28#include "opt_kern_tls.h"
35#include <sys/malloc.h>
37#include <opencrypto/cryptodev.h>
38#include <opencrypto/xform.h>
68#define S_TLS_KEYCTX_TX_WR_DUALCK 12
69#define M_TLS_KEYCTX_TX_WR_DUALCK 0x1
70#define V_TLS_KEYCTX_TX_WR_DUALCK(x) ((x) << S_TLS_KEYCTX_TX_WR_DUALCK)
71#define G_TLS_KEYCTX_TX_WR_DUALCK(x) \
72 (((x) >> S_TLS_KEYCTX_TX_WR_DUALCK) & M_TLS_KEYCTX_TX_WR_DUALCK)
73#define F_TLS_KEYCTX_TX_WR_DUALCK V_TLS_KEYCTX_TX_WR_DUALCK(1U)
75#define S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 11
76#define M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT 0x1
77#define V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
78 ((x) << S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
79#define G_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x) \
80 (((x) >> S_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT) & \
81 M_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT)
82#define F_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT \
83 V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(1U)
85#define S_TLS_KEYCTX_TX_WR_SALT_PRESENT 10
86#define M_TLS_KEYCTX_TX_WR_SALT_PRESENT 0x1
87#define V_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
88 ((x) << S_TLS_KEYCTX_TX_WR_SALT_PRESENT)
89#define G_TLS_KEYCTX_TX_WR_SALT_PRESENT(x) \
90 (((x) >> S_TLS_KEYCTX_TX_WR_SALT_PRESENT) & \
91 M_TLS_KEYCTX_TX_WR_SALT_PRESENT)
92#define F_TLS_KEYCTX_TX_WR_SALT_PRESENT \
93 V_TLS_KEYCTX_TX_WR_SALT_PRESENT(1U)
95#define S_TLS_KEYCTX_TX_WR_TXCK_SIZE 6
96#define M_TLS_KEYCTX_TX_WR_TXCK_SIZE 0xf
97#define V_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
98 ((x) << S_TLS_KEYCTX_TX_WR_TXCK_SIZE)
99#define G_TLS_KEYCTX_TX_WR_TXCK_SIZE(x) \
100 (((x) >> S_TLS_KEYCTX_TX_WR_TXCK_SIZE) & \
101 M_TLS_KEYCTX_TX_WR_TXCK_SIZE)
103#define S_TLS_KEYCTX_TX_WR_TXMK_SIZE 2
104#define M_TLS_KEYCTX_TX_WR_TXMK_SIZE 0xf
105#define V_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
106 ((x) << S_TLS_KEYCTX_TX_WR_TXMK_SIZE)
107#define G_TLS_KEYCTX_TX_WR_TXMK_SIZE(x) \
108 (((x) >> S_TLS_KEYCTX_TX_WR_TXMK_SIZE) & \
109 M_TLS_KEYCTX_TX_WR_TXMK_SIZE)
111#define S_TLS_KEYCTX_TX_WR_TXVALID 0
112#define M_TLS_KEYCTX_TX_WR_TXVALID 0x1
113#define V_TLS_KEYCTX_TX_WR_TXVALID(x) \
114 ((x) << S_TLS_KEYCTX_TX_WR_TXVALID)
115#define G_TLS_KEYCTX_TX_WR_TXVALID(x) \
116 (((x) >> S_TLS_KEYCTX_TX_WR_TXVALID) & M_TLS_KEYCTX_TX_WR_TXVALID)
117#define F_TLS_KEYCTX_TX_WR_TXVALID V_TLS_KEYCTX_TX_WR_TXVALID(1U)
119#define S_TLS_KEYCTX_TX_WR_FLITCNT 3
120#define M_TLS_KEYCTX_TX_WR_FLITCNT 0x1f
121#define V_TLS_KEYCTX_TX_WR_FLITCNT(x) \
122 ((x) << S_TLS_KEYCTX_TX_WR_FLITCNT)
123#define G_TLS_KEYCTX_TX_WR_FLITCNT(x) \
124 (((x) >> S_TLS_KEYCTX_TX_WR_FLITCNT) & M_TLS_KEYCTX_TX_WR_FLITCNT)
126#define S_TLS_KEYCTX_TX_WR_HMACCTRL 0
127#define M_TLS_KEYCTX_TX_WR_HMACCTRL 0x7
128#define V_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
129 ((x) << S_TLS_KEYCTX_TX_WR_HMACCTRL)
130#define G_TLS_KEYCTX_TX_WR_HMACCTRL(x) \
