1f4bf4335SSam Leffler.\" $OpenBSD: crypto.9,v 1.19 2002/07/16 06:31:57 angelos Exp $ 2f4bf4335SSam Leffler.\" 3571dba6eSHiten Pandya.\" The author of this manual page is Angelos D. Keromytis (angelos@cis.upenn.edu) 4f4bf4335SSam Leffler.\" 5f4bf4335SSam Leffler.\" Copyright (c) 2000, 2001 Angelos D. Keromytis 6f4bf4335SSam Leffler.\" 7f4bf4335SSam Leffler.\" Permission to use, copy, and modify this software with or without fee 8f4bf4335SSam Leffler.\" is hereby granted, provided that this entire notice is included in 9f4bf4335SSam Leffler.\" all source code copies of any software which is or includes a copy or 10f4bf4335SSam Leffler.\" modification of this software. 11f4bf4335SSam Leffler.\" 12f4bf4335SSam Leffler.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 13f4bf4335SSam Leffler.\" IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 14f4bf4335SSam Leffler.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 15f4bf4335SSam Leffler.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 16f4bf4335SSam Leffler.\" PURPOSE. 17f4bf4335SSam Leffler.\" 187621fdabSRuslan Ermilov.\" $FreeBSD$ 197621fdabSRuslan Ermilov.\" 20*76681661SJohn Baldwin.Dd April 12, 2021 21f4bf4335SSam Leffler.Dt CRYPTO 9 22f4bf4335SSam Leffler.Os 23f4bf4335SSam Leffler.Sh NAME 24f4bf4335SSam Leffler.Nm crypto 25f4bf4335SSam Leffler.Nd API for cryptographic services in the kernel 26f4bf4335SSam Leffler.Sh SYNOPSIS 277621fdabSRuslan Ermilov.In opencrypto/cryptodev.h 28f4bf4335SSam Leffler.Sh DESCRIPTION 29f4bf4335SSam Leffler.Nm 30c0341432SJohn Baldwinis a framework for in-kernel cryptography. 31c0341432SJohn BaldwinIt permits in-kernel consumers to encrypt and decrypt data 32c0341432SJohn Baldwinand also enables userland applications to use cryptographic hardware 33c0341432SJohn Baldwinthrough the 341403a8c7SSam Leffler.Pa /dev/crypto 35c0341432SJohn Baldwindevice. 36f4bf4335SSam Leffler.Pp 37c0341432SJohn Baldwin.Nm 38*76681661SJohn Baldwinsupports encryption and decryption operations 39c0341432SJohn Baldwinusing block and stream ciphers as well as computation and verification 40c0341432SJohn Baldwinof message authentication codes (MACs). 41*76681661SJohn BaldwinConsumers allocate sessions to describe a transform as discussed in 42c0341432SJohn Baldwin.Xr crypto_session 9 . 43c0341432SJohn BaldwinConsumers then allocate request objects to describe each transformation 44c0341432SJohn Baldwinsuch as encrypting a network packet or decrypting a disk sector. 45c0341432SJohn BaldwinRequests are described in 46c0341432SJohn Baldwin.Xr crypto_request 9 . 47f4bf4335SSam Leffler.Pp 48c0341432SJohn BaldwinDevice drivers are responsible for processing requests submitted by 49c0341432SJohn Baldwinconsumers. 50c0341432SJohn Baldwin.Xr crypto_driver 9 51c0341432SJohn Baldwindescribes the interfaces drivers use to register with the framework, 52c0341432SJohn Baldwinhelper routines the framework provides to faciliate request processing, 53c0341432SJohn Baldwinand the interfaces drivers are required to provide. 54c0341432SJohn Baldwin.Ss Callbacks 55f4bf4335SSam LefflerSince the consumers may not be associated with a process, drivers may 561403a8c7SSam Lefflernot 571403a8c7SSam Leffler.Xr sleep 9 . 58f4bf4335SSam LefflerThe same holds for the framework. 59f4bf4335SSam LefflerThus, a callback mechanism is used 60f4bf4335SSam Lefflerto notify a consumer that a request has been completed (the 610f7e2491SChristian Brueffercallback is specified by the consumer on a per-request basis). 62f4bf4335SSam LefflerThe callback is invoked by the framework whether the request was 63f4bf4335SSam Lefflersuccessfully completed or not. 64c0341432SJohn BaldwinErrors are reported to the callback function. 65c0341432SJohn Baldwin.Pp 66c0341432SJohn BaldwinSession initialization does not use callbacks and returns errors 67c0341432SJohn Baldwinsynchronously. 68c0341432SJohn Baldwin.Ss Session Migration 69*76681661SJohn BaldwinOperations may fail with a specific error code, 70f4bf4335SSam Leffler.Er EAGAIN , 71*76681661SJohn Baldwinto indicate that a session handle has changed and that the 721b0909d5SConrad Meyerrequest may be re-submitted immediately with the new session. 