libefi: import efichar.c for ucs2 support
[unleashed.git] / include / sys / cryptmod.h
blobfb36524f1459a17b7ae4fe8c5c2e2cfee22ebba4
1 /*
2 * CDDL HEADER START
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
20 * CDDL HEADER END
23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
26 * cryptmod.h
27 * STREAMS based crypto module definitions.
29 * This is a Sun-private and undocumented interface.
32 #ifndef _SYS_CRYPTMOD_H
33 #define _SYS_CRYPTMOD_H
35 #pragma ident "%Z%%M% %I% %E% SMI"
37 #include <sys/types.h>
38 #include <sys/types32.h>
39 #ifdef _KERNEL
40 #include <sys/crypto/api.h>
41 #endif /* _KERNEL */
43 #ifdef __cplusplus
44 extern "C" {
45 #endif
49 * IOCTLs.
51 #define CRYPTIOC (('C' << 24) | ('R' << 16) | ('Y' << 8) | 0x00)
53 #define CRYPTIOCSETUP (CRYPTIOC | 0x01)
54 #define CRYPTIOCSTOP (CRYPTIOC | 0x02)
55 #define CRYPTIOCSTARTENC (CRYPTIOC | 0x03)
56 #define CRYPTIOCSTARTDEC (CRYPTIOC | 0x04)
58 #define CRYPTPASSTHRU (CRYPTIOC | 0x80)
61 * Crypto method definitions, to be used with the CRIOCSETUP ioctl.
63 #define CRYPT_METHOD_NONE 0
64 #define CRYPT_METHOD_DES_CFB 101
65 #define CRYPT_METHOD_DES_CBC_NULL 102
66 #define CRYPT_METHOD_DES_CBC_MD5 103
67 #define CRYPT_METHOD_DES_CBC_CRC 104
68 #define CRYPT_METHOD_DES3_CBC_SHA1 105
69 #define CRYPT_METHOD_ARCFOUR_HMAC_MD5 106
70 #define CRYPT_METHOD_ARCFOUR_HMAC_MD5_EXP 107
71 #define CRYPT_METHOD_AES128 108
72 #define CRYPT_METHOD_AES256 109
74 #define CR_METHOD_OK(m) ((m) == CRYPT_METHOD_NONE || \
75 ((m) >= CRYPT_METHOD_DES_CFB && \
76 (m) <= CRYPT_METHOD_AES256))
78 #define IS_RC4_METHOD(m) ((m) == CRYPT_METHOD_ARCFOUR_HMAC_MD5 || \
79 (m) == CRYPT_METHOD_ARCFOUR_HMAC_MD5_EXP)
81 #define IS_AES_METHOD(m) ((m) == CRYPT_METHOD_AES128 || \
82 (m) == CRYPT_METHOD_AES256)
85 * Direction mask values, also to be used with the CRIOCSETUP ioctl.
87 #define CRYPT_ENCRYPT 0x01
88 #define CRYPT_DECRYPT 0x02
90 #define CR_DIRECTION_OK(d) ((d) & (CRYPT_ENCRYPT | CRYPT_DECRYPT))
93 * Define constants for the 'ivec_usage' fields.
95 #define IVEC_NEVER 0x00
96 #define IVEC_REUSE 0x01
97 #define IVEC_ONETIME 0x02
99 #define CR_IVUSAGE_OK(iv) \
100 ((iv) == IVEC_NEVER || (iv) == IVEC_REUSE || (iv) == IVEC_ONETIME)
102 #define CRYPT_SHA1_BLOCKSIZE 64
103 #define CRYPT_SHA1_HASHSIZE 20
104 #define CRYPT_DES3_KEYBYTES 21
105 #define CRYPT_DES3_KEYLENGTH 24
106 #define CRYPT_ARCFOUR_KEYBYTES 16
107 #define CRYPT_ARCFOUR_KEYLENGTH 16
108 #define CRYPT_AES128_KEYBYTES 16
109 #define CRYPT_AES128_KEYLENGTH 16
110 #define CRYPT_AES256_KEYBYTES 32
111 #define CRYPT_AES256_KEYLENGTH 32
113 #define AES_TRUNCATED_HMAC_LEN 12
116 * Max size of initialization vector and key.