131 (((x) >> S_TLS_KEYCTX_TX_WR_HMACCTRL) & M_TLS_KEYCTX_TX_WR_HMACCTRL)
133#define S_TLS_KEYCTX_TX_WR_PROTOVER 4
134#define M_TLS_KEYCTX_TX_WR_PROTOVER 0xf
135#define V_TLS_KEYCTX_TX_WR_PROTOVER(x) \
136 ((x) << S_TLS_KEYCTX_TX_WR_PROTOVER)
137#define G_TLS_KEYCTX_TX_WR_PROTOVER(x) \
138 (((x) >> S_TLS_KEYCTX_TX_WR_PROTOVER) & M_TLS_KEYCTX_TX_WR_PROTOVER)
140#define S_TLS_KEYCTX_TX_WR_CIPHMODE 0
141#define M_TLS_KEYCTX_TX_WR_CIPHMODE 0xf
142#define V_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
143 ((x) << S_TLS_KEYCTX_TX_WR_CIPHMODE)
144#define G_TLS_KEYCTX_TX_WR_CIPHMODE(x) \
145 (((x) >> S_TLS_KEYCTX_TX_WR_CIPHMODE) & M_TLS_KEYCTX_TX_WR_CIPHMODE)
147#define S_TLS_KEYCTX_TX_WR_AUTHMODE 4
148#define M_TLS_KEYCTX_TX_WR_AUTHMODE 0xf
149#define V_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
150 ((x) << S_TLS_KEYCTX_TX_WR_AUTHMODE)
151#define G_TLS_KEYCTX_TX_WR_AUTHMODE(x) \
152 (((x) >> S_TLS_KEYCTX_TX_WR_AUTHMODE) & M_TLS_KEYCTX_TX_WR_AUTHMODE)
154#define S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 3
155#define M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL 0x1
156#define V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
157 ((x) << S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
158#define G_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x) \
159 (((x) >> S_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL) & \
160 M_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL)
161#define F_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL \
162 V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(1U)
164#define S_TLS_KEYCTX_TX_WR_SEQNUMCTRL 1
165#define M_TLS_KEYCTX_TX_WR_SEQNUMCTRL 0x3
166#define V_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
167 ((x) << S_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
168#define G_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x) \
169 (((x) >> S_TLS_KEYCTX_TX_WR_SEQNUMCTRL) & \
170 M_TLS_KEYCTX_TX_WR_SEQNUMCTRL)
172#define S_TLS_KEYCTX_TX_WR_RXVALID 0
173#define M_TLS_KEYCTX_TX_WR_RXVALID 0x1
174#define V_TLS_KEYCTX_TX_WR_RXVALID(x) \
175 ((x) << S_TLS_KEYCTX_TX_WR_RXVALID)
176#define G_TLS_KEYCTX_TX_WR_RXVALID(x) \
177 (((x) >> S_TLS_KEYCTX_TX_WR_RXVALID) & M_TLS_KEYCTX_TX_WR_RXVALID)
178#define F_TLS_KEYCTX_TX_WR_RXVALID V_TLS_KEYCTX_TX_WR_RXVALID(1U)
180#define S_TLS_KEYCTX_TX_WR_IVPRESENT 7
181#define M_TLS_KEYCTX_TX_WR_IVPRESENT 0x1
182#define V_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
183 ((x) << S_TLS_KEYCTX_TX_WR_IVPRESENT)
184#define G_TLS_KEYCTX_TX_WR_IVPRESENT(x) \
185 (((x) >> S_TLS_KEYCTX_TX_WR_IVPRESENT) & \
186 M_TLS_KEYCTX_TX_WR_IVPRESENT)
187#define F_TLS_KEYCTX_TX_WR_IVPRESENT V_TLS_KEYCTX_TX_WR_IVPRESENT(1U)
189#define S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 6
190#define M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT 0x1
191#define V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
192 ((x) << S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
