1 /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.10 2008/10/23 15:53:51 des Exp $ */ 2 /* $OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $ */ 3 /*- 4 * The authors of this code are John Ioannidis (ji@tla.org), 5 * Angelos D. Keromytis (kermit@csd.uch.gr) and 6 * Niels Provos (provos@physnet.uni-hamburg.de). 7 * 8 * This code was written by John Ioannidis for BSD/OS in Athens, Greece, 9 * in November 1995. 10 * 11 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, 12 * by Angelos D. Keromytis. 13 * 14 * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis 15 * and Niels Provos. 16 * 17 * Additional features in 1999 by Angelos D. Keromytis. 18 * 19 * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, 20 * Angelos D. Keromytis and Niels Provos. 21 * 22 * Copyright (C) 2001, Angelos D. Keromytis. 23 * 24 * Permission to use, copy, and modify this software with or without fee 25 * is hereby granted, provided that this entire notice is included in 26 * all copies of any software which is or includes a copy or 27 * modification of this software. 28 * You may use this code under the GNU public license if you so wish. Please 29 * contribute changes back to the authors under this freer than GPL license 30 * so that we may further the use of strong encryption without limitations to 31 * all. 32 * 33 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 34 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 35 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 36 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 37 * PURPOSE. 38 */ 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/malloc.h> 43 #include <sys/sysctl.h> 44 #include <sys/errno.h> 45 #include <sys/time.h> 46 #include <sys/kernel.h> 47 #include <machine/cpu.h> 48 49 #include <crypto/blowfish/blowfish.h> 50 #include <crypto/des/des.h> 51 #include <crypto/rijndael/rijndael.h> 52 #include <crypto/camellia/camellia.h> 53 #include <crypto/twofish/twofish.h> 54 #include <crypto/serpent/serpent.h> 55 #include <crypto/sha1.h> 56 57 #include <opencrypto/cast.h> 58 #include <opencrypto/deflate.h> 59 #include <opencrypto/rmd160.h> 60 #include <opencrypto/skipjack.h> 61 #include <opencrypto/gmac.h> 62 63 #include <sys/md5.h> 64 65 #include <opencrypto/cryptodev.h> 66 #include <opencrypto/xform.h> 67 68 static void null_encrypt(caddr_t, u_int8_t *, u_int8_t *); 69 static void null_decrypt(caddr_t, u_int8_t *, u_int8_t *); 70 static int null_setkey(u_int8_t **, u_int8_t *, int); 71 static void null_zerokey(u_int8_t **); 72 73 static int des1_setkey(u_int8_t **, u_int8_t *, int); 74 static int des3_setkey(u_int8_t **, u_int8_t *, int); 75 static int blf_setkey(u_int8_t **, u_int8_t *, int); 76 static int cast5_setkey(u_int8_t **, u_int8_t *, int); 77 static int skipjack_setkey(u_int8_t **, u_int8_t *, int); 78 static int rijndael128_setkey(u_int8_t **, u_int8_t *, int); 79 static int aes_xts_setkey(u_int8_t **, u_int8_t *, int); 80 static int aes_ctr_setkey(u_int8_t **, u_int8_t *, int); 81 static int cml_setkey(u_int8_t **, u_int8_t *, int); 82 static int twofish128_setkey(u_int8_t **, u_int8_t *, int); 83 static int serpent128_setkey(u_int8_t **, u_int8_t *, int); 84 static int twofish_xts_setkey(u_int8_t **, u_int8_t *, int); 85 static int serpent_xts_setkey(u_int8_t **, u_int8_t *, int); 86 static void des1_encrypt(caddr_t, u_int8_t *, u_int8_t *); 87 static void des3_encrypt(caddr_t, u_int8_t *, u_int8_t *); 88 static void blf_encrypt(caddr_t, u_int8_t *, u_int8_t *); 89 static void cast5_encrypt(caddr_t, u_int8_t *, u_int8_t *); 90 static void skipjack_encrypt(caddr_t, u_int8_t *, u_int8_t *); 91 static void rijndael128_encrypt(caddr_t, u_int8_t *, u_int8_t *); 92 static void aes_xts_encrypt(caddr_t, u_int8_t *, u_int8_t *); 93 static void cml_encrypt(caddr_t, u_int8_t *, u_int8_t *); 94 static void twofish128_encrypt(caddr_t, u_int8_t *, u_int8_t *); 95 static void serpent128_encrypt(caddr_t, u_int8_t *, u_int8_t *); 96 static void twofish_xts_encrypt(caddr_t, u_int8_t *, u_int8_t *); 97 static void serpent_xts_encrypt(caddr_t, u_int8_t *, u_int8_t *); 98 static void des1_decrypt(caddr_t, u_int8_t *, u_int8_t *); 99 static void des3_decrypt(caddr_t, u_int8_t *, u_int8_t *); 100 static void blf_decrypt(caddr_t, u_int8_t *, u_int8_t *); 101 static void cast5_decrypt(caddr_t, u_int8_t *, u_int8_t *); 102 static void skipjack_decrypt(caddr_t, u_int8_t *, u_int8_t *); 