]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - zfs/module/icp/io/skein_mod.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: SAUCE: Update zfs to e02aaf17f15ad274fa1f24c9c826f1477911ea3f
[mirror_ubuntu-zesty-kernel.git] / zfs / module / icp / io / skein_mod.c
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://opensource.org/licenses/CDDL-1.0.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2013 Saso Kiselkov. All rights reserved.
24 */
25
26 #include <sys/modctl.h>
27 #include <sys/crypto/common.h>
28 #include <sys/crypto/spi.h>
29 #include <sys/sysmacros.h>
30 #include <sys/systm.h>
31 #define SKEIN_MODULE_IMPL
32 #include <sys/skein.h>
33
34 /*
35 * Like the sha2 module, we create the skein module with two modlinkages:
36 * - modlmisc to allow direct calls to Skein_* API functions.
37 * - modlcrypto to integrate well into the Kernel Crypto Framework (KCF).
38 */
39 static struct modlmisc modlmisc = {
40 &mod_cryptoops,
41 "Skein Message-Digest Algorithm"
42 };
43
44 static struct modlcrypto modlcrypto = {
45 &mod_cryptoops,
46 "Skein Kernel SW Provider"
47 };
48
49 static struct modlinkage modlinkage = {
50 MODREV_1, {&modlmisc, &modlcrypto, NULL}
51 };
52
53 static crypto_mech_info_t skein_mech_info_tab[] = {
54 {CKM_SKEIN_256, SKEIN_256_MECH_INFO_TYPE,
55 CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
56 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
57 {CKM_SKEIN_256_MAC, SKEIN_256_MAC_MECH_INFO_TYPE,
58 CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
59 CRYPTO_KEYSIZE_UNIT_IN_BYTES},
60 {CKM_SKEIN_512, SKEIN_512_MECH_INFO_TYPE,
61 CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
62 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
63 {CKM_SKEIN_512_MAC, SKEIN_512_MAC_MECH_INFO_TYPE,
64 CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
65 CRYPTO_KEYSIZE_UNIT_IN_BYTES},
66 {CKM_SKEIN1024, SKEIN1024_MECH_INFO_TYPE,
67 CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
68 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
69 {CKM_SKEIN1024_MAC, SKEIN1024_MAC_MECH_INFO_TYPE,
70 CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
71 CRYPTO_KEYSIZE_UNIT_IN_BYTES}
72 };
73
74 static void skein_provider_status(crypto_provider_handle_t, uint_t *);
75
76 static crypto_control_ops_t skein_control_ops = {
77 skein_provider_status
78 };
79
80 static int skein_digest_init(crypto_ctx_t *, crypto_mechanism_t *,
81 crypto_req_handle_t);
82 static int skein_digest(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
83 crypto_req_handle_t);
84 static int skein_update(crypto_ctx_t *, crypto_data_t *, crypto_req_handle_t);
85 static int skein_final(crypto_ctx_t *, crypto_data_t *, crypto_req_handle_t);
86 static int skein_digest_atomic(crypto_provider_handle_t, crypto_session_id_t,
87 crypto_mechanism_t *, crypto_data_t *, crypto_data_t *,
88 crypto_req_handle_t);
89
90 static crypto_digest_ops_t skein_digest_ops = {
91 skein_digest_init,
92 skein_digest,
93 skein_update,
94 NULL,
95 skein_final,
96 skein_digest_atomic
97 };
98
99 static int skein_mac_init(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *,
100 crypto_spi_ctx_template_t, crypto_req_handle_t);
101 static int skein_mac_atomic(crypto_provider_handle_t, crypto_session_id_t,
102 crypto_mechanism_t *, crypto_key_t *, crypto_data_t *, crypto_data_t *,
103 crypto_spi_ctx_template_t, crypto_req_handle_t);
104
105 static crypto_mac_ops_t skein_mac_ops = {
106 skein_mac_init,
107 NULL,
108 skein_update, /* using regular digest update is OK here */
109 skein_final, /* using regular digest final is OK here */
