1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 /*
27 * Blowfish provider for the Kernel Cryptographic Framework (KCF)
28 */
29
30 #include <sys/types.h>
31 #include <sys/systm.h>
32 #include <sys/modctl.h>
33 #include <sys/cmn_err.h>
34 #include <sys/ddi.h>
35 #include <sys/crypto/common.h>
36 #include <sys/crypto/spi.h>
37 #include <sys/sysmacros.h>
38 #include <sys/strsun.h>
39 #include <sys/note.h>
40 #include <modes/modes.h>
41 #include <blowfish/blowfish_impl.h>
42
43 extern struct mod_ops mod_cryptoops;
44
45 /*
46 * Module linkage information for the kernel.
47 */
48 static struct modlcrypto modlcrypto = {
49 &mod_cryptoops,
50 "Blowfish Kernel SW Provider"
51 };
52
53 static struct modlinkage modlinkage = {
54 MODREV_1,
55 (void *)&modlcrypto,
56 NULL
57 };
58
59 /*
60 * CSPI information (entry points, provider info, etc.)
61 */
62 typedef enum blowfish_mech_type {
63 BLOWFISH_ECB_MECH_INFO_TYPE, /* SUN_CKM_BLOWFISH_ECB */
64 BLOWFISH_CBC_MECH_INFO_TYPE /* SUN_CKM_BLOWFISH_CBC */
65 } blowfish_mech_type_t;
66
67
68 #define BLOWFISH_COPY_BLOCK(src, dst) \
69 (dst)[0] = (src)[0]; \
70 (dst)[1] = (src)[1]; \
71 (dst)[2] = (src)[2]; \
72 (dst)[3] = (src)[3]; \
73 (dst)[4] = (src)[4]; \
74 (dst)[5] = (src)[5]; \
75 (dst)[6] = (src)[6]; \
76 (dst)[7] = (src)[7]
77
78 #define BLOWFISH_XOR_BLOCK(src, dst) \
79 (dst)[0] ^= (src)[0]; \
80 (dst)[1] ^= (src)[1]; \
81 (dst)[2] ^= (src)[2]; \
82 (dst)[3] ^= (src)[3]; \
83 (dst)[4] ^= (src)[4]; \
84 (dst)[5] ^= (src)[5]; \
85 (dst)[6] ^= (src)[6]; \
86 (dst)[7] ^= (src)[7]
87
88 /*
89 * Mechanism info structure passed to KCF during registration.
90 */
91
92 static crypto_mech_info_t blowfish_mech_info_tab[] = {
93 /* BLOWFISH_ECB */
94 {SUN_CKM_BLOWFISH_ECB, BLOWFISH_ECB_MECH_INFO_TYPE,
95 CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC |
96 CRYPTO_FG_DECRYPT | CRYPTO_FG_DECRYPT_ATOMIC,
97 BLOWFISH_MINBITS, BLOWFISH_MAXBITS, CRYPTO_KEYSIZE_UNIT_IN_BITS},
98 /* BLOWFISH_CBC */
99 {SUN_CKM_BLOWFISH_CBC, BLOWFISH_CBC_MECH_INFO_TYPE,
100 CRYPTO_FG_ENCRYPT | CRYPTO_FG_ENCRYPT_ATOMIC |
101 CRYPTO_FG_DECRYPT | CRYPTO_FG_DECRYPT_ATOMIC,
102 BLOWFISH_MINBITS, BLOWFISH_MAXBITS, CRYPTO_KEYSIZE_UNIT_IN_BITS}
103 };
104
105 #define BLOWFISH_VALID_MECH(mech) \
106 (((mech)->cm_type == BLOWFISH_ECB_MECH_INFO_TYPE || \
107 (mech)->cm_type == BLOWFISH_CBC_MECH_INFO_TYPE) ? 1 : 0)
108
109 /* operations are in-place if the output buffer is NULL */
110 #define BLOWFISH_ARG_INPLACE(input, output) \
111 if ((output) == NULL) \
112 (output) = (input);
113
114 static void blowfish_provider_status(crypto_provider_handle_t, uint_t *);
115
116 static crypto_control_ops_t blowfish_control_ops = {
117 blowfish_provider_status
118 };
119
120 static int blowfish_common_init(crypto_ctx_t *, crypto_mechanism_t *,
121 crypto_key_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
122 static int blowfish_common_init_ctx(blowfish_ctx_t *,
123 crypto_spi_ctx_template_t *, crypto_mechanism_t *, crypto_key_t *, int);
124 static int blowfish_encrypt_final(crypto_ctx_t *, crypto_data_t *,
125 crypto_req_handle_t);
126 static int blowfish_decrypt_final(crypto_ctx_t *, crypto_data_t *,
127 crypto_req_handle_t);
128
