cryptosoft_xform.c revision 1.12.4.1
1 /* $NetBSD: cryptosoft_xform.c,v 1.12.4.1 2011/03/05 20:56:05 rmind Exp $ */ 2 /* $FreeBSD: src/sys/opencrypto/xform.c,v 1.1.2.1 2002/11/21 23:34:23 sam Exp $ */ 3 /* $OpenBSD: xform.c,v 1.19 2002/08/16 22:47:25 dhartmei Exp $ */ 4 5 /* 6 * The authors of this code are John Ioannidis (ji (at) tla.org), 7 * Angelos D. Keromytis (kermit (at) csd.uch.gr) and 8 * Niels Provos (provos (at) physnet.uni-hamburg.de). 9 * 10 * This code was written by John Ioannidis for BSD/OS in Athens, Greece, 11 * in November 1995. 12 * 13 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, 14 * by Angelos D. Keromytis. 15 * 16 * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis 17 * and Niels Provos. 18 * 19 * Additional features in 1999 by Angelos D. Keromytis. 20 * 21 * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, 22 * Angelos D. Keromytis and Niels Provos. 23 * 24 * Copyright (C) 2001, Angelos D. Keromytis. 25 * 26 * Permission to use, copy, and modify this software with or without fee 27 * is hereby granted, provided that this entire notice is included in 28 * all copies of any software which is or includes a copy or 29 * modification of this software. 30 * You may use this code under the GNU public license if you so wish. Please 31 * contribute changes back to the authors under this freer than GPL license 32 * so that we may further the use of strong encryption without limitations to 33 * all. 34 * 35 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 36 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 37 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 38 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 39 * PURPOSE. 40 */ 41 42 #include <sys/cdefs.h> 43 __KERNEL_RCSID(1, "$NetBSD: cryptosoft_xform.c,v 1.12.4.1 2011/03/05 20:56:05 rmind Exp $"); 44 45 #include <crypto/blowfish/blowfish.h> 46 #include <crypto/cast128/cast128.h> 47 #include <crypto/des/des.h> 48 #include <crypto/rijndael/rijndael.h> 49 #include <crypto/skipjack/skipjack.h> 50 51 #include <opencrypto/deflate.h> 52 53 #include <sys/md5.h> 54 #include <sys/rmd160.h> 55 #include <sys/sha1.h> 56 57 struct swcr_auth_hash { 58 const struct auth_hash *auth_hash; 59 void (*Init)(void *); 60 int (*Update)(void *, const uint8_t *, uint16_t); 61 void (*Final)(uint8_t *, void *); 62 }; 63 64 struct swcr_enc_xform { 65 const struct enc_xform *enc_xform; 66 void (*encrypt)(void *, uint8_t *); 67 void (*decrypt)(void *, uint8_t *); 68 int (*setkey)(uint8_t **, const uint8_t *, int len); 69 void (*zerokey)(uint8_t **); 70 }; 71 72 struct swcr_comp_algo { 73 const struct comp_algo *unused_comp_algo; 74 uint32_t (*compress)(uint8_t *, uint32_t, uint8_t **); 75 uint32_t (*decompress)(uint8_t *, uint32_t, uint8_t **, int); 76 }; 77 78 static void null_encrypt(void *, u_int8_t *); 79 static void null_decrypt(void *, u_int8_t *); 80 static int null_setkey(u_int8_t **, const u_int8_t *, int); 81 static void null_zerokey(u_int8_t **); 82 83 static int des1_setkey(u_int8_t **, const u_int8_t *, int); 84 static int des3_setkey(u_int8_t **, const u_int8_t *, int); 85 static int blf_setkey(u_int8_t **, const u_int8_t *, int); 86 static int cast5_setkey(u_int8_t **, const u_int8_t *, int); 87 static int skipjack_setkey(u_int8_t **, const u_int8_t *, int); 88 static int rijndael128_setkey(u_int8_t **, const u_int8_t *, int); 89 static void des1_encrypt(void *, u_int8_t *); 90 static void des3_encrypt(void *, u_int8_t *); 91 static void blf_encrypt(void *, u_int8_t *); 92 static void cast5_encrypt(void *, u_int8_t *); 93 static void skipjack_encrypt(void *, u_int8_t *); 94 static void rijndael128_encrypt(void *, u_int8_t *); 95 static void des1_decrypt(void *, u_int8_t *); 96 static void des3_decrypt(void *, u_int8_t *); 97 static void blf_decrypt(void *, u_int8_t *); 98 static void cast5_decrypt(void *, u_int8_t *); 99 static void skipjack_decrypt(void *, u_int8_t *); 100 static void rijndael128_decrypt(void *, u_int8_t *); 101 static void des1_zerokey(u_int8_t **); 102 static void des3_zerokey(u_int8_t **); 103 static void blf_zerokey(u_int8_t **); 104 static void cast5_zerokey(u_int8_t **); 105 static void skipjack_zerokey(u_int8_t **); 106 static void rijndael128_zerokey(u_int8_t **); 107 108 static void null_init(void *); 109 static int null_update(void *, const u_int8_t *, u_int16_t); 110 static void null_final(u_int8_t *, void *); 111 112 static int MD5Update_int(void *, const u_int8_t *, u_int16_t); 113 static void SHA1Init_int(void *); 114 static int SHA1Update_int(void *, const u_int8_t *, u_int16_t); 115 static void SHA1Final_int(u_int8_t *, void *); 116 117 118 static int RMD160Update_int(void *, const u_int8_t *, u_int16_t); 119 static int SHA1Update_int(void *, const u_int8_t *, u_int16_t); 120 static void SHA1Final_int(u_int8_t *, void *); 121 static int RMD160Update_int(void *, const u_int8_t *, u_int16_t); 122 static int SHA256Update_int(void *, const u_int8_t *, u_int16_t); 123 static int SHA384Update_int(void *, const u_int8_t *, u_int16_t); 124 static int SHA512Update_int(void *, const u_int8_t *, u_int16_t); 125 126 static u_int32_t deflate_compress(u_int8_t *, u_int32_t, u_int8_t **); 127 static u_int32_t deflate_decompress(u_int8_t *, u_int32_t, u_int8_t **, int); 128 static u_int32_t gzip_compress(u_int8_t *, u_int32_t, u_int8_t **); 129 static u_int32_t gzip_decompress(u_int8_t *, u_int32_t, u_int8_t **, int); 130 131 /* Encryption instances */ 132 static const struct swcr_enc_xform swcr_enc_xform_null = { 133 &enc_xform_null, 134 null_encrypt, 135 null_decrypt, 136 null_setkey, 137 null_zerokey, 138 }; 139 140 static const struct swcr_enc_xform swcr_enc_xform_des = { 141 &enc_xform_des, 142 des1_encrypt, 143 des1_decrypt, 144 des1_setkey, 145 des1_zerokey, 146 }; 147 148 static const struct swcr_enc_xform swcr_enc_xform_3des = { 149 &enc_xform_3des, 150 des3_encrypt, 151 des3_decrypt, 152 des3_setkey, 153 des3_zerokey 154 }; 155 156 static const struct swcr_enc_xform swcr_enc_xform_blf = { 157 &enc_xform_blf, 