110 skein_mac_atomic,
111 NULL
112 };
113
114 static int skein_create_ctx_template(crypto_provider_handle_t,
115 crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t *,
116 size_t *, crypto_req_handle_t);
117 static int skein_free_context(crypto_ctx_t *);
118
119 static crypto_ctx_ops_t skein_ctx_ops = {
120 skein_create_ctx_template,
121 skein_free_context
122 };
123
124 static crypto_ops_t skein_crypto_ops = {{{{{
125 &skein_control_ops,
126 &skein_digest_ops,
127 NULL,
128 &skein_mac_ops,
129 NULL,
130 NULL,
131 NULL,
132 NULL,
133 NULL,
134 NULL,
135 NULL,
136 NULL,
137 NULL,
138 &skein_ctx_ops,
139 }}}}};
140
141 static crypto_provider_info_t skein_prov_info = {{{{
142 CRYPTO_SPI_VERSION_1,
143 "Skein Software Provider",
144 CRYPTO_SW_PROVIDER,
145 NULL,
146 &skein_crypto_ops,
147 sizeof (skein_mech_info_tab) / sizeof (crypto_mech_info_t),
148 skein_mech_info_tab
149 }}}};
150
151 static crypto_kcf_provider_handle_t skein_prov_handle = 0;
152
153 typedef struct skein_ctx {
154 skein_mech_type_t sc_mech_type;
155 size_t sc_digest_bitlen;
156 /*LINTED(E_ANONYMOUS_UNION_DECL)*/
157 union {
158 Skein_256_Ctxt_t sc_256;
159 Skein_512_Ctxt_t sc_512;
160 Skein1024_Ctxt_t sc_1024;
161 };
162 } skein_ctx_t;
163 #define SKEIN_CTX(_ctx_) ((skein_ctx_t *)((_ctx_)->cc_provider_private))
164 #define SKEIN_CTX_LVALUE(_ctx_) (_ctx_)->cc_provider_private
165 #define SKEIN_OP(_skein_ctx, _op, ...) \
166 do { \
167 skein_ctx_t *sc = (_skein_ctx); \
168 switch (sc->sc_mech_type) { \
169 case SKEIN_256_MECH_INFO_TYPE: \
170 case SKEIN_256_MAC_MECH_INFO_TYPE: \
171 (void) Skein_256_ ## _op(&sc->sc_256, __VA_ARGS__);\
172 break; \
173 case SKEIN_512_MECH_INFO_TYPE: \
174 case SKEIN_512_MAC_MECH_INFO_TYPE: \
175 (void) Skein_512_ ## _op(&sc->sc_512, __VA_ARGS__);\
176 break; \
177 case SKEIN1024_MECH_INFO_TYPE: \
178 case SKEIN1024_MAC_MECH_INFO_TYPE: \
179 (void) Skein1024_ ## _op(&sc->sc_1024, __VA_ARGS__);\
180 break; \
181 } \
182 _NOTE(CONSTCOND) \
183 } while (0)
184
185 static int
186 skein_get_digest_bitlen(const crypto_mechanism_t *mechanism, size_t *result)
187 {
188 if (mechanism->cm_param != NULL) {
189 /*LINTED(E_BAD_PTR_CAST_ALIGN)*/
190 skein_param_t *param = (skein_param_t *)mechanism->cm_param;
191
192 if (mechanism->cm_param_len != sizeof (*param) ||
193 param->sp_digest_bitlen == 0) {
194 return (CRYPTO_MECHANISM_PARAM_INVALID);
195 }
196 *result = param->sp_digest_bitlen;
197 } else {
198 switch (mechanism->cm_type) {
199 case SKEIN_256_MECH_INFO_TYPE:
200 *result = 256;
201 break;
202 case SKEIN_512_MECH_INFO_TYPE:
203 *result = 512;
204 break;
205 case SKEIN1024_MECH_INFO_TYPE:
206 *result = 1024;
207 break;
208 default:
209 return (CRYPTO_MECHANISM_INVALID);
210 }
211 }
212 return (CRYPTO_SUCCESS);
213 }
214
215 int
216 skein_mod_init(void)
217 {
218 int error;
219
220 if ((error = mod_install(&modlinkage)) != 0)
221 return (error);
222
223 /*
224 * Try to register with KCF - failure shouldn't unload us, since we
225 * still may want to continue providing misc/skein functionality.
226 */
227 (void) crypto_register_provider(&skein_prov_info, &skein_prov_handle);
228
229 return (0);
230 }
231
232 int
233 skein_mod_fini(void) {
234 int ret;
235
236 if (skein_prov_handle != 0) {
237 if ((ret = crypto_unregister_provider(skein_prov_handle)) !=
238 CRYPTO_SUCCESS) {
239 cmn_err(CE_WARN,
240 "skein _fini: crypto_unregister_provider() "
241 "failed (0x%x)", ret);
242 return (EBUSY);
243 }
244 skein_prov_handle = 0;
245 }
246
247 return (mod_remove(&modlinkage));
248 }
249
250 /*
251 * KCF software provider control entry points.
