diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl-fsl')
26 files changed, 6928 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch new file mode 100644 index 00000000..e7b874f5 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch | |||
@@ -0,0 +1,83 @@ | |||
1 | From 9297e3834518ff0558d6e7004a62adfd107e659a Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Tue, 10 Sep 2013 12:46:46 +0300 | ||
4 | Subject: [PATCH 01/26] remove double initialization of cryptodev engine | ||
5 | |||
6 | cryptodev engine is initialized together with the other engines in | ||
7 | ENGINE_load_builtin_engines. The initialization done through | ||
8 | OpenSSL_add_all_algorithms is redundant. | ||
9 | |||
10 | Change-Id: Ic9488500967595543ff846f147b36f383db7cb27 | ||
11 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | Reviewed-on: http://git.am.freescale.net:8181/17222 | ||
13 | --- | ||
14 | crypto/engine/eng_all.c | 11 ----------- | ||
15 | crypto/engine/engine.h | 4 ---- | ||
16 | crypto/evp/c_all.c | 5 ----- | ||
17 | util/libeay.num | 2 +- | ||
18 | 4 files changed, 1 insertion(+), 21 deletions(-) | ||
19 | |||
20 | diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c | ||
21 | index 6093376..f16c043 100644 | ||
22 | --- a/crypto/engine/eng_all.c | ||
23 | +++ b/crypto/engine/eng_all.c | ||
24 | @@ -122,14 +122,3 @@ void ENGINE_load_builtin_engines(void) | ||
25 | #endif | ||
26 | ENGINE_register_all_complete(); | ||
27 | } | ||
28 | - | ||
29 | -#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) | ||
30 | -void ENGINE_setup_bsd_cryptodev(void) { | ||
31 | - static int bsd_cryptodev_default_loaded = 0; | ||
32 | - if (!bsd_cryptodev_default_loaded) { | ||
33 | - ENGINE_load_cryptodev(); | ||
34 | - ENGINE_register_all_complete(); | ||
35 | - } | ||
36 | - bsd_cryptodev_default_loaded=1; | ||
37 | -} | ||
38 | -#endif | ||
39 | diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h | ||
40 | index f8be497..237a6c9 100644 | ||
41 | --- a/crypto/engine/engine.h | ||
42 | +++ b/crypto/engine/engine.h | ||
43 | @@ -740,10 +740,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, | ||
44 | * values. */ | ||
45 | void *ENGINE_get_static_state(void); | ||
46 | |||
47 | -#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) | ||
48 | -void ENGINE_setup_bsd_cryptodev(void); | ||
49 | -#endif | ||
50 | - | ||
51 | /* BEGIN ERROR CODES */ | ||
52 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
53 | * made after this point may be overwritten when the script is next run. | ||
54 | diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c | ||
55 | index 766c4ce..5d6c21b 100644 | ||
56 | --- a/crypto/evp/c_all.c | ||
57 | +++ b/crypto/evp/c_all.c | ||
58 | @@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void) | ||
59 | OPENSSL_cpuid_setup(); | ||
60 | OpenSSL_add_all_ciphers(); | ||
61 | OpenSSL_add_all_digests(); | ||
62 | -#ifndef OPENSSL_NO_ENGINE | ||
63 | -# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) | ||
64 | - ENGINE_setup_bsd_cryptodev(); | ||
65 | -# endif | ||
66 | -#endif | ||
67 | } | ||
68 | diff --git a/util/libeay.num b/util/libeay.num | ||
69 | index aa86b2b..ae50040 100755 | ||
70 | --- a/util/libeay.num | ||
71 | +++ b/util/libeay.num | ||
72 | @@ -2801,7 +2801,7 @@ BIO_indent 3242 EXIST::FUNCTION: | ||
73 | BUF_strlcpy 3243 EXIST::FUNCTION: | ||
74 | OpenSSLDie 3244 EXIST::FUNCTION: | ||
75 | OPENSSL_cleanse 3245 EXIST::FUNCTION: | ||
76 | -ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE | ||
77 | +ENGINE_setup_bsd_cryptodev 3246 NOEXIST::FUNCTION: | ||
78 | ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH | ||
79 | EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES | ||
80 | FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: | ||
81 | -- | ||
82 | 2.3.5 | ||
83 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch new file mode 100644 index 00000000..ab2b7ea9 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch | |||
@@ -0,0 +1,317 @@ | |||
1 | From dfd6ba263dc25ea2a4bbc32448b24ca2b1fc40e8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 29 Aug 2013 16:51:18 +0300 | ||
4 | Subject: [PATCH 02/26] eng_cryptodev: add support for TLS algorithms offload | ||
5 | |||
6 | - aes-128-cbc-hmac-sha1 | ||
7 | - aes-256-cbc-hmac-sha1 | ||
8 | |||
9 | Requires TLS patches on cryptodev and TLS algorithm support in Linux | ||
10 | kernel driver. | ||
11 | |||
12 | Change-Id: I43048caa348414daddd6c1a5cdc55e769ac1945f | ||
13 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
14 | Reviewed-on: http://git.am.freescale.net:8181/17223 | ||
15 | --- | ||
16 | crypto/engine/eng_cryptodev.c | 222 +++++++++++++++++++++++++++++++++++++++--- | ||
17 | 1 file changed, 211 insertions(+), 11 deletions(-) | ||
18 | |||
19 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
20 | index 5a715ac..7588a28 100644 | ||
21 | --- a/crypto/engine/eng_cryptodev.c | ||
22 | +++ b/crypto/engine/eng_cryptodev.c | ||
23 | @@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void) | ||
24 | struct dev_crypto_state { | ||
25 | struct session_op d_sess; | ||
26 | int d_fd; | ||
27 | + unsigned char *aad; | ||
28 | + unsigned int aad_len; | ||
29 | + unsigned int len; | ||
30 | |||
31 | #ifdef USE_CRYPTODEV_DIGESTS | ||
32 | char dummy_mac_key[HASH_MAX_LEN]; | ||
33 | @@ -140,17 +143,20 @@ static struct { | ||
34 | int nid; | ||
35 | int ivmax; | ||
36 | int keylen; | ||
37 | + int mackeylen; | ||
38 | } ciphers[] = { | ||
39 | - { CRYPTO_ARC4, NID_rc4, 0, 16, }, | ||
40 | - { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, | ||
41 | - { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, | ||
42 | - { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, | ||
43 | - { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, }, | ||
44 | - { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, | ||
45 | - { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, | ||
46 | - { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, | ||
47 | - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, | ||
48 | - { 0, NID_undef, 0, 0, }, | ||
49 | + { CRYPTO_ARC4, NID_rc4, 0, 16, 0}, | ||
50 | + { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0}, | ||
51 | + { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0}, | ||
52 | + { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0}, | ||
53 | + { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0}, | ||
54 | + { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0}, | ||
55 | + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, | ||
56 | + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, | ||
57 | + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, | ||
58 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
59 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
60 | + { 0, NID_undef, 0, 0, 0}, | ||
61 | }; | ||
62 | |||
63 | #ifdef USE_CRYPTODEV_DIGESTS | ||
64 | @@ -250,13 +256,15 @@ get_cryptodev_ciphers(const int **cnids) | ||
65 | } | ||
66 | memset(&sess, 0, sizeof(sess)); | ||
67 | sess.key = (caddr_t)"123456789abcdefghijklmno"; | ||
68 | + sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO"; | ||
69 | |||
70 | for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { | ||
71 | if (ciphers[i].nid == NID_undef) | ||
72 | continue; | ||
73 | sess.cipher = ciphers[i].id; | ||
74 | sess.keylen = ciphers[i].keylen; | ||
75 | - sess.mac = 0; | ||
76 | + sess.mackeylen = ciphers[i].mackeylen; | ||
77 | + | ||
78 | if (ioctl(fd, CIOCGSESSION, &sess) != -1 && | ||
79 | ioctl(fd, CIOCFSESSION, &sess.ses) != -1) | ||
80 | nids[count++] = ciphers[i].nid; | ||
81 | @@ -414,6 +422,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
82 | return (1); | ||
83 | } | ||
84 | |||
85 | + | ||
86 | +static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
87 | + const unsigned char *in, size_t len) | ||
88 | +{ | ||
89 | + struct crypt_auth_op cryp; | ||
90 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
91 | + struct session_op *sess = &state->d_sess; | ||
92 | + const void *iiv; | ||
93 | + unsigned char save_iv[EVP_MAX_IV_LENGTH]; | ||
94 | + | ||
95 | + if (state->d_fd < 0) | ||
96 | + return (0); | ||
97 | + if (!len) | ||
98 | + return (1); | ||
99 | + if ((len % ctx->cipher->block_size) != 0) | ||
100 | + return (0); | ||
101 | + | ||
102 | + memset(&cryp, 0, sizeof(cryp)); | ||
103 | + | ||
104 | + /* TODO: make a seamless integration with cryptodev flags */ | ||
105 | + switch (ctx->cipher->nid) { | ||
106 | + case NID_aes_128_cbc_hmac_sha1: | ||
107 | + case NID_aes_256_cbc_hmac_sha1: | ||
108 | + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
109 | + } | ||
110 | + cryp.ses = sess->ses; | ||
111 | + cryp.len = state->len; | ||
112 | + cryp.src = (caddr_t) in; | ||
113 | + cryp.dst = (caddr_t) out; | ||
114 | + cryp.auth_src = state->aad; | ||
115 | + cryp.auth_len = state->aad_len; | ||
116 | + | ||
117 | + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; | ||
118 | + | ||
119 | + if (ctx->cipher->iv_len) { | ||
120 | + cryp.iv = (caddr_t) ctx->iv; | ||
121 | + if (!ctx->encrypt) { | ||
122 | + iiv = in + len - ctx->cipher->iv_len; | ||
123 | + memcpy(save_iv, iiv, ctx->cipher->iv_len); | ||
124 | + } | ||
125 | + } else | ||
126 | + cryp.iv = NULL; | ||
127 | + | ||
128 | + if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { | ||
129 | + /* XXX need better errror handling | ||
130 | + * this can fail for a number of different reasons. | ||
131 | + */ | ||
132 | + return (0); | ||
133 | + } | ||
134 | + | ||
135 | + if (ctx->cipher->iv_len) { | ||
136 | + if (ctx->encrypt) | ||
137 | + iiv = out + len - ctx->cipher->iv_len; | ||
138 | + else | ||
139 | + iiv = save_iv; | ||
140 | + memcpy(ctx->iv, iiv, ctx->cipher->iv_len); | ||
141 | + } | ||
142 | + return (1); | ||
143 | +} | ||
144 | + | ||
145 | + | ||
146 | static int | ||
147 | cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
148 | const unsigned char *iv, int enc) | ||
149 | @@ -452,6 +521,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
150 | return (1); | ||
151 | } | ||
152 | |||
153 | +/* Save the encryption key provided by upper layers. | ||
154 | + * | ||
155 | + * This function is called by EVP_CipherInit_ex to initialize the algorithm's | ||
156 | + * extra data. We can't do much here because the mac key is not available. | ||
157 | + * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter | ||
158 | + * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION | ||
159 | + * with both the crypto and hmac keys. | ||
160 | + */ | ||
161 | +static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx, | ||
162 | + const unsigned char *key, const unsigned char *iv, int enc) | ||
163 | +{ | ||
164 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
165 | + struct session_op *sess = &state->d_sess; | ||
166 | + int cipher = -1, i; | ||
167 | + | ||
168 | + for (i = 0; ciphers[i].id; i++) | ||
169 | + if (ctx->cipher->nid == ciphers[i].nid && | ||
170 | + ctx->cipher->iv_len <= ciphers[i].ivmax && | ||
171 | + ctx->key_len == ciphers[i].keylen) { | ||
172 | + cipher = ciphers[i].id; | ||
173 | + break; | ||
174 | + } | ||
175 | + | ||
176 | + if (!ciphers[i].id) { | ||
177 | + state->d_fd = -1; | ||
178 | + return (0); | ||
179 | + } | ||
180 | + | ||
181 | + memset(sess, 0, sizeof(struct session_op)); | ||
182 | + | ||
183 | + sess->key = (caddr_t)key; | ||
184 | + sess->keylen = ctx->key_len; | ||
185 | + sess->cipher = cipher; | ||
186 | + | ||
187 | + /* for whatever reason, (1) means success */ | ||
188 | + return (1); | ||
189 | +} | ||
190 | + | ||
191 | + | ||
192 | /* | ||
193 | * free anything we allocated earlier when initting a | ||
194 | * session, and close the session. | ||
195 | @@ -488,6 +596,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) | ||
196 | return (ret); | ||
197 | } | ||
198 | |||
199 | +static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
200 | + void *ptr) | ||
201 | +{ | ||
202 | + switch (type) { | ||
203 | + case EVP_CTRL_AEAD_SET_MAC_KEY: | ||
204 | + { | ||
205 | + /* TODO: what happens with hmac keys larger than 64 bytes? */ | ||
206 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
207 | + struct session_op *sess = &state->d_sess; | ||
208 | + | ||
209 | + if ((state->d_fd = get_dev_crypto()) < 0) | ||
210 | + return (0); | ||
211 | + | ||
212 | + /* the rest should have been set in cryptodev_init_aead_key */ | ||
213 | + sess->mackey = ptr; | ||
214 | + sess->mackeylen = arg; | ||
215 | + | ||
216 | + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { | ||
217 | + put_dev_crypto(state->d_fd); | ||
218 | + state->d_fd = -1; | ||
219 | + return (0); | ||
220 | + } | ||
221 | + return (1); | ||
222 | + } | ||
223 | + case EVP_CTRL_AEAD_TLS1_AAD: | ||
224 | + { | ||
225 | + /* ptr points to the associated data buffer of 13 bytes */ | ||
226 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
227 | + unsigned char *p = ptr; | ||
228 | + unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; | ||
229 | + unsigned int maclen, padlen; | ||
230 | + unsigned int bs = ctx->cipher->block_size; | ||
231 | + | ||
232 | + state->aad = ptr; | ||
233 | + state->aad_len = arg; | ||
234 | + state->len = cryptlen; | ||
235 | + | ||
236 | + /* TODO: this should be an extension of EVP_CIPHER struct */ | ||
237 | + switch (ctx->cipher->nid) { | ||
238 | + case NID_aes_128_cbc_hmac_sha1: | ||
239 | + case NID_aes_256_cbc_hmac_sha1: | ||
240 | + maclen = SHA_DIGEST_LENGTH; | ||
241 | + } | ||
242 | + | ||
243 | + /* space required for encryption (not only TLS padding) */ | ||
244 | + padlen = maclen; | ||
245 | + if (ctx->encrypt) { | ||
246 | + cryptlen += maclen; | ||
247 | + padlen += bs - (cryptlen % bs); | ||
248 | + } | ||
249 | + return padlen; | ||
250 | + } | ||
251 | + default: | ||
252 | + return -1; | ||
253 | + } | ||
254 | +} | ||
255 | + | ||
256 | /* | ||
257 | * libcrypto EVP stuff - this is how we get wired to EVP so the engine | ||
258 | * gets called when libcrypto requests a cipher NID. | ||
259 | @@ -600,6 +765,33 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { | ||
260 | NULL | ||
261 | }; | ||
262 | |||
263 | +const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { | ||
264 | + NID_aes_128_cbc_hmac_sha1, | ||
265 | + 16, 16, 16, | ||
266 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
267 | + cryptodev_init_aead_key, | ||
268 | + cryptodev_aead_cipher, | ||
269 | + cryptodev_cleanup, | ||
270 | + sizeof(struct dev_crypto_state), | ||
271 | + EVP_CIPHER_set_asn1_iv, | ||
272 | + EVP_CIPHER_get_asn1_iv, | ||
273 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
274 | + NULL | ||
275 | +}; | ||
276 | + | ||
277 | +const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { | ||
278 | + NID_aes_256_cbc_hmac_sha1, | ||
279 | + 16, 32, 16, | ||
280 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
281 | + cryptodev_init_aead_key, | ||
282 | + cryptodev_aead_cipher, | ||
283 | + cryptodev_cleanup, | ||
284 | + sizeof(struct dev_crypto_state), | ||
285 | + EVP_CIPHER_set_asn1_iv, | ||
286 | + EVP_CIPHER_get_asn1_iv, | ||
287 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
288 | + NULL | ||
289 | +}; | ||
290 | /* | ||
291 | * Registered by the ENGINE when used to find out how to deal with | ||
292 | * a particular NID in the ENGINE. this says what we'll do at the | ||
293 | @@ -637,6 +829,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
294 | case NID_aes_256_cbc: | ||
295 | *cipher = &cryptodev_aes_256_cbc; | ||
296 | break; | ||
297 | + case NID_aes_128_cbc_hmac_sha1: | ||
298 | + *cipher = &cryptodev_aes_128_cbc_hmac_sha1; | ||
299 | + break; | ||
300 | + case NID_aes_256_cbc_hmac_sha1: | ||
301 | + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; | ||
302 | + break; | ||
303 | default: | ||
304 | *cipher = NULL; | ||
305 | break; | ||
306 | @@ -1384,6 +1582,8 @@ ENGINE_load_cryptodev(void) | ||
307 | } | ||
308 | put_dev_crypto(fd); | ||
309 | |||
310 | + EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
311 | + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
312 | if (!ENGINE_set_id(engine, "cryptodev") || | ||
313 | !ENGINE_set_name(engine, "BSD cryptodev engine") || | ||
314 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | ||
315 | -- | ||
316 | 2.3.5 | ||
317 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch b/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch new file mode 100644 index 00000000..f0d97e9a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch | |||
@@ -0,0 +1,64 @@ | |||
1 | From 084fa469a8fef530d71a0870364df1c7997f6465 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 31 Jul 2014 14:06:19 +0300 | ||
4 | Subject: [PATCH 03/26] cryptodev: fix algorithm registration | ||
5 | |||
6 | Cryptodev specific algorithms must register only if available in kernel. | ||
7 | |||
8 | Change-Id: Iec5af8f4f3138357e4b96f2ec1627278134e4808 | ||
9 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
10 | Reviewed-on: http://git.am.freescale.net:8181/15326 | ||
11 | Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com> | ||
12 | Reviewed-on: http://git.am.freescale.net:8181/17224 | ||
13 | --- | ||
14 | crypto/engine/eng_cryptodev.c | 20 +++++++++++++++++--- | ||
15 | 1 file changed, 17 insertions(+), 3 deletions(-) | ||
16 | |||
17 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
18 | index 7588a28..e3eb98b 100644 | ||
19 | --- a/crypto/engine/eng_cryptodev.c | ||
20 | +++ b/crypto/engine/eng_cryptodev.c | ||
21 | @@ -133,6 +133,8 @@ static int cryptodev_dh_compute_key(unsigned char *key, | ||
22 | static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | ||
23 | void (*f)(void)); | ||
24 | void ENGINE_load_cryptodev(void); | ||
25 | +const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; | ||
26 | +const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; | ||
27 | |||
28 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | ||
29 | { 0, NULL, NULL, 0 } | ||
30 | @@ -342,7 +344,21 @@ get_cryptodev_digests(const int **cnids) | ||
31 | static int | ||
32 | cryptodev_usable_ciphers(const int **nids) | ||
33 | { | ||
34 | - return (get_cryptodev_ciphers(nids)); | ||
35 | + int i, count; | ||
36 | + | ||
37 | + count = get_cryptodev_ciphers(nids); | ||
38 | + /* add ciphers specific to cryptodev if found in kernel */ | ||
39 | + for(i = 0; i < count; i++) { | ||
40 | + switch (*(*nids + i)) { | ||
41 | + case NID_aes_128_cbc_hmac_sha1: | ||
42 | + EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
43 | + break; | ||
44 | + case NID_aes_256_cbc_hmac_sha1: | ||
45 | + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
46 | + break; | ||
47 | + } | ||
48 | + } | ||
49 | + return count; | ||
50 | } | ||
51 | |||
52 | static int | ||
53 | @@ -1582,8 +1598,6 @@ ENGINE_load_cryptodev(void) | ||
54 | } | ||
55 | put_dev_crypto(fd); | ||
56 | |||
57 | - EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
58 | - EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
59 | if (!ENGINE_set_id(engine, "cryptodev") || | ||
60 | !ENGINE_set_name(engine, "BSD cryptodev engine") || | ||
61 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | ||
62 | -- | ||
63 | 2.3.5 | ||
64 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch b/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch new file mode 100644 index 00000000..2d722d8a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch | |||
@@ -0,0 +1,74 @@ | |||
1 | From 7d770f0324498d1fa78300cc5cecc8c1dcd3b788 Mon Sep 17 00:00:00 2001 | ||
2 | From: Andy Polyakov <appro@openssl.org> | ||
3 | Date: Sun, 21 Oct 2012 18:19:41 +0000 | ||
4 | Subject: [PATCH 04/26] linux-pcc: make it more robust and recognize | ||
5 | KERNEL_BITS variable. | ||
6 | |||
7 | (cherry picked from commit 78c3e20579d3baa159c8b51b59d415b6e521614b) | ||
8 | |||
9 | Change-Id: I769c466f052305681ab54a1b6545d94c7fbf5a9d | ||
10 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | --- | ||
12 | config | 19 +++++++++++++------ | ||
13 | crypto/ppccap.c | 7 +++++++ | ||
14 | 2 files changed, 20 insertions(+), 6 deletions(-) | ||
15 | |||
16 | diff --git a/config b/config | ||
17 | index 41fa2a6..f37b9e6 100755 | ||
18 | --- a/config | ||
19 | +++ b/config | ||
20 | @@ -587,13 +587,20 @@ case "$GUESSOS" in | ||
21 | fi | ||
22 | ;; | ||
23 | ppc64-*-linux2) | ||
24 | - echo "WARNING! If you wish to build 64-bit library, then you have to" | ||
25 | - echo " invoke './Configure linux-ppc64' *manually*." | ||
26 | - if [ "$TEST" = "false" -a -t 1 ]; then | ||
27 | - echo " You have about 5 seconds to press Ctrl-C to abort." | ||
28 | - (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 | ||
29 | + if [ -z "$KERNEL_BITS" ]; then | ||
30 | + echo "WARNING! If you wish to build 64-bit library, then you have to" | ||
31 | + echo " invoke './Configure linux-ppc64' *manually*." | ||
32 | + if [ "$TEST" = "false" -a -t 1 ]; then | ||
33 | + echo " You have about 5 seconds to press Ctrl-C to abort." | ||
34 | + (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 | ||
35 | + fi | ||
36 | + fi | ||
37 | + if [ "$KERNEL_BITS" = "64" ]; then | ||
38 | + OUT="linux-ppc64" | ||
39 | + else | ||
40 | + OUT="linux-ppc" | ||
41 | + (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32" | ||
42 | fi | ||
43 | - OUT="linux-ppc" | ||
44 | ;; | ||
45 | ppc-*-linux2) OUT="linux-ppc" ;; | ||
46 | ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;; | ||
47 | diff --git a/crypto/ppccap.c b/crypto/ppccap.c | ||
48 | index f71ba66..531f1b3 100644 | ||
49 | --- a/crypto/ppccap.c | ||
50 | +++ b/crypto/ppccap.c | ||
51 | @@ -4,6 +4,9 @@ | ||
52 | #include <setjmp.h> | ||
53 | #include <signal.h> | ||
54 | #include <unistd.h> | ||
55 | +#ifdef __linux | ||
56 | +#include <sys/utsname.h> | ||
57 | +#endif | ||
58 | #include <crypto.h> | ||
59 | #include <openssl/bn.h> | ||
60 | |||
61 | @@ -102,6 +105,10 @@ void OPENSSL_cpuid_setup(void) | ||
62 | |||
63 | if (sizeof(size_t)==4) | ||
64 | { | ||
65 | +#ifdef __linux | ||
66 | + struct utsname uts; | ||
67 | + if (uname(&uts)==0 && strcmp(uts.machine,"ppc64")==0) | ||
68 | +#endif | ||
69 | if (sigsetjmp(ill_jmp,1) == 0) | ||
70 | { | ||
71 | OPENSSL_ppc64_probe(); | ||
72 | -- | ||
73 | 2.3.5 | ||
74 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch b/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch new file mode 100644 index 00000000..c9ff5aa8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch | |||
@@ -0,0 +1,318 @@ | |||
1 | From 15abbcd740eafbf2a46b5da24be76acf4982743d Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 05:56:54 +0545 | ||
4 | Subject: [PATCH 05/26] ECC Support header for Cryptodev Engine | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | crypto/engine/eng_cryptodev_ec.h | 296 +++++++++++++++++++++++++++++++++++++++ | ||
11 | 1 file changed, 296 insertions(+) | ||
12 | create mode 100644 crypto/engine/eng_cryptodev_ec.h | ||
13 | |||
14 | diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h | ||
15 | new file mode 100644 | ||
16 | index 0000000..77aee71 | ||
17 | --- /dev/null | ||
18 | +++ b/crypto/engine/eng_cryptodev_ec.h | ||
19 | @@ -0,0 +1,296 @@ | ||
20 | +/* | ||
21 | + * Copyright (C) 2012 Freescale Semiconductor, Inc. | ||
22 | + * | ||
23 | + * Redistribution and use in source and binary forms, with or without | ||
24 | + * modification, are permitted provided that the following conditions | ||
25 | + * are met: | ||
26 | + * 1. Redistributions of source code must retain the above copyright | ||
27 | + * notice, this list of conditions and the following disclaimer. | ||
28 | + * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | + * notice, this list of conditions and the following disclaimer in the | ||
30 | + * documentation and/or other materials provided with the distribution. | ||
31 | + * | ||
32 | + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
33 | + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
34 | + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN | ||
35 | + * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
36 | + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED | ||
37 | + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | ||
38 | + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF | ||
39 | + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | ||
40 | + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
41 | + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
42 | + */ | ||
43 | +#ifndef __ENG_EC_H | ||
44 | +#define __ENG_EC_H | ||
45 | + | ||
46 | +#define SPCF_CPARAM_INIT(X,...) \ | ||
47 | +static unsigned char X##_c[] = {__VA_ARGS__} \ | ||
48 | + | ||
49 | +#define SPCF_FREE_BN(X) do { if(X) { BN_clear_free(X); X = NULL; } } while (0) | ||
50 | + | ||
51 | +#define SPCF_COPY_CPARAMS(NIDBUF) \ | ||
52 | + do { \ | ||
53 | + memcpy (buf, NIDBUF, buf_len); \ | ||
54 | + } while (0) | ||
55 | + | ||
56 | +#define SPCF_CPARAM_CASE(X) \ | ||
57 | + case NID_##X: \ | ||
58 | + SPCF_COPY_CPARAMS(X##_c); \ | ||
59 | + break | ||
60 | + | ||
61 | +SPCF_CPARAM_INIT(sect113r1, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, 0xEC, 0x76, | ||
62 | + 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); | ||
63 | +SPCF_CPARAM_INIT(sect113r2, 0x00, 0x54, 0xD9, 0xF0, 0x39, 0x57, 0x17, 0x4A, | ||
64 | + 0x32, 0x32, 0x91, 0x67, 0xD7, 0xFE, 0x71); | ||
65 | +SPCF_CPARAM_INIT(sect131r1, 0x03, 0xDB, 0x89, 0xB4, 0x05, 0xE4, 0x91, 0x16, | ||
66 | + 0x0E, 0x3B, 0x2F, 0x07, 0xB0, 0xCE, 0x20, 0xB3, 0x7E); | ||
67 | +SPCF_CPARAM_INIT(sect131r2, 0x07, 0xCB, 0xB9, 0x92, 0x0D, 0x71, 0xA4, 0x8E, | ||
68 | + 0x09, 0x9C, 0x38, 0xD7, 0x1D, 0xA6, 0x49, 0x0E, 0xB1); | ||
69 | +SPCF_CPARAM_INIT(sect163k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
70 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
71 | + 0x00, 0x00, 0x01); | ||
72 | +SPCF_CPARAM_INIT(sect163r1, 0x05, 0xED, 0x40, 0x3E, 0xD5, 0x8E, 0xB4, 0x5B, | ||
73 | + 0x1C, 0xCE, 0xCA, 0x0F, 0x4F, 0x61, 0x65, 0x55, 0x49, 0x86, | ||
74 | + 0x1B, 0xE0, 0x52); | ||
75 | +SPCF_CPARAM_INIT(sect163r2, 0x07, 0x2C, 0x4E, 0x1E, 0xF7, 0xCB, 0x2F, 0x3A, | ||
76 | + 0x03, 0x5D, 0x33, 0x10, 0x42, 0x94, 0x15, 0x96, 0x09, 0x13, | ||
77 | + 0x8B, 0xB4, 0x04); | ||
78 | +SPCF_CPARAM_INIT(sect193r1, 0x01, 0x67, 0xB3, 0x5E, 0xB4, 0x31, 0x3F, 0x26, | ||
79 | + 0x3D, 0x0F, 0x7A, 0x3D, 0x50, 0x36, 0xF0, 0xA0, 0xA3, 0xC9, | ||
80 | + 0x80, 0xD4, 0x0E, 0x5A, 0x05, 0x3E, 0xD2); | ||
81 | +SPCF_CPARAM_INIT(sect193r2, 0x00, 0x69, 0x89, 0xFE, 0x6B, 0xFE, 0x30, 0xED, | ||
82 | + 0xDC, 0x32, 0x44, 0x26, 0x9F, 0x3A, 0xAD, 0x18, 0xD6, 0x6C, | ||
83 | + 0xF3, 0xDB, 0x3E, 0x33, 0x02, 0xFA, 0xA8); | ||
84 | +SPCF_CPARAM_INIT(sect233k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
85 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
86 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
87 | + 0x00, 0x01); | ||
88 | +SPCF_CPARAM_INIT(sect233r1, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, 0xDF, 0xF1, | ||
89 | + 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, 0xCE, 0x35, | ||
