📄 sec2_algo.c
字号:
hashLen = DRV_IPSEC_SHA_DIG_LEN;
dpdpadOpId = DPD_SHA_LDCTX_HMAC_PAD_ULCTX;
break;
#if 0
case ALGO_ESP_INPUT_NULL_SHA256: /* SHA256 */
case ALGO_ESP_OUTPUT_NULL_SHA256:
hashLen = DRV_IPSEC_SHA256_DIG_LEN;
dpdpadOpId = DPD_SHA256_LDCTX_HMAC_PAD_ULCTX;
break;
#endif
default:
DRV_IPSEC_DBG("drv_sec2_hmac_auth:2 algoType error!\n");
return SEC2_ERROR;
}
}
else if(inType == IKE_ALGO_TYPE)
{
switch(algoid)
{
case ALGO_IKE_HMAC_MD5:
hashLen = DRV_IPSEC_MD5_DIG_LEN;
dpdpadOpId = DPD_MD5_LDCTX_HMAC_PAD_ULCTX;
break;
case ALGO_IKE_HMAC_SHA:
hashLen = DRV_IPSEC_SHA_DIG_LEN;
dpdpadOpId = DPD_SHA_LDCTX_HMAC_PAD_ULCTX;
break;
#if 0
case ALGO_IKE_HMAC_SHA256:
hashLen = DRV_IPSEC_SHA256_DIG_LEN;
dpdpadOpId = DPD_SHA256_LDCTX_HMAC_PAD_ULCTX;
break;
#endif
default:
DRV_IPSEC_DBG("drv_sec2_hmac_auth:3 algoType error!\n");
return SEC2_ERROR;
}
}
#endif
/**************** 分配上下文内存 ****************/
ctx = (DRV_SEC2_CONTEXT*)SEC2_GETBUF(sizeof(DRV_SEC2_CONTEXT));
if (NULL == ctx)
{
DRV_IPSEC_DBG("drv_sec2_hmac_auth: malloc DRV_SEC2_CONTEXT failed!\n");
return SEC2_ERROR;
}
ctx->msg = msg; /* 平台传入的算法消息 */
/**************** 分配描述符内存 ****************/
dpdReqLen = sizeof(HMAC_PAD_REQ);
ctx->dpdReqMem= (UINT8*)SEC2_GETBUF(dpdReqLen);
if (NULL == ctx->dpdReqMem)
{
DRV_IPSEC_DBG("drv_sec2_hmac_auth: malloc ctx->dpdReqMem failed!\n");
drv_sec2_free_context(ctx);
return SEC2_ERROR;
}
padReq = (HMAC_PAD_REQ*) (ctx->dpdReqMem);
/**************** 描述符填充: HMAC_IPAD_REQ ****************/
padReq->opId = dpdpadOpId;
padReq->channel = 0;
padReq->notify = (PSEC_NOTIFY_ROUTINE)drv_sec2_callback;
padReq->pNotifyCtx = ctx;
padReq->notify_on_error = (PSEC_NOTIFY_ON_ERROR_ROUTINE)drv_sec2_error_callback;
padReq->ctxNotifyOnErr.request = ctx;
padReq->status = 0;
padReq->nextReq = NULL;
padReq->keyBytes = auth->keyLen;
padReq->keyData = auth->key;
padReq->inBytes = auth->inLen;
padReq->inData = auth->inData; /* 输入数据内存不需要再分配*/
padReq->outBytes = auth->outLen;
padReq->outData = auth->outData; /* 输出需要8byte 对齐 */
#if DRIVER_IPSEC_DBG
padReq->outData = drv_ipsec_out_internalSec2; /* 8byte 边界对齐*/
#else
padReq->outData = auth->outData; /* 输出需要8byte 对齐 */
#endif
/**************** 下发硬件处理 ****************/
ipsec_status = (UINT32)SEC2_ioctl(IOCTL_PROC_REQ, padReq);
if (SEC2_SUCCESS != ipsec_status)
{
DRV_IPSEC_DBG("drv_sec2_hmac_auth: Ioctl failed!\n");
drv_sec2_free_context(ctx);
}
return ipsec_status;
}
/**************************************************************************
* 函数名称:drv_sec2_hash_dig
* 功能描述:实现了MD5/SHA 两种HASH 算法,用于产生消息摘要
* 需要满足 (1) 输入处理数据长度<= 2048 byte
* (2)输出数据标准长度MD5 为16 byte, SHA 为20 byte
* 输入参数:algoid --算法标识
* arg_in --mux传入参数
* withQflag --是否需要sec2引入队列
* 输出参数:SEC2_ioctl,下发硬件模块
* 返 回 值:成功返回SEC2_SUCCESS,错误返回SEC2_ERROR或者下层返回的错误码
* 其它说明:8349或8541内置加密核适配模块
* 修改日期 版本号 修改人 修改内容
* -----------------------------------------------
* 2006-7-12 V1.0 陈晓 创建
**************************************************************************/
int drv_sec2_hash_dig(DRV_IPSEC_ALGO_TYPE algoType, VOID* arg_in)
{
UINT32 dpdReqLen; /* 描述符字节长度 */
UINT32 dpdOpId = 0; /* 描述符标识符 */
UINT32 hashLen = 0;
int ipsec_status = SEC2_ERROR;
DRV_SEC2_CONTEXT *ctx = (DRV_SEC2_CONTEXT *)NULL; /* 上下文结构 */
