[Midnightbsd-cvs] src [10130] trunk/sys/crypto: sync with freebsd
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sun May 27 20:31:01 EDT 2018
Revision: 10130
http://svnweb.midnightbsd.org/src/?rev=10130
Author: laffer1
Date: 2018-05-27 20:31:00 -0400 (Sun, 27 May 2018)
Log Message:
-----------
sync with freebsd
Modified Paths:
--------------
trunk/sys/crypto/aesni/aeskeys_amd64.S
trunk/sys/crypto/aesni/aeskeys_i386.S
trunk/sys/crypto/aesni/aesni.c
trunk/sys/crypto/aesni/aesni.h
trunk/sys/crypto/aesni/aesni_wrap.c
trunk/sys/crypto/blowfish/arch/i386/bf_enc.S
trunk/sys/crypto/blowfish/arch/i386/bf_enc_586.S
trunk/sys/crypto/blowfish/arch/i386/bf_enc_686.S
trunk/sys/crypto/blowfish/bf_ecb.c
trunk/sys/crypto/blowfish/bf_enc.c
trunk/sys/crypto/blowfish/bf_locl.h
trunk/sys/crypto/blowfish/bf_pi.h
trunk/sys/crypto/blowfish/bf_skey.c
trunk/sys/crypto/blowfish/blowfish.h
trunk/sys/crypto/camellia/camellia-api.c
trunk/sys/crypto/camellia/camellia.c
trunk/sys/crypto/camellia/camellia.h
trunk/sys/crypto/des/arch/i386/des_enc.S
trunk/sys/crypto/des/des.h
trunk/sys/crypto/des/des_ecb.c
trunk/sys/crypto/des/des_enc.c
trunk/sys/crypto/des/des_locl.h
trunk/sys/crypto/des/des_setkey.c
trunk/sys/crypto/des/podd.h
trunk/sys/crypto/des/sk.h
trunk/sys/crypto/des/spr.h
trunk/sys/crypto/rc4/rc4.c
trunk/sys/crypto/rc4/rc4.h
trunk/sys/crypto/rijndael/Makefile
trunk/sys/crypto/rijndael/rijndael-alg-fst.c
trunk/sys/crypto/rijndael/rijndael-api-fst.c
trunk/sys/crypto/rijndael/rijndael-api-fst.h
trunk/sys/crypto/rijndael/rijndael-api.c
trunk/sys/crypto/rijndael/rijndael.h
trunk/sys/crypto/rijndael/rijndael_local.h
trunk/sys/crypto/rijndael/test00.c
trunk/sys/crypto/sha1.c
trunk/sys/crypto/sha1.h
trunk/sys/crypto/sha2/sha2.c
trunk/sys/crypto/via/padlock.c
trunk/sys/crypto/via/padlock.h
trunk/sys/crypto/via/padlock_cipher.c
trunk/sys/crypto/via/padlock_hash.c
Added Paths:
-----------
trunk/sys/crypto/aesni/aesencdec.h
trunk/sys/crypto/sha2/sha256.h
trunk/sys/crypto/sha2/sha256c.c
trunk/sys/crypto/sha2/sha384.h
trunk/sys/crypto/sha2/sha512.h
trunk/sys/crypto/sha2/sha512c.c
trunk/sys/crypto/sha2/sha512t.h
trunk/sys/crypto/siphash/
trunk/sys/crypto/siphash/siphash.c
trunk/sys/crypto/siphash/siphash.h
trunk/sys/crypto/siphash/siphash_test.c
Property Changed:
----------------
trunk/sys/crypto/aesni/aeskeys_amd64.S
trunk/sys/crypto/aesni/aeskeys_i386.S
trunk/sys/crypto/blowfish/arch/i386/bf_enc.S
trunk/sys/crypto/blowfish/arch/i386/bf_enc_586.S
trunk/sys/crypto/blowfish/arch/i386/bf_enc_686.S
trunk/sys/crypto/des/arch/i386/des_enc.S
Added: trunk/sys/crypto/aesni/aesencdec.h
===================================================================
--- trunk/sys/crypto/aesni/aesencdec.h (rev 0)
+++ trunk/sys/crypto/aesni/aesencdec.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,133 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright 2013 John-Mark Gurney <jmg at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: stable/10/sys/crypto/aesni/aesencdec.h 258212 2013-11-16 09:01:24Z jmg $
+ *
+ */
+
+#include <wmmintrin.h>
+
+static inline void
+aesni_enc8(int rounds, const __m128i *keysched, __m128i a,
+ __m128i b, __m128i c, __m128i d, __m128i e, __m128i f, __m128i g,
+ __m128i h, __m128i out[8])
+{
+ int i;
+
+ a ^= keysched[0];
+ b ^= keysched[0];
+ c ^= keysched[0];
+ d ^= keysched[0];
+ e ^= keysched[0];
+ f ^= keysched[0];
+ g ^= keysched[0];
+ h ^= keysched[0];
+
+ for (i = 0; i < rounds; i++) {
+ a = _mm_aesenc_si128(a, keysched[i + 1]);
+ b = _mm_aesenc_si128(b, keysched[i + 1]);
+ c = _mm_aesenc_si128(c, keysched[i + 1]);
+ d = _mm_aesenc_si128(d, keysched[i + 1]);
+ e = _mm_aesenc_si128(e, keysched[i + 1]);
+ f = _mm_aesenc_si128(f, keysched[i + 1]);
+ g = _mm_aesenc_si128(g, keysched[i + 1]);
+ h = _mm_aesenc_si128(h, keysched[i + 1]);
+ }
+
+ out[0] = _mm_aesenclast_si128(a, keysched[i + 1]);
+ out[1] = _mm_aesenclast_si128(b, keysched[i + 1]);
+ out[2] = _mm_aesenclast_si128(c, keysched[i + 1]);
+ out[3] = _mm_aesenclast_si128(d, keysched[i + 1]);
+ out[4] = _mm_aesenclast_si128(e, keysched[i + 1]);
+ out[5] = _mm_aesenclast_si128(f, keysched[i + 1]);
+ out[6] = _mm_aesenclast_si128(g, keysched[i + 1]);
+ out[7] = _mm_aesenclast_si128(h, keysched[i + 1]);
+}
+
+static inline void
+aesni_dec8(int rounds, const __m128i *keysched, __m128i a,
+ __m128i b, __m128i c, __m128i d, __m128i e, __m128i f, __m128i g,
+ __m128i h, __m128i out[8])
+{
+ int i;
+
+ a ^= keysched[0];
+ b ^= keysched[0];
+ c ^= keysched[0];
+ d ^= keysched[0];
+ e ^= keysched[0];
+ f ^= keysched[0];
+ g ^= keysched[0];
+ h ^= keysched[0];
+
+ for (i = 0; i < rounds; i++) {
+ a = _mm_aesdec_si128(a, keysched[i + 1]);
+ b = _mm_aesdec_si128(b, keysched[i + 1]);
+ c = _mm_aesdec_si128(c, keysched[i + 1]);
+ d = _mm_aesdec_si128(d, keysched[i + 1]);
+ e = _mm_aesdec_si128(e, keysched[i + 1]);
+ f = _mm_aesdec_si128(f, keysched[i + 1]);
+ g = _mm_aesdec_si128(g, keysched[i + 1]);
+ h = _mm_aesdec_si128(h, keysched[i + 1]);
+ }
+
+ out[0] = _mm_aesdeclast_si128(a, keysched[i + 1]);
+ out[1] = _mm_aesdeclast_si128(b, keysched[i + 1]);
+ out[2] = _mm_aesdeclast_si128(c, keysched[i + 1]);
+ out[3] = _mm_aesdeclast_si128(d, keysched[i + 1]);
+ out[4] = _mm_aesdeclast_si128(e, keysched[i + 1]);
+ out[5] = _mm_aesdeclast_si128(f, keysched[i + 1]);
+ out[6] = _mm_aesdeclast_si128(g, keysched[i + 1]);
+ out[7] = _mm_aesdeclast_si128(h, keysched[i + 1]);
+}
+
+static inline __m128i
+aesni_enc(int rounds, const __m128i *keysched, const __m128i from)
+{
+ __m128i tmp;
+ int i;
+
+ tmp = from ^ keysched[0];
+
+ for (i = 0; i < rounds; i++)
+ tmp = _mm_aesenc_si128(tmp, keysched[i + 1]);
+
+ return _mm_aesenclast_si128(tmp, keysched[i + 1]);
+}
+
+static inline __m128i
+aesni_dec(int rounds, const __m128i *keysched, const __m128i from)
+{
+ __m128i tmp;
+ int i;
+
+ tmp = from ^ keysched[0];
+
+ for (i = 0; i < rounds; i++)
+ tmp = _mm_aesdec_si128(tmp, keysched[i + 1]);
+
+ return _mm_aesdeclast_si128(tmp, keysched[i + 1]);
+}
Property changes on: trunk/sys/crypto/aesni/aesencdec.h
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Modified: trunk/sys/crypto/aesni/aeskeys_amd64.S
===================================================================
--- trunk/sys/crypto/aesni/aeskeys_amd64.S 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/aesni/aeskeys_amd64.S 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* The white paper of AES-NI instructions can be downloaded from:
* http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
@@ -125,103 +126,72 @@
movups 0x10(%rdi),%xmm2 # other user key
movaps %xmm2,(%rsi)
addq $0x10,%rsi
-// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01
+ aeskeygenassist $0x1,%xmm2,%xmm1 # round 1
call _key_expansion_256a
-// aeskeygenassist $0x1,%xmm0,%xmm1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01
+ aeskeygenassist $0x1,%xmm0,%xmm1
call _key_expansion_256b
-// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02
+ aeskeygenassist $0x2,%xmm2,%xmm1 # round 2
call _key_expansion_256a
-// aeskeygenassist $0x2,%xmm0,%xmm1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02
+ aeskeygenassist $0x2,%xmm0,%xmm1
call _key_expansion_256b
-// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04
+ aeskeygenassist $0x4,%xmm2,%xmm1 # round 3
call _key_expansion_256a
-// aeskeygenassist $0x4,%xmm0,%xmm1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04
+ aeskeygenassist $0x4,%xmm0,%xmm1
call _key_expansion_256b
-// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08
+ aeskeygenassist $0x8,%xmm2,%xmm1 # round 4
call _key_expansion_256a
-// aeskeygenassist $0x8,%xmm0,%xmm1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08
+ aeskeygenassist $0x8,%xmm0,%xmm1
call _key_expansion_256b
-// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10
+ aeskeygenassist $0x10,%xmm2,%xmm1 # round 5
call _key_expansion_256a
-// aeskeygenassist $0x10,%xmm0,%xmm1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10
+ aeskeygenassist $0x10,%xmm0,%xmm1
call _key_expansion_256b
-// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20
+ aeskeygenassist $0x20,%xmm2,%xmm1 # round 6
call _key_expansion_256a
-// aeskeygenassist $0x20,%xmm0,%xmm1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20
+ aeskeygenassist $0x20,%xmm0,%xmm1
call _key_expansion_256b
-// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40
+ aeskeygenassist $0x40,%xmm2,%xmm1 # round 7
call _key_expansion_256a
retq
.Lenc_key192:
movq 0x10(%rdi),%xmm2 # other user key
-// aeskeygenassist $0x1,%xmm2,%xmm1 # round 1
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x01
+ aeskeygenassist $0x1,%xmm2,%xmm1 # round 1
call _key_expansion_192a
-// aeskeygenassist $0x2,%xmm2,%xmm1 # round 2
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x02
+ aeskeygenassist $0x2,%xmm2,%xmm1 # round 2
call _key_expansion_192b
-// aeskeygenassist $0x4,%xmm2,%xmm1 # round 3
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x04
+ aeskeygenassist $0x4,%xmm2,%xmm1 # round 3
call _key_expansion_192a
-// aeskeygenassist $0x8,%xmm2,%xmm1 # round 4
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x08
+ aeskeygenassist $0x8,%xmm2,%xmm1 # round 4
call _key_expansion_192b
-// aeskeygenassist $0x10,%xmm2,%xmm1 # round 5
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x10
+ aeskeygenassist $0x10,%xmm2,%xmm1 # round 5
call _key_expansion_192a
-// aeskeygenassist $0x20,%xmm2,%xmm1 # round 6
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20
+ aeskeygenassist $0x20,%xmm2,%xmm1 # round 6
call _key_expansion_192b
-// aeskeygenassist $0x40,%xmm2,%xmm1 # round 7
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40
+ aeskeygenassist $0x40,%xmm2,%xmm1 # round 7
call _key_expansion_192a
-// aeskeygenassist $0x80,%xmm2,%xmm1 # round 8
- .byte 0x66,0x0f,0x3a,0xdf,0xca,0x80
+ aeskeygenassist $0x80,%xmm2,%xmm1 # round 8
call _key_expansion_192b
retq
.Lenc_key128:
-// aeskeygenassist $0x1,%xmm0,%xmm1 # round 1
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x01
+ aeskeygenassist $0x1,%xmm0,%xmm1 # round 1
call _key_expansion_128
-// aeskeygenassist $0x2,%xmm0,%xmm1 # round 2
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x02
+ aeskeygenassist $0x2,%xmm0,%xmm1 # round 2
call _key_expansion_128
-// aeskeygenassist $0x4,%xmm0,%xmm1 # round 3
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x04
+ aeskeygenassist $0x4,%xmm0,%xmm1 # round 3
call _key_expansion_128
-// aeskeygenassist $0x8,%xmm0,%xmm1 # round 4
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x08
+ aeskeygenassist $0x8,%xmm0,%xmm1 # round 4
call _key_expansion_128
-// aeskeygenassist $0x10,%xmm0,%xmm1 # round 5
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x10
+ aeskeygenassist $0x10,%xmm0,%xmm1 # round 5
call _key_expansion_128
-// aeskeygenassist $0x20,%xmm0,%xmm1 # round 6
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20
+ aeskeygenassist $0x20,%xmm0,%xmm1 # round 6
call _key_expansion_128
-// aeskeygenassist $0x40,%xmm0,%xmm1 # round 7
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x40
