4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
26 #include <sys/crypto/common.h>
27 #include <sys/crypto/impl.h>
28 #include <sys/crypto/sched_impl.h>
30 static int kcf_emulate_dual(kcf_provider_desc_t
*, crypto_ctx_t
*,
34 kcf_free_triedlist(kcf_prov_tried_t
*list
)
38 while ((l
= list
) != NULL
) {
40 KCF_PROV_REFRELE(l
->pt_pd
);
41 kmem_free(l
, sizeof (kcf_prov_tried_t
));
46 kcf_insert_triedlist(kcf_prov_tried_t
**list
, kcf_provider_desc_t
*pd
,
51 l
= kmem_alloc(sizeof (kcf_prov_tried_t
), kmflag
);
63 is_in_triedlist(kcf_provider_desc_t
*pd
, kcf_prov_tried_t
*triedl
)
65 while (triedl
!= NULL
) {
66 if (triedl
->pt_pd
== pd
)
68 triedl
= triedl
->pt_next
;
75 * Search a mech entry's hardware provider list for the specified
76 * provider. Return true if found.
79 is_valid_provider_for_mech(kcf_provider_desc_t
*pd
, kcf_mech_entry_t
*me
,
80 crypto_func_group_t fg
)
82 kcf_prov_mech_desc_t
*prov_chain
;
84 prov_chain
= me
->me_hw_prov_chain
;
85 if (prov_chain
!= NULL
) {
86 ASSERT(me
->me_num_hwprov
> 0);
87 for (; prov_chain
!= NULL
; prov_chain
= prov_chain
->pm_next
) {
88 if (prov_chain
->pm_prov_desc
== pd
&&
89 IS_FG_SUPPORTED(prov_chain
, fg
)) {
98 * This routine, given a logical provider, returns the least loaded
99 * provider belonging to the logical provider. The provider must be
100 * able to do the specified mechanism, i.e. check that the mechanism
101 * hasn't been disabled. In addition, just in case providers are not
102 * entirely equivalent, the provider's entry point is checked for
103 * non-nullness. This is accomplished by having the caller pass, as
104 * arguments, the offset of the function group (offset_1), and the
105 * offset of the function within the function group (offset_2).
106 * Returns NULL if no provider can be found.
109 kcf_get_hardware_provider(crypto_mech_type_t mech_type_1
,
110 crypto_mech_type_t mech_type_2
, boolean_t call_restrict
,
111 kcf_provider_desc_t
*old
, kcf_provider_desc_t
**new, crypto_func_group_t fg
)
113 kcf_provider_desc_t
*provider
, *real_pd
= old
;
114 kcf_provider_desc_t
*gpd
= NULL
; /* good provider */
115 kcf_provider_desc_t
*bpd
= NULL
; /* busy provider */
116 kcf_provider_list_t
*p
;
117 kcf_ops_class_t
class;
118 kcf_mech_entry_t
*me
;
119 kcf_mech_entry_tab_t
*me_tab
;
120 int index
, len
, gqlen
= INT_MAX
, rv
= CRYPTO_SUCCESS
;
122 /* get the mech entry for the specified mechanism */
123 class = KCF_MECH2CLASS(mech_type_1
);
124 if ((class < KCF_FIRST_OPSCLASS
) || (class > KCF_LAST_OPSCLASS
)) {
125 return (CRYPTO_MECHANISM_INVALID
);
128 me_tab
= &kcf_mech_tabs_tab
[class];
129 index
= KCF_MECH2INDEX(mech_type_1
);
130 if ((index
< 0) || (index
>= me_tab
->met_size
)) {
131 return (CRYPTO_MECHANISM_INVALID
);
134 me
= &((me_tab
->met_tab
)[index
]);
135 mutex_enter(&me
->me_mutex
);
138 * We assume the provider descriptor will not go away because
139 * it is being held somewhere, i.e. its reference count has been
140 * incremented. In the case of the crypto module, the provider
141 * descriptor is held by the session structure.
143 if (old
->pd_prov_type
== CRYPTO_LOGICAL_PROVIDER
) {
144 if (old
->pd_provider_list
== NULL
) {
146 rv
= CRYPTO_DEVICE_ERROR
;
150 * Find the least loaded real provider. KCF_PROV_LOAD gives
151 * the load (number of pending requests) of the provider.
153 mutex_enter(&old
->pd_lock
);
154 p
= old
->pd_provider_list
;
156 provider
= p
->pl_provider
;
158 ASSERT(provider
->pd_prov_type
!=
159 CRYPTO_LOGICAL_PROVIDER
);
162 (provider
->pd_flags
& KCF_PROV_RESTRICTED
)) {
167 if (!is_valid_provider_for_mech(provider
, me
, fg
)) {
172 /* provider does second mech */
173 if (mech_type_2
!= CRYPTO_MECH_INVALID
) {
176 i
= KCF_TO_PROV_MECH_INDX(provider
,
178 if (i
== KCF_INVALID_INDX
) {
184 if (provider
->pd_state
!= KCF_PROV_READY
) {
185 /* choose BUSY if no READY providers */
186 if (provider
->pd_state
== KCF_PROV_BUSY
)
192 len
= KCF_PROV_LOAD(provider
);
203 KCF_PROV_REFHOLD(real_pd
);
204 } else if (bpd
!= NULL
) {
206 KCF_PROV_REFHOLD(real_pd
);
208 /* can't find provider */
210 rv
= CRYPTO_MECHANISM_INVALID
;
212 mutex_exit(&old
->pd_lock
);
215 if (!KCF_IS_PROV_USABLE(old
) ||
216 (call_restrict
&& (old
->pd_flags
& KCF_PROV_RESTRICTED
))) {
218 rv
= CRYPTO_DEVICE_ERROR
;
222 if (!is_valid_provider_for_mech(old
, me
, fg
)) {
224 rv
= CRYPTO_MECHANISM_INVALID
;
228 KCF_PROV_REFHOLD(real_pd
);
231 mutex_exit(&me
->me_mutex
);
237 * Return the best provider for the specified mechanism. The provider
238 * is held and it is the caller's responsibility to release it when done.
239 * The fg input argument is used as a search criterion to pick a provider.
240 * A provider has to support this function group to be picked.
242 * Find the least loaded provider in the list of providers. We do a linear
243 * search to find one. This is fine as we assume there are only a few
244 * number of providers in this list. If this assumption ever changes,
245 * we should revisit this.
247 * call_restrict represents if the caller should not be allowed to
248 * use restricted providers.