HASH_REQ *hashReq = (HASH_REQ *)NULL; /* 算法请求结构 */
algo_msg_hash_t *dig = (algo_msg_hash_t *)NULL;
void* msg = NULL;
UINT32 algoid = 0;
UINT32 inType = 0;
DRV_LNDEC_ALG_REQ_PARA *in_param = (DRV_LNDEC_ALG_REQ_PARA *)NULL;
/**************** 参数合法性检查和赋值 ****************/
in_param = (DRV_LNDEC_ALG_REQ_PARA*)arg_in;
algoid = in_param->algoid;
inType = in_param->algotype;
if(NULL != (algo_msg_hash_t*)in_param->auth)
{
dig = (algo_msg_hash_t*)in_param->auth;
}
else
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: in param hash null!\n");
return SEC2_ERROR;
}
if (NULL != in_param->data)
{
msg = in_param->data;
}
else
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: msg NULL!\n");
return SEC2_ERROR;
}
if ( (NULL == dig) || (NULL == dig->inData) || (NULL == dig->outData))
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: algoid or dig error!\n");
return SEC2_ERROR;
}
/* 算法类型检查和获得相应描述符标识 */
#if DRIVER_IPSEC_DBG
switch(algoType)
{
case DRV_IPSEC_HASH_MD5_DIG: /* MD5 */
dpdOpId = DPD_MD5_LDCTX_IDGS_HASH_PAD_ULCTX;
break;
case DRV_IPSEC_HASH_SHA_DIG: /* SHA1 */
dpdOpId = DPD_SHA_LDCTX_IDGS_HASH_PAD_ULCTX;
break;
#if 0
case DRV_IPSEC_HASH_SHA256_DIG: /*SHA256*/
dpdOpId = DPD_SHA256_LDCTX_IDGS_HASH_PAD_ULCTX;
break;
#endif
default:
DRV_IPSEC_DBG("drv_sec2_hash_dig: algoType error 1!\n");
return SEC2_ERROR;
}
#else
if(inType == IKE_ALGO_TYPE)
{
switch(algoid)
{
case ALGO_IKE_HASH_MD5:
hashLen = DRV_IPSEC_MD5_DIG_LEN;
dpdOpId = DPD_MD5_LDCTX_IDGS_HASH_PAD_ULCTX;
break;
case ALGO_IKE_HASH_SHA:
hashLen = DRV_IPSEC_SHA_DIG_LEN;
dpdOpId = DPD_SHA_LDCTX_IDGS_HASH_PAD_ULCTX;
break;
#if 0
case ALGO_IKE_HASH_SHA256:
hashLen = DRV_IPSEC_SHA256_DIG_LEN;
dpdpadOpId = DPD_SHA256_LDCTX_HASH_PAD_ULCTX;
break;
#endif
default:
DRV_IPSEC_DBG("drv_sec2_hash_auth: algoType error 2!\n");
return SEC2_ERROR;
}
}
else
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: algoType error!\n");
return SEC2_ERROR;
}
#endif
/**************** 分配上下文内存 ****************/
ctx = (DRV_SEC2_CONTEXT*)SEC2_GETBUF(sizeof(DRV_SEC2_CONTEXT));
if (NULL == ctx)
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: malloc DRV_SEC2_CONTEXT failed!\n");
return SEC2_ERROR;
}
ctx->msg = msg; /* 平台传入的算法消息 */
/**************** 分配描述符内存 ****************/
dpdReqLen = sizeof(HASH_REQ);
ctx->dpdReqMem= (UINT8*)SEC2_GETBUF(dpdReqLen);
if (NULL == ctx->dpdReqMem)
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: malloc ctx->dpdReqMem failed! \n");
drv_sec2_free_context(ctx);
return SEC2_ERROR;
}
hashReq = (HASH_REQ*) (ctx->dpdReqMem);
/**************** 描述符填充 ****************/
hashReq->opId = dpdOpId;
hashReq->scatterBufs = 0;
hashReq->notifyFlags = 0;
hashReq->channel = 0;
hashReq->reserved = 0;
hashReq->notify = (PSEC_NOTIFY_ROUTINE)drv_sec2_callback;
hashReq->pNotifyCtx = ctx;
hashReq->notify_on_error = (PSEC_NOTIFY_ON_ERROR_ROUTINE)drv_sec2_error_callback;
hashReq->ctxNotifyOnErr.request = ctx;
hashReq->status = 0;
hashReq->nextReq = NULL;
hashReq->ctxBytes = 0;
hashReq->ctxData = (unsigned char*)NULL;
hashReq->inBytes = dig->inDataLen;
hashReq->inData = dig->inData; /* 输入数据内存不需要再分配*/
hashReq->outBytes = dig->outLen;
#if DRIVER_IPSEC_DBG
