| @@ -1,40 +1,40 @@ | | | @@ -1,40 +1,40 @@ |
| 1 | /* $NetBSD: cryptosoft.c,v 1.47 2015/08/20 14:40:19 christos Exp $ */ | | 1 | /* $NetBSD: cryptosoft.c,v 1.48 2017/04/13 01:24:34 ozaki-r Exp $ */ |
| 2 | /* $FreeBSD: src/sys/opencrypto/cryptosoft.c,v 1.2.2.1 2002/11/21 23:34:23 sam Exp $ */ | | 2 | /* $FreeBSD: src/sys/opencrypto/cryptosoft.c,v 1.2.2.1 2002/11/21 23:34:23 sam Exp $ */ |
| 3 | /* $OpenBSD: cryptosoft.c,v 1.35 2002/04/26 08:43:50 deraadt Exp $ */ | | 3 | /* $OpenBSD: cryptosoft.c,v 1.35 2002/04/26 08:43:50 deraadt Exp $ */ |
| 4 | | | 4 | |
| 5 | /* | | 5 | /* |
| 6 | * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) | | 6 | * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) |
| 7 | * | | 7 | * |
| 8 | * This code was written by Angelos D. Keromytis in Athens, Greece, in | | 8 | * This code was written by Angelos D. Keromytis in Athens, Greece, in |
| 9 | * February 2000. Network Security Technologies Inc. (NSTI) kindly | | 9 | * February 2000. Network Security Technologies Inc. (NSTI) kindly |
| 10 | * supported the development of this code. | | 10 | * supported the development of this code. |
| 11 | * | | 11 | * |
| 12 | * Copyright (c) 2000, 2001 Angelos D. Keromytis | | 12 | * Copyright (c) 2000, 2001 Angelos D. Keromytis |
| 13 | * | | 13 | * |
| 14 | * Permission to use, copy, and modify this software with or without fee | | 14 | * Permission to use, copy, and modify this software with or without fee |
| 15 | * is hereby granted, provided that this entire notice is included in | | 15 | * is hereby granted, provided that this entire notice is included in |
| 16 | * all source code copies of any software which is or includes a copy or | | 16 | * all source code copies of any software which is or includes a copy or |
| 17 | * modification of this software. | | 17 | * modification of this software. |
| 18 | * | | 18 | * |
| 19 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR | | 19 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR |
| 20 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY | | 20 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY |
| 21 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE | | 21 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE |
| 22 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR | | 22 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR |
| 23 | * PURPOSE. | | 23 | * PURPOSE. |
| 24 | */ | | 24 | */ |
| 25 | | | 25 | |
| 26 | #include <sys/cdefs.h> | | 26 | #include <sys/cdefs.h> |
| 27 | __KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.47 2015/08/20 14:40:19 christos Exp $"); | | 27 | __KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.48 2017/04/13 01:24:34 ozaki-r Exp $"); |
| 28 | | | 28 | |
| 29 | #include <sys/param.h> | | 29 | #include <sys/param.h> |
| 30 | #include <sys/systm.h> | | 30 | #include <sys/systm.h> |
| 31 | #include <sys/malloc.h> | | 31 | #include <sys/malloc.h> |
| 32 | #include <sys/mbuf.h> | | 32 | #include <sys/mbuf.h> |
| 33 | #include <sys/sysctl.h> | | 33 | #include <sys/sysctl.h> |
| 34 | #include <sys/errno.h> | | 34 | #include <sys/errno.h> |
| 35 | #include <sys/cprng.h> | | 35 | #include <sys/cprng.h> |
| 36 | #include <sys/module.h> | | 36 | #include <sys/module.h> |
| 37 | #include <sys/device.h> | | 37 | #include <sys/device.h> |
| 38 | | | 38 | |
| 39 | #ifdef _KERNEL_OPT | | 39 | #ifdef _KERNEL_OPT |
| 40 | #include "opt_ocf.h" | | 40 | #include "opt_ocf.h" |
| @@ -938,52 +938,55 @@ swcr_newsession(void *arg, u_int32_t *si | | | @@ -938,52 +938,55 @@ swcr_newsession(void *arg, u_int32_t *si |
