1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright (c) 2018, Joyent, Inc. 25 */ 26 27 #ifndef _SOFTCRYPT_H 28 #define _SOFTCRYPT_H 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 #include <sys/types.h> 35 #include <security/pkcs11t.h> 36 #include <modes/modes.h> 37 #include <aes_impl.h> 38 #include <blowfish_impl.h> 39 #include <des_impl.h> 40 #include "softObject.h" 41 #include "softSession.h" 42 43 #define DES_MAC_LEN (DES_BLOCK_LEN / 2) 44 45 typedef struct soft_des_ctx { 46 void *key_sched; /* pointer to key schedule */ 47 size_t keysched_len; /* Length of the key schedule */ 48 uint8_t ivec[DES_BLOCK_LEN]; /* initialization vector */ 49 uint8_t data[DES_BLOCK_LEN]; /* for use by update */ 50 size_t remain_len; /* for use by update */ 51 void *des_cbc; /* to be used by CBC mode */ 52 CK_KEY_TYPE key_type; /* used to determine DES or DES3 */ 53 size_t mac_len; /* digest len in bytes */ 54 } soft_des_ctx_t; 55 56 typedef struct soft_blowfish_ctx { 57 void *key_sched; /* pointer to key schedule */ 58 size_t keysched_len; /* Length of the key schedule */ 59 uint8_t ivec[BLOWFISH_BLOCK_LEN]; /* initialization vector */ 60 uint8_t data[BLOWFISH_BLOCK_LEN]; /* for use by update */ 61 size_t remain_len; /* for use by update */ 62 void *blowfish_cbc; /* to be used by CBC mode */ 63 } soft_blowfish_ctx_t; 64 65 /* 66 * For sign/verify operations, the hash generated is AES_BLOCK_LEN bytes long, 67 * however for CKM_AES_CMAC_GENERAL, one can specify a smaller hash size if 68 * desired (the output being the output of CKM_AES_CMAC truncated to the 69 * specified size). Since this size is specified in the C_{Sign,Verify}Init() 70 * call, we must carry it through to the C_{Sign,Verify}Final() call via 71 * the mac_len field. 72 * 73 * Note that the context pointed to by aes_ctx is cleaned up as part of the 74 * soft_aes_encrypt() calls. 75 */ 76 typedef struct soft_aes_sign_ctx { 77 aes_ctx_t *aes_ctx; 78 size_t mac_len; 79 } soft_aes_sign_ctx_t; 80 81 /* 82 * Function Prototypes. 83 */ 84 void *des_cbc_ctx_init(void *, size_t, uint8_t *, CK_KEY_TYPE); 85 86 CK_RV soft_des_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR, 87 soft_object_t *, boolean_t); 88 89 CK_RV soft_des_encrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 90 CK_BYTE_PTR, CK_ULONG_PTR, boolean_t); 91 92 CK_RV soft_des_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 93 CK_BYTE_PTR, CK_ULONG_PTR, boolean_t); 94 95 CK_RV soft_des_sign_verify_common(soft_session_t *, CK_BYTE_PTR, 96 CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, 97 boolean_t, boolean_t); 98 99 CK_RV soft_des_sign_verify_init_common(soft_session_t *, CK_MECHANISM_PTR, 100 soft_object_t *, boolean_t); 101 102 CK_RV soft_des_mac_sign_verify_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG); 103 104 void soft_add_pkcs7_padding(CK_BYTE *, int, CK_ULONG); 105 106 CK_RV soft_remove_pkcs7_padding(CK_BYTE *, CK_ULONG, CK_ULONG *); 107 108 CK_RV soft_arcfour_crypt_init(soft_session_t *, CK_MECHANISM_PTR, 109 soft_object_t *, boolean_t); 110 111 CK_RV soft_arcfour_crypt(crypto_active_op_t *, CK_BYTE_PTR, CK_ULONG, 112 CK_BYTE_PTR, CK_ULONG_PTR); 113 114 CK_RV soft_aes_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR, 115 soft_object_t *, boolean_t); 116 117 CK_RV soft_aes_encrypt(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 118 CK_BYTE_PTR, CK_ULONG_PTR); 119 120 CK_RV soft_aes_decrypt(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 121 CK_BYTE_PTR, CK_ULONG_PTR); 122 123 CK_RV soft_aes_encrypt_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 124 CK_BYTE_PTR, CK_ULONG_PTR); 125 126 CK_RV soft_aes_decrypt_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 127 CK_BYTE_PTR, CK_ULONG_PTR); 128 129 CK_RV soft_aes_encrypt_final(soft_session_t *, CK_BYTE_PTR, CK_ULONG_PTR); 130 131 CK_RV soft_aes_decrypt_final(soft_session_t *, CK_BYTE_PTR, CK_ULONG_PTR); 132 133 CK_RV soft_aes_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 134 CK_BYTE_PTR, CK_ULONG_PTR, boolean_t); 135 136 CK_RV soft_aes_sign_verify_common(soft_session_t *, CK_BYTE_PTR, 137 CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, 138 boolean_t, boolean_t); 139 140 CK_RV soft_aes_sign_verify_init_common(soft_session_t *, CK_MECHANISM_PTR, 141 soft_object_t *, boolean_t); 142 143 CK_RV soft_aes_mac_sign_verify_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG); 144 145 void soft_aes_free_ctx(aes_ctx_t *); 146 147 void *blowfish_cbc_ctx_init(void *, size_t, uint8_t *); 148 149 CK_RV soft_blowfish_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR, 150 soft_object_t *, boolean_t); 151 152 CK_RV soft_blowfish_encrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 153 CK_BYTE_PTR, CK_ULONG_PTR, boolean_t); 154 155 CK_RV soft_blowfish_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG, 156 CK_BYTE_PTR, CK_ULONG_PTR, boolean_t); 157 158 #ifdef __cplusplus 159 } 160 #endif 161 162 #endif /* _SOFTCRYPT_H */ 163