summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/crypto.h24
-rw-r--r--src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c17
-rw-r--r--src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c19
-rw-r--r--src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c18
-rw-r--r--src/crypto/cipher/ciphers.c.in23
-rw-r--r--src/crypto/cipher/null/memcpy/null_memcpy.c17
-rw-r--r--src/crypto/cipher/salsa20/nacl/salsa20_nacl.c17
-rw-r--r--src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c17
-rw-r--r--src/crypto/mac/ghash/builtin/ghash_builtin.c17
-rw-r--r--src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c15
-rw-r--r--src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h2
-rw-r--r--src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c2
-rw-r--r--src/crypto/mac/macs.c.in23
-rw-r--r--src/fastd.c14
-rw-r--r--src/fastd.h3
-rw-r--r--src/methods/cipher_test/cipher_test.c15
-rw-r--r--src/methods/composed_gmac/composed_gmac.c37
-rw-r--r--src/methods/generic_gcm/generic_gcm.c24
-rw-r--r--src/methods/generic_gmac/generic_gmac.c22
-rw-r--r--src/methods/generic_poly1305/generic_poly1305.c15
-rw-r--r--src/types.h3
21 files changed, 86 insertions, 258 deletions
diff --git a/src/crypto.h b/src/crypto.h
index 968483e..7ee73cd 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -38,13 +38,9 @@ struct fastd_cipher_info {
struct fastd_cipher {
bool (*available)(void);
- fastd_cipher_context_t* (*initialize)(fastd_context_t *ctx);
- fastd_cipher_state_t* (*init_state)(fastd_context_t *ctx, const fastd_cipher_context_t *cctx, const uint8_t *key);
-
+ fastd_cipher_state_t* (*init)(fastd_context_t *ctx, const uint8_t *key);
bool (*crypt)(fastd_context_t *ctx, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv);
-
- void (*free_state)(fastd_context_t *ctx, fastd_cipher_state_t *state);
- void (*free)(fastd_context_t *ctx, fastd_cipher_context_t *cctx);
+ void (*free)(fastd_context_t *ctx, fastd_cipher_state_t *state);
};
@@ -55,24 +51,16 @@ struct fastd_mac_info {
struct fastd_mac {
bool (*available)(void);
- fastd_mac_context_t* (*initialize)(fastd_context_t *ctx);
- fastd_mac_state_t* (*init_state)(fastd_context_t *ctx, const fastd_mac_context_t *mctx, const uint8_t *key);
-
+ fastd_mac_state_t* (*init)(fastd_context_t *ctx, const uint8_t *key);
bool (*hash)(fastd_context_t *ctx, const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks);
-
- void (*free_state)(fastd_context_t *ctx, fastd_mac_state_t *state);
- void (*free)(fastd_context_t *ctx, fastd_mac_context_t *mctx);
+ void (*free)(fastd_context_t *ctx, fastd_mac_state_t *state);
};
-void fastd_cipher_init(fastd_context_t *ctx);
-void fastd_cipher_free(fastd_context_t *ctx);
const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name);
-const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_context_t **cctx);
+const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info);
-void fastd_mac_init(fastd_context_t *ctx);
-void fastd_mac_free(fastd_context_t *ctx);
const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name);
-const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info, const fastd_mac_context_t **cctx);
+const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info);
#endif /* _FASTD_CRYPTO_H_ */
diff --git a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c
index 783a9d1..f4756a3 100644
--- a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c
+++ b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c
@@ -33,11 +33,7 @@ struct __attribute__((aligned(16))) fastd_cipher_state {
};
-static fastd_cipher_context_t* aes128_ctr_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static fastd_cipher_state_t* aes128_ctr_init_state(fastd_context_t *ctx, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key) {
+static fastd_cipher_state_t* aes128_ctr_init(fastd_context_t *ctx, const uint8_t *key) {
fastd_block128_t k;
memcpy(k.b, key, sizeof(fastd_block128_t));
@@ -56,24 +52,17 @@ static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_sta
return true;
}
-static void aes128_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
+static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