129 static int blowfish_encrypt(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
130 crypto_req_handle_t);
131 static int blowfish_encrypt_update(crypto_ctx_t *, crypto_data_t *,
132 crypto_data_t *, crypto_req_handle_t);
133 static int blowfish_encrypt_atomic(crypto_provider_handle_t,
134 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
135 crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
136
137 static int blowfish_decrypt(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
138 crypto_req_handle_t);
139 static int blowfish_decrypt_update(crypto_ctx_t *, crypto_data_t *,
140 crypto_data_t *, crypto_req_handle_t);
141 static int blowfish_decrypt_atomic(crypto_provider_handle_t,
142 crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
143 crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
144
145 static crypto_cipher_ops_t blowfish_cipher_ops = {
146 blowfish_common_init,
147 blowfish_encrypt,
148 blowfish_encrypt_update,
149 blowfish_encrypt_final,
150 blowfish_encrypt_atomic,
151 blowfish_common_init,
152 blowfish_decrypt,
153 blowfish_decrypt_update,
154 blowfish_decrypt_final,
155 blowfish_decrypt_atomic
156 };
157
158 static int blowfish_create_ctx_template(crypto_provider_handle_t,
159 crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t *,
160 size_t *, crypto_req_handle_t);
161 static int blowfish_free_context(crypto_ctx_t *);
162
163 static crypto_ctx_ops_t blowfish_ctx_ops = {
164 blowfish_create_ctx_template,
165 blowfish_free_context
166 };
167
168 static crypto_ops_t blowfish_crypto_ops = {
169 &blowfish_control_ops,
170 NULL,
171 &blowfish_cipher_ops,
172 NULL,
173 NULL,
174 NULL,
175 NULL,
176 NULL,
177 NULL,
178 NULL,
179 NULL,
180 NULL,
181 NULL,
182 &blowfish_ctx_ops
183 };
184
185 static crypto_provider_info_t blowfish_prov_info = {
186 CRYPTO_SPI_VERSION_1,
187 "Blowfish Software Provider",
188 CRYPTO_SW_PROVIDER,
189 {&modlinkage},
190 NULL,
191 &blowfish_crypto_ops,
192 sizeof (blowfish_mech_info_tab)/sizeof (crypto_mech_info_t),
193 blowfish_mech_info_tab
194 };
195
196
197 static crypto_kcf_provider_handle_t blowfish_prov_handle = NULL;
198
199 int
_init(void)200 _init(void)
201 {
202 int ret;
203
204 if ((ret = mod_install(&modlinkage)) != 0)
205 return (ret);
206
207 /* Register with KCF. If the registration fails, remove the module. */
208 if (crypto_register_provider(&blowfish_prov_info,
209 &blowfish_prov_handle)) {
210 (void) mod_remove(&modlinkage);
211 return (EACCES);
212 }
213
214 return (0);
215 }
216
217 int
_fini(void)218 _fini(void)
219 {
220 /* Unregister from KCF if module is registered */
221 if (blowfish_prov_handle != NULL) {
222 if (crypto_unregister_provider(blowfish_prov_handle))
223 return (EBUSY);
224
225 blowfish_prov_handle = NULL;
226 }
227
228 return (mod_remove(&modlinkage));
229 }
230
231 int
_info(struct modinfo * modinfop)232 _info(struct modinfo *modinfop)
233 {
234 return (mod_info(&modlinkage, modinfop));
235 }
236
237 /*
238 * Initialize key schedules for blowfish
239 */
240 static int
init_keysched(crypto_key_t * key,void * keysched)241 init_keysched(crypto_key_t *key, void *keysched)
242 {
243 /* EXPORT DELETE START */
244 /*
245 * Only keys by value are supported by this module.
