diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2002-03-02 19:15:12 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2002-03-02 19:15:12 +0000 |
commit | 1b22c817a8cfab92b48aaa68598b1c58d3b91dbd (patch) | |
tree | 3e4eb7378107ac973485752c478d61ed25fe2f30 | |
parent | 06ddcd92881ed39834be90d247e41ca803db55a9 (diff) |
initial cut at crypto_sop definitions for symmetric crypto
-rw-r--r-- | sys/crypto/cryptodev.h | 155 |
1 files changed, 33 insertions, 122 deletions
diff --git a/sys/crypto/cryptodev.h b/sys/crypto/cryptodev.h index 9c108f1f399..bef8a588a8f 100644 --- a/sys/crypto/cryptodev.h +++ b/sys/crypto/cryptodev.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptodev.h,v 1.19 2002/03/01 02:50:02 provos Exp $ */ +/* $OpenBSD: cryptodev.h,v 1.20 2002/03/02 19:15:11 deraadt Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -106,123 +106,8 @@ #define CRYPTO_ALG_FLAG_RNG_ENABLE 0x00000002 /* Has HW RNG for DH/DSA */ #define CRYPTO_ALG_FLAG_DSA_SHA 0x00000004 /* Can do SHA on msg */ -#define SYMMETRIC 0 -#define PUBLIC_KEY 1 - -/* - * Diffie-Hellman structure which defines fields needed to operate on the - * input. Should be passed in the cryptoini->cri_key field. - */ -struct DH_key { - /* - * CRYPTO_DH_SEND - Enable or disable the random number generator. - * If disabled, private key and length should be stored in - * DH_buf; otherwise only the length is needed and the generated - * private key is stored in DH_buf->priv_key. - */ - - /* Length of key-related variables */ - u_int16_t dhk_gen_length; /* SEND - generator length */ - u_int16_t dhk_mod_length; /* SEND/RECEIVE - modulus length */ - - /* Input/output buffers for key generation */ - caddr_t dhk_generator; /* SEND - generator to use */ - caddr_t dhk_modulus; /* SEND/RECEIVE - modulus to use */ -}; - -/* - * These are inputs for DH processing - the private keys and public - * keys are stored here because For DH-Send, if RNG_ENABLE, the - * private key does not have to be provided. Should be passed to the - * cryptop->crp_buf. - */ -struct DH_buf { - /* Length of variables */ - u_int16_t dh_public_key_length; /* SEND/RECEIVE - public value len */ - u_int16_t dh_ss_key_length; /* RECEIVE - shared secret key len */ - u_int16_t dh_priv_key_length; /* SEND/RECEIVE - Private key length */ - - /* Input/output buffers */ - caddr_t dh_priv_key; /* - * Buffer for private key the private key - * buffer is placed here because it can - * be both an input and an output. If this - * is left empty, the crypto framework or - * the underlying hardware will provide it for - * SEND. Must be present on RECEIVE. - */ - caddr_t dh_pub_key; /* SEND/RECEIVE - I/O buffer for public key */ - caddr_t dh_ss_key; /* RECEIVE - output buffer for shared secret key */ -}; - -/* - * RSA structure which defines fields needed to operate on the input. - * Should be passed to the cryptoini->cri_key field. - */ -struct RSA_key { - /* Length of variables (in bits) */ - u_int16_t rsak_exponent_length; /* Length of exponent (e) */ - u_int16_t rsak_mod_length; /* Length of modulus */ - u_int16_t rsak_p_length; /* Length of p */ - u_int16_t rsak_q_length; /* Length of q */ - u_int16_t rsak_dp_length; /* Length of CRT dp */ - u_int16_t