250 kcf_provider_desc_t
*
251 kcf_get_mech_provider(crypto_mech_type_t mech_type
, kcf_mech_entry_t
**mepp
,
252 int *error
, kcf_prov_tried_t
*triedl
, crypto_func_group_t fg
,
253 boolean_t call_restrict
, size_t data_size
)
255 kcf_provider_desc_t
*pd
= NULL
, *gpd
= NULL
;
256 kcf_prov_mech_desc_t
*prov_chain
, *mdesc
;
257 int len
, gqlen
= INT_MAX
;
258 kcf_ops_class_t
class;
260 kcf_mech_entry_t
*me
;
261 kcf_mech_entry_tab_t
*me_tab
;
263 class = KCF_MECH2CLASS(mech_type
);
264 if ((class < KCF_FIRST_OPSCLASS
) || (class > KCF_LAST_OPSCLASS
)) {
265 *error
= CRYPTO_MECHANISM_INVALID
;
269 me_tab
= &kcf_mech_tabs_tab
[class];
270 index
= KCF_MECH2INDEX(mech_type
);
271 if ((index
< 0) || (index
>= me_tab
->met_size
)) {
272 *error
= CRYPTO_MECHANISM_INVALID
;
276 me
= &((me_tab
->met_tab
)[index
]);
280 mutex_enter(&me
->me_mutex
);
282 prov_chain
= me
->me_hw_prov_chain
;
285 * We check for the threshold for using a hardware provider for
286 * this amount of data. If there is no software provider available
287 * for the mechanism, then the threshold is ignored.
289 if ((prov_chain
!= NULL
) &&
290 ((data_size
== 0) || (me
->me_threshold
== 0) ||
291 (data_size
>= me
->me_threshold
) ||
292 ((mdesc
= me
->me_sw_prov
) == NULL
) ||
293 (!IS_FG_SUPPORTED(mdesc
, fg
)) ||
294 (!KCF_IS_PROV_USABLE(mdesc
->pm_prov_desc
)))) {
295 ASSERT(me
->me_num_hwprov
> 0);
296 /* there is at least one provider */
299 * Find the least loaded real provider. KCF_PROV_LOAD gives
300 * the load (number of pending requests) of the provider.
302 while (prov_chain
!= NULL
) {
303 pd
= prov_chain
->pm_prov_desc
;
305 if (!IS_FG_SUPPORTED(prov_chain
, fg
) ||
306 !KCF_IS_PROV_USABLE(pd
) ||
307 IS_PROVIDER_TRIED(pd
, triedl
) ||
309 (pd
->pd_flags
& KCF_PROV_RESTRICTED
))) {
310 prov_chain
= prov_chain
->pm_next
;
314 if ((len
= KCF_PROV_LOAD(pd
)) < gqlen
) {
319 prov_chain
= prov_chain
->pm_next
;
325 /* No HW provider for this mech, is there a SW provider? */
326 if (pd
== NULL
&& (mdesc
= me
->me_sw_prov
) != NULL
) {
327 pd
= mdesc
->pm_prov_desc
;
328 if (!IS_FG_SUPPORTED(mdesc
, fg
) ||
329 !KCF_IS_PROV_USABLE(pd
) ||
330 IS_PROVIDER_TRIED(pd
, triedl
) ||
331 (call_restrict
&& (pd
->pd_flags
& KCF_PROV_RESTRICTED
)))
337 * We do not want to report CRYPTO_MECH_NOT_SUPPORTED, when
338 * we are in the "fallback to the next provider" case. Rather
339 * we preserve the error, so that the client gets the right
343 *error
= CRYPTO_MECH_NOT_SUPPORTED
;
345 KCF_PROV_REFHOLD(pd
);
347 mutex_exit(&me
->me_mutex
);
352 * Very similar to kcf_get_mech_provider(). Finds the best provider capable of
353 * a dual operation with both me1 and me2.
354 * When no dual-ops capable providers are available, return the best provider
355 * for me1 only, and sets *prov_mt2 to CRYPTO_INVALID_MECHID;
356 * We assume/expect that a slower HW capable of the dual is still
357 * faster than the 2 fastest providers capable of the individual ops
360 kcf_provider_desc_t
*
361 kcf_get_dual_provider(crypto_mechanism_t
*mech1
, crypto_mechanism_t
*mech2
,
362 kcf_mech_entry_t
**mepp
, crypto_mech_type_t
*prov_mt1
,
363 crypto_mech_type_t
*prov_mt2
, int *error
, kcf_prov_tried_t
*triedl
,
364 crypto_func_group_t fg1
, crypto_func_group_t fg2
, boolean_t call_restrict
,
367 kcf_provider_desc_t
*pd
= NULL
, *pdm1
= NULL
, *pdm1m2
= NULL
;
368 kcf_prov_mech_desc_t
*prov_chain
, *mdesc
;
369 int len
, gqlen
= INT_MAX
, dgqlen
= INT_MAX
;
370 crypto_mech_info_list_t
*mil
;
371 crypto_mech_type_t m2id
= mech2
->cm_type
;
372 kcf_mech_entry_t
*me
;
374 /* when mech is a valid mechanism, me will be its mech_entry */
375 if (kcf_get_mech_entry(mech1
->cm_type
, &me
) != KCF_SUCCESS
) {
376 *error
= CRYPTO_MECHANISM_INVALID
;
380 *prov_mt2
= CRYPTO_MECH_INVALID
;
384 mutex_enter(&me
->me_mutex
);
386 prov_chain
= me
->me_hw_prov_chain
;
388 * We check the threshold for using a hardware provider for
389 * this amount of data. If there is no software provider available
390 * for the first mechanism, then the threshold is ignored.
392 if ((prov_chain
!= NULL
) &&
393 ((data_size
== 0) || (me
->me_threshold
== 0) ||
394 (data_size
>= me
->me_threshold
) ||
395 ((mdesc
= me
->me_sw_prov
) == NULL
) ||
396 (!IS_FG_SUPPORTED(mdesc
, fg1
)) ||
397 (!KCF_IS_PROV_USABLE(mdesc
->pm_prov_desc
)))) {
398 /* there is at least one provider */
399 ASSERT(me
->me_num_hwprov
> 0);
402 * Find the least loaded provider capable of the combo
403 * me1 + me2, and save a pointer to the least loaded
404 * provider capable of me1 only.