if (state) {
secure_memzero(state, sizeof(*state));
free(state);
}
}
-static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
-}
-
const fastd_cipher_t fastd_cipher_aes128_ctr_nacl = {
.available = fastd_true,
- .initialize = aes128_ctr_initialize,
- .init_state = aes128_ctr_init_state,
-
+ .init = aes128_ctr_init,
.crypt = aes128_ctr_crypt,
-
- .free_state = aes128_ctr_free_state,
.free = aes128_ctr_free,
};
diff --git a/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c b/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c
index 6917333..b3c739c 100644
--- a/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c
+++ b/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c
@@ -28,16 +28,12 @@
#include <openssl/evp.h>
-struct __attribute__((aligned(16))) fastd_cipher_state {
+struct fastd_cipher_state {
EVP_CIPHER_CTX *aes;
};
-static fastd_cipher_context_t* aes128_ctr_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static fastd_cipher_state_t* aes128_ctr_init_state(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key) {
+static fastd_cipher_state_t* aes128_ctr_init(fastd_context_t *ctx UNUSED, const uint8_t *key) {
fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t));
state->aes = EVP_CIPHER_CTX_new();
@@ -64,24 +60,17 @@ static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_sta
return true;
}
-static void aes128_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
+static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
if (state) {
EVP_CIPHER_CTX_free(state->aes);
free(state);
}
}
-static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
-}
-
const fastd_cipher_t fastd_cipher_aes128_ctr_openssl = {
.available = fastd_true,
- .initialize = aes128_ctr_initialize,
- .init_state = aes128_ctr_init_state,
-
+ .init = aes128_ctr_init,
.crypt = aes128_ctr_crypt,
-
- .free_state = aes128_ctr_free_state,
.free = aes128_ctr_free,
};
diff --git a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c
index 70c4d35..3e82e38 100644
--- a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c
+++ b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c
@@ -182,11 +182,6 @@ struct fastd_cipher_state {
};
-static fastd_cipher_context_t* blowfish_ctr_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-
static inline void bf_ntohl(uint32_t *v, size_t len) {
size_t i;
for (i = 0; i < len; i++)
@@ -214,7 +209,7 @@ static inline uint32_t bf_f(const fastd_cipher_state_t *state, uint32_t x) {
BF_SWAP(L, R); \
})
-static fastd_cipher_state_t* blowfish_ctr_init_state(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key) {
+static fastd_cipher_state_t* blowfish_ctr_init(fastd_context_t *ctx UNUSED, const uint8_t *key) {
uint32_t key32[14];
memcpy(key32, key, 56);
bf_ntohl(key32, 14);
@@ -276,24 +271,17 @@ static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_s
return true;
}
-static void blowfish_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
+static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
if (state) {
secure_memzero(state, sizeof(*state));
free(state);
}
}
-static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
-}
-
const fastd_cipher_t fastd_cipher_blowfish_ctr_builtin = {
.available = fastd_true,
- .initialize = blowfish_ctr_initialize,
- .init_state = blowfish_ctr_init_state,
-
+ .init = blowfish_ctr_init,
.crypt = blowfish_ctr_crypt,
-
- .free_state = blowfish_ctr_free_state,
.free = blowfish_ctr_free,
};
diff --git a/src/crypto/cipher/ciphers.c.in b/src/crypto/cipher/ciphers.c.in
index b3c6b1b..72ea3d2 100644
--- a/src/crypto/cipher/ciphers.c.in
+++ b/src/crypto/cipher/ciphers.c.in
@@ -89,24 +89,6 @@ bool fastd_cipher_config(const fastd_cipher_t **cipher_conf, const char *name, c
return false;
}
-void fastd_cipher_init(fastd_context_t *ctx) {
- ctx->cipher_contexts = calloc(array_size(ciphers), sizeof(fastd_cipher_context_t*));
-
- size_t i;
- for (i = 0; i < array_size(ciphers); i++) {
- if (ctx->conf->ciphers[i])
- ctx->cipher_contexts[i] = ctx->conf->ciphers[i]->initialize(ctx);
- }
-}
-
-void fastd_cipher_free(fastd_context_t *ctx) {
- size_t i;
- for (i = 0; i < array_size(ciphers); i++)
- ctx->conf->ciphers[i]->free(ctx, ctx->cipher_contexts[i]);
