Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/contrib/openzfs/module/icp/include/modes/modes.h
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or https://opensource.org/licenses/CDDL-1.0. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _COMMON_CRYPTO_MODES_H 27 #define _COMMON_CRYPTO_MODES_H 28 29 #ifdef __cplusplus 30 extern "C" { 31 #endif 32 33 #include <sys/zfs_context.h> 34 #include <sys/crypto/common.h> 35 #include <sys/crypto/impl.h> 36 37 /* 38 * Does the build chain support all instructions needed for the GCM assembler 39 * routines. AVX support should imply AES-NI and PCLMULQDQ, but make sure 40 * anyhow. 41 */ 42 #if defined(__x86_64__) && defined(HAVE_AVX) && \ 43 defined(HAVE_AES) && defined(HAVE_PCLMULQDQ) 44 #define CAN_USE_GCM_ASM 45 extern boolean_t gcm_avx_can_use_movbe; 46 #endif 47 48 #define ECB_MODE 0x00000002 49 #define CBC_MODE 0x00000004 50 #define CTR_MODE 0x00000008 51 #define CCM_MODE 0x00000010 52 #define GCM_MODE 0x00000020 53 #define GMAC_MODE 0x00000040 54 55 /* 56 * cc_keysched: Pointer to key schedule. 57 * 58 * cc_keysched_len: Length of the key schedule. 59 * 60 * cc_remainder: This is for residual data, i.e. data that can't 61 * be processed because there are too few bytes. 62 * Must wait until more data arrives. 63 * 64 * cc_remainder_len: Number of bytes in cc_remainder. 65 * 66 * cc_iv: Scratch buffer that sometimes contains the IV. 67 * 68 * cc_lastp: Pointer to previous block of ciphertext. 69 * 70 * cc_copy_to: Pointer to where encrypted residual data needs 71 * to be copied. 72 * 73 * cc_flags: PROVIDER_OWNS_KEY_SCHEDULE 74 * When a context is freed, it is necessary 75 * to know whether the key schedule was allocated 76 * by the caller, or internally, e.g. an init routine. 77 * If allocated by the latter, then it needs to be freed. 78 * 79 * ECB_MODE, CBC_MODE, CTR_MODE, or CCM_MODE 80 */ 81 struct common_ctx { 82 void *cc_keysched; 83 size_t cc_keysched_len; 84 uint64_t cc_iv[2]; 85 uint64_t cc_remainder[2]; 86 size_t cc_remainder_len; 87 uint8_t *cc_lastp; 88 uint8_t *cc_copy_to; 89 uint32_t cc_flags; 90 }; 91 92 typedef struct common_ctx common_ctx_t; 93 94 typedef struct ecb_ctx { 95 struct common_ctx ecb_common; 96 uint64_t ecb_lastblock[2]; 97 } ecb_ctx_t; 98 99 #define ecb_keysched ecb_common.cc_keysched 100 #define ecb_keysched_len ecb_common.cc_keysched_len 101 #define ecb_iv ecb_common.cc_iv 102 #define ecb_remainder ecb_common.cc_remainder 103 #define ecb_remainder_len ecb_common.cc_remainder_len 104 #define ecb_lastp ecb_common.cc_lastp 105 #define ecb_copy_to ecb_common.cc_copy_to 106 #define ecb_flags ecb_common.cc_flags 107 108 typedef struct cbc_ctx { 109 struct common_ctx cbc_common; 110 uint64_t cbc_lastblock[2]; 111 } cbc_ctx_t; 112 113 #define cbc_keysched cbc_common.cc_keysched 114 #define cbc_keysched_len cbc_common.cc_keysched_len 115 #define cbc_iv cbc_common.cc_iv 116 #define cbc_remainder cbc_common.cc_remainder 117 #define cbc_remainder_len cbc_common.cc_remainder_len 118 #define cbc_lastp cbc_common.cc_lastp 119 #define cbc_copy_to cbc_common.cc_copy_to 120 #define cbc_flags cbc_common.cc_flags 121 122 /* 123 * ctr_lower_mask Bit-mask for lower 8 bytes of counter block. 124 * ctr_upper_mask Bit-mask for upper 8 bytes of counter block. 125 */ 126 typedef struct ctr_ctx { 127 struct common_ctx ctr_common; 128 uint64_t ctr_lower_mask; 129 uint64_t ctr_upper_mask; 130 uint32_t ctr_tmp[4]; 131 } ctr_ctx_t; 132 133 /* 134 * ctr_cb Counter block. 