252 */
253 /* ARGSUSED */
254 static void
255 skein_provider_status(crypto_provider_handle_t provider, uint_t *status)
256 {
257 *status = CRYPTO_PROVIDER_READY;
258 }
259
260 /*
261 * General Skein hashing helper functions.
262 */
263
264 /*
265 * Performs an Update on a context with uio input data.
266 */
267 static int
268 skein_digest_update_uio(skein_ctx_t *ctx, const crypto_data_t *data)
269 {
270 off_t offset = data->cd_offset;
271 size_t length = data->cd_length;
272 uint_t vec_idx;
273 size_t cur_len;
274 const uio_t *uio = data->cd_uio;
275
276 /* we support only kernel buffer */
277 if (uio->uio_segflg != UIO_SYSSPACE)
278 return (CRYPTO_ARGUMENTS_BAD);
279
280 /*
281 * Jump to the first iovec containing data to be
282 * digested.
283 */
284 for (vec_idx = 0; vec_idx < uio->uio_iovcnt &&
285 offset >= uio->uio_iov[vec_idx].iov_len;
286 offset -= uio->uio_iov[vec_idx++].iov_len)
287 ;
288 if (vec_idx == uio->uio_iovcnt) {
289 /*
290 * The caller specified an offset that is larger than the
291 * total size of the buffers it provided.
292 */
293 return (CRYPTO_DATA_LEN_RANGE);
294 }
295
296 /*
297 * Now do the digesting on the iovecs.
298 */
299 while (vec_idx < uio->uio_iovcnt && length > 0) {
300 cur_len = MIN(uio->uio_iov[vec_idx].iov_len - offset, length);
301 SKEIN_OP(ctx, Update, (uint8_t *)uio->uio_iov[vec_idx].iov_base
302 + offset, cur_len);
303 length -= cur_len;
304 vec_idx++;
305 offset = 0;
306 }
307
308 if (vec_idx == uio->uio_iovcnt && length > 0) {
309 /*
310 * The end of the specified iovec's was reached but
311 * the length requested could not be processed, i.e.
312 * The caller requested to digest more data than it provided.
313 */
314 return (CRYPTO_DATA_LEN_RANGE);
315 }
316
317 return (CRYPTO_SUCCESS);
318 }
319
320 /*
321 * Performs a Final on a context and writes to a uio digest output.
322 */
323 static int
324 skein_digest_final_uio(skein_ctx_t *ctx, crypto_data_t *digest,
325 crypto_req_handle_t req)
326 {
327 off_t offset = digest->cd_offset;
328 uint_t vec_idx;
329 uio_t *uio = digest->cd_uio;
330
331 /* we support only kernel buffer */
332 if (uio->uio_segflg != UIO_SYSSPACE)
333 return (CRYPTO_ARGUMENTS_BAD);
334
335 /*
336 * Jump to the first iovec containing ptr to the digest to be returned.
337 */
338 for (vec_idx = 0; offset >= uio->uio_iov[vec_idx].iov_len &&
339 vec_idx < uio->uio_iovcnt;
340 offset -= uio->uio_iov[vec_idx++].iov_len)
341 ;
342 if (vec_idx == uio->uio_iovcnt) {
343 /*
344 * The caller specified an offset that is larger than the
345 * total size of the buffers it provided.
346 */
347 return (CRYPTO_DATA_LEN_RANGE);
348 }
349 if (offset + CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen) <=
350 uio->uio_iov[vec_idx].iov_len) {
351 /* The computed digest will fit in the current iovec. */
352 SKEIN_OP(ctx, Final,
353 (uchar_t *)uio->uio_iov[vec_idx].iov_base + offset);
354 } else {
355 uint8_t *digest_tmp;
356 off_t scratch_offset = 0;
357 size_t length = CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen);
358 size_t cur_len;
359
360 digest_tmp = kmem_alloc(CRYPTO_BITS2BYTES(
361 ctx->sc_digest_bitlen), crypto_kmflag(req));
362 if (digest_tmp == NULL)
363 return (CRYPTO_HOST_MEMORY);
364 SKEIN_OP(ctx, Final, digest_tmp);
365 while (vec_idx < uio->uio_iovcnt && length > 0) {
366 cur_len = MIN(uio->uio_iov[vec_idx].iov_len - offset,
367 length);
368 bcopy(digest_tmp + scratch_offset,
369 uio->uio_iov[vec_idx].iov_base + offset, cur_len);
370
371 length -= cur_len;
372 vec_idx++;
373 scratch_offset += cur_len;
374 offset = 0;
375 }
376 kmem_free(digest_tmp, CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen));
377
378 if (vec_idx == uio->uio_iovcnt && length > 0) {
379 /*
380 * The end of the specified iovec's was reached but
381 * the length requested could not be processed, i.e.