246 */
247 switch (key->ck_format) {
248 case CRYPTO_KEY_RAW:
249 if (key->ck_length < BLOWFISH_MINBITS ||
250 key->ck_length > BLOWFISH_MAXBITS) {
251 return (CRYPTO_KEY_SIZE_RANGE);
252 }
253 break;
254 default:
255 return (CRYPTO_KEY_TYPE_INCONSISTENT);
256 }
257
258 blowfish_init_keysched(key->ck_data, key->ck_length, keysched);
259 /* EXPORT DELETE END */
260 return (CRYPTO_SUCCESS);
261 }
262
263 /*
264 * KCF software provider control entry points.
265 */
266 /* ARGSUSED */
267 static void
blowfish_provider_status(crypto_provider_handle_t provider,uint_t * status)268 blowfish_provider_status(crypto_provider_handle_t provider, uint_t *status)
269 {
270 *status = CRYPTO_PROVIDER_READY;
271 }
272
273 /*
274 * KCF software provider encrypt entry points.
275 */
276 static int
blowfish_common_init(crypto_ctx_t * ctx,crypto_mechanism_t * mechanism,crypto_key_t * key,crypto_spi_ctx_template_t template,crypto_req_handle_t req)277 blowfish_common_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
278 crypto_key_t *key, crypto_spi_ctx_template_t template,
279 crypto_req_handle_t req)
280 {
281
282 /* EXPORT DELETE START */
283
284 blowfish_ctx_t *blowfish_ctx;
285 int rv;
286 int kmflag;
287
288 /*
289 * Only keys by value are supported by this module.
290 */
291 if (key->ck_format != CRYPTO_KEY_RAW) {
292 return (CRYPTO_KEY_TYPE_INCONSISTENT);
293 }
294
295 if (!BLOWFISH_VALID_MECH(mechanism))
296 return (CRYPTO_MECHANISM_INVALID);
297
298 if (mechanism->cm_param != NULL &&
299 mechanism->cm_param_len != BLOWFISH_BLOCK_LEN)
300 return (CRYPTO_MECHANISM_PARAM_INVALID);
301
302 kmflag = crypto_kmflag(req);
303 switch (mechanism->cm_type) {
304 case BLOWFISH_ECB_MECH_INFO_TYPE:
305 blowfish_ctx = ecb_alloc_ctx(kmflag);
306 break;
307 case BLOWFISH_CBC_MECH_INFO_TYPE:
308 blowfish_ctx = cbc_alloc_ctx(kmflag);
309 break;
310 }
311 if (blowfish_ctx == NULL)
312 return (CRYPTO_HOST_MEMORY);
313
314 rv = blowfish_common_init_ctx(blowfish_ctx, template, mechanism,
315 key, kmflag);
316 if (rv != CRYPTO_SUCCESS) {
317 crypto_free_mode_ctx(blowfish_ctx);
318 return (rv);
319 }
320
321 ctx->cc_provider_private = blowfish_ctx;
322
323 /* EXPORT DELETE END */
324
325 return (CRYPTO_SUCCESS);
326 }
327
328 static void
blowfish_copy_block64(uint8_t * in,uint64_t * out)329 blowfish_copy_block64(uint8_t *in, uint64_t *out)
330 {
331 if (IS_P2ALIGNED(in, sizeof (uint64_t))) {
332 /* LINTED: pointer alignment */
333 out[0] = *(uint64_t *)&in[0];
334 } else {
335 uint8_t *iv8 = (uint8_t *)&out[0];
336
337 BLOWFISH_COPY_BLOCK(in, iv8);
338 }
339 }
340
341 /* ARGSUSED */
342 static int
blowfish_encrypt(crypto_ctx_t * ctx,crypto_data_t * plaintext,crypto_data_t * ciphertext,crypto_req_handle_t req)343 blowfish_encrypt(crypto_ctx_t *ctx, crypto_data_t *plaintext,
344 crypto_data_t *ciphertext, crypto_req_handle_t req)
345 {
346 int ret;
347
348 /* EXPORT DELETE START */
349
350 blowfish_ctx_t *blowfish_ctx;
351
352 /*
353 * Plaintext must be a multiple of blowfish block size.
354 * This test only works for non-padded mechanisms
355 * when blocksize is 2^N.
356 */
357 if ((plaintext->cd_length & (BLOWFISH_BLOCK_LEN - 1)) != 0)
358 return (CRYPTO_DATA_LEN_RANGE);
359
360 ASSERT(ctx->cc_provider_private != NULL);
361 blowfish_ctx = ctx->cc_provider_private;
362
363 BLOWFISH_ARG_INPLACE(plaintext, ciphertext);
364
365 /*
366 * We need to just return the length needed to store the output.