90 | + 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, 0xC0, 0xF2, | ||
91 | + 0x68, 0x6C); | ||
92 | +SPCF_CPARAM_INIT(sect239k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
93 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
94 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
95 | + 0x00, 0x01); | ||
96 | +SPCF_CPARAM_INIT(sect283k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
97 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
98 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
99 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); | ||
100 | +SPCF_CPARAM_INIT(sect283r1, 0x03, 0xD8, 0xC9, 0x3D, 0x3B, 0x0E, 0xA8, 0x1D, | ||
101 | + 0x92, 0x94, 0x03, 0x4D, 0x7E, 0xE3, 0x13, 0x5D, 0x0A, 0xC5, | ||
102 | + 0xFC, 0x8D, 0x9C, 0xB0, 0x27, 0x6F, 0x72, 0x11, 0xF8, 0x80, | ||
103 | + 0xF0, 0xD8, 0x1C, 0xA4, 0xC6, 0xE8, 0x7B, 0x38); | ||
104 | +SPCF_CPARAM_INIT(sect409k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
105 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
106 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
107 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
108 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
109 | + 0x00, 0x00, 0x00, 0x01); | ||
110 | +SPCF_CPARAM_INIT(sect409r1, 0x01, 0x49, 0xB8, 0xB7, 0xBE, 0xBD, 0x9B, 0x63, | ||
111 | + 0x65, 0x3E, 0xF1, 0xCD, 0x8C, 0x6A, 0x5D, 0xD1, 0x05, 0xA2, | ||
112 | + 0xAA, 0xAC, 0x36, 0xFE, 0x2E, 0xAE, 0x43, 0xCF, 0x28, 0xCE, | ||
113 | + 0x1C, 0xB7, 0xC8, 0x30, 0xC1, 0xEC, 0xDB, 0xFA, 0x41, 0x3A, | ||
114 | + 0xB0, 0x7F, 0xE3, 0x5A, 0x57, 0x81, 0x1A, 0xE4, 0xF8, 0x8D, | ||
115 | + 0x30, 0xAC, 0x63, 0xFB); | ||
116 | +SPCF_CPARAM_INIT(sect571k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
117 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
118 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
119 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
120 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
121 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
122 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
123 | + 0x00, 0x00, 0x00, 0x01); | ||
124 | +SPCF_CPARAM_INIT(sect571r1, 0x06, 0x39, 0x5D, 0xB2, 0x2A, 0xB5, 0x94, 0xB1, | ||
125 | + 0x86, 0x8C, 0xED, 0x95, 0x25, 0x78, 0xB6, 0x53, 0x9F, 0xAB, | ||
126 | + 0xA6, 0x94, 0x06, 0xD9, 0xB2, 0x98, 0x61, 0x23, 0xA1, 0x85, | ||
127 | + 0xC8, 0x58, 0x32, 0xE2, 0x5F, 0xD5, 0xB6, 0x38, 0x33, 0xD5, | ||
128 | + 0x14, 0x42, 0xAB, 0xF1, 0xA9, 0xC0, 0x5F, 0xF0, 0xEC, 0xBD, | ||
129 | + 0x88, 0xD7, 0xF7, 0x79, 0x97, 0xF4, 0xDC, 0x91, 0x56, 0xAA, | ||
130 | + 0xF1, 0xCE, 0x08, 0x16, 0x46, 0x86, 0xDD, 0xFF, 0x75, 0x11, | ||
131 | + 0x6F, 0xBC, 0x9A, 0x7A); | ||
132 | +SPCF_CPARAM_INIT(X9_62_c2pnb163v1, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, 0x1F, | ||
133 | + 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, 0x81, | ||
134 | + 0xE7, 0xEA, 0x26, 0xEC); | ||
135 | +SPCF_CPARAM_INIT(X9_62_c2pnb163v2, 0x04, 0x35, 0xC0, 0x19, 0x66, 0x0E, 0x01, | ||
136 | + 0x01, 0xBA, 0x87, 0x0C, 0xA3, 0x9F, 0xD9, 0xA7, 0x76, 0x86, | ||
137 | + 0x50, 0x9D, 0x28, 0x13); | ||
138 | +SPCF_CPARAM_INIT(X9_62_c2pnb163v3, 0x06, 0x55, 0xC4, 0x54, 0xE4, 0x1E, 0x38, | ||
139 | + 0x0C, 0x7A, 0x60, 0xB6, 0x67, 0x9A, 0x5B, 0x7A, 0x3F, 0x3A, | ||
140 | + 0xF6, 0x8E, 0x22, 0xC5); | ||
141 | +SPCF_CPARAM_INIT(X9_62_c2pnb176v1, 0x00, 0x69, 0xF7, 0xDA, 0x36, 0x19, 0xA7, | ||
142 | + 0x42, 0xA3, 0x82, 0xFF, 0x05, 0x08, 0x8F, 0xD3, 0x99, 0x42, | ||
143 | + 0xCA, 0x0F, 0x1D, 0x90, 0xB6, 0x5B); | ||
144 | +SPCF_CPARAM_INIT(X9_62_c2tnb191v1, 0x4C, 0x45, 0x25, 0xAB, 0x0B, 0x68, 0x4A, | ||
145 | + 0x64, 0x44, 0x62, 0x0A, 0x86, 0x45, 0xEF, 0x54, 0x6D, 0x54, | ||
146 | + 0x69, 0x39, 0x68, 0xC2, 0xAE, 0x84, 0xAC); | ||
147 | +SPCF_CPARAM_INIT(X9_62_c2tnb191v2, 0x03, 0x7C, 0x8F, 0x57, 0xA2, 0x25, 0xC7, | ||
148 | + 0xB3, 0xD4, 0xED, 0xD5, 0x88, 0x0F, 0x38, 0x0A, 0xCC, 0x55, | ||
149 | + 0x74, 0xEC, 0xB3, 0x6C, 0x9F, 0x51, 0x21); | ||
150 | +SPCF_CPARAM_INIT(X9_62_c2tnb191v3, 0x37, 0x39, 0xFF, 0x98, 0xB4, 0xD1, 0x69, | ||
151 | + 0x3E, 0xCF, 0x52, 0x7A, 0x98, 0x51, 0xED, 0xCF, 0x99, 0x9D, | ||
152 | + 0x9E, 0x75, 0x05, 0x43, 0x33, 0x43, 0x24); | ||
153 | +SPCF_CPARAM_INIT(X9_62_c2pnb208w1, 0x00, 0xDB, 0x05, 0x3C, 0x41, 0x76, 0xCC, | ||
154 | + 0x1D, 0xA1, 0x27, 0x85, 0x2C, 0xA6, 0xD9, 0x88, 0xBE, 0x1A, | ||
155 | + 0xCC, 0xD1, 0x5B, 0x2A, 0xC1, 0xC1, 0x07, 0x42, 0x57, 0x34); | ||
156 | +SPCF_CPARAM_INIT(X9_62_c2tnb239v1, 0x24, 0x59, 0xFC, 0xF4, 0x51, 0x7B, 0xC5, | ||
157 | + 0xA6, 0xB9, 0x9B, 0xE5, 0xC6, 0xC5, 0x62, 0x85, 0xC0, 0x21, | ||
158 | + 0xFE, 0x32, 0xEE, 0x2B, 0x6F, 0x1C, 0x22, 0xEA, 0x5B, 0xE1, | ||
159 | + 0xB8, 0x4B, 0x93); | ||
160 | +SPCF_CPARAM_INIT(X9_62_c2tnb239v2, 0x64, 0x98, 0x84, 0x19, 0x3B, 0x56, 0x2D, | ||
161 | + 0x4A, 0x50, 0xB4, 0xFA, 0x56, 0x34, 0xE0, 0x34, 0x41, 0x3F, | ||
162 | + 0x94, 0xC4, 0x59, 0xDA, 0x7C, 0xDB, 0x16, 0x64, 0x9D, 0xDD, | ||
163 | + 0xF7, 0xE6, 0x0A); | ||
164 | +SPCF_CPARAM_INIT(X9_62_c2tnb239v3, 0x32, 0x63, 0x2E, 0x65, 0x2B, 0xEE, 0x91, | ||
165 | + 0xC2, 0xE4, 0xA2, 0xF5, 0x42, 0xA3, 0x2D, 0x67, 0xA8, 0xB5, | ||
166 | + 0xB4, 0x5F, 0x21, 0xA0, 0x81, 0x02, 0xFB, 0x1F, 0x2A, 0xFB, | ||
167 | + 0xB6, 0xAC, 0xDA); | ||
168 | +SPCF_CPARAM_INIT(X9_62_c2pnb272w1, 0x00, 0xDA, 0x7B, 0x60, 0x28, 0xF4, 0xC8, | ||
169 | + 0x09, 0xA0, 0xB9, 0x78, 0x81, 0xC3, 0xA5, 0x7E, 0x4D, 0x71, | ||
170 | + 0x81, 0x34, 0xD1, 0x3F, 0xEC, 0xE0, 0x90, 0x85, 0x8A, 0xC3, | ||
171 | + 0x1A, 0xE2, 0xDC, 0x2E, 0xDF, 0x8E, 0x3C, 0x8B); | ||
172 | +SPCF_CPARAM_INIT(X9_62_c2pnb304w1, 0x00, 0x3C, 0x67, 0xB4, 0x07, 0xC6, 0xF3, | ||
173 | + 0x3F, 0x81, 0x0B, 0x17, 0xDC, 0x16, 0xE2, 0x14, 0x8A, 0x2C, | ||
174 | + 0x9C, 0xE2, 0x9D, 0x56, 0x05, 0x23, 0x69, 0x6A, 0x55, 0x93, | ||
175 | + 0x8A, 0x15, 0x40, 0x81, 0xE3, 0xE3, 0xAE, 0xFB, 0xCE, 0x45, | ||
176 | + 0x70, 0xC9); | ||
177 | +SPCF_CPARAM_INIT(X9_62_c2tnb359v1, 0x22, 0x39, 0xAA, 0x58, 0x4A, 0xC5, 0x9A, | ||
178 | + 0xF9, 0x61, 0xD0, 0xFA, 0x2D, 0x52, 0x85, 0xB6, 0xFD, 0xF7, | ||
179 | + 0x34, 0x9B, 0xC6, 0x0E, 0x91, 0xE3, 0x20, 0xF4, 0x71, 0x64, | ||
180 | + 0xCE, 0x11, 0xF5, 0x18, 0xEF, 0xB4, 0xC0, 0x8B, 0x9B, 0xDA, | ||
181 | + 0x99, 0x9A, 0x8A, 0x37, 0xF8, 0x2A, 0x22, 0x61); | ||
182 | +SPCF_CPARAM_INIT(X9_62_c2pnb368w1, 0x00, 0xC0, 0x6C, 0xCF, 0x42, 0x89, 0x3A, | ||
183 | + 0x8A, 0xAA, 0x00, 0x1E, 0x0B, 0xC0, 0xD2, 0xA2, 0x27, 0x66, | ||
184 | + 0xEF, 0x3E, 0x41, 0x88, 0x7C, 0xC6, 0x77, 0x6F, 0x4A, 0x04, | ||
185 | + 0x1E, 0xE4, 0x45, 0x14, 0xB2, 0x0A, 0xFC, 0x4E, 0x5C, 0x30, | ||
186 | + 0x40, 0x60, 0x06, 0x5B, 0xC8, 0xD6, 0xCF, 0x04, 0xD3, 0x25); | ||
187 | +SPCF_CPARAM_INIT(X9_62_c2tnb431r1, 0x64, 0xF5, 0xBB, 0xE9, 0xBB, 0x31, 0x66, | ||
188 | + 0xA3, 0xA0, 0x2F, 0x2F, 0x22, 0xBF, 0x05, 0xD9, 0xF7, 0xDA, | ||
189 | + 0x43, 0xEE, 0x70, 0xC1, 0x79, 0x03, 0x15, 0x2B, 0x70, 0xA0, | ||
190 | + 0xB4, 0x25, 0x9B, 0xD2, 0xFC, 0xB2, 0x20, 0x3B, 0x7F, 0xB8, | ||
191 | + 0xD3, 0x39, 0x4E, 0x20, 0xEB, 0x0E, 0xA9, 0x84, 0xDD, 0xB1, | ||
192 | + 0xE1, 0xF1, 0x4C, 0x67, 0xB1, 0x36, 0x2B); | ||
193 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
194 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); | ||
195 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
196 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
197 | + 0x00, 0x00, 0x00, 0x00, 0x01); | ||
198 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls4, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, | ||
199 | + 0xEC, 0x76, 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); | ||
200 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls5, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, | ||
201 | + 0x1F, 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, | ||
202 | + 0x81, 0xE7, 0xEA, 0x26, 0xEC); | ||
203 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
204 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
205 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
206 | + 0x00, 0x00, 0x00, 0x01); | ||
207 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls11, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, | ||
208 | + 0xDF, 0xF1, 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, | ||
209 | + 0xCE, 0x35, 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, | ||
210 | + 0xC0, 0xF2, 0x68, 0x6C); | ||
211 | +/* Oakley curve #3 over 155 bit binary filed */ | ||
212 | +SPCF_CPARAM_INIT(ipsec3, 0x00, 0x31, 0x10, 0x00, 0x00, 0x02, 0x23, 0xA0, 0x00, | ||
213 | + 0xC4, 0x47, 0x40, 0x00, 0x08, 0x8E, 0x80, 0x00, 0x11, 0x1D, | ||
214 | + 0x1D); | ||
215 | +/* Oakley curve #4 over 185 bit binary filed */ | ||
216 | +SPCF_CPARAM_INIT(ipsec4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, | ||
217 | + 0x01, 0x80, 0x00, 0xC0, 0x0C, 0x00, 0x00, 0x00, 0x63, 0x80, | ||
218 | + 0x30, 0x00, 0x1C, 0x00, 0x09); | ||
219 | + | ||
220 | +static inline int | ||
221 | +eng_ec_get_cparam(int nid, unsigned char *buf, unsigned int buf_len) | ||
222 | +{ | ||
223 | + int ret = 0; | ||
224 | + switch (nid) { | ||
225 | + SPCF_CPARAM_CASE(sect113r1); | ||
226 | + SPCF_CPARAM_CASE(sect113r2); | ||
227 | + SPCF_CPARAM_CASE(sect131r1); | ||
228 | + SPCF_CPARAM_CASE(sect131r2); | ||
229 | + SPCF_CPARAM_CASE(sect163k1); | ||
230 | + SPCF_CPARAM_CASE(sect163r1); | ||
231 | + SPCF_CPARAM_CASE(sect163r2); | ||
232 | + SPCF_CPARAM_CASE(sect193r1); | ||
233 | + SPCF_CPARAM_CASE(sect193r2); | ||
234 | + SPCF_CPARAM_CASE(sect233k1); | ||
235 | + SPCF_CPARAM_CASE(sect233r1); | ||
236 | + SPCF_CPARAM_CASE(sect239k1); | ||
237 | + SPCF_CPARAM_CASE(sect283k1); | ||
238 | + SPCF_CPARAM_CASE(sect283r1); | ||
239 | + SPCF_CPARAM_CASE(sect409k1); | ||
240 | + SPCF_CPARAM_CASE(sect409r1); | ||
241 | + SPCF_CPARAM_CASE(sect571k1); | ||
242 | + SPCF_CPARAM_CASE(sect571r1); | ||
243 | + SPCF_CPARAM_CASE(X9_62_c2pnb163v1); | ||
244 | + SPCF_CPARAM_CASE(X9_62_c2pnb163v2); | ||
245 | + SPCF_CPARAM_CASE(X9_62_c2pnb163v3); | ||
246 | + SPCF_CPARAM_CASE(X9_62_c2pnb176v1); | ||
247 | + SPCF_CPARAM_CASE(X9_62_c2tnb191v1); | ||
248 | + SPCF_CPARAM_CASE(X9_62_c2tnb191v2); | ||
249 | + SPCF_CPARAM_CASE(X9_62_c2tnb191v3); | ||
250 | + SPCF_CPARAM_CASE(X9_62_c2pnb208w1); | ||
251 | + SPCF_CPARAM_CASE(X9_62_c2tnb239v1); | ||
252 | + SPCF_CPARAM_CASE(X9_62_c2tnb239v2); | ||
253 | + SPCF_CPARAM_CASE(X9_62_c2tnb239v3); | ||
254 | + SPCF_CPARAM_CASE(X9_62_c2pnb272w1); | ||
255 | + SPCF_CPARAM_CASE(X9_62_c2pnb304w1); | ||
256 | + SPCF_CPARAM_CASE(X9_62_c2tnb359v1); | ||
257 | + SPCF_CPARAM_CASE(X9_62_c2pnb368w1); | ||
258 | + SPCF_CPARAM_CASE(X9_62_c2tnb431r1); | ||
259 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls1); | ||
260 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls3); | ||
261 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls4); | ||
262 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls5); | ||
263 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls10); | ||
264 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls11); | ||
265 | + /* Oakley curve #3 over 155 bit binary filed */ | ||
266 | + SPCF_CPARAM_CASE(ipsec3); | ||
267 | + /* Oakley curve #4 over 185 bit binary filed */ | ||
268 | + SPCF_CPARAM_CASE(ipsec4); | ||
269 | + default: | ||
270 | + ret = -EINVAL; | ||
271 | + break; | ||
272 | + } | ||
273 | + return ret; | ||
274 | +} | ||
275 | + | ||
276 | +/* Copies the curve points to a flat buffer with appropriate padding */ | ||
277 | +static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, | ||
278 | + int xy_len, int crv_len) | ||
279 | +{ | ||
280 | + unsigned char *xy = NULL; | ||
281 | + int len1 = 0, len2 = 0; | ||
282 | + | ||
283 | + len1 = BN_num_bytes(x); | ||
284 | + len2 = BN_num_bytes(y); | ||
285 | + | ||
286 | + if (!(xy = malloc(xy_len))) { | ||
287 | + return NULL; | ||
288 | + } | ||
289 | + | ||
290 | + memset(xy, 0, xy_len); | ||
291 | + | ||
292 | + if (len1 < crv_len) { | ||
293 | + if (!BN_is_zero(x)) | ||
294 | + BN_bn2bin(x, xy + (crv_len - len1)); | ||
295 | + } else { | ||
296 | + BN_bn2bin(x, xy); | ||
297 | + } | ||
298 | + | ||
299 | + if (len2 < crv_len) { | ||
300 | + if (!BN_is_zero(y)) | ||
301 | + BN_bn2bin(y, xy+crv_len+(crv_len-len2)); | ||
302 | + } else { | ||
303 | + BN_bn2bin(y, xy+crv_len); | ||
304 | + } | ||
305 | + | ||
306 | + return xy; | ||
307 | +} | ||
308 | + | ||
309 | +enum curve_t { | ||
310 | + DISCRETE_LOG, | ||
311 | + ECC_PRIME, | ||
312 | + ECC_BINARY, | ||
313 | + MAX_ECC_TYPE | ||
314 | +}; | ||
315 | +#endif | ||
316 | -- | ||
317 | 2.3.5 | ||
318 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch new file mode 100644 index 00000000..01c268b6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | From 39a9e609290a8a1163a721915bcde0c7cf8f92f7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 05:57:47 +0545 | ||
4 | Subject: [PATCH 06/26] Fixed private key support for DH | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | crypto/dh/dh_ameth.c | 7 +++++++ | ||
11 | 1 file changed, 7 insertions(+) | ||
12 | |||
13 | diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c | ||
14 | index 02ec2d4..ed32004 100644 | ||
15 | --- a/crypto/dh/dh_ameth.c | ||
16 | +++ b/crypto/dh/dh_ameth.c | ||
17 | @@ -422,6 +422,13 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) | ||
18 | if (to->pkey.dh->g != NULL) | ||
19 | BN_free(to->pkey.dh->g); | ||
20 | to->pkey.dh->g=a; | ||
21 | + if ((a=BN_dup(from->pkey.dh->q)) != NULL) { | ||
22 | + if (to->pkey.dh->q != NULL) | ||
23 | + BN_free(to->pkey.dh->q); | ||
24 | + to->pkey.dh->q=a; | ||
25 | + } | ||
26 | + | ||
27 | + to->pkey.dh->length = from->pkey.dh->length; | ||
28 | |||
29 | return 1; | ||
30 | } | ||
31 | -- | ||
32 | 2.3.5 | ||
33 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch new file mode 100644 index 00000000..12fcd7df --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | From 8322e4157bf49d992b5b9e460f2c0785865dd1c1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 20 Mar 2014 19:55:51 -0500 | ||
4 | Subject: [PATCH 07/26] Fixed private key support for DH | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Required Length of the DH result is not returned in dh method in openssl | ||
9 | |||
10 | Tested-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
11 | --- | ||
12 | crypto/dh/dh_ameth.c | 7 ------- | ||
13 | 1 file changed, 7 deletions(-) | ||
14 | |||
15 | diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c | ||
16 | index ed32004..02ec2d4 100644 | ||
17 | --- a/crypto/dh/dh_ameth.c | ||
18 | +++ b/crypto/dh/dh_ameth.c | ||
19 | @@ -422,13 +422,6 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) | ||
20 | if (to->pkey.dh->g != NULL) | ||
21 | BN_free(to->pkey.dh->g); | ||
22 | to->pkey.dh->g=a; | ||
23 | - if ((a=BN_dup(from->pkey.dh->q)) != NULL) { | ||
24 | - if (to->pkey.dh->q != NULL) | ||
25 | - BN_free(to->pkey.dh->q); | ||
26 | - to->pkey.dh->q=a; | ||
27 | - } | ||
28 | - | ||
29 | - to->pkey.dh->length = from->pkey.dh->length; | ||
30 | |||
31 | return 1; | ||
32 | } | ||
33 | -- | ||
34 | 2.3.5 | ||
35 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch new file mode 100644 index 00000000..8c8b1f22 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch | |||
@@ -0,0 +1,1564 @@ | |||
1 | From 107a10d45db0f2e58482f698add04ed9183f7268 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 06:29:52 +0545 | ||
4 | Subject: [PATCH 08/26] Initial support for PKC in cryptodev engine | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | crypto/engine/eng_cryptodev.c | 1343 ++++++++++++++++++++++++++++++++++++----- | ||
11 | 1 file changed, 1183 insertions(+), 160 deletions(-) | ||
12 | |||
13 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
14 | index e3eb98b..7ee314b 100644 | ||
15 | --- a/crypto/engine/eng_cryptodev.c | ||
16 | +++ b/crypto/engine/eng_cryptodev.c | ||
17 | @@ -54,11 +54,14 @@ ENGINE_load_cryptodev(void) | ||
18 | #else | ||
19 | |||
20 | #include <sys/types.h> | ||
21 | -#include <crypto/cryptodev.h> | ||
22 | #include <crypto/dh/dh.h> | ||
23 | #include <crypto/dsa/dsa.h> | ||
24 | #include <crypto/err/err.h> | ||
25 | #include <crypto/rsa/rsa.h> | ||
26 | +#include <crypto/ecdsa/ecs_locl.h> | ||
27 | +#include <crypto/ecdh/ech_locl.h> | ||
28 | +#include <crypto/ec/ec_lcl.h> | ||
29 | +#include <crypto/ec/ec.h> | ||
30 | #include <sys/ioctl.h> | ||
31 | #include <errno.h> | ||
32 | #include <stdio.h> | ||
33 | @@ -68,6 +71,8 @@ ENGINE_load_cryptodev(void) | ||
34 | #include <syslog.h> | ||
35 | #include <errno.h> | ||
36 | #include <string.h> | ||
37 | +#include "eng_cryptodev_ec.h" | ||
38 | +#include <crypto/cryptodev.h> | ||
39 | |||
40 | struct dev_crypto_state { | ||
41 | struct session_op d_sess; | ||
42 | @@ -116,18 +121,10 @@ static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, | ||
43 | static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, | ||
44 | RSA *rsa, BN_CTX *ctx); | ||
45 | static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); | ||
46 | -static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, | ||
47 | - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||
48 | -static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, | ||
49 | - BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, | ||
50 | - BN_CTX *ctx, BN_MONT_CTX *mont); | ||
51 | static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, | ||
52 | int dlen, DSA *dsa); | ||
53 | static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, | ||
54 | DSA_SIG *sig, DSA *dsa); | ||
55 | -static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||
56 | - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
57 | - BN_MONT_CTX *m_ctx); | ||
58 | static int cryptodev_dh_compute_key(unsigned char *key, | ||
59 | const BIGNUM *pub_key, DH *dh); | ||
60 | static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | ||
61 | @@ -136,6 +133,102 @@ void ENGINE_load_cryptodev(void); | ||
62 | const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; | ||
63 | const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; | ||
64 | |||
65 | +inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
66 | +{ | ||
67 | + int len; | ||
68 | + unsigned char *p; | ||
69 | + | ||
70 | + len = BN_num_bytes(bn); | ||
71 | + | ||
72 | + if (!len) | ||
73 | + return -1; | ||
74 | + | ||
75 | + p = malloc(len); | ||
76 | + if (!p) | ||
77 | + return -1; | ||
78 | + | ||
79 | + BN_bn2bin(bn,p); | ||
80 | + | ||
81 | + *bin = p; | ||
82 | + *bin_len = len; | ||
83 | + | ||
84 | + return 0; | ||
85 | +} | ||
86 | + | ||
87 | +inline int spcf_bn2bin_ex(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
88 | +{ | ||
89 | + int len; | ||
90 | + unsigned char *p; | ||
91 | + | ||
92 | + len = BN_num_bytes(bn); | ||
93 | + | ||
94 | + if (!len) | ||
95 | + return -1; | ||
96 | + | ||
97 | + if (len < *bin_len) | ||
98 | + p = malloc(*bin_len); | ||
99 | + else | ||
100 | + p = malloc(len); | ||
101 | + | ||
102 | + if (!p) | ||
103 | + return -ENOMEM; | ||
104 | + | ||
105 | + if (len < *bin_len) { | ||
106 | + /* place padding */ | ||
107 | + memset(p, 0, (*bin_len - len)); | ||
108 | + BN_bn2bin(bn,p+(*bin_len-len)); | ||
109 | + } else { | ||
110 | + BN_bn2bin(bn,p); | ||
111 | + } | ||
112 | + | ||
113 | + *bin = p; | ||
114 | + if (len >= *bin_len) | ||
115 | + *bin_len = len; | ||
116 | + | ||
117 | + return 0; | ||
118 | +} | ||
119 | + | ||
120 | +/** | ||
121 | + * Convert an ECC F2m 'b' parameter into the 'c' parameter. | ||
122 | + *Inputs: | ||
123 | + * q, the curve's modulus | ||
124 | + * b, the curve's b parameter | ||
125 | + * (a bignum for b, a buffer for c) | ||
126 | + * Output: | ||
127 | + * c, written into bin, right-adjusted to fill q_len bytes. | ||
128 | + */ | ||
129 | +static int | ||
130 | +eng_ec_compute_cparam(const BIGNUM* b, const BIGNUM* q, | ||
131 | + unsigned char **bin, int *bin_len) | ||
132 | +{ | ||
133 | + BIGNUM* c = BN_new(); | ||
134 | + BIGNUM* exp = BN_new(); | ||
135 | + BN_CTX *ctx = BN_CTX_new(); | ||
136 | + int m = BN_num_bits(q) - 1; | ||
137 | + int ok = 0; | ||
138 | + | ||
139 | + if (!c || !exp || !ctx || *bin) | ||
140 | + goto err; | ||
141 | + | ||
142 | + /* | ||
143 | + * We have to compute c, where b = c^4, i.e., the fourth root of b. | ||
144 | + * The equation for c is c = b^(2^(m-2)) | ||
145 | + * Compute exp = 2^(m-2) | ||
146 | + * (1 << x) == 2^x | ||
147 | + * and then compute c = b^exp | ||
148 | + */ | ||
149 | + BN_lshift(exp, BN_value_one(), m-2); | ||
150 | + BN_GF2m_mod_exp(c, b, exp, q, ctx); | ||
151 | + /* Store c */ | ||
152 | + spcf_bn2bin_ex(c, bin, bin_len); | ||
153 | + ok = 1; | ||
154 | +err: | ||
155 | + if (ctx) BN_CTX_free(ctx); | ||
156 | + if (c) BN_free(c); | ||
157 | + if (exp) BN_free(exp); | ||
158 | + return ok; | ||
159 | +} | ||
160 | + | ||
161 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | ||
162 | { 0, NULL, NULL, 0 } | ||
163 | }; | ||
164 | @@ -1139,7 +1232,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, | ||
165 | static int | ||
166 | bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
167 | { | ||
168 | - int i, j, k; | ||
169 | ssize_t bytes, bits; | ||
170 | u_char *b; | ||
171 | |||
172 | @@ -1156,15 +1248,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
173 | |||
174 | crp->crp_p = (caddr_t) b; | ||
175 | crp->crp_nbits = bits; | ||
176 | - | ||
177 | - for (i = 0, j = 0; i < a->top; i++) { | ||
178 | - for (k = 0; k < BN_BITS2 / 8; k++) { | ||
179 | - if ((j + k) >= bytes) | ||
180 | - return (0); | ||
181 | - b[j + k] = a->d[i] >> (k * 8); | ||
182 | - } | ||
183 | - j += BN_BITS2 / 8; | ||
184 | - } | ||
185 | + BN_bn2bin(a, crp->crp_p); | ||
186 | return (0); | ||
187 | } | ||
188 | |||
189 | @@ -1172,22 +1256,14 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
190 | static int | ||
191 | crparam2bn(struct crparam *crp, BIGNUM *a) | ||
192 | { | ||
193 | - u_int8_t *pd; | ||
194 | - int i, bytes; | ||
195 | + int bytes; | ||
196 | |||
197 | bytes = (crp->crp_nbits + 7) / 8; | ||
198 | |||
199 | if (bytes == 0) | ||
200 | return (-1); | ||
201 | |||
202 | - if ((pd = (u_int8_t *) malloc(bytes)) == NULL) | ||
203 | - return (-1); | ||
204 | - | ||
205 | - for (i = 0; i < bytes; i++) | ||
206 | - pd[i] = crp->crp_p[bytes - i - 1]; | ||
207 | - | ||
208 | - BN_bin2bn(pd, bytes, a); | ||
209 | - free(pd); | ||
210 | + BN_bin2bn(crp->crp_p, bytes, a); | ||
211 | |||
212 | return (0); | ||
213 | } | ||
214 | @@ -1235,6 +1311,32 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | ||
215 | return (ret); | ||
216 | } | ||
217 | |||
218 | +/* Close an opened instance of cryptodev engine */ | ||
219 | +void cryptodev_close_instance(void *handle) | ||
220 | +{ | ||
221 | + int fd; | ||
222 | + | ||
223 | + if (handle) { | ||
224 | + fd = *(int *)handle; | ||
225 | + close(fd); | ||
226 | + free(handle); | ||
227 | + } | ||
228 | +} | ||
229 | + | ||
230 | +/* Create an instance of cryptodev for asynchronous interface */ | ||
231 | +void *cryptodev_init_instance(void) | ||
232 | +{ | ||
233 | + int *fd = malloc(sizeof(int)); | ||
234 | + | ||
235 | + if (fd) { | ||
236 | + if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { | ||
237 | + free(fd); | ||
238 | + return NULL; | ||
239 | + } | ||
240 | + } | ||
241 | + return fd; | ||
242 | +} | ||
243 | + | ||
244 | static int | ||
245 | cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
246 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | ||
247 | @@ -1250,9 +1352,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
248 | return (ret); | ||
249 | } | ||
250 | |||
251 | - memset(&kop, 0, sizeof kop); | ||
252 | kop.crk_op = CRK_MOD_EXP; | ||
253 | - | ||
254 | + kop.crk_oparams = 0; | ||
255 | + kop.crk_status = 0; | ||
256 | /* inputs: a^p % m */ | ||
257 | if (bn2crparam(a, &kop.crk_param[0])) | ||
258 | goto err; | ||
259 | @@ -1293,28 +1395,38 @@ static int | ||
260 | cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | ||
261 | { | ||
262 | struct crypt_kop kop; | ||
263 | - int ret = 1; | ||
264 | + int ret = 1, f_len, p_len, q_len; | ||
265 | + unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; | ||
266 | |||
267 | if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { | ||
268 | /* XXX 0 means failure?? */ | ||
269 | return (0); | ||
270 | } | ||
271 | |||
272 | - memset(&kop, 0, sizeof kop); | ||
273 | + kop.crk_oparams = 0; | ||
274 | + kop.crk_status = 0; | ||
275 | kop.crk_op = CRK_MOD_EXP_CRT; | ||
276 | + f_len = BN_num_bytes(rsa->n); | ||
277 | + spcf_bn2bin_ex(I, &f, &f_len); | ||
278 | + spcf_bn2bin(rsa->p, &p, &p_len); | ||
279 | + spcf_bn2bin(rsa->q, &q, &q_len); | ||
280 | + spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); | ||
281 | + spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); | ||
282 | + spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); | ||
283 | /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ | ||
284 | - if (bn2crparam(rsa->p, &kop.crk_param[0])) | ||
285 | - goto err; | ||
286 | - if (bn2crparam(rsa->q, &kop.crk_param[1])) | ||
287 | - goto err; | ||
288 | - if (bn2crparam(I, &kop.crk_param[2])) | ||
289 | - goto err; | ||
290 | - if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) | ||
291 | - goto err; | ||
292 | - if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) | ||
293 | - goto err; | ||
294 | - if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) | ||
295 | - goto err; | ||
296 | + kop.crk_param[0].crp_p = p; | ||
297 | + kop.crk_param[0].crp_nbits = p_len * 8; | ||
298 | + kop.crk_param[1].crp_p = q; | ||
299 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
300 | + kop.crk_param[2].crp_p = f; | ||
301 | + kop.crk_param[2].crp_nbits = f_len * 8; | ||
302 | + kop.crk_param[3].crp_p = dp; | ||
303 | + kop.crk_param[3].crp_nbits = p_len * 8; | ||
304 | + /* dq must of length q, rest all of length p*/ | ||
305 | + kop.crk_param[4].crp_p = dq; | ||
306 | + kop.crk_param[4].crp_nbits = q_len * 8; | ||
307 | + kop.crk_param[5].crp_p = c; | ||
308 | + kop.crk_param[5].crp_nbits = p_len * 8; | ||
309 | kop.crk_iparams = 6; | ||
310 | |||
311 | if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { | ||
312 | @@ -1350,90 +1462,117 @@ static RSA_METHOD cryptodev_rsa = { | ||
313 | NULL /* rsa_verify */ | ||
314 | }; | ||
315 | |||
316 | -static int | ||
317 | -cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
318 | - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | ||
319 | -{ | ||
320 | - return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); | ||
321 | -} | ||
322 | - | ||
323 | -static int | ||
324 | -cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, | ||
325 | - BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, | ||
326 | - BN_CTX *ctx, BN_MONT_CTX *mont) | ||
327 | +static DSA_SIG * | ||
328 | +cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||
329 | { | ||
330 | - BIGNUM t2; | ||
331 | - int ret = 0; | ||
332 | - | ||
333 | - BN_init(&t2); | ||
334 | - | ||
335 | - /* v = ( g^u1 * y^u2 mod p ) mod q */ | ||
336 | - /* let t1 = g ^ u1 mod p */ | ||
337 | - ret = 0; | ||
338 | + struct crypt_kop kop; | ||
339 | + BIGNUM *c = NULL, *d = NULL; | ||