193#define G_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x) \
194 (((x) >> S_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT) & \
195 M_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT)
196#define F_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT \
197 V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(1U)
199#define S_TLS_KEYCTX_TX_WR_RXCK_SIZE 3
200#define M_TLS_KEYCTX_TX_WR_RXCK_SIZE 0x7
201#define V_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
202 ((x) << S_TLS_KEYCTX_TX_WR_RXCK_SIZE)
203#define G_TLS_KEYCTX_TX_WR_RXCK_SIZE(x) \
204 (((x) >> S_TLS_KEYCTX_TX_WR_RXCK_SIZE) & \
205 M_TLS_KEYCTX_TX_WR_RXCK_SIZE)
207#define S_TLS_KEYCTX_TX_WR_RXMK_SIZE 0
208#define M_TLS_KEYCTX_TX_WR_RXMK_SIZE 0x7
209#define V_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
210 ((x) << S_TLS_KEYCTX_TX_WR_RXMK_SIZE)
211#define G_TLS_KEYCTX_TX_WR_RXMK_SIZE(x) \
212 (((x) >> S_TLS_KEYCTX_TX_WR_RXMK_SIZE) & \
213 M_TLS_KEYCTX_TX_WR_RXMK_SIZE)
215#define S_TLS_KEYCTX_TX_WR_IVINSERT 55
216#define M_TLS_KEYCTX_TX_WR_IVINSERT 0x1ffULL
217#define V_TLS_KEYCTX_TX_WR_IVINSERT(x) \
218 ((x) << S_TLS_KEYCTX_TX_WR_IVINSERT)
219#define G_TLS_KEYCTX_TX_WR_IVINSERT(x) \
220 (((x) >> S_TLS_KEYCTX_TX_WR_IVINSERT) & M_TLS_KEYCTX_TX_WR_IVINSERT)
222#define S_TLS_KEYCTX_TX_WR_AADSTRTOFST 47
223#define M_TLS_KEYCTX_TX_WR_AADSTRTOFST 0xffULL
224#define V_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
225 ((x) << S_TLS_KEYCTX_TX_WR_AADSTRTOFST)
226#define G_TLS_KEYCTX_TX_WR_AADSTRTOFST(x) \
227 (((x) >> S_TLS_KEYCTX_TX_WR_AADSTRTOFST) & \
228 M_TLS_KEYCTX_TX_WR_AADSTRTOFST)
230#define S_TLS_KEYCTX_TX_WR_AADSTOPOFST 39
231#define M_TLS_KEYCTX_TX_WR_AADSTOPOFST 0xffULL
232#define V_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
233 ((x) << S_TLS_KEYCTX_TX_WR_AADSTOPOFST)
234#define G_TLS_KEYCTX_TX_WR_AADSTOPOFST(x) \
235 (((x) >> S_TLS_KEYCTX_TX_WR_AADSTOPOFST) & \
236 M_TLS_KEYCTX_TX_WR_AADSTOPOFST)
238#define S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 30
239#define M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST 0x1ffULL
240#define V_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
241 ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
242#define G_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x) \
243 (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSRTOFST) & \
244 M_TLS_KEYCTX_TX_WR_CIPHERSRTOFST)
246#define S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 23
247#define M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST 0x7f
248#define V_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
249 ((x) << S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
250#define G_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x) \
251 (((x) >> S_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST) & \
252 M_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST)
254#define S_TLS_KEYCTX_TX_WR_AUTHSRTOFST 14
255#define M_TLS_KEYCTX_TX_WR_AUTHSRTOFST 0x1ff