367 * We should not destroy the context for the following case.
368 */
369 if (ciphertext->cd_length < plaintext->cd_length) {
370 ciphertext->cd_length = plaintext->cd_length;
371 return (CRYPTO_BUFFER_TOO_SMALL);
372 }
373
374 /*
375 * Do an update on the specified input data.
376 */
377 ret = blowfish_encrypt_update(ctx, plaintext, ciphertext, req);
378 ASSERT(blowfish_ctx->bc_remainder_len == 0);
379 (void) blowfish_free_context(ctx);
380
381 /* EXPORT DELETE END */
382
383 /* LINTED */
384 return (ret);
385 }
386
387 /* ARGSUSED */
388 static int
blowfish_decrypt(crypto_ctx_t * ctx,crypto_data_t * ciphertext,crypto_data_t * plaintext,crypto_req_handle_t req)389 blowfish_decrypt(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
390 crypto_data_t *plaintext, crypto_req_handle_t req)
391 {
392 int ret;
393
394 /* EXPORT DELETE START */
395
396 blowfish_ctx_t *blowfish_ctx;
397
398 /*
399 * Ciphertext must be a multiple of blowfish block size.
400 * This test only works for non-padded mechanisms
401 * when blocksize is 2^N.
402 */
403 if ((ciphertext->cd_length & (BLOWFISH_BLOCK_LEN - 1)) != 0)
404 return (CRYPTO_ENCRYPTED_DATA_LEN_RANGE);
405
406 ASSERT(ctx->cc_provider_private != NULL);
407 blowfish_ctx = ctx->cc_provider_private;
408
409 BLOWFISH_ARG_INPLACE(ciphertext, plaintext);
410
411 /*
412 * We need to just return the length needed to store the output.
413 * We should not destroy the context for the following case.
414 */
415 if (plaintext->cd_length < ciphertext->cd_length) {
416 plaintext->cd_length = ciphertext->cd_length;
417 return (CRYPTO_BUFFER_TOO_SMALL);
418 }
419
420 /*
421 * Do an update on the specified input data.
422 */
423 ret = blowfish_decrypt_update(ctx, ciphertext, plaintext, req);
424 ASSERT(blowfish_ctx->bc_remainder_len == 0);
425 (void) blowfish_free_context(ctx);
426
427 /* EXPORT DELETE END */
428
429 /* LINTED */
430 return (ret);
431 }
432
433 /* ARGSUSED */
434 static int
blowfish_encrypt_update(crypto_ctx_t * ctx,crypto_data_t * plaintext,crypto_data_t * ciphertext,crypto_req_handle_t req)435 blowfish_encrypt_update(crypto_ctx_t *ctx, crypto_data_t *plaintext,
436 crypto_data_t *ciphertext, crypto_req_handle_t req)
437 {
438 off_t saved_offset;
439 size_t saved_length, out_len;
440 int ret = CRYPTO_SUCCESS;
441
442 ASSERT(ctx->cc_provider_private != NULL);
443
444 BLOWFISH_ARG_INPLACE(plaintext, ciphertext);
445
446 /* compute number of bytes that will hold the ciphertext */
447 out_len =
448 ((blowfish_ctx_t *)ctx->cc_provider_private)->bc_remainder_len;
449 out_len += plaintext->cd_length;
450 out_len &= ~(BLOWFISH_BLOCK_LEN - 1);
451
452 /* return length needed to store the output */
453 if (ciphertext->cd_length < out_len) {
454 ciphertext->cd_length = out_len;
455 return (CRYPTO_BUFFER_TOO_SMALL);
456 }
457
458 saved_offset = ciphertext->cd_offset;
459 saved_length = ciphertext->cd_length;
460
461 /*
462 * Do the blowfish update on the specified input data.