158 blf_encrypt, 159 blf_decrypt, 160 blf_setkey, 161 blf_zerokey 162 }; 163 164 static const struct swcr_enc_xform swcr_enc_xform_cast5 = { 165 &enc_xform_cast5, 166 cast5_encrypt, 167 cast5_decrypt, 168 cast5_setkey, 169 cast5_zerokey 170 }; 171 172 static const struct swcr_enc_xform swcr_enc_xform_skipjack = { 173 &enc_xform_skipjack, 174 skipjack_encrypt, 175 skipjack_decrypt, 176 skipjack_setkey, 177 skipjack_zerokey 178 }; 179 180 static const struct swcr_enc_xform swcr_enc_xform_rijndael128 = { 181 &enc_xform_rijndael128, 182 rijndael128_encrypt, 183 rijndael128_decrypt, 184 rijndael128_setkey, 185 rijndael128_zerokey, 186 }; 187 188 static const struct swcr_enc_xform swcr_enc_xform_arc4 = { 189 &enc_xform_arc4, 190 NULL, 191 NULL, 192 NULL, 193 NULL, 194 }; 195 196 /* Authentication instances */ 197 static const struct swcr_auth_hash swcr_auth_hash_null = { 198 &auth_hash_null, 199 null_init, null_update, null_final 200 }; 201 202 static const struct swcr_auth_hash swcr_auth_hash_hmac_md5 = { 203 &auth_hash_hmac_md5, 204 (void (*) (void *)) MD5Init, MD5Update_int, 205 (void (*) (u_int8_t *, void *)) MD5Final 206 }; 207 208 static const struct swcr_auth_hash swcr_auth_hash_hmac_sha1 = { 209 &auth_hash_hmac_sha1, 210 SHA1Init_int, SHA1Update_int, SHA1Final_int 211 }; 212 213 static const struct swcr_auth_hash swcr_auth_hash_hmac_ripemd_160 = { 214 &auth_hash_hmac_ripemd_160, 215 (void (*)(void *)) RMD160Init, RMD160Update_int, 216 (void (*)(u_int8_t *, void *)) RMD160Final 217 }; 218 static const struct swcr_auth_hash swcr_auth_hash_hmac_md5_96 = { 219 &auth_hash_hmac_md5_96, 220 (void (*) (void *)) MD5Init, MD5Update_int, 221 (void (*) (u_int8_t *, void *)) MD5Final 222 }; 223 224 static const struct swcr_auth_hash swcr_auth_hash_hmac_sha1_96 = { 225 &auth_hash_hmac_sha1_96, 226 SHA1Init_int, SHA1Update_int, SHA1Final_int 227 }; 228 229 static const struct swcr_auth_hash swcr_auth_hash_hmac_ripemd_160_96 = { 230 &auth_hash_hmac_ripemd_160_96, 231 (void (*)(void *)) RMD160Init, RMD160Update_int, 232 (void (*)(u_int8_t *, void *)) RMD160Final 233 }; 234 235 static const struct swcr_auth_hash swcr_auth_hash_key_md5 = { 236 &auth_hash_key_md5, 237 (void (*)(void *)) MD5Init, MD5Update_int, 238 (void (*)(u_int8_t *, void *)) MD5Final 239 }; 240 241 static const struct swcr_auth_hash swcr_auth_hash_key_sha1 = { 242 &auth_hash_key_sha1, 243 SHA1Init_int, SHA1Update_int, SHA1Final_int 244 }; 245 246 static const struct swcr_auth_hash swcr_auth_hash_md5 = { 247 &auth_hash_md5, 248 (void (*) (void *)) MD5Init, MD5Update_int, 249 (void (*) (u_int8_t *, void *)) MD5Final 250 }; 251 252 static const struct swcr_auth_hash swcr_auth_hash_sha1 = { 253 &auth_hash_sha1, 254 (void (*)(void *)) SHA1Init, SHA1Update_int, 255 (void (*)(u_int8_t *, void *)) SHA1Final 256 }; 257 258 static const struct swcr_auth_hash swcr_auth_hash_hmac_sha2_256 = { 259 &auth_hash_hmac_sha2_256, 260 (void (*)(void *)) SHA256_Init, SHA256Update_int, 261 (void (*)(u_int8_t *, void *)) SHA256_Final 262 }; 263 264 static const struct swcr_auth_hash swcr_auth_hash_hmac_sha2_384 = { 265 &auth_hash_hmac_sha2_384, 266 (void (*)(void *)) SHA384_Init, SHA384Update_int, 267 (void (*)(u_int8_t *, void *)) SHA384_Final 268 }; 269 270 static const struct swcr_auth_hash swcr_auth_hash_hmac_sha2_512 = { 271 &auth_hash_hmac_sha2_384, 272 (void (*)(void *)) SHA512_Init, SHA512Update_int, 273 (void (*)(u_int8_t *, void *)) SHA512_Final 274 }; 275 276 /* Compression instance */ 277 static const struct swcr_comp_algo swcr_comp_algo_deflate = { 278 &comp_algo_deflate, 279 deflate_compress, 280 deflate_decompress 281 }; 282 283 static const struct swcr_comp_algo swcr_comp_algo_deflate_nogrow = { 284 &comp_algo_deflate_nogrow, 285 deflate_compress, 286 deflate_decompress 287 }; 288 289 static const struct swcr_comp_algo swcr_comp_algo_gzip = { 290 &comp_algo_deflate, 291 gzip_compress, 292 gzip_decompress 293 }; 294 295 /* 296 * Encryption wrapper routines. 297 */ 298 static void 299 null_encrypt(void *key, u_int8_t *blk) 300 { 301 } 302 static void 303 null_decrypt(void *key, u_int8_t *blk) 304 { 305 } 306 static int 307 null_setkey(u_int8_t **sched, const u_int8_t *key, int len) 308 { 309 *sched = NULL; 310 return 0; 311 } 312 static void 313 null_zerokey(u_int8_t **sched) 314 { 315 *sched = NULL; 316 } 317 318 static void 319 des1_encrypt(void *key, u_int8_t *blk) 320 { 321 des_cblock *cb = (des_cblock *) blk; 322 des_key_schedule *p = (des_key_schedule *) key; 323 324 des_ecb_encrypt(cb, cb, p[0], DES_ENCRYPT); 325 } 326 327 static void 328 des1_decrypt(void *key, u_int8_t *blk) 329 { 330 des_cblock *cb = (des_cblock *) blk; 331 des_key_schedule *p = (des_key_schedule *) key; 332 333 des_ecb_encrypt(cb, cb, p[0], DES_DECRYPT); 334 } 335 336 static int 337 des1_setkey(u_int8_t **sched, const u_int8_t *key, int len) 338 { 339 des_key_schedule *p; 340 int err; 341 342 p = malloc(sizeof (des_key_schedule), 343 M_CRYPTO_DATA, M_NOWAIT|M_ZERO); 344 if (p != NULL) { 345 des_set_key((des_cblock *)__UNCONST(key), p[0]); 346 err = 0; 347 } else 348 err = ENOMEM; 349 *sched = (u_int8_t *) p; 350 return err; 351 } 352 353 static void 354 des1_zerokey(u_int8_t **sched) 355 { 356 memset(*sched, 0, sizeof (des_key_schedule)); 357 free(*sched, M_CRYPTO_DATA); 358 *sched = NULL; 359 } 360 361 static void 362 des3_encrypt(void *key, u_int8_t *blk) 363 { 364 des_cblock *cb = (des_cblock *) blk; 365 des_key_schedule *p = (des_key_schedule *) key; 366 367 des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_ENCRYPT); 368 } 369 370 static void 371 des3_decrypt(void *key, u_int8_t *blk) 372 { 373 des_cblock *cb = (des_cblock *) blk; 374 des_key_schedule *p = (des_key_schedule *) key; 375 376 des_ecb3_encrypt(cb, cb, p[0], p[1], p[2], DES_DECRYPT); 377 } 378 379 static int 380 des3_setkey(u_int8_t **sched, const u_int8_t *key, int len) 381 { 382 des_key_schedule *p; 383 int err; 384 385 p = malloc(3*sizeof (des_key_schedule), 386 M_CRYPTO_DATA, M_NOWAIT|M_ZERO); 387 if (p != NULL) { 388 