10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
51808Smcpowers * Common Development and Distribution License (the "License").
61808Smcpowers * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate * See the License for the specific language governing permissions
110Sstevel@tonic-gate * and limitations under the License.
120Sstevel@tonic-gate *
130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate *
190Sstevel@tonic-gate * CDDL HEADER END
200Sstevel@tonic-gate */
210Sstevel@tonic-gate /*
22*12304SValerie.Fenwick@Oracle.COM * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
230Sstevel@tonic-gate */
240Sstevel@tonic-gate
250Sstevel@tonic-gate #include <sys/errno.h>
260Sstevel@tonic-gate #include <sys/types.h>
270Sstevel@tonic-gate #include <sys/kmem.h>
28904Smcpowers #include <sys/sysmacros.h>
290Sstevel@tonic-gate #include <sys/crypto/common.h>
300Sstevel@tonic-gate #include <sys/crypto/impl.h>
310Sstevel@tonic-gate #include <sys/crypto/api.h>
320Sstevel@tonic-gate #include <sys/crypto/spi.h>
330Sstevel@tonic-gate #include <sys/crypto/sched_impl.h>
340Sstevel@tonic-gate
35904Smcpowers #define CRYPTO_OPS_OFFSET(f) offsetof(crypto_ops_t, co_##f)
36904Smcpowers #define CRYPTO_MAC_OFFSET(f) offsetof(crypto_mac_ops_t, f)
37904Smcpowers
380Sstevel@tonic-gate /*
390Sstevel@tonic-gate * Message authentication codes routines.
400Sstevel@tonic-gate */
410Sstevel@tonic-gate
420Sstevel@tonic-gate /*
430Sstevel@tonic-gate * The following are the possible returned values common to all the routines
440Sstevel@tonic-gate * below. The applicability of some of these return values depends on the
450Sstevel@tonic-gate * presence of the arguments.
460Sstevel@tonic-gate *
470Sstevel@tonic-gate * CRYPTO_SUCCESS: The operation completed successfully.
480Sstevel@tonic-gate * CRYPTO_QUEUED: A request was submitted successfully. The callback
490Sstevel@tonic-gate * routine will be called when the operation is done.
500Sstevel@tonic-gate * CRYPTO_INVALID_MECH_NUMBER, CRYPTO_INVALID_MECH_PARAM, or
510Sstevel@tonic-gate * CRYPTO_INVALID_MECH for problems with the 'mech'.
520Sstevel@tonic-gate * CRYPTO_INVALID_DATA for bogus 'data'
530Sstevel@tonic-gate * CRYPTO_HOST_MEMORY for failure to allocate memory to handle this work.
540Sstevel@tonic-gate * CRYPTO_INVALID_CONTEXT: Not a valid context.
550Sstevel@tonic-gate * CRYPTO_BUSY: Cannot process the request now. Schedule a
560Sstevel@tonic-gate * crypto_bufcall(), or try later.
570Sstevel@tonic-gate * CRYPTO_NOT_SUPPORTED and CRYPTO_MECH_NOT_SUPPORTED: No provider is
580Sstevel@tonic-gate * capable of a function or a mechanism.
590Sstevel@tonic-gate * CRYPTO_INVALID_KEY: bogus 'key' argument.
600Sstevel@tonic-gate * CRYPTO_INVALID_MAC: bogus 'mac' argument.
610Sstevel@tonic-gate */
620Sstevel@tonic-gate
630Sstevel@tonic-gate /*
640Sstevel@tonic-gate * crypto_mac_prov()
650Sstevel@tonic-gate *
660Sstevel@tonic-gate * Arguments:
670Sstevel@tonic-gate * mech: crypto_mechanism_t pointer.
680Sstevel@tonic-gate * mech_type is a valid value previously returned by
690Sstevel@tonic-gate * crypto_mech2id();
700Sstevel@tonic-gate * When the mech's parameter is not NULL, its definition depends
710Sstevel@tonic-gate * on the standard definition of the mechanism.
720Sstevel@tonic-gate * key: pointer to a crypto_key_t structure.
730Sstevel@tonic-gate * data: The message to compute the MAC for.
740Sstevel@tonic-gate * mac: Storage for the MAC. The length needed depends on the mechanism.
750Sstevel@tonic-gate * tmpl: a crypto_ctx_template_t, opaque template of a context of a
760Sstevel@tonic-gate * MAC with the 'mech' using 'key'. 'tmpl' is created by
770Sstevel@tonic-gate * a previous call to crypto_create_ctx_template().
780Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info.
790Sstevel@tonic-gate *
800Sstevel@tonic-gate * Description:
810Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs a
820Sstevel@tonic-gate * single-part message authentication of 'data' with the mechanism
830Sstevel@tonic-gate * 'mech', using * the key 'key', on the specified provider with
840Sstevel@tonic-gate * the specified session id.
850Sstevel@tonic-gate * When complete and successful, 'mac' will contain the message
860Sstevel@tonic-gate * authentication code.
870Sstevel@tonic-gate *
880Sstevel@tonic-gate * Context:
890Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'crq'.
900Sstevel@tonic-gate *
910Sstevel@tonic-gate * Returns:
920Sstevel@tonic-gate * See comment in the beginning of the file.