406 while (prov_chain
!= NULL
) {
407 pd
= prov_chain
->pm_prov_desc
;
408 len
= KCF_PROV_LOAD(pd
);
410 if (!IS_FG_SUPPORTED(prov_chain
, fg1
) ||
411 !KCF_IS_PROV_USABLE(pd
) ||
412 IS_PROVIDER_TRIED(pd
, triedl
) ||
414 (pd
->pd_flags
& KCF_PROV_RESTRICTED
))) {
415 prov_chain
= prov_chain
->pm_next
;
419 /* Save the best provider capable of m1 */
422 prov_chain
->pm_mech_info
.cm_mech_number
;
427 /* See if pd can do me2 too */
428 for (mil
= prov_chain
->pm_mi_list
;
429 mil
!= NULL
; mil
= mil
->ml_next
) {
430 if ((mil
->ml_mech_info
.cm_func_group_mask
&
434 if ((mil
->ml_kcf_mechid
== m2id
) &&
440 mil
->ml_mech_info
.cm_mech_number
;
441 *prov_mt1
= prov_chain
->
442 pm_mech_info
.cm_mech_number
;
447 prov_chain
= prov_chain
->pm_next
;
450 pd
= (pdm1m2
!= NULL
) ? pdm1m2
: pdm1
;
453 /* no HW provider for this mech, is there a SW provider? */
454 if (pd
== NULL
&& (mdesc
= me
->me_sw_prov
) != NULL
) {
455 pd
= mdesc
->pm_prov_desc
;
456 if (!IS_FG_SUPPORTED(mdesc
, fg1
) ||
457 !KCF_IS_PROV_USABLE(pd
) ||
458 IS_PROVIDER_TRIED(pd
, triedl
) ||
459 (call_restrict
&& (pd
->pd_flags
& KCF_PROV_RESTRICTED
)))
462 /* See if pd can do me2 too */
463 for (mil
= me
->me_sw_prov
->pm_mi_list
;
464 mil
!= NULL
; mil
= mil
->ml_next
) {
465 if ((mil
->ml_mech_info
.cm_func_group_mask
&
469 if (mil
->ml_kcf_mechid
== m2id
) {
472 mil
->ml_mech_info
.cm_mech_number
;
476 *prov_mt1
= me
->me_sw_prov
->pm_mech_info
.cm_mech_number
;
481 *error
= CRYPTO_MECH_NOT_SUPPORTED
;
483 KCF_PROV_REFHOLD(pd
);
485 mutex_exit(&me
->me_mutex
);
490 * Do the actual work of calling the provider routines.
492 * pd - Provider structure
493 * ctx - Context for this operation
494 * params - Parameters for this operation
495 * rhndl - Request handle to use for notification
497 * The return values are the same as that of the respective SPI.
500 common_submit_request(kcf_provider_desc_t
*pd
, crypto_ctx_t
*ctx
,
501 kcf_req_params_t
*params
, crypto_req_handle_t rhndl
)
503 int err
= CRYPTO_ARGUMENTS_BAD
;
504 kcf_op_type_t optype
;
506 optype
= params
->rp_optype
;
508 switch (params
->rp_opgrp
) {
509 case KCF_OG_DIGEST
: {
510 kcf_digest_ops_params_t
*dops
= ¶ms
->rp_u
.digest_params
;
515 * We should do this only here and not in KCF_WRAP_*
516 * macros. This is because we may want to try other
517 * providers, in case we recover from a failure.
519 KCF_SET_PROVIDER_MECHNUM(dops
->do_framework_mechtype
,
522 err
= KCF_PROV_DIGEST_INIT(pd
, ctx
, &dops
->do_mech
,
527 err
= KCF_PROV_DIGEST(pd
, ctx
, dops
->do_data
,
528 dops
->do_digest
, rhndl
);
532 err
= KCF_PROV_DIGEST_UPDATE(pd
, ctx
,
533 dops
->do_data
, rhndl
);
537 err
= KCF_PROV_DIGEST_FINAL(pd
, ctx
,
538 dops
->do_digest
, rhndl
);
543 KCF_SET_PROVIDER_MECHNUM(dops
->do_framework_mechtype
,
545 err
= KCF_PROV_DIGEST_ATOMIC(pd
, dops
->do_sid
,
546 &dops
->do_mech
, dops
->do_data
, dops
->do_digest
,
550 case KCF_OP_DIGEST_KEY
:
551 err
= KCF_PROV_DIGEST_KEY(pd
, ctx
, dops
->do_digest_key
,
562 kcf_mac_ops_params_t
*mops
= ¶ms
->rp_u
.mac_params
;
566 KCF_SET_PROVIDER_MECHNUM(mops
->mo_framework_mechtype
,
569 err
= KCF_PROV_MAC_INIT(pd
, ctx
, &mops
->mo_mech
,
570 mops
->mo_key
, mops
->mo_templ
, rhndl
);
574 err
= KCF_PROV_MAC(pd
, ctx
, mops
->mo_data
,
575 mops
->mo_mac
, rhndl
);
579 err
= KCF_PROV_MAC_UPDATE(pd
, ctx
, mops
->mo_data
,
584 err
= KCF_PROV_MAC_FINAL(pd
, ctx
, mops
->mo_mac
, rhndl
);
589 KCF_SET_PROVIDER_MECHNUM(mops
->mo_framework_mechtype
,
592 err
= KCF_PROV_MAC_ATOMIC(pd
, mops
->mo_sid
,
593 &mops
->mo_mech
, mops
->mo_key
, mops
->mo_data
,
594 mops
->mo_mac
, mops
->mo_templ
, rhndl
);
597 case KCF_OP_MAC_VERIFY_ATOMIC
:
599 KCF_SET_PROVIDER_MECHNUM(mops
->mo_framework_mechtype
,
602 err
= KCF_PROV_MAC_VERIFY_ATOMIC(pd
, mops
->mo_sid
,
603 &mops
->mo_mech
, mops
->mo_key
, mops
->mo_data
,
604 mops
->mo_mac
, mops
->mo_templ
, rhndl
);
613 case KCF_OG_ENCRYPT
: {
614 kcf_encrypt_ops_params_t
*eops
= ¶ms
->rp_u
.encrypt_params
;
618 KCF_SET_PROVIDER_MECHNUM(eops
->eo_framework_mechtype
,
621 err
= KCF_PROV_ENCRYPT_INIT(pd
, ctx
, &eops
->eo_mech
,
622 eops
->eo_key
, eops
->eo_templ
, rhndl
);
626 err
= KCF_PROV_ENCRYPT(pd
, ctx
, eops
->eo_plaintext
,
627 eops
->eo_ciphertext
, rhndl
);
631 err
