md5.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* Cleaned-up and optimized version of MD5, based on the reference
* implementation provided in RFC 1321. See RSA Copyright information
* below.
*
* NOTE: All compiler data was gathered with SC4.2, and verified with SC5.x,
* as used to build Solaris 2.7. Hopefully the compiler behavior won't
* change for the worse in subsequent Solaris builds.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
*/
/*
* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
* rights reserved.
*
* License to copy and use this software is granted provided that it
* is identified as the "RSA Data Security, Inc. MD5 Message-Digest
* Algorithm" in all material mentioning or referencing this software
* or this function.
*
* License is also granted to make and use derivative works provided
* that such works are identified as "derived from the RSA Data
* Security, Inc. MD5 Message-Digest Algorithm" in all material
* mentioning or referencing the derived work.
*
* RSA Data Security, Inc. makes no representations concerning either
* the merchantability of this software or the suitability of this
* software for any particular purpose. It is provided "as is"
* without express or implied warranty of any kind.
*
* These notices must be retained in any copies of any part of this
*/
#include <strings.h>
#endif /* !_KERNEL || _BOOT */
/*
* In kernel module, the md5 module is created with two modlinkages:
* - a modlmisc that allows consumers to directly call the entry points
* MD5Init, MD5Update, and MD5Final.
* - a modlcrypto that allows the module to register with the Kernel
* Cryptographic Framework (KCF) as a software provider for the MD5
* mechanisms.
*/
#include <sys/sysmacros.h>
extern struct mod_ops mod_miscops;
extern struct mod_ops mod_cryptoops;
/*
* Module linkage information for the kernel.
*/
"MD5 Message-Digest Algorithm"
};
static struct modlcrypto modlcrypto = {
"MD5 Kernel SW Provider %I%"
};
static struct modlinkage modlinkage = {
(void *)&modlmisc,
(void *)&modlcrypto,
};
/*
* CSPI information (entry points, provider info, etc.)
*/
typedef enum md5_mech_type {
MD5_MECH_INFO_TYPE, /* SUN_CKM_MD5 */
MD5_HMAC_MECH_INFO_TYPE, /* SUN_CKM_MD5_HMAC */
MD5_HMAC_GEN_MECH_INFO_TYPE /* SUN_CKM_MD5_HMAC_GENERAL */
/*
* Context for MD5 mechanism.
*/
typedef struct md5_ctx {
} md5_ctx_t;
/*
* Context for MD5-HMAC and MD5-HMAC-GENERAL mechanisms.
*/
typedef struct md5_hmac_ctx {
/*
* Macros to access the MD5 or MD5-HMAC contexts from a context passed
* by KCF to one of the entry points.
*/
/* to extract the digest length passed as mechanism parameter */
#define PROV_MD5_GET_DIGEST_LEN(m, len) { \
else { \
} \
}
}
/*
* Mechanism info structure passed to KCF during registration.
*/
static crypto_mech_info_t md5_mech_info_tab[] = {
/* MD5 */
0, 0, CRYPTO_KEYSIZE_UNIT_IN_BITS},
/* MD5-HMAC */
/* MD5-HMAC GENERAL */
};
static crypto_control_ops_t md5_control_ops = {
};
static crypto_digest_ops_t md5_digest_ops = {
NULL,
};
static crypto_mac_ops_t md5_mac_ops = {
NULL,
};
static int md5_create_ctx_template(crypto_provider_handle_t,
static int md5_free_context(crypto_ctx_t *);
static crypto_ctx_ops_t md5_ctx_ops = {
};
static crypto_ops_t md5_crypto_ops = {
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
};
static crypto_provider_info_t md5_prov_info = {
"MD5 Software Provider",
{&modlinkage},
NULL,
sizeof (md5_mech_info_tab)/sizeof (crypto_mech_info_t),
};
int
_init(void)
{
int ret;
return (ret);
/*
* Register with KCF. If the registration fails, log an
* error but do not uninstall the module, since the functionality
*/
&md5_prov_handle)) != CRYPTO_SUCCESS)
"crypto_register_provider() failed (0x%x)", ret);
return (0);
}
int
_fini(void)
{
int ret;
/*
* Unregister from KCF if previous registration succeeded.
