4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://opensource.org/licenses/CDDL-1.0.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright 2013 Saso Kiselkov. All rights reserved.
26 #include <sys/modctl.h>
27 #include <sys/crypto/common.h>
28 #include <sys/crypto/spi.h>
29 #include <sys/sysmacros.h>
30 #include <sys/systm.h>
31 #define SKEIN_MODULE_IMPL
32 #include <sys/skein.h>
35 * Like the sha2 module, we create the skein module with two modlinkages:
36 * - modlmisc to allow direct calls to Skein_* API functions.
37 * - modlcrypto to integrate well into the Kernel Crypto Framework (KCF).
39 static struct modlmisc modlmisc
= {
41 "Skein Message-Digest Algorithm"
44 static struct modlcrypto modlcrypto
= {
46 "Skein Kernel SW Provider"
49 static struct modlinkage modlinkage
= {
50 MODREV_1
, {&modlmisc
, &modlcrypto
, NULL
}
53 static crypto_mech_info_t skein_mech_info_tab
[] = {
54 {CKM_SKEIN_256
, SKEIN_256_MECH_INFO_TYPE
,
55 CRYPTO_FG_DIGEST
| CRYPTO_FG_DIGEST_ATOMIC
,
56 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS
},
57 {CKM_SKEIN_256_MAC
, SKEIN_256_MAC_MECH_INFO_TYPE
,
58 CRYPTO_FG_MAC
| CRYPTO_FG_MAC_ATOMIC
, 1, INT_MAX
,
59 CRYPTO_KEYSIZE_UNIT_IN_BYTES
},
60 {CKM_SKEIN_512
, SKEIN_512_MECH_INFO_TYPE
,
61 CRYPTO_FG_DIGEST
| CRYPTO_FG_DIGEST_ATOMIC
,
62 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS
},
63 {CKM_SKEIN_512_MAC
, SKEIN_512_MAC_MECH_INFO_TYPE
,
64 CRYPTO_FG_MAC
| CRYPTO_FG_MAC_ATOMIC
, 1, INT_MAX
,
65 CRYPTO_KEYSIZE_UNIT_IN_BYTES
},
66 {CKM_SKEIN1024
, SKEIN1024_MECH_INFO_TYPE
,
67 CRYPTO_FG_DIGEST
| CRYPTO_FG_DIGEST_ATOMIC
,
68 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS
},
69 {CKM_SKEIN1024_MAC
, SKEIN1024_MAC_MECH_INFO_TYPE
,
70 CRYPTO_FG_MAC
| CRYPTO_FG_MAC_ATOMIC
, 1, INT_MAX
,
71 CRYPTO_KEYSIZE_UNIT_IN_BYTES
}
74 static void skein_provider_status(crypto_provider_handle_t
, uint_t
*);
76 static crypto_control_ops_t skein_control_ops
= {
80 static int skein_digest_init(crypto_ctx_t
*, crypto_mechanism_t
*,
82 static int skein_digest(crypto_ctx_t
*, crypto_data_t
*, crypto_data_t
*,
84 static int skein_update(crypto_ctx_t
*, crypto_data_t
*, crypto_req_handle_t
);
85 static int skein_final(crypto_ctx_t
*, crypto_data_t
*, crypto_req_handle_t
);
86 static int skein_digest_atomic(crypto_provider_handle_t
, crypto_session_id_t
,
87 crypto_mechanism_t
*, crypto_data_t
*, crypto_data_t
*,
90 static crypto_digest_ops_t skein_digest_ops
= {
99 static int skein_mac_init(crypto_ctx_t
*, crypto_mechanism_t
*, crypto_key_t
*,
100 crypto_spi_ctx_template_t
, crypto_req_handle_t
);
101 static int skein_mac_atomic(crypto_provider_handle_t
, crypto_session_id_t
,
102 crypto_mechanism_t
*, crypto_key_t
*, crypto_data_t
*, crypto_data_t
*,
103 crypto_spi_ctx_template_t
, crypto_req_handle_t
);
105 static crypto_mac_ops_t skein_mac_ops
= {
108 skein_update
, /* using regular digest update is OK here */
109 skein_final
, /* using regular digest final is OK here */
