xref: /illumos-gate/usr/src/common/crypto/modes/modes.h (revision 16239bc8) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_COMMON_CRYPTO_MODES_H
27 #define	_COMMON_CRYPTO_MODES_H
28 
29 #ifdef	__cplusplus
30 extern "C" {
31 #endif
32 
33 #include <sys/strsun.h>
34 #include <sys/systm.h>
35 #include <sys/sysmacros.h>
36 #include <sys/types.h>
37 #include <sys/errno.h>
38 #include <sys/rwlock.h>
39 #include <sys/kmem.h>
40 #include <sys/crypto/common.h>
41 #include <sys/crypto/impl.h>
42 
43 #define	ECB_MODE			0x00000002
44 #define	CBC_MODE			0x00000004
45 #define	CTR_MODE			0x00000008
46 #define	CCM_MODE			0x00000010
47 
48 /*
49  * cc_keysched:		Pointer to key schedule.
50  *
51  * cc_keysched_len:	Length of the key schedule.
52  *
53  * cc_remainder:	This is for residual data, i.e. data that can't
54  *			be processed because there are too few bytes.
55  *			Must wait until more data arrives.
56  *
57  * cc_remainder_len:	Number of bytes in cc_remainder.
58  *
59  * cc_iv:		Scratch buffer that sometimes contains the IV.
60  *
61  * cc_lastp:		Pointer to previous block of ciphertext.
62  *
63  * cc_copy_to:		Pointer to where encrypted residual data needs
64  *			to be copied.
65  *
66  * cc_flags:		PROVIDER_OWNS_KEY_SCHEDULE
67  *			When a context is freed, it is necessary
68  *			to know whether the key schedule was allocated
69  *			by the caller, or internally, e.g. an init routine.
70  *			If allocated by the latter, then it needs to be freed.
71  *
72  *			ECB_MODE, CBC_MODE, CTR_MODE, or CCM_MODE
73  */
74 struct common_ctx {
75 	void *cc_keysched;
76 	size_t cc_keysched_len;
77 	uint64_t cc_iv[2];
78 	uint64_t cc_remainder[2];
79 	size_t cc_remainder_len;
80 	uint8_t *cc_lastp;
81 	uint8_t *cc_copy_to;
82 	uint32_t cc_flags;
83 };
84 
85 typedef struct common_ctx common_ctx_t;
86 
87 typedef struct ecb_ctx {
88 	struct common_ctx ecb_common;
89 	uint64_t ecb_lastblock[2];
90 } ecb_ctx_t;
91 
92 #define	ecb_keysched		ecb_common.cc_keysched
93 #define	ecb_keysched_len	ecb_common.cc_keysched_len
94 #define	ecb_iv			ecb_common.cc_iv
95 #define	ecb_remainder		ecb_common.cc_remainder
96 #define	ecb_remainder_len	ecb_common.cc_remainder_len
97 #define	ecb_lastp		ecb_common.cc_lastp
98 #define	ecb_copy_to		ecb_common.cc_copy_to
99 #define	ecb_flags		ecb_common.cc_flags
100 
101 typedef struct cbc_ctx {
102 	struct common_ctx cbc_common;
103 	uint64_t cbc_lastblock[2];
104 } cbc_ctx_t;
105 
106 #define	cbc_keysched		cbc_common.cc_keysched
107 #define	cbc_keysched_len	cbc_common.cc_keysched_len
108 #define	cbc_iv			cbc_common.cc_iv
109 #define	cbc_remainder		cbc_common.cc_remainder
110 #define	cbc_remainder_len	cbc_common.cc_remainder_len
111 #define	cbc_lastp		cbc_common.cc_lastp
112 #define	cbc_copy_to		cbc_common.cc_copy_to
113 #define	cbc_flags		cbc_common.cc_flags
114 
115 /*
116  * ctr_lower_mask		Bit-mask for lower 8 bytes of counter block.
117  * ctr_upper_mask		Bit-mask for upper 8 bytes of counter block.
118  */
119 typedef struct ctr_ctx {
120 	struct common_ctx ctr_common;
121 	uint64_t ctr_lower_mask;
122 	uint64_t ctr_upper_mask;
123 	uint32_t ctr_tmp[4];
124 } ctr_ctx_t;
125 
126 /*
127  * ctr_cb			Counter block.