930Sstevel@tonic-gate */
940Sstevel@tonic-gate int
crypto_mac_prov(crypto_provider_t provider,crypto_session_id_t sid,crypto_mechanism_t * mech,crypto_data_t * data,crypto_key_t * key,crypto_ctx_template_t tmpl,crypto_data_t * mac,crypto_call_req_t * crq)95904Smcpowers crypto_mac_prov(crypto_provider_t provider, crypto_session_id_t sid,
96904Smcpowers crypto_mechanism_t *mech, crypto_data_t *data, crypto_key_t *key,
97904Smcpowers crypto_ctx_template_t tmpl, crypto_data_t *mac, crypto_call_req_t *crq)
980Sstevel@tonic-gate {
990Sstevel@tonic-gate kcf_req_params_t params;
100904Smcpowers kcf_provider_desc_t *pd = provider;
101904Smcpowers kcf_provider_desc_t *real_provider = pd;
102904Smcpowers int rv;
1030Sstevel@tonic-gate
1040Sstevel@tonic-gate ASSERT(KCF_PROV_REFHELD(pd));
105904Smcpowers
106904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) {
10710444SVladimir.Kotal@Sun.COM rv = kcf_get_hardware_provider(mech->cm_type, key,
108*12304SValerie.Fenwick@Oracle.COM CRYPTO_MECH_INVALID, NULL, pd, &real_provider,
109*12304SValerie.Fenwick@Oracle.COM CRYPTO_FG_MAC_ATOMIC);
110904Smcpowers
111904Smcpowers if (rv != CRYPTO_SUCCESS)
112904Smcpowers return (rv);
113904Smcpowers }
114904Smcpowers
1150Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_ATOMIC, sid, mech, key,
1160Sstevel@tonic-gate data, mac, tmpl);
117904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, ¶ms, B_FALSE);
118904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
119904Smcpowers KCF_PROV_REFRELE(real_provider);
1200Sstevel@tonic-gate
121904Smcpowers return (rv);
1220Sstevel@tonic-gate }
1230Sstevel@tonic-gate
1240Sstevel@tonic-gate /*
1250Sstevel@tonic-gate * Same as crypto_mac_prov(), but relies on the KCF scheduler to choose
1260Sstevel@tonic-gate * a provider. See crypto_mac() comments for more information.
1270Sstevel@tonic-gate */
1280Sstevel@tonic-gate int
crypto_mac(crypto_mechanism_t * mech,crypto_data_t * data,crypto_key_t * key,crypto_ctx_template_t tmpl,crypto_data_t * mac,crypto_call_req_t * crq)1290Sstevel@tonic-gate crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data,
1300Sstevel@tonic-gate crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac,
1310Sstevel@tonic-gate crypto_call_req_t *crq)
1320Sstevel@tonic-gate {
1330Sstevel@tonic-gate int error;
1340Sstevel@tonic-gate kcf_mech_entry_t *me;
1350Sstevel@tonic-gate kcf_req_params_t params;
1360Sstevel@tonic-gate kcf_provider_desc_t *pd;
1370Sstevel@tonic-gate kcf_ctx_template_t *ctx_tmpl;
1380Sstevel@tonic-gate crypto_spi_ctx_template_t spi_ctx_tmpl = NULL;
1390Sstevel@tonic-gate kcf_prov_tried_t *list = NULL;
1400Sstevel@tonic-gate
1410Sstevel@tonic-gate retry:
1420Sstevel@tonic-gate /* The pd is returned held */
14310444SVladimir.Kotal@Sun.COM if ((pd = kcf_get_mech_provider(mech->cm_type, key, &me, &error,
144*12304SValerie.Fenwick@Oracle.COM list, CRYPTO_FG_MAC_ATOMIC, data->cd_length)) == NULL) {
1450Sstevel@tonic-gate if (list != NULL)
1460Sstevel@tonic-gate kcf_free_triedlist(list);
1470Sstevel@tonic-gate return (error);
1480Sstevel@tonic-gate }
1490Sstevel@tonic-gate
1500Sstevel@tonic-gate /*
1510Sstevel@tonic-gate * For SW providers, check the validity of the context template
1520Sstevel@tonic-gate * It is very rare that the generation number mis-matches, so
1530Sstevel@tonic-gate * is acceptable to fail here, and let the consumer recover by
1540Sstevel@tonic-gate * freeing this tmpl and create a new one for the key and new SW
1550Sstevel@tonic-gate * provider
1560Sstevel@tonic-gate */
1570Sstevel@tonic-gate if ((pd->pd_prov_type == CRYPTO_SW_PROVIDER) &&
1580Sstevel@tonic-gate ((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) {
1590Sstevel@tonic-gate if (ctx_tmpl->ct_generation != me->me_gen_swprov) {
1600Sstevel@tonic-gate if (list != NULL)
1610Sstevel@tonic-gate kcf_free_triedlist(list);
1620Sstevel@tonic-gate KCF_PROV_REFRELE(pd);
1630Sstevel@tonic-gate return (CRYPTO_OLD_CTX_TEMPLATE);
1640Sstevel@tonic-gate } else {
1650Sstevel@tonic-gate spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl;
1660Sstevel@tonic-gate }
1670Sstevel@tonic-gate }
1680Sstevel@tonic-gate
1690Sstevel@tonic-gate /* The fast path for SW providers. */
1700Sstevel@tonic-gate if (CHECK_FASTPATH(crq, pd)) {
1710Sstevel@tonic-gate crypto_mechanism_t lmech;
1720Sstevel@tonic-gate
1730Sstevel@tonic-gate lmech = *mech;
1740Sstevel@tonic-gate KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech);
1750Sstevel@tonic-gate
1760Sstevel@tonic-gate error = KCF_PROV_MAC_ATOMIC(pd, pd->pd_sid, &lmech, key, data,
1770Sstevel@tonic-gate mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq));
1780Sstevel@tonic-gate KCF_PROV_INCRSTATS(pd, error);
1790Sstevel@tonic-gate } else {
1804072Skrishna if (pd->pd_prov_type == CRYPTO_HW_PROVIDER &&
18111304SJanie.Lu@Sun.COM (pd->pd_flags & CRYPTO_HMAC_NO_UPDATE) &&
18211304SJanie.Lu@Sun.COM (data->cd_length > pd->pd_hmac_limit)) {
1834072Skrishna /*
1844072Skrishna * XXX - We need a check to see if this is indeed
1854072Skrishna * a HMAC. So far, all kernel clients use
1864072Skrishna * this interface only for HMAC. So, this is fine
1874072Skrishna * for now.
