Lines Matching defs:tls

51 	    struct ktls_session *tls, struct mbuf *m,
55 int (*recrypt)(struct ktls_session *tls,
60 int (*decrypt)(struct ktls_session *tls,
275 struct ktls_session *tls, struct mbuf *m, struct iovec *outiov,
291 os = tls->ocf_session;
295 MPASS(tls->sync_dispatch);
437 ktls_ocf_tls_cbc_decrypt(struct ktls_session *tls,
452 os = tls->ocf_session;
467 crp.crp_payload_start = tls->params.tls_hlen;
548 struct ktls_session *tls, struct mbuf *m, struct iovec *outiov,
559 os = tls->ocf_session;
567 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16) {
568 memcpy(crp->crp_iv, tls->params.iv, TLS_AEAD_GCM_LEN);
577 memcpy(crp->crp_iv, tls->params.iv, tls->params.iv_len);
605 uio->uio_resid = crp->crp_payload_length + tls->params.tls_tlen;
613 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
621 if (tls->sync_dispatch) {
630 ktls_ocf_tls12_aead_decrypt(struct ktls_session *tls,
640 os = tls->ocf_session;
644 if (tls_len + sizeof(*hdr) < tls->params.tls_hlen +
645 tls->params.tls_tlen)
651 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16) {
652 memcpy(crp.crp_iv, tls->params.iv, TLS_AEAD_GCM_LEN);
661 memcpy(crp.crp_iv, tls->params.iv, tls->params.iv_len);
666 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
679 crp.crp_payload_start = tls->params.tls_hlen;
687 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
694 *trailer_len = tls->params.tls_tlen;
727 ktls_ocf_tls12_aead_recrypt(struct ktls_session *tls,
738 os = tls->ocf_session;
747 KASSERT(tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16,
751 memcpy(crp.crp_iv, tls->params.iv, TLS_AEAD_GCM_LEN);
759 crp.crp_payload_start = tls->params.tls_hlen;
771 ktls_ocf_recrypt_fixup(m, tls->params.tls_hlen, payload_len,
786 struct ktls_session *tls, struct mbuf *m, struct iovec *outiov,
796 os = tls->ocf_session;
804 memcpy(crp->crp_iv, tls->params.iv, tls->params.iv_len);
843 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
851 if (tls->sync_dispatch) {
860 ktls_ocf_tls13_aead_decrypt(struct ktls_session *tls,
871 os = tls->ocf_session;
873 tag_len = tls->params.tls_tlen - 1;
883 memcpy(crp.crp_iv, tls->params.iv, tls->params.iv_len);
894 crp.crp_payload_start = tls->params.tls_hlen;
902 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
914 ktls_ocf_tls13_aead_recrypt(struct ktls_session *tls,
925 os = tls->ocf_session;
934 KASSERT(tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16,
938 memcpy(crp.crp_iv, tls->params.iv, tls->params.iv_len);
946 crp.crp_payload_start = tls->params.tls_hlen;
958 ktls_ocf_recrypt_fixup(m, tls->params.tls_hlen, payload_len,
972 ktls_ocf_free(struct ktls_session *tls)
976 os = tls->ocf_session;
985 ktls_ocf_try(struct ktls_session *tls, int direction)
998 switch (tls->params.cipher_algorithm) {
1000 switch (tls->params.cipher_key_len) {
1009 if (tls->params.tls_vmajor != TLS_MAJOR_VER_ONE ||
1010 tls->params.tls_vminor < TLS_MINOR_VER_TWO ||
1011 tls->params.tls_vminor > TLS_MINOR_VER_THREE)
1017 csp.csp_cipher_key = tls->params.cipher_key;
1018 csp.csp_cipher_klen = tls->params.cipher_key_len;
1024 recrypt_csp.csp_cipher_key = tls->params.cipher_key;
1025 recrypt_csp.csp_cipher_klen = tls->params.cipher_key_len;
1029 switch (tls->params.cipher_key_len) {
1037 switch (tls->params.auth_algorithm) {
1052 if (tls->params.tls_vmajor != TLS_MAJOR_VER_ONE ||
1053 tls->params.tls_vminor < TLS_MINOR_VER_ZERO ||
1054 tls->params.tls_vminor > TLS_MINOR_VER_TWO)
1059 tls->params.tls_vminor == TLS_MINOR_VER_ZERO)
1065 csp.csp_cipher_key = tls->params.cipher_key;
1066 csp.csp_cipher_klen = tls->params.cipher_key_len;
1071 mac_csp.csp_auth_alg = tls->params.auth_algorithm;
1072 mac_csp.csp_auth_key = tls->params.auth_key;
1073 mac_csp.csp_auth_klen = tls->params.auth_key_len;
1076 switch (tls->params.cipher_key_len) {
1084 if (tls->params.tls_vmajor != TLS_MAJOR_VER_ONE ||
1085 tls->params.tls_vminor < TLS_MINOR_VER_TWO ||
1086 tls->params.tls_vminor > TLS_MINOR_VER_THREE)
1092 csp.csp_cipher_key = tls->params.cipher_key;
1093 csp.csp_cipher_klen = tls->params.cipher_key_len;
1133 tls->ocf_session = os;
1134 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16 ||
1135 tls->params.cipher_algorithm == CRYPTO_CHACHA20_POLY1305) {
1136 if (tls->params.tls_vminor == TLS_MINOR_VER_THREE)
1142 if (tls->params.tls_vminor == TLS_MINOR_VER_ZERO) {
1144 memcpy(os->iv, tls->params.iv, AES_BLOCK_LEN);
1146 os->next_seqno = tls->next_seqno;
1156 tls->sync_dispatch = CRYPTO_SESS_SYNC(os->sid) ||
1157 tls->params.cipher_algorithm == CRYPTO_AES_CBC;
1163 struct ktls_session *tls, struct mbuf *m, struct iovec *outiov,
1166 return (tls->ocf_session->sw->encrypt(state, tls, m, outiov,
1171 ktls_ocf_decrypt(struct ktls_session *tls, const struct tls_record_layer *hdr,
1174 return (tls->ocf_session->sw->decrypt(tls, hdr, m, seqno, trailer_len));
1178 ktls_ocf_recrypt(struct ktls_session *tls, const struct tls_record_layer *hdr,
1181 return (tls->ocf_session->sw->recrypt(tls, hdr, m, seqno));
1185 ktls_ocf_recrypt_supported(struct ktls_session *tls)
1187 return (tls->ocf_session->sw->recrypt != NULL &&
1188 tls->ocf_session->recrypt_sid != NULL);