diff options
author | Chunrong Guo <chunrong.guo@nxp.com> | 2017-11-15 13:26:10 +0800 |
---|---|---|
committer | Otavio Salvador <otavio@ossystems.com.br> | 2017-11-16 11:09:27 -0200 |
commit | aaf2c4beb205e9f9eef1b8a9732468acb7f1a4ee (patch) | |
tree | 35d88f0e454ca7703cbba91c740bbe8e02e8eac0 /recipes-connectivity/openssl/openssl-qoriq/qoriq/0026-cryptodev-remove-code-duplication-in-digest-operatio.patch | |
parent | d709b2e285633fad2818baf53f3f1ddd35cf8527 (diff) | |
download | meta-freescale-aaf2c4beb205e9f9eef1b8a9732468acb7f1a4ee.tar.gz |
openssl-qoriq: update recipes
*Update URL to fetch qoriq-open-source github
*Update to b9e6572
This includes the following changes:
b9e6572 - eng_cryptodev: add support for TLS algorithms offload
b3a3bab - Prepare for 1.0.2l release
539c4d3 - make update
cde19ec - Update CHANGES and NEWS for new release
8ded5f1 - Ignore -rle and -comp when compiled with OPENSSL_NO_COMP. Fixes make test when configured with no-comp.
d130456 - Fix regression in openssl req -x509 behaviour.
7c300b9 - Remove notification settings from appveyor.yml
b020bf6 - Remove dead code.
ea3fc60 - Copy custom extension flags in a call to SSL_set_SSL_CTX()
4ae5993 - perlasm/x86_64-xlate.pl: work around problem with hex constants in masm.
16d78fb - Fix some error path logic in i2v_AUTHORITY_INFO_ACCESS and i2v_GENERAL_NAME
6b8fa5b - RT2867: des_ede3_cfb1 ignored "size in bits" flag
5453820 - Fix URL links in comment
d2335f3 - Fix time offset calculation.
13f70ae - Check fflush on BIO_ctrl call
de46e82 - Remove unnecessary loop in pkey_rsa_decrypt.
b99f102 - check length sanity before correcting in EVP_CTRL_AEAD_TLS1_AAD
fb2345a - Annotate ASN.1 attributes of the jurisdictionCountryName NID
60a70a5 - Fixed typo in X509_STORE_CTX_new description
74bcd77 - Numbers greater than 1 are usually non-negative.
e8f2e2f - pkeyutl exit with 0 if the verification succeeded
71d66c4 - Additional check to handle BAD SSL_write retry
a91bfe2 - crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X.
3f524f7 - Ensure dhparams can handle X9.42 params in DER
1f3b0fe - Add missing macros for DHxparams
248cf95 - Fix for #2730. Add CRLDP extension to list of supported extensions
d75c56f - Free the compression methods in s_server and s_client
4bc46d - doc: Add stitched ciphers to EVP_EncryptInit.pod
8625e92 - doc: Add missing options in s_{server,client}
62f488d - Fix the error handling in CRYPTO_dup_ex_data.
144ab9b - Add documentation for SNI APIs
*Openssl git includes all qoriq patches so remove qoriq patches folder
Signed-off-by: Chunrong Guo <chunrong.guo@nxp.com>
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Diffstat (limited to 'recipes-connectivity/openssl/openssl-qoriq/qoriq/0026-cryptodev-remove-code-duplication-in-digest-operatio.patch')
-rw-r--r-- | recipes-connectivity/openssl/openssl-qoriq/qoriq/0026-cryptodev-remove-code-duplication-in-digest-operatio.patch | 155 |
1 files changed, 0 insertions, 155 deletions
diff --git a/recipes-connectivity/openssl/openssl-qoriq/qoriq/0026-cryptodev-remove-code-duplication-in-digest-operatio.patch b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0026-cryptodev-remove-code-duplication-in-digest-operatio.patch deleted file mode 100644 index 4e1ce65d..00000000 --- a/recipes-connectivity/openssl/openssl-qoriq/qoriq/0026-cryptodev-remove-code-duplication-in-digest-operatio.patch +++ /dev/null | |||
@@ -1,155 +0,0 @@ | |||
1 | From 7f6a709ed46d79d765ee0bb2fc16b84d0bb4c8a6 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@nxp.com> | ||
3 | Date: Mon, 14 Dec 2015 17:49:08 +0200 | ||
4 | Subject: [PATCH 26/48] cryptodev: remove code duplication in digest operations | ||
5 | |||
6 | This patch simplifies code and removes duplication in digest_update and | ||
7 | digest_final for cryptodev engine. | ||
8 | |||
9 | Note: The current design of eng_cryptodev for digests operations assumes | ||
10 | the presence of all the data before processing (this is suboptimal | ||
11 | with cryptodev-linux because Linux kernel has support for digest-update | ||
12 | operations and there is no need to accumulate the input data). | ||
13 | |||
14 | Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com> | ||
15 | --- | ||
16 | crypto/engine/eng_cryptodev.c | 76 ++++++++++++++++--------------------------- | ||
17 | 1 file changed, 28 insertions(+), 48 deletions(-) | ||
18 | |||
19 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
20 | index e6616e9..a8652bf 100644 | ||
21 | --- a/crypto/engine/eng_cryptodev.c | ||
22 | +++ b/crypto/engine/eng_cryptodev.c | ||
23 | @@ -1591,24 +1591,25 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx) | ||
24 | static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, | ||