= KCF_PROV_ENCRYPT_UPDATE(pd
, ctx
,
632 eops
->eo_plaintext
, eops
->eo_ciphertext
, rhndl
);
636 err
= KCF_PROV_ENCRYPT_FINAL(pd
, ctx
,
637 eops
->eo_ciphertext
, rhndl
);
642 KCF_SET_PROVIDER_MECHNUM(eops
->eo_framework_mechtype
,
645 err
= KCF_PROV_ENCRYPT_ATOMIC(pd
, eops
->eo_sid
,
646 &eops
->eo_mech
, eops
->eo_key
, eops
->eo_plaintext
,
647 eops
->eo_ciphertext
, eops
->eo_templ
, rhndl
);
656 case KCF_OG_DECRYPT
: {
657 kcf_decrypt_ops_params_t
*dcrops
= ¶ms
->rp_u
.decrypt_params
;
661 KCF_SET_PROVIDER_MECHNUM(dcrops
->dop_framework_mechtype
,
662 pd
, &dcrops
->dop_mech
);
664 err
= KCF_PROV_DECRYPT_INIT(pd
, ctx
, &dcrops
->dop_mech
,
665 dcrops
->dop_key
, dcrops
->dop_templ
, rhndl
);
669 err
= KCF_PROV_DECRYPT(pd
, ctx
, dcrops
->dop_ciphertext
,
670 dcrops
->dop_plaintext
, rhndl
);
674 err
= KCF_PROV_DECRYPT_UPDATE(pd
, ctx
,
675 dcrops
->dop_ciphertext
, dcrops
->dop_plaintext
,
680 err
= KCF_PROV_DECRYPT_FINAL(pd
, ctx
,
681 dcrops
->dop_plaintext
, rhndl
);
686 KCF_SET_PROVIDER_MECHNUM(dcrops
->dop_framework_mechtype
,
687 pd
, &dcrops
->dop_mech
);
689 err
= KCF_PROV_DECRYPT_ATOMIC(pd
, dcrops
->dop_sid
,
690 &dcrops
->dop_mech
, dcrops
->dop_key
,
691 dcrops
->dop_ciphertext
, dcrops
->dop_plaintext
,
692 dcrops
->dop_templ
, rhndl
);
702 kcf_sign_ops_params_t
*sops
= ¶ms
->rp_u
.sign_params
;
706 KCF_SET_PROVIDER_MECHNUM(sops
->so_framework_mechtype
,
709 err
= KCF_PROV_SIGN_INIT(pd
, ctx
, &sops
->so_mech
,
710 sops
->so_key
, sops
->so_templ
, rhndl
);
713 case KCF_OP_SIGN_RECOVER_INIT
:
714 KCF_SET_PROVIDER_MECHNUM(sops
->so_framework_mechtype
,
717 err
= KCF_PROV_SIGN_RECOVER_INIT(pd
, ctx
,
718 &sops
->so_mech
, sops
->so_key
, sops
->so_templ
,
723 err
= KCF_PROV_SIGN(pd
, ctx
, sops
->so_data
,
724 sops
->so_signature
, rhndl
);
727 case KCF_OP_SIGN_RECOVER
:
728 err
= KCF_PROV_SIGN_RECOVER(pd
, ctx
,
729 sops
->so_data
, sops
->so_signature
, rhndl
);
733 err
= KCF_PROV_SIGN_UPDATE(pd
, ctx
, sops
->so_data
,
738 err
= KCF_PROV_SIGN_FINAL(pd
, ctx
, sops
->so_signature
,
744 KCF_SET_PROVIDER_MECHNUM(sops
->so_framework_mechtype
,
747 err
= KCF_PROV_SIGN_ATOMIC(pd
, sops
->so_sid
,
748 &sops
->so_mech
, sops
->so_key
, sops
->so_data
,
749 sops
->so_templ
, sops
->so_signature
, rhndl
);
752 case KCF_OP_SIGN_RECOVER_ATOMIC
:
754 KCF_SET_PROVIDER_MECHNUM(sops
->so_framework_mechtype
,
757 err
= KCF_PROV_SIGN_RECOVER_ATOMIC(pd
, sops
->so_sid
,
758 &sops
->so_mech
, sops
->so_key
, sops
->so_data
,
759 sops
->so_templ
, sops
->so_signature
, rhndl
);
768 case KCF_OG_VERIFY
: {
769 kcf_verify_ops_params_t
*vops
= ¶ms
->rp_u
.verify_params
;
773 KCF_SET_PROVIDER_MECHNUM(vops
->vo_framework_mechtype
,
776 err
= KCF_PROV_VERIFY_INIT(pd
, ctx
, &vops
->vo_mech
,
777 vops
->vo_key
, vops
->vo_templ
, rhndl
);
780 case KCF_OP_VERIFY_RECOVER_INIT
:
781 KCF_SET_PROVIDER_MECHNUM(vops
->vo_framework_mechtype
,
784 err
= KCF_PROV_VERIFY_RECOVER_INIT(pd
, ctx
,
785 &vops
->vo_mech
, vops
->vo_key
, vops
->vo_templ
,
790 err
= KCF_PROV_VERIFY(pd
, ctx
, vops
->vo_data
,
791 vops
->vo_signature
, rhndl
);
794 case KCF_OP_VERIFY_RECOVER
:
795 err
= KCF_PROV_VERIFY_RECOVER(pd
, ctx
,
796 vops
->vo_signature
, vops
->vo_data
, rhndl
);
800 err
= KCF_PROV_VERIFY_UPDATE(pd
, ctx
, vops
->vo_data
,
805 err
= KCF_PROV_VERIFY_FINAL(pd
, ctx
, vops
->vo_signature
,
811 KCF_SET_PROVIDER_MECHNUM(vops
->vo_framework_mechtype
,
814 err
= KCF_PROV_VERIFY_ATOMIC(pd
, vops
->vo_sid
,
815 &vops
->vo_mech
, vops
->vo_key
, vops
->vo_data
,
816 vops
->vo_templ
, vops
->vo_signature
, rhndl
);
819 case KCF_OP_VERIFY_RECOVER_ATOMIC
:
821 KCF_SET_PROVIDER_MECHNUM(vops
->vo_framework_mechtype
,
824 err
= KCF_PROV_VERIFY_RECOVER_ATOMIC(pd
, vops
->vo_sid
,
825 &vops
->vo_mech
, vops
->vo_key
, vops
->vo_signature
,
826 vops
->vo_templ
, vops
->vo_data
, rhndl
);
835 case KCF_OG_ENCRYPT_MAC
: {
836 kcf_encrypt_mac_ops_params_t
*eops
=
837 ¶ms
->rp_u
.encrypt_mac_params
;
838 kcf_context_t
*kcf_secondctx
;
842 kcf_secondctx
= ((kcf_context_t
*)
843 (ctx
->cc_framework_private
))->kc_secondctx
;
845 if (kcf_secondctx
!= NULL
) {
846 err
= kcf_emulate_dual(pd
, ctx
, params
);
849 KCF_SET_PROVIDER_MECHNUM(
850 eops
->em_framework_encr_mechtype
,
851 pd
, &eops
->em_encr_mech
);
853 KCF_SET_PROVIDER_MECHNUM(