114 static int skein_create_ctx_template(crypto_provider_handle_t
,
115 crypto_mechanism_t
*, crypto_key_t
*, crypto_spi_ctx_template_t
*,
116 size_t *, crypto_req_handle_t
);
117 static int skein_free_context(crypto_ctx_t
*);
119 static crypto_ctx_ops_t skein_ctx_ops
= {
120 skein_create_ctx_template
,
124 static crypto_ops_t skein_crypto_ops
= {{{{{
141 static crypto_provider_info_t skein_prov_info
= {{{{
142 CRYPTO_SPI_VERSION_1
,
143 "Skein Software Provider",
147 sizeof (skein_mech_info_tab
) / sizeof (crypto_mech_info_t
),
151 static crypto_kcf_provider_handle_t skein_prov_handle
= 0;
153 typedef struct skein_ctx
{
154 skein_mech_type_t sc_mech_type
;
155 size_t sc_digest_bitlen
;
156 /*LINTED(E_ANONYMOUS_UNION_DECL)*/
158 Skein_256_Ctxt_t sc_256
;
159 Skein_512_Ctxt_t sc_512
;
160 Skein1024_Ctxt_t sc_1024
;
163 #define SKEIN_CTX(_ctx_) ((skein_ctx_t *)((_ctx_)->cc_provider_private))
164 #define SKEIN_CTX_LVALUE(_ctx_) (_ctx_)->cc_provider_private
165 #define SKEIN_OP(_skein_ctx, _op, ...) \
167 skein_ctx_t *sc = (_skein_ctx); \
168 switch (sc->sc_mech_type) { \
169 case SKEIN_256_MECH_INFO_TYPE: \
170 case SKEIN_256_MAC_MECH_INFO_TYPE: \
171 (void) Skein_256_ ## _op(&sc->sc_256, __VA_ARGS__);\
173 case SKEIN_512_MECH_INFO_TYPE: \
174 case SKEIN_512_MAC_MECH_INFO_TYPE: \
175 (void) Skein_512_ ## _op(&sc->sc_512, __VA_ARGS__);\
177 case SKEIN1024_MECH_INFO_TYPE: \
178 case SKEIN1024_MAC_MECH_INFO_TYPE: \
179 (void) Skein1024_ ## _op(&sc->sc_1024, __VA_ARGS__);\
186 skein_get_digest_bitlen(const crypto_mechanism_t
*mechanism
, size_t *result
)
188 if (mechanism
->cm_param
!= NULL
) {
189 /*LINTED(E_BAD_PTR_CAST_ALIGN)*/
190 skein_param_t
*param
= (skein_param_t
*)mechanism
->cm_param
;
192 if (mechanism
->cm_param_len
!= sizeof (*param
) ||
193 param
->sp_digest_bitlen
== 0) {
194 return (CRYPTO_MECHANISM_PARAM_INVALID
);
196 *result
= param
->sp_digest_bitlen
;
198 switch (mechanism
->cm_type
) {
199 case SKEIN_256_MECH_INFO_TYPE
:
202 case SKEIN_512_MECH_INFO_TYPE
:
205 case SKEIN1024_MECH_INFO_TYPE
:
209 return (CRYPTO_MECHANISM_INVALID
);
212 return (CRYPTO_SUCCESS
);
220 if ((error
= mod_install(&modlinkage
)) != 0)
224 * Try to register with KCF - failure shouldn't unload us, since we
225 * still may want to continue providing misc/skein functionality.
227 (void) crypto_register_provider(&skein_prov_info
, &skein_prov_handle
);
233 skein_mod_fini(void) {
236 if (skein_prov_handle
!= 0) {
237 if ((ret
= crypto_unregister_provider(skein_prov_handle
)) !=
240 "skein _fini: crypto_unregister_provider() "
241 "failed (0x%x)", ret
);
244 skein_prov_handle
= 0;
247 return (mod_remove(&modlinkage
));
251 * KCF software provider control entry points.
255 skein_provider_status(crypto_provider_handle_t provider
, uint_t
*status
)
257 *status
= CRYPTO_PROVIDER_READY
;
261 * General Skein hashing helper functions.
265 * Performs an Update on a context with uio input data.