463 */
464 switch (plaintext->cd_format) {
465 case CRYPTO_DATA_RAW:
466 ret = crypto_update_iov(ctx->cc_provider_private,
467 plaintext, ciphertext, blowfish_encrypt_contiguous_blocks,
468 blowfish_copy_block64);
469 break;
470 case CRYPTO_DATA_UIO:
471 ret = crypto_update_uio(ctx->cc_provider_private,
472 plaintext, ciphertext, blowfish_encrypt_contiguous_blocks,
473 blowfish_copy_block64);
474 break;
475 case CRYPTO_DATA_MBLK:
476 ret = crypto_update_mp(ctx->cc_provider_private,
477 plaintext, ciphertext, blowfish_encrypt_contiguous_blocks,
478 blowfish_copy_block64);
479 break;
480 default:
481 ret = CRYPTO_ARGUMENTS_BAD;
482 }
483
484 if (ret == CRYPTO_SUCCESS) {
485 if (plaintext != ciphertext)
486 ciphertext->cd_length =
487 ciphertext->cd_offset - saved_offset;
488 } else {
489 ciphertext->cd_length = saved_length;
490 }
491 ciphertext->cd_offset = saved_offset;
492
493 return (ret);
494 }
495
496 /* ARGSUSED */
497 static int
blowfish_decrypt_update(crypto_ctx_t * ctx,crypto_data_t * ciphertext,crypto_data_t * plaintext,crypto_req_handle_t req)498 blowfish_decrypt_update(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
499 crypto_data_t *plaintext, crypto_req_handle_t req)
500 {
501 off_t saved_offset;
502 size_t saved_length, out_len;
503 int ret = CRYPTO_SUCCESS;
504
505 ASSERT(ctx->cc_provider_private != NULL);
506
507 BLOWFISH_ARG_INPLACE(ciphertext, plaintext);
508
509 /* compute number of bytes that will hold the plaintext */
510 out_len =
511 ((blowfish_ctx_t *)ctx->cc_provider_private)->bc_remainder_len;
512 out_len += ciphertext->cd_length;
513 out_len &= ~(BLOWFISH_BLOCK_LEN - 1);
514
515 /* return length needed to store the output */
516 if (plaintext->cd_length < out_len) {
517 plaintext->cd_length = out_len;
518 return (CRYPTO_BUFFER_TOO_SMALL);
519 }
520
521 saved_offset = plaintext->cd_offset;
522 saved_length = plaintext->cd_length;
523
524 /*
525 * Do the blowfish update on the specified input data.
526 */
527 switch (ciphertext->cd_format) {
528 case CRYPTO_DATA_RAW:
529 ret = crypto_update_iov(ctx->cc_provider_private,
530 ciphertext, plaintext, blowfish_decrypt_contiguous_blocks,
531 blowfish_copy_block64);
532 break;
533 case CRYPTO_DATA_UIO:
534 ret = crypto_update_uio(ctx->cc_provider_private,
535 ciphertext, plaintext, blowfish_decrypt_contiguous_blocks,
536 blowfish_copy_block64);
537 break;
538 case CRYPTO_DATA_MBLK:
539 ret = crypto_update_mp(ctx->cc_provider_private,
540 ciphertext, plaintext, blowfish_decrypt_contiguous_blocks,
541 blowfish_copy_block64);
542 break;
543 default:
544 ret = CRYPTO_ARGUMENTS_BAD;
545 }
546
547 if (ret == CRYPTO_SUCCESS) {
548 if (ciphertext != plaintext)
549 plaintext->cd_length =
550 plaintext->cd_offset - saved_offset;
551 } else {
552 plaintext->cd_length = saved_length;
553 }
554 plaintext->cd_offset = saved_offset;
555
556 return (ret);
557 }
558
559 /* ARGSUSED */
560 static int
blowfish_encrypt_final(crypto_ctx_t * ctx,crypto_data_t * data,crypto_req_handle_t req)561 blowfish_encrypt_final(crypto_ctx_t *ctx, crypto_data_t *data,
562 crypto_req_handle_t req)
563 {
564
565 /* EXPORT DELETE START */
566
567 blowfish_ctx_t *blowfish_ctx;
568
569 ASSERT(ctx->cc_provider_private != NULL);
570 blowfish_ctx = ctx->cc_provider_private;
571
572 /*
573 * There must be no unprocessed data.
574 * This happens if the length of the last data is
575 * not a multiple of the BLOWFISH block length.
576 */
577 if (blowfish_ctx->bc_remainder_len > 0)
578 return (CRYPTO_DATA_LEN_RANGE);
579
580 (void) blowfish_free_context(ctx);
581 data->cd_length = 0;
582
583 /* EXPORT DELETE END */
584
585 return (CRYPTO_SUCCESS);
586 }
587
588 /* ARGSUSED */
589 static int
blowfish_decrypt_final(crypto_ctx_t * ctx,crypto_data_t * data,crypto_req_handle_t req)590 blowfish_decrypt_final(crypto_ctx_t *ctx, crypto_data_t *data,
591 crypto_req_handle_t req)
592 {
593
594 /* EXPORT DELETE START */
595
596 blowfish_ctx_t *blowfish_ctx;
597
598 ASSERT(ctx->cc_provider_private != NULL);
599 blowfish_ctx = ctx->cc_provider_private;
600
601 /*
602 * There must be no unprocessed ciphertext.