854 eops
->em_framework_mac_mechtype
,
855 pd
, &eops
->em_mac_mech
);
857 err
= KCF_PROV_ENCRYPT_MAC_INIT(pd
, ctx
,
858 &eops
->em_encr_mech
, eops
->em_encr_key
,
859 &eops
->em_mac_mech
, eops
->em_mac_key
,
860 eops
->em_encr_templ
, eops
->em_mac_templ
,
866 err
= KCF_PROV_ENCRYPT_MAC(pd
, ctx
,
867 eops
->em_plaintext
, eops
->em_ciphertext
,
868 eops
->em_mac
, rhndl
);
872 kcf_secondctx
= ((kcf_context_t
*)
873 (ctx
->cc_framework_private
))->kc_secondctx
;
874 if (kcf_secondctx
!= NULL
) {
875 err
= kcf_emulate_dual(pd
, ctx
, params
);
878 err
= KCF_PROV_ENCRYPT_MAC_UPDATE(pd
, ctx
,
879 eops
->em_plaintext
, eops
->em_ciphertext
, rhndl
);
883 kcf_secondctx
= ((kcf_context_t
*)
884 (ctx
->cc_framework_private
))->kc_secondctx
;
885 if (kcf_secondctx
!= NULL
) {
886 err
= kcf_emulate_dual(pd
, ctx
, params
);
889 err
= KCF_PROV_ENCRYPT_MAC_FINAL(pd
, ctx
,
890 eops
->em_ciphertext
, eops
->em_mac
, rhndl
);
896 KCF_SET_PROVIDER_MECHNUM(
897 eops
->em_framework_encr_mechtype
,
898 pd
, &eops
->em_encr_mech
);
900 KCF_SET_PROVIDER_MECHNUM(
901 eops
->em_framework_mac_mechtype
,
902 pd
, &eops
->em_mac_mech
);
904 err
= KCF_PROV_ENCRYPT_MAC_ATOMIC(pd
, eops
->em_sid
,
905 &eops
->em_encr_mech
, eops
->em_encr_key
,
906 &eops
->em_mac_mech
, eops
->em_mac_key
,
907 eops
->em_plaintext
, eops
->em_ciphertext
,
909 eops
->em_encr_templ
, eops
->em_mac_templ
,
920 case KCF_OG_MAC_DECRYPT
: {
921 kcf_mac_decrypt_ops_params_t
*dops
=
922 ¶ms
->rp_u
.mac_decrypt_params
;
923 kcf_context_t
*kcf_secondctx
;
927 kcf_secondctx
= ((kcf_context_t
*)
928 (ctx
->cc_framework_private
))->kc_secondctx
;
930 if (kcf_secondctx
!= NULL
) {
931 err
= kcf_emulate_dual(pd
, ctx
, params
);
934 KCF_SET_PROVIDER_MECHNUM(
935 dops
->md_framework_mac_mechtype
,
936 pd
, &dops
->md_mac_mech
);
938 KCF_SET_PROVIDER_MECHNUM(
939 dops
->md_framework_decr_mechtype
,
940 pd
, &dops
->md_decr_mech
);
942 err
= KCF_PROV_MAC_DECRYPT_INIT(pd
, ctx
,
943 &dops
->md_mac_mech
, dops
->md_mac_key
,
944 &dops
->md_decr_mech
, dops
->md_decr_key
,
945 dops
->md_mac_templ
, dops
->md_decr_templ
,
951 err
= KCF_PROV_MAC_DECRYPT(pd
, ctx
,
952 dops
->md_ciphertext
, dops
->md_mac
,
953 dops
->md_plaintext
, rhndl
);
957 kcf_secondctx
= ((kcf_context_t
*)
958 (ctx
->cc_framework_private
))->kc_secondctx
;
959 if (kcf_secondctx
!= NULL
) {
960 err
= kcf_emulate_dual(pd
, ctx
, params
);
963 err
= KCF_PROV_MAC_DECRYPT_UPDATE(pd
, ctx
,
964 dops
->md_ciphertext
, dops
->md_plaintext
, rhndl
);
968 kcf_secondctx
= ((kcf_context_t
*)
969 (ctx
->cc_framework_private
))->kc_secondctx
;
970 if (kcf_secondctx
!= NULL
) {
971 err
= kcf_emulate_dual(pd
, ctx
, params
);
974 err
= KCF_PROV_MAC_DECRYPT_FINAL(pd
, ctx
,
975 dops
->md_mac
, dops
->md_plaintext
, rhndl
);
981 KCF_SET_PROVIDER_MECHNUM(
982 dops
->md_framework_mac_mechtype
,
983 pd
, &dops
->md_mac_mech
);
985 KCF_SET_PROVIDER_MECHNUM(
986 dops
->md_framework_decr_mechtype
,
987 pd
, &dops
->md_decr_mech
);
989 err
= KCF_PROV_MAC_DECRYPT_ATOMIC(pd
, dops
->md_sid
,
990 &dops
->md_mac_mech
, dops
->md_mac_key
,
991 &dops
->md_decr_mech
, dops
->md_decr_key
,
992 dops
->md_ciphertext
, dops
->md_mac
,
994 dops
->md_mac_templ
, dops
->md_decr_templ
,
999 case KCF_OP_MAC_VERIFY_DECRYPT_ATOMIC
:
1000 ASSERT(ctx
== NULL
);
1002 KCF_SET_PROVIDER_MECHNUM(
1003 dops
->md_framework_mac_mechtype
,
1004 pd
, &dops
->md_mac_mech
);
1006 KCF_SET_PROVIDER_MECHNUM(
1007 dops
->md_framework_decr_mechtype
,
1008 pd
, &dops
->md_decr_mech
);
1010 err
= KCF_PROV_MAC_VERIFY_DECRYPT_ATOMIC(pd
,
1011 dops
->md_sid
, &dops
->md_mac_mech
, dops
->md_mac_key
,
1012 &dops
->md_decr_mech
, dops
->md_decr_key
,
1013 dops
->md_ciphertext
, dops
->md_mac
,
1015 dops
->md_mac_templ
, dops
->md_decr_templ
,
1027 kcf_key_ops_params_t
*kops
= ¶ms
->rp_u
.key_params
;
1029 ASSERT(ctx
== NULL
);
1030 KCF_SET_PROVIDER_MECHNUM(kops
->ko_framework_mechtype
, pd
,
1034 case KCF_OP_KEY_GENERATE
:
1035 err
= KCF_PROV_KEY_GENERATE(pd
, kops
->ko_sid
,
1037 kops
->ko_key_template
, kops
->ko_key_attribute_count
,
1038 kops
->ko_key_object_id_ptr
, rhndl
);
1041 case KCF_OP_KEY_GENERATE_PAIR
:
1042 err
= KCF_PROV_KEY_GENERATE_PAIR(pd
, kops
->ko_sid
,
1044 kops
->ko_key_template
, kops
->ko_key_attribute_count