hashReq->outData = drv_ipsec_out_internalSec2; /* 8byte 边界对齐*/
#else
hashReq->outData = dig->outData;
#endif
/**************** 下发硬件处理 ****************/
ipsec_status = (UINT32)SEC2_ioctl(IOCTL_PROC_REQ, hashReq);
if (SEC2_SUCCESS != ipsec_status)
{
DRV_IPSEC_DBG("drv_sec2_hash_dig: Ioctl failed!\n");
drv_sec2_free_context(ctx);
}
return ipsec_status;
}
/**************************************************************************
* 函数名称:drv_sec2_des_hmac_crypt
* 功能描述:实现了DES和AES加密,MD5/SHA认证的HMAC 算法,用于协议认证
* 需要满足 (1) 输入处理数据长度<= 2048 byte
* (2)输出数据长度MD5 <= 16 byte, SHA <= 20 byte
* 顺序是先认证后解密
* 输入参数:algoid --算法标识
* arg_in --mux传入参数
* withQflag --是否需要sec2引入队列
* 输出参数:SEC2_ioctl,下发硬件模块
* 返 回 值:成功返回SEC2_SUCCESS,错误返回SEC2_ERROR或者下层返回的错误码
* 其它说明:8349或8541内置加密核适配模块
* 修改日期 版本号 修改人 修改内容
* -----------------------------------------------
* 2006-7-12 V1.0 陈晓 创建
**************************************************************************/
int drv_sec2_des_hmac_crypt(DRV_IPSEC_ALGO_TYPE algoType, VOID *arg_in)
{
UINT32 hashLen = 0; /* HASH 算法产生的消息摘要长度 */
UINT32 dpdReqLen; /* 描述符字节长度 */
UINT32 dpdOpId =0; /* 描述符标识符 */
int ipsec_status = SEC2_ERROR;
IPSEC_CBC_REQ *ipsecReq = (IPSEC_CBC_REQ *)NULL;
DRV_SEC2_CONTEXT *ctx = (DRV_SEC2_CONTEXT *)NULL; /* 上下文结构 */
algo_msg_crypt_t *crypt = (algo_msg_crypt_t *)NULL;
algo_msg_hmac_t *auth = (algo_msg_hmac_t *)NULL;
void* msg = NULL;
UINT32 algoid = 0;
UINT32 inType = 0;
DRV_LNDEC_ALG_REQ_PARA *in_param = (DRV_LNDEC_ALG_REQ_PARA *)NULL;
/**************** 参数合法性检查和赋值 ****************/
in_param = (DRV_LNDEC_ALG_REQ_PARA*)arg_in;
algoid = in_param->algoid;
inType = in_param->algotype;
if(NULL != (algo_msg_crypt_t*)in_param->crypt)
{
crypt = (algo_msg_crypt_t*)in_param->crypt;
}
else
{
DRV_IPSEC_DBG("drv_sec2_des_hmac_crypt: in param crypt null!\n");
return SEC2_ERROR;
}
if(NULL != (algo_msg_hmac_t*)in_param->auth)
{
auth = (algo_msg_hmac_t*)in_param->auth;
}
else
{
DRV_IPSEC_DBG("drv_sec2_des_hmac_crypt: in param auth null!\n");
return SEC2_ERROR;
}
if (NULL != in_param->data)
{
msg = in_param->data;
}
else
{
DRV_IPSEC_DBG("drv_sec2_des_hmac_crypt: msg == NULL!\n");
return SEC2_ERROR;
}
if ((NULL == crypt) || (NULL == crypt->inData)
|| (NULL == crypt->key) || (NULL == crypt->iv) || (NULL == crypt->outData)
|| (NULL == auth) || (NULL == auth->inData) || (NULL == auth->key) || (NULL == auth->outData))
{
DRV_IPSEC_DBG("drv_sec2_des_hmac_crypt: algoid or auth or crypt error!\n");
return SEC2_ERROR;
}
#if DRIVER_IPSEC_DBG
/* 加密算法参数长度检查,DES部分 */
if((algoType == DRV_IPSEC_DES_HMAC_MD5_ENCRYPT)||(algoType == DRV_IPSEC_DES_HMAC_SHA_ENCRYPT)
||(algoType == DRV_IPSEC_DES_HMAC_SHA256_ENCRYPT))
{
if (!ChkDesDataLen(crypt->inLen) || !ChkDesKeyLen(crypt->keyLen)||!ChkDesIvLen(crypt->ivlen))
{
DRV_IPSEC_DBG("drv_sec2_des_hmac_crypt: crypt length error!\n");
return SEC2_ERROR;
}
}
/* 加密算法参数长度检查,3DES部分 */
if((algoType == DRV_IPSEC_3DES_HMAC_MD5_ENCRYPT)||(algoType == DRV_IPSEC_DES_HMAC_SHA_ENCRYPT)
||(algoType == DRV_IPSEC_3DES_HMAC_SHA256_ENCRYPT))
{
if (!ChkDesDataLen(crypt->inLen) || !ChkDesKeyLen(crypt->keyLen))
{
DRV_IPSEC_DBG("drv_sec2_des_hmac_crypt: crypt length error!\n");
return SEC2_ERROR;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -