head 1.31; access; symbols netbsd-10-0-RELEASE:1.31 netbsd-10-0-RC6:1.31 netbsd-10-0-RC5:1.31 netbsd-10-0-RC4:1.31 netbsd-10-0-RC3:1.31 netbsd-10-0-RC2:1.31 thorpej-ifq:1.31.0.24 thorpej-ifq-base:1.31 thorpej-altq-separation:1.31.0.22 thorpej-altq-separation-base:1.31 netbsd-10-0-RC1:1.31 netbsd-10:1.31.0.20 netbsd-10-base:1.31 bouyer-sunxi-drm:1.31.0.18 bouyer-sunxi-drm-base:1.31 netbsd-9-3-RELEASE:1.29 thorpej-i2c-spi-conf2:1.31.0.16 thorpej-i2c-spi-conf2-base:1.31 thorpej-futex2:1.31.0.14 thorpej-futex2-base:1.31 thorpej-cfargs2:1.31.0.12 thorpej-cfargs2-base:1.31 cjep_sun2x-base1:1.31 cjep_sun2x:1.31.0.10 cjep_sun2x-base:1.31 cjep_staticlib_x-base1:1.31 netbsd-9-2-RELEASE:1.29 cjep_staticlib_x:1.31.0.8 cjep_staticlib_x-base:1.31 thorpej-i2c-spi-conf:1.31.0.6 thorpej-i2c-spi-conf-base:1.31 thorpej-cfargs:1.31.0.4 thorpej-cfargs-base:1.31 thorpej-futex:1.31.0.2 thorpej-futex-base:1.31 netbsd-9-1-RELEASE:1.29 bouyer-xenpvh-base2:1.29 phil-wifi-20200421:1.29 bouyer-xenpvh-base1:1.29 phil-wifi-20200411:1.29 bouyer-xenpvh:1.29.0.16 bouyer-xenpvh-base:1.29 is-mlppp:1.29.0.14 is-mlppp-base:1.29 phil-wifi-20200406:1.29 netbsd-8-2-RELEASE:1.28.48.1 ad-namecache-base3:1.29 netbsd-9-0-RELEASE:1.29 netbsd-9-0-RC2:1.29 ad-namecache-base2:1.29 ad-namecache-base1:1.29 ad-namecache:1.29.0.12 ad-namecache-base:1.29 netbsd-9-0-RC1:1.29 phil-wifi-20191119:1.29 netbsd-9:1.29.0.10 netbsd-9-base:1.29 phil-wifi-20190609:1.29 netbsd-8-1-RELEASE:1.28.48.1 netbsd-8-1-RC1:1.28.48.1 isaki-audio2:1.29.0.8 isaki-audio2-base:1.29 pgoyette-compat-merge-20190127:1.29 pgoyette-compat-20190127:1.29 pgoyette-compat-20190118:1.29 pgoyette-compat-1226:1.29 pgoyette-compat-1126:1.29 pgoyette-compat-1020:1.29 pgoyette-compat-0930:1.29 pgoyette-compat-0906:1.29 netbsd-7-2-RELEASE:1.28 pgoyette-compat-0728:1.29 netbsd-8-0-RELEASE:1.28.48.1 phil-wifi:1.29.0.6 phil-wifi-base:1.29 pgoyette-compat-0625:1.29 netbsd-8-0-RC2:1.28.48.1 pgoyette-compat-0521:1.29 pgoyette-compat-0502:1.29 pgoyette-compat-0422:1.29 netbsd-8-0-RC1:1.28.48.1 pgoyette-compat-0415:1.29 pgoyette-compat-0407:1.29 pgoyette-compat-0330:1.29 pgoyette-compat-0322:1.29 pgoyette-compat-0315:1.29 netbsd-7-1-2-RELEASE:1.28 pgoyette-compat:1.29.0.4 pgoyette-compat-base:1.29 netbsd-7-1-1-RELEASE:1.28 tls-maxphys-base-20171202:1.29 matt-nb8-mediatek:1.28.48.1.0.2 matt-nb8-mediatek-base:1.28.48.1 nick-nhusb-base-20170825:1.29 perseant-stdc-iso10646:1.29.0.2 perseant-stdc-iso10646-base:1.29 netbsd-8:1.28.0.48 netbsd-8-base:1.28 prg-localcount2-base3:1.28 prg-localcount2-base2:1.28 prg-localcount2-base1:1.28 prg-localcount2:1.28.0.46 prg-localcount2-base:1.28 pgoyette-localcount-20170426:1.28 bouyer-socketcan-base1:1.28 jdolecek-ncq:1.28.0.44 jdolecek-ncq-base:1.28 pgoyette-localcount-20170320:1.28 netbsd-7-1:1.28.0.42 netbsd-7-1-RELEASE:1.28 netbsd-7-1-RC2:1.28 nick-nhusb-base-20170204:1.28 netbsd-7-nhusb-base-20170116:1.28 bouyer-socketcan:1.28.0.40 bouyer-socketcan-base:1.28 pgoyette-localcount-20170107:1.28 netbsd-7-1-RC1:1.28 nick-nhusb-base-20161204:1.28 pgoyette-localcount-20161104:1.28 netbsd-7-0-2-RELEASE:1.28 nick-nhusb-base-20161004:1.28 localcount-20160914:1.28 netbsd-7-nhusb:1.28.0.38 netbsd-7-nhusb-base:1.28 pgoyette-localcount-20160806:1.28 pgoyette-localcount-20160726:1.28 pgoyette-localcount:1.28.0.36 pgoyette-localcount-base:1.28 nick-nhusb-base-20160907:1.28 nick-nhusb-base-20160529:1.28 netbsd-7-0-1-RELEASE:1.28 nick-nhusb-base-20160422:1.28 nick-nhusb-base-20160319:1.28 nick-nhusb-base-20151226:1.28 netbsd-7-0:1.28.0.34 netbsd-7-0-RELEASE:1.28 nick-nhusb-base-20150921:1.28 netbsd-7-0-RC3:1.28 netbsd-7-0-RC2:1.28 netbsd-7-0-RC1:1.28 nick-nhusb-base-20150606:1.28 nick-nhusb-base-20150406:1.28 nick-nhusb:1.28.0.32 nick-nhusb-base:1.28 netbsd-5-2-3-RELEASE:1.17.14.1 netbsd-5-1-5-RELEASE:1.17.14.1 netbsd-6-0-6-RELEASE:1.28 netbsd-6-1-5-RELEASE:1.28 netbsd-7:1.28.0.30 netbsd-7-base:1.28 yamt-pagecache-base9:1.28 yamt-pagecache-tag8:1.28 netbsd-6-1-4-RELEASE:1.28 netbsd-6-0-5-RELEASE:1.28 tls-earlyentropy:1.28.0.28 tls-earlyentropy-base:1.28 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.28 riastradh-drm2-base3:1.28 netbsd-6-1-3-RELEASE:1.28 netbsd-6-0-4-RELEASE:1.28 netbsd-5-2-2-RELEASE:1.17.14.1 netbsd-5-1-4-RELEASE:1.17.14.1 netbsd-6-1-2-RELEASE:1.28 netbsd-6-0-3-RELEASE:1.28 netbsd-5-2-1-RELEASE:1.17.14.1 netbsd-5-1-3-RELEASE:1.17.14.1 rmind-smpnet-nbase:1.28 netbsd-6-1-1-RELEASE:1.28 riastradh-drm2-base2:1.28 riastradh-drm2-base1:1.28 riastradh-drm2:1.28.0.26 riastradh-drm2-base:1.28 rmind-smpnet:1.28.0.18 rmind-smpnet-base:1.28 netbsd-6-1:1.28.0.24 netbsd-6-0-2-RELEASE:1.28 netbsd-6-1-RELEASE:1.28 khorben-n900:1.28.0.22 netbsd-6-1-RC4:1.28 netbsd-6-1-RC3:1.28 agc-symver:1.28.0.20 agc-symver-base:1.28 netbsd-6-1-RC2:1.28 netbsd-6-1-RC1:1.28 yamt-pagecache-base8:1.28 netbsd-5-2:1.17.14.1.0.6 netbsd-6-0-1-RELEASE:1.28 yamt-pagecache-base7:1.28 netbsd-5-2-RELEASE:1.17.14.1 netbsd-5-2-RC1:1.17.14.1 matt-nb6-plus-nbase:1.28 yamt-pagecache-base6:1.28 netbsd-6-0:1.28.0.16 netbsd-6-0-RELEASE:1.28 netbsd-6-0-RC2:1.28 tls-maxphys:1.28.0.14 tls-maxphys-base:1.28 matt-nb6-plus:1.28.0.12 matt-nb6-plus-base:1.28 netbsd-6-0-RC1:1.28 jmcneill-usbmp-base10:1.28 yamt-pagecache-base5:1.28 jmcneill-usbmp-base9:1.28 yamt-pagecache-base4:1.28 jmcneill-usbmp-base8:1.28 jmcneill-usbmp-base7:1.28 jmcneill-usbmp-base6:1.28 jmcneill-usbmp-base5:1.28 jmcneill-usbmp-base4:1.28 jmcneill-usbmp-base3:1.28 jmcneill-usbmp-pre-base2:1.28 jmcneill-usbmp-base2:1.28 netbsd-6:1.28.0.10 netbsd-6-base:1.28 netbsd-5-1-2-RELEASE:1.17.14.1 netbsd-5-1-1-RELEASE:1.17.14.1 jmcneill-usbmp:1.28.0.8 jmcneill-usbmp-base:1.28 jmcneill-audiomp3:1.28.0.6 jmcneill-audiomp3-base:1.28 yamt-pagecache-base3:1.28 yamt-pagecache-base2:1.28 yamt-pagecache:1.28.0.4 yamt-pagecache-base:1.28 rmind-uvmplock-nbase:1.28 cherry-xenmp:1.28.0.2 cherry-xenmp-base:1.28 bouyer-quota2-nbase:1.20 bouyer-quota2:1.18.0.8 bouyer-quota2-base:1.18 jruoho-x86intr:1.18.0.6 jruoho-x86intr-base:1.18 matt-mips64-premerge-20101231:1.18 matt-nb5-mips64-premerge-20101231:1.17 matt-nb5-pq3:1.17.14.1.0.4 matt-nb5-pq3-base:1.17.14.1 netbsd-5-1:1.17.14.1.0.2 netbsd-5-1-RELEASE:1.17.14.1 uebayasi-xip-base4:1.18 uebayasi-xip-base3:1.18 yamt-nfs-mp-base11:1.18 netbsd-5-1-RC4:1.17.14.1 matt-nb5-mips64-k15:1.17 uebayasi-xip-base2:1.18 yamt-nfs-mp-base10:1.18 netbsd-5-1-RC3:1.17.14.1 netbsd-5-1-RC2:1.17.14.1 uebayasi-xip-base1:1.18 netbsd-5-1-RC1:1.17.14.1 rmind-uvmplock:1.18.0.4 rmind-uvmplock-base:1.28 yamt-nfs-mp-base9:1.18 uebayasi-xip:1.18.0.2 uebayasi-xip-base:1.18 netbsd-5-0-2-RELEASE:1.17 matt-nb5-mips64-premerge-20091211:1.17 matt-premerge-20091211:1.18 yamt-nfs-mp-base8:1.18 matt-nb5-mips64-u2-k2-k4-k7-k8-k9:1.17 matt-nb4-mips64-k7-u2a-k9b:1.17 matt-nb5-mips64-u1-k1-k5:1.17 yamt-nfs-mp-base7:1.18 matt-nb5-mips64:1.17.0.22 netbsd-5-0-1-RELEASE:1.17 jymxensuspend-base:1.18 yamt-nfs-mp-base6:1.18 yamt-nfs-mp-base5:1.18 yamt-nfs-mp-base4:1.18 jym-xensuspend-nbase:1.18 yamt-nfs-mp-base3:1.18 nick-hppapmap-base4:1.18 nick-hppapmap-base3:1.18 netbsd-5-0:1.17.0.20 netbsd-5-0-RELEASE:1.17 netbsd-5-0-RC4:1.17 netbsd-5-0-RC3:1.17 nick-hppapmap-base2:1.17 netbsd-5-0-RC2:1.17 jym-xensuspend:1.17.0.18 jym-xensuspend-base:1.18 netbsd-5-0-RC1:1.17 haad-dm-base2:1.17 haad-nbase2:1.17 ad-audiomp2:1.17.0.16 ad-audiomp2-base:1.17 netbsd-5:1.17.0.14 netbsd-5-base:1.17 nick-hppapmap:1.17.0.12 nick-hppapmap-base:1.18 matt-mips64-base2:1.17 matt-mips64:1.15.0.66 haad-dm-base1:1.17 wrstuden-revivesa-base-4:1.17 netbsd-4-0-1-RELEASE:1.15 wrstuden-revivesa-base-3:1.17 wrstuden-revivesa-base-2:1.17 wrstuden-fixsa-newbase:1.15 nick-csl-alignment-base5:1.15 haad-dm:1.17.0.10 haad-dm-base:1.17 wrstuden-revivesa-base-1:1.17 simonb-wapbl-nbase:1.17 yamt-pf42-base4:1.17 simonb-wapbl:1.17.0.8 simonb-wapbl-base:1.17 yamt-pf42-base3:1.17 hpcarm-cleanup-nbase:1.17 yamt-pf42-baseX:1.17 yamt-pf42-base2:1.17 yamt-nfs-mp-base2:1.17 wrstuden-revivesa:1.17.0.6 wrstuden-revivesa-base:1.17 yamt-nfs-mp:1.17.0.4 yamt-nfs-mp-base:1.17 yamt-pf42:1.17.0.2 yamt-pf42-base:1.17 ad-socklock-base1:1.17 yamt-lazymbuf-base15:1.17 yamt-lazymbuf-base14:1.17 keiichi-mipv6-nbase:1.17 mjf-devfs2:1.16.0.6 mjf-devfs2-base:1.17 nick-net80211-sync:1.16.0.4 nick-net80211-sync-base:1.16 keiichi-mipv6:1.16.0.2 keiichi-mipv6-base:1.17 bouyer-xeni386-merge1:1.15 matt-armv6-prevmlocking:1.15 wrstuden-fixsa-base-1:1.15 vmlocking2-base3:1.15 netbsd-4-0:1.15.0.64 netbsd-4-0-RELEASE:1.15 bouyer-xeni386-nbase:1.15 yamt-kmem-base3:1.15 cube-autoconf:1.15.0.62 cube-autoconf-base:1.15 yamt-kmem-base2:1.15 bouyer-xeni386:1.15.0.60 bouyer-xeni386-base:1.15 yamt-kmem:1.15.0.58 yamt-kmem-base:1.15 vmlocking2-base2:1.15 reinoud-bufcleanup-nbase:1.15 vmlocking2:1.15.0.56 vmlocking2-base1:1.15 netbsd-4-0-RC5:1.15 matt-nb4-arm:1.15.0.54 matt-nb4-arm-base:1.15 matt-armv6-nbase:1.17 jmcneill-base:1.15 netbsd-4-0-RC4:1.15 mjf-devfs:1.15.0.52 mjf-devfs-base:1.16 bouyer-xenamd64-base2:1.15 vmlocking-nbase:1.15 yamt-x86pmap-base4:1.15 bouyer-xenamd64:1.15.0.50 bouyer-xenamd64-base:1.15 netbsd-4-0-RC3:1.15 yamt-x86pmap-base3:1.15 yamt-x86pmap-base2:1.15 netbsd-4-0-RC2:1.15 yamt-x86pmap:1.15.0.48 yamt-x86pmap-base:1.15 netbsd-4-0-RC1:1.15 matt-armv6:1.15.0.46 matt-armv6-base:1.15 matt-mips64-base:1.15 jmcneill-pm:1.15.0.44 jmcneill-pm-base:1.15 hpcarm-cleanup:1.15.0.42 hpcarm-cleanup-base:1.16 nick-csl-alignment:1.15.0.40 nick-csl-alignment-base:1.15 netbsd-3-1-1-RELEASE:1.13 netbsd-3-0-3-RELEASE:1.13 yamt-idlelwp-base8:1.15 wrstuden-fixsa:1.15.0.38 wrstuden-fixsa-base:1.15 thorpej-atomic:1.15.0.36 thorpej-atomic-base:1.15 reinoud-bufcleanup:1.15.0.34 reinoud-bufcleanup-base:1.15 mjf-ufs-trans:1.15.0.32 mjf-ufs-trans-base:1.15 vmlocking:1.15.0.30 vmlocking-base:1.15 ad-audiomp:1.15.0.28 ad-audiomp-base:1.15 yamt-idlelwp:1.15.0.26 post-newlock2-merge:1.15 newlock2-nbase:1.15 yamt-splraiseipl-base5:1.15 yamt-splraiseipl-base4:1.15 yamt-splraiseipl-base3:1.15 abandoned-netbsd-4-base:1.15 abandoned-netbsd-4:1.15.0.18 netbsd-3-1:1.13.0.22 netbsd-3-1-RELEASE:1.13 netbsd-3-0-2-RELEASE:1.13 yamt-splraiseipl-base2:1.15 netbsd-3-1-RC4:1.13 yamt-splraiseipl:1.15.0.22 yamt-splraiseipl-base:1.15 netbsd-3-1-RC3:1.13 yamt-pdpolicy-base9:1.15 newlock2:1.15.0.20 newlock2-base:1.15 yamt-pdpolicy-base8:1.15 netbsd-3-1-RC2:1.13 netbsd-3-1-RC1:1.13 yamt-pdpolicy-base7:1.15 netbsd-4:1.15.0.24 netbsd-4-base:1.15 yamt-pdpolicy-base6:1.15 chap-midi-nbase:1.15 netbsd-3-0-1-RELEASE:1.13 gdamore-uart:1.15.0.16 gdamore-uart-base:1.15 simonb-timcounters-final:1.15 yamt-pdpolicy-base5:1.15 chap-midi:1.15.0.14 chap-midi-base:1.15 yamt-pdpolicy-base4:1.15 yamt-pdpolicy-base3:1.15 peter-altq-base:1.15 peter-altq:1.15.0.12 yamt-pdpolicy-base2:1.15 elad-kernelauth-base:1.15 elad-kernelauth:1.15.0.10 yamt-pdpolicy:1.15.0.8 yamt-pdpolicy-base:1.15 yamt-uio_vmspace-base5:1.15 simonb-timecounters:1.15.0.6 simonb-timecounters-base:1.15 rpaulo-netinet-merge-pcb:1.15.0.4 rpaulo-netinet-merge-pcb-base:1.15 yamt-uio_vmspace:1.15.0.2 netbsd-3-0:1.13.0.20 netbsd-3-0-RELEASE:1.13 netbsd-3-0-RC6:1.13 yamt-readahead-base3:1.15 netbsd-3-0-RC5:1.13 netbsd-3-0-RC4:1.13 netbsd-3-0-RC3:1.13 yamt-readahead-base2:1.14 netbsd-3-0-RC2:1.13 yamt-readahead-pervnode:1.14 yamt-readahead-perfile:1.14 yamt-readahead:1.14.0.8 yamt-readahead-base:1.14 netbsd-3-0-RC1:1.13 yamt-vop-base3:1.14 netbsd-2-0-3-RELEASE:1.13 netbsd-2-1:1.13.0.18 yamt-vop-base2:1.14 thorpej-vnode-attr:1.14.0.6 thorpej-vnode-attr-base:1.14 netbsd-2-1-RELEASE:1.13 yamt-vop:1.14.0.4 yamt-vop-base:1.14 netbsd-2-1-RC6:1.13 netbsd-2-1-RC5:1.13 netbsd-2-1-RC4:1.13 netbsd-2-1-RC3:1.13 netbsd-2-1-RC2:1.13 netbsd-2-1-RC1:1.13 yamt-lazymbuf:1.14.0.2 yamt-km-base4:1.13 netbsd-2-0-2-RELEASE:1.13 yamt-km-base3:1.13 netbsd-3:1.13.0.16 netbsd-3-base:1.13 yamt-km-base2:1.13 yamt-km:1.13.0.12 yamt-km-base:1.13 kent-audio2:1.13.0.10 kent-audio2-base:1.13 netbsd-2-0-1-RELEASE:1.13 kent-audio1-beforemerge:1.13 netbsd-2:1.13.0.8 netbsd-2-base:1.13 kent-audio1:1.13.0.6 kent-audio1-base:1.13 netbsd-2-0-RELEASE:1.13 netbsd-2-0-RC5:1.13 netbsd-2-0-RC4:1.13 netbsd-2-0-RC3:1.13 netbsd-2-0-RC2:1.13 netbsd-2-0-RC1:1.13 ktrace-lwp-base:1.15 ktrace-lwp:1.13.0.4 netbsd-2-0:1.13.0.2 netbsd-2-0-base:1.13; locks; strict; comment @ * @; 1.31 date 2020.06.30.04.14.56; author riastradh; state Exp; branches; next 1.30; commitid ENhEK0ocgyYlAceC; 1.30 date 2020.06.29.23.34.48; author riastradh; state Exp; branches; next 1.29; commitid z3PzBArY7jlh2beC; 1.29 date 2017.07.06.08.27.07; author ozaki-r; state Exp; branches; next 1.28; commitid ARHdyHzpiwsb19Yz; 1.28 date 2011.05.26.21.50.03; author drochner; state Exp; branches 1.28.14.1 1.28.32.1 1.28.48.1; next 1.27; 1.27 date 2011.05.24.19.10.11; author drochner; state Exp; branches; next 1.26; 1.26 date 2011.05.24.18.59.23; author drochner; state Exp; branches; next 1.25; 1.25 date 2011.05.23.13.51.10; author