 589 * Do an update on the specified input data.
602 590 */
603 591 ret = des_decrypt_update(ctx, ciphertext, plaintext, req);
604 592 ASSERT(des_ctx->dc_remainder_len == 0);
605 593 (void) des_free_context(ctx);
606 594
607 595 /* LINTED */
608 596 return (ret);
609 597 }
610 598
611 599 /* ARGSUSED */
612 600 static int
613 601 des_encrypt_update(crypto_ctx_t *ctx, crypto_data_t *plaintext,
614 602 crypto_data_t *ciphertext, crypto_req_handle_t req)
615 603 {
616 604 off_t saved_offset;
617 605 size_t saved_length, out_len;
618 606 int ret = CRYPTO_SUCCESS;
619 607
620 608 ASSERT(ctx->cc_provider_private != NULL);
621 609
622 610 DES_ARG_INPLACE(plaintext, ciphertext);
623 611
624 612 /* compute number of bytes that will hold the ciphertext */
625 613 out_len = ((des_ctx_t *)ctx->cc_provider_private)->dc_remainder_len;
626 614 out_len += plaintext->cd_length;
627 615 out_len &= ~(DES_BLOCK_LEN - 1);
628 616
629 617 /* return length needed to store the output */
630 618 if (ciphertext->cd_length < out_len) {
631 619 ciphertext->cd_length = out_len;
632 620 return (CRYPTO_BUFFER_TOO_SMALL);
633 621 }
634 622
635 623 saved_offset = ciphertext->cd_offset;
636 624 saved_length = ciphertext->cd_length;
637 625
638 626 /*
639 627 * Do the DES update on the specified input data.
640 628 */
641 629 switch (plaintext->cd_format) {
642 630 case CRYPTO_DATA_RAW:
643 631 ret = crypto_update_iov(ctx->cc_provider_private,
644 632 plaintext, ciphertext, des_encrypt_contiguous_blocks,
645 633 des_copy_block64);
646 634 break;
647 635 case CRYPTO_DATA_UIO:
648 636 ret = crypto_update_uio(ctx->cc_provider_private,
649 637 plaintext, ciphertext, des_encrypt_contiguous_blocks,
650 638 des_copy_block64);
651 639 break;
652 640 case CRYPTO_DATA_MBLK:
653 641 ret = crypto_update_mp(ctx->cc_provider_private,
654 642 plaintext, ciphertext, des_encrypt_contiguous_blocks,
655 643 des_copy_block64);
656 644 break;
657 645 default:
658 646 ret = CRYPTO_ARGUMENTS_BAD;
659 647 }
660 648
661 649 if (ret == CRYPTO_SUCCESS) {
662 650 if (plaintext != ciphertext)
663 651 ciphertext->cd_length =
664 652 ciphertext->cd_offset - saved_offset;
665 653 } else {
666 654 ciphertext->cd_length = saved_length;
667 655 }
668 656 ciphertext->cd_offset = saved_offset;
669 657
670 658 return (ret);
671 659 }
672 660
673 661 /* ARGSUSED */
674 662 static int
675 663 des_decrypt_update(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
676 664 crypto_data_t *plaintext, crypto_req_handle_t req)
677 665 {
678 666 off_t saved_offset;
679 667 size_t saved_length, out_len;
680 668 int ret = CRYPTO_SUCCESS;
681 669
682 670 ASSERT(ctx->cc_provider_private != NULL);
683 671
684 672 DES_ARG_INPLACE(ciphertext, plaintext);
685 673
686 674 /* compute number of bytes that will hold the plaintext */
687 675 out_len = ((des_ctx_t *)ctx->cc_provider_private)->dc_remainder_len;
688 676 out_len += ciphertext->cd_length;
689 677 out_len &= ~(DES_BLOCK_LEN - 1);
690 678
691 679 /* return length needed to store the output */
692 680 if (plaintext->cd_length < out_len) {
693 681 plaintext->cd_length = out_len;
694 682 return (CRYPTO_BUFFER_TOO_SMALL);
695 683 }
696 684
697 685 saved_offset = plaintext->cd_offset;
698 686 saved_length = plaintext->cd_length;
699 687
700 688 /*
701 689 * Do the DES update on the specified input data.
