export MD5/SHA1 via /dev/crypto; ok provos@, beck@

tested with cryptosoft and kern.cryptodevallowsoft=1
author: markus <markus@openbsd.org> 2002-03-05 15:59:41 +0000
committer: markus <markus@openbsd.org> 2002-03-05 15:59:41 +0000
commit: 649dc2d9858d48bf78fc404b6fab58ba4e01d29c (patch)
tree: db146045bcdb06c77c60a32058adc1ae9dd59e86
parent: Don't drop the last character from ut_line in ID0logout() (diff)
download: wireguard-openbsd-649dc2d9858d48bf78fc404b6fab58ba4e01d29c.tar.xz
wireguard-openbsd-649dc2d9858d48bf78fc404b6fab58ba4e01d29c.zip
4 files changed, 66 insertions, 20 deletions
diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c
index 0a3a91a73cd..2319780d0b6 100644
--- a/sys/crypto/cryptodev.c
+++ b/sys/crypto/cryptodev.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cryptodev.c,v 1.32 2002/03/04 21:25:02 deraadt Exp $	*/
+/*	$OpenBSD: cryptodev.c,v 1.33 2002/03/05 15:59:41 markus Exp $	*/
 
 /*
  * Copyright (c) 2001 Theo de Raadt
@@ -242,11 +242,13 @@ cryptof_ioctl(fp, cmd, data, p)
 				goto bail;
 			}
 
-			MALLOC(cria.cri_key, u_int8_t *,
-			    cria.cri_klen / 8, M_XDATA, M_WAITOK);
-			if ((error = copyin(sop->mackey, cria.cri_key,
-			    cria.cri_klen / 8)))
-				goto bail;
+			if (cria.cri_klen) {
+				MALLOC(cria.cri_key, u_int8_t *,
+				    cria.cri_klen / 8, M_XDATA, M_WAITOK);
+				if ((error = copyin(sop->mackey, cria.cri_key,
+				    cria.cri_klen / 8)))
+					goto bail;
+			}
 		}
 
 		error = crypto_newsession(&sid, (txform ? &crie : &cria),
@@ -410,11 +412,12 @@ cryptodev_op(struct csession *cse, struct crypt_op *cop, struct proc *p)
 		goto bail;
 	}
 
-	if ((error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len)))
+	if (cop->dst &&
+	    (error = copyout(cse->uio.uio_iov[0].iov_base, cop->dst, cop->len)))
 		goto bail;
 
 	if (cop->mac &&
-	    (error = copyout(crp->crp_mac, cop->mac, cse->thash->hashsize)))
+	    (error = copyout(crp->crp_mac, cop->mac, cse->thash->authsize)))
 		goto bail;
 
 bail:
diff --git a/sys/crypto/cryptosoft.c b/sys/crypto/cryptosoft.c
index ca5df4b820f..edd3d5619c0 100644
--- a/sys/crypto/cryptosoft.c
+++ b/sys/crypto/cryptosoft.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cryptosoft.c,v 1.30 2002/03/01 02:50:02 provos Exp $	*/
+/*	$OpenBSD: cryptosoft.c,v 1.31 2002/03/05 15:59:41 markus Exp $	*/
 
 /*
  * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
@@ -375,8 +375,8 @@ swcr_encdec(struct cryptodesc *crd, struct swcr_data *sw, caddr_t buf,
  * Compute keyed-hash authenticator.
  */
 int
-swcr_authcompute(struct cryptodesc *crd, struct swcr_data *sw,
-    caddr_t buf, int outtype)
+swcr_authcompute(struct cryptop *crp, struct cryptodesc *crd,
+    struct swcr_data *sw, caddr_t buf, int outtype)
 {
 	unsigned char aalg[AALG_MAX_RESULT_LEN];
 	struct auth_hash *axf;
@@ -424,10 +424,19 @@ swcr_authcompute(struct cryptodesc *crd, struct swcr_data *sw,
 		axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
 		axf->Final(aalg, &ctx);
 		break;
+
+	case CRYPTO_MD5:
+	case CRYPTO_SHA1:
+		axf->Final(aalg, &ctx);
+		break;
 	}
 
 	/* Inject the authentication data */
-	COPYBACK(outtype, buf, crd->crd_inject, axf->authsize, aalg);
+	if (outtype == CRYPTO_BUF_MBUF)
+		COPYBACK(outtype, buf, crd->crd_inject, axf->authsize, aalg);
+	else
+		bcopy(aalg, crp->crp_mac, axf->authsize);
+	
 	return 0;
 }
 
@@ -679,6 +688,24 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
 			(*swd)->sw_axf = axf;
 			break;
 
+		case CRYPTO_MD5:
+			axf = &auth_hash_md5;
+			goto auth3common;
+	
+		case CRYPTO_SHA1:
+			axf = &auth_hash_sha1;
+		auth3common:
+			(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
+			    M_NOWAIT);
+			if ((*swd)->sw_ictx == NULL) {
+				swcr_freesession(i);
+				return ENOBUFS;
+			}
+	
+			axf->Init((*swd)->sw_ictx);
+			(*swd)->sw_axf = axf;
+			break;
+
 		case CRYPTO_DEFLATE_COMP:
 			cxf = &comp_algo_deflate;
 			(*swd)->sw_cxf = cxf;
@@ -762,6 +789,14 @@ swcr_freesession(u_int64_t tid)
 			}
 			break;
 
