int _cryptodev_register_gcm_crypto(int cfd)
{
struct session_op sess;
uint8_t fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
unsigned int i;
int ret;
#ifdef CIOCGSESSINFO
struct session_info_op siop;
memset(&siop, 0, sizeof(siop));
#endif
memset(&sess, 0, sizeof(sess));
for (i = 0; i < sizeof(cipher_map) / sizeof(cipher_map[0]); i++) {
if (cipher_map[i] == 0)
continue;
/* test if a cipher is support it and if yes register it */
sess.cipher = cipher_map[i];
sess.keylen = gnutls_cipher_get_key_size(i);
sess.key = fake_key;
if (ioctl(cfd, CIOCGSESSION, &sess)) {
continue;
}
#ifdef CIOCGSESSINFO
siop.ses = sess.ses; /* do not register ciphers that are not hw accelerated */
if (ioctl(cfd, CIOCGSESSINFO, &siop) == 0) {
if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) {
ioctl(cfd, CIOCFSESSION, &sess.ses);
continue;
}
}
#endif
ioctl(cfd, CIOCFSESSION, &sess.ses);
_gnutls_debug_log("/dev/crypto: registering: %s\n",
gnutls_cipher_get_name(i));
ret =
gnutls_crypto_single_cipher_register(i, 90,
&cipher_struct, 0);
if (ret < 0) {
gnutls_assert();
return ret;
}
}
return 0;
}
static
void register_x86_padlock_crypto(unsigned capabilities)
{
int ret, phe;
unsigned edx;
if (check_via() == 0)
return;
if (capabilities == 0)
edx = padlock_capability();
else
edx = capabilities_to_via_edx(capabilities);
if (check_padlock(edx)) {
_gnutls_debug_log
("Padlock AES accelerator was detected\n");
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aes_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
/* register GCM ciphers */
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_GCM, 80,
&_gnutls_aes_gcm_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
#ifdef HAVE_LIBNETTLE
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aes_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aes_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_GCM, 80,
&_gnutls_aes_gcm_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
#endif
}
#ifdef HAVE_LIBNETTLE
phe = check_phe(edx);
if (phe && check_phe_partial()) {
_gnutls_debug_log
("Padlock SHA1 and SHA256 (partial) accelerator was detected\n");
if (check_phe_sha512(edx)) {
_gnutls_debug_log
("Padlock SHA512 (partial) accelerator was detected\n");
ret =
gnutls_crypto_single_digest_register
(GNUTLS_DIG_SHA384, 80,
&_gnutls_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register
(GNUTLS_DIG_SHA512, 80,
&_gnutls_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA384, 80,
&_gnutls_hmac_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA512, 80,
&_gnutls_hmac_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
80,
&_gnutls_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
80,
&_gnutls_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
80,
&_gnutls_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
80,
&_gnutls_hmac_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
/* we don't register MAC_SHA224 because it is not used by TLS */
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
80,
&_gnutls_hmac_sha_padlock_nano, 0);
if (ret < 0) {
gnutls_assert();
}
} else if (phe) {
/* Original padlock PHE. Does not support incremental operations.
