search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / usr / src / common / crypto / modes / modes.h
blob26f3b37b0ee3c572193407807b20def9b1d29513
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #ifndef _COMMON_CRYPTO_MODES_H
27 #define _COMMON_CRYPTO_MODES_H
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 #include <sys/strsun.h>
34 #include <sys/systm.h>
35 #include <sys/sysmacros.h>
36 #include <sys/types.h>
37 #include <sys/errno.h>
38 #include <sys/rwlock.h>
39 #include <sys/kmem.h>
40 #include <sys/crypto/common.h>
41 #include <sys/crypto/impl.h>
42
43 #define ECB_MODE 0x00000002
44 #define CBC_MODE 0x00000004
45 #define CTR_MODE 0x00000008
46 #define CCM_MODE 0x00000010
47 #define GCM_MODE 0x00000020
48 #define GMAC_MODE 0x00000040
49
50 /*
51 * cc_keysched: Pointer to key schedule.
52 *
53 * cc_keysched_len: Length of the key schedule.
54 *
55 * cc_remainder: This is for residual data, i.e. data that can't
56 * be processed because there are too few bytes.
57 * Must wait until more data arrives.
58 *
59 * cc_remainder_len: Number of bytes in cc_remainder.
60 *
61 * cc_iv: Scratch buffer that sometimes contains the IV.
62 *
63 * cc_lastp: Pointer to previous block of ciphertext.
64 *
65 * cc_copy_to: Pointer to where encrypted residual data needs
66 * to be copied.
67 *
68 * cc_flags: PROVIDER_OWNS_KEY_SCHEDULE
69 * When a context is freed, it is necessary
70 * to know whether the key schedule was allocated
71 * by the caller, or internally, e.g. an init routine.
72 * If allocated by the latter, then it needs to be freed.
73 *
74 * ECB_MODE, CBC_MODE, CTR_MODE, or CCM_MODE
75 */
76 struct common_ctx {
77 void *cc_keysched;
78 size_t cc_keysched_len;
79 uint64_t cc_iv[2];
80 uint64_t cc_remainder[2];
81 size_t cc_remainder_len;
82 uint8_t *cc_lastp;
83 uint8_t *cc_copy_to;
84 uint32_t cc_flags;
85 };
86
87 typedef struct common_ctx common_ctx_t;
88
89 typedef struct ecb_ctx {
90 struct common_ctx ecb_common;
91 uint64_t ecb_lastblock[2];
92 } ecb_ctx_t;
93
94 #define ecb_keysched ecb_common.cc_keysched
95 #define ecb_keysched_len ecb_common.cc_keysched_len
96 #define ecb_iv ecb_common.cc_iv
97 #define ecb_remainder ecb_common.cc_remainder
98 #define ecb_remainder_len ecb_common.cc_remainder_len
99 #define ecb_lastp ecb_common.cc_lastp
100 #define ecb_copy_to ecb_common.cc_copy_to
101 #define ecb_flags ecb_common.cc_flags
102
103 typedef struct cbc_ctx {
104 struct common_ctx cbc_common;
105 uint64_t cbc_lastblock[2];
106 } cbc_ctx_t;
107
108 #define cbc_keysched cbc_common.cc_keysched
109 #define cbc_keysched_len cbc_common.cc_keysched_len
110 #define cbc_iv cbc_common.cc_iv
111 #define cbc_remainder cbc_common.cc_remainder
112 #define cbc_remainder_len cbc_common.cc_remainder_len
113 #define cbc_lastp cbc_common.cc_lastp
114 #define cbc_copy_to cbc_common.cc_copy_to
115 #define cbc_flags cbc_common.cc_flags
116
117 /*
118 * ctr_lower_mask Bit-mask for lower 8 bytes of counter block.
119 * ctr_upper_mask Bit-mask for upper 8 bytes of counter block.
120 */
121 typedef struct ctr_ctx {
122 struct common_ctx ctr_common;
123 uint64_t ctr_lower_mask;
124 uint64_t ctr_upper_mask;
125 uint32_t ctr_tmp[4];
126 } ctr_ctx_t;
127
128 /*
129 * ctr_cb Counter block.