-
- free(ctx->cipher_contexts);
-}
-
const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
size_t i, j;
for (i = 0; i < array_size(ciphers); i++) {
@@ -124,16 +106,13 @@ const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
return NULL;
}
-const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_context_t **cctx) {
+const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info) {
size_t i;
for (i = 0; i < array_size(ciphers); i++) {
if (!strcmp(ciphers[i].name, name)) {
if (info)
*info = ciphers[i].info;
- if (cctx)
- *cctx = ctx->cipher_contexts[i];
-
return ctx->conf->ciphers[i];
}
}
diff --git a/src/crypto/cipher/null/memcpy/null_memcpy.c b/src/crypto/cipher/null/memcpy/null_memcpy.c
index 8c05b17..7f0b8b3 100644
--- a/src/crypto/cipher/null/memcpy/null_memcpy.c
+++ b/src/crypto/cipher/null/memcpy/null_memcpy.c
@@ -27,11 +27,7 @@
#include "../../../../crypto.h"
-static fastd_cipher_context_t* null_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static fastd_cipher_state_t* null_init_state(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key UNUSED) {
+static fastd_cipher_state_t* null_init(fastd_context_t *ctx UNUSED, const uint8_t *key UNUSED) {
return NULL;
}
@@ -40,20 +36,13 @@ static bool null_memcpy(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t
return true;
}
-static void null_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state UNUSED) {
-}
-
-static void null_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
+static void null_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state UNUSED) {
}
const fastd_cipher_t fastd_cipher_null_memcpy = {
.available = fastd_true,
- .initialize = null_initialize,
- .init_state = null_init_state,
-
+ .init = null_init,
.crypt = null_memcpy,
-
- .free_state = null_free_state,
.free = null_free,
};
diff --git a/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c b/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c
index 457e39c..ed14c3c 100644
--- a/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c
+++ b/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c
@@ -33,11 +33,7 @@ struct __attribute__((aligned(16))) fastd_cipher_state {
};
-static fastd_cipher_context_t* salsa20_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static fastd_cipher_state_t* salsa20_init_state(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key) {
+static fastd_cipher_state_t* salsa20_init(fastd_context_t *ctx UNUSED, const uint8_t *key) {
fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t));
memcpy(state->key, key, crypto_stream_salsa20_KEYBYTES);
@@ -49,24 +45,17 @@ static bool salsa20_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_
return true;
}
-static void salsa20_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
+static void salsa20_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
if (state) {
secure_memzero(state, sizeof(*state));
free(state);
}
}
-static void salsa20_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
-}
-
const fastd_cipher_t fastd_cipher_salsa20_nacl = {
.available = fastd_true,
- .initialize = salsa20_initialize,
- .init_state = salsa20_init_state,
-
+ .init = salsa20_init,
.crypt = salsa20_crypt,
-
- .free_state = salsa20_free_state,
.free = salsa20_free,
};
diff --git a/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c b/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c
index 9619afe..79f01c4 100644
--- a/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c
+++ b/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c
@@ -33,11 +33,7 @@ struct __attribute__((aligned(16))) fastd_cipher_state {
};
-static fastd_cipher_context_t* salsa2012_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static fastd_cipher_state_t* salsa2012_init_state(fastd_context_t *ctx UNUSED, const fastd_cipher_context_t *cctx UNUSED, const uint8_t *key) {
+static fastd_cipher_state_t* salsa2012_init(fastd_context_t *ctx UNUSED, const uint8_t *key) {
fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t));
memcpy(state->key, key, crypto_stream_salsa2012_KEYBYTES);
@@ -49,24 +45,17 @@ static bool salsa2012_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_stat
