OK?
---
sys/crypto/cryptosoft.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git sys/crypto/cryptosoft.c sys/crypto/cryptosoft.c
index f735c7c..2a4abce 100644
--- sys/crypto/cryptosoft.c
+++ sys/crypto/cryptosoft.c
@@ -511,18 +511,20 @@ swcr_authenc(struct cryptop *crp)
return (EINVAL);
switch (sw->sw_alg) {
case CRYPTO_AES_GCM_16:
case CRYPTO_AES_GMAC:
+ case CRYPTO_CHACHA20_POLY1305:
swe = sw;
crde = crd;
exf = swe->sw_exf;
ivlen = exf->ivsize;
break;
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
+ case CRYPTO_CHACHA20_POLY1305_MAC:
swa = sw;
crda = crd;
axf = swa->sw_axf;
if (swa->sw_ictx == 0)
return (EINVAL);
@@ -628,10 +630,19 @@ swcr_authenc(struct cryptop *crp)
*blkp = htobe32(aadlen * 8);
blkp = (uint32_t *)blk + 3;
*blkp = htobe32(crde->crd_len * 8);
axf->Update(&ctx, blk, axf->hashsize);
break;
+ case CRYPTO_CHACHA20_POLY1305_MAC:
+ /* length block */
+ bzero(blk, axf->hashsize);
+ blkp = (uint32_t *)blk;
+ *blkp = htole32(aadlen);
+ blkp = (uint32_t *)blk + 2;
+ *blkp = htole32(crde->crd_len);
+ axf->Update(&ctx, blk, axf->hashsize);
+ break;
}
/* Finalize MAC */
axf->Final(aalg, &ctx);
@@ -809,10 +820,13 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
goto enccommon;
case CRYPTO_AES_GMAC:
txf = &enc_xform_aes_gmac;
(*swd)->sw_exf = txf;
break;
+ case CRYPTO_CHACHA20_POLY1305:
+ txf = &enc_xform_chacha20_poly1305;
+ goto enccommon;
case CRYPTO_NULL:
txf = &enc_xform_null;
goto enccommon;
enccommon:
if (txf->ctxsize > 0) {
@@ -912,10 +926,14 @@ swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
axf = &auth_hash_gmac_aes_192;
goto auth4common;
case CRYPTO_AES_256_GMAC:
axf = &auth_hash_gmac_aes_256;
+ goto auth4common;
+
+ case CRYPTO_CHACHA20_POLY1305_MAC:
+ axf = &auth_hash_chacha20_poly1305;
auth4common:
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
M_NOWAIT);
if ((*swd)->sw_ictx == NULL) {
swcr_freesession(i);
@@ -976,10 +994,11 @@ swcr_freesession(u_int64_t tid)
case CRYPTO_RIJNDAEL128_CBC:
case CRYPTO_AES_CTR:
case CRYPTO_AES_XTS:
case CRYPTO_AES_GCM_16:
case CRYPTO_AES_GMAC:
+ case CRYPTO_CHACHA20_POLY1305:
case CRYPTO_NULL:
txf = swd->sw_exf;
if (swd->sw_kschedule) {
explicit_bzero(swd->sw_kschedule, txf->ctxsize);
@@ -1006,10 +1025,11 @@ swcr_freesession(u_int64_t tid)
break;
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
+ case CRYPTO_CHACHA20_POLY1305_MAC:
case CRYPTO_MD5:
case CRYPTO_SHA1:
axf = swd->sw_axf;
if (swd->sw_ictx) {
@@ -1108,10 +1128,12 @@ swcr_process(struct cryptop *crp)
case CRYPTO_AES_GCM_16:
case CRYPTO_AES_GMAC:
case CRYPTO_AES_128_GMAC:
case CRYPTO_AES_192_GMAC:
case CRYPTO_AES_256_GMAC:
+ case CRYPTO_CHACHA20_POLY1305:
+ case CRYPTO_CHACHA20_POLY1305_MAC:
crp->crp_etype = swcr_authenc(crp);
goto done;
case CRYPTO_DEFLATE_COMP:
if ((crp->crp_etype = swcr_compdec(crd, sw,
@@ -1171,10 +1193,12 @@ swcr_init(void)
algs[CRYPTO_SHA2_384_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_SHA2_512_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_128_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_192_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_AES_256_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_CHACHA20_POLY1305] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_CHACHA20_POLY1305_MAC] = CRYPTO_ALG_FLAG_SUPPORTED;
algs[CRYPTO_ESN] = CRYPTO_ALG_FLAG_SUPPORTED;
crypto_register(swcr_id, algs, swcr_newsession,
swcr_freesession, swcr_process);
}
--
2.6.2