130 */
131 #define ctr_keysched ctr_common.cc_keysched
132 #define ctr_keysched_len ctr_common.cc_keysched_len
133 #define ctr_cb ctr_common.cc_iv
134 #define ctr_remainder ctr_common.cc_remainder
135 #define ctr_remainder_len ctr_common.cc_remainder_len
136 #define ctr_lastp ctr_common.cc_lastp
137 #define ctr_copy_to ctr_common.cc_copy_to
138 #define ctr_flags ctr_common.cc_flags
139
140 /*
141 *
142 * ccm_mac_len: Stores length of the MAC in CCM mode.
143 * ccm_mac_buf: Stores the intermediate value for MAC in CCM encrypt.
144 * In CCM decrypt, stores the input MAC value.
145 * ccm_data_len: Length of the plaintext for CCM mode encrypt, or
146 * length of the ciphertext for CCM mode decrypt.
147 * ccm_processed_data_len:
148 * Length of processed plaintext in CCM mode encrypt,
149 * or length of processed ciphertext for CCM mode decrypt.
150 * ccm_processed_mac_len:
151 * Length of MAC data accumulated in CCM mode decrypt.
152 *
153 * ccm_pt_buf: Only used in CCM mode decrypt. It stores the
154 * decrypted plaintext to be returned when
155 * MAC verification succeeds in decrypt_final.
156 * Memory for this should be allocated in the AES module.
157 *
158 */
159 typedef struct ccm_ctx {
160 struct common_ctx ccm_common;
161 uint32_t ccm_tmp[4];
162 size_t ccm_mac_len;
163 uint64_t ccm_mac_buf[2];
164 size_t ccm_data_len;
165 size_t ccm_processed_data_len;
166 size_t ccm_processed_mac_len;
167 uint8_t *ccm_pt_buf;
168 uint64_t ccm_mac_input_buf[2];
169 uint64_t ccm_counter_mask;
170 } ccm_ctx_t;
171
172 #define ccm_keysched ccm_common.cc_keysched
173 #define ccm_keysched_len ccm_common.cc_keysched_len
174 #define ccm_cb ccm_common.cc_iv
175 #define ccm_remainder ccm_common.cc_remainder
176 #define ccm_remainder_len ccm_common.cc_remainder_len
177 #define ccm_lastp ccm_common.cc_lastp
178 #define ccm_copy_to ccm_common.cc_copy_to
179 #define ccm_flags ccm_common.cc_flags
180
181 /*
182 * gcm_tag_len: Length of authentication tag.
183 *
184 * gcm_ghash: Stores output from the GHASH function.
185 *
186 * gcm_processed_data_len:
187 * Length of processed plaintext (encrypt) or
188 * length of processed ciphertext (decrypt).
189 *
190 * gcm_pt_buf: Stores the decrypted plaintext returned by
191 * decrypt_final when the computed authentication
192 * tag matches the user supplied tag.
193 *
194 * gcm_pt_buf_len: Length of the plaintext buffer.
195 *
196 * gcm_H: Subkey.
197 *
198 * gcm_J0: Pre-counter block generated from the IV.
199 *
200 * gcm_len_a_len_c: 64-bit representations of the bit lengths of
201 * AAD and ciphertext.
202 *
203 * gcm_kmflag: Current value of kmflag. Used only for allocating
204 * the plaintext buffer during decryption.