256#define V_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
257 ((x) << S_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
258#define G_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x) \
259 (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSRTOFST) & \
260 M_TLS_KEYCTX_TX_WR_AUTHSRTOFST)
262#define S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 7
263#define M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST 0x7f
264#define V_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
265 ((x) << S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
266#define G_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x) \
267 (((x) >> S_TLS_KEYCTX_TX_WR_AUTHSTOPOFST) & \
268 M_TLS_KEYCTX_TX_WR_AUTHSTOPOFST)
270#define S_TLS_KEYCTX_TX_WR_AUTHINSRT 0
271#define M_TLS_KEYCTX_TX_WR_AUTHINSRT 0x7f
272#define V_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
273 ((x) << S_TLS_KEYCTX_TX_WR_AUTHINSRT)
274#define G_TLS_KEYCTX_TX_WR_AUTHINSRT(x) \
275 (((x) >> S_TLS_KEYCTX_TX_WR_AUTHINSRT) & \
276 M_TLS_KEYCTX_TX_WR_AUTHINSRT)
279#define KEY_WRITE_RX 0x1
280#define KEY_WRITE_TX 0x2
281#define KEY_DELETE_RX 0x4
282#define KEY_DELETE_TX 0x8
284#define S_KEY_CLR_LOC 4
285#define M_KEY_CLR_LOC 0xf
286#define V_KEY_CLR_LOC(x) ((x) << S_KEY_CLR_LOC)
287#define G_KEY_CLR_LOC(x) (((x) >> S_KEY_CLR_LOC) & M_KEY_CLR_LOC)
288#define F_KEY_CLR_LOC V_KEY_CLR_LOC(1U)
290#define S_KEY_GET_LOC 0
291#define M_KEY_GET_LOC 0xf
292#define V_KEY_GET_LOC(x) ((x) << S_KEY_GET_LOC)
293#define G_KEY_GET_LOC(x) (((x) >> S_KEY_GET_LOC) & M_KEY_GET_LOC)
303 static char zeroes[GMAC_BLOCK_LEN];
304 uint32_t keysched[4 * (RIJNDAEL_MAXNR + 1)];
307 rounds = rijndaelKeySetupEnc(keysched, key, klen * 8);
308 rijndaelEncrypt(keysched, rounds, zeroes, ghash);
309 explicit_bzero(keysched,
sizeof(keysched));
320 u32 = (uint32_t *)dst;
321 u64 = (uint64_t *)dst;
324 case CRYPTO_SHA1_HMAC:
325 for (i = 0; i < SHA1_HASH_LEN / 4; i++)
326 u32[i] = htobe32(auth_ctx->sha1ctx.h.b32[i]);
328 case CRYPTO_SHA2_224:
329 case CRYPTO_SHA2_224_HMAC:
330 for (i = 0; i < SHA2_256_HASH_LEN / 4; i++)
331 u32[i] = htobe32(auth_ctx->sha224ctx.state[i]);
333 case CRYPTO_SHA2_256:
334 case CRYPTO_SHA2_256_HMAC:
335 for (i = 0; i < SHA2_256_HASH_LEN / 4; i++)
336 u32[i] = htobe32(auth_ctx->sha256ctx.state[i]);
338 case CRYPTO_SHA2_384:
339 case CRYPTO_SHA2_384_HMAC:
340 for (i = 0; i < SHA2_512_HASH_LEN / 8; i++)
341 u64[i] = htobe64(auth_ctx->sha384ctx.state[i]);
343 case CRYPTO_SHA2_512:
344 case CRYPTO_SHA2_512_HMAC:
345 for (i = 0; i < SHA2_512_HASH_LEN / 8; i++)
346 u64[i] = htobe64(auth_ctx->sha512ctx.state[i]);
353 const char *key,
int klen,
char *dst)
355 union authctx auth_ctx;
357 hmac_init_ipad(axf, key, klen, &auth_ctx);
360 dst += roundup2(partial_digest_len, 16);
362 hmac_init_opad(axf, key, klen, &auth_ctx);
365 explicit_bzero(&auth_ctx,
sizeof(auth_ctx));
377 uint32_t ek[4 * (RIJNDAEL_MAXNR + 1)];
381 rijndaelKeySetupEnc(ek, enc_key, kbits);
