git: 048a71b46e81 - main - ossl: Add support for ETA mode

Sat, 06 Nov 2021 01:12:06 -0700 

The branch main has been updated by wma:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=048a71b46e816de8fb95b553a8ad0e98c0d51e12

commit 048a71b46e816de8fb95b553a8ad0e98c0d51e12
Author:     Kornel Duleba <min...@semihalf.com>
AuthorDate: 2021-11-02 11:57:20 +0000
Commit:     Wojciech Macek <w...@freebsd.org>
CommitDate: 2021-11-06 08:08:44 +0000

    ossl: Add support for ETA mode
    
    Now that the AES-CBC is supported we can handle ETA requests.
    
    Sponsored by:           Stormshield
    Obtained from:          Semihalf
    Reviewed by:            jhb(previous version)
    Differential revision:  https://reviews.freebsd.org/D32100
---
 sys/crypto/openssl/ossl.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/sys/crypto/openssl/ossl.c b/sys/crypto/openssl/ossl.c
index f46b5a966bb1..f41ff09c371d 100644
--- a/sys/crypto/openssl/ossl.c
+++ b/sys/crypto/openssl/ossl.c
@@ -172,6 +172,13 @@ ossl_probesession(device_t dev, const struct 
crypto_session_params *csp)
                if (ossl_lookup_cipher(csp) == NULL)
                        return (EINVAL);
                break;
+       case CSP_MODE_ETA:
+               if (!sc->has_aes ||
+                   csp->csp_cipher_alg == CRYPTO_CHACHA20 ||
+                   ossl_lookup_hash(csp) == NULL ||
+                   ossl_lookup_cipher(csp) == NULL)
+                       return (EINVAL);
+               break;
        case CSP_MODE_AEAD:
                switch (csp->csp_cipher_alg) {
                case CRYPTO_CHACHA20_POLY1305:
@@ -268,6 +275,10 @@ ossl_newsession(device_t dev, crypto_session_t cses,
        case CSP_MODE_CIPHER:
                error = ossl_newsession_cipher(s, csp);
                break;
+       case CSP_MODE_ETA:
+               ossl_newsession_hash(s, csp);
+               error = ossl_newsession_cipher(s, csp);
+               break;
        }
 
        return (error);
@@ -341,6 +352,25 @@ out:
        return (error);
 }
 
+static int
+ossl_process_eta(struct ossl_session *s, struct cryptop *crp,
+    const struct crypto_session_params *csp)
+{
+       int error;
+
+       if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) {
+               error = s->cipher.cipher->process(&s->cipher, crp, csp);
+               if (error == 0)
+                       error = ossl_process_hash(s, crp, csp);
+       } else {
+               error = ossl_process_hash(s, crp, csp);
+               if (error == 0)
+                       error = s->cipher.cipher->process(&s->cipher, crp, csp);
+       }
+
+       return (error);
+}
+
 static int
 ossl_process(device_t dev, struct cryptop *crp, int hint)
 {
@@ -366,6 +396,9 @@ ossl_process(device_t dev, struct cryptop *crp, int hint)
        case CSP_MODE_CIPHER:
                error = s->cipher.cipher->process(&s->cipher, crp, csp);
                break;
+       case CSP_MODE_ETA:
+               error = ossl_process_eta(s, crp, csp);
+               break;
        case CSP_MODE_AEAD:
                if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op))
                        error = ossl_chacha20_poly1305_encrypt(crp, csp);

Reply via email to