*/
if (md5_prov_handle != NULL) {
"crypto_unregister_provider() failed (0x%x)", ret);
return (EBUSY);
}
}
return (mod_remove(&modlinkage));
}
int
{
}
#endif /* _KERNEL && !_BOOT */
const uint8_t [64]);
/*
* F, G, H and I are the basic MD5 functions.
*/
#define F(b, c, d) (((b) & (c)) | ((~b) & (d)))
#define G(b, c, d) (((b) & (d)) | ((c) & (~d)))
#define H(b, c, d) ((b) ^ (c) ^ (d))
#define I(b, c, d) ((c) ^ ((b) | (~d)))
/*
* ROTATE_LEFT rotates x left n bits.
*/
#define ROTATE_LEFT(x, n) \
(((x) << (n)) | ((x) >> ((sizeof (x) << 3) - (n))))
/*
* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
* Rotation is separate from addition to prevent recomputation.
*/
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
/*
* Loading 32-bit constants on a RISC is expensive since it involves both a
* `sethi' and an `or'. thus, we instead have the compiler generate `ld's to
* load the constants from an array called `md5_consts'. however, on intel
* (and other CISC processors), it is cheaper to load the constant
* directly. thus, the c code in MD5Transform() uses the macro MD5_CONST()
* which either expands to a constant or an array reference, depending on the
* architecture the code is being compiled for.
*
* Right now, i386 and amd64 are the CISC exceptions.
* If we get another CISC ISA, we'll have to change the ifdef.
*/
#define MD5_CONST(x) (MD5_CONST_ ## x)
#else
/*
*
* while it is somewhat counter-intuitive, on sparc (and presumably other RISC
* machines), it is more efficient to place all the constants used in this
* function in an array and load the values out of the array than to manually
* load the constants. this is because setting a register to a 32-bit value
* takes two ops in most cases: a `sethi' and an `or', but loading a 32-bit
* value from memory only takes one `ld' (or `lduw' on v9). while this
* increases memory usage, the compiler can find enough other things to do
* while waiting to keep the pipeline does not stall. additionally, it is
* likely that many of these constants are cached so that later accesses do
* not even go out to the bus.
*
* this array is declared `static' to keep the compiler from having to
* bcopy() this array onto the stack frame of MD5Transform() each time it is
* called -- which is unacceptably expensive.
*
* the `const' is to ensure that callers are good citizens and do not try to
* munge the array. since these routines are going to be called from inside
* multithreaded kernelland, this is a good safety check. -- `constants' will
* end up in .rodata.
*
* unfortunately, loading from an array in this manner hurts performance under
* intel (and presumably other CISC machines). so, there is a macro,
* MD5_CONST(), used in MD5Transform(), that either expands to a reference to
* this array, or to the actual constant, depending on what platform this code
* is compiled for.
*/
static const uint32_t md5_consts[] = {
};
#define MD5_CONST(x) (md5_consts[x])
#endif
/*
* MD5Init()
*
* purpose: initializes the md5 context and begins and md5 digest operation
* input: MD5_CTX * : the context to initialize.
* output: void
*/
void
{
/* load magic initialization constants */
}
/*
* MD5Update()
*
* purpose: continues an md5 digest operation, using the message block
* to update the context.
* input: MD5_CTX * : the context to update
* uint8_t * : the message block
* uint32_t : the length of the message block in bytes
* output: void
*
* MD5 crunches in 64-byte blocks. All numeric constants here are related to
* that property of MD5.