340 | + DSA_SIG *dsaret = NULL; | ||
341 | + int q_len = 0, r_len = 0, g_len = 0; | ||
342 | + int priv_key_len = 0, ret; | ||
343 | + unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; | ||
344 | |||
345 | - if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) | ||
346 | + memset(&kop, 0, sizeof kop); | ||
347 | + if ((c = BN_new()) == NULL) { | ||
348 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
349 | goto err; | ||
350 | + } | ||
351 | |||
352 | - /* let t2 = y ^ u2 mod p */ | ||
353 | - if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) | ||
354 | + if ((d = BN_new()) == NULL) { | ||
355 | + BN_free(c); | ||
356 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
357 | goto err; | ||
358 | - /* let u1 = t1 * t2 mod p */ | ||
359 | - if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) | ||
360 | + } | ||
361 | + | ||
362 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
363 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
364 | goto err; | ||
365 | + } | ||
366 | |||
367 | - BN_copy(t1,u1); | ||
368 | + /* Get order of the field of private keys into plain buffer */ | ||
369 | + if (spcf_bn2bin (dsa->q, &r, &r_len)) { | ||
370 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
371 | + goto err; | ||
372 | + } | ||
373 | |||
374 | - ret = 1; | ||
375 | -err: | ||
376 | - BN_free(&t2); | ||
377 | - return(ret); | ||
378 | -} | ||
379 | + /* sanity test */ | ||
380 | + if (dlen > r_len) { | ||
381 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
382 | + goto err; | ||
383 | + } | ||
384 | |||
385 | -static DSA_SIG * | ||
386 | -cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||
387 | -{ | ||
388 | - struct crypt_kop kop; | ||
389 | - BIGNUM *r = NULL, *s = NULL; | ||
390 | - DSA_SIG *dsaret = NULL; | ||
391 | + g_len = q_len; | ||
392 | + /** | ||
393 | + * Get generator into a plain buffer. If length is less than | ||
394 | + * q_len then add leading padding bytes. | ||
395 | + */ | ||
396 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
397 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
398 | + goto err; | ||
399 | + } | ||
400 | |||
401 | - if ((r = BN_new()) == NULL) | ||
402 | + priv_key_len = r_len; | ||
403 | + /** | ||
404 | + * Get private key into a plain buffer. If length is less than | ||
405 | + * r_len then add leading padding bytes. | ||
406 | + */ | ||
407 | + if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { | ||
408 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
409 | goto err; | ||
410 | - if ((s = BN_new()) == NULL) { | ||
411 | - BN_free(r); | ||
412 | + } | ||
413 | + | ||
414 | + /* Allocate memory to store hash. */ | ||
415 | + f = OPENSSL_malloc (r_len); | ||
416 | + if (!f) { | ||
417 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
418 | goto err; | ||
419 | } | ||
420 | |||
421 | - memset(&kop, 0, sizeof kop); | ||
422 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
423 | + if (dlen < r_len) | ||
424 | + memset(f, 0, r_len - dlen); | ||
425 | + | ||
426 | + /* Skip leading bytes if dgst_len < r_len */ | ||
427 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
428 | + | ||
429 | kop.crk_op = CRK_DSA_SIGN; | ||
430 | |||
431 | /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
432 | - kop.crk_param[0].crp_p = (caddr_t)dgst; | ||
433 | - kop.crk_param[0].crp_nbits = dlen * 8; | ||
434 | - if (bn2crparam(dsa->p, &kop.crk_param[1])) | ||
435 | - goto err; | ||
436 | - if (bn2crparam(dsa->q, &kop.crk_param[2])) | ||
437 | - goto err; | ||
438 | - if (bn2crparam(dsa->g, &kop.crk_param[3])) | ||
439 | - goto err; | ||
440 | - if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) | ||
441 | - goto err; | ||
442 | + kop.crk_param[0].crp_p = (void*)f; | ||
443 | + kop.crk_param[0].crp_nbits = r_len * 8; | ||
444 | + kop.crk_param[1].crp_p = (void*)q; | ||
445 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
446 | + kop.crk_param[2].crp_p = (void*)r; | ||
447 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
448 | + kop.crk_param[3].crp_p = (void*)g; | ||
449 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
450 | + kop.crk_param[4].crp_p = (void*)priv_key; | ||
451 | + kop.crk_param[4].crp_nbits = priv_key_len * 8; | ||
452 | kop.crk_iparams = 5; | ||
453 | |||
454 | - if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, | ||
455 | - BN_num_bytes(dsa->q), s) == 0) { | ||
456 | - dsaret = DSA_SIG_new(); | ||
457 | - dsaret->r = r; | ||
458 | - dsaret->s = s; | ||
459 | - } else { | ||
460 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
461 | - BN_free(r); | ||
462 | - BN_free(s); | ||
463 | - dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | ||
464 | + ret = cryptodev_asym(&kop, r_len, c, r_len, d); | ||
465 | + | ||
466 | + if (ret) { | ||
467 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DECODE_ERROR); | ||
468 | + goto err; | ||
469 | } | ||
470 | -err: | ||
471 | - kop.crk_param[0].crp_p = NULL; | ||
472 | + | ||
473 | + dsaret = DSA_SIG_new(); | ||
474 | + dsaret->r = c; | ||
475 | + dsaret->s = d; | ||
476 | + | ||
477 | zapparams(&kop); | ||
478 | return (dsaret); | ||
479 | +err: | ||
480 | + { | ||
481 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
482 | + if (c) | ||
483 | + BN_free(c); | ||
484 | + if (d) | ||
485 | + BN_free(d); | ||
486 | + dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | ||
487 | + return (dsaret); | ||
488 | + } | ||
489 | } | ||
490 | |||
491 | static int | ||
492 | @@ -1441,42 +1580,179 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, | ||
493 | DSA_SIG *sig, DSA *dsa) | ||
494 | { | ||
495 | struct crypt_kop kop; | ||
496 | - int dsaret = 1; | ||
497 | + int dsaret = 1, q_len = 0, r_len = 0, g_len = 0; | ||
498 | + int w_len = 0 ,c_len = 0, d_len = 0, ret = -1; | ||
499 | + unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; | ||
500 | + unsigned char * c = NULL, * d = NULL, *f = NULL; | ||
501 | |||
502 | memset(&kop, 0, sizeof kop); | ||
503 | kop.crk_op = CRK_DSA_VERIFY; | ||
504 | |||
505 | - /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ | ||
506 | - kop.crk_param[0].crp_p = (caddr_t)dgst; | ||
507 | - kop.crk_param[0].crp_nbits = dlen * 8; | ||
508 | - if (bn2crparam(dsa->p, &kop.crk_param[1])) | ||
509 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
510 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
511 | + return ret; | ||
512 | + } | ||
513 | + | ||
514 | + /* Get Order of field of private keys */ | ||
515 | + if (spcf_bn2bin(dsa->q, &r, &r_len)) { | ||
516 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
517 | goto err; | ||
518 | - if (bn2crparam(dsa->q, &kop.crk_param[2])) | ||
519 | + } | ||
520 | + | ||
521 | + g_len = q_len; | ||
522 | + /** | ||
523 | + * Get generator into a plain buffer. If length is less than | ||
524 | + * q_len then add leading padding bytes. | ||
525 | + */ | ||
526 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
527 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
528 | goto err; | ||
529 | - if (bn2crparam(dsa->g, &kop.crk_param[3])) | ||
530 | + } | ||
531 | + w_len = q_len; | ||
532 | + /** | ||
533 | + * Get public key into a plain buffer. If length is less than | ||
534 | + * q_len then add leading padding bytes. | ||
535 | + */ | ||
536 | + if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { | ||
537 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
538 | + goto err; | ||
539 | + } | ||
540 | + /** | ||
541 | + * Get the 1st part of signature into a flat buffer with | ||
542 | + * appropriate padding | ||
543 | + */ | ||
544 | + c_len = r_len; | ||
545 | + | ||
546 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
547 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
548 | goto err; | ||
549 | - if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) | ||
550 | + } | ||
551 | + | ||
552 | + /** | ||
553 | + * Get the 2nd part of signature into a flat buffer with | ||
554 | + * appropriate padding | ||
555 | + */ | ||
556 | + d_len = r_len; | ||
557 | + | ||
558 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
559 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
560 | goto err; | ||
561 | - if (bn2crparam(sig->r, &kop.crk_param[5])) | ||
562 | + } | ||
563 | + | ||
564 | + | ||
565 | + /* Sanity test */ | ||
566 | + if (dlen > r_len) { | ||
567 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
568 | goto err; | ||
569 | - if (bn2crparam(sig->s, &kop.crk_param[6])) | ||
570 | + } | ||
571 | + | ||
572 | + /* Allocate memory to store hash. */ | ||
573 | + f = OPENSSL_malloc (r_len); | ||
574 | + if (!f) { | ||
575 | + DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
576 | goto err; | ||
577 | + } | ||
578 | + | ||
579 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
580 | + if (dlen < r_len) | ||
581 | + memset(f, 0, r_len - dlen); | ||
582 | + | ||
583 | + /* Skip leading bytes if dgst_len < r_len */ | ||
584 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
585 | + | ||
586 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ | ||
587 | + kop.crk_param[0].crp_p = (void*)f; | ||
588 | + kop.crk_param[0].crp_nbits = r_len * 8; | ||
589 | + kop.crk_param[1].crp_p = q; | ||
590 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
591 | + kop.crk_param[2].crp_p = r; | ||
592 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
593 | + kop.crk_param[3].crp_p = g; | ||
594 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
595 | + kop.crk_param[4].crp_p = w; | ||
596 | + kop.crk_param[4].crp_nbits = w_len * 8; | ||
597 | + kop.crk_param[5].crp_p = c; | ||
598 | + kop.crk_param[5].crp_nbits = c_len * 8; | ||
599 | + kop.crk_param[6].crp_p = d; | ||
600 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
601 | kop.crk_iparams = 7; | ||
602 | |||
603 | - if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
604 | -/*OCF success value is 0, if not zero, change dsaret to fail*/ | ||
605 | - if(0 != kop.crk_status) dsaret = 0; | ||
606 | - } else { | ||
607 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
608 | + if ((cryptodev_asym(&kop, 0, NULL, 0, NULL))) { | ||
609 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); | ||
610 | + goto err; | ||
611 | + } | ||
612 | |||
613 | - dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); | ||
614 | + /*OCF success value is 0, if not zero, change dsaret to fail*/ | ||
615 | + if(0 != kop.crk_status) { | ||
616 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); | ||
617 | + goto err; | ||
618 | } | ||
619 | -err: | ||
620 | - kop.crk_param[0].crp_p = NULL; | ||
621 | + | ||
622 | zapparams(&kop); | ||
623 | return (dsaret); | ||
624 | +err: | ||
625 | + { | ||
626 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
627 | + | ||
628 | + dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); | ||
629 | + } | ||
630 | + return dsaret; | ||
631 | } | ||
632 | |||
633 | +/* Cryptodev DSA Key Gen routine */ | ||
634 | +static int cryptodev_dsa_keygen(DSA *dsa) | ||
635 | +{ | ||
636 | + struct crypt_kop kop; | ||
637 | + int ret = 1, g_len; | ||
638 | + unsigned char *g = NULL; | ||
639 | + | ||
640 | + if (dsa->priv_key == NULL) { | ||
641 | + if ((dsa->priv_key=BN_new()) == NULL) | ||
642 | + goto sw_try; | ||
643 | + } | ||
644 | + | ||
645 | + if (dsa->pub_key == NULL) { | ||
646 | + if ((dsa->pub_key=BN_new()) == NULL) | ||
647 | + goto sw_try; | ||
648 | + } | ||
649 | + | ||
650 | + g_len = BN_num_bytes(dsa->p); | ||
651 | + /** | ||
652 | + * Get generator into a plain buffer. If length is less than | ||
653 | + * p_len then add leading padding bytes. | ||
654 | + */ | ||
655 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
656 | + DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
657 | + goto sw_try; | ||
658 | + } | ||
659 | + | ||
660 | + memset(&kop, 0, sizeof kop); | ||
661 | + | ||
662 | + kop.crk_op = CRK_DSA_GENERATE_KEY; | ||
663 | + if (bn2crparam(dsa->p, &kop.crk_param[0])) | ||
664 | + goto sw_try; | ||
665 | + if (bn2crparam(dsa->q, &kop.crk_param[1])) | ||
666 | + goto sw_try; | ||
667 | + kop.crk_param[2].crp_p = g; | ||
668 | + kop.crk_param[2].crp_nbits = g_len * 8; | ||
669 | + kop.crk_iparams = 3; | ||
670 | + | ||
671 | + /* pub_key is or prime length while priv key is of length of order */ | ||
672 | + if (cryptodev_asym(&kop, BN_num_bytes(dsa->p), dsa->pub_key, | ||
673 | + BN_num_bytes(dsa->q), dsa->priv_key)) | ||
674 | + goto sw_try; | ||
675 | + | ||
676 | + return ret; | ||
677 | +sw_try: | ||
678 | + { | ||
679 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
680 | + ret = (meth->dsa_keygen)(dsa); | ||
681 | + } | ||
682 | + return ret; | ||
683 | +} | ||
684 | + | ||
685 | + | ||
686 | + | ||
687 | static DSA_METHOD cryptodev_dsa = { | ||
688 | "cryptodev DSA method", | ||
689 | NULL, | ||
690 | @@ -1490,12 +1766,543 @@ static DSA_METHOD cryptodev_dsa = { | ||
691 | NULL /* app_data */ | ||
692 | }; | ||
693 | |||
694 | -static int | ||
695 | -cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||
696 | - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
697 | - BN_MONT_CTX *m_ctx) | ||
698 | +static ECDSA_METHOD cryptodev_ecdsa = { | ||
699 | + "cryptodev ECDSA method", | ||
700 | + NULL, | ||
701 | + NULL, /* ecdsa_sign_setup */ | ||
702 | + NULL, | ||
703 | + NULL, | ||
704 | + 0, /* flags */ | ||
705 | + NULL /* app_data */ | ||
706 | +}; | ||
707 | + | ||
708 | +typedef enum ec_curve_s | ||
709 | +{ | ||
710 | + EC_PRIME, | ||
711 | + EC_BINARY | ||
712 | +} ec_curve_t; | ||
713 | + | ||
714 | +/* ENGINE handler for ECDSA Sign */ | ||
715 | +static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
716 | + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
717 | { | ||
718 | - return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); | ||
719 | + BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
720 | + BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
721 | + BN_CTX *ctx = NULL; | ||
722 | + ECDSA_SIG *ret = NULL; | ||
723 | + ECDSA_DATA *ecdsa = NULL; | ||
724 | + unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
725 | + unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
726 | + int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
727 | + int g_len = 0, d_len = 0, ab_len = 0; | ||
728 | + const BIGNUM *order = NULL, *priv_key=NULL; | ||
729 | + const EC_GROUP *group = NULL; | ||
730 | + struct crypt_kop kop; | ||
731 | + ec_curve_t ec_crv = EC_PRIME; | ||
732 | + | ||
733 | + memset(&kop, 0, sizeof(kop)); | ||
734 | + ecdsa = ecdsa_check(eckey); | ||
735 | + if (!ecdsa) { | ||
736 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
737 | + return NULL; | ||
738 | + } | ||
739 | + | ||
740 | + group = EC_KEY_get0_group(eckey); | ||
741 | + priv_key = EC_KEY_get0_private_key(eckey); | ||
742 | + | ||
743 | + if (!group || !priv_key) { | ||
744 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
745 | + return NULL; | ||
746 | + } | ||
747 | + | ||
748 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
749 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
750 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
751 | + (y = BN_new()) == NULL) { | ||
752 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
753 | + goto err; | ||
754 | + } | ||
755 | + | ||
756 | + order = &group->order; | ||
757 | + if (!order || BN_is_zero(order)) { | ||
758 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
759 | + goto err; | ||
760 | + } | ||
761 | + | ||
762 | + i = BN_num_bits(order); | ||
763 | + /* Need to truncate digest if it is too long: first truncate whole | ||
764 | + bytes */ | ||
765 | + if (8 * dgst_len > i) | ||
766 | + dgst_len = (i + 7)/8; | ||
767 | + | ||
768 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
769 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
770 | + goto err; | ||
771 | + } | ||
772 | + | ||
773 | + /* If still too long truncate remaining bits with a shift */ | ||
774 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
775 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
776 | + goto err; | ||
777 | + } | ||
778 | + | ||
779 | + /* copy the truncated bits into plain buffer */ | ||
780 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
781 | + fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
782 | + goto err; | ||
783 | + } | ||
784 | + | ||
785 | + ret = ECDSA_SIG_new(); | ||
786 | + if (!ret) { | ||
787 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
788 | + goto err; | ||
789 | + } | ||
790 | + | ||
791 | + /* check if this is prime or binary EC request */ | ||
792 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
793 | + ec_crv = EC_PRIME; | ||
794 | + /* get the generator point pair */ | ||
795 | + if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), | ||
796 | + x, y,ctx)) { | ||
797 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
798 | + goto err; | ||
799 | + } | ||
800 | + | ||
801 | + /* get the ECC curve parameters */ | ||
802 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
803 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
804 | + goto err; | ||
805 | + } | ||
806 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { | ||
807 | + ec_crv = EC_BINARY; | ||
808 | + /* get the ECC curve parameters */ | ||
809 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
810 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
811 | + goto err; | ||
812 | + } | ||
813 | + | ||
814 | + /* get the generator point pair */ | ||
815 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
816 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
817 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
818 | + goto err; | ||
819 | + } | ||
820 | + } else { | ||
821 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
822 | + goto err; | ||
823 | + } | ||
824 | + | ||
825 | + if (spcf_bn2bin(order, &r, &r_len)) { | ||
826 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
827 | + goto err; | ||
828 | + } | ||
829 | + | ||
830 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
831 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
832 | + goto err; | ||
833 | + } | ||
834 | + | ||
835 | + priv_key_len = r_len; | ||
836 | + | ||
837 | + /** | ||
838 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
839 | + * add padding bytes before the key | ||
840 | + */ | ||
841 | + if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { | ||
842 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
843 | + goto err; | ||
844 | + } | ||
845 | + | ||
846 | + /* Generation of ECC curve parameters */ | ||
847 | + ab_len = 2*q_len; | ||
848 | + ab = eng_copy_curve_points(a, b, ab_len, q_len); | ||
849 | + if (!ab) { | ||
850 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
851 | + goto err; | ||
852 | + } | ||
853 | + | ||
854 | + if (ec_crv == EC_BINARY) { | ||
855 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
856 | + { | ||
857 | + unsigned char *c_temp = NULL; | ||
858 | + int c_temp_len = q_len; | ||
859 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
860 | + memcpy(ab+q_len, c_temp, q_len); | ||
861 | + else | ||
862 | + goto err; | ||
863 | + } | ||
864 | + kop.curve_type = ECC_BINARY; | ||
865 | + } | ||
866 | + | ||
867 | + /* Calculation of Generator point */ | ||
868 | + g_len = 2*q_len; | ||
869 | + g_xy = eng_copy_curve_points(x, y, g_len, q_len); | ||
870 | + if (!g_xy) { | ||
871 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
872 | + goto err; | ||
873 | + } | ||
874 | + | ||
875 | + /* Memory allocation for first part of digital signature */ | ||
876 | + c = malloc(r_len); | ||
877 | + if (!c) { | ||
878 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
879 | + goto err; | ||
880 | + } | ||
881 | + | ||
882 | + d_len = r_len; | ||
883 | + | ||
884 | + /* Memory allocation for second part of digital signature */ | ||
885 | + d = malloc(d_len); | ||
886 | + if (!d) { | ||
887 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
888 | + goto err; | ||
889 | + } | ||
890 | + | ||
891 | + /* memory for message representative */ | ||
892 | + f = malloc(r_len); | ||
893 | + if (!f) { | ||
894 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
895 | + goto err; | ||
896 | + } | ||
897 | + | ||
898 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
899 | + memset(f, 0, r_len - dgst_len); | ||
900 | + | ||
901 | + /* Skip leading bytes if dgst_len < r_len */ | ||
902 | + memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); | ||
903 | + | ||
904 | + dgst_len += r_len - dgst_len; | ||
905 | + kop.crk_op = CRK_DSA_SIGN; | ||
906 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
907 | + kop.crk_param[0].crp_p = f; | ||
908 | + kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
909 | + kop.crk_param[1].crp_p = q; | ||
910 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
911 | + kop.crk_param[2].crp_p = r; | ||
912 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
913 | + kop.crk_param[3].crp_p = g_xy; | ||
914 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
915 | + kop.crk_param[4].crp_p = s; | ||
916 | + kop.crk_param[4].crp_nbits = priv_key_len * 8; | ||
917 | + kop.crk_param[5].crp_p = ab; | ||
918 | + kop.crk_param[5].crp_nbits = ab_len * 8; | ||
919 | + kop.crk_iparams = 6; | ||
920 | + kop.crk_param[6].crp_p = c; | ||
921 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
922 | + kop.crk_param[7].crp_p = d; | ||
923 | + kop.crk_param[7].crp_nbits = d_len * 8; | ||
924 | + kop.crk_oparams = 2; | ||
925 | + | ||
926 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
927 | + /* Check if ret->r and s needs to allocated */ | ||
928 | + crparam2bn(&kop.crk_param[6], ret->r); | ||
929 | + crparam2bn(&kop.crk_param[7], ret->s); | ||
930 | + } else { | ||
931 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
932 | + ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); | ||
933 | + } | ||
934 | + kop.crk_param[0].crp_p = NULL; | ||
935 | + zapparams(&kop); | ||
936 | +err: | ||
937 | + if (!ret) { | ||
938 | + ECDSA_SIG_free(ret); | ||
939 | + ret = NULL; | ||
940 | + } | ||
941 | + return ret; | ||
942 | +} | ||
943 | + | ||
944 | +static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
945 | + ECDSA_SIG *sig, EC_KEY *eckey) | ||
946 | +{ | ||
947 | + BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; | ||
948 | + BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; | ||
949 | + BN_CTX *ctx = NULL; | ||
950 | + ECDSA_DATA *ecdsa = NULL; | ||
951 | + unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; | ||
952 | + unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
953 | + int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; | ||
954 | + int d_len = 0, ab_len = 0, ret = -1; | ||
955 | + const EC_POINT *pub_key = NULL; | ||
956 | + const BIGNUM *order = NULL; | ||
957 | + const EC_GROUP *group=NULL; | ||
958 | + ec_curve_t ec_crv = EC_PRIME; | ||
959 | + struct crypt_kop kop; | ||
960 | + | ||
961 | + memset(&kop, 0, sizeof kop); | ||
962 | + ecdsa = ecdsa_check(eckey); | ||
963 | + if (!ecdsa) { | ||
964 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
965 | + return ret; | ||
966 | + } | ||
967 | + | ||
968 | + group = EC_KEY_get0_group(eckey); | ||
969 | + pub_key = EC_KEY_get0_public_key(eckey); | ||
970 | + | ||
971 | + if (!group || !pub_key) { | ||
972 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
973 | + return ret; | ||
974 | + } | ||
975 | + | ||
976 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
977 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
978 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
979 | + (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || | ||
980 | + (w_y = BN_new()) == NULL) { | ||
981 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
982 | + goto err; | ||
983 | + } | ||
984 | + | ||
985 | + order = &group->order; | ||
986 | + if (!order || BN_is_zero(order)) { | ||
987 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); | ||
988 | + goto err; | ||
989 | + } | ||
990 | + | ||
991 | + i = BN_num_bits(order); | ||
992 | + /* Need to truncate digest if it is too long: first truncate whole | ||
993 | + * bytes */ | ||
994 | + if (8 * dgst_len > i) | ||
995 | + dgst_len = (i + 7)/8; | ||
996 | + | ||
997 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
998 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
999 | + goto err; | ||
1000 | + } | ||
1001 | + | ||
1002 | + /* If still too long truncate remaining bits with a shift */ | ||
1003 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
1004 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
1005 | + goto err; | ||
1006 | + } | ||
1007 | + /* copy the truncated bits into plain buffer */ | ||
1008 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
1009 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1010 | + goto err; | ||
1011 | + } | ||
1012 | + | ||
1013 | + /* check if this is prime or binary EC request */ | ||
1014 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
1015 | + ec_crv = EC_PRIME; | ||
1016 | + | ||
1017 | + /* get the generator point pair */ | ||
1018 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1019 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1020 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1021 | + goto err; | ||
1022 | + } | ||
1023 | + | ||
1024 | + /* get the public key pair for prime curve */ | ||
1025 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1026 | + pub_key, w_x, w_y,ctx)) { | ||
1027 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1028 | + goto err; | ||
1029 | + } | ||
1030 | + | ||
1031 | + /* get the ECC curve parameters */ | ||
1032 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1033 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1034 | + goto err; | ||
1035 | + } | ||
1036 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ | ||
1037 | + ec_crv = EC_BINARY; | ||
1038 | + /* get the ECC curve parameters */ | ||
1039 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1040 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1041 | + goto err; | ||
1042 | + } | ||
1043 | + | ||
1044 | + /* get the generator point pair */ | ||
1045 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1046 | + EC_GROUP_get0_generator(group),x, y,ctx)) { | ||
1047 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1048 | + goto err; | ||
1049 | + } | ||
1050 | + | ||
1051 | + /* get the public key pair for binary curve */ | ||
1052 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1053 | + pub_key, w_x, w_y,ctx)) { | ||
1054 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1055 | + goto err; | ||
1056 | + } | ||
1057 | + }else { | ||
1058 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1059 | + goto err; | ||
1060 | + } | ||
1061 | + | ||
1062 | + /* Get the order of the subgroup of private keys */ | ||
1063 | + if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { | ||
1064 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1065 | + goto err; | ||
1066 | + } | ||
1067 | + | ||
1068 | + /* Get the irreducible polynomial that creates the field */ | ||
