Author: mav
Date: Wed Oct 14 11:12:47 2015
New Revision: 289310
URL: https://svnweb.freebsd.org/changeset/base/289310
Log:
4185 add new cryptographic checksums to ZFS: SHA-512, Skein, Edon-R
Reviewed by: George Wilson <george.wil...@delphix.com>
Reviewed by: Prakash Surya <prakash.su...@delphix.com>
Reviewed by: Saso Kiselkov <saso.kisel...@nexenta.com>
Reviewed by: Richard Lowe <richl...@richlowe.net>
Approved by: Garrett D'Amore <garr...@damore.org>
Author: Matthew Ahrens <mahr...@delphix.com>
illumos/illumos-gate@45818ee124adeaaf947698996b4f4c722afc6d1f
Added:
vendor-sys/illumos/dist/uts/common/crypto/
vendor-sys/illumos/dist/uts/common/crypto/io/
vendor-sys/illumos/dist/uts/common/crypto/io/edonr_mod.c (contents, props
changed)
vendor-sys/illumos/dist/uts/common/crypto/io/skein_mod.c (contents, props
changed)
vendor-sys/illumos/dist/uts/common/fs/zfs/edonr_zfs.c (contents, props
changed)
vendor-sys/illumos/dist/uts/common/fs/zfs/skein_zfs.c (contents, props
changed)
vendor-sys/illumos/dist/uts/common/sys/edonr.h (contents, props changed)
vendor-sys/illumos/dist/uts/common/sys/skein.h (contents, props changed)
Modified:
vendor-sys/illumos/dist/common/zfs/zfeature_common.c
vendor-sys/illumos/dist/common/zfs/zfeature_common.h
vendor-sys/illumos/dist/common/zfs/zfs_fletcher.c
vendor-sys/illumos/dist/common/zfs/zfs_fletcher.h
vendor-sys/illumos/dist/common/zfs/zfs_prop.c
vendor-sys/illumos/dist/uts/common/Makefile.files
vendor-sys/illumos/dist/uts/common/fs/zfs/arc.c
vendor-sys/illumos/dist/uts/common/fs/zfs/ddt.c
vendor-sys/illumos/dist/uts/common/fs/zfs/dmu.c
vendor-sys/illumos/dist/uts/common/fs/zfs/dmu_send.c
vendor-sys/illumos/dist/uts/common/fs/zfs/dsl_dataset.c
vendor-sys/illumos/dist/uts/common/fs/zfs/sha256.c
vendor-sys/illumos/dist/uts/common/fs/zfs/spa.c
vendor-sys/illumos/dist/uts/common/fs/zfs/spa_misc.c
vendor-sys/illumos/dist/uts/common/fs/zfs/sys/dmu.h
vendor-sys/illumos/dist/uts/common/fs/zfs/sys/spa.h
vendor-sys/illumos/dist/uts/common/fs/zfs/sys/spa_impl.h
vendor-sys/illumos/dist/uts/common/fs/zfs/sys/zio.h
vendor-sys/illumos/dist/uts/common/fs/zfs/sys/zio_checksum.h
vendor-sys/illumos/dist/uts/common/fs/zfs/zfs_ioctl.c
vendor-sys/illumos/dist/uts/common/fs/zfs/zio.c
vendor-sys/illumos/dist/uts/common/fs/zfs/zio_checksum.c
vendor-sys/illumos/dist/uts/common/sys/debug.h
Changes in other areas also in this revision:
Added:
vendor/illumos/dist/common/crypto/
vendor/illumos/dist/common/crypto/edonr/
vendor/illumos/dist/common/crypto/edonr/edonr.c (contents, props changed)
vendor/illumos/dist/common/crypto/edonr/edonr_byteorder.h (contents, props
changed)
vendor/illumos/dist/common/crypto/skein/
vendor/illumos/dist/common/crypto/skein/THIRDPARTYLICENSE (contents, props
changed)
vendor/illumos/dist/common/crypto/skein/THIRDPARTYLICENSE.descrip
(contents, props changed)
vendor/illumos/dist/common/crypto/skein/skein.c (contents, props changed)
vendor/illumos/dist/common/crypto/skein/skein_block.c (contents, props
changed)
vendor/illumos/dist/common/crypto/skein/skein_impl.h (contents, props
changed)
vendor/illumos/dist/common/crypto/skein/skein_iv.c (contents, props changed)
vendor/illumos/dist/common/crypto/skein/skein_port.h (contents, props
changed)
Modified:
vendor/illumos/dist/lib/libzfs/common/libzfs_dataset.c
vendor/illumos/dist/man/man5/zpool-features.5
Modified: vendor-sys/illumos/dist/common/zfs/zfeature_common.c
==============================================================================
--- vendor-sys/illumos/dist/common/zfs/zfeature_common.c Wed Oct 14
10:38:05 2015 (r289309)