1884072Skrishna */
1894072Skrishna error = CRYPTO_BUFFER_TOO_BIG;
1904072Skrishna } else {
1914072Skrishna KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_ATOMIC,
1924072Skrishna pd->pd_sid, mech, key, data, mac, spi_ctx_tmpl);
1930Sstevel@tonic-gate
1944072Skrishna error = kcf_submit_request(pd, NULL, crq, ¶ms,
1954072Skrishna KCF_ISDUALREQ(crq));
1964072Skrishna }
1970Sstevel@tonic-gate }
1980Sstevel@tonic-gate
1990Sstevel@tonic-gate if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
2000Sstevel@tonic-gate IS_RECOVERABLE(error)) {
2010Sstevel@tonic-gate /* Add pd to the linked list of providers tried. */
2020Sstevel@tonic-gate if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
2030Sstevel@tonic-gate goto retry;
2040Sstevel@tonic-gate }
2050Sstevel@tonic-gate
2060Sstevel@tonic-gate if (list != NULL)
2070Sstevel@tonic-gate kcf_free_triedlist(list);
2080Sstevel@tonic-gate
2090Sstevel@tonic-gate KCF_PROV_REFRELE(pd);
2100Sstevel@tonic-gate return (error);
2110Sstevel@tonic-gate }
2120Sstevel@tonic-gate
2130Sstevel@tonic-gate /*
2140Sstevel@tonic-gate * Single part operation to compute the MAC corresponding to the specified
2150Sstevel@tonic-gate * 'data' and to verify that it matches the MAC specified by 'mac'.
2160Sstevel@tonic-gate * The other arguments are the same as the function crypto_mac_prov().
2170Sstevel@tonic-gate */
2180Sstevel@tonic-gate int
crypto_mac_verify_prov(crypto_provider_t provider,crypto_session_id_t sid,crypto_mechanism_t * mech,crypto_data_t * data,crypto_key_t * key,crypto_ctx_template_t tmpl,crypto_data_t * mac,crypto_call_req_t * crq)219904Smcpowers crypto_mac_verify_prov(crypto_provider_t provider, crypto_session_id_t sid,
220904Smcpowers crypto_mechanism_t *mech, crypto_data_t *data, crypto_key_t *key,
221904Smcpowers crypto_ctx_template_t tmpl, crypto_data_t *mac, crypto_call_req_t *crq)
2220Sstevel@tonic-gate {
2230Sstevel@tonic-gate kcf_req_params_t params;
224904Smcpowers kcf_provider_desc_t *pd = provider;
225904Smcpowers kcf_provider_desc_t *real_provider = pd;
226904Smcpowers int rv;
2270Sstevel@tonic-gate
2280Sstevel@tonic-gate ASSERT(KCF_PROV_REFHELD(pd));
229904Smcpowers
230904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) {
23110444SVladimir.Kotal@Sun.COM rv = kcf_get_hardware_provider(mech->cm_type, key,
232*12304SValerie.Fenwick@Oracle.COM CRYPTO_MECH_INVALID, NULL, pd, &real_provider,
233*12304SValerie.Fenwick@Oracle.COM CRYPTO_FG_MAC_ATOMIC);
234904Smcpowers
235904Smcpowers if (rv != CRYPTO_SUCCESS)
236904Smcpowers return (rv);
237904Smcpowers }
238904Smcpowers
2390Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_MAC_VERIFY_ATOMIC, sid, mech,
2400Sstevel@tonic-gate key, data, mac, tmpl);
241904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, ¶ms, B_FALSE);
242904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
243904Smcpowers KCF_PROV_REFRELE(real_provider);
2440Sstevel@tonic-gate
245904Smcpowers return (rv);
2460Sstevel@tonic-gate }
2470Sstevel@tonic-gate
2480Sstevel@tonic-gate /*
2490Sstevel@tonic-gate * Same as crypto_mac_verify_prov(), but relies on the KCF scheduler to choose
2500Sstevel@tonic-gate * a provider. See crypto_mac_verify_prov() comments for more information.