128  */
129 #define	ctr_keysched		ctr_common.cc_keysched
130 #define	ctr_keysched_len	ctr_common.cc_keysched_len
131 #define	ctr_cb			ctr_common.cc_iv
132 #define	ctr_remainder		ctr_common.cc_remainder
133 #define	ctr_remainder_len	ctr_common.cc_remainder_len
134 #define	ctr_lastp		ctr_common.cc_lastp
135 #define	ctr_copy_to		ctr_common.cc_copy_to
136 #define	ctr_flags		ctr_common.cc_flags
137 
138 /*
139  *
140  * ccm_mac_len:		Stores length of the MAC in CCM mode.
141  * ccm_mac_buf:		Stores the intermediate value for MAC in CCM encrypt.
142  *			In CCM decrypt, stores the input MAC value.
143  * ccm_data_len:	Length of the plaintext for CCM mode encrypt, or
144  *			length of the ciphertext for CCM mode decrypt.
145  * ccm_processed_data_len:
146  *			Length of processed plaintext in CCM mode encrypt,
147  *			or length of processed ciphertext for CCM mode decrypt.
148  * ccm_processed_mac_len:
149  *			Length of MAC data accumulated in CCM mode decrypt.
150  *
151  * ccm_pt_buf:		Only used in CCM mode decrypt.  It stores the
152  *			decrypted plaintext to be returned when
153  *			MAC verification succeeds in decrypt_final.
154  *			Memory for this should be allocated in the AES module.
155  *
156  */
157 typedef struct ccm_ctx {
158 	struct common_ctx ccm_common;
159 	uint32_t ccm_tmp[4];
160 	size_t ccm_mac_len;
161 	uint64_t ccm_mac_buf[2];
162 	size_t ccm_data_len;
163 	size_t ccm_processed_data_len;
164 	size_t ccm_processed_mac_len;
165 	uint8_t *ccm_pt_buf;
166 	uint64_t ccm_mac_input_buf[2];
167 	uint64_t ccm_counter_mask;
168 } ccm_ctx_t;
169 
170 #define	ccm_keysched		ccm_common.cc_keysched
171 #define	ccm_keysched_len	ccm_common.cc_keysched_len
172 #define	ccm_cb			ccm_common.cc_iv
173 #define	ccm_remainder		ccm_common.cc_remainder
174 #define	ccm_remainder_len	ccm_common.cc_remainder_len
175 #define	ccm_lastp		ccm_common.cc_lastp
176 #define	ccm_copy_to		ccm_common.cc_copy_to
177 #define	ccm_flags		ccm_common.cc_flags
178 
179 typedef struct aes_ctx {
180 	union {
181 		ecb_ctx_t acu_ecb;
182 		cbc_ctx_t acu_cbc;
183 		ctr_ctx_t acu_ctr;
184 #ifdef _KERNEL
185 		ccm_ctx_t acu_ccm;
186 #endif
187 	} acu;
188 } aes_ctx_t;
189 
190 #define	ac_flags		acu.acu_ecb.ecb_common.cc_flags
191 #define	ac_remainder_len	acu.acu_ecb.ecb_common.cc_remainder_len
192 #define	ac_keysched		acu.acu_ecb.ecb_common.cc_keysched
193 #define	ac_keysched_len		acu.acu_ecb.ecb_common.cc_keysched_len
194 #define	ac_iv			acu.acu_ecb.ecb_common.cc_iv
195 #define	ac_lastp		acu.acu_ecb.ecb_common.cc_lastp
196 #define	ac_pt_buf		acu.acu_ccm.ccm_pt_buf
197 #define	ac_mac_len		acu.acu_ccm.ccm_mac_len
198 #define	ac_data_len		acu.acu_ccm.ccm_data_len
199 #define	ac_processed_mac_len	acu.acu_ccm.ccm_processed_mac_len
200 #define	ac_processed_data_len	acu.acu_ccm.ccm_processed_data_len
201 
202 typedef struct blowfish_ctx {
203 	union {
204 		ecb_ctx_t bcu_ecb;
205 		cbc_ctx_t bcu_cbc;
206 	} bcu;
207 } blowfish_ctx_t;
208 
209 #define	bc_flags		bcu.bcu_ecb.ecb_common.cc_flags
210 #define	bc_remainder_len	bcu.bcu_ecb.ecb_common.cc_remainder_len
211 #define	bc_keysched		bcu.bcu_ecb.ecb_common.cc_keysched
212 #define	bc_keysched_len		bcu.bcu_ecb.ecb_common.cc_keysched_len
213 #define	bc_iv			bcu.bcu_ecb.ecb_common.cc_iv
214 #define	bc_lastp		bcu.bcu_ecb.ecb_common.cc_lastp
215 
216 typedef struct des_ctx {
217 	union {
218 		ecb_ctx_t dcu_ecb;
219 		cbc_ctx_t dcu_cbc;
220 	} dcu;
221 } des_ctx_t;
222 