382 * The caller requested to digest more data than it
383 * provided.
384 */
385 return (CRYPTO_DATA_LEN_RANGE);
386 }
387 }
388
389 return (CRYPTO_SUCCESS);
390 }
391
392 /*
393 * KCF software provider digest entry points.
394 */
395
396 /*
397 * Initializes a skein digest context to the configuration in `mechanism'.
398 * The mechanism cm_type must be one of SKEIN_*_MECH_INFO_TYPE. The cm_param
399 * field may contain a skein_param_t structure indicating the length of the
400 * digest the algorithm should produce. Otherwise the default output lengths
401 * are applied (32 bytes for Skein-256, 64 bytes for Skein-512 and 128 bytes
402 * for Skein-1024).
403 */
404 static int
405 skein_digest_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
406 crypto_req_handle_t req)
407 {
408 int error = CRYPTO_SUCCESS;
409
410 if (!VALID_SKEIN_DIGEST_MECH(mechanism->cm_type))
411 return (CRYPTO_MECHANISM_INVALID);
412
413 SKEIN_CTX_LVALUE(ctx) = kmem_alloc(sizeof (*SKEIN_CTX(ctx)),
414 crypto_kmflag(req));
415 if (SKEIN_CTX(ctx) == NULL)
416 return (CRYPTO_HOST_MEMORY);
417
418 SKEIN_CTX(ctx)->sc_mech_type = mechanism->cm_type;
419 error = skein_get_digest_bitlen(mechanism,
420 &SKEIN_CTX(ctx)->sc_digest_bitlen);
421 if (error != CRYPTO_SUCCESS)
422 goto errout;
423 SKEIN_OP(SKEIN_CTX(ctx), Init, SKEIN_CTX(ctx)->sc_digest_bitlen);
424
425 return (CRYPTO_SUCCESS);
426 errout:
427 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
428 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
429 SKEIN_CTX_LVALUE(ctx) = NULL;
430 return (error);
431 }
432
433 /*
434 * Executes a skein_update and skein_digest on a pre-initialized crypto
435 * context in a single step. See the documentation to these functions to
436 * see what to pass here.
437 */
438 static int
439 skein_digest(crypto_ctx_t *ctx, crypto_data_t *data, crypto_data_t *digest,
440 crypto_req_handle_t req)
441 {
442 int error = CRYPTO_SUCCESS;
443
444 ASSERT(SKEIN_CTX(ctx) != NULL);
445
446 if (digest->cd_length <
447 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen)) {
448 digest->cd_length =
449 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
450 return (CRYPTO_BUFFER_TOO_SMALL);
451 }
452
453 error = skein_update(ctx, data, req);
454 if (error != CRYPTO_SUCCESS) {
455 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
456 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
457 SKEIN_CTX_LVALUE(ctx) = NULL;
458 digest->cd_length = 0;
459 return (error);
460 }
461 error = skein_final(ctx, digest, req);
462
463 return (error);
464 }
465
466 /*
467 * Performs a skein Update with the input message in `data' (successive calls
468 * can push more data). This is used both for digest and MAC operation.
469 * Supported input data formats are raw, uio and mblk.
470 */
471 /*ARGSUSED*/
472 static int
473 skein_update(crypto_ctx_t *ctx, crypto_data_t *data, crypto_req_handle_t req)
474 {
475 int error = CRYPTO_SUCCESS;
476
477 ASSERT(SKEIN_CTX(ctx) != NULL);
478
479 switch (data->cd_format) {
480 case CRYPTO_DATA_RAW:
481 SKEIN_OP(SKEIN_CTX(ctx), Update,
482 (uint8_t *)data->cd_raw.iov_base + data->cd_offset,
483 data->cd_length);
484 break;
485 case CRYPTO_DATA_UIO:
486 error = skein_digest_update_uio(SKEIN_CTX(ctx), data);
487 break;
488 default:
489 error = CRYPTO_ARGUMENTS_BAD;
490 }
491
492 return (error);
493 }
494
495 /*
496 * Performs a skein Final, writing the output to `digest'. This is used both
497 * for digest and MAC operation.
498 * Supported output digest formats are raw, uio and mblk.