103 static void rijndael128_decrypt(caddr_t, u_int8_t *, u_int8_t *); 104 static void aes_xts_decrypt(caddr_t, u_int8_t *, u_int8_t *); 105 static void cml_decrypt(caddr_t, u_int8_t *, u_int8_t *); 106 static void twofish128_decrypt(caddr_t, u_int8_t *, u_int8_t *); 107 static void serpent128_decrypt(caddr_t, u_int8_t *, u_int8_t *); 108 static void twofish_xts_decrypt(caddr_t, u_int8_t *, u_int8_t *); 109 static void serpent_xts_decrypt(caddr_t, u_int8_t *, u_int8_t *); 110 static void des1_zerokey(u_int8_t **); 111 static void des3_zerokey(u_int8_t **); 112 static void blf_zerokey(u_int8_t **); 113 static void cast5_zerokey(u_int8_t **); 114 static void skipjack_zerokey(u_int8_t **); 115 static void rijndael128_zerokey(u_int8_t **); 116 static void aes_xts_zerokey(u_int8_t **); 117 static void aes_ctr_zerokey(u_int8_t **); 118 static void cml_zerokey(u_int8_t **); 119 static void twofish128_zerokey(u_int8_t **); 120 static void serpent128_zerokey(u_int8_t **); 121 static void twofish_xts_zerokey(u_int8_t **); 122 static void serpent_xts_zerokey(u_int8_t **); 123 124 static void aes_ctr_crypt(caddr_t, u_int8_t *, u_int8_t *); 125 126 static void aes_ctr_reinit(caddr_t, u_int8_t *); 127 static void aes_xts_reinit(caddr_t, u_int8_t *); 128 static void aes_gcm_reinit(caddr_t, u_int8_t *); 129 static void twofish_xts_reinit(caddr_t, u_int8_t *); 130 static void serpent_xts_reinit(caddr_t, u_int8_t *); 131 132 static void null_init(void *); 133 static int null_update(void *, u_int8_t *, u_int16_t); 134 static void null_final(u_int8_t *, void *); 135 static int MD5Update_int(void *, u_int8_t *, u_int16_t); 136 static void SHA1Init_int(void *); 137 static int SHA1Update_int(void *, u_int8_t *, u_int16_t); 138 static void SHA1Final_int(u_int8_t *, void *); 139 static int RMD160Update_int(void *, u_int8_t *, u_int16_t); 140 static int SHA256Update_int(void *, u_int8_t *, u_int16_t); 141 static int SHA384Update_int(void *, u_int8_t *, u_int16_t); 142 static int SHA512Update_int(void *, u_int8_t *, u_int16_t); 143 144 static u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **); 145 static u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **); 146 147 /* Helper */ 148 struct aes_xts_ctx; 149 struct twofish_xts_ctx; 150 struct serpent_xts_ctx; 151 static void aes_xts_crypt(struct aes_xts_ctx *, u_int8_t *, u_int8_t *, u_int); 152 static void twofish_xts_crypt(struct twofish_xts_ctx *, u_int8_t *, u_int8_t *, 153 u_int); 154 static void serpent_xts_crypt(struct serpent_xts_ctx *, u_int8_t *, u_int8_t *, 155 u_int); 156 157 MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); 158 159 /* Encryption instances */ 160 struct enc_xform enc_xform_null = { 161 CRYPTO_NULL_CBC, "NULL", 162 /* NB: blocksize of 4 is to generate a properly aligned ESP header */ 163 NULL_BLOCK_LEN, NULL_BLOCK_LEN, 0, 256, /* 2048 bits, max key */ 164 null_encrypt, 165 null_decrypt, 166 null_setkey, 167 null_zerokey, 168 NULL 169 }; 170 171 struct enc_xform enc_xform_des = { 172 CRYPTO_DES_CBC, "DES", 173 DES_BLOCK_LEN, DES_BLOCK_LEN, 8, 8, 174 des1_encrypt, 175 des1_decrypt, 176 des1_setkey, 177 des1_zerokey, 178 NULL 179 }; 180 181 struct enc_xform enc_xform_3des = { 182 CRYPTO_3DES_CBC, "3DES", 183 DES3_BLOCK_LEN, DES3_BLOCK_LEN, 24, 24, 184 des3_encrypt, 185 des3_decrypt, 186 des3_setkey, 187 des3_zerokey, 188 NULL 189 }; 190 191 struct enc_xform enc_xform_blf = { 192 CRYPTO_BLF_CBC, "Blowfish", 193 BLOWFISH_BLOCK_LEN, BLOWFISH_BLOCK_LEN, 5, 56 /* 448 bits, max key */, 194 blf_encrypt, 195 blf_decrypt, 196 blf_setkey, 197 blf_zerokey, 198 NULL 199 }; 200 201 struct enc_xform enc_xform_cast5 = { 202 CRYPTO_CAST_CBC, "CAST-128", 203 CAST128_BLOCK_LEN, CAST128_BLOCK_LEN, 5, 16, 204 cast5_encrypt, 205 cast5_decrypt, 206 cast5_setkey, 207 cast5_zerokey, 208 NULL 209 }; 210 211 struct enc_xform enc_xform_skipjack = { 212 CRYPTO_SKIPJACK_CBC, "Skipjack", 213 SKIPJACK_BLOCK_LEN, SKIPJACK_BLOCK_LEN, 10, 10, 214 skipjack_encrypt, 215 skipjack_decrypt, 216 skipjack_setkey, 217 skipjack_zerokey, 218 NULL 219 }; 220 221 struct enc_xform enc_xform_rijndael128 = { 222 CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES", 223 RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, 8, 32, 224 rijndael128_encrypt, 225 rijndael128_decrypt, 226 rijndael128_setkey, 227 rijndael128_zerokey, 228 NULL 229 }; 230 231 struct enc_xform enc_xform_aes_xts = { 232 CRYPTO_AES_XTS, "AES-XTS", 233 