1069 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1070 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1071 | + goto err; | ||
1072 | + } | ||
1073 | + | ||
1074 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1075 | + pub_key_len = 2 * q_len; | ||
1076 | + | ||
1077 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1078 | + if (!w_xy) { | ||
1079 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1080 | + goto err; | ||
1081 | + } | ||
1082 | + | ||
1083 | + /* Generation of ECC curve parameters */ | ||
1084 | + ab_len = 2*q_len; | ||
1085 | + | ||
1086 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1087 | + if (!ab) { | ||
1088 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1089 | + goto err; | ||
1090 | + } | ||
1091 | + | ||
1092 | + if (ec_crv == EC_BINARY) { | ||
1093 | + /* copy b' i.e c(b), instead of only b */ | ||
1094 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1095 | + { | ||
1096 | + unsigned char *c_temp = NULL; | ||
1097 | + int c_temp_len = q_len; | ||
1098 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1099 | + memcpy(ab+q_len, c_temp, q_len); | ||
1100 | + else | ||
1101 | + goto err; | ||
1102 | + } | ||
1103 | + kop.curve_type = ECC_BINARY; | ||
1104 | + } | ||
1105 | + | ||
1106 | + /* Calculation of Generator point */ | ||
1107 | + g_len = 2 * q_len; | ||
1108 | + | ||
1109 | + g_xy = eng_copy_curve_points (x, y, g_len, q_len); | ||
1110 | + if (!g_xy) { | ||
1111 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1112 | + goto err; | ||
1113 | + } | ||
1114 | + | ||
1115 | + /** | ||
1116 | + * Get the 1st part of signature into a flat buffer with | ||
1117 | + * appropriate padding | ||
1118 | + */ | ||
1119 | + if (BN_num_bytes(sig->r) < r_len) | ||
1120 | + c_len = r_len; | ||
1121 | + | ||
1122 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
1123 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1124 | + goto err; | ||
1125 | + } | ||
1126 | + | ||
1127 | + /** | ||
1128 | + * Get the 2nd part of signature into a flat buffer with | ||
1129 | + * appropriate padding | ||
1130 | + */ | ||
1131 | + if (BN_num_bytes(sig->s) < r_len) | ||
1132 | + d_len = r_len; | ||
1133 | + | ||
1134 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
1135 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1136 | + goto err; | ||
1137 | + } | ||
1138 | + | ||
1139 | + /* memory for message representative */ | ||
1140 | + f = malloc(r_len); | ||
1141 | + if (!f) { | ||
1142 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1143 | + goto err; | ||
1144 | + } | ||
1145 | + | ||
1146 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
1147 | + memset(f, 0, r_len-dgst_len); | ||
1148 | + | ||
1149 | + /* Skip leading bytes if dgst_len < r_len */ | ||
1150 | + memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
1151 | + dgst_len += r_len-dgst_len; | ||
1152 | + kop.crk_op = CRK_DSA_VERIFY; | ||
1153 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1154 | + kop.crk_param[0].crp_p = f; | ||
1155 | + kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
1156 | + kop.crk_param[1].crp_p = q; | ||
1157 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
1158 | + kop.crk_param[2].crp_p = r; | ||
1159 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
1160 | + kop.crk_param[3].crp_p = g_xy; | ||
1161 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
1162 | + kop.crk_param[4].crp_p = w_xy; | ||
1163 | + kop.crk_param[4].crp_nbits = pub_key_len * 8; | ||
1164 | + kop.crk_param[5].crp_p = ab; | ||
1165 | + kop.crk_param[5].crp_nbits = ab_len * 8; | ||
1166 | + kop.crk_param[6].crp_p = c; | ||
1167 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
1168 | + kop.crk_param[7].crp_p = d; | ||
1169 | + kop.crk_param[7].crp_nbits = d_len * 8; | ||
1170 | + kop.crk_iparams = 8; | ||
1171 | + | ||
1172 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
1173 | + /*OCF success value is 0, if not zero, change ret to fail*/ | ||
1174 | + if(0 == kop.crk_status) | ||
1175 | + ret = 1; | ||
1176 | + } else { | ||
1177 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1178 | + | ||
1179 | + ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
1180 | + } | ||
1181 | + kop.crk_param[0].crp_p = NULL; | ||
1182 | + zapparams(&kop); | ||
1183 | + | ||
1184 | +err: | ||
1185 | + return ret; | ||
1186 | +} | ||
1187 | + | ||
1188 | +static int cryptodev_dh_keygen(DH *dh) | ||
1189 | +{ | ||
1190 | + struct crypt_kop kop; | ||
1191 | + int ret = 1, g_len; | ||
1192 | + unsigned char *g = NULL; | ||
1193 | + | ||
1194 | + if (dh->priv_key == NULL) { | ||
1195 | + if ((dh->priv_key=BN_new()) == NULL) | ||
1196 | + goto sw_try; | ||
1197 | + } | ||
1198 | + | ||
1199 | + if (dh->pub_key == NULL) { | ||
1200 | + if ((dh->pub_key=BN_new()) == NULL) | ||
1201 | + goto sw_try; | ||
1202 | + } | ||
1203 | + | ||
1204 | + g_len = BN_num_bytes(dh->p); | ||
1205 | + /** | ||
1206 | + * Get generator into a plain buffer. If length is less than | ||
1207 | + * q_len then add leading padding bytes. | ||
1208 | + */ | ||
1209 | + if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
1210 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
1211 | + goto sw_try; | ||
1212 | + } | ||
1213 | + | ||
1214 | + memset(&kop, 0, sizeof kop); | ||
1215 | + kop.crk_op = CRK_DH_GENERATE_KEY; | ||
1216 | + if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
1217 | + goto sw_try; | ||
1218 | + if (bn2crparam(dh->q, &kop.crk_param[1])) | ||
1219 | + goto sw_try; | ||
1220 | + kop.crk_param[2].crp_p = g; | ||
1221 | + kop.crk_param[2].crp_nbits = g_len * 8; | ||
1222 | + kop.crk_iparams = 3; | ||
1223 | + | ||
1224 | + /* pub_key is or prime length while priv key is of length of order */ | ||
1225 | + if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, | ||
1226 | + BN_num_bytes(dh->q), dh->priv_key)) | ||
1227 | + goto sw_try; | ||
1228 | + | ||
1229 | + return ret; | ||
1230 | +sw_try: | ||
1231 | + { | ||
1232 | + const DH_METHOD *meth = DH_OpenSSL(); | ||
1233 | + ret = (meth->generate_key)(dh); | ||
1234 | + } | ||
1235 | + return ret; | ||
1236 | } | ||
1237 | |||
1238 | static int | ||
1239 | @@ -1503,43 +2310,234 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | ||
1240 | { | ||
1241 | struct crypt_kop kop; | ||
1242 | int dhret = 1; | ||
1243 | - int fd, keylen; | ||
1244 | + int fd, p_len; | ||
1245 | + BIGNUM *temp = NULL; | ||
1246 | + unsigned char *padded_pub_key = NULL, *p = NULL; | ||
1247 | + | ||
1248 | + if ((fd = get_asym_dev_crypto()) < 0) | ||
1249 | + goto sw_try; | ||
1250 | + | ||
1251 | + memset(&kop, 0, sizeof kop); | ||
1252 | + kop.crk_op = CRK_DH_COMPUTE_KEY; | ||
1253 | + /* inputs: dh->priv_key pub_key dh->p key */ | ||
1254 | + spcf_bn2bin(dh->p, &p, &p_len); | ||
1255 | + spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); | ||
1256 | + if (bn2crparam(dh->priv_key, &kop.crk_param[0])) | ||
1257 | + goto sw_try; | ||
1258 | + | ||
1259 | + kop.crk_param[1].crp_p = padded_pub_key; | ||
1260 | + kop.crk_param[1].crp_nbits = p_len * 8; | ||
1261 | + kop.crk_param[2].crp_p = p; | ||
1262 | + kop.crk_param[2].crp_nbits = p_len * 8; | ||
1263 | + kop.crk_iparams = 3; | ||
1264 | + kop.crk_param[3].crp_p = (void*) key; | ||
1265 | + kop.crk_param[3].crp_nbits = p_len * 8; | ||
1266 | + kop.crk_oparams = 1; | ||
1267 | + dhret = p_len; | ||
1268 | + | ||
1269 | + if (ioctl(fd, CIOCKEY, &kop)) | ||
1270 | + goto sw_try; | ||
1271 | |||
1272 | - if ((fd = get_asym_dev_crypto()) < 0) { | ||
1273 | + if ((temp = BN_new())) { | ||
1274 | + if (!BN_bin2bn(key, p_len, temp)) { | ||
1275 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
1276 | + goto sw_try; | ||
1277 | + } | ||
1278 | + if (dhret > BN_num_bytes(temp)) | ||
1279 | + dhret=BN_bn2bin(temp,key); | ||
1280 | + BN_free(temp); | ||
1281 | + } | ||
1282 | + | ||
1283 | + kop.crk_param[3].crp_p = NULL; | ||
1284 | + zapparams(&kop); | ||
1285 | + return (dhret); | ||
1286 | +sw_try: | ||
1287 | + { | ||
1288 | const DH_METHOD *meth = DH_OpenSSL(); | ||
1289 | |||
1290 | - return ((meth->compute_key)(key, pub_key, dh)); | ||
1291 | + dhret = (meth->compute_key)(key, pub_key, dh); | ||
1292 | } | ||
1293 | + return (dhret); | ||
1294 | +} | ||
1295 | |||
1296 | - keylen = BN_num_bits(dh->p); | ||
1297 | +int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
1298 | + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
1299 | + void *out, size_t *outlen)) | ||
1300 | +{ | ||
1301 | + ec_curve_t ec_crv = EC_PRIME; | ||
1302 | + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
1303 | + BIGNUM * w_x = NULL, *w_y = NULL; | ||
1304 | + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
1305 | + BIGNUM * p = NULL, *a = NULL, *b = NULL; | ||
1306 | + BN_CTX *ctx; | ||
1307 | + EC_POINT *tmp=NULL; | ||
1308 | + BIGNUM *x=NULL, *y=NULL; | ||
1309 | + const BIGNUM *priv_key; | ||
1310 | + const EC_GROUP* group = NULL; | ||
1311 | + int ret = -1; | ||
1312 | + size_t buflen, len; | ||
1313 | + struct crypt_kop kop; | ||
1314 | |||
1315 | memset(&kop, 0, sizeof kop); | ||
1316 | - kop.crk_op = CRK_DH_COMPUTE_KEY; | ||
1317 | |||
1318 | - /* inputs: dh->priv_key pub_key dh->p key */ | ||
1319 | - if (bn2crparam(dh->priv_key, &kop.crk_param[0])) | ||
1320 | + if ((ctx = BN_CTX_new()) == NULL) goto err; | ||
1321 | + BN_CTX_start(ctx); | ||
1322 | + x = BN_CTX_get(ctx); | ||
1323 | + y = BN_CTX_get(ctx); | ||
1324 | + p = BN_CTX_get(ctx); | ||
1325 | + a = BN_CTX_get(ctx); | ||
1326 | + b = BN_CTX_get(ctx); | ||
1327 | + w_x = BN_CTX_get(ctx); | ||
1328 | + w_y = BN_CTX_get(ctx); | ||
1329 | + | ||
1330 | + if (!x || !y || !p || !a || !b || !w_x || !w_y) { | ||
1331 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1332 | goto err; | ||
1333 | - if (bn2crparam(pub_key, &kop.crk_param[1])) | ||
1334 | + } | ||
1335 | + | ||
1336 | + priv_key = EC_KEY_get0_private_key(ecdh); | ||
1337 | + if (priv_key == NULL) { | ||
1338 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); | ||
1339 | goto err; | ||
1340 | - if (bn2crparam(dh->p, &kop.crk_param[2])) | ||
1341 | + } | ||
1342 | + | ||
1343 | + group = EC_KEY_get0_group(ecdh); | ||
1344 | + if ((tmp=EC_POINT_new(group)) == NULL) { | ||
1345 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1346 | goto err; | ||
1347 | - kop.crk_iparams = 3; | ||
1348 | + } | ||
1349 | |||
1350 | - kop.crk_param[3].crp_p = (caddr_t) key; | ||
1351 | - kop.crk_param[3].crp_nbits = keylen * 8; | ||
1352 | - kop.crk_oparams = 1; | ||
1353 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == | ||
1354 | + NID_X9_62_prime_field) { | ||
1355 | + ec_crv = EC_PRIME; | ||
1356 | |||
1357 | - if (ioctl(fd, CIOCKEY, &kop) == -1) { | ||
1358 | - const DH_METHOD *meth = DH_OpenSSL(); | ||
1359 | + if (!EC_POINT_get_affine_coordinates_GFp(group, | ||
1360 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1361 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1362 | + goto err; | ||
1363 | + } | ||
1364 | |||
1365 | - dhret = (meth->compute_key)(key, pub_key, dh); | ||
1366 | + /* get the ECC curve parameters */ | ||
1367 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1368 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1369 | + goto err; | ||
1370 | + } | ||
1371 | + | ||
1372 | + /* get the public key pair for prime curve */ | ||
1373 | + if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { | ||
1374 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1375 | + goto err; | ||
1376 | + } | ||
1377 | + } else { | ||
1378 | + ec_crv = EC_BINARY; | ||
1379 | + | ||
1380 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1381 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1382 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1383 | + goto err; | ||
1384 | + } | ||
1385 | + | ||
1386 | + /* get the ECC curve parameters */ | ||
1387 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1388 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1389 | + goto err; | ||
1390 | + } | ||
1391 | + | ||
1392 | + /* get the public key pair for binary curve */ | ||
1393 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1394 | + pub_key, w_x, w_y,ctx)) { | ||
1395 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1396 | + goto err; | ||
1397 | + } | ||
1398 | + } | ||
1399 | + | ||
1400 | + /* irreducible polynomial that creates the field */ | ||
1401 | + if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { | ||
1402 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1403 | + goto err; | ||
1404 | + } | ||
1405 | + | ||
1406 | + /* Get the irreducible polynomial that creates the field */ | ||
1407 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1408 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1409 | + goto err; | ||
1410 | } | ||
1411 | + | ||
1412 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1413 | + pub_key_len = 2 * q_len; | ||
1414 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1415 | + if (!w_xy) { | ||
1416 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1417 | + goto err; | ||
1418 | + } | ||
1419 | + | ||
1420 | + /* Generation of ECC curve parameters */ | ||
1421 | + ab_len = 2*q_len; | ||
1422 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1423 | + if (!ab) { | ||
1424 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1425 | + goto err; | ||
1426 | + } | ||
1427 | + | ||
1428 | + if (ec_crv == EC_BINARY) { | ||
1429 | + /* copy b' i.e c(b), instead of only b */ | ||
1430 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1431 | + { | ||
1432 | + unsigned char *c_temp = NULL; | ||
1433 | + int c_temp_len = q_len; | ||
1434 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1435 | + memcpy(ab+q_len, c_temp, q_len); | ||
1436 | + else | ||
1437 | + goto err; | ||
1438 | + } | ||
1439 | + kop.curve_type = ECC_BINARY; | ||
1440 | + } else | ||
1441 | + kop.curve_type = ECC_PRIME; | ||
1442 | + | ||
1443 | + priv_key_len = r_len; | ||
1444 | + | ||
1445 | + /* | ||
1446 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
1447 | + * add padding bytes before the key | ||
1448 | + */ | ||
1449 | + if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { | ||
1450 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1451 | + goto err; | ||
1452 | + } | ||
1453 | + | ||
1454 | + buflen = (EC_GROUP_get_degree(group) + 7)/8; | ||
1455 | + len = BN_num_bytes(x); | ||
1456 | + if (len > buflen || q_len < buflen) { | ||
1457 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); | ||
1458 | + goto err; | ||
1459 | + } | ||
1460 | + | ||
1461 | + kop.crk_op = CRK_DH_COMPUTE_KEY; | ||
1462 | + kop.crk_param[0].crp_p = (void*) s; | ||
1463 | + kop.crk_param[0].crp_nbits = priv_key_len*8; | ||
1464 | + kop.crk_param[1].crp_p = (void*) w_xy; | ||
1465 | + kop.crk_param[1].crp_nbits = pub_key_len*8; | ||
1466 | + kop.crk_param[2].crp_p = (void*) q; | ||
1467 | + kop.crk_param[2].crp_nbits = q_len*8; | ||
1468 | + kop.crk_param[3].crp_p = (void*) ab; | ||
1469 | + kop.crk_param[3].crp_nbits = ab_len*8; | ||
1470 | + kop.crk_iparams = 4; | ||
1471 | + kop.crk_param[4].crp_p = (void*) out; | ||
1472 | + kop.crk_param[4].crp_nbits = q_len*8; | ||
1473 | + kop.crk_oparams = 1; | ||
1474 | + ret = q_len; | ||
1475 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL)) { | ||
1476 | + const ECDH_METHOD *meth = ECDH_OpenSSL(); | ||
1477 | + ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); | ||
1478 | + } else | ||
1479 | + ret = q_len; | ||
1480 | err: | ||
1481 | - kop.crk_param[3].crp_p = NULL; | ||
1482 | + kop.crk_param[4].crp_p = NULL; | ||
1483 | zapparams(&kop); | ||
1484 | - return (dhret); | ||
1485 | + return ret; | ||
1486 | } | ||
1487 | |||
1488 | + | ||
1489 | static DH_METHOD cryptodev_dh = { | ||
1490 | "cryptodev DH method", | ||
1491 | NULL, /* cryptodev_dh_generate_key */ | ||
1492 | @@ -1551,6 +2549,14 @@ static DH_METHOD cryptodev_dh = { | ||
1493 | NULL /* app_data */ | ||
1494 | }; | ||
1495 | |||
1496 | +static ECDH_METHOD cryptodev_ecdh = { | ||
1497 | + "cryptodev ECDH method", | ||
1498 | + NULL, /* cryptodev_ecdh_compute_key */ | ||
1499 | + NULL, | ||
1500 | + 0, /* flags */ | ||
1501 | + NULL /* app_data */ | ||
1502 | +}; | ||
1503 | + | ||
1504 | /* | ||
1505 | * ctrl right now is just a wrapper that doesn't do much | ||
1506 | * but I expect we'll want some options soon. | ||
1507 | @@ -1634,25 +2640,42 @@ ENGINE_load_cryptodev(void) | ||
1508 | memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); | ||
1509 | if (cryptodev_asymfeat & CRF_DSA_SIGN) | ||
1510 | cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; | ||
1511 | - if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
1512 | - cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; | ||
1513 | - cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; | ||
1514 | - } | ||
1515 | if (cryptodev_asymfeat & CRF_DSA_VERIFY) | ||
1516 | cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; | ||
1517 | + if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) | ||
1518 | + cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; | ||
1519 | } | ||
1520 | |||
1521 | if (ENGINE_set_DH(engine, &cryptodev_dh)){ | ||
1522 | const DH_METHOD *dh_meth = DH_OpenSSL(); | ||
1523 | + memcpy(&cryptodev_dh, dh_meth, sizeof(DH_METHOD)); | ||
1524 | + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1525 | + cryptodev_dh.compute_key = | ||
1526 | + cryptodev_dh_compute_key; | ||
1527 | + } | ||
1528 | + if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { | ||
1529 | + cryptodev_dh.generate_key = | ||
1530 | + cryptodev_dh_keygen; | ||
1531 | + } | ||
1532 | + } | ||
1533 | |||
1534 | - cryptodev_dh.generate_key = dh_meth->generate_key; | ||
1535 | - cryptodev_dh.compute_key = dh_meth->compute_key; | ||
1536 | - cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; | ||
1537 | - if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
1538 | - cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; | ||
1539 | - if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) | ||
1540 | - cryptodev_dh.compute_key = | ||
1541 | - cryptodev_dh_compute_key; | ||
1542 | + if (ENGINE_set_ECDSA(engine, &cryptodev_ecdsa)) { | ||
1543 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1544 | + memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); | ||
1545 | + if (cryptodev_asymfeat & CRF_DSA_SIGN) { | ||
1546 | + cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; | ||
1547 | + } | ||
1548 | + if (cryptodev_asymfeat & CRF_DSA_VERIFY) { | ||
1549 | + cryptodev_ecdsa.ecdsa_do_verify = | ||
1550 | + cryptodev_ecdsa_verify; | ||
1551 | + } | ||
1552 | + } | ||
1553 | + | ||
1554 | + if (ENGINE_set_ECDH(engine, &cryptodev_ecdh)) { | ||
1555 | + const ECDH_METHOD *ecdh_meth = ECDH_OpenSSL(); | ||
1556 | + memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); | ||
1557 | + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1558 | + cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; | ||
1559 | } | ||
1560 | } | ||
1561 | |||
1562 | -- | ||
1563 | 2.3.5 | ||
1564 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch b/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch new file mode 100644 index 00000000..0fb01821 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | From 81c4c62a4f5f5542843381bfb34e39a6171d5cdd Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 06:42:59 +0545 | ||
4 | Subject: [PATCH 09/26] Added hwrng dev file as source of RNG | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | e_os.h | 2 +- | ||
11 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
12 | |||
13 | diff --git a/e_os.h b/e_os.h | ||
14 | index 6a0aad1..57c0563 100644 | ||
15 | --- a/e_os.h | ||
16 | +++ b/e_os.h | ||
17 | @@ -79,7 +79,7 @@ extern "C" { | ||
18 | #ifndef DEVRANDOM | ||
19 | /* set this to a comma-separated list of 'random' device files to try out. | ||
20 | * My default, we will try to read at least one of these files */ | ||
21 | -#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" | ||
22 | +#define DEVRANDOM "/dev/hwrng","/dev/urandom","/dev/random","/dev/srandom" | ||
23 | #endif | ||
24 | #ifndef DEVRANDOM_EGD | ||
25 | /* set this to a comma-seperated list of 'egd' sockets to try out. These | ||
26 | -- | ||
27 | 2.3.5 | ||
28 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch b/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch new file mode 100644 index 00000000..0f889c0f --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch | |||
@@ -0,0 +1,2039 @@ | |||
1 | From a933e6341fd8989bdd82f8a5446b6f04aa00eef9 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 07:14:30 +0545 | ||
4 | Subject: [PATCH 10/26] Asynchronous interface added for PKC cryptodev | ||
5 | interface | ||
6 | |||
7 | Upstream-status: Pending | ||
8 | |||
9 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
10 | --- | ||
11 | crypto/crypto.h | 16 + | ||
12 | crypto/dh/dh.h | 4 +- | ||
13 | crypto/dsa/dsa.h | 5 + | ||
14 | crypto/ecdh/ech_locl.h | 3 + | ||
15 | crypto/ecdsa/ecs_locl.h | 5 + | ||
16 | crypto/engine/eng_cryptodev.c | 1578 +++++++++++++++++++++++++++++++++++++---- | ||
17 | crypto/engine/eng_int.h | 24 +- | ||
18 | crypto/engine/eng_lib.c | 46 ++ | ||
19 | crypto/engine/engine.h | 24 + | ||
20 | crypto/rsa/rsa.h | 23 + | ||
21 | 10 files changed, 1582 insertions(+), 146 deletions(-) | ||
22 | |||
23 | diff --git a/crypto/crypto.h b/crypto/crypto.h | ||
24 | index f92fc51..ce12731 100644 | ||
25 | --- a/crypto/crypto.h | ||
26 | +++ b/crypto/crypto.h | ||
27 | @@ -605,6 +605,22 @@ void ERR_load_CRYPTO_strings(void); | ||
28 | #define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 | ||
29 | #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 | ||
30 | |||
31 | +/* Additions for Asynchronous PKC Infrastructure */ | ||
32 | +struct pkc_cookie_s { | ||
33 | + void *cookie; /* To be filled by openssl library primitive method function caller */ | ||
34 | + void *eng_cookie; /* To be filled by Engine */ | ||
35 | + /* | ||
36 | + * Callback handler to be provided by caller. Ensure to pass a | ||
37 | + * handler which takes the crypto operation to completion. | ||
38 | + * cookie: Container cookie from library | ||
39 | + * status: Status of the crypto Job completion. | ||
40 | + * 0: Job handled without any issue | ||
41 | + * -EINVAL: Parameters Invalid | ||
42 | + */ | ||
43 | + void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); | ||
44 | + void *eng_handle; | ||
45 | +}; | ||
46 | + | ||
47 | #ifdef __cplusplus | ||
48 | } | ||
49 | #endif | ||
50 | diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h | ||
51 | index ea59e61..20ffad2 100644 | ||
52 | --- a/crypto/dh/dh.h | ||
53 | +++ b/crypto/dh/dh.h | ||
54 | @@ -118,7 +118,9 @@ struct dh_method | ||
55 | int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||
56 | const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
57 | BN_MONT_CTX *m_ctx); /* Can be null */ | ||
58 | - | ||
59 | + int (*compute_key_async)(unsigned char *key,const BIGNUM *pub_key,DH *dh, | ||
60 | + struct pkc_cookie_s *cookie); | ||
61 | + int (*generate_key_async)(DH *dh, struct pkc_cookie_s *cookie); | ||
62 | int (*init)(DH *dh); | ||
63 | int (*finish)(DH *dh); | ||
64 | int flags; | ||
65 | diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h | ||
66 | index a6f6d0b..b04a029 100644 | ||
67 | --- a/crypto/dsa/dsa.h | ||
68 | +++ b/crypto/dsa/dsa.h | ||
69 | @@ -140,6 +140,10 @@ struct dsa_method | ||
70 | int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
71 | const BIGNUM *m, BN_CTX *ctx, | ||
72 | BN_MONT_CTX *m_ctx); /* Can be null */ | ||
73 | + int (*dsa_do_sign_async)(const unsigned char *dgst, int dlen, DSA *dsa, | ||
74 | + DSA_SIG *sig, struct pkc_cookie_s *cookie); | ||
75 | + int (*dsa_do_verify_async)(const unsigned char *dgst, int dgst_len, | ||
76 | + DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie); | ||
77 | int (*init)(DSA *dsa); | ||
78 | int (*finish)(DSA *dsa); | ||
79 | int flags; | ||
80 | @@ -151,6 +155,7 @@ struct dsa_method | ||
81 | BN_GENCB *cb); | ||
82 | /* If this is non-NULL, it is used to generate DSA keys */ | ||
83 | int (*dsa_keygen)(DSA *dsa); | ||
84 | + int (*dsa_keygen_async)(DSA *dsa, struct pkc_cookie_s *cookie); | ||
85 | }; | ||
86 | |||
87 | struct dsa_st | ||
88 | diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h | ||
89 | index f6cad6a..adce6b3 100644 | ||
90 | --- a/crypto/ecdh/ech_locl.h | ||
91 | +++ b/crypto/ecdh/ech_locl.h | ||
92 | @@ -67,6 +67,9 @@ struct ecdh_method | ||
93 | const char *name; | ||
94 | int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, | ||
95 | void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); | ||
96 | + int (*compute_key_async)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, | ||
97 | + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen), | ||
98 | + struct pkc_cookie_s *cookie); | ||
99 | #if 0 | ||
100 | int (*init)(EC_KEY *eckey); | ||
101 | int (*finish)(EC_KEY *eckey); | ||
102 | diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h | ||
103 | index cb3be13..eb0ebe0 100644 | ||
104 | --- a/crypto/ecdsa/ecs_locl.h | ||
105 | +++ b/crypto/ecdsa/ecs_locl.h | ||
106 | @@ -74,6 +74,11 @@ struct ecdsa_method | ||
107 | BIGNUM **r); | ||
108 | int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, | ||
109 | const ECDSA_SIG *sig, EC_KEY *eckey); | ||
110 | + int (*ecdsa_do_sign_async)(const unsigned char *dgst, int dgst_len, | ||
111 | + const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey, | ||
112 | + ECDSA_SIG *sig, struct pkc_cookie_s *cookie); | ||
113 | + int (*ecdsa_do_verify_async)(const unsigned char *dgst, int dgst_len, | ||
114 | + const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie); | ||
115 | #if 0 | ||
116 | int (*init)(EC_KEY *eckey); | ||
117 | int (*finish)(EC_KEY *eckey); | ||
118 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
119 | index 7ee314b..9f2416e 100644 | ||
120 | --- a/crypto/engine/eng_cryptodev.c | ||
121 | +++ b/crypto/engine/eng_cryptodev.c | ||
122 | @@ -1281,6 +1281,56 @@ zapparams(struct crypt_kop *kop) | ||
123 | } | ||
124 | } | ||
125 | |||
126 | +/* Any PKC request has at max 2 output parameters and they are stored here to | ||
127 | +be used while copying in the check availability */ | ||
128 | +struct cryptodev_cookie_s { | ||
129 | + BIGNUM *r; | ||
130 | + struct crparam r_param; | ||
131 | + BIGNUM *s; | ||
132 | + struct crparam s_param; | ||
133 | + struct crypt_kop *kop; | ||
134 | +}; | ||
135 | + | ||
136 | +static int | ||
137 | +cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, | ||
138 | + BIGNUM *s) | ||
139 | +{ | ||
140 | + int fd; | ||
141 | + struct pkc_cookie_s *cookie = kop->cookie; | ||
142 | + struct cryptodev_cookie_s *eng_cookie; | ||
143 | + | ||
144 | + fd = *(int *)cookie->eng_handle; | ||
145 | + | ||
146 | + eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); | ||
147 | + | ||
148 | + if (eng_cookie) { | ||
149 | + memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); | ||
150 | + if (r) { | ||
151 | + kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); | ||
