1/* $NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $ */
2/* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */
3/* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */
4
5/*
6 * The authors of this code are John Ioannidis (ji@tla.org),
7 * Angelos D. Keromytis (kermit@csd.uch.gr) and
8 * Niels Provos (provos@physnet.uni-hamburg.de).
9 *
10 * This code was written by John Ioannidis for BSD/OS in Athens, Greece,
11 * in November 1995.
12 *
13 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
14 * by Angelos D. Keromytis.
15 *
16 * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
17 * and Niels Provos.
18 *
19 * Additional features in 1999 by Angelos D. Keromytis.
20 *
21 * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
22 * Angelos D. Keromytis and Niels Provos.
23 *
24 * Copyright (C) 2001, Angelos D. Keromytis.
25 *
26 * Permission to use, copy, and modify this software with or without fee
27 * is hereby granted, provided that this entire notice is included in
28 * all copies of any software which is or includes a copy or
29 * modification of this software.
30 * You may use this code under the GNU public license if you so wish. Please
31 * contribute changes back to the authors under this freer than GPL license
32 * so that we may further the use of strong encryption without limitations to
33 * all.
34 *
35 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
36 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
37 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
38 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
39 * PURPOSE.
40 */
41
42#include <sys/cdefs.h>
43__KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $");
44
45#include <sys/param.h>
46#include <sys/malloc.h>
47
48#include <opencrypto/cryptodev.h>
49#include <opencrypto/xform.h>
50
51MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers");
52
53const u_int8_t hmac_ipad_buffer[128] = {
54 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
55 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
56 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
57 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
58 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
59 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
60 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
61 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
62 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
63 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
64 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
65 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
66 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
67 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
68 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
69 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
70};
71
72const u_int8_t hmac_opad_buffer[128] = {
73 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
74 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
75 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
76 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
77 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
78 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
79 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
80 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
81 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
82 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
83 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
84 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
85 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
86 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
87 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C,
88 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C
89};
90
91/* Encryption instances */
92const struct enc_xform enc_xform_null = {
93 CRYPTO_NULL_CBC, "NULL",
94 /* NB: blocksize of 4 is to generate a properly aligned ESP header */
95 4, 0, 0, 256 /* 2048 bits, max key */
96};
97
98const struct enc_xform enc_xform_des = {
99 CRYPTO_DES_CBC, "DES",
100 8, 8, 8, 8
101};
102
103const struct enc_xform enc_xform_3des = {
104 CRYPTO_3DES_CBC, "3DES",
105 8, 8, 24, 24
106};
107
108const struct enc_xform enc_xform_blf = {
109 CRYPTO_BLF_CBC, "Blowfish",
110 8, 8, 5, 56 /* 448 bits, max key */
111};
112
113const struct enc_xform enc_xform_cast5 = {
114 CRYPTO_CAST_CBC, "CAST-128",
115 8, 8, 5, 16
116};
117
118const struct enc_xform enc_xform_skipjack = {
119 CRYPTO_SKIPJACK_CBC, "Skipjack",
120 8, 8, 10, 10
121};
122
123const struct enc_xform enc_xform_rijndael128 = {
124 CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES",
125 16, 16, 16, 32
126};
127
128const struct enc_xform enc_xform_arc4 = {
129 CRYPTO_ARC4, "ARC4",
130 1, 0, 1, 32
131};
132
133const struct enc_xform enc_xform_camellia = {
134 CRYPTO_CAMELLIA_CBC, "Camellia",
135 16, 16, 8, 32
136};
137
138const struct enc_xform enc_xform_aes_ctr = {
139 CRYPTO_AES_CTR, "AES-CTR",
140 16, 8, 16+4, 32+4
141};
142
143const struct enc_xform enc_xform_aes_gcm = {
144 CRYPTO_AES_GCM_16, "AES-GCM",
145 4 /* ??? */, 8, 16+4, 32+4
146};
147
148const struct enc_xform enc_xform_aes_gmac = {
149 CRYPTO_AES_GMAC, "AES-GMAC",
150 4 /* ??? */, 8, 16+4, 32+4
151};
152
153/* Authentication instances */
154const struct auth_hash auth_hash_null = {
155 CRYPTO_NULL_HMAC, "NULL-HMAC",
156 0, 0, 12, 64
157};
158
159const struct auth_hash auth_hash_hmac_md5 = {
160 CRYPTO_MD5_HMAC, "HMAC-MD5",
161 16, 16, 16, 64
162};
163
164const struct auth_hash auth_hash_hmac_sha1 = {
165 CRYPTO_SHA1_HMAC, "HMAC-SHA1",
166 20, 20, 20, 64
167};
168
169const struct auth_hash auth_hash_hmac_ripemd_160 = {
170 CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160",
171 20, 20, 20, 64
172};
173
174const struct auth_hash auth_hash_hmac_md5_96 = {
175 CRYPTO_MD5_HMAC_96, "HMAC-MD5-96",
176 16, 16, 12, 64
177};
178
179const struct auth_hash auth_hash_hmac_sha1_96 = {
180 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96",
181 20, 20, 12, 64
182};
183
184const struct auth_hash auth_hash_hmac_ripemd_160_96 = {
185 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160",
186 20, 20, 12, 64
187};
188
189const struct auth_hash auth_hash_key_md5 = {
190 CRYPTO_MD5_KPDK, "Keyed MD5",
191 0, 16, 16, 0
192};
193
194const struct auth_hash auth_hash_key_sha1 = {
195 CRYPTO_SHA1_KPDK, "Keyed SHA1",
196 0, 20, 20, 0
197};
198
199const struct auth_hash auth_hash_md5 = {
200 CRYPTO_MD5, "MD5",
201 0, 16, 16, 0
202};
203
204const struct auth_hash auth_hash_sha1 = {
205 CRYPTO_SHA1, "SHA1",
206 0, 20, 20, 0
207};
208
209const struct auth_hash auth_hash_hmac_sha2_256 = {
210 CRYPTO_SHA2_256_HMAC, "HMAC-SHA2",
211 32, 32, 16, 64
212};
213
214const struct auth_hash auth_hash_hmac_sha2_384 = {
215 CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384",
216 48, 48, 24, 128
217};
218
219const struct auth_hash auth_hash_hmac_sha2_512 = {
220 CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512",
221 64, 64, 32, 128
222};
223
224const struct auth_hash auth_hash_aes_xcbc_mac_96 = {
225 CRYPTO_AES_XCBC_MAC_96, "AES-XCBC-MAC-96",
226 16, 16, 12, 0
227};
228
229const struct auth_hash auth_hash_gmac_aes_128 = {
230 CRYPTO_AES_128_GMAC, "GMAC-AES-128",
231 16+4, 16, 16, 16 /* ??? */
232};
233
234const struct auth_hash auth_hash_gmac_aes_192 = {
235 CRYPTO_AES_192_GMAC, "GMAC-AES-192",
236 24+4, 16, 16, 16 /* ??? */
237};
238
239const struct auth_hash auth_hash_gmac_aes_256 = {
240 CRYPTO_AES_256_GMAC, "GMAC-AES-256",
241 32+4, 16, 16, 16 /* ??? */
242};
243
244/* Compression instance */
245const struct comp_algo comp_algo_deflate = {
246 CRYPTO_DEFLATE_COMP, "Deflate",
247 90
248};
249
250const struct comp_algo comp_algo_deflate_nogrow = {
251 CRYPTO_DEFLATE_COMP_NOGROW, "Deflate",
252 90
253};
254
255const struct comp_algo comp_algo_gzip = {
256 CRYPTO_GZIP_COMP, "GZIP",
257 90
258};
259