205 */
206 typedef struct gcm_ctx {
207 struct common_ctx gcm_common;
208 size_t gcm_tag_len;
209 size_t gcm_processed_data_len;
210 size_t gcm_pt_buf_len;
211 uint32_t gcm_tmp[4];
212 uint64_t gcm_ghash[2];
213 uint64_t gcm_H[2];
214 uint64_t gcm_J0[2];
215 uint64_t gcm_len_a_len_c[2];
216 uint8_t *gcm_pt_buf;
217 int gcm_kmflag;
218 } gcm_ctx_t;
219
220 #define gcm_keysched gcm_common.cc_keysched
221 #define gcm_keysched_len gcm_common.cc_keysched_len
222 #define gcm_cb gcm_common.cc_iv
223 #define gcm_remainder gcm_common.cc_remainder
224 #define gcm_remainder_len gcm_common.cc_remainder_len
225 #define gcm_lastp gcm_common.cc_lastp
226 #define gcm_copy_to gcm_common.cc_copy_to
227 #define gcm_flags gcm_common.cc_flags
228
229 #define AES_GMAC_IV_LEN 12
230 #define AES_GMAC_TAG_BITS 128
231
232 typedef struct aes_ctx {
233 union {
234 ecb_ctx_t acu_ecb;
235 cbc_ctx_t acu_cbc;
236 ctr_ctx_t acu_ctr;
237 #ifdef _KERNEL
238 ccm_ctx_t acu_ccm;
239 gcm_ctx_t acu_gcm;
240 #endif
241 } acu;
242 } aes_ctx_t;
243
244 #define ac_flags acu.acu_ecb.ecb_common.cc_flags
245 #define ac_remainder_len acu.acu_ecb.ecb_common.cc_remainder_len
246 #define ac_keysched acu.acu_ecb.ecb_common.cc_keysched
247 #define ac_keysched_len acu.acu_ecb.ecb_common.cc_keysched_len
248 #define ac_iv acu.acu_ecb.ecb_common.cc_iv
249 #define ac_lastp acu.acu_ecb.ecb_common.cc_lastp
250 #define ac_pt_buf acu.acu_ccm.ccm_pt_buf
251 #define ac_mac_len acu.acu_ccm.ccm_mac_len
252 #define ac_data_len acu.acu_ccm.ccm_data_len
253 #define ac_processed_mac_len acu.acu_ccm.ccm_processed_mac_len
254 #define ac_processed_data_len acu.acu_ccm.ccm_processed_data_len
255 #define ac_tag_len acu.acu_gcm.gcm_tag_len
256
257 typedef struct blowfish_ctx {
258 union {
259 ecb_ctx_t bcu_ecb;
260 cbc_ctx_t bcu_cbc;
261 } bcu;
262 } blowfish_ctx_t;
263
264 #define bc_flags bcu.bcu_ecb.ecb_common.cc_flags
265 #define bc_remainder_len bcu.bcu_ecb.ecb_common.cc_remainder_len
266 #define bc_keysched bcu.bcu_ecb.ecb_common.cc_keysched
267 #define bc_keysched_len bcu.bcu_ecb.ecb_common.cc_keysched_len
268 #define bc_iv bcu.bcu_ecb.ecb_common.cc_iv
269 #define bc_lastp bcu.bcu_ecb.ecb_common.cc_lastp
270
271 typedef struct des_ctx {
272 union {
273 ecb_ctx_t dcu_ecb;
274 cbc_ctx_t dcu_cbc;
275 } dcu;
276 } des_ctx_t;
277
278 #define dc_flags dcu.dcu_ecb.ecb_common.cc_flags
279 #define dc_remainder_len dcu.dcu_ecb.ecb_common.cc_remainder_len
280 #define dc_keysched dcu.dcu_ecb.ecb_common.cc_keysched
281 #define dc_keysched_len dcu.dcu_ecb.ecb_common.cc_keysched_len
282 #define dc_iv dcu.dcu_ecb.ecb_common.cc_iv
283 #define dc_lastp dcu.dcu_ecb.ecb_common.cc_lastp
284
285 extern int ecb_cipher_contiguous_blocks(ecb_ctx_t *, char *, size_t,
286 crypto_data_t *, size_t, int (*cipher)(const void *, const uint8_t *,
287 uint8_t *));
288
289 extern int cbc_encrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t,
290 crypto_data_t *, size_t,
291 int (*encrypt)(const void *, const uint8_t *, uint8_t *),
292 void (*copy_block)(uint8_t *, uint8_t *),
293 void (*xor_block)(uint8_t *, uint8_t *));
294
295 extern int cbc_decrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t,
296 crypto_data_t *, size_t,
297 int (*decrypt)(const void *, const uint8_t *, uint8_t *),
298 void (*copy_block)(uint8_t *, uint8_t *),
299 void (*xor_block)(uint8_t *, uint8_t *));
300
301 extern int ctr_mode_contiguous_blocks(ctr_ctx_t *, char *, size_t,
302 crypto_data_t *, size_t,
303 int (*cipher)(const void *, const uint8_t *, uint8_t *),
304 void (*xor_block)(uint8_t *, uint8_t *));
305