2510Sstevel@tonic-gate */
2520Sstevel@tonic-gate int
crypto_mac_verify(crypto_mechanism_t * mech,crypto_data_t * data,crypto_key_t * key,crypto_ctx_template_t tmpl,crypto_data_t * mac,crypto_call_req_t * crq)2530Sstevel@tonic-gate crypto_mac_verify(crypto_mechanism_t *mech, crypto_data_t *data,
2540Sstevel@tonic-gate crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac,
2550Sstevel@tonic-gate crypto_call_req_t *crq)
2560Sstevel@tonic-gate {
2570Sstevel@tonic-gate int error;
2580Sstevel@tonic-gate kcf_mech_entry_t *me;
2590Sstevel@tonic-gate kcf_req_params_t params;
2600Sstevel@tonic-gate kcf_provider_desc_t *pd;
2610Sstevel@tonic-gate kcf_ctx_template_t *ctx_tmpl;
2620Sstevel@tonic-gate crypto_spi_ctx_template_t spi_ctx_tmpl = NULL;
2630Sstevel@tonic-gate kcf_prov_tried_t *list = NULL;
2640Sstevel@tonic-gate
2650Sstevel@tonic-gate retry:
2660Sstevel@tonic-gate /* The pd is returned held */
26710444SVladimir.Kotal@Sun.COM if ((pd = kcf_get_mech_provider(mech->cm_type, key, &me, &error,
268*12304SValerie.Fenwick@Oracle.COM list, CRYPTO_FG_MAC_ATOMIC, data->cd_length)) == NULL) {
2690Sstevel@tonic-gate if (list != NULL)
2700Sstevel@tonic-gate kcf_free_triedlist(list);
2710Sstevel@tonic-gate return (error);
2720Sstevel@tonic-gate }
2730Sstevel@tonic-gate
2740Sstevel@tonic-gate /*
2750Sstevel@tonic-gate * For SW providers, check the validity of the context template
2760Sstevel@tonic-gate * It is very rare that the generation number mis-matches, so
2770Sstevel@tonic-gate * is acceptable to fail here, and let the consumer recover by
2780Sstevel@tonic-gate * freeing this tmpl and create a new one for the key and new SW
2790Sstevel@tonic-gate * provider
2800Sstevel@tonic-gate */
2810Sstevel@tonic-gate if ((pd->pd_prov_type == CRYPTO_SW_PROVIDER) &&
2820Sstevel@tonic-gate ((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) {
2830Sstevel@tonic-gate if (ctx_tmpl->ct_generation != me->me_gen_swprov) {
2840Sstevel@tonic-gate if (list != NULL)
2850Sstevel@tonic-gate kcf_free_triedlist(list);
2860Sstevel@tonic-gate KCF_PROV_REFRELE(pd);
2870Sstevel@tonic-gate return (CRYPTO_OLD_CTX_TEMPLATE);
2880Sstevel@tonic-gate } else {
2890Sstevel@tonic-gate spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl;
2900Sstevel@tonic-gate }
2910Sstevel@tonic-gate }
2920Sstevel@tonic-gate
2930Sstevel@tonic-gate /* The fast path for SW providers. */
2940Sstevel@tonic-gate if (CHECK_FASTPATH(crq, pd)) {
2950Sstevel@tonic-gate crypto_mechanism_t lmech;
2960Sstevel@tonic-gate
2970Sstevel@tonic-gate lmech = *mech;
2980Sstevel@tonic-gate KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech);
2990Sstevel@tonic-gate
3000Sstevel@tonic-gate error = KCF_PROV_MAC_VERIFY_ATOMIC(pd, pd->pd_sid, &lmech, key,
3010Sstevel@tonic-gate data, mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq));
3020Sstevel@tonic-gate KCF_PROV_INCRSTATS(pd, error);
3030Sstevel@tonic-gate } else {
3044072Skrishna if (pd->pd_prov_type == CRYPTO_HW_PROVIDER &&
30511304SJanie.Lu@Sun.COM (pd->pd_flags & CRYPTO_HMAC_NO_UPDATE) &&
30611304SJanie.Lu@Sun.COM (data->cd_length > pd->pd_hmac_limit)) {
3074072Skrishna /* see comments in crypto_mac() */
3084072Skrishna error = CRYPTO_BUFFER_TOO_BIG;
3094072Skrishna } else {
3104072Skrishna KCF_WRAP_MAC_OPS_PARAMS(¶ms,
3114072Skrishna KCF_OP_MAC_VERIFY_ATOMIC, pd->pd_sid, mech,
3124072Skrishna key, data, mac, spi_ctx_tmpl);
3130Sstevel@tonic-gate
3144072Skrishna error = kcf_submit_request(pd, NULL, crq, ¶ms,
3154072Skrishna KCF_ISDUALREQ(crq));
3164072Skrishna }
3170Sstevel@tonic-gate }
3180Sstevel@tonic-gate
3190Sstevel@tonic-gate if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
3200Sstevel@tonic-gate IS_RECOVERABLE(error)) {
3210Sstevel@tonic-gate /* Add pd to the linked list of providers tried. */
3220Sstevel@tonic-gate if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
3230Sstevel@tonic-gate goto retry;
3240Sstevel@tonic-gate }
3250Sstevel@tonic-gate
3260Sstevel@tonic-gate if (list != NULL)
3270Sstevel@tonic-gate kcf_free_triedlist(list);
3280Sstevel@tonic-gate
3290Sstevel@tonic-gate KCF_PROV_REFRELE(pd);
3300Sstevel@tonic-gate return (error);
3310Sstevel@tonic-gate }
3320Sstevel@tonic-gate
3330Sstevel@tonic-gate
3340Sstevel@tonic-gate /*
3350Sstevel@tonic-gate * crypto_mac_init_prov()
3360Sstevel@tonic-gate *
3370Sstevel@tonic-gate * Arguments:
3380Sstevel@tonic-gate * pd: pointer to the descriptor of the provider to use for this
3390Sstevel@tonic-gate * operation.
