1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #include <sys/strsun.h>
27 #include <sys/systm.h>
28 #include <sys/sysmacros.h>
29 #include <sys/kmem.h>
30 #include <sys/md5.h>
31 #include <sys/sha1.h>
32 #include <sys/sha2.h>
33 #include <modes/modes.h>
34 #include <sys/crypto/common.h>
35 #include <sys/crypto/impl.h>
36
37 /*
38 * Utility routine to apply the command, 'cmd', to the
39 * data in the uio structure.
40 */
41 int
crypto_uio_data(crypto_data_t * data,uchar_t * buf,int len,cmd_type_t cmd,void * digest_ctx,void (* update)())42 crypto_uio_data(crypto_data_t *data, uchar_t *buf, int len, cmd_type_t cmd,
43 void *digest_ctx, void (*update)())
44 {
45 uio_t *uiop = data->cd_uio;
46 off_t offset = data->cd_offset;
47 size_t length = len;
48 uint_t vec_idx;
49 size_t cur_len;
50 uchar_t *datap;
51
52 ASSERT(data->cd_format == CRYPTO_DATA_UIO);
53 if (uiop->uio_segflg != UIO_SYSSPACE) {
54 return (CRYPTO_ARGUMENTS_BAD);
55 }
56
57 /*
58 * Jump to the first iovec containing data to be
59 * processed.
60 */
61 for (vec_idx = 0; vec_idx < uiop->uio_iovcnt &&
62 offset >= uiop->uio_iov[vec_idx].iov_len;
63 offset -= uiop->uio_iov[vec_idx++].iov_len)
64 ;
65
66 if (vec_idx == uiop->uio_iovcnt) {
67 /*
68 * The caller specified an offset that is larger than
69 * the total size of the buffers it provided.
70 */
71 return (CRYPTO_DATA_LEN_RANGE);
72 }
73
74 while (vec_idx < uiop->uio_iovcnt && length > 0) {
75 cur_len = MIN(uiop->uio_iov[vec_idx].iov_len -
76 offset, length);
77
78 datap = (uchar_t *)(uiop->uio_iov[vec_idx].iov_base +
79 offset);
80 switch (cmd) {
81 case COPY_FROM_DATA:
82 bcopy(datap, buf, cur_len);
83 buf += cur_len;
84 break;
85 case COPY_TO_DATA:
86 bcopy(buf, datap, cur_len);
87 buf += cur_len;
88 break;
89 case COMPARE_TO_DATA:
90 if (bcmp(datap, buf, cur_len))
91 return (CRYPTO_SIGNATURE_INVALID);
92 buf += cur_len;
93 break;
94 case MD5_DIGEST_DATA:
95 case SHA1_DIGEST_DATA:
96 case SHA2_DIGEST_DATA:
97 case GHASH_DATA:
98 update(digest_ctx, datap, cur_len);
99 break;
100 }
101
102 length -= cur_len;
103 vec_idx++;
104 offset = 0;
105 }
106
107 if (vec_idx == uiop->uio_iovcnt && length > 0) {
108 /*
109 * The end of the specified iovec's was reached but
110 * the length requested could not be processed.
111 */
112 switch (cmd) {
113 case COPY_TO_DATA:
114 data->cd_length = len;
115 return (CRYPTO_BUFFER_TOO_SMALL);
116 default:
117 return (CRYPTO_DATA_LEN_RANGE);
118 }
119 }
120
121 return (CRYPTO_SUCCESS);
122 }
123
124 /*
125 * Utility routine to apply the command, 'cmd', to the
126 * data in the mblk structure.
127 */
128 int
crypto_mblk_data(crypto_data_t * data,uchar_t * buf,int len,cmd_type_t cmd,void * digest_ctx,void (* update)())129 crypto_mblk_data(crypto_data_t *data, uchar_t *buf, int len, cmd_type_t cmd,
130 void *digest_ctx, void (*update)())
131 {
132 off_t offset = data->cd_offset;
133 size_t length = len;
134 mblk_t *mp;
135 size_t cur_len;
136 uchar_t *datap;
137
138 ASSERT(data->cd_format == CRYPTO_DATA_MBLK);
139 /*
140 * Jump to the first mblk_t containing data to be processed.