603 * This happens if the length of the last ciphertext is
604 * not a multiple of the BLOWFISH block length.
605 */
606 if (blowfish_ctx->bc_remainder_len > 0)
607 return (CRYPTO_ENCRYPTED_DATA_LEN_RANGE);
608
609 (void) blowfish_free_context(ctx);
610 data->cd_length = 0;
611
612 /* EXPORT DELETE END */
613
614 return (CRYPTO_SUCCESS);
615 }
616
617 /* ARGSUSED */
618 static int
blowfish_encrypt_atomic(crypto_provider_handle_t provider,crypto_session_id_t session_id,crypto_mechanism_t * mechanism,crypto_key_t * key,crypto_data_t * plaintext,crypto_data_t * ciphertext,crypto_spi_ctx_template_t template,crypto_req_handle_t req)619 blowfish_encrypt_atomic(crypto_provider_handle_t provider,
620 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
621 crypto_key_t *key, crypto_data_t *plaintext, crypto_data_t *ciphertext,
622 crypto_spi_ctx_template_t template, crypto_req_handle_t req)
623 {
624 blowfish_ctx_t blowfish_ctx; /* on the stack */
625 off_t saved_offset;
626 size_t saved_length;
627 int ret;
628
629 BLOWFISH_ARG_INPLACE(plaintext, ciphertext);
630
631 /*
632 * Plaintext must be a multiple of blowfish block size.
633 * This test only works for non-padded mechanisms
634 * when blocksize is 2^N.
635 */
636 if ((plaintext->cd_length & (BLOWFISH_BLOCK_LEN - 1)) != 0)
637 return (CRYPTO_DATA_LEN_RANGE);
638
639 /* return length needed to store the output */
640 if (ciphertext->cd_length < plaintext->cd_length) {
641 ciphertext->cd_length = plaintext->cd_length;
642 return (CRYPTO_BUFFER_TOO_SMALL);
643 }
644
645 if (!BLOWFISH_VALID_MECH(mechanism))
646 return (CRYPTO_MECHANISM_INVALID);
647
648 if (mechanism->cm_param_len != 0 &&
649 mechanism->cm_param_len != BLOWFISH_BLOCK_LEN)
650 return (CRYPTO_MECHANISM_PARAM_INVALID);
651
652 bzero(&blowfish_ctx, sizeof (blowfish_ctx_t));
653
654 ret = blowfish_common_init_ctx(&blowfish_ctx, template, mechanism,
655 key, crypto_kmflag(req));
656 if (ret != CRYPTO_SUCCESS)
657 return (ret);
658
659 saved_offset = ciphertext->cd_offset;
660 saved_length = ciphertext->cd_length;
661
662 /*
663 * Do an update on the specified input data.