+ aeskeygenassist $0x40,%xmm0,%xmm1 # round 7
call _key_expansion_128
-// aeskeygenassist $0x80,%xmm0,%xmm1 # round 8
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x80
+ aeskeygenassist $0x80,%xmm0,%xmm1 # round 8
call _key_expansion_128
-// aeskeygenassist $0x1b,%xmm0,%xmm1 # round 9
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x1b
+ aeskeygenassist $0x1b,%xmm0,%xmm1 # round 9
call _key_expansion_128
-// aeskeygenassist $0x36,%xmm0,%xmm1 # round 10
- .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x36
+ aeskeygenassist $0x36,%xmm0,%xmm1 # round 10
call _key_expansion_128
retq
.cfi_endproc
@@ -238,8 +208,7 @@
1:
addq $0x10,%rsi
subq $0x10,%rdi
-// aesimc (%rdi),%xmm1
- .byte 0x66,0x0f,0x38,0xdb,0x0f
+ aesimc (%rdi),%xmm1
movdqa %xmm1,(%rsi)
decl %edx
jne 1b
@@ -252,4 +221,4 @@
.cfi_endproc
END(aesni_set_deckey)
- .ident "$MidnightBSD$"
+ .ident "$FreeBSD: stable/10/sys/crypto/aesni/aeskeys_amd64.S 255187 2013-09-03 18:31:23Z jmg $"
Property changes on: trunk/sys/crypto/aesni/aeskeys_amd64.S
___________________________________________________________________
Added: mnbsd:nokeywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/sys/crypto/aesni/aeskeys_i386.S
===================================================================
--- trunk/sys/crypto/aesni/aeskeys_i386.S 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/aesni/aeskeys_i386.S 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* The white paper of AES-NI instructions can be downloaded from:
* http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
@@ -270,4 +271,4 @@
.cfi_endproc
END(aesni_set_deckey)
- .ident "$MidnightBSD$"
+ .ident "$FreeBSD: stable/10/sys/crypto/aesni/aeskeys_i386.S 219178 2011-03-02 14:56:58Z kib $"
Property changes on: trunk/sys/crypto/aesni/aeskeys_i386.S
___________________________________________________________________
Added: mnbsd:nokeywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/sys/crypto/aesni/aesni.c
===================================================================
--- trunk/sys/crypto/aesni/aesni.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/aesni/aesni.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2005-2008 Pawel Jakub Dawidek <pjd at FreeBSD.org>
* Copyright (c) 2010 Konstantin Belousov <kib at FreeBSD.org>
@@ -26,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/aesni/aesni.c 323871 2017-09-21 19:30:32Z marius $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -39,10 +40,15 @@
#include <sys/rwlock.h>
#include <sys/bus.h>
#include <sys/uio.h>
+#include <sys/smp.h>
#include <crypto/aesni/aesni.h>
-#include "cryptodev_if.h"
+#include <cryptodev_if.h>
+static struct mtx_padalign *ctx_mtx;
+static struct fpu_kern_ctx **ctx_fpu;
+
struct aesni_softc {
+ int dieing;
int32_t cid;
uint32_t sid;
TAILQ_HEAD(aesni_sessions_head, aesni_session) sessions;
@@ -49,10 +55,27 @@
struct rwlock lock;
};
+#define AQUIRE_CTX(i, ctx) \
+ do { \
+ (i) = PCPU_GET(cpuid); \
+ mtx_lock(&ctx_mtx[(i)]); \
+ (ctx) = ctx_fpu[(i)]; \
+ } while (0)
+#define RELEASE_CTX(i, ctx) \
+ do { \
+ mtx_unlock(&ctx_mtx[(i)]); \
+ (i) = -1; \
+ (ctx) = NULL; \
+ } while (0)
+
static int aesni_newsession(device_t, uint32_t *sidp, struct cryptoini *cri);
static int aesni_freesession(device_t, uint64_t tid);
static void aesni_freesession_locked(struct aesni_softc *sc,
struct aesni_session *ses);
+static int aesni_cipher_setup(struct aesni_session *ses,
+ struct cryptoini *encini);
+static int aesni_cipher_process(struct aesni_session *ses,
+ struct cryptodesc *enccrd, struct cryptop *crp);
MALLOC_DEFINE(M_AESNI, "aesni_data", "AESNI Data");
@@ -74,24 +97,63 @@
device_printf(dev, "No AESNI support.\n");
return (EINVAL);
}
+
+ if ((cpu_feature & CPUID_SSE2) == 0) {
+ device_printf(dev, "No SSE2 support but AESNI!?!\n");
+ return (EINVAL);
+ }
+
device_set_desc_copy(dev, "AES-CBC,AES-XTS");
return (0);
}
+static void
+aensi_cleanctx(void)
+{
+ int i;
+
+ /* XXX - no way to return driverid */
+ CPU_FOREACH(i) {
+ if (ctx_fpu[i] != NULL) {
+ mtx_destroy(&ctx_mtx[i]);
+ fpu_kern_free_ctx(ctx_fpu[i]);
+ }
+ ctx_fpu[i] = NULL;
+ }
+ free(ctx_mtx, M_AESNI);
+ ctx_mtx = NULL;
+ free(ctx_fpu, M_AESNI);
+ ctx_fpu = NULL;
+}
+
static int
aesni_attach(device_t dev)
{
struct aesni_softc *sc;
+ int i;
sc = device_get_softc(dev);
+ sc->dieing = 0;
TAILQ_INIT(&sc->sessions);
sc->sid = 1;
- sc->cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE);
+
+ sc->cid = crypto_get_driverid(dev, CRYPTOCAP_F_HARDWARE |
+ CRYPTOCAP_F_SYNC);
if (sc->cid < 0) {
device_printf(dev, "Could not get crypto driver id.\n");
return (ENOMEM);
}
+ ctx_mtx = malloc(sizeof *ctx_mtx * (mp_maxid + 1), M_AESNI,
+ M_WAITOK|M_ZERO);
+ ctx_fpu = malloc(sizeof *ctx_fpu * (mp_maxid + 1), M_AESNI,
+ M_WAITOK|M_ZERO);
+
+ CPU_FOREACH(i) {
+ ctx_fpu[i] = fpu_kern_alloc_ctx(0);
+ mtx_init(&ctx_mtx[i], "anifpumtx", NULL, MTX_DEF|MTX_NEW);
+ }
+
rw_init(&sc->lock, "aesni_lock");
crypto_register(sc->cid, CRYPTO_AES_CBC, 0, 0);
crypto_register(sc->cid, CRYPTO_AES_XTS, 0, 0);
@@ -105,6 +167,7 @@
struct aesni_session *ses;
sc = device_get_softc(dev);
+
rw_wlock(&sc->lock);
TAILQ_FOREACH(ses, &sc->sessions, next) {
if (ses->used) {
@@ -114,14 +177,18 @@
return (EBUSY);
}
}
+ sc->dieing = 1;
while ((ses = TAILQ_FIRST(&sc->sessions)) != NULL) {
TAILQ_REMOVE(&sc->sessions, ses, next);
- fpu_kern_free_ctx(ses->fpu_ctx);
free(ses, M_AESNI);
}
rw_wunlock(&sc->lock);
+ crypto_unregister_all(sc->cid);
+
rw_destroy(&sc->lock);
- crypto_unregister_all(sc->cid);
+
+ aensi_cleanctx();
+
return (0);
}
@@ -137,6 +204,9 @@
return (EINVAL);
sc = device_get_softc(dev);
+ if (sc->dieing)
+ return (EINVAL);
+
ses = NULL;
encini = NULL;
for (; cri != NULL; cri = cri->cri_next) {
@@ -155,6 +225,10 @@
return (EINVAL);
rw_wlock(&sc->lock);
+ if (sc->dieing) {
+ rw_wunlock(&sc->lock);
+ return (EINVAL);
+ }
/*
* Free sessions goes first, so if first session is used, we need to
* allocate one.
@@ -166,13 +240,6 @@
rw_wunlock(&sc->lock);
return (ENOMEM);
}
- ses->fpu_ctx = fpu_kern_alloc_ctx(FPU_KERN_NORMAL |
- FPU_KERN_NOWAIT);
- if (ses->fpu_ctx == NULL) {
- free(ses, M_AESNI);
- rw_wunlock(&sc->lock);
- return (ENOMEM);
- }
ses->id = sc->sid++;
} else {
TAILQ_REMOVE(&sc->sessions, ses, next);
@@ -197,15 +264,14 @@
static void
aesni_freesession_locked(struct aesni_softc *sc, struct aesni_session *ses)
{
- struct fpu_kern_ctx *ctx;
uint32_t sid;
+ rw_assert(&sc->lock, RA_WLOCKED);
+
sid = ses->id;
TAILQ_REMOVE(&sc->sessions, ses, next);
- ctx = ses->fpu_ctx;
bzero(ses, sizeof(*ses));
ses->id = sid;
- ses->fpu_ctx = ctx;
TAILQ_INSERT_HEAD(&sc->sessions, ses, next);
}
@@ -347,3 +413,110 @@
DRIVER_MODULE(aesni, nexus, aesni_driver, aesni_devclass, 0, 0);
MODULE_VERSION(aesni, 1);
MODULE_DEPEND(aesni, crypto, 1, 1, 1);
+
+static int
+aesni_cipher_setup(struct aesni_session *ses, struct cryptoini *encini)
+{
+ struct fpu_kern_ctx *ctx;
+ int error;
+ int kt, ctxidx;
+
+ kt = is_fpu_kern_thread(0);
+ if (!kt) {
+ AQUIRE_CTX(ctxidx, ctx);
+ error = fpu_kern_enter(curthread, ctx,
+ FPU_KERN_NORMAL | FPU_KERN_KTHR);
+ if (error != 0)
+ goto out;
+ }
+
+ error = aesni_cipher_setup_common(ses, encini->cri_key,
+ encini->cri_klen);
+
+ if (!kt) {
+ fpu_kern_leave(curthread, ctx);
+out:
+ RELEASE_CTX(ctxidx, ctx);
+ }
+ return (error);
+}
+
+static int
+aesni_cipher_process(struct aesni_session *ses, struct cryptodesc *enccrd,
+ struct cryptop *crp)
+{
+ struct fpu_kern_ctx *ctx;
+ uint8_t *buf;
+ int error, allocated;
+ int kt, ctxidx;
+
+ buf = aesni_cipher_alloc(enccrd, crp, &allocated);
+ if (buf == NULL)
+ return (ENOMEM);
+
+ error = 0;
+ kt = is_fpu_kern_thread(0);
+ if (!kt) {
+ AQUIRE_CTX(ctxidx, ctx);
+ error = fpu_kern_enter(curthread, ctx,
+ FPU_KERN_NORMAL|FPU_KERN_KTHR);
+ if (error != 0)
+ goto out2;
+ }
+
+ if ((enccrd->crd_flags & CRD_F_KEY_EXPLICIT) != 0) {
+ error = aesni_cipher_setup_common(ses, enccrd->crd_key,
+ enccrd->crd_klen);
+ if (error != 0)
+ goto out;
+ }
+
+ if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0) {
+ if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0)
+ bcopy(enccrd->crd_iv, ses->iv, AES_BLOCK_LEN);
+ if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0)
+ crypto_copyback(crp->crp_flags, crp->crp_buf,
+ enccrd->crd_inject, AES_BLOCK_LEN, ses->iv);
+ if (ses->algo == CRYPTO_AES_CBC) {
+ aesni_encrypt_cbc(ses->rounds, ses->enc_schedule,
+ enccrd->crd_len, buf, buf, ses->iv);
+ } else /* if (ses->algo == CRYPTO_AES_XTS) */ {
+ aesni_encrypt_xts(ses->rounds, ses->enc_schedule,
+ ses->xts_schedule, enccrd->crd_len, buf, buf,
+ ses->iv);
+ }
+ } else {
+ if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0)
+ bcopy(enccrd->crd_iv, ses->iv, AES_BLOCK_LEN);
+ else
+ crypto_copydata(crp->crp_flags, crp->crp_buf,
+ enccrd->crd_inject, AES_BLOCK_LEN, ses->iv);
+ if (ses->algo == CRYPTO_AES_CBC) {
+ aesni_decrypt_cbc(ses->rounds, ses->dec_schedule,
+ enccrd->crd_len, buf, ses->iv);
+ } else /* if (ses->algo == CRYPTO_AES_XTS) */ {
+ aesni_decrypt_xts(ses->rounds, ses->dec_schedule,
+ ses->xts_schedule, enccrd->crd_len, buf, buf,
+ ses->iv);
+ }
+ }
+ if (allocated)
+ crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip,
+ enccrd->crd_len, buf);
+ if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0)
+ crypto_copydata(crp->crp_flags, crp->crp_buf,
+ enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN,
+ AES_BLOCK_LEN, ses->iv);
+out:
+ if (!kt) {
+ fpu_kern_leave(curthread, ctx);
+out2:
+ RELEASE_CTX(ctxidx, ctx);
+ }
+
+ if (allocated) {
+ bzero(buf, enccrd->crd_len);
+ free(buf, M_AESNI);
+ }
+ return (error);
+}
Modified: trunk/sys/crypto/aesni/aesni.h
===================================================================
--- trunk/sys/crypto/aesni/aesni.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/aesni/aesni.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2010 Konstantin Belousov <kib at FreeBSD.org>
* All rights reserved.
@@ -23,7 +24,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/aesni/aesni.h 323871 2017-09-21 19:30:32Z marius $
*/
#ifndef _AESNI_H_
@@ -65,41 +66,39 @@
int used;
uint32_t id;
TAILQ_ENTRY(aesni_session) next;
- struct fpu_kern_ctx *fpu_ctx;
};
/*
* Internal functions, implemented in assembler.
*/
-void aesni_enc(int rounds, const uint8_t *key_schedule,
- const uint8_t from[AES_BLOCK_LEN], uint8_t to[AES_BLOCK_LEN],
- const uint8_t iv[AES_BLOCK_LEN]);
-void aesni_dec(int rounds, const uint8_t *key_schedule,
- const uint8_t from[AES_BLOCK_LEN], uint8_t to[AES_BLOCK_LEN],
- const uint8_t iv[AES_BLOCK_LEN]);
-void aesni_set_enckey(const uint8_t *userkey, uint8_t *encrypt_schedule,
- int number_of_rounds);
-void aesni_set_deckey(const uint8_t *encrypt_schedule,
- uint8_t *decrypt_schedule, int number_of_rounds);
+void aesni_set_enckey(const uint8_t *userkey,
+ uint8_t *encrypt_schedule /*__aligned(16)*/, int number_of_rounds);
+void aesni_set_deckey(const uint8_t *encrypt_schedule /*__aligned(16)*/,
+ uint8_t *decrypt_schedule /*__aligned(16)*/, int number_of_rounds);
/*
* Slightly more public interfaces.