return true;
}
-static void salsa2012_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
+static void salsa2012_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
if (state) {
secure_memzero(state, sizeof(*state));
free(state);
}
}
-static void salsa2012_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
-}
-
const fastd_cipher_t fastd_cipher_salsa2012_nacl = {
.available = fastd_true,
- .initialize = salsa2012_initialize,
- .init_state = salsa2012_init_state,
-
+ .init = salsa2012_init,
.crypt = salsa2012_crypt,
-
- .free_state = salsa2012_free_state,
.free = salsa2012_free,
};
diff --git a/src/crypto/mac/ghash/builtin/ghash_builtin.c b/src/crypto/mac/ghash/builtin/ghash_builtin.c
index 511e844..341408f 100644
--- a/src/crypto/mac/ghash/builtin/ghash_builtin.c
+++ b/src/crypto/mac/ghash/builtin/ghash_builtin.c
@@ -61,11 +61,7 @@ static inline void mulH_a(fastd_block128_t *x, const fastd_mac_state_t *cstate)
}
-static fastd_mac_context_t* ghash_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static fastd_mac_state_t* ghash_init_state(fastd_context_t *ctx UNUSED, const fastd_mac_context_t *mctx UNUSED, const uint8_t *key) {
+static fastd_mac_state_t* ghash_init(fastd_context_t *ctx UNUSED, const uint8_t *key) {
fastd_mac_state_t *state = malloc(sizeof(fastd_mac_state_t));
fastd_block128_t Hbase[4];
@@ -121,24 +117,17 @@ static bool ghash_hash(fastd_context_t *ctx UNUSED, const fastd_mac_state_t *sta
return true;
}
-static void ghash_free_state(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) {
+static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) {
if (state) {
secure_memzero(state, sizeof(*state));
free(state);
}
}
-static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_context_t *mctx UNUSED) {
-}
-
const fastd_mac_t fastd_mac_ghash_builtin = {
.available = fastd_true,
- .initialize = ghash_initialize,
- .init_state = ghash_init_state,
-
+ .init = ghash_init,
.hash = ghash_hash,
-
- .free_state = ghash_free_state,
.free = ghash_free,
};
diff --git a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c
index 11073a5..8f1edb0 100644
--- a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c
+++ b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c
@@ -34,28 +34,17 @@ static bool ghash_available(void) {
return ((fastd_cpuid()&REQ) == REQ);
}
-static fastd_mac_context_t* ghash_initialize(fastd_context_t *ctx UNUSED) {
- return NULL;
-}
-
-static void ghash_free_state(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) {
+static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) {
if (state) {
secure_memzero(state, sizeof(*state));
free(state);
}
}
-static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_context_t *mctx UNUSED) {
-}
-
const fastd_mac_t fastd_mac_ghash_pclmulqdq = {
.available = ghash_available,
- .initialize = ghash_initialize,
- .init_state = fastd_ghash_pclmulqdq_init_state,
-
+ .init = fastd_ghash_pclmulqdq_init,
.hash = fastd_ghash_pclmulqdq_hash,
-
- .free_state = ghash_free_state,
.free = ghash_free,
};
diff --git a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h
index c2645f8..ccb1ecf 100644
--- a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h
+++ b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h
@@ -32,5 +32,5 @@ struct fastd_mac_state {
};
-fastd_mac_state_t* fastd_ghash_pclmulqdq_init_state(fastd_context_t *ctx, const fastd_mac_context_t *mctx, const uint8_t *key);
+fastd_mac_state_t* fastd_ghash_pclmulqdq_init(fastd_context_t *ctx, const uint8_t *key);
bool fastd_ghash_pclmulqdq_hash(fastd_context_t *ctx, const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks);
diff --git a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c
index 375cf91..134d4ed 100644
--- a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c
+++ b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c
@@ -58,7 +58,7 @@ static inline __m128i byteswap(__m128i v) {
}
-fastd_mac_state_t* fastd_ghash_pclmulqdq_init_state(fastd_context_t *ctx UNUSED, const fastd_mac_context_t *mctx UNUSED, const uint8_t *key) {
+fastd_mac_state_t* fastd_ghash_pclmulqdq_init(fastd_context_t *ctx UNUSED, const uint8_t *key) {
fastd_mac_state_t *state = malloc(sizeof(fastd_mac_state_t));
vecblock_t h;
diff --git a/src/crypto/mac/macs.c.in b/src/crypto/mac/macs.c.in
index 3587322..c70473b 100644
--- a/src/crypto/mac/macs.c.in
+++ b/src/crypto/mac/macs.c.in
@@ -89,24 +89,6 @@ bool fastd_mac_config(const fastd_mac_t **mac_conf, const char *name, const char
return false;
}
-void fastd_mac_init(fastd_context_t *ctx) {
- ctx->mac_contexts = calloc(array_size(macs), sizeof(fastd_mac_context_t*));
-
- size_t i;
- for (i = 0; i < array_size(macs); i++) {
- if (ctx->conf->macs[i])
- ctx->mac_contexts[i] = ctx->conf->macs[i]->initialize(ctx);
- }
-}
-
-void fastd_mac_free(fastd_context_t *ctx) {
- size_t i;
- for (i = 0; i < array_size(macs); i++)
- ctx->conf->macs[i]->free(ctx, ctx->mac_contexts[i]);
-
- free(ctx->mac_contexts);
-}
-
const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
size_t i, j;
for (i = 0; i < array_size(macs); i++) {
@@ -124,16 +106,13 @@ const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
return NULL;
}
-const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info, const fastd_mac_context_t **cctx) {
+const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info) {
size_t i;
for (i = 0; i < array_size(macs); i++) {
if (!strcmp(macs[i].name, name)) {
if (info)
*info = macs[i].info;
- if (cctx)
- *cctx = ctx->mac_contexts[i];
-
return ctx->conf->macs[i];
}
}
diff --git a/src/fastd.c b/src/fastd.c
index 03ffc52..c75fa9b 100644
--- a/src/fastd.c
+++ b/src/fastd.c
@@ -152,16 +152,6 @@ static void close_log(fastd_context_t *ctx) {
closelog();
}
-static void crypto_init(fastd_context_t *ctx) {
- fastd_cipher_init(ctx);
- fastd_mac_init(ctx);
-}
-
-static void crypto_free(fastd_context_t *ctx UNUSED) {
- fastd_mac_free(ctx);
- fastd_cipher_free(ctx);
-}
-
static void init_sockets(fastd_context_t *ctx) {
ctx->socks = malloc(ctx->conf->n_bind_addrs * sizeof(fastd_socket_t));
@@ -798,8 +788,6 @@ int main(int argc, char *argv[]) {
/* change groups early as the can be relevant for file access (for PID file & log files) */
set_groups(&ctx);
- crypto_init(&ctx);
-
init_sockets(&ctx);
if (!fastd_socket_handle_binds(&ctx))
@@ -885,8 +873,6 @@ int main(int argc, char *argv[]) {
free(ctx.eth_addr);
free(ctx.ifname);
- crypto_free(&ctx);
-
close_log(&ctx);
fastd_config_release(&ctx, &conf);
diff --git a/src/fastd.h b/src/fastd.h
index e513a1d..4290421 100644
--- a/src/fastd.h
+++ b/src/fastd.h
@@ -300,9 +300,6 @@ struct fastd_context {
fastd_stats_t tx_dropped;
fastd_stats_t tx_error;
- fastd_cipher_context_t **cipher_contexts;
- fastd_mac_context_t **mac_contexts;
-
size_t eth_addr_size;
size_t n_eth_addr;
fastd_peer_eth_addr_t *eth_addr;
diff --git a/src/methods/cipher_test/cipher_test.c b/src/methods/cipher_test/cipher_test.c
index 573e90a..067835e 100644
--- a/src/methods/cipher_test/cipher_test.c
+++ b/src/methods/cipher_test/cipher_test.c
@@ -33,12 +33,11 @@ struct fastd_method_session_state {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_t *cipher;
- const fastd_cipher_context_t *cipher_ctx;
fastd_cipher_state_t *cipher_state;
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_t **cipher) {
size_t len = strlen(name);
if (len < 12)
@@ -54,7 +53,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
const fastd_cipher_info_t *cipher_info = NULL;
if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &cipher_info, cctx);
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &cipher_info);
if (!*cipher)
return false;
}
@@ -72,12 +71,12 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ return cipher_get(NULL, name, NULL, NULL);
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *info;
- if (!cipher_get(NULL, name, &info, NULL, NULL))
+ if (!cipher_get(NULL, name, &info, NULL))
exit_bug(ctx, "cipher-test: can't get cipher key length");
return info->key_length;
@@ -88,10 +87,10 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher))
exit_bug(ctx, "cipher-test: can't instanciate cipher");
- session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
+ session->cipher_state = session->cipher->init(ctx, secret);
pr_warn(ctx, "using cipher-test method; this method must be used for testing and benchmarks only");
@@ -116,7 +115,7 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session
static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) {
if (session) {
- session->cipher->free_state(ctx, session->cipher_state);
+ session->cipher->free(ctx, session->cipher_state);
free(session);
}
}
diff --git a/src/methods/composed_gmac/composed_gmac.c b/src/methods/composed_gmac/composed_gmac.c
index b8ee2f6..0705b7d 100644
--- a/src/methods/composed_gmac/composed_gmac.c
+++ b/src/methods/composed_gmac/composed_gmac.c
@@ -35,24 +35,21 @@ struct fastd_method_session_state {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_t *cipher;
- const fastd_cipher_context_t *cipher_ctx;
fastd_cipher_state_t *cipher_state;
const fastd_cipher_info_t *gmac_cipher_info;
const fastd_cipher_t *gmac_cipher;
- const fastd_cipher_context_t *gmac_cipher_ctx;
fastd_cipher_state_t *gmac_cipher_state;
const fastd_mac_info_t *ghash_info;
const fastd_mac_t *ghash;
- const fastd_mac_context_t *ghash_ctx;
fastd_mac_state_t *ghash_state;
};
static bool cipher_get(fastd_context_t *ctx, const char *name,
- const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx,
- const fastd_cipher_info_t **gmac_cipher_info, const fastd_cipher_t **gmac_cipher, const fastd_cipher_context_t **gmac_cctx) {
+ const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher,
+ const fastd_cipher_info_t **gmac_cipher_info, const fastd_cipher_t **gmac_cipher) {
if (!fastd_mac_info_get_by_name("ghash"))
return false;
@@ -80,8 +77,8 @@ static bool cipher_get(fastd_context_t *ctx, const char *name,
const fastd_cipher_info_t *gmac_info = NULL;
if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
- *gmac_cipher = fastd_cipher_get_by_name(ctx, gmac_cipher_name, &gmac_info, gmac_cctx);
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info);
+ *gmac_cipher = fastd_cipher_get_by_name(ctx, gmac_cipher_name, &gmac_info);
if (!(*cipher && *gmac_cipher))
return false;
}
@@ -105,7 +102,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name,
static bool method_provides(const char *name) {
const fastd_cipher_info_t *gmac_cipher_info;
- if (!cipher_get(NULL, name, NULL, NULL, NULL, &gmac_cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, NULL, NULL, &gmac_cipher_info, NULL))
return false;
if (gmac_cipher_info->iv_length <= COMMON_NONCEBYTES)
@@ -118,7 +115,7 @@ static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_info_t *gmac_cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, &gmac_cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL, &gmac_cipher_info, NULL))
exit_bug(ctx, "composed-gmac: can't get cipher key length");
return cipher_info->key_length + gmac_cipher_info->key_length;
@@ -130,15 +127,15 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
if (!cipher_get(ctx, name,
- &session->cipher_info, &session->cipher, &session->cipher_ctx,
- &session->gmac_cipher_info, &session->gmac_cipher, &session->gmac_cipher_ctx))
+ &session->cipher_info, &session->cipher,
+ &session->gmac_cipher_info, &session->gmac_cipher))
exit_bug(ctx, "composed-gmac: can't instanciate cipher");
- session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
+ session->cipher_state = session->cipher->init(ctx, secret);
if (session->cipher_info->iv_length && session->cipher_info->iv_length <= COMMON_NONCEBYTES)
exit_bug(ctx, "composed-gmac: iv_length to small");
- session->gmac_cipher_state = session->gmac_cipher->init_state(ctx, session->gmac_cipher_ctx, secret + session->cipher_info->key_length);
+ session->gmac_cipher_state = session->gmac_cipher->init(ctx, secret + session->cipher_info->key_length);
if (session->gmac_cipher_info->iv_length <= COMMON_NONCEBYTES)
exit_bug(ctx, "composed-gmac: GMAC cipher iv_length to small");
@@ -148,18 +145,18 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
memset(zeroiv, 0, session->gmac_cipher_info->iv_length);
if (!session->gmac_cipher->crypt(ctx, session->gmac_cipher_state, &H, &ZERO_BLOCK, sizeof(fastd_block128_t), zeroiv)) {
- session->cipher->free_state(ctx, session->cipher_state);
- session->gmac_cipher->free_state(ctx, session->gmac_cipher_state);
+ session->cipher->free(ctx, session->cipher_state);