268 skein_digest_update_uio(skein_ctx_t
*ctx
, const crypto_data_t
*data
)
270 off_t offset
= data
->cd_offset
;
271 size_t length
= data
->cd_length
;
274 const uio_t
*uio
= data
->cd_uio
;
276 /* we support only kernel buffer */
277 if (uio
->uio_segflg
!= UIO_SYSSPACE
)
278 return (CRYPTO_ARGUMENTS_BAD
);
281 * Jump to the first iovec containing data to be
284 for (vec_idx
= 0; vec_idx
< uio
->uio_iovcnt
&&
285 offset
>= uio
->uio_iov
[vec_idx
].iov_len
;
286 offset
-= uio
->uio_iov
[vec_idx
++].iov_len
)
288 if (vec_idx
== uio
->uio_iovcnt
) {
290 * The caller specified an offset that is larger than the
291 * total size of the buffers it provided.
293 return (CRYPTO_DATA_LEN_RANGE
);
297 * Now do the digesting on the iovecs.
299 while (vec_idx
< uio
->uio_iovcnt
&& length
> 0) {
300 cur_len
= MIN(uio
->uio_iov
[vec_idx
].iov_len
- offset
, length
);
301 SKEIN_OP(ctx
, Update
, (uint8_t *)uio
->uio_iov
[vec_idx
].iov_base
308 if (vec_idx
== uio
->uio_iovcnt
&& length
> 0) {
310 * The end of the specified iovec's was reached but
311 * the length requested could not be processed, i.e.
312 * The caller requested to digest more data than it provided.
314 return (CRYPTO_DATA_LEN_RANGE
);
317 return (CRYPTO_SUCCESS
);
321 * Performs a Final on a context and writes to a uio digest output.
324 skein_digest_final_uio(skein_ctx_t
*ctx
, crypto_data_t
*digest
,
325 crypto_req_handle_t req
)
327 off_t offset
= digest
->cd_offset
;
329 uio_t
*uio
= digest
->cd_uio
;
331 /* we support only kernel buffer */
332 if (uio
->uio_segflg
!= UIO_SYSSPACE
)
333 return (CRYPTO_ARGUMENTS_BAD
);
336 * Jump to the first iovec containing ptr to the digest to be returned.
338 for (vec_idx
= 0; offset
>= uio
->uio_iov
[vec_idx
].iov_len
&&
339 vec_idx
< uio
->uio_iovcnt
;
340 offset
-= uio
->uio_iov
[vec_idx
++].iov_len
)
342 if (vec_idx
== uio
->uio_iovcnt
) {
344 * The caller specified an offset that is larger than the
345 * total size of the buffers it provided.
347 return (CRYPTO_DATA_LEN_RANGE
);
349 if (offset
+ CRYPTO_BITS2BYTES(ctx
->sc_digest_bitlen
) <=
350 uio
->uio_iov
[vec_idx
].iov_len
) {
351 /* The computed digest will fit in the current iovec. */
353 (uchar_t
*)uio
->uio_iov
[vec_idx
].iov_base
+ offset
);
356 off_t scratch_offset
= 0;
357 size_t length
= CRYPTO_BITS2BYTES(ctx
->sc_digest_bitlen
);
360 digest_tmp
= kmem_alloc(CRYPTO_BITS2BYTES(
361 ctx
->sc_digest_bitlen
), crypto_kmflag(req
));
362 if (digest_tmp
== NULL
)
363 return (CRYPTO_HOST_MEMORY
);
364 SKEIN_OP(ctx
, Final
, digest_tmp
);
365 while (vec_idx
< uio
->uio_iovcnt
&& length
> 0) {
366 cur_len
= MIN(uio
->uio_iov
[vec_idx
].iov_len
- offset
,
368 bcopy(digest_tmp
+ scratch_offset
,
369 uio
->uio_iov
[vec_idx
].iov_base
+ offset
, cur_len
);
373 scratch_offset
+= cur_len
;
376 kmem_free(digest_tmp
, CRYPTO_BITS2BYTES(ctx
->sc_digest_bitlen
));
378 if (vec_idx
== uio
->uio_iovcnt
&& length
> 0) {
380 * The end of the specified iovec's was reached but
381 * the length requested could not be processed, i.e.
