diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch')
-rw-r--r-- | recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch new file mode 100644 index 00000000..8923cb63 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch | |||
@@ -0,0 +1,100 @@ | |||
1 | From d2c868c6370bcc0d0a254e641907da2cdf992d62 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 1 May 2014 06:35:45 +0545 | ||
4 | Subject: [PATCH 16/26] Fixed DH keygen pair generator | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Wrong Padding results into keygen length error | ||
9 | |||
10 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
11 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | --- | ||
13 | crypto/engine/eng_cryptodev.c | 50 ++++++++++++++++++++++++++++--------------- | ||
14 | 1 file changed, 33 insertions(+), 17 deletions(-) | ||
15 | |||
16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
17 | index dab8fea..13d924f 100644 | ||
18 | --- a/crypto/engine/eng_cryptodev.c | ||
19 | +++ b/crypto/engine/eng_cryptodev.c | ||
20 | @@ -3396,44 +3396,60 @@ sw_try: | ||
21 | static int cryptodev_dh_keygen(DH *dh) | ||
22 | { | ||
23 | struct crypt_kop kop; | ||
24 | - int ret = 1, g_len; | ||
25 | - unsigned char *g = NULL; | ||
26 | + int ret = 1, q_len = 0; | ||
27 | + unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; | ||
28 | + BIGNUM *pub_key = NULL, *priv_key = NULL; | ||
29 | + int generate_new_key = 1; | ||
30 | |||
31 | - if (dh->priv_key == NULL) { | ||
32 | - if ((dh->priv_key=BN_new()) == NULL) | ||
33 | - goto sw_try; | ||
34 | - } | ||
35 | + if (dh->priv_key) | ||
36 | + priv_key = dh->priv_key; | ||
37 | |||
38 | - if (dh->pub_key == NULL) { | ||
39 | - if ((dh->pub_key=BN_new()) == NULL) | ||
40 | - goto sw_try; | ||
41 | - } | ||
42 | + if (dh->pub_key) | ||
43 | + pub_key = dh->pub_key; | ||
44 | |||
45 | - g_len = BN_num_bytes(dh->p); | ||
46 | + q_len = BN_num_bytes(dh->p); | ||
47 | /** | ||
48 | * Get generator into a plain buffer. If length is less than | ||
49 | * q_len then add leading padding bytes. | ||
50 | */ | ||
51 | - if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
52 | + if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { | ||
53 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
54 | + goto sw_try; | ||
55 | + } | ||
56 | + | ||
57 | + if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { | ||
58 | DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
59 | goto sw_try; | ||
60 | } | ||
61 | |||
62 | memset(&kop, 0, sizeof kop); | ||
63 | kop.crk_op = CRK_DH_GENERATE_KEY; | ||
64 | - if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
65 | - goto sw_try; | ||
66 | + kop.crk_param[0].crp_p = q; | ||
67 | + kop.crk_param[0].crp_nbits = q_len * 8; | ||
68 | if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) | ||
69 | goto sw_try; | ||
70 | kop.crk_param[2].crp_p = g; | ||
71 | - kop.crk_param[2].crp_nbits = g_len * 8; | ||
72 | + kop.crk_param[2].crp_nbits = q_len * 8; | ||
73 | kop.crk_iparams = 3; | ||
74 | |||
75 | + s = OPENSSL_malloc (q_len); | ||
76 | + if (!s) { | ||
77 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
78 | + goto sw_try; | ||
79 | + } | ||
80 | + | ||
81 | + w = OPENSSL_malloc (q_len); | ||
82 | + if (!w) { | ||
83 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
84 | + goto sw_try; | ||
85 | + } | ||
86 | + | ||
87 | /* pub_key is or prime length while priv key is of length of order */ | ||
88 | - if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, | ||
89 | - BN_num_bytes(dh->q), dh->priv_key)) | ||
90 | + if (cryptodev_asym(&kop, q_len, w, q_len, s)) | ||
91 | goto sw_try; | ||
92 | |||
93 | + dh->pub_key = BN_bin2bn(w, q_len, pub_key); | ||
94 | + dh->pub_key = BN_bin2bn(s, q_len, priv_key); | ||
95 | return ret; | ||
96 | sw_try: | ||
97 | { | ||
98 | -- | ||
99 | 2.3.5 | ||
100 | |||