*/
-void aesni_encrypt_cbc(int rounds, const void *key_schedule, size_t len,
+void aesni_encrypt_cbc(int rounds, const void *key_schedule /*__aligned(16)*/,
+ size_t len, const uint8_t *from, uint8_t *to,
+ const uint8_t iv[AES_BLOCK_LEN]);
+void aesni_decrypt_cbc(int rounds, const void *key_schedule /*__aligned(16)*/,
+ size_t len, uint8_t *buf, const uint8_t iv[AES_BLOCK_LEN]);
+void aesni_encrypt_ecb(int rounds, const void *key_schedule /*__aligned(16)*/,
+ size_t len, const uint8_t *from, uint8_t *to);
+void aesni_decrypt_ecb(int rounds, const void *key_schedule /*__aligned(16)*/,
+ size_t len, const uint8_t *from, uint8_t *to);
+
+void aesni_encrypt_xts(int rounds, const void *data_schedule /*__aligned(16)*/,
+ const void *tweak_schedule /*__aligned(16)*/, size_t len,
const uint8_t *from, uint8_t *to, const uint8_t iv[AES_BLOCK_LEN]);
-void aesni_decrypt_cbc(int rounds, const void *key_schedule, size_t len,
- const uint8_t *from, const uint8_t iv[AES_BLOCK_LEN]);
-void aesni_encrypt_ecb(int rounds, const void *key_schedule, size_t len,
- const uint8_t from[AES_BLOCK_LEN], uint8_t to[AES_BLOCK_LEN]);
-void aesni_decrypt_ecb(int rounds, const void *key_schedule, size_t len,
- const uint8_t from[AES_BLOCK_LEN], uint8_t to[AES_BLOCK_LEN]);
+void aesni_decrypt_xts(int rounds, const void *data_schedule /*__aligned(16)*/,
+ const void *tweak_schedule /*__aligned(16)*/, size_t len,
+ const uint8_t *from, uint8_t *to, const uint8_t iv[AES_BLOCK_LEN]);
-int aesni_cipher_setup(struct aesni_session *ses,
- struct cryptoini *encini);
-int aesni_cipher_process(struct aesni_session *ses,
- struct cryptodesc *enccrd, struct cryptop *crp);
-
+int aesni_cipher_setup_common(struct aesni_session *ses, const uint8_t *key,
+ int keylen);
uint8_t *aesni_cipher_alloc(struct cryptodesc *enccrd, struct cryptop *crp,
int *allocated);
-#endif
+#endif /* _AESNI_H_ */
Modified: trunk/sys/crypto/aesni/aesni_wrap.c
===================================================================
--- trunk/sys/crypto/aesni/aesni_wrap.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/aesni/aesni_wrap.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,6 +1,9 @@
+/* $MidnightBSD$ */
/*-
+ * Copyright (C) 2008 Damien Miller <djm at mindrot.org>
* Copyright (c) 2010 Konstantin Belousov <kib at FreeBSD.org>
- * Copyright (c) 2010 Pawel Jakub Dawidek <pjd at FreeBSD.org>
+ * Copyright (c) 2010-2011 Pawel Jakub Dawidek <pawel at dawidek.net>
+ * Copyright 2012-2013 John-Mark Gurney <jmg at FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,8 +29,8 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
-
+__FBSDID("$FreeBSD: stable/10/sys/crypto/aesni/aesni_wrap.c 268034 2014-06-30 09:51:27Z kib $");
+
#include <sys/param.h>
#include <sys/libkern.h>
#include <sys/malloc.h>
@@ -34,21 +37,29 @@
#include <sys/proc.h>
#include <sys/systm.h>
#include <crypto/aesni/aesni.h>
+
+#include "aesencdec.h"
MALLOC_DECLARE(M_AESNI);
+struct blocks8 {
+ __m128i blk[8];
+} __packed;
+
void
aesni_encrypt_cbc(int rounds, const void *key_schedule, size_t len,
const uint8_t *from, uint8_t *to, const uint8_t iv[AES_BLOCK_LEN])
{
- const uint8_t *ivp;
+ __m128i tot, ivreg;
size_t i;
len /= AES_BLOCK_LEN;
- ivp = iv;
+ ivreg = _mm_loadu_si128((const __m128i *)iv);
for (i = 0; i < len; i++) {
- aesni_enc(rounds - 1, key_schedule, from, to, ivp);
- ivp = to;
+ tot = aesni_enc(rounds - 1, key_schedule,
+ _mm_loadu_si128((const __m128i *)from) ^ ivreg);
+ ivreg = tot;
+ _mm_storeu_si128((__m128i *)to, tot);
from += AES_BLOCK_LEN;
to += AES_BLOCK_LEN;
}
@@ -55,14 +66,73 @@
}
void
+aesni_decrypt_cbc(int rounds, const void *key_schedule, size_t len,
+ uint8_t *buf, const uint8_t iv[AES_BLOCK_LEN])
+{
+ __m128i blocks[8];
+ struct blocks8 *blks;
+ __m128i ivreg, nextiv;
+ size_t i, j, cnt;
+
+ ivreg = _mm_loadu_si128((const __m128i *)iv);
+ cnt = len / AES_BLOCK_LEN / 8;
+ for (i = 0; i < cnt; i++) {
+ blks = (struct blocks8 *)buf;
+ aesni_dec8(rounds - 1, key_schedule, blks->blk[0], blks->blk[1],
+ blks->blk[2], blks->blk[3], blks->blk[4], blks->blk[5],
+ blks->blk[6], blks->blk[7], &blocks[0]);
+ for (j = 0; j < 8; j++) {
+ nextiv = blks->blk[j];
+ blks->blk[j] = blocks[j] ^ ivreg;
+ ivreg = nextiv;
+ }
+ buf += AES_BLOCK_LEN * 8;
+ }
+ i *= 8;
+ cnt = len / AES_BLOCK_LEN;
+ for (; i < cnt; i++) {
+ nextiv = _mm_loadu_si128((void *)buf);
+ _mm_storeu_si128((void *)buf,
+ aesni_dec(rounds - 1, key_schedule, nextiv) ^ ivreg);
+ ivreg = nextiv;
+ buf += AES_BLOCK_LEN;
+ }
+}
+
+void
aesni_encrypt_ecb(int rounds, const void *key_schedule, size_t len,
- const uint8_t from[AES_BLOCK_LEN], uint8_t to[AES_BLOCK_LEN])
+ const uint8_t *from, uint8_t *to)
{
- size_t i;
+ __m128i tot;
+ __m128i tout[8];
+ struct blocks8 *top;
+ const struct blocks8 *blks;
+ size_t i, cnt;
- len /= AES_BLOCK_LEN;
- for (i = 0; i < len; i++) {
- aesni_enc(rounds - 1, key_schedule, from, to, NULL);
+ cnt = len / AES_BLOCK_LEN / 8;
+ for (i = 0; i < cnt; i++) {
+ blks = (const struct blocks8 *)from;
+ top = (struct blocks8 *)to;
+ aesni_enc8(rounds - 1, key_schedule, blks->blk[0], blks->blk[1],
+ blks->blk[2], blks->blk[3], blks->blk[4], blks->blk[5],
+ blks->blk[6], blks->blk[7], tout);
+ top->blk[0] = tout[0];
+ top->blk[1] = tout[1];
+ top->blk[2] = tout[2];
+ top->blk[3] = tout[3];
+ top->blk[4] = tout[4];
+ top->blk[5] = tout[5];
+ top->blk[6] = tout[6];
+ top->blk[7] = tout[7];
+ from += AES_BLOCK_LEN * 8;
+ to += AES_BLOCK_LEN * 8;
+ }
+ i *= 8;
+ cnt = len / AES_BLOCK_LEN;
+ for (; i < cnt; i++) {
+ tot = aesni_enc(rounds - 1, key_schedule,
+ _mm_loadu_si128((const __m128i *)from));
+ _mm_storeu_si128((__m128i *)to, tot);
from += AES_BLOCK_LEN;
to += AES_BLOCK_LEN;
}
@@ -72,11 +142,36 @@
aesni_decrypt_ecb(int rounds, const void *key_schedule, size_t len,
const uint8_t from[AES_BLOCK_LEN], uint8_t to[AES_BLOCK_LEN])
{
- size_t i;
+ __m128i tot;
+ __m128i tout[8];
+ const struct blocks8 *blks;
+ struct blocks8 *top;
+ size_t i, cnt;
- len /= AES_BLOCK_LEN;
- for (i = 0; i < len; i++) {
- aesni_dec(rounds - 1, key_schedule, from, to, NULL);
+ cnt = len / AES_BLOCK_LEN / 8;
+ for (i = 0; i < cnt; i++) {
+ blks = (const struct blocks8 *)from;
+ top = (struct blocks8 *)to;
+ aesni_dec8(rounds - 1, key_schedule, blks->blk[0], blks->blk[1],
+ blks->blk[2], blks->blk[3], blks->blk[4], blks->blk[5],
+ blks->blk[6], blks->blk[7], tout);
+ top->blk[0] = tout[0];
+ top->blk[1] = tout[1];
+ top->blk[2] = tout[2];
+ top->blk[3] = tout[3];
+ top->blk[4] = tout[4];
+ top->blk[5] = tout[5];
+ top->blk[6] = tout[6];
+ top->blk[7] = tout[7];
+ from += AES_BLOCK_LEN * 8;
+ to += AES_BLOCK_LEN * 8;
+ }
+ i *= 8;
+ cnt = len / AES_BLOCK_LEN;
+ for (; i < cnt; i++) {
+ tot = aesni_dec(rounds - 1, key_schedule,
+ _mm_loadu_si128((const __m128i *)from));
+ _mm_storeu_si128((__m128i *)to, tot);
from += AES_BLOCK_LEN;
to += AES_BLOCK_LEN;
}
@@ -86,70 +181,136 @@
#define AES_XTS_IVSIZE 8
#define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */
+static inline __m128i
+xts_crank_lfsr(__m128i inp)
+{
+ const __m128i alphamask = _mm_set_epi32(1, 1, 1, AES_XTS_ALPHA);
+ __m128i xtweak, ret;
+
+ /* set up xor mask */
+ xtweak = _mm_shuffle_epi32(inp, 0x93);
+ xtweak = _mm_srai_epi32(xtweak, 31);
+ xtweak &= alphamask;
+
+ /* next term */
+ ret = _mm_slli_epi32(inp, 1);
+ ret ^= xtweak;
+
+ return ret;
+}
+
static void
-aesni_crypt_xts_block(int rounds, const void *key_schedule, uint8_t *tweak,
+aesni_crypt_xts_block(int rounds, const __m128i *key_schedule, __m128i *tweak,
const uint8_t *from, uint8_t *to, int do_encrypt)
{
- uint8_t block[AES_XTS_BLOCKSIZE];
- u_int i, carry_in, carry_out;
+ __m128i block;
- for (i = 0; i < AES_XTS_BLOCKSIZE; i++)
- block[i] = from[i] ^ tweak[i];
+ block = _mm_loadu_si128((const __m128i *)from) ^ *tweak;
if (do_encrypt)
- aesni_enc(rounds - 1, key_schedule, block, to, NULL);
+ block = aesni_enc(rounds - 1, key_schedule, block);
else
- aesni_dec(rounds - 1, key_schedule, block, to, NULL);
+ block = aesni_dec(rounds - 1, key_schedule, block);
- for (i = 0; i < AES_XTS_BLOCKSIZE; i++)
- to[i] ^= tweak[i];
+ _mm_storeu_si128((__m128i *)to, block ^ *tweak);
- /* Exponentiate tweak. */
- carry_in = 0;
- for (i = 0; i < AES_XTS_BLOCKSIZE; i++) {
- carry_out = tweak[i] & 0x80;
- tweak[i] = (tweak[i] << 1) | (carry_in ? 1 : 0);
- carry_in = carry_out;
- }
- if (carry_in)
- tweak[0] ^= AES_XTS_ALPHA;
- bzero(block, sizeof(block));
+ *tweak = xts_crank_lfsr(*tweak);
}
static void
-aesni_crypt_xts(int rounds, const void *data_schedule,
- const void *tweak_schedule, size_t len, const uint8_t *from, uint8_t *to,
- const uint8_t iv[AES_BLOCK_LEN], int do_encrypt)
+aesni_crypt_xts_block8(int rounds, const __m128i *key_schedule, __m128i *tweak,
+ const uint8_t *from, uint8_t *to, int do_encrypt)
{
- uint8_t tweak[AES_XTS_BLOCKSIZE];
- uint64_t blocknum;
- size_t i;
+ __m128i tmptweak;
+ __m128i a, b, c, d, e, f, g, h;
+ __m128i tweaks[8];
+ __m128i tmp[8];
+ __m128i *top;
+ const __m128i *fromp;
+ tmptweak = *tweak;
+
/*
+ * unroll the loop. This lets gcc put values directly in the
+ * register and saves memory accesses.
+ */
+ fromp = (const __m128i *)from;
+#define PREPINP(v, pos) \
+ do { \
+ tweaks[(pos)] = tmptweak; \
+ (v) = _mm_loadu_si128(&fromp[pos]) ^ \
+ tmptweak; \
+ tmptweak = xts_crank_lfsr(tmptweak); \
+ } while (0)
+ PREPINP(a, 0);
+ PREPINP(b, 1);
+ PREPINP(c, 2);
+ PREPINP(d, 3);
+ PREPINP(e, 4);
+ PREPINP(f, 5);
+ PREPINP(g, 6);
+ PREPINP(h, 7);
+ *tweak = tmptweak;
+
+ if (do_encrypt)
+ aesni_enc8(rounds - 1, key_schedule, a, b, c, d, e, f, g, h,
+ tmp);
+ else
+ aesni_dec8(rounds - 1, key_schedule, a, b, c, d, e, f, g, h,
+ tmp);
+
+ top = (__m128i *)to;
+ _mm_storeu_si128(&top[0], tmp[0] ^ tweaks[0]);
+ _mm_storeu_si128(&top[1], tmp[1] ^ tweaks[1]);
+ _mm_storeu_si128(&top[2], tmp[2] ^ tweaks[2]);
+ _mm_storeu_si128(&top[3], tmp[3] ^ tweaks[3]);
+ _mm_storeu_si128(&top[4], tmp[4] ^ tweaks[4]);
+ _mm_storeu_si128(&top[5], tmp[5] ^ tweaks[5]);
+ _mm_storeu_si128(&top[6], tmp[6] ^ tweaks[6]);
+ _mm_storeu_si128(&top[7], tmp[7] ^ tweaks[7]);
+}
+
+static void
+aesni_crypt_xts(int rounds, const __m128i *data_schedule,
+ const __m128i *tweak_schedule, size_t len, const uint8_t *from,
+ uint8_t *to, const uint8_t iv[AES_BLOCK_LEN], int do_encrypt)
+{
+ __m128i tweakreg;
+ uint8_t tweak[AES_XTS_BLOCKSIZE] __aligned(16);
+ size_t i, cnt;
+
+ /*
* Prepare tweak as E_k2(IV). IV is specified as LE representation
* of a 64-bit block number which we allow to be passed in directly.
*/
- bcopy(iv, &blocknum, AES_XTS_IVSIZE);
- for (i = 0; i < AES_XTS_IVSIZE; i++) {
- tweak[i] = blocknum & 0xff;
- blocknum >>= 8;
- }
+#if BYTE_ORDER == LITTLE_ENDIAN
+ bcopy(iv, tweak, AES_XTS_IVSIZE);
/* Last 64 bits of IV are always zero. */
bzero(tweak + AES_XTS_IVSIZE, AES_XTS_IVSIZE);
- aesni_enc(rounds - 1, tweak_schedule, tweak, tweak, NULL);
+#else
+#error Only LITTLE_ENDIAN architectures are supported.