+++ vendor-sys/illumos/dist/common/zfs/zfeature_common.c Wed Oct 14
11:12:47 2015 (r289310)
@@ -231,4 +231,17 @@ zpool_feature_init(void)
"org.open-zfs:large_blocks", "large_blocks",
"Support for blocks larger than 128KB.",
ZFEATURE_FLAG_PER_DATASET, large_blocks_deps);
+
+ zfeature_register(SPA_FEATURE_SHA512,
+ "org.illumos:sha512", "sha512",
+ "SHA-512/256 hash algorithm.",
+ ZFEATURE_FLAG_PER_DATASET, NULL);
+ zfeature_register(SPA_FEATURE_SKEIN,
+ "org.illumos:skein", "skein",
+ "Skein hash algorithm.",
+ ZFEATURE_FLAG_PER_DATASET, NULL);
+ zfeature_register(SPA_FEATURE_EDONR,
+ "org.illumos:edonr", "edonr",
+ "Edon-R hash algorithm.",
+ ZFEATURE_FLAG_PER_DATASET, NULL);
}
Modified: vendor-sys/illumos/dist/common/zfs/zfeature_common.h
==============================================================================
--- vendor-sys/illumos/dist/common/zfs/zfeature_common.h Wed Oct 14
10:38:05 2015 (r289309)
+++ vendor-sys/illumos/dist/common/zfs/zfeature_common.h Wed Oct 14
11:12:47 2015 (r289310)
@@ -52,6 +52,9 @@ typedef enum spa_feature {
SPA_FEATURE_BOOKMARKS,
SPA_FEATURE_FS_SS_LIMIT,
SPA_FEATURE_LARGE_BLOCKS,
+ SPA_FEATURE_SHA512,
+ SPA_FEATURE_SKEIN,
+ SPA_FEATURE_EDONR,
SPA_FEATURES
} spa_feature_t;
Modified: vendor-sys/illumos/dist/common/zfs/zfs_fletcher.c
==============================================================================
--- vendor-sys/illumos/dist/common/zfs/zfs_fletcher.c Wed Oct 14 10:38:05
2015 (r289309)
+++ vendor-sys/illumos/dist/common/zfs/zfs_fletcher.c Wed Oct 14 11:12:47
2015 (r289310)
@@ -22,6 +22,9 @@
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
+/*
+ * Copyright 2013 Saso Kiselkov. All rights reserved.
+ */
/*
* Fletcher Checksums
@@ -131,8 +134,10 @@
#include <sys/zio.h>
#include <sys/spa.h>
+/*ARGSUSED*/
void
-fletcher_2_native(const void *buf, uint64_t size, zio_cksum_t *zcp)
+fletcher_2_native(const void *buf, uint64_t size,
+ const void *ctx_template, zio_cksum_t *zcp)
{
const uint64_t *ip = buf;
const uint64_t *ipend = ip + (size / sizeof (uint64_t));
@@ -148,8 +153,10 @@ fletcher_2_native(const void *buf, uint6
ZIO_SET_CHECKSUM(zcp, a0, a1, b0, b1);
}
+/*ARGSUSED*/
void
-fletcher_2_byteswap(const void *buf, uint64_t size, zio_cksum_t *zcp)
+fletcher_2_byteswap(const void *buf, uint64_t size,
+ const void *ctx_template, zio_cksum_t *zcp)
{
const uint64_t *ip = buf;
const uint64_t *ipend = ip + (size / sizeof (uint64_t));
@@ -165,8 +172,10 @@ fletcher_2_byteswap(const void *buf, uin
ZIO_SET_CHECKSUM(zcp, a0, a1, b0, b1);
}
+/*ARGSUSED*/
void
-fletcher_4_native(const void *buf, uint64_t size, zio_cksum_t *zcp)
+fletcher_4_native(const void *buf, uint64_t size,
+ const void *ctx_template, zio_cksum_t *zcp)
{
const uint32_t *ip = buf;
const uint32_t *ipend = ip + (size / sizeof (uint32_t));
@@ -182,8 +191,10 @@ fletcher_4_native(const void *buf, uint6
ZIO_SET_CHECKSUM(zcp, a, b, c, d);
}
+/*ARGSUSED*/
void
-fletcher_4_byteswap(const void *buf, uint64_t size, zio_cksum_t *zcp)
+fletcher_4_byteswap(const void *buf, uint64_t size,
+ const void *ctx_template, zio_cksum_t *zcp)
{
const uint32_t *ip = buf;
const uint32_t *ipend = ip + (size / sizeof (uint32_t));
Modified: vendor-sys/illumos/dist/common/zfs/zfs_fletcher.h
==============================================================================
--- vendor-sys/illumos/dist/common/zfs/zfs_fletcher.h Wed Oct 14 10:38:05
2015 (r289309)
+++ vendor-sys/illumos/dist/common/zfs/zfs_fletcher.h Wed Oct 14 11:12:47
2015 (r289310)
@@ -22,6 +22,9 @@
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
+/*
+ * Copyright 2013 Saso Kiselkov. All rights reserved.