152 | + if (!kop->crk_param[kop->crk_iparams].crp_p) | ||
153 | + return -ENOMEM; | ||
154 | + kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; | ||
155 | + kop->crk_oparams++; | ||
156 | + eng_cookie->r = r; | ||
157 | + eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; | ||
158 | + } | ||
159 | + if (s) { | ||
160 | + kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); | ||
161 | + if (!kop->crk_param[kop->crk_iparams+1].crp_p) | ||
162 | + return -ENOMEM; | ||
163 | + kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; | ||
164 | + kop->crk_oparams++; | ||
165 | + eng_cookie->s = s; | ||
166 | + eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; | ||
167 | + } | ||
168 | + } else | ||
169 | + return -ENOMEM; | ||
170 | + | ||
171 | + eng_cookie->kop = kop; | ||
172 | + cookie->eng_cookie = eng_cookie; | ||
173 | + return ioctl(fd, CIOCASYMASYNCRYPT, kop); | ||
174 | +} | ||
175 | + | ||
176 | static int | ||
177 | cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | ||
178 | { | ||
179 | @@ -1337,6 +1387,44 @@ void *cryptodev_init_instance(void) | ||
180 | return fd; | ||
181 | } | ||
182 | |||
183 | +#include <poll.h> | ||
184 | + | ||
185 | +/* Return 0 on success and 1 on failure */ | ||
186 | +int cryptodev_check_availability(void *eng_handle) | ||
187 | +{ | ||
188 | + int fd = *(int *)eng_handle; | ||
189 | + struct pkc_cookie_list_s cookie_list; | ||
190 | + struct pkc_cookie_s *cookie; | ||
191 | + int i; | ||
192 | + | ||
193 | + /* FETCH COOKIE returns number of cookies extracted */ | ||
194 | + if (ioctl(fd, CIOCASYMFETCHCOOKIE, &cookie_list) <= 0) | ||
195 | + return 1; | ||
196 | + | ||
197 | + for (i = 0; i < cookie_list.cookie_available; i++) { | ||
198 | + cookie = cookie_list.cookie[i]; | ||
199 | + if (cookie) { | ||
200 | + struct cryptodev_cookie_s *eng_cookie = cookie->eng_cookie; | ||
201 | + if (eng_cookie) { | ||
202 | + struct crypt_kop *kop = eng_cookie->kop; | ||
203 | + | ||
204 | + if (eng_cookie->r) | ||
205 | + crparam2bn(&eng_cookie->r_param, eng_cookie->r); | ||
206 | + if (eng_cookie->s) | ||
207 | + crparam2bn(&eng_cookie->s_param, eng_cookie->s); | ||
208 | + if (kop->crk_op == CRK_DH_COMPUTE_KEY) | ||
209 | + kop->crk_oparams = 0; | ||
210 | + | ||
211 | + zapparams(eng_cookie->kop); | ||
212 | + free(eng_cookie->kop); | ||
213 | + free (eng_cookie); | ||
214 | + } | ||
215 | + cookie->pkc_callback(cookie, cookie_list.status[i]); | ||
216 | + } | ||
217 | + } | ||
218 | + return 0; | ||
219 | +} | ||
220 | + | ||
221 | static int | ||
222 | cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
223 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | ||
224 | @@ -1382,6 +1470,63 @@ err: | ||
225 | } | ||
226 | |||
227 | static int | ||
228 | +cryptodev_bn_mod_exp_async(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
229 | + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, struct pkc_cookie_s *cookie) | ||
230 | +{ | ||
231 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
232 | + int ret = 1; | ||
233 | + | ||
234 | + /* Currently, we know we can do mod exp iff we can do any | ||
235 | + * asymmetric operations at all. | ||
236 | + */ | ||
237 | + if (cryptodev_asymfeat == 0 || !kop) { | ||
238 | + ret = BN_mod_exp(r, a, p, m, ctx); | ||
239 | + return (ret); | ||
240 | + } | ||
241 | + | ||
242 | + kop->crk_oparams = 0; | ||
243 | + kop->crk_status = 0; | ||
244 | + kop->crk_op = CRK_MOD_EXP; | ||
245 | + kop->cookie = cookie; | ||
246 | + /* inputs: a^p % m */ | ||
247 | + if (bn2crparam(a, &kop->crk_param[0])) | ||
248 | + goto err; | ||
249 | + if (bn2crparam(p, &kop->crk_param[1])) | ||
250 | + goto err; | ||
251 | + if (bn2crparam(m, &kop->crk_param[2])) | ||
252 | + goto err; | ||
253 | + | ||
254 | + kop->crk_iparams = 3; | ||
255 | + if (cryptodev_asym_async(kop, BN_num_bytes(m), r, 0, NULL)) | ||
256 | + goto err; | ||
257 | + | ||
258 | + return ret; | ||
259 | +err: | ||
260 | + { | ||
261 | + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
262 | + | ||
263 | + if (kop) | ||
264 | + free(kop); | ||
265 | + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); | ||
266 | + if (ret) | ||
267 | + /* Call the completion handler immediately */ | ||
268 | + cookie->pkc_callback(cookie, 0); | ||
269 | + } | ||
270 | + return ret; | ||
271 | +} | ||
272 | + | ||
273 | +static int | ||
274 | +cryptodev_rsa_nocrt_mod_exp_async(BIGNUM *r0, const BIGNUM *I, | ||
275 | + RSA *rsa, BN_CTX *ctx, struct pkc_cookie_s *cookie) | ||
276 | +{ | ||
277 | + int r; | ||
278 | + ctx = BN_CTX_new(); | ||
279 | + r = cryptodev_bn_mod_exp_async(r0, I, rsa->d, rsa->n, ctx, NULL, cookie); | ||
280 | + BN_CTX_free(ctx); | ||
281 | + return r; | ||
282 | +} | ||
283 | + | ||
284 | +static int | ||
285 | cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | ||
286 | { | ||
287 | int r; | ||
288 | @@ -1446,6 +1591,62 @@ err: | ||
289 | return (ret); | ||
290 | } | ||
291 | |||
292 | +static int | ||
293 | +cryptodev_rsa_mod_exp_async(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx, | ||
294 | + struct pkc_cookie_s *cookie) | ||
295 | +{ | ||
296 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
297 | + int ret = 1, f_len, p_len, q_len; | ||
298 | + unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; | ||
299 | + | ||
300 | + if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp || !kop) { | ||
301 | + return (0); | ||
302 | + } | ||
303 | + | ||
304 | + kop->crk_oparams = 0; | ||
305 | + kop->crk_status = 0; | ||
306 | + kop->crk_op = CRK_MOD_EXP_CRT; | ||
307 | + f_len = BN_num_bytes(rsa->n); | ||
308 | + spcf_bn2bin_ex(I, &f, &f_len); | ||
309 | + spcf_bn2bin(rsa->p, &p, &p_len); | ||
310 | + spcf_bn2bin(rsa->q, &q, &q_len); | ||
311 | + spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); | ||
312 | + spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); | ||
313 | + spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); | ||
314 | + /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ | ||
315 | + kop->crk_param[0].crp_p = p; | ||
316 | + kop->crk_param[0].crp_nbits = p_len * 8; | ||
317 | + kop->crk_param[1].crp_p = q; | ||
318 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
319 | + kop->crk_param[2].crp_p = f; | ||
320 | + kop->crk_param[2].crp_nbits = f_len * 8; | ||
321 | + kop->crk_param[3].crp_p = dp; | ||
322 | + kop->crk_param[3].crp_nbits = p_len * 8; | ||
323 | + /* dq must of length q, rest all of length p*/ | ||
324 | + kop->crk_param[4].crp_p = dq; | ||
325 | + kop->crk_param[4].crp_nbits = q_len * 8; | ||
326 | + kop->crk_param[5].crp_p = c; | ||
327 | + kop->crk_param[5].crp_nbits = p_len * 8; | ||
328 | + kop->crk_iparams = 6; | ||
329 | + kop->cookie = cookie; | ||
330 | + if (cryptodev_asym_async(kop, BN_num_bytes(rsa->n), r0, 0, NULL)) | ||
331 | + goto err; | ||
332 | + | ||
333 | + return ret; | ||
334 | +err: | ||
335 | + { | ||
336 | + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
337 | + | ||
338 | + if (kop) | ||
339 | + free(kop); | ||
340 | + ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); | ||
341 | + if (ret) | ||
342 | + /* Call user completion handler immediately */ | ||
343 | + cookie->pkc_callback(cookie, 0); | ||
344 | + } | ||
345 | + return (ret); | ||
346 | +} | ||
347 | + | ||
348 | static RSA_METHOD cryptodev_rsa = { | ||
349 | "cryptodev RSA method", | ||
350 | NULL, /* rsa_pub_enc */ | ||
351 | @@ -1454,6 +1655,12 @@ static RSA_METHOD cryptodev_rsa = { | ||
352 | NULL, /* rsa_priv_dec */ | ||
353 | NULL, | ||
354 | NULL, | ||
355 | + NULL, /* rsa_pub_enc */ | ||
356 | + NULL, /* rsa_pub_dec */ | ||
357 | + NULL, /* rsa_priv_enc */ | ||
358 | + NULL, /* rsa_priv_dec */ | ||
359 | + NULL, | ||
360 | + NULL, | ||
361 | NULL, /* init */ | ||
362 | NULL, /* finish */ | ||
363 | 0, /* flags */ | ||
364 | @@ -1751,126 +1958,424 @@ sw_try: | ||
365 | return ret; | ||
366 | } | ||
367 | |||
368 | +/* Cryptodev DSA Key Gen routine */ | ||
369 | +static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) | ||
370 | +{ | ||
371 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
372 | + int ret = 1, g_len; | ||
373 | + unsigned char *g = NULL; | ||
374 | |||
375 | + if (!kop) | ||
376 | + goto sw_try; | ||
377 | |||
378 | -static DSA_METHOD cryptodev_dsa = { | ||
379 | - "cryptodev DSA method", | ||
380 | - NULL, | ||
381 | - NULL, /* dsa_sign_setup */ | ||
382 | - NULL, | ||
383 | - NULL, /* dsa_mod_exp */ | ||
384 | - NULL, | ||
385 | - NULL, /* init */ | ||
386 | - NULL, /* finish */ | ||
387 | - 0, /* flags */ | ||
388 | - NULL /* app_data */ | ||
389 | -}; | ||
390 | + if (dsa->priv_key == NULL) { | ||
391 | + if ((dsa->priv_key=BN_new()) == NULL) | ||
392 | + goto sw_try; | ||
393 | + } | ||
394 | |||
395 | -static ECDSA_METHOD cryptodev_ecdsa = { | ||
396 | - "cryptodev ECDSA method", | ||
397 | - NULL, | ||
398 | - NULL, /* ecdsa_sign_setup */ | ||
399 | - NULL, | ||
400 | - NULL, | ||
401 | - 0, /* flags */ | ||
402 | - NULL /* app_data */ | ||
403 | -}; | ||
404 | + if (dsa->pub_key == NULL) { | ||
405 | + if ((dsa->pub_key=BN_new()) == NULL) | ||
406 | + goto sw_try; | ||
407 | + } | ||
408 | |||
409 | -typedef enum ec_curve_s | ||
410 | -{ | ||
411 | - EC_PRIME, | ||
412 | - EC_BINARY | ||
413 | -} ec_curve_t; | ||
414 | + g_len = BN_num_bytes(dsa->p); | ||
415 | + /** | ||
416 | + * Get generator into a plain buffer. If length is less than | ||
417 | + * q_len then add leading padding bytes. | ||
418 | + */ | ||
419 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
420 | + DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
421 | + goto sw_try; | ||
422 | + } | ||
423 | |||
424 | -/* ENGINE handler for ECDSA Sign */ | ||
425 | -static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
426 | - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
427 | -{ | ||
428 | - BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
429 | - BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
430 | - BN_CTX *ctx = NULL; | ||
431 | - ECDSA_SIG *ret = NULL; | ||
432 | - ECDSA_DATA *ecdsa = NULL; | ||
433 | - unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
434 | - unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
435 | - int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
436 | - int g_len = 0, d_len = 0, ab_len = 0; | ||
437 | - const BIGNUM *order = NULL, *priv_key=NULL; | ||
438 | - const EC_GROUP *group = NULL; | ||
439 | - struct crypt_kop kop; | ||
440 | - ec_curve_t ec_crv = EC_PRIME; | ||
441 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
442 | + kop->crk_op = CRK_DSA_GENERATE_KEY; | ||
443 | + if (bn2crparam(dsa->p, &kop->crk_param[0])) | ||
444 | + goto sw_try; | ||
445 | + if (bn2crparam(dsa->q, &kop->crk_param[1])) | ||
446 | + goto sw_try; | ||
447 | + kop->crk_param[2].crp_p = g; | ||
448 | + kop->crk_param[2].crp_nbits = g_len * 8; | ||
449 | + kop->crk_iparams = 3; | ||
450 | + kop->cookie = cookie; | ||
451 | |||
452 | - memset(&kop, 0, sizeof(kop)); | ||
453 | - ecdsa = ecdsa_check(eckey); | ||
454 | - if (!ecdsa) { | ||
455 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
456 | - return NULL; | ||
457 | + /* pub_key is or prime length while priv key is of length of order */ | ||
458 | + if (cryptodev_asym_async(kop, BN_num_bytes(dsa->p), dsa->pub_key, | ||
459 | + BN_num_bytes(dsa->q), dsa->priv_key)) | ||
460 | + goto sw_try; | ||
461 | + | ||
462 | + return ret; | ||
463 | +sw_try: | ||
464 | + { | ||
465 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
466 | + | ||
467 | + if (kop) | ||
468 | + free(kop); | ||
469 | + ret = (meth->dsa_keygen)(dsa); | ||
470 | + cookie->pkc_callback(cookie, 0); | ||
471 | } | ||
472 | + return ret; | ||
473 | +} | ||
474 | |||
475 | - group = EC_KEY_get0_group(eckey); | ||
476 | - priv_key = EC_KEY_get0_private_key(eckey); | ||
477 | +static int | ||
478 | +cryptodev_dsa_do_sign_async(const unsigned char *dgst, int dlen, DSA *dsa, | ||
479 | + DSA_SIG *sig, struct pkc_cookie_s *cookie) | ||
480 | +{ | ||
481 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
482 | + DSA_SIG *dsaret = NULL; | ||
483 | + int q_len = 0, r_len = 0, g_len = 0; | ||
484 | + int priv_key_len = 0, ret = 1; | ||
485 | + unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; | ||
486 | |||
487 | - if (!group || !priv_key) { | ||
488 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
489 | - return NULL; | ||
490 | + if (((sig->r = BN_new()) == NULL) || !kop) { | ||
491 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
492 | + goto err; | ||
493 | } | ||
494 | |||
495 | - if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
496 | - (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
497 | - (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
498 | - (y = BN_new()) == NULL) { | ||
499 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
500 | + if ((sig->s = BN_new()) == NULL) { | ||
501 | + BN_free(sig->r); | ||
502 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
503 | goto err; | ||
504 | } | ||
505 | |||
506 | - order = &group->order; | ||
507 | - if (!order || BN_is_zero(order)) { | ||
508 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
509 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
510 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
511 | goto err; | ||
512 | } | ||
513 | |||
514 | - i = BN_num_bits(order); | ||
515 | - /* Need to truncate digest if it is too long: first truncate whole | ||
516 | - bytes */ | ||
517 | - if (8 * dgst_len > i) | ||
518 | - dgst_len = (i + 7)/8; | ||
519 | + /* Get order of the field of private keys into plain buffer */ | ||
520 | + if (spcf_bn2bin (dsa->q, &r, &r_len)) { | ||
521 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
522 | + goto err; | ||
523 | + } | ||
524 | |||
525 | - if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
526 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
527 | + /* sanity test */ | ||
528 | + if (dlen > r_len) { | ||
529 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
530 | goto err; | ||
531 | } | ||
532 | |||
533 | - /* If still too long truncate remaining bits with a shift */ | ||
534 | - if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
535 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
536 | + g_len = q_len; | ||
537 | + /** | ||
538 | + * Get generator into a plain buffer. If length is less than | ||
539 | + * q_len then add leading padding bytes. | ||
540 | + */ | ||
541 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
542 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
543 | goto err; | ||
544 | } | ||
545 | |||
546 | - /* copy the truncated bits into plain buffer */ | ||
547 | - if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
548 | - fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
549 | + priv_key_len = r_len; | ||
550 | + /** | ||
551 | + * Get private key into a plain buffer. If length is less than | ||
552 | + * r_len then add leading padding bytes. | ||
553 | + */ | ||
554 | + if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { | ||
555 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
556 | goto err; | ||
557 | } | ||
558 | |||
559 | - ret = ECDSA_SIG_new(); | ||
560 | - if (!ret) { | ||
561 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
562 | + /* Allocate memory to store hash. */ | ||
563 | + f = OPENSSL_malloc (r_len); | ||
564 | + if (!f) { | ||
565 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
566 | goto err; | ||
567 | } | ||
568 | |||
569 | - /* check if this is prime or binary EC request */ | ||
570 | - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
571 | - ec_crv = EC_PRIME; | ||
572 | - /* get the generator point pair */ | ||
573 | - if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), | ||
574 | - x, y,ctx)) { | ||
575 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
576 | - goto err; | ||
577 | - } | ||
578 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
579 | + if (dlen < r_len) | ||
580 | + memset(f, 0, r_len - dlen); | ||
581 | |||
582 | - /* get the ECC curve parameters */ | ||
583 | - if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
584 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
585 | + /* Skip leading bytes if dgst_len < r_len */ | ||
586 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
587 | + | ||
588 | + dlen = r_len; | ||
589 | + | ||
590 | + memset(kop, 0, sizeof( struct crypt_kop)); | ||
591 | + kop->crk_op = CRK_DSA_SIGN; | ||
592 | + | ||
593 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
594 | + kop->crk_param[0].crp_p = (void*)f; | ||
595 | + kop->crk_param[0].crp_nbits = dlen * 8; | ||
596 | + kop->crk_param[1].crp_p = (void*)q; | ||
597 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
598 | + kop->crk_param[2].crp_p = (void*)r; | ||
599 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
600 | + kop->crk_param[3].crp_p = (void*)g; | ||
601 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
602 | + kop->crk_param[4].crp_p = (void*)priv_key; | ||
603 | + kop->crk_param[4].crp_nbits = priv_key_len * 8; | ||
604 | + kop->crk_iparams = 5; | ||
605 | + kop->cookie = cookie; | ||
606 | + | ||
607 | + if (cryptodev_asym_async(kop, r_len, sig->r, r_len, sig->s)) | ||
608 | + goto err; | ||
609 | + | ||
610 | + return ret; | ||
611 | +err: | ||
612 | + { | ||
613 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
614 | + | ||
615 | + if (kop) | ||
616 | + free(kop); | ||
617 | + BN_free(sig->r); | ||
618 | + BN_free(sig->s); | ||
619 | + dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | ||
620 | + sig->r = dsaret->r; | ||
621 | + sig->s = dsaret->s; | ||
622 | + /* Call user callback immediately */ | ||
623 | + cookie->pkc_callback(cookie, 0); | ||
624 | + ret = dsaret; | ||
625 | + } | ||
626 | + return ret; | ||
627 | +} | ||
628 | + | ||
629 | +static int | ||
630 | +cryptodev_dsa_verify_async(const unsigned char *dgst, int dlen, | ||
631 | + DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie) | ||
632 | +{ | ||
633 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
634 | + int q_len = 0, r_len = 0, g_len = 0; | ||
635 | + int w_len = 0 ,c_len = 0, d_len = 0, ret = 1; | ||
636 | + unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; | ||
637 | + unsigned char *c = NULL, * d = NULL, *f = NULL; | ||
638 | + | ||
639 | + if (!kop) | ||
640 | + goto err; | ||
641 | + | ||
642 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
643 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
644 | + return ret; | ||
645 | + } | ||
646 | + | ||
647 | + /* Get Order of field of private keys */ | ||
648 | + if (spcf_bn2bin(dsa->q, &r, &r_len)) { | ||
649 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
650 | + goto err; | ||
651 | + } | ||
652 | + | ||
653 | + g_len = q_len; | ||
654 | + /** | ||
655 | + * Get generator into a plain buffer. If length is less than | ||
656 | + * q_len then add leading padding bytes. | ||
657 | + */ | ||
658 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
659 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
660 | + goto err; | ||
661 | + } | ||
662 | + w_len = q_len; | ||
663 | + /** | ||
664 | + * Get public key into a plain buffer. If length is less than | ||
665 | + * q_len then add leading padding bytes. | ||
666 | + */ | ||
667 | + if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { | ||
668 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
669 | + goto err; | ||
670 | + } | ||
671 | + /** | ||
672 | + * Get the 1st part of signature into a flat buffer with | ||
673 | + * appropriate padding | ||
674 | + */ | ||
675 | + c_len = r_len; | ||
676 | + | ||
677 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
678 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
679 | + goto err; | ||
680 | + } | ||
681 | + | ||
682 | + /** | ||
683 | + * Get the 2nd part of signature into a flat buffer with | ||
684 | + * appropriate padding | ||
685 | + */ | ||
686 | + d_len = r_len; | ||
687 | + | ||
688 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
689 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
690 | + goto err; | ||
691 | + } | ||
692 | + | ||
693 | + | ||
694 | + /* Sanity test */ | ||
695 | + if (dlen > r_len) { | ||
696 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
697 | + goto err; | ||
698 | + } | ||
699 | + | ||
700 | + /* Allocate memory to store hash. */ | ||
701 | + f = OPENSSL_malloc (r_len); | ||
702 | + if (!f) { | ||
703 | + DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
704 | + goto err; | ||
705 | + } | ||
706 | + | ||
707 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
708 | + if (dlen < r_len) | ||
709 | + memset(f, 0, r_len - dlen); | ||
710 | + | ||
711 | + /* Skip leading bytes if dgst_len < r_len */ | ||
712 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
713 | + | ||
714 | + dlen = r_len; | ||
715 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
716 | + | ||
717 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ | ||
718 | + kop->crk_param[0].crp_p = (void*)f; | ||
719 | + kop->crk_param[0].crp_nbits = dlen * 8; | ||
720 | + kop->crk_param[1].crp_p = q; | ||
721 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
722 | + kop->crk_param[2].crp_p = r; | ||
723 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
724 | + kop->crk_param[3].crp_p = g; | ||
725 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
726 | + kop->crk_param[4].crp_p = w; | ||
727 | + kop->crk_param[4].crp_nbits = w_len * 8; | ||
728 | + kop->crk_param[5].crp_p = c; | ||
729 | + kop->crk_param[5].crp_nbits = c_len * 8; | ||
730 | + kop->crk_param[6].crp_p = d; | ||
731 | + kop->crk_param[6].crp_nbits = d_len * 8; | ||
732 | + kop->crk_iparams = 7; | ||
733 | + kop->crk_op = CRK_DSA_VERIFY; | ||
734 | + kop->cookie = cookie; | ||
735 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
736 | + goto err; | ||
737 | + | ||
738 | + return ret; | ||
739 | +err: | ||
740 | + { | ||
741 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
742 | + | ||
743 | + if (kop) | ||
744 | + free(kop); | ||
745 | + | ||
746 | + ret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); | ||
747 | + cookie->pkc_callback(cookie, 0); | ||
748 | + } | ||
749 | + return ret; | ||
750 | +} | ||
751 | + | ||
752 | +static DSA_METHOD cryptodev_dsa = { | ||
753 | + "cryptodev DSA method", | ||
754 | + NULL, | ||
755 | + NULL, /* dsa_sign_setup */ | ||
756 | + NULL, | ||
757 | + NULL, /* dsa_mod_exp */ | ||
758 | + NULL, | ||
759 | + NULL, | ||
760 | + NULL, | ||
761 | + NULL, | ||
762 | + NULL, /* init */ | ||
763 | + NULL, /* finish */ | ||
764 | + 0, /* flags */ | ||
765 | + NULL /* app_data */ | ||
766 | +}; | ||
767 | + | ||
768 | +static ECDSA_METHOD cryptodev_ecdsa = { | ||
769 | + "cryptodev ECDSA method", | ||
770 | + NULL, | ||
771 | + NULL, /* ecdsa_sign_setup */ | ||
772 | + NULL, | ||
773 | + NULL, | ||
774 | + NULL, | ||
775 | + NULL, | ||
776 | + 0, /* flags */ | ||
777 | + NULL /* app_data */ | ||
778 | +}; | ||
779 | + | ||
780 | +typedef enum ec_curve_s | ||
781 | +{ | ||
782 | + EC_PRIME, | ||
783 | + EC_BINARY | ||
784 | +} ec_curve_t; | ||
785 | + | ||
786 | +/* ENGINE handler for ECDSA Sign */ | ||
787 | +static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
788 | + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
789 | +{ | ||
790 | + BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
791 | + BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
792 | + BN_CTX *ctx = NULL; | ||
793 | + ECDSA_SIG *ret = NULL; | ||
794 | + ECDSA_DATA *ecdsa = NULL; | ||
795 | + unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
796 | + unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
797 | + int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
798 | + int g_len = 0, d_len = 0, ab_len = 0; | ||
799 | + const BIGNUM *order = NULL, *priv_key=NULL; | ||
800 | + const EC_GROUP *group = NULL; | ||
801 | + struct crypt_kop kop; | ||
802 | + ec_curve_t ec_crv = EC_PRIME; | ||
803 | + | ||
804 | + memset(&kop, 0, sizeof(kop)); | ||
805 | + ecdsa = ecdsa_check(eckey); | ||
806 | + if (!ecdsa) { | ||
807 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
808 | + return NULL; | ||
809 | + } | ||
810 | + | ||
811 | + group = EC_KEY_get0_group(eckey); | ||
812 | + priv_key = EC_KEY_get0_private_key(eckey); | ||
813 | + | ||
814 | + if (!group || !priv_key) { | ||
815 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
816 | + return NULL; | ||
817 | + } | ||
818 | + | ||
819 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
820 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
821 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
822 | + (y = BN_new()) == NULL) { | ||
823 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
824 | + goto err; | ||
825 | + } | ||
826 | + | ||
827 | + order = &group->order; | ||
828 | + if (!order || BN_is_zero(order)) { | ||
829 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
830 | + goto err; | ||
831 | + } | ||
832 | + | ||
833 | + i = BN_num_bits(order); | ||
834 | + /* Need to truncate digest if it is too long: first truncate whole | ||
835 | + bytes */ | ||
836 | + if (8 * dgst_len > i) | ||
837 | + dgst_len = (i + 7)/8; | ||
838 | + | ||
839 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
840 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
841 | + goto err; | ||
842 | + } | ||
843 | + | ||
844 | + /* If still too long truncate remaining bits with a shift */ | ||
845 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
846 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
847 | + goto err; | ||
848 | + } | ||
849 | + | ||
850 | + /* copy the truncated bits into plain buffer */ | ||
851 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
852 | + fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
853 | + goto err; | ||
854 | + } | ||
855 | + | ||
856 | + ret = ECDSA_SIG_new(); | ||
857 | + if (!ret) { | ||
858 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
859 | + goto err; | ||
860 | + } | ||
861 | + | ||
862 | + /* check if this is prime or binary EC request */ | ||
863 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
864 | + ec_crv = EC_PRIME; | ||
865 | + /* get the generator point pair */ | ||
866 | + if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), | ||
867 | + x, y,ctx)) { | ||
868 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
869 | + goto err; | ||
870 | + } | ||
871 | + | ||
872 | + /* get the ECC curve parameters */ | ||
873 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
874 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
875 | goto err; | ||
876 | } | ||
877 | } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { | ||
878 | @@ -2195,63 +2700,581 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
879 | } | ||
880 | |||
881 | /** | ||
882 | - * Get the 2nd part of signature into a flat buffer with | ||
883 | - * appropriate padding | ||
884 | + * Get the 2nd part of signature into a flat buffer with | ||
885 | + * appropriate padding | ||