223 #define	dc_flags		dcu.dcu_ecb.ecb_common.cc_flags
224 #define	dc_remainder_len	dcu.dcu_ecb.ecb_common.cc_remainder_len
225 #define	dc_keysched		dcu.dcu_ecb.ecb_common.cc_keysched
226 #define	dc_keysched_len		dcu.dcu_ecb.ecb_common.cc_keysched_len
227 #define	dc_iv			dcu.dcu_ecb.ecb_common.cc_iv
228 #define	dc_lastp		dcu.dcu_ecb.ecb_common.cc_lastp
229 
230 extern int ecb_cipher_contiguous_blocks(ecb_ctx_t *, char *, size_t,
231     crypto_data_t *, size_t, int (*cipher)(const void *, const uint8_t *,
232     uint8_t *));
233 
234 extern int cbc_encrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t,
235     crypto_data_t *, size_t,
236     int (*encrypt)(const void *, const uint8_t *, uint8_t *),
237     void (*copy_block)(uint8_t *, uint8_t *),
238     void (*xor_block)(uint8_t *, uint8_t *));
239 
240 extern int cbc_decrypt_contiguous_blocks(cbc_ctx_t *, char *, size_t,
241     crypto_data_t *, size_t,
242     int (*decrypt)(const void *, const uint8_t *, uint8_t *),
243     void (*copy_block)(uint8_t *, uint8_t *),
244     void (*xor_block)(uint8_t *, uint8_t *));
245 
246 extern int ctr_mode_contiguous_blocks(ctr_ctx_t *, char *, size_t,
247     crypto_data_t *, size_t,
248     int (*cipher)(const void *, const uint8_t *, uint8_t *),
249     void (*xor_block)(uint8_t *, uint8_t *));
250 
251 extern int ccm_mode_encrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t,
252     crypto_data_t *, size_t,
253     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
254     void (*copy_block)(uint8_t *, uint8_t *),
255     void (*xor_block)(uint8_t *, uint8_t *));
256 
257 extern int ccm_mode_decrypt_contiguous_blocks(ccm_ctx_t *, char *, size_t,
258     crypto_data_t *, size_t,
259     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
260     void (*copy_block)(uint8_t *, uint8_t *),
261     void (*xor_block)(uint8_t *, uint8_t *));
262 
263 int ccm_encrypt_final(ccm_ctx_t *, crypto_data_t *, size_t,
264     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
265     void (*xor_block)(uint8_t *, uint8_t *));
266 
267 extern int ccm_decrypt_final(ccm_ctx_t *, crypto_data_t *, size_t,
268     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
269     void (*copy_block)(uint8_t *, uint8_t *),
270     void (*xor_block)(uint8_t *, uint8_t *));
271 
272 extern int ctr_mode_final(ctr_ctx_t *, crypto_data_t *,
273     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *));
274 
275 extern int cbc_init_ctx(cbc_ctx_t *, char *, size_t, size_t,
276     void (*copy_block)(uint8_t *, uint64_t *));
277 
278 extern int ctr_init_ctx(ctr_ctx_t *, ulong_t, uint8_t *,
279     void (*copy_block)(uint8_t *, uint8_t *));
280 
281 extern int ccm_init_ctx(ccm_ctx_t *, char *, int, boolean_t, size_t,
282     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *),
283     void (*xor_block)(uint8_t *, uint8_t *));
284 
285 extern void calculate_ccm_mac(ccm_ctx_t *, uint8_t *,
286     int (*encrypt_block)(const void *, const uint8_t *, uint8_t *));
287 
288 extern void crypto_init_ptrs(crypto_data_t *, void **, offset_t *);
289 extern void crypto_get_ptrs(crypto_data_t *, void **, offset_t *,
290     uint8_t **, size_t *, uint8_t **, size_t);
291 
292 extern void *ecb_alloc_ctx(int);
293 extern void *cbc_alloc_ctx(int);
294 extern void *ctr_alloc_ctx(int);
295 extern void *ccm_alloc_ctx(int);
296 extern void crypto_free_mode_ctx(void *);
297 
298 #ifdef	__cplusplus
299 }
300 #endif
301 
302 #endif	/* _COMMON_CRYPTO_MODES_H */
303