1*904Smcpowers /* 2*904Smcpowers * CDDL HEADER START 3*904Smcpowers * 4*904Smcpowers * The contents of this file are subject to the terms of the 5*904Smcpowers * Common Development and Distribution License, Version 1.0 only 6*904Smcpowers * (the "License"). You may not use this file except in compliance 7*904Smcpowers * with the License. 8*904Smcpowers * 9*904Smcpowers * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*904Smcpowers * or http://www.opensolaris.org/os/licensing. 11*904Smcpowers * See the License for the specific language governing permissions 12*904Smcpowers * and limitations under the License. 13*904Smcpowers * 14*904Smcpowers * When distributing Covered Code, include this CDDL HEADER in each 15*904Smcpowers * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*904Smcpowers * If applicable, add the following below this CDDL HEADER, with the 17*904Smcpowers * fields enclosed by brackets "[]" replaced with your own identifying 18*904Smcpowers * information: Portions Copyright [yyyy] [name of copyright owner] 19*904Smcpowers * 20*904Smcpowers * CDDL HEADER END 21*904Smcpowers */ 22*904Smcpowers /* 23*904Smcpowers * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24*904Smcpowers * Use is subject to license terms. 25*904Smcpowers */ 26*904Smcpowers 27*904Smcpowers 28*904Smcpowers #pragma ident "%Z%%M% %I% %E% SMI" 29*904Smcpowers 30*904Smcpowers #include <sys/errno.h> 31*904Smcpowers #include <sys/types.h> 32*904Smcpowers #include <sys/kmem.h> 33*904Smcpowers #include <sys/cmn_err.h> 34*904Smcpowers #include <sys/sysmacros.h> 35*904Smcpowers #include <sys/crypto/common.h> 36*904Smcpowers #include <sys/crypto/impl.h> 37*904Smcpowers #include <sys/crypto/api.h> 38*904Smcpowers #include <sys/crypto/spi.h> 39*904Smcpowers #include <sys/crypto/sched_impl.h> 40*904Smcpowers 41*904Smcpowers #define CRYPTO_OPS_OFFSET(f) offsetof(crypto_ops_t, co_##f) 42*904Smcpowers #define CRYPTO_OBJECT_OFFSET(f) offsetof(crypto_object_ops_t, f) 43*904Smcpowers 44*904Smcpowers int 45*904Smcpowers crypto_object_create(crypto_provider_t provider, crypto_session_id_t sid, 46*904Smcpowers crypto_object_attribute_t *attrs, uint_t count, 47*904Smcpowers crypto_object_id_t *object_handle, crypto_call_req_t *crq) 48*904Smcpowers { 49*904Smcpowers kcf_req_params_t params; 50*904Smcpowers kcf_provider_desc_t *pd = provider; 51*904Smcpowers kcf_provider_desc_t *real_provider = pd; 52*904Smcpowers int rv; 53*904Smcpowers 54*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 55*904Smcpowers 56*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 57*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 58*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_create), 59*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 60*904Smcpowers 61*904Smcpowers if (rv != CRYPTO_SUCCESS) 62*904Smcpowers return (rv); 63*904Smcpowers } 64*904Smcpowers 65*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 66*904Smcpowers rv = KCF_PROV_OBJECT_CREATE(real_provider, sid, 67*904Smcpowers attrs, count, object_handle, KCF_SWFP_RHNDL(crq)); 68*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 69*904Smcpowers } else { 70*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_CREATE, 71*904Smcpowers sid, 0, attrs, count, object_handle, 0, 72*904Smcpowers NULL, NULL, 0, NULL); 73*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 74*904Smcpowers ¶ms, B_FALSE); 75*904Smcpowers } 76*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 77*904Smcpowers KCF_PROV_REFRELE(real_provider); 78*904Smcpowers 79*904Smcpowers return (rv); 80*904Smcpowers } 81*904Smcpowers 82*904Smcpowers int 83*904Smcpowers crypto_object_destroy(crypto_provider_t provider, crypto_session_id_t sid, 84*904Smcpowers crypto_object_id_t object_handle, crypto_call_req_t *crq) 85*904Smcpowers { 86*904Smcpowers kcf_req_params_t params; 87*904Smcpowers kcf_provider_desc_t *pd = provider; 88*904Smcpowers kcf_provider_desc_t *real_provider = pd; 89*904Smcpowers int rv; 90*904Smcpowers 91*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 92*904Smcpowers 93*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 94*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 