306 extern int ccm_mode_encrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t,
307 crypto_data_t *, size_t,
308 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
309 void (*copy_block)(uint8_t *, uint8_t *),
310 void (*xor_block)(uint8_t *, uint8_t *));
311
312 extern int ccm_mode_decrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t,
313 crypto_data_t *, size_t,
314 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
315 void (*copy_block)(uint8_t *, uint8_t *),
316 void (*xor_block)(uint8_t *, uint8_t *));
317
318 extern int gcm_mode_encrypt_contiguous_blocks(gcm_ctx_t *, char *, size_t,
319 crypto_data_t *, size_t,
320 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
321 void (*copy_block)(uint8_t *, uint8_t *),
322 void (*xor_block)(uint8_t *, uint8_t *));
323
324 extern int gcm_mode_decrypt_contiguous_blocks(gcm_ctx_t *, char *, size_t,
325 crypto_data_t *, size_t,
326 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
327 void (*copy_block)(uint8_t *, uint8_t *),
328 void (*xor_block)(uint8_t *, uint8_t *));
329
330 int ccm_encrypt_final(ccm_ctx_t *, crypto_data_t *, size_t,
331 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
332 void (*xor_block)(uint8_t *, uint8_t *));
333
334 int gcm_encrypt_final(gcm_ctx_t *, crypto_data_t *, size_t,
335 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
336 void (*copy_block)(uint8_t *, uint8_t *),
337 void (*xor_block)(uint8_t *, uint8_t *));
338
339 extern int ccm_decrypt_final(ccm_ctx_t *, crypto_data_t *, size_t,
340 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
341 void (*copy_block)(uint8_t *, uint8_t *),
342 void (*xor_block)(uint8_t *, uint8_t *));
343
344 extern int gcm_decrypt_final(gcm_ctx_t *, crypto_data_t *, size_t,
345 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
346 void (*xor_block)(uint8_t *, uint8_t *));
347
348 extern int ctr_mode_final(ctr_ctx_t *, crypto_data_t *,
349 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *));
350
351 extern int cbc_init_ctx(cbc_ctx_t *, char *, size_t, size_t,
352 void (*copy_block)(uint8_t *, uint64_t *));
353
354 extern int ctr_init_ctx(ctr_ctx_t *, ulong_t, uint8_t *,
355 void (*copy_block)(uint8_t *, uint8_t *));
356
357 extern int ccm_init_ctx(ccm_ctx_t *, char *, int, boolean_t, size_t,
358 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
359 void (*xor_block)(uint8_t *, uint8_t *));
360
361 extern int gcm_init_ctx(gcm_ctx_t *, char *, size_t,
362 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
363 void (*copy_block)(uint8_t *, uint8_t *),
364 void (*xor_block)(uint8_t *, uint8_t *));
365
366 extern int gmac_init_ctx(gcm_ctx_t *, char *, size_t,
367 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
368 void (*copy_block)(uint8_t *, uint8_t *),
369 void (*xor_block)(uint8_t *, uint8_t *));
370
371 extern void calculate_ccm_mac(ccm_ctx_t *, uint8_t *,
372 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *));
373
374 extern void gcm_mul(uint64_t *, uint64_t *, uint64_t *);
375
376 extern void crypto_init_ptrs(crypto_data_t *, void **, offset_t *);
377 extern void crypto_get_ptrs(crypto_data_t *, void **, offset_t *,
378 uint8_t **, size_t *, uint8_t **, size_t);
379
380 extern void *ecb_alloc_ctx(int);
381 extern void *cbc_alloc_ctx(int);
382 extern void *ctr_alloc_ctx(int);
383 extern void *ccm_alloc_ctx(int);
384 extern void *gcm_alloc_ctx(int);
385 extern void *gmac_alloc_ctx(int);
386 extern void crypto_free_mode_ctx(void *);
387 extern void gcm_set_kmflag(gcm_ctx_t *, int);
388
389 #ifdef __cplusplus
390 }
391 #endif
392
393 #endif /* _COMMON_CRYPTO_MODES_H */
unleashed repo fork