+#endif
+ tweakreg = _mm_loadu_si128((__m128i *)&tweak[0]);
+ tweakreg = aesni_enc(rounds - 1, tweak_schedule, tweakreg);
- len /= AES_XTS_BLOCKSIZE;
- for (i = 0; i < len; i++) {
- aesni_crypt_xts_block(rounds, data_schedule, tweak, from, to,
- do_encrypt);
+ cnt = len / AES_XTS_BLOCKSIZE / 8;
+ for (i = 0; i < cnt; i++) {
+ aesni_crypt_xts_block8(rounds, data_schedule, &tweakreg,
+ from, to, do_encrypt);
+ from += AES_XTS_BLOCKSIZE * 8;
+ to += AES_XTS_BLOCKSIZE * 8;
+ }
+ i *= 8;
+ cnt = len / AES_XTS_BLOCKSIZE;
+ for (; i < cnt; i++) {
+ aesni_crypt_xts_block(rounds, data_schedule, &tweakreg,
+ from, to, do_encrypt);
from += AES_XTS_BLOCKSIZE;
to += AES_XTS_BLOCKSIZE;
}
-
- bzero(tweak, sizeof(tweak));
}
-static void
+void
aesni_encrypt_xts(int rounds, const void *data_schedule,
const void *tweak_schedule, size_t len, const uint8_t *from, uint8_t *to,
const uint8_t iv[AES_BLOCK_LEN])
@@ -159,7 +320,7 @@
iv, 1);
}
-static void
+void
aesni_decrypt_xts(int rounds, const void *data_schedule,
const void *tweak_schedule, size_t len, const uint8_t *from, uint8_t *to,
const uint8_t iv[AES_BLOCK_LEN])
@@ -169,7 +330,7 @@
iv, 0);
}
-static int
+int
aesni_cipher_setup_common(struct aesni_session *ses, const uint8_t *key,
int keylen)
{
@@ -217,102 +378,3 @@
return (0);
}
-
-int
-aesni_cipher_setup(struct aesni_session *ses, struct cryptoini *encini)
-{
- struct thread *td;
- int error, saved_ctx;
-
- td = curthread;
- if (!is_fpu_kern_thread(0)) {
- error = fpu_kern_enter(td, ses->fpu_ctx, FPU_KERN_NORMAL);
- saved_ctx = 1;
- } else {
- error = 0;
- saved_ctx = 0;
- }
- if (error == 0) {
- error = aesni_cipher_setup_common(ses, encini->cri_key,
- encini->cri_klen);
- if (saved_ctx)
- fpu_kern_leave(td, ses->fpu_ctx);
- }
- return (error);
-}
-
-int
-aesni_cipher_process(struct aesni_session *ses, struct cryptodesc *enccrd,
- struct cryptop *crp)
-{
- struct thread *td;
- uint8_t *buf;
- int error, allocated, saved_ctx;
-
- buf = aesni_cipher_alloc(enccrd, crp, &allocated);
- if (buf == NULL)
- return (ENOMEM);
-
- td = curthread;
- if (!is_fpu_kern_thread(0)) {
- error = fpu_kern_enter(td, ses->fpu_ctx, FPU_KERN_NORMAL);
- if (error != 0)
- goto out;
- saved_ctx = 1;
- } else {
- saved_ctx = 0;
- error = 0;
- }
-
- if ((enccrd->crd_flags & CRD_F_KEY_EXPLICIT) != 0) {
- error = aesni_cipher_setup_common(ses, enccrd->crd_key,
- enccrd->crd_klen);
- if (error != 0)
- goto out;
- }
-
- if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0) {
- if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0)
- bcopy(enccrd->crd_iv, ses->iv, AES_BLOCK_LEN);
- if ((enccrd->crd_flags & CRD_F_IV_PRESENT) == 0)
- crypto_copyback(crp->crp_flags, crp->crp_buf,
- enccrd->crd_inject, AES_BLOCK_LEN, ses->iv);
- if (ses->algo == CRYPTO_AES_CBC) {
- aesni_encrypt_cbc(ses->rounds, ses->enc_schedule,
- enccrd->crd_len, buf, buf, ses->iv);
- } else /* if (ses->algo == CRYPTO_AES_XTS) */ {
- aesni_encrypt_xts(ses->rounds, ses->enc_schedule,
- ses->xts_schedule, enccrd->crd_len, buf, buf,
- ses->iv);
- }
- } else {
- if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0)
- bcopy(enccrd->crd_iv, ses->iv, AES_BLOCK_LEN);
- else
- crypto_copydata(crp->crp_flags, crp->crp_buf,
- enccrd->crd_inject, AES_BLOCK_LEN, ses->iv);
- if (ses->algo == CRYPTO_AES_CBC) {
- aesni_decrypt_cbc(ses->rounds, ses->dec_schedule,
- enccrd->crd_len, buf, ses->iv);
- } else /* if (ses->algo == CRYPTO_AES_XTS) */ {
- aesni_decrypt_xts(ses->rounds, ses->dec_schedule,
- ses->xts_schedule, enccrd->crd_len, buf, buf,
- ses->iv);
- }
- }
- if (saved_ctx)
- fpu_kern_leave(td, ses->fpu_ctx);
- if (allocated)
- crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip,
- enccrd->crd_len, buf);
- if ((enccrd->crd_flags & CRD_F_ENCRYPT) != 0)
- crypto_copydata(crp->crp_flags, crp->crp_buf,
- enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN,
- AES_BLOCK_LEN, ses->iv);
- out:
- if (allocated) {
- bzero(buf, enccrd->crd_len);
- free(buf, M_AESNI);
- }
- return (error);
-}
Modified: trunk/sys/crypto/blowfish/arch/i386/bf_enc.S
===================================================================
--- trunk/sys/crypto/blowfish/arch/i386/bf_enc.S 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/arch/i386/bf_enc.S 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,5 +1,5 @@
/* $NetBSD: bf_enc.S,v 1.1 2001/09/09 11:01:01 tls Exp $ */
-/* $FreeBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/blowfish/arch/i386/bf_enc.S 137784 2004-11-16 20:42:32Z jhb $ */
/*
* Written by Jason R. Thorpe <thorpej at zembu.com> and Thor Lancelot Simon
Property changes on: trunk/sys/crypto/blowfish/arch/i386/bf_enc.S
___________________________________________________________________
Added: mnbsd:nokeywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/sys/crypto/blowfish/arch/i386/bf_enc_586.S
===================================================================
--- trunk/sys/crypto/blowfish/arch/i386/bf_enc_586.S 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/arch/i386/bf_enc_586.S 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,5 +1,5 @@
/* $NetBSD: bf_enc_586.S,v 1.1 2001/09/09 11:01:01 tls Exp $ */
-/* $FreeBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/blowfish/arch/i386/bf_enc_586.S 113800 2003-04-21 16:30:12Z obrien $ */
/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
* All rights reserved.
Property changes on: trunk/sys/crypto/blowfish/arch/i386/bf_enc_586.S
___________________________________________________________________
Added: mnbsd:nokeywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/sys/crypto/blowfish/arch/i386/bf_enc_686.S
===================================================================
--- trunk/sys/crypto/blowfish/arch/i386/bf_enc_686.S 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/arch/i386/bf_enc_686.S 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,5 +1,5 @@
/* $NetBSD: bf_enc_686.S,v 1.1 2001/09/09 11:01:02 tls Exp $ */
-/* $FreeBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/blowfish/arch/i386/bf_enc_686.S 91671 2002-03-05 09:19:02Z ume $ */
/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
* All rights reserved.
Property changes on: trunk/sys/crypto/blowfish/arch/i386/bf_enc_686.S
___________________________________________________________________
Added: mnbsd:nokeywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/sys/crypto/blowfish/bf_ecb.c
===================================================================
--- trunk/sys/crypto/blowfish/bf_ecb.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/bf_ecb.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* crypto/bf/bf_ecb.c */
/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
* All rights reserved.
@@ -57,7 +58,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/blowfish/bf_ecb.c 121072 2003-10-13 19:26:08Z ume $");
#include <sys/types.h>
#include <crypto/blowfish/blowfish.h>
Modified: trunk/sys/crypto/blowfish/bf_enc.c
===================================================================
--- trunk/sys/crypto/blowfish/bf_enc.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/bf_enc.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: bf_enc.c,v 1.7 2002/02/27 01:33:59 itojun Exp $ */
/* crypto/bf/bf_enc.c */
@@ -60,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/blowfish/bf_enc.c 116174 2003-06-10 21:44:29Z obrien $");
#include <sys/types.h>
#include <crypto/blowfish/blowfish.h>
Modified: trunk/sys/crypto/blowfish/bf_locl.h
===================================================================
--- trunk/sys/crypto/blowfish/bf_locl.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/bf_locl.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/blowfish/bf_locl.h 91671 2002-03-05 09:19:02Z ume $ */
/* $KAME: bf_locl.h,v 1.6 2001/09/10 04:03:56 itojun Exp $ */
/* crypto/bf/bf_local.h */
Modified: trunk/sys/crypto/blowfish/bf_pi.h
===================================================================
--- trunk/sys/crypto/blowfish/bf_pi.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/bf_pi.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/blowfish/bf_pi.h 91671 2002-03-05 09:19:02Z ume $ */
/* $KAME: bf_pi.h,v 1.4 2001/09/10 04:03:56 itojun Exp $ */
/* crypto/bf/bf_pi.h */
Modified: trunk/sys/crypto/blowfish/bf_skey.c
===================================================================
--- trunk/sys/crypto/blowfish/bf_skey.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/bf_skey.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: bf_skey.c,v 1.7 2002/02/27 01:33:59 itojun Exp $ */
/* crypto/bf/bf_skey.c */
@@ -60,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/blowfish/bf_skey.c 116174 2003-06-10 21:44:29Z obrien $");
#include <sys/types.h>
#include <sys/time.h>
Modified: trunk/sys/crypto/blowfish/blowfish.h
===================================================================
--- trunk/sys/crypto/blowfish/blowfish.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/blowfish/blowfish.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/blowfish/blowfish.h 121072 2003-10-13 19:26:08Z ume $ */
/* $KAME: blowfish.h,v 1.12 2002/02/27 01:33:59 itojun Exp $ */
/* crypto/bf/blowfish.h */
Modified: trunk/sys/crypto/camellia/camellia-api.c
===================================================================
--- trunk/sys/crypto/camellia/camellia-api.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/camellia/camellia-api.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*
*
* Copyright (c) 2006
@@ -24,7 +25,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/camellia/camellia-api.c 169425 2007-05-09 19:37:02Z gnn $
*/
#include <sys/cdefs.h>
Modified: trunk/sys/crypto/camellia/camellia.c
===================================================================
--- trunk/sys/crypto/camellia/camellia.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/camellia/camellia.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* camellia.h ver 1.1.0
*
* Copyright (c) 2006
@@ -24,7 +25,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/camellia/camellia.c 169425 2007-05-09 19:37:02Z gnn $
*/
/*
Modified: trunk/sys/crypto/camellia/camellia.h
===================================================================
--- trunk/sys/crypto/camellia/camellia.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/camellia/camellia.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* camellia.h ver 1.1.0
*
* Copyright (c) 2006
@@ -24,7 +25,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/camellia/camellia.h 169425 2007-05-09 19:37:02Z gnn $
*/
#ifndef _CAMELLIA_H
Modified: trunk/sys/crypto/des/arch/i386/des_enc.S
===================================================================
--- trunk/sys/crypto/des/arch/i386/des_enc.S 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/arch/i386/des_enc.S 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,5 +1,5 @@
/* $NetBSD: des_enc.S,v 1.1 2001/09/09 11:01:02 tls Exp $ */
-/* $FreeBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/des/arch/i386/des_enc.S 113800 2003-04-21 16:30:12Z obrien $ */
/* Copyright (C) 1995-1997 Eric Young (eay at cryptsoft.com)
* All rights reserved.
Property changes on: trunk/sys/crypto/des/arch/i386/des_enc.S
___________________________________________________________________
Added: mnbsd:nokeywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Modified: trunk/sys/crypto/des/des.h
===================================================================
--- trunk/sys/crypto/des/des.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/des.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/des/des.h 92756 2002-03-20 05:14:42Z alfred $ */
/* $KAME: des.h,v 1.8 2001/09/10 04:03:57 itojun Exp $ */
/* lib/des/des.h */
Modified: trunk/sys/crypto/des/des_ecb.c
===================================================================
--- trunk/sys/crypto/des/des_ecb.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/des_ecb.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: des_ecb.c,v 1.6 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/ecb_enc.c */
@@ -49,7 +50,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/des/des_ecb.c 130443 2004-06-14 00:38:54Z obrien $");
#include <sys/param.h>
#include <sys/systm.h>
Modified: trunk/sys/crypto/des/des_enc.c
===================================================================
--- trunk/sys/crypto/des/des_enc.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/des_enc.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: des_enc.c,v 1.1 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/des_enc.c */
@@ -60,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/des/des_enc.c 130443 2004-06-14 00:38:54Z obrien $");
#include <sys/types.h>
#include <crypto/des/des_locl.h>
Modified: trunk/sys/crypto/des/des_locl.h
===================================================================
--- trunk/sys/crypto/des/des_locl.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/des_locl.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/des/des_locl.h 91671 2002-03-05 09:19:02Z ume $ */
/* $KAME: des_locl.h,v 1.7 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/des_locl.h */
Modified: trunk/sys/crypto/des/des_setkey.c
===================================================================
--- trunk/sys/crypto/des/des_setkey.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/des_setkey.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: des_setkey.c,v 1.7 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/set_key.c */
@@ -57,7 +58,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/des/des_setkey.c 130443 2004-06-14 00:38:54Z obrien $");
#include <sys/param.h>
#include <sys/systm.h>
Modified: trunk/sys/crypto/des/podd.h
===================================================================
--- trunk/sys/crypto/des/podd.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/podd.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/des/podd.h 95023 2002-04-19 04:46:24Z suz $ */
/* $KAME: podd.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/podd.h */
Modified: trunk/sys/crypto/des/sk.h
===================================================================
--- trunk/sys/crypto/des/sk.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/sk.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/des/sk.h 95023 2002-04-19 04:46:24Z suz $ */
/* $KAME: sk.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/sk.h */
Modified: trunk/sys/crypto/des/spr.h
===================================================================
--- trunk/sys/crypto/des/spr.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/des/spr.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/des/spr.h 91671 2002-03-05 09:19:02Z ume $ */
/* $KAME: spr.h,v 1.4 2001/09/10 04:03:58 itojun Exp $ */
/* crypto/des/spr.h */
Modified: trunk/sys/crypto/rc4/rc4.c
===================================================================
--- trunk/sys/crypto/rc4/rc4.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rc4/rc4.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*
* rc4.c
*
@@ -35,6 +36,7 @@
*/
#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/rc4/rc4.c 241394 2012-10-10 08:36:38Z kevlo $");
#include <sys/param.h>
#include <sys/kernel.h>
Modified: trunk/sys/crypto/rc4/rc4.h
===================================================================
--- trunk/sys/crypto/rc4/rc4.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rc4/rc4.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*
* rc4.h
@@ -34,7 +35,7 @@
* THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
* OF SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/rc4/rc4.h 63249 2000-07-16 05:53:14Z peter $
*/
#ifndef _SYS_CRYPTO_RC4_RC4_H_
Modified: trunk/sys/crypto/rijndael/Makefile
===================================================================
--- trunk/sys/crypto/rijndael/Makefile 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/Makefile 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,7 +1,8 @@
# $MidnightBSD$
+# $FreeBSD: stable/10/sys/crypto/rijndael/Makefile 276486 2014-12-31 23:25:37Z ngie $
PROG=test00
-NO_MAN=
+MAN=
SRCS= ${PROG}.c rijndael-alg-fst.c rijndael-api-fst.c
CFLAGS += -I${.CURDIR}/../.. -g -static
Modified: trunk/sys/crypto/rijndael/rijndael-alg-fst.c
===================================================================
--- trunk/sys/crypto/rijndael/rijndael-alg-fst.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/rijndael-alg-fst.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: rijndael-alg-fst.c,v 1.10 2003/07/15 10:47:16 itojun Exp $ */
/**
* rijndael-alg-fst.c
@@ -25,7 +26,7 @@
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/rijndael/rijndael-alg-fst.c 149176 2005-08-17 07:59:07Z pjd $");
#include <sys/cdefs.h>
#include <sys/types.h>
Modified: trunk/sys/crypto/rijndael/rijndael-api-fst.c
===================================================================
--- trunk/sys/crypto/rijndael/rijndael-api-fst.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/rijndael-api-fst.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: rijndael-api-fst.c,v 1.10 2001/05/27 09:34:18 itojun Exp $ */
/*
@@ -16,7 +17,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/rijndael/rijndael-api-fst.c 143420 2005-03-11 16:26:10Z ume $");
#include <sys/param.h>
#ifdef _KERNEL
Modified: trunk/sys/crypto/rijndael/rijndael-api-fst.h
===================================================================
--- trunk/sys/crypto/rijndael/rijndael-api-fst.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/rijndael-api-fst.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $MidnightBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/rijndael/rijndael-api-fst.h 143420 2005-03-11 16:26:10Z ume $ */
/* $KAME: rijndael-api-fst.h,v 1.6 2001/05/27 00:23:23 itojun Exp $ */
/*
Modified: trunk/sys/crypto/rijndael/rijndael-api.c
===================================================================
--- trunk/sys/crypto/rijndael/rijndael-api.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/rijndael-api.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: rijndael.c,v 1.3 2003/08/28 14:20:22 itojun Exp $ */
/*
@@ -27,7 +28,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/rijndael/rijndael-api.c 175360 2008-01-15 18:34:47Z sobomax $");
#include <sys/types.h>
#ifdef _KERNEL
Modified: trunk/sys/crypto/rijndael/rijndael.h
===================================================================
--- trunk/sys/crypto/rijndael/rijndael.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/rijndael.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,5 +1,6 @@
+/* $MidnightBSD$ */
/* $KAME: rijndael.h,v 1.6 2003/08/28 08:36:32 itojun Exp $ */
-/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/rijndael/rijndael.h 143431 2005-03-11 22:07:04Z ume $ */
/**
* rijndael-alg-fst.h
Modified: trunk/sys/crypto/rijndael/rijndael_local.h
===================================================================
--- trunk/sys/crypto/rijndael/rijndael_local.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/rijndael_local.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,5 +1,6 @@
+/* $MidnightBSD$ */
/* $KAME: rijndael_local.h,v 1.5 2003/08/28 08:37:24 itojun Exp $ */
-/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/rijndael/rijndael_local.h 121050 2003-10-12 21:05:05Z ume $ */
/* the file should not be used from outside */
typedef u_int8_t u8;
Modified: trunk/sys/crypto/rijndael/test00.c
===================================================================
--- trunk/sys/crypto/rijndael/test00.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/rijndael/test00.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2003 Poul-Henning Kamp
* All rights reserved.
