mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-11-25 07:49:18 +00:00
Code Issues Releases Activity
fa12e8fe51
freebsd/sys/crypto/openssl/ossl.h
Mark Johnston 9a3444d91c ossl: Add a VAES-based AES-GCM implementation for amd64 
aes-gcm-avx512.S is generated from OpenSSL 3.1 and implements AES-GCM.
ossl_x86.c detects whether the CPU implements the required AVX512
instructions; if not, the ossl(4) module does not provide an AES-GCM
implementation.  The VAES implementation increases throughput for all
buffer sizes in both directions, up to 2x for sufficiently large
buffers.

The "process" implementation is in two parts: a generic OCF layer in
ossl_aes.c that calls a set of MD functions to do the heavy lifting.
The intent there is to make it possible to add other implementations for
other platforms, e.g., to reduce the diff required for D37421.

A follow-up commit will add a fallback path to legacy AES-NI, so that
ossl(4) can be used in preference to aesni(4) on all amd64 platforms.
In the long term we would like to replace aesni(4) and armv8crypto(4)
with ossl(4).

Note, currently this implementation will not be selected by default
since aesni(4) and ossl(4) return the same probe priority for crypto
sessions, and the opencrypto framework selects the first registered
implementation to break a tie.  Since aesni(4) is compiled into the
kernel, aesni(4) wins.  A separate change may modify ossl(4) to have
priority.

Sponsored by:	Stormshield
Sponsored by:	Klara, Inc.
Reviewed by:	jhb
MFC after:	3 months
Differential Revision:	https://reviews.freebsd.org/D39783
2023-06-02 12:15:01 -04:00

93 lines
2.9 KiB
C
Raw Blame History

/*
* Copyright (c) 2020 Netflix, Inc
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer,
* without modification.
* 2. Redistributions in binary form must reproduce at minimum a disclaimer
* similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any
* redistribution must be conditioned upon including a substantially
* similar Disclaimer requirement for further binary redistribution.
*
* NO WARRANTY
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
* THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
* IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGES.
*
* $FreeBSD$
*/
#ifndef __OSSL_H__
#define __OSSL_H__
/* Compatibility shims. */
#define OPENSSL_cleanse explicit_bzero
struct cryptop;
struct crypto_session_params;
struct ossl_softc;
struct ossl_session;
int ossl_chacha20_poly1305_decrypt(struct cryptop *crp,
const struct crypto_session_params *csp);
int ossl_chacha20_poly1305_encrypt(struct cryptop *crp,
const struct crypto_session_params *csp);
void ossl_cpuid(struct ossl_softc *sc);
struct ossl_softc {
int32_t sc_cid;
bool has_aes;
bool has_aes_gcm;
};
/* Needs to be big enough to hold any hash context. */
struct ossl_hash_context {
uint32_t dummy[196];
} __aligned(32);
struct ossl_cipher_context {
uint32_t dummy[196];
} __aligned(32);
struct ossl_session_hash {
struct ossl_hash_context ictx;
struct ossl_hash_context octx;
struct auth_hash *axf;
u_int mlen;
};
struct ossl_session_cipher {
struct ossl_cipher_context dec_ctx;
struct ossl_cipher_context enc_ctx;
struct ossl_cipher *cipher;
};
struct ossl_session {
struct ossl_session_cipher cipher;
struct ossl_session_hash hash;
};
extern struct auth_hash ossl_hash_poly1305;
extern struct auth_hash ossl_hash_sha1;
extern struct auth_hash ossl_hash_sha224;
extern struct auth_hash ossl_hash_sha256;
extern struct auth_hash ossl_hash_sha384;
extern struct auth_hash ossl_hash_sha512;
extern struct ossl_cipher ossl_cipher_aes_cbc;
extern struct ossl_cipher ossl_cipher_aes_gcm;
extern struct ossl_cipher ossl_cipher_chacha20;
#endif /* !__OSSL_H__ */
Reference in New Issue View Git Blame Copy Permalink