499 */
500 /*ARGSUSED*/
501 static int
502 skein_final(crypto_ctx_t *ctx, crypto_data_t *digest, crypto_req_handle_t req)
503 {
504 int error = CRYPTO_SUCCESS;
505
506 ASSERT(SKEIN_CTX(ctx) != NULL);
507
508 if (digest->cd_length <
509 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen)) {
510 digest->cd_length =
511 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
512 return (CRYPTO_BUFFER_TOO_SMALL);
513 }
514
515 switch (digest->cd_format) {
516 case CRYPTO_DATA_RAW:
517 SKEIN_OP(SKEIN_CTX(ctx), Final,
518 (uint8_t *)digest->cd_raw.iov_base + digest->cd_offset);
519 break;
520 case CRYPTO_DATA_UIO:
521 error = skein_digest_final_uio(SKEIN_CTX(ctx), digest, req);
522 break;
523 default:
524 error = CRYPTO_ARGUMENTS_BAD;
525 }
526
527 if (error == CRYPTO_SUCCESS)
528 digest->cd_length =
529 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
530 else
531 digest->cd_length = 0;
532
533 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
534 kmem_free(SKEIN_CTX(ctx), sizeof (*(SKEIN_CTX(ctx))));
535 SKEIN_CTX_LVALUE(ctx) = NULL;
536
537 return (error);
538 }
539
540 /*
541 * Performs a full skein digest computation in a single call, configuring the
542 * algorithm according to `mechanism', reading the input to be digested from
543 * `data' and writing the output to `digest'.
544 * Supported input/output formats are raw, uio and mblk.
545 */
546 /*ARGSUSED*/
547 static int
548 skein_digest_atomic(crypto_provider_handle_t provider,
549 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
550 crypto_data_t *data, crypto_data_t *digest, crypto_req_handle_t req)
551 {
552 int error;
553 skein_ctx_t skein_ctx;
554 crypto_ctx_t ctx;
555 SKEIN_CTX_LVALUE(&ctx) = &skein_ctx;
556
557 /* Init */
558 if (!VALID_SKEIN_DIGEST_MECH(mechanism->cm_type))
559 return (CRYPTO_MECHANISM_INVALID);
560 skein_ctx.sc_mech_type = mechanism->cm_type;
561 error = skein_get_digest_bitlen(mechanism, &skein_ctx.sc_digest_bitlen);
562 if (error != CRYPTO_SUCCESS)
563 goto out;
564 SKEIN_OP(&skein_ctx, Init, skein_ctx.sc_digest_bitlen);
565
566 if ((error = skein_update(&ctx, data, digest)) != CRYPTO_SUCCESS)
567 goto out;
568 if ((error = skein_final(&ctx, data, digest)) != CRYPTO_SUCCESS)
569 goto out;
570
571 out:
572 if (error == CRYPTO_SUCCESS)
573 digest->cd_length =
574 CRYPTO_BITS2BYTES(skein_ctx.sc_digest_bitlen);
575 else
576 digest->cd_length = 0;
577 bzero(&skein_ctx, sizeof (skein_ctx));
578
579 return (error);
580 }
581
582 /*
583 * Helper function that builds a Skein MAC context from the provided
584 * mechanism and key.
585 */
586 static int
587 skein_mac_ctx_build(skein_ctx_t *ctx, crypto_mechanism_t *mechanism,
588 crypto_key_t *key)
589 {
590 int error;
591
592 if (!VALID_SKEIN_MAC_MECH(mechanism->cm_type))
593 return (CRYPTO_MECHANISM_INVALID);
594 if (key->ck_format != CRYPTO_KEY_RAW)
595 return (CRYPTO_ARGUMENTS_BAD);
596 ctx->sc_mech_type = mechanism->cm_type;
597 error = skein_get_digest_bitlen(mechanism, &ctx->sc_digest_bitlen);
598 if (error != CRYPTO_SUCCESS)
599 return (error);
600 SKEIN_OP(ctx, InitExt, ctx->sc_digest_bitlen, 0, key->ck_data,
601 CRYPTO_BITS2BYTES(key->ck_length));
602
603 return (CRYPTO_SUCCESS);
604 }
605
606 /*
607 * KCF software provide mac entry points.
608 */
609 /*
610 * Initializes a skein MAC context. You may pass a ctx_template, in which
611 * case the template will be reused to make initialization more efficient.