drochner; state Exp; branches; next 1.24; 1.24 date 2011.05.23.13.46.54; author drochner; state Exp; branches; next 1.23; 1.23 date 2011.05.21.13.23.36; author drochner; state Exp; branches; next 1.22; 1.22 date 2011.05.05.17.42.17; author drochner; state Exp; branches; next 1.21; 1.21 date 2011.03.09.11.43.36; author drochner; state Exp; branches; next 1.20; 1.20 date 2011.02.25.20.13.10; author drochner; state Exp; branches; next 1.19; 1.19 date 2011.02.24.20.03.41; author drochner; state Exp; branches; next 1.18; 1.18 date 2009.03.25.01.26.13; author darran; state Exp; branches 1.18.4.1 1.18.6.1 1.18.8.1; next 1.17; 1.17 date 2008.02.28.09.29.10; author tls; state Exp; branches 1.17.4.1 1.17.12.1 1.17.14.1 1.17.18.1 1.17.22.1; next 1.16; 1.16 date 2008.02.02.02.39.01; author tls; state Exp; branches 1.16.2.1 1.16.6.1; next 1.15; 1.15 date 2005.11.25.16.16.46; author thorpej; state Exp; branches 1.15.46.1 1.15.52.1; next 1.14; 1.14 date 2005.05.29.21.23.17; author christos; state Exp; branches 1.14.2.1 1.14.8.1; next 1.13; 1.13 date 2003.11.18.23.01.39; author jonathan; state Exp; branches 1.13.4.1; next 1.12; 1.12 date 2003.11.16.12.07.50; author tls; state Exp; branches; next 1.11; 1.11 date 2003.08.27.14.55.36; author thorpej; state Exp; branches; next 1.10; 1.10 date 2003.08.27.14.23.28; author itojun; state Exp; branches; next 1.9; 1.9 date 2003.08.27.00.20.56; author thorpej; state Exp; branches; next 1.8; 1.8 date 2003.08.27.00.05.28; author thorpej; state Exp; branches; next 1.7; 1.7 date 2003.08.26.16.37.38; author thorpej; state Exp; branches; next 1.6; 1.6 date 2003.08.26.14.24.35; author thorpej; state Exp; branches; next 1.5; 1.5 date 2003.08.26.14.24.06; author thorpej; state Exp; branches; next 1.4; 1.4 date 2003.08.25.04.09.57; author thorpej; state Exp; branches; next 1.3; 1.3 date 2003.08.01.01.47.45; author itojun; state Exp; branches; next 1.2; 1.2 date 2003.07.28.19.37.04; author jonathan; state Exp; branches; next 1.1; 1.1 date 2003.07.25.21.12.49; author jonathan; state Exp; branches; next ; 1.28.14.1 date 2017.12.03.11.39.06; author jdolecek; state Exp; branches; next ; commitid XcIYRZTAh1LmerhA; 1.28.32.1 date 2017.08.28.17.53.14; author skrll; state Exp; branches; next ; commitid UQQpnjvcNkUZn05A; 1.28.48.1 date 2017.08.05.03.59.21; author snj; state Exp; branches; next ; commitid kbwAEHizE9beyY1A; 1.18.4.1 date 2011.03.05.20.56.05; author rmind; state Exp; branches; next 1.18.4.2; 1.18.4.2 date 2011.04.21.01.42.16; author rmind; state Exp; branches; next 1.18.4.3; 1.18.4.3 date 2011.05.31.03.05.10; author rmind; state Exp; branches; next ; 1.18.6.1 date 2011.06.06.09.10.04; author jruoho; state Exp; branches; next ; 1.18.8.1 date 2011.03.05.15.10.48; author bouyer; state Exp; branches; next ; 1.17.4.1 date 2009.05.04.08.14.24; author yamt; state Exp; branches; next ; 1.17.12.1 date 2009.04.28.07.37.50; author skrll; state Exp; branches; next ; 1.17.14.1 date 2009.05.03.17.24.45; author snj; state Exp; branches; next ; 1.17.18.1 date 2009.05.13.17.22.56; author jym; state Exp; branches; next ; 1.17.22.1 date 2011.05.20.08.11.33; author matt; state Exp; branches; next ; 1.16.2.1 date 2008.03.24.07.16.27; author keiichi; state Exp; branches; next ; 1.16.6.1 date 2008.04.03.12.43.10; author mjf; state Exp; branches; next ; 1.15.46.1 date 2008.03.23.02.05.09; author matt; state Exp; branches; next ; 1.15.52.1 date 2008.02.18.21.07.18; author mjf; state Exp; branches; next ; 1.14.2.1 date 2006.06.21.15.12.02; author yamt; state Exp; branches; next 1.14.2.2; 1.14.2.2 date 2008.02.04.09.24.48; author yamt; state Exp; branches; next 1.14.2.3; 1.14.2.3 date 2008.03.17.09.15.46; author yamt; state Exp; branches; next ; 1.14.8.1 date 2005.11.29.21.23.33; author yamt; state Exp; branches; next ; 1.13.4.1 date 2003.11.18.23.01.39; author skrll; state dead; branches; next 1.13.4.2; 1.13.4.2 date 2004.08.03.10.56.25; author skrll; state Exp; branches; next 1.13.4.3; 1.13.4.3 date 2004.09.18.14.56.20; author skrll; state Exp; branches; next 1.13.4.4; 1.13.4.4 date 2004.09.21.13.38.44; author skrll; state Exp; branches; next 1.13.4.5; 1.13.4.5 date 2005.11.10.14.12.12; author skrll; state Exp; branches; next 1.13.4.6; 1.13.4.6 date 2005.12.11.10.29.36; author christos; state Exp; branches; next ; desc @@ 1.31 log @Rename enc_xform_rijndael128 -> enc_xform_aes. Update netipsec dependency. @ text @/* $NetBSD: xform.c,v 1.30 2020/06/29 23:34:48 riastradh Exp $ */ /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */ /* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */ /* * The authors of this code are John Ioannidis (ji@@tla.org), * Angelos D. Keromytis (kermit@@csd.uch.gr) and * Niels Provos (provos@@physnet.uni-hamburg.de). * * This code was written by John Ioannidis for BSD/OS in Athens, Greece, * in November 1995. * * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, * by Angelos D. Keromytis. * * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis * and Niels Provos. * * Additional features in 1999 by Angelos D. Keromytis. * * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, * Angelos D. Keromytis and Niels Provos. * * Copyright (C) 2001, Angelos D. Keromytis. * * Permission to use, copy, and modify this software with or without fee * is hereby granted, provided that this entire notice is included in * all copies of any software which is or includes a copy or * modification of this software. * You may use this code under the GNU public license if you so wish. Please * contribute changes back to the authors under this freer than GPL license * so that we may further the use of strong encryption without limitations to * all. * * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR * PURPOSE. */ #include __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.30 2020/06/29 23:34:48 riastradh Exp $"); #include #include #include #include MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); const u_int8_t hmac_ipad_buffer[128] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 }; const u_int8_t hmac_opad_buffer[128] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C }; /* Encryption instances */ const struct enc_xform enc_xform_null = { .type = CRYPTO_NULL_CBC, .name = "NULL", /* NB: blocksize of 4 is to generate a properly aligned ESP header */ .blocksize = 4, .ivsize = 0, .minkey = 0, .maxkey = 256, /* 2048 bits, max key */ }; const struct enc_xform enc_xform_des = { .type = CRYPTO_DES_CBC, .name = "DES", .blocksize = 8, .ivsize = 8, .minkey = 8, .maxkey = 8, }; const struct enc_xform enc_xform_3des = { .type = CRYPTO_3DES_CBC, .name = "3DES", .blocksize = 8, .ivsize = 8, .minkey = 24, .maxkey = 24, }; const struct enc_xform enc_xform_blf = { .type = CRYPTO_BLF_CBC, .name = "Blowfish", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 56, /* 448 bits, max key */ }; const struct enc_xform enc_xform_cast5 = { .type = CRYPTO_CAST_CBC, .name = "CAST-128", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 16, }; const struct enc_xform enc_xform_skipjack = { .type = CRYPTO_SKIPJACK_CBC, .name = "Skipjack", .blocksize = 8, .ivsize = 8, .minkey = 10, .maxkey = 10, }; const struct enc_xform enc_xform_aes = { .type = CRYPTO_AES_CBC, .name = "AES", .blocksize = 16, .ivsize = 16, .minkey = 16, .maxkey = 32, }; const struct enc_xform enc_xform_arc4 = { .type = CRYPTO_ARC4, .name = "ARC4", .blocksize = 1, .ivsize = 0, .minkey = 1, .maxkey = 32, }; const struct enc_xform enc_xform_camellia = { .type = CRYPTO_CAMELLIA_CBC, .name = "Camellia", .blocksize = 16, .ivsize = 16, .minkey = 8, .maxkey = 32, }; const struct enc_xform enc_xform_aes_ctr = { .type = CRYPTO_AES_CTR, .name = "AES-CTR", .blocksize = 16, .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, }; const struct enc_xform enc_xform_aes_gcm = { .type = CRYPTO_AES_GCM_16, .name = "AES-GCM", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, }; const struct enc_xform enc_xform_aes_gmac = { .type = CRYPTO_AES_GMAC, .name = "AES-GMAC", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, }; /* Authentication instances */ const struct auth_hash auth_hash_null = { .type = CRYPTO_NULL_HMAC, .name = "NULL-HMAC", .keysize = 0, .hashsize = 0, .authsize = 12, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_md5 = { .type = CRYPTO_MD5_HMAC, .name = "HMAC-MD5", .keysize = 16, .hashsize = 16, .authsize = 16, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_sha1 = { .type = CRYPTO_SHA1_HMAC, .name = "HMAC-SHA1", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_ripemd_160 = { .type = CRYPTO_RIPEMD160_HMAC, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_md5_96 = { .type = CRYPTO_MD5_HMAC_96, .name = "HMAC-MD5-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_sha1_96 = { .type = CRYPTO_SHA1_HMAC_96, .name = "HMAC-SHA1-96", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_ripemd_160_96 = { .type = CRYPTO_RIPEMD160_HMAC_96, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, }; const struct auth_hash auth_hash_key_md5 = { .type = CRYPTO_MD5_KPDK, .name = "Keyed MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, }; const struct auth_hash auth_hash_key_sha1 = { .type = CRYPTO_SHA1_KPDK, .name = "Keyed SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, }; const struct auth_hash auth_hash_md5 = { .type = CRYPTO_MD5, .name = "MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, }; const struct auth_hash auth_hash_sha1 = { .type = CRYPTO_SHA1, .name = "SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, }; const struct auth_hash auth_hash_hmac_sha2_256 = { .type = CRYPTO_SHA2_256_HMAC, .name = "HMAC-SHA2", .keysize = 32, .hashsize = 32, .authsize = 16, .blocksize = 64, }; const struct auth_hash auth_hash_hmac_sha2_384 = { .type = CRYPTO_SHA2_384_HMAC, .name = "HMAC-SHA2-384", .keysize = 48, .hashsize = 48, .authsize = 24, .blocksize = 128, }; const struct auth_hash auth_hash_hmac_sha2_512 = { .type = CRYPTO_SHA2_512_HMAC, .name = "HMAC-SHA2-512", .keysize = 64, .hashsize = 64, .authsize = 32, .blocksize = 128, }; const struct auth_hash auth_hash_aes_xcbc_mac_96 = { .type = CRYPTO_AES_XCBC_MAC_96, .name = "AES-XCBC-MAC-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 0, }; const struct auth_hash auth_hash_gmac_aes_128 = { .type = CRYPTO_AES_128_GMAC, .name = "GMAC-AES-128", .keysize = 16 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ }; const struct auth_hash auth_hash_gmac_aes_192 = { .type = CRYPTO_AES_192_GMAC, .name = "GMAC-AES-192", .keysize = 24 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ }; const struct auth_hash auth_hash_gmac_aes_256 = { .type = CRYPTO_AES_256_GMAC, .name = "GMAC-AES-256", .keysize = 32 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ }; /* Compression instance */ const struct comp_algo comp_algo_deflate = { .type = CRYPTO_DEFLATE_COMP, .name = "Deflate", .minlen = 90, }; const struct comp_algo comp_algo_deflate_nogrow = { .type = CRYPTO_DEFLATE_COMP_NOGROW, .name = "Deflate", .minlen = 90, }; const struct comp_algo comp_algo_gzip = { .type = CRYPTO_GZIP_COMP, .name = "GZIP", .minlen = 90, }; @ 1.30 log @opencrypto: Switch from legacy rijndael API to new aes API. While here, apply various rijndael->aes renames, reduce the size of aesxcbc_ctx by 480 bytes, and convert some malloc->kmem. Leave in the symbol enc_xform_rijndael128 for now, though, so this doesn't break any kernel ABI. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.29 2017/07/06 08:27:07 ozaki-r Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.29 2017/07/06 08:27:07 ozaki-r Exp $"); d147 1 a147 1 const struct enc_xform enc_xform_rijndael128 = { @ 1.29 log @Apply C99-style struct initialization to enc_xform, auth_hash and comp_algo @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $"); d148 2 a149 2 .type = CRYPTO_RIJNDAEL128_CBC, .name = "Rijndael-128/AES", @ 1.28 log @pull in AES-GCM/GMAC support from OpenBSD This is still somewhat experimental. Tested between 2 similar boxes so far. There is much potential for performance improvement. For now, I've changed the gmac code to accept any data alignment, as the "char *" pointer suggests. As the code is practically used, 32-bit alignment can be assumed, at the cost of data copies. I don't know whether bytewise access or copies are worse performance-wise. For efficient implementations using SSE2 instructions on x86, even stricter alignment requirements might arise. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.27 2011/05/24 19:10:11 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.27 2011/05/24 19:10:11 drochner Exp $"); d93 2 a94 1 CRYPTO_NULL_CBC, "NULL", d96 4 a99 1 4, 0, 0, 256 /* 2048 bits, max key */ d103 6 a108 2 CRYPTO_DES_CBC, "DES", 8, 8, 8, 8 d112 6 a117 2 CRYPTO_3DES_CBC, "3DES", 8, 8, 24, 24 d121 6 a126 2 CRYPTO_BLF_CBC, "Blowfish", 8, 8, 5, 56 /* 448 bits, max key */ d130 6 a135 2 CRYPTO_CAST_CBC, "CAST-128", 8, 8, 5, 16 d139 6 a144 2 CRYPTO_SKIPJACK_CBC, "Skipjack", 8, 8, 10, 10 d148 6 a153 2 CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES", 16, 16, 16, 32 d157 6 a162 2 CRYPTO_ARC4, "ARC4", 1, 0, 1, 32 d166 6 a171 2 CRYPTO_CAMELLIA_CBC, "Camellia", 16, 16, 8, 32 d175 6 a180 2 CRYPTO_AES_CTR, "AES-CTR", 16, 8, 16+4, 32+4 d184 6 a189 2 CRYPTO_AES_GCM_16, "AES-GCM", 4 /* ??? */, 8, 16+4, 32+4 d193 6 a198 2 CRYPTO_AES_GMAC, "AES-GMAC", 4 /* ??? */, 8, 16+4, 32+4 d203 6 a208 2 CRYPTO_NULL_HMAC, "NULL-HMAC", 0, 0, 12, 64 d212 6 a217 2 CRYPTO_MD5_HMAC, "HMAC-MD5", 16, 16, 16, 64 d221 6 a226 2 CRYPTO_SHA1_HMAC, "HMAC-SHA1", 20, 20, 20, 64 d230 6 a235 2 CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 20, 20, 20, 64 d239 6 a244 2 CRYPTO_MD5_HMAC_96, "HMAC-MD5-96", 16, 16, 12, 64 d248 6 a253 2 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96", 20, 20, 12, 64 d257 6 a262 2 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160", 20, 20, 12, 64 d266 6 a271 2 CRYPTO_MD5_KPDK, "Keyed MD5", 0, 16, 16, 0 d275 6 a280 2 CRYPTO_SHA1_KPDK, "Keyed SHA1", 0, 20, 20, 0 d284 6 a289 2 CRYPTO_MD5, "MD5", 0, 16, 16, 0 d293 6 a298 2 CRYPTO_SHA1, "SHA1", 0, 20, 20, 0 d302 6 a307 2 CRYPTO_SHA2_256_HMAC, "HMAC-SHA2", 32, 32, 16, 64 d311 6 a316 2 CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384", 48, 48, 24, 128 d320 6 a325 2 CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512", 64, 64, 32, 128 d329 6 a334 2 CRYPTO_AES_XCBC_MAC_96, "AES-XCBC-MAC-96", 16, 16, 12, 0 d338 6 a343 2 CRYPTO_AES_128_GMAC, "GMAC-AES-128", 16+4, 16, 16, 16 /* ??? */ d347 6 a352 2 CRYPTO_AES_192_GMAC, "GMAC-AES-192", 24+4, 16, 16, 16 /* ??? */ d356 6 a361 2 CRYPTO_AES_256_GMAC, "GMAC-AES-256", 32+4, 16, 16, 16 /* ??? */ d366 3 a368 2 CRYPTO_DEFLATE_COMP, "Deflate", 90 d372 3 a374 2 CRYPTO_DEFLATE_COMP_NOGROW, "Deflate", 90 d378 3 a380 2 CRYPTO_GZIP_COMP, "GZIP", 90 @ 1.28.14.1 log @update from HEAD @ text @d1 1 a1 1 /* $NetBSD$ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD$"); d93 1 a93 2 .type = CRYPTO_NULL_CBC, .name = "NULL", d95 1 a95 4 .blocksize = 4, .ivsize = 0, .minkey = 0, .maxkey = 256, /* 2048 bits, max key */ d99 2 a100 6 .type = CRYPTO_DES_CBC, .name = "DES", .blocksize = 8, .ivsize = 8, .minkey = 8, .maxkey = 8, d104 2 a105 6 .type = CRYPTO_3DES_CBC, .name = "3DES", .blocksize = 8, .ivsize = 8, .minkey = 24, .maxkey = 24, d109 2 a110 6 .type = CRYPTO_BLF_CBC, .name = "Blowfish", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 56, /* 448 bits, max key */ d114 2 a115 6 .type = CRYPTO_CAST_CBC, .name = "CAST-128", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 16, d119 2 a120 6 .type = CRYPTO_SKIPJACK_CBC, .name = "Skipjack", .blocksize = 8, .ivsize = 8, .minkey = 10, .maxkey = 10, d124 2 a125 6 .type = CRYPTO_RIJNDAEL128_CBC, .name = "Rijndael-128/AES", .blocksize = 16, .ivsize = 16, .minkey = 16, .maxkey = 32, d129 2 a130 6 .type = CRYPTO_ARC4, .name = "ARC4", .blocksize = 1, .ivsize = 0, .minkey = 1, .maxkey = 32, d134 2 a135 6 .type = CRYPTO_CAMELLIA_CBC, .name = "Camellia", .blocksize = 16, .ivsize = 16, .minkey = 8, .maxkey = 32, d139 2 a140 6 .type = CRYPTO_AES_CTR, .name = "AES-CTR", .blocksize = 16, .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d144 2 a145 6 .type = CRYPTO_AES_GCM_16, .name = "AES-GCM", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d149 2 a150 6 .type = CRYPTO_AES_GMAC, .name = "AES-GMAC", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d155 2 a156 6 .type = CRYPTO_NULL_HMAC, .name = "NULL-HMAC", .keysize = 0, .hashsize = 0, .authsize = 12, .blocksize = 64, d160 2 a161 6 .type = CRYPTO_MD5_HMAC, .name = "HMAC-MD5", .keysize = 16, .hashsize = 16, .authsize = 16, .blocksize = 64, d165 2 a166 6 .type = CRYPTO_SHA1_HMAC, .name = "HMAC-SHA1", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, d170 2 a171 6 .type = CRYPTO_RIPEMD160_HMAC, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, d175 2 a176 6 .type = CRYPTO_MD5_HMAC_96, .name = "HMAC-MD5-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 64, d180 2 a181 6 .type = CRYPTO_SHA1_HMAC_96, .name = "HMAC-SHA1-96", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, d185 2 a186 6 .type = CRYPTO_RIPEMD160_HMAC_96, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, d190 2 a191 6 .type = CRYPTO_MD5_KPDK, .name = "Keyed MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, d195 2 a196 6 .type = CRYPTO_SHA1_KPDK, .name = "Keyed SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, d200 2 a201 6 .type = CRYPTO_MD5, .name = "MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, d205 2 a206 6 .type = CRYPTO_SHA1, .name = "SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, d210 2 a211 6 .type = CRYPTO_SHA2_256_HMAC, .name = "HMAC-SHA2", .keysize = 32, .hashsize = 32, .authsize = 16, .blocksize = 64, d215 2 a216 6 .type = CRYPTO_SHA2_384_HMAC, .name = "HMAC-SHA2-384", .keysize = 48, .hashsize = 48, .authsize = 24, .blocksize = 128, d220 2 a221 6 .type = CRYPTO_SHA2_512_HMAC, .name = "HMAC-SHA2-512", .keysize = 64, .hashsize = 64, .authsize = 32, .blocksize = 128, d225 2 a226 6 .type = CRYPTO_AES_XCBC_MAC_96, .name = "AES-XCBC-MAC-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 0, d230 2 a231 6 .type = CRYPTO_AES_128_GMAC, .name = "GMAC-AES-128", .keysize = 16 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d235 2 a236 6 .type = CRYPTO_AES_192_GMAC, .name = "GMAC-AES-192", .keysize = 24 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d240 2 a241 6 .type = CRYPTO_AES_256_GMAC, .name = "GMAC-AES-256", .keysize = 32 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d246 2 a247 3 .type = CRYPTO_DEFLATE_COMP, .name = "Deflate", .minlen = 90, d251 2 a252 3 .type = CRYPTO_DEFLATE_COMP_NOGROW, .name = "Deflate", .minlen = 90, d256 2 a257 3 .type = CRYPTO_GZIP_COMP, .name = "GZIP", .minlen = 90, @ 1.28.32.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.29 2017/07/06 08:27:07 ozaki-r Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.29 2017/07/06 08:27:07 ozaki-r Exp $"); d93 1 a93 2 .type = CRYPTO_NULL_CBC, .name = "NULL", d95 1 a95 4 .blocksize = 4, .ivsize = 0, .minkey = 0, .maxkey = 256, /* 2048 bits, max key */ d99 2 a100 6 .type = CRYPTO_DES_CBC, .name = "DES", .blocksize = 8, .ivsize = 8, .minkey = 8, .maxkey = 8, d104 2 a105 6 .type = CRYPTO_3DES_CBC, .name = "3DES", .blocksize = 8, .ivsize = 8, .minkey = 24, .maxkey = 24, d109 2 a110 6 .type = CRYPTO_BLF_CBC, .name = "Blowfish", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 56, /* 448 bits, max key */ d114 2 a115 6 .type = CRYPTO_CAST_CBC, .name = "CAST-128", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 16, d119 2 a120 6 .type = CRYPTO_SKIPJACK_CBC, .name = "Skipjack", .blocksize = 8, .ivsize = 8, .minkey = 10, .maxkey = 10, d124 2 a125 6 .type = CRYPTO_RIJNDAEL128_CBC, .name = "Rijndael-128/AES", .blocksize = 16, .ivsize = 16, .minkey = 16, .maxkey = 32, d129 2 a130 6 .type = CRYPTO_ARC4, .name = "ARC4", .blocksize = 1, .ivsize = 0, .minkey = 1, .maxkey = 32, d134 2 a135 6 .type = CRYPTO_CAMELLIA_CBC, .name = "Camellia", .blocksize = 16, .ivsize = 16, .minkey = 8, .maxkey = 32, d139 2 a140 6 .type = CRYPTO_AES_CTR, .name = "AES-CTR", .blocksize = 16, .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d144 2 a145 6 .type = CRYPTO_AES_GCM_16, .name = "AES-GCM", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d149 2 a150 6 .type = CRYPTO_AES_GMAC, .name = "AES-GMAC", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d155 2 a156 6 .type = CRYPTO_NULL_HMAC, .name = "NULL-HMAC", .keysize = 0, .hashsize = 0, .authsize = 12, .blocksize = 64, d160 2 a161 6 .type = CRYPTO_MD5_HMAC, .name = "HMAC-MD5", .keysize = 16, .hashsize = 16, .authsize = 16, .blocksize = 64, d165 2 a166 6 .type = CRYPTO_SHA1_HMAC, .name = "HMAC-SHA1", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, d170 2 a171 6 .type = CRYPTO_RIPEMD160_HMAC, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, d175 2 a176 6 .type = CRYPTO_MD5_HMAC_96, .name = "HMAC-MD5-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 64, d180 2 a181 6 .type = CRYPTO_SHA1_HMAC_96, .name = "HMAC-SHA1-96", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, d185 2 a186 6 .type = CRYPTO_RIPEMD160_HMAC_96, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, d190 2 a191 6 .type = CRYPTO_MD5_KPDK, .name = "Keyed MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, d195 2 a196 6 .type = CRYPTO_SHA1_KPDK, .name = "Keyed SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, d200 2 a201 6 .type = CRYPTO_MD5, .name = "MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, d205 2 a206 6 .type = CRYPTO_SHA1, .name = "SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, d210 2 a211 6 .type = CRYPTO_SHA2_256_HMAC, .name = "HMAC-SHA2", .keysize = 32, .hashsize = 32, .authsize = 16, .blocksize = 64, d215 2 a216 6 .type = CRYPTO_SHA2_384_HMAC, .name = "HMAC-SHA2-384", .keysize = 48, .hashsize = 48, .authsize = 24, .blocksize = 128, d220 2 a221 6 .type = CRYPTO_SHA2_512_HMAC, .name = "HMAC-SHA2-512", .keysize = 64, .hashsize = 64, .authsize = 32, .blocksize = 128, d225 2 a226 6 .type = CRYPTO_AES_XCBC_MAC_96, .name = "AES-XCBC-MAC-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 0, d230 2 a231 6 .type = CRYPTO_AES_128_GMAC, .name = "GMAC-AES-128", .keysize = 16 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d235 2 a236 6 .type = CRYPTO_AES_192_GMAC, .name = "GMAC-AES-192", .keysize = 24 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d240 2 a241 6 .type = CRYPTO_AES_256_GMAC, .name = "GMAC-AES-256", .keysize = 32 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d246 2 a247 3 .type = CRYPTO_DEFLATE_COMP, .name = "Deflate", .minlen = 90, d251 2 a252 3 .type = CRYPTO_DEFLATE_COMP_NOGROW, .name = "Deflate", .minlen = 90, d256 2 a257 3 .type = CRYPTO_GZIP_COMP, .name = "GZIP", .minlen = 90, @ 1.28.48.1 log @Pull up following revision(s) (requested by knakahara in ticket #178): sys/opencrypto/crypto.c: 1.92-1.100 sys/opencrypto/cryptodev.h: 1.38-1.39 sys/opencrypto/ocryptodev.c: 1.9-1.11 sys/opencrypto/xform.c: revision 1.29 sys/opencrypto/xform.h: revision 1.20 KNF -- Apply C99-style struct initialization to enc_xform, auth_hash and comp_algo -- make cryptoret() context softint to balance dequeuing crypto_ret_q with enqueuing it. -- fix panic when using ecryption devices attached earlier than ipi_sysinit(). pointed out and tested by martin@@n.o, thanks. -- fix typo -- make crp_{,k}q percpu to scale crypto_dispatch(). update locking note later. -- divide crp_ret_{,k}q by CPU to avoid reordering. update locking note later. -- update locking notes of opencrypto(9) -- Don't disclose uninitialized 32-bit word if cryptodev_session fails. From Ilja Van Sprundel. -- Avert userland-controlled integer overflow. From Ilja Van Sprundel. -- Avoid another userland-controlled integer overflow. From Ilja Van Sprundel. -- refactor: remove glue macros for FreeBSD code. -- pack crypto_drivers variables to struct and add cacheline_aligned qualifier. -- use kmem_alloc KPI instead of malloc KPI. -- use pool_cache(9) instead of pool(9) as they can be called concurrently. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $"); d93 1 a93 2 .type = CRYPTO_NULL_CBC, .name = "NULL", d95 1 a95 4 .blocksize = 4, .ivsize = 0, .minkey = 0, .maxkey = 256, /* 2048 bits, max key */ d99 2 a100 6 .type = CRYPTO_DES_CBC, .name = "DES", .blocksize = 8, .ivsize = 8, .minkey = 8, .maxkey = 8, d104 2 a105 6 .type = CRYPTO_3DES_CBC, .name = "3DES", .blocksize = 8, .ivsize = 8, .minkey = 24, .maxkey = 24, d109 2 a110 6 .type = CRYPTO_BLF_CBC, .name = "Blowfish", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 56, /* 448 bits, max key */ d114 2 a115 6 .type = CRYPTO_CAST_CBC, .name = "CAST-128", .blocksize = 8, .ivsize = 8, .minkey = 5, .maxkey = 16, d119 2 a120 6 .type = CRYPTO_SKIPJACK_CBC, .name = "Skipjack", .blocksize = 8, .ivsize = 8, .minkey = 10, .maxkey = 10, d124 2 a125 6 .type = CRYPTO_RIJNDAEL128_CBC, .name = "Rijndael-128/AES", .blocksize = 16, .ivsize = 16, .minkey = 16, .maxkey = 32, d129 2 a130 6 .type = CRYPTO_ARC4, .name = "ARC4", .blocksize = 1, .ivsize = 0, .minkey = 1, .maxkey = 32, d134 2 a135 6 .type = CRYPTO_CAMELLIA_CBC, .name = "Camellia", .blocksize = 16, .ivsize = 16, .minkey = 8, .maxkey = 32, d139 2 a140 6 .type = CRYPTO_AES_CTR, .name = "AES-CTR", .blocksize = 16, .