diff options
| author | ben <ben@cvs.openbsd.org> | 2001-08-17 17:37:13 +0000 |
|---|---|---|
| committer | ben <ben@cvs.openbsd.org> | 2001-08-17 17:37:13 +0000 |
| commit | 28b2d9097068b462496fc34c136f0f46450dc3a9 (patch) | |
| tree | 1e6c80a6c22f80eed4f35ca3dc9d01ba79c7d1c7 | |
| parent | 1752b499d786f793c3a03f398dff1e2ec31ac675 (diff) | |
Add RC4 support.
| -rw-r--r-- | sys/crypto/cryptodev.c | 23 | ||||
| -rw-r--r-- | sys/crypto/xform.c | 11 | ||||
| -rw-r--r-- | sys/crypto/xform.h | 3 | ||||
| -rw-r--r-- | sys/dev/pci/hifn7751.c | 56 | ||||
| -rw-r--r-- | sys/dev/pci/hifn7751var.h | 3 |
5 files changed, 66 insertions, 30 deletions
diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c index 0e08a2c99d2..b60d71f2c05 100644 --- a/sys/crypto/cryptodev.c +++ b/sys/crypto/cryptodev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptodev.c,v 1.20 2001/06/24 17:06:39 angelos Exp $ */ +/* $OpenBSD: cryptodev.c,v 1.21 2001/08/17 17:37:12 ben Exp $ */ /* * Copyright (c) 2001 Theo de Raadt @@ -105,7 +105,7 @@ static struct fileops cryptofops = { struct csession *csefind(struct fcrypt *, u_int); int csedelete(struct fcrypt *, struct csession *); struct csession *cseadd(struct fcrypt *, struct csession *); -struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, caddr_t, u_int32_t, +struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t, u_int64_t, caddr_t, u_int32_t, u_int32_t, struct enc_xform *, struct auth_hash *); void csefree(struct csession *); @@ -176,6 +176,9 @@ cryptof_ioctl(fp, cmd, data, p) case CRYPTO_AES_CBC: txform = &enc_xform_rijndael128; break; + case CRYPTO_ARC4: + txform = &enc_xform_arc4; + break; default: return (EINVAL); } @@ -202,7 +205,8 @@ cryptof_ioctl(fp, cmd, data, p) if (txform) { crie.cri_alg = txform->type; crie.cri_klen = sop->keylen * 8; - if (sop->keylen != txform->maxkey) { + if (sop->keylen > txform->maxkey + || sop->keylen < txform->minkey) { error = EINVAL; goto bail; } @@ -242,8 +246,8 @@ bail: return (error); } - cse = csecreate(fcr, sid, crie.cri_key, cria.cri_key, - sop->cipher, sop->mac, txform, thash); + cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen, + cria.cri_key, sop->cipher, sop->mac, txform, thash); sop->ses = cse->ses; break; case CIOCFSESSION: @@ -354,11 +358,17 @@ crypto_op(struct csession *cse, struct crypt_op *cop, struct proc *p) error = EINVAL; goto bail; } + if (cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ + error = EINVAL; + goto bail; + } if ((error = copyin(cop->iv, cse->tmp_iv, cse->txform->blocksize))) goto bail; bcopy(cse->tmp_iv, crde->crd_iv, cse->txform->blocksize); crde->crd_flags |= CRD_F_IV_EXPLICIT | CRD_F_IV_PRESENT; crde->crd_skip = 0; + } else if(cse->cipher == CRYPTO_ARC4) { /* XXX use flag? */ + crde->crd_skip = 0; } else { crde->crd_flags |= CRD_F_IV_PRESENT; crde->crd_skip = cse->txform->blocksize; @@ -587,7 +597,7 @@ cseadd(struct fcrypt *fcr, struct csession *cse) } struct csession * -csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, caddr_t mackey, +csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen, caddr_t mackey, u_int32_t cipher, u_int32_t mac, struct enc_xform *txform, struct auth_hash *thash) { @@ -596,6 +606,7 @@ csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, caddr_t mackey, MALLOC(cse, struct csession *, sizeof(struct csession), M_XDATA, M_NOWAIT); cse->key = key; + cse->keylen = keylen/8; cse->mackey = mackey; cse->sid = sid; cse->cipher = cipher; diff --git a/sys/crypto/xform.c b/sys/crypto/xform.c index c431cff0ea3..9ebb2063f85 100644 --- a/sys/crypto/xform.c +++ b/sys/crypto/xform.