des_set_key((des_cblock *)__UNCONST(key + 0), p[0]); 389 des_set_key((des_cblock *)__UNCONST(key + 8), p[1]); 390 des_set_key((des_cblock *)__UNCONST(key + 16), p[2]); 391 err = 0; 392 } else 393 err = ENOMEM; 394 *sched = (u_int8_t *) p; 395 return err; 396 } 397 398 static void 399 des3_zerokey(u_int8_t **sched) 400 { 401 memset(*sched, 0, 3*sizeof (des_key_schedule)); 402 free(*sched, M_CRYPTO_DATA); 403 *sched = NULL; 404 } 405 406 static void 407 blf_encrypt(void *key, u_int8_t *blk) 408 { 409 410 BF_ecb_encrypt(blk, blk, (BF_KEY *)key, 1); 411 } 412 413 static void 414 blf_decrypt(void *key, u_int8_t *blk) 415 { 416 417 BF_ecb_encrypt(blk, blk, (BF_KEY *)key, 0); 418 } 419 420 static int 421 blf_setkey(u_int8_t **sched, const u_int8_t *key, int len) 422 { 423 int err; 424 425 *sched = malloc(sizeof(BF_KEY), 426 M_CRYPTO_DATA, M_NOWAIT|M_ZERO); 427 if (*sched != NULL) { 428 BF_set_key((BF_KEY *) *sched, len, key); 429 err = 0; 430 } else 431 err = ENOMEM; 432 return err; 433 } 434 435 static void 436 blf_zerokey(u_int8_t **sched) 437 { 438 memset(*sched, 0, sizeof(BF_KEY)); 439 free(*sched, M_CRYPTO_DATA); 440 *sched = NULL; 441 } 442 443 static void 444 cast5_encrypt(void *key, u_int8_t *blk) 445 { 446 cast128_encrypt((cast128_key *) key, blk, blk); 447 } 448 449 static void 450 cast5_decrypt(void *key, u_int8_t *blk) 451 { 452 cast128_decrypt((cast128_key *) key, blk, blk); 453 } 454 455 static int 456 cast5_setkey(u_int8_t **sched, const u_int8_t *key, int len) 457 { 458 int err; 459 460 *sched = malloc(sizeof(cast128_key), M_CRYPTO_DATA, 461 M_NOWAIT|M_ZERO); 462 if (*sched != NULL) { 463 cast128_setkey((cast128_key *)*sched, key, len); 464 err = 0; 465 } else 466 err = ENOMEM; 467 return err; 468 } 469 470 static void 471 cast5_zerokey(u_int8_t **sched) 472 { 473 memset(*sched, 0, sizeof(cast128_key)); 474 free(*sched, M_CRYPTO_DATA); 475 *sched = NULL; 476 } 477 478 static void 479 skipjack_encrypt(void *key, u_int8_t *blk) 480 { 481 skipjack_forwards(blk, blk, (u_int8_t **) key); 482 } 483 484 static void 485 skipjack_decrypt(void *key, u_int8_t *blk) 486 { 487 skipjack_backwards(blk, blk, (u_int8_t **) key); 488 } 489 490 static int 491 skipjack_setkey(u_int8_t **sched, const u_int8_t *key, int len) 492 { 493 int err; 494 495 /* NB: allocate all the memory that's needed at once */ 496 /* XXX assumes bytes are aligned on sizeof(u_char) == 1 boundaries. 497 * Will this break a pdp-10, Cray-1, or GE-645 port? 498 */ 499 *sched = malloc(10 * (sizeof(u_int8_t *) + 0x100), 500 M_CRYPTO_DATA, M_NOWAIT|M_ZERO); 501 502 if (*sched != NULL) { 503 504 u_int8_t** key_tables = (u_int8_t**) *sched; 505 u_int8_t* table = (u_int8_t*) &key_tables[10]; 506 int k; 507 508 for (k = 0; k < 10; k++) { 509 key_tables[k] = table; 510 table += 0x100; 511 } 512 subkey_table_gen(key, (u_int8_t **) *sched); 513 err = 0; 514 } else 515 err = ENOMEM; 516 return err; 517 } 518 519 static void 520 skipjack_zerokey(u_int8_t **sched) 521 { 522 memset(*sched, 0, 10 * (sizeof(u_int8_t *) + 0x100)); 