3400Sstevel@tonic-gate * sid: provider session id.
3410Sstevel@tonic-gate * mech: crypto_mechanism_t pointer.
3420Sstevel@tonic-gate * mech_type is a valid value previously returned by
3430Sstevel@tonic-gate * crypto_mech2id();
3440Sstevel@tonic-gate * When the mech's parameter is not NULL, its definition depends
3450Sstevel@tonic-gate * on the standard definition of the mechanism.
3460Sstevel@tonic-gate * key: pointer to a crypto_key_t structure.
3470Sstevel@tonic-gate * tmpl: a crypto_ctx_template_t, opaque template of a context of a
3480Sstevel@tonic-gate * MAC with the 'mech' using 'key'. 'tmpl' is created by
3490Sstevel@tonic-gate * a previous call to crypto_create_ctx_template().
3500Sstevel@tonic-gate * ctxp: Pointer to a crypto_context_t.
3510Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info.
3520Sstevel@tonic-gate *
3530Sstevel@tonic-gate * Description:
3540Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs the
3550Sstevel@tonic-gate * initialization of a MAC operation on the specified provider with
3560Sstevel@tonic-gate * the specified session.
3570Sstevel@tonic-gate * When possible and applicable, will internally use the pre-computed MAC
3580Sstevel@tonic-gate * context from the context template, tmpl.
3590Sstevel@tonic-gate * When complete and successful, 'ctxp' will contain a crypto_context_t
3600Sstevel@tonic-gate * valid for later calls to mac_update() and mac_final().
3610Sstevel@tonic-gate * The caller should hold a reference on the specified provider
3620Sstevel@tonic-gate * descriptor before calling this function.
3630Sstevel@tonic-gate *
3640Sstevel@tonic-gate * Context:
3650Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'cr'.
3660Sstevel@tonic-gate *
3670Sstevel@tonic-gate * Returns:
3680Sstevel@tonic-gate * See comment in the beginning of the file.
3690Sstevel@tonic-gate */
3700Sstevel@tonic-gate int
crypto_mac_init_prov(crypto_provider_t provider,crypto_session_id_t sid,crypto_mechanism_t * mech,crypto_key_t * key,crypto_spi_ctx_template_t tmpl,crypto_context_t * ctxp,crypto_call_req_t * crq)371904Smcpowers crypto_mac_init_prov(crypto_provider_t provider, crypto_session_id_t sid,
3720Sstevel@tonic-gate crypto_mechanism_t *mech, crypto_key_t *key, crypto_spi_ctx_template_t tmpl,
3730Sstevel@tonic-gate crypto_context_t *ctxp, crypto_call_req_t *crq)
3740Sstevel@tonic-gate {
375904Smcpowers int rv;
3760Sstevel@tonic-gate crypto_ctx_t *ctx;
3770Sstevel@tonic-gate kcf_req_params_t params;
378904Smcpowers kcf_provider_desc_t *pd = provider;
379904Smcpowers kcf_provider_desc_t *real_provider = pd;
3800Sstevel@tonic-gate
3810Sstevel@tonic-gate ASSERT(KCF_PROV_REFHELD(pd));
3820Sstevel@tonic-gate
383904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) {
38410444SVladimir.Kotal@Sun.COM rv = kcf_get_hardware_provider(mech->cm_type, key,
385*12304SValerie.Fenwick@Oracle.COM CRYPTO_MECH_INVALID, NULL, pd, &real_provider,
386*12304SValerie.Fenwick@Oracle.COM CRYPTO_FG_MAC);
387904Smcpowers
388904Smcpowers if (rv != CRYPTO_SUCCESS)
389904Smcpowers return (rv);
390904Smcpowers }
391904Smcpowers
392904Smcpowers /* Allocate and initialize the canonical context */
393904Smcpowers if ((ctx = kcf_new_ctx(crq, real_provider, sid)) == NULL) {
394904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
395904Smcpowers KCF_PROV_REFRELE(real_provider);
3960Sstevel@tonic-gate return (CRYPTO_HOST_MEMORY);
397904Smcpowers }
3980Sstevel@tonic-gate
3990Sstevel@tonic-gate /* The fast path for SW providers. */
4000Sstevel@tonic-gate if (CHECK_FASTPATH(crq, pd)) {
4010Sstevel@tonic-gate crypto_mechanism_t lmech;
4020Sstevel@tonic-gate
4030Sstevel@tonic-gate lmech = *mech;
404904Smcpowers KCF_SET_PROVIDER_MECHNUM(mech->cm_type, real_provider, &lmech);