*/
void
{
/* compute (number of bytes computed so far) mod 64 */
/* update number of bits hashed into this MD5 computation so far */
/* transform as many times as possible */
i = 0;
/*
* general optimization:
*
* only do initial bcopy() and MD5Transform() if
* buf_index != 0. if buf_index == 0, we're just
* wasting our time doing the bcopy() since there
* wasn't any data left over from a previous call to
* MD5Update().
*/
if (buf_index) {
i = buf_len;
}
/*
* general optimization:
*
* if i and input_len are the same, return now instead
* of calling bcopy(), since the bcopy() in this
* case will be an expensive nop.
*/
if (input_len == i)
return;
buf_index = 0;
}
/* buffer remaining input */
}
/*
* MD5Final()
*
* purpose: ends an md5 digest operation, finalizing the message digest and
* zeroing the context.
* input: uint8_t * : a buffer to store the digest in
* MD5_CTX * : the context to finalize, save, and zero
* output: void
*/
void
{
/* store bit count, little endian */
/* pad out to 56 mod 64 */
/* append length (before padding) */
/* store state in digest */
}
#ifndef _KERNEL
void
{
}
#endif /* !_KERNEL */
/*
* Little-endian optimization: I don't need to do any weirdness. On
* some little-endian boxen, I'll have to do alignment checks, but I can do
* that below.
*/
#ifdef _LITTLE_ENDIAN
/*
* i386 and amd64 don't require aligned 4-byte loads. The symbol
* _MD5_CHECK_ALIGNMENT indicates below whether the MD5Transform function
* requires alignment checking.
*/
#define _MD5_CHECK_ALIGNMENT
#endif /* !__i386 && !__amd64 */
/*
*
* the compiler doesn't have direct support for little endian, we
* link to an assembly-language routine `load_little_32' to do
* the magic. note that special care must be taken to ensure the
* address is 32-bit aligned -- in the interest of speed, we don't
* check to make sure, since careful programming can guarantee this
* for us.
*/
/* Define alignment check because we can 4-byte load as little endian. */
#define _MD5_CHECK_ALIGNMENT
/* Placate lint */
#if defined(__lint)
{
return (*addr);
}
#endif
#else /* big endian -- will work on little endian, but slowly */
/* Since we do byte operations, we don't have to check for alignment. */
#define LOAD_LITTLE_32(addr) \
#endif
/*
* sparc register window optimization:
*
* `a', `b', `c', and `d' are passed into MD5Transform explicitly
* since it increases the number of registers available to the
* compiler. under this scheme, these variables can be held in
* %i0 - %i3, which leaves more local and out registers available.
*/
/*
* MD5Transform()
*
* purpose: md5 transformation -- updates the digest based on `block'
* input: uint32_t : bytes 1 - 4 of the digest
* uint32_t : bytes 5 - 8 of the digest
* uint32_t : bytes 9 - 12 of the digest
* uint32_t : bytes 12 - 16 of the digest
* MD5_CTX * : the context to update
* uint8_t [64]: the block to use to update the digest
* output: void
*/
static void
{
/*
* general optimization:
*
* use individual integers instead of using an array. this is a
* win, although the amount it wins by seems to vary quite a bit.
*/
/*
* general optimization:
*
* the compiler (at least SC4.2/5.x) generates better code if
* variable use is localized. in this case, swapping the integers in
* this order allows `x_0 'to be swapped nearest to its first use in
* FF(), and likewise for `x_1' and up. note that the compiler
* prefers this to doing each swap right before the FF() that
* uses it.
*/
/*
*
* if `block' is already aligned on a 4-byte boundary, use the
* optimized load_little_32() directly. otherwise, bcopy()
* into a buffer that *is* aligned on a 4-byte boundary and
* then do the load_little_32() on that buffer. benchmarks
* have shown that using the bcopy() is better than loading
* the bytes individually and doing the endian-swap by hand.
*
* even though it's quite tempting to assign to do:
*
* blk = bcopy(blk, ctx->buf_un.buf32, sizeof (ctx->buf_un.buf32));
*
* and only have one set of LOAD_LITTLE_32()'s, the compiler (at least
* SC4.2/5.x) *does not* like that, so please resist the urge.
*/
#ifdef _MD5_CHECK_ALIGNMENT
} else
#endif
{
}
/* round 1 */
/* round 2 */
/* round 3 */
/* round 4 */
/*
* zeroize sensitive information -- compiler will optimize
* this out if everything is kept in registers
*/
}
/*
* devpro compiler optimization:
*
* the compiler can generate better code if it knows that `input' and
* `output' do not point to the same source. there is no portable
* way to tell the compiler this, but the devpro compiler recognizes the
* `_Restrict' keyword to indicate this condition. use it if possible.
*/
#if defined(__RESTRICT) && !defined(__GNUC__)
#define restrict _Restrict
#else
#define restrict /* nothing */
#endif
/*
* Encode()
*
* purpose: to convert a list of numbers from big endian to little endian
* input: uint8_t * : place to store the converted little endian numbers
* uint32_t * : place to get numbers to convert from
* size_t : the length of the input in bytes
* output: void
*/
static void
{
size_t i, j;
#ifdef _LITTLE_ENDIAN
#ifdef _MD5_CHECK_ALIGNMENT
#else
#endif /* _MD5_CHECK_ALIGNMENT */
#else /* big endian -- will work on little endian, but slowly */
#endif
}
}
/*
* KCF software provider control entry points.
*/
/* ARGSUSED */
static void
{
}
/*
* KCF software provider digest entry points.
*/
static int
{
return (CRYPTO_MECHANISM_INVALID);
/*
* Allocate and initialize MD5 context.
*/
crypto_kmflag(req));
return (CRYPTO_HOST_MEMORY);
return (CRYPTO_SUCCESS);
}
/*
* Helper MD5 digest update function for uio data.
*/
static int
{
/* we support only kernel buffer */
return (CRYPTO_ARGUMENTS_BAD);
/*
* Jump to the first iovec containing data to be
* digested.
*/
/*
* The caller specified an offset that is larger than the
* total size of the buffers it provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
/*
* Now do the digesting on the iovecs.
*/
vec_idx++;
offset = 0;
}
/*
* The end of the specified iovec's was reached but
* the length requested could not be processed, i.e.
* The caller requested to digest more data than it provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
return (CRYPTO_SUCCESS);
}
/*
* Helper MD5 digest final function for uio data.
* digest_len is the length of the desired digest. If digest_len
* is smaller than the default MD5 digest length, the caller
* must pass a scratch buffer, digest_scratch, which must
* be at least MD5_DIGEST_LENGTH bytes.
*/
static int
{
/* we support only kernel buffer */
return (CRYPTO_ARGUMENTS_BAD);
/*
* Jump to the first iovec containing ptr to the digest to
* be returned.
*/
/*
* The caller specified an offset that is
* larger than the total size of the buffers
* it provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
if (offset + digest_len <=
/*
* The computed MD5 digest will fit in the current
* iovec.
*/
if (digest_len != MD5_DIGEST_LENGTH) {
/*
* The caller requested a short digest. Digest
* into a scratch buffer and return to
* the user only what was requested.
*/
} else {
md5_ctx);
}
} else {
/*
* The computed digest will be crossing one or more iovec's.
* This is bad performance-wise but we need to support it.
* Allocate a small scratch buffer on the stack and
* copy it piece meal to the specified digest iovec's.
*/
off_t scratch_offset = 0;
cur_len);
vec_idx++;
offset = 0;
}
/*
* The end of the specified iovec's was reached but
* the length requested could not be processed, i.e.
* The caller requested to digest more data than it
* provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
}
return (CRYPTO_SUCCESS);
}
/*
* Helper MD5 digest update for mblk's.
*/
static int
{
/*
* Jump to the first mblk_t containing data to be digested.
