Date: Wed, 18 Jul 2018 04:29:44 +0000 (UTC) From: Conrad Meyer <cem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r336442 - head/sys/crypto/aesni Message-ID: <201807180429.w6I4TimA008798@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cem Date: Wed Jul 18 04:29:44 2018 New Revision: 336442 URL: https://svnweb.freebsd.org/changeset/base/336442 Log: aesni(4): Abstract out hash/HMAC support No functional change. Verified with cryptocheck. Modified: head/sys/crypto/aesni/aesni.c Modified: head/sys/crypto/aesni/aesni.c ============================================================================== --- head/sys/crypto/aesni/aesni.c Wed Jul 18 03:32:28 2018 (r336441) +++ head/sys/crypto/aesni/aesni.c Wed Jul 18 04:29:44 2018 (r336442) @@ -541,6 +541,12 @@ intel_sha1_update(void *vctx, const void *vdata, u_int } static void +SHA1_Init_fn(void *ctx) +{ + sha1_init(ctx); +} + +static void SHA1_Finalize_fn(void *digest, void *ctx) { sha1_result(ctx, digest); @@ -590,6 +596,12 @@ intel_sha256_update(void *vctx, const void *vdata, u_i } static void +SHA256_Init_fn(void *ctx) +{ + SHA256_Init(ctx); +} + +static void SHA256_Finalize_fn(void *digest, void *ctx) { SHA256_Final(digest, ctx); @@ -813,7 +825,13 @@ aesni_cipher_mac(struct aesni_session *ses, struct cry } sctx; uint32_t res[SHA2_256_HASH_LEN / sizeof(uint32_t)]; int hashlen, error; + void *ctx; + void (*InitFn)(void *); + int (*UpdateFn)(void *, const void *, unsigned); + void (*FinalizeFn)(void *, void *); + bool hmac; + if ((crd->crd_flags & ~CRD_F_KEY_EXPLICIT) != 0) { CRYPTDEB("%s: Unsupported MAC flags: 0x%x", __func__, (crd->crd_flags & ~CRD_F_KEY_EXPLICIT)); @@ -825,39 +843,26 @@ aesni_cipher_mac(struct aesni_session *ses, struct cry return (error); } + hmac = false; switch (ses->auth_algo) { case CRYPTO_SHA1_HMAC: - hashlen = SHA1_HASH_LEN; - /* Inner hash: (K ^ IPAD) || data */ - sha1_init(&sctx.sha1); - hmac_internal(&sctx.sha1, res, intel_sha1_update, - SHA1_Finalize_fn, ses->hmac_key, 0x36, crp->crp_buf, - crd->crd_skip, crd->crd_len, crp->crp_flags); - /* Outer hash: (K ^ OPAD) || inner hash */ - sha1_init(&sctx.sha1); - hmac_internal(&sctx.sha1, res, intel_sha1_update, - SHA1_Finalize_fn, ses->hmac_key, 0x5C, res, 0, hashlen, 0); - break; + hmac = true; + /* FALLTHROUGH */ case CRYPTO_SHA1: hashlen = SHA1_HASH_LEN; - sha1_init(&sctx.sha1); - crypto_apply(crp->crp_flags, crp->crp_buf, crd->crd_skip, - crd->crd_len, __DECONST(int (*)(void *, void *, u_int), - intel_sha1_update), &sctx.sha1); - sha1_result(&sctx.sha1, (void *)res); + InitFn = SHA1_Init_fn; + UpdateFn = intel_sha1_update; + FinalizeFn = SHA1_Finalize_fn; + ctx = &sctx.sha1; break; + case CRYPTO_SHA2_256_HMAC: + hmac = true; hashlen = SHA2_256_HASH_LEN; - /* Inner hash: (K ^ IPAD) || data */ - SHA256_Init(&sctx.sha2); - hmac_internal(&sctx.sha2, res, intel_sha256_update, - SHA256_Finalize_fn, ses->hmac_key, 0x36, crp->crp_buf, - crd->crd_skip, crd->crd_len, crp->crp_flags); - /* Outer hash: (K ^ OPAD) || inner hash */ - SHA256_Init(&sctx.sha2); - hmac_internal(&sctx.sha2, res, intel_sha256_update, - SHA256_Finalize_fn, ses->hmac_key, 0x5C, res, 0, hashlen, - 0); + InitFn = SHA256_Init_fn; + UpdateFn = intel_sha256_update; + FinalizeFn = SHA256_Finalize_fn; + ctx = &sctx.sha2; break; default: /* @@ -865,6 +870,24 @@ aesni_cipher_mac(struct aesni_session *ses, struct cry * enccrd */ return (0); + } + + if (hmac) { + /* Inner hash: (K ^ IPAD) || data */ + InitFn(ctx); + hmac_internal(ctx, res, UpdateFn, FinalizeFn, ses->hmac_key, + 0x36, crp->crp_buf, crd->crd_skip, crd->crd_len, + crp->crp_flags); + /* Outer hash: (K ^ OPAD) || inner hash */ + InitFn(ctx); + hmac_internal(ctx, res, UpdateFn, FinalizeFn, ses->hmac_key, + 0x5C, res, 0, hashlen, 0); + } else { + InitFn(ctx); + crypto_apply(crp->crp_flags, crp->crp_buf, crd->crd_skip, + crd->crd_len, __DECONST(int (*)(void *, void *, u_int), + UpdateFn), ctx); + FinalizeFn(res, ctx); } if (ses->mlen != 0 && ses->mlen < hashlen)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201807180429.w6I4TimA008798>