135 */ 136 #define ctr_keysched ctr_common.cc_keysched 137 #define ctr_keysched_len ctr_common.cc_keysched_len 138 #define ctr_cb ctr_common.cc_iv 139 #define ctr_remainder ctr_common.cc_remainder 140 #define ctr_remainder_len ctr_common.cc_remainder_len 141 #define ctr_lastp ctr_common.cc_lastp 142 #define ctr_copy_to ctr_common.cc_copy_to 143 #define ctr_flags ctr_common.cc_flags 144 145 /* 146 * 147 * ccm_mac_len: Stores length of the MAC in CCM mode. 148 * ccm_mac_buf: Stores the intermediate value for MAC in CCM encrypt. 149 * In CCM decrypt, stores the input MAC value. 150 * ccm_data_len: Length of the plaintext for CCM mode encrypt, or 151 * length of the ciphertext for CCM mode decrypt. 152 * ccm_processed_data_len: 153 * Length of processed plaintext in CCM mode encrypt, 154 * or length of processed ciphertext for CCM mode decrypt. 155 * ccm_processed_mac_len: 156 * Length of MAC data accumulated in CCM mode decrypt. 157 * 158 * ccm_pt_buf: Only used in CCM mode decrypt. It stores the 159 * decrypted plaintext to be returned when 160 * MAC verification succeeds in decrypt_final. 161 * Memory for this should be allocated in the AES module. 162 * 163 */ 164 typedef struct ccm_ctx { 165 struct common_ctx ccm_common; 166 uint32_t ccm_tmp[4]; 167 size_t ccm_mac_len; 168 uint64_t ccm_mac_buf[2]; 169 size_t ccm_data_len; 170 size_t ccm_processed_data_len; 171 size_t ccm_processed_mac_len; 172 uint8_t *ccm_pt_buf; 173 uint64_t ccm_mac_input_buf[2]; 174 uint64_t ccm_counter_mask; 175 } ccm_ctx_t; 176 177 #define ccm_keysched ccm_common.cc_keysched 178 #define ccm_keysched_len ccm_common.cc_keysched_len 179 #define ccm_cb ccm_common.cc_iv 180 #define ccm_remainder ccm_common.cc_remainder 181 #define ccm_remainder_len ccm_common.cc_remainder_len 182 #define ccm_lastp ccm_common.cc_lastp 183 #define ccm_copy_to ccm_common.cc_copy_to 184 #define ccm_flags ccm_common.cc_flags 185 186 /* 187 * gcm_tag_len: Length of authentication tag. 188 * 189 * gcm_ghash: Stores output from the GHASH function. 190 * 191 * gcm_processed_data_len: 192 * Length of processed plaintext (encrypt) or 193 * length of processed ciphertext (decrypt). 194 * 195 * gcm_pt_buf: Stores the decrypted plaintext returned by 196 * decrypt_final when the computed authentication 197 * tag matches the user supplied tag. 198 * 199 * gcm_pt_buf_len: Length of the plaintext buffer. 200 * 201 * gcm_H: Subkey. 202 * 203 * gcm_Htable: Pre-computed and pre-shifted H, H^2, ... H^6 for the 204 * Karatsuba Algorithm in host byte order. 205 * 206 * gcm_J0: Pre-counter block generated from the IV. 207 * 208 * gcm_len_a_len_c: 64-bit representations of the bit lengths of 209 * AAD and ciphertext. 210 */ 211 typedef struct gcm_ctx { 212 struct common_ctx gcm_common; 213 size_t gcm_tag_len; 214 size_t gcm_processed_data_len; 215 size_t gcm_pt_buf_len; 216 uint32_t gcm_tmp[4]; 217 /* 218 * The offset of gcm_Htable relative to gcm_ghash, (32), is hard coded 219 * in aesni-gcm-x86_64.S, so please don't change (or adjust there). 