+ */
#ifndef _ZFS_FLETCHER_H
#define _ZFS_FLETCHER_H
@@ -37,14 +40,12 @@ extern "C" {
* fletcher checksum functions
*/
-void fletcher_2_native(const void *, uint64_t, zio_cksum_t *);
-void fletcher_2_byteswap(const void *, uint64_t, zio_cksum_t *);
-void fletcher_4_native(const void *, uint64_t, zio_cksum_t *);
-void fletcher_4_byteswap(const void *, uint64_t, zio_cksum_t *);
-void fletcher_4_incremental_native(const void *, uint64_t,
- zio_cksum_t *);
-void fletcher_4_incremental_byteswap(const void *, uint64_t,
- zio_cksum_t *);
+void fletcher_2_native(const void *, uint64_t, const void *, zio_cksum_t *);
+void fletcher_2_byteswap(const void *, uint64_t, const void *, zio_cksum_t *);
+void fletcher_4_native(const void *, uint64_t, const void *, zio_cksum_t *);
+void fletcher_4_byteswap(const void *, uint64_t, const void *, zio_cksum_t *);
+void fletcher_4_incremental_native(const void *, uint64_t, zio_cksum_t *);
+void fletcher_4_incremental_byteswap(const void *, uint64_t, zio_cksum_t *);
#ifdef __cplusplus
}
Modified: vendor-sys/illumos/dist/common/zfs/zfs_prop.c
==============================================================================
--- vendor-sys/illumos/dist/common/zfs/zfs_prop.c Wed Oct 14 10:38:05
2015 (r289309)
+++ vendor-sys/illumos/dist/common/zfs/zfs_prop.c Wed Oct 14 11:12:47
2015 (r289310)
@@ -71,6 +71,9 @@ zfs_prop_init(void)
{ "fletcher4", ZIO_CHECKSUM_FLETCHER_4 },
{ "sha256", ZIO_CHECKSUM_SHA256 },
{ "noparity", ZIO_CHECKSUM_NOPARITY },
+ { "sha512", ZIO_CHECKSUM_SHA512 },
+ { "skein", ZIO_CHECKSUM_SKEIN },
+ { "edonr", ZIO_CHECKSUM_EDONR },
{ NULL }
};
@@ -81,6 +84,14 @@ zfs_prop_init(void)
{ "sha256", ZIO_CHECKSUM_SHA256 },
{ "sha256,verify",
ZIO_CHECKSUM_SHA256 | ZIO_CHECKSUM_VERIFY },
+ { "sha512", ZIO_CHECKSUM_SHA512 },
+ { "sha512,verify",
+ ZIO_CHECKSUM_SHA512 | ZIO_CHECKSUM_VERIFY },
+ { "skein", ZIO_CHECKSUM_SKEIN },
+ { "skein,verify",
+ ZIO_CHECKSUM_SKEIN | ZIO_CHECKSUM_VERIFY },
+ { "edonr,verify",
+ ZIO_CHECKSUM_EDONR | ZIO_CHECKSUM_VERIFY },
{ NULL }
};
@@ -217,12 +228,12 @@ zfs_prop_init(void)
zprop_register_index(ZFS_PROP_CHECKSUM, "checksum",
ZIO_CHECKSUM_DEFAULT, PROP_INHERIT, ZFS_TYPE_FILESYSTEM |
ZFS_TYPE_VOLUME,
- "on | off | fletcher2 | fletcher4 | sha256", "CHECKSUM",
- checksum_table);
+ "on | off | fletcher2 | fletcher4 | sha256 | sha512 | "
+ "skein | edonr", "CHECKSUM", checksum_table);
zprop_register_index(ZFS_PROP_DEDUP, "dedup", ZIO_CHECKSUM_OFF,
PROP_INHERIT, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME,
- "on | off | verify | sha256[,verify]", "DEDUP",
- dedup_table);
+ "on | off | verify | sha256[,verify], sha512[,verify], "
+ "skein[,verify], edonr,verify", "DEDUP", dedup_table);
zprop_register_index(ZFS_PROP_COMPRESSION, "compression",
ZIO_COMPRESS_DEFAULT, PROP_INHERIT,
ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME,
Modified: vendor-sys/illumos/dist/uts/common/Makefile.files
==============================================================================
--- vendor-sys/illumos/dist/uts/common/Makefile.files Wed Oct 14 10:38:05
2015 (r289309)
+++ vendor-sys/illumos/dist/uts/common/Makefile.files Wed Oct 14 11:12:47
2015 (r289310)
@@ -509,6 +509,10 @@ SHA1_OBJS += sha1.o sha1_mod.o
SHA2_OBJS += sha2.o sha2_mod.o
+SKEIN_OBJS += skein.o skein_block.o skein_iv.o skein_mod.o
+
+EDONR_OBJS += edonr.o edonr_mod.o
+
IPGPC_OBJS += classifierddi.o classifier.o filters.o trie.o table.o \
ba_table.o
@@ -1370,6 +1374,8 @@ ZFS_COMMON_OBJS += \
rrwlock.o \
sa.o \
sha256.o \
+ edonr_zfs.o \
+ skein_zfs.o \
spa.o \
spa_config.o \
spa_errlog.o \
Added: vendor-sys/illumos/dist/uts/common/crypto/io/edonr_mod.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor-sys/illumos/dist/uts/common/crypto/io/edonr_mod.c Wed Oct 14
11:12:47 2015 (r289310)
@@ -0,0 +1,63 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://opensource.org/licenses/CDDL-1.0.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+
+/*
+ * Copyright 2013 Saso Kiselkov. All rights reserved.
+ */
+
+#include <sys/modctl.h>
+#include <sys/crypto/common.h>
+#include <sys/crypto/spi.h>
+#include <sys/sysmacros.h>
+#include <sys/systm.h>
+#include <sys/edonr.h>
+
+/*
+ * Unlike sha2 or skein, we won't expose edonr via the Kernel Cryptographic
+ * Framework (KCF), because Edon-R is *NOT* suitable for general-purpose
+ * cryptographic use. Users of Edon-R must interface directly to this module.
