6693650 kernel implementation of AES lacks support for >64 bits long AES counter

1 files changed, 55 insertions, 33 deletions

diff --git a/usr/src/common/crypto/modes/modes.h b/usr/src/common/crypto/modes/modes.h
index be57747bcd..f5781f9270 100644
--- a/usr/src/common/crypto/modes/modes.h
+++ b/usr/src/common/crypto/modes/modes.h
@@ -26,8 +26,6 @@
 #ifndef	_COMMON_CRYPTO_MODES_H
 #define	_COMMON_CRYPTO_MODES_H
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #ifdef	__cplusplus
 extern "C" {
 #endif
@@ -60,8 +58,6 @@ extern "C" {
  *
  * cc_iv:		Scratch buffer that sometimes contains the IV.
  *
- * cc_lastblock:	Scratch buffer.
- *
  * cc_lastp:		Pointer to previous block of ciphertext.
  *
  * cc_copy_to:		Pointer to where encrypted residual data needs
@@ -79,7 +75,6 @@ struct common_ctx {
 	void *cc_keysched;
 	size_t cc_keysched_len;
 	uint64_t cc_iv[2];
-	uint64_t cc_lastblock[2];
 	uint64_t cc_remainder[2];
 	size_t cc_remainder_len;
 	uint8_t *cc_lastp;
@@ -87,26 +82,53 @@ struct common_ctx {
 	uint32_t cc_flags;
 };
 
-typedef struct common_ctx ecb_ctx_t;
-typedef struct common_ctx cbc_ctx_t;
 typedef struct common_ctx common_ctx_t;
 
+typedef struct ecb_ctx {
+	struct common_ctx ecb_common;
+	uint64_t ecb_lastblock[2];
+} ecb_ctx_t;
+
+#define	ecb_keysched		ecb_common.cc_keysched
+#define	ecb_keysched_len	ecb_common.cc_keysched_len
+#define	ecb_iv			ecb_common.cc_iv
+#define	ecb_remainder		ecb_common.cc_remainder
+#define	ecb_remainder_len	ecb_common.cc_remainder_len
+#define	ecb_lastp		ecb_common.cc_lastp
+#define	ecb_copy_to		ecb_common.cc_copy_to
+#define	ecb_flags		ecb_common.cc_flags
+
+typedef struct cbc_ctx {
+	struct common_ctx cbc_common;
+	uint64_t cbc_lastblock[2];
+} cbc_ctx_t;
+
+#define	cbc_keysched		cbc_common.cc_keysched
+#define	cbc_keysched_len	cbc_common.cc_keysched_len
+#define	cbc_iv			cbc_common.cc_iv
+#define	cbc_remainder		cbc_common.cc_remainder
+#define	cbc_remainder_len	cbc_common.cc_remainder_len
+#define	cbc_lastp		cbc_common.cc_lastp
+#define	cbc_copy_to		cbc_common.cc_copy_to
+#define	cbc_flags		cbc_common.cc_flags
+
+/*
+ * ctr_lower_mask		Bit-mask for lower 8 bytes of counter block.
+ * ctr_upper_mask		Bit-mask for upper 8 bytes of counter block.
+ */
 typedef struct ctr_ctx {
 	struct common_ctx ctr_common;
+	uint64_t ctr_lower_mask;
+	uint64_t ctr_upper_mask;
 	uint32_t ctr_tmp[4];
 } ctr_ctx_t;
 
 /*
- * ctr_cb                Counter block.
- *
- * ctr_counter_mask      Mask of counter bits in the last 8 bytes of the
- *                       counter block.
+ * ctr_cb			Counter block.
  */
-
 #define	ctr_keysched		ctr_common.cc_keysched
 #define	ctr_keysched_len	ctr_common.cc_keysched_len
 #define	ctr_cb			ctr_common.cc_iv
-#define	ctr_counter_mask	ctr_common.cc_lastblock[0]
 #define	ctr_remainder		ctr_common.cc_remainder
 #define	ctr_remainder_len	ctr_common.cc_remainder_len
 #define	ctr_lastp		ctr_common.cc_lastp
@@ -142,12 +164,12 @@ typedef struct ccm_ctx {
 	size_t ccm_processed_mac_len;
 	uint8_t *ccm_pt_buf;
 	uint64_t ccm_mac_input_buf[2];
+	uint64_t ccm_counter_mask;
 } ccm_ctx_t;
 