@@ -23,7 +24,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/rijndael/test00.c 175360 2008-01-15 18:34:47Z sobomax $
*
* This test checks for inplace decryption working. This is the case
* where the same buffer is passed as input and output to
Modified: trunk/sys/crypto/sha1.c
===================================================================
--- trunk/sys/crypto/sha1.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/sha1.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: sha1.c,v 1.5 2000/11/08 06:13:08 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -35,7 +36,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/sha1.c 116174 2003-06-10 21:44:29Z obrien $");
#include <sys/types.h>
#include <sys/cdefs.h>
Modified: trunk/sys/crypto/sha1.h
===================================================================
--- trunk/sys/crypto/sha1.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/sha1.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,4 +1,5 @@
-/* $FreeBSD$ */
+/* $MidnightBSD$ */
+/* $FreeBSD: stable/10/sys/crypto/sha1.h 92756 2002-03-20 05:14:42Z alfred $ */
/* $KAME: sha1.h,v 1.5 2000/03/27 04:36:23 sumikawa Exp $ */
/*
Modified: trunk/sys/crypto/sha2/sha2.c
===================================================================
--- trunk/sys/crypto/sha2/sha2.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/sha2/sha2.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/* $KAME: sha2.c,v 1.8 2001/11/08 01:07:52 itojun Exp $ */
/*
Added: trunk/sys/crypto/sha2/sha256.h
===================================================================
--- trunk/sys/crypto/sha2/sha256.h (rev 0)
+++ trunk/sys/crypto/sha2/sha256.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,91 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: stable/10/sys/crypto/sha2/sha256.h 314327 2017-02-27 08:27:38Z avg $
+ */
+
+#ifndef _SHA256_H_
+#define _SHA256_H_
+
+#ifndef _KERNEL
+#include <sys/types.h>
+#endif
+
+#define SHA256_BLOCK_LENGTH 64
+#define SHA256_DIGEST_LENGTH 32
+#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1)
+
+typedef struct SHA256Context {
+ uint32_t state[8];
+ uint64_t count;
+ uint8_t buf[SHA256_BLOCK_LENGTH];
+} SHA256_CTX;
+
+__BEGIN_DECLS
+
+/* Ensure libmd symbols do not clash with libcrypto */
+
+#ifndef SHA256_Init
+#define SHA256_Init _libmd_SHA256_Init
+#endif
+#ifndef SHA256_Update
+#define SHA256_Update _libmd_SHA256_Update
+#endif
+#ifndef SHA256_Final
+#define SHA256_Final _libmd_SHA256_Final
+#endif
+#ifndef SHA256_End
+#define SHA256_End _libmd_SHA256_End
+#endif
+#ifndef SHA256_File
+#define SHA256_File _libmd_SHA256_File
+#endif
+#ifndef SHA256_FileChunk
+#define SHA256_FileChunk _libmd_SHA256_FileChunk
+#endif
+#ifndef SHA256_Data
+#define SHA256_Data _libmd_SHA256_Data
+#endif
+
+#ifndef SHA256_Transform
+#define SHA256_Transform _libmd_SHA256_Transform
+#endif
+#ifndef SHA256_version
+#define SHA256_version _libmd_SHA256_version
+#endif
+
+void SHA256_Init(SHA256_CTX *);
+void SHA256_Update(SHA256_CTX *, const void *, size_t);
+void SHA256_Final(unsigned char [SHA256_DIGEST_LENGTH], SHA256_CTX *);
+#ifndef _KERNEL
+char *SHA256_End(SHA256_CTX *, char *);
+char *SHA256_Data(const void *, unsigned int, char *);
+char *SHA256_File(const char *, char *);
+char *SHA256_FileChunk(const char *, char *, off_t, off_t);
+#endif
+__END_DECLS
+
+#endif /* !_SHA256_H_ */
Property changes on: trunk/sys/crypto/sha2/sha256.h
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/sha2/sha256c.c
===================================================================
--- trunk/sys/crypto/sha2/sha256c.c (rev 0)
+++ trunk/sys/crypto/sha2/sha256c.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,317 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/sha2/sha256c.c 314335 2017-02-27 13:05:17Z avg $");
+
+#include <sys/endian.h>
+#include <sys/types.h>
+
+#ifdef _KERNEL
+#include <sys/systm.h>
+#else
+#include <string.h>
+#endif
+
+#include "sha256.h"
+
+#if BYTE_ORDER == BIG_ENDIAN
+
+/* Copy a vector of big-endian uint32_t into a vector of bytes */
+#define be32enc_vect(dst, src, len) \
+ memcpy((void *)dst, (const void *)src, (size_t)len)
+
+/* Copy a vector of bytes into a vector of big-endian uint32_t */
+#define be32dec_vect(dst, src, len) \
+ memcpy((void *)dst, (const void *)src, (size_t)len)
+
+#else /* BYTE_ORDER != BIG_ENDIAN */
+
+/*
+ * Encode a length len/4 vector of (uint32_t) into a length len vector of
+ * (unsigned char) in big-endian form. Assumes len is a multiple of 4.
+ */
+static void
+be32enc_vect(unsigned char *dst, const uint32_t *src, size_t len)
+{
+ size_t i;
+
+ for (i = 0; i < len / 4; i++)
+ be32enc(dst + i * 4, src[i]);
+}
+
+/*
+ * Decode a big-endian length len vector of (unsigned char) into a length
+ * len/4 vector of (uint32_t). Assumes len is a multiple of 4.
+ */
+static void
+be32dec_vect(uint32_t *dst, const unsigned char *src, size_t len)
+{
+ size_t i;
+
+ for (i = 0; i < len / 4; i++)
+ dst[i] = be32dec(src + i * 4);
+}
+
+#endif /* BYTE_ORDER != BIG_ENDIAN */
+
+/* SHA256 round constants. */
+static const uint32_t K[64] = {
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+/* Elementary functions used by SHA256 */
+#define Ch(x, y, z) ((x & (y ^ z)) ^ z)
+#define Maj(x, y, z) ((x & (y | z)) | (y & z))
+#define SHR(x, n) (x >> n)
+#define ROTR(x, n) ((x >> n) | (x << (32 - n)))
+#define S0(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22))
+#define S1(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25))
+#define s0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3))
+#define s1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10))
+
+/* SHA256 round function */
+#define RND(a, b, c, d, e, f, g, h, k) \
+ h += S1(e) + Ch(e, f, g) + k; \
+ d += h; \
+ h += S0(a) + Maj(a, b, c);
+
+/* Adjusted round function for rotating state */
+#define RNDr(S, W, i, ii) \
+ RND(S[(64 - i) % 8], S[(65 - i) % 8], \
+ S[(66 - i) % 8], S[(67 - i) % 8], \
+ S[(68 - i) % 8], S[(69 - i) % 8], \
+ S[(70 - i) % 8], S[(71 - i) % 8], \
+ W[i + ii] + K[i + ii])
+
+/* Message schedule computation */
+#define MSCH(W, ii, i) \
+ W[i + ii + 16] = s1(W[i + ii + 14]) + W[i + ii + 9] + s0(W[i + ii + 1]) + W[i + ii]
+
+/*
+ * SHA256 block compression function. The 256-bit state is transformed via
+ * the 512-bit input block to produce a new state.
+ */
+static void
+SHA256_Transform(uint32_t * state, const unsigned char block[64])
+{
+ uint32_t W[64];
+ uint32_t S[8];
+ int i;
+
+ /* 1. Prepare the first part of the message schedule W. */
+ be32dec_vect(W, block, 64);
+
+ /* 2. Initialize working variables. */
+ memcpy(S, state, 32);
+
+ /* 3. Mix. */
+ for (i = 0; i < 64; i += 16) {
+ RNDr(S, W, 0, i);
+ RNDr(S, W, 1, i);
+ RNDr(S, W, 2, i);
+ RNDr(S, W, 3, i);
+ RNDr(S, W, 4, i);
+ RNDr(S, W, 5, i);
+ RNDr(S, W, 6, i);
+ RNDr(S, W, 7, i);
+ RNDr(S, W, 8, i);
+ RNDr(S, W, 9, i);
+ RNDr(S, W, 10, i);
+ RNDr(S, W, 11, i);
+ RNDr(S, W, 12, i);
+ RNDr(S, W, 13, i);
+ RNDr(S, W, 14, i);
+ RNDr(S, W, 15, i);
+
+ if (i == 48)
+ break;
+ MSCH(W, 0, i);
+ MSCH(W, 1, i);
+ MSCH(W, 2, i);
+ MSCH(W, 3, i);
+ MSCH(W, 4, i);
+ MSCH(W, 5, i);
+ MSCH(W, 6, i);
+ MSCH(W, 7, i);
+ MSCH(W, 8, i);
+ MSCH(W, 9, i);
+ MSCH(W, 10, i);
+ MSCH(W, 11, i);
+ MSCH(W, 12, i);
+ MSCH(W, 13, i);
+ MSCH(W, 14, i);
+ MSCH(W, 15, i);
+ }
+
+ /* 4. Mix local working variables into global state */
+ for (i = 0; i < 8; i++)
+ state[i] += S[i];
+}
+
+static unsigned char PAD[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/* Add padding and terminating bit-count. */
+static void
+SHA256_Pad(SHA256_CTX * ctx)
+{
+ size_t r;
+
+ /* Figure out how many bytes we have buffered. */
+ r = (ctx->count >> 3) & 0x3f;
+
+ /* Pad to 56 mod 64, transforming if we finish a block en route. */
+ if (r < 56) {
+ /* Pad to 56 mod 64. */
+ memcpy(&ctx->buf[r], PAD, 56 - r);
+ } else {
+ /* Finish the current block and mix. */
+ memcpy(&ctx->buf[r], PAD, 64 - r);
+ SHA256_Transform(ctx->state, ctx->buf);
+
+ /* The start of the final block is all zeroes. */
+ memset(&ctx->buf[0], 0, 56);
+ }
+
+ /* Add the terminating bit-count. */
+ be64enc(&ctx->buf[56], ctx->count);
+
+ /* Mix in the final block. */
+ SHA256_Transform(ctx->state, ctx->buf);
+}
+
+/* SHA-256 initialization. Begins a SHA-256 operation. */
+void
+SHA256_Init(SHA256_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0x6A09E667;
+ ctx->state[1] = 0xBB67AE85;
+ ctx->state[2] = 0x3C6EF372;
+ ctx->state[3] = 0xA54FF53A;
+ ctx->state[4] = 0x510E527F;
+ ctx->state[5] = 0x9B05688C;
+ ctx->state[6] = 0x1F83D9AB;
+ ctx->state[7] = 0x5BE0CD19;
+}
+
+/* Add bytes into the hash */
+void
+SHA256_Update(SHA256_CTX * ctx, const void *in, size_t len)
+{
+ uint64_t bitlen;
+ uint32_t r;
+ const unsigned char *src = in;
+
+ /* Number of bytes left in the buffer from previous updates */
+ r = (ctx->count >> 3) & 0x3f;
+
+ /* Convert the length into a number of bits */
+ bitlen = len << 3;
+
+ /* Update number of bits */
+ ctx->count += bitlen;
+
+ /* Handle the case where we don't need to perform any transforms */
+ if (len < 64 - r) {
+ memcpy(&ctx->buf[r], src, len);
+ return;
+ }
+
+ /* Finish the current block */
+ memcpy(&ctx->buf[r], src, 64 - r);
+ SHA256_Transform(ctx->state, ctx->buf);
+ src += 64 - r;
+ len -= 64 - r;
+
+ /* Perform complete blocks */
+ while (len >= 64) {
+ SHA256_Transform(ctx->state, src);
+ src += 64;
+ len -= 64;
+ }
+
+ /* Copy left over data into buffer */
+ memcpy(ctx->buf, src, len);
+}
+
+/*
+ * SHA-256 finalization. Pads the input data, exports the hash value,
+ * and clears the context state.
+ */
+void
+SHA256_Final(unsigned char digest[32], SHA256_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA256_Pad(ctx);
+
+ /* Write the hash */
+ be32enc_vect(digest, ctx->state, 32);
+
+ /* Clear the context state */
+ memset((void *)ctx, 0, sizeof(*ctx));
+}
+
+#ifdef WEAK_REFS
+/* When building libmd, provide weak references. Note: this is not
+ activated in the context of compiling these sources for internal
+ use in libcrypt.
+ */
+#undef SHA256_Init
+__weak_reference(_libmd_SHA256_Init, SHA256_Init);
+#undef SHA256_Update
+__weak_reference(_libmd_SHA256_Update, SHA256_Update);
+#undef SHA256_Final
+__weak_reference(_libmd_SHA256_Final, SHA256_Final);
+#undef SHA256_Transform
+__weak_reference(_libmd_SHA256_Transform, SHA256_Transform);
+#endif
Property changes on: trunk/sys/crypto/sha2/sha256c.c
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/sha2/sha384.h
===================================================================
--- trunk/sys/crypto/sha2/sha384.h (rev 0)
+++ trunk/sys/crypto/sha2/sha384.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,88 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: stable/10/sys/crypto/sha2/sha384.h 314327 2017-02-27 08:27:38Z avg $
+ */
+
+#ifndef _SHA384_H_
+#define _SHA384_H_
+
+#ifndef _KERNEL
+#include <sys/types.h>
+#endif
+
+#define SHA384_BLOCK_LENGTH 128
+#define SHA384_DIGEST_LENGTH 48
+#define SHA384_DIGEST_STRING_LENGTH (SHA384_DIGEST_LENGTH * 2 + 1)
+
+typedef struct SHA384Context {
+ uint64_t state[8];
+ uint64_t count[2];
+ uint8_t buf[SHA384_BLOCK_LENGTH];
+} SHA384_CTX;
+
+__BEGIN_DECLS
+
+/* Ensure libmd symbols do not clash with libcrypto */
+#ifndef SHA384_Init
+#define SHA384_Init _libmd_SHA384_Init
+#endif
+#ifndef SHA384_Update
+#define SHA384_Update _libmd_SHA384_Update
+#endif
+#ifndef SHA384_Final
+#define SHA384_Final _libmd_SHA384_Final
+#endif
+#ifndef SHA384_End
+#define SHA384_End _libmd_SHA384_End
+#endif
+#ifndef SHA384_File
+#define SHA384_File _libmd_SHA384_File
+#endif
+#ifndef SHA384_FileChunk
+#define SHA384_FileChunk _libmd_SHA384_FileChunk
+#endif
+#ifndef SHA384_Data
+#define SHA384_Data _libmd_SHA384_Data
+#endif
+
+#ifndef SHA384_version
+#define SHA384_version _libmd_SHA384_version
+#endif
+
+void SHA384_Init(SHA384_CTX *);
+void SHA384_Update(SHA384_CTX *, const void *, size_t);
+void SHA384_Final(unsigned char [SHA384_DIGEST_LENGTH], SHA384_CTX *);
+#ifndef _KERNEL
+char *SHA384_End(SHA384_CTX *, char *);
+char *SHA384_Data(const void *, unsigned int, char *);
+char *SHA384_File(const char *, char *);
+char *SHA384_FileChunk(const char *, char *, off_t, off_t);
+#endif
+
+__END_DECLS
+
+#endif /* !_SHA384_H_ */
Property changes on: trunk/sys/crypto/sha2/sha384.h
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/sha2/sha512.h
===================================================================
--- trunk/sys/crypto/sha2/sha512.h (rev 0)
+++ trunk/sys/crypto/sha2/sha512.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,91 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: stable/10/sys/crypto/sha2/sha512.h 314327 2017-02-27 08:27:38Z avg $
+ */
+
+#ifndef _SHA512_H_
+#define _SHA512_H_
+
+#ifndef _KERNEL
+#include <sys/types.h>
+#endif
+
+#define SHA512_BLOCK_LENGTH 128
+#define SHA512_DIGEST_LENGTH 64
+#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
+
+typedef struct SHA512Context {
+ uint64_t state[8];
+ uint64_t count[2];
+ uint8_t buf[SHA512_BLOCK_LENGTH];
+} SHA512_CTX;
+
+__BEGIN_DECLS
+
+/* Ensure libmd symbols do not clash with libcrypto */
+#ifndef SHA512_Init
+#define SHA512_Init _libmd_SHA512_Init
+#endif
+#ifndef SHA512_Update
+#define SHA512_Update _libmd_SHA512_Update
+#endif
+#ifndef SHA512_Final
+#define SHA512_Final _libmd_SHA512_Final
+#endif
+#ifndef SHA512_End
+#define SHA512_End _libmd_SHA512_End
+#endif
+#ifndef SHA512_File
+#define SHA512_File _libmd_SHA512_File
+#endif
+#ifndef SHA512_FileChunk
+#define SHA512_FileChunk _libmd_SHA512_FileChunk
+#endif
+#ifndef SHA512_Data
+#define SHA512_Data _libmd_SHA512_Data
+#endif
+
+#ifndef SHA512_Transform
+#define SHA512_Transform _libmd_SHA512_Transform
+#endif
+#ifndef SHA512_version
+#define SHA512_version _libmd_SHA512_version
+#endif
+
+void SHA512_Init(SHA512_CTX *);
+void SHA512_Update(SHA512_CTX *, const void *, size_t);
+void SHA512_Final(unsigned char [SHA512_DIGEST_LENGTH], SHA512_CTX *);
+#ifndef _KERNEL
+char *SHA512_End(SHA512_CTX *, char *);
+char *SHA512_Data(const void *, unsigned int, char *);
+char *SHA512_File(const char *, char *);
+char *SHA512_FileChunk(const char *, char *, off_t, off_t);
+#endif
+
+__END_DECLS
+
+#endif /* !_SHA512_H_ */
Property changes on: trunk/sys/crypto/sha2/sha512.h
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/sha2/sha512c.c
===================================================================
--- trunk/sys/crypto/sha2/sha512c.c (rev 0)
+++ trunk/sys/crypto/sha2/sha512c.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,504 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright 2005 Colin Percival
+ * Copyright (c) 2015 Allan Jude <allanjude at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/sha2/sha512c.c 314550 2017-03-02 09:10:39Z avg $");
+
+#include <sys/endian.h>
+#include <sys/types.h>
+
+#ifdef _KERNEL
+#include <sys/systm.h>
+#else
+#include <string.h>
+#endif
+
+#include "sha512.h"
+#include "sha512t.h"
+#include "sha384.h"
+
+#if BYTE_ORDER == BIG_ENDIAN
+
+/* Copy a vector of big-endian uint64_t into a vector of bytes */
+#define be64enc_vect(dst, src, len) \
+ memcpy((void *)dst, (const void *)src, (size_t)len)
+
+/* Copy a vector of bytes into a vector of big-endian uint64_t */
+#define be64dec_vect(dst, src, len) \
+ memcpy((void *)dst, (const void *)src, (size_t)len)
+
+#else /* BYTE_ORDER != BIG_ENDIAN */
+
+/*
+ * Encode a length len/4 vector of (uint64_t) into a length len vector of
+ * (unsigned char) in big-endian form. Assumes len is a multiple of 8.