+ */
+
+static struct modlmisc modlmisc = {
+ &mod_miscops,
+ "Edon-R Message-Digest Algorithm"
+};
+
+static struct modlinkage modlinkage = {
+ MODREV_1, &modlmisc, NULL
+};
+
+int
+_init(void)
+{
+ int error;
+
+ if ((error = mod_install(&modlinkage)) != 0)
+ return (error);
+
+ return (0);
+}
+
+int
+_info(struct modinfo *modinfop)
+{
+ return (mod_info(&modlinkage, modinfop));
+}
Added: vendor-sys/illumos/dist/uts/common/crypto/io/skein_mod.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor-sys/illumos/dist/uts/common/crypto/io/skein_mod.c Wed Oct 14
11:12:47 2015 (r289310)
@@ -0,0 +1,830 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://opensource.org/licenses/CDDL-1.0.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+
+/*
+ * Copyright 2013 Saso Kiselkov. All rights reserved.
+ */
+
+#include <sys/modctl.h>
+#include <sys/crypto/common.h>
+#include <sys/crypto/spi.h>
+#include <sys/strsun.h>
+#include <sys/sysmacros.h>
+#include <sys/systm.h>
+#define SKEIN_MODULE_IMPL
+#include <sys/skein.h>
+
+/*
+ * Like the sha2 module, we create the skein module with two modlinkages:
+ * - modlmisc to allow direct calls to Skein_* API functions.
+ * - modlcrypto to integrate well into the Kernel Crypto Framework (KCF).
+ */
+static struct modlmisc modlmisc = {
+ &mod_miscops,
+ "Skein Message-Digest Algorithm"
+};
+
+static struct modlcrypto modlcrypto = {
+ &mod_cryptoops,
+ "Skein Kernel SW Provider"
+};
+
+static struct modlinkage modlinkage = {
+ MODREV_1, &modlmisc, &modlcrypto, NULL
+};
+
+static crypto_mech_info_t skein_mech_info_tab[] = {
+ {CKM_SKEIN_256, SKEIN_256_MECH_INFO_TYPE,
+ CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
+ 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
+ {CKM_SKEIN_256_MAC, SKEIN_256_MAC_MECH_INFO_TYPE,
+ CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
+ CRYPTO_KEYSIZE_UNIT_IN_BYTES},
+ {CKM_SKEIN_512, SKEIN_512_MECH_INFO_TYPE,
+ CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
+ 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
+ {CKM_SKEIN_512_MAC, SKEIN_512_MAC_MECH_INFO_TYPE,
+ CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
+ CRYPTO_KEYSIZE_UNIT_IN_BYTES},
+ {CKM_SKEIN1024, SKEIN1024_MECH_INFO_TYPE,
+ CRYPTO_FG_DIGEST | CRYPTO_FG_DIGEST_ATOMIC,
+ 0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
+ {CKM_SKEIN1024_MAC, SKEIN1024_MAC_MECH_INFO_TYPE,
+ CRYPTO_FG_MAC | CRYPTO_FG_MAC_ATOMIC, 1, INT_MAX,
+ CRYPTO_KEYSIZE_UNIT_IN_BYTES}
+};
+
+static void skein_provider_status(crypto_provider_handle_t, uint_t *);
+
+static crypto_control_ops_t skein_control_ops = {
+ skein_provider_status
+};
+
+static int skein_digest_init(crypto_ctx_t *, crypto_mechanism_t *,
+ crypto_req_handle_t);
+static int skein_digest(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
+ crypto_req_handle_t);
+static int skein_update(crypto_ctx_t *, crypto_data_t *, crypto_req_handle_t);
+static int skein_final(crypto_ctx_t *, crypto_data_t *, crypto_req_handle_t);
+static int skein_digest_atomic(crypto_provider_handle_t, crypto_session_id_t,
+ crypto_mechanism_t *, crypto_data_t *, crypto_data_t *,
+ crypto_req_handle_t);
+
+static crypto_digest_ops_t skein_digest_ops = {
+ skein_digest_init,
+ skein_digest,
+ skein_update,
+ NULL,
+ skein_final,
+ skein_digest_atomic
+};
+
+static int skein_mac_init(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *,
+ crypto_spi_ctx_template_t, crypto_req_handle_t);
+static int skein_mac_atomic(crypto_provider_handle_t, crypto_session_id_t,
+ crypto_mechanism_t *, crypto_key_t *, crypto_data_t *, crypto_data_t *,
+ crypto_spi_ctx_template_t, crypto_req_handle_t);
+
+static crypto_mac_ops_t skein_mac_ops = {
+ skein_mac_init,
+ NULL,
+ skein_update, /* using regular digest update is OK here */
+ skein_final, /* using regular digest final is OK here */
+ skein_mac_atomic,
+ NULL
+};
+
+static int skein_create_ctx_template(crypto_provider_handle_t,
+ crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t *,
+ size_t *, crypto_req_handle_t);
+static int skein_free_context(crypto_ctx_t *);
+
+static crypto_ctx_ops_t skein_ctx_ops = {
+ skein_create_ctx_template,
+ skein_free_context
+};
+
+static crypto_ops_t skein_crypto_ops = {
+ &skein_control_ops,
+ &skein_digest_ops,
+ NULL,
+ &skein_mac_ops,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+ &skein_ctx_ops,
+ NULL,
+ NULL,
+ NULL
+};
+
+static crypto_provider_info_t skein_prov_info = {
+ CRYPTO_SPI_VERSION_4,
+ "Skein Software Provider",
+ CRYPTO_SW_PROVIDER,
+ {&modlinkage},
+ NULL,
+ &skein_crypto_ops,
+ sizeof (skein_mech_info_tab) / sizeof (crypto_mech_info_t),
+ skein_mech_info_tab
+};
+
+static crypto_kcf_provider_handle_t skein_prov_handle = NULL;
+
+typedef struct skein_ctx {
+ skein_mech_type_t sc_mech_type;
+ size_t sc_digest_bitlen;
+ /*LINTED(E_ANONYMOUS_UNION_DECL)*/
+ union {
+ Skein_256_Ctxt_t sc_256;
+ Skein_512_Ctxt_t sc_512;
+ Skein1024_Ctxt_t sc_1024;
+ };
+} skein_ctx_t;
+#define SKEIN_CTX(_ctx_) ((skein_ctx_t
*)((_ctx_)->cc_provider_private))
+#define SKEIN_CTX_LVALUE(_ctx_) (_ctx_)->cc_provider_private
+#define SKEIN_OP(_skein_ctx, _op, ...)
