Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/crypto/openssl/ossl_aes.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2021 Stormshield. 5 * Copyright (c) 2021 Semihalf. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include <sys/cdefs.h> 29 __FBSDID("$FreeBSD$"); 30 31 #include <sys/param.h> 32 #include <sys/malloc.h> 33 34 #include <opencrypto/cryptodev.h> 35 36 #include <crypto/openssl/ossl.h> 37 #include <crypto/openssl/ossl_cipher.h> 38 39 #if defined(__amd64__) || defined(__i386__) 40 #include <crypto/openssl/ossl_x86.h> 41 #elif defined (__aarch64__) 42 #include <crypto/openssl/ossl_aarch64.h> 43 #endif 44 45 static ossl_cipher_process_t ossl_aes_cbc; 46 47 struct ossl_cipher ossl_cipher_aes_cbc = { 48 .type = CRYPTO_AES_CBC, 49 .blocksize = AES_BLOCK_LEN, 50 .ivsize = AES_BLOCK_LEN, 51 52 /* Filled during initialization based on CPU caps. */ 53 .set_encrypt_key = NULL, 54 .set_decrypt_key = NULL, 55 .process = ossl_aes_cbc 56 }; 57 58 static int 59 ossl_aes_cbc(struct ossl_session_cipher *s, struct cryptop *crp, 60 const struct crypto_session_params *csp) 61 { 62 struct crypto_buffer_cursor cc_in, cc_out; 63 unsigned char block[EALG_MAX_BLOCK_LEN]; 64 unsigned char iv[EALG_MAX_BLOCK_LEN]; 65 const unsigned char *in, *inseg; 66 unsigned char *out, *outseg; 67 size_t plen, seglen, inlen, outlen; 68 struct ossl_cipher_context key; 69 struct ossl_cipher *cipher; 70 int blocklen, error; 71 bool encrypt; 72 73 cipher = s->cipher; 74 encrypt = CRYPTO_OP_IS_ENCRYPT(crp->crp_op); 75 plen = crp->crp_payload_length; 76 blocklen = cipher->blocksize; 77 78 if (plen % blocklen) 79 return (EINVAL); 80 81 if (crp->crp_cipher_key != NULL) { 82 if (encrypt) 83 error = cipher->set_encrypt_key(crp->crp_cipher_key, 84 8 * csp->csp_cipher_klen, &key); 85 else 86 error = cipher->set_decrypt_key(crp->crp_cipher_key, 87 8 * csp->csp_cipher_klen, &key); 88 if (error) 89 return (error); 90 } else { 91 if (encrypt) 92 key = s->enc_ctx; 93 else 94 key = s->dec_ctx; 95 } 96 97 crypto_read_iv(crp, iv); 98 99 /* Derived from ossl_chacha20.c */ 100 crypto_cursor_init(&cc_in, &crp->crp_buf); 101 crypto_cursor_advance(&cc_in, crp->crp_payload_start); 102 inseg = crypto_cursor_segment(&cc_in, &inlen); 103 if (CRYPTO_HAS_OUTPUT_BUFFER(crp)) { 104 crypto_cursor_init(&cc_out, &crp->crp_obuf); 105 crypto_cursor_advance(&cc_out, crp->crp_payload_output_start); 106 } else { 107 cc_out = cc_in; 108 } 109 outseg = crypto_cursor_segment(&cc_out, &outlen); 110 111 while (plen >= blocklen) { 112 if (inlen < blocklen) { 113 crypto_cursor_copydata(&cc_in, blocklen, block); 114 in = block; 115 inlen = blocklen; 116 } else { 117 in = inseg; 118 } 119 if (outlen < blocklen) { 120 out = block; 121 outlen = blocklen; 122 } else { 123 out = outseg; 124 } 125 126 /* Figure out how many blocks we can encrypt/decrypt at once. */ 127 seglen = rounddown(MIN(plen, MIN(inlen, outlen)), blocklen); 128 129 AES_CBC_ENCRYPT(in, out, seglen, &key, iv, encrypt); 130 131 if (out == block) { 132 crypto_cursor_copyback(&cc_out, blocklen, block); 133 outseg = crypto_cursor_segment(&cc_out, &outlen); 134 } else { 135 crypto_cursor_advance(&cc_out, seglen); 136 outseg += seglen; 137 outlen -= seglen; 138 } 139 if (in == block) { 140 inseg = crypto_cursor_segment(&cc_in, &inlen); 141 } else { 142 crypto_cursor_advance(&cc_in, seglen); 143 inseg += seglen; 144 inlen -= seglen; 145 } 146 plen -= seglen; 147 } 148 149 explicit_bzero(block, sizeof(block)); 150 explicit_bzero(iv, sizeof(iv)); 151 explicit_bzero(&key, sizeof(key)); 152 return (0); 153 }
Cache object: fd865502b5d6b1cdbd69e1b870336031
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]