141 */
142 for (mp = data->cd_mp; mp != NULL && offset >= MBLKL(mp);
143 offset -= MBLKL(mp), mp = mp->b_cont)
144 ;
145 if (mp == NULL) {
146 /*
147 * The caller specified an offset that is larger
148 * than the total size of the buffers it provided.
149 */
150 return (CRYPTO_DATA_LEN_RANGE);
151 }
152
153 /*
154 * Now do the processing on the mblk chain.
155 */
156 while (mp != NULL && length > 0) {
157 cur_len = MIN(MBLKL(mp) - offset, length);
158
159 datap = (uchar_t *)(mp->b_rptr + offset);
160 switch (cmd) {
161 case COPY_FROM_DATA:
162 bcopy(datap, buf, cur_len);
163 buf += cur_len;
164 break;
165 case COPY_TO_DATA:
166 bcopy(buf, datap, cur_len);
167 buf += cur_len;
168 break;
169 case COMPARE_TO_DATA:
170 if (bcmp(datap, buf, cur_len))
171 return (CRYPTO_SIGNATURE_INVALID);
172 buf += cur_len;
173 break;
174 case MD5_DIGEST_DATA:
175 case SHA1_DIGEST_DATA:
176 case SHA2_DIGEST_DATA:
177 case GHASH_DATA:
178 update(digest_ctx, datap, cur_len);
179 break;
180 }
181
182 length -= cur_len;
183 offset = 0;
184 mp = mp->b_cont;
185 }
186
187 if (mp == NULL && length > 0) {
188 /*
189 * The end of the mblk was reached but the length
190 * requested could not be processed.
191 */
192 switch (cmd) {
193 case COPY_TO_DATA:
194 data->cd_length = len;
195 return (CRYPTO_BUFFER_TOO_SMALL);
196 default:
197 return (CRYPTO_DATA_LEN_RANGE);
198 }
199 }
200
201 return (CRYPTO_SUCCESS);
202 }
203
204 /*
205 * Utility routine to copy a buffer to a crypto_data structure.
206 */
207 int
crypto_put_output_data(uchar_t * buf,crypto_data_t * output,int len)208 crypto_put_output_data(uchar_t *buf, crypto_data_t *output, int len)
209 {
210 switch (output->cd_format) {
211 case CRYPTO_DATA_RAW:
212 if (output->cd_raw.iov_len < len) {
213 output->cd_length = len;
214 return (CRYPTO_BUFFER_TOO_SMALL);
215 }
216 bcopy(buf, (uchar_t *)(output->cd_raw.iov_base +
217 output->cd_offset), len);
218 break;
219
220 case CRYPTO_DATA_UIO:
221 return (crypto_uio_data(output, buf, len,
222 COPY_TO_DATA, NULL, NULL));
223
224 case CRYPTO_DATA_MBLK:
225 return (crypto_mblk_data(output, buf, len,
226 COPY_TO_DATA, NULL, NULL));
227
228 default:
229 return (CRYPTO_ARGUMENTS_BAD);
230 }
231
232 return (CRYPTO_SUCCESS);
233 }
234
235 /*
236 * Utility routine to get data from a crypto_data structure.
237 *
238 * '*dptr' contains a pointer to a buffer on return. 'buf'
239 * is allocated by the caller and is ignored for CRYPTO_DATA_RAW case.