\
+ do { \
+ skein_ctx_t *sc = (_skein_ctx); \
+ switch (sc->sc_mech_type) { \
+ case SKEIN_256_MECH_INFO_TYPE: \
+ case SKEIN_256_MAC_MECH_INFO_TYPE: \
+ (void) Skein_256_ ## _op(&sc->sc_256, __VA_ARGS__);\
+ break; \
+ case SKEIN_512_MECH_INFO_TYPE: \
+ case SKEIN_512_MAC_MECH_INFO_TYPE: \
+ (void) Skein_512_ ## _op(&sc->sc_512, __VA_ARGS__);\
+ break; \
+ case SKEIN1024_MECH_INFO_TYPE: \
+ case SKEIN1024_MAC_MECH_INFO_TYPE: \
+ (void) Skein1024_ ## _op(&sc->sc_1024, __VA_ARGS__);\
+ break; \
+ } \
+ _NOTE(CONSTCOND) \
+ } while (0)
+
+static int
+skein_get_digest_bitlen(const crypto_mechanism_t *mechanism, size_t *result)
+{
+ if (mechanism->cm_param != NULL) {
+ /*LINTED(E_BAD_PTR_CAST_ALIGN)*/
+ skein_param_t *param = (skein_param_t *)mechanism->cm_param;
+
+ if (mechanism->cm_param_len != sizeof (*param) ||
+ param->sp_digest_bitlen == 0) {
+ return (CRYPTO_MECHANISM_PARAM_INVALID);
+ }
+ *result = param->sp_digest_bitlen;
+ } else {
+ switch (mechanism->cm_type) {
+ case SKEIN_256_MECH_INFO_TYPE:
+ *result = 256;
+ break;
+ case SKEIN_512_MECH_INFO_TYPE:
+ *result = 512;
+ break;
+ case SKEIN1024_MECH_INFO_TYPE:
+ *result = 1024;
+ break;
+ default:
+ return (CRYPTO_MECHANISM_INVALID);
+ }
+ }
+ return (CRYPTO_SUCCESS);
+}
+
+int
+_init(void)
+{
+ int error;
+
+ if ((error = mod_install(&modlinkage)) != 0)
+ return (error);
+
+ /*
+ * Try to register with KCF - failure shouldn't unload us, since we
+ * still may want to continue providing misc/skein functionality.
+ */
+ (void) crypto_register_provider(&skein_prov_info, &skein_prov_handle);
+
+ return (0);
+}
+
+int
+_info(struct modinfo *modinfop)
+{
+ return (mod_info(&modlinkage, modinfop));
+}
+
+/*
+ * KCF software provider control entry points.
+ */
+/* ARGSUSED */
+static void
+skein_provider_status(crypto_provider_handle_t provider, uint_t *status)
+{
+ *status = CRYPTO_PROVIDER_READY;
+}
+
+/*
+ * General Skein hashing helper functions.
+ */
+
+/*
+ * Performs an Update on a context with uio input data.
+ */
+static int
+skein_digest_update_uio(skein_ctx_t *ctx, const crypto_data_t *data)
+{
+ off_t offset = data->cd_offset;
+ size_t length = data->cd_length;
+ uint_t vec_idx;
+ size_t cur_len;
+ const uio_t *uio = data->cd_uio;
+
+ /* we support only kernel buffer */
+ if (uio->uio_segflg != UIO_SYSSPACE)
+ return (CRYPTO_ARGUMENTS_BAD);
+
+ /*
+ * Jump to the first iovec containing data to be
+ * digested.
+ */
+ for (vec_idx = 0; vec_idx < uio->uio_iovcnt &&
+ offset >= uio->uio_iov[vec_idx].iov_len;
+ offset -= uio->uio_iov[vec_idx++].iov_len)
+ ;
+ if (vec_idx == uio->uio_iovcnt) {
+ /*
+ * The caller specified an offset that is larger than the
+ * total size of the buffers it provided.
+ */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+
+ /*
+ * Now do the digesting on the iovecs.
+ */
+ while (vec_idx < uio->uio_iovcnt && length > 0) {
+ cur_len = MIN(uio->uio_iov[vec_idx].iov_len - offset, length);
+ SKEIN_OP(ctx, Update, (uint8_t *)uio->uio_iov[vec_idx].iov_base
+ + offset, cur_len);
+ length -= cur_len;
+ vec_idx++;
+ offset = 0;
+ }
+
+ if (vec_idx == uio->uio_iovcnt && length > 0) {
+ /*
+ * The end of the specified iovec's was reached but
+ * the length requested could not be processed, i.e.
