1 /* $NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $ */ 2 /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */ 3 /* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */ 4 5 /* 6 * The authors of this code are John Ioannidis (ji@tla.org), 7 * Angelos D. Keromytis (kermit@csd.uch.gr) and 8 * Niels Provos (provos@physnet.uni-hamburg.de). 9 * 10 * This code was written by John Ioannidis for BSD/OS in Athens, Greece, 11 * in November 1995. 12 * 13 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, 14 * by Angelos D. Keromytis. 15 * 16 * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis 17 * and Niels Provos. 18 * 19 * Additional features in 1999 by Angelos D. Keromytis. 20 * 21 * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, 22 * Angelos D. Keromytis and Niels Provos. 23 * 24 * Copyright (C) 2001, Angelos D. Keromytis. 25 * 26 * Permission to use, copy, and modify this software with or without fee 27 * is hereby granted, provided that this entire notice is included in 28 * all copies of any software which is or includes a copy or 29 * modification of this software. 30 * You may use this code under the GNU public license if you so wish. Please 31 * contribute changes back to the authors under this freer than GPL license 32 * so that we may further the use of strong encryption without limitations to 33 * all. 34 * 35 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 36 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 37 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 38 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 39 * PURPOSE. 40 */ 41 42 #include <sys/cdefs.h> 43 __KERNEL_RCSID(0, "$NetBSD: xform.c,v 1.18 2009/03/25 01:26:13 darran Exp $"); 44 45 #include <sys/param.h> 46 #include <sys/malloc.h> 47 48 #include <opencrypto/cryptodev.h> 49 #include <opencrypto/xform.h> 50 51 MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); 52 53 const u_int8_t hmac_ipad_buffer[64] = { 54 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 55 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 56 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 57 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 58 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 59 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 60 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 61 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 62 }; 63 64 const u_int8_t hmac_opad_buffer[64] = { 65 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 66 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 67 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 68 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 69 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 70 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 71 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 72 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C, 0x5C 73 }; 74 75 /* Encryption instances */ 76 struct enc_xform enc_xform_null = { 77 CRYPTO_NULL_CBC, "NULL", 78 /* NB: blocksize of 4 is to generate a properly aligned ESP header */ 79 4, 0, 256 /* 2048 bits, max key */ 80 }; 81 82 struct enc_xform enc_xform_des = { 83 CRYPTO_DES_CBC, "DES", 84 8, 8, 8 85 }; 86 87 struct enc_xform enc_xform_3des = { 88 CRYPTO_3DES_CBC, "3DES", 89 8, 24, 24 90 }; 91 92 struct enc_xform enc_xform_blf = { 93 CRYPTO_BLF_CBC, "Blowfish", 94 8, 5, 56 /* 448 bits, max key */ 95 }; 96 97 struct enc_xform enc_xform_cast5 = { 98 CRYPTO_CAST_CBC, "CAST-128", 99 8, 5, 16 100 }; 101 102 struct enc_xform enc_xform_skipjack = { 103 CRYPTO_SKIPJACK_CBC, "Skipjack", 104 8, 10, 10 105 }; 106 107 struct enc_xform enc_xform_rijndael128 = { 108 CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES", 109 16, 8, 32 110 }; 111 112 struct enc_xform enc_xform_arc4 = { 113 CRYPTO_ARC4, "ARC4", 114 1, 1, 32 115 }; 116 117 /* Authentication instances */ 118 struct auth_hash auth_hash_null = { 119 CRYPTO_NULL_HMAC, "NULL-HMAC", 120 0, 0, 12, sizeof(int) /* NB: context isn't used */ 121 }; 122 123 struct auth_hash auth_hash_hmac_md5 = { 124 CRYPTO_MD5_HMAC, "HMAC-MD5", 125 16, 16, 16, sizeof(MD5_CTX) 126 }; 127 128 struct auth_hash auth_hash_hmac_sha1 = { 129 CRYPTO_SHA1_HMAC, "HMAC-SHA1", 130 20, 20, 20, sizeof(SHA1_CTX) 131 }; 132 133 struct auth_hash auth_hash_hmac_ripemd_160 = { 134 CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160", 135 20, 20, 20, sizeof(RMD160_CTX) 136 }; 137 138 struct auth_hash auth_hash_hmac_md5_96 = { 139 CRYPTO_MD5_HMAC_96, "HMAC-MD5-96", 140 16, 16, 12, sizeof(MD5_CTX) 141 }; 142 143 struct auth_hash auth_hash_hmac_sha1_96 = { 144 CRYPTO_SHA1_HMAC_96, "HMAC-SHA1-96", 145 20, 20, 12, sizeof(SHA1_CTX) 146 }; 147 148 struct auth_hash auth_hash_hmac_ripemd_160_96 = { 149 CRYPTO_RIPEMD160_HMAC_96, "HMAC-RIPEMD-160", 150 20, 20, 12, sizeof(RMD160_CTX) 151 }; 152 153 struct auth_hash auth_hash_key_md5 = { 154 CRYPTO_MD5_KPDK, "Keyed MD5", 155 0, 16, 16, sizeof(MD5_CTX) 156 }; 157 158 struct auth_hash auth_hash_key_sha1 = { 159 CRYPTO_SHA1_KPDK, "Keyed SHA1", 160 0, 20, 20, sizeof(SHA1_CTX) 161 }; 162 163 struct auth_hash auth_hash_md5 = { 164 CRYPTO_MD5, "MD5", 165 0, 16, 16, sizeof(MD5_CTX) 166 }; 167 168 struct auth_hash auth_hash_sha1 = { 169 CRYPTO_SHA1, "SHA1", 170 0, 20, 20, sizeof(SHA1_CTX) 171 }; 172 173 struct auth_hash auth_hash_hmac_sha2_256 = { 174 CRYPTO_SHA2_HMAC, "HMAC-SHA2", 175 32, 32, 12, sizeof(SHA256_CTX) 176 }; 177 178 struct auth_hash auth_hash_hmac_sha2_384 = { 179 CRYPTO_SHA2_HMAC, "HMAC-SHA2-384", 180 48, 48, 12, sizeof(SHA384_CTX) 181 }; 182 183 struct auth_hash auth_hash_hmac_sha2_512 = { 184 CRYPTO_SHA2_HMAC, "HMAC-SHA2-512", 185 64, 64, 12, sizeof(SHA512_CTX) 186 }; 187 188 /* Compression instance */ 189 struct comp_algo comp_algo_deflate = { 190 CRYPTO_DEFLATE_COMP, "Deflate", 191 90 192 }; 193 194 struct comp_algo comp_algo_gzip = { 195 CRYPTO_GZIP_COMP, "GZIP", 196 90 197 }; 198