240 */
241 int
crypto_get_input_data(crypto_data_t * input,uchar_t ** dptr,uchar_t * buf)242 crypto_get_input_data(crypto_data_t *input, uchar_t **dptr, uchar_t *buf)
243 {
244 int rv;
245
246 switch (input->cd_format) {
247 case CRYPTO_DATA_RAW:
248 if (input->cd_raw.iov_len < input->cd_length)
249 return (CRYPTO_ARGUMENTS_BAD);
250 *dptr = (uchar_t *)(input->cd_raw.iov_base +
251 input->cd_offset);
252 break;
253
254 case CRYPTO_DATA_UIO:
255 if ((rv = crypto_uio_data(input, buf, input->cd_length,
256 COPY_FROM_DATA, NULL, NULL)) != CRYPTO_SUCCESS)
257 return (rv);
258 *dptr = buf;
259 break;
260
261 case CRYPTO_DATA_MBLK:
262 if ((rv = crypto_mblk_data(input, buf, input->cd_length,
263 COPY_FROM_DATA, NULL, NULL)) != CRYPTO_SUCCESS)
264 return (rv);
265 *dptr = buf;
266 break;
267
268 default:
269 return (CRYPTO_ARGUMENTS_BAD);
270 }
271
272 return (CRYPTO_SUCCESS);
273 }
274
275 int
crypto_copy_key_to_ctx(crypto_key_t * in_key,crypto_key_t ** out_key,size_t * out_size,int kmflag)276 crypto_copy_key_to_ctx(crypto_key_t *in_key, crypto_key_t **out_key,
277 size_t *out_size, int kmflag)
278 {
279 int i, count;
280 size_t len;
281 caddr_t attr_val;
282 crypto_object_attribute_t *k_attrs = NULL;
283 crypto_key_t *key;
284
285 ASSERT(in_key->ck_format == CRYPTO_KEY_ATTR_LIST);
286
287 count = in_key->ck_count;
288 /* figure out how much memory to allocate for everything */
289 len = sizeof (crypto_key_t) +
290 count * sizeof (crypto_object_attribute_t);
291 for (i = 0; i < count; i++) {
292 len += roundup(in_key->ck_attrs[i].oa_value_len,
293 sizeof (caddr_t));
294 }
295
296 /* one big allocation for everything */
297 key = kmem_alloc(len, kmflag);
298 if (key == NULL)
299 return (CRYPTO_HOST_MEMORY);
300 k_attrs = (crypto_object_attribute_t *)(void *)((caddr_t)key +
301 sizeof (crypto_key_t));
302
303 attr_val = (caddr_t)k_attrs +
304 count * sizeof (crypto_object_attribute_t);
305 for (i = 0; i < count; i++) {
306 k_attrs[i].oa_type = in_key->ck_attrs[i].oa_type;
307 bcopy(in_key->ck_attrs[i].oa_value, attr_val,
308 in_key->ck_attrs[i].oa_value_len);
309 k_attrs[i].oa_value = attr_val;
310 k_attrs[i].oa_value_len = in_key->ck_attrs[i].oa_value_len;
311 attr_val += roundup(k_attrs[i].oa_value_len, sizeof (caddr_t));
312 }
313
314 key->ck_format = CRYPTO_KEY_ATTR_LIST;
315 key->ck_count = count;
316 key->ck_attrs = k_attrs;
317 *out_key = key;
318 *out_size = len; /* save the size to be freed */
319
320 return (CRYPTO_SUCCESS);
321 }
322
323 int
crypto_digest_data(crypto_data_t * data,void * dctx,uchar_t * digest,void (* update)(),void (* final)(),uchar_t flag)324 crypto_digest_data(crypto_data_t *data, void *dctx, uchar_t *digest,
325 void (*update)(), void (*final)(), uchar_t flag)
326 {
327 int rv, dlen;
328 uchar_t *dptr;
329
330 ASSERT(flag & CRYPTO_DO_MD5 || flag & CRYPTO_DO_SHA1 ||
331 flag & CRYPTO_DO_SHA2);
332 if (data == NULL) {
333 ASSERT((flag & CRYPTO_DO_UPDATE) == 0);
334 goto dofinal;
335 }
336
337 dlen = data->cd_length;
338
339 if (flag & CRYPTO_DO_UPDATE) {
340
341 switch (data->cd_format) {