702 690 */
703 691 switch (ciphertext->cd_format) {
704 692 case CRYPTO_DATA_RAW:
705 693 ret = crypto_update_iov(ctx->cc_provider_private,
706 694 ciphertext, plaintext, des_decrypt_contiguous_blocks,
707 695 des_copy_block64);
708 696 break;
709 697 case CRYPTO_DATA_UIO:
710 698 ret = crypto_update_uio(ctx->cc_provider_private,
711 699 ciphertext, plaintext, des_decrypt_contiguous_blocks,
712 700 des_copy_block64);
713 701 break;
714 702 case CRYPTO_DATA_MBLK:
715 703 ret = crypto_update_mp(ctx->cc_provider_private,
716 704 ciphertext, plaintext, des_decrypt_contiguous_blocks,
717 705 des_copy_block64);
718 706 break;
719 707 default:
720 708 ret = CRYPTO_ARGUMENTS_BAD;
721 709 }
722 710
723 711 if (ret == CRYPTO_SUCCESS) {
724 712 if (ciphertext != plaintext)
725 713 plaintext->cd_length =
726 714 plaintext->cd_offset - saved_offset;
727 715 } else {
728 716 plaintext->cd_length = saved_length;
729 717 }
730 718 plaintext->cd_offset = saved_offset;
731 719
732 720 return (ret);
733 721 }
734 722
735 723 /* ARGSUSED */
736 724 static int
737 725 des_encrypt_final(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
738 726 crypto_req_handle_t req)
739 727 {
740 728 des_ctx_t *des_ctx;
741 729
742 730 ASSERT(ctx->cc_provider_private != NULL);
743 731 des_ctx = ctx->cc_provider_private;
744 732
745 733 /*
746 734 * There must be no unprocessed plaintext.
747 735 * This happens if the length of the last data is
748 736 * not a multiple of the DES block length.
749 737 */
750 738 if (des_ctx->dc_remainder_len > 0)
751 739 return (CRYPTO_DATA_LEN_RANGE);
752 740
753 741 (void) des_free_context(ctx);
754 742 ciphertext->cd_length = 0;
755 743
756 744 return (CRYPTO_SUCCESS);
757 745 }
758 746
759 747 /* ARGSUSED */
760 748 static int
761 749 des_decrypt_final(crypto_ctx_t *ctx, crypto_data_t *plaintext,
762 750 crypto_req_handle_t req)
763 751 {
764 752 des_ctx_t *des_ctx;
765 753
766 754 ASSERT(ctx->cc_provider_private != NULL);
767 755 des_ctx = ctx->cc_provider_private;
768 756
769 757 /*
770 758 * There must be no unprocessed ciphertext.
771 759 * This happens if the length of the last ciphertext is
772 760 * not a multiple of the DES block length.
773 761 */
774 762 if (des_ctx->dc_remainder_len > 0)
775 763 return (CRYPTO_ENCRYPTED_DATA_LEN_RANGE);
776 764
777 765 (void) des_free_context(ctx);
778 766 plaintext->cd_length = 0;
779 767
780 768 return (CRYPTO_SUCCESS);
781 769 }
782 770
783 771 /* ARGSUSED */
784 772 static int
785 773 des_encrypt_atomic(crypto_provider_handle_t provider,
786 774 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
787 775 crypto_key_t *key, crypto_data_t *plaintext, crypto_data_t *ciphertext,
788 776 crypto_spi_ctx_template_t template, crypto_req_handle_t req)
789 777 {
790 778 int ret;
791 779
792 780 des_ctx_t des_ctx; /* on the stack */
793 781 des_strength_t strength;
794 782 off_t saved_offset;
795 783 size_t saved_length;
796 784
797 785 DES_ARG_INPLACE(plaintext, ciphertext);
798 786
799 787 /*
800 788 * Plaintext must be a multiple of the block size.
