10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 51808Smcpowers * Common Development and Distribution License (the "License"). 61808Smcpowers * You may not use this file except in compliance with the License. 70Sstevel@tonic-gate * 80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 100Sstevel@tonic-gate * See the License for the specific language governing permissions 110Sstevel@tonic-gate * and limitations under the License. 120Sstevel@tonic-gate * 130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 180Sstevel@tonic-gate * 190Sstevel@tonic-gate * CDDL HEADER END 200Sstevel@tonic-gate */ 210Sstevel@tonic-gate /* 223367Skrishna * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 230Sstevel@tonic-gate * Use is subject to license terms. 240Sstevel@tonic-gate */ 250Sstevel@tonic-gate 260Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 270Sstevel@tonic-gate 280Sstevel@tonic-gate #include <sys/errno.h> 290Sstevel@tonic-gate #include <sys/types.h> 300Sstevel@tonic-gate #include <sys/kmem.h> 31904Smcpowers #include <sys/sysmacros.h> 320Sstevel@tonic-gate #include <sys/crypto/common.h> 330Sstevel@tonic-gate #include <sys/crypto/impl.h> 340Sstevel@tonic-gate #include <sys/crypto/api.h> 350Sstevel@tonic-gate #include <sys/crypto/spi.h> 360Sstevel@tonic-gate #include <sys/crypto/sched_impl.h> 370Sstevel@tonic-gate 38904Smcpowers #define CRYPTO_OPS_OFFSET(f) offsetof(crypto_ops_t, co_##f) 39904Smcpowers #define CRYPTO_MAC_OFFSET(f) offsetof(crypto_mac_ops_t, f) 40904Smcpowers 410Sstevel@tonic-gate /* 420Sstevel@tonic-gate * Message authentication codes routines. 430Sstevel@tonic-gate */ 440Sstevel@tonic-gate 450Sstevel@tonic-gate /* 460Sstevel@tonic-gate * The following are the possible returned values common to all the routines 470Sstevel@tonic-gate * below. The applicability of some of these return values depends on the 480Sstevel@tonic-gate * presence of the arguments. 490Sstevel@tonic-gate * 500Sstevel@tonic-gate * CRYPTO_SUCCESS: The operation completed successfully. 510Sstevel@tonic-gate * CRYPTO_QUEUED: A request was submitted successfully. The callback 520Sstevel@tonic-gate * routine will be called when the operation is done. 530Sstevel@tonic-gate * CRYPTO_INVALID_MECH_NUMBER, CRYPTO_INVALID_MECH_PARAM, or 540Sstevel@tonic-gate * CRYPTO_INVALID_MECH for problems with the 'mech'. 550Sstevel@tonic-gate * CRYPTO_INVALID_DATA for bogus 'data' 560Sstevel@tonic-gate * CRYPTO_HOST_MEMORY for failure to allocate memory to handle this work. 570Sstevel@tonic-gate * CRYPTO_INVALID_CONTEXT: Not a valid context. 580Sstevel@tonic-gate * CRYPTO_BUSY: Cannot process the request now. Schedule a 590Sstevel@tonic-gate * crypto_bufcall(), or try later. 600Sstevel@tonic-gate * CRYPTO_NOT_SUPPORTED and CRYPTO_MECH_NOT_SUPPORTED: No provider is 610Sstevel@tonic-gate * capable of a function or a mechanism. 620Sstevel@tonic-gate * CRYPTO_INVALID_KEY: bogus 'key' argument. 630Sstevel@tonic-gate * CRYPTO_INVALID_MAC: bogus 'mac' argument. 640Sstevel@tonic-gate */ 650Sstevel@tonic-gate 660Sstevel@tonic-gate /* 670Sstevel@tonic-gate * crypto_mac_prov() 680Sstevel@tonic-gate * 690Sstevel@tonic-gate * Arguments: 700Sstevel@tonic-gate * mech: crypto_mechanism_t pointer. 710Sstevel@tonic-gate * mech_type is a valid value previously returned by 720Sstevel@tonic-gate * crypto_mech2id(); 730Sstevel@tonic-gate * When the mech's parameter is not NULL, its definition depends 740Sstevel@tonic-gate * on the standard definition of the mechanism. 750Sstevel@tonic-gate * key: pointer to a crypto_key_t structure. 760Sstevel@tonic-gate * data: The message to compute the MAC for. 770Sstevel@tonic-gate * mac: Storage for the MAC. The length needed depends on the mechanism. 780Sstevel@tonic-gate * tmpl: a crypto_ctx_template_t, opaque template of a context of a 790Sstevel@tonic-gate * MAC with the 'mech' using 'key'. 'tmpl' is created by 800Sstevel@tonic-gate * a previous call to crypto_create_ctx_template(). 810Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info. 820Sstevel@tonic-gate * 830Sstevel@tonic-gate * Description: 840Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs a 850Sstevel@tonic-gate * single-part message authentication of 'data' with the mechanism 860Sstevel@tonic-gate * 'mech', using * the key 'key', on the specified provider with 870Sstevel@tonic-gate * the specified session id. 880Sstevel@tonic-gate * When complete and successful, 'mac' will contain the message 890Sstevel@tonic-gate * authentication code. 900Sstevel@tonic-gate * 910Sstevel@tonic-gate * Context: 920Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'crq'. 930Sstevel@tonic-gate * 940Sstevel@tonic-gate * Returns: 950Sstevel@tonic-gate * See comment in the beginning of the file. 960Sstevel@tonic-gate */ 970Sstevel@tonic-gate int 98904Smcpowers crypto_mac_prov(crypto_provider_t provider, crypto_session_id_t sid, 99904Smcpowers crypto_mechanism_t *mech, crypto_data_t *data, crypto_key_t *key, 100904Smcpowers crypto_ctx_template_t tmpl, crypto_data_t *mac, crypto_call_req_t *crq) 1010Sstevel@tonic-gate { 1020Sstevel@tonic-gate kcf_req_params_t params; 103904Smcpowers kcf_provider_desc_t *pd = provider; 104904Smcpowers kcf_provider_desc_t *real_provider = pd; 105904Smcpowers int rv; 1060Sstevel@tonic-gate 1070Sstevel@tonic-gate ASSERT(KCF_PROV_REFHELD(pd)); 108904Smcpowers 109904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 110904Smcpowers rv = kcf_get_hardware_provider(mech->cm_type, 1111808Smcpowers CRYPTO_MECH_INVALID, CHECK_RESTRICT(crq), pd, 1121808Smcpowers &real_provider, CRYPTO_FG_MAC_ATOMIC); 113904Smcpowers 114904Smcpowers if (rv != CRYPTO_SUCCESS) 115904Smcpowers return (rv); 116904Smcpowers } 117904Smcpowers 1180Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_ATOMIC, sid, mech, key, 1190Sstevel@tonic-gate data, mac, tmpl); 120904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, ¶ms, B_FALSE); 121904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 122904Smcpowers KCF_PROV_REFRELE(real_provider); 1230Sstevel@tonic-gate 124904Smcpowers return (rv); 1250Sstevel@tonic-gate } 1260Sstevel@tonic-gate 1270Sstevel@tonic-gate /* 1280Sstevel@tonic-gate * Same as crypto_mac_prov(), but relies on the KCF scheduler to choose 1290Sstevel@tonic-gate * a provider. See crypto_mac() comments for more information. 1300Sstevel@tonic-gate */ 1310Sstevel@tonic-gate int 1320Sstevel@tonic-gate crypto_mac(crypto_mechanism_t *mech, crypto_data_t *data, 1330Sstevel@tonic-gate crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac, 1340Sstevel@tonic-gate crypto_call_req_t *crq) 1350Sstevel@tonic-gate { 1360Sstevel@tonic-gate int error; 1370Sstevel@tonic-gate kcf_mech_entry_t *me; 1380Sstevel@tonic-gate kcf_req_params_t params; 1390Sstevel@tonic-gate kcf_provider_desc_t *pd; 1400Sstevel@tonic-gate kcf_ctx_template_t *ctx_tmpl; 1410Sstevel@tonic-gate crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; 1420Sstevel@tonic-gate kcf_prov_tried_t *list = NULL; 1430Sstevel@tonic-gate 1440Sstevel@tonic-gate retry: 1450Sstevel@tonic-gate /* The pd is returned held */ 1460Sstevel@tonic-gate if ((pd = kcf_get_mech_provider(mech->cm_type, &me, &error, 1470Sstevel@tonic-gate list, CRYPTO_FG_MAC_ATOMIC, CHECK_RESTRICT(crq), 1480Sstevel@tonic-gate data->cd_length)) == NULL) { 1490Sstevel@tonic-gate if (list != NULL) 1500Sstevel@tonic-gate kcf_free_triedlist(list); 1510Sstevel@tonic-gate return (error); 1520Sstevel@tonic-gate } 1530Sstevel@tonic-gate 1540Sstevel@tonic-gate /* 1550Sstevel@tonic-gate * For SW providers, check the validity of the context template 1560Sstevel@tonic-gate * It is very rare that the generation number mis-matches, so 1570Sstevel@tonic-gate * is acceptable to fail here, and let the consumer recover by 1580Sstevel@tonic-gate * freeing this tmpl and create a new one for the key and new SW 1590Sstevel@tonic-gate * provider 1600Sstevel@tonic-gate */ 1610Sstevel@tonic-gate if ((pd->pd_prov_type == CRYPTO_SW_PROVIDER) && 1620Sstevel@tonic-gate ((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) { 1630Sstevel@tonic-gate if (ctx_tmpl->ct_generation != me->me_gen_swprov) { 1640Sstevel@tonic-gate if (list != NULL) 1650Sstevel@tonic-gate kcf_free_triedlist(list); 1660Sstevel@tonic-gate KCF_PROV_REFRELE(pd); 1670Sstevel@tonic-gate return (CRYPTO_OLD_CTX_TEMPLATE); 1680Sstevel@tonic-gate } else { 1690Sstevel@tonic-gate spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; 1700Sstevel@tonic-gate } 1710Sstevel@tonic-gate } 1720Sstevel@tonic-gate 1730Sstevel@tonic-gate /* The fast path for SW providers. */ 1740Sstevel@tonic-gate if (CHECK_FASTPATH(crq, pd)) { 1750Sstevel@tonic-gate crypto_mechanism_t lmech; 1760Sstevel@tonic-gate 1770Sstevel@tonic-gate lmech = *mech; 1780Sstevel@tonic-gate KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); 1790Sstevel@tonic-gate 1800Sstevel@tonic-gate error = KCF_PROV_MAC_ATOMIC(pd, pd->pd_sid, &lmech, key, data, 1810Sstevel@tonic-gate mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); 1820Sstevel@tonic-gate KCF_PROV_INCRSTATS(pd, error); 1830Sstevel@tonic-gate } else { 184*4072Skrishna if (pd->pd_prov_type == CRYPTO_HW_PROVIDER && 185*4072Skrishna (pd->pd_flags & CRYPTO_HASH_NO_UPDATE) && 186*4072Skrishna (data->cd_length > pd->pd_hash_limit)) { 187*4072Skrishna /* 188*4072Skrishna * XXX - We need a check to see if this is indeed 189*4072Skrishna * a HMAC. So far, all kernel clients use 190*4072Skrishna * this interface only for HMAC. So, this is fine 191*4072Skrishna * for now. 192*4072Skrishna */ 193*4072Skrishna error = CRYPTO_BUFFER_TOO_BIG; 194*4072Skrishna } else { 195*4072Skrishna KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_ATOMIC, 196*4072Skrishna pd->pd_sid, mech, key, data, mac, spi_ctx_tmpl); 1970Sstevel@tonic-gate 198*4072Skrishna error = kcf_submit_request(pd, NULL, crq, ¶ms, 199*4072Skrishna KCF_ISDUALREQ(crq)); 200*4072Skrishna } 2010Sstevel@tonic-gate } 2020Sstevel@tonic-gate 2030Sstevel@tonic-gate if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && 2040Sstevel@tonic-gate IS_RECOVERABLE(error)) { 2050Sstevel@tonic-gate /* Add pd to the linked list of providers tried. */ 2060Sstevel@tonic-gate if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL) 2070Sstevel@tonic-gate goto retry; 2080Sstevel@tonic-gate } 2090Sstevel@tonic-gate 2100Sstevel@tonic-gate if (list != NULL) 2110Sstevel@tonic-gate kcf_free_triedlist(list); 2120Sstevel@tonic-gate 2130Sstevel@tonic-gate KCF_PROV_REFRELE(pd); 2140Sstevel@tonic-gate return (error); 2150Sstevel@tonic-gate } 2160Sstevel@tonic-gate 2170Sstevel@tonic-gate /* 2180Sstevel@tonic-gate * Single part operation to compute the MAC corresponding to the specified 2190Sstevel@tonic-gate * 'data' and to verify that it matches the MAC specified by 'mac'. 2200Sstevel@tonic-gate * The other arguments are the same as the function crypto_mac_prov(). 2210Sstevel@tonic-gate */ 2220Sstevel@tonic-gate int 223904Smcpowers crypto_mac_verify_prov(crypto_provider_t provider, crypto_session_id_t sid, 224904Smcpowers crypto_mechanism_t *mech, crypto_data_t *data, crypto_key_t *key, 225904Smcpowers crypto_ctx_template_t tmpl, crypto_data_t *mac, crypto_call_req_t *crq) 2260Sstevel@tonic-gate { 2270Sstevel@tonic-gate kcf_req_params_t params; 228904Smcpowers kcf_provider_desc_t *pd = provider; 229904Smcpowers kcf_provider_desc_t *real_provider = pd; 230904Smcpowers int rv; 2310Sstevel@tonic-gate 2320Sstevel@tonic-gate ASSERT(KCF_PROV_REFHELD(pd)); 233904Smcpowers 234904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 235904Smcpowers rv = kcf_get_hardware_provider(mech->cm_type, 2361808Smcpowers CRYPTO_MECH_INVALID, CHECK_RESTRICT(crq), pd, 2371808Smcpowers &real_provider, CRYPTO_FG_MAC_ATOMIC); 238904Smcpowers 239904Smcpowers if (rv != CRYPTO_SUCCESS) 240904Smcpowers