2015-12-30 23:43:07 +01:00
|
|
|
/* $FreeBSD$ */
|
|
|
|
/* $OpenBSD: xform.h,v 1.8 2001/08/28 12:20:43 ben Exp $ */
|
|
|
|
|
|
|
|
/*-
|
|
|
|
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
|
|
|
|
*
|
|
|
|
* This code was written by Angelos D. Keromytis in Athens, Greece, in
|
|
|
|
* February 2000. Network Security Technologies Inc. (NSTI) kindly
|
|
|
|
* supported the development of this code.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2000 Angelos D. Keromytis
|
|
|
|
* Copyright (c) 2014 The FreeBSD Foundation
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Portions of this software were developed by John-Mark Gurney
|
|
|
|
* under sponsorship of the FreeBSD Foundation and
|
|
|
|
* Rubicon Communications, LLC (Netgate).
|
|
|
|
*
|
|
|
|
* Permission to use, copy, and modify this software without fee
|
|
|
|
* is hereby granted, provided that this entire notice is included in
|
|
|
|
* all source code copies of any software which is or includes a copy or
|
|
|
|
* modification of this software.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
|
|
|
|
* REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
|
|
|
|
* MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
|
|
|
|
* PURPOSE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _CRYPTO_XFORM_AUTH_H_
|
|
|
|
#define _CRYPTO_XFORM_AUTH_H_
|
|
|
|
|
|
|
|
#include <sys/malloc.h>
|
|
|
|
#include <sys/errno.h>
|
|
|
|
|
|
|
|
#include <sys/md5.h>
|
|
|
|
#include <crypto/sha1.h>
|
|
|
|
#include <crypto/sha2/sha256.h>
|
|
|
|
#include <crypto/sha2/sha384.h>
|
|
|
|
#include <crypto/sha2/sha512.h>
|
|
|
|
#include <opencrypto/rmd160.h>
|
|
|
|
#include <opencrypto/gmac.h>
|
|
|
|
|
|
|
|
#include <opencrypto/cryptodev.h>
|
|
|
|
#include <opencrypto/xform_userland.h>
|
|
|
|
|
|
|
|
/* XXX use a define common with other hash stuff ! */
|
|
|
|
#define AH_ALEN_MAX 64 /* max authenticator hash length */
|
|
|
|
|
|
|
|
/* Declarations */
|
|
|
|
struct auth_hash {
|
|
|
|
int type;
|
|
|
|
char *name;
|
|
|
|
u_int16_t keysize;
|
|
|
|
u_int16_t hashsize;
|
|
|
|
u_int16_t ctxsize;
|
|
|
|
u_int16_t blocksize;
|
|
|
|
void (*Init) (void *);
|
|
|
|
void (*Setkey) (void *, const u_int8_t *, u_int16_t);
|
|
|
|
void (*Reinit) (void *, const u_int8_t *, u_int16_t);
|
|
|
|
int (*Update) (void *, const u_int8_t *, u_int16_t);
|
|
|
|
void (*Final) (u_int8_t *, void *);
|
|
|
|
};
|
|
|
|
|
|
|
|
extern struct auth_hash auth_hash_null;
|
|
|
|
extern struct auth_hash auth_hash_key_md5;
|
|
|
|
extern struct auth_hash auth_hash_key_sha1;
|
|
|
|
extern struct auth_hash auth_hash_hmac_md5;
|
|
|
|
extern struct auth_hash auth_hash_hmac_sha1;
|
|
|
|
extern struct auth_hash auth_hash_hmac_ripemd_160;
|
2018-07-09 09:26:12 +02:00
|
|
|
extern struct auth_hash auth_hash_hmac_sha2_224;
|
2015-12-30 23:43:07 +01:00
|
|
|
extern struct auth_hash auth_hash_hmac_sha2_256;
|
|
|
|
extern struct auth_hash auth_hash_hmac_sha2_384;
|
|
|
|
extern struct auth_hash auth_hash_hmac_sha2_512;
|
2018-07-09 09:28:13 +02:00
|
|
|
extern struct auth_hash auth_hash_sha1;
|
|
|
|
extern struct auth_hash auth_hash_sha2_224;
|
|
|
|
extern struct auth_hash auth_hash_sha2_256;
|
|
|
|
extern struct auth_hash auth_hash_sha2_384;
|
|
|
|
extern struct auth_hash auth_hash_sha2_512;
|
2015-12-30 23:43:07 +01:00
|
|
|
extern struct auth_hash auth_hash_nist_gmac_aes_128;
|
|
|
|
extern struct auth_hash auth_hash_nist_gmac_aes_192;
|
|
|
|
extern struct auth_hash auth_hash_nist_gmac_aes_256;
|
Import Blake2 algorithms (blake2b, blake2s) from libb2
The upstream repository is on github BLAKE2/libb2. Files landed in
sys/contrib/libb2 are the unmodified upstream files, except for one
difference: secure_zero_memory's contents have been replaced with
explicit_bzero() only because the previous implementation broke powerpc
link. Preferential use of explicit_bzero() is in progress upstream, so
it is anticipated we will be able to drop this diff in the future.
sys/crypto/blake2 contains the source files needed to port libb2 to our
build system, a wrapped (limited) variant of the algorithm to match the API
of our auth_transform softcrypto abstraction, incorporation into the Open
Crypto Framework (OCF) cryptosoft(4) driver, as well as an x86 SSE/AVX
accelerated OCF driver, blake2(4).
Optimized variants of blake2 are compiled for a number of x86 machines
(anything from SSE2 to AVX + XOP). On those machines, FPU context will need
to be explicitly saved before using blake2(4)-provided algorithms directly.
Use via cryptodev / OCF saves FPU state automatically, and use via the
auth_transform softcrypto abstraction does not use FPU.
The intent of the OCF driver is mostly to enable testing in userspace via
/dev/crypto. ATF tests are added with published KAT test vectors to
validate correctness.
Reviewed by: jhb, markj
Obtained from: github BLAKE2/libb2
Differential Revision: https://reviews.freebsd.org/D14662
2018-03-21 17:18:14 +01:00
|
|
|
extern struct auth_hash auth_hash_blake2b;
|
|
|
|
extern struct auth_hash auth_hash_blake2s;
|
2018-08-17 02:30:04 +02:00
|
|
|
extern struct auth_hash auth_hash_poly1305;
|
2015-12-30 23:43:07 +01:00
|
|
|
|
|
|
|
union authctx {
|
|
|
|
MD5_CTX md5ctx;
|
|
|
|
SHA1_CTX sha1ctx;
|
|
|
|
RMD160_CTX rmd160ctx;
|
|
|
|
SHA256_CTX sha256ctx;
|
|
|
|
SHA384_CTX sha384ctx;
|
|
|
|
SHA512_CTX sha512ctx;
|
|
|
|
struct aes_gmac_ctx aes_gmac_ctx;
|
|
|
|
};
|
|
|
|
|
|
|
|
#endif /* _CRYPTO_XFORM_AUTH_H_ */
|