801 789 * This test only works for non-padded mechanisms
802 790 * when blocksize is 2^N.
803 791 */
804 792 if ((plaintext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
805 793 return (CRYPTO_DATA_LEN_RANGE);
806 794
807 795 /* return length needed to store the output */
808 796 if (ciphertext->cd_length < plaintext->cd_length) {
809 797 ciphertext->cd_length = plaintext->cd_length;
810 798 return (CRYPTO_BUFFER_TOO_SMALL);
811 799 }
812 800
813 801 /* Check mechanism type and parameter length */
814 802 switch (mechanism->cm_type) {
815 803 case DES_ECB_MECH_INFO_TYPE:
816 804 case DES_CBC_MECH_INFO_TYPE:
817 805 if (mechanism->cm_param_len > 0 &&
818 806 mechanism->cm_param_len != DES_BLOCK_LEN)
819 807 return (CRYPTO_MECHANISM_PARAM_INVALID);
820 808 if (key->ck_length != DES_MINBITS)
821 809 return (CRYPTO_KEY_SIZE_RANGE);
822 810 strength = DES;
823 811 break;
824 812 case DES3_ECB_MECH_INFO_TYPE:
825 813 case DES3_CBC_MECH_INFO_TYPE:
826 814 if (mechanism->cm_param_len > 0 &&
827 815 mechanism->cm_param_len != DES_BLOCK_LEN)
828 816 return (CRYPTO_MECHANISM_PARAM_INVALID);
829 817 if (key->ck_length != DES3_MAXBITS)
830 818 return (CRYPTO_KEY_SIZE_RANGE);
831 819 strength = DES3;
832 820 break;
833 821 default:
834 822 return (CRYPTO_MECHANISM_INVALID);
835 823 }
836 824
837 825 bzero(&des_ctx, sizeof (des_ctx_t));
838 826
839 827 if ((ret = des_common_init_ctx(&des_ctx, template, mechanism, key,
840 828 strength, crypto_kmflag(req))) != CRYPTO_SUCCESS) {
841 829 return (ret);
842 830 }
843 831
844 832 saved_offset = ciphertext->cd_offset;
845 833 saved_length = ciphertext->cd_length;
846 834
847 835 /*
848 836 * Do the update on the specified input data.
849 837 */
850 838 switch (plaintext->cd_format) {
851 839 case CRYPTO_DATA_RAW:
852 840 ret = crypto_update_iov(&des_ctx, plaintext, ciphertext,
853 841 des_encrypt_contiguous_blocks, des_copy_block64);
854 842 break;
855 843 case CRYPTO_DATA_UIO:
856 844 ret = crypto_update_uio(&des_ctx, plaintext, ciphertext,
857 845 des_encrypt_contiguous_blocks, des_copy_block64);
858 846 break;
859 847 case CRYPTO_DATA_MBLK:
860 848 ret = crypto_update_mp(&des_ctx, plaintext, ciphertext,
861 849 des_encrypt_contiguous_blocks, des_copy_block64);
862 850 break;
863 851 default:
864 852 ret = CRYPTO_ARGUMENTS_BAD;
865 853 }
866 854
867 855 if (des_ctx.dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
868 856 bzero(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
869 857 kmem_free(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
870 858 }
871 859
872 860 if (ret == CRYPTO_SUCCESS) {
873 861 ASSERT(des_ctx.dc_remainder_len == 0);
874 862 if (plaintext != ciphertext)
875 863 ciphertext->cd_length =
876 864 ciphertext->cd_offset - saved_offset;
877 865 } else {
878 866 ciphertext->cd_length = saved_length;
879 867 }
880 868 ciphertext->cd_offset = saved_offset;
881 869
882 870 /* LINTED */
883 871 return (ret);
884 872 }
885 873
886 874 /* ARGSUSED */
887 875 static int
888 876 des_decrypt_atomic(crypto_provider_handle_t provider,
889 877 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
890 878 crypto_key_t *key, crypto_data_t *ciphertext, crypto_data_t *plaintext,
891 879 crypto_spi_ctx_template_t template, crypto_req_handle_t req)
892 880 {
893 881 int ret;
894 882
895 883 des_ctx_t des_ctx; /* on the stack */
896 884 des_strength_t strength;
897 885 off_t saved_offset;
898 886 size_t saved_length;
899 887
900 888 DES_ARG_INPLACE(ciphertext, plaintext);
901 889
902 890 /*
903 891 * Ciphertext must be a multiple of the block size.
