1 | /* $NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $ */ |
2 | /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */ |
3 | /* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */ |
4 | |
5 | /* |
6 | * The authors of this code are John Ioannidis (ji@tla.org), |
7 | * Angelos D. Keromytis (kermit@csd.uch.gr) and |
8 | * Niels Provos (provos@physnet.uni-hamburg.de). |
9 | * |
10 | * This code was written by John Ioannidis for BSD/OS in Athens, Greece, |
11 | * in November 1995. |
12 | * |
13 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, |
14 | * by Angelos D. Keromytis. |
15 | * |
16 | * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis |
17 | * and Niels Provos. |
18 | * |
19 | * Additional features in 1999 by Angelos D. Keromytis. |
20 | * |
21 | * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, |
22 | * Angelos D. Keromytis and Niels Provos. |
23 | * |
24 | * Copyright (C) 2001, Angelos D. Keromytis. |
25 | * |
26 | * Permission to use, copy, and modify this software with or without fee |
27 | * is hereby granted, provided that this entire notice is included in |
28 | * all copies of any software which is or includes a copy or |
29 | * modification of this software. |
30 | * You may use this code under the GNU public license if you so wish. Please |
31 | * contribute changes back to the authors under this freer than GPL license |
32 | * so that we may further the use of strong encryption without limitations to |
33 | * all. |
34 | * |
35 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR |
36 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY |
37 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE |
38 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR |
39 | * PURPOSE. |
40 | */ |
41 | |
42 | #include <sys/cdefs.h> |
43 | __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.28 2011/05/26 21:50:03 drochner Exp $" ); |
44 | |
45 | #include <sys/param.h> |
46 | #include <sys/malloc.h> |
47 | |
48 | #include <opencrypto/cryptodev.h> |
49 | #include <opencrypto/xform.h> |
50 | |
51 | MALLOC_DEFINE(M_XDATA, "xform" , "xform data buffers" ); |
52 | |
53 | const u_int8_t hmac_ipad_buffer[128] = { |
54 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
55 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
56 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
57 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
58 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
59 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
60 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
61 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
62 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
63 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
64 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
65 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
66 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
67 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
68 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, |
69 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 |
70 | }; |
71 | |
72 | const u_int8_t hmac_opad_buffer[128] = { |
73 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
74 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
75 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
76 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
77 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
78 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
79 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
80 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
81 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
82 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
83 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
84 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
85 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
86 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
87 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, |
88 | 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C |
89 | }; |
90 | |
91 | /* Encryption instances */ |
92 | const struct enc_xform enc_xform_null = { |
93 | CRYPTO_NULL_CBC, "NULL" , |
94 | /* NB: blocksize of 4 is to generate a properly aligned ESP header */ |
95 | 4, 0, 0, 256 /* 2048 bits, max key */ |
96 | }; |
97 | |
98 | const struct enc_xform enc_xform_des = { |
99 | CRYPTO_DES_CBC, "DES" , |
100 | 8, 8, 8, 8 |
101 | }; |
102 | |