+ * The caller requested to digest more data than it provided.
+ */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+
+ return (CRYPTO_SUCCESS);
+}
+
+/*
+ * Performs a Final on a context and writes to a uio digest output.
+ */
+static int
+skein_digest_final_uio(skein_ctx_t *ctx, crypto_data_t *digest,
+ crypto_req_handle_t req)
+{
+ off_t offset = digest->cd_offset;
+ uint_t vec_idx;
+ uio_t *uio = digest->cd_uio;
+
+ /* we support only kernel buffer */
+ if (uio->uio_segflg != UIO_SYSSPACE)
+ return (CRYPTO_ARGUMENTS_BAD);
+
+ /*
+ * Jump to the first iovec containing ptr to the digest to be returned.
+ */
+ for (vec_idx = 0; offset >= uio->uio_iov[vec_idx].iov_len &&
+ vec_idx < uio->uio_iovcnt;
+ offset -= uio->uio_iov[vec_idx++].iov_len)
+ ;
+ if (vec_idx == uio->uio_iovcnt) {
+ /*
+ * The caller specified an offset that is larger than the
+ * total size of the buffers it provided.
+ */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+ if (offset + CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen) <=
+ uio->uio_iov[vec_idx].iov_len) {
+ /* The computed digest will fit in the current iovec. */
+ SKEIN_OP(ctx, Final,
+ (uchar_t *)uio->uio_iov[vec_idx].iov_base + offset);
+ } else {
+ uint8_t *digest_tmp;
+ off_t scratch_offset = 0;
+ size_t length = CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen);
+ size_t cur_len;
+
+ digest_tmp = kmem_alloc(CRYPTO_BITS2BYTES(
+ ctx->sc_digest_bitlen), crypto_kmflag(req));
+ if (digest_tmp == NULL)
+ return (CRYPTO_HOST_MEMORY);
+ SKEIN_OP(ctx, Final, digest_tmp);
+ while (vec_idx < uio->uio_iovcnt && length > 0) {
+ cur_len = MIN(uio->uio_iov[vec_idx].iov_len - offset,
+ length);
+ bcopy(digest_tmp + scratch_offset,
+ uio->uio_iov[vec_idx].iov_base + offset, cur_len);
+
+ length -= cur_len;
+ vec_idx++;
+ scratch_offset += cur_len;
+ offset = 0;
+ }
+ kmem_free(digest_tmp, CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen));
+
+ if (vec_idx == uio->uio_iovcnt && length > 0) {
+ /*
+ * The end of the specified iovec's was reached but
+ * the length requested could not be processed, i.e.
+ * The caller requested to digest more data than it
+ * provided.
+ */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+ }
+
+ return (CRYPTO_SUCCESS);
+}
+
+/*
+ * Performs an Update on a context with mblk input data.
+ */
+static int
+skein_digest_update_mblk(skein_ctx_t *ctx, crypto_data_t *data)
+{
+ off_t offset = data->cd_offset;
+ size_t length = data->cd_length;
+ mblk_t *mp;
+ size_t cur_len;
+
+ /* Jump to the first mblk_t containing data to be digested. */
+ for (mp = data->cd_mp; mp != NULL && offset >= MBLKL(mp);
+ offset -= MBLKL(mp), mp = mp->b_cont)
+ ;
+ if (mp == NULL) {
+ /*
+ * The caller specified an offset that is larger than the
+ * total size of the buffers it provided.
+ */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+
+ /* Now do the digesting on the mblk chain. */
+ while (mp != NULL && length > 0) {
+ cur_len = MIN(MBLKL(mp) - offset, length);
+ SKEIN_OP(ctx, Update, mp->b_rptr + offset, cur_len);
+ length -= cur_len;
+ offset = 0;
+ mp = mp->b_cont;
+ }
+
+ if (mp == NULL && length > 0) {
+ /*
+ * The end of the mblk was reached but the length requested
+ * could not be processed, i.e. The caller requested
+ * to digest more data than it provided.
+ */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+
+ return (CRYPTO_SUCCESS);
+}
+
+/*
+ * Performs a Final on a context and writes to an mblk digest output.
+ */
+static int
+skein_digest_final_mblk(skein_ctx_t *ctx, crypto_data_t *digest,
+ crypto_req_handle_t req)
+{
+ off_t offset = digest->cd_offset;
+ mblk_t *mp;
+
+ /* Jump to the first mblk_t that will be used to store the digest. */
+ for (mp = digest->cd_mp; mp != NULL && offset >= MBLKL(mp);
+ offset -= MBLKL(mp), mp = mp->b_cont)
+ ;
+ if (mp == NULL) {
+ /* caller specified offset is too large */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+
+ if (offset + CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen) <= MBLKL(mp)) {
+ /* The digest will fit in the current mblk. */
+ SKEIN_OP(ctx, Final, mp->b_rptr + offset);
+ } else {
+ /* Split the digest up between the individual buffers. */
+ uint8_t *digest_tmp;
+ off_t scratch_offset = 0;
+ size_t length = CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen);
+ size_t cur_len;
+
+ digest_tmp = kmem_alloc(CRYPTO_BITS2BYTES(
+ ctx->sc_digest_bitlen), crypto_kmflag(req));
+ if (digest_tmp == NULL)
+ return (CRYPTO_HOST_MEMORY);
+ SKEIN_OP(ctx, Final, digest_tmp);
+ while (mp != NULL && length > 0) {
+ cur_len = MIN(MBLKL(mp) - offset, length);
+ bcopy(digest_tmp + scratch_offset,
+ mp->b_rptr + offset, cur_len);
+ length -= cur_len;
+ mp = mp->b_cont;
+ scratch_offset += cur_len;
+ offset = 0;
+ }
+ kmem_free(digest_tmp, CRYPTO_BITS2BYTES(ctx->sc_digest_bitlen));
+ if (mp == NULL && length > 0) {
+ /* digest too long to fit in the mblk buffers */
+ return (CRYPTO_DATA_LEN_RANGE);
+ }
+ }
+
+ return (CRYPTO_SUCCESS);
+}
+
+/*
+ * KCF software provider digest entry points.