383 dkey += (kbits / 8) / 4;
387 for (i = 0; i < 4; i++)
388 *--dkey = htobe32(ek[4 * 10 + i]);
391 for (i = 0; i < 2; i++)
392 *--dkey = htobe32(ek[4 * 11 + 2 + i]);
393 for (i = 0; i < 4; i++)
394 *--dkey = htobe32(ek[4 * 12 + i]);
397 for (i = 0; i < 4; i++)
398 *--dkey = htobe32(ek[4 * 13 + i]);
399 for (i = 0; i < 4; i++)
400 *--dkey = htobe32(ek[4 * 14 + i]);
403 MPASS(dkey == dec_key);
404 explicit_bzero(ek,
sizeof(ek));
413t4_tls_key_info_size(
const struct ktls_session *tls)
415 u_int key_info_size, mac_key_size;
417 key_info_size =
sizeof(
struct tx_keyctx_hdr) +
418 tls->params.cipher_key_len;
419 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16) {
420 key_info_size += GMAC_BLOCK_LEN;
422 switch (tls->params.auth_algorithm) {
423 case CRYPTO_SHA1_HMAC:
424 mac_key_size = SHA1_HASH_LEN;
426 case CRYPTO_SHA2_256_HMAC:
427 mac_key_size = SHA2_256_HASH_LEN;
429 case CRYPTO_SHA2_384_HMAC:
430 mac_key_size = SHA2_512_HASH_LEN;
433 __assert_unreachable();
435 key_info_size += roundup2(mac_key_size, 16) * 2;
437 return (key_info_size);
441t4_tls_proto_ver(
const struct ktls_session *tls)
443 if (tls->params.tls_vminor == TLS_MINOR_VER_ONE)
450t4_tls_cipher_mode(
const struct ktls_session *tls)
452 switch (tls->params.cipher_algorithm) {
455 case CRYPTO_AES_NIST_GCM_16:
463t4_tls_auth_mode(
const struct ktls_session *tls)
465 switch (tls->params.cipher_algorithm) {
467 switch (tls->params.auth_algorithm) {
468 case CRYPTO_SHA1_HMAC:
470 case CRYPTO_SHA2_256_HMAC:
472 case CRYPTO_SHA2_384_HMAC:
477 case CRYPTO_AES_NIST_GCM_16:
485t4_tls_hmac_ctrl(
const struct ktls_session *tls)
487 switch (tls->params.cipher_algorithm) {
490 case CRYPTO_AES_NIST_GCM_16:
498tls_cipher_key_size(
const struct ktls_session *tls)
500 switch (tls->params.cipher_key_len) {
508 __assert_unreachable();
513tls_mac_key_size(
const struct ktls_session *tls)
515 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16)
518 switch (tls->params.auth_algorithm) {
519 case CRYPTO_SHA1_HMAC:
521 case CRYPTO_SHA2_256_HMAC:
523 case CRYPTO_SHA2_384_HMAC:
526 __assert_unreachable();
532t4_tls_key_ctx(
const struct ktls_session *tls,
int direction,
535 const struct auth_hash *axf;
540 if (direction == KTLS_TX) {
547 if (tls->params.cipher_algorithm == CRYPTO_AES_CBC)
571 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16) {
599 if (direction == KTLS_RX &&
600 tls->params.cipher_algorithm == CRYPTO_AES_CBC)
602 tls->params.cipher_key_len * 8);
604 memcpy(kctx->
keys.
edkey, tls->params.cipher_key,
605 tls->params.cipher_key_len);
608 hash = kctx->
keys.
edkey + tls->params.cipher_key_len;
609 if (tls->params.cipher_algorithm == CRYPTO_AES_NIST_GCM_16) {
610 _Static_assert(offsetof(
struct tx_keyctx_hdr, txsalt) ==
611 offsetof(
struct rx_keyctx_hdr, rxsalt),
612 "salt offset mismatch");
615 tls->params.cipher_key_len, hash);
617 switch (tls->params.auth_algorithm) {
618 case CRYPTO_SHA1_HMAC:
619 axf = &auth_hash_hmac_sha1;