 #define	ccm_keysched		ccm_common.cc_keysched
 #define	ccm_keysched_len	ccm_common.cc_keysched_len
 #define	ccm_cb			ccm_common.cc_iv
-#define	ccm_counter_mask	ccm_common.cc_lastblock[0]
 #define	ccm_remainder		ccm_common.cc_remainder
 #define	ccm_remainder_len	ccm_common.cc_remainder_len
 #define	ccm_lastp		ccm_common.cc_lastp
@@ -165,12 +187,12 @@ typedef struct aes_ctx {
 	} acu;
 } aes_ctx_t;
 
-#define	ac_flags		acu.acu_ecb.cc_flags
-#define	ac_remainder_len	acu.acu_ecb.cc_remainder_len
-#define	ac_keysched		acu.acu_ecb.cc_keysched
-#define	ac_keysched_len		acu.acu_ecb.cc_keysched_len
-#define	ac_iv			acu.acu_ecb.cc_iv
-#define	ac_lastp		acu.acu_ecb.cc_lastp
+#define	ac_flags		acu.acu_ecb.ecb_common.cc_flags
+#define	ac_remainder_len	acu.acu_ecb.ecb_common.cc_remainder_len
+#define	ac_keysched		acu.acu_ecb.ecb_common.cc_keysched
+#define	ac_keysched_len		acu.acu_ecb.ecb_common.cc_keysched_len
+#define	ac_iv			acu.acu_ecb.ecb_common.cc_iv
+#define	ac_lastp		acu.acu_ecb.ecb_common.cc_lastp
 #define	ac_pt_buf		acu.acu_ccm.ccm_pt_buf
 #define	ac_mac_len		acu.acu_ccm.ccm_mac_len
 #define	ac_data_len		acu.acu_ccm.ccm_data_len
@@ -184,12 +206,12 @@ typedef struct blowfish_ctx {
 	} bcu;
 } blowfish_ctx_t;
 
-#define	bc_flags		bcu.bcu_ecb.cc_flags
-#define	bc_remainder_len	bcu.bcu_ecb.cc_remainder_len
-#define	bc_keysched		bcu.bcu_ecb.cc_keysched
-#define	bc_keysched_len		bcu.bcu_ecb.cc_keysched_len
-#define	bc_iv			bcu.bcu_ecb.cc_iv
-#define	bc_lastp		bcu.bcu_ecb.cc_lastp
+#define	bc_flags		bcu.bcu_ecb.ecb_common.cc_flags
+#define	bc_remainder_len	bcu.bcu_ecb.ecb_common.cc_remainder_len
+#define	bc_keysched		bcu.bcu_ecb.ecb_common.cc_keysched
+#define	bc_keysched_len		bcu.bcu_ecb.ecb_common.cc_keysched_len
+#define	bc_iv			bcu.bcu_ecb.ecb_common.cc_iv
+#define	bc_lastp		bcu.bcu_ecb.ecb_common.cc_lastp
 
 typedef struct des_ctx {
 	union {
@@ -198,14 +220,14 @@ typedef struct des_ctx {
 	} dcu;
 } des_ctx_t;
 
-#define	dc_flags		dcu.dcu_ecb.cc_flags
-#define	dc_remainder_len	dcu.dcu_ecb.cc_remainder_len
-#define	dc_keysched		dcu.dcu_ecb.cc_keysched
-#define	dc_keysched_len		dcu.dcu_ecb.cc_keysched_len
-#define	dc_iv			dcu.dcu_ecb.cc_iv
-#define	dc_lastp		dcu.dcu_ecb.cc_lastp
+#define	dc_flags		dcu.dcu_ecb.ecb_common.cc_flags
+#define	dc_remainder_len	dcu.dcu_ecb.ecb_common.cc_remainder_len
+#define	dc_keysched		dcu.dcu_ecb.ecb_common.cc_keysched
+#define	dc_keysched_len		dcu.dcu_ecb.ecb_common.cc_keysched_len
+#define	dc_iv			dcu.dcu_ecb.ecb_common.cc_iv
+#define	dc_lastp		dcu.dcu_ecb.ecb_common.cc_lastp
 
-extern int ecb_cipher_contiguous_blocks(cbc_ctx_t *, char *, size_t,
+extern int ecb_cipher_contiguous_blocks(ecb_ctx_t *, char *, size_t,
     crypto_data_t *, size_t, int (*cipher)(const void *, const uint8_t *,
     uint8_t *));