Date: Thu, 29 Mar 2018 04:02:50 +0000 (UTC) From: Conrad Meyer <cem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r331724 - in head/sys: conf crypto/chacha20 modules/crypto opencrypto Message-ID: <201803290402.w2T42ofL013679@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cem Date: Thu Mar 29 04:02:50 2018 New Revision: 331724 URL: https://svnweb.freebsd.org/changeset/base/331724 Log: opencrypto: Integrate Chacha20 algorithm into OCF Mostly this is a thin shim around existing code to integrate with enc_xform and cryptosoft (+ cryptodev). Expand the cryptodev buffer used to match that of Chacha20's native block size as a performance enhancement for chacha20_xform_crypt_multi. Added: head/sys/crypto/chacha20/chacha-sw.c (contents, props changed) Modified: head/sys/conf/files head/sys/modules/crypto/Makefile head/sys/opencrypto/cryptodev.c head/sys/opencrypto/cryptodev.h head/sys/opencrypto/cryptosoft.c head/sys/opencrypto/xform_enc.h Modified: head/sys/conf/files ============================================================================== --- head/sys/conf/files Thu Mar 29 02:54:50 2018 (r331723) +++ head/sys/conf/files Thu Mar 29 04:02:50 2018 (r331724) @@ -662,6 +662,8 @@ crypto/blowfish/bf_ecb.c optional ipsec | ipsec_suppor crypto/blowfish/bf_skey.c optional crypto | ipsec | ipsec_support crypto/camellia/camellia.c optional crypto | ipsec | ipsec_support crypto/camellia/camellia-api.c optional crypto | ipsec | ipsec_support +crypto/chacha20/chacha.c optional crypto | ipsec | ipsec_support +crypto/chacha20/chacha-sw.c optional crypto | ipsec | ipsec_support crypto/des/des_ecb.c optional crypto | ipsec | ipsec_support | netsmb crypto/des/des_setkey.c optional crypto | ipsec | ipsec_support | netsmb crypto/rc4/rc4.c optional netgraph_mppc_encryption | kgssapi Added: head/sys/crypto/chacha20/chacha-sw.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/chacha20/chacha-sw.c Thu Mar 29 04:02:50 2018 (r331724) @@ -0,0 +1,78 @@ +/* This file is in the public domain. */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <crypto/chacha20/chacha.h> +#include <opencrypto/xform_enc.h> + +static int +chacha20_xform_setkey(u_int8_t **sched, u_int8_t *key, int len) +{ + struct chacha_ctx *ctx; + + if (len != CHACHA_MINKEYLEN && len != 32) + return (EINVAL); + + ctx = malloc(sizeof(*ctx), M_CRYPTO_DATA, M_NOWAIT | M_ZERO); + *sched = (void *)ctx; + if (ctx == NULL) + return (ENOMEM); + + chacha_keysetup(ctx, key, len * 8); + return (0); +} + +static void +chacha20_xform_reinit(caddr_t key, u_int8_t *iv) +{ + struct chacha_ctx *ctx; + + ctx = (void *)key; + chacha_ivsetup(ctx, iv + 8, iv); +} + +static void +chacha20_xform_zerokey(u_int8_t **sched) +{ + struct chacha_ctx *ctx; + + ctx = (void *)*sched; + explicit_bzero(ctx, sizeof(*ctx)); + free(ctx, M_CRYPTO_DATA); + *sched = NULL; +} + +static void +chacha20_xform_crypt(caddr_t cctx, u_int8_t *bytes) +{ + struct chacha_ctx *ctx; + + ctx = (void *)cctx; + chacha_encrypt_bytes(ctx, bytes, bytes, 1); +} + +static void +chacha20_xform_crypt_multi(void *vctx, uint8_t *bytes, size_t len) +{ + struct chacha_ctx *ctx; + + ctx = vctx; + chacha_encrypt_bytes(ctx, bytes, bytes, len); +} + +struct enc_xform enc_xform_chacha20 = { + .type = CRYPTO_CHACHA20, + .name = "chacha20", + .blocksize = 1, + .ivsize = CHACHA_NONCELEN + CHACHA_CTRLEN, + .minkey = CHACHA_MINKEYLEN, + .maxkey = 32, + .encrypt = chacha20_xform_crypt, + .decrypt = chacha20_xform_crypt, + .setkey = chacha20_xform_setkey, + .zerokey = chacha20_xform_zerokey, + .reinit = chacha20_xform_reinit, + .encrypt_multi = chacha20_xform_crypt_multi, + .decrypt_multi = chacha20_xform_crypt_multi, +}; Modified: head/sys/modules/crypto/Makefile ============================================================================== --- head/sys/modules/crypto/Makefile Thu Mar 29 02:54:50 2018 (r331723) +++ head/sys/modules/crypto/Makefile Thu Mar 29 04:02:50 2018 (r331724) @@ -10,6 +10,7 @@ .PATH: ${SRCTOP}/sys/crypto/siphash .PATH: ${SRCTOP}/sys/crypto/skein .PATH: ${SRCTOP}/sys/crypto/blake2 +.PATH: ${SRCTOP}/sys/crypto/chacha20 .PATH: ${SRCTOP}/sys/contrib/libb2 KMOD = crypto @@ -41,6 +42,8 @@ CFLAGS.blake2s-ref.c += -I${SRCTOP}/sys/crypto/blake2 CFLAGS.blake2-sw.c += -I${SRCTOP}/sys/crypto/blake2 CWARNFLAGS.blake2b-ref.c += ${NO_WCAST_QUAL} CWARNFLAGS.blake2s-ref.c += ${NO_WCAST_QUAL} +SRCS += chacha.c +SRCS += chacha-sw.c SRCS += opt_param.h cryptodev_if.h bus_if.h device_if.h SRCS += opt_ddb.h Modified: head/sys/opencrypto/cryptodev.c ============================================================================== --- head/sys/opencrypto/cryptodev.c Thu Mar 29 02:54:50 2018 (r331723) +++ head/sys/opencrypto/cryptodev.c Thu Mar 29 04:02:50 2018 (r331724) @@ -443,6 +443,9 @@ cryptof_ioctl( case CRYPTO_AES_NIST_GCM_16: txform = &enc_xform_aes_nist_gcm; break; + case CRYPTO_CHACHA20: + txform = &enc_xform_chacha20; + break; default: CRYPTDEB("invalid cipher"); Modified: head/sys/opencrypto/cryptodev.h ============================================================================== --- head/sys/opencrypto/cryptodev.h Thu Mar 29 02:54:50 2018 (r331723) +++ head/sys/opencrypto/cryptodev.h Thu Mar 29 04:02:50 2018 (r331724) @@ -112,7 +112,8 @@ #define AES_ICM_BLOCK_LEN 1 #define ARC4_BLOCK_LEN 1 #define CAMELLIA_BLOCK_LEN 16 -#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */ +#define CHACHA20_NATIVE_BLOCK_LEN 64 +#define EALG_MAX_BLOCK_LEN CHACHA20_NATIVE_BLOCK_LEN /* Keep this updated */ /* IV Lengths */ @@ -180,7 +181,8 @@ #define CRYPTO_AES_256_NIST_GMAC 28 /* auth side */ #define CRYPTO_BLAKE2B 29 /* Blake2b hash */ #define CRYPTO_BLAKE2S 30 /* Blake2s hash */ -#define CRYPTO_ALGORITHM_MAX 30 /* Keep updated - see below */ +#define CRYPTO_CHACHA20 31 /* Chacha20 stream cipher */ +#define CRYPTO_ALGORITHM_MAX 31 /* Keep updated - see below */ #define CRYPTO_ALGO_VALID(x) ((x) >= CRYPTO_ALGORITHM_MIN && \ (x) <= CRYPTO_ALGORITHM_MAX) Modified: head/sys/opencrypto/cryptosoft.c ============================================================================== --- head/sys/opencrypto/cryptosoft.c Thu Mar 29 02:54:50 2018 (r331723) +++ head/sys/opencrypto/cryptosoft.c Thu Mar 29 04:02:50 2018 (r331724) @@ -830,6 +830,9 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct c case CRYPTO_NULL_CBC: txf = &enc_xform_null; goto enccommon; + case CRYPTO_CHACHA20: + txf = &enc_xform_chacha20; + goto enccommon; enccommon: if (cri->cri_key != NULL) { error = txf->setkey(&((*swd)->sw_kschedule), @@ -1056,6 +1059,7 @@ swcr_freesession_locked(device_t dev, u_int64_t tid) case CRYPTO_AES_NIST_GMAC: case CRYPTO_CAMELLIA_CBC: case CRYPTO_NULL_CBC: + case CRYPTO_CHACHA20: txf = swd->sw_exf; if (swd->sw_kschedule) @@ -1185,6 +1189,7 @@ swcr_process(device_t dev, struct cryptop *crp, int hi case CRYPTO_AES_XTS: case CRYPTO_AES_ICM: case CRYPTO_CAMELLIA_CBC: + case CRYPTO_CHACHA20: if ((crp->crp_etype = swcr_encdec(crd, sw, crp->crp_buf, crp->crp_flags)) != 0) goto done; @@ -1298,6 +1303,7 @@ swcr_attach(device_t dev) REGISTER(CRYPTO_DEFLATE_COMP); REGISTER(CRYPTO_BLAKE2B); REGISTER(CRYPTO_BLAKE2S); + REGISTER(CRYPTO_CHACHA20); #undef REGISTER return 0; Modified: head/sys/opencrypto/xform_enc.h ============================================================================== --- head/sys/opencrypto/xform_enc.h Thu Mar 29 02:54:50 2018 (r331723) +++ head/sys/opencrypto/xform_enc.h Thu Mar 29 04:02:50 2018 (r331724) @@ -51,7 +51,7 @@ struct enc_xform { int type; char *name; - u_int16_t blocksize; + u_int16_t blocksize; /* Required input block size -- 1 for stream ciphers. */ u_int16_t ivsize; u_int16_t minkey, maxkey; void (*encrypt) (caddr_t, u_int8_t *); @@ -83,6 +83,7 @@ extern struct enc_xform enc_xform_aes_nist_gmac; extern struct enc_xform enc_xform_aes_xts; extern struct enc_xform enc_xform_arc4; extern struct enc_xform enc_xform_camellia; +extern struct enc_xform enc_xform_chacha20; struct aes_icm_ctx { u_int32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)];
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803290402.w2T42ofL013679>