fastd/fastd
1
0
Fork 0
mirror of https://github.com/neocturne/fastd.git synced 2025-05-10 10:55:08 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto: allow passing algorithm-specific flags to crypto init functions

Browse source
This commit is contained in:
Matthias Schiffer 2020-09-28 22:52:14 +02:00
parent a96a1a1a03
commit a5d8a00bfd
Signed by: neocturne
GPG key ID: 16EF3F64CB201D9C
19 changed files with 65 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/crypto.h
View file

@ -30,8 +30,8 @@ struct fastd_cipher {
/**< Checks if the algorithm is available on the platform used. If NULL, the algorithm is always available. */ /**< Checks if the algorithm is available on the platform used. If NULL, the algorithm is always available. */
bool (*available)(void); bool (*available)(void);
/** Initializes a cipher context with the given key */ /** Initializes a cipher context with the given key and cipher-specific flags */
fastd_cipher_state_t *(*init)(const uint8_t *key); fastd_cipher_state_t *(*init)(const uint8_t *key, int flags);
/** Encrypts or decrypts data */ /** Encrypts or decrypts data */
bool (*crypt)( bool (*crypt)(
const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len,
@ -51,8 +51,8 @@ struct fastd_mac {
/**< Checks if the algorithm is available on the platform used. If NULL, the algorithm is always available. */ /**< Checks if the algorithm is available on the platform used. If NULL, the algorithm is always available. */
bool (*available)(void); bool (*available)(void);
/** Initializes a MAC context with the given key */ /** Initializes a MAC context with the given key and mac-specific flags */
fastd_mac_state_t *(*init)(const uint8_t *key); fastd_mac_state_t *(*init)(const uint8_t *key, int flags);
/** Computes the MAC of data blocks */ /** Computes the MAC of data blocks */
bool (*digest)( bool (*digest)(
const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t length); const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t length);

6
src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c
View file

@ -14,6 +14,8 @@
#include "../../../../alloc.h" #include "../../../../alloc.h"
#include "../../../../crypto.h" #include "../../../../crypto.h"
#include <assert.h>
#include <openssl/evp.h> #include <openssl/evp.h>
@ -24,7 +26,9 @@ struct fastd_cipher_state {
/** Initializes the cipher state */ /** Initializes the cipher state */
static fastd_cipher_state_t *aes128_ctr_init(const uint8_t *key) { static fastd_cipher_state_t *aes128_ctr_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t); fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t);
state->aes = EVP_CIPHER_CTX_new(); state->aes = EVP_CIPHER_CTX_new();

6
src/crypto/cipher/null/memcpy/null_memcpy.c
View file

@ -13,9 +13,13 @@
#include "../../../../crypto.h" #include "../../../../crypto.h"
#include <assert.h>
/** Doesn't do anything as the null cipher doesn't use any state */ /** Doesn't do anything as the null cipher doesn't use any state */
static fastd_cipher_state_t *null_init(UNUSED const uint8_t *key) { static fastd_cipher_state_t *null_init(UNUSED const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
return NULL; return NULL;
} }

6
src/crypto/cipher/salsa20/nacl/salsa20_nacl.c
View file

@ -20,6 +20,8 @@
#include <nacl/crypto_stream_salsa20.h> #include <nacl/crypto_stream_salsa20.h>
#endif #endif
#include <assert.h>
/** The cipher state */ /** The cipher state */
struct fastd_cipher_state { struct fastd_cipher_state {
@ -28,7 +30,9 @@ struct fastd_cipher_state {
/** Initializes the cipher state */ /** Initializes the cipher state */
static fastd_cipher_state_t *salsa20_init(const uint8_t *key) { static fastd_cipher_state_t *salsa20_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t); fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t);
memcpy(state->key, key, crypto_stream_salsa20_KEYBYTES); memcpy(state->key, key, crypto_stream_salsa20_KEYBYTES);

6
src/crypto/cipher/salsa20/xmm/salsa20_xmm.c
View file

@ -18,6 +18,8 @@
#include "../../../../cpuid.h" #include "../../../../cpuid.h"
#include "../../../../crypto.h" #include "../../../../crypto.h"
#include <assert.h>
/** The length of the key used by Salsa20 */ /** The length of the key used by Salsa20 */
#define KEYBYTES 32 #define KEYBYTES 32
@ -41,7 +43,9 @@ static bool salsa20_available(void) {
} }
/** Initializes the cipher state */ /** Initializes the cipher state */
static fastd_cipher_state_t *salsa20_init(const uint8_t *key) { static fastd_cipher_state_t *salsa20_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t); fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t);
memcpy(state->key, key, KEYBYTES); memcpy(state->key, key, KEYBYTES);

6
src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c
View file

@ -20,6 +20,8 @@
#include <nacl/crypto_stream_salsa2012.h> #include <nacl/crypto_stream_salsa2012.h>
#endif #endif
#include <assert.h>
/** The cipher state */ /** The cipher state */
struct fastd_cipher_state { struct fastd_cipher_state {
@ -28,7 +30,9 @@ struct fastd_cipher_state {
/** Initializes the cipher state */ /** Initializes the cipher state */
static fastd_cipher_state_t *salsa2012_init(const uint8_t *key) { static fastd_cipher_state_t *salsa2012_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t); fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t);
memcpy(state->key, key, crypto_stream_salsa2012_KEYBYTES); memcpy(state->key, key, crypto_stream_salsa2012_KEYBYTES);

6
src/crypto/cipher/salsa2012/xmm/salsa2012_xmm.c
View file

@ -18,6 +18,8 @@
#include "../../../../cpuid.h" #include "../../../../cpuid.h"
#include "../../../../crypto.h" #include "../../../../crypto.h"
#include <assert.h>
/** The length of the key used by Salsa20/12 */ /** The length of the key used by Salsa20/12 */
#define KEYBYTES 32 #define KEYBYTES 32
@ -41,7 +43,9 @@ static bool salsa2012_available(void) {
} }
/** Initializes the cipher state */ /** Initializes the cipher state */
static fastd_cipher_state_t *salsa2012_init(const uint8_t *key) { static fastd_cipher_state_t *salsa2012_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t); fastd_cipher_state_t *state = fastd_new(fastd_cipher_state_t);
memcpy(state->key, key, KEYBYTES); memcpy(state->key, key, KEYBYTES);

6
src/crypto/mac/ghash/builtin/ghash_builtin.c
View file

@ -14,6 +14,8 @@
#include "../../../../alloc.h" #include "../../../../alloc.h"
#include "../../../../crypto.h" #include "../../../../crypto.h"
#include <assert.h>
/** MAC state used by this GHASH implmentation */ /** MAC state used by this GHASH implmentation */
struct fastd_mac_state { struct fastd_mac_state {
@ -54,7 +56,9 @@ static inline void mulH_a(fastd_block128_t *x, const fastd_mac_state_t *cstate)
/** Initializes the MAC state with the unpacked key data */ /** Initializes the MAC state with the unpacked key data */
static fastd_mac_state_t *ghash_init(const uint8_t *key) { static fastd_mac_state_t *ghash_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_mac_state_t *state = fastd_new_aligned(fastd_mac_state_t, 16); fastd_mac_state_t *state = fastd_new_aligned(fastd_mac_state_t, 16);
fastd_block128_t Hbase[4]; fastd_block128_t Hbase[4];

2
src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h
View file

@ -16,7 +16,7 @@
#include "../../../../crypto.h" #include "../../../../crypto.h"
fastd_mac_state_t *fastd_ghash_pclmulqdq_init(const uint8_t *key); fastd_mac_state_t *fastd_ghash_pclmulqdq_init(const uint8_t *key, int flags);
bool fastd_ghash_pclmulqdq_digest( bool fastd_ghash_pclmulqdq_digest(
const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t length); const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t length);
void fastd_ghash_pclmulqdq_free(fastd_mac_state_t *state); void fastd_ghash_pclmulqdq_free(fastd_mac_state_t *state);

6
src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c
View file

@ -14,6 +14,8 @@
#include "../../../../alloc.h" #include "../../../../alloc.h"
#include "ghash_pclmulqdq.h" #include "ghash_pclmulqdq.h"
#include <assert.h>
#include <emmintrin.h> #include <emmintrin.h>
#include <tmmintrin.h> #include <tmmintrin.h>
#include <wmmintrin.h> #include <wmmintrin.h>
@ -59,7 +61,9 @@ static inline __m128i byteswap(__m128i v) {
/** Initializes the state used by this GHASH implementation */ /** Initializes the state used by this GHASH implementation */
fastd_mac_state_t *fastd_ghash_pclmulqdq_init(const uint8_t *key) { fastd_mac_state_t *fastd_ghash_pclmulqdq_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_mac_state_t *state = fastd_new_aligned(fastd_mac_state_t, 16); fastd_mac_state_t *state = fastd_new_aligned(fastd_mac_state_t, 16);
memcpy(&state->H, key, sizeof(__m128i)); memcpy(&state->H, key, sizeof(__m128i));

6
src/crypto/mac/uhash/builtin/uhash_builtin.c
View file

@ -16,6 +16,8 @@
#include "../../../../log.h" #include "../../../../log.h"
#include "../../../../util.h" #include "../../../../util.h"
#include <assert.h>
/** MAC state used by this UHASH implmentation */ /** MAC state used by this UHASH implmentation */
struct fastd_mac_state { struct fastd_mac_state {
@ -78,7 +80,9 @@ static inline uint64_t mod_p36(uint64_t a) {
/** Initializes the MAC state with the unpacked key data */ /** Initializes the MAC state with the unpacked key data */
static fastd_mac_state_t *uhash_init(const uint8_t *key) { static fastd_mac_state_t *uhash_init(const uint8_t *key, UNUSED int flags) {
assert(flags == 0);
fastd_mac_state_t *state = fastd_new(fastd_mac_state_t); fastd_mac_state_t *state = fastd_new(fastd_mac_state_t);
const uint32_t *key32 = (const uint32_t *)key; const uint32_t *key32 = (const uint32_t *)key;

2
src/methods/cipher_test/cipher_test.c
View file

@ -77,7 +77,7 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
fastd_method_common_init(&session->common, initiator); fastd_method_common_init(&session->common, initiator);
session->method = method; session->method = method;
session->cipher = fastd_cipher_get(method->cipher_info); session->cipher = fastd_cipher_get(method->cipher_info);
session->cipher_state = session->cipher->init(secret); session->cipher_state = session->cipher->init(secret, 0);
pr_warn("using cipher-test method; this method must be used for testing and benchmarks only"); pr_warn("using cipher-test method; this method must be used for testing and benchmarks only");

6
src/methods/composed_gmac/composed_gmac.c
View file

@ -120,10 +120,10 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
session->method = method; session->method = method;
session->cipher = fastd_cipher_get(method->cipher_info); session->cipher = fastd_cipher_get(method->cipher_info);
session->cipher_state = session->cipher->init(secret); session->cipher_state = session->cipher->init(secret, 0);
session->gmac_cipher = fastd_cipher_get(method->gmac_cipher_info); session->gmac_cipher = fastd_cipher_get(method->gmac_cipher_info);
session->gmac_cipher_state = session->gmac_cipher->init(secret + method->cipher_info->key_length); session->gmac_cipher_state = session->gmac_cipher->init(secret + method->cipher_info->key_length, 0);
fastd_block128_t H; fastd_block128_t H;
@ -141,7 +141,7 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
} }
session->ghash = fastd_mac_get(method->ghash_info); session->ghash = fastd_mac_get(method->ghash_info);
session->ghash_state = session->ghash->init(H.b); session->ghash_state = session->ghash->init(H.b, 0);
return session; return session;
} }