| 938 | cri->cri_klen / 8); | | 938 | cri->cri_klen / 8); |
| 939 | axf->Update((*swd)->sw_octx, hmac_opad_buffer, | | 939 | axf->Update((*swd)->sw_octx, hmac_opad_buffer, |
| 940 | axf->auth_hash->blocksize - (cri->cri_klen / 8)); | | 940 | axf->auth_hash->blocksize - (cri->cri_klen / 8)); |
| 941 | | | 941 | |
| 942 | for (k = 0; k < cri->cri_klen / 8; k++) | | 942 | for (k = 0; k < cri->cri_klen / 8; k++) |
| 943 | cri->cri_key[k] ^= HMAC_OPAD_VAL; | | 943 | cri->cri_key[k] ^= HMAC_OPAD_VAL; |
| 944 | (*swd)->sw_axf = axf; | | 944 | (*swd)->sw_axf = axf; |
| 945 | break; | | 945 | break; |
| 946 | | | 946 | |
| 947 | case CRYPTO_MD5_KPDK: | | 947 | case CRYPTO_MD5_KPDK: |
| 948 | axf = &swcr_auth_hash_key_md5; | | 948 | axf = &swcr_auth_hash_key_md5; |
| 949 | goto auth2common; | | 949 | goto auth2common; |
| 950 | | | 950 | |
| 951 | case CRYPTO_SHA1_KPDK: | | 951 | case CRYPTO_SHA1_KPDK: { |
| | | 952 | unsigned char digest[SHA1_DIGEST_LENGTH]; |
| | | 953 | CTASSERT(SHA1_DIGEST_LENGTH >= MD5_DIGEST_LENGTH); |
| 952 | axf = &swcr_auth_hash_key_sha1; | | 954 | axf = &swcr_auth_hash_key_sha1; |
| 953 | auth2common: | | 955 | auth2common: |
| 954 | (*swd)->sw_ictx = malloc(axf->ctxsize, | | 956 | (*swd)->sw_ictx = malloc(axf->ctxsize, |
| 955 | M_CRYPTO_DATA, M_NOWAIT); | | 957 | M_CRYPTO_DATA, M_NOWAIT); |
| 956 | if ((*swd)->sw_ictx == NULL) { | | 958 | if ((*swd)->sw_ictx == NULL) { |
| 957 | swcr_freesession(NULL, i); | | 959 | swcr_freesession(NULL, i); |
| 958 | return ENOBUFS; | | 960 | return ENOBUFS; |
| 959 | } | | 961 | } |
| 960 | | | 962 | |
| 961 | /* Store the key so we can "append" it to the payload */ | | 963 | /* Store the key so we can "append" it to the payload */ |
| 962 | (*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA, | | 964 | (*swd)->sw_octx = malloc(cri->cri_klen / 8, M_CRYPTO_DATA, |
| 963 | M_NOWAIT); | | 965 | M_NOWAIT); |
| 964 | if ((*swd)->sw_octx == NULL) { | | 966 | if ((*swd)->sw_octx == NULL) { |
| 965 | swcr_freesession(NULL, i); | | 967 | swcr_freesession(NULL, i); |
| 966 | return ENOBUFS; | | 968 | return ENOBUFS; |
| 967 | } | | 969 | } |
| 968 | | | 970 | |
| 969 | (*swd)->sw_klen = cri->cri_klen / 8; | | 971 | (*swd)->sw_klen = cri->cri_klen / 8; |
| 970 | memcpy((*swd)->sw_octx, cri->cri_key, cri->cri_klen / 8); | | 972 | memcpy((*swd)->sw_octx, cri->cri_key, cri->cri_klen / 8); |
| 971 | axf->Init((*swd)->sw_ictx); | | 973 | axf->Init((*swd)->sw_ictx); |
| 972 | axf->Update((*swd)->sw_ictx, cri->cri_key, | | 974 | axf->Update((*swd)->sw_ictx, cri->cri_key, |
| 973 | cri->cri_klen / 8); | | 975 | cri->cri_klen / 8); |
| 974 | axf->Final(NULL, (*swd)->sw_ictx); | | 976 | axf->Final(digest, (*swd)->sw_ictx); |
| 975 | (*swd)->sw_axf = axf; | | 977 | (*swd)->sw_axf = axf; |
| 976 | break; | | 978 | break; |
| | | 979 | } |
| 977 | | | 980 | |
| 978 | case CRYPTO_MD5: | | 981 | case CRYPTO_MD5: |
| 979 | axf = &swcr_auth_hash_md5; | | 982 | axf = &swcr_auth_hash_md5; |
| 980 | goto auth3common; | | 983 | goto auth3common; |
| 981 | | | 984 | |
| 982 | case CRYPTO_SHA1: | | 985 | case CRYPTO_SHA1: |
| 983 | axf = &swcr_auth_hash_sha1; | | 986 | axf = &swcr_auth_hash_sha1; |
| 984 | auth3common: | | 987 | auth3common: |
| 985 | (*swd)->sw_ictx = malloc(axf->ctxsize, | | 988 | (*swd)->sw_ictx = malloc(axf->ctxsize, |
| 986 | M_CRYPTO_DATA, M_NOWAIT); | | 989 | M_CRYPTO_DATA, M_NOWAIT); |
| 987 | if ((*swd)->sw_ictx == NULL) { | | 990 | if ((*swd)->sw_ictx == NULL) { |
| 988 | swcr_freesession(NULL, i); | | 991 | swcr_freesession(NULL, i); |
| 989 | return ENOBUFS; | | 992 | return ENOBUFS; |