1 /* $NetBSD: xform.c,v 1.31 2020/06/30 04:14:56 riastradh Exp $ */
2 /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */
3 /* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */
4
5 /*
6 * The authors of this code are John Ioannidis (ji@tla.org),
7 * Angelos D. Keromytis (kermit@csd.uch.gr) and
8 * Niels Provos (provos@physnet.uni-hamburg.de).
9 *
10 * This code was written by John Ioannidis for BSD/OS in Athens, Greece,
11 * in November 1995.
12 *
13 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
14 * by Angelos D. Keromytis.
15 *
16 * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
17 * and Niels Provos.
18 *
19 * Additional features in 1999 by Angelos D. Keromytis.
20 *
21 * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
22 * Angelos D. Keromytis and Niels Provos.
23 *
24 * Copyright (C) 2001, Angelos D. Keromytis.
25 *
26 * Permission to use, copy, and modify this software with or without fee
27 * is hereby granted, provided that this entire notice is included in
28 * all copies of any software which is or includes a copy or
29 * modification of this software.
30 * You may use this code under the GNU public license if you so wish. Please
31 * contribute changes back to the authors under this freer than GPL license
32 * so that we may further the use of strong encryption without limitations to
33 * all.
34 *
35 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
36 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
37 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
38 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
39 * PURPOSE.
40 */
41
42 #include <sys/cdefs.h>
43 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.31 2020/06/30 04:14:56 riastradh Exp $");
44
45 #include <sys/param.h>
46 #include <sys/malloc.h>
47
48 #include <opencrypto/cryptodev.h>
49 #include <opencrypto/xform.h>
50
51 MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers");
52
53 const u_int8_t hmac_ipad_buffer[128] = {
54 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
55 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
56 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
57 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
58 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
59 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
60 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
61 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
62 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
63 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
64 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
65 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
66 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
67 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
68 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
69 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
70 };
71
72 const u_int8_t hmac_opad_buffer[128] = {
73 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
74 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
75 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
76 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
77 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
78 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
79 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
80 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
81 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