612 * Otherwise a new context will be constructed. The mechanism cm_type must
613 * be one of SKEIN_*_MAC_MECH_INFO_TYPE. Same as in skein_digest_init, you
614 * may pass a skein_param_t in cm_param to configure the length of the
615 * digest. The key must be in raw format.
616 */
617 static int
618 skein_mac_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
619 crypto_key_t *key, crypto_spi_ctx_template_t ctx_template,
620 crypto_req_handle_t req)
621 {
622 int error;
623
624 SKEIN_CTX_LVALUE(ctx) = kmem_alloc(sizeof (*SKEIN_CTX(ctx)),
625 crypto_kmflag(req));
626 if (SKEIN_CTX(ctx) == NULL)
627 return (CRYPTO_HOST_MEMORY);
628
629 if (ctx_template != NULL) {
630 bcopy(ctx_template, SKEIN_CTX(ctx),
631 sizeof (*SKEIN_CTX(ctx)));
632 } else {
633 error = skein_mac_ctx_build(SKEIN_CTX(ctx), mechanism, key);
634 if (error != CRYPTO_SUCCESS)
635 goto errout;
636 }
637
638 return (CRYPTO_SUCCESS);
639 errout:
640 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
641 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
642 return (error);
643 }
644
645 /*
646 * The MAC update and final calls are reused from the regular digest code.
647 */
648
649 /*ARGSUSED*/
650 /*
651 * Same as skein_digest_atomic, performs an atomic Skein MAC operation in
652 * one step. All the same properties apply to the arguments of this
653 * function as to those of the partial operations above.
654 */
655 static int
656 skein_mac_atomic(crypto_provider_handle_t provider,
657 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
658 crypto_key_t *key, crypto_data_t *data, crypto_data_t *mac,
659 crypto_spi_ctx_template_t ctx_template, crypto_req_handle_t req)
660 {
661 /* faux crypto context just for skein_digest_{update,final} */
662 int error;
663 crypto_ctx_t ctx;
664 skein_ctx_t skein_ctx;
665 SKEIN_CTX_LVALUE(&ctx) = &skein_ctx;
666
667 if (ctx_template != NULL) {
668 bcopy(ctx_template, &skein_ctx, sizeof (skein_ctx));
669 } else {
670 error = skein_mac_ctx_build(&skein_ctx, mechanism, key);
671 if (error != CRYPTO_SUCCESS)
672 goto errout;
673 }
674
675 if ((error = skein_update(&ctx, data, req)) != CRYPTO_SUCCESS)
676 goto errout;
677 if ((error = skein_final(&ctx, mac, req)) != CRYPTO_SUCCESS)
678 goto errout;
679
680 return (CRYPTO_SUCCESS);
681 errout:
682 bzero(&skein_ctx, sizeof (skein_ctx));
683 return (error);
684 }
685
686 /*
687 * KCF software provider context management entry points.
688 */
689
690 /*
691 * Constructs a context template for the Skein MAC algorithm. The same
692 * properties apply to the arguments of this function as to those of
693 * skein_mac_init.
694 */
695 /*ARGSUSED*/
696 static int
697 skein_create_ctx_template(crypto_provider_handle_t provider,
698 crypto_mechanism_t *mechanism, crypto_key_t *key,
699 crypto_spi_ctx_template_t *ctx_template, size_t *ctx_template_size,
700 crypto_req_handle_t req)
701 {
702 int error;
703 skein_ctx_t *ctx_tmpl;
704
705 ctx_tmpl = kmem_alloc(sizeof (*ctx_tmpl), crypto_kmflag(req));
706 if (ctx_tmpl == NULL)
707 return (CRYPTO_HOST_MEMORY);
708 error = skein_mac_ctx_build(ctx_tmpl, mechanism, key);
709 if (error != CRYPTO_SUCCESS)
710 goto errout;
711 *ctx_template = ctx_tmpl;
712 *ctx_template_size = sizeof (*ctx_tmpl);
713
714 return (CRYPTO_SUCCESS);
715 errout:
716 bzero(ctx_tmpl, sizeof (*ctx_tmpl));
717 kmem_free(ctx_tmpl, sizeof (*ctx_tmpl));
718 return (error);
719 }
720
721 /*
722 * Frees a skein context in a parent crypto context.
723 */
724 static int
725 skein_free_context(crypto_ctx_t *ctx)
726 {
727 if (SKEIN_CTX(ctx) != NULL) {
728 bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
729 kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
730 SKEIN_CTX_LVALUE(ctx) = NULL;
731 }
732
733 return (CRYPTO_SUCCESS);
734 }
ubuntu-zesty-kernel mirror