AES_XTS_BLOCK_LEN, AES_XTS_IV_LEN, 32, 64, 234 aes_xts_encrypt, 235 aes_xts_decrypt, 236 aes_xts_setkey, 237 aes_xts_zerokey, 238 aes_xts_reinit 239 }; 240 241 struct enc_xform enc_xform_aes_ctr = { 242 CRYPTO_AES_CTR, "AES-CTR", 243 AESCTR_BLOCK_LEN, AESCTR_IV_LEN, 16+4, 32+4, 244 aes_ctr_crypt, 245 aes_ctr_crypt, 246 aes_ctr_setkey, 247 aes_ctr_zerokey, 248 aes_ctr_reinit 249 }; 250 251 struct enc_xform enc_xform_aes_gcm = { 252 CRYPTO_AES_GCM_16, "AES-GCM", 253 AESGCM_BLOCK_LEN, AESGCM_IV_LEN, 16+4, 32+4, 254 aes_ctr_crypt, 255 aes_ctr_crypt, 256 aes_ctr_setkey, 257 aes_ctr_zerokey, 258 aes_gcm_reinit 259 }; 260 261 struct enc_xform enc_xform_aes_gmac = { 262 CRYPTO_AES_GMAC, "AES-GMAC", 263 AESGMAC_BLOCK_LEN, AESGMAC_IV_LEN, 16+4, 32+4, 264 NULL, 265 NULL, 266 NULL, 267 NULL, 268 NULL 269 }; 270 271 struct enc_xform enc_xform_arc4 = { 272 CRYPTO_ARC4, "ARC4", 273 1, 1, 1, 32, 274 NULL, 275 NULL, 276 NULL, 277 NULL, 278 NULL 279 }; 280 281 struct enc_xform enc_xform_camellia = { 282 CRYPTO_CAMELLIA_CBC, "Camellia", 283 CAMELLIA_BLOCK_LEN, CAMELLIA_BLOCK_LEN, 8, 32, 284 cml_encrypt, 285 cml_decrypt, 286 cml_setkey, 287 cml_zerokey, 288 NULL 289 }; 290 291 struct enc_xform enc_xform_twofish = { 292 CRYPTO_TWOFISH_CBC, "Twofish", 293 TWOFISH_BLOCK_LEN, TWOFISH_BLOCK_LEN, 8, 32, 294 twofish128_encrypt, 295 twofish128_decrypt, 296 twofish128_setkey, 297 twofish128_zerokey, 298 NULL 299 }; 300 301 struct enc_xform enc_xform_serpent = { 302 CRYPTO_SERPENT_CBC, "Serpent", 303 SERPENT_BLOCK_LEN, SERPENT_BLOCK_LEN, 8, 32, 304 serpent128_encrypt, 305 serpent128_decrypt, 306 serpent128_setkey, 307 serpent128_zerokey, 308 NULL 309 }; 310 311 struct enc_xform enc_xform_twofish_xts = { 312 CRYPTO_TWOFISH_XTS, "TWOFISH-XTS", 313 TWOFISH_XTS_BLOCK_LEN, TWOFISH_XTS_IV_LEN, 32, 64, 314 twofish_xts_encrypt, 315 twofish_xts_decrypt, 316 twofish_xts_setkey, 317 twofish_xts_zerokey, 318 twofish_xts_reinit 319 }; 320 321 struct enc_xform enc_xform_serpent_xts = { 322 CRYPTO_SERPENT_XTS, "SERPENT-XTS", 323 SERPENT_XTS_BLOCK_LEN, SERPENT_XTS_IV_LEN, 32, 64, 324 serpent_xts_encrypt, 325 serpent_xts_decrypt, 326 serpent_xts_setkey, 327 serpent_xts_zerokey, 328 serpent_xts_reinit 329 }; 330 331 332 /* Authentication instances */ 333 struct auth_hash auth_hash_null = { 334 CRYPTO_NULL_HMAC, "NULL-HMAC", 335 0, NULL_HASH_LEN, NULL_HMAC_BLOCK_LEN, sizeof(int), /* NB: context isn't used */ 336 null_init, NULL, NULL, null_update, null_final 337 }; 338 339 struct auth_hash auth_hash_hmac_md5 = { 340 CRYPTO_MD5_HMAC, "HMAC-MD5", 341 16, MD5_HASH_LEN, MD5_HMAC_BLOCK_LEN, sizeof(MD5_CTX), 342 (void (*) (void *)) MD5Init, NULL, NULL, 343 MD5Update_int, 344 (void (*) (u_int8_t *, void *)) MD5Final 345 }; 346 347 struct auth_hash auth_hash_hmac_sha1 = { 348 CRYPTO_SHA1_HMAC, "HMAC-SHA1", 349 20, SHA1_HASH_LEN, SHA1_HMAC_BLOCK_LEN, sizeof(SHA1_CTX), 350 SHA1Init_int, NULL, NULL, 351 SHA1Update_int, SHA1Final_int 352 }; 353 354 struct auth_hash auth_hash_hmac_ripemd_160 = { 355 CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 356 20, RIPEMD160_HASH_LEN, RIPEMD160_HMAC_BLOCK_LEN, sizeof(RMD160_CTX), 357 (void (*)(void *)) RMD160Init, NULL, NULL, 358 RMD160Update_int, 359 (void (*)(u_int8_t *, void *)) RMD160Final 360 }; 361 362 struct auth_hash auth_hash_key_md5 = { 363 CRYPTO_MD5_KPDK, "Keyed MD5", 364 0, MD5_KPDK_HASH_LEN, 0, sizeof(MD5_CTX), 365 (void (*)(void *)) MD5Init, NULL, NULL, 366 MD5Update_int, 367 (void (*)(u_int8_t *, void *)) MD5Final 368 }; 369 370 struct auth_hash auth_hash_key_sha1 = { 371 CRYPTO_SHA1_KPDK, "Keyed SHA1", 372 0, SHA1_KPDK_HASH_LEN, 0, sizeof(SHA1_CTX), 373 SHA1Init_int, NULL, NULL, 374 SHA1Update_int, SHA1Final_int 375 }; 376 377 struct auth_hash auth_hash_hmac_sha2_256 = { 378 CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256", 379 32, SHA2_256_HASH_LEN, SHA2_256_HMAC_BLOCK_LEN, sizeof(SHA256_CTX), 380 (void (*)(void *)) SHA256_Init, NULL, NULL, 381 SHA256Update_int, 382 (void (*)(u_int8_t *, void *)) SHA256_Final 383 }; 384 385 struct auth_hash auth_hash_hmac_sha2_384 = { 386 CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384", 387 48, SHA2_384_HASH_LEN, SHA2_384_HMAC_BLOCK_LEN, sizeof(SHA384_CTX), 388 (void (*)(void *)) SHA384_Init, NULL, NULL, 389 SHA384Update_int, 390 (void (*)(u_int8_t *, void *)) SHA384_Final 391 }; 392 393 struct auth_hash auth_hash_hmac_sha2_512 = { 394 CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512", 