1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright (c) 2018, Joyent, Inc.
25  */
26 
27 #ifndef _SOFTCRYPT_H
28 #define	_SOFTCRYPT_H
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 #include <sys/types.h>
35 #include <security/pkcs11t.h>
36 #include <modes/modes.h>
37 #include <aes_impl.h>
38 #include <blowfish_impl.h>
39 #include <des_impl.h>
40 #include "softObject.h"
41 #include "softSession.h"
42 
43 #define	DES_MAC_LEN	(DES_BLOCK_LEN / 2)
44 
45 typedef struct soft_des_ctx {
46 	void *key_sched;		/* pointer to key schedule */
47 	size_t keysched_len;		/* Length of the key schedule */
48 	uint8_t ivec[DES_BLOCK_LEN];	/* initialization vector */
49 	uint8_t data[DES_BLOCK_LEN];	/* for use by update */
50 	size_t remain_len;		/* for use by update */
51 	void *des_cbc;			/* to be used by CBC mode */
52 	CK_KEY_TYPE key_type;		/* used to determine DES or DES3 */
53 	size_t mac_len;			/* digest len in bytes */
54 } soft_des_ctx_t;
55 
56 typedef struct soft_blowfish_ctx {
57 	void *key_sched;		/* pointer to key schedule */
58 	size_t keysched_len;		/* Length of the key schedule */
59 	uint8_t ivec[BLOWFISH_BLOCK_LEN];	/* initialization vector */
60 	uint8_t data[BLOWFISH_BLOCK_LEN];	/* for use by update */
61 	size_t remain_len;			/* for use by update */
62 	void *blowfish_cbc;			/* to be used by CBC mode */
63 } soft_blowfish_ctx_t;
64 
65 /*
66  * For sign/verify operations, the hash generated is AES_BLOCK_LEN bytes long,
67  * however for CKM_AES_CMAC_GENERAL, one can specify a smaller hash size if
68  * desired (the output being the output of CKM_AES_CMAC truncated to the
69  * specified size).  Since this size is specified in the C_{Sign,Verify}Init()
70  * call, we must carry it through to the C_{Sign,Verify}Final() call via
71  * the mac_len field.
72  *
73  * Note that the context pointed to by aes_ctx is cleaned up as part of the
74  * soft_aes_encrypt() calls.
75  */
76 typedef struct soft_aes_sign_ctx {
77 	aes_ctx_t	*aes_ctx;
78 	size_t		mac_len;
79 } soft_aes_sign_ctx_t;
80 
81 /*
82  * Function Prototypes.
83  */
84 void *des_cbc_ctx_init(void *, size_t, uint8_t *, CK_KEY_TYPE);
85 
86 CK_RV soft_des_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR,
87 	soft_object_t *, boolean_t);
88 
89 CK_RV soft_des_encrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
90 	CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
91 
92 CK_RV soft_des_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
93 	CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
94 
95 CK_RV soft_des_sign_verify_common(soft_session_t *, CK_BYTE_PTR,
96 	CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR,
97 	boolean_t, boolean_t);
98 
99 CK_RV soft_des_sign_verify_init_common(soft_session_t *, CK_MECHANISM_PTR,
100 	soft_object_t *, boolean_t);
101 
102 CK_RV soft_des_mac_sign_verify_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG);
103 
104 void soft_add_pkcs7_padding(CK_BYTE *, int, CK_ULONG);
105 
106 CK_RV soft_remove_pkcs7_padding(CK_BYTE *, CK_ULONG, CK_ULONG *);
107 
108 CK_RV soft_arcfour_crypt_init(soft_session_t *, CK_MECHANISM_PTR,
109 	soft_object_t *, boolean_t);
110 
111 CK_RV soft_arcfour_crypt(crypto_active_op_t *, CK_BYTE_PTR, CK_ULONG,
112 	CK_BYTE_PTR, CK_ULONG_PTR);
113 
114 CK_RV soft_aes_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR,
115 	soft_object_t *, boolean_t);
116 
117 CK_RV soft_aes_encrypt(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
118 	CK_BYTE_PTR, CK_ULONG_PTR);
119 
120 CK_RV soft_aes_decrypt(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
121 	CK_BYTE_PTR, CK_ULONG_PTR);
122 
123 CK_RV soft_aes_encrypt_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
124 	CK_BYTE_PTR, CK_ULONG_PTR);
125 
126 CK_RV soft_aes_decrypt_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
127 	CK_BYTE_PTR, CK_ULONG_PTR);
128 
129 CK_RV soft_aes_encrypt_final(soft_session_t *, CK_BYTE_PTR, CK_ULONG_PTR);
130 
131 CK_RV soft_aes_decrypt_final(soft_session_t *, CK_BYTE_PTR, CK_ULONG_PTR);
132 
133 CK_RV soft_aes_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
134 	CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
135 
136 CK_RV soft_aes_sign_verify_common(soft_session_t *, CK_BYTE_PTR,
137 	CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR,
138 	boolean_t, boolean_t);
139 
140 CK_RV soft_aes_sign_verify_init_common(soft_session_t *, CK_MECHANISM_PTR,
141 	soft_object_t *, boolean_t);
142 
143 CK_RV soft_aes_mac_sign_verify_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG);
144 
145 void soft_aes_free_ctx(aes_ctx_t *);
146 
147 void *blowfish_cbc_ctx_init(void *, size_t, uint8_t *);
148 
149 CK_RV soft_blowfish_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR,
150 	soft_object_t *, boolean_t);
151 
152 CK_RV soft_blowfish_encrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
153 	CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
154 
155 CK_RV soft_blowfish_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
156 	CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
157 
158 #ifdef	__cplusplus
159 }
160 #endif
161 
162 #endif /* _SOFTCRYPT_H */
163