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d144 2 a145 6 .type = CRYPTO_AES_GCM_16, .name = "AES-GCM", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d149 2 a150 6 .type = CRYPTO_AES_GMAC, .name = "AES-GMAC", .blocksize = 4, /* ??? */ .ivsize = 8, .minkey = 16 + 4, .maxkey = 32 + 4, d155 2 a156 6 .type = CRYPTO_NULL_HMAC, .name = "NULL-HMAC", .keysize = 0, .hashsize = 0, .authsize = 12, .blocksize = 64, d160 2 a161 6 .type = CRYPTO_MD5_HMAC, .name = "HMAC-MD5", .keysize = 16, .hashsize = 16, .authsize = 16, .blocksize = 64, d165 2 a166 6 .type = CRYPTO_SHA1_HMAC, .name = "HMAC-SHA1", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, d170 2 a171 6 .type = CRYPTO_RIPEMD160_HMAC, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 20, .blocksize = 64, d175 2 a176 6 .type = CRYPTO_MD5_HMAC_96, .name = "HMAC-MD5-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 64, d180 2 a181 6 .type = CRYPTO_SHA1_HMAC_96, .name = "HMAC-SHA1-96", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, d185 2 a186 6 .type = CRYPTO_RIPEMD160_HMAC_96, .name = "HMAC-RIPEMD-160", .keysize = 20, .hashsize = 20, .authsize = 12, .blocksize = 64, d190 2 a191 6 .type = CRYPTO_MD5_KPDK, .name = "Keyed MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, d195 2 a196 6 .type = CRYPTO_SHA1_KPDK, .name = "Keyed SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, d200 2 a201 6 .type = CRYPTO_MD5, .name = "MD5", .keysize = 0, .hashsize = 16, .authsize = 16, .blocksize = 0, d205 2 a206 6 .type = CRYPTO_SHA1, .name = "SHA1", .keysize = 0, .hashsize = 20, .authsize = 20, .blocksize = 0, d210 2 a211 6 .type = CRYPTO_SHA2_256_HMAC, .name = "HMAC-SHA2", .keysize = 32, .hashsize = 32, .authsize = 16, .blocksize = 64, d215 2 a216 6 .type = CRYPTO_SHA2_384_HMAC, .name = "HMAC-SHA2-384", .keysize = 48, .hashsize = 48, .authsize = 24, .blocksize = 128, d220 2 a221 6 .type = CRYPTO_SHA2_512_HMAC, .name = "HMAC-SHA2-512", .keysize = 64, .hashsize = 64, .authsize = 32, .blocksize = 128, d225 2 a226 6 .type = CRYPTO_AES_XCBC_MAC_96, .name = "AES-XCBC-MAC-96", .keysize = 16, .hashsize = 16, .authsize = 12, .blocksize = 0, d230 2 a231 6 .type = CRYPTO_AES_128_GMAC, .name = "GMAC-AES-128", .keysize = 16 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d235 2 a236 6 .type = CRYPTO_AES_192_GMAC, .name = "GMAC-AES-192", .keysize = 24 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d240 2 a241 6 .type = CRYPTO_AES_256_GMAC, .name = "GMAC-AES-256", .keysize = 32 + 4, .hashsize = 16, .authsize = 16, .blocksize = 16, /* ??? */ d246 2 a247 3 .type = CRYPTO_DEFLATE_COMP, .name = "Deflate", .minlen = 90, d251 2 a252 3 .type = CRYPTO_DEFLATE_COMP_NOGROW, .name = "Deflate", .minlen = 90, d256 2 a257 3 .type = CRYPTO_GZIP_COMP, .name = "GZIP", .minlen = 90, @ 1.27 log @copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.26 2011/05/24 18:59:23 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.26 2011/05/24 18:59:23 drochner Exp $"); d143 10 d229 15 @ 1.26 log @move the "context size" struct member (which is a pure software implementation thing) from the abstract xform descriptor to the cryptosoft implementation part -- for sanity, and now clients of opencrypto don't depend on headers of cipher implementations anymore @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.25 2011/05/23 13:51:10 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.25 2011/05/23 13:51:10 drochner Exp $"); d214 5 @ 1.25 log @add an AES-CTR xform, from OpenBSD @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.24 2011/05/23 13:46:54 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.24 2011/05/23 13:46:54 drochner Exp $"); d146 1 a146 1 0, 0, 12, 64, sizeof(int) /* NB: context isn't used */ d151 1 a151 1 16, 16, 16, 64, sizeof(MD5_CTX) d156 1 a156 1 20, 20, 20, 64, sizeof(SHA1_CTX) d161 1 a161 1 20, 20, 20, 64, sizeof(RMD160_CTX) d166 1 a166 1 16, 16, 12, 64, sizeof(MD5_CTX) d171 1 a171 1 20, 20, 12, 64, sizeof(SHA1_CTX) d176 1 a176 1 20, 20, 12, 64, sizeof(RMD160_CTX) d181 1 a181 1 0, 16, 16, 0, sizeof(MD5_CTX) d186 1 a186 1 0, 20, 20, 0, sizeof(SHA1_CTX) d191 1 a191 1 0, 16, 16, 0, sizeof(MD5_CTX) d196 1 a196 1 0, 20, 20, 0, sizeof(SHA1_CTX) d201 1 a201 1 32, 32, 16, 64, sizeof(SHA256_CTX) d206 1 a206 1 48, 48, 24, 128, sizeof(SHA384_CTX) d211 1 a211 1 64, 64, 32, 128, sizeof(SHA512_CTX) @ 1.24 log @-in the descriptor for encryption xforms, split the "blocksize" field into "blocksize" and "IV size" -add an "reinit" function pointer which, if set, means that the xform does its IV handling itself and doesn't want the default CBC handling by the framework (poor name, but left that way to avoid unecessary differences) This syncs with Open/FreeBSD, purpose is to allow non-CBC transforms. Refer to ivsize instead of blocksize where appropriate. (At this point, blocksize and ivsize are identical.) @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.23 2011/05/21 13:23:36 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.23 2011/05/21 13:23:36 drochner Exp $"); d138 5 @ 1.23 log @sync minimum key size for AES with reality @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.22 2011/05/05 17:42:17 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.22 2011/05/05 17:42:17 drochner Exp $"); d95 1 a95 1 4, 0, 256 /* 2048 bits, max key */ d100 1 a100 1 8, 8, 8 d105 1 a105 1 8, 24, 24 d110 1 a110 1 8, 5, 56 /* 448 bits, max key */ d115 1 a115 1 8, 5, 16 d120 1 a120 1 8, 10, 10 d125 1 a125 1 16, 16, 32 d130 1 a130 1 1, 1, 32 d135 1 a135 1 16, 8, 32 @ 1.22 log @make camellia-cbc known to the opencrypto framework @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.21 2011/03/09 11:43:36 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.21 2011/03/09 11:43:36 drochner Exp $"); d125 1 a125 1 16, 8, 32 @ 1.21 log @const'fy algorithm descriptors @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.20 2011/02/25 20:13:10 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.20 2011/02/25 20:13:10 drochner Exp $"); d133 5 @ 1.20 log @make the use of SHA2-HMAC by FAST_IPSEC compliant to current standards: -RFC2104 says that the block size of the hash algorithm must be used for key/ipad/opad calculations. While formerly all ciphers used a block length of 64, SHA384 and SHA512 use 128 bytes. So we can't use the HMAC_BLOCK_LEN constant anymore. Add a new field to "struct auth_hash" for the per-cipher blocksize. -Due to this, there can't be a single "CRYPTO_SHA2_HMAC" external name anymore. Replace this by 3 for the 3 different keysizes. This was done by Open/FreeBSD before. -Also fix the number of authenticator bits used tor ESP and AH to conform to RFC4868, and remove uses of AH_HMAC_HASHLEN which did assume a fixed authenticator size of 12 bytes. FAST_IPSEC will not interoperate with KAME IPSEC anymore if sha2 is used, because the latter doesn't implement these standards. It should interoperate with at least modern Free/OpenBSD now. (I've only tested with NetBSD-current/FAST_IPSEC on both ends.) @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.19 2011/02/24 20:03:41 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.19 2011/02/24 20:03:41 drochner Exp $"); d92 1 a92 1 struct enc_xform enc_xform_null = { d98 1 a98 1 struct enc_xform enc_xform_des = { d103 1 a103 1 struct enc_xform enc_xform_3des = { d108 1 a108 1 struct enc_xform enc_xform_blf = { d113 1 a113 1 struct enc_xform enc_xform_cast5 = { d118 1 a118 1 struct enc_xform enc_xform_skipjack = { d123 1 a123 1 struct enc_xform enc_xform_rijndael128 = { d128 1 a128 1 struct enc_xform enc_xform_arc4 = { d134 1 a134 1 struct auth_hash auth_hash_null = { d139 1 a139 1 struct auth_hash auth_hash_hmac_md5 = { d144 1 a144 1 struct auth_hash auth_hash_hmac_sha1 = { d149 1 a149 1 struct auth_hash auth_hash_hmac_ripemd_160 = { d154 1 a154 1 struct auth_hash auth_hash_hmac_md5_96 = { d159 1 a159 1 struct auth_hash auth_hash_hmac_sha1_96 = { d164 1 a164 1 struct auth_hash auth_hash_hmac_ripemd_160_96 = { d169 1 a169 1 struct auth_hash auth_hash_key_md5 = { d174 1 a174 1 struct auth_hash auth_hash_key_sha1 = { d179 1 a179 1 struct auth_hash auth_hash_md5 = { d184 1 a184 1 struct auth_hash auth_hash_sha1 = { d189 1 a189 1 struct auth_hash auth_hash_hmac_sha2_256 = { d194 1 a194 1 struct auth_hash auth_hash_hmac_sha2_384 = { d199 1 a199 1 struct auth_hash auth_hash_hmac_sha2_512 = { d205 1 a205 1 struct comp_algo comp_algo_deflate = { d210 1 a210 1 struct comp_algo comp_algo_deflate_nogrow = { d215 1 a215 1 struct comp_algo comp_algo_gzip = { @ 1.19 log @small modifications in dealing with the unknown result size of compression/ decompression: -seperate the IPCOMP specific rule that compression must not grow the data from general compression semantics: Introduce a special name CRYPTO_DEFLATE_COMP_NOGROW/comp_algo_deflate_nogrow to describe the IPCOMP semantics and use it there. (being here, fix the check so that equal size is considered failure as well as required by RFC2393) Customers of CRYPTO_DEFLATE_COMP/comp_algo_deflate now always get deflated data back, even if they are not smaller than the original. -allow to pass a "size hint" to the DEFLATE decompression function which is used for the initial buffer allocation. Due to the changes done there, additional allocations and extra copies are avoided if the initial allocation is sufficient. Set the size hint to MCLBYTES (=2k) in IPCOMP which should be good for many use cases. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $"); d53 9 a61 1 const u_int8_t hmac_ipad_buffer[64] = { d72 9 a80 1 const u_int8_t hmac_opad_buffer[64] = { d136 1 a136 1 0, 0, 12, sizeof(int) /* NB: context isn't used */ d141 1 a141 1 16, 16, 16, sizeof(MD5_CTX) d146 1 a146 1 20, 20, 20, sizeof(SHA1_CTX) d151 1 a151 1 20, 20, 20, sizeof(RMD160_CTX) d156 1 a156 1 16, 16, 12, sizeof(MD5_CTX) d161 1 a161 1 20, 20, 12, sizeof(SHA1_CTX) d166 1 a166 1 20, 20, 12, sizeof(RMD160_CTX) d171 1 a171 1 0, 16, 16, sizeof(MD5_CTX) d176 1 a176 1 0, 20, 20, sizeof(SHA1_CTX) d181 1 a181 1 0, 16, 16, sizeof(MD5_CTX) d186 1 a186 1 0, 20, 20, sizeof(SHA1_CTX) d190 2 a191 2 CRYPTO_SHA2_HMAC, "HMAC-SHA2", 32, 32, 12, sizeof(SHA256_CTX) d195 2 a196 2 CRYPTO_SHA2_HMAC, "HMAC-SHA2-384", 48, 48, 12, sizeof(SHA384_CTX) d200 2 a201 2 CRYPTO_SHA2_HMAC, "HMAC-SHA2-512", 64, 64, 12, sizeof(SHA512_CTX) @ 1.18 log @Fixes PR kern/41069 and PR kern/41070. Extends the Opencrypto API to allow the destination buffer size to be specified when its not the same size as the input buffer (i.e. for operations like compress and decompress). The crypto_op and crypt_n_op structures gain a u_int dst_len field. The session_op structure gains a comp_alg field to specify a compression algorithm. Moved four ioctls to new ids; CIOCGSESSION, CIOCNGSESSION, CIOCCRYPT, and CIOCNCRYPTM. Added four backward compatible ioctls; OCIOCGSESSION, OCIOCNGSESSION, OCIOCCRYPT, and OCIOCNCRYPTM. Backward compatibility is maintained in ocryptodev.h and ocryptodev.c which implement the original ioctls and set dst_len and comp_alg to 0. Adds user-space access to compression features. Adds software gzip support (CRYPTO_GZIP_COMP). Adds the fast version of crc32 from zlib to libkern. This should be generally useful and provide a place to start normalizing the various crc32 routines in the kernel. The crc32 routine is used in this patch to support GZIP. With input and support from tls@@NetBSD.org. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $"); d194 5 @ 1.18.6.