82 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
83 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
84 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
85 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
86 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
87 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
88 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C
89 };
90
91 /* Encryption instances */
92 const struct enc_xform enc_xform_null = {
93 .type = CRYPTO_NULL_CBC,
94 .name = "NULL",
95 /* NB: blocksize of 4 is to generate a properly aligned ESP header */
96 .blocksize = 4,
97 .ivsize = 0,
98 .minkey = 0,
99 .maxkey = 256, /* 2048 bits, max key */
100 };
101
102 const struct enc_xform enc_xform_des = {
103 .type = CRYPTO_DES_CBC,
104 .name = "DES",
105 .blocksize = 8,
106 .ivsize = 8,
107 .minkey = 8,
108 .maxkey = 8,
109 };
110
111 const struct enc_xform enc_xform_3des = {
112 .type = CRYPTO_3DES_CBC,
113 .name = "3DES",
114 .blocksize = 8,
115 .ivsize = 8,
116 .minkey = 24,
117 .maxkey = 24,
118 };
119
120 const struct enc_xform enc_xform_blf = {
121 .type = CRYPTO_BLF_CBC,
122 .name = "Blowfish",
123 .blocksize = 8,
124 .ivsize = 8,
125 .minkey = 5,
126 .maxkey = 56, /* 448 bits, max key */
127 };
128
129 const struct enc_xform enc_xform_cast5 = {
130 .type = CRYPTO_CAST_CBC,
131 .name = "CAST-128",
132 .blocksize = 8,
133 .ivsize = 8,
134 .minkey = 5,
135 .maxkey = 16,
136 };
137
138 const struct enc_xform enc_xform_skipjack = {
139 .type = CRYPTO_SKIPJACK_CBC,
140 .name = "Skipjack",
141 .blocksize = 8,
142 .ivsize = 8,
143 .minkey = 10,
144 .maxkey = 10,
145 };
146
147 const struct enc_xform enc_xform_aes = {
148 .type = CRYPTO_AES_CBC,
149 .name = "AES",
150 .blocksize = 16,
151 .ivsize = 16,
152 .minkey = 16,
153 .maxkey = 32,
154 };
155
156 const struct enc_xform enc_xform_arc4 = {
157 .type = CRYPTO_ARC4,
158 .name = "ARC4",
159 .blocksize = 1,
160 .ivsize = 0,
161 .minkey = 1,
162 .maxkey = 32,
163 };
164
165 const struct enc_xform enc_xform_camellia = {
166 .type = CRYPTO_CAMELLIA_CBC,
167 .name = "Camellia",
168 .blocksize = 16,
169 .ivsize = 16,
170 .minkey = 8,
171 .maxkey = 32,
172 };
173
174 const struct enc_xform enc_xform_aes_ctr = {
175 .type = CRYPTO_AES_CTR,
176 .name = "AES-CTR",
177 .blocksize = 16,
178 .ivsize = 8,
179 .minkey = 16 + 4,
180 .maxkey = 32 + 4,
181 };
182
183 const struct enc_xform enc_xform_aes_gcm = {
184 .type = CRYPTO_AES_GCM_16,
185 .name = "AES-GCM",
186 .blocksize = 4, /* ??? */
187 .ivsize = 8,
188 .minkey = 16 + 4,
189 .maxkey = 32 + 4,
190 };
191
192 const struct enc_xform enc_xform_aes_gmac = {
193 .type = CRYPTO_AES_GMAC,
194 .name = "AES-GMAC",
195 .blocksize = 4, /* ??? */
196 .ivsize = 8,
197 .minkey = 16 + 4,
198 .maxkey = 32 + 4,
199 };
200
201 /* Authentication instances */
202 const struct auth_hash auth_hash_null = {
203 .type = CRYPTO_NULL_HMAC,
204 .name = "NULL-HMAC",
205 .keysize = 0,
206 .hashsize = 0,
207 .authsize = 12,
208 .blocksize = 64,
209 };
210
211 const struct auth_hash auth_hash_hmac_md5 = {
212 .type = CRYPTO_MD5_HMAC,
213 .name = "HMAC-MD5",
214 .keysize = 16,
215 .hashsize = 16,
216 .authsize = 16,
217 .blocksize = 64,
218 };
219
220 const struct auth_hash auth_hash_hmac_sha1 = {
221 .type = CRYPTO_SHA1_HMAC,
222 .name = "HMAC-SHA1",
223 .keysize = 20,
224 .hashsize = 20,
225 .authsize = 20,
226 .blocksize = 64,
227 };
228
229 const struct auth_hash auth_hash_hmac_ripemd_160 = {
230 .type = CRYPTO_RIPEMD160_HMAC,