8
src/methods/composed_umac/composed_umac.c
View file

@ -114,14 +114,14 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
session->method = method; session->method = method;
session->cipher = fastd_cipher_get(method->cipher_info); session->cipher = fastd_cipher_get(method->cipher_info);
session->cipher_state = session->cipher->init(secret); session->cipher_state = session->cipher->init(secret, 0);
session->umac_cipher = fastd_cipher_get(method->umac_cipher_info); session->umac_cipher = fastd_cipher_get(method->umac_cipher_info);
session->umac_cipher_state = session->umac_cipher->init(secret + method->cipher_info->key_length); session->umac_cipher_state = session->umac_cipher->init(secret + method->cipher_info->key_length, 0);
session->uhash = fastd_mac_get(method->uhash_info); session->uhash = fastd_mac_get(method->uhash_info);
session->uhash_state = session->uhash_state = session->uhash->init(
session->uhash->init(secret + method->cipher_info->key_length + method->umac_cipher_info->key_length); secret + method->cipher_info->key_length + method->umac_cipher_info->key_length, 0);
return session; return session;
} }

4
src/methods/generic_gmac/generic_gmac.c
View file

@ -95,7 +95,7 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
session->method = method; session->method = method;
session->cipher = fastd_cipher_get(method->cipher_info); session->cipher = fastd_cipher_get(method->cipher_info);
session->cipher_state = session->cipher->init(secret); session->cipher_state = session->cipher->init(secret, 0);
static const fastd_block128_t zeroblock = {}; static const fastd_block128_t zeroblock = {};
fastd_block128_t H; fastd_block128_t H;
@ -111,7 +111,7 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
} }
session->ghash = fastd_mac_get(method->ghash_info); session->ghash = fastd_mac_get(method->ghash_info);
session->ghash_state = session->ghash->init(H.b); session->ghash_state = session->ghash->init(H.b, 0);
return session; return session;
} }

2
src/methods/generic_poly1305/generic_poly1305.c
View file

@ -93,7 +93,7 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
fastd_method_common_init(&session->common, initiator); fastd_method_common_init(&session->common, initiator);
session->method = method; session->method = method;
session->cipher = fastd_cipher_get(session->method->cipher_info); session->cipher = fastd_cipher_get(session->method->cipher_info);
session->cipher_state = session->cipher->init(secret); session->cipher_state = session->cipher->init(secret, 0);
return session; return session;
} }

4
src/methods/generic_umac/generic_umac.c
View file

@ -88,10 +88,10 @@ method_session_init(const fastd_method_t *method, const uint8_t *secret, bool in
session->method = method; session->method = method;
session->cipher = fastd_cipher_get(method->cipher_info); session->cipher = fastd_cipher_get(method->cipher_info);
session->cipher_state = session->cipher->init(secret); session->cipher_state = session->cipher->init(secret, 0);
session->uhash = fastd_mac_get(method->uhash_info); session->uhash = fastd_mac_get(method->uhash_info);
session->uhash_state = session->uhash->init(secret + method->cipher_info->key_length); session->uhash_state = session->uhash->init(secret + method->cipher_info->key_length, 0);
return session; return session;
} }

2
test/benchmark-uhash.c
View file

@ -47,7 +47,7 @@ int main(void) {
return 77; return 77;
} }
fastd_mac_state_t *mac_state = fastd_mac_uhash_builtin.init(key); fastd_mac_state_t *mac_state = fastd_mac_uhash_builtin.init(key, 0);
run_benchmark(mac_state, 100000000, 20); run_benchmark(mac_state, 100000000, 20);
run_benchmark(mac_state, 100000000, 100); run_benchmark(mac_state, 100000000, 100);

2
test/test-uhash.c
View file

@ -16,7 +16,7 @@
#include <cmocka.h> #include <cmocka.h>
static int setup(void **state) { static int setup(void **state) {
fastd_mac_state_t *mac_state = fastd_mac_uhash_builtin.init(key); fastd_mac_state_t *mac_state = fastd_mac_uhash_builtin.init(key, 0);
*state = mac_state; *state = mac_state;
return 0; return 0;
} }