The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/opencrypto/xform_aes_icm.c

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 /*      $OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $  */
    2 /*-
    3  * The authors of this code are John Ioannidis (ji@tla.org),
    4  * Angelos D. Keromytis (kermit@csd.uch.gr),
    5  * Niels Provos (provos@physnet.uni-hamburg.de) and
    6  * Damien Miller (djm@mindrot.org).
    7  *
    8  * This code was written by John Ioannidis for BSD/OS in Athens, Greece,
    9  * in November 1995.
   10  *
   11  * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
   12  * by Angelos D. Keromytis.
   13  *
   14  * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
   15  * and Niels Provos.
   16  *
   17  * Additional features in 1999 by Angelos D. Keromytis.
   18  *
   19  * AES XTS implementation in 2008 by Damien Miller
   20  *
   21  * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
   22  * Angelos D. Keromytis and Niels Provos.
   23  *
   24  * Copyright (C) 2001, Angelos D. Keromytis.
   25  *
   26  * Copyright (C) 2008, Damien Miller
   27  * Copyright (c) 2014 The FreeBSD Foundation
   28  * All rights reserved.
   29  *
   30  * Portions of this software were developed by John-Mark Gurney
   31  * under sponsorship of the FreeBSD Foundation and
   32  * Rubicon Communications, LLC (Netgate).
   33  *
   34  * Permission to use, copy, and modify this software with or without fee
   35  * is hereby granted, provided that this entire notice is included in
   36  * all copies of any software which is or includes a copy or
   37  * modification of this software.
   38  * You may use this code under the GNU public license if you so wish. Please
   39  * contribute changes back to the authors under this freer than GPL license
   40  * so that we may further the use of strong encryption without limitations to
   41  * all.
   42  *
   43  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
   44  * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
   45  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
   46  * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
   47  * PURPOSE.
   48  */
   49 
   50 #include <sys/cdefs.h>
   51 __FBSDID("$FreeBSD: releng/11.0/sys/opencrypto/xform_aes_icm.c 303849 2016-08-08 19:43:07Z bdrewery $");
   52 
   53 #include <opencrypto/xform_enc.h>
   54 
   55 static  int aes_icm_setkey(u_int8_t **, u_int8_t *, int);
   56 static  void aes_icm_crypt(caddr_t, u_int8_t *);
   57 static  void aes_icm_zerokey(u_int8_t **);
   58 static  void aes_icm_reinit(caddr_t, u_int8_t *);
   59 static  void aes_gcm_reinit(caddr_t, u_int8_t *);
   60 
   61 /* Encryption instances */
   62 struct enc_xform enc_xform_aes_icm = {
   63         CRYPTO_AES_ICM, "AES-ICM",
   64         AES_BLOCK_LEN, AES_BLOCK_LEN, AES_MIN_KEY, AES_MAX_KEY,
   65         aes_icm_crypt,
   66         aes_icm_crypt,
   67         aes_icm_setkey,
   68         aes_icm_zerokey,
   69         aes_icm_reinit,
   70 };
   71 
   72 struct enc_xform enc_xform_aes_nist_gcm = {
   73         CRYPTO_AES_NIST_GCM_16, "AES-GCM",
   74         AES_ICM_BLOCK_LEN, AES_GCM_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
   75         aes_icm_crypt,
   76         aes_icm_crypt,
   77         aes_icm_setkey,
   78         aes_icm_zerokey,
   79         aes_gcm_reinit,
   80 };
   81 
   82 /*
   83  * Encryption wrapper routines.
   84  */
   85 static void
   86 aes_icm_reinit(caddr_t key, u_int8_t *iv)
   87 {
   88         struct aes_icm_ctx *ctx;
   89 
   90         ctx = (struct aes_icm_ctx *)key;
   91         bcopy(iv, ctx->ac_block, AESICM_BLOCKSIZE);
   92 }
   93 
   94 static void
   95 aes_gcm_reinit(caddr_t key, u_int8_t *iv)
   96 {
   97         struct aes_icm_ctx *ctx;
   98 
   99         aes_icm_reinit(key, iv);
  100 
  101         ctx = (struct aes_icm_ctx *)key;
  102         /* GCM starts with 2 as counter 1 is used for final xor of tag. */
  103         bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4);
  104         ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2;
  105 }
  106 
  107 static void
  108 aes_icm_crypt(caddr_t key, u_int8_t *data)
  109 {
  110         struct aes_icm_ctx *ctx;
  111         u_int8_t keystream[AESICM_BLOCKSIZE];
  112         int i;
  113 
  114         ctx = (struct aes_icm_ctx *)key;
  115         rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream);
  116         for (i = 0; i < AESICM_BLOCKSIZE; i++)
  117                 data[i] ^= keystream[i];
  118         explicit_bzero(keystream, sizeof(keystream));
  119 
  120         /* increment counter */
  121         for (i = AESICM_BLOCKSIZE - 1;
  122              i >= 0; i--)
  123                 if (++ctx->ac_block[i])   /* continue on overflow */
  124                         break;
  125 }
  126 
  127 static int
  128 aes_icm_setkey(u_int8_t **sched, u_int8_t *key, int len)
  129 {
  130         struct aes_icm_ctx *ctx;
  131 
  132         if (len != 16 && len != 24 && len != 32)
  133                 return EINVAL;
  134 
  135         *sched = KMALLOC(sizeof(struct aes_icm_ctx), M_CRYPTO_DATA,
  136             M_NOWAIT | M_ZERO);
  137         if (*sched == NULL)
  138                 return ENOMEM;
  139 
  140         ctx = (struct aes_icm_ctx *)*sched;
  141         ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (u_char *)key, len * 8);
  142         return 0;
  143 }
  144 
  145 static void
  146 aes_icm_zerokey(u_int8_t **sched)
  147 {
  148 
  149         bzero(*sched, sizeof(struct aes_icm_ctx));
  150         KFREE(*sched, M_CRYPTO_DATA);
  151         *sched = NULL;
  152 }

Cache object: 1939762527fc7b50048fbcdf49db8d26


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.