342 case CRYPTO_DATA_RAW:
343 dptr = (uchar_t *)(data->cd_raw.iov_base +
344 data->cd_offset);
345
346 update(dctx, dptr, dlen);
347
348 break;
349
350 case CRYPTO_DATA_UIO:
351 if (flag & CRYPTO_DO_MD5)
352 rv = crypto_uio_data(data, NULL, dlen,
353 MD5_DIGEST_DATA, dctx, update);
354
355 else if (flag & CRYPTO_DO_SHA1)
356 rv = crypto_uio_data(data, NULL, dlen,
357 SHA1_DIGEST_DATA, dctx, update);
358
359 else
360 rv = crypto_uio_data(data, NULL, dlen,
361 SHA2_DIGEST_DATA, dctx, update);
362
363 if (rv != CRYPTO_SUCCESS)
364 return (rv);
365
366 break;
367
368 case CRYPTO_DATA_MBLK:
369 if (flag & CRYPTO_DO_MD5)
370 rv = crypto_mblk_data(data, NULL, dlen,
371 MD5_DIGEST_DATA, dctx, update);
372
373 else if (flag & CRYPTO_DO_SHA1)
374 rv = crypto_mblk_data(data, NULL, dlen,
375 SHA1_DIGEST_DATA, dctx, update);
376
377 else
378 rv = crypto_mblk_data(data, NULL, dlen,
379 SHA2_DIGEST_DATA, dctx, update);
380
381 if (rv != CRYPTO_SUCCESS)
382 return (rv);
383
384 break;
385 }
386 }
387
388 dofinal:
389 if (flag & CRYPTO_DO_FINAL) {
390 final(digest, dctx);
391 }
392
393 return (CRYPTO_SUCCESS);
394 }
395
396 int
crypto_update_iov(void * ctx,crypto_data_t * input,crypto_data_t * output,int (* cipher)(void *,caddr_t,size_t,crypto_data_t *),void (* copy_block)(uint8_t *,uint64_t *))397 crypto_update_iov(void *ctx, crypto_data_t *input, crypto_data_t *output,
398 int (*cipher)(void *, caddr_t, size_t, crypto_data_t *),
399 void (*copy_block)(uint8_t *, uint64_t *))
400 {
401 common_ctx_t *common_ctx = ctx;
402 int rv;
403
404 if (input->cd_miscdata != NULL) {
405 copy_block((uint8_t *)input->cd_miscdata,
406 &common_ctx->cc_iv[0]);
407 }
408
409 if (input->cd_raw.iov_len < input->cd_length)
410 return (CRYPTO_ARGUMENTS_BAD);
411
412 rv = (cipher)(ctx, input->cd_raw.iov_base + input->cd_offset,
413 input->cd_length, (input == output) ? NULL : output);
414
415 return (rv);
416 }
417
418 int
crypto_update_uio(void * ctx,crypto_data_t * input,crypto_data_t * output,int (* cipher)(void *,caddr_t,size_t,crypto_data_t *),void (* copy_block)(uint8_t *,uint64_t *))419 crypto_update_uio(void *ctx, crypto_data_t *input, crypto_data_t *output,
420 int (*cipher)(void *, caddr_t, size_t, crypto_data_t *),
421 void (*copy_block)(uint8_t *, uint64_t *))
422 {
423 common_ctx_t *common_ctx = ctx;
424 uio_t *uiop = input->cd_uio;
425 off_t offset = input->cd_offset;
426 size_t length = input->cd_length;
427 uint_t vec_idx;
428 size_t cur_len;
429
430 if (input->cd_miscdata != NULL) {
431 copy_block((uint8_t *)input->cd_miscdata,
432 &common_ctx->cc_iv[0]);
433 }
434
435 if (input->cd_uio->uio_segflg != UIO_SYSSPACE) {
436 return (CRYPTO_ARGUMENTS_BAD);
437 }
438
439 /*
440 * Jump to the first iovec containing data to be
441 * processed.
442 */
443 for (vec_idx = 0; vec_idx < uiop->uio_iovcnt &&
444 offset >= uiop->uio_iov[vec_idx].iov_len;
445 offset -= uiop->uio_iov[vec_idx++].iov_len)
446 ;
447 if (vec_idx == uiop->uio_iovcnt) {
448 /*
449 * The caller specified an offset that is larger than the
450 * total size of the buffers it provided.
