1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, Joyent, Inc.
*/
#ifndef _SOFTCRYPT_H
#define _SOFTCRYPT_H
#ifdef __cplusplus
extern "C" {
#endif
#include <sys/types.h>
#include <security/pkcs11t.h>
#include <modes/modes.h>
#include <aes_impl.h>
#include <blowfish_impl.h>
#include <des_impl.h>
#include "softObject.h"
#include "softSession.h"
#define DES_MAC_LEN (DES_BLOCK_LEN / 2)
typedef struct soft_des_ctx {
void *key_sched; /* pointer to key schedule */
size_t keysched_len; /* Length of the key schedule */
uint8_t ivec[DES_BLOCK_LEN]; /* initialization vector */
uint8_t data[DES_BLOCK_LEN]; /* for use by update */
size_t remain_len; /* for use by update */
void *des_cbc; /* to be used by CBC mode */
CK_KEY_TYPE key_type; /* used to determine DES or DES3 */
size_t mac_len; /* digest len in bytes */
} soft_des_ctx_t;
typedef struct soft_blowfish_ctx {
void *key_sched; /* pointer to key schedule */
size_t keysched_len; /* Length of the key schedule */
uint8_t ivec[BLOWFISH_BLOCK_LEN]; /* initialization vector */
uint8_t data[BLOWFISH_BLOCK_LEN]; /* for use by update */
size_t remain_len; /* for use by update */
void *blowfish_cbc; /* to be used by CBC mode */
} soft_blowfish_ctx_t;
/*
* For sign/verify operations, the hash generated is AES_BLOCK_LEN bytes long,
* however for CKM_AES_CMAC_GENERAL, one can specify a smaller hash size if
* desired (the output being the output of CKM_AES_CMAC truncated to the
* specified size). Since this size is specified in the C_{Sign,Verify}Init()
* call, we must carry it through to the C_{Sign,Verify}Final() call via
* the mac_len field.
*
* Note that the context pointed to by aes_ctx is cleaned up as part of the
* soft_aes_encrypt() calls.
*/
typedef struct soft_aes_sign_ctx {
aes_ctx_t *aes_ctx;
size_t mac_len;
} soft_aes_sign_ctx_t;
/*
* Function Prototypes.
*/
void *des_cbc_ctx_init(void *, size_t, uint8_t *, CK_KEY_TYPE);
CK_RV soft_des_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR,
soft_object_t *, boolean_t);
CK_RV soft_des_encrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
CK_RV soft_des_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
CK_RV soft_des_sign_verify_common(soft_session_t *, CK_BYTE_PTR,
CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR,
boolean_t, boolean_t);
CK_RV soft_des_sign_verify_init_common(soft_session_t *, CK_MECHANISM_PTR,
soft_object_t *, boolean_t);
CK_RV soft_des_mac_sign_verify_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG);
void soft_add_pkcs7_padding(CK_BYTE *, int, CK_ULONG);
CK_RV soft_remove_pkcs7_padding(CK_BYTE *, CK_ULONG, CK_ULONG *);
CK_RV soft_arcfour_crypt_init(soft_session_t *, CK_MECHANISM_PTR,
soft_object_t *, boolean_t);
CK_RV soft_arcfour_crypt(crypto_active_op_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR,
soft_object_t *, boolean_t);
CK_RV soft_aes_encrypt(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_decrypt(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_encrypt_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_decrypt_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_encrypt_final(soft_session_t *, CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_decrypt_final(soft_session_t *, CK_BYTE_PTR, CK_ULONG_PTR);
CK_RV soft_aes_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
CK_RV soft_aes_sign_verify_common(soft_session_t *, CK_BYTE_PTR,
CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR,
boolean_t, boolean_t);
CK_RV soft_aes_sign_verify_init_common(soft_session_t *, CK_MECHANISM_PTR,
soft_object_t *, boolean_t);
CK_RV soft_aes_mac_sign_verify_update(soft_session_t *, CK_BYTE_PTR, CK_ULONG);
void soft_aes_free_ctx(aes_ctx_t *);
void *blowfish_cbc_ctx_init(void *, size_t, uint8_t *);
CK_RV soft_blowfish_crypt_init_common(soft_session_t *, CK_MECHANISM_PTR,
soft_object_t *, boolean_t);
CK_RV soft_blowfish_encrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
CK_RV soft_blowfish_decrypt_common(soft_session_t *, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG_PTR, boolean_t);
#ifdef __cplusplus
}
#endif
#endif /* _SOFTCRYPT_H */
|