95*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_destroy), 96*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 97*904Smcpowers 98*904Smcpowers if (rv != CRYPTO_SUCCESS) 99*904Smcpowers return (rv); 100*904Smcpowers } 101*904Smcpowers 102*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 103*904Smcpowers rv = KCF_PROV_OBJECT_DESTROY(real_provider, sid, 104*904Smcpowers object_handle, KCF_SWFP_RHNDL(crq)); 105*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 106*904Smcpowers } else { 107*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_DESTROY, 108*904Smcpowers sid, object_handle, NULL, 0, NULL, 0, 109*904Smcpowers NULL, NULL, 0, NULL); 110*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 111*904Smcpowers ¶ms, B_FALSE); 112*904Smcpowers } 113*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 114*904Smcpowers KCF_PROV_REFRELE(real_provider); 115*904Smcpowers 116*904Smcpowers return (rv); 117*904Smcpowers } 118*904Smcpowers 119*904Smcpowers int 120*904Smcpowers crypto_object_copy(crypto_provider_t provider, crypto_session_id_t sid, 121*904Smcpowers crypto_object_id_t object_handle, crypto_object_attribute_t *attrs, 122*904Smcpowers uint_t count, crypto_object_id_t *new_handle, crypto_call_req_t *crq) 123*904Smcpowers { 124*904Smcpowers kcf_req_params_t params; 125*904Smcpowers kcf_provider_desc_t *pd = provider; 126*904Smcpowers kcf_provider_desc_t *real_provider = pd; 127*904Smcpowers int rv; 128*904Smcpowers 129*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 130*904Smcpowers 131*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 132*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 133*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_copy), 134*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 135*904Smcpowers 136*904Smcpowers if (rv != CRYPTO_SUCCESS) 137*904Smcpowers return (rv); 138*904Smcpowers } 139*904Smcpowers 140*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 141*904Smcpowers rv = KCF_PROV_OBJECT_COPY(real_provider, sid, 142*904Smcpowers object_handle, attrs, count, new_handle, 143*904Smcpowers KCF_SWFP_RHNDL(crq)); 144*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 145*904Smcpowers } else { 146*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_COPY, 147*904Smcpowers sid, object_handle, attrs, count, 148*904Smcpowers new_handle, 0, NULL, NULL, 0, NULL); 149*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 150*904Smcpowers ¶ms, B_FALSE); 151*904Smcpowers } 152*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 153*904Smcpowers KCF_PROV_REFRELE(real_provider); 154*904Smcpowers 155*904Smcpowers return (rv); 156*904Smcpowers } 157*904Smcpowers 158*904Smcpowers int 159*904Smcpowers crypto_object_get_attribute_value(crypto_provider_t provider, 160*904Smcpowers crypto_session_id_t sid, crypto_object_id_t object_handle, 161*904Smcpowers crypto_object_attribute_t *attrs, uint_t count, crypto_call_req_t *crq) 162*904Smcpowers { 163*904Smcpowers kcf_req_params_t params; 164*904Smcpowers kcf_provider_desc_t *pd = provider; 165*904Smcpowers kcf_provider_desc_t *real_provider = pd; 166*904Smcpowers int rv; 167*904Smcpowers 168*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 169*904Smcpowers 170*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 171*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 172*904Smcpowers object_ops), 173*904Smcpowers CRYPTO_OBJECT_OFFSET(object_get_attribute_value), 174*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 175*904Smcpowers 176*904Smcpowers if (rv != CRYPTO_SUCCESS) 177*904Smcpowers return (rv); 178*904Smcpowers } 179*904Smcpowers 180*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 181*904Smcpowers rv = KCF_PROV_OBJECT_GET_ATTRIBUTE_VALUE(real_provider, 182*904Smcpowers sid, object_handle, attrs, count, KCF_SWFP_RHNDL(crq)); 183*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 184*904Smcpowers } else { 185*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, 186*904Smcpowers KCF_OP_OBJECT_GET_ATTRIBUTE_VALUE, sid, object_handle, 187*904Smcpowers attrs, count, NULL, 0, NULL, NULL, 0, NULL); 188*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 