220 */ 221 uint64_t gcm_ghash[2]; 222 uint64_t gcm_H[2]; 223 #ifdef CAN_USE_GCM_ASM 224 uint64_t *gcm_Htable; 225 size_t gcm_htab_len; 226 #endif 227 uint64_t gcm_J0[2]; 228 uint64_t gcm_len_a_len_c[2]; 229 uint8_t *gcm_pt_buf; 230 #ifdef CAN_USE_GCM_ASM 231 boolean_t gcm_use_avx; 232 #endif 233 } gcm_ctx_t; 234 235 #define gcm_keysched gcm_common.cc_keysched 236 #define gcm_keysched_len gcm_common.cc_keysched_len 237 #define gcm_cb gcm_common.cc_iv 238 #define gcm_remainder gcm_common.cc_remainder 239 #define gcm_remainder_len gcm_common.cc_remainder_len 240 #define gcm_lastp gcm_common.cc_lastp 241 #define gcm_copy_to gcm_common.cc_copy_to 242 #define gcm_flags gcm_common.cc_flags 243 244 #define AES_GMAC_IV_LEN 12 245 #define AES_GMAC_TAG_BITS 128 246 247 typedef struct aes_ctx { 248 union { 249 ecb_ctx_t acu_ecb; 250 cbc_ctx_t acu_cbc; 251 ctr_ctx_t acu_ctr; 252 ccm_ctx_t acu_ccm; 253 gcm_ctx_t acu_gcm; 254 } acu; 255 } aes_ctx_t; 256 257 #define ac_flags acu.acu_ecb.ecb_common.cc_flags 258 #define ac_remainder_len acu.acu_ecb.ecb_common.cc_remainder_len 259 #define ac_keysched acu.acu_ecb.ecb_common.cc_keysched 260 #define ac_keysched_len acu.acu_ecb.ecb_common.cc_keysched_len 261 #define ac_iv acu.acu_ecb.ecb_common.cc_iv 262 #define ac_lastp acu.acu_ecb.ecb_common.cc_lastp 263 #define ac_pt_buf acu.acu_ccm.ccm_pt_buf 264 #define ac_mac_len acu.acu_ccm.ccm_mac_len 265 #define ac_data_len acu.acu_ccm.ccm_data_len 266 #define ac_processed_mac_len acu.acu_ccm.ccm_processed_mac_len 267 #define ac_processed_data_len acu.acu_ccm.ccm_processed_data_len 268 #define ac_tag_len acu.acu_gcm.gcm_tag_len 269 270 typedef struct blowfish_ctx { 271 union { 272 ecb_ctx_t bcu_ecb; 273 cbc_ctx_t bcu_cbc; 274 } bcu; 275 } blowfish_ctx_t; 276 277 #define bc_flags bcu.bcu_ecb.ecb_common.cc_flags 278 #define bc_remainder_len bcu.bcu_ecb.ecb_common.cc_remainder_len 279 #define bc_keysched bcu.bcu_ecb.ecb_common.cc_keysched 280 #define bc_keysched_len bcu.bcu_ecb.ecb_common.cc_keysched_len 281 #define bc_iv bcu.bcu_ecb.ecb_common.cc_iv 282 #define bc_lastp bcu.bcu_ecb.ecb_common.cc_lastp 283 284 typedef struct des_ctx { 285 union { 286 ecb_ctx_t dcu_ecb; 287 cbc_ctx_t dcu_cbc; 288 } dcu; 289 } des_ctx_t; 290 291 #define dc_flags dcu.dcu_ecb.ecb_common.cc_flags 292 #define dc_remainder_len dcu.dcu_ecb.ecb_common.cc_remainder_len 293 #define dc_keysched dcu.dcu_ecb.ecb_common.cc_keysched 294 #define dc_keysched_len dcu.dcu_ecb.ecb_common.cc_keysched_len 295 #define dc_iv dcu.dcu_ecb.ecb_common.cc_iv 296 #define dc_lastp dcu.dcu_ecb.ecb_common.cc_lastp 297 298 extern int ecb_cipher_contiguous_blocks(ecb_ctx_t *, char *, size_t, 299 crypto_data_t *, size_t, int (*cipher)(const void *, const uint8_t *, 300 uint8_t *)); 301 302 extern int cbc_encrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t, 303 crypto_data_t *, size_t, 304 int (*encrypt)(const void *, const uint8_t *, uint8_t *), 305 void (*copy_block)(uint8_t *, uint8_t *), 306 void (*xor_block)(uint8_t *, uint8_t *)); 307 308 extern int cbc_decrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t, 309 crypto_data_t *, size_t, 310 int (*decrypt)(const void *, const uint8_t *, uint8_t *), 311 void (*copy_block)(uint8_t *, uint8_t *), 312 void (*xor_block)(uint8_t *, uint8_t *)); 313 314 extern int ctr_mode_contiguous_blocks(ctr_ctx_t *, char *, size_t, 315 crypto_data_t *, size_t, 316 int (*cipher)(const void *, const uint8_t *, uint8_t *), 317 void (*xor_block)(uint8_t *, uint8_t *)); 318 319 extern int ccm_mode_encrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t, 320 crypto_data_t *, size_t, 321 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 322 void (*copy_block)(uint8_t *, uint8_t *), 323 void (*xor_block)(uint8_t *, uint8_t *)); 324 325 extern int ccm_mode_decrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t, 326 crypto_data_t *, size_t, 327 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 328 void (*copy_block)(uint8_t *, uint8_t *), 329 void (*xor_block)(uint8_t *, uint8_t *)); 330 331 extern int gcm_mode_encrypt_contiguous_blocks(gcm_ctx_t *, char *, size_t, 332 crypto_data_t *, size_t, 333 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 334 void (*copy_block)(uint8_t *, uint8_t *), 335 void (*xor_block)(uint8_t *, uint8_t *)); 336 337 extern int gcm_mode_decrypt_contiguous_blocks(gcm_ctx_t *, char *, size_t, 338 crypto_data_t *, size_t, 339 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 340 void (*copy_block)(uint8_t *, uint8_t *), 341 void (*xor_block)(uint8_t *, uint8_t *)); 342 343 int ccm_encrypt_final(ccm_ctx_t *, crypto_data_t *, size_t, 344 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 345 void (*xor_block)(uint8_t *, uint8_t *)); 346 347 int gcm_encrypt_final(gcm_ctx_t *, crypto_data_t *, size_t, 348 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 349 void (*copy_block)(uint8_t *, uint8_t *), 350 void (*xor_block)(uint8_t *, uint8_t *)); 351 352 extern int ccm_decrypt_final(ccm_ctx_t *, crypto_data_t *, size_t, 353 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 354 void (*copy_block)(uint8_t *, uint8_t *), 355 void (*xor_block)(uint8_t *, uint8_t *)); 356 357 extern int gcm_decrypt_final(gcm_ctx_t *, crypto_data_t *, size_t, 358 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 359 void (*xor_block)(uint8_t *, uint8_t *)); 360 361 extern int ctr_mode_final(ctr_ctx_t *, crypto_data_t *, 362 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *)); 363 364 extern int cbc_init_ctx(cbc_ctx_t *, char *, size_t, size_t, 365 void (*copy_block)(uint8_t *, uint64_t *)); 366 367 extern int ctr_init_ctx(ctr_ctx_t *, ulong_t, uint8_t *, 368 void (*copy_block)(uint8_t *, uint8_t *)); 369 370 extern int ccm_init_ctx(ccm_ctx_t *, char *, int, boolean_t, size_t, 371 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 372 void (*xor_block)(uint8_t *, uint8_t *)); 373 374 extern int gcm_init_ctx(gcm_ctx_t *, char *, size_t, 375 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 376 void (*copy_block)(uint8_t *, uint8_t *), 377 void (*xor_block)(uint8_t *, uint8_t *)); 378 379 extern int gmac_init_ctx(gcm_ctx_t *, char *, size_t, 380 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *), 381 void (*copy_block)(uint8_t *, uint8_t *), 382 void (*xor_block)(uint8_t *, uint8_t *)); 383 384 extern void calculate_ccm_mac(ccm_ctx_t *, uint8_t *, 385 int (*encrypt_block)(const void *, const uint8_t *, uint8_t *)); 386 387 extern void gcm_mul(uint64_t *, uint64_t *, uint64_t *); 388 389 extern void crypto_init_ptrs(crypto_data_t *, void **, offset_t *); 390 extern void crypto_get_ptrs(crypto_data_t *, void **, offset_t *, 391 uint8_t **, size_t *, uint8_t **, size_t); 392 393 extern void *ecb_alloc_ctx(int); 394 extern void *cbc_alloc_ctx(int); 395 extern void *ctr_alloc_ctx(int); 396 extern void *ccm_alloc_ctx(int); 397 extern void *gcm_alloc_ctx(int); 398 extern void *gmac_alloc_ctx(int); 399 extern void crypto_free_mode_ctx(void *); 400 401 #ifdef __cplusplus 402 } 403 #endif 404 405 #endif /* _COMMON_CRYPTO_MODES_H */
Cache object: 92bb93058c7f256f069f7218e36a3d80
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]