664 */
665 switch (plaintext->cd_format) {
666 case CRYPTO_DATA_RAW:
667 ret = crypto_update_iov(&blowfish_ctx,
668 plaintext, ciphertext, blowfish_encrypt_contiguous_blocks,
669 blowfish_copy_block64);
670 break;
671 case CRYPTO_DATA_UIO:
672 ret = crypto_update_uio(&blowfish_ctx,
673 plaintext, ciphertext, blowfish_encrypt_contiguous_blocks,
674 blowfish_copy_block64);
675 break;
676 case CRYPTO_DATA_MBLK:
677 ret = crypto_update_mp((void *)&blowfish_ctx,
678 plaintext, ciphertext, blowfish_encrypt_contiguous_blocks,
679 blowfish_copy_block64);
680 break;
681 default:
682 ret = CRYPTO_ARGUMENTS_BAD;
683 }
684
685 if (blowfish_ctx.bc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
686 bzero(blowfish_ctx.bc_keysched, blowfish_ctx.bc_keysched_len);
687 kmem_free(blowfish_ctx.bc_keysched,
688 blowfish_ctx.bc_keysched_len);
689 }
690
691 if (ret == CRYPTO_SUCCESS) {
692 ASSERT(blowfish_ctx.bc_remainder_len == 0);
693 if (plaintext != ciphertext)
694 ciphertext->cd_length =
695 ciphertext->cd_offset - saved_offset;
696 } else {
697 ciphertext->cd_length = saved_length;
698 }
699 ciphertext->cd_offset = saved_offset;
700
701 return (ret);
702 }
703
704 /* ARGSUSED */
705 static int
blowfish_decrypt_atomic(crypto_provider_handle_t provider,crypto_session_id_t session_id,crypto_mechanism_t * mechanism,crypto_key_t * key,crypto_data_t * ciphertext,crypto_data_t * plaintext,crypto_spi_ctx_template_t template,crypto_req_handle_t req)706 blowfish_decrypt_atomic(crypto_provider_handle_t provider,
707 crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
708 crypto_key_t *key, crypto_data_t *ciphertext, crypto_data_t *plaintext,
709 crypto_spi_ctx_template_t template, crypto_req_handle_t req)
710 {
711 blowfish_ctx_t blowfish_ctx; /* on the stack */
712 off_t saved_offset;
713 size_t saved_length;
714 int ret;
715
716 BLOWFISH_ARG_INPLACE(ciphertext, plaintext);
717
718 /*
719 * Ciphertext must be a multiple of blowfish block size.
720 * This test only works for non-padded mechanisms
721 * when blocksize is 2^N.
722 */
723 if ((ciphertext->cd_length & (BLOWFISH_BLOCK_LEN - 1)) != 0)
724 return (CRYPTO_DATA_LEN_RANGE);
725
726 /* return length needed to store the output */
727 if (plaintext->cd_length < ciphertext->cd_length) {
728 plaintext->cd_length = ciphertext->cd_length;
729 return (CRYPTO_BUFFER_TOO_SMALL);
730 }
731
732 if (!BLOWFISH_VALID_MECH(mechanism))
733 return (CRYPTO_MECHANISM_INVALID);
734
735 if (mechanism->cm_param_len != 0 &&
736 mechanism->cm_param_len != BLOWFISH_BLOCK_LEN)
737 return (CRYPTO_MECHANISM_PARAM_INVALID);
738
739 bzero(&blowfish_ctx, sizeof (blowfish_ctx_t));
740
741 ret = blowfish_common_init_ctx(&blowfish_ctx, template, mechanism,
742 key, crypto_kmflag(req));
743 if (ret != CRYPTO_SUCCESS)
744 return (ret);
745
746 saved_offset = plaintext->cd_offset;
747 saved_length = plaintext->cd_length;
748
749 /*
750 * Do an update on the specified input data.
751 */
752 switch (ciphertext->cd_format) {
753 case CRYPTO_DATA_RAW:
754 ret = crypto_update_iov(&blowfish_ctx,
755 ciphertext, plaintext, blowfish_decrypt_contiguous_blocks,
756 blowfish_copy_block64);
757 break;
758 case CRYPTO_DATA_UIO:
759 ret = crypto_update_uio(&blowfish_ctx,
760 ciphertext, plaintext, blowfish_decrypt_contiguous_blocks,
761 blowfish_copy_block64);
762 break;
763 case CRYPTO_DATA_MBLK:
764 ret = crypto_update_mp(&blowfish_ctx,
765 ciphertext, plaintext, blowfish_decrypt_contiguous_blocks,
766 blowfish_copy_block64);
767 break;
768 default:
769 ret = CRYPTO_ARGUMENTS_BAD;
770 }
771
772 if (blowfish_ctx.bc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
773 bzero(blowfish_ctx.bc_keysched, blowfish_ctx.bc_keysched_len);
774 kmem_free(blowfish_ctx.bc_keysched,
775 blowfish_ctx.bc_keysched_len);
776 }
777
778 if (ret == CRYPTO_SUCCESS) {
779 ASSERT(blowfish_ctx.bc_remainder_len == 0);
780 if (ciphertext != plaintext)
781 plaintext->cd_length =
782 plaintext->cd_offset - saved_offset;
783 } else {
784 plaintext->cd_length = saved_length;
785 }
786 plaintext->cd_offset = saved_offset;
787
788 return (ret);
789 }
790
791 /*
792 * KCF software provider context template entry points.