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $"); d53 1 a53 9 const u_int8_t hmac_ipad_buffer[128] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, d64 1 a64 9 const u_int8_t hmac_opad_buffer[128] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, d76 1 a76 1 const struct enc_xform enc_xform_null = { d79 1 a79 1 4, 0, 0, 256 /* 2048 bits, max key */ d82 1 a82 1 const struct enc_xform enc_xform_des = { d84 1 a84 1 8, 8, 8, 8 d87 1 a87 1 const struct enc_xform enc_xform_3des = { d89 1 a89 1 8, 8, 24, 24 d92 1 a92 1 const struct enc_xform enc_xform_blf = { d94 1 a94 1 8, 8, 5, 56 /* 448 bits, max key */ d97 1 a97 1 const struct enc_xform enc_xform_cast5 = { d99 1 a99 1 8, 8, 5, 16 d102 1 a102 1 const struct enc_xform enc_xform_skipjack = { d104 1 a104 1 8, 8, 10, 10 d107 1 a107 1 const struct enc_xform enc_xform_rijndael128 = { d109 1 a109 1 16, 16, 16, 32 d112 1 a112 1 const struct enc_xform enc_xform_arc4 = { d114 1 a114 21 1, 0, 1, 32 }; const struct enc_xform enc_xform_camellia = { CRYPTO_CAMELLIA_CBC, "Camellia", 16, 16, 8, 32 }; const struct enc_xform enc_xform_aes_ctr = { CRYPTO_AES_CTR, "AES-CTR", 16, 8, 16+4, 32+4 }; const struct enc_xform enc_xform_aes_gcm = { CRYPTO_AES_GCM_16, "AES-GCM", 4 /* ??? */, 8, 16+4, 32+4 }; const struct enc_xform enc_xform_aes_gmac = { CRYPTO_AES_GMAC, "AES-GMAC", 4 /* ??? */, 8, 16+4, 32+4 d118 1 a118 1 const struct auth_hash auth_hash_null = { d120 1 a120 1 0, 0, 12, 64 d123 1 a123 1 const struct auth_hash auth_hash_hmac_md5 = { d125 1 a125 1 16, 16, 16, 64 d128 1 a128 1 const struct auth_hash auth_hash_hmac_sha1 = { d130 1 a130 1 20, 20, 20, 64 d133 1 a133 1 const struct auth_hash auth_hash_hmac_ripemd_160 = { d135 1 a135 1 20, 20, 20, 64 d138 1 a138 1 const struct auth_hash auth_hash_hmac_md5_96 = { d140 1 a140 1 16, 16, 12, 64 d143 1 a143 1 const struct auth_hash auth_hash_hmac_sha1_96 = { d145 1 a145 1 20, 20, 12, 64 d148 1 a148 1 const struct auth_hash auth_hash_hmac_ripemd_160_96 = { d150 1 a150 1 20, 20, 12, 64 d153 1 a153 1 const struct auth_hash auth_hash_key_md5 = { d155 1 a155 1 0, 16, 16, 0 d158 1 a158 1 const struct auth_hash auth_hash_key_sha1 = { d160 1 a160 1 0, 20, 20, 0 d163 1 a163 1 const struct auth_hash auth_hash_md5 = { d165 1 a165 1 0, 16, 16, 0 d168 1 a168 1 const struct auth_hash auth_hash_sha1 = { d170 1 a170 6 0, 20, 20, 0 }; const struct auth_hash auth_hash_hmac_sha2_256 = { CRYPTO_SHA2_256_HMAC, "HMAC-SHA2", 32, 32, 16, 64 d173 3 a175 3 const struct auth_hash auth_hash_hmac_sha2_384 = { CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384", 48, 48, 24, 128 d178 3 a180 3 const struct auth_hash auth_hash_hmac_sha2_512 = { CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512", 64, 64, 32, 128 d183 3 a185 18 const struct auth_hash auth_hash_aes_xcbc_mac_96 = { CRYPTO_AES_XCBC_MAC_96, "AES-XCBC-MAC-96", 16, 16, 12, 0 }; const struct auth_hash auth_hash_gmac_aes_128 = { CRYPTO_AES_128_GMAC, "GMAC-AES-128", 16+4, 16, 16, 16 /* ??? */ }; const struct auth_hash auth_hash_gmac_aes_192 = { CRYPTO_AES_192_GMAC, "GMAC-AES-192", 24+4, 16, 16, 16 /* ??? */ }; const struct auth_hash auth_hash_gmac_aes_256 = { CRYPTO_AES_256_GMAC, "GMAC-AES-256", 32+4, 16, 16, 16 /* ??? */ d189 1 a189 1 const struct comp_algo comp_algo_deflate = { d194 1 a194 6 const struct comp_algo comp_algo_deflate_nogrow = { CRYPTO_DEFLATE_COMP_NOGROW, "Deflate", 90 }; const struct comp_algo comp_algo_gzip = { @ 1.18.4.1 log @sync with head @ text @d1 1 a1 1 /* $NetBSD$ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD$"); d53 1 a53 9 const u_int8_t hmac_ipad_buffer[128] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, d64 1 a64 9 const u_int8_t hmac_opad_buffer[128] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, d120 1 a120 1 0, 0, 12, 64, sizeof(int) /* NB: context isn't used */ d125 1 a125 1 16, 16, 16, 64, sizeof(MD5_CTX) d130 1 a130 1 20, 20, 20, 64, sizeof(SHA1_CTX) d135 1 a135 1 20, 20, 20, 64, sizeof(RMD160_CTX) d140 1 a140 1 16, 16, 12, 64, sizeof(MD5_CTX) d145 1 a145 1 20, 20, 12, 64, sizeof(SHA1_CTX) d150 1 a150 1 20, 20, 12, 64, sizeof(RMD160_CTX) d155 1 a155 1 0, 16, 16, 0, sizeof(MD5_CTX) d160 1 a160 1 0, 20, 20, 0, sizeof(SHA1_CTX) d165 1 a165 1 0, 16, 16, 0, sizeof(MD5_CTX) d170 1 a170 1 0, 20, 20, 0, sizeof(SHA1_CTX) d174 2 a175 2 CRYPTO_SHA2_256_HMAC, "HMAC-SHA2", 32, 32, 16, 64, sizeof(SHA256_CTX) d179 2 a180 2 CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384", 48, 48, 24, 128, sizeof(SHA384_CTX) d184 2 a185 2 CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512", 64, 64, 32, 128, sizeof(SHA512_CTX) a193 5 struct comp_algo comp_algo_deflate_nogrow = { CRYPTO_DEFLATE_COMP_NOGROW, "Deflate", 90 }; @ 1.18.4.2 log @sync with head @ text @d92 1 a92 1 const struct enc_xform enc_xform_null = { d98 1 a98 1 const struct enc_xform enc_xform_des = { d103 1 a103 1 const struct enc_xform enc_xform_3des = { d108 1 a108 1 const struct enc_xform enc_xform_blf = { d113 1 a113 1 const struct enc_xform enc_xform_cast5 = { d118 1 a118 1 const struct enc_xform enc_xform_skipjack = { d123 1 a123 1 const struct enc_xform enc_xform_rijndael128 = { d128 1 a128 1 const struct enc_xform enc_xform_arc4 = { d134 1 a134 1 const struct auth_hash auth_hash_null = { d139 1 a139 1 const struct auth_hash auth_hash_hmac_md5 = { d144 1 a144 1 const struct auth_hash auth_hash_hmac_sha1 = { d149 1 a149 1 const struct auth_hash auth_hash_hmac_ripemd_160 = { d154 1 a154 1 const struct auth_hash auth_hash_hmac_md5_96 = { d159 1 a159 1 const struct auth_hash auth_hash_hmac_sha1_96 = { d164 1 a164 1 const struct auth_hash auth_hash_hmac_ripemd_160_96 = { d169 1 a169 1 const struct auth_hash auth_hash_key_md5 = { d174 1 a174 1 const struct auth_hash auth_hash_key_sha1 = { d179 1 a179 1 const struct auth_hash auth_hash_md5 = { d184 1 a184 1 const struct auth_hash auth_hash_sha1 = { d189 1 a189 1 const struct auth_hash auth_hash_hmac_sha2_256 = { d194 1 a194 1 const struct auth_hash auth_hash_hmac_sha2_384 = { d199 1 a199 1 const struct auth_hash auth_hash_hmac_sha2_512 = { d205 1 a205 1 const struct comp_algo comp_algo_deflate = { d210 1 a210 1 const struct comp_algo comp_algo_deflate_nogrow = { d215 1 a215 1 const struct comp_algo comp_algo_gzip = { @ 1.18.4.3 log @sync with head @ text @d95 1 a95 1 4, 0, 0, 256 /* 2048 bits, max key */ d100 1 a100 1 8, 8, 8, 8 d105 1 a105 1 8, 8, 24, 24 d110 1 a110 1 8, 8, 5, 56 /* 448 bits, max key */ d115 1 a115 1 8, 8, 5, 16 d120 1 a120 1 8, 8, 10, 10 d125 1 a125 1 16, 16, 16, 32 d130 1 a130 21 1, 0, 1, 32 }; const struct enc_xform enc_xform_camellia = { CRYPTO_CAMELLIA_CBC, "Camellia", 16, 16, 8, 32 }; const struct enc_xform enc_xform_aes_ctr = { CRYPTO_AES_CTR, "AES-CTR", 16, 8, 16+4, 32+4 }; const struct enc_xform enc_xform_aes_gcm = { CRYPTO_AES_GCM_16, "AES-GCM", 4 /* ??? */, 8, 16+4, 32+4 }; const struct enc_xform enc_xform_aes_gmac = { CRYPTO_AES_GMAC, "AES-GMAC", 4 /* ??? */, 8, 16+4, 32+4 d136 1 a136 1 0, 0, 12, 64 d141 1 a141 1 16, 16, 16, 64 d146 1 a146 1 20, 20, 20, 64 d151 1 a151 1 20, 20, 20, 64 d156 1 a156 1 16, 16, 12, 64 d161 1 a161 1 20, 20, 12, 64 d166 1 a166 1 20, 20, 12, 64 d171 1 a171 1 0, 16, 16, 0 d176 1 a176 1 0, 20, 20, 0 d181 1 a181 1 0, 16, 16, 0 d186 1 a186 1 0, 20, 20, 0 d191 1 a191 1 32, 32, 16, 64 d196 1 a196 1 48, 48, 24, 128 d201 1 a201 21 64, 64, 32, 128 }; const struct auth_hash auth_hash_aes_xcbc_mac_96 = { CRYPTO_AES_XCBC_MAC_96, "AES-XCBC-MAC-96", 16, 16, 12, 0 }; const struct auth_hash auth_hash_gmac_aes_128 = { CRYPTO_AES_128_GMAC, "GMAC-AES-128", 16+4, 16, 16, 16 /* ??? */ }; const struct auth_hash auth_hash_gmac_aes_192 = { CRYPTO_AES_192_GMAC, "GMAC-AES-192", 24+4, 16, 16, 16 /* ??? */ }; const struct auth_hash auth_hash_gmac_aes_256 = { CRYPTO_AES_256_GMAC, "GMAC-AES-256", 32+4, 16, 16, 16 /* ??? */ @ 1.18.8.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD$ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD$"); d53 1 a53 9 const u_int8_t hmac_ipad_buffer[128] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, d64 1 a64 9 const u_int8_t hmac_opad_buffer[128] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, d120 1 a120 1 0, 0, 12, 64, sizeof(int) /* NB: context isn't used */ d125 1 a125 1 16, 16, 16, 64, sizeof(MD5_CTX) d130 1 a130 1 20, 20, 20, 64, sizeof(SHA1_CTX) d135 1 a135 1 20, 20, 20, 64, sizeof(RMD160_CTX) d140 1 a140 1 16, 16, 12, 64, sizeof(MD5_CTX) d145 1 a145 1 20, 20, 12, 64, sizeof(SHA1_CTX) d150 1 a150 1 20, 20, 12, 64, sizeof(RMD160_CTX) d155 1 a155 1 0, 16, 16, 0, sizeof(MD5_CTX) d160 1 a160 1 0, 20, 20, 0, sizeof(SHA1_CTX) d165 1 a165 1 0, 16, 16, 0, sizeof(MD5_CTX) d170 1 a170 1 0, 20, 20, 0, sizeof(SHA1_CTX) d174 2 a175 2 CRYPTO_SHA2_256_HMAC, "HMAC-SHA2", 32, 32, 16, 64, sizeof(SHA256_CTX) d179 2 a180 2 CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384", 48, 48, 24, 128, sizeof(SHA384_CTX) d184 2 a185 2 CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512", 64, 64, 32, 128, sizeof(SHA512_CTX) a193 5 struct comp_algo comp_algo_deflate_nogrow = { CRYPTO_DEFLATE_COMP_NOGROW, "Deflate", 90 }; @ 1.17 log @From Darran Hunt: you can't just specify the "wrong" underlying algorithm with the "right" output size in the xform declaration and have the _96 HMAC variants work -- the actual algorithm machinery (hardware or software) ignores the output-size parameter, it's just there to inform the interface consumer. This should fix FAST_IPSEC. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.16 2008/02/02 02:39:01 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.16 2008/02/02 02:39:01 tls Exp $"); d193 5 @ 1.17.22.1 log @bring matt-nb5-mips64 up to date with netbsd-5-1-RELEASE (except compat). @ text @d1 1 a1 1 /* $NetBSD$ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD$"); a192 5 struct comp_algo comp_algo_gzip = { CRYPTO_GZIP_COMP, "GZIP", 90 }; @ 1.17.18.1 log @Sync with HEAD. Commit is split, to avoid a "too many arguments" protocol error. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $"); a192 5 struct comp_algo comp_algo_gzip = { CRYPTO_GZIP_COMP, "GZIP", 90 }; @ 1.17.4.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $"); a192 5 struct comp_algo comp_algo_gzip = { CRYPTO_GZIP_COMP, "GZIP", 90 }; @ 1.17.14.1 log @Pull up following revision(s) (requested by tls in ticket #611): sys/lib/libkern/Makefile: patch sys/lib/libkern/crc32.c: revision 1.1 sys/lib/libkern/crc32.h: revision 1.1 sys/lib/libkern/libkern.h: revision 1.89 sys/lib/libkern/arch/i386/Makefile.inc: revision 1.28 sys/net/zlib.h: revision 1.14 via patch sys/opencrypto/crypto.c: revision 1.33 sys/opencrypto/cryptodev.c: revision 1.46 sys/opencrypto/cryptodev.h: revision 1.16 sys/opencrypto/cryptosoft.c: revision 1.24 sys/opencrypto/cryptosoft.h: revision 1.6 sys/opencrypto/deflate.h: revision 1.6 sys/opencrypto/cryptosoft_xform.c: revision 1.12 sys/opencrypto/deflate.c: revision 1.13 sys/opencrypto/files.opencrypto: revision 1.20 sys/opencrypto/ocryptodev.c: revision 1.1 sys/opencrypto/ocryptodev.h: revision 1.1 sys/opencrypto/xform.c: revision 1.18 sys/opencrypto/xform.h: revision 1.10 Fixes PR kern/41069 and PR kern/41070. Extends the Opencrypto API to allow the destination buffer size to be specified when its not the same size as the input buffer (i.e. for operations like compress and decompress). The crypto_op and crypt_n_op structures gain a u_int dst_len field. The session_op structure gains a comp_alg field to specify a compression algorithm. Moved four ioctls to new ids; CIOCGSESSION, CIOCNGSESSION, CIOCCRYPT, and CIOCNCRYPTM. Added four backward compatible ioctls; OCIOCGSESSION, OCIOCNGSESSION, OCIOCCRYPT, and OCIOCNCRYPTM. Backward compatibility is maintained in ocryptodev.h and ocryptodev.c which implement the original ioctls and set dst_len and comp_alg to 0. Adds user-space access to compression features. Adds software gzip support (CRYPTO_GZIP_COMP). Adds the fast version of crc32 from zlib to libkern. This should be generally useful and provide a place to start normalizing the various crc32 routines in the kernel. The crc32 routine is used in this patch to support GZIP. With input and support from tls@@NetBSD.org. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $"); a192 5 struct comp_algo comp_algo_gzip = { CRYPTO_GZIP_COMP, "GZIP", 90 }; @ 1.17.12.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $"); a192 5 struct comp_algo comp_algo_gzip = { CRYPTO_GZIP_COMP, "GZIP", 90 }; @ 1.16 log @From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to. Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.15 2005/11/25 16:16:46 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.15 2005/11/25 16:16:46 thorpej Exp $"); d139 1 a139 1 CRYPTO_MD5_HMAC, "HMAC-MD5-96", d144 1 a144 1 CRYPTO_SHA1_HMAC, "HMAC-SHA1-96", d149 1 a149 1 CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", @ 1.16.6.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD$ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD$"); d139 1 a139 1 CRYPTO_MD5_HMAC_96, "HMAC-MD5-96", d144 1 a144 1 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96", d149 1 a149 1 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160", @ 1.16.2.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.17 2008/02/28 09:29:10 tls Exp $"); d139 1 a139 1 CRYPTO_MD5_HMAC_96, "HMAC-MD5-96", d144 1 a144 1 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96", d149 1 a149 1 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160", @ 1.15 log @- De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.14 2005/05/29 21:23:17 christos Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.14 2005/05/29 21:23:17 christos Exp $"); d123 15 d139 1 a139 1 CRYPTO_MD5_HMAC, "HMAC-MD5", d144 1 a144 1 CRYPTO_SHA1_HMAC, "HMAC-SHA1", @ 1.15.46.1 log @sync with HEAD @ text @d1 1 a1 1 /* xform.c,v 1.15 2005/11/25 16:16:46 thorpej Exp */ d43 1 a43 1 __KERNEL_RCSID(0, "xform.c,v 1.15 2005/11/25 16:16:46 thorpej Exp"); d123 1 a123 1 struct auth_hash auth_hash_hmac_md5 = { a124 15 16, 16, 16, sizeof(MD5_CTX) }; struct auth_hash auth_hash_hmac_sha1 = { CRYPTO_SHA1_HMAC, "HMAC-SHA1", 20, 20, 20, sizeof(SHA1_CTX) }; struct auth_hash auth_hash_hmac_ripemd_160 = { CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 20, 20, 20, sizeof(RMD160_CTX) }; struct auth_hash auth_hash_hmac_md5_96 = { CRYPTO_MD5_HMAC_96, "HMAC-MD5-96", d129 1 a129 1 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96", d134 1 a134 1 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160", @ 1.15.52.