382 * The caller requested to digest more data than it
385 return (CRYPTO_DATA_LEN_RANGE
);
389 return (CRYPTO_SUCCESS
);
393 * KCF software provider digest entry points.
397 * Initializes a skein digest context to the configuration in `mechanism'.
398 * The mechanism cm_type must be one of SKEIN_*_MECH_INFO_TYPE. The cm_param
399 * field may contain a skein_param_t structure indicating the length of the
400 * digest the algorithm should produce. Otherwise the default output lengths
401 * are applied (32 bytes for Skein-256, 64 bytes for Skein-512 and 128 bytes
405 skein_digest_init(crypto_ctx_t
*ctx
, crypto_mechanism_t
*mechanism
,
406 crypto_req_handle_t req
)
408 int error
= CRYPTO_SUCCESS
;
410 if (!VALID_SKEIN_DIGEST_MECH(mechanism
->cm_type
))
411 return (CRYPTO_MECHANISM_INVALID
);
413 SKEIN_CTX_LVALUE(ctx
) = kmem_alloc(sizeof (*SKEIN_CTX(ctx
)),
415 if (SKEIN_CTX(ctx
) == NULL
)
416 return (CRYPTO_HOST_MEMORY
);
418 SKEIN_CTX(ctx
)->sc_mech_type
= mechanism
->cm_type
;
419 error
= skein_get_digest_bitlen(mechanism
,
420 &SKEIN_CTX(ctx
)->sc_digest_bitlen
);
421 if (error
!= CRYPTO_SUCCESS
)
423 SKEIN_OP(SKEIN_CTX(ctx
), Init
, SKEIN_CTX(ctx
)->sc_digest_bitlen
);
425 return (CRYPTO_SUCCESS
);
427 bzero(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
428 kmem_free(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
429 SKEIN_CTX_LVALUE(ctx
) = NULL
;
434 * Executes a skein_update and skein_digest on a pre-initialized crypto
435 * context in a single step. See the documentation to these functions to
436 * see what to pass here.
439 skein_digest(crypto_ctx_t
*ctx
, crypto_data_t
*data
, crypto_data_t
*digest
,
440 crypto_req_handle_t req
)
442 int error
= CRYPTO_SUCCESS
;
444 ASSERT(SKEIN_CTX(ctx
) != NULL
);
446 if (digest
->cd_length
<
447 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx
)->sc_digest_bitlen
)) {
449 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx
)->sc_digest_bitlen
);
450 return (CRYPTO_BUFFER_TOO_SMALL
);
453 error
= skein_update(ctx
, data
, req
);
454 if (error
!= CRYPTO_SUCCESS
) {
455 bzero(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
456 kmem_free(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
457 SKEIN_CTX_LVALUE(ctx
) = NULL
;
458 digest
->cd_length
= 0;
461 error
= skein_final(ctx
, digest
, req
);
467 * Performs a skein Update with the input message in `data' (successive calls
468 * can push more data). This is used both for digest and MAC operation.
469 * Supported input data formats are raw, uio and mblk.
473 skein_update(crypto_ctx_t
*ctx
, crypto_data_t
*data
, crypto_req_handle_t req
)
475 int error
= CRYPTO_SUCCESS
;
477 ASSERT(SKEIN_CTX(ctx
) != NULL
);
479 switch (data
->cd_format
) {
480 case CRYPTO_DATA_RAW
:
481 SKEIN_OP(SKEIN_CTX(ctx
), Update
,
482 (uint8_t *)data
->cd_raw
.iov_base
+ data
->cd_offset
,
485 case CRYPTO_DATA_UIO
:
486 error
= skein_digest_update_uio(SKEIN_CTX(ctx
), data
);
489 error
= CRYPTO_ARGUMENTS_BAD
;
496 * Performs a skein Final, writing the output to `digest'. This is used both
497 * for digest and MAC operation.
498 * Supported output digest formats are raw, uio and mblk.