return (rv); 241904Smcpowers } 242904Smcpowers 2430Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_MAC_VERIFY_ATOMIC, sid, mech, 2440Sstevel@tonic-gate key, data, mac, tmpl); 245904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, ¶ms, B_FALSE); 246904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 247904Smcpowers KCF_PROV_REFRELE(real_provider); 2480Sstevel@tonic-gate 249904Smcpowers return (rv); 2500Sstevel@tonic-gate } 2510Sstevel@tonic-gate 2520Sstevel@tonic-gate /* 2530Sstevel@tonic-gate * Same as crypto_mac_verify_prov(), but relies on the KCF scheduler to choose 2540Sstevel@tonic-gate * a provider. See crypto_mac_verify_prov() comments for more information. 2550Sstevel@tonic-gate */ 2560Sstevel@tonic-gate int 2570Sstevel@tonic-gate crypto_mac_verify(crypto_mechanism_t *mech, crypto_data_t *data, 2580Sstevel@tonic-gate crypto_key_t *key, crypto_ctx_template_t tmpl, crypto_data_t *mac, 2590Sstevel@tonic-gate crypto_call_req_t *crq) 2600Sstevel@tonic-gate { 2610Sstevel@tonic-gate int error; 2620Sstevel@tonic-gate kcf_mech_entry_t *me; 2630Sstevel@tonic-gate kcf_req_params_t params; 2640Sstevel@tonic-gate kcf_provider_desc_t *pd; 2650Sstevel@tonic-gate kcf_ctx_template_t *ctx_tmpl; 2660Sstevel@tonic-gate crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; 2670Sstevel@tonic-gate kcf_prov_tried_t *list = NULL; 2680Sstevel@tonic-gate 2690Sstevel@tonic-gate retry: 2700Sstevel@tonic-gate /* The pd is returned held */ 2710Sstevel@tonic-gate if ((pd = kcf_get_mech_provider(mech->cm_type, &me, &error, 2720Sstevel@tonic-gate list, CRYPTO_FG_MAC_ATOMIC, CHECK_RESTRICT(crq), 2730Sstevel@tonic-gate data->cd_length)) == NULL) { 2740Sstevel@tonic-gate if (list != NULL) 2750Sstevel@tonic-gate kcf_free_triedlist(list); 2760Sstevel@tonic-gate return (error); 2770Sstevel@tonic-gate } 2780Sstevel@tonic-gate 2790Sstevel@tonic-gate /* 2800Sstevel@tonic-gate * For SW providers, check the validity of the context template 2810Sstevel@tonic-gate * It is very rare that the generation number mis-matches, so 2820Sstevel@tonic-gate * is acceptable to fail here, and let the consumer recover by 2830Sstevel@tonic-gate * freeing this tmpl and create a new one for the key and new SW 2840Sstevel@tonic-gate * provider 2850Sstevel@tonic-gate */ 2860Sstevel@tonic-gate if ((pd->pd_prov_type == CRYPTO_SW_PROVIDER) && 2870Sstevel@tonic-gate ((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) { 2880Sstevel@tonic-gate if (ctx_tmpl->ct_generation != me->me_gen_swprov) { 2890Sstevel@tonic-gate if (list != NULL) 2900Sstevel@tonic-gate kcf_free_triedlist(list); 2910Sstevel@tonic-gate KCF_PROV_REFRELE(pd); 2920Sstevel@tonic-gate return (CRYPTO_OLD_CTX_TEMPLATE); 2930Sstevel@tonic-gate } else { 2940Sstevel@tonic-gate spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; 2950Sstevel@tonic-gate } 2960Sstevel@tonic-gate } 2970Sstevel@tonic-gate 2980Sstevel@tonic-gate /* The fast path for SW providers. */ 2990Sstevel@tonic-gate if (CHECK_FASTPATH(crq, pd)) { 3000Sstevel@tonic-gate crypto_mechanism_t lmech; 3010Sstevel@tonic-gate 3020Sstevel@tonic-gate lmech = *mech; 3030Sstevel@tonic-gate KCF_SET_PROVIDER_MECHNUM(mech->cm_type, pd, &lmech); 3040Sstevel@tonic-gate 3050Sstevel@tonic-gate error = KCF_PROV_MAC_VERIFY_ATOMIC(pd, pd->pd_sid, &lmech, key, 3060Sstevel@tonic-gate data, mac, spi_ctx_tmpl, KCF_SWFP_RHNDL(crq)); 3070Sstevel@tonic-gate KCF_PROV_INCRSTATS(pd, error); 3080Sstevel@tonic-gate } else { 309*4072Skrishna if (pd->pd_prov_type == CRYPTO_HW_PROVIDER && 310*4072Skrishna (pd->pd_flags & CRYPTO_HASH_NO_UPDATE) && 311*4072Skrishna (data->cd_length > pd->pd_hash_limit)) { 312*4072Skrishna /* see comments in crypto_mac() */ 313*4072Skrishna error = CRYPTO_BUFFER_TOO_BIG; 314*4072Skrishna } else { 315*4072Skrishna KCF_WRAP_MAC_OPS_PARAMS(¶ms, 316*4072Skrishna KCF_OP_MAC_VERIFY_ATOMIC, pd->pd_sid, mech, 317*4072Skrishna key, data, mac, spi_ctx_tmpl); 3180Sstevel@tonic-gate 