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.16 2008/02/02 02:39:01 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.16 2008/02/02 02:39:01 tls Exp $"); d123 1 a123 1 struct auth_hash auth_hash_hmac_md5 = { a124 15 16, 16, 16, sizeof(MD5_CTX) }; struct auth_hash auth_hash_hmac_sha1 = { CRYPTO_SHA1_HMAC, "HMAC-SHA1", 20, 20, 20, sizeof(SHA1_CTX) }; struct auth_hash auth_hash_hmac_ripemd_160 = { CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 20, 20, 20, sizeof(RMD160_CTX) }; struct auth_hash auth_hash_hmac_md5_96 = { CRYPTO_MD5_HMAC, "HMAC-MD5-96", d129 1 a129 1 CRYPTO_SHA1_HMAC, "HMAC-SHA1-96", @ 1.14 log @Sprinkle const. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.13 2003/11/18 23:01:39 jonathan Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.13 2003/11/18 23:01:39 jonathan Exp $"); a45 1 #include a46 17 #include #include #include #include #include #include #include #include #include #include #include #include #include #include d51 1 a51 47 static void null_encrypt(caddr_t, u_int8_t *); static void null_decrypt(caddr_t, u_int8_t *); static int null_setkey(u_int8_t **, const u_int8_t *, int); static void null_zerokey(u_int8_t **); static int des1_setkey(u_int8_t **, const u_int8_t *, int); static int des3_setkey(u_int8_t **, const u_int8_t *, int); static int blf_setkey(u_int8_t **, const u_int8_t *, int); static int cast5_setkey(u_int8_t **, const u_int8_t *, int); static int skipjack_setkey(u_int8_t **, const u_int8_t *, int); static int rijndael128_setkey(u_int8_t **, const u_int8_t *, int); static void des1_encrypt(caddr_t, u_int8_t *); static void des3_encrypt(caddr_t, u_int8_t *); static void blf_encrypt(caddr_t, u_int8_t *); static void cast5_encrypt(caddr_t, u_int8_t *); static void skipjack_encrypt(caddr_t, u_int8_t *); static void rijndael128_encrypt(caddr_t, u_int8_t *); static void des1_decrypt(caddr_t, u_int8_t *); static void des3_decrypt(caddr_t, u_int8_t *); static void blf_decrypt(caddr_t, u_int8_t *); static void cast5_decrypt(caddr_t, u_int8_t *); static void skipjack_decrypt(caddr_t, u_int8_t *); static void rijndael128_decrypt(caddr_t, u_int8_t *); static void des1_zerokey(u_int8_t **); static void des3_zerokey(u_int8_t **); static void blf_zerokey(u_int8_t **); static void cast5_zerokey(u_int8_t **); static void skipjack_zerokey(u_int8_t **); static void rijndael128_zerokey(u_int8_t **); static void null_init(void *); static int null_update(void *, const u_int8_t *, u_int16_t); static void null_final(u_int8_t *, void *); static int MD5Update_int(void *, const u_int8_t *, u_int16_t); static void SHA1Init_int(void *); static int SHA1Update_int(void *, const u_int8_t *, u_int16_t); static void SHA1Final_int(u_int8_t *, void *); static int RMD160Update_int(void *, const u_int8_t *, u_int16_t); static int SHA1Update_int(void *, const u_int8_t *, u_int16_t); static void SHA1Final_int(u_int8_t *, void *); static int RMD160Update_int(void *, const u_int8_t *, u_int16_t); static int SHA256Update_int(void *, const u_int8_t *, u_int16_t); static int SHA384Update_int(void *, const u_int8_t *, u_int16_t); static int SHA512Update_int(void *, const u_int8_t *, u_int16_t); d53 21 a73 4 static u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **); static u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **); MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); d79 1 a79 5 4, 0, 256, /* 2048 bits, max key */ null_encrypt, null_decrypt, null_setkey, null_zerokey, d84 1 a84 5 8, 8, 8, des1_encrypt, des1_decrypt, des1_setkey, des1_zerokey, d89 1 a89 5 8, 24, 24, des3_encrypt, des3_decrypt, des3_setkey, des3_zerokey d94 1 a94 5 8, 5, 56 /* 448 bits, max key */, blf_encrypt, blf_decrypt, blf_setkey, blf_zerokey d99 1 a99 5 8, 5, 16, cast5_encrypt, cast5_decrypt, cast5_setkey, cast5_zerokey d104 1 a104 5 8, 10, 10, skipjack_encrypt, skipjack_decrypt, skipjack_setkey, skipjack_zerokey d109 1 a109 5 16, 8, 32, rijndael128_encrypt, rijndael128_decrypt, rijndael128_setkey, rijndael128_zerokey, d114 1 a114 5 1, 1, 32, NULL, NULL, NULL, NULL, d120 1 a120 2 0, 0, 12, sizeof(int), /* NB: context isn't used */ null_init, null_update, null_final d125 1 a125 3 16, 16, 12, sizeof(MD5_CTX), (void (*) (void *)) MD5Init, MD5Update_int, (void (*) (u_int8_t *, void *)) MD5Final d130 1 a130 2 20, 20, 12, sizeof(SHA1_CTX), SHA1Init_int, SHA1Update_int, SHA1Final_int d135 1 a135 3 20, 20, 12, sizeof(RMD160_CTX), (void (*)(void *)) RMD160Init, RMD160Update_int, (void (*)(u_int8_t *, void *)) RMD160Final d140 1 a140 3 0, 16, 16, sizeof(MD5_CTX), (void (*)(void *)) MD5Init, MD5Update_int, (void (*)(u_int8_t *, void *)) MD5Final d145 1 a145 2 0, 20, 20, sizeof(SHA1_CTX), SHA1Init_int, SHA1Update_int, SHA1Final_int d150 1 a150 3 0, 16, 16, sizeof(MD5_CTX), (void (*) (void *)) MD5Init, MD5Update_int, (void (*) (u_int8_t *, void *)) MD5Final d155 1 a155 3 0, 20, 20, sizeof(SHA1_CTX), (void (*)(void *)) SHA1Init, SHA1Update_int, (void (*)(u_int8_t *, void *)) SHA1Final d160 1 a160 3 32, 32, 12, sizeof(SHA256_CTX), (void (*)(void *)) SHA256_Init, SHA256Update_int, (void (*)(u_int8_t *, void *)) SHA256_Final d165 1 a165 3 48, 48, 12, sizeof(SHA384_CTX), (void (*)(void *)) SHA384_Init, SHA384Update_int, (void (*)(u_int8_t *, void *)) SHA384_Final d170 1 a170 3 64, 64, 12, sizeof(SHA512_CTX), (void (*)(void *)) SHA512_Init, SHA512Update_int, (void (*)(u_int8_t *, void *)) SHA512_Final d176 1 a176 2 90, deflate_compress, deflate_decompress a177 391 /* * Encryption wrapper routines. */ static void null_encrypt(caddr_t key, u_int8_t *blk) { } static void null_decrypt(caddr_t key, u_int8_t *blk) { } static int null_setkey(u_int8_t **sched, const u_int8_t *key, int len) { *sched = NULL; return 0; } static void null_zerokey(u_int8_t **sched) { *sched = NULL; } static void des1_encrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb_encrypt(cb, cb, p[0], DES_ENCRYPT); } static void des1_decrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb_encrypt(cb, cb, p[0], DES_DECRYPT); } static int des1_setkey(u_int8_t **sched, const u_int8_t *key, int len) { des_key_schedule *p; int err; MALLOC(p, des_key_schedule *, sizeof (des_key_schedule), M_CRYPTO_DATA, M_NOWAIT); if (p != NULL) { bzero(p, sizeof(des_key_schedule)); des_set_key((des_cblock *)__UNCONST(key), p[0]); err = 0; } else err = ENOMEM; *sched = (u_int8_t *) p; return err; } static void des1_zerokey(u_int8_t **sched) { bzero(*sched, sizeof (des_key_schedule)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void des3_encrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_ENCRYPT); } static void des3_decrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_DECRYPT); } static int des3_setkey(u_int8_t **sched, const u_int8_t *key, int len) { des_key_schedule *p; int err; MALLOC(p, des_key_schedule *, 3*sizeof (des_key_schedule), M_CRYPTO_DATA, M_NOWAIT); if (p != NULL) { bzero(p, 3*sizeof(des_key_schedule)); des_set_key((des_cblock *)__UNCONST(key + 0), p[0]); des_set_key((des_cblock *)__UNCONST(key + 8), p[1]); des_set_key((des_cblock *)__UNCONST(key + 16), p[2]); err = 0; } else err = ENOMEM; *sched = (u_int8_t *) p; return err; } static void des3_zerokey(u_int8_t **sched) { bzero(*sched, 3*sizeof (des_key_schedule)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void blf_encrypt(caddr_t key, u_int8_t *blk) { #if defined(__NetBSD__) BF_ecb_encrypt(blk, blk, (BF_KEY *)key, 1); #else blf_ecb_encrypt((blf_ctx *) key, blk, 8); #endif } static void blf_decrypt(caddr_t key, u_int8_t *blk) { #if defined(__NetBSD__) BF_ecb_encrypt(blk, blk, (BF_KEY *)key, 0); #else blf_ecb_decrypt((blf_ctx *) key, blk, 8); #endif } static int blf_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; #if defined(__FreeBSD__) || defined(__NetBSD__) #define BLF_SIZ sizeof(BF_KEY) #else #define BLF_SIZ sizeof(blf_ctx) #endif MALLOC(*sched, u_int8_t *, BLF_SIZ, M_CRYPTO_DATA, M_NOWAIT); if (*sched != NULL) { bzero(*sched, BLF_SIZ); #if defined(__FreeBSD__) || defined(__NetBSD__) BF_set_key((BF_KEY *) *sched, len, key); #else blf_key((blf_ctx *)*sched, key, len); #endif err = 0; } else err = ENOMEM; return err; } static void blf_zerokey(u_int8_t **sched) { bzero(*sched, BLF_SIZ); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void cast5_encrypt(caddr_t key, u_int8_t *blk) { cast128_encrypt((cast128_key *) key, blk, blk); } static void cast5_decrypt(caddr_t key, u_int8_t *blk) { cast128_decrypt((cast128_key *) key, blk, blk); } static int cast5_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; MALLOC(*sched, u_int8_t *, sizeof(cast128_key), M_CRYPTO_DATA, M_NOWAIT); if (*sched != NULL) { bzero(*sched, sizeof(cast128_key)); cast128_setkey((cast128_key *)*sched, key, len); err = 0; } else err = ENOMEM; return err; } static void cast5_zerokey(u_int8_t **sched) { bzero(*sched, sizeof(cast128_key)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void skipjack_encrypt(caddr_t key, u_int8_t *blk) { skipjack_forwards(blk, blk, (u_int8_t **) key); } static void skipjack_decrypt(caddr_t key, u_int8_t *blk) { skipjack_backwards(blk, blk, (u_int8_t **) key); } static int skipjack_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; /* NB: allocate all the memory that's needed at once */ /* XXX assumes bytes are aligned on sizeof(u_char) == 1 boundaries. * Will this break a pdp-10, Cray-1, or GE-645 port? */ MALLOC(*sched, u_int8_t *, 10 * (sizeof(u_int8_t *) + 0x100), M_CRYPTO_DATA, M_NOWAIT); if (*sched != NULL) { u_int8_t** key_tables = (u_int8_t**) *sched; u_int8_t* table = (u_int8_t*) &key_tables[10]; int k; bzero(*sched, 10 * sizeof(u_int8_t *)+0x100); for (k = 0; k < 10; k++) { key_tables[k] = table; table += 0x100; } subkey_table_gen(key, (u_int8_t **) *sched); err = 0; } else err = ENOMEM; return err; } static void skipjack_zerokey(u_int8_t **sched) { bzero(*sched, 10 * (sizeof(u_int8_t *) + 0x100)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void rijndael128_encrypt(caddr_t key, u_int8_t *blk) { rijndael_encrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); } static void rijndael128_decrypt(caddr_t key, u_int8_t *blk) { rijndael_decrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); } static int rijndael128_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; MALLOC(*sched, u_int8_t *, sizeof(rijndael_ctx), M_CRYPTO_DATA, M_WAITOK); if (*sched != NULL) { bzero(*sched, sizeof(rijndael_ctx)); rijndael_set_key((rijndael_ctx *) *sched, key, len * 8); err = 0; } else err = ENOMEM; return err; } static void rijndael128_zerokey(u_int8_t **sched) { bzero(*sched, sizeof(rijndael_ctx)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } /* * And now for auth. */ static void null_init(void *ctx) { } static int null_update(void *ctx, const u_int8_t *buf, u_int16_t len) { return 0; } static void null_final(u_int8_t *buf, void *ctx) { if (buf != (u_int8_t *) 0) bzero(buf, 12); } static int RMD160Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { RMD160Update(ctx, buf, len); return 0; } static int MD5Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { MD5Update(ctx, buf, len); return 0; } static void SHA1Init_int(void *ctx) { SHA1Init(ctx); } static int SHA1Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA1Update(ctx, buf, len); return 0; } static void SHA1Final_int(u_int8_t *blk, void *ctx) { SHA1Final(blk, ctx); } static int SHA256Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA256_Update(ctx, buf, len); return 0; } static int SHA384Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA384_Update(ctx, buf, len); return 0; } static int SHA512Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA512_Update(ctx, buf, len); return 0; } /* * And compression */ static u_int32_t deflate_compress(data, size, out) u_int8_t *data; u_int32_t size; u_int8_t **out; { return deflate_global(data, size, 0, out); } static u_int32_t deflate_decompress(data, size, out) u_int8_t *data; u_int32_t size; u_int8_t **out; { return deflate_global(data, size, 1, out); } @ 1.14.2.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.14 2005/05/29 21:23:17 christos Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.14 2005/05/29 21:23:17 christos Exp $"); d46 1 d48 17 d69 51 a121 22 const u_int8_t hmac_ipad_buffer[64] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 }; const u_int8_t hmac_opad_buffer[64] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C }; d126 5 a130 1 4, 0, 256 /* 2048 bits, max key */ d135 5 a139 1 8, 8, 8 d144 5 a148 1 8, 24, 24 d153 5 a157 1 8, 5, 56 /* 448 bits, max key */ d162 5 a166 1 8, 5, 16 d171 5 a175 1 8, 10, 10 d180 5 a184 1 16, 8, 32 d189 5 a193 1 1, 1, 32 d199 2 a200 1 0, 0, 12, sizeof(int) /* NB: context isn't used */ d205 3 a207 1 16, 16, 12, sizeof(MD5_CTX) d212 2 a213 1 20, 20, 12, sizeof(SHA1_CTX) d218 3 a220 1 20, 20, 12, sizeof(RMD160_CTX) d225 3 a227 1 0, 16, 16, sizeof(MD5_CTX) d232 2 a233 1 0, 20, 20, sizeof(SHA1_CTX) d238 3 a240 1 0, 16, 16, sizeof(MD5_CTX) d245 3 a247 1 0, 20, 20, sizeof(SHA1_CTX) d252 3 a254 1 32, 32, 12, sizeof(SHA256_CTX) d259 3 a261 1 48, 48, 12, sizeof(SHA384_CTX) d266 3 a268 1 64, 64, 12, sizeof(SHA512_CTX) d274 2 a275 1 90 d277 391 @ 1.14.2.2 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.14.2.1 2006/06/21 15:12:02 yamt Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.14.2.1 2006/06/21 15:12:02 yamt Exp $"); d123 1 a123 1 struct auth_hash auth_hash_hmac_md5 = { a124 15 16, 16, 16, sizeof(MD5_CTX) }; struct auth_hash auth_hash_hmac_sha1 = { CRYPTO_SHA1_HMAC, "HMAC-SHA1", 20, 20, 20, sizeof(SHA1_CTX) }; struct auth_hash auth_hash_hmac_ripemd_160 = { CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 20, 20, 20, sizeof(RMD160_CTX) }; struct auth_hash auth_hash_hmac_md5_96 = { CRYPTO_MD5_HMAC, "HMAC-MD5-96", d129 1 a129 1 CRYPTO_SHA1_HMAC, "HMAC-SHA1-96", @ 1.14.2.3 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.14.2.2 2008/02/04 09:24:48 yamt Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.14.2.2 2008/02/04 09:24:48 yamt Exp $"); d139 1 a139 1 CRYPTO_MD5_HMAC_96, "HMAC-MD5-96", d144 1 a144 1 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96", d149 1 a149 1 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160", @ 1.14.8.