25 | size_t count) | ||
26 | { | ||
27 | - struct crypt_op cryp; | ||
28 | struct dev_crypto_state *state = ctx->md_data; | ||
29 | - struct session_op *sess = &state->d_sess; | ||
30 | |||
31 | - if (!data || state->d_fd < 0) { | ||
32 | + if (!data || !count) { | ||
33 | printf("cryptodev_digest_update: illegal inputs \n"); | ||
34 | - return (0); | ||
35 | - } | ||
36 | - | ||
37 | - if (!count) { | ||
38 | - return (0); | ||
39 | + return 0; | ||
40 | } | ||
41 | |||
42 | - if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { | ||
43 | - /* if application doesn't support one buffer */ | ||
44 | + /* | ||
45 | + * Accumulate input data if it is scattered in several buffers. TODO: | ||
46 | + * Depending on number of calls and data size, this code can be optimized | ||
47 | + * to take advantage of Linux kernel crypto API, balancing between | ||
48 | + * cryptodev calls and accumulating small amounts of data | ||
49 | + */ | ||
50 | + if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) { | ||
51 | + state->mac_data = data; | ||
52 | + state->mac_len = count; | ||
53 | + } else { | ||
54 | state->mac_data = | ||
55 | OPENSSL_realloc(state->mac_data, state->mac_len + count); | ||
56 | - | ||
57 | if (!state->mac_data) { | ||
58 | printf("cryptodev_digest_update: realloc failed\n"); | ||
59 | return (0); | ||
60 | @@ -1616,23 +1617,9 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data, | ||
61 | |||
62 | memcpy(state->mac_data + state->mac_len, data, count); | ||
63 | state->mac_len += count; | ||
64 | - | ||
65 | - return (1); | ||
66 | } | ||
67 | |||
68 | - memset(&cryp, 0, sizeof(cryp)); | ||
69 | - | ||
70 | - cryp.ses = sess->ses; | ||
71 | - cryp.flags = 0; | ||
72 | - cryp.len = count; | ||
73 | - cryp.src = (caddr_t) data; | ||
74 | - cryp.dst = NULL; | ||
75 | - cryp.mac = (caddr_t) state->digest_res; | ||
76 | - if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { | ||
77 | - printf("cryptodev_digest_update: digest failed\n"); | ||
78 | - return (0); | ||
79 | - } | ||
80 | - return (1); | ||
81 | + return 1; | ||
82 | } | ||
83 | |||
84 | static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) | ||
85 | @@ -1641,33 +1628,25 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md) | ||
86 | struct dev_crypto_state *state = ctx->md_data; | ||
87 | struct session_op *sess = &state->d_sess; | ||
88 | |||
89 | - int ret = 1; | ||
90 | - | ||
91 | if (!md || state->d_fd < 0) { | ||
92 | printf("cryptodev_digest_final: illegal input\n"); | ||
93 | return (0); | ||
94 | } | ||
95 | |||
96 | - if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { | ||
97 | - /* if application doesn't support one buffer */ | ||
98 | - memset(&cryp, 0, sizeof(cryp)); | ||
99 | - cryp.ses = sess->ses; | ||
100 | - cryp.flags = 0; | ||
101 | - cryp.len = state->mac_len; | ||
102 | - cryp.src = state->mac_data; | ||
103 | - cryp.dst = NULL; | ||
104 | - cryp.mac = (caddr_t) md; | ||
105 | - if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { | ||
106 | - printf("cryptodev_digest_final: digest failed\n"); | ||
107 | - return (0); | ||
108 | - } | ||
109 | + memset(&cryp, 0, sizeof(cryp)); | ||
110 | |||
111 | - return 1; | ||
112 | - } | ||
113 | + cryp.ses = sess->ses; | ||
114 | + cryp.flags = 0; | ||
115 | + cryp.len = state->mac_len; | ||
116 | + cryp.src = state->mac_data; | ||
117 | + cryp.mac = md; | ||
118 | |||
119 | - memcpy(md, state->digest_res, ctx->digest->md_size); | ||
120 | + if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) { | ||
121 | + printf("cryptodev_digest_final: digest failed\n"); | ||
122 | + return (0); | ||
123 | + } | ||
124 | |||
125 | - return (ret); | ||
126 | + return (1); | ||
127 | } | ||
128 | |||
129 | static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx) | ||
130 | @@ -1684,11 +1663,11 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx) | ||
131 | return (0); | ||
132 | } | ||
133 | |||
134 | - if (state->mac_data) { | ||
135 | + if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) { | ||
136 | OPENSSL_free(state->mac_data); | ||
137 | - state->mac_data = NULL; | ||
138 | - state->mac_len = 0; | ||
139 | } | ||
140 | + state->mac_data = NULL; | ||
141 | + state->mac_len = 0; | ||
142 | |||
143 | if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) { | ||
144 | printf("cryptodev_digest_cleanup: failed to close session\n"); | ||
145 | @@ -1696,6 +1675,7 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx) | ||
146 | } else { | ||
147 | ret = 1; | ||
148 | } | ||
149 | + | ||
150 | put_dev_crypto(state->d_fd); | ||
151 | state->d_fd = -1; | ||
152 | |||
153 | -- | ||
154 | 2.7.3 | ||
155 | |||