+ */
+static void
+be64enc_vect(unsigned char *dst, const uint64_t *src, size_t len)
+{
+ size_t i;
+
+ for (i = 0; i < len / 8; i++)
+ be64enc(dst + i * 8, src[i]);
+}
+
+/*
+ * Decode a big-endian length len vector of (unsigned char) into a length
+ * len/4 vector of (uint64_t). Assumes len is a multiple of 8.
+ */
+static void
+be64dec_vect(uint64_t *dst, const unsigned char *src, size_t len)
+{
+ size_t i;
+
+ for (i = 0; i < len / 8; i++)
+ dst[i] = be64dec(src + i * 8);
+}
+
+#endif /* BYTE_ORDER != BIG_ENDIAN */
+
+/* SHA512 round constants. */
+static const uint64_t K[80] = {
+ 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
+ 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
+ 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
+ 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL,
+ 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
+ 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
+ 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL,
+ 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL,
+ 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
+ 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
+ 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL,
+ 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
+ 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL,
+ 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL,
+ 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
+ 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL,
+ 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL,
+ 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
+ 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL,
+ 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
+ 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
+ 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL,
+ 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL,
+ 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
+ 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
+ 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL,
+ 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
+ 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL,
+ 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL,
+ 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
+ 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL,
+ 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL,
+ 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
+ 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL,
+ 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
+ 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
+ 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL,
+ 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL,
+ 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
+ 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
+};
+
+/* Elementary functions used by SHA512 */
+#define Ch(x, y, z) ((x & (y ^ z)) ^ z)
+#define Maj(x, y, z) ((x & (y | z)) | (y & z))
+#define SHR(x, n) (x >> n)
+#define ROTR(x, n) ((x >> n) | (x << (64 - n)))
+#define S0(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39))
+#define S1(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41))
+#define s0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7))
+#define s1(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHR(x, 6))
+
+/* SHA512 round function */
+#define RND(a, b, c, d, e, f, g, h, k) \
+ h += S1(e) + Ch(e, f, g) + k; \
+ d += h; \
+ h += S0(a) + Maj(a, b, c);
+
+/* Adjusted round function for rotating state */
+#define RNDr(S, W, i, ii) \
+ RND(S[(80 - i) % 8], S[(81 - i) % 8], \
+ S[(82 - i) % 8], S[(83 - i) % 8], \
+ S[(84 - i) % 8], S[(85 - i) % 8], \
+ S[(86 - i) % 8], S[(87 - i) % 8], \
+ W[i + ii] + K[i + ii])
+
+/* Message schedule computation */
+#define MSCH(W, ii, i) \
+ W[i + ii + 16] = s1(W[i + ii + 14]) + W[i + ii + 9] + s0(W[i + ii + 1]) + W[i + ii]
+
+/*
+ * SHA512 block compression function. The 512-bit state is transformed via
+ * the 512-bit input block to produce a new state.
+ */
+static void
+SHA512_Transform(uint64_t * state, const unsigned char block[SHA512_BLOCK_LENGTH])
+{
+ uint64_t W[80];
+ uint64_t S[8];
+ int i;
+
+ /* 1. Prepare the first part of the message schedule W. */
+ be64dec_vect(W, block, SHA512_BLOCK_LENGTH);
+
+ /* 2. Initialize working variables. */
+ memcpy(S, state, SHA512_DIGEST_LENGTH);
+
+ /* 3. Mix. */
+ for (i = 0; i < 80; i += 16) {
+ RNDr(S, W, 0, i);
+ RNDr(S, W, 1, i);
+ RNDr(S, W, 2, i);
+ RNDr(S, W, 3, i);
+ RNDr(S, W, 4, i);
+ RNDr(S, W, 5, i);
+ RNDr(S, W, 6, i);
+ RNDr(S, W, 7, i);
+ RNDr(S, W, 8, i);
+ RNDr(S, W, 9, i);
+ RNDr(S, W, 10, i);
+ RNDr(S, W, 11, i);
+ RNDr(S, W, 12, i);
+ RNDr(S, W, 13, i);
+ RNDr(S, W, 14, i);
+ RNDr(S, W, 15, i);
+
+ if (i == 64)
+ break;
+ MSCH(W, 0, i);
+ MSCH(W, 1, i);
+ MSCH(W, 2, i);
+ MSCH(W, 3, i);
+ MSCH(W, 4, i);
+ MSCH(W, 5, i);
+ MSCH(W, 6, i);
+ MSCH(W, 7, i);
+ MSCH(W, 8, i);
+ MSCH(W, 9, i);
+ MSCH(W, 10, i);
+ MSCH(W, 11, i);
+ MSCH(W, 12, i);
+ MSCH(W, 13, i);
+ MSCH(W, 14, i);
+ MSCH(W, 15, i);
+ }
+
+ /* 4. Mix local working variables into global state */
+ for (i = 0; i < 8; i++)
+ state[i] += S[i];
+}
+
+static unsigned char PAD[SHA512_BLOCK_LENGTH] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/* Add padding and terminating bit-count. */
+static void
+SHA512_Pad(SHA512_CTX * ctx)
+{
+ size_t r;
+
+ /* Figure out how many bytes we have buffered. */
+ r = (ctx->count[1] >> 3) & 0x7f;
+
+ /* Pad to 112 mod 128, transforming if we finish a block en route. */
+ if (r < 112) {
+ /* Pad to 112 mod 128. */
+ memcpy(&ctx->buf[r], PAD, 112 - r);
+ } else {
+ /* Finish the current block and mix. */
+ memcpy(&ctx->buf[r], PAD, 128 - r);
+ SHA512_Transform(ctx->state, ctx->buf);
+
+ /* The start of the final block is all zeroes. */
+ memset(&ctx->buf[0], 0, 112);
+ }
+
+ /* Add the terminating bit-count. */
+ be64enc_vect(&ctx->buf[112], ctx->count, 16);
+
+ /* Mix in the final block. */
+ SHA512_Transform(ctx->state, ctx->buf);
+}
+
+/* SHA-512 initialization. Begins a SHA-512 operation. */
+void
+SHA512_Init(SHA512_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count[0] = ctx->count[1] = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0x6a09e667f3bcc908ULL;
+ ctx->state[1] = 0xbb67ae8584caa73bULL;
+ ctx->state[2] = 0x3c6ef372fe94f82bULL;
+ ctx->state[3] = 0xa54ff53a5f1d36f1ULL;
+ ctx->state[4] = 0x510e527fade682d1ULL;
+ ctx->state[5] = 0x9b05688c2b3e6c1fULL;
+ ctx->state[6] = 0x1f83d9abfb41bd6bULL;
+ ctx->state[7] = 0x5be0cd19137e2179ULL;
+}
+
+/* Add bytes into the hash */
+void
+SHA512_Update(SHA512_CTX * ctx, const void *in, size_t len)
+{
+ uint64_t bitlen[2];
+ uint64_t r;
+ const unsigned char *src = in;
+
+ /* Number of bytes left in the buffer from previous updates */
+ r = (ctx->count[1] >> 3) & 0x7f;
+
+ /* Convert the length into a number of bits */
+ bitlen[1] = ((uint64_t)len) << 3;
+ bitlen[0] = ((uint64_t)len) >> 61;
+
+ /* Update number of bits */
+ if ((ctx->count[1] += bitlen[1]) < bitlen[1])
+ ctx->count[0]++;
+ ctx->count[0] += bitlen[0];
+
+ /* Handle the case where we don't need to perform any transforms */
+ if (len < SHA512_BLOCK_LENGTH - r) {
+ memcpy(&ctx->buf[r], src, len);
+ return;
+ }
+
+ /* Finish the current block */
+ memcpy(&ctx->buf[r], src, SHA512_BLOCK_LENGTH - r);
+ SHA512_Transform(ctx->state, ctx->buf);
+ src += SHA512_BLOCK_LENGTH - r;
+ len -= SHA512_BLOCK_LENGTH - r;
+
+ /* Perform complete blocks */
+ while (len >= SHA512_BLOCK_LENGTH) {
+ SHA512_Transform(ctx->state, src);
+ src += SHA512_BLOCK_LENGTH;
+ len -= SHA512_BLOCK_LENGTH;
+ }
+
+ /* Copy left over data into buffer */
+ memcpy(ctx->buf, src, len);
+}
+
+/*
+ * SHA-512 finalization. Pads the input data, exports the hash value,
+ * and clears the context state.
+ */
+void
+SHA512_Final(unsigned char digest[SHA512_DIGEST_LENGTH], SHA512_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA512_Pad(ctx);
+
+ /* Write the hash */
+ be64enc_vect(digest, ctx->state, SHA512_DIGEST_LENGTH);
+
+ /* Clear the context state */
+ memset((void *)ctx, 0, sizeof(*ctx));
+}
+
+/*** SHA-512t: *********************************************************/
+/*
+ * the SHA512t transforms are identical to SHA512 so reuse the existing function
+ */
+void
+SHA512_224_Init(SHA512_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count[0] = ctx->count[1] = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0x8c3d37c819544da2ULL;
+ ctx->state[1] = 0x73e1996689dcd4d6ULL;
+ ctx->state[2] = 0x1dfab7ae32ff9c82ULL;
+ ctx->state[3] = 0x679dd514582f9fcfULL;
+ ctx->state[4] = 0x0f6d2b697bd44da8ULL;
+ ctx->state[5] = 0x77e36f7304c48942ULL;
+ ctx->state[6] = 0x3f9d85a86a1d36c8ULL;
+ ctx->state[7] = 0x1112e6ad91d692a1ULL;
+}
+
+void
+SHA512_224_Update(SHA512_CTX * ctx, const void *in, size_t len)
+{
+
+ SHA512_Update(ctx, in, len);
+}
+
+void
+SHA512_224_Final(unsigned char digest[SHA512_224_DIGEST_LENGTH], SHA512_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA512_Pad(ctx);
+
+ /* Write the hash */
+ be64enc_vect(digest, ctx->state, SHA512_224_DIGEST_LENGTH);
+
+ /* Clear the context state */
+ memset(ctx, 0, sizeof(*ctx));
+}
+
+void
+SHA512_256_Init(SHA512_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count[0] = ctx->count[1] = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0x22312194fc2bf72cULL;
+ ctx->state[1] = 0x9f555fa3c84c64c2ULL;
+ ctx->state[2] = 0x2393b86b6f53b151ULL;
+ ctx->state[3] = 0x963877195940eabdULL;
+ ctx->state[4] = 0x96283ee2a88effe3ULL;
+ ctx->state[5] = 0xbe5e1e2553863992ULL;
+ ctx->state[6] = 0x2b0199fc2c85b8aaULL;
+ ctx->state[7] = 0x0eb72ddc81c52ca2ULL;
+}
+
+void
+SHA512_256_Update(SHA512_CTX * ctx, const void *in, size_t len)
+{
+
+ SHA512_Update(ctx, in, len);
+}
+
+void
+SHA512_256_Final(unsigned char digest[SHA512_256_DIGEST_LENGTH], SHA512_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA512_Pad(ctx);
+
+ /* Write the hash */
+ be64enc_vect(digest, ctx->state, SHA512_256_DIGEST_LENGTH);
+
+ /* Clear the context state */
+ memset(ctx, 0, sizeof(*ctx));
+}
+
+/*** SHA-384: *********************************************************/
+/*
+ * the SHA384 and SHA512 transforms are identical, so SHA384 is skipped
+ */
+
+/* SHA-384 initialization. Begins a SHA-384 operation. */
+void
+SHA384_Init(SHA384_CTX * ctx)
+{
+
+ /* Zero bits processed so far */
+ ctx->count[0] = ctx->count[1] = 0;
+
+ /* Magic initialization constants */
+ ctx->state[0] = 0xcbbb9d5dc1059ed8ULL;
+ ctx->state[1] = 0x629a292a367cd507ULL;
+ ctx->state[2] = 0x9159015a3070dd17ULL;
+ ctx->state[3] = 0x152fecd8f70e5939ULL;
+ ctx->state[4] = 0x67332667ffc00b31ULL;
+ ctx->state[5] = 0x8eb44a8768581511ULL;
+ ctx->state[6] = 0xdb0c2e0d64f98fa7ULL;
+ ctx->state[7] = 0x47b5481dbefa4fa4ULL;
+}
+
+/* Add bytes into the SHA-384 hash */
+void
+SHA384_Update(SHA384_CTX * ctx, const void *in, size_t len)
+{
+
+ SHA512_Update((SHA512_CTX *)ctx, in, len);
+}
+
+/*
+ * SHA-384 finalization. Pads the input data, exports the hash value,
+ * and clears the context state.
+ */
+void
+SHA384_Final(unsigned char digest[SHA384_DIGEST_LENGTH], SHA384_CTX * ctx)
+{
+
+ /* Add padding */
+ SHA512_Pad((SHA512_CTX *)ctx);
+
+ /* Write the hash */
+ be64enc_vect(digest, ctx->state, SHA384_DIGEST_LENGTH);
+
+ /* Clear the context state */
+ memset((void *)ctx, 0, sizeof(*ctx));
+}
+
+#ifdef WEAK_REFS
+/* When building libmd, provide weak references. Note: this is not
+ activated in the context of compiling these sources for internal
+ use in libcrypt.