523 free(*sched, M_CRYPTO_DATA); 524 *sched = NULL; 525 } 526 527 static void 528 rijndael128_encrypt(void *key, u_int8_t *blk) 529 { 530 rijndael_encrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); 531 } 532 533 static void 534 rijndael128_decrypt(void *key, u_int8_t *blk) 535 { 536 rijndael_decrypt((rijndael_ctx *) key, (u_char *) blk, 537 (u_char *) blk); 538 } 539 540 static int 541 rijndael128_setkey(u_int8_t **sched, const u_int8_t *key, int len) 542 { 543 int err; 544 545 *sched = malloc(sizeof(rijndael_ctx), M_CRYPTO_DATA, 546 M_NOWAIT|M_ZERO); 547 if (*sched != NULL) { 548 rijndael_set_key((rijndael_ctx *) *sched, key, len * 8); 549 err = 0; 550 } else 551 err = ENOMEM; 552 return err; 553 } 554 555 static void 556 rijndael128_zerokey(u_int8_t **sched) 557 { 558 memset(*sched, 0, sizeof(rijndael_ctx)); 559 free(*sched, M_CRYPTO_DATA); 560 *sched = NULL; 561 } 562 563 /* 564 * And now for auth. 565 */ 566 567 static void 568 null_init(void *ctx) 569 { 570 } 571 572 static int 573 null_update(void *ctx, const u_int8_t *buf, 574 u_int16_t len) 575 { 576 return 0; 577 } 578 579 static void 580 null_final(u_int8_t *buf, void *ctx) 581 { 582 if (buf != (u_int8_t *) 0) 583 memset(buf, 0, 12); 584 } 585 586 static int 587 RMD160Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) 588 { 589 RMD160Update(ctx, buf, len); 590 return 0; 591 } 592 593 static int 594 MD5Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) 595 { 596 MD5Update(ctx, buf, len); 597 return 0; 598 } 599 600 static void 601 SHA1Init_int(void *ctx) 602 { 603 SHA1Init(ctx); 604 } 605 606 static int 607 SHA1Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) 608 { 609 SHA1Update(ctx, buf, len); 610 return 0; 611 } 612 613 static void 614 SHA1Final_int(u_int8_t *blk, void *ctx) 615 { 616 SHA1Final(blk, ctx); 617 } 618 619 static int 620 SHA256Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) 621 { 622 SHA256_Update(ctx, buf, len); 623 return 0; 624 } 625 626 static int 627 SHA384Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) 628 { 629 SHA384_Update(ctx, buf, len); 630 return 0; 631 } 632 633 static int 634 SHA512Update_int(void *ctx, const u_int8_t *buf, u_int16_t len) 635 { 636 SHA512_Update(ctx, buf, len); 637 return 0; 638 } 639 640 /* 641 * And compression 642 */ 643 644 static u_int32_t 645 deflate_compress(u_int8_t *data, u_int32_t size, u_int8_t **out) 646 { 647 return deflate_global(data, size, 0, out, 0); 648 } 649 650 static u_int32_t 651 deflate_decompress(u_int8_t *data, u_int32_t size, u_int8_t **out, 652 int size_hint) 653 { 654 return deflate_global(data, size, 1, out, size_hint); 655 } 656 657 static u_int32_t 658 gzip_compress(u_int8_t *data, u_int32_t size, u_int8_t **out) 659 { 660 return gzip_global(data, size, 0, out, 0); 661 } 662 663 static u_int32_t 664 gzip_decompress(u_int8_t *data, u_int32_t size, u_int8_t **out, 665 int size_hint) 666 { 667 return gzip_global(data, size, 1, out, size_hint); 668 } 669
Indexes created Sat Oct 11 19:10:01 GMT 2025