395 64, SHA2_512_HASH_LEN, SHA2_512_HMAC_BLOCK_LEN, sizeof(SHA512_CTX), 396 (void (*)(void *)) SHA512_Init, NULL, NULL, 397 SHA512Update_int, 398 (void (*)(u_int8_t *, void *)) SHA512_Final 399 }; 400 401 struct auth_hash auth_hash_gmac_aes_128 = { 402 CRYPTO_AES_128_GMAC, "GMAC-AES-128", 403 16+4, 16, 16, sizeof(AES_GMAC_CTX), 404 (void (*)(void *)) AES_GMAC_Init, 405 (void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey, 406 (void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit, 407 (int (*)(void *, u_int8_t *, u_int16_t)) AES_GMAC_Update, 408 (void (*)(u_int8_t *, void *)) AES_GMAC_Final 409 }; 410 411 struct auth_hash auth_hash_gmac_aes_192 = { 412 CRYPTO_AES_192_GMAC, "GMAC-AES-192", 413 24+4, 16, 16, sizeof(AES_GMAC_CTX), 414 (void (*)(void *)) AES_GMAC_Init, 415 (void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey, 416 (void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit, 417 (int (*)(void *, u_int8_t *, u_int16_t)) AES_GMAC_Update, 418 (void (*)(u_int8_t *, void *)) AES_GMAC_Final 419 }; 420 421 struct auth_hash auth_hash_gmac_aes_256 = { 422 CRYPTO_AES_256_GMAC, "GMAC-AES-256", 423 32+4, 16, 16, sizeof(AES_GMAC_CTX), 424 (void (*)(void *)) AES_GMAC_Init, 425 (void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Setkey, 426 (void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit, 427 (int (*)(void *, u_int8_t *, u_int16_t)) AES_GMAC_Update, 428 (void (*)(u_int8_t *, void *)) AES_GMAC_Final 429 }; 430 431 /* Compression instance */ 432 struct comp_algo comp_algo_deflate = { 433 CRYPTO_DEFLATE_COMP, "Deflate", 434 90, deflate_compress, 435 deflate_decompress 436 }; 437 438 /* 439 * Encryption wrapper routines. 440 */ 441 static void 442 null_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 443 { 444 } 445 static void 446 null_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 447 { 448 } 449 static int 450 null_setkey(u_int8_t **sched, u_int8_t *key, int len) 451 { 452 *sched = NULL; 453 return 0; 454 } 455 static void 456 null_zerokey(u_int8_t **sched) 457 { 458 *sched = NULL; 459 } 460 461 static void 462 des1_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 463 { 464 des_cblock *cb = (des_cblock *) blk; 465 des_key_schedule *p = (des_key_schedule *) key; 466 467 des_ecb_encrypt(cb, cb, p[0], DES_ENCRYPT); 468 } 469 470 static void 471 des1_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 472 { 473 des_cblock *cb = (des_cblock *) blk; 474 des_key_schedule *p = (des_key_schedule *) key; 475 476 des_ecb_encrypt(cb, cb, p[0], DES_DECRYPT); 477 } 478 479 static int 480 des1_setkey(u_int8_t **sched, u_int8_t *key, int len) 481 { 482 des_key_schedule *p; 483 int err; 484 485 p = kmalloc(sizeof (des_key_schedule), 486 M_CRYPTO_DATA, M_INTWAIT | M_ZERO); 487 if (p != NULL) { 488 des_set_key((des_cblock *) key, p[0]); 489 err = 0; 490 } else 491 err = ENOMEM; 492 *sched = (u_int8_t *) p; 493 return err; 494 } 495 496 static void 497 des1_zerokey(u_int8_t **sched) 498 { 499 bzero(*sched, sizeof (des_key_schedule)); 500 kfree(*sched, M_CRYPTO_DATA); 501 *sched = NULL; 502 } 503 504 static void 505 des3_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 506 { 507 des_cblock *cb = (des_cblock *) blk; 508 des_key_schedule *p = (des_key_schedule *) key; 509 510 des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_ENCRYPT); 511 } 512 513 static void 514 des3_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 515 { 516 des_cblock *cb = (des_cblock *) blk; 517 des_key_schedule *p = (des_key_schedule *) key; 518 519 des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_DECRYPT); 520 } 521 522 static int 523 des3_setkey(u_int8_t **sched, u_int8_t *key, int len) 524 { 525 des_key_schedule *p; 526 int err; 527 528 p = kmalloc(3 * sizeof(des_key_schedule), 529 M_CRYPTO_DATA, M_INTWAIT | M_ZERO); 530 if (p != NULL) { 531 des_set_key((des_cblock *)(key + 0), p[0]); 532 des_set_key((des_cblock *)(key + 8), p[1]); 533 des_set_key((des_cblock *)(key + 16), p[2]); 534 err = 0; 535 } else 536 err = ENOMEM; 537 *sched = (u_int8_t *) p; 538 return err; 539 } 540 541 static void 542 des3_zerokey(u_int8_t **sched) 543 { 544 bzero(*sched, 3*sizeof (des_key_schedule)); 545 kfree(*sched, M_CRYPTO_DATA); 546 *sched = NULL; 547 } 548 549 static void 550 blf_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 551 { 552 BF_LONG t[2]; 553 554 memcpy(t, blk, sizeof (t)); 555 t[0] = ntohl(t[0]); 556 t[1] = ntohl(t[1]); 557 /* NB: BF_encrypt expects the block in host order! */ 558 BF_encrypt(t, (BF_KEY *) key); 559 t[0] = htonl(t[0]); 560 t[1] = htonl(t[1]); 561 memcpy(blk, t, sizeof (t)); 562 } 563 564 static void 565 blf_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 566 { 567 BF_LONG t[2]; 568 569 memcpy(t, blk, sizeof (t)); 570 t[0] = ntohl(t[0]); 571 t[1] = ntohl(t[1]); 572 /* NB: BF_decrypt expects the block in host order! */ 573 BF_decrypt(t, (BF_KEY *) key); 574 t[0] = htonl(t[0]); 575 t[1] = htonl(t[1]); 576 memcpy(blk, t, sizeof (t)); 577 } 578 579 static int 580 blf_setkey(u_int8_t **sched, u_int8_t *key, int len) 581 { 582 int err; 583 584 *sched = kmalloc(sizeof(BF_KEY), M_CRYPTO_DATA, M_INTWAIT | M_ZERO); 585 if (*sched != NULL) { 586 BF_set_key((BF_KEY *) *sched, len, key); 587 err = 0; 588 } else 589 err = ENOMEM; 590 return err; 591 } 592 593 static void 594 blf_zerokey(u_int8_t **sched) 595 { 596 bzero(*sched, sizeof(BF_KEY)); 597 kfree(*sched, M_CRYPTO_DATA); 598 *sched = NULL; 599 } 600 601 static void 602 cast5_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 603 { 604 cast_encrypt((cast_key *) key, blk, blk); 605 } 606 607 static void 608 cast5_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 609 { 610 cast_decrypt((cast_key *) key, blk, blk); 611 } 612 613 static int 614 cast5_setkey(u_int8_t **sched, u_int8_t *key, int len) 615 { 616 int err; 617 618 *sched = kmalloc(sizeof(cast_key), M_CRYPTO_DATA, M_INTWAIT | M_ZERO); 619 if (*sched != NULL) { 620 cast_setkey((cast_key *)*sched, key, len); 621 err = 0; 622 } else 623 err = ENOMEM; 624 return err; 625 } 626 627 static void 628 cast5_zerokey(u_int8_t **sched) 629 { 630 bzero(*sched, sizeof(cast_key)); 631 kfree(*sched, M_CRYPTO_DATA); 632 *sched = NULL; 633 } 634 635 static void 636 skipjack_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 637 { 638 skipjack_forwards(blk, blk, (u_int8_t **) key); 639 } 640 641 static void 642 skipjack_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 643 { 644 skipjack_backwards(blk, blk, (u_int8_t **) key); 645 } 646 647 static int 648 skipjack_setkey(u_int8_t **sched, u_int8_t *key, int len) 649 { 650 int err; 651 652 /* NB: allocate all the memory that's needed at once */ 653 *sched = kmalloc(10 * (sizeof(u_int8_t *) + 0x100), 654 M_CRYPTO_DATA, M_INTWAIT | M_ZERO); 655 if (*sched != NULL) { 656 u_int8_t** key_tables = (u_int8_t**) *sched; 657 u_int8_t* table = (u_int8_t*) &key_tables[10]; 658 int k; 659 660 for (k = 0; k < 10; k++) { 661 key_tables[k] = table; 662 table += 0x100; 663 } 664 subkey_table_gen(key, (u_int8_t **) *sched); 665 err = 0; 666 } else 667 err = ENOMEM; 668 return err; 669 } 670 671 static void 672 skipjack_zerokey(u_int8_t **sched) 673 { 674 bzero(*sched, 10 * (sizeof(u_int8_t *) + 0x100)); 675 kfree(*sched, M_CRYPTO_DATA); 676 *sched = NULL; 677 } 678 679 static void 680 rijndael128_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 681 { 682 rijndael_encrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); 683 } 684 685 static void 686 rijndael128_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 687 { 688 rijndael_decrypt(((rijndael_ctx *) key), (u_char *) blk, 689 (u_char *) blk); 690 } 691 692 static int 693 rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len) 694 { 695 int err; 696 697 if (len != 16 && len != 24 && len != 32) 698 return (EINVAL); 699 *sched = kmalloc(sizeof(rijndael_ctx), M_CRYPTO_DATA, 700 M_INTWAIT | M_ZERO); 701 if (*sched != NULL) { 702 rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key, 703 len * 8); 704 err = 0; 705 } else 706 err = ENOMEM; 707 return err; 708 } 709 710 static void 711 rijndael128_zerokey(u_int8_t **sched) 712 { 713 bzero(*sched, sizeof(rijndael_ctx)); 714 kfree(*sched, M_CRYPTO_DATA); 715 *sched = NULL; 716 } 717 718 #define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */ 719 720 struct aes_xts_ctx { 721 rijndael_ctx key1; 722 rijndael_ctx key2; 723 }; 724 725 void 726 aes_xts_reinit(caddr_t key, u_int8_t *iv) 727 { 728 struct aes_xts_ctx *ctx = (struct aes_xts_ctx *)key; 729 #if 0 730 u_int64_t blocknum; 731 u_int i; 732 #endif 733 734 #if 0 735 /* 736 * Prepare tweak as E_k2(IV). IV is specified as LE representation 737 * of a 64-bit block number which we allow to be passed in directly. 738 */ 739 /* XXX: possibly use htole64? */ 740 #endif 741 /* Last 64 bits of IV are always zero */ 742 bzero(iv + AES_XTS_IV_LEN, AES_XTS_IV_LEN); 743 744 rijndael_encrypt(&ctx->key2, iv, iv); 745 } 746 747 void 748 aes_xts_crypt(struct aes_xts_ctx *ctx, u_int8_t *data, u_int8_t *iv, u_int do_encrypt) 749 { 750 u_int8_t block[AES_XTS_BLOCK_LEN]; 751 u_int i, carry_in, carry_out; 752 753 for (i = 0; i < AES_XTS_BLOCK_LEN; i++) 754 block[i] = data[i] ^ iv[i]; 755 756 if (do_encrypt) 757 rijndael_encrypt(&ctx->key1, block, data); 758 else 759 rijndael_decrypt(&ctx->key1, block, data); 760 761 for (i = 0; i < AES_XTS_BLOCK_LEN; i++) 762 data[i] ^= iv[i]; 763 764 /* Exponentiate tweak */ 765 carry_in = 0; 766 for (i = 0; i < AES_XTS_BLOCK_LEN; i++) { 767 carry_out = iv[i] & 0x80; 768 iv[i] = (iv[i] << 1) | (carry_in ? 1 : 0); 769 carry_in = carry_out; 770 } 771 if (carry_in) 772 iv[0] ^= AES_XTS_ALPHA; 773 bzero(block, sizeof(block)); 774 } 775 776 void 777 aes_xts_encrypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 778 { 779 aes_xts_crypt((struct aes_xts_ctx *)key, data, iv, 1); 780 } 781 782 void 783 aes_xts_decrypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 784 { 785 aes_xts_crypt((struct aes_xts_ctx *)key, data, iv, 0); 786 } 787 788 int 789 aes_xts_setkey(u_int8_t **sched, u_int8_t *key, int len) 790 { 791 struct aes_xts_ctx *ctx; 792 793 if (len != 32 && len != 64) 794 return -1; 795 796 *sched = kmalloc(sizeof(struct aes_xts_ctx), M_CRYPTO_DATA, 797 M_WAITOK | M_ZERO); 798 ctx = (struct aes_xts_ctx *)*sched; 799 800 rijndael_set_key(&ctx->key1, key, len * 4); 801 rijndael_set_key(&ctx->key2, key + (len / 2), len * 4); 802 803 return 0; 804 } 805 806 void 807 aes_xts_zerokey(u_int8_t **sched) 808 { 809 bzero(*sched, sizeof(struct aes_xts_ctx)); 810 kfree(*sched, M_CRYPTO_DATA); 811 *sched = NULL; 812 } 813 814 #define AESCTR_NONCESIZE 4 815 816 struct aes_ctr_ctx { 817 u_int32_t ac_ek[4*(14 + 1)]; 818 u_int8_t ac_block[AESCTR_BLOCK_LEN]; 819 int ac_nr; 820 }; 821 822 void 823 aes_ctr_reinit(caddr_t key, u_int8_t *iv) 824 { 825 struct aes_ctr_ctx *ctx; 826 827 ctx = (struct aes_ctr_ctx *)key; 828 bcopy(iv, iv + AESCTR_NONCESIZE, AESCTR_IV_LEN); 829 bcopy(ctx->ac_block, iv, AESCTR_NONCESIZE); 830 831 /* reset counter */ 832 bzero(iv + AESCTR_NONCESIZE + AESCTR_IV_LEN, 4); 833 } 834 835 void 836 aes_ctr_crypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 837 { 838 struct aes_ctr_ctx *ctx; 839 u_int8_t keystream[AESCTR_BLOCK_LEN]; 840 int i; 841 842 ctx = (struct aes_ctr_ctx *)key; 843 /* increment counter */ 844 for (i = AESCTR_BLOCK_LEN - 1; 845 i >= AESCTR_NONCESIZE + AESCTR_IV_LEN; i--) 846 if (++iv[i]) /* continue on overflow */ 847 break; 848 rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, iv, keystream); 849 for (i = 0; i < AESCTR_BLOCK_LEN; i++) 850 data[i] ^= keystream[i]; 851 bzero(keystream, sizeof(keystream)); 852 } 853 854 int 855 aes_ctr_setkey(u_int8_t **sched, u_int8_t *key, int len) 856 { 857 struct aes_ctr_ctx *ctx; 858 859 if (len < AESCTR_NONCESIZE) 860 return -1; 861 862 *sched = kmalloc(sizeof(struct aes_ctr_ctx), M_CRYPTO_DATA, 863 M_WAITOK | M_ZERO); 864 ctx = (struct aes_ctr_ctx *)*sched; 865 ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, (u_char *)key, 866 (len - AESCTR_NONCESIZE) * 8); 867 if (ctx->ac_nr == 0) { 868 aes_ctr_zerokey(sched); 869 return -1; 870 } 871 bcopy(key + len - AESCTR_NONCESIZE, ctx->ac_block, AESCTR_NONCESIZE); 872 return 0; 873 } 874 875 void 876 aes_ctr_zerokey(u_int8_t **sched) 877 { 878 bzero(*sched, sizeof(struct aes_ctr_ctx)); 879 kfree(*sched, M_CRYPTO_DATA); 880 *sched = NULL; 881 } 882 883 static void 884 aes_gcm_reinit(caddr_t key, u_int8_t *iv) 885 { 886 struct aes_ctr_ctx *ctx; 887 888 ctx = (struct aes_ctr_ctx *)key; 889 bcopy(iv, ctx->ac_block + AESCTR_NONCESIZE, AESCTR_IV_LEN); 890 891 /* reset counter */ 892 bzero(ctx->ac_block + AESCTR_NONCESIZE + AESCTR_IV_LEN, 4); 893 ctx->ac_block[AESCTR_BLOCK_LEN - 1] = 1; /* GCM starts with 1 */ 894 } 895 896 static void 897 cml_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 898 { 899 camellia_encrypt((camellia_ctx *) key, (u_char *) blk, (u_char *) blk); 900 } 901 902 static void 903 cml_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 904 { 905 camellia_decrypt(((camellia_ctx *) key), (u_char *) blk, 906 (u_char *) blk); 907 } 908 909 static int 910 cml_setkey(u_int8_t **sched, u_int8_t *key, int len) 911 { 912 int err; 913 914 if (len != 16 && len != 24 && len != 32) 915 return (EINVAL); 916 *sched = kmalloc(sizeof(camellia_ctx), M_CRYPTO_DATA, 917 M_INTWAIT | M_ZERO); 918 if (*sched != NULL) { 919 camellia_set_key((camellia_ctx *) *sched, (u_char *) key, 920 len * 8); 921 err = 0; 922 } else 923 err = ENOMEM; 924 return err; 925 } 926 927 static void 928 cml_zerokey(u_int8_t **sched) 929 { 930 bzero(*sched, sizeof(camellia_ctx)); 931 kfree(*sched, M_CRYPTO_DATA); 932 *sched = NULL; 933 } 934 935 static void 936 twofish128_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 937 { 938 twofish_encrypt((twofish_ctx *) key, blk, blk); 939 } 940 941 static void 942 twofish128_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 943 { 944 twofish_decrypt(((twofish_ctx *) key), blk, blk); 945 } 946 947 static int 948 twofish128_setkey(u_int8_t **sched, u_int8_t *key, int len) 949 { 950 int err; 951 952 if (len != 16 && len != 24 && len != 32) 953 return (EINVAL); 954 *sched = kmalloc(sizeof(twofish_ctx), M_CRYPTO_DATA, 955 M_INTWAIT | M_ZERO); 956 if (*sched != NULL) { 957 twofish_set_key((twofish_ctx *) *sched, key, len * 8); 958 err = 0; 959 } else 960 err = ENOMEM; 961 return err; 962 } 963 964 static void 965 twofish128_zerokey(u_int8_t **sched) 966 { 967 bzero(*sched, sizeof(twofish_ctx)); 968 kfree(*sched, M_CRYPTO_DATA); 969 *sched = NULL; 970 } 971 972 static void 973 serpent128_encrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 974 { 975 serpent_encrypt((serpent_ctx *) key, blk, blk); 976 } 977 978 static void 979 serpent128_decrypt(caddr_t key, u_int8_t *blk, u_int8_t *iv) 980 { 981 serpent_decrypt(((serpent_ctx *) key), blk, blk); 982 } 983 984 static int 985 serpent128_setkey(u_int8_t **sched, u_int8_t *key, int len) 986 { 987 int err; 988 989 if (len != 16 && len != 24 && len != 32) 990 return (EINVAL); 991 *sched = kmalloc(sizeof(serpent_ctx), M_CRYPTO_DATA, 992 M_INTWAIT | M_ZERO); 993 if (*sched != NULL) { 994 serpent_set_key((serpent_ctx *) *sched, key, len * 8); 995 err = 0; 996 } else 997 err = ENOMEM; 998 return err; 999 } 1000 1001 static void 1002 serpent128_zerokey(u_int8_t **sched) 1003 { 1004 bzero(*sched, sizeof(serpent_ctx)); 1005 kfree(*sched, M_CRYPTO_DATA); 1006 *sched = NULL; 1007 } 1008 1009 1010 struct twofish_xts_ctx { 1011 twofish_ctx key1; 1012 twofish_ctx key2; 1013 }; 1014 1015 void 1016 twofish_xts_reinit(caddr_t key, u_int8_t *iv) 1017 { 1018 struct twofish_xts_ctx *ctx = (struct twofish_xts_ctx *)key; 1019 #if 0 1020 u_int64_t blocknum; 1021 #endif 1022 1023 #if 0 1024 /* 1025 * Prepare tweak as E_k2(IV). IV is specified as LE representation 1026 * of a 64-bit block number which we allow to be passed in directly. 1027 */ 1028 /* XXX: possibly use htole64? */ 1029 #endif 1030 /* Last 64 bits of IV are always zero */ 1031 bzero(iv + TWOFISH_XTS_IV_LEN, TWOFISH_XTS_IV_LEN); 1032 1033 twofish_encrypt(&ctx->key2, iv, iv); 1034 } 1035 1036 void 1037 twofish_xts_crypt(struct twofish_xts_ctx *ctx, u_int8_t *data, u_int8_t *iv, 1038 u_int do_encrypt) 1039 { 1040 u_int8_t block[TWOFISH_XTS_BLOCK_LEN]; 1041 u_int i, carry_in, carry_out; 1042 1043 for (i = 0; i < TWOFISH_XTS_BLOCK_LEN; i++) 1044 block[i] = data[i] ^ iv[i]; 1045 1046 if (do_encrypt) 1047 twofish_encrypt(&ctx->key1, block, data); 1048 else 1049 twofish_decrypt(&ctx->key1, block, data); 1050 1051 for (i = 0; i < TWOFISH_XTS_BLOCK_LEN; i++) 1052 data[i] ^= iv[i]; 1053 1054 /* Exponentiate tweak */ 1055 carry_in = 0; 1056 for (i = 0; i < TWOFISH_XTS_BLOCK_LEN; i++) { 1057 carry_out = iv[i] & 0x80; 1058 iv[i] = (iv[i] << 1) | (carry_in ? 1 : 0); 1059 carry_in = carry_out; 1060 } 1061 if (carry_in) 1062 iv[0] ^= AES_XTS_ALPHA; 1063 bzero(block, sizeof(block)); 1064 } 1065 1066 void 1067 twofish_xts_encrypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 1068 { 1069 twofish_xts_crypt((struct twofish_xts_ctx *)key, data, iv, 1); 1070 } 1071 1072 void 1073 twofish_xts_decrypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 1074 { 1075 twofish_xts_crypt((struct twofish_xts_ctx *)key, data, iv, 0); 1076 } 1077 1078 int 1079 twofish_xts_setkey(u_int8_t **sched, u_int8_t *key, int len) 1080 { 1081 struct twofish_xts_ctx *ctx; 1082 1083 if (len != 32 && len != 64) 1084 return -1; 1085 1086 *sched = kmalloc(sizeof(struct twofish_xts_ctx), M_CRYPTO_DATA, 1087 M_WAITOK | M_ZERO); 1088 ctx = (struct twofish_xts_ctx *)*sched; 1089 1090 twofish_set_key(&ctx->key1, key, len * 4); 1091 twofish_set_key(&ctx->key2, key + (len / 2), len * 4); 1092 1093 return 0; 1094 } 1095 1096 void 1097 twofish_xts_zerokey(u_int8_t **sched) 1098 { 1099 bzero(*sched, sizeof(struct twofish_xts_ctx)); 1100 kfree(*sched, M_CRYPTO_DATA); 1101 *sched = NULL; 1102 } 1103 1104 struct serpent_xts_ctx { 1105 serpent_ctx key1; 1106 serpent_ctx key2; 1107 }; 1108 1109 void 1110 serpent_xts_reinit(caddr_t key, u_int8_t *iv) 1111 { 1112 struct serpent_xts_ctx *ctx = (struct serpent_xts_ctx *)key; 1113 #if 0 1114 u_int64_t blocknum; 1115 u_int i; 1116 #endif 1117 1118 #if 0 1119 /* 1120 * Prepare tweak as E_k2(IV). IV is specified as LE representation 1121 * of a 64-bit block number which we allow to be passed in directly. 