From owner-svn-src-user@FreeBSD.ORG  Thu Apr 11 15:55:54 2013
Return-Path: <owner-svn-src-user@FreeBSD.ORG>
Delivered-To: svn-src-user@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 990D2FD;
 Thu, 11 Apr 2013 15:55:54 +0000 (UTC)
 (envelope-from andre@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id 7BEB132B;
 Thu, 11 Apr 2013 15:55:54 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r3BFtrvg019615;
 Thu, 11 Apr 2013 15:55:53 GMT (envelope-from andre@svn.freebsd.org)
Received: (from andre@localhost)
 by svn.freebsd.org (8.14.6/8.14.5/Submit) id r3BFtq0g019604;
 Thu, 11 Apr 2013 15:55:52 GMT (envelope-from andre@svn.freebsd.org)
Message-Id: <201304111555.r3BFtq0g019604@svn.freebsd.org>
From: Andre Oppermann <andre@FreeBSD.org>
Date: Thu, 11 Apr 2013 15:55:52 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-user@freebsd.org
Subject: svn commit: r249365 - in user/andre/tcp-ao/sys: conf crypto
 crypto/cmac crypto/hmac crypto/rijndael
X-SVN-Group: user
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-user@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the experimental &quot; user&quot;
 src tree" <svn-src-user.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-user>,
 <mailto:svn-src-user-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-user>
List-Post: <mailto:svn-src-user@freebsd.org>
List-Help: <mailto:svn-src-user-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-user>,
 <mailto:svn-src-user-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2013 15:55:54 -0000

Author: andre
Date: Thu Apr 11 15:55:52 2013
New Revision: 249365
URL: http://svnweb.freebsd.org/changeset/base/249365

Log:
  Adjust the HMAC and CMAC functions to the FreeBSD environment
  and include them into the kernel build in preparation for use
  in the TCP-AO code.
  
  Note that we do not have explicit_bzero() so the compiler may
  optimize away the bzero() to wipe out key storage on the stack
  before returning.
  
  Sponsored by:	Juniper Networks

Modified:
  user/andre/tcp-ao/sys/conf/files
  user/andre/tcp-ao/sys/crypto/cmac/cmac.c
  user/andre/tcp-ao/sys/crypto/cmac/cmac.h
  user/andre/tcp-ao/sys/crypto/hmac/hmac.c
  user/andre/tcp-ao/sys/crypto/hmac/hmac.h
  user/andre/tcp-ao/sys/crypto/rijndael/rijndael-api.c
  user/andre/tcp-ao/sys/crypto/rijndael/rijndael.h
  user/andre/tcp-ao/sys/crypto/sha1.h

Modified: user/andre/tcp-ao/sys/conf/files
==============================================================================
--- user/andre/tcp-ao/sys/conf/files	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/conf/files	Thu Apr 11 15:55:52 2013	(r249365)
@@ -541,8 +541,8 @@ crypto/sha1.c			optional carp | crypto |
 					 netgraph_mppc_encryption | sctp
 crypto/sha2/sha2.c		optional crypto | geom_bde | ipsec | random | \
 					 sctp | zfs
-crypto/cmac/cmac.c		optional crypto | netinet | netinet6
-crypto/hmac/hmac.c		optional crypto | netinet | netinet6
+crypto/cmac/cmac.c		optional inet | inet6
+crypto/hmac/hmac.c		optional inet | inet6
 ddb/db_access.c			optional ddb
 ddb/db_break.c			optional ddb
 ddb/db_capture.c		optional ddb
@@ -3116,6 +3116,7 @@ netinet/tcp_timer.c		optional inet | ine
 netinet/tcp_timewait.c		optional inet | inet6
 netinet/tcp_usrreq.c		optional inet | inet6
 netinet/udp_usrreq.c		optional inet | inet6
+netinet/tcp_ao.c		optional inet | inet6
 netinet/libalias/alias.c	optional libalias inet | netgraph_nat inet
 netinet/libalias/alias_db.c	optional libalias inet | netgraph_nat inet
 netinet/libalias/alias_mod.c	optional libalias | netgraph_nat

Modified: user/andre/tcp-ao/sys/crypto/cmac/cmac.c
==============================================================================
--- user/andre/tcp-ao/sys/crypto/cmac/cmac.c	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/cmac/cmac.c	Thu Apr 11 15:55:52 2013	(r249365)
@@ -24,8 +24,10 @@
 #include <sys/param.h>
 #include <sys/systm.h>
 
-#include <crypto/rijndael.h>
-#include <crypto/cmac.h>
+#include <crypto/rijndael/rijndael.h>
+#include <crypto/cmac/cmac.h>
+
+#define explicit_bzero(a, b)	bzero(a, b)
 
 #define LSHIFT(v, r) do {					\
 	int i;							\

Modified: user/andre/tcp-ao/sys/crypto/cmac/cmac.h
==============================================================================
--- user/andre/tcp-ao/sys/crypto/cmac/cmac.h	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/cmac/cmac.h	Thu Apr 11 15:55:52 2013	(r249365)
@@ -19,6 +19,10 @@
 #ifndef _CMAC_H_
 #define _CMAC_H_
 
+#ifndef _RIJNDAEL_H_
+#include <crypto/rijndael/rijndael.h>
+#endif
+
 #define AES_CMAC_KEY_LENGTH	16
 #define AES_CMAC_DIGEST_LENGTH	16
 

Modified: user/andre/tcp-ao/sys/crypto/hmac/hmac.c
==============================================================================
--- user/andre/tcp-ao/sys/crypto/hmac/hmac.c	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/hmac/hmac.c	Thu Apr 11 15:55:52 2013	(r249365)
@@ -24,10 +24,12 @@
 #include <sys/param.h>
 #include <sys/systm.h>
 
-#include <crypto/md5.h>
+#include <sys/md5.h>
 #include <crypto/sha1.h>
-#include <crypto/sha2.h>
-#include <crypto/hmac.h>
+#include <crypto/sha2/sha2.h>
+#include <crypto/hmac/hmac.h>
+
+#define explicit_bzero(a, b)	bzero(a, b)
 
 void
 HMAC_MD5_Init(HMAC_MD5_CTX *ctx, const u_int8_t *key, u_int key_len)
@@ -144,9 +146,9 @@ HMAC_SHA256_Init(HMAC_SHA256_CTX *ctx, c
 	int i;
 
 	if (key_len > SHA256_BLOCK_LENGTH) {
-		SHA256Init(&ctx->ctx);
-		SHA256Update(&ctx->ctx, key, key_len);
-		SHA256Final(ctx->key, &ctx->ctx);
+		SHA256_Init(&ctx->ctx);
+		SHA256_Update(&ctx->ctx, key, key_len);
+		SHA256_Final(ctx->key, &ctx->ctx);
 		ctx->key_len = SHA256_DIGEST_LENGTH;
 	} else {
 		bcopy(key, ctx->key, key_len);
@@ -158,8 +160,8 @@ HMAC_SHA256_Init(HMAC_SHA256_CTX *ctx, c
 	for (i = 0; i < SHA256_BLOCK_LENGTH; i++)
 		k_ipad[i] ^= 0x36;
 
-	SHA256Init(&ctx->ctx);
-	SHA256Update(&ctx->ctx, k_ipad, SHA256_BLOCK_LENGTH);
+	SHA256_Init(&ctx->ctx);
+	SHA256_Update(&ctx->ctx, k_ipad, SHA256_BLOCK_LENGTH);
 
 	explicit_bzero(k_ipad, sizeof k_ipad);
 }
@@ -167,7 +169,7 @@ HMAC_SHA256_Init(HMAC_SHA256_CTX *ctx, c
 void
 HMAC_SHA256_Update(HMAC_SHA256_CTX *ctx, const u_int8_t *data, u_int len)
 {
-	SHA256Update(&ctx->ctx, data, len);
+	SHA256_Update(&ctx->ctx, data, len);
 }
 
 void
@@ -176,17 +178,17 @@ HMAC_SHA256_Final(u_int8_t digest[SHA256
 	u_int8_t k_opad[SHA256_BLOCK_LENGTH];
 	int i;
 