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xform.c,v 1.13 2001/08/08 15:12:09 jjbg Exp $ */ +/* $OpenBSD: xform.c,v 1.14 2001/08/17 17:37:12 ben Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -147,6 +147,15 @@ struct enc_xform enc_xform_rijndael128 = { rijndael128_zerokey, }; +struct enc_xform enc_xform_arc4 = { + CRYPTO_ARC4, "ARC4", + 1, 1, 32, + NULL, + NULL, + NULL, + NULL, +}; + /* Authentication instances */ struct auth_hash auth_hash_hmac_md5_96 = { CRYPTO_MD5_HMAC, "HMAC-MD5", diff --git a/sys/crypto/xform.h b/sys/crypto/xform.h index 40fcf69cad6..788d6a5da0b 100644 --- a/sys/crypto/xform.h +++ b/sys/crypto/xform.h @@ -1,4 +1,4 @@ -/* $OpenBSD: xform.h,v 1.6 2001/07/05 08:26:04 jjbg Exp $ */ +/* $OpenBSD: xform.h,v 1.7 2001/08/17 17:37:12 ben Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -72,6 +72,7 @@ extern struct enc_xform enc_xform_blf; extern struct enc_xform enc_xform_cast5; extern struct enc_xform enc_xform_skipjack; extern struct enc_xform enc_xform_rijndael128; +extern struct enc_xform enc_xform_arc4; extern struct auth_hash auth_hash_key_md5; extern struct auth_hash auth_hash_key_sha1; diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c index 71a4ead2c6f..992392ac238 100644 --- a/sys/dev/pci/hifn7751.c +++ b/sys/dev/pci/hifn7751.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hifn7751.c,v 1.93 2001/08/15 16:59:00 jason Exp $ */ +/* $OpenBSD: hifn7751.c,v 1.94 2001/08/17 17:37:12 ben Exp $ */ /* * Invertex AEON / Hifn 7751 driver @@ -288,6 +288,8 @@ hifn_attach(parent, self, aux) case HIFN_PUSTAT_ENA_2: crypto_register(sc->sc_cid, CRYPTO_3DES_CBC, 0, 0, hifn_newsession, hifn_freesession, hifn_process); + crypto_register(sc->sc_cid, CRYPTO_ARC4, 0, 0, + hifn_newsession, hifn_freesession, hifn_process); /*FALLTHROUGH*/ case HIFN_PUSTAT_ENA_1: crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0, @@ -1680,6 +1682,11 @@ hifn_process(crp) switch (enccrd->crd_alg) { case CRYPTO_ARC4: cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_RC4; + if ((enccrd->crd_flags & CRD_F_ENCRYPT) + != sc->sc_sessions[session].hs_prev_op) + sc->sc_sessions[session].hs_flags=1; + sc->sc_sessions[session].hs_prev_op=enccrd->crd_flags + & CRD_F_ENCRYPT; break; case CRYPTO_DES_CBC: cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES | @@ -1695,32 +1702,39 @@ hifn_process(crp) err = EINVAL; goto errout; } - if (enccrd->crd_flags & CRD_F_ENCRYPT) { - if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) - bcopy(enccrd->crd_iv, cmd->iv, HIFN_IV_LENGTH); - else - bcopy(sc->sc_sessions[session].hs_iv, - cmd->iv, HIFN_IV_LENGTH); - - if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) { - if (crp->crp_flags & CRYPTO_F_IMBUF) - m_copyback(cmd->srcu.src_m, + if (enccrd->crd_alg != CRYPTO_ARC4) { + if (enccrd->crd_flags & CRD_F_ENCRYPT) { + if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) + bcopy(enccrd->crd_iv, cmd->iv, + HIFN_IV_LENGTH); + else + bcopy(sc->sc_sessions[session].hs_iv, + cmd->iv, HIFN_IV_LENGTH); + + if ((enccrd->crd_flags & CRD_F_IV_PRESENT) + == 0) { + if (crp->crp_flags & CRYPTO_F_IMBUF) + m_copyback(cmd->srcu.src_m, + enccrd->crd_inject, + HIFN_IV_LENGTH, cmd->iv); + else if (crp->crp_flags & CRYPTO_F_IOV) + cuio_copyback(cmd->srcu.src_io, + enccrd->crd_inject, + HIFN_IV_LENGTH, cmd->iv); + } + } else { + if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) + bcopy(enccrd->crd_iv, cmd->iv, + HIFN_IV_LENGTH); + else if (crp->crp_flags & CRYPTO_F_IMBUF) + m_copydata(cmd->srcu.src_m, enccrd->crd_inject, HIFN_IV_LENGTH, cmd->iv); else if (crp->crp_flags & CRYPTO_F_IOV) - cuio_copyback(cmd->srcu.src_io, + cuio_copydata(cmd->srcu.src_io, enccrd->crd_inject, HIFN_IV_LENGTH, cmd->iv); } - } else { - if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) - bcopy(enccrd->crd_iv, cmd->iv, HIFN_IV_LENGTH); - else if (crp->crp_flags & CRYPTO_F_IMBUF) - m_copydata(cmd->srcu.src_m, enccrd->crd_inject, - HIFN_IV_LENGTH, cmd->iv); - else if (crp->crp_flags & CRYPTO_F_IOV) - cuio_copydata(cmd->srcu.src_io, enccrd->crd_inject, - HIFN_IV_LENGTH, cmd->iv); } cmd->ck = enccrd->crd_key; diff --git a/sys/dev/pci/hifn7751var.h b/sys/dev/pci/hifn7751var.h index 239a2c64830..264b81d4a6b 100644 --- a/sys/dev/pci/hifn7751var.h +++ b/sys/dev/pci/hifn7751var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hifn7751var.h,v 1.32 2001/08/11 06:40:35 jason Exp $ */ +/* $OpenBSD: hifn7751var.h,v 1.33 2001/08/17 17:37:12 ben Exp $ */ /* * Invertex AEON / Hifn 7751 driver @@ -98,6 +98,7 @@ struct hifn_dma { struct hifn_session { int hs_flags; + int hs_prev_op; /* XXX collapse into hs_flags? */ u_int8_t hs_iv[HIFN_IV_LENGTH]; }; |