319*4072Skrishna error = kcf_submit_request(pd, NULL, crq, ¶ms, 320*4072Skrishna KCF_ISDUALREQ(crq)); 321*4072Skrishna } 3220Sstevel@tonic-gate } 3230Sstevel@tonic-gate 3240Sstevel@tonic-gate if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && 3250Sstevel@tonic-gate IS_RECOVERABLE(error)) { 3260Sstevel@tonic-gate /* Add pd to the linked list of providers tried. */ 3270Sstevel@tonic-gate if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL) 3280Sstevel@tonic-gate goto retry; 3290Sstevel@tonic-gate } 3300Sstevel@tonic-gate 3310Sstevel@tonic-gate if (list != NULL) 3320Sstevel@tonic-gate kcf_free_triedlist(list); 3330Sstevel@tonic-gate 3340Sstevel@tonic-gate KCF_PROV_REFRELE(pd); 3350Sstevel@tonic-gate return (error); 3360Sstevel@tonic-gate } 3370Sstevel@tonic-gate 3380Sstevel@tonic-gate 3390Sstevel@tonic-gate /* 3400Sstevel@tonic-gate * crypto_mac_init_prov() 3410Sstevel@tonic-gate * 3420Sstevel@tonic-gate * Arguments: 3430Sstevel@tonic-gate * pd: pointer to the descriptor of the provider to use for this 3440Sstevel@tonic-gate * operation. 3450Sstevel@tonic-gate * sid: provider session id. 3460Sstevel@tonic-gate * mech: crypto_mechanism_t pointer. 3470Sstevel@tonic-gate * mech_type is a valid value previously returned by 3480Sstevel@tonic-gate * crypto_mech2id(); 3490Sstevel@tonic-gate * When the mech's parameter is not NULL, its definition depends 3500Sstevel@tonic-gate * on the standard definition of the mechanism. 3510Sstevel@tonic-gate * key: pointer to a crypto_key_t structure. 3520Sstevel@tonic-gate * tmpl: a crypto_ctx_template_t, opaque template of a context of a 3530Sstevel@tonic-gate * MAC with the 'mech' using 'key'. 'tmpl' is created by 3540Sstevel@tonic-gate * a previous call to crypto_create_ctx_template(). 3550Sstevel@tonic-gate * ctxp: Pointer to a crypto_context_t. 3560Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info. 3570Sstevel@tonic-gate * 3580Sstevel@tonic-gate * Description: 3590Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs the 3600Sstevel@tonic-gate * initialization of a MAC operation on the specified provider with 3610Sstevel@tonic-gate * the specified session. 3620Sstevel@tonic-gate * When possible and applicable, will internally use the pre-computed MAC 3630Sstevel@tonic-gate * context from the context template, tmpl. 3640Sstevel@tonic-gate * When complete and successful, 'ctxp' will contain a crypto_context_t 3650Sstevel@tonic-gate * valid for later calls to mac_update() and mac_final(). 3660Sstevel@tonic-gate * The caller should hold a reference on the specified provider 3670Sstevel@tonic-gate * descriptor before calling this function. 3680Sstevel@tonic-gate * 3690Sstevel@tonic-gate * Context: 3700Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'cr'. 3710Sstevel@tonic-gate * 3720Sstevel@tonic-gate * Returns: 3730Sstevel@tonic-gate * See comment in the beginning of the file. 3740Sstevel@tonic-gate */ 3750Sstevel@tonic-gate int 376904Smcpowers crypto_mac_init_prov(crypto_provider_t provider, crypto_session_id_t sid, 3770Sstevel@tonic-gate crypto_mechanism_t *mech, crypto_key_t *key, crypto_spi_ctx_template_t tmpl, 3780Sstevel@tonic-gate crypto_context_t *ctxp, crypto_call_req_t *crq) 3790Sstevel@tonic-gate { 380904Smcpowers int rv; 3810Sstevel@tonic-gate crypto_ctx_t *ctx; 3820Sstevel@tonic-gate kcf_req_params_t params; 383904Smcpowers kcf_provider_desc_t *pd = provider; 384904Smcpowers kcf_provider_desc_t *real_provider = pd; 3850Sstevel@tonic-gate 3860Sstevel@tonic-gate ASSERT(KCF_PROV_REFHELD(pd)); 3870Sstevel@tonic-gate 388904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 389904Smcpowers rv = kcf_get_hardware_provider(mech->cm_type, 3901808Smcpowers CRYPTO_MECH_INVALID, CHECK_RESTRICT(crq), pd, 3911808Smcpowers &real_provider, CRYPTO_FG_MAC); 392904Smcpowers 393904Smcpowers if (rv != CRYPTO_SUCCESS) 394904Smcpowers return (rv); 395904Smcpowers } 396904Smcpowers 397904Smcpowers /* Allocate and initialize the canonical context */ 398904Smcpowers if ((ctx = kcf_new_ctx(crq, real_provider, sid)) == NULL) { 399904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 400904Smcpowers KCF_PROV_REFRELE(real_provider); 4010Sstevel@tonic-gate return (CRYPTO_HOST_MEMORY); 402904Smcpowers } 4030Sstevel@tonic-gate 4040Sstevel@tonic-gate /* The fast path for SW providers. */ 4050Sstevel@tonic-gate if (CHECK_FASTPATH(crq, pd)) { 4060Sstevel@tonic-gate crypto_mechanism_t lmech; 4070Sstevel@tonic-gate 4080Sstevel@tonic-gate lmech = *mech; 409904Smcpowers KCF_SET_PROVIDER_MECHNUM(mech->cm_type, real_provider, &lmech); 410904Smcpowers rv = KCF_PROV_MAC_INIT(real_provider, ctx, &lmech, key, tmpl, 4110Sstevel@tonic-gate KCF_SWFP_RHNDL(crq)); 412904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 4130Sstevel@tonic-gate } else { 4140Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_INIT, sid, mech, key, 4150Sstevel@tonic-gate NULL, NULL, tmpl); 416904Smcpowers rv = kcf_submit_request(real_provider, ctx, crq, ¶ms, 417904Smcpowers B_FALSE); 4180Sstevel@tonic-gate } 4190Sstevel@tonic-gate 420904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 421904Smcpowers KCF_PROV_REFRELE(real_provider); 422904Smcpowers 423904Smcpowers if ((rv == CRYPTO_SUCCESS) || (rv == CRYPTO_QUEUED)) 4240Sstevel@tonic-gate *ctxp = (crypto_context_t)ctx; 4250Sstevel@tonic-gate else { 4260Sstevel@tonic-gate /* Release the hold done in kcf_new_ctx(). */ 4270Sstevel@tonic-gate KCF_CONTEXT_REFRELE((kcf_context_t *)ctx->cc_framework_private); 4280Sstevel@tonic-gate } 4290Sstevel@tonic-gate 430904Smcpowers return (rv); 4310Sstevel@tonic-gate } 4320Sstevel@tonic-gate 4330Sstevel@tonic-gate /* 4340Sstevel@tonic-gate * Same as crypto_mac_init_prov(), but relies on the KCF scheduler to 4350Sstevel@tonic-gate * choose a provider. See crypto_mac_init_prov() comments for more 4360Sstevel@tonic-gate * information. 4370Sstevel@tonic-gate */ 4380Sstevel@tonic-gate int 4390Sstevel@tonic-gate crypto_mac_init(crypto_mechanism_t *mech, crypto_key_t *key, 4400Sstevel@tonic-gate crypto_ctx_template_t tmpl, crypto_context_t *ctxp, 4410Sstevel@tonic-gate crypto_call_req_t *crq) 4420Sstevel@tonic-gate { 4430Sstevel@tonic-gate int error; 4440Sstevel@tonic-gate kcf_mech_entry_t *me; 4450Sstevel@tonic-gate kcf_provider_desc_t *pd; 4460Sstevel@tonic-gate kcf_ctx_template_t *ctx_tmpl; 4470Sstevel@tonic-gate crypto_spi_ctx_template_t spi_ctx_tmpl = NULL; 4480Sstevel@tonic-gate kcf_prov_tried_t *list = NULL; 4490Sstevel@tonic-gate 4500Sstevel@tonic-gate retry: 4510Sstevel@tonic-gate /* The pd is returned held */ 4520Sstevel@tonic-gate if ((pd = kcf_get_mech_provider(mech->cm_type, &me, &error, 4530Sstevel@tonic-gate list, CRYPTO_FG_MAC, CHECK_RESTRICT(crq), 0)) == NULL) { 4540Sstevel@tonic-gate if (list != NULL) 4550Sstevel@tonic-gate kcf_free_triedlist(list); 4560Sstevel@tonic-gate return (error); 4570Sstevel@tonic-gate } 4580Sstevel@tonic-gate 4590Sstevel@tonic-gate /* 4600Sstevel@tonic-gate * For SW providers, check the validity of the context template 4610Sstevel@tonic-gate * It is very rare that the generation number mis-matches, so 4620Sstevel@tonic-gate * is acceptable to fail here, and let the consumer recover by 4630Sstevel@tonic-gate * freeing this tmpl and create a new one for the key and new SW 4640Sstevel@tonic-gate * provider 4650Sstevel@tonic-gate */ 4660Sstevel@tonic-gate 4670Sstevel@tonic-gate if ((pd->pd_prov_type == CRYPTO_SW_PROVIDER) && 4680Sstevel@tonic-gate ((ctx_tmpl = (kcf_ctx_template_t *)tmpl) != NULL)) { 4690Sstevel@tonic-gate if (ctx_tmpl->ct_generation != me->me_gen_swprov) { 4700Sstevel@tonic-gate if (list != NULL) 4710Sstevel@tonic-gate kcf_free_triedlist(list); 4720Sstevel@tonic-gate KCF_PROV_REFRELE(pd); 4730Sstevel@tonic-gate return (CRYPTO_OLD_CTX_TEMPLATE); 4740Sstevel@tonic-gate } else { 4750Sstevel@tonic-gate spi_ctx_tmpl = ctx_tmpl->ct_prov_tmpl; 4760Sstevel@tonic-gate } 4770Sstevel@tonic-gate } 4780Sstevel@tonic-gate 479*4072Skrishna if (pd->pd_prov_type == CRYPTO_HW_PROVIDER && 480*4072Skrishna (pd->pd_flags & CRYPTO_HASH_NO_UPDATE)) { 481*4072Skrishna /* 482*4072Skrishna * The hardware provider has limited HMAC support. 