886 | + */ | ||
887 | + if (BN_num_bytes(sig->s) < r_len) | ||
888 | + d_len = r_len; | ||
889 | + | ||
890 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
891 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
892 | + goto err; | ||
893 | + } | ||
894 | + | ||
895 | + /* memory for message representative */ | ||
896 | + f = malloc(r_len); | ||
897 | + if (!f) { | ||
898 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
899 | + goto err; | ||
900 | + } | ||
901 | + | ||
902 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
903 | + memset(f, 0, r_len-dgst_len); | ||
904 | + | ||
905 | + /* Skip leading bytes if dgst_len < r_len */ | ||
906 | + memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
907 | + dgst_len += r_len-dgst_len; | ||
908 | + kop.crk_op = CRK_DSA_VERIFY; | ||
909 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
910 | + kop.crk_param[0].crp_p = f; | ||
911 | + kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
912 | + kop.crk_param[1].crp_p = q; | ||
913 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
914 | + kop.crk_param[2].crp_p = r; | ||
915 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
916 | + kop.crk_param[3].crp_p = g_xy; | ||
917 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
918 | + kop.crk_param[4].crp_p = w_xy; | ||
919 | + kop.crk_param[4].crp_nbits = pub_key_len * 8; | ||
920 | + kop.crk_param[5].crp_p = ab; | ||
921 | + kop.crk_param[5].crp_nbits = ab_len * 8; | ||
922 | + kop.crk_param[6].crp_p = c; | ||
923 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
924 | + kop.crk_param[7].crp_p = d; | ||
925 | + kop.crk_param[7].crp_nbits = d_len * 8; | ||
926 | + kop.crk_iparams = 8; | ||
927 | + | ||
928 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
929 | + /*OCF success value is 0, if not zero, change ret to fail*/ | ||
930 | + if(0 == kop.crk_status) | ||
931 | + ret = 1; | ||
932 | + } else { | ||
933 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
934 | + | ||
935 | + ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
936 | + } | ||
937 | + kop.crk_param[0].crp_p = NULL; | ||
938 | + zapparams(&kop); | ||
939 | + | ||
940 | +err: | ||
941 | + return ret; | ||
942 | +} | ||
943 | + | ||
944 | +static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, | ||
945 | + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey, | ||
946 | + ECDSA_SIG *sig, struct pkc_cookie_s *cookie) | ||
947 | +{ | ||
948 | + BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
949 | + BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
950 | + BN_CTX *ctx = NULL; | ||
951 | + ECDSA_SIG *sig_ret = NULL; | ||
952 | + ECDSA_DATA *ecdsa = NULL; | ||
953 | + unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
954 | + unsigned char * s = NULL, *f = NULL, *tmp_dgst = NULL; | ||
955 | + int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
956 | + int g_len = 0, ab_len = 0, ret = 1; | ||
957 | + const BIGNUM *order = NULL, *priv_key=NULL; | ||
958 | + const EC_GROUP *group = NULL; | ||
959 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
960 | + ec_curve_t ec_crv = EC_PRIME; | ||
961 | + | ||
962 | + if (!(sig->r = BN_new()) || !kop) | ||
963 | + goto err; | ||
964 | + if ((sig->s = BN_new()) == NULL) { | ||
965 | + BN_free(r); | ||
966 | + goto err; | ||
967 | + } | ||
968 | + | ||
969 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
970 | + ecdsa = ecdsa_check(eckey); | ||
971 | + if (!ecdsa) { | ||
972 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
973 | + goto err; | ||
974 | + } | ||
975 | + | ||
976 | + group = EC_KEY_get0_group(eckey); | ||
977 | + priv_key = EC_KEY_get0_private_key(eckey); | ||
978 | + | ||
979 | + if (!group || !priv_key) { | ||
980 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
981 | + goto err; | ||
982 | + } | ||
983 | + | ||
984 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
985 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
986 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
987 | + (y = BN_new()) == NULL) { | ||
988 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
989 | + goto err; | ||
990 | + } | ||
991 | + | ||
992 | + order = &group->order; | ||
993 | + if (!order || BN_is_zero(order)) { | ||
994 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
995 | + goto err; | ||
996 | + } | ||
997 | + | ||
998 | + i = BN_num_bits(order); | ||
999 | + /* Need to truncate digest if it is too long: first truncate whole | ||
1000 | + bytes */ | ||
1001 | + if (8 * dgst_len > i) | ||
1002 | + dgst_len = (i + 7)/8; | ||
1003 | + | ||
1004 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
1005 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
1006 | + goto err; | ||
1007 | + } | ||
1008 | + | ||
1009 | + /* If still too long truncate remaining bits with a shift */ | ||
1010 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
1011 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
1012 | + goto err; | ||
1013 | + } | ||
1014 | + | ||
1015 | + /* copy the truncated bits into plain buffer */ | ||
1016 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
1017 | + fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
1018 | + goto err; | ||
1019 | + } | ||
1020 | + | ||
1021 | + /* check if this is prime or binary EC request */ | ||
1022 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) | ||
1023 | + == NID_X9_62_prime_field) { | ||
1024 | + ec_crv = EC_PRIME; | ||
1025 | + /* get the generator point pair */ | ||
1026 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1027 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1028 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1029 | + goto err; | ||
1030 | + } | ||
1031 | + | ||
1032 | + /* get the ECC curve parameters */ | ||
1033 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
1034 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1035 | + goto err; | ||
1036 | + } | ||
1037 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { | ||
1038 | + ec_crv = EC_BINARY; | ||
1039 | + /* get the ECC curve parameters */ | ||
1040 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1041 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1042 | + goto err; | ||
1043 | + } | ||
1044 | + | ||
1045 | + /* get the generator point pair */ | ||
1046 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1047 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1048 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1049 | + goto err; | ||
1050 | + } | ||
1051 | + } else { | ||
1052 | + printf("Unsupported Curve\n"); | ||
1053 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1054 | + goto err; | ||
1055 | + } | ||
1056 | + | ||
1057 | + if (spcf_bn2bin(order, &r, &r_len)) { | ||
1058 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1059 | + goto err; | ||
1060 | + } | ||
1061 | + | ||
1062 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1063 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1064 | + goto err; | ||
1065 | + } | ||
1066 | + | ||
1067 | + priv_key_len = r_len; | ||
1068 | + | ||
1069 | + /** | ||
1070 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
1071 | + * add padding bytes before the key | ||
1072 | + */ | ||
1073 | + if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { | ||
1074 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1075 | + goto err; | ||
1076 | + } | ||
1077 | + | ||
1078 | + /* Generation of ECC curve parameters */ | ||
1079 | + ab_len = 2*q_len; | ||
1080 | + ab = eng_copy_curve_points(a, b, ab_len, q_len); | ||
1081 | + if (!ab) { | ||
1082 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1083 | + goto err; | ||
1084 | + } | ||
1085 | + | ||
1086 | + if (ec_crv == EC_BINARY) { | ||
1087 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1088 | + { | ||
1089 | + unsigned char *c_temp = NULL; | ||
1090 | + int c_temp_len = q_len; | ||
1091 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1092 | + memcpy(ab+q_len, c_temp, q_len); | ||
1093 | + else | ||
1094 | + goto err; | ||
1095 | + } | ||
1096 | + kop->curve_type = ECC_BINARY; | ||
1097 | + } | ||
1098 | + | ||
1099 | + /* Calculation of Generator point */ | ||
1100 | + g_len = 2*q_len; | ||
1101 | + g_xy = eng_copy_curve_points(x, y, g_len, q_len); | ||
1102 | + if (!g_xy) { | ||
1103 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1104 | + goto err; | ||
1105 | + } | ||
1106 | + | ||
1107 | + /* memory for message representative */ | ||
1108 | + f = malloc(r_len); | ||
1109 | + if (!f) { | ||
1110 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1111 | + goto err; | ||
1112 | + } | ||
1113 | + | ||
1114 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
1115 | + memset(f, 0, r_len - dgst_len); | ||
1116 | + | ||
1117 | + /* Skip leading bytes if dgst_len < r_len */ | ||
1118 | + memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); | ||
1119 | + | ||
1120 | + dgst_len += r_len - dgst_len; | ||
1121 | + | ||
1122 | + kop->crk_op = CRK_DSA_SIGN; | ||
1123 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1124 | + kop->crk_param[0].crp_p = f; | ||
1125 | + kop->crk_param[0].crp_nbits = dgst_len * 8; | ||
1126 | + kop->crk_param[1].crp_p = q; | ||
1127 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
1128 | + kop->crk_param[2].crp_p = r; | ||
1129 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
1130 | + kop->crk_param[3].crp_p = g_xy; | ||
1131 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
1132 | + kop->crk_param[4].crp_p = s; | ||
1133 | + kop->crk_param[4].crp_nbits = priv_key_len * 8; | ||
1134 | + kop->crk_param[5].crp_p = ab; | ||
1135 | + kop->crk_param[5].crp_nbits = ab_len * 8; | ||
1136 | + kop->crk_iparams = 6; | ||
1137 | + kop->cookie = cookie; | ||
1138 | + | ||
1139 | + if (cryptodev_asym_async(kop, r_len, sig->r , r_len, sig->s)) | ||
1140 | + goto err; | ||
1141 | + | ||
1142 | + return ret; | ||
1143 | +err: | ||
1144 | + { | ||
1145 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1146 | + BN_free(sig->r); | ||
1147 | + BN_free(sig->s); | ||
1148 | + if (kop) | ||
1149 | + free(kop); | ||
1150 | + sig_ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); | ||
1151 | + sig->r = sig_ret->r; | ||
1152 | + sig->s = sig_ret->s; | ||
1153 | + cookie->pkc_callback(cookie, 0); | ||
1154 | + } | ||
1155 | + return ret; | ||
1156 | +} | ||
1157 | + | ||
1158 | +static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, | ||
1159 | + const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie) | ||
1160 | +{ | ||
1161 | + BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; | ||
1162 | + BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; | ||
1163 | + BN_CTX *ctx = NULL; | ||
1164 | + ECDSA_DATA *ecdsa = NULL; | ||
1165 | + unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; | ||
1166 | + unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
1167 | + int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; | ||
1168 | + int d_len = 0, ab_len = 0, ret = 1; | ||
1169 | + const EC_POINT *pub_key = NULL; | ||
1170 | + const BIGNUM *order = NULL; | ||
1171 | + const EC_GROUP *group=NULL; | ||
1172 | + ec_curve_t ec_crv = EC_PRIME; | ||
1173 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1174 | + | ||
1175 | + if (!kop) | ||
1176 | + goto err; | ||
1177 | + | ||
1178 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1179 | + ecdsa = ecdsa_check(eckey); | ||
1180 | + if (!ecdsa) { | ||
1181 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
1182 | + goto err; | ||
1183 | + } | ||
1184 | + | ||
1185 | + group = EC_KEY_get0_group(eckey); | ||
1186 | + pub_key = EC_KEY_get0_public_key(eckey); | ||
1187 | + | ||
1188 | + if (!group || !pub_key) { | ||
1189 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
1190 | + goto err; | ||
1191 | + } | ||
1192 | + | ||
1193 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
1194 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
1195 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
1196 | + (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || | ||
1197 | + (w_y = BN_new()) == NULL) { | ||
1198 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1199 | + goto err; | ||
1200 | + } | ||
1201 | + | ||
1202 | + order = &group->order; | ||
1203 | + if (!order || BN_is_zero(order)) { | ||
1204 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); | ||
1205 | + goto err; | ||
1206 | + } | ||
1207 | + | ||
1208 | + i = BN_num_bits(order); | ||
1209 | + /* Need to truncate digest if it is too long: first truncate whole | ||
1210 | + * bytes */ | ||
1211 | + if (8 * dgst_len > i) | ||
1212 | + dgst_len = (i + 7)/8; | ||
1213 | + | ||
1214 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
1215 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
1216 | + goto err; | ||
1217 | + } | ||
1218 | + | ||
1219 | + /* If still too long truncate remaining bits with a shift */ | ||
1220 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
1221 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
1222 | + goto err; | ||
1223 | + } | ||
1224 | + /* copy the truncated bits into plain buffer */ | ||
1225 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
1226 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1227 | + goto err; | ||
1228 | + } | ||
1229 | + | ||
1230 | + /* check if this is prime or binary EC request */ | ||
1231 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
1232 | + ec_crv = EC_PRIME; | ||
1233 | + | ||
1234 | + /* get the generator point pair */ | ||
1235 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1236 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1237 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1238 | + goto err; | ||
1239 | + } | ||
1240 | + | ||
1241 | + /* get the public key pair for prime curve */ | ||
1242 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1243 | + pub_key, w_x, w_y,ctx)) { | ||
1244 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1245 | + goto err; | ||
1246 | + } | ||
1247 | + | ||
1248 | + /* get the ECC curve parameters */ | ||
1249 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1250 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1251 | + goto err; | ||
1252 | + } | ||
1253 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ | ||
1254 | + ec_crv = EC_BINARY; | ||
1255 | + /* get the ECC curve parameters */ | ||
1256 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1257 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1258 | + goto err; | ||
1259 | + } | ||
1260 | + | ||
1261 | + /* get the generator point pair */ | ||
1262 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1263 | + EC_GROUP_get0_generator(group),x, y,ctx)) { | ||
1264 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1265 | + goto err; | ||
1266 | + } | ||
1267 | + | ||
1268 | + /* get the public key pair for binary curve */ | ||
1269 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1270 | + pub_key, w_x, w_y,ctx)) { | ||
1271 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1272 | + goto err; | ||
1273 | + } | ||
1274 | + }else { | ||
1275 | + printf("Unsupported Curve\n"); | ||
1276 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1277 | + goto err; | ||
1278 | + } | ||
1279 | + | ||
1280 | + /* Get the order of the subgroup of private keys */ | ||
1281 | + if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { | ||
1282 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1283 | + goto err; | ||
1284 | + } | ||
1285 | + | ||
1286 | + /* Get the irreducible polynomial that creates the field */ | ||
1287 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1288 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1289 | + goto err; | ||
1290 | + } | ||
1291 | + | ||
1292 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1293 | + pub_key_len = 2 * q_len; | ||
1294 | + | ||
1295 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1296 | + if (!w_xy) { | ||
1297 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1298 | + goto err; | ||
1299 | + } | ||
1300 | + | ||
1301 | + /* Generation of ECC curve parameters */ | ||
1302 | + ab_len = 2*q_len; | ||
1303 | + | ||
1304 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1305 | + if (!ab) { | ||
1306 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1307 | + goto err; | ||
1308 | + } | ||
1309 | + | ||
1310 | + if (ec_crv == EC_BINARY) { | ||
1311 | + /* copy b' i.e c(b), instead of only b */ | ||
1312 | + eng_ec_get_cparam (EC_GROUP_get_curve_name(group), | ||
1313 | + ab+q_len, q_len); | ||
1314 | + kop->curve_type = ECC_BINARY; | ||
1315 | + } | ||
1316 | + | ||
1317 | + /* Calculation of Generator point */ | ||
1318 | + g_len = 2 * q_len; | ||
1319 | + | ||
1320 | + g_xy = eng_copy_curve_points (x, y, g_len, q_len); | ||
1321 | + if (!g_xy) { | ||
1322 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1323 | + goto err; | ||
1324 | + } | ||
1325 | + | ||
1326 | + /** | ||
1327 | + * Get the 1st part of signature into a flat buffer with | ||
1328 | + * appropriate padding | ||
1329 | + */ | ||
1330 | + if (BN_num_bytes(sig->r) < r_len) | ||
1331 | + c_len = r_len; | ||
1332 | + | ||
1333 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
1334 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1335 | + goto err; | ||
1336 | + } | ||
1337 | + | ||
1338 | + /** | ||
1339 | + * Get the 2nd part of signature into a flat buffer with | ||
1340 | + * appropriate padding | ||
1341 | + */ | ||
1342 | + if (BN_num_bytes(sig->s) < r_len) | ||
1343 | + d_len = r_len; | ||
1344 | + | ||
1345 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
1346 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1347 | + goto err; | ||
1348 | + } | ||
1349 | + | ||
1350 | + /* memory for message representative */ | ||
1351 | + f = malloc(r_len); | ||
1352 | + if (!f) { | ||
1353 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1354 | + goto err; | ||
1355 | + } | ||
1356 | + | ||
1357 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
1358 | + memset(f, 0, r_len-dgst_len); | ||
1359 | + | ||
1360 | + /* Skip leading bytes if dgst_len < r_len */ | ||
1361 | + memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
1362 | + | ||
1363 | + dgst_len += r_len-dgst_len; | ||
1364 | + | ||
1365 | + kop->crk_op = CRK_DSA_VERIFY; | ||
1366 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1367 | + kop->crk_param[0].crp_p = f; | ||
1368 | + kop->crk_param[0].crp_nbits = dgst_len * 8; | ||
1369 | + kop->crk_param[1].crp_p = q; | ||
1370 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
1371 | + kop->crk_param[2].crp_p = r; | ||
1372 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
1373 | + kop->crk_param[3].crp_p = g_xy; | ||
1374 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
1375 | + kop->crk_param[4].crp_p = w_xy; | ||
1376 | + kop->crk_param[4].crp_nbits = pub_key_len * 8; | ||
1377 | + kop->crk_param[5].crp_p = ab; | ||
1378 | + kop->crk_param[5].crp_nbits = ab_len * 8; | ||
1379 | + kop->crk_param[6].crp_p = c; | ||
1380 | + kop->crk_param[6].crp_nbits = d_len * 8; | ||
1381 | + kop->crk_param[7].crp_p = d; | ||
1382 | + kop->crk_param[7].crp_nbits = d_len * 8; | ||
1383 | + kop->crk_iparams = 8; | ||
1384 | + kop->cookie = cookie; | ||
1385 | + | ||
1386 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
1387 | + goto err; | ||
1388 | + | ||
1389 | + return ret; | ||
1390 | +err: | ||
1391 | + { | ||
1392 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1393 | + | ||
1394 | + if (kop) | ||
1395 | + free(kop); | ||
1396 | + ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
1397 | + cookie->pkc_callback(cookie, 0); | ||
1398 | + } | ||
1399 | + | ||
1400 | + return ret; | ||
1401 | +} | ||
1402 | + | ||
1403 | +/* Cryptodev DH Key Gen routine */ | ||
1404 | +static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) | ||
1405 | +{ | ||
1406 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1407 | + int ret = 1, g_len; | ||
1408 | + unsigned char *g = NULL; | ||
1409 | + | ||
1410 | + if (!kop) | ||
1411 | + goto sw_try; | ||
1412 | + | ||
1413 | + if (dh->priv_key == NULL) { | ||
1414 | + if ((dh->priv_key=BN_new()) == NULL) | ||
1415 | + goto sw_try; | ||
1416 | + } | ||
1417 | + | ||
1418 | + if (dh->pub_key == NULL) { | ||
1419 | + if ((dh->pub_key=BN_new()) == NULL) | ||
1420 | + goto sw_try; | ||
1421 | + } | ||
1422 | + | ||
1423 | + g_len = BN_num_bytes(dh->p); | ||
1424 | + /** | ||
1425 | + * Get generator into a plain buffer. If length is less than | ||
1426 | + * q_len then add leading padding bytes. | ||
1427 | */ | ||
1428 | - if (BN_num_bytes(sig->s) < r_len) | ||
1429 | - d_len = r_len; | ||
1430 | - | ||
1431 | - if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
1432 | - ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1433 | - goto err; | ||
1434 | - } | ||
1435 | - | ||
1436 | - /* memory for message representative */ | ||
1437 | - f = malloc(r_len); | ||
1438 | - if (!f) { | ||
1439 | - ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1440 | - goto err; | ||
1441 | + if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
1442 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
1443 | + goto sw_try; | ||
1444 | } | ||
1445 | |||
1446 | - /* Add padding, since SEC expects hash to of size r_len */ | ||
1447 | - memset(f, 0, r_len-dgst_len); | ||
1448 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1449 | + kop->crk_op = CRK_DH_GENERATE_KEY; | ||
1450 | + if (bn2crparam(dh->p, &kop->crk_param[0])) | ||
1451 | + goto sw_try; | ||
1452 | + if (bn2crparam(dh->q, &kop->crk_param[1])) | ||
1453 | + goto sw_try; | ||
1454 | + kop->crk_param[2].crp_p = g; | ||
1455 | + kop->crk_param[2].crp_nbits = g_len * 8; | ||
1456 | + kop->crk_iparams = 3; | ||
1457 | + kop->cookie = cookie; | ||
1458 | |||
1459 | - /* Skip leading bytes if dgst_len < r_len */ | ||
1460 | - memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
1461 | - dgst_len += r_len-dgst_len; | ||
1462 | - kop.crk_op = CRK_DSA_VERIFY; | ||
1463 | - /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1464 | - kop.crk_param[0].crp_p = f; | ||
1465 | - kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
1466 | - kop.crk_param[1].crp_p = q; | ||
1467 | - kop.crk_param[1].crp_nbits = q_len * 8; | ||
1468 | - kop.crk_param[2].crp_p = r; | ||
1469 | - kop.crk_param[2].crp_nbits = r_len * 8; | ||
1470 | - kop.crk_param[3].crp_p = g_xy; | ||
1471 | - kop.crk_param[3].crp_nbits = g_len * 8; | ||
1472 | - kop.crk_param[4].crp_p = w_xy; | ||
1473 | - kop.crk_param[4].crp_nbits = pub_key_len * 8; | ||
1474 | - kop.crk_param[5].crp_p = ab; | ||
1475 | - kop.crk_param[5].crp_nbits = ab_len * 8; | ||
1476 | - kop.crk_param[6].crp_p = c; | ||
1477 | - kop.crk_param[6].crp_nbits = d_len * 8; | ||
1478 | - kop.crk_param[7].crp_p = d; | ||
1479 | - kop.crk_param[7].crp_nbits = d_len * 8; | ||
1480 | - kop.crk_iparams = 8; | ||
1481 | + /* pub_key is or prime length while priv key is of length of order */ | ||
1482 | + if (cryptodev_asym_async(kop, BN_num_bytes(dh->p), dh->pub_key, | ||
1483 | + BN_num_bytes(dh->q), dh->priv_key)) | ||
1484 | + goto sw_try; | ||
1485 | |||
1486 | - if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
1487 | - /*OCF success value is 0, if not zero, change ret to fail*/ | ||
1488 | - if(0 == kop.crk_status) | ||
1489 | - ret = 1; | ||
1490 | - } else { | ||
1491 | - const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1492 | + return ret; | ||
1493 | +sw_try: | ||
1494 | + { | ||
1495 | + const DH_METHOD *meth = DH_OpenSSL(); | ||
1496 | |||
1497 | - ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
1498 | + if (kop) | ||
1499 | + free(kop); | ||
1500 | + ret = (meth->generate_key)(dh); | ||
1501 | + cookie->pkc_callback(cookie, 0); | ||
1502 | } | ||
1503 | - kop.crk_param[0].crp_p = NULL; | ||
1504 | - zapparams(&kop); | ||
1505 | - | ||
1506 | -err: | ||
1507 | return ret; | ||
1508 | } | ||
1509 | |||
1510 | @@ -2360,6 +3383,54 @@ sw_try: | ||
1511 | return (dhret); | ||
1512 | } | ||
1513 | |||
1514 | +/* Return Length if successful and 0 on failure */ | ||
1515 | +static int | ||
1516 | +cryptodev_dh_compute_key_async(unsigned char *key, const BIGNUM *pub_key, | ||
1517 | + DH *dh, struct pkc_cookie_s *cookie) | ||
1518 | +{ | ||
1519 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1520 | + int ret = 1; | ||
1521 | + int fd, p_len; | ||
1522 | + unsigned char *padded_pub_key = NULL, *p = NULL; | ||
1523 | + | ||
1524 | + fd = *(int *)cookie->eng_handle; | ||
1525 | + | ||
1526 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1527 | + kop->crk_op = CRK_DH_COMPUTE_KEY; | ||
1528 | + /* inputs: dh->priv_key pub_key dh->p key */ | ||
1529 | + spcf_bn2bin(dh->p, &p, &p_len); | ||
1530 | + spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); | ||
1531 | + | ||
1532 | + if (bn2crparam(dh->priv_key, &kop->crk_param[0])) | ||
1533 | + goto err; | ||
1534 | + kop->crk_param[1].crp_p = padded_pub_key; | ||
1535 | + kop->crk_param[1].crp_nbits = p_len * 8; | ||
1536 | + kop->crk_param[2].crp_p = p; | ||
1537 | + kop->crk_param[2].crp_nbits = p_len * 8; | ||
1538 | + kop->crk_iparams = 3; | ||
1539 | + | ||
1540 | + kop->cookie = cookie; | ||
1541 | + kop->crk_param[3].crp_p = (void*) key; | ||
1542 | + kop->crk_param[3].crp_nbits = p_len * 8; | ||
1543 | + kop->crk_oparams = 1; | ||
1544 | + | ||
1545 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
1546 | + goto err; | ||
1547 | + | ||
1548 | + return p_len; | ||
1549 | +err: | ||
1550 | + { | ||
1551 | + const DH_METHOD *meth = DH_OpenSSL(); | ||
1552 | + | ||
1553 | + if (kop) | ||
1554 | + free(kop); | ||
1555 | + ret = (meth->compute_key)(key, pub_key, dh); | ||
1556 | + /* Call user cookie handler */ | ||
1557 | + cookie->pkc_callback(cookie, 0); | ||
1558 | + } | ||
1559 | + return (ret); | ||
1560 | +} | ||
1561 | + | ||
1562 | int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
1563 | const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
1564 | void *out, size_t *outlen)) | ||
1565 | @@ -2537,6 +3608,190 @@ err: | ||
1566 | return ret; | ||
1567 | } | ||
1568 | |||
1569 | +int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, | ||
1570 | + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
1571 | + void *out, size_t *outlen), struct pkc_cookie_s *cookie) | ||
1572 | +{ | ||
1573 | + ec_curve_t ec_crv = EC_PRIME; | ||
1574 | + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
1575 | + BIGNUM * w_x = NULL, *w_y = NULL; | ||
1576 | + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
1577 | + BIGNUM * p = NULL, *a = NULL, *b = NULL; | ||
1578 | + BN_CTX *ctx; | ||
1579 | + EC_POINT *tmp=NULL; | ||
1580 | + BIGNUM *x=NULL, *y=NULL; | ||
1581 | + const BIGNUM *priv_key; | ||
1582 | + const EC_GROUP* group = NULL; | ||
1583 | + int ret = 1; | ||
1584 | + size_t buflen, len; | ||
1585 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1586 | + | ||
1587 | + if (!(ctx = BN_CTX_new()) || !kop) | ||
1588 | + goto err; | ||
1589 | + | ||
1590 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1591 | + | ||