+ */
+
+/*
+ * Initializes a skein digest context to the configuration in `mechanism'.
+ * The mechanism cm_type must be one of SKEIN_*_MECH_INFO_TYPE. The cm_param
+ * field may contain a skein_param_t structure indicating the length of the
+ * digest the algorithm should produce. Otherwise the default output lengths
+ * are applied (32 bytes for Skein-256, 64 bytes for Skein-512 and 128 bytes
+ * for Skein-1024).
+ */
+static int
+skein_digest_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
+ crypto_req_handle_t req)
+{
+ int error = CRYPTO_SUCCESS;
+
+ if (!VALID_SKEIN_DIGEST_MECH(mechanism->cm_type))
+ return (CRYPTO_MECHANISM_INVALID);
+
+ SKEIN_CTX_LVALUE(ctx) = kmem_alloc(sizeof (*SKEIN_CTX(ctx)),
+ crypto_kmflag(req));
+ if (SKEIN_CTX(ctx) == NULL)
+ return (CRYPTO_HOST_MEMORY);
+
+ SKEIN_CTX(ctx)->sc_mech_type = mechanism->cm_type;
+ error = skein_get_digest_bitlen(mechanism,
+ &SKEIN_CTX(ctx)->sc_digest_bitlen);
+ if (error != CRYPTO_SUCCESS)
+ goto errout;
+ SKEIN_OP(SKEIN_CTX(ctx), Init, SKEIN_CTX(ctx)->sc_digest_bitlen);
+
+ return (CRYPTO_SUCCESS);
+errout:
+ bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ SKEIN_CTX_LVALUE(ctx) = NULL;
+ return (error);
+}
+
+/*
+ * Executes a skein_update and skein_digest on a pre-initialized crypto
+ * context in a single step. See the documentation to these functions to
+ * see what to pass here.
+ */
+static int
+skein_digest(crypto_ctx_t *ctx, crypto_data_t *data, crypto_data_t *digest,
+ crypto_req_handle_t req)
+{
+ int error = CRYPTO_SUCCESS;
+
+ ASSERT(SKEIN_CTX(ctx) != NULL);
+
+ if (digest->cd_length <
+ CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen)) {
+ digest->cd_length =
+ CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
+ return (CRYPTO_BUFFER_TOO_SMALL);
+ }
+
+ error = skein_update(ctx, data, req);
+ if (error != CRYPTO_SUCCESS) {
+ bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ SKEIN_CTX_LVALUE(ctx) = NULL;
+ digest->cd_length = 0;
+ return (error);
+ }
+ error = skein_final(ctx, digest, req);
+
+ return (error);
+}
+
+/*
+ * Performs a skein Update with the input message in `data' (successive calls
+ * can push more data). This is used both for digest and MAC operation.
+ * Supported input data formats are raw, uio and mblk.
+ */
+/*ARGSUSED*/
+static int
+skein_update(crypto_ctx_t *ctx, crypto_data_t *data, crypto_req_handle_t req)
+{
+ int error = CRYPTO_SUCCESS;
+
+ ASSERT(SKEIN_CTX(ctx) != NULL);
+
+ switch (data->cd_format) {
+ case CRYPTO_DATA_RAW:
+ SKEIN_OP(SKEIN_CTX(ctx), Update,
+ (uint8_t *)data->cd_raw.iov_base + data->cd_offset,
+ data->cd_length);
+ break;
+ case CRYPTO_DATA_UIO:
+ error = skein_digest_update_uio(SKEIN_CTX(ctx), data);
+ break;
+ case CRYPTO_DATA_MBLK:
+ error = skein_digest_update_mblk(SKEIN_CTX(ctx), data);
+ break;
+ default:
+ error = CRYPTO_ARGUMENTS_BAD;
+ }
+
+ return (error);
+}
+
+/*
+ * Performs a skein Final, writing the output to `digest'. This is used both
+ * for digest and MAC operation.
+ * Supported output digest formats are raw, uio and mblk.