+ session->gmac_cipher->free(ctx, session->gmac_cipher_state);
free(session);
return NULL;
}
- session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info, &session->ghash_ctx);
+ session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info);
if (!session->ghash)
exit_bug(ctx, "composed-gmac: can't instanciate ghash mac");
- session->ghash_state = session->ghash->init_state(ctx, session->ghash_ctx, H.b);
+ session->ghash_state = session->ghash->init(ctx, H.b);
return session;
}
@@ -182,9 +179,9 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session
static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) {
if (session) {
- session->cipher->free_state(ctx, session->cipher_state);
- session->gmac_cipher->free_state(ctx, session->gmac_cipher_state);
- session->ghash->free_state(ctx, session->ghash_state);
+ session->cipher->free(ctx, session->cipher_state);
+ session->gmac_cipher->free(ctx, session->gmac_cipher_state);
+ session->ghash->free(ctx, session->ghash_state);
free(session);
}
diff --git a/src/methods/generic_gcm/generic_gcm.c b/src/methods/generic_gcm/generic_gcm.c
index 9481100..52065eb 100644
--- a/src/methods/generic_gcm/generic_gcm.c
+++ b/src/methods/generic_gcm/generic_gcm.c
@@ -33,17 +33,15 @@ struct fastd_method_session_state {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_t *cipher;
- const fastd_cipher_context_t *cipher_ctx;
fastd_cipher_state_t *cipher_state;
const fastd_mac_info_t *ghash_info;
const fastd_mac_t *ghash;
- const fastd_mac_context_t *ghash_ctx;
fastd_mac_state_t *ghash_state;
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher) {
if (!fastd_mac_info_get_by_name("ghash"))
return false;
@@ -62,7 +60,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
const fastd_cipher_info_t *info = NULL;
if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, name_ctr, &info, cctx);
+ *cipher = fastd_cipher_get_by_name(ctx, name_ctr, &info);
if (!*cipher)
return false;
}
@@ -83,12 +81,12 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ return cipher_get(NULL, name, NULL, NULL);
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL))
exit_bug(ctx, "generic-gcm: can't get cipher key length");
return cipher_info->key_length;
@@ -99,10 +97,10 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher))
exit_bug(ctx, "generic-gcm: can't instanciate cipher");
- session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
+ session->cipher_state = session->cipher->init(ctx, secret);
static const fastd_block128_t zeroblock = {};
fastd_block128_t H;
@@ -114,16 +112,16 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
memset(zeroiv, 0, session->cipher_info->iv_length);
if (!session->cipher->crypt(ctx, session->cipher_state, &H, &zeroblock, sizeof(fastd_block128_t), zeroiv)) {
- session->cipher->free_state(ctx, session->cipher_state);
+ session->cipher->free(ctx, session->cipher_state);
free(session);
return NULL;
}
- session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info, &session->ghash_ctx);
+ session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info);
if (!session->ghash)
exit_bug(ctx, "generic-gcm: can't instanciate ghash mac");
- session->ghash_state = session->ghash->init_state(ctx, session->ghash_ctx, H.b);
+ session->ghash_state = session->ghash->init(ctx, H.b);
return session;
}
@@ -153,8 +151,8 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session
static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) {
if (session) {
- session->cipher->free_state(ctx, session->cipher_state);
- session->ghash->free_state(ctx, session->ghash_state);
+ session->cipher->free(ctx, session->cipher_state);
+ session->ghash->free(ctx, session->ghash_state);
free(session);
}
diff --git a/src/methods/generic_gmac/generic_gmac.c b/src/methods/generic_gmac/generic_gmac.c
index 5501076..4de7ad8 100644
--- a/src/methods/generic_gmac/generic_gmac.c
+++ b/src/methods/generic_gmac/generic_gmac.c
@@ -33,17 +33,15 @@ struct fastd_method_session_state {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_t *cipher;
- const fastd_cipher_context_t *cipher_ctx;
fastd_cipher_state_t *cipher_state;
const fastd_mac_info_t *ghash_info;