117 * 256 bytes = 2048 bits.
119 #define CRYPT_MAX_KEYLEN 256
120 #define CRYPT_MAX_IVLEN 256
122 typedef uint8_t crkeylen_t;
123 typedef uint8_t crivlen_t;
125 typedef uchar_t crmeth_t;
126 typedef uchar_t cropt_t;
127 typedef uchar_t crdir_t;
128 typedef uchar_t crivuse_t;
131 * Define values for the option mask field.
132 * These can be extended to alter the behavior
133 * of the module. For example, when used by kerberized
134 * Unix r commands (rlogind, rshd), all msgs must be
135 * prepended with 4 bytes of clear text data that represent
136 * the 'length' of the cipher text that follows.
138 #define CRYPTOPT_NONE 0x00
139 #define CRYPTOPT_RCMD_MODE_V1 0x01
140 #define CRYPTOPT_RCMD_MODE_V2 0x02
142 #define ANY_RCMD_MODE(m) ((m) & (CRYPTOPT_RCMD_MODE_V1 |\
143 CRYPTOPT_RCMD_MODE_V2))
145 /* Define the size of the length field used in 'rcmd' mode */
146 #define RCMD_LEN_SZ sizeof (uint32_t)
148 #define CR_OPTIONS_OK(opt) ((opt) == CRYPTOPT_NONE || \
149 ANY_RCMD_MODE(opt))
151 * Structure used by userland apps to pass data into crypto module
152 * with the CRIOCSETUP iotcl.
154 struct cr_info_t {
155 uchar_t key[CRYPT_MAX_KEYLEN];
156 uchar_t ivec[CRYPT_MAX_IVLEN];
157 crkeylen_t keylen;
158 crivlen_t iveclen;
159 crivuse_t ivec_usage;
160 crdir_t direction_mask;
161 crmeth_t crypto_method;
162 cropt_t option_mask;
165 #if defined(_KERNEL)
167 #define RCMDV1_USAGE 1026
168 #define ARCFOUR_DECRYPT_USAGE 1032
169 #define ARCFOUR_ENCRYPT_USAGE 1028
170 #define AES_ENCRYPT_USAGE 1028
171 #define AES_DECRYPT_USAGE 1032
173 #define DEFAULT_DES_BLOCKLEN 8
174 #define DEFAULT_AES_BLOCKLEN 16
175 #define ARCFOUR_EXP_SALT "fortybits"
177 struct cipher_data_t {
178 char *key;
179 char *block;
180 char *ivec;
181 char *saveblock;
182 crypto_mech_type_t mech_type;
183 crypto_key_t *ckey; /* initial encryption key */
184 crypto_key_t d_encr_key; /* derived encr key */
185 crypto_key_t d_hmac_key; /* derived hmac key */
186 crypto_ctx_template_t enc_tmpl;
187 crypto_ctx_template_t hmac_tmpl;
188 crypto_context_t ctx;
189 size_t bytes;
190 crkeylen_t blocklen;
191 crkeylen_t keylen;
192 crkeylen_t ivlen;
193 crivuse_t ivec_usage;
194 crmeth_t method;
195 cropt_t option_mask;
198 struct rcmd_state_t {
199 size_t pt_len; /* Plain text length */
200 size_t cd_len; /* Cipher Data length */
201 size_t cd_rcvd; /* Cipher Data bytes received so far */
202 uint32_t next_len;
203 mblk_t *c_msg; /* mblk that will contain the new data */
206 /* Values for "ready" mask. */
207 #define CRYPT_WRITE_READY 0x01
208 #define CRYPT_READ_READY 0x02
211 * State information for the streams module.
213 struct tmodinfo {
214 struct cipher_data_t enc_data;
215 struct cipher_data_t dec_data;
216 struct rcmd_state_t rcmd_state;
217 uchar_t ready;
220 #endif /* _KERNEL */
222 #ifdef __cplusplus
224 #endif
226 #endif /* _SYS_CRYPTMOD_H */