+ */
+/*ARGSUSED*/
+static int
+skein_final(crypto_ctx_t *ctx, crypto_data_t *digest, crypto_req_handle_t req)
+{
+ int error = CRYPTO_SUCCESS;
+
+ ASSERT(SKEIN_CTX(ctx) != NULL);
+
+ if (digest->cd_length <
+ CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen)) {
+ digest->cd_length =
+ CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
+ return (CRYPTO_BUFFER_TOO_SMALL);
+ }
+
+ switch (digest->cd_format) {
+ case CRYPTO_DATA_RAW:
+ SKEIN_OP(SKEIN_CTX(ctx), Final,
+ (uint8_t *)digest->cd_raw.iov_base + digest->cd_offset);
+ break;
+ case CRYPTO_DATA_UIO:
+ error = skein_digest_final_uio(SKEIN_CTX(ctx), digest, req);
+ break;
+ case CRYPTO_DATA_MBLK:
+ error = skein_digest_final_mblk(SKEIN_CTX(ctx), digest, req);
+ break;
+ default:
+ error = CRYPTO_ARGUMENTS_BAD;
+ }
+
+ if (error == CRYPTO_SUCCESS)
+ digest->cd_length =
+ CRYPTO_BITS2BYTES(SKEIN_CTX(ctx)->sc_digest_bitlen);
+ else
+ digest->cd_length = 0;
+
+ bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ kmem_free(SKEIN_CTX(ctx), sizeof (*(SKEIN_CTX(ctx))));
+ SKEIN_CTX_LVALUE(ctx) = NULL;
+
+ return (error);
+}
+
+/*
+ * Performs a full skein digest computation in a single call, configuring the
+ * algorithm according to `mechanism', reading the input to be digested from
+ * `data' and writing the output to `digest'.
+ * Supported input/output formats are raw, uio and mblk.
+ */
+/*ARGSUSED*/
+static int
+skein_digest_atomic(crypto_provider_handle_t provider,
+ crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
+ crypto_data_t *data, crypto_data_t *digest, crypto_req_handle_t req)
+{
+ int error;
+ skein_ctx_t skein_ctx;
+ crypto_ctx_t ctx;
+ SKEIN_CTX_LVALUE(&ctx) = &skein_ctx;
+
+ /* Init */
+ if (!VALID_SKEIN_DIGEST_MECH(mechanism->cm_type))
+ return (CRYPTO_MECHANISM_INVALID);
+ skein_ctx.sc_mech_type = mechanism->cm_type;
+ error = skein_get_digest_bitlen(mechanism, &skein_ctx.sc_digest_bitlen);
+ if (error != CRYPTO_SUCCESS)
+ goto out;
+ SKEIN_OP(&skein_ctx, Init, skein_ctx.sc_digest_bitlen);
+
+ if ((error = skein_update(&ctx, data, digest)) != CRYPTO_SUCCESS)
+ goto out;
+ if ((error = skein_final(&ctx, data, digest)) != CRYPTO_SUCCESS)
+ goto out;
+
+out:
+ if (error == CRYPTO_SUCCESS)
+ digest->cd_length =
+ CRYPTO_BITS2BYTES(skein_ctx.sc_digest_bitlen);
+ else
+ digest->cd_length = 0;
+ bzero(&skein_ctx, sizeof (skein_ctx));
+
+ return (error);
+}
+
+/*
+ * Helper function that builds a Skein MAC context from the provided
+ * mechanism and key.
+ */
+static int
+skein_mac_ctx_build(skein_ctx_t *ctx, crypto_mechanism_t *mechanism,
+ crypto_key_t *key)
+{
+ int error;
+
+ if (!VALID_SKEIN_MAC_MECH(mechanism->cm_type))
+ return (CRYPTO_MECHANISM_INVALID);
+ if (key->ck_format != CRYPTO_KEY_RAW)
+ return (CRYPTO_ARGUMENTS_BAD);
+ ctx->sc_mech_type = mechanism->cm_type;
+ error = skein_get_digest_bitlen(mechanism, &ctx->sc_digest_bitlen);
+ if (error != CRYPTO_SUCCESS)
+ return (error);
+ SKEIN_OP(ctx, InitExt, ctx->sc_digest_bitlen, 0, key->ck_data,
+ CRYPTO_BITS2BYTES(key->ck_length));
+
+ return (CRYPTO_SUCCESS);
+}
+
+/*
+ * KCF software provide mac entry points.
+ */
+/*
+ * Initializes a skein MAC context. You may pass a ctx_template, in which
+ * case the template will be reused to make initialization more efficient.
+ * Otherwise a new context will be constructed. The mechanism cm_type must
+ * be one of SKEIN_*_MAC_MECH_INFO_TYPE. Same as in skein_digest_init, you
+ * may pass a skein_param_t in cm_param to configure the length of the
+ * digest. The key must be in raw format.
+ */
+static int
+skein_mac_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
+ crypto_key_t *key, crypto_spi_ctx_template_t ctx_template,
+ crypto_req_handle_t req)
+{
+ int error;
+
+ SKEIN_CTX_LVALUE(ctx) = kmem_alloc(sizeof (*SKEIN_CTX(ctx)),
+ crypto_kmflag(req));
+ if (SKEIN_CTX(ctx) == NULL)
+ return (CRYPTO_HOST_MEMORY);
+
+ if (ctx_template != NULL) {
+ bcopy(ctx_template, SKEIN_CTX(ctx),
+ sizeof (*SKEIN_CTX(ctx)));
+ } else {
+ error = skein_mac_ctx_build(SKEIN_CTX(ctx), mechanism, key);
+ if (error != CRYPTO_SUCCESS)
+ goto errout;
+ }
+
+ return (CRYPTO_SUCCESS);
+errout:
+ bzero(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ kmem_free(SKEIN_CTX(ctx), sizeof (*SKEIN_CTX(ctx)));
+ return (error);
+}
+
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