+ */
+#undef SHA512_Init
+__weak_reference(_libmd_SHA512_Init, SHA512_Init);
+#undef SHA512_Update
+__weak_reference(_libmd_SHA512_Update, SHA512_Update);
+#undef SHA512_Final
+__weak_reference(_libmd_SHA512_Final, SHA512_Final);
+#undef SHA512_Transform
+__weak_reference(_libmd_SHA512_Transform, SHA512_Transform);
+
+#undef SHA512_224_Init
+__weak_reference(_libmd_SHA512_224_Init, SHA512_224_Init);
+#undef SHA512_224_Update
+__weak_reference(_libmd_SHA512_224_Update, SHA512_224_Update);
+#undef SHA512_224_Final
+__weak_reference(_libmd_SHA512_224_Final, SHA512_224_Final);
+
+#undef SHA512_256_Init
+__weak_reference(_libmd_SHA512_256_Init, SHA512_256_Init);
+#undef SHA512_256_Update
+__weak_reference(_libmd_SHA512_256_Update, SHA512_256_Update);
+#undef SHA512_256_Final
+__weak_reference(_libmd_SHA512_256_Final, SHA512_256_Final);
+
+#undef SHA384_Init
+__weak_reference(_libmd_SHA384_Init, SHA384_Init);
+#undef SHA384_Update
+__weak_reference(_libmd_SHA384_Update, SHA384_Update);
+#undef SHA384_Final
+__weak_reference(_libmd_SHA384_Final, SHA384_Final);
+#endif
Property changes on: trunk/sys/crypto/sha2/sha512c.c
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/sha2/sha512t.h
===================================================================
--- trunk/sys/crypto/sha2/sha512t.h (rev 0)
+++ trunk/sys/crypto/sha2/sha512t.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,126 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright (c) 2015 Allan Jude <allanjude at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: stable/10/sys/crypto/sha2/sha512t.h 314550 2017-03-02 09:10:39Z avg $
+ */
+
+#ifndef _SHA512T_H_
+#define _SHA512T_H_
+
+#include "sha512.h"
+
+#ifndef _KERNEL
+#include <sys/types.h>
+#endif
+
+#define SHA512_224_DIGEST_LENGTH 28
+#define SHA512_224_DIGEST_STRING_LENGTH (SHA512_224_DIGEST_LENGTH * 2 + 1)
+#define SHA512_256_DIGEST_LENGTH 32
+#define SHA512_256_DIGEST_STRING_LENGTH (SHA512_256_DIGEST_LENGTH * 2 + 1)
+
+__BEGIN_DECLS
+
+/* Ensure libmd symbols do not clash with libcrypto */
+#ifndef SHA512_224_Init
+#define SHA512_224_Init _libmd_SHA512_224_Init
+#endif
+#ifndef SHA512_224_Update
+#define SHA512_224_Update _libmd_SHA512_224_Update
+#endif
+#ifndef SHA512_224_Final
+#define SHA512_224_Final _libmd_SHA512_224_Final
+#endif
+#ifndef SHA512_224_End
+#define SHA512_224_End _libmd_SHA512_224_End
+#endif
+#ifndef SHA512_224_File
+#define SHA512_224_File _libmd_SHA512_224_File
+#endif
+#ifndef SHA512_224_FileChunk
+#define SHA512_224_FileChunk _libmd_SHA512_224_FileChunk
+#endif
+#ifndef SHA512_224_Data
+#define SHA512_224_Data _libmd_SHA512_224_Data
+#endif
+
+#ifndef SHA512_224_Transform
+#define SHA512_224_Transform _libmd_SHA512_224_Transform
+#endif
+#ifndef SHA512_224_version
+#define SHA512_224_version _libmd_SHA512_224_version
+#endif
+
+#ifndef SHA512_256_Init
+#define SHA512_256_Init _libmd_SHA512_256_Init
+#endif
+#ifndef SHA512_256_Update
+#define SHA512_256_Update _libmd_SHA512_256_Update
+#endif
+#ifndef SHA512_256_Final
+#define SHA512_256_Final _libmd_SHA512_256_Final
+#endif
+#ifndef SHA512_256_End
+#define SHA512_256_End _libmd_SHA512_256_End
+#endif
+#ifndef SHA512_256_File
+#define SHA512_256_File _libmd_SHA512_256_File
+#endif
+#ifndef SHA512_256_FileChunk
+#define SHA512_256_FileChunk _libmd_SHA512_256_FileChunk
+#endif
+#ifndef SHA512_256_Data
+#define SHA512_256_Data _libmd_SHA512_256_Data
+#endif
+
+#ifndef SHA512_256_Transform
+#define SHA512_256_Transform _libmd_SHA512_256_Transform
+#endif
+#ifndef SHA512_256_version
+#define SHA512_256_version _libmd_SHA512_256_version
+#endif
+
+void SHA512_224_Init(SHA512_CTX *);
+void SHA512_224_Update(SHA512_CTX *, const void *, size_t);
+void SHA512_224_Final(unsigned char [SHA512_224_DIGEST_LENGTH], SHA512_CTX *);
+#ifndef _KERNEL
+char *SHA512_224_End(SHA512_CTX *, char *);
+char *SHA512_224_Data(const void *, unsigned int, char *);
+char *SHA512_224_File(const char *, char *);
+char *SHA512_224_FileChunk(const char *, char *, off_t, off_t);
+#endif
+void SHA512_256_Init(SHA512_CTX *);
+void SHA512_256_Update(SHA512_CTX *, const void *, size_t);
+void SHA512_256_Final(unsigned char [SHA512_256_DIGEST_LENGTH], SHA512_CTX *);
+#ifndef _KERNEL
+char *SHA512_256_End(SHA512_CTX *, char *);
+char *SHA512_256_Data(const void *, unsigned int, char *);
+char *SHA512_256_File(const char *, char *);
+char *SHA512_256_FileChunk(const char *, char *, off_t, off_t);
+#endif
+
+__END_DECLS
+
+#endif /* !_SHA512T_H_ */
Property changes on: trunk/sys/crypto/sha2/sha512t.h
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/siphash/siphash.c
===================================================================
--- trunk/sys/crypto/siphash/siphash.c (rev 0)
+++ trunk/sys/crypto/siphash/siphash.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,243 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright (c) 2013 Andre Oppermann <andre at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
+ * permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * SipHash is a family of PRFs SipHash-c-d where the integer parameters c and d
+ * are the number of compression rounds and the number of finalization rounds.
+ * A compression round is identical to a finalization round and this round
+ * function is called SipRound. Given a 128-bit key k and a (possibly empty)
+ * byte string m, SipHash-c-d returns a 64-bit value SipHash-c-d(k; m).
+ *
+ * Implemented from the paper "SipHash: a fast short-input PRF", 2012.09.18,
+ * by Jean-Philippe Aumasson and Daniel J. Bernstein,
+ * Permanent Document ID b9a943a805fbfc6fde808af9fc0ecdfa
+ * https://131002.net/siphash/siphash.pdf
+ * https://131002.net/siphash/
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/siphash/siphash.c 253214 2013-07-11 16:27:11Z andre $");
+
+#include <sys/param.h>
+#include <sys/types.h>
+#include <sys/systm.h>
+#include <sys/libkern.h>
+#include <sys/endian.h>
+
+#include <crypto/siphash/siphash.h>
+
+static void SipRounds(SIPHASH_CTX *ctx, int final);
+
+void
+SipHash_InitX(SIPHASH_CTX *ctx, int rc, int rf)
+{
+
+ ctx->v[0] = 0x736f6d6570736575ull;
+ ctx->v[1] = 0x646f72616e646f6dull;
+ ctx->v[2] = 0x6c7967656e657261ull;
+ ctx->v[3] = 0x7465646279746573ull;
+ ctx->buf.b64 = 0;
+ ctx->bytes = 0;
+ ctx->buflen = 0;
+ ctx->rounds_compr = rc;
+ ctx->rounds_final = rf;
+ ctx->initialized = 1;
+}
+
+void
+SipHash_SetKey(SIPHASH_CTX *ctx, const uint8_t key[16])
+{
+ uint64_t k[2];
+
+ KASSERT(ctx->v[0] == 0x736f6d6570736575ull &&
+ ctx->initialized == 1,
+ ("%s: context %p not properly initialized", __func__, ctx));
+
+ k[0] = le64dec(&key[0]);
+ k[1] = le64dec(&key[8]);
+
+ ctx->v[0] ^= k[0];
+ ctx->v[1] ^= k[1];
+ ctx->v[2] ^= k[0];
+ ctx->v[3] ^= k[1];
+
+ ctx->initialized = 2;
+}
+
+static size_t
+SipBuf(SIPHASH_CTX *ctx, const uint8_t **src, size_t len, int final)
+{
+ size_t x = 0;
+
+ KASSERT((!final && len > 0) || (final && len == 0),
+ ("%s: invalid parameters", __func__));
+
+ if (!final) {
+ x = MIN(len, sizeof(ctx->buf.b64) - ctx->buflen);
+ bcopy(*src, &ctx->buf.b8[ctx->buflen], x);
+ ctx->buflen += x;
+ *src += x;
+ } else
+ ctx->buf.b8[7] = (uint8_t)ctx->bytes;
+
+ if (ctx->buflen == 8 || final) {
+ ctx->v[3] ^= le64toh(ctx->buf.b64);
+ SipRounds(ctx, 0);
+ ctx->v[0] ^= le64toh(ctx->buf.b64);
+ ctx->buf.b64 = 0;
+ ctx->buflen = 0;
+ }
+ return (x);
+}
+
+void
+SipHash_Update(SIPHASH_CTX *ctx, const void *src, size_t len)
+{
+ uint64_t m;
+ const uint64_t *p;
+ const uint8_t *s;
+ size_t rem;
+
+ KASSERT(ctx->initialized == 2,
+ ("%s: context %p not properly initialized", __func__, ctx));
+
+ s = src;
+ ctx->bytes += len;
+
+ /*
+ * Push length smaller than block size into buffer or
+ * fill up the buffer if there is already something
+ * in it.
+ */
+ if (ctx->buflen > 0 || len < 8)
+ len -= SipBuf(ctx, &s, len, 0);
+ if (len == 0)
+ return;
+
+ rem = len & 0x7;
+ len >>= 3;
+
+ /* Optimze for 64bit aligned/unaligned access. */
+ if (((uintptr_t)s & 0x7) == 0) {
+ for (p = (const uint64_t *)s; len > 0; len--, p++) {
+ m = le64toh(*p);
+ ctx->v[3] ^= m;
+ SipRounds(ctx, 0);
+ ctx->v[0] ^= m;
+ }
+ s = (const uint8_t *)p;
+ } else {
+ for (; len > 0; len--, s += 8) {
+ m = le64dec(s);
+ ctx->v[3] ^= m;
+ SipRounds(ctx, 0);
+ ctx->v[0] ^= m;
+ }
+ }
+
+ /* Push remainder into buffer. */
+ if (rem > 0)
+ (void)SipBuf(ctx, &s, rem, 0);
+}
+
+void
+SipHash_Final(void *dst, SIPHASH_CTX *ctx)
+{
+ uint64_t r;
+
+ KASSERT(ctx->initialized == 2,
+ ("%s: context %p not properly initialized", __func__, ctx));
+
+ r = SipHash_End(ctx);
+ le64enc(dst, r);
+}
+
+uint64_t
+SipHash_End(SIPHASH_CTX *ctx)
+{
+ uint64_t r;
+
+ KASSERT(ctx->initialized == 2,
+ ("%s: context %p not properly initialized", __func__, ctx));
+
+ SipBuf(ctx, NULL, 0, 1);
+ ctx->v[2] ^= 0xff;
+ SipRounds(ctx, 1);
+ r = (ctx->v[0] ^ ctx->v[1]) ^ (ctx->v[2] ^ ctx->v[3]);
+
+ bzero(ctx, sizeof(*ctx));
+ return (r);
+}
+
+uint64_t
+SipHashX(SIPHASH_CTX *ctx, int rc, int rf, const uint8_t key[16],
+ const void *src, size_t len)
+{
+
+ SipHash_InitX(ctx, rc, rf);
+ SipHash_SetKey(ctx, key);
+ SipHash_Update(ctx, src, len);
+
+ return (SipHash_End(ctx));
+}
+
+#define SIP_ROTL(x, b) (uint64_t)(((x) << (b)) | ( (x) >> (64 - (b))))
+
+static void
+SipRounds(SIPHASH_CTX *ctx, int final)
+{
+ int rounds;
+
+ if (!final)
+ rounds = ctx->rounds_compr;
+ else
+ rounds = ctx->rounds_final;
+
+ while (rounds--) {
+ ctx->v[0] += ctx->v[1];
+ ctx->v[2] += ctx->v[3];
+ ctx->v[1] = SIP_ROTL(ctx->v[1], 13);
+ ctx->v[3] = SIP_ROTL(ctx->v[3], 16);
+
+ ctx->v[1] ^= ctx->v[0];
+ ctx->v[3] ^= ctx->v[2];
+ ctx->v[0] = SIP_ROTL(ctx->v[0], 32);
+
+ ctx->v[2] += ctx->v[1];
+ ctx->v[0] += ctx->v[3];
+ ctx->v[1] = SIP_ROTL(ctx->v[1], 17);
+ ctx->v[3] = SIP_ROTL(ctx->v[3], 21);
+
+ ctx->v[1] ^= ctx->v[2];
+ ctx->v[3] ^= ctx->v[0];
+ ctx->v[2] = SIP_ROTL(ctx->v[2], 32);
+ }
+}
+
Property changes on: trunk/sys/crypto/siphash/siphash.c
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/siphash/siphash.h
===================================================================
--- trunk/sys/crypto/siphash/siphash.h (rev 0)
+++ trunk/sys/crypto/siphash/siphash.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,84 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright (c) 2013 Andre Oppermann <andre at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
+ * permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: stable/10/sys/crypto/siphash/siphash.h 253208 2013-07-11 14:18:38Z andre $
+ */
+
+/*
+ * SipHash is a family of pseudorandom functions (a.k.a. keyed hash functions)
+ * optimized for speed on short messages returning a 64bit hash/digest value.
+ *
+ * The number of rounds is defined during the initialization:
+ * SipHash24_Init() for the fast and resonable strong version
+ * SipHash48_Init() for the strong version (half as fast)
+ *
+ * struct SIPHASH_CTX ctx;
+ * SipHash24_Init(&ctx);
+ * SipHash_SetKey(&ctx, "16bytes long key");
+ * SipHash_Update(&ctx, pointer_to_string, length_of_string);
+ * SipHash_Final(output, &ctx);
+ */
+
+#ifndef _SIPHASH_H_
+#define _SIPHASH_H_
+
+#define SIPHASH_BLOCK_LENGTH 8
+#define SIPHASH_KEY_LENGTH 16
+#define SIPHASH_DIGEST_LENGTH 8
+
+typedef struct _SIPHASH_CTX {
+ uint64_t v[4];
+ union {
+ uint64_t b64;
+ uint8_t b8[8];
+ } buf;
+ uint64_t bytes;
+ uint8_t buflen;
+ uint8_t rounds_compr;
+ uint8_t rounds_final;
+ uint8_t initialized;
+} SIPHASH_CTX;
+
+
+#define SipHash24_Init(x) SipHash_InitX((x), 2, 4)
+#define SipHash48_Init(x) SipHash_InitX((x), 4, 8)
+void SipHash_InitX(SIPHASH_CTX *, int, int);
+void SipHash_SetKey(SIPHASH_CTX *, const uint8_t [16]);
+void SipHash_Update(SIPHASH_CTX *, const void *, size_t);
+void SipHash_Final(void *, SIPHASH_CTX *);
+uint64_t SipHash_End(SIPHASH_CTX *);
+
+#define SipHash24(x, y, z, i) SipHashX((x), 2, 4, (y), (z), (i));
+#define SipHash48(x, y, z, i) SipHashX((x), 4, 8, (y), (z), (i));
+uint64_t SipHashX(SIPHASH_CTX *, int, int, const uint8_t [16], const void *,
+ size_t);
+
+int SipHash24_TestVectors(void);
+
+#endif /* _SIPHASH_H_ */
Property changes on: trunk/sys/crypto/siphash/siphash.h
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/sys/crypto/siphash/siphash_test.c
===================================================================
--- trunk/sys/crypto/siphash/siphash_test.c (rev 0)
+++ trunk/sys/crypto/siphash/siphash_test.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -0,0 +1,141 @@
+/* $MidnightBSD$ */
+/*-
+ * Test Vectors from the SipHash reference C implementation:
+ *
+ * Written in 2012 by
+ * Jean-Philippe Aumasson <jeanphilippe.aumasson at gmail.com>
+ * Daniel J. Bernstein <djb at cr.yp.to>
+ *
+ * Adjusted by Andre Oppermann <andre at freebsd.org> to use function calls in
+ * line with other hash implementations.
+ *
+ * To the extent possible under law, the author(s) have dedicated all copyright
+ * and related and neighboring rights to this software to the public domain
+ * worldwide. This software is distributed without any warranty.
+ *
+ * You should have received a copy of the CC0 Public Domain Dedication along with
+ * this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
+ *
+ * SipHash-2-4 output with
+ * k = 00 01 02 ...
+ * and
+ * in = (empty string)
+ * in = 00 (1 byte)
+ * in = 00 01 (2 bytes)
+ * in = 00 01 02 (3 bytes)
+ * ...
+ * in = 00 01 02 ... 3e (63 bytes)
+ */
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/siphash/siphash_test.c 253208 2013-07-11 14:18:38Z andre $");
+
+#include <sys/param.h>
+#include <sys/types.h>
+#include <sys/systm.h>
+#include <sys/libkern.h>
+#include <sys/endian.h>
+
+#include <crypto/siphash/siphash.h>
+
+uint8_t vectors[64][8] =
+{
+ { 0x31, 0x0e, 0x0e, 0xdd, 0x47, 0xdb, 0x6f, 0x72, },
+ { 0xfd, 0x67, 0xdc, 0x93, 0xc5, 0x39, 0xf8, 0x74, },
+ { 0x5a, 0x4f, 0xa9, 0xd9, 0x09, 0x80, 0x6c, 0x0d, },
+ { 0x2d, 0x7e, 0xfb, 0xd7, 0x96, 0x66, 0x67, 0x85, },
+ { 0xb7, 0x87, 0x71, 0x27, 0xe0, 0x94, 0x27, 0xcf, },
+ { 0x8d, 0xa6, 0x99, 0xcd, 0x64, 0x55, 0x76, 0x18, },
+ { 0xce, 0xe3, 0xfe, 0x58, 0x6e, 0x46, 0xc9, 0xcb, },
+ { 0x37, 0xd1, 0x01, 0x8b, 0xf5, 0x00, 0x02, 0xab, },
+ { 0x62, 0x24, 0x93, 0x9a, 0x79, 0xf5, 0xf5, 0x93, },
+ { 0xb0, 0xe4, 0xa9, 0x0b, 0xdf, 0x82, 0x00, 0x9e, },
+ { 0xf3, 0xb9, 0xdd, 0x94, 0xc5, 0xbb, 0x5d, 0x7a, },
+ { 0xa7, 0xad, 0x6b, 0x22, 0x46, 0x2f, 0xb3, 0xf4, },
+ { 0xfb, 0xe5, 0x0e, 0x86, 0xbc, 0x8f, 0x1e, 0x75, },
+ { 0x90, 0x3d, 0x84, 0xc0, 0x27, 0x56, 0xea, 0x14, },
+ { 0xee, 0xf2, 0x7a, 0x8e, 0x90, 0xca, 0x23, 0xf7, },
+ { 0xe5, 0x45, 0xbe, 0x49, 0x61, 0xca, 0x29, 0xa1, },
+ { 0xdb, 0x9b, 0xc2, 0x57, 0x7f, 0xcc, 0x2a, 0x3f, },
+ { 0x94, 0x47, 0xbe, 0x2c, 0xf5, 0xe9, 0x9a, 0x69, },
+ { 0x9c, 0xd3, 0x8d, 0x96, 0xf0, 0xb3, 0xc1, 0x4b, },
+ { 0xbd, 0x61, 0x79, 0xa7, 0x1d, 0xc9, 0x6d, 0xbb, },
+ { 0x98, 0xee, 0xa2, 0x1a, 0xf2, 0x5c, 0xd6, 0xbe, },
+ { 0xc7, 0x67, 0x3b, 0x2e, 0xb0, 0xcb, 0xf2, 0xd0, },
+ { 0x88, 0x3e, 0xa3, 0xe3, 0x95, 0x67, 0x53, 0x93, },
+ { 0xc8, 0xce, 0x5c, 0xcd, 0x8c, 0x03, 0x0c, 0xa8, },
+ { 0x94, 0xaf, 0x49, 0xf6, 0xc6, 0x50, 0xad, 0xb8, },
+ { 0xea, 0xb8, 0x85, 0x8a, 0xde, 0x92, 0xe1, 0xbc, },
+ { 0xf3, 0x15, 0xbb, 0x5b, 0xb8, 0x35, 0xd8, 0x17, },
+ { 0xad, 0xcf, 0x6b, 0x07, 0x63, 0x61, 0x2e, 0x2f, },
+ { 0xa5, 0xc9, 0x1d, 0xa7, 0xac, 0xaa, 0x4d, 0xde, },
+ { 0x71, 0x65, 0x95, 0x87, 0x66, 0x50, 0xa2, 0xa6, },
+ { 0x28, 0xef, 0x49, 0x5c, 0x53, 0xa3, 0x87, 0xad, },
+ { 0x42, 0xc3, 0x41, 0xd8, 0xfa, 0x92, 0xd8, 0x32, },
+ { 0xce, 0x7c, 0xf2, 0x72, 0x2f, 0x51, 0x27, 0x71, },
+ { 0xe3, 0x78, 0x59, 0xf9, 0x46, 0x23, 0xf3, 0xa7, },
+ { 0x38, 0x12, 0x05, 0xbb, 0x1a, 0xb0, 0xe0, 0x12, },
+ { 0xae, 0x97, 0xa1, 0x0f, 0xd4, 0x34, 0xe0, 0x15, },
+ { 0xb4, 0xa3, 0x15, 0x08, 0xbe, 0xff, 0x4d, 0x31, },
+ { 0x81, 0x39, 0x62, 0x29, 0xf0, 0x90, 0x79, 0x02, },
+ { 0x4d, 0x0c, 0xf4, 0x9e, 0xe5, 0xd4, 0xdc, 0xca, },
+ { 0x5c, 0x73, 0x33, 0x6a, 0x76, 0xd8, 0xbf, 0x9a, },
+ { 0xd0, 0xa7, 0x04, 0x53, 0x6b, 0xa9, 0x3e, 0x0e, },
+ { 0x92, 0x59, 0x58, 0xfc, 0xd6, 0x42, 0x0c, 0xad, },
+ { 0xa9, 0x15, 0xc2, 0x9b, 0xc8, 0x06, 0x73, 0x18, },
+ { 0x95, 0x2b, 0x79, 0xf3, 0xbc, 0x0a, 0xa6, 0xd4, },
+ { 0xf2, 0x1d, 0xf2, 0xe4, 0x1d, 0x45, 0x35, 0xf9, },
+ { 0x87, 0x57, 0x75, 0x19, 0x04, 0x8f, 0x53, 0xa9, },
+ { 0x10, 0xa5, 0x6c, 0xf5, 0xdf, 0xcd, 0x9a, 0xdb, },
+ { 0xeb, 0x75, 0x09, 0x5c, 0xcd, 0x98, 0x6c, 0xd0, },
+ { 0x51, 0xa9, 0xcb, 0x9e, 0xcb, 0xa3, 0x12, 0xe6, },
+ { 0x96, 0xaf, 0xad, 0xfc, 0x2c, 0xe6, 0x66, 0xc7, },
+ { 0x72, 0xfe, 0x52, 0x97, 0x5a, 0x43, 0x64, 0xee, },
+ { 0x5a, 0x16, 0x45, 0xb2, 0x76, 0xd5, 0x92, 0xa1, },
+ { 0xb2, 0x74, 0xcb, 0x8e, 0xbf, 0x87, 0x87, 0x0a, },
+ { 0x6f, 0x9b, 0xb4, 0x20, 0x3d, 0xe7, 0xb3, 0x81, },
+ { 0xea, 0xec, 0xb2, 0xa3, 0x0b, 0x22, 0xa8, 0x7f, },
+ { 0x99, 0x24, 0xa4, 0x3c, 0xc1, 0x31, 0x57, 0x24, },
+ { 0xbd, 0x83, 0x8d, 0x3a, 0xaf, 0xbf, 0x8d, 0xb7, },
+ { 0x0b, 0x1a, 0x2a, 0x32, 0x65, 0xd5, 0x1a, 0xea, },
+ { 0x13, 0x50, 0x79, 0xa3, 0x23, 0x1c, 0xe6, 0x60, },
+ { 0x93, 0x2b, 0x28, 0x46, 0xe4, 0xd7, 0x06, 0x66, },
+ { 0xe1, 0x91, 0x5f, 0x5c, 0xb1, 0xec, 0xa4, 0x6c, },
+ { 0xf3, 0x25, 0x96, 0x5c, 0xa1, 0x6d, 0x62, 0x9f, },
+ { 0x57, 0x5f, 0xf2, 0x8e, 0x60, 0x38, 0x1b, 0xe5, },
+ { 0x72, 0x45, 0x06, 0xeb, 0x4c, 0x32, 0x8a, 0x95, }
+};
+
+#define MAXLEN 64
+
+int
+SipHash24_TestVectors(void)
+{
+ int i, fail = 0;
+ uint8_t in[MAXLEN], out[8], k[16];
+ SIPHASH_CTX ctx;
+
+ /* Initialize key. */
+ for (i = 0; i < 16; ++i)
+ k[i] = i;
+
+ /* Step through differnet length. */
+ for (i = 0; i < MAXLEN; ++i) {
+ in[i] = i;
+
+ SipHash24_Init(&ctx);
+ SipHash_SetKey(&ctx, k);
+ SipHash_Update(&ctx, in, i);
+ SipHash_Final(out, &ctx);
+
+ if (memcmp(out, vectors[i], 8))
+#if 0
+ printf("%i: test vector failed\n", i);
+ else
+ printf("%i: test vector correct\n", i);
+#else
+ fail++;
+#endif
+ }
+
+ return ((fail == 0));
+}
Property changes on: trunk/sys/crypto/siphash/siphash_test.c
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Modified: trunk/sys/crypto/via/padlock.c
===================================================================
--- trunk/sys/crypto/via/padlock.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/via/padlock.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2005-2008 Pawel Jakub Dawidek <pjd at FreeBSD.org>
* All rights reserved.
@@ -25,6 +26,7 @@
*/
#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/via/padlock.c 268033 2014-06-30 09:48:44Z kib $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -170,7 +172,7 @@
struct padlock_session *ses = NULL;
struct cryptoini *encini, *macini;
struct thread *td;
- int error, saved_ctx;
+ int error;
if (sidp == NULL || cri == NULL)
return (EINVAL);
@@ -245,18 +247,11 @@
if (macini != NULL) {
td = curthread;
- if (!is_fpu_kern_thread(0)) {
- error = fpu_kern_enter(td, ses->ses_fpu_ctx,
- FPU_KERN_NORMAL);
- saved_ctx = 1;
- } else {
- error = 0;
- saved_ctx = 0;
- }
+ error = fpu_kern_enter(td, ses->ses_fpu_ctx, FPU_KERN_NORMAL |
+ FPU_KERN_KTHR);
if (error == 0) {
error = padlock_hash_setup(ses, macini);
- if (saved_ctx)
- fpu_kern_leave(td, ses->ses_fpu_ctx);
+ fpu_kern_leave(td, ses->ses_fpu_ctx);
}
if (error != 0) {
padlock_freesession_one(sc, ses, 0);
Modified: trunk/sys/crypto/via/padlock.h
===================================================================
--- trunk/sys/crypto/via/padlock.h 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/via/padlock.h 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2005-2006 Pawel Jakub Dawidek <pjd at FreeBSD.org>
* All rights reserved.
@@ -23,7 +24,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $MidnightBSD$
+ * $FreeBSD: stable/10/sys/crypto/via/padlock.h 230426 2012-01-21 17:45:27Z kib $
*/
#ifndef _PADLOCK_H_
Modified: trunk/sys/crypto/via/padlock_cipher.c
===================================================================
--- trunk/sys/crypto/via/padlock_cipher.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/via/padlock_cipher.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2005-2006 Pawel Jakub Dawidek <pjd at FreeBSD.org>
* Copyright (c) 2004 Mark R V Murray
@@ -45,7 +46,7 @@
*/
#include <sys/cdefs.h>
-__MBSDID("$MidnightBSD$");
+__FBSDID("$FreeBSD: stable/10/sys/crypto/via/padlock_cipher.c 268033 2014-06-30 09:48:44Z kib $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -205,7 +206,7 @@
struct thread *td;
u_char *buf, *abuf;
uint32_t *key;
- int allocated, error, saved_ctx;
+ int allocated, error;
buf = padlock_cipher_alloc(enccrd, crp, &allocated);
if (buf == NULL)
@@ -250,22 +251,14 @@
}
td = curthread;
- if (!is_fpu_kern_thread(0)) {
- error = fpu_kern_enter(td, ses->ses_fpu_ctx, FPU_KERN_NORMAL);
- saved_ctx = 1;
- } else {
- error = 0;
- saved_ctx = 0;
- }
+ error = fpu_kern_enter(td, ses->ses_fpu_ctx, FPU_KERN_NORMAL |
+ FPU_KERN_KTHR);
if (error != 0)
goto out;
-
padlock_cbc(abuf, abuf, enccrd->crd_len / AES_BLOCK_LEN, key, cw,
ses->ses_iv);
+ fpu_kern_leave(td, ses->ses_fpu_ctx);
- if (saved_ctx)
- fpu_kern_leave(td, ses->ses_fpu_ctx);
-
if (allocated) {
crypto_copyback(crp->crp_flags, crp->crp_buf, enccrd->crd_skip,
enccrd->crd_len, abuf);
Modified: trunk/sys/crypto/via/padlock_hash.c
===================================================================
--- trunk/sys/crypto/via/padlock_hash.c 2018-05-28 00:28:05 UTC (rev 10129)
+++ trunk/sys/crypto/via/padlock_hash.c 2018-05-28 00:31:00 UTC (rev 10130)
@@ -1,3 +1,4 @@
+/* $MidnightBSD$ */
/*-
* Copyright (c) 2006 Pawel Jakub Dawidek <pjd at FreeBSD.org>
* All rights reserved.
@@ -25,6 +26,7 @@
*/
#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/sys/crypto/via/padlock_hash.c 268033 2014-06-30 09:48:44Z kib $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -365,16 +367,11 @@
struct cryptop *crp)
{
struct thread *td;
- int error, saved_ctx;
+ int error;
td = curthread;
- if (!is_fpu_kern_thread(0)) {
- error = fpu_kern_enter(td, ses->ses_fpu_ctx, FPU_KERN_NORMAL);
- saved_ctx = 1;
- } else {
- error = 0;
- saved_ctx = 0;
- }
+ error = fpu_kern_enter(td, ses->ses_fpu_ctx, FPU_KERN_NORMAL |
+ FPU_KERN_KTHR);
if (error != 0)
return (error);
if ((maccrd->crd_flags & CRD_F_KEY_EXPLICIT) != 0)
@@ -381,8 +378,7 @@
padlock_hash_key_setup(ses, maccrd->crd_key, maccrd->crd_klen);
error = padlock_authcompute(ses, maccrd, crp->crp_buf, crp->crp_flags);
- if (saved_ctx)
- fpu_kern_leave(td, ses->ses_fpu_ctx);
+ fpu_kern_leave(td, ses->ses_fpu_ctx);
return (error);
}
More information about the Midnightbsd-cvs
mailing list