904 892 * This test only works for non-padded mechanisms
905 893 * when blocksize is 2^N.
906 894 */
907 895 if ((ciphertext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
908 896 return (CRYPTO_DATA_LEN_RANGE);
909 897
910 898 /* return length needed to store the output */
911 899 if (plaintext->cd_length < ciphertext->cd_length) {
912 900 plaintext->cd_length = ciphertext->cd_length;
913 901 return (CRYPTO_BUFFER_TOO_SMALL);
914 902 }
915 903
916 904 /* Check mechanism type and parameter length */
917 905 switch (mechanism->cm_type) {
918 906 case DES_ECB_MECH_INFO_TYPE:
919 907 case DES_CBC_MECH_INFO_TYPE:
920 908 if (mechanism->cm_param_len > 0 &&
921 909 mechanism->cm_param_len != DES_BLOCK_LEN)
922 910 return (CRYPTO_MECHANISM_PARAM_INVALID);
923 911 if (key->ck_length != DES_MINBITS)
924 912 return (CRYPTO_KEY_SIZE_RANGE);
925 913 strength = DES;
926 914 break;
927 915 case DES3_ECB_MECH_INFO_TYPE:
928 916 case DES3_CBC_MECH_INFO_TYPE:
929 917 if (mechanism->cm_param_len > 0 &&
930 918 mechanism->cm_param_len != DES_BLOCK_LEN)
931 919 return (CRYPTO_MECHANISM_PARAM_INVALID);
932 920 if (key->ck_length != DES3_MAXBITS)
933 921 return (CRYPTO_KEY_SIZE_RANGE);
934 922 strength = DES3;
935 923 break;
936 924 default:
937 925 return (CRYPTO_MECHANISM_INVALID);
938 926 }
939 927
940 928 bzero(&des_ctx, sizeof (des_ctx_t));
941 929
942 930 if ((ret = des_common_init_ctx(&des_ctx, template, mechanism, key,
943 931 strength, crypto_kmflag(req))) != CRYPTO_SUCCESS) {
944 932 return (ret);
945 933 }
946 934
947 935 saved_offset = plaintext->cd_offset;
948 936 saved_length = plaintext->cd_length;
949 937
950 938 /*
951 939 * Do the update on the specified input data.
952 940 */
953 941 switch (ciphertext->cd_format) {
954 942 case CRYPTO_DATA_RAW:
955 943 ret = crypto_update_iov(&des_ctx, ciphertext, plaintext,
956 944 des_decrypt_contiguous_blocks, des_copy_block64);
957 945 break;
958 946 case CRYPTO_DATA_UIO:
959 947 ret = crypto_update_uio(&des_ctx, ciphertext, plaintext,
960 948 des_decrypt_contiguous_blocks, des_copy_block64);
961 949 break;
962 950 case CRYPTO_DATA_MBLK:
963 951 ret = crypto_update_mp(&des_ctx, ciphertext, plaintext,
964 952 des_decrypt_contiguous_blocks, des_copy_block64);
965 953 break;
966 954 default:
967 955 ret = CRYPTO_ARGUMENTS_BAD;
968 956 }
969 957
970 958 if (des_ctx.dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
971 959 bzero(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
972 960 kmem_free(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
973 961 }
974 962
975 963 if (ret == CRYPTO_SUCCESS) {
976 964 ASSERT(des_ctx.dc_remainder_len == 0);
977 965 if (ciphertext != plaintext)
978 966 plaintext->cd_length =
979 967 plaintext->cd_offset - saved_offset;
980 968 } else {
981 969 plaintext->cd_length = saved_length;
982 970 }
983 971 plaintext->cd_offset = saved_offset;
984 972
985 973 /* LINTED */
986 974 return (ret);
987 975 }
988 976
989 977 /*
990 978 * KCF software provider context template entry points.