,
1045 kops
->ko_private_key_template
,
1046 kops
->ko_private_key_attribute_count
,
1047 kops
->ko_key_object_id_ptr
,
1048 kops
->ko_private_key_object_id_ptr
, rhndl
);
1051 case KCF_OP_KEY_WRAP
:
1052 err
= KCF_PROV_KEY_WRAP(pd
, kops
->ko_sid
,
1054 kops
->ko_key
, kops
->ko_key_object_id_ptr
,
1055 kops
->ko_wrapped_key
, kops
->ko_wrapped_key_len_ptr
,
1059 case KCF_OP_KEY_UNWRAP
:
1060 err
= KCF_PROV_KEY_UNWRAP(pd
, kops
->ko_sid
,
1062 kops
->ko_key
, kops
->ko_wrapped_key
,
1063 kops
->ko_wrapped_key_len_ptr
,
1064 kops
->ko_key_template
, kops
->ko_key_attribute_count
,
1065 kops
->ko_key_object_id_ptr
, rhndl
);
1068 case KCF_OP_KEY_DERIVE
:
1069 err
= KCF_PROV_KEY_DERIVE(pd
, kops
->ko_sid
,
1071 kops
->ko_key
, kops
->ko_key_template
,
1072 kops
->ko_key_attribute_count
,
1073 kops
->ko_key_object_id_ptr
, rhndl
);
1082 case KCF_OG_RANDOM
: {
1083 kcf_random_number_ops_params_t
*rops
=
1084 ¶ms
->rp_u
.random_number_params
;
1086 ASSERT(ctx
== NULL
);
1089 case KCF_OP_RANDOM_SEED
:
1090 err
= KCF_PROV_SEED_RANDOM(pd
, rops
->rn_sid
,
1091 rops
->rn_buf
, rops
->rn_buflen
, rops
->rn_entropy_est
,
1092 rops
->rn_flags
, rhndl
);
1095 case KCF_OP_RANDOM_GENERATE
:
1096 err
= KCF_PROV_GENERATE_RANDOM(pd
, rops
->rn_sid
,
1097 rops
->rn_buf
, rops
->rn_buflen
, rhndl
);
1106 case KCF_OG_SESSION
: {
1107 kcf_session_ops_params_t
*sops
= ¶ms
->rp_u
.session_params
;
1109 ASSERT(ctx
== NULL
);
1111 case KCF_OP_SESSION_OPEN
:
1113 * so_pd may be a logical provider, in which case
1114 * we need to check whether it has been removed.
1116 if (KCF_IS_PROV_REMOVED(sops
->so_pd
)) {
1117 err
= CRYPTO_DEVICE_ERROR
;
1120 err
= KCF_PROV_SESSION_OPEN(pd
, sops
->so_sid_ptr
,
1121 rhndl
, sops
->so_pd
);
1124 case KCF_OP_SESSION_CLOSE
:
1126 * so_pd may be a logical provider, in which case
1127 * we need to check whether it has been removed.
1129 if (KCF_IS_PROV_REMOVED(sops
->so_pd
)) {
1130 err
= CRYPTO_DEVICE_ERROR
;
1133 err
= KCF_PROV_SESSION_CLOSE(pd
, sops
->so_sid
,
1134 rhndl
, sops
->so_pd
);
1137 case KCF_OP_SESSION_LOGIN
:
1138 err
= KCF_PROV_SESSION_LOGIN(pd
, sops
->so_sid
,
1139 sops
->so_user_type
, sops
->so_pin
,
1140 sops
->so_pin_len
, rhndl
);
1143 case KCF_OP_SESSION_LOGOUT
:
1144 err
= KCF_PROV_SESSION_LOGOUT(pd
, sops
->so_sid
, rhndl
);
1153 case KCF_OG_OBJECT
: {
1154 kcf_object_ops_params_t
*jops
= ¶ms
->rp_u
.object_params
;
1156 ASSERT(ctx
== NULL
);
1158 case KCF_OP_OBJECT_CREATE
:
1159 err
= KCF_PROV_OBJECT_CREATE(pd
, jops
->oo_sid
,
1160 jops
->oo_template
, jops
->oo_attribute_count
,
1161 jops
->oo_object_id_ptr
, rhndl
);
1164 case KCF_OP_OBJECT_COPY
:
1165 err
= KCF_PROV_OBJECT_COPY(pd
, jops
->oo_sid
,
1167 jops
->oo_template
, jops
->oo_attribute_count
,
1168 jops
->oo_object_id_ptr
, rhndl
);
1171 case KCF_OP_OBJECT_DESTROY
:
1172 err
= KCF_PROV_OBJECT_DESTROY(pd
, jops
->oo_sid
,
1173 jops
->oo_object_id
, rhndl
);
1176 case KCF_OP_OBJECT_GET_SIZE
:
1177 err
= KCF_PROV_OBJECT_GET_SIZE(pd
, jops
->oo_sid
,
1178 jops
->oo_object_id
, jops
->oo_object_size
, rhndl
);
1181 case KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE
:
1182 err
= KCF_PROV_OBJECT_GET_ATTRIBUTE_VALUE(pd
,
1183 jops
->oo_sid
, jops
->oo_object_id
,
1184 jops
->oo_template
, jops
->oo_attribute_count
, rhndl
);
1187 case KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE
:
1188 err
= KCF_PROV_OBJECT_SET_ATTRIBUTE_VALUE(pd
,
1189 jops
->oo_sid
, jops
->oo_object_id
,
1190 jops
->oo_template
, jops
->oo_attribute_count
, rhndl
);
1193 case KCF_OP_OBJECT_FIND_INIT
:
1194 err
= KCF_PROV_OBJECT_FIND_INIT(pd
, jops
->oo_sid
,
1195 jops
->oo_template
, jops
->oo_attribute_count
,
1196 jops
->oo_find_init_pp_ptr
, rhndl
);
1199 case KCF_OP_OBJECT_FIND
:
1200 err
= KCF_PROV_OBJECT_FIND(pd
, jops
->oo_find_pp
,
1201 jops
->oo_object_id_ptr
, jops
->oo_max_object_count
,
1202 jops
->oo_object_count_ptr
, rhndl
);
1205 case KCF_OP_OBJECT_FIND_FINAL
:
1206 err
= KCF_PROV_OBJECT_FIND_FINAL(pd
, jops
->oo_find_pp
,
1216 case KCF_OG_PROVMGMT
: {
1217 kcf_provmgmt_ops_params_t
*pops
= ¶ms
->rp_u
.provmgmt_params
;
1219 ASSERT(ctx
== NULL
);
1221 case KCF_OP_MGMT_EXTINFO
:
1223 * po_pd may be a logical provider, in which case
1224 * we need to check whether it has been removed.