1592 | + BN_CTX_start(ctx); | ||
1593 | + x = BN_CTX_get(ctx); | ||
1594 | + y = BN_CTX_get(ctx); | ||
1595 | + p = BN_CTX_get(ctx); | ||
1596 | + a = BN_CTX_get(ctx); | ||
1597 | + b = BN_CTX_get(ctx); | ||
1598 | + w_x = BN_CTX_get(ctx); | ||
1599 | + w_y = BN_CTX_get(ctx); | ||
1600 | + | ||
1601 | + if (!x || !y || !p || !a || !b || !w_x || !w_y) { | ||
1602 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1603 | + goto err; | ||
1604 | + } | ||
1605 | + | ||
1606 | + priv_key = EC_KEY_get0_private_key(ecdh); | ||
1607 | + if (priv_key == NULL) { | ||
1608 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); | ||
1609 | + goto err; | ||
1610 | + } | ||
1611 | + | ||
1612 | + group = EC_KEY_get0_group(ecdh); | ||
1613 | + if ((tmp=EC_POINT_new(group)) == NULL) { | ||
1614 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1615 | + goto err; | ||
1616 | + } | ||
1617 | + | ||
1618 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == | ||
1619 | + NID_X9_62_prime_field) { | ||
1620 | + ec_crv = EC_PRIME; | ||
1621 | + | ||
1622 | + if (!EC_POINT_get_affine_coordinates_GFp(group, | ||
1623 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1624 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1625 | + goto err; | ||
1626 | + } | ||
1627 | + | ||
1628 | + /* get the ECC curve parameters */ | ||
1629 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1630 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1631 | + goto err; | ||
1632 | + } | ||
1633 | + | ||
1634 | + /* get the public key pair for prime curve */ | ||
1635 | + if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { | ||
1636 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1637 | + goto err; | ||
1638 | + } | ||
1639 | + } else { | ||
1640 | + ec_crv = EC_BINARY; | ||
1641 | + | ||
1642 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1643 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1644 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1645 | + goto err; | ||
1646 | + } | ||
1647 | + | ||
1648 | + /* get the ECC curve parameters */ | ||
1649 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1650 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1651 | + goto err; | ||
1652 | + } | ||
1653 | + | ||
1654 | + /* get the public key pair for binary curve */ | ||
1655 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1656 | + pub_key, w_x, w_y,ctx)) { | ||
1657 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1658 | + goto err; | ||
1659 | + } | ||
1660 | + } | ||
1661 | + | ||
1662 | + /* irreducible polynomial that creates the field */ | ||
1663 | + if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { | ||
1664 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1665 | + goto err; | ||
1666 | + } | ||
1667 | + | ||
1668 | + /* Get the irreducible polynomial that creates the field */ | ||
1669 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1670 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1671 | + goto err; | ||
1672 | + } | ||
1673 | + | ||
1674 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1675 | + pub_key_len = 2 * q_len; | ||
1676 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1677 | + if (!w_xy) { | ||
1678 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1679 | + goto err; | ||
1680 | + } | ||
1681 | + | ||
1682 | + /* Generation of ECC curve parameters */ | ||
1683 | + ab_len = 2*q_len; | ||
1684 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1685 | + if (!ab) { | ||
1686 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1687 | + goto err; | ||
1688 | + } | ||
1689 | + | ||
1690 | + if (ec_crv == EC_BINARY) { | ||
1691 | + /* copy b' i.e c(b), instead of only b */ | ||
1692 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1693 | + { | ||
1694 | + unsigned char *c_temp = NULL; | ||
1695 | + int c_temp_len = q_len; | ||
1696 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1697 | + memcpy(ab+q_len, c_temp, q_len); | ||
1698 | + else | ||
1699 | + goto err; | ||
1700 | + } | ||
1701 | + kop->curve_type = ECC_BINARY; | ||
1702 | + } else | ||
1703 | + kop->curve_type = ECC_PRIME; | ||
1704 | + | ||
1705 | + priv_key_len = r_len; | ||
1706 | + | ||
1707 | + /* | ||
1708 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
1709 | + * add padding bytes before the key | ||
1710 | + */ | ||
1711 | + if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { | ||
1712 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1713 | + goto err; | ||
1714 | + } | ||
1715 | + | ||
1716 | + buflen = (EC_GROUP_get_degree(group) + 7)/8; | ||
1717 | + len = BN_num_bytes(x); | ||
1718 | + if (len > buflen || q_len < buflen) { | ||
1719 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); | ||
1720 | + goto err; | ||
1721 | + } | ||
1722 | + | ||
1723 | + kop->crk_op = CRK_DH_COMPUTE_KEY; | ||
1724 | + kop->crk_param[0].crp_p = (void *) s; | ||
1725 | + kop->crk_param[0].crp_nbits = priv_key_len*8; | ||
1726 | + kop->crk_param[1].crp_p = (void *) w_xy; | ||
1727 | + kop->crk_param[1].crp_nbits = pub_key_len*8; | ||
1728 | + kop->crk_param[2].crp_p = (void *) q; | ||
1729 | + kop->crk_param[2].crp_nbits = q_len*8; | ||
1730 | + kop->crk_param[3].crp_p = (void *) ab; | ||
1731 | + kop->crk_param[3].crp_nbits = ab_len*8; | ||
1732 | + kop->crk_iparams = 4; | ||
1733 | + kop->crk_param[4].crp_p = (void *) out; | ||
1734 | + kop->crk_param[4].crp_nbits = q_len*8; | ||
1735 | + kop->crk_oparams = 1; | ||
1736 | + kop->cookie = cookie; | ||
1737 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
1738 | + goto err; | ||
1739 | + | ||
1740 | + return q_len; | ||
1741 | +err: | ||
1742 | + { | ||
1743 | + const ECDH_METHOD *meth = ECDH_OpenSSL(); | ||
1744 | + | ||
1745 | + if (kop) | ||
1746 | + free(kop); | ||
1747 | + ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); | ||
1748 | + /* Call user cookie handler */ | ||
1749 | + cookie->pkc_callback(cookie, 0); | ||
1750 | + } | ||
1751 | + return ret; | ||
1752 | +} | ||
1753 | |||
1754 | static DH_METHOD cryptodev_dh = { | ||
1755 | "cryptodev DH method", | ||
1756 | @@ -2545,6 +3800,8 @@ static DH_METHOD cryptodev_dh = { | ||
1757 | NULL, | ||
1758 | NULL, | ||
1759 | NULL, | ||
1760 | + NULL, | ||
1761 | + NULL, | ||
1762 | 0, /* flags */ | ||
1763 | NULL /* app_data */ | ||
1764 | }; | ||
1765 | @@ -2553,6 +3810,7 @@ static ECDH_METHOD cryptodev_ecdh = { | ||
1766 | "cryptodev ECDH method", | ||
1767 | NULL, /* cryptodev_ecdh_compute_key */ | ||
1768 | NULL, | ||
1769 | + NULL, | ||
1770 | 0, /* flags */ | ||
1771 | NULL /* app_data */ | ||
1772 | }; | ||
1773 | @@ -2625,12 +3883,19 @@ ENGINE_load_cryptodev(void) | ||
1774 | cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; | ||
1775 | if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
1776 | cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; | ||
1777 | - if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) | ||
1778 | + cryptodev_rsa.bn_mod_exp_async = | ||
1779 | + cryptodev_bn_mod_exp_async; | ||
1780 | + if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) { | ||
1781 | cryptodev_rsa.rsa_mod_exp = | ||
1782 | cryptodev_rsa_mod_exp; | ||
1783 | - else | ||
1784 | + cryptodev_rsa.rsa_mod_exp_async = | ||
1785 | + cryptodev_rsa_mod_exp_async; | ||
1786 | + } else { | ||
1787 | cryptodev_rsa.rsa_mod_exp = | ||
1788 | cryptodev_rsa_nocrt_mod_exp; | ||
1789 | + cryptodev_rsa.rsa_mod_exp_async = | ||
1790 | + cryptodev_rsa_nocrt_mod_exp_async; | ||
1791 | + } | ||
1792 | } | ||
1793 | } | ||
1794 | |||
1795 | @@ -2638,12 +3903,21 @@ ENGINE_load_cryptodev(void) | ||
1796 | const DSA_METHOD *meth = DSA_OpenSSL(); | ||
1797 | |||
1798 | memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); | ||
1799 | - if (cryptodev_asymfeat & CRF_DSA_SIGN) | ||
1800 | + if (cryptodev_asymfeat & CRF_DSA_SIGN) { | ||
1801 | cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; | ||
1802 | - if (cryptodev_asymfeat & CRF_DSA_VERIFY) | ||
1803 | + cryptodev_dsa.dsa_do_sign_async = | ||
1804 | + cryptodev_dsa_do_sign_async; | ||
1805 | + } | ||
1806 | + if (cryptodev_asymfeat & CRF_DSA_VERIFY) { | ||
1807 | cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; | ||
1808 | - if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) | ||
1809 | + cryptodev_dsa.dsa_do_verify_async = | ||
1810 | + cryptodev_dsa_verify_async; | ||
1811 | + } | ||
1812 | + if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) { | ||
1813 | cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; | ||
1814 | + cryptodev_dsa.dsa_keygen_async = | ||
1815 | + cryptodev_dsa_keygen_async; | ||
1816 | + } | ||
1817 | } | ||
1818 | |||
1819 | if (ENGINE_set_DH(engine, &cryptodev_dh)){ | ||
1820 | @@ -2652,10 +3926,15 @@ ENGINE_load_cryptodev(void) | ||
1821 | if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1822 | cryptodev_dh.compute_key = | ||
1823 | cryptodev_dh_compute_key; | ||
1824 | + cryptodev_dh.compute_key_async = | ||
1825 | + cryptodev_dh_compute_key_async; | ||
1826 | } | ||
1827 | if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { | ||
1828 | cryptodev_dh.generate_key = | ||
1829 | cryptodev_dh_keygen; | ||
1830 | + cryptodev_dh.generate_key_async = | ||
1831 | + cryptodev_dh_keygen_async; | ||
1832 | + | ||
1833 | } | ||
1834 | } | ||
1835 | |||
1836 | @@ -2664,10 +3943,14 @@ ENGINE_load_cryptodev(void) | ||
1837 | memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); | ||
1838 | if (cryptodev_asymfeat & CRF_DSA_SIGN) { | ||
1839 | cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; | ||
1840 | + cryptodev_ecdsa.ecdsa_do_sign_async = | ||
1841 | + cryptodev_ecdsa_do_sign_async; | ||
1842 | } | ||
1843 | if (cryptodev_asymfeat & CRF_DSA_VERIFY) { | ||
1844 | cryptodev_ecdsa.ecdsa_do_verify = | ||
1845 | cryptodev_ecdsa_verify; | ||
1846 | + cryptodev_ecdsa.ecdsa_do_verify_async = | ||
1847 | + cryptodev_ecdsa_verify_async; | ||
1848 | } | ||
1849 | } | ||
1850 | |||
1851 | @@ -2676,9 +3959,16 @@ ENGINE_load_cryptodev(void) | ||
1852 | memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); | ||
1853 | if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1854 | cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; | ||
1855 | + cryptodev_ecdh.compute_key_async = | ||
1856 | + cryptodev_ecdh_compute_key_async; | ||
1857 | } | ||
1858 | } | ||
1859 | |||
1860 | + ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); | ||
1861 | + ENGINE_set_close_instance(engine, cryptodev_close_instance); | ||
1862 | + ENGINE_set_init_instance(engine, cryptodev_init_instance); | ||
1863 | + ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); | ||
1864 | + | ||
1865 | ENGINE_add(engine); | ||
1866 | ENGINE_free(engine); | ||
1867 | ERR_clear_error(); | ||
1868 | diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h | ||
1869 | index 451ef8f..8fc3077 100644 | ||
1870 | --- a/crypto/engine/eng_int.h | ||
1871 | +++ b/crypto/engine/eng_int.h | ||
1872 | @@ -181,7 +181,29 @@ struct engine_st | ||
1873 | ENGINE_LOAD_KEY_PTR load_pubkey; | ||
1874 | |||
1875 | ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; | ||
1876 | - | ||
1877 | + /* | ||
1878 | + * Instantiate Engine handle to be passed in check_pkc_availability | ||
1879 | + * Ensure that Engine is instantiated before any pkc asynchronous call. | ||
1880 | + */ | ||
1881 | + void *(*engine_init_instance)(void); | ||
1882 | + /* | ||
1883 | + * Instantiated Engine handle will be closed with this call. | ||
1884 | + * Ensure that no pkc asynchronous call is made after this call | ||
1885 | + */ | ||
1886 | + void (*engine_close_instance)(void *handle); | ||
1887 | + /* | ||
1888 | + * Check availability will extract the data from kernel. | ||
1889 | + * eng_handle: This is the Engine handle corresponds to which | ||
1890 | + * the cookies needs to be polled. | ||
1891 | + * return 0 if cookie available else 1 | ||
1892 | + */ | ||
1893 | + int (*check_pkc_availability)(void *eng_handle); | ||
1894 | + /* | ||
1895 | + * The following map is used to check if the engine supports asynchronous implementation | ||
1896 | + * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous | ||
1897 | + * implementation need to check this features using "int ENGINE_get_async_map(engine *)"; | ||
1898 | + */ | ||
1899 | + int async_map; | ||
1900 | const ENGINE_CMD_DEFN *cmd_defns; | ||
1901 | int flags; | ||
1902 | /* reference count on the structure itself */ | ||
1903 | diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c | ||
1904 | index 18a6664..6fa621c 100644 | ||
1905 | --- a/crypto/engine/eng_lib.c | ||
1906 | +++ b/crypto/engine/eng_lib.c | ||
1907 | @@ -98,7 +98,11 @@ void engine_set_all_null(ENGINE *e) | ||
1908 | e->ctrl = NULL; | ||
1909 | e->load_privkey = NULL; | ||
1910 | e->load_pubkey = NULL; | ||
1911 | + e->check_pkc_availability = NULL; | ||
1912 | + e->engine_init_instance = NULL; | ||
1913 | + e->engine_close_instance = NULL; | ||
1914 | e->cmd_defns = NULL; | ||
1915 | + e->async_map = 0; | ||
1916 | e->flags = 0; | ||
1917 | } | ||
1918 | |||
1919 | @@ -233,6 +237,48 @@ int ENGINE_set_id(ENGINE *e, const char *id) | ||
1920 | return 1; | ||
1921 | } | ||
1922 | |||
1923 | +void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) | ||
1924 | + { | ||
1925 | + e->engine_init_instance = engine_init_instance; | ||
1926 | + } | ||
1927 | + | ||
1928 | +void ENGINE_set_close_instance(ENGINE *e, | ||
1929 | + void (*engine_close_instance)(void *)) | ||
1930 | + { | ||
1931 | + e->engine_close_instance = engine_close_instance; | ||
1932 | + } | ||
1933 | + | ||
1934 | +void ENGINE_set_async_map(ENGINE *e, int async_map) | ||
1935 | + { | ||
1936 | + e->async_map = async_map; | ||
1937 | + } | ||
1938 | + | ||
1939 | +void *ENGINE_init_instance(ENGINE *e) | ||
1940 | + { | ||
1941 | + return e->engine_init_instance(); | ||
1942 | + } | ||
1943 | + | ||
1944 | +void ENGINE_close_instance(ENGINE *e, void *eng_handle) | ||
1945 | + { | ||
1946 | + e->engine_close_instance(eng_handle); | ||
1947 | + } | ||
1948 | + | ||
1949 | +int ENGINE_get_async_map(ENGINE *e) | ||
1950 | + { | ||
1951 | + return e->async_map; | ||
1952 | + } | ||
1953 | + | ||
1954 | +void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
1955 | + int (*check_pkc_availability)(void *eng_handle)) | ||
1956 | + { | ||
1957 | + e->check_pkc_availability = check_pkc_availability; | ||
1958 | + } | ||
1959 | + | ||
1960 | +int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) | ||
1961 | + { | ||
1962 | + return e->check_pkc_availability(eng_handle); | ||
1963 | + } | ||
1964 | + | ||
1965 | int ENGINE_set_name(ENGINE *e, const char *name) | ||
1966 | { | ||
1967 | if(name == NULL) | ||
1968 | diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h | ||
1969 | index 237a6c9..ccff86a 100644 | ||
1970 | --- a/crypto/engine/engine.h | ||
1971 | +++ b/crypto/engine/engine.h | ||
1972 | @@ -473,6 +473,30 @@ ENGINE *ENGINE_new(void); | ||
1973 | int ENGINE_free(ENGINE *e); | ||
1974 | int ENGINE_up_ref(ENGINE *e); | ||
1975 | int ENGINE_set_id(ENGINE *e, const char *id); | ||
1976 | +void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); | ||
1977 | +void ENGINE_set_close_instance(ENGINE *e, | ||
1978 | + void (*engine_free_instance)(void *)); | ||
1979 | +/* | ||
1980 | + * Following FLAGS are bitmap store in async_map to set asynchronous interface capability | ||
1981 | + *of the engine | ||
1982 | + */ | ||
1983 | +#define ENGINE_RSA_ASYNC 0x0001 | ||
1984 | +#define ENGINE_DSA_ASYNC 0x0002 | ||
1985 | +#define ENGINE_DH_ASYNC 0x0004 | ||
1986 | +#define ENGINE_ECDSA_ASYNC 0x0008 | ||
1987 | +#define ENGINE_ECDH_ASYNC 0x0010 | ||
1988 | +#define ENGINE_ALLPKC_ASYNC 0x001F | ||
1989 | +/* Engine implementation will set the bitmap based on above flags using following API */ | ||
1990 | +void ENGINE_set_async_map(ENGINE *e, int async_map); | ||
1991 | + /* Application need to check the bitmap based on above flags using following API | ||
1992 | + * to confirm asynchronous methods supported | ||
1993 | + */ | ||
1994 | +int ENGINE_get_async_map(ENGINE *e); | ||
1995 | +void *ENGINE_init_instance(ENGINE *e); | ||
1996 | +void ENGINE_close_instance(ENGINE *e, void *eng_handle); | ||
1997 | +void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
1998 | + int (*check_pkc_availability)(void *eng_handle)); | ||
1999 | +int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); | ||
2000 | int ENGINE_set_name(ENGINE *e, const char *name); | ||
2001 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); | ||
2002 | int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); | ||
2003 | diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h | ||
2004 | index 5f269e5..6ef1b15 100644 | ||
2005 | --- a/crypto/rsa/rsa.h | ||
2006 | +++ b/crypto/rsa/rsa.h | ||
2007 | @@ -101,6 +101,29 @@ struct rsa_meth_st | ||
2008 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
2009 | const BIGNUM *m, BN_CTX *ctx, | ||
2010 | BN_MONT_CTX *m_ctx); /* Can be null */ | ||
2011 | + /* | ||
2012 | + * Cookie in the following _async variant must be allocated before | ||
2013 | + * submission and can be freed once its corresponding callback | ||
2014 | + * handler is called | ||
2015 | + */ | ||
2016 | + int (*rsa_pub_enc_asyn)(int flen,const unsigned char *from, | ||
2017 | + unsigned char *to, RSA *rsa, int padding, | ||
2018 | + struct pkc_cookie_s *cookie); | ||
2019 | + int (*rsa_pub_dec_async)(int flen,const unsigned char *from, | ||
2020 | + unsigned char *to, RSA *rsa, int padding, | ||
2021 | + struct pkc_cookie_s *cookie); | ||
2022 | + int (*rsa_priv_enc_async)(int flen,const unsigned char *from, | ||
2023 | + unsigned char *to, RSA *rsa, int padding, | ||
2024 | + struct pkc_cookie_s *cookie); | ||
2025 | + int (*rsa_priv_dec_async)(int flen,const unsigned char *from, | ||
2026 | + unsigned char *to, RSA *rsa, int padding, | ||
2027 | + struct pkc_cookie_s *cookie); | ||
2028 | + int (*rsa_mod_exp_async)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, | ||
2029 | + BN_CTX *ctx, struct pkc_cookie_s *cookie); | ||
2030 | + int (*bn_mod_exp_async)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
2031 | + const BIGNUM *m, BN_CTX *ctx, | ||
2032 | + BN_MONT_CTX *m_ctx, struct pkc_cookie_s *cookie); | ||
2033 | + | ||
2034 | int (*init)(RSA *rsa); /* called at new */ | ||
2035 | int (*finish)(RSA *rsa); /* called at free */ | ||
2036 | int flags; /* RSA_METHOD_FLAG_* things */ | ||
2037 | -- | ||
2038 | 2.3.5 | ||
2039 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch new file mode 100644 index 00000000..244d230e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch | |||
@@ -0,0 +1,153 @@ | |||
1 | From e4fc051f8ae1c093b25ca346c2ec351ff3b700d1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Hou Zhiqiang <B48286@freescale.com> | ||
3 | Date: Wed, 2 Apr 2014 16:10:43 +0800 | ||
4 | Subject: [PATCH 11/26] Add RSA keygen operation and support gendsa command | ||
5 | with hardware engine | ||
6 | |||
7 | Upstream-status: Pending | ||
8 | |||
9 | Signed-off-by: Hou Zhiqiang <B48286@freescale.com> | ||
10 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | --- | ||
12 | crypto/engine/eng_cryptodev.c | 118 ++++++++++++++++++++++++++++++++++++++++++ | ||
13 | 1 file changed, 118 insertions(+) | ||
14 | |||
15 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
16 | index 9f2416e..b2919a8 100644 | ||
17 | --- a/crypto/engine/eng_cryptodev.c | ||
18 | +++ b/crypto/engine/eng_cryptodev.c | ||
19 | @@ -1906,6 +1906,121 @@ err: | ||
20 | return dsaret; | ||
21 | } | ||
22 | |||
23 | +/* Cryptodev RSA Key Gen routine */ | ||
24 | +static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
25 | +{ | ||
26 | + struct crypt_kop kop; | ||
27 | + int ret, fd; | ||
28 | + int p_len, q_len; | ||
29 | + int i; | ||
30 | + | ||
31 | + if ((fd = get_asym_dev_crypto()) < 0) | ||
32 | + return fd; | ||
33 | + | ||
34 | + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; | ||
35 | + if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; | ||
36 | + if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; | ||
37 | + if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; | ||
38 | + if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; | ||
39 | + if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; | ||
40 | + if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; | ||
41 | + if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; | ||
42 | + | ||
43 | + BN_copy(rsa->e, e); | ||
44 | + | ||
45 | + p_len = (bits+1) / (2 * 8); | ||
46 | + q_len = (bits - p_len * 8) / 8; | ||
47 | + memset(&kop, 0, sizeof kop); | ||
48 | + kop.crk_op = CRK_RSA_GENERATE_KEY; | ||
49 | + | ||
50 | + /* p length */ | ||
51 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
52 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
53 | + goto err; | ||
54 | + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
55 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
56 | + kop.crk_iparams++; | ||
57 | + kop.crk_oparams++; | ||
58 | + /* q length */ | ||
59 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); | ||
60 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
61 | + goto err; | ||
62 | + kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; | ||
63 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); | ||
64 | + kop.crk_iparams++; | ||
65 | + kop.crk_oparams++; | ||
66 | + /* n length */ | ||
67 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); | ||
68 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
69 | + goto err; | ||
70 | + kop.crk_param[kop.crk_iparams].crp_nbits = bits; | ||
71 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1); | ||
72 | + kop.crk_iparams++; | ||
73 | + kop.crk_oparams++; | ||
74 | + /* d length */ | ||
75 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); | ||
76 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
77 | + goto err; | ||
78 | + kop.crk_param[kop.crk_iparams].crp_nbits = bits; | ||
79 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1); | ||
80 | + kop.crk_iparams++; | ||
81 | + kop.crk_oparams++; | ||
82 | + /* dp1 length */ | ||
83 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
84 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
85 | + goto err; | ||
86 | + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
87 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
88 | + kop.crk_iparams++; | ||
89 | + kop.crk_oparams++; | ||
90 | + /* dq1 length */ | ||
91 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); | ||
92 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
93 | + goto err; | ||
94 | + kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; | ||
95 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); | ||
96 | + kop.crk_iparams++; | ||
97 | + kop.crk_oparams++; | ||
98 | + /* i length */ | ||
99 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
100 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
101 | + goto err; | ||
102 | + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
103 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
104 | + kop.crk_iparams++; | ||
105 | + kop.crk_oparams++; | ||
106 | + | ||
107 | + if (ioctl(fd, CIOCKEY, &kop) == 0) { | ||
108 | + BN_bin2bn(kop.crk_param[0].crp_p, | ||
109 | + p_len, rsa->p); | ||
110 | + BN_bin2bn(kop.crk_param[1].crp_p, | ||
111 | + q_len, rsa->q); | ||
112 | + BN_bin2bn(kop.crk_param[2].crp_p, | ||
113 | + bits / 8, rsa->n); | ||
114 | + BN_bin2bn(kop.crk_param[3].crp_p, | ||
115 | + bits / 8, rsa->d); | ||
116 | + BN_bin2bn(kop.crk_param[4].crp_p, | ||
117 | + p_len, rsa->dmp1); | ||
118 | + BN_bin2bn(kop.crk_param[5].crp_p, | ||
119 | + q_len, rsa->dmq1); | ||
120 | + BN_bin2bn(kop.crk_param[6].crp_p, | ||
121 | + p_len, rsa->iqmp); | ||
122 | + return 1; | ||
123 | + } | ||
124 | +sw_try: | ||
125 | + { | ||
126 | + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
127 | + ret = (meth->rsa_keygen)(rsa, bits, e, cb); | ||
128 | + } | ||
129 | + return ret; | ||
130 | + | ||
131 | +err: | ||
132 | + for (i = 0; i < CRK_MAXPARAM; i++) | ||
133 | + free(kop.crk_param[i].crp_p); | ||
134 | + return 0; | ||
135 | + | ||
136 | +} | ||
137 | + | ||
138 | /* Cryptodev DSA Key Gen routine */ | ||
139 | static int cryptodev_dsa_keygen(DSA *dsa) | ||
140 | { | ||
141 | @@ -3896,6 +4011,9 @@ ENGINE_load_cryptodev(void) | ||
142 | cryptodev_rsa.rsa_mod_exp_async = | ||
143 | cryptodev_rsa_nocrt_mod_exp_async; | ||
144 | } | ||
145 | + if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY) | ||
146 | + cryptodev_rsa.rsa_keygen = | ||
147 | + cryptodev_rsa_keygen; | ||
148 | } | ||
149 | } | ||
150 | |||
151 | -- | ||
152 | 2.3.5 | ||
153 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch b/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch new file mode 100644 index 00000000..7f907da4 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch | |||
@@ -0,0 +1,64 @@ | |||
1 | From ac777f046da7151386d667391362ecb553ceee90 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Wed, 16 Apr 2014 22:53:04 +0545 | ||
4 | Subject: [PATCH 12/26] RSA Keygen Fix | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | If Kernel driver doesn't support RSA Keygen or same returns | ||
9 | error handling the keygen operation, the keygen is gracefully | ||
10 | handled by software supported rsa_keygen handler | ||
11 | |||
12 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
13 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
14 | --- | ||
15 | crypto/engine/eng_cryptodev.c | 12 +++++++----- | ||
16 | 1 file changed, 7 insertions(+), 5 deletions(-) | ||
17 | |||
18 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
19 | index b2919a8..ed5f20f 100644 | ||
20 | --- a/crypto/engine/eng_cryptodev.c | ||
21 | +++ b/crypto/engine/eng_cryptodev.c | ||
22 | @@ -1915,7 +1915,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
23 | int i; | ||
24 | |||
25 | if ((fd = get_asym_dev_crypto()) < 0) | ||
26 | - return fd; | ||
27 | + goto sw_try; | ||
28 | |||
29 | if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; | ||
30 | if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; | ||
31 | @@ -1936,7 +1936,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
32 | /* p length */ | ||
33 | kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
34 | if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
35 | - goto err; | ||
36 | + goto sw_try; | ||
37 | kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
38 | memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
39 | kop.crk_iparams++; | ||
40 | @@ -1944,7 +1944,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
41 | /* q length */ | ||
42 | kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); | ||
43 | if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
44 | - goto err; | ||
45 | + goto sw_try; | ||
46 | kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; | ||
47 | memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); | ||
48 | kop.crk_iparams++; | ||
49 | @@ -2009,8 +2009,10 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
50 | } | ||