const fastd_mac_t *ghash;
- const fastd_mac_context_t *ghash_ctx;
fastd_mac_state_t *ghash_state;
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher) {
if (!fastd_mac_info_get_by_name("ghash"))
return false;
@@ -65,7 +63,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
const fastd_cipher_info_t *info = NULL;
if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info);
if (!*cipher)
return false;
}
@@ -86,12 +84,12 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ return cipher_get(NULL, name, NULL, NULL);
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL))
exit_bug(ctx, "generic-gmac: can't get cipher key length");
return cipher_info->key_length + sizeof(fastd_block128_t);
@@ -102,19 +100,19 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher))
exit_bug(ctx, "generic-gmac: can't instanciate cipher");
- session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
+ session->cipher_state = session->cipher->init(ctx, secret);
if (session->cipher_info->iv_length <= COMMON_NONCEBYTES)
exit_bug(ctx, "generic-gmac: iv_length to small");
- session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info, &session->ghash_ctx);
+ session->ghash = fastd_mac_get_by_name(ctx, "ghash", &session->ghash_info);
if (!session->ghash)
exit_bug(ctx, "generic-gmac: can't instanciate ghash mac");
- session->ghash_state = session->ghash->init_state(ctx, session->ghash_ctx, secret + session->cipher_info->key_length);
+ session->ghash_state = session->ghash->init(ctx, secret + session->cipher_info->key_length);
return session;
}
@@ -144,8 +142,8 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session
static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) {
if (session) {
- session->cipher->free_state(ctx, session->cipher_state);
- session->ghash->free_state(ctx, session->ghash_state);
+ session->cipher->free(ctx, session->cipher_state);
+ session->ghash->free(ctx, session->ghash_state);
free(session);
}
diff --git a/src/methods/generic_poly1305/generic_poly1305.c b/src/methods/generic_poly1305/generic_poly1305.c
index 3820907..c40e70f 100644
--- a/src/methods/generic_poly1305/generic_poly1305.c
+++ b/src/methods/generic_poly1305/generic_poly1305.c
@@ -38,12 +38,11 @@ struct fastd_method_session_state {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_t *cipher;
- const fastd_cipher_context_t *cipher_ctx;
fastd_cipher_state_t *cipher_state;
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher) {
size_t len = strlen(name);
if (len < 9)
@@ -59,7 +58,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
const fastd_cipher_info_t *info = NULL;
if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info);
if (!*cipher)
return false;
}
@@ -80,12 +79,12 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ return cipher_get(NULL, name, NULL, NULL);
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL))
exit_bug(ctx, "generic-poly1305: can't get cipher key length");
return cipher_info->key_length;
@@ -96,10 +95,10 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher))
exit_bug(ctx, "generic-poly1305: can't instanciate cipher");
- session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
+ session->cipher_state = session->cipher->init(ctx, secret);
if (session->cipher_info->iv_length <= COMMON_NONCEBYTES)
exit_bug(ctx, "generic-poly1305: iv_length to small");
@@ -125,7 +124,7 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session
static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) {
if (session) {
- session->cipher->free_state(ctx, session->cipher_state);
+ session->cipher->free(ctx, session->cipher_state);
free(session);
}
}
diff --git a/src/types.h b/src/types.h
index 2796f38..fc26f3a 100644
--- a/src/types.h
+++ b/src/types.h
@@ -143,10 +143,7 @@ typedef struct fastd_protocol_peer_state fastd_protocol_peer_state_t;
typedef struct fastd_method_session_state fastd_method_session_state_t;
-typedef struct fastd_cipher_context fastd_cipher_context_t;
typedef struct fastd_cipher_state fastd_cipher_state_t;
-
-typedef struct fastd_mac_context fastd_mac_context_t;
typedef struct fastd_mac_state fastd_mac_state_t;
#endif /* _FASTD_TYPES_H_ */