405904Smcpowers rv = KCF_PROV_MAC_INIT(real_provider, ctx, &lmech, key, tmpl,
4060Sstevel@tonic-gate KCF_SWFP_RHNDL(crq));
407904Smcpowers KCF_PROV_INCRSTATS(pd, rv);
4080Sstevel@tonic-gate } else {
4090Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_INIT, sid, mech, key,
4100Sstevel@tonic-gate NULL, NULL, tmpl);
411904Smcpowers rv = kcf_submit_request(real_provider, ctx, crq, ¶ms,
412904Smcpowers B_FALSE);
4130Sstevel@tonic-gate }
4140Sstevel@tonic-gate
415904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER)
416904Smcpowers KCF_PROV_REFRELE(real_provider);
417904Smcpowers
418904Smcpowers if ((rv == CRYPTO_SUCCESS) || (rv == CRYPTO_QUEUED))
4190Sstevel@tonic-gate *ctxp = (crypto_context_t)ctx;
4200Sstevel@tonic-gate else {
4210Sstevel@tonic-gate /* Release the hold done in kcf_new_ctx(). */
4220Sstevel@tonic-gate KCF_CONTEXT_REFRELE((kcf_context_t *)ctx->cc_framework_private);
4230Sstevel@tonic-gate }
4240Sstevel@tonic-gate
425904Smcpowers return (rv);
4260Sstevel@tonic-gate }
4270Sstevel@tonic-gate
4280Sstevel@tonic-gate /*
4290Sstevel@tonic-gate * Same as crypto_mac_init_prov(), but relies on the KCF scheduler to
4300Sstevel@tonic-gate * choose a provider. See crypto_mac_init_prov() comments for more
4310Sstevel@tonic-gate * information.
4320Sstevel@tonic-gate */
4330Sstevel@tonic-gate int
crypto_mac_init(crypto_mechanism_t * mech,crypto_key_t * key,crypto_ctx_template_t tmpl,crypto_context_t * ctxp,crypto_call_req_t * crq)4340Sstevel@tonic-gate crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key,
4350Sstevel@tonic-gate crypto_ctx_template_t tmpl, crypto_context_t *ctxp,
4360Sstevel@tonic-gate crypto_call_req_t *crq)
4370Sstevel@tonic-gate {
4380Sstevel@tonic-gate int error;
4390Sstevel@tonic-gate kcf_mech_entry_t *me;
4400Sstevel@tonic-gate kcf_provider_desc_t *pd;
4410Sstevel@tonic-gate kcf_ctx_template_t *ctx_tmpl;
4420Sstevel@tonic-gate crypto_spi_ctx_template_t spi_ctx_tmpl = NULL;
4430Sstevel@tonic-gate kcf_prov_tried_t *list = NULL;
4440Sstevel@tonic-gate
4450Sstevel@tonic-gate retry:
4460Sstevel@tonic-gate /* The pd is returned held */
44710444SVladimir.Kotal@Sun.COM if ((pd = kcf_get_mech_provider(mech->cm_type, key, &me, &error,
448*12304SValerie.Fenwick@Oracle.COM list, CRYPTO_FG_MAC, 0)) == NULL) {
4490Sstevel@tonic-gate if (list != NULL)
4500Sstevel@tonic-gate kcf_free_triedlist(list);
4510Sstevel@tonic-gate return (error);
4520Sstevel@tonic-gate }
4530Sstevel@tonic-gate
4540Sstevel@tonic-gate /*
4550Sstevel@tonic-gate * For SW providers, check the validity of the context template
4560Sstevel@tonic-gate * It is very rare that the generation number mis-matches, so
4570Sstevel@tonic-gate * is acceptable to fail here, and let the consumer recover by
4580Sstevel@tonic-gate * freeing this tmpl and create a new one for the key and new SW
4590Sstevel@tonic-gate * provider
4600Sstevel@tonic-gate */
4610Sstevel@tonic-gate
4620Sstevel@tonic-gate if ((pd->pd_prov_type == CRYPTO_SW_PROVIDER) &&
4630Sstevel@tonic-gate ((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) {
4640Sstevel@tonic-gate if (ctx_tmpl->ct_generation != me->me_gen_swprov) {
4650Sstevel@tonic-gate if (list != NULL)
4660Sstevel@tonic-gate kcf_free_triedlist(list);
4670Sstevel@tonic-gate KCF_PROV_REFRELE(pd);
4680Sstevel@tonic-gate return (CRYPTO_OLD_CTX_TEMPLATE);
4690Sstevel@tonic-gate } else {
4700Sstevel@tonic-gate spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl;
4710Sstevel@tonic-gate }
4720Sstevel@tonic-gate }
4730Sstevel@tonic-gate
4744072Skrishna if (pd->pd_prov_type == CRYPTO_HW_PROVIDER &&
47511304SJanie.Lu@Sun.COM (pd->pd_flags & CRYPTO_HMAC_NO_UPDATE)) {
4764072Skrishna /*
4774072Skrishna * The hardware provider has limited HMAC support.