*/
/*
* The caller specified an offset that is larger than the
* total size of the buffers it provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
/*
* Now do the digesting on the mblk chain.
*/
offset = 0;
}
/*
* The end of the mblk was reached but the length requested
* could not be processed, i.e. The caller requested
* to digest more data than it provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
return (CRYPTO_SUCCESS);
}
/*
* Helper MD5 digest final for mblk's.
* digest_len is the length of the desired digest. If digest_len
* is smaller than the default MD5 digest length, the caller
* must pass a scratch buffer, digest_scratch, which must
* be at least MD5_DIGEST_LENGTH bytes.
*/
static int
{
/*
* Jump to the first mblk_t that will be used to store the digest.
*/
/*
* The caller specified an offset that is larger than the
* total size of the buffers it provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
/*
* The computed MD5 digest will fit in the current mblk.
* Do the MD5Final() in-place.
*/
if (digest_len != MD5_DIGEST_LENGTH) {
/*
* The caller requested a short digest. Digest
* into a scratch buffer and return to
* the user only what was requested.
*/
} else {
}
} else {
/*
* The computed digest will be crossing one or more mblk's.
* This is bad performance-wise but we need to support it.
* Allocate a small scratch buffer on the stack and
* copy it piece meal to the specified digest iovec's.
*/
off_t scratch_offset = 0;
offset = 0;
}
/*
* The end of the specified mblk was reached but
* the length requested could not be processed, i.e.
* The caller requested to digest more data than it
* provided.
*/
return (CRYPTO_DATA_LEN_RANGE);
}
}
return (CRYPTO_SUCCESS);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
/*
* We need to just return the length needed to store the output.
* We should not destroy the context for the following cases.
*/
return (CRYPTO_BUFFER_TOO_SMALL);
}
/*
* Do the MD5 update on the specified input data.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
data);
break;
case CRYPTO_DATA_MBLK:
data);
break;
default:
}
if (ret != CRYPTO_SUCCESS) {
/* the update failed, free context and bail */
return (ret);
}
/*
* Do an MD5 final, must be done separately since the digest
* type can be different than the input data type.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
break;
case CRYPTO_DATA_MBLK:
break;
default:
}
/* all done, free context and return */
if (ret == CRYPTO_SUCCESS) {
} else {
}
return (ret);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
/*
* Do the MD5 update on the specified input data.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
data);
break;
case CRYPTO_DATA_MBLK:
data);
break;
default:
}
return (ret);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
/*
* We need to just return the length needed to store the output.
* We should not destroy the context for the following cases.
*/
return (CRYPTO_BUFFER_TOO_SMALL);
}
/*
* Do an MD5 final.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
break;
case CRYPTO_DATA_MBLK:
break;
default:
}
/* all done, free context and return */
if (ret == CRYPTO_SUCCESS) {
} else {
}
return (ret);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
return (CRYPTO_MECHANISM_INVALID);
/*
* Do the MD5 init.
*/
/*
* Do the MD5 update on the specified input data.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
break;
case CRYPTO_DATA_MBLK:
break;
default:
}
if (ret != CRYPTO_SUCCESS) {
/* the update failed, bail */
return (ret);
}
/*
* Do an MD5 final, must be done separately since the digest
* type can be different than the input data type.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
break;
case CRYPTO_DATA_MBLK:
break;
default:
}
if (ret == CRYPTO_SUCCESS) {
} else {
}
return (ret);
}
/*
* KCF software provider mac entry points.
*
* MD5 HMAC is: MD5(key XOR opad, MD5(key XOR ipad, text))
*
* Init:
* The initialization routine initializes what we denote
* as the inner and outer contexts by doing
* - for inner context: MD5(key XOR ipad)
* - for outer context: MD5(key XOR opad)
*
* Update:
* Each subsequent MD5 HMAC update will result in an
* update of the inner context with the specified data.