991 979 */
992 980 /* ARGSUSED */
993 981 static int
994 982 des_create_ctx_template(crypto_provider_handle_t provider,
995 983 crypto_mechanism_t *mechanism, crypto_key_t *key,
996 984 crypto_spi_ctx_template_t *tmpl, size_t *tmpl_size, crypto_req_handle_t req)
997 985 {
998 986
999 987 des_strength_t strength;
1000 988 void *keysched;
1001 989 size_t size;
1002 990 int rv;
1003 991
1004 992 switch (mechanism->cm_type) {
1005 993 case DES_ECB_MECH_INFO_TYPE:
1006 994 strength = DES;
1007 995 break;
1008 996 case DES_CBC_MECH_INFO_TYPE:
1009 997 strength = DES;
1010 998 break;
1011 999 case DES3_ECB_MECH_INFO_TYPE:
1012 1000 strength = DES3;
1013 1001 break;
1014 1002 case DES3_CBC_MECH_INFO_TYPE:
1015 1003 strength = DES3;
1016 1004 break;
1017 1005 default:
1018 1006 return (CRYPTO_MECHANISM_INVALID);
1019 1007 }
1020 1008
1021 1009 if ((keysched = des_alloc_keysched(&size, strength,
1022 1010 crypto_kmflag(req))) == NULL) {
1023 1011 return (CRYPTO_HOST_MEMORY);
1024 1012 }
1025 1013
1026 1014 /*
1027 1015 * Initialize key schedule. Key length information is stored
1028 1016 * in the key.
1029 1017 */
1030 1018 if ((rv = init_keysched(key, keysched, strength)) != CRYPTO_SUCCESS) {
1031 1019 bzero(keysched, size);
1032 1020 kmem_free(keysched, size);
1033 1021 return (rv);
1034 1022 }
1035 1023
1036 1024 *tmpl = keysched;
1037 1025 *tmpl_size = size;
1038 1026
1039 1027 return (CRYPTO_SUCCESS);
1040 1028 }
1041 1029
1042 1030 /* ARGSUSED */
1043 1031 static int
1044 1032 des_free_context(crypto_ctx_t *ctx)
1045 1033 {
1046 1034 des_ctx_t *des_ctx = ctx->cc_provider_private;
1047 1035
1048 1036 if (des_ctx != NULL) {
1049 1037 if (des_ctx->dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
1050 1038 ASSERT(des_ctx->dc_keysched_len != 0);
1051 1039 bzero(des_ctx->dc_keysched, des_ctx->dc_keysched_len);
1052 1040 kmem_free(des_ctx->dc_keysched,
1053 1041 des_ctx->dc_keysched_len);
1054 1042 }
1055 1043 crypto_free_mode_ctx(des_ctx);
1056 1044 ctx->cc_provider_private = NULL;
1057 1045 }
1058 1046
1059 1047 return (CRYPTO_SUCCESS);
1060 1048 }
1061 1049
1062 1050 /*
1063 1051 * Pass it to des_keycheck() which will
1064 1052 * fix it (parity bits), and check if the fixed key is weak.
1065 1053 */
1066 1054 /* ARGSUSED */
1067 1055 static int
1068 1056 des_key_check(crypto_provider_handle_t pd, crypto_mechanism_t *mech,
1069 1057 crypto_key_t *key)
1070 1058 {
1071 1059 int expectedkeylen;
1072 1060 des_strength_t strength;
1073 1061 uint8_t keydata[DES3_MAX_KEY_LEN];
1074 1062
1075 1063 if ((mech == NULL) || (key == NULL))
1076 1064 return (CRYPTO_ARGUMENTS_BAD);
1077 1065
1078 1066 switch (mech->cm_type) {
1079 1067 case DES_ECB_MECH_INFO_TYPE:
1080 1068 case DES_CBC_MECH_INFO_TYPE:
1081 1069 expectedkeylen = DES_MINBITS;
1082 1070 strength = DES;
1083 1071 break;
1084 1072 case DES3_ECB_MECH_INFO_TYPE:
1085 1073 case DES3_CBC_MECH_INFO_TYPE:
1086 1074 expectedkeylen = DES3_MAXBITS;
1087 1075 strength = DES3;
1088 1076 break;
1089 1077 default:
1090 1078 return (CRYPTO_MECHANISM_INVALID);
1091 1079 }
1092 1080
1093 1081 if (key->ck_format != CRYPTO_KEY_RAW)
1094 1082 return (CRYPTO_KEY_TYPE_INCONSISTENT);
1095 1083
1096 1084 if (key->ck_length != expectedkeylen)
1097 1085 return (CRYPTO_KEY_SIZE_RANGE);
1098 1086
1099 1087 bcopy(key->ck_data, keydata, CRYPTO_BITS2BYTES(expectedkeylen));
1100 1088
1101 1089 if (des_keycheck(keydata, strength, key->ck_data) == B_FALSE)
1102 1090 return (CRYPTO_WEAK_KEY);
1103 1091
1104 1092 return (CRYPTO_SUCCESS);
1105 1093 }
1106 1094
1107 1095 /* ARGSUSED */
1108 1096 static int
1109 1097 des_common_init_ctx(des_ctx_t *des_ctx, crypto_spi_ctx_template_t *template,
1110 1098 crypto_mechanism_t *mechanism, crypto_key_t *key, des_strength_t strength,
1111 1099 int kmflag)
1112 1100 {
1113 1101 int rv = CRYPTO_SUCCESS;
1114 1102
1115 1103 void *keysched;
1116 1104 size_t size;
1117 1105
1118 1106 if (template == NULL) {
1119 1107 if ((keysched = des_alloc_keysched(&size, strength,
1120 1108 kmflag)) == NULL)
1121 1109 return (CRYPTO_HOST_MEMORY);
1122 1110 /*
1123 1111 * Initialize key schedule.
1124 1112 * Key length is stored in the key.
1125 1113 */
1126 1114 if ((rv = init_keysched(key, keysched,
1127 1115 strength)) != CRYPTO_SUCCESS)
1128 1116 kmem_free(keysched, size);
1129 1117
1130 1118 des_ctx->dc_flags |= PROVIDER_OWNS_KEY_SCHEDULE;
1131 1119 des_ctx->dc_keysched_len = size;
1132 1120 } else {
1133 1121 keysched = template;
1134 1122 }
1135 1123 des_ctx->dc_keysched = keysched;
1136 1124
1137 1125 if (strength == DES3) {
1138 1126 des_ctx->dc_flags |= DES3_STRENGTH;
1139 1127 }
1140 1128
1141 1129 switch (mechanism->cm_type) {
1142 1130 case DES_CBC_MECH_INFO_TYPE:
1143 1131 case DES3_CBC_MECH_INFO_TYPE:
1144 1132 rv = cbc_init_ctx((cbc_ctx_t *)des_ctx, mechanism->cm_param,
1145 1133 mechanism->cm_param_len, DES_BLOCK_LEN, des_copy_block64);
1146 1134 break;
1147 1135 case DES_ECB_MECH_INFO_TYPE:
1148 1136 case DES3_ECB_MECH_INFO_TYPE:
1149 1137 des_ctx->dc_flags |= ECB_MODE;
1150 1138 }
1151 1139
1152 1140 if (rv != CRYPTO_SUCCESS) {
1153 1141 if (des_ctx->dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
1154 1142 bzero(keysched, size);
1155 1143 kmem_free(keysched, size);
1156 1144 }
1157 1145 }
1158 1146
1159 1147 return (rv);
1160 1148 }
|
↓ open down ↓ |
904 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX