| @@ -1,40 +1,40 @@ | | | @@ -1,40 +1,40 @@ |
1 | /* $NetBSD: cryptosoft.c,v 1.47 2015/08/20 14:40:19 christos Exp $ */ | | 1 | /* $NetBSD: cryptosoft.c,v 1.48 2017/04/13 01:24:34 ozaki-r Exp $ */ |
2 | /* $FreeBSD: src/sys/opencrypto/cryptosoft.c,v 1.2.2.1 2002/11/21 23:34:23 sam Exp $ */ | | 2 | /* $FreeBSD: src/sys/opencrypto/cryptosoft.c,v 1.2.2.1 2002/11/21 23:34:23 sam Exp $ */ |
3 | /* $OpenBSD: cryptosoft.c,v 1.35 2002/04/26 08:43:50 deraadt Exp $ */ | | 3 | /* $OpenBSD: cryptosoft.c,v 1.35 2002/04/26 08:43:50 deraadt Exp $ */ |
4 | | | 4 | |
5 | /* | | 5 | /* |
6 | * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) | | 6 | * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) |
7 | * | | 7 | * |
8 | * This code was written by Angelos D. Keromytis in Athens, Greece, in | | 8 | * This code was written by Angelos D. Keromytis in Athens, Greece, in |
9 | * February 2000. Network Security Technologies Inc. (NSTI) kindly | | 9 | * February 2000. Network Security Technologies Inc. (NSTI) kindly |
10 | * supported the development of this code. | | 10 | * supported the development of this code. |
11 | * | | 11 | * |
12 | * Copyright (c) 2000, 2001 Angelos D. Keromytis | | 12 | * Copyright (c) 2000, 2001 Angelos D. Keromytis |
13 | * | | 13 | * |
14 | * Permission to use, copy, and modify this software with or without fee | | 14 | * Permission to use, copy, and modify this software with or without fee |
15 | * is hereby granted, provided that this entire notice is included in | | 15 | * is hereby granted, provided that this entire notice is included in |
16 | * all source code copies of any software which is or includes a copy or | | 16 | * all source code copies of any software which is or includes a copy or |
17 | * modification of this software. | | 17 | * modification of this software. |
18 | * | | 18 | * |
19 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR | | 19 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR |
20 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY | | 20 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY |
21 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE | | 21 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE |
22 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR | | 22 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR |
23 | * PURPOSE. | | 23 | * PURPOSE. |
24 | */ | | 24 | */ |
25 | | | 25 | |
26 | #include <sys/cdefs.h> | | 26 | #include <sys/cdefs.h> |
27 | __KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.47 2015/08/20 14:40:19 christos Exp $"); | | 27 | __KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.48 2017/04/13 01:24:34 ozaki-r Exp $"); |
28 | | | 28 | |
29 | #include <sys/param.h> | | 29 | #include <sys/param.h> |
30 | #include <sys/systm.h> | | 30 | #include <sys/systm.h> |
31 | #include <sys/malloc.h> | | 31 | #include <sys/malloc.h> |
32 | #include <sys/mbuf.h> | | 32 | #include <sys/mbuf.h> |
33 | #include <sys/sysctl.h> | | 33 | #include <sys/sysctl.h> |
34 | #include <sys/errno.h> | | 34 | #include <sys/errno.h> |
35 | #include <sys/cprng.h> | | 35 | #include <sys/cprng.h> |
36 | #include <sys/module.h> | | 36 | #include <sys/module.h> |
37 | #include <sys/device.h> | | 37 | #include <sys/device.h> |
38 | | | 38 | |
39 | #ifdef _KERNEL_OPT | | 39 | #ifdef _KERNEL_OPT |
40 | #include "opt_ocf.h" | | 40 | #include "opt_ocf.h" |
| @@ -938,52 +938,55 @@ swcr_newsession(void *arg, u_int32_t *si | | | @@ -938,52 +938,55 @@ swcr_newsession(void *arg, u_int32_t *si |
938 | cri->cri_klen / 8); | | 938 | cri->cri_klen / 8); |
939 | axf->Update((*swd)->sw_octx, hmac_opad_buffer, | | 939 | axf->Update((*swd)->sw_octx, hmac_opad_buffer, |
940 | axf->auth_hash->blocksize - (cri->cri_klen / 8)); | | 940 | axf->auth_hash->blocksize - (cri->cri_klen / 8)); |
941 | | | 941 | |
942 | for (k = 0; k < cri->cri_klen / 8; k++) | | 942 | for (k = 0; k < cri->cri_klen / 8; k++) |
943 | cri->cri_key[k] ^= HMAC_OPAD_VAL; | | 943 | cri->cri_key[k] ^= HMAC_OPAD_VAL; |
944 | (*swd)->sw_axf = axf; | | 944 | (*swd)->sw_axf = axf; |
945 | break; | | 945 | break; |
946 | | | 946 | |
947 | case CRYPTO_MD5_KPDK: | | 947 | case CRYPTO_MD5_KPDK: |
948 | axf = &swcr_auth_hash_key_md5; | | 948 | axf = &swcr_auth_hash_key_md5; |
949 | goto auth2common; | | 949 | goto auth2common; |
950 | | | 950 | |
951 | case CRYPTO_SHA1_KPDK: | | 951 | case CRYPTO_SHA1_KPDK: { |
| | | 952 | unsigned char digest[SHA1_DIGEST_LENGTH]; |
| | | 953 | CTASSERT(SHA1_DIGEST_LENGTH >= MD5_DIGEST_LENGTH); |
952 | axf = &swcr_auth_hash_key_sha1; | | 954 | axf = &swcr_auth_hash_key_sha1; |
953 | auth2common: | | 955 | auth2common: |
954 | (*swd)->sw_ictx = malloc(axf->ctxsize, | | 956 | (*swd)->sw_ictx = malloc(axf->ctxsize, |
955 | M_CRYPTO_DATA, M_NOWAIT); | | 957 | M_CRYPTO_DATA, M_NOWAIT); |
956 | if ((*swd)->sw_ictx == NULL) { | | 958 | if ((*swd)->sw_ictx == NULL) { |
957 | swcr_freesession(NULL, i); | | 959 | swcr_freesession(NULL, i); |
958 | return ENOBUFS; | | 960 | return ENOBUFS; |
959 | } | | 961 | } |
960 | | | 962 | |
961 | /* Store the key so we can "append" it to the payload */ | | 963 | /* Store the key so we can "append" it to the payload */ |
962 | (*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA, | | 964 | (*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA, |
963 | M_NOWAIT); | | 965 | M_NOWAIT); |
964 | if ((*swd)->sw_octx == NULL) { | | 966 | if ((*swd)->sw_octx == NULL) { |
965 | swcr_freesession(NULL, i); | | 967 | swcr_freesession(NULL, i); |
966 | return ENOBUFS; | | 968 | return ENOBUFS; |
967 | } | | 969 | } |
968 | | | 970 | |
969 | (*swd)->sw_klen = cri->cri_klen / 8; | | 971 | (*swd)->sw_klen = cri->cri_klen / 8; |
970 | memcpy((*swd)->sw_octx, cri->cri_key, cri->cri_klen / 8); | | 972 | memcpy((*swd)->sw_octx, cri->cri_key, cri->cri_klen / 8); |
971 | axf->Init((*swd)->sw_ictx); | | 973 | axf->Init((*swd)->sw_ictx); |
972 | axf->Update((*swd)->sw_ictx, cri->cri_key, | | 974 | axf->Update((*swd)->sw_ictx, cri->cri_key, |
973 | cri->cri_klen / 8); | | 975 | cri->cri_klen / 8); |
974 | axf->Final(NULL, (*swd)->sw_ictx); | | 976 | axf->Final(digest, (*swd)->sw_ictx); |
975 | (*swd)->sw_axf = axf; | | 977 | (*swd)->sw_axf = axf; |
976 | break; | | 978 | break; |
| | | 979 | } |
977 | | | 980 | |
978 | case CRYPTO_MD5: | | 981 | case CRYPTO_MD5: |
979 | axf = &swcr_auth_hash_md5; | | 982 | axf = &swcr_auth_hash_md5; |
980 | goto auth3common; | | 983 | goto auth3common; |
981 | | | 984 | |
982 | case CRYPTO_SHA1: | | 985 | case CRYPTO_SHA1: |
983 | axf = &swcr_auth_hash_sha1; | | 986 | axf = &swcr_auth_hash_sha1; |
984 | auth3common: | | 987 | auth3common: |
985 | (*swd)->sw_ictx = malloc(axf->ctxsize, | | 988 | (*swd)->sw_ictx = malloc(axf->ctxsize, |
986 | M_CRYPTO_DATA, M_NOWAIT); | | 989 | M_CRYPTO_DATA, M_NOWAIT); |
987 | if ((*swd)->sw_ictx == NULL) { | | 990 | if ((*swd)->sw_ictx == NULL) { |
988 | swcr_freesession(NULL, i); | | 991 | swcr_freesession(NULL, i); |
989 | return ENOBUFS; | | 992 | return ENOBUFS; |