1226 if (KCF_IS_PROV_REMOVED(pops
->po_pd
)) {
1227 err
= CRYPTO_DEVICE_ERROR
;
1230 err
= KCF_PROV_EXT_INFO(pd
, pops
->po_ext_info
, rhndl
,
1234 case KCF_OP_MGMT_INITTOKEN
:
1235 err
= KCF_PROV_INIT_TOKEN(pd
, pops
->po_pin
,
1236 pops
->po_pin_len
, pops
->po_label
, rhndl
);
1239 case KCF_OP_MGMT_INITPIN
:
1240 err
= KCF_PROV_INIT_PIN(pd
, pops
->po_sid
, pops
->po_pin
,
1241 pops
->po_pin_len
, rhndl
);
1244 case KCF_OP_MGMT_SETPIN
:
1245 err
= KCF_PROV_SET_PIN(pd
, pops
->po_sid
,
1246 pops
->po_old_pin
, pops
->po_old_pin_len
,
1247 pops
->po_pin
, pops
->po_pin_len
, rhndl
);
1256 case KCF_OG_NOSTORE_KEY
: {
1257 kcf_key_ops_params_t
*kops
= ¶ms
->rp_u
.key_params
;
1259 ASSERT(ctx
== NULL
);
1260 KCF_SET_PROVIDER_MECHNUM(kops
->ko_framework_mechtype
, pd
,
1264 case KCF_OP_KEY_GENERATE
:
1265 err
= KCF_PROV_NOSTORE_KEY_GENERATE(pd
, kops
->ko_sid
,
1266 &kops
->ko_mech
, kops
->ko_key_template
,
1267 kops
->ko_key_attribute_count
,
1268 kops
->ko_out_template1
,
1269 kops
->ko_out_attribute_count1
, rhndl
);
1272 case KCF_OP_KEY_GENERATE_PAIR
:
1273 err
= KCF_PROV_NOSTORE_KEY_GENERATE_PAIR(pd
,
1274 kops
->ko_sid
, &kops
->ko_mech
,
1275 kops
->ko_key_template
, kops
->ko_key_attribute_count
,
1276 kops
->ko_private_key_template
,
1277 kops
->ko_private_key_attribute_count
,
1278 kops
->ko_out_template1
,
1279 kops
->ko_out_attribute_count1
,
1280 kops
->ko_out_template2
,
1281 kops
->ko_out_attribute_count2
,
1285 case KCF_OP_KEY_DERIVE
:
1286 err
= KCF_PROV_NOSTORE_KEY_DERIVE(pd
, kops
->ko_sid
,
1287 &kops
->ko_mech
, kops
->ko_key
,
1288 kops
->ko_key_template
,
1289 kops
->ko_key_attribute_count
,
1290 kops
->ko_out_template1
,
1291 kops
->ko_out_attribute_count1
, rhndl
);
1301 } /* end of switch(params->rp_opgrp) */
1303 KCF_PROV_INCRSTATS(pd
, err
);
1309 * Emulate the call for a multipart dual ops with 2 single steps.
1310 * This routine is always called in the context of a working thread
1311 * running kcf_svc_do_run().
1312 * The single steps are submitted in a pure synchronous way (blocking).
1313 * When this routine returns, kcf_svc_do_run() will call kcf_aop_done()
1314 * so the originating consumer's callback gets invoked. kcf_aop_done()
1315 * takes care of freeing the operation context. So, this routine does
1316 * not free the operation context.
1318 * The provider descriptor is assumed held by the callers.
1321 kcf_emulate_dual(kcf_provider_desc_t
*pd
, crypto_ctx_t
*ctx
,
1322 kcf_req_params_t
*params
)
1324 int err
= CRYPTO_ARGUMENTS_BAD
;
1325 kcf_op_type_t optype
;
1329 optype
= params
->rp_optype
;
1331 switch (params
->rp_opgrp
) {
1332 case KCF_OG_ENCRYPT_MAC
: {
1333 kcf_encrypt_mac_ops_params_t
*cmops
=
1334 ¶ms
->rp_u
.encrypt_mac_params
;
1335 kcf_context_t
*encr_kcf_ctx
;
1336 crypto_ctx_t
*mac_ctx
;
1337 kcf_req_params_t encr_params
;
1339 encr_kcf_ctx
= (kcf_context_t
*)(ctx
->cc_framework_private
);
1343 encr_kcf_ctx
->kc_secondctx
= NULL
;
1345 KCF_WRAP_ENCRYPT_OPS_PARAMS(&encr_params
, KCF_OP_INIT
,
1346 pd
->pd_sid
, &cmops
->em_encr_mech
,
1347 cmops
->em_encr_key
, NULL
, NULL
,
1348 cmops
->em_encr_templ
);
1350 err
= kcf_submit_request(pd
, ctx
, NULL
, &encr_params
,
1353 /* It can't be CRYPTO_QUEUED */
1354 if (err
!= CRYPTO_SUCCESS
) {
1358 err
= crypto_mac_init(&cmops
->em_mac_mech
,
1359 cmops
->em_mac_key
, cmops
->em_mac_templ
,
1360 (crypto_context_t
*)&mac_ctx
, NULL
);
1362 if (err
== CRYPTO_SUCCESS
) {
1363 encr_kcf_ctx
->kc_secondctx
= (kcf_context_t
*)
1364 mac_ctx
->cc_framework_private
;
1365 KCF_CONTEXT_REFHOLD((kcf_context_t
*)
1366 mac_ctx
->cc_framework_private
);
1372 case KCF_OP_UPDATE
: {
1373 crypto_dual_data_t
*ct
= cmops
->em_ciphertext
;
1374 crypto_data_t
*pt
= cmops
->em_plaintext
;
1375 kcf_context_t
*mac_kcf_ctx
= encr_kcf_ctx
->kc_secondctx
;
1376 crypto_ctx_t
*mac_ctx
= &mac_kcf_ctx
->kc_glbl_ctx
;
1378 KCF_WRAP_ENCRYPT_OPS_PARAMS(&encr_params
, KCF_OP_UPDATE
,
1379 pd
->pd_sid
, NULL
, NULL
, pt
, (crypto_data_t
*)ct
,
1382 err
= kcf_submit_request(pd
, ctx
, NULL
, &encr_params
