summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason Wright <jason@cvs.openbsd.org>2001-08-27 18:54:57 +0000
committerJason Wright <jason@cvs.openbsd.org>2001-08-27 18:54:57 +0000
commitd70b558e313d3877eaf23f48eb1c124e03e05ef9 (patch)
tree2256d6c6b67aa571c712d177a673d23b00776518
parent216a0c623c400b53e0b1f5be1ec88b64be67d620 (diff)
initial support for non-HMAC md5/sha1 (work by ben@ and myself)
-rw-r--r--sys/dev/pci/hifn7751.c75
-rw-r--r--sys/dev/pci/hifn7751reg.h6
2 files changed, 61 insertions, 20 deletions
diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c
index 575b35a25ee..003a0d18420 100644
--- a/sys/dev/pci/hifn7751.c
+++ b/sys/dev/pci/hifn7751.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hifn7751.c,v 1.98 2001/08/25 10:13:29 art Exp $ */
+/* $OpenBSD: hifn7751.c,v 1.99 2001/08/27 18:54:56 jason Exp $ */
/*
* Invertex AEON / Hifn 7751 driver
@@ -291,6 +291,10 @@ hifn_attach(parent, self, aux)
hifn_newsession, hifn_freesession, hifn_process);
/*FALLTHROUGH*/
case HIFN_PUSTAT_ENA_1:
+ crypto_register(sc->sc_cid, CRYPTO_MD5, 0, 0,
+ hifn_newsession, hifn_freesession, hifn_process);
+ crypto_register(sc->sc_cid, CRYPTO_SHA1, 0, 0,
+ NULL, NULL, NULL);
crypto_register(sc->sc_cid, CRYPTO_MD5_HMAC, 0, 0,
hifn_newsession, hifn_freesession, hifn_process);
crypto_register(sc->sc_cid, CRYPTO_SHA1_HMAC, 0, 0,
@@ -1541,6 +1545,8 @@ hifn_newsession(sidp, cri)
for (c = cri; c != NULL; c = c->cri_next) {
switch (c->cri_alg) {
+ case CRYPTO_MD5:
+ case CRYPTO_SHA1:
case CRYPTO_MD5_HMAC:
case CRYPTO_SHA1_HMAC:
if (mac)
@@ -1651,7 +1657,9 @@ hifn_process(crp)
if (crd2 == NULL) {
if (crd1->crd_alg == CRYPTO_MD5_HMAC ||
- crd1->crd_alg == CRYPTO_SHA1_HMAC) {
+ crd1->crd_alg == CRYPTO_SHA1_HMAC ||
+ crd1->crd_alg == CRYPTO_SHA1 ||
+ crd1->crd_alg == CRYPTO_MD5) {
maccrd = crd1;
enccrd = NULL;
} else if (crd1->crd_alg == CRYPTO_DES_CBC ||
@@ -1667,7 +1675,9 @@ hifn_process(crp)
}
} else {
if ((crd1->crd_alg == CRYPTO_MD5_HMAC ||
- crd1->crd_alg == CRYPTO_SHA1_HMAC) &&
+ crd1->crd_alg == CRYPTO_SHA1_HMAC ||
+ crd1->crd_alg == CRYPTO_MD5 ||
+ crd1->crd_alg == CRYPTO_SHA1) &&
(crd2->crd_alg == CRYPTO_DES_CBC ||
crd2->crd_alg == CRYPTO_3DES_CBC ||
crd2->crd_alg == CRYPTO_ARC4) &&
@@ -1679,7 +1689,9 @@ hifn_process(crp)
crd1->crd_alg == CRYPTO_ARC4 ||
crd1->crd_alg == CRYPTO_3DES_CBC) &&
(crd2->crd_alg == CRYPTO_MD5_HMAC ||
- crd2->crd_alg == CRYPTO_SHA1_HMAC) &&
+ crd2->crd_alg == CRYPTO_SHA1_HMAC ||
+ crd2->crd_alg == CRYPTO_MD5 ||
+ crd2->crd_alg == CRYPTO_SHA1) &&
(crd1->crd_flags & CRD_F_ENCRYPT)) {
enccrd = crd1;
maccrd = crd2;
@@ -1762,16 +1774,33 @@ hifn_process(crp)
if (maccrd) {
cmd->maccrd = maccrd;
cmd->base_masks |= HIFN_BASE_CMD_MAC;
- cmd->mac_masks |= HIFN_MAC_CMD_RESULT |
- HIFN_MAC_CMD_MODE_HMAC | HIFN_MAC_CMD_RESULT |
- HIFN_MAC_CMD_POS_IPSEC | HIFN_MAC_CMD_TRUNC;
- if (maccrd->crd_alg == CRYPTO_MD5_HMAC)
- cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5;
- else
- cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1;
+ switch (maccrd->crd_alg) {
+ case CRYPTO_MD5:
+ cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
+ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
+ HIFN_MAC_CMD_POS_IPSEC;
+ break;
+ case CRYPTO_MD5_HMAC:
+ cmd->mac_masks |= HIFN_MAC_CMD_ALG_MD5 |
+ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
+ HIFN_MAC_CMD_POS_IPSEC | HIFN_MAC_CMD_TRUNC;
+ break;
+ case CRYPTO_SHA1:
+ cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1 |
+ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HASH |
+ HIFN_MAC_CMD_POS_IPSEC;
+ break;
+ case CRYPTO_SHA1_HMAC:
+ cmd->mac_masks |= HIFN_MAC_CMD_ALG_SHA1 |
+ HIFN_MAC_CMD_RESULT | HIFN_MAC_CMD_MODE_HMAC |
+ HIFN_MAC_CMD_POS_IPSEC | HIFN_MAC_CMD_TRUNC;
+ break;
+ }
- if (sc->sc_sessions[session].hs_state == HS_STATE_USED) {
+ if ((maccrd->crd_alg == CRYPTO_SHA1_HMAC ||
+ maccrd->crd_alg == CRYPTO_MD5_HMAC) &&
+ sc->sc_sessions[session].hs_state == HS_STATE_USED) {
cmd->mac_masks |= HIFN_MAC_CMD_NEW_KEY;
bcopy(maccrd->crd_key, cmd->mac, maccrd->crd_klen >> 3);
bzero(cmd->mac + (maccrd->crd_klen >> 3),
@@ -1785,8 +1814,9 @@ hifn_process(crp)
err = hifn_crypto(sc, cmd, crp);
if (!err) {
- sc->sc_sessions[session].hs_prev_op=enccrd->crd_flags
- & CRD_F_ENCRYPT;
+ if(enccrd)
+ sc->sc_sessions[session].hs_prev_op=enccrd->crd_flags
+ & CRD_F_ENCRYPT;
if (sc->sc_sessions[session].hs_state == HS_STATE_USED)
sc->sc_sessions[session].hs_state = HS_STATE_KEY;
return 0;
@@ -1935,14 +1965,23 @@ hifn_callback(sc, cmd, macbuf)
if (macbuf != NULL) {
for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
- if (crd->crd_alg != CRYPTO_MD5_HMAC &&
- crd->crd_alg != CRYPTO_SHA1_HMAC)
+ int len;
+
+ if (crd->crd_alg == CRYPTO_MD5)
+ len = 16;
+ else if (crd->crd_alg == CRYPTO_SHA1)
+ len = 20;
+ else if (crd->crd_alg == CRYPTO_MD5_HMAC ||
+ crd->crd_alg == CRYPTO_SHA1_HMAC)
+ len = 12;
+ else
continue;
+
if (crp->crp_flags & CRYPTO_F_IMBUF)
m_copyback((struct mbuf *)crp->crp_buf,
- crd->crd_inject, 12, macbuf);
+ crd->crd_inject, len, macbuf);
else if ((crp->crp_flags & CRYPTO_F_IOV) && crp->crp_mac)
- bcopy((caddr_t)macbuf, crp->crp_mac, 12);
+ bcopy((caddr_t)macbuf, crp->crp_mac, len);
break;
}
}
diff --git a/sys/dev/pci/hifn7751reg.h b/sys/dev/pci/hifn7751reg.h
index 36afd712418..a84a30000d2 100644
--- a/sys/dev/pci/hifn7751reg.h
+++ b/sys/dev/pci/hifn7751reg.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hifn7751reg.h,v 1.29 2001/08/08 03:11:47 jason Exp $ */
+/* $OpenBSD: hifn7751reg.h,v 1.30 2001/08/27 18:54:56 jason Exp $ */
/*
* Invertex AEON / Hifn 7751 driver
@@ -384,8 +384,10 @@ typedef struct hifn_mac_command {
#define HIFN_MAC_CMD_ALG_MASK 0x0001
#define HIFN_MAC_CMD_ALG_SHA1 0x0000
#define HIFN_MAC_CMD_ALG_MD5 0x0001
-#define HIFN_MAC_CMD_MODE_MASK 0x0004
+#define HIFN_MAC_CMD_MODE_MASK 0x000c
#define HIFN_MAC_CMD_MODE_HMAC 0x0000
+#define HIFN_MAC_CMD_MODE_SSL_MAC 0x0004
+#define HIFN_MAC_CMD_MODE_HASH 0x0008
#define HIFN_MAC_CMD_MODE_FULL 0x0004
#define HIFN_MAC_CMD_TRUNC 0x0010
#define HIFN_MAC_CMD_RESULT 0x0020