*/
_gnutls_debug_log
("Padlock SHA1 and SHA256 accelerator was detected\n");
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
80,
&_gnutls_sha_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
80,
&_gnutls_sha_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
80,
&_gnutls_hmac_sha_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
80,
&_gnutls_hmac_sha_padlock, 0);
if (ret < 0) {
gnutls_assert();
}
}
#endif
return;
}
static
void register_x86_intel_crypto(unsigned capabilities)
{
int ret;
unsigned t;
if (check_intel_or_amd() == 0)
return;
if (capabilities == 0) {
gnutls_cpuid(1, &t, &_gnutls_x86_cpuid_s[0],
&_gnutls_x86_cpuid_s[1], &_gnutls_x86_cpuid_s[2]);
} else {
capabilities_to_intel_cpuid(capabilities);
}
if (check_ssse3()) {
_gnutls_debug_log("Intel SSSE3 was detected\n");
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_GCM, 90,
&_gnutls_aes_gcm_x86_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_GCM, 90,
&_gnutls_aes_gcm_x86_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CBC, 90, &_gnutls_aes_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_192_CBC, 90, &_gnutls_aes_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CBC, 90, &_gnutls_aes_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
80,
&_gnutls_sha_x86_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
80,
&_gnutls_sha_x86_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
80,
&_gnutls_sha_x86_ssse3, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA1,
80,
&_gnutls_hmac_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA224,
80,
&_gnutls_hmac_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA256,
80,
&_gnutls_hmac_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
#ifdef ENABLE_SHA512
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
80,
&_gnutls_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
80,
&_gnutls_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA384,
80,
&_gnutls_hmac_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
ret =
gnutls_crypto_single_mac_register(GNUTLS_MAC_SHA512,
80,
&_gnutls_hmac_sha_x86_ssse3, 0);
if (ret < 0)
gnutls_assert();
#endif
}
if (check_optimized_aes()) {
_gnutls_debug_log("Intel AES accelerator was detected\n");
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CBC, 80, &_gnutls_aesni_x86, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_192_CBC, 80, &_gnutls_aesni_x86, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CBC, 80, &_gnutls_aesni_x86, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CCM, 80,
&_gnutls_aes_ccm_x86_aesni, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CCM, 80,
&_gnutls_aes_ccm_x86_aesni, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CCM_8, 80,
&_gnutls_aes_ccm_x86_aesni, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CCM_8, 80,
&_gnutls_aes_ccm_x86_aesni, 0);
if (ret < 0) {
gnutls_assert();
}
#ifdef ASM_X86_64
if (check_pclmul()) {
/* register GCM ciphers */
_gnutls_debug_log
("Intel GCM accelerator was detected\n");
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_GCM, 80,
&_gnutls_aes_gcm_pclmul, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_GCM, 80,
&_gnutls_aes_gcm_pclmul, 0);
if (ret < 0) {
gnutls_assert();
}
} else
#endif
{
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_GCM, 80,
&_gnutls_aes_gcm_x86_aesni, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_GCM, 80,
&_gnutls_aes_gcm_x86_aesni, 0);
if (ret < 0) {
gnutls_assert();
}
}
}
return;
}
static
void _register_aarch64_crypto(unsigned capabilities)
{
int ret;
if (capabilities == 0) {
discover_caps(&_gnutls_arm_cpuid_s);
} else {
capabilities_to_cpuid(capabilities);
}
if (_gnutls_arm_cpuid_s & ARMV8_SHA1) {
_gnutls_debug_log("Aarch64 SHA1 was detected\n");
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA1,
80,
&_gnutls_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA1, 80, &_gnutls_hmac_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
}
if (_gnutls_arm_cpuid_s & ARMV8_SHA256) {
_gnutls_debug_log("Aarch64 SHA2 was detected\n");
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA224,
80,
&_gnutls_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA224, 80, &_gnutls_hmac_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA256,
80,
&_gnutls_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA256, 80, &_gnutls_hmac_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA384,
80,
&_gnutls_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA384, 80, &_gnutls_hmac_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_digest_register(GNUTLS_DIG_SHA512,
80,
&_gnutls_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_mac_register
(GNUTLS_MAC_SHA512, 80, &_gnutls_hmac_sha_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
}
if (_gnutls_arm_cpuid_s & ARMV8_AES) {
_gnutls_debug_log("Aarch64 AES was detected\n");
if (_gnutls_arm_cpuid_s & ARMV8_PMULL) {
_gnutls_debug_log("Aarch64 PMULL was detected\n");
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_GCM, 90,
&_gnutls_aes_gcm_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_GCM, 90,
&_gnutls_aes_gcm_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CBC, 90, &_gnutls_aes_cbc_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CBC, 90, &_gnutls_aes_cbc_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_128_CCM, 90, &_gnutls_aes_ccm_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
ret =
gnutls_crypto_single_cipher_register
(GNUTLS_CIPHER_AES_256_CCM, 90, &_gnutls_aes_ccm_aarch64, 0);
if (ret < 0) {
gnutls_assert();
}
}
return;
}