rsak_dq_length; /* Length of CRT dq */ - u_int16_t rsak_qinv_length; /* Length of CRT qinv */ - - /* Input/output buffers */ - caddr_t rsak_exponent; - caddr_t rsak_modulus; - caddr_t rsak_p; - caddr_t rsak_q; - caddr_t rsak_dp; - caddr_t rsak_dq; - caddr_t rsak_qinv; -}; - -/* - * These are inputs for RSA processing - they are the data buffers for - * the input and output message. Should be passed through cryptop->crp_buf. - */ -struct RSA_buf { - u_int16_t rsa_in_buf_length; /* Length of input buffer */ - u_int16_t rsa_out_buf_length; /* Length of output buffer */ - - caddr_t rsa_in_buf; /* Input message buffer */ - caddr_t rsa_out_buf; /* Output message buffer */ -}; - -/* - * DSA structure which defines fields needed to operate on the input. - * Should be passed to the cyprtonini->cri_key field. - */ -struct DSA_key { - u_int16_t dsak_p_length; /* Length of modulus p */ - - caddr_t dsak_generator; /* Generator to use, dsak_p_length */ - caddr_t dsak_mod_q; /* Modulus q to use, 160 bits */ - caddr_t dsak_mod_p; /* Modulus p to use, dsak_p_length */ - caddr_t dsak_pub_key; /* VERIFY - public key, dsak_p_length */ - caddr_t dsak_priv_key; /* SIGN - private key, 160 bits */ -}; - -/* - * DSA structure which defines the input and output buffers. - * Should be passed to the cryptop->crp_buf field. - */ -struct DSA_buf { - u_int16_t dsa_msg_len; /* Message length */ - - /* r,s,v are all 160 bits */ - caddr_t dsa_r_param; /* Input for VERIFY; output for SIGN */ - caddr_t dsa_s_param; /* Input for VERIFY; output for SIGN */ - caddr_t dsa_v_param; /* Output for VERIFY; should be - * compared against r_param. */ - caddr_t dsa_msg_buf; /* Message buffer (hash or message) */ - caddr_t dsa_rnd_num; /* Random value from SW, 160 bits; - * if not provided, framework will - * provide one. - */ -}; +#define SYMMETRIC 0 +#define PUBLIC_KEY 1 /* Standard initialization structure beginning */ struct cryptoini { @@ -344,16 +229,42 @@ struct crypt_op { #define CRYPTO_MAX_MAC_LEN 20 -#define COP_ENCRYPT 1 -#define COP_DECRYPT 2 -/* #define COP_SETKEY 3 */ -/* #define COP_GETKEY 4 */ +/* bignum parameter, in packed bytes, ... */ +struct crparam { + caddr_t crp_p; + u_int crp_nbits; +}; + +#define CRS_MAXPARAM 8 +struct crypt_sop { + u_int crs_op; /* ie. CRS_RSA_MOD_EXP or other */ + u_int crs_iparams; /* # of input parameters */ + u_int crs_oparams; /* # of output parameters */ + u_int crs_status; + struct crparam crs_param[CRS_MAXPARAM]; +}; +#define CRS_RSA_MOD_EXP 0 +#define CRS_MOD_EXP 1 +#define CRS_RSA_MOD_EXP_CRT 2 +#define CRS_DSA_SIGN 3 +#define CRS_DSA_VERIFY 4 +#define CRS_DH_COMPUTE_KEY 5 #define CRIOGET _IOWR('c', 100, u_int32_t) #define CIOCGSESSION _IOWR('c', 101, struct session_op) #define CIOCFSESSION _IOW('c', 102, u_int32_t) + #define CIOCCRYPT _IOWR('c', 103, struct crypt_op) +#define COP_ENCRYPT 1 +#define COP_DECRYPT 2 + +#define CIOCSYMMETRIC _IOWR('c', 104, struct crypt_sop) + +#define CIOCSYMFEAT _IOR('c', 105, u_int32_t) +#define CRSFEAT_RSA 0x00000001 /* supports all basic RSA ops */ +#define CRSFEAT_DSA 0x00000002 /* supports all basic DSA ops */ +#define CRSFEAT_DH 0x00000004 /* supports all basic DH ops */ #ifdef _KERNEL int crypto_check_alg(struct cryptoini *); |