51 | sw_try: | ||
52 | { | ||
53 | - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
54 | - ret = (meth->rsa_keygen)(rsa, bits, e, cb); | ||
55 | + const RSA_METHOD *meth = rsa->meth; | ||
56 | + rsa->meth = RSA_PKCS1_SSLeay(); | ||
57 | + ret = RSA_generate_key_ex(rsa, bits, e, cb); | ||
58 | + rsa->meth = meth; | ||
59 | } | ||
60 | return ret; | ||
61 | |||
62 | -- | ||
63 | 2.3.5 | ||
64 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch b/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch new file mode 100644 index 00000000..c9d8ace8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch | |||
@@ -0,0 +1,164 @@ | |||
1 | From 6aaa306cdf878250d7b6eaf30978de313653886b Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 17 Apr 2014 06:57:59 +0545 | ||
4 | Subject: [PATCH 13/26] Removed local copy of curve_t type | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
10 | --- | ||
11 | crypto/engine/eng_cryptodev.c | 34 ++++++++++++++-------------------- | ||
12 | crypto/engine/eng_cryptodev_ec.h | 7 ------- | ||
13 | 2 files changed, 14 insertions(+), 27 deletions(-) | ||
14 | |||
15 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
16 | index ed5f20f..5d883fa 100644 | ||
17 | --- a/crypto/engine/eng_cryptodev.c | ||
18 | +++ b/crypto/engine/eng_cryptodev.c | ||
19 | @@ -2398,12 +2398,6 @@ static ECDSA_METHOD cryptodev_ecdsa = { | ||
20 | NULL /* app_data */ | ||
21 | }; | ||
22 | |||
23 | -typedef enum ec_curve_s | ||
24 | -{ | ||
25 | - EC_PRIME, | ||
26 | - EC_BINARY | ||
27 | -} ec_curve_t; | ||
28 | - | ||
29 | /* ENGINE handler for ECDSA Sign */ | ||
30 | static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
31 | int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
32 | @@ -2420,7 +2414,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
33 | const BIGNUM *order = NULL, *priv_key=NULL; | ||
34 | const EC_GROUP *group = NULL; | ||
35 | struct crypt_kop kop; | ||
36 | - ec_curve_t ec_crv = EC_PRIME; | ||
37 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
38 | |||
39 | memset(&kop, 0, sizeof(kop)); | ||
40 | ecdsa = ecdsa_check(eckey); | ||
41 | @@ -2553,7 +2547,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
42 | else | ||
43 | goto err; | ||
44 | } | ||
45 | - kop.curve_type = ECC_BINARY; | ||
46 | + kop.curve_type = EC_BINARY; | ||
47 | } | ||
48 | |||
49 | /* Calculation of Generator point */ | ||
50 | @@ -2647,7 +2641,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
51 | const EC_POINT *pub_key = NULL; | ||
52 | const BIGNUM *order = NULL; | ||
53 | const EC_GROUP *group=NULL; | ||
54 | - ec_curve_t ec_crv = EC_PRIME; | ||
55 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
56 | struct crypt_kop kop; | ||
57 | |||
58 | memset(&kop, 0, sizeof kop); | ||
59 | @@ -2792,7 +2786,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
60 | else | ||
61 | goto err; | ||
62 | } | ||
63 | - kop.curve_type = ECC_BINARY; | ||
64 | + kop.curve_type = EC_BINARY; | ||
65 | } | ||
66 | |||
67 | /* Calculation of Generator point */ | ||
68 | @@ -2893,7 +2887,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, | ||
69 | const BIGNUM *order = NULL, *priv_key=NULL; | ||
70 | const EC_GROUP *group = NULL; | ||
71 | struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
72 | - ec_curve_t ec_crv = EC_PRIME; | ||
73 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
74 | |||
75 | if (!(sig->r = BN_new()) || !kop) | ||
76 | goto err; | ||
77 | @@ -3029,7 +3023,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, | ||
78 | else | ||
79 | goto err; | ||
80 | } | ||
81 | - kop->curve_type = ECC_BINARY; | ||
82 | + kop->curve_type = EC_BINARY; | ||
83 | } | ||
84 | |||
85 | /* Calculation of Generator point */ | ||
86 | @@ -3105,7 +3099,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, | ||
87 | const EC_POINT *pub_key = NULL; | ||
88 | const BIGNUM *order = NULL; | ||
89 | const EC_GROUP *group=NULL; | ||
90 | - ec_curve_t ec_crv = EC_PRIME; | ||
91 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
92 | struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
93 | |||
94 | if (!kop) | ||
95 | @@ -3247,7 +3241,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, | ||
96 | /* copy b' i.e c(b), instead of only b */ | ||
97 | eng_ec_get_cparam (EC_GROUP_get_curve_name(group), | ||
98 | ab+q_len, q_len); | ||
99 | - kop->curve_type = ECC_BINARY; | ||
100 | + kop->curve_type = EC_BINARY; | ||
101 | } | ||
102 | |||
103 | /* Calculation of Generator point */ | ||
104 | @@ -3552,7 +3546,7 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
105 | const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
106 | void *out, size_t *outlen)) | ||
107 | { | ||
108 | - ec_curve_t ec_crv = EC_PRIME; | ||
109 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
110 | unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
111 | BIGNUM * w_x = NULL, *w_y = NULL; | ||
112 | int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
113 | @@ -3678,9 +3672,9 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
114 | else | ||
115 | goto err; | ||
116 | } | ||
117 | - kop.curve_type = ECC_BINARY; | ||
118 | + kop.curve_type = EC_BINARY; | ||
119 | } else | ||
120 | - kop.curve_type = ECC_PRIME; | ||
121 | + kop.curve_type = EC_PRIME; | ||
122 | |||
123 | priv_key_len = r_len; | ||
124 | |||
125 | @@ -3729,7 +3723,7 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, | ||
126 | const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
127 | void *out, size_t *outlen), struct pkc_cookie_s *cookie) | ||
128 | { | ||
129 | - ec_curve_t ec_crv = EC_PRIME; | ||
130 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
131 | unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
132 | BIGNUM * w_x = NULL, *w_y = NULL; | ||
133 | int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
134 | @@ -3857,9 +3851,9 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, | ||
135 | else | ||
136 | goto err; | ||
137 | } | ||
138 | - kop->curve_type = ECC_BINARY; | ||
139 | + kop->curve_type = EC_BINARY; | ||
140 | } else | ||
141 | - kop->curve_type = ECC_PRIME; | ||
142 | + kop->curve_type = EC_PRIME; | ||
143 | |||
144 | priv_key_len = r_len; | ||
145 | |||
146 | diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h | ||
147 | index 77aee71..a4b8da5 100644 | ||
148 | --- a/crypto/engine/eng_cryptodev_ec.h | ||
149 | +++ b/crypto/engine/eng_cryptodev_ec.h | ||
150 | @@ -286,11 +286,4 @@ static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, | ||
151 | |||
152 | return xy; | ||
153 | } | ||
154 | - | ||
155 | -enum curve_t { | ||
156 | - DISCRETE_LOG, | ||
157 | - ECC_PRIME, | ||
158 | - ECC_BINARY, | ||
159 | - MAX_ECC_TYPE | ||
160 | -}; | ||
161 | #endif | ||
162 | -- | ||
163 | 2.3.5 | ||
164 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch b/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch new file mode 100644 index 00000000..198bed70 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | From 14623ca9e417ccef1ad3f4138acfac0ebe682f1f Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 22 Apr 2014 22:58:33 +0545 | ||
4 | Subject: [PATCH 14/26] Modulus parameter is not populated by dhparams | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | When dhparams are created, modulus parameter required for | ||
9 | private key generation is not populated. So, falling back | ||
10 | to software for proper population of modulus parameters followed | ||
11 | by private key generation | ||
12 | |||
13 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
14 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
15 | --- | ||
16 | crypto/engine/eng_cryptodev.c | 4 ++-- | ||
17 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
18 | |||
19 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
20 | index 5d883fa..6d69336 100644 | ||
21 | --- a/crypto/engine/eng_cryptodev.c | ||
22 | +++ b/crypto/engine/eng_cryptodev.c | ||
23 | @@ -3364,7 +3364,7 @@ static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) | ||
24 | kop->crk_op = CRK_DH_GENERATE_KEY; | ||
25 | if (bn2crparam(dh->p, &kop->crk_param[0])) | ||
26 | goto sw_try; | ||
27 | - if (bn2crparam(dh->q, &kop->crk_param[1])) | ||
28 | + if (!dh->q || bn2crparam(dh->q, &kop->crk_param[1])) | ||
29 | goto sw_try; | ||
30 | kop->crk_param[2].crp_p = g; | ||
31 | kop->crk_param[2].crp_nbits = g_len * 8; | ||
32 | @@ -3419,7 +3419,7 @@ static int cryptodev_dh_keygen(DH *dh) | ||
33 | kop.crk_op = CRK_DH_GENERATE_KEY; | ||
34 | if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
35 | goto sw_try; | ||
36 | - if (bn2crparam(dh->q, &kop.crk_param[1])) | ||
37 | + if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) | ||
38 | goto sw_try; | ||
39 | kop.crk_param[2].crp_p = g; | ||
40 | kop.crk_param[2].crp_nbits = g_len * 8; | ||
41 | -- | ||
42 | 2.3.5 | ||
43 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch b/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch new file mode 100644 index 00000000..59330a1e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | From 10be401a33e6ebcc325d6747914c70595cd53d0a Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 24 Apr 2014 00:35:34 +0545 | ||
4 | Subject: [PATCH 15/26] SW Backoff mechanism for dsa keygen | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | DSA Keygen is not handled in default openssl dsa method. Due to | ||
9 | same null function pointer in SW DSA method, the backoff for dsa | ||
10 | keygen gives segmentation fault. | ||
11 | |||
12 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
13 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
14 | --- | ||
15 | crypto/engine/eng_cryptodev.c | 12 ++++++++---- | ||
16 | 1 file changed, 8 insertions(+), 4 deletions(-) | ||
17 | |||
18 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
19 | index 6d69336..dab8fea 100644 | ||
20 | --- a/crypto/engine/eng_cryptodev.c | ||
21 | +++ b/crypto/engine/eng_cryptodev.c | ||
22 | @@ -2069,8 +2069,10 @@ static int cryptodev_dsa_keygen(DSA *dsa) | ||
23 | return ret; | ||
24 | sw_try: | ||
25 | { | ||
26 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
27 | - ret = (meth->dsa_keygen)(dsa); | ||
28 | + const DSA_METHOD *meth = dsa->meth; | ||
29 | + dsa->meth = DSA_OpenSSL(); | ||
30 | + ret = DSA_generate_key(dsa); | ||
31 | + dsa->meth = meth; | ||
32 | } | ||
33 | return ret; | ||
34 | } | ||
35 | @@ -2124,11 +2126,13 @@ static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) | ||
36 | return ret; | ||
37 | sw_try: | ||
38 | { | ||
39 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
40 | + const DSA_METHOD *meth = dsa->meth; | ||
41 | |||
42 | + dsa->meth = DSA_OpenSSL(); | ||
43 | if (kop) | ||
44 | free(kop); | ||
45 | - ret = (meth->dsa_keygen)(dsa); | ||
46 | + ret = DSA_generate_key(dsa); | ||
47 | + dsa->meth = meth; | ||
48 | cookie->pkc_callback(cookie, 0); | ||
49 | } | ||
50 | return ret; | ||
51 | -- | ||
52 | 2.3.5 | ||
53 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch new file mode 100644 index 00000000..8923cb63 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch | |||
@@ -0,0 +1,100 @@ | |||
1 | From d2c868c6370bcc0d0a254e641907da2cdf992d62 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 1 May 2014 06:35:45 +0545 | ||
4 | Subject: [PATCH 16/26] Fixed DH keygen pair generator | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Wrong Padding results into keygen length error | ||
9 | |||
10 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
11 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | --- | ||
13 | crypto/engine/eng_cryptodev.c | 50 ++++++++++++++++++++++++++++--------------- | ||
14 | 1 file changed, 33 insertions(+), 17 deletions(-) | ||
15 | |||
16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
17 | index dab8fea..13d924f 100644 | ||
18 | --- a/crypto/engine/eng_cryptodev.c | ||
19 | +++ b/crypto/engine/eng_cryptodev.c | ||
20 | @@ -3396,44 +3396,60 @@ sw_try: | ||
21 | static int cryptodev_dh_keygen(DH *dh) | ||
22 | { | ||
23 | struct crypt_kop kop; | ||
24 | - int ret = 1, g_len; | ||
25 | - unsigned char *g = NULL; | ||
26 | + int ret = 1, q_len = 0; | ||
27 | + unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; | ||
28 | + BIGNUM *pub_key = NULL, *priv_key = NULL; | ||
29 | + int generate_new_key = 1; | ||
30 | |||
31 | - if (dh->priv_key == NULL) { | ||
32 | - if ((dh->priv_key=BN_new()) == NULL) | ||
33 | - goto sw_try; | ||
34 | - } | ||
35 | + if (dh->priv_key) | ||
36 | + priv_key = dh->priv_key; | ||
37 | |||
38 | - if (dh->pub_key == NULL) { | ||
39 | - if ((dh->pub_key=BN_new()) == NULL) | ||
40 | - goto sw_try; | ||
41 | - } | ||
42 | + if (dh->pub_key) | ||
43 | + pub_key = dh->pub_key; | ||
44 | |||
45 | - g_len = BN_num_bytes(dh->p); | ||
46 | + q_len = BN_num_bytes(dh->p); | ||
47 | /** | ||
48 | * Get generator into a plain buffer. If length is less than | ||
49 | * q_len then add leading padding bytes. | ||
50 | */ | ||
51 | - if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
52 | + if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { | ||
53 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
54 | + goto sw_try; | ||
55 | + } | ||
56 | + | ||
57 | + if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { | ||
58 | DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
59 | goto sw_try; | ||
60 | } | ||
61 | |||
62 | memset(&kop, 0, sizeof kop); | ||
63 | kop.crk_op = CRK_DH_GENERATE_KEY; | ||
64 | - if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
65 | - goto sw_try; | ||
66 | + kop.crk_param[0].crp_p = q; | ||
67 | + kop.crk_param[0].crp_nbits = q_len * 8; | ||
68 | if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) | ||
69 | goto sw_try; | ||
70 | kop.crk_param[2].crp_p = g; | ||
71 | - kop.crk_param[2].crp_nbits = g_len * 8; | ||
72 | + kop.crk_param[2].crp_nbits = q_len * 8; | ||
73 | kop.crk_iparams = 3; | ||
74 | |||
75 | + s = OPENSSL_malloc (q_len); | ||
76 | + if (!s) { | ||
77 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
78 | + goto sw_try; | ||
79 | + } | ||
80 | + | ||
81 | + w = OPENSSL_malloc (q_len); | ||
82 | + if (!w) { | ||
83 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
84 | + goto sw_try; | ||
85 | + } | ||
86 | + | ||
87 | /* pub_key is or prime length while priv key is of length of order */ | ||
88 | - if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, | ||
89 | - BN_num_bytes(dh->q), dh->priv_key)) | ||
90 | + if (cryptodev_asym(&kop, q_len, w, q_len, s)) | ||
91 | goto sw_try; | ||
92 | |||
93 | + dh->pub_key = BN_bin2bn(w, q_len, pub_key); | ||
94 | + dh->pub_key = BN_bin2bn(s, q_len, priv_key); | ||
95 | return ret; | ||
96 | sw_try: | ||
97 | { | ||
98 | -- | ||
99 | 2.3.5 | ||
100 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch b/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch new file mode 100644 index 00000000..bd9e61ac --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch | |||
@@ -0,0 +1,309 @@ | |||
1 | From 11b55103463bac614e00d74e9f196ec4ec6bade1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Mon, 16 Jun 2014 14:06:21 +0300 | ||
4 | Subject: [PATCH 17/26] cryptodev: add support for aes-gcm algorithm offloading | ||
5 | |||
6 | Change-Id: I3b77dc5ef8b8f707309549244a02852d95b36168 | ||
7 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
8 | Reviewed-on: http://git.am.freescale.net:8181/17226 | ||
9 | --- | ||
10 | apps/speed.c | 6 +- | ||
11 | crypto/engine/eng_cryptodev.c | 229 +++++++++++++++++++++++++++++++++++++++++- | ||
12 | 2 files changed, 233 insertions(+), 2 deletions(-) | ||
13 | |||
14 | diff --git a/apps/speed.c b/apps/speed.c | ||
15 | index 9886ca3..099dede 100644 | ||
16 | --- a/apps/speed.c | ||
17 | +++ b/apps/speed.c | ||
18 | @@ -224,7 +224,11 @@ | ||
19 | #endif | ||
20 | |||
21 | #undef BUFSIZE | ||
22 | -#define BUFSIZE ((long)1024*8+1) | ||
23 | +/* The buffer overhead allows GCM tag at the end of the encrypted data. This | ||
24 | + avoids buffer overflows from cryptodev since Linux kernel GCM | ||
25 | + implementation allways adds the tag - unlike e_aes.c:aes_gcm_cipher() | ||
26 | + which doesn't */ | ||
27 | +#define BUFSIZE ((long)1024*8 + EVP_GCM_TLS_TAG_LEN) | ||
28 | int run=0; | ||
29 | |||
30 | static int mr=0; | ||
31 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
32 | index 13d924f..4493490 100644 | ||
33 | --- a/crypto/engine/eng_cryptodev.c | ||
34 | +++ b/crypto/engine/eng_cryptodev.c | ||
35 | @@ -78,8 +78,10 @@ struct dev_crypto_state { | ||
36 | struct session_op d_sess; | ||
37 | int d_fd; | ||
38 | unsigned char *aad; | ||
39 | - unsigned int aad_len; | ||
40 | + int aad_len; | ||
41 | unsigned int len; | ||
42 | + unsigned char *iv; | ||
43 | + int ivlen; | ||
44 | |||
45 | #ifdef USE_CRYPTODEV_DIGESTS | ||
46 | char dummy_mac_key[HASH_MAX_LEN]; | ||
47 | @@ -251,6 +253,7 @@ static struct { | ||
48 | { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, | ||
49 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
50 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
51 | + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, | ||
52 | { 0, NID_undef, 0, 0, 0}, | ||
53 | }; | ||
54 | |||
55 | @@ -271,6 +274,19 @@ static struct { | ||
56 | }; | ||
57 | #endif | ||
58 | |||
59 | +/* increment counter (64-bit int) by 1 */ | ||
60 | +static void ctr64_inc(unsigned char *counter) { | ||
61 | + int n=8; | ||
62 | + unsigned char c; | ||
63 | + | ||
64 | + do { | ||
65 | + --n; | ||
66 | + c = counter[n]; | ||
67 | + ++c; | ||
68 | + counter[n] = c; | ||
69 | + if (c) return; | ||
70 | + } while (n); | ||
71 | +} | ||
72 | /* | ||
73 | * Return a fd if /dev/crypto seems usable, 0 otherwise. | ||
74 | */ | ||
75 | @@ -762,6 +778,197 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
76 | } | ||
77 | } | ||
78 | |||
79 | +static int cryptodev_init_gcm_key(EVP_CIPHER_CTX *ctx, | ||
80 | + const unsigned char *key, const unsigned char *iv, int enc) | ||
81 | +{ | ||
82 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
83 | + struct session_op *sess = &state->d_sess; | ||
84 | + int cipher = -1, i; | ||
85 | + if (!iv && !key) | ||
86 | + return 1; | ||
87 | + | ||
88 | + if (iv) | ||
89 | + memcpy(ctx->iv, iv, ctx->cipher->iv_len); | ||
90 | + | ||
91 | + for (i = 0; ciphers[i].id; i++) | ||
92 | + if (ctx->cipher->nid == ciphers[i].nid && | ||
93 | + ctx->cipher->iv_len <= ciphers[i].ivmax && | ||
94 | + ctx->key_len == ciphers[i].keylen) { | ||
95 | + cipher = ciphers[i].id; | ||
96 | + break; | ||
97 | + } | ||
98 | + | ||
99 | + if (!ciphers[i].id) { | ||
100 | + state->d_fd = -1; | ||
101 | + return 0; | ||
102 | + } | ||
103 | + | ||
104 | + memset(sess, 0, sizeof(struct session_op)); | ||
105 | + | ||
106 | + if ((state->d_fd = get_dev_crypto()) < 0) | ||
107 | + return 0; | ||
108 | + | ||
109 | + sess->key = (unsigned char *) key; | ||
110 | + sess->keylen = ctx->key_len; | ||
111 | + sess->cipher = cipher; | ||
112 | + | ||
113 | + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { | ||
114 | + put_dev_crypto(state->d_fd); | ||
115 | + state->d_fd = -1; | ||
116 | + return 0; | ||
117 | + } | ||
118 | + return 1; | ||
119 | +} | ||
120 | + | ||
121 | +static int cryptodev_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
122 | + const unsigned char *in, size_t len) | ||
123 | +{ | ||
124 | + struct crypt_auth_op cryp = {0}; | ||
125 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
126 | + struct session_op *sess = &state->d_sess; | ||
127 | + int rv = len; | ||
128 | + | ||
129 | + if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ? | ||
130 | + EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, | ||
131 | + EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) | ||
132 | + return 0; | ||
133 | + | ||
134 | + in += EVP_GCM_TLS_EXPLICIT_IV_LEN; | ||
135 | + out += EVP_GCM_TLS_EXPLICIT_IV_LEN; | ||
136 | + len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; | ||
137 | + | ||
138 | + if (ctx->encrypt) { | ||
139 | + len -= EVP_GCM_TLS_TAG_LEN; | ||
140 | + } | ||
141 | + cryp.ses = sess->ses; | ||
142 | + cryp.len = len; | ||
143 | + cryp.src = (unsigned char*) in; | ||
144 | + cryp.dst = out; | ||
145 | + cryp.auth_src = state->aad; | ||
146 | + cryp.auth_len = state->aad_len; | ||
147 | + cryp.iv = ctx->iv; | ||
148 | + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; | ||
149 | + | ||
150 | + if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { | ||
151 | + return 0; | ||
152 | + } | ||
153 | + | ||
154 | + if (ctx->encrypt) | ||
155 | + ctr64_inc(state->iv + state->ivlen - 8); | ||
156 | + else | ||
157 | + rv = len - EVP_GCM_TLS_TAG_LEN; | ||
158 | + | ||
159 | + return rv; | ||
160 | +} | ||
161 | + | ||
162 | +static int cryptodev_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
163 | + const unsigned char *in, size_t len) | ||
164 | +{ | ||
165 | + struct crypt_auth_op cryp; | ||
166 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
167 | + struct session_op *sess = &state->d_sess; | ||
168 | + | ||
169 | + if (state->d_fd < 0) | ||
170 | + return 0; | ||
171 | + | ||
172 | + if ((len % ctx->cipher->block_size) != 0) | ||
173 | + return 0; | ||
174 | + | ||
175 | + if (state->aad_len >= 0) | ||
176 | + return cryptodev_gcm_tls_cipher(ctx, out, in, len); | ||
177 | + | ||
178 | + memset(&cryp, 0, sizeof(cryp)); | ||
179 | + | ||
180 | + cryp.ses = sess->ses; | ||
181 | + cryp.len = len; | ||
182 | + cryp.src = (unsigned char*) in; | ||
183 | + cryp.dst = out; | ||
184 | + cryp.auth_src = NULL; | ||
185 | + cryp.auth_len = 0; | ||
186 | + cryp.iv = ctx->iv; | ||
187 | + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; | ||
188 | + | ||
189 | + if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { | ||
190 | + return 0; | ||
191 | + } | ||
192 | + | ||
193 | + return len; | ||
194 | +} | ||
195 | + | ||
196 | +static int cryptodev_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
197 | + void *ptr) | ||
198 | +{ | ||
199 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
200 | + switch (type) { | ||
201 | + case EVP_CTRL_INIT: | ||
202 | + { | ||
203 | + state->ivlen = ctx->cipher->iv_len; | ||
204 | + state->iv = ctx->iv; | ||
205 | + state->aad_len = -1; | ||
206 | + return 1; | ||
207 | + } | ||
208 | + case EVP_CTRL_GCM_SET_IV_FIXED: | ||
209 | + { | ||
210 | + /* Special case: -1 length restores whole IV */ | ||
211 | + if (arg == -1) | ||
212 | + { | ||
213 | + memcpy(state->iv, ptr, state->ivlen); | ||
214 | + return 1; | ||
215 | + } | ||
216 | + /* Fixed field must be at least 4 bytes and invocation field | ||
217 | + * at least 8. | ||
218 | + */ | ||
219 | + if ((arg < 4) || (state->ivlen - arg) < 8) | ||
220 | + return 0; | ||
221 | + if (arg) | ||
222 | + memcpy(state->iv, ptr, arg); | ||
223 | + if (ctx->encrypt && | ||
224 | + RAND_bytes(state->iv + arg, state->ivlen - arg) <= 0) | ||
225 | + return 0; | ||
226 | + return 1; | ||
227 | + } | ||
228 | + case EVP_CTRL_AEAD_TLS1_AAD: | ||
229 | + { | ||
230 | + unsigned int len; | ||
231 | + if (arg != 13) | ||
232 | + return 0; | ||
233 | + | ||
234 | + memcpy(ctx->buf, ptr, arg); | ||
235 | + len=ctx->buf[arg-2] << 8 | ctx->buf[arg-1]; | ||
236 | + | ||
237 | + /* Correct length for explicit IV */ | ||
238 | + len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; | ||
239 | + | ||
240 | + /* If decrypting correct for tag too */ | ||
241 | + if (!ctx->encrypt) | ||
242 | + len -= EVP_GCM_TLS_TAG_LEN; | ||
243 | + | ||
244 | + ctx->buf[arg-2] = len >> 8; | ||
245 | + ctx->buf[arg-1] = len & 0xff; | ||
246 | + | ||
247 | + state->aad = ctx->buf; | ||
248 | + state->aad_len = arg; | ||
249 | + state->len = len; | ||
250 | + | ||
251 | + /* Extra padding: tag appended to record */ | ||
252 | + return EVP_GCM_TLS_TAG_LEN; | ||
253 | + } | ||
254 | + case EVP_CTRL_GCM_SET_IV_INV: | ||
255 | + { | ||
256 | + if (ctx->encrypt) | ||
257 | + return 0; | ||
258 | + memcpy(state->iv + state->ivlen - arg, ptr, arg); | ||
259 | + return 1; | ||
260 | + } | ||
261 | + case EVP_CTRL_GCM_IV_GEN: | ||
262 | + if (arg <= 0 || arg > state->ivlen) | ||
263 | + arg = state->ivlen; | ||
264 | + memcpy(ptr, state->iv + state->ivlen - arg, arg); | ||
265 | + return 1; | ||
266 | + default: | ||
267 | + return -1; | ||
268 | + } | ||
269 | +} | ||
270 | /* | ||
271 | * libcrypto EVP stuff - this is how we get wired to EVP so the engine | ||
272 | * gets called when libcrypto requests a cipher NID. | ||
273 | @@ -901,6 +1108,23 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { | ||
274 | cryptodev_cbc_hmac_sha1_ctrl, | ||
275 | NULL | ||
276 | }; | ||
277 | + | ||
278 | +const EVP_CIPHER cryptodev_aes_128_gcm = { | ||
279 | + NID_aes_128_gcm, | ||
280 | + 1, 16, 12, | ||
281 | + EVP_CIPH_GCM_MODE | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ | ||
282 | + | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | ||
283 | + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, | ||
284 | + cryptodev_init_gcm_key, | ||
285 | + cryptodev_gcm_cipher, | ||
286 | + cryptodev_cleanup, | ||
287 | + sizeof(struct dev_crypto_state), | ||
288 | + EVP_CIPHER_set_asn1_iv, | ||
289 | + EVP_CIPHER_get_asn1_iv, | ||
290 | + cryptodev_gcm_ctrl, | ||
291 | + NULL | ||
292 | +}; | ||
293 | + | ||
294 | /* | ||
295 | * Registered by the ENGINE when used to find out how to deal with | ||
296 | * a particular NID in the ENGINE. this says what we'll do at the | ||
297 | @@ -944,6 +1168,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
298 | case NID_aes_256_cbc_hmac_sha1: | ||
299 | *cipher = &cryptodev_aes_256_cbc_hmac_sha1; | ||
300 | break; | ||
301 | + case NID_aes_128_gcm: | ||
302 | + *cipher = &cryptodev_aes_128_gcm; | ||
303 | + break; | ||
304 | default: | ||
305 | *cipher = NULL; | ||
306 | break; | ||
307 | -- | ||
308 | 2.3.5 | ||
309 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch b/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch new file mode 100644 index 00000000..1118a6fc --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch | |||
@@ -0,0 +1,193 @@ | |||
1 | From 21e3ca4ec77f9258aa4001f07faac1c4942b48b4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Fri, 9 May 2014 17:54:06 +0300 | ||
4 | Subject: [PATCH 18/26] eng_cryptodev: extend TLS offload with | ||
5 | 3des_cbc_hmac_sha1 | ||
6 | |||
7 | Both obj_mac.h and obj_dat.h were generated using the scripts | ||
8 | from crypto/objects: | ||
9 | |||
10 | $ cd crypto/objects | ||
11 | $ perl objects.pl objects.txt obj_mac.num obj_mac.h | ||
12 | $ perl obj_dat.pl obj_mac.h obj_dat.h | ||
13 | |||
14 | Change-Id: I94f13cdd09df67e33e6acd3c00aab47cb358ac46 | ||
15 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
16 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
17 | Reviewed-on: http://git.am.freescale.net:8181/34001 | ||
18 | --- | ||
19 | crypto/engine/eng_cryptodev.c | 24 ++++++++++++++++++++++++ | ||
20 | crypto/objects/obj_dat.h | 10 +++++++--- | ||
21 | crypto/objects/obj_mac.h | 4 ++++ | ||
22 | crypto/objects/obj_mac.num | 1 + | ||
23 | crypto/objects/objects.txt | 1 + | ||
24 | ssl/ssl_ciph.c | 4 ++++ | ||