diff options
Diffstat (limited to 'sys')
-rw-r--r-- | sys/dev/pci/ubsec.c | 38 | ||||
-rw-r--r-- | sys/dev/pci/ubsecreg.h | 32 |
2 files changed, 41 insertions, 29 deletions
diff --git a/sys/dev/pci/ubsec.c b/sys/dev/pci/ubsec.c index 8edabea5d28..313d511563d 100644 --- a/sys/dev/pci/ubsec.c +++ b/sys/dev/pci/ubsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ubsec.c,v 1.12 2000/06/14 14:09:36 jason Exp $ */ +/* $OpenBSD: ubsec.c,v 1.13 2000/06/18 03:37:22 jason Exp $ */ /* * Copyright (c) 2000 Jason L. Wright (jason@thought.net) @@ -87,6 +87,8 @@ int ubsec_feed __P((struct ubsec_softc *)); #define WRITE_REG(sc,reg,val) \ bus_space_write_4((sc)->sc_st, (sc)->sc_sh, reg, val) +#define SWAP32(x) (x) = swap32((x)) + int ubsec_probe(parent, match, aux) struct device *parent; @@ -416,34 +418,42 @@ ubsec_process(crp) if (enccrd->crd_flags & CRD_F_ENCRYPT) { if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) - bcopy(enccrd->crd_iv, q->q_ctx.pc_iv, - sizeof(q->q_ctx.pc_iv)); + bcopy(enccrd->crd_iv, &q->q_ctx.pc_iv[0], 8); else - get_random_bytes(q->q_ctx.pc_iv, - sizeof(q->q_ctx.pc_iv)); + get_random_bytes(&q->q_ctx.pc_iv[0], 8); + + m_copyback(q->q_src_m, enccrd->crd_inject, 8, + (caddr_t)&q->q_ctx.pc_iv); if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0) m_copyback(q->q_src_m, enccrd->crd_inject, - sizeof(q->q_ctx.pc_iv), q->q_ctx.pc_iv); + 8, (caddr_t)&q->q_ctx.pc_iv[0]); } else { q->q_ctx.pc_flags |= UBS_PKTCTX_INBOUND; if (enccrd->crd_flags & CRD_F_IV_EXPLICIT) - bcopy(enccrd->crd_iv, q->q_ctx.pc_iv, - sizeof(q->q_ctx.pc_iv)); + bcopy(enccrd->crd_iv, &q->q_ctx.pc_iv[0], 8); else m_copydata(q->q_src_m, enccrd->crd_inject, - sizeof(q->q_ctx.pc_iv), q->q_ctx.pc_iv); + 8, (caddr_t)&q->q_ctx.pc_iv[0]); } if (enccrd->crd_alg == CRYPTO_DES_CBC) { /* Cheat: des == 3des with two of the keys the same */ bcopy(enccrd->crd_key, &q->q_ctx.pc_deskey[0], 8); - bcopy(enccrd->crd_key, &q->q_ctx.pc_deskey[8], 8); - bcopy(enccrd->crd_key, &q->q_ctx.pc_deskey[16], 8); + bcopy(enccrd->crd_key, &q->q_ctx.pc_deskey[2], 8); + bcopy(enccrd->crd_key, &q->q_ctx.pc_deskey[4], 8); } else bcopy(enccrd->crd_key, &q->q_ctx.pc_deskey[0], 24); + SWAP32(q->q_ctx.pc_iv[0]); + SWAP32(q->q_ctx.pc_iv[1]); + SWAP32(q->q_ctx.pc_deskey[0]); + SWAP32(q->q_ctx.pc_deskey[1]); + SWAP32(q->q_ctx.pc_deskey[2]); + SWAP32(q->q_ctx.pc_deskey[3]); + SWAP32(q->q_ctx.pc_deskey[4]); + SWAP32(q->q_ctx.pc_deskey[5]); } if (maccrd) { @@ -455,7 +465,7 @@ ubsec_process(crp) /* XXX not right */ bcopy(maccrd->crd_key, &q->q_ctx.pc_hminner[0], - maccrd->crd_klen >> 3); + maccrd->crd_klen >> 