103 | const struct enc_xform enc_xform_3des = { |
104 | CRYPTO_3DES_CBC, "3DES" , |
105 | 8, 8, 24, 24 |
106 | }; |
107 | |
108 | const struct enc_xform enc_xform_blf = { |
109 | CRYPTO_BLF_CBC, "Blowfish" , |
110 | 8, 8, 5, 56 /* 448 bits, max key */ |
111 | }; |
112 | |
113 | const struct enc_xform enc_xform_cast5 = { |
114 | CRYPTO_CAST_CBC, "CAST-128" , |
115 | 8, 8, 5, 16 |
116 | }; |
117 | |
118 | const struct enc_xform enc_xform_skipjack = { |
119 | CRYPTO_SKIPJACK_CBC, "Skipjack" , |
120 | 8, 8, 10, 10 |
121 | }; |
122 | |
123 | const struct enc_xform enc_xform_rijndael128 = { |
124 | CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES" , |
125 | 16, 16, 16, 32 |
126 | }; |
127 | |
128 | const struct enc_xform enc_xform_arc4 = { |
129 | CRYPTO_ARC4, "ARC4" , |
130 | 1, 0, 1, 32 |
131 | }; |
132 | |
133 | const struct enc_xform enc_xform_camellia = { |
134 | CRYPTO_CAMELLIA_CBC, "Camellia" , |
135 | 16, 16, 8, 32 |
136 | }; |
137 | |
138 | const struct enc_xform enc_xform_aes_ctr = { |
139 | CRYPTO_AES_CTR, "AES-CTR" , |
140 | 16, 8, 16+4, 32+4 |
141 | }; |
142 | |
143 | const struct enc_xform enc_xform_aes_gcm = { |
144 | CRYPTO_AES_GCM_16, "AES-GCM" , |
145 | 4 /* ??? */, 8, 16+4, 32+4 |
146 | }; |
147 | |
148 | const struct enc_xform enc_xform_aes_gmac = { |
149 | CRYPTO_AES_GMAC, "AES-GMAC" , |
150 | 4 /* ??? */, 8, 16+4, 32+4 |
151 | }; |
152 | |
153 | /* Authentication instances */ |
154 | const struct auth_hash auth_hash_null = { |
155 | CRYPTO_NULL_HMAC, "NULL-HMAC" , |
156 | 0, 0, 12, 64 |
157 | }; |
158 | |
159 | const struct auth_hash auth_hash_hmac_md5 = { |
160 | CRYPTO_MD5_HMAC, "HMAC-MD5" , |
161 | 16, 16, 16, 64 |
162 | }; |
163 | |
164 | const struct auth_hash auth_hash_hmac_sha1 = { |
165 | CRYPTO_SHA1_HMAC, "HMAC-SHA1" , |
166 | 20, 20, 20, 64 |
167 | }; |
168 | |
169 | const struct auth_hash auth_hash_hmac_ripemd_160 = { |
170 | CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160" , |
171 | 20, 20, 20, 64 |
172 | }; |
173 | |
174 | const struct auth_hash auth_hash_hmac_md5_96 = { |
175 | CRYPTO_MD5_HMAC_96, "HMAC-MD5-96" , |
176 | 16, 16, 12, 64 |
177 | }; |
178 | |
179 | const struct auth_hash auth_hash_hmac_sha1_96 = { |
180 | CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96" , |
181 | 20, 20, 12, 64 |
182 | }; |
183 | |
184 | const struct auth_hash auth_hash_hmac_ripemd_160_96 = { |
185 | CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160" , |
186 | 20, 20, 12, 64 |
187 | }; |
188 | |
189 | const struct auth_hash auth_hash_key_md5 = { |
190 | CRYPTO_MD5_KPDK, "Keyed MD5" , |
191 | 0, 16, 16, 0 |
192 | }; |
193 | |
194 | const struct auth_hash auth_hash_key_sha1 = { |
195 | CRYPTO_SHA1_KPDK, "Keyed SHA1" , |
196 | 0, 20, 20, 0 |
197 | }; |
198 | |
199 | const struct auth_hash auth_hash_md5 = { |
200 | CRYPTO_MD5, "MD5" , |
201 | 0, 16, 16, 0 |
202 | }; |
203 | |
204 | const struct auth_hash auth_hash_sha1 = { |
205 | CRYPTO_SHA1, "SHA1" , |
206 | 0, 20, 20, 0 |
207 | }; |
208 | |
209 | const struct auth_hash auth_hash_hmac_sha2_256 = { |
210 | CRYPTO_SHA2_256_HMAC, "HMAC-SHA2" , |
211 | 32, 32, 16, 64 |
212 | }; |
213 | |
214 | const struct auth_hash auth_hash_hmac_sha2_384 = { |
215 | CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384" , |
216 | 48, 48, 24, 128 |
217 | }; |
218 | |
219 | const struct auth_hash auth_hash_hmac_sha2_512 = { |
220 | CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512" , |
221 | 64, 64, 32, 128 |
222 | }; |
223 | |
224 | const struct auth_hash auth_hash_aes_xcbc_mac_96 = { |
225 | CRYPTO_AES_XCBC_MAC_96, "AES-XCBC-MAC-96" , |
226 | 16, 16, 12, 0 |
227 | }; |
228 | |
229 | const struct auth_hash auth_hash_gmac_aes_128 = { |
230 | CRYPTO_AES_128_GMAC, "GMAC-AES-128" , |
231 | 16+4, 16, 16, 16 /* ??? */ |
232 | }; |
233 | |
234 | const struct auth_hash auth_hash_gmac_aes_192 = { |
235 | CRYPTO_AES_192_GMAC, "GMAC-AES-192" , |
236 | 24+4, 16, 16, 16 /* ??? */ |
237 | }; |
238 | |
239 | const struct auth_hash auth_hash_gmac_aes_256 = { |
240 | CRYPTO_AES_256_GMAC, "GMAC-AES-256" , |
241 | 32+4, 16, 16, 16 /* ??? */ |
242 | }; |
243 | |
244 | /* Compression instance */ |
245 | const struct comp_algo comp_algo_deflate = { |
246 | CRYPTO_DEFLATE_COMP, "Deflate" , |
247 | 90 |
248 | }; |
249 | |
250 | const struct comp_algo comp_algo_deflate_nogrow = { |
251 | CRYPTO_DEFLATE_COMP_NOGROW, "Deflate" , |
252 | 90 |
253 | }; |
254 | |
255 | const struct comp_algo comp_algo_gzip = { |
256 | CRYPTO_GZIP_COMP, "GZIP" , |
257 | 90 |
258 | }; |
259 | |