-	SHA256Final(digest, &ctx->ctx);
+	SHA256_Final(digest, &ctx->ctx);
 
 	bzero(k_opad, SHA256_BLOCK_LENGTH);
 	bcopy(ctx->key, k_opad, ctx->key_len);
 	for (i = 0; i < SHA256_BLOCK_LENGTH; i++)
 		k_opad[i] ^= 0x5c;
 
-	SHA256Init(&ctx->ctx);
-	SHA256Update(&ctx->ctx, k_opad, SHA256_BLOCK_LENGTH);
-	SHA256Update(&ctx->ctx, digest, SHA256_DIGEST_LENGTH);
-	SHA256Final(digest, &ctx->ctx);
+	SHA256_Init(&ctx->ctx);
+	SHA256_Update(&ctx->ctx, k_opad, SHA256_BLOCK_LENGTH);
+	SHA256_Update(&ctx->ctx, digest, SHA256_DIGEST_LENGTH);
+	SHA256_Final(digest, &ctx->ctx);
 
 	explicit_bzero(k_opad, sizeof k_opad);
 }

Modified: user/andre/tcp-ao/sys/crypto/hmac/hmac.h
==============================================================================
--- user/andre/tcp-ao/sys/crypto/hmac/hmac.h	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/hmac/hmac.h	Thu Apr 11 15:55:52 2013	(r249365)
@@ -19,6 +19,10 @@
 #ifndef _HMAC_H_
 #define _HMAC_H_
 
+#include <sys/md5.h>
+#include <crypto/sha1.h>
+#include <crypto/sha2/sha2.h>
+
 typedef struct _HMAC_MD5_CTX {
 	MD5_CTX		ctx;
 	u_int8_t	key[MD5_BLOCK_LENGTH];
@@ -32,7 +36,7 @@ typedef struct _HMAC_SHA1_CTX {
 } HMAC_SHA1_CTX;
 
 typedef struct _HMAC_SHA256_CTX {
-	SHA2_CTX	ctx;
+	SHA256_CTX	ctx;
 	u_int8_t	key[SHA256_BLOCK_LENGTH];
 	u_int		key_len;
 } HMAC_SHA256_CTX;

Modified: user/andre/tcp-ao/sys/crypto/rijndael/rijndael-api.c
==============================================================================
--- user/andre/tcp-ao/sys/crypto/rijndael/rijndael-api.c	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/rijndael/rijndael-api.c	Thu Apr 11 15:55:52 2013	(r249365)
@@ -45,6 +45,13 @@ rijndael_set_key(rijndael_ctx *ctx, cons
 }
 
 void
+rijndael_set_key_enc_only(rijndael_ctx *ctx, const u_char *key, int bits)
+{
+
+	ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits);
+}
+
+void
 rijndael_decrypt(const rijndael_ctx *ctx, const u_char *src, u_char *dst)
 {
 

Modified: user/andre/tcp-ao/sys/crypto/rijndael/rijndael.h
==============================================================================
--- user/andre/tcp-ao/sys/crypto/rijndael/rijndael.h	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/rijndael/rijndael.h	Thu Apr 11 15:55:52 2013	(r249365)
@@ -42,6 +42,7 @@ typedef struct {
 } rijndael_ctx;
 
 void	rijndael_set_key(rijndael_ctx *, const u_char *, int);
+void	rijndael_set_key_enc_only(rijndael_ctx *, const u_char *, int);
 void	rijndael_decrypt(const rijndael_ctx *, const u_char *, u_char *);
 void	rijndael_encrypt(const rijndael_ctx *, const u_char *, u_char *);
 

Modified: user/andre/tcp-ao/sys/crypto/sha1.h
==============================================================================
--- user/andre/tcp-ao/sys/crypto/sha1.h	Thu Apr 11 14:45:43 2013	(r249364)
+++ user/andre/tcp-ao/sys/crypto/sha1.h	Thu Apr 11 15:55:52 2013	(r249365)
@@ -68,5 +68,7 @@ typedef struct sha1_ctxt SHA1_CTX;
 #endif /* _KERNEL */
 
 #define	SHA1_RESULTLEN	(160/8)
+#define	SHA1_BLOCK_LENGTH	64
+#define	SHA1_DIGEST_LENGTH	SHA1_RESULTLEN
 
 #endif /*_NETINET6_SHA1_H_*/