231 .name = "HMAC-RIPEMD-160",
232 .keysize = 20,
233 .hashsize = 20,
234 .authsize = 20,
235 .blocksize = 64,
236 };
237
238 const struct auth_hash auth_hash_hmac_md5_96 = {
239 .type = CRYPTO_MD5_HMAC_96,
240 .name = "HMAC-MD5-96",
241 .keysize = 16,
242 .hashsize = 16,
243 .authsize = 12,
244 .blocksize = 64,
245 };
246
247 const struct auth_hash auth_hash_hmac_sha1_96 = {
248 .type = CRYPTO_SHA1_HMAC_96,
249 .name = "HMAC-SHA1-96",
250 .keysize = 20,
251 .hashsize = 20,
252 .authsize = 12,
253 .blocksize = 64,
254 };
255
256 const struct auth_hash auth_hash_hmac_ripemd_160_96 = {
257 .type = CRYPTO_RIPEMD160_HMAC_96,
258 .name = "HMAC-RIPEMD-160",
259 .keysize = 20,
260 .hashsize = 20,
261 .authsize = 12,
262 .blocksize = 64,
263 };
264
265 const struct auth_hash auth_hash_key_md5 = {
266 .type = CRYPTO_MD5_KPDK,
267 .name = "Keyed MD5",
268 .keysize = 0,
269 .hashsize = 16,
270 .authsize = 16,
271 .blocksize = 0,
272 };
273
274 const struct auth_hash auth_hash_key_sha1 = {
275 .type = CRYPTO_SHA1_KPDK,
276 .name = "Keyed SHA1",
277 .keysize = 0,
278 .hashsize = 20,
279 .authsize = 20,
280 .blocksize = 0,
281 };
282
283 const struct auth_hash auth_hash_md5 = {
284 .type = CRYPTO_MD5,
285 .name = "MD5",
286 .keysize = 0,
287 .hashsize = 16,
288 .authsize = 16,
289 .blocksize = 0,
290 };
291
292 const struct auth_hash auth_hash_sha1 = {
293 .type = CRYPTO_SHA1,
294 .name = "SHA1",
295 .keysize = 0,
296 .hashsize = 20,
297 .authsize = 20,
298 .blocksize = 0,
299 };
300
301 const struct auth_hash auth_hash_hmac_sha2_256 = {
302 .type = CRYPTO_SHA2_256_HMAC,
303 .name = "HMAC-SHA2",
304 .keysize = 32,
305 .hashsize = 32,
306 .authsize = 16,
307 .blocksize = 64,
308 };
309
310 const struct auth_hash auth_hash_hmac_sha2_384 = {
311 .type = CRYPTO_SHA2_384_HMAC,
312 .name = "HMAC-SHA2-384",
313 .keysize = 48,
314 .hashsize = 48,
315 .authsize = 24,
316 .blocksize = 128,
317 };
318
319 const struct auth_hash auth_hash_hmac_sha2_512 = {
320 .type = CRYPTO_SHA2_512_HMAC,
321 .name = "HMAC-SHA2-512",
322 .keysize = 64,
323 .hashsize = 64,
324 .authsize = 32,
325 .blocksize = 128,
326 };
327
328 const struct auth_hash auth_hash_aes_xcbc_mac_96 = {
329 .type = CRYPTO_AES_XCBC_MAC_96,
330 .name = "AES-XCBC-MAC-96",
331 .keysize = 16,
332 .hashsize = 16,
333 .authsize = 12,
334 .blocksize = 0,
335 };
336
337 const struct auth_hash auth_hash_gmac_aes_128 = {
338 .type = CRYPTO_AES_128_GMAC,
339 .name = "GMAC-AES-128",
340 .keysize = 16 + 4,
341 .hashsize = 16,
342 .authsize = 16,
343 .blocksize = 16, /* ??? */
344 };
345
346 const struct auth_hash auth_hash_gmac_aes_192 = {
347 .type = CRYPTO_AES_192_GMAC,
348 .name = "GMAC-AES-192",
349 .keysize = 24 + 4,
350 .hashsize = 16,
351 .authsize = 16,
352 .blocksize = 16, /* ??? */
353 };
354
355 const struct auth_hash auth_hash_gmac_aes_256 = {
356 .type = CRYPTO_AES_256_GMAC,
357 .name = "GMAC-AES-256",
358 .keysize = 32 + 4,
359 .hashsize = 16,
360 .authsize = 16,
361 .blocksize = 16, /* ??? */
362 };
363
364 /* Compression instance */
365 const struct comp_algo comp_algo_deflate = {
366 .type = CRYPTO_DEFLATE_COMP,
367 .name = "Deflate",
368 .minlen = 90,
369 };
370
371 const struct comp_algo comp_algo_deflate_nogrow = {
372 .type = CRYPTO_DEFLATE_COMP_NOGROW,
373 .name = "Deflate",
374 .minlen = 90,
375 };
376
377 const struct comp_algo comp_algo_gzip = {
378 .type = CRYPTO_GZIP_COMP,
379 .name = "GZIP",
380 .minlen = 90,
381 };
Cache object: 7e8f520bd40176bc14059988a0b9b6e6
|