73c0341432SJohn BaldwinThe consumer should update its saved copy of the session handle 74c0341432SJohn Baldwinto the value of 75c0341432SJohn Baldwin.Fa crp_session 76c0341432SJohn Baldwinso that future requests use the new session. 77c0341432SJohn Baldwin.Ss Supported Algorithms 78c0341432SJohn BaldwinMore details on some algorithms may be found in 79c0341432SJohn Baldwin.Xr crypto 7 . 80f4bf4335SSam Leffler.Pp 81c0341432SJohn BaldwinThe following authentication algorithms are supported: 82f405d8ebSJohn-Mark Gurney.Pp 83c0341432SJohn Baldwin.Bl -tag -offset indent -width CRYPTO_AES_CCM_CBC_MAC -compact 84284789e8SJohn Baldwin.It Dv CRYPTO_AES_CCM_CBC_MAC 8508fca7a5SJohn-Mark Gurney.It Dv CRYPTO_AES_NIST_GMAC 86284789e8SJohn Baldwin.It Dv CRYPTO_BLAKE2B 87284789e8SJohn Baldwin.It Dv CRYPTO_BLAKE2S 8808fca7a5SJohn-Mark Gurney.It Dv CRYPTO_NULL_HMAC 89284789e8SJohn Baldwin.It Dv CRYPTO_POLY1305 90284789e8SJohn Baldwin.It Dv CRYPTO_RIPEMD160 91b61e8b3eSChristian Brueffer.It Dv CRYPTO_RIPEMD160_HMAC 927621fdabSRuslan Ermilov.It Dv CRYPTO_SHA1 93b61e8b3eSChristian Brueffer.It Dv CRYPTO_SHA1_HMAC 94284789e8SJohn Baldwin.It Dv CRYPTO_SHA2_224 95284789e8SJohn Baldwin.It Dv CRYPTO_SHA2_224_HMAC 96284789e8SJohn Baldwin.It Dv CRYPTO_SHA2_256 9771ee05c8SPawel Jakub Dawidek.It Dv CRYPTO_SHA2_256_HMAC 98284789e8SJohn Baldwin.It Dv CRYPTO_SHA2_384 9971ee05c8SPawel Jakub Dawidek.It Dv CRYPTO_SHA2_384_HMAC 100284789e8SJohn Baldwin.It Dv CRYPTO_SHA2_512 10171ee05c8SPawel Jakub Dawidek.It Dv CRYPTO_SHA2_512_HMAC 102c0341432SJohn Baldwin.El 103c0341432SJohn Baldwin.Pp 104c0341432SJohn BaldwinThe following encryption algorithms are supported: 105c0341432SJohn Baldwin.Pp 106c0341432SJohn Baldwin.Bl -tag -offset indent -width CRYPTO_CAMELLIA_CBC -compact 107c0341432SJohn Baldwin.It Dv CRYPTO_AES_CBC 108c0341432SJohn Baldwin.It Dv CRYPTO_AES_ICM 109c0341432SJohn Baldwin.It Dv CRYPTO_AES_XTS 110c0341432SJohn Baldwin.It Dv CRYPTO_CAMELLIA_CBC 111c0341432SJohn Baldwin.It Dv CRYPTO_CHACHA20 112c0341432SJohn Baldwin.It Dv CRYPTO_NULL_CBC 1137621fdabSRuslan Ermilov.El 114c0341432SJohn Baldwin.Pp 115c0341432SJohn BaldwinThe following authenticated encryption with additional data (AEAD) 116c0341432SJohn Baldwinalgorithms are supported: 117c0341432SJohn Baldwin.Pp 118c853c53dSJohn Baldwin.Bl -tag -offset indent -width CRYPTO_CHACHA20_POLY1305 -compact 119c0341432SJohn Baldwin.It Dv CRYPTO_AES_CCM_16 120c0341432SJohn Baldwin.It Dv CRYPTO_AES_NIST_GCM_16 121c853c53dSJohn Baldwin.It Dv CRYPTO_CHACHA20_POLY1305 122f4bf4335SSam Leffler.El 123f4bf4335SSam Leffler.Pp 124c0341432SJohn BaldwinThe following compression algorithms are supported: 125f4bf4335SSam Leffler.Pp 126c0341432SJohn Baldwin.Bl -tag -offset indent -width CRYPTO_DEFLATE_COMP -compact 127c0341432SJohn Baldwin.It Dv CRYPTO_DEFLATE_COMP 128f4bf4335SSam Leffler.El 129f4bf4335SSam Leffler.Sh FILES 130627e7962SSam Leffler.Bl -tag -width ".Pa sys/opencrypto/crypto.c" 131627e7962SSam Leffler.It Pa sys/opencrypto/crypto.c 132f4bf4335SSam Lefflermost of the framework code 133f4bf4335SSam Leffler.El 134f4bf4335SSam Leffler.Sh SEE ALSO 135c7c8edc3SJohn-Mark Gurney.Xr crypto 4 , 136f4bf4335SSam Leffler.Xr ipsec 4 , 13708fca7a5SJohn-Mark Gurney.Xr crypto 7 , 138c0341432SJohn Baldwin.Xr crypto_driver 9 , 139c0341432SJohn Baldwin.Xr crypto_request 9 , 140c0341432SJohn Baldwin.Xr crypto_session 9 , 1411403a8c7SSam Leffler.Xr sleep 9 142f4bf4335SSam Leffler.Sh HISTORY 143f4bf4335SSam LefflerThe cryptographic framework first appeared in 1447621fdabSRuslan Ermilov.Ox 2.7 1457621fdabSRuslan Ermilovand was written by 1468a7314fcSBaptiste Daroussin.An Angelos D. Keromytis Aq Mt angelos@openbsd.org . 147f4bf4335SSam Leffler.Sh BUGS 148c0341432SJohn BaldwinThe framework needs a mechanism for determining which driver is 149f4bf4335SSam Lefflerbest for a specific set of algorithms associated with a session. 150f4bf4335SSam LefflerSome type of benchmarking is in order here. 151