5); } @@ -468,7 +478,7 @@ ubsec_process(crp) dskip = sskip = macoffset + encoffset; coffset = 0; } - q->q_ctx.pc_flags |= (coffset << 16); + q->q_ctx.pc_offset = coffset << 2; q->q_src_l = mbuf2pages(q->q_src_m, &q->q_src_npa, q->q_src_packp, q->q_src_packl, MAX_SCATTER, &err); @@ -530,7 +540,7 @@ ubsec_process(crp) q->q_dst_l = mbuf2pages(q->q_dst_m, &q->q_dst_npa, q->q_dst_packp, q->q_dst_packl, MAX_SCATTER, NULL); - q->q_mcr.mcr_pktlen = q->q_dst_l - sskip; + q->q_mcr.mcr_pktlen = q->q_dst_l - dskip; #ifdef UBSEC_DEBUG printf("src skip: %d\n", sskip); diff --git a/sys/dev/pci/ubsecreg.h b/sys/dev/pci/ubsecreg.h index 6f1601110f6..e3fb558af2b 100644 --- a/sys/dev/pci/ubsecreg.h +++ b/sys/dev/pci/ubsecreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ubsecreg.h,v 1.3 2000/06/12 19:50:35 deraadt Exp $ */ +/* $OpenBSD: ubsecreg.h,v 1.4 2000/06/18 03:37:22 jason Exp $ */ /* * Copyright (c) 2000 Theo de Raadt @@ -71,23 +71,25 @@ #define UBSEC_CARD(sid) (((sid) & 0xf0000000) >> 28) #define UBSEC_SID(crd,ses) (((crd) << 28) | ((ses) & 0x7ff)) -#define MAX_SCATTER 10 +#define MAX_SCATTER 64 struct ubsec_pktctx { - u_int8_t pc_deskey[24]; /* 3DES key */ - u_int8_t pc_hminner[20]; /* hmac inner state */ - u_int8_t pc_hmouter[20]; /* hmac outer state */ - u_int8_t pc_iv[8]; /* 3DES iv */ - u_int32_t pc_flags; + u_int32_t pc_deskey[6]; /* 3DES key */ + u_int32_t pc_hminner[5]; /* hmac inner state */ + u_int32_t pc_hmouter[5]; /* hmac outer state */ + u_int32_t pc_iv[2]; /* [3]DES iv */ + u_int16_t pc_flags; /* flags, below */ + u_int16_t pc_offset; /* crypto offset */ + u_int32_t pc_paddr; + u_int8_t pad[16]; }; -#define UBS_PKTCTX_COFFSET 0xffff0000 /* cryto to mac offset */ -#define UBS_PKTCTX_ENC_3DES 0x00008000 /* use 3des */ -#define UBS_PKTCTX_ENC_NONE 0x00000000 /* no encryption */ -#define UBS_PKTCTX_INBOUND 0x00004000 /* inbound packet */ -#define UBS_PKTCTX_AUTH 0x00003000 /* authentication mask */ -#define UBS_PKTCTX_AUTH_NONE 0x00000000 /* no authentication */ -#define UBS_PKTCTX_AUTH_MD5 0x00001000 /* use hmac-md5 */ -#define UBS_PKTCTX_AUTH_SHA1 0x00002000 /* use hmac-sha1 */ +#define UBS_PKTCTX_ENC_3DES 0x8000 /* use 3des */ +#define UBS_PKTCTX_ENC_NONE 0x0000 /* no encryption */ +#define UBS_PKTCTX_INBOUND 0x4000 /* inbound packet */ +#define UBS_PKTCTX_AUTH 0x3000 /* authentication mask */ +#define UBS_PKTCTX_AUTH_NONE 0x0000 /* no authentication */ +#define UBS_PKTCTX_AUTH_MD5 0x1000 /* use hmac-md5 */ +#define UBS_PKTCTX_AUTH_SHA1 0x2000 /* use hmac-sha1 */ struct ubsec_pktbuf { volatile u_int32_t pb_addr; /* address of buffer start */ |