620 mac_key_size = SHA1_HASH_LEN;
622 case CRYPTO_SHA2_256_HMAC:
623 axf = &auth_hash_hmac_sha2_256;
624 mac_key_size = SHA2_256_HASH_LEN;
626 case CRYPTO_SHA2_384_HMAC:
627 axf = &auth_hash_hmac_sha2_384;
628 mac_key_size = SHA2_512_HASH_LEN;
631 __assert_unreachable();
634 tls->params.auth_key_len, hash);
639t4_alloc_tls_keyid(
struct adapter *sc)
651t4_free_tls_keyid(
struct adapter *sc,
int keyid)
657t4_write_tlskey_wr(
const struct ktls_session *tls,
int direction,
int tid,
663 kwr->
protocol = t4_tls_proto_ver(tls);
664 kwr->
mfs = htobe16(tls->params.max_frame_len);
672 kwr->
len16 = htobe32((tid << 8) |
#define DIV_ROUND_UP(x, y)
__be64 ivinsert_to_authinsrt
__u8 ivpresent_to_rxmk_size
union tls_keyctx::key_ctx u
struct tls_keyctx::keys keys
#define CHCR_KEYCTX_CIPHER_KEY_SIZE_256
#define SCMD_PROTO_VERSION_TLS_1_2
#define SCMD_PROTO_VERSION_TLS_1_1
#define SCMD_AUTH_MODE_NOP
#define SCMD_AUTH_MODE_GHASH
#define CHCR_KEYCTX_CIPHER_KEY_SIZE_128
#define CHCR_KEYCTX_MAC_KEY_SIZE_256
#define SCMD_HMAC_CTRL_NO_TRUNC
#define SCMD_AUTH_MODE_SHA256
#define CHCR_KEYCTX_MAC_KEY_SIZE_512
#define SCMD_AUTH_MODE_SHA1
#define SCMD_HMAC_CTRL_NOP
#define SCMD_CIPH_MODE_NOP
#define SCMD_CIPH_MODE_AES_GCM
#define CHCR_KEYCTX_MAC_KEY_SIZE_160
#define CHCR_KEYCTX_CIPHER_KEY_SIZE_192
#define TLS_KEY_CONTEXT_SZ
#define SCMD_AUTH_MODE_SHA512_384
#define SCMD_CIPH_MODE_AES_CBC
#define V_TLS_KEYCTX_TX_WR_AUTHSTOPOFST(x)
void t4_init_hmac_digest(const struct auth_hash *axf, u_int partial_digest_len, const char *key, int klen, char *dst)
#define V_TLS_KEYCTX_TX_WR_TXCK_SIZE(x)
#define V_TLS_KEYCTX_TX_WR_SEQNUMCTRL(x)
#define V_TLS_KEYCTX_TX_WR_TXOPAD_PRESENT(x)
#define V_TLS_KEYCTX_TX_WR_AADSTRTOFST(x)
#define V_TLS_KEYCTX_TX_WR_CIPHMODE(x)
#define V_TLS_KEYCTX_TX_WR_AUTHMODE(x)
#define V_TLS_KEYCTX_TX_WR_RXCK_SIZE(x)
#define V_TLS_KEYCTX_TX_WR_CIPHERSTOPOFST(x)
#define V_TLS_KEYCTX_TX_WR_AADSTOPOFST(x)
#define V_TLS_KEYCTX_TX_WR_PROTOVER(x)
#define V_TLS_KEYCTX_TX_WR_IVPRESENT(x)
#define V_TLS_KEYCTX_TX_WR_CIPHERSRTOFST(x)
#define V_TLS_KEYCTX_TX_WR_IVINSERT(x)
#define V_TLS_KEYCTX_TX_WR_TXMK_SIZE(x)
#define V_TLS_KEYCTX_TX_WR_FLITCNT(x)
#define V_TLS_KEYCTX_TX_WR_TXVALID(x)
#define V_TLS_KEYCTX_TX_WR_AUTHSRTOFST(x)
#define V_TLS_KEYCTX_TX_WR_RXMK_SIZE(x)
#define V_TLS_KEYCTX_TX_WR_AUTHINSRT(x)
#define V_TLS_KEYCTX_TX_WR_CIPHAUTHSEQCTRL(x)
void t4_init_gmac_hash(const char *key, int klen, char *ghash)
#define V_TLS_KEYCTX_TX_WR_RXOPAD_PRESENT(x)
#define V_TLS_KEYCTX_TX_WR_RXVALID(x)
#define V_TLS_KEYCTX_TX_WR_SALT_PRESENT(x)
void t4_copy_partial_hash(int alg, union authctx *auth_ctx, void *dst)
void t4_aes_getdeckey(void *dec_key, const void *enc_key, unsigned int kbits)
#define V_TLS_KEYCTX_TX_WR_HMACCTRL(x)
#define V_ULP_MEMIO_ADDR(x)
#define V_T5_ULP_MEMIO_ORDER(x)
#define V_T5_ULP_MEMIO_IMM(x)
#define V_ULP_MEMIO_DATA_LEN(x)
#define V_FW_WR_FLOWID(x)
struct tls_keyctx::key_ctx::tx_keyctx_hdr txhdr
struct tls_keyctx::key_ctx::rx_keyctx_hdr rxhdr