4784072Skrishna * So, we fallback early here to using a software provider.
4794072Skrishna *
4804072Skrishna * XXX - need to enhance to do the fallback later in
4814072Skrishna * crypto_mac_update() if the size of accumulated input data
4824072Skrishna * exceeds the maximum size digestable by hardware provider.
4834072Skrishna */
4844072Skrishna error = CRYPTO_BUFFER_TOO_BIG;
4854072Skrishna } else {
4864072Skrishna error = crypto_mac_init_prov(pd, pd->pd_sid, mech, key,
4874072Skrishna spi_ctx_tmpl, ctxp, crq);
4884072Skrishna }
4890Sstevel@tonic-gate if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED &&
4900Sstevel@tonic-gate IS_RECOVERABLE(error)) {
4910Sstevel@tonic-gate /* Add pd to the linked list of providers tried. */
4920Sstevel@tonic-gate if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL)
4930Sstevel@tonic-gate goto retry;
4940Sstevel@tonic-gate }
4950Sstevel@tonic-gate
4960Sstevel@tonic-gate if (list != NULL)
4970Sstevel@tonic-gate kcf_free_triedlist(list);
4980Sstevel@tonic-gate
4990Sstevel@tonic-gate KCF_PROV_REFRELE(pd);
5000Sstevel@tonic-gate return (error);
5010Sstevel@tonic-gate }
5020Sstevel@tonic-gate
5030Sstevel@tonic-gate /*
5040Sstevel@tonic-gate * crypto_mac_update()
5050Sstevel@tonic-gate *
5060Sstevel@tonic-gate * Arguments:
5070Sstevel@tonic-gate * context: A crypto_context_t initialized by mac_init().
5080Sstevel@tonic-gate * data: The message part to be MAC'ed
5090Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info.
5100Sstevel@tonic-gate *
5110Sstevel@tonic-gate * Description:
5120Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs a
5130Sstevel@tonic-gate * part of a MAC operation.
5140Sstevel@tonic-gate *
5150Sstevel@tonic-gate * Context:
5160Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'cr'.
5170Sstevel@tonic-gate *
5180Sstevel@tonic-gate * Returns:
5190Sstevel@tonic-gate * See comment in the beginning of the file.
5200Sstevel@tonic-gate */
5210Sstevel@tonic-gate int
crypto_mac_update(crypto_context_t context,crypto_data_t * data,crypto_call_req_t * cr)5220Sstevel@tonic-gate crypto_mac_update(crypto_context_t context, crypto_data_t *data,
5230Sstevel@tonic-gate crypto_call_req_t *cr)
5240Sstevel@tonic-gate {
5250Sstevel@tonic-gate crypto_ctx_t *ctx = (crypto_ctx_t *)context;
5260Sstevel@tonic-gate kcf_context_t *kcf_ctx;
5270Sstevel@tonic-gate kcf_provider_desc_t *pd;
5280Sstevel@tonic-gate kcf_req_params_t params;
529904Smcpowers int rv;
5300Sstevel@tonic-gate
5310Sstevel@tonic-gate if ((ctx == NULL) ||
5320Sstevel@tonic-gate ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) ||
5330Sstevel@tonic-gate ((pd = kcf_ctx->kc_prov_desc) == NULL)) {
5340Sstevel@tonic-gate return (CRYPTO_INVALID_CONTEXT);
5350Sstevel@tonic-gate }
5360Sstevel@tonic-gate
537904Smcpowers ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER);
5380Sstevel@tonic-gate
5390Sstevel@tonic-gate /* The fast path for SW providers. */
5400Sstevel@tonic-gate if (CHECK_FASTPATH(cr, pd)) {
541904Smcpowers rv = KCF_PROV_MAC_UPDATE(pd, ctx, data, NULL);
542904Smcpowers KCF_PROV_INCRSTATS(pd, rv);
5430Sstevel@tonic-gate } else {
544904Smcpowers KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_UPDATE,
545904Smcpowers ctx->cc_session, NULL, NULL, data, NULL, NULL);
546904Smcpowers rv = kcf_submit_request(pd, ctx, cr, ¶ms, B_FALSE);
5470Sstevel@tonic-gate }
5480Sstevel@tonic-gate
549904Smcpowers return (rv);
5500Sstevel@tonic-gate }
5510Sstevel@tonic-gate
5520Sstevel@tonic-gate /*
5530Sstevel@tonic-gate * crypto_mac_final()
5540Sstevel@tonic-gate *
5550Sstevel@tonic-gate * Arguments:
5560Sstevel@tonic-gate * context: A crypto_context_t initialized by mac_init().
5570Sstevel@tonic-gate * mac: Storage for the message authentication code.
5580Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info.
5590Sstevel@tonic-gate *
5600Sstevel@tonic-gate * Description:
5610Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs a
5620Sstevel@tonic-gate * part of a message authentication operation.