451 */
452 return (CRYPTO_DATA_LEN_RANGE);
453 }
454
455 /*
456 * Now process the iovecs.
457 */
458 while (vec_idx < uiop->uio_iovcnt && length > 0) {
459 cur_len = MIN(uiop->uio_iov[vec_idx].iov_len -
460 offset, length);
461
462 (cipher)(ctx, uiop->uio_iov[vec_idx].iov_base + offset,
463 cur_len, (input == output) ? NULL : output);
464
465 length -= cur_len;
466 vec_idx++;
467 offset = 0;
468 }
469
470 if (vec_idx == uiop->uio_iovcnt && length > 0) {
471 /*
472 * The end of the specified iovec's was reached but
473 * the length requested could not be processed, i.e.
474 * The caller requested to digest more data than it provided.
475 */
476
477 return (CRYPTO_DATA_LEN_RANGE);
478 }
479
480 return (CRYPTO_SUCCESS);
481 }
482
483 int
crypto_update_mp(void * ctx,crypto_data_t * input,crypto_data_t * output,int (* cipher)(void *,caddr_t,size_t,crypto_data_t *),void (* copy_block)(uint8_t *,uint64_t *))484 crypto_update_mp(void *ctx, crypto_data_t *input, crypto_data_t *output,
485 int (*cipher)(void *, caddr_t, size_t, crypto_data_t *),
486 void (*copy_block)(uint8_t *, uint64_t *))
487 {
488 common_ctx_t *common_ctx = ctx;
489 off_t offset = input->cd_offset;
490 size_t length = input->cd_length;
491 mblk_t *mp;
492 size_t cur_len;
493
494 if (input->cd_miscdata != NULL) {
495 copy_block((uint8_t *)input->cd_miscdata,
496 &common_ctx->cc_iv[0]);
497 }
498
499 /*
500 * Jump to the first mblk_t containing data to be processed.
501 */
502 for (mp = input->cd_mp; mp != NULL && offset >= MBLKL(mp);
503 offset -= MBLKL(mp), mp = mp->b_cont)
504 ;
505 if (mp == NULL) {
506 /*
507 * The caller specified an offset that is larger than the
508 * total size of the buffers it provided.
509 */
510 return (CRYPTO_DATA_LEN_RANGE);
511 }
512
513 /*
514 * Now do the processing on the mblk chain.
515 */
516 while (mp != NULL && length > 0) {
517 cur_len = MIN(MBLKL(mp) - offset, length);
518 (cipher)(ctx, (char *)(mp->b_rptr + offset), cur_len,
519 (input == output) ? NULL : output);
520
521 length -= cur_len;
522 offset = 0;
523 mp = mp->b_cont;
524 }
525
526 if (mp == NULL && length > 0) {
527 /*
528 * The end of the mblk was reached but the length requested
529 * could not be processed, i.e. The caller requested
530 * to digest more data than it provided.
531 */
532 return (CRYPTO_DATA_LEN_RANGE);
533 }
534
535 return (CRYPTO_SUCCESS);
536 }
537
538 /*
539 * Utility routine to look up a attribute of type, 'type',
540 * in the key.
541 */
542 int
crypto_get_key_attr(crypto_key_t * key,crypto_attr_type_t type,uchar_t ** value,ssize_t * value_len)543 crypto_get_key_attr(crypto_key_t *key, crypto_attr_type_t type,
544 uchar_t **value, ssize_t *value_len)
545 {
546 int i;
547
548 ASSERT(key->ck_format == CRYPTO_KEY_ATTR_LIST);
549 for (i = 0; i < key->ck_count; i++) {
550 if (key->ck_attrs[i].oa_type == type) {
551 *value = (uchar_t *)key->ck_attrs[i].oa_value;
552 *value_len = key->ck_attrs[i].oa_value_len;
553 return (CRYPTO_SUCCESS);
554 }
555 }
556
557 return (CRYPTO_FAILED);
558 }
559