+		case CRYPTO_MD5:
+		case CRYPTO_SHA1:
+			axf = swd->sw_axf;
+
+			if (swd->sw_ictx)
+				free(swd->sw_ictx, M_CRYPTO_DATA);
+			break;
+
 		case CRYPTO_DEFLATE_COMP:
 			cxf = swd->sw_cxf;
 			break;
@@ -842,7 +877,9 @@ swcr_process(struct cryptop *crp)
 		case CRYPTO_RIPEMD160_HMAC:
 		case CRYPTO_MD5_KPDK:
 		case CRYPTO_SHA1_KPDK:
-			if ((crp->crp_etype = swcr_authcompute(crd, sw,
+		case CRYPTO_MD5:
+		case CRYPTO_SHA1:
+			if ((crp->crp_etype = swcr_authcompute(crp, crd, sw,
 			    crp->crp_buf, type)) != 0)
 				goto done;
 			break;
@@ -895,6 +932,10 @@ swcr_init(void)
 		    NULL, NULL, NULL);
 		crypto_register(swcr_id, CRYPTO_SHA1_KPDK, 0, 0,
 		    NULL, NULL, NULL);
+		crypto_register(swcr_id, CRYPTO_MD5, 0, 0,
+		    NULL, NULL, NULL);
+		crypto_register(swcr_id, CRYPTO_SHA1, 0, 0,
+		    NULL, NULL, NULL);
 		crypto_register(swcr_id, CRYPTO_RIJNDAEL128_CBC, 0, 0,
 		    NULL, NULL, NULL);
 		crypto_register(swcr_id, CRYPTO_DEFLATE_COMP, 0, 0,
diff --git a/sys/crypto/cryptosoft.h b/sys/crypto/cryptosoft.h
index d516f6ae3ea..6b3fe4b193a 100644
--- a/sys/crypto/cryptosoft.h
+++ b/sys/crypto/cryptosoft.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cryptosoft.h,v 1.7 2002/02/24 00:30:00 deraadt Exp $	*/
+/*	$OpenBSD: cryptosoft.h,v 1.8 2002/03/05 15:59:41 markus Exp $	*/
 
 /*
  * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
@@ -63,7 +63,7 @@ extern u_int8_t hmac_ipad_buffer[64];
 extern u_int8_t hmac_opad_buffer[64];
 
 int	swcr_encdec(struct cryptodesc *, struct swcr_data *, caddr_t, int);
-int	swcr_authcompute(struct cryptodesc *, struct swcr_data *,
+int	swcr_authcompute(struct cryptop *, struct cryptodesc *, struct swcr_data *,
 	caddr_t, int);
 int	swcr_compdec(struct cryptodesc *, struct swcr_data *, caddr_t, int);
 int	swcr_process(struct cryptop *);
diff --git a/sys/crypto/xform.c b/sys/crypto/xform.c
index e498c869a60..7d813e956e4 100644
--- a/sys/crypto/xform.c
+++ b/sys/crypto/xform.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: xform.c,v 1.16 2001/08/28 12:20:43 ben Exp $	*/
+/*	$OpenBSD: xform.c,v 1.17 2002/03/05 15:59:41 markus Exp $	*/
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -194,14 +194,16 @@ struct auth_hash auth_hash_key_sha1 = {
 
 struct auth_hash auth_hash_md5 = {
 	CRYPTO_MD5, "MD5",
-	0, 16, 0, 0,
-	NULL, NULL, NULL
+	0, 16, 16, sizeof(MD5_CTX),
+	(void (*) (void *)) MD5Init, MD5Update_int,
+	(void (*) (u_int8_t *, void *)) MD5Final
 };
 
 struct auth_hash auth_hash_sha1 = {
 	CRYPTO_SHA1, "SHA1",
-	0, 20, 0, 0,
-	NULL, NULL, NULL
+	0, 20, 20, sizeof(SHA1_CTX),
+	(void (*)(void *)) SHA1Init, SHA1Update_int,
+	(void (*)(u_int8_t *, void *)) SHA1Final 
 };
 
 /* Compression instance */
author	markus <markus@openbsd.org>	2002-03-05 15:59:41 +0000
committer	markus <markus@openbsd.org>	2002-03-05 15:59:41 +0000
commit	649dc2d9858d48bf78fc404b6fab58ba4e01d29c (patch)
tree	db146045bcdb06c77c60a32058adc1ae9dd59e86
parent	Don't drop the last character from ut_line in ID0logout() (diff)
download	wireguard-openbsd-649dc2d9858d48bf78fc404b6fab58ba4e01d29c.tar.xz wireguard-openbsd-649dc2d9858d48bf78fc404b6fab58ba4e01d29c.zip