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.14 2005/05/29 21:23:17 christos Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.14 2005/05/29 21:23:17 christos Exp $"); d46 1 d48 17 d69 51 a121 22 const u_int8_t hmac_ipad_buffer[64] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 }; const u_int8_t hmac_opad_buffer[64] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C }; d126 5 a130 1 4, 0, 256 /* 2048 bits, max key */ d135 5 a139 1 8, 8, 8 d144 5 a148 1 8, 24, 24 d153 5 a157 1 8, 5, 56 /* 448 bits, max key */ d162 5 a166 1 8, 5, 16 d171 5 a175 1 8, 10, 10 d180 5 a184 1 16, 8, 32 d189 5 a193 1 1, 1, 32 d199 2 a200 1 0, 0, 12, sizeof(int) /* NB: context isn't used */ d205 3 a207 1 16, 16, 12, sizeof(MD5_CTX) d212 2 a213 1 20, 20, 12, sizeof(SHA1_CTX) d218 3 a220 1 20, 20, 12, sizeof(RMD160_CTX) d225 3 a227 1 0, 16, 16, sizeof(MD5_CTX) d232 2 a233 1 0, 20, 20, sizeof(SHA1_CTX) d238 3 a240 1 0, 16, 16, sizeof(MD5_CTX) d245 3 a247 1 0, 20, 20, sizeof(SHA1_CTX) d252 3 a254 1 32, 32, 12, sizeof(SHA256_CTX) d259 3 a261 1 48, 48, 12, sizeof(SHA384_CTX) d266 3 a268 1 64, 64, 12, sizeof(SHA512_CTX) d274 2 a275 1 90 d277 391 @ 1.13 log @Remove erroneous '2 *' from 'bzero(*sched, 2 * sizeof(rijndael_ctx));' After using AES from sys/crypto, we only malloc sizeof(rijndael_ctx), and we were bzero()ing past the end of the aes ctx, leading to panics. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.12 2003/11/16 12:07:50 tls Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.12 2003/11/16 12:07:50 tls Exp $"); d329 1 a329 1 des_set_key((des_cblock *) key, p[0]); d373 3 a375 3 des_set_key((des_cblock *)(key + 0), p[0]); des_set_key((des_cblock *)(key + 8), p[1]); des_set_key((des_cblock *)(key + 16), p[2]); @ 1.13.4.1 log @file xform.c was added on branch ktrace-lwp on 2004-08-03 10:56:25 +0000 @ text @d1 667 @ 1.13.4.2 log @Sync with HEAD @ text @a0 667 /* $NetBSD: xform.c,v 1.13.4.1 2004/08/03 10:56:25 skrll Exp $ */ /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */ /* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */ /* * The authors of this code are John Ioannidis (ji@@tla.org), * Angelos D. Keromytis (kermit@@csd.uch.gr) and * Niels Provos (provos@@physnet.uni-hamburg.de). * * This code was written by John Ioannidis for BSD/OS in Athens, Greece, * in November 1995. * * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, * by Angelos D. Keromytis. * * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis * and Niels Provos. * * Additional features in 1999 by Angelos D. Keromytis. * * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, * Angelos D. Keromytis and Niels Provos. * * Copyright (C) 2001, Angelos D. Keromytis. * * Permission to use, copy, and modify this software with or without fee * is hereby granted, provided that this entire notice is included in * all copies of any software which is or includes a copy or * modification of this software. * You may use this code under the GNU public license if you so wish. Please * contribute changes back to the authors under this freer than GPL license * so that we may further the use of strong encryption without limitations to * all. * * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR * PURPOSE. */ #include __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.13.4.1 2004/08/03 10:56:25 skrll Exp $"); #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static void null_encrypt(caddr_t, u_int8_t *); static void null_decrypt(caddr_t, u_int8_t *); static int null_setkey(u_int8_t **, const u_int8_t *, int); static void null_zerokey(u_int8_t **); static int des1_setkey(u_int8_t **, const u_int8_t *, int); static int des3_setkey(u_int8_t **, const u_int8_t *, int); static int blf_setkey(u_int8_t **, const u_int8_t *, int); static int cast5_setkey(u_int8_t **, const u_int8_t *, int); static int skipjack_setkey(u_int8_t **, const u_int8_t *, int); static int rijndael128_setkey(u_int8_t **, const u_int8_t *, int); static void des1_encrypt(caddr_t, u_int8_t *); static void des3_encrypt(caddr_t, u_int8_t *); static void blf_encrypt(caddr_t, u_int8_t *); static void cast5_encrypt(caddr_t, u_int8_t *); static void skipjack_encrypt(caddr_t, u_int8_t *); static void rijndael128_encrypt(caddr_t, u_int8_t *); static void des1_decrypt(caddr_t, u_int8_t *); static void des3_decrypt(caddr_t, u_int8_t *); static void blf_decrypt(caddr_t, u_int8_t *); static void cast5_decrypt(caddr_t, u_int8_t *); static void skipjack_decrypt(caddr_t, u_int8_t *); static void rijndael128_decrypt(caddr_t, u_int8_t *); static void des1_zerokey(u_int8_t **); static void des3_zerokey(u_int8_t **); static void blf_zerokey(u_int8_t **); static void cast5_zerokey(u_int8_t **); static void skipjack_zerokey(u_int8_t **); static void rijndael128_zerokey(u_int8_t **); static void null_init(void *); static int null_update(void *, const u_int8_t *, u_int16_t); static void null_final(u_int8_t *, void *); static int MD5Update_int(void *, const u_int8_t *, u_int16_t); static void SHA1Init_int(void *); static int SHA1Update_int(void *, const u_int8_t *, u_int16_t); static void SHA1Final_int(u_int8_t *, void *); static int RMD160Update_int(void *, const u_int8_t *, u_int16_t); static int SHA1Update_int(void *, const u_int8_t *, u_int16_t); static void SHA1Final_int(u_int8_t *, void *); static int RMD160Update_int(void *, const u_int8_t *, u_int16_t); static int SHA256Update_int(void *, const u_int8_t *, u_int16_t); static int SHA384Update_int(void *, const u_int8_t *, u_int16_t); static int SHA512Update_int(void *, const u_int8_t *, u_int16_t); static u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **); static u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **); MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); /* Encryption instances */ struct enc_xform enc_xform_null = { CRYPTO_NULL_CBC, "NULL", /* NB: blocksize of 4 is to generate a properly aligned ESP header */ 4, 0, 256, /* 2048 bits, max key */ null_encrypt, null_decrypt, null_setkey, null_zerokey, }; struct enc_xform enc_xform_des = { CRYPTO_DES_CBC, "DES", 8, 8, 8, des1_encrypt, des1_decrypt, des1_setkey, des1_zerokey, }; struct enc_xform enc_xform_3des = { CRYPTO_3DES_CBC, "3DES", 8, 24, 24, des3_encrypt, des3_decrypt, des3_setkey, des3_zerokey }; struct enc_xform enc_xform_blf = { CRYPTO_BLF_CBC, "Blowfish", 8, 5, 56 /* 448 bits, max key */, blf_encrypt, blf_decrypt, blf_setkey, blf_zerokey }; struct enc_xform enc_xform_cast5 = { CRYPTO_CAST_CBC, "CAST-128", 8, 5, 16, cast5_encrypt, cast5_decrypt, cast5_setkey, cast5_zerokey }; struct enc_xform enc_xform_skipjack = { CRYPTO_SKIPJACK_CBC, "Skipjack", 8, 10, 10, skipjack_encrypt, skipjack_decrypt, skipjack_setkey, skipjack_zerokey }; struct enc_xform enc_xform_rijndael128 = { CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES", 16, 8, 32, rijndael128_encrypt, rijndael128_decrypt, rijndael128_setkey, rijndael128_zerokey, }; struct enc_xform enc_xform_arc4 = { CRYPTO_ARC4, "ARC4", 1, 1, 32, NULL, NULL, NULL, NULL, }; /* Authentication instances */ struct auth_hash auth_hash_null = { CRYPTO_NULL_HMAC, "NULL-HMAC", 0, 0, 12, sizeof(int), /* NB: context isn't used */ null_init, null_update, null_final }; struct auth_hash auth_hash_hmac_md5_96 = { CRYPTO_MD5_HMAC, "HMAC-MD5", 16, 16, 12, sizeof(MD5_CTX), (void (*) (void *)) MD5Init, MD5Update_int, (void (*) (u_int8_t *, void *)) MD5Final }; struct auth_hash auth_hash_hmac_sha1_96 = { CRYPTO_SHA1_HMAC, "HMAC-SHA1", 20, 20, 12, sizeof(SHA1_CTX), SHA1Init_int, SHA1Update_int, SHA1Final_int }; struct auth_hash auth_hash_hmac_ripemd_160_96 = { CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 20, 20, 12, sizeof(RMD160_CTX), (void (*)(void *)) RMD160Init, RMD160Update_int, (void (*)(u_int8_t *, void *)) RMD160Final }; struct auth_hash auth_hash_key_md5 = { CRYPTO_MD5_KPDK, "Keyed MD5", 0, 16, 16, sizeof(MD5_CTX), (void (*)(void *)) MD5Init, MD5Update_int, (void (*)(u_int8_t *, void *)) MD5Final }; struct auth_hash auth_hash_key_sha1 = { CRYPTO_SHA1_KPDK, "Keyed SHA1", 0, 20, 20, sizeof(SHA1_CTX), SHA1Init_int, SHA1Update_int, SHA1Final_int }; struct auth_hash auth_hash_md5 = { CRYPTO_MD5, "MD5", 0, 16, 16, sizeof(MD5_CTX), (void (*) (void *)) MD5Init, MD5Update_int, (void (*) (u_int8_t *, void *)) MD5Final }; struct auth_hash auth_hash_sha1 = { CRYPTO_SHA1, "SHA1", 0, 20, 20, sizeof(SHA1_CTX), (void (*)(void *)) SHA1Init, SHA1Update_int, (void (*)(u_int8_t *, void *)) SHA1Final }; struct auth_hash auth_hash_hmac_sha2_256 = { CRYPTO_SHA2_HMAC, "HMAC-SHA2", 32, 32, 12, sizeof(SHA256_CTX), (void (*)(void *)) SHA256_Init, SHA256Update_int, (void (*)(u_int8_t *, void *)) SHA256_Final }; struct auth_hash auth_hash_hmac_sha2_384 = { CRYPTO_SHA2_HMAC, "HMAC-SHA2-384", 48, 48, 12, sizeof(SHA384_CTX), (void (*)(void *)) SHA384_Init, SHA384Update_int, (void (*)(u_int8_t *, void *)) SHA384_Final }; struct auth_hash auth_hash_hmac_sha2_512 = { CRYPTO_SHA2_HMAC, "HMAC-SHA2-512", 64, 64, 12, sizeof(SHA512_CTX), (void (*)(void *)) SHA512_Init, SHA512Update_int, (void (*)(u_int8_t *, void *)) SHA512_Final }; /* Compression instance */ struct comp_algo comp_algo_deflate = { CRYPTO_DEFLATE_COMP, "Deflate", 90, deflate_compress, deflate_decompress }; /* * Encryption wrapper routines. */ static void null_encrypt(caddr_t key, u_int8_t *blk) { } static void null_decrypt(caddr_t key, u_int8_t *blk) { } static int null_setkey(u_int8_t **sched, const u_int8_t *key, int len) { *sched = NULL; return 0; } static void null_zerokey(u_int8_t **sched) { *sched = NULL; } static void des1_encrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb_encrypt(cb, cb, p[0], DES_ENCRYPT); } static void des1_decrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb_encrypt(cb, cb, p[0], DES_DECRYPT); } static int des1_setkey(u_int8_t **sched, const u_int8_t *key, int len) { des_key_schedule *p; int err; MALLOC(p, des_key_schedule *, sizeof (des_key_schedule), M_CRYPTO_DATA, M_NOWAIT); if (p != NULL) { bzero(p, sizeof(des_key_schedule)); des_set_key((des_cblock *) key, p[0]); err = 0; } else err = ENOMEM; *sched = (u_int8_t *) p; return err; } static void des1_zerokey(u_int8_t **sched) { bzero(*sched, sizeof (des_key_schedule)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void des3_encrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_ENCRYPT); } static void des3_decrypt(caddr_t key, u_int8_t *blk) { des_cblock *cb = (des_cblock *) blk; des_key_schedule *p = (des_key_schedule *) key; des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_DECRYPT); } static int des3_setkey(u_int8_t **sched, const u_int8_t *key, int len) { des_key_schedule *p; int err; MALLOC(p, des_key_schedule *, 3*sizeof (des_key_schedule), M_CRYPTO_DATA, M_NOWAIT); if (p != NULL) { bzero(p, 3*sizeof(des_key_schedule)); des_set_key((des_cblock *)(key + 0), p[0]); des_set_key((des_cblock *)(key + 8), p[1]); des_set_key((des_cblock *)(key + 16), p[2]); err = 0; } else err = ENOMEM; *sched = (u_int8_t *) p; return err; } static void des3_zerokey(u_int8_t **sched) { bzero(*sched, 3*sizeof (des_key_schedule)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void blf_encrypt(caddr_t key, u_int8_t *blk) { #if defined(__NetBSD__) BF_ecb_encrypt(blk, blk, (BF_KEY *)key, 1); #else blf_ecb_encrypt((blf_ctx *) key, blk, 8); #endif } static void blf_decrypt(caddr_t key, u_int8_t *blk) { #if defined(__NetBSD__) BF_ecb_encrypt(blk, blk, (BF_KEY *)key, 0); #else blf_ecb_decrypt((blf_ctx *) key, blk, 8); #endif } static int blf_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; #if defined(__FreeBSD__) || defined(__NetBSD__) #define BLF_SIZ sizeof(BF_KEY) #else #define BLF_SIZ sizeof(blf_ctx) #endif MALLOC(*sched, u_int8_t *, BLF_SIZ, M_CRYPTO_DATA, M_NOWAIT); if (*sched != NULL) { bzero(*sched, BLF_SIZ); #if defined(__FreeBSD__) || defined(__NetBSD__) BF_set_key((BF_KEY *) *sched, len, key); #else blf_key((blf_ctx *)*sched, key, len); #endif err = 0; } else err = ENOMEM; return err; } static void blf_zerokey(u_int8_t **sched) { bzero(*sched, BLF_SIZ); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void cast5_encrypt(caddr_t key, u_int8_t *blk) { cast128_encrypt((cast128_key *) key, blk, blk); } static void cast5_decrypt(caddr_t key, u_int8_t *blk) { cast128_decrypt((cast128_key *) key, blk, blk); } static int cast5_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; MALLOC(*sched, u_int8_t *, sizeof(cast128_key), M_CRYPTO_DATA, M_NOWAIT); if (*sched != NULL) { bzero(*sched, sizeof(cast128_key)); cast128_setkey((cast128_key *)*sched, key, len); err = 0; } else err = ENOMEM; return err; } static void cast5_zerokey(u_int8_t **sched) { bzero(*sched, sizeof(cast128_key)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void skipjack_encrypt(caddr_t key, u_int8_t *blk) { skipjack_forwards(blk, blk, (u_int8_t **) key); } static void skipjack_decrypt(caddr_t key, u_int8_t *blk) { skipjack_backwards(blk, blk, (u_int8_t **) key); } static int skipjack_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; /* NB: allocate all the memory that's needed at once */ /* XXX assumes bytes are aligned on sizeof(u_char) == 1 boundaries. * Will this break a pdp-10, Cray-1, or GE-645 port? */ MALLOC(*sched, u_int8_t *, 10 * (sizeof(u_int8_t *) + 0x100), M_CRYPTO_DATA, M_NOWAIT); if (*sched != NULL) { u_int8_t** key_tables = (u_int8_t**) *sched; u_int8_t* table = (u_int8_t*) &key_tables[10]; int k; bzero(*sched, 10 * sizeof(u_int8_t *)+0x100); for (k = 0; k < 10; k++) { key_tables[k] = table; table += 0x100; } subkey_table_gen(key, (u_int8_t **) *sched); err = 0; } else err = ENOMEM; return err; } static void skipjack_zerokey(u_int8_t **sched) { bzero(*sched, 10 * (sizeof(u_int8_t *) + 0x100)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } static void rijndael128_encrypt(caddr_t key, u_int8_t *blk) { rijndael_encrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); } static void rijndael128_decrypt(caddr_t key, u_int8_t *blk) { rijndael_decrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); } static int rijndael128_setkey(u_int8_t **sched, const u_int8_t *key, int len) { int err; MALLOC(*sched, u_int8_t *, sizeof(rijndael_ctx), M_CRYPTO_DATA, M_WAITOK); if (*sched != NULL) { bzero(*sched, sizeof(rijndael_ctx)); rijndael_set_key((rijndael_ctx *) *sched, key, len * 8); err = 0; } else err = ENOMEM; return err; } static void rijndael128_zerokey(u_int8_t **sched) { bzero(*sched, sizeof(rijndael_ctx)); FREE(*sched, M_CRYPTO_DATA); *sched = NULL; } /* * And now for auth. */ static void null_init(void *ctx) { } static int null_update(void *ctx, const u_int8_t *buf, u_int16_t len) { return 0; } static void null_final(u_int8_t *buf, void *ctx) { if (buf != (u_int8_t *) 0) bzero(buf, 12); } static int RMD160Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { RMD160Update(ctx, buf, len); return 0; } static int MD5Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { MD5Update(ctx, buf, len); return 0; } static void SHA1Init_int(void *ctx) { SHA1Init(ctx); } static int SHA1Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA1Update(ctx, buf, len); return 0; } static void SHA1Final_int(u_int8_t *blk, void *ctx) { SHA1Final(blk, ctx); } static int SHA256Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA256_Update(ctx, buf, len); return 0; } static int SHA384Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA384_Update(ctx, buf, len); return 0; } static int SHA512Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) { SHA512_Update(ctx, buf, len); return 0; } /* * And compression */ static u_int32_t deflate_compress(data, size, out) u_int8_t *data; u_int32_t size; u_int8_t **out; { return deflate_global(data, size, 0, out); } static u_int32_t deflate_decompress(data, size, out) u_int8_t *data; u_int32_t size; u_int8_t **out; { return deflate_global(data, size, 1, out); } @ 1.13.4.3 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.13.4.2 2004/09/18 14:56:20 skrll Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.13.4.2 2004/09/18 14:56:20 skrll Exp $"); @ 1.13.4.4 log @Fix the sync with head I botched. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.13.4.3 2004/09/21 13:38:44 skrll Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.13.4.3 2004/09/21 13:38:44 skrll Exp $"); @ 1.13.4.5 log @Sync with HEAD. Here we go again... @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.13.4.4 2005/11/10 14:12:12 skrll Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.13.4.4 2005/11/10 14:12:12 skrll Exp $"); d329 1 a329 1 des_set_key((des_cblock *)__UNCONST(key), p[0]); d373 3 a375 3 des_set_key((des_cblock *)__UNCONST(key + 0), p[0]); des_set_key((des_cblock *)__UNCONST(key + 8), p[1]); des_set_key((des_cblock *)__UNCONST(key + 16), p[2]); @ 1.13.4.6 log @Sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.13.4.5 2005/12/11 10:29:36 christos Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.13.4.5 2005/12/11 10:29:36 christos Exp $"); d46 1 d48 17 d69 51 a121 22 const u_int8_t hmac_ipad_buffer[64] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 }; const u_int8_t hmac_opad_buffer[64] = { 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C }; d126 5 a130 1 4, 0, 256 /* 2048 bits, max key */ d135 5 a139 1 8, 8, 8 d144 5 a148 1 8, 24, 24 d153 5 a157 1 8, 5, 56 /* 448 bits, max key */ d162 5 a166 1 8, 5, 16 d171 5 a175 1 8, 10, 10 d180 5 a184 1 16, 8, 32 d189 5 a193 1 1, 1, 32 d199 2 a200 1 0, 0, 12, sizeof(int) /* NB: context isn't used */ d205 3 a207 1 16, 16, 12, sizeof(MD5_CTX) d212 2 a213 1 20, 20, 12, sizeof(SHA1_CTX) d218 3 a220 1 20, 20, 12, sizeof(RMD160_CTX) d225 3 a227 1 0, 16, 16, sizeof(MD5_CTX) d232 2 a233 1 0, 20, 20, sizeof(SHA1_CTX) d238 3 a240 1 0, 16, 16, sizeof(MD5_CTX) d245 3 a247 1 0, 20, 20, sizeof(SHA1_CTX) d252 3 a254 1 32, 32, 12, sizeof(SHA256_CTX) d259 3 a261 1 48, 48, 12, sizeof(SHA384_CTX) d266 3 a268 1 64, 64, 12, sizeof(SHA512_CTX) d274 2 a275 1 90 d277 391 @ 1.12 log @Move the Skipjack algorithm from sys/opencrypto to sys/crypto/skipjack. There are now no cryptographic algorithms in sys/opencrypto, which, according to the comment formerly in files.opencrypto, was the original intent. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.11 2003/08/27 14:55:36 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.11 2003/08/27 14:55:36 thorpej Exp $"); d566 1 a566 1 bzero(*sched, 2 * sizeof(rijndael_ctx)); @ 1.11 log @Fix-up a few things missed in the rijndael_set_key() change. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.10 2003/08/27 14:23:28 itojun Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.10 2003/08/27 14:23:28 itojun Exp $"); d59 1 a61 1 #include @ 1.10 log @simplify rijndael.c API - always schedule encrypt/decrypt key. reviewed by thorpej @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.9 2003/08/27 00:20:56 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.9 2003/08/27 00:20:56 thorpej Exp $"); d543 1 a543 1 rijndael_decrypt(((rijndael_ctx *) key) + 1, (u_char *) blk, d555 2 a556 2 bzero(*sched, 2 * sizeof(rijndael_ctx)); rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key, len * 8); @ 1.9 log @Some const poisoning. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.8 2003/08/27 00:05:28 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.8 2003/08/27 00:05:28 thorpej Exp $"); d552 1 a552 1 MALLOC(*sched, u_int8_t *, 2 * sizeof(rijndael_ctx), M_CRYPTO_DATA, d556 1 a556 3 rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key, len * 8, 1); rijndael_set_key(((rijndael_ctx *) *sched) + 1, (u_char *) key, len * 8, 0); @ 1.8 log @Use the Blowfish in crypto/blowfish, which has hooks for using tuned assembly for the transform. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.7 2003/08/26 16:37:38 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.7 2003/08/26 16:37:38 thorpej Exp $"); d71 1 a71 1 static int null_setkey(u_int8_t **, u_int8_t *, int); d74 6 a79 6 static int des1_setkey(u_int8_t **, u_int8_t *, int); static int des3_setkey(u_int8_t **, u_int8_t *, int); static int blf_setkey(u_int8_t **, u_int8_t *, int); static int cast5_setkey(u_int8_t **, u_int8_t *, int); static int skipjack_setkey(u_int8_t **, u_int8_t *, int); static int rijndael128_setkey(u_int8_t **, u_int8_t *, int); d100 1 a100 1 static int null_update(void *, u_int8_t *, u_int16_t); d103 1 a103 1 static int MD5Update_int(void *, u_int8_t *, u_int16_t); d105 1 a105 1 static int SHA1Update_int(void *, u_int8_t *, u_int16_t); d109 2 a110 2 static int RMD160Update_int(void *, u_int8_t *, u_int16_t); static int SHA1Update_int(void *, u_int8_t *, u_int16_t); d112 4 a115 4 static int RMD160Update_int(void *, u_int8_t *, u_int16_t); static int SHA256Update_int(void *, u_int8_t *, u_int16_t); static int SHA384Update_int(void *, u_int8_t *, u_int16_t); static int SHA512Update_int(void *, u_int8_t *, u_int16_t); d290 1 a290 1 null_setkey(u_int8_t **sched, u_int8_t *key, int len) d320 1 a320 1 des1_setkey(u_int8_t **sched, u_int8_t *key, int len) d364 1 a364 1 des3_setkey(u_int8_t **sched, u_int8_t *key, int len) d414 1 a414 1 blf_setkey(u_int8_t **sched, u_int8_t *key, int len) d460 1 a460 1 cast5_setkey(u_int8_t **sched, u_int8_t *key, int len) d496 1 a496 1 skipjack_setkey(u_int8_t **sched, u_int8_t *key, int len) d548 1 a548 1 rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len) d583 1 a583 1 null_update(void *ctx, u_int8_t *buf, u_int16_t len) d596 1 a596 1 RMD160Update_int(void *ctx, u_int8_t *buf, u_int16_t len) d603 1 a603 1 MD5Update_int(void *ctx, u_int8_t *buf, u_int16_t len) d616 1 a616 1 SHA1Update_int(void *ctx, u_int8_t *buf, u_int16_t len) d629 1 a629 1 SHA256Update_int(void *ctx, u_int8_t *buf, u_int16_t len) d636 1 a636 1 SHA384Update_int(void *ctx, u_int8_t *buf, u_int16_t len) d643 1 a643 1 SHA512Update_int(void *ctx, u_int8_t *buf, u_int16_t len) @ 1.7 log @Move the opencrypto CAST-128 implementation to crypto/cast128, removing the old one. Rename the functions/structures from cast_* to cast128_*. Adapt the KAME IPsec to use the new CAST-128 code, which has a simpler API and smaller footprint. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.6 2003/08/26 14:24:35 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.6 2003/08/26 14:24:35 thorpej Exp $"); a59 1 #include d394 4 d399 1 d405 4 d410 1 d418 2 a419 2 #ifdef __FreeBSD__ #define BLF_SIZ sizeof(BF_KEY) d421 1 a421 1 #define BLF_SIZ sizeof(blf_ctx) d428 1 a428 1 #ifdef _FreeBSD__ @ 1.6 log @G/C extra /. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.5 2003/08/26 14:24:06 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.5 2003/08/26 14:24:06 thorpej Exp $"); d55 1 a60 1 #include d441 1 a441 1 cast_encrypt((cast_key *) key, blk, blk); d447 1 a447 1 cast_decrypt((cast_key *) key, blk, blk); d455 1 a455 1 MALLOC(*sched, u_int8_t *, sizeof(cast_key), M_CRYPTO_DATA, d458 2 a459 2 bzero(*sched, sizeof(cast_key)); cast_setkey((cast_key *)*sched, key, len); d469 1 a469 1 bzero(*sched, sizeof(cast_key)); @ 1.5 log @G/C opencrypto's local copy of rijndael. Adapt the extant rijndael code for opencrypto's use by adding the simplified API that opencrypto expects. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.4 2003/08/25 04:09:57 thorpej Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.4 2003/08/25 04:09:57 thorpej Exp $"); d57 1 a57 1 #include @ 1.4 log @It's bad form to use the header file while using the crypto/ripemd160/rmd160.c implementation. Remove the opencrypto-local copies of these files entirely. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.3 2003/08/01 01:47:45 itojun Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.3 2003/08/01 01:47:45 itojun Exp $"); d56 1 a61 1 #include @ 1.3 log @keyed-{sha1,md5} should not be truncated to 96 bits. markus@@openbsd @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.2 2003/07/28 19:37:04 jonathan Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.2 2003/07/28 19:37:04 jonathan Exp $"); d56 1 a57 1 #include @ 1.2 log @Remove vestiges of OpenBSD header. @ text @d1 1 a1 1 /* $NetBSD: xform.c,v 1.1 2003/07/25 21:12:49 jonathan Exp $ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.1 2003/07/25 21:12:49 jonathan Exp $"); d226 1 a226 1 0, 16, 12, sizeof(MD5_CTX), d233 1 a233 1 0, 20, 12, sizeof(SHA1_CTX), @ 1.1 log @Commit initial NetBSD port of the OpenCrypto Framework (OCF). This code is derived from Sam Leffler's FreeBSD port of OCF, which is in turn a port of Angelos Keromytis's OpenBSD work. Credit to Sam and Angelos, any blame for the NetBSD port to me. @ text @d1 1 a1 1 /* $NetBSD:$ */ d43 1 a43 1 __KERNEL_RCSID(0, "$NetBSD:$"); d64 1 a64 1 #include @