189*904Smcpowers ¶ms, B_FALSE); 190*904Smcpowers } 191*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 192*904Smcpowers KCF_PROV_REFRELE(real_provider); 193*904Smcpowers 194*904Smcpowers return (rv); 195*904Smcpowers } 196*904Smcpowers 197*904Smcpowers int 198*904Smcpowers crypto_object_set_attribute_value(crypto_provider_t provider, 199*904Smcpowers crypto_session_id_t sid, crypto_object_id_t object_handle, 200*904Smcpowers crypto_object_attribute_t *attrs, uint_t count, crypto_call_req_t *crq) 201*904Smcpowers { 202*904Smcpowers kcf_req_params_t params; 203*904Smcpowers kcf_provider_desc_t *pd = provider; 204*904Smcpowers kcf_provider_desc_t *real_provider = pd; 205*904Smcpowers int rv; 206*904Smcpowers 207*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 208*904Smcpowers 209*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 210*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 211*904Smcpowers object_ops), 212*904Smcpowers CRYPTO_OBJECT_OFFSET(object_set_attribute_value), 213*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 214*904Smcpowers 215*904Smcpowers if (rv != CRYPTO_SUCCESS) 216*904Smcpowers return (rv); 217*904Smcpowers } 218*904Smcpowers 219*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 220*904Smcpowers rv = KCF_PROV_OBJECT_SET_ATTRIBUTE_VALUE(real_provider, 221*904Smcpowers sid, object_handle, attrs, count, KCF_SWFP_RHNDL(crq)); 222*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 223*904Smcpowers } else { 224*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, 225*904Smcpowers KCF_OP_OBJECT_SET_ATTRIBUTE_VALUE, sid, object_handle, 226*904Smcpowers attrs, count, NULL, 0, NULL, NULL, 0, NULL); 227*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 228*904Smcpowers ¶ms, B_FALSE); 229*904Smcpowers } 230*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 231*904Smcpowers KCF_PROV_REFRELE(real_provider); 232*904Smcpowers 233*904Smcpowers return (rv); 234*904Smcpowers } 235*904Smcpowers 236*904Smcpowers int 237*904Smcpowers crypto_object_get_size(crypto_provider_t provider, crypto_session_id_t sid, 238*904Smcpowers crypto_object_id_t object_handle, size_t *size, crypto_call_req_t *crq) 239*904Smcpowers { 240*904Smcpowers kcf_req_params_t params; 241*904Smcpowers kcf_provider_desc_t *pd = provider; 242*904Smcpowers kcf_provider_desc_t *real_provider = pd; 243*904Smcpowers int rv; 244*904Smcpowers 245*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 246*904Smcpowers 247*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 248*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 249*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_get_size), 250*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 251*904Smcpowers 252*904Smcpowers if (rv != CRYPTO_SUCCESS) 253*904Smcpowers return (rv); 254*904Smcpowers 255*904Smcpowers } 256*904Smcpowers 257*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 258*904Smcpowers rv = KCF_PROV_OBJECT_GET_SIZE(real_provider, 259*904Smcpowers sid, object_handle, size, KCF_SWFP_RHNDL(crq)); 260*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 261*904Smcpowers } else { 262*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_GET_SIZE, sid, 263*904Smcpowers object_handle, NULL, 0, NULL, size, NULL, NULL, 0, NULL); 264*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 265*904Smcpowers ¶ms, B_FALSE); 266*904Smcpowers } 267*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 268*904Smcpowers KCF_PROV_REFRELE(real_provider); 269*904Smcpowers 270*904Smcpowers return (rv); 271*904Smcpowers } 272*904Smcpowers 273*904Smcpowers int 274*904Smcpowers crypto_object_find_init(crypto_provider_t provider, crypto_session_id_t sid, 275*904Smcpowers crypto_object_attribute_t *attrs, uint_t count, void **cookie, 276*904Smcpowers crypto_call_req_t *crq) 277*904Smcpowers { 278*904Smcpowers kcf_req_params_t params; 279*904Smcpowers kcf_provider_desc_t *pd = provider; 280*904Smcpowers kcf_provider_desc_t *real_provider = pd; 281*904Smcpowers int rv; 282*904Smcpowers 283*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 284*904Smcpowers 285*904Smcpowers if (cookie == NULL) { 286*904Smcpowers return (CRYPTO_ARGUMENTS_BAD); 287*904Smcpowers } 288*904Smcpowers 289*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 290*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 291*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_find_init), 292*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 293*904Smcpowers 294*904Smcpowers if (rv != CRYPTO_SUCCESS) 295*904Smcpowers return (rv); 296*904Smcpowers } 297*904Smcpowers 298*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 299*904Smcpowers rv = KCF_PROV_OBJECT_FIND_INIT(real_provider, 300*904Smcpowers sid, attrs, count, cookie, KCF_SWFP_RHNDL(crq)); 301*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 302*904Smcpowers } else { 303*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_FIND_INIT, 304*904Smcpowers sid, 0, attrs, count, NULL, 0, cookie, NULL, 0, NULL); 305*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 306*904Smcpowers ¶ms, B_FALSE); 307*904Smcpowers } 308*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 309*904Smcpowers KCF_PROV_REFRELE(real_provider); 310*904Smcpowers 311*904Smcpowers return (rv); 312*904Smcpowers } 313*904Smcpowers 314*904Smcpowers int 315*904Smcpowers crypto_object_find_final(crypto_provider_t provider, void *cookie, 316*904Smcpowers crypto_call_req_t *crq) 317*904Smcpowers { 318*904Smcpowers kcf_req_params_t params; 319*904Smcpowers kcf_provider_desc_t *pd = provider; 320*904Smcpowers kcf_provider_desc_t *real_provider = pd; 321*904Smcpowers int rv; 322*904Smcpowers 323*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 324*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 325*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_find_final), 326*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 327*904Smcpowers 328*904Smcpowers if (rv != CRYPTO_SUCCESS) 329*904Smcpowers return (rv); 330*904Smcpowers } 331*904Smcpowers 332*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 333*904Smcpowers rv = KCF_PROV_OBJECT_FIND_FINAL(real_provider, 334*904Smcpowers cookie, KCF_SWFP_RHNDL(crq)); 335*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 336*904Smcpowers } else { 337*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_FIND_FINAL, 338*904Smcpowers 0, 0, NULL, 0, NULL, 0, NULL, cookie, 0, NULL); 339*904Smcpowers rv = kcf_submit_request(real_provider, NULL, NULL, ¶ms, 340*904Smcpowers B_FALSE); 341*904Smcpowers } 342*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 343*904Smcpowers KCF_PROV_REFRELE(real_provider); 344*904Smcpowers 345*904Smcpowers return (rv); 346*904Smcpowers } 347*904Smcpowers 348*904Smcpowers int 349*904Smcpowers crypto_object_find(crypto_provider_t provider, void *cookie, 350*904Smcpowers crypto_object_id_t *handles, uint_t *count, uint_t max_count, 351*904Smcpowers crypto_call_req_t *crq) 352*904Smcpowers { 353*904Smcpowers kcf_req_params_t params; 354*904Smcpowers kcf_provider_desc_t *pd = provider; 355*904Smcpowers kcf_provider_desc_t *real_provider = pd; 356*904Smcpowers int rv; 357*904Smcpowers 358*904Smcpowers ASSERT(KCF_PROV_REFHELD(pd)); 359*904Smcpowers 360*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) { 361*904Smcpowers rv = kcf_get_hardware_provider_nomech(CRYPTO_OPS_OFFSET( 362*904Smcpowers object_ops), CRYPTO_OBJECT_OFFSET(object_find), 363*904Smcpowers CHECK_RESTRICT(crq), pd, &real_provider); 364*904Smcpowers 365*904Smcpowers if (rv != CRYPTO_SUCCESS) 366*904Smcpowers return (rv); 367*904Smcpowers } 368*904Smcpowers 369*904Smcpowers if (CHECK_FASTPATH(crq, real_provider)) { 370*904Smcpowers rv = KCF_PROV_OBJECT_FIND(real_provider, cookie, handles, 371*904Smcpowers max_count, count, KCF_SWFP_RHNDL(crq)); 372*904Smcpowers KCF_PROV_INCRSTATS(pd, rv); 373*904Smcpowers } else { 374*904Smcpowers KCF_WRAP_OBJECT_OPS_PARAMS(¶ms, KCF_OP_OBJECT_FIND, 0, 375*904Smcpowers 0, NULL, 0, handles, 0, NULL, cookie, max_count, count); 376*904Smcpowers rv = kcf_submit_request(real_provider, NULL, crq, 377*904Smcpowers ¶ms, B_FALSE); 378*904Smcpowers } 379*904Smcpowers if (pd->pd_prov_type == CRYPTO_LOGICAL_PROVIDER) 380*904Smcpowers KCF_PROV_REFRELE(real_provider); 381*904Smcpowers 382*904Smcpowers return (rv); 383*904Smcpowers } 384