,
1385 /* It can't be CRYPTO_QUEUED */
1386 if (err
!= CRYPTO_SUCCESS
) {
1390 save_offset
= ct
->dd_offset1
;
1391 save_len
= ct
->dd_len1
;
1392 if (ct
->dd_len2
== 0) {
1394 * The previous encrypt step was an
1395 * accumulation only and didn't produce any
1398 if (ct
->dd_len1
== 0)
1402 ct
->dd_offset1
= ct
->dd_offset2
;
1403 ct
->dd_len1
= ct
->dd_len2
;
1405 err
= crypto_mac_update((crypto_context_t
)mac_ctx
,
1406 (crypto_data_t
*)ct
, NULL
);
1408 ct
->dd_offset1
= save_offset
;
1409 ct
->dd_len1
= save_len
;
1413 case KCF_OP_FINAL
: {
1414 crypto_dual_data_t
*ct
= cmops
->em_ciphertext
;
1415 crypto_data_t
*mac
= cmops
->em_mac
;
1416 kcf_context_t
*mac_kcf_ctx
= encr_kcf_ctx
->kc_secondctx
;
1417 crypto_ctx_t
*mac_ctx
= &mac_kcf_ctx
->kc_glbl_ctx
;
1418 crypto_context_t mac_context
= mac_ctx
;
1420 KCF_WRAP_ENCRYPT_OPS_PARAMS(&encr_params
, KCF_OP_FINAL
,
1421 pd
->pd_sid
, NULL
, NULL
, NULL
, (crypto_data_t
*)ct
,
1424 err
= kcf_submit_request(pd
, ctx
, NULL
, &encr_params
,
1427 /* It can't be CRYPTO_QUEUED */
1428 if (err
!= CRYPTO_SUCCESS
) {
1429 crypto_cancel_ctx(mac_context
);
1433 if (ct
->dd_len2
> 0) {
1434 save_offset
= ct
->dd_offset1
;
1435 save_len
= ct
->dd_len1
;
1436 ct
->dd_offset1
= ct
->dd_offset2
;
1437 ct
->dd_len1
= ct
->dd_len2
;
1439 err
= crypto_mac_update(mac_context
,
1440 (crypto_data_t
*)ct
, NULL
);
1442 ct
->dd_offset1
= save_offset
;
1443 ct
->dd_len1
= save_len
;
1445 if (err
!= CRYPTO_SUCCESS
) {
1446 crypto_cancel_ctx(mac_context
);
1451 /* and finally, collect the MAC */
1452 err
= crypto_mac_final(mac_context
, mac
, NULL
);
1459 KCF_PROV_INCRSTATS(pd
, err
);
1462 case KCF_OG_MAC_DECRYPT
: {
1463 kcf_mac_decrypt_ops_params_t
*mdops
=
1464 ¶ms
->rp_u
.mac_decrypt_params
;
1465 kcf_context_t
*decr_kcf_ctx
;
1466 crypto_ctx_t
*mac_ctx
;
1467 kcf_req_params_t decr_params
;
1469 decr_kcf_ctx
= (kcf_context_t
*)(ctx
->cc_framework_private
);
1473 decr_kcf_ctx
->kc_secondctx
= NULL
;
1475 err
= crypto_mac_init(&mdops
->md_mac_mech
,
1476 mdops
->md_mac_key
, mdops
->md_mac_templ
,
1477 (crypto_context_t
*)&mac_ctx
, NULL
);
1479 /* It can't be CRYPTO_QUEUED */
1480 if (err
!= CRYPTO_SUCCESS
) {
1484 KCF_WRAP_DECRYPT_OPS_PARAMS(&decr_params
, KCF_OP_INIT
,
1485 pd
->pd_sid
, &mdops
->md_decr_mech
,
1486 mdops
->md_decr_key
, NULL
, NULL
,
1487 mdops
->md_decr_templ
);
1489 err
= kcf_submit_request(pd
, ctx
, NULL
, &decr_params
,
1492 /* It can't be CRYPTO_QUEUED */
1493 if (err
!= CRYPTO_SUCCESS
) {
1494 crypto_cancel_ctx((crypto_context_t
)mac_ctx
);
1498 decr_kcf_ctx
->kc_secondctx
= (kcf_context_t
*)
1499 mac_ctx
->cc_framework_private
;
1500 KCF_CONTEXT_REFHOLD((kcf_context_t
*)
1501 mac_ctx
->cc_framework_private
);
1508 case KCF_OP_UPDATE
: {
1509 crypto_dual_data_t
*ct
= mdops
->md_ciphertext
;
1510 crypto_data_t
*pt
= mdops
->md_plaintext
;
1511 kcf_context_t
*mac_kcf_ctx
= decr_kcf_ctx
->kc_secondctx
;
1512 crypto_ctx_t
*mac_ctx
= &mac_kcf_ctx
->kc_glbl_ctx
;
1514 err
= crypto_mac_update((crypto_context_t
)mac_ctx
,
1515 (crypto_data_t
*)ct
, NULL
);
1517 if (err
!= CRYPTO_SUCCESS
)
1520 save_offset
= ct
->dd_offset1
;
1521 save_len
= ct
->dd_len1
;
1523 /* zero ct->dd_len2 means decrypt everything */
1524 if (ct
->dd_len2
> 0) {
1525 ct
->dd_offset1
= ct
->dd_offset2
;
1526 ct
->dd_len1
= ct
->dd_len2
;
1529 err
= crypto_decrypt_update((crypto_context_t
)ctx
,
1530 (crypto_data_t
*)ct
, pt
, NULL
);
1532 ct
->dd_offset1
= save_offset
;
1533 ct
->dd_len1
= save_len
;
1537 case KCF_OP_FINAL
: {
1538 crypto_data_t
*pt
= mdops
->md_plaintext
;
1539 crypto_data_t
*mac
= mdops
->md_mac
;
1540 kcf_context_t
*mac_kcf_ctx
= decr_kcf_ctx
->kc_secondctx
;
1541 crypto_ctx_t
*mac_ctx
= &mac_kcf_ctx
->kc_glbl_ctx
;
1543 err
= crypto_mac_final((crypto_context_t
)mac_ctx
,
1546 if (err
!= CRYPTO_SUCCESS
) {
1547 crypto_cancel_ctx(ctx
);
1551 /* Get the last chunk of plaintext */
1552 KCF_CONTEXT_REFHOLD(decr_kcf_ctx
);
1553 err
= crypto_decrypt_final((crypto_context_t
)ctx
, pt
,
1564 } /* end of switch(params->rp_opgrp) */