diff options
author | Jason Wright <jason@cvs.openbsd.org> | 2001-08-08 03:11:48 +0000 |
---|---|---|
committer | Jason Wright <jason@cvs.openbsd.org> | 2001-08-08 03:11:48 +0000 |
commit | bc5a05ce01e9517cf90c7fcb73e47ac4ba52ebbd (patch) | |
tree | 1f095b9fe1508f39738ed0d6713e3a45d7c0d1a7 | |
parent | 8c62487b00958daa0e1e4da1549e26e1b10b5f64 (diff) |
Initial support for RC4 operations (This probably won't work yet as
the caller of *_process() doesn't seem to initialize crd_klen correctly;
it has a zero value... still debugging...).
-rw-r--r-- | sys/dev/pci/hifn7751.c | 86 | ||||
-rw-r--r-- | sys/dev/pci/hifn7751reg.h | 6 | ||||
-rw-r--r-- | sys/dev/pci/hifn7751var.h | 3 |
3 files changed, 68 insertions, 27 deletions
diff --git a/sys/dev/pci/hifn7751.c b/sys/dev/pci/hifn7751.c index 9f263e52984..9759bd58770 100644 --- a/sys/dev/pci/hifn7751.c +++ b/sys/dev/pci/hifn7751.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hifn7751.c,v 1.88 2001/07/21 03:08:57 jason Exp $ */ +/* $OpenBSD: hifn7751.c,v 1.89 2001/08/08 03:11:46 jason Exp $ */ /* * Invertex AEON / Hifn 7751 driver @@ -1014,10 +1014,29 @@ hifn_write_command(cmd, buf) } if (using_crypt && cry_cmd->masks & HIFN_CRYPT_CMD_NEW_KEY) { - len = (cry_cmd->masks & HIFN_CRYPT_CMD_ALG_3DES) ? - HIFN_3DES_KEY_LENGTH : HIFN_DES_KEY_LENGTH; - bcopy(cmd->ck, buf_pos, len); - buf_pos += len; + switch (cry_cmd->masks & HIFN_CRYPT_CMD_ALG_MASK) { + case HIFN_CRYPT_CMD_ALG_3DES: + bcopy(cmd->ck, buf_pos, HIFN_3DES_KEY_LENGTH); + buf_pos += HIFN_3DES_KEY_LENGTH; + break; + case HIFN_CRYPT_CMD_ALG_DES: + bcopy(cmd->ck, buf_pos, HIFN_DES_KEY_LENGTH); + buf_pos += cmd->cklen; + break; + case HIFN_CRYPT_CMD_ALG_RC4: + len = 256; + do { + int clen; + + clen = MIN(cmd->cklen, len); + bcopy(cmd->ck, buf_pos, clen); + len -= clen; + buf_pos += clen; + } while (len > 0); + bzero(buf_pos, 4); + buf_pos += 4; + break; + } } if (using_crypt && cry_cmd->masks & HIFN_CRYPT_CMD_NEW_IV) { @@ -1461,26 +1480,32 @@ hifn_newsession(sidp, cri) return (ENOMEM); for (c = cri; c != NULL; c = c->cri_next) { - if (c->cri_alg == CRYPTO_MD5_HMAC || - c->cri_alg == CRYPTO_SHA1_HMAC) { + switch (c->cri_alg) { + case CRYPTO_MD5_HMAC: + case CRYPTO_SHA1_HMAC: if (mac) return (EINVAL); mac = 1; - } else if (c->cri_alg == CRYPTO_DES_CBC || - c->cri_alg == CRYPTO_3DES_CBC) { + break; + case CRYPTO_DES_CBC: + case CRYPTO_3DES_CBC: + get_random_bytes(sc->sc_sessions[i].hs_iv, + HIFN_IV_LENGTH); + /*FALLTHROUGH*/ + case CRYPTO_ARC4: if (cry) return (EINVAL); cry = 1; - } else + break; + default: return (EINVAL); - + } } if (mac == 0 && cry == 0) return (EINVAL); *sidp = HIFN_SID(sc->sc_dv.dv_unit, i); sc->sc_sessions[i].hs_flags = 1; - get_random_bytes(sc->sc_sessions[i].hs_iv, HIFN_IV_LENGTH); return (0); } @@ -1570,7 +1595,8 @@ hifn_process(crp) maccrd = crd1; enccrd = NULL; } else if (crd1->crd_alg == CRYPTO_DES_CBC || - crd1->crd_alg == CRYPTO_3DES_CBC) { + crd1->crd_alg == CRYPTO_3DES_CBC || + crd1->crd_alg == CRYPTO_ARC4) { if ((crd1->crd_flags & CRD_F_ENCRYPT) == 0) cmd->base_masks |= HIFN_BASE_CMD_DECODE; maccrd = NULL; @@ -1581,17 +1607,19 @@ hifn_process(crp) } } else { if ((crd1->crd_alg == CRYPTO_MD5_HMAC || - crd1->crd_alg == CRYPTO_SHA1_HMAC) && + crd1->crd_alg == CRYPTO_SHA1_HMAC) && (crd2->crd_alg == CRYPTO_DES_CBC || - crd2->crd_alg == CRYPTO_3DES_CBC) && + crd2->crd_alg == CRYPTO_3DES_CBC || + crd2->crd_alg == CRYPTO_ARC4) && ((crd2->crd_flags & CRD_F_ENCRYPT) == 0)) { cmd->base_masks = HIFN_BASE_CMD_DECODE; maccrd = crd1; enccrd = crd2; } else if ((crd1->crd_alg == CRYPTO_DES_CBC || + crd1->crd_alg == CRYPTO_ARC4 || crd1->crd_alg == CRYPTO_3DES_CBC) && (crd2->crd_alg == CRYPTO_MD5_HMAC || - crd2->crd_alg == CRYPTO_SHA1_HMAC) && + crd2->crd_alg == CRYPTO_SHA1_HMAC) && (crd1->crd_flags & CRD_F_ENCRYPT)) { enccrd = crd1; maccrd = crd2; @@ -1607,8 +1635,24 @@ hifn_process(crp) if (enccrd) { cmd->enccrd = enccrd; cmd->base_masks |= HIFN_BASE_CMD_CRYPT; - cmd->cry_masks |= HIFN_CRYPT_CMD_MODE_CBC | - HIFN_CRYPT_CMD_NEW_IV; + switch (enccrd->crd_alg) { + case CRYPTO_ARC4: + cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_RC4; + break; + case CRYPTO_DES_CBC: + cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES | + HIFN_CRYPT_CMD_MODE_CBC | + HIFN_CRYPT_CMD_NEW_IV; + break; + case CRYPTO_3DES_CBC: + cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_3DES | + HIFN_CRYPT_CMD_MODE_CBC | + HIFN_CRYPT_CMD_NEW_IV; + break; + default: + err = EINVAL; + goto errout; + } if (enccrd->crd_flags & CRD_F_ENCRYPT) { if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) bcopy(enccrd->crd_iv, cmd->iv, HIFN_IV_LENGTH); @@ -1637,12 +1681,8 @@ hifn_process(crp) HIFN_IV_LENGTH, cmd->iv); } - if (enccrd->crd_alg == CRYPTO_DES_CBC) - cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES; - else - cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_3DES; - cmd->ck = enccrd->crd_key; + cmd->cklen = enccrd->crd_klen >> 3; if (sc->sc_sessions[session].hs_flags == 1) cmd->cry_masks |= HIFN_CRYPT_CMD_NEW_KEY; diff --git a/sys/dev/pci/hifn7751reg.h b/sys/dev/pci/hifn7751reg.h index cd3de5b4bf3..36afd712418 100644 --- a/sys/dev/pci/hifn7751reg.h +++ b/sys/dev/pci/hifn7751reg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hifn7751reg.h,v 1.28 2001/07/08 18:05:42 brad Exp $ */ +/* $OpenBSD: hifn7751reg.h,v 1.29 2001/08/08 03:11:47 jason Exp $ */ /* * Invertex AEON / Hifn 7751 driver @@ -51,12 +51,12 @@ * any command the driver implements. * * MAX_COMMAND = base command + mac command + encrypt command + - * mac-key + des-iv + 3des-key + * mac-key + rc4-key * MAX_RESULT = base result + mac result + mac + encrypt result * * */ -#define HIFN_MAX_COMMAND (8 + 8 + 8 + 64 + 8 + 24) +#define HIFN_MAX_COMMAND (8 + 8 + 8 + 64 + 260) #define HIFN_MAX_RESULT (8 + 4 + 20 + 4) /* diff --git a/sys/dev/pci/hifn7751var.h b/sys/dev/pci/hifn7751var.h index d7892fd86ea..624329d4202 100644 --- a/sys/dev/pci/hifn7751var.h +++ b/sys/dev/pci/hifn7751var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hifn7751var.h,v 1.29 2001/07/21 03:08:57 jason Exp $ */ +/* $OpenBSD: hifn7751var.h,v 1.30 2001/08/08 03:11:47 jason Exp $ */ /* * Invertex AEON / Hifn 7751 driver @@ -201,6 +201,7 @@ struct hifn_command { u_int16_t session_num; u_int16_t base_masks, cry_masks, mac_masks; u_int8_t iv[HIFN_IV_LENGTH], *ck, mac[HIFN_MAC_KEY_LENGTH]; + int cklen; union { struct mbuf *src_m; |