483*4072Skrishna * So, we fallback early here to using a software provider. 484*4072Skrishna * 485*4072Skrishna * XXX - need to enhance to do the fallback later in 486*4072Skrishna * crypto_mac_update() if the size of accumulated input data 487*4072Skrishna * exceeds the maximum size digestable by hardware provider. 488*4072Skrishna */ 489*4072Skrishna error = CRYPTO_BUFFER_TOO_BIG; 490*4072Skrishna } else { 491*4072Skrishna error = crypto_mac_init_prov(pd, pd->pd_sid, mech, key, 492*4072Skrishna spi_ctx_tmpl, ctxp, crq); 493*4072Skrishna } 4940Sstevel@tonic-gate if (error != CRYPTO_SUCCESS && error != CRYPTO_QUEUED && 4950Sstevel@tonic-gate IS_RECOVERABLE(error)) { 4960Sstevel@tonic-gate /* Add pd to the linked list of providers tried. */ 4970Sstevel@tonic-gate if (kcf_insert_triedlist(&list, pd, KCF_KMFLAG(crq)) != NULL) 4980Sstevel@tonic-gate goto retry; 4990Sstevel@tonic-gate } 5000Sstevel@tonic-gate 5010Sstevel@tonic-gate if (list != NULL) 5020Sstevel@tonic-gate kcf_free_triedlist(list); 5030Sstevel@tonic-gate 5040Sstevel@tonic-gate KCF_PROV_REFRELE(pd); 5050Sstevel@tonic-gate return (error); 5060Sstevel@tonic-gate } 5070Sstevel@tonic-gate 5080Sstevel@tonic-gate /* 5090Sstevel@tonic-gate * crypto_mac_update() 5100Sstevel@tonic-gate * 5110Sstevel@tonic-gate * Arguments: 5120Sstevel@tonic-gate * context: A crypto_context_t initialized by mac_init(). 5130Sstevel@tonic-gate * data: The message part to be MAC'ed 5140Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info. 5150Sstevel@tonic-gate * 5160Sstevel@tonic-gate * Description: 5170Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs a 5180Sstevel@tonic-gate * part of a MAC operation. 5190Sstevel@tonic-gate * 5200Sstevel@tonic-gate * Context: 5210Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'cr'. 5220Sstevel@tonic-gate * 5230Sstevel@tonic-gate * Returns: 5240Sstevel@tonic-gate * See comment in the beginning of the file. 5250Sstevel@tonic-gate */ 5260Sstevel@tonic-gate int 5270Sstevel@tonic-gate crypto_mac_update(crypto_context_t context, crypto_data_t *data, 5280Sstevel@tonic-gate crypto_call_req_t *cr) 5290Sstevel@tonic-gate { 5300Sstevel@tonic-gate crypto_ctx_t *ctx = (crypto_ctx_t *)context; 5310Sstevel@tonic-gate kcf_context_t *kcf_ctx; 5320Sstevel@tonic-gate kcf_provider_desc_t *pd; 5330Sstevel@tonic-gate kcf_req_params_t params; 534904Smcpowers int rv; 5350Sstevel@tonic-gate 5360Sstevel@tonic-gate if ((ctx == NULL) || 5370Sstevel@tonic-gate ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) || 5380Sstevel@tonic-gate ((pd = kcf_ctx->kc_prov_desc) == NULL)) { 5390Sstevel@tonic-gate return (CRYPTO_INVALID_CONTEXT); 5400Sstevel@tonic-gate } 5410Sstevel@tonic-gate 542904Smcpowers ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER); 5430Sstevel@tonic-gate 5440Sstevel@tonic-gate /* The fast path for SW providers. */ 5450Sstevel@tonic-gate if (CHECK_FASTPATH(cr, pd)) { 546904Smcpowers rv = KCF_PROV_MAC_UPDATE(pd, ctx, data, NULL); 547904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 5480Sstevel@tonic-gate } else { 549904Smcpowers KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_UPDATE, 550904Smcpowers ctx->cc_session, NULL, NULL, data, NULL, NULL); 551904Smcpowers rv = kcf_submit_request(pd, ctx, cr, ¶ms, B_FALSE); 5520Sstevel@tonic-gate } 5530Sstevel@tonic-gate 554904Smcpowers return (rv); 5550Sstevel@tonic-gate } 5560Sstevel@tonic-gate 5570Sstevel@tonic-gate /* 5580Sstevel@tonic-gate * crypto_mac_final() 5590Sstevel@tonic-gate * 5600Sstevel@tonic-gate * Arguments: 5610Sstevel@tonic-gate * context: A crypto_context_t initialized by mac_init(). 