502 skein_final(crypto_ctx_t
*ctx
, crypto_data_t
*digest
, crypto_req_handle_t req
)
504 int error
= CRYPTO_SUCCESS
;
506 ASSERT(SKEIN_CTX(ctx
) != NULL
);
508 if (digest
->cd_length
<
509 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx
)->sc_digest_bitlen
)) {
511 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx
)->sc_digest_bitlen
);
512 return (CRYPTO_BUFFER_TOO_SMALL
);
515 switch (digest
->cd_format
) {
516 case CRYPTO_DATA_RAW
:
517 SKEIN_OP(SKEIN_CTX(ctx
), Final
,
518 (uint8_t *)digest
->cd_raw
.iov_base
+ digest
->cd_offset
);
520 case CRYPTO_DATA_UIO
:
521 error
= skein_digest_final_uio(SKEIN_CTX(ctx
), digest
, req
);
524 error
= CRYPTO_ARGUMENTS_BAD
;
527 if (error
== CRYPTO_SUCCESS
)
529 CRYPTO_BITS2BYTES(SKEIN_CTX(ctx
)->sc_digest_bitlen
);
531 digest
->cd_length
= 0;
533 bzero(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
534 kmem_free(SKEIN_CTX(ctx
), sizeof (*(SKEIN_CTX(ctx
))));
535 SKEIN_CTX_LVALUE(ctx
) = NULL
;
541 * Performs a full skein digest computation in a single call, configuring the
542 * algorithm according to `mechanism', reading the input to be digested from
543 * `data' and writing the output to `digest'.
544 * Supported input/output formats are raw, uio and mblk.
548 skein_digest_atomic(crypto_provider_handle_t provider
,
549 crypto_session_id_t session_id
, crypto_mechanism_t
*mechanism
,
550 crypto_data_t
*data
, crypto_data_t
*digest
, crypto_req_handle_t req
)
553 skein_ctx_t skein_ctx
;
555 SKEIN_CTX_LVALUE(&ctx
) = &skein_ctx
;
558 if (!VALID_SKEIN_DIGEST_MECH(mechanism
->cm_type
))
559 return (CRYPTO_MECHANISM_INVALID
);
560 skein_ctx
.sc_mech_type
= mechanism
->cm_type
;
561 error
= skein_get_digest_bitlen(mechanism
, &skein_ctx
.sc_digest_bitlen
);
562 if (error
!= CRYPTO_SUCCESS
)
564 SKEIN_OP(&skein_ctx
, Init
, skein_ctx
.sc_digest_bitlen
);
566 if ((error
= skein_update(&ctx
, data
, digest
)) != CRYPTO_SUCCESS
)
568 if ((error
= skein_final(&ctx
, data
, digest
)) != CRYPTO_SUCCESS
)
572 if (error
== CRYPTO_SUCCESS
)
574 CRYPTO_BITS2BYTES(skein_ctx
.sc_digest_bitlen
);
576 digest
->cd_length
= 0;
577 bzero(&skein_ctx
, sizeof (skein_ctx
));
583 * Helper function that builds a Skein MAC context from the provided
587 skein_mac_ctx_build(skein_ctx_t
*ctx
, crypto_mechanism_t
*mechanism
,
592 if (!VALID_SKEIN_MAC_MECH(mechanism
->cm_type
))
593 return (CRYPTO_MECHANISM_INVALID
);
594 if (key
->ck_format
!= CRYPTO_KEY_RAW
)
595 return (CRYPTO_ARGUMENTS_BAD
);
596 ctx
->sc_mech_type
= mechanism
->cm_type
;
597 error
= skein_get_digest_bitlen(mechanism
, &ctx
->sc_digest_bitlen
);
598 if (error
!= CRYPTO_SUCCESS
)
600 SKEIN_OP(ctx
, InitExt
, ctx
->sc_digest_bitlen
, 0, key
->ck_data
,
601 CRYPTO_BITS2BYTES(key
->ck_length
));
603 return (CRYPTO_SUCCESS
);
607 * KCF software provide mac entry points.
610 * Initializes a skein MAC context. You may pass a ctx_template, in which
611 * case the template will be reused to make initialization more efficient.
612 * Otherwise a new context will be constructed. The mechanism cm_type must
613 * be one of SKEIN_*_MAC_MECH_INFO_TYPE. Same as in skein_digest_init, you
614 * may pass a skein_param_t in cm_param to configure the length of the
615 * digest. The key must be in raw format.