5630Sstevel@tonic-gate *
5640Sstevel@tonic-gate * Context:
5650Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'cr'.
5660Sstevel@tonic-gate *
5670Sstevel@tonic-gate * Returns:
5680Sstevel@tonic-gate * See comment in the beginning of the file.
5690Sstevel@tonic-gate */
5700Sstevel@tonic-gate int
crypto_mac_final(crypto_context_t context,crypto_data_t * mac,crypto_call_req_t * cr)5710Sstevel@tonic-gate crypto_mac_final(crypto_context_t context, crypto_data_t *mac,
5720Sstevel@tonic-gate crypto_call_req_t *cr)
5730Sstevel@tonic-gate {
5740Sstevel@tonic-gate crypto_ctx_t *ctx = (crypto_ctx_t *)context;
5750Sstevel@tonic-gate kcf_context_t *kcf_ctx;
5760Sstevel@tonic-gate kcf_provider_desc_t *pd;
5770Sstevel@tonic-gate kcf_req_params_t params;
578904Smcpowers int rv;
5790Sstevel@tonic-gate
5800Sstevel@tonic-gate if ((ctx == NULL) ||
5810Sstevel@tonic-gate ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) ||
5820Sstevel@tonic-gate ((pd = kcf_ctx->kc_prov_desc) == NULL)) {
5830Sstevel@tonic-gate return (CRYPTO_INVALID_CONTEXT);
5840Sstevel@tonic-gate }
5850Sstevel@tonic-gate
586904Smcpowers ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER);
5870Sstevel@tonic-gate
5880Sstevel@tonic-gate /* The fast path for SW providers. */
5890Sstevel@tonic-gate if (CHECK_FASTPATH(cr, pd)) {
590904Smcpowers rv = KCF_PROV_MAC_FINAL(pd, ctx, mac, NULL);
591904Smcpowers KCF_PROV_INCRSTATS(pd, rv);
5920Sstevel@tonic-gate } else {
593904Smcpowers KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_FINAL,
594904Smcpowers ctx->cc_session, NULL, NULL, NULL, mac, NULL);
595904Smcpowers rv = kcf_submit_request(pd, ctx, cr, ¶ms, B_FALSE);
5960Sstevel@tonic-gate }
5970Sstevel@tonic-gate
5980Sstevel@tonic-gate /* Release the hold done in kcf_new_ctx() during init step. */
599904Smcpowers KCF_CONTEXT_COND_RELEASE(rv, kcf_ctx);
600904Smcpowers return (rv);
6010Sstevel@tonic-gate }
6020Sstevel@tonic-gate
6030Sstevel@tonic-gate /*
6040Sstevel@tonic-gate * See comments for crypto_mac_update() and crypto_mac_final().
6050Sstevel@tonic-gate */
6060Sstevel@tonic-gate int
crypto_mac_single(crypto_context_t context,crypto_data_t * data,crypto_data_t * mac,crypto_call_req_t * cr)6070Sstevel@tonic-gate crypto_mac_single(crypto_context_t context, crypto_data_t *data,
6080Sstevel@tonic-gate crypto_data_t *mac, crypto_call_req_t *cr)
6090Sstevel@tonic-gate {
6100Sstevel@tonic-gate crypto_ctx_t *ctx = (crypto_ctx_t *)context;
6110Sstevel@tonic-gate kcf_context_t *kcf_ctx;
6120Sstevel@tonic-gate kcf_provider_desc_t *pd;
6130Sstevel@tonic-gate int error;
6140Sstevel@tonic-gate kcf_req_params_t params;
6150Sstevel@tonic-gate
6160Sstevel@tonic-gate
6170Sstevel@tonic-gate if ((ctx == NULL) ||
6180Sstevel@tonic-gate ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) ||
6190Sstevel@tonic-gate ((pd = kcf_ctx->kc_prov_desc) == NULL)) {
6200Sstevel@tonic-gate return (CRYPTO_INVALID_CONTEXT);
6210Sstevel@tonic-gate }
6220Sstevel@tonic-gate
6230Sstevel@tonic-gate
6240Sstevel@tonic-gate /* The fast path for SW providers. */
6250Sstevel@tonic-gate if (CHECK_FASTPATH(cr, pd)) {
6260Sstevel@tonic-gate error = KCF_PROV_MAC(pd, ctx, data, mac, NULL);
6270Sstevel@tonic-gate KCF_PROV_INCRSTATS(pd, error);
6280Sstevel@tonic-gate } else {
6290Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_SINGLE, pd->pd_sid,
6300Sstevel@tonic-gate NULL, NULL, data, mac, NULL);
6310Sstevel@tonic-gate error = kcf_submit_request(pd, ctx, cr, ¶ms, B_FALSE);
6320Sstevel@tonic-gate }
6330Sstevel@tonic-gate
6340Sstevel@tonic-gate /* Release the hold done in kcf_new_ctx() during init step. */
6350Sstevel@tonic-gate KCF_CONTEXT_COND_RELEASE(error, kcf_ctx);
6360Sstevel@tonic-gate return (error);
6370Sstevel@tonic-gate }
638