1122 */ 1123 /* XXX: possibly use htole64? */ 1124 #endif 1125 /* Last 64 bits of IV are always zero */ 1126 bzero(iv + SERPENT_XTS_IV_LEN, SERPENT_XTS_IV_LEN); 1127 1128 serpent_encrypt(&ctx->key2, iv, iv); 1129 } 1130 1131 void 1132 serpent_xts_crypt(struct serpent_xts_ctx *ctx, u_int8_t *data, u_int8_t *iv, 1133 u_int do_encrypt) 1134 { 1135 u_int8_t block[SERPENT_XTS_BLOCK_LEN]; 1136 u_int i, carry_in, carry_out; 1137 1138 for (i = 0; i < SERPENT_XTS_BLOCK_LEN; i++) 1139 block[i] = data[i] ^ iv[i]; 1140 1141 if (do_encrypt) 1142 serpent_encrypt(&ctx->key1, block, data); 1143 else 1144 serpent_decrypt(&ctx->key1, block, data); 1145 1146 for (i = 0; i < SERPENT_XTS_BLOCK_LEN; i++) 1147 data[i] ^= iv[i]; 1148 1149 /* Exponentiate tweak */ 1150 carry_in = 0; 1151 for (i = 0; i < SERPENT_XTS_BLOCK_LEN; i++) { 1152 carry_out = iv[i] & 0x80; 1153 iv[i] = (iv[i] << 1) | (carry_in ? 1 : 0); 1154 carry_in = carry_out; 1155 } 1156 if (carry_in) 1157 iv[0] ^= AES_XTS_ALPHA; 1158 bzero(block, sizeof(block)); 1159 } 1160 1161 void 1162 serpent_xts_encrypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 1163 { 1164 serpent_xts_crypt((struct serpent_xts_ctx *)key, data, iv, 1); 1165 } 1166 1167 void 1168 serpent_xts_decrypt(caddr_t key, u_int8_t *data, u_int8_t *iv) 1169 { 1170 serpent_xts_crypt((struct serpent_xts_ctx *)key, data, iv, 0); 1171 } 1172 1173 int 1174 serpent_xts_setkey(u_int8_t **sched, u_int8_t *key, int len) 1175 { 1176 struct serpent_xts_ctx *ctx; 1177 1178 if (len != 32 && len != 64) 1179 return -1; 1180 1181 *sched = kmalloc(sizeof(struct serpent_xts_ctx), M_CRYPTO_DATA, 1182 M_WAITOK | M_ZERO); 1183 ctx = (struct serpent_xts_ctx *)*sched; 1184 1185 serpent_set_key(&ctx->key1, key, len * 4); 1186 serpent_set_key(&ctx->key2, key + (len / 2), len * 4); 1187 1188 return 0; 1189 } 1190 1191 void 1192 serpent_xts_zerokey(u_int8_t **sched) 1193 { 1194 bzero(*sched, sizeof(struct serpent_xts_ctx)); 1195 kfree(*sched, M_CRYPTO_DATA); 1196 *sched = NULL; 1197 } 1198 1199 1200 /* 1201 * And now for auth. 1202 */ 1203 1204 static void 1205 null_init(void *ctx) 1206 { 1207 } 1208 1209 static int 1210 null_update(void *ctx, u_int8_t *buf, u_int16_t len) 1211 { 1212 return 0; 1213 } 1214 1215 static void 1216 null_final(u_int8_t *buf, void *ctx) 1217 { 1218 if (buf != NULL) 1219 bzero(buf, 12); 1220 } 1221 1222 static int 1223 RMD160Update_int(void *ctx, u_int8_t *buf, u_int16_t len) 1224 { 1225 RMD160Update(ctx, buf, len); 1226 return 0; 1227 } 1228 1229 static int 1230 MD5Update_int(void *ctx, u_int8_t *buf, u_int16_t len) 1231 { 1232 MD5Update(ctx, buf, len); 1233 return 0; 1234 } 1235 1236 static void 1237 SHA1Init_int(void *ctx) 1238 { 1239 SHA1Init(ctx); 1240 } 1241 1242 static int 1243 SHA1Update_int(void *ctx, u_int8_t *buf, u_int16_t len) 1244 { 1245 SHA1Update(ctx, buf, len); 1246 return 0; 1247 } 1248 1249 static void 1250 SHA1Final_int(u_int8_t *blk, void *ctx) 1251 { 1252 SHA1Final(blk, ctx); 1253 } 1254 1255 static int 1256 SHA256Update_int(void *ctx, u_int8_t *buf, u_int16_t len) 1257 { 1258 SHA256_Update(ctx, buf, len); 1259 return 0; 1260 } 1261 1262 static int 1263 SHA384Update_int(void *ctx, u_int8_t *buf, u_int16_t len) 1264 { 1265 SHA384_Update(ctx, buf, len); 1266 return 0; 1267 } 1268 1269 static int 1270 SHA512Update_int(void *ctx, u_int8_t *buf, u_int16_t len) 1271 { 1272 SHA512_Update(ctx, buf, len); 1273 return 0; 1274 } 1275 1276 /* 1277 * And compression 1278 */ 1279 1280 static u_int32_t 1281 deflate_compress(u_int8_t *data, u_int32_t size, u_int8_t **out) 1282 { 1283 return deflate_global(data, size, 0, out); 1284 } 1285 1286 static u_int32_t 1287 deflate_decompress(u_int8_t *data, u_int32_t size, u_int8_t **out) 1288 { 1289 return deflate_global(data, size, 1, out); 1290 } 1291