618 skein_mac_init(crypto_ctx_t
*ctx
, crypto_mechanism_t
*mechanism
,
619 crypto_key_t
*key
, crypto_spi_ctx_template_t ctx_template
,
620 crypto_req_handle_t req
)
624 SKEIN_CTX_LVALUE(ctx
) = kmem_alloc(sizeof (*SKEIN_CTX(ctx
)),
626 if (SKEIN_CTX(ctx
) == NULL
)
627 return (CRYPTO_HOST_MEMORY
);
629 if (ctx_template
!= NULL
) {
630 bcopy(ctx_template
, SKEIN_CTX(ctx
),
631 sizeof (*SKEIN_CTX(ctx
)));
633 error
= skein_mac_ctx_build(SKEIN_CTX(ctx
), mechanism
, key
);
634 if (error
!= CRYPTO_SUCCESS
)
638 return (CRYPTO_SUCCESS
);
640 bzero(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
641 kmem_free(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
646 * The MAC update and final calls are reused from the regular digest code.
651 * Same as skein_digest_atomic, performs an atomic Skein MAC operation in
652 * one step. All the same properties apply to the arguments of this
653 * function as to those of the partial operations above.
656 skein_mac_atomic(crypto_provider_handle_t provider
,
657 crypto_session_id_t session_id
, crypto_mechanism_t
*mechanism
,
658 crypto_key_t
*key
, crypto_data_t
*data
, crypto_data_t
*mac
,
659 crypto_spi_ctx_template_t ctx_template
, crypto_req_handle_t req
)
661 /* faux crypto context just for skein_digest_{update,final} */
664 skein_ctx_t skein_ctx
;
665 SKEIN_CTX_LVALUE(&ctx
) = &skein_ctx
;
667 if (ctx_template
!= NULL
) {
668 bcopy(ctx_template
, &skein_ctx
, sizeof (skein_ctx
));
670 error
= skein_mac_ctx_build(&skein_ctx
, mechanism
, key
);
671 if (error
!= CRYPTO_SUCCESS
)
675 if ((error
= skein_update(&ctx
, data
, req
)) != CRYPTO_SUCCESS
)
677 if ((error
= skein_final(&ctx
, mac
, req
)) != CRYPTO_SUCCESS
)
680 return (CRYPTO_SUCCESS
);
682 bzero(&skein_ctx
, sizeof (skein_ctx
));
687 * KCF software provider context management entry points.
691 * Constructs a context template for the Skein MAC algorithm. The same
692 * properties apply to the arguments of this function as to those of
697 skein_create_ctx_template(crypto_provider_handle_t provider
,
698 crypto_mechanism_t
*mechanism
, crypto_key_t
*key
,
699 crypto_spi_ctx_template_t
*ctx_template
, size_t *ctx_template_size
,
700 crypto_req_handle_t req
)
703 skein_ctx_t
*ctx_tmpl
;
705 ctx_tmpl
= kmem_alloc(sizeof (*ctx_tmpl
), crypto_kmflag(req
));
706 if (ctx_tmpl
== NULL
)
707 return (CRYPTO_HOST_MEMORY
);
708 error
= skein_mac_ctx_build(ctx_tmpl
, mechanism
, key
);
709 if (error
!= CRYPTO_SUCCESS
)
711 *ctx_template
= ctx_tmpl
;
712 *ctx_template_size
= sizeof (*ctx_tmpl
);
714 return (CRYPTO_SUCCESS
);
716 bzero(ctx_tmpl
, sizeof (*ctx_tmpl
));
717 kmem_free(ctx_tmpl
, sizeof (*ctx_tmpl
));
722 * Frees a skein context in a parent crypto context.
725 skein_free_context(crypto_ctx_t
*ctx
)
727 if (SKEIN_CTX(ctx
) != NULL
) {
728 bzero(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
729 kmem_free(SKEIN_CTX(ctx
), sizeof (*SKEIN_CTX(ctx
)));
730 SKEIN_CTX_LVALUE(ctx
) = NULL
;
733 return (CRYPTO_SUCCESS
);