5620Sstevel@tonic-gate * mac: Storage for the message authentication code. 5630Sstevel@tonic-gate * cr: crypto_call_req_t calling conditions and call back info. 5640Sstevel@tonic-gate * 5650Sstevel@tonic-gate * Description: 5660Sstevel@tonic-gate * Asynchronously submits a request for, or synchronously performs a 5670Sstevel@tonic-gate * part of a message authentication operation. 5680Sstevel@tonic-gate * 5690Sstevel@tonic-gate * Context: 5700Sstevel@tonic-gate * Process or interrupt, according to the semantics dictated by the 'cr'. 5710Sstevel@tonic-gate * 5720Sstevel@tonic-gate * Returns: 5730Sstevel@tonic-gate * See comment in the beginning of the file. 5740Sstevel@tonic-gate */ 5750Sstevel@tonic-gate int 5760Sstevel@tonic-gate crypto_mac_final(crypto_context_t context, crypto_data_t *mac, 5770Sstevel@tonic-gate crypto_call_req_t *cr) 5780Sstevel@tonic-gate { 5790Sstevel@tonic-gate crypto_ctx_t *ctx = (crypto_ctx_t *)context; 5800Sstevel@tonic-gate kcf_context_t *kcf_ctx; 5810Sstevel@tonic-gate kcf_provider_desc_t *pd; 5820Sstevel@tonic-gate kcf_req_params_t params; 583904Smcpowers int rv; 5840Sstevel@tonic-gate 5850Sstevel@tonic-gate if ((ctx == NULL) || 5860Sstevel@tonic-gate ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) || 5870Sstevel@tonic-gate ((pd = kcf_ctx->kc_prov_desc) == NULL)) { 5880Sstevel@tonic-gate return (CRYPTO_INVALID_CONTEXT); 5890Sstevel@tonic-gate } 5900Sstevel@tonic-gate 591904Smcpowers ASSERT(pd->pd_prov_type != CRYPTO_LOGICAL_PROVIDER); 5920Sstevel@tonic-gate 5930Sstevel@tonic-gate /* The fast path for SW providers. */ 5940Sstevel@tonic-gate if (CHECK_FASTPATH(cr, pd)) { 595904Smcpowers rv = KCF_PROV_MAC_FINAL(pd, ctx, mac, NULL); 596904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 5970Sstevel@tonic-gate } else { 598904Smcpowers KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_FINAL, 599904Smcpowers ctx->cc_session, NULL, NULL, NULL, mac, NULL); 600904Smcpowers rv = kcf_submit_request(pd, ctx, cr, ¶ms, B_FALSE); 6010Sstevel@tonic-gate } 6020Sstevel@tonic-gate 6030Sstevel@tonic-gate /* Release the hold done in kcf_new_ctx() during init step. */ 604904Smcpowers KCF_CONTEXT_COND_RELEASE(rv, kcf_ctx); 605904Smcpowers return (rv); 6060Sstevel@tonic-gate } 6070Sstevel@tonic-gate 6080Sstevel@tonic-gate /* 6090Sstevel@tonic-gate * See comments for crypto_mac_update() and crypto_mac_final(). 6100Sstevel@tonic-gate */ 6110Sstevel@tonic-gate int 6120Sstevel@tonic-gate crypto_mac_single(crypto_context_t context, crypto_data_t *data, 6130Sstevel@tonic-gate crypto_data_t *mac, crypto_call_req_t *cr) 6140Sstevel@tonic-gate { 6150Sstevel@tonic-gate crypto_ctx_t *ctx = (crypto_ctx_t *)context; 6160Sstevel@tonic-gate kcf_context_t *kcf_ctx; 6170Sstevel@tonic-gate kcf_provider_desc_t *pd; 6180Sstevel@tonic-gate int error; 6190Sstevel@tonic-gate kcf_req_params_t params; 6200Sstevel@tonic-gate 6210Sstevel@tonic-gate 6220Sstevel@tonic-gate if ((ctx == NULL) || 6230Sstevel@tonic-gate ((kcf_ctx = (kcf_context_t *)ctx->cc_framework_private) == NULL) || 6240Sstevel@tonic-gate ((pd = kcf_ctx->kc_prov_desc) == NULL)) { 6250Sstevel@tonic-gate return (CRYPTO_INVALID_CONTEXT); 6260Sstevel@tonic-gate } 6270Sstevel@tonic-gate 6280Sstevel@tonic-gate 6290Sstevel@tonic-gate /* The fast path for SW providers. */ 6300Sstevel@tonic-gate if (CHECK_FASTPATH(cr, pd)) { 6310Sstevel@tonic-gate error = KCF_PROV_MAC(pd, ctx, data, mac, NULL); 6320Sstevel@tonic-gate KCF_PROV_INCRSTATS(pd, error); 6330Sstevel@tonic-gate } else { 6340Sstevel@tonic-gate KCF_WRAP_MAC_OPS_PARAMS(¶ms, KCF_OP_SINGLE, pd->pd_sid, 6350Sstevel@tonic-gate NULL, NULL, data, mac, NULL); 6360Sstevel@tonic-gate error = kcf_submit_request(pd, ctx, cr, ¶ms, B_FALSE); 6370Sstevel@tonic-gate } 6380Sstevel@tonic-gate 6390Sstevel@tonic-gate /* Release the hold done in kcf_new_ctx() during init step. */ 6400Sstevel@tonic-gate KCF_CONTEXT_COND_RELEASE(error, kcf_ctx); 6410Sstevel@tonic-gate return (error); 6420Sstevel@tonic-gate } 643