793 */
794 /* ARGSUSED */
795 static int
blowfish_create_ctx_template(crypto_provider_handle_t provider,crypto_mechanism_t * mechanism,crypto_key_t * key,crypto_spi_ctx_template_t * tmpl,size_t * tmpl_size,crypto_req_handle_t req)796 blowfish_create_ctx_template(crypto_provider_handle_t provider,
797 crypto_mechanism_t *mechanism, crypto_key_t *key,
798 crypto_spi_ctx_template_t *tmpl, size_t *tmpl_size, crypto_req_handle_t req)
799 {
800
801 /* EXPORT DELETE START */
802
803 void *keysched;
804 size_t size;
805 int rv;
806
807 if (!BLOWFISH_VALID_MECH(mechanism))
808 return (CRYPTO_MECHANISM_INVALID);
809
810 if ((keysched = blowfish_alloc_keysched(&size,
811 crypto_kmflag(req))) == NULL) {
812 return (CRYPTO_HOST_MEMORY);
813 }
814
815 /*
816 * Initialize key schedule. Key length information is stored
817 * in the key.
818 */
819 if ((rv = init_keysched(key, keysched)) != CRYPTO_SUCCESS) {
820 bzero(keysched, size);
821 kmem_free(keysched, size);
822 return (rv);
823 }
824
825 *tmpl = keysched;
826 *tmpl_size = size;
827
828 /* EXPORT DELETE END */
829
830 return (CRYPTO_SUCCESS);
831 }
832
833 /* ARGSUSED */
834 static int
blowfish_free_context(crypto_ctx_t * ctx)835 blowfish_free_context(crypto_ctx_t *ctx)
836 {
837 blowfish_ctx_t *blowfish_ctx = ctx->cc_provider_private;
838
839 if (blowfish_ctx != NULL) {
840 if (blowfish_ctx->bc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
841 ASSERT(blowfish_ctx->bc_keysched_len != 0);
842 bzero(blowfish_ctx->bc_keysched,
843 blowfish_ctx->bc_keysched_len);
844 kmem_free(blowfish_ctx->bc_keysched,
845 blowfish_ctx->bc_keysched_len);
846 }
847 crypto_free_mode_ctx(blowfish_ctx);
848 ctx->cc_provider_private = NULL;
849 }
850
851 return (CRYPTO_SUCCESS);
852 }
853
854 /* ARGSUSED */
855 static int
blowfish_common_init_ctx(blowfish_ctx_t * blowfish_ctx,crypto_spi_ctx_template_t * template,crypto_mechanism_t * mechanism,crypto_key_t * key,int kmflag)856 blowfish_common_init_ctx(blowfish_ctx_t *blowfish_ctx,
857 crypto_spi_ctx_template_t *template, crypto_mechanism_t *mechanism,
858 crypto_key_t *key, int kmflag)
859 {
860 int rv = CRYPTO_SUCCESS;
861
862 /* EXPORT DELETE START */
863
864 void *keysched;
865 size_t size;
866
867 if (template == NULL) {
868 if ((keysched = blowfish_alloc_keysched(&size, kmflag)) == NULL)
869 return (CRYPTO_HOST_MEMORY);
870 /*
871 * Initialize key schedule.
872 * Key length is stored in the key.
873 */
874 if ((rv = init_keysched(key, keysched)) != CRYPTO_SUCCESS)
875 kmem_free(keysched, size);
876
877 blowfish_ctx->bc_flags |= PROVIDER_OWNS_KEY_SCHEDULE;
878 blowfish_ctx->bc_keysched_len = size;
879 } else {
880 keysched = template;
881 }
882 blowfish_ctx->bc_keysched = keysched;
883
884 switch (mechanism->cm_type) {
885 case BLOWFISH_CBC_MECH_INFO_TYPE:
886 rv = cbc_init_ctx((cbc_ctx_t *)blowfish_ctx,
887 mechanism->cm_param, mechanism->cm_param_len,
888 BLOWFISH_BLOCK_LEN, blowfish_copy_block64);
889 break;
890 case BLOWFISH_ECB_MECH_INFO_TYPE:
891 blowfish_ctx->bc_flags |= ECB_MODE;
892 }
893
894 if (rv != CRYPTO_SUCCESS) {
895 if (blowfish_ctx->bc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
896 bzero(keysched, size);
897 kmem_free(keysched, size);
898 }
899 }
900
901 /* EXPORT DELETE END */
902
903 return (rv);
904 }
905