1470e851cSJohn Baldwin /*- 24d846d26SWarner Losh * SPDX-License-Identifier: BSD-2-Clause 3470e851cSJohn Baldwin * 4470e851cSJohn Baldwin * Copyright (c) 2021 Netflix Inc. 5470e851cSJohn Baldwin * 6470e851cSJohn Baldwin * Redistribution and use in source and binary forms, with or without 7470e851cSJohn Baldwin * modification, are permitted provided that the following conditions 8470e851cSJohn Baldwin * are met: 9470e851cSJohn Baldwin * 1. Redistributions of source code must retain the above copyright 10470e851cSJohn Baldwin * notice, this list of conditions and the following disclaimer. 11470e851cSJohn Baldwin * 2. Redistributions in binary form must reproduce the above copyright 12470e851cSJohn Baldwin * notice, this list of conditions and the following disclaimer in the 13470e851cSJohn Baldwin * documentation and/or other materials provided with the distribution. 14470e851cSJohn Baldwin * 15470e851cSJohn Baldwin * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 16470e851cSJohn Baldwin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17470e851cSJohn Baldwin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18470e851cSJohn Baldwin * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 19470e851cSJohn Baldwin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20470e851cSJohn Baldwin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21470e851cSJohn Baldwin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22470e851cSJohn Baldwin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23470e851cSJohn Baldwin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24470e851cSJohn Baldwin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25470e851cSJohn Baldwin * SUCH DAMAGE. 26470e851cSJohn Baldwin */ 27470e851cSJohn Baldwin 28470e851cSJohn Baldwin #ifndef __OPENCRYPTO_KTLS_H__ 29470e851cSJohn Baldwin #define __OPENCRYPTO_KTLS_H__ 30470e851cSJohn Baldwin 31470e851cSJohn Baldwin #define MAX_TLS_PAGES (1 + btoc(TLS_MAX_MSG_SIZE_V10_2)) 32470e851cSJohn Baldwin 33470e851cSJohn Baldwin struct ktls_ocf_encrypt_state { 34470e851cSJohn Baldwin struct socket *so; 35470e851cSJohn Baldwin struct mbuf *m; 36470e851cSJohn Baldwin void *cbuf; 37470e851cSJohn Baldwin struct iovec dst_iov[MAX_TLS_PAGES + 2]; 38470e851cSJohn Baldwin vm_paddr_t parray[MAX_TLS_PAGES + 1]; 39470e851cSJohn Baldwin 40470e851cSJohn Baldwin struct cryptop crp; 41470e851cSJohn Baldwin struct uio uio; 42470e851cSJohn Baldwin union { 43470e851cSJohn Baldwin struct tls_mac_data mac; 44470e851cSJohn Baldwin struct tls_aead_data aead; 45470e851cSJohn Baldwin struct tls_aead_data_13 aead13; 46470e851cSJohn Baldwin }; 47470e851cSJohn Baldwin }; 48470e851cSJohn Baldwin 49470e851cSJohn Baldwin void ktls_encrypt_cb(struct ktls_ocf_encrypt_state *state, int error); 50470e851cSJohn Baldwin void ktls_ocf_free(struct ktls_session *tls); 51*5dfca6c3SMark Johnston int ktls_ocf_try(struct ktls_session *tls, int direction); 52a4c5d490SJohn Baldwin int ktls_ocf_encrypt(struct ktls_ocf_encrypt_state *state, 53a4c5d490SJohn Baldwin struct ktls_session *tls, struct mbuf *m, struct iovec *outiov, 54a4c5d490SJohn Baldwin int outiovcnt); 55a4c5d490SJohn Baldwin int ktls_ocf_decrypt(struct ktls_session *tls, 56a4c5d490SJohn Baldwin const struct tls_record_layer *hdr, struct mbuf *m, uint64_t seqno, 57a4c5d490SJohn Baldwin int *trailer_len); 58a8280123SJohn Baldwin int ktls_ocf_recrypt(struct ktls_session *tls, 59a8280123SJohn Baldwin const struct tls_record_layer *hdr, struct mbuf *m, uint64_t seqno); 60a8280123SJohn Baldwin bool ktls_ocf_recrypt_supported(struct ktls_session *tls); 61470e851cSJohn Baldwin 62470e851cSJohn Baldwin #endif /* !__OPENCRYPTO_KTLS_H__ */ 63