*
* Final:
* The MD5 HMAC final will do a MD5 final operation on the
* inner context, and the resulting digest will be used
* as the data for an update on the outer context. Last
* but not least, an MD5 final on the outer context will
* be performed to obtain the MD5 HMAC digest to return
* to the user.
*/
/*
* Initialize a MD5-HMAC context.
*/
static void
{
uint_t i;
/* XOR key with ipad (0x36) and opad (0x5c) */
for (i = 0; i < MD5_HMAC_INTS_PER_BLOCK; i++) {
ipad[i] ^= 0x36363636;
opad[i] ^= 0x5c5c5c5c;
}
/* perform MD5 on ipad */
/* perform MD5 on opad */
}
/*
* Initializes a multi-part MAC operation.
*/
static int
{
int ret = CRYPTO_SUCCESS;
return (CRYPTO_MECHANISM_INVALID);
/* Add support for key by attributes (RFE 4706552) */
return (CRYPTO_ARGUMENTS_BAD);
crypto_kmflag(req));
return (CRYPTO_HOST_MEMORY);
if (ctx_template != NULL) {
/* reuse context template */
sizeof (md5_hmac_ctx_t));
} else {
/* no context template, compute context */
if (keylen_in_bytes > MD5_HMAC_BLOCK_SIZE) {
/*
* Hash the passed-in key to get a smaller key.
* The inner context is used since it hasn't been
* initialized yet.
*/
} else {
}
}
/*
* Get the mechanism parameters, if applicable.
*/
}
if (ret != CRYPTO_SUCCESS) {
}
return (ret);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
/*
* Do an MD5 update of the inner context using the specified
* data.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO:
break;
case CRYPTO_DATA_MBLK:
break;
default:
}
return (ret);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
/*
* We need to just return the length needed to store the output.
* We should not destroy the context for the following cases.
*/
return (CRYPTO_BUFFER_TOO_SMALL);
}
/*
* Do an MD5 final on the inner context.
*/
/*
* Do an MD5 update on the outer context, feeding the inner
* digest as data.
*/
/*
* Do an MD5 final on the outer context, storing the computing
* digest in the users buffer.
*/
case CRYPTO_DATA_RAW:
if (digest_len != MD5_DIGEST_LENGTH) {
/*
* The caller requested a short digest. Digest
* into a scratch buffer and return to
* the user only what was requested.
*/
} else {
}
break;
case CRYPTO_DATA_UIO:
digest_len, digest);
break;
case CRYPTO_DATA_MBLK:
digest_len, digest);
break;
default:
}
if (ret == CRYPTO_SUCCESS) {
} else {
}
return (ret);
}
case CRYPTO_DATA_RAW: \
break; \
case CRYPTO_DATA_UIO: \
break; \
case CRYPTO_DATA_MBLK: \
data); \
break; \
default: \
ret = CRYPTO_ARGUMENTS_BAD; \
} \
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
return (CRYPTO_MECHANISM_INVALID);
/* Add support for key by attributes (RFE 4706552) */
return (CRYPTO_ARGUMENTS_BAD);
if (ctx_template != NULL) {
/* reuse context template */
} else {
/* no context template, compute context */
if (keylen_in_bytes > MD5_HMAC_BLOCK_SIZE) {
/*
* Hash the passed-in key to get a smaller key.
* The inner context is used since it hasn't been
* initialized yet.
*/
} else {
}
}
/*
* Get the mechanism parameters, if applicable.
*/
goto bail;
}
if (digest_len > MD5_DIGEST_LENGTH) {
goto bail;
}
}
/* do an MD5 update of the inner context using the specified data */
if (ret != CRYPTO_SUCCESS)
/* the update failed, free context and bail */
goto bail;
/* do an MD5 final on the inner context */
/*
* Do an MD5 update on the outer context, feeding the inner
* digest as data.
*/
/*
* Do an MD5 final on the outer context, storing the computed
* digest in the users buffer.
*/
case CRYPTO_DATA_RAW:
if (digest_len != MD5_DIGEST_LENGTH) {
/*
* The caller requested a short digest. Digest
* into a scratch buffer and return to
* the user only what was requested.
*/
} else {
}
break;
case CRYPTO_DATA_UIO:
digest_len, digest);
break;
case CRYPTO_DATA_MBLK:
digest_len, digest);
break;
default:
}
if (ret == CRYPTO_SUCCESS) {
} else {
}
/* Extra paranoia: zeroizing the local context on the stack */
return (ret);
bail:
return (ret);
}
/* ARGSUSED */
static int
{
int ret = CRYPTO_SUCCESS;
return (CRYPTO_MECHANISM_INVALID);
/* Add support for key by attributes (RFE 4706552) */
return (CRYPTO_ARGUMENTS_BAD);
if (ctx_template != NULL) {
/* reuse context template */
} else {
/* no context template, compute context */
if (keylen_in_bytes > MD5_HMAC_BLOCK_SIZE) {
/*
* Hash the passed-in key to get a smaller key.
* The inner context is used since it hasn't been
* initialized yet.
*/
} else {
}
}
/*
* Get the mechanism parameters, if applicable.
*/
goto bail;
}
if (digest_len > MD5_DIGEST_LENGTH) {
goto bail;
}
}
goto bail;
}
/* do an MD5 update of the inner context using the specified data */
if (ret != CRYPTO_SUCCESS)
/* the update failed, free context and bail */
goto bail;
/* do an MD5 final on the inner context */
/*
* Do an MD5 update on the outer context, feeding the inner
* digest as data.
*/
/*
* Do an MD5 final on the outer context, storing the computed
* digest in the local digest buffer.
*/
/*
* Compare the computed digest against the expected digest passed
* as argument.
*/
case CRYPTO_DATA_RAW:
break;
case CRYPTO_DATA_UIO: {
off_t scratch_offset = 0;
/* we support only kernel buffer */
return (CRYPTO_ARGUMENTS_BAD);
/* jump to the first iovec containing the expected digest */
for (vec_idx = 0;
/*
* The caller specified an offset that is
* larger than the total size of the buffers
* it provided.
*/
break;
}
/* do the comparison of computed digest vs specified one */
cur_len) != 0) {
break;
}
vec_idx++;
offset = 0;
}
break;
}
case CRYPTO_DATA_MBLK: {
off_t scratch_offset = 0;
/* jump to the first mblk_t containing the expected digest */
/*
* The caller specified an offset that is larger than
* the total size of the buffers it provided.
*/
break;
}
break;
}
offset = 0;
}
break;
}
default:
}
return (ret);
bail:
return (ret);
}
/*
* KCF software provider context management entry points.
*/
/* ARGSUSED */
static int
{
return (CRYPTO_MECHANISM_INVALID);
/* Add support for key by attributes (RFE 4706552) */
return (CRYPTO_ARGUMENTS_BAD);
/*
* Allocate and initialize MD5 context.
*/
crypto_kmflag(req));
if (md5_hmac_ctx_tmpl == NULL)
return (CRYPTO_HOST_MEMORY);
if (keylen_in_bytes > MD5_HMAC_BLOCK_SIZE) {
/*
* Hash the passed-in key to get a smaller key.
* The inner context is used since it hasn't been
* initialized yet.
*/
} else {
}
*ctx_template_size = sizeof (md5_hmac_ctx_t);
return (CRYPTO_SUCCESS);
}
static int
{
return (CRYPTO_SUCCESS);
/*
* We have to free either MD5 or MD5-HMAC contexts, which
* have different lengths.
*/
if (mech_type == MD5_MECH_INFO_TYPE)
else {
ctx_len = sizeof (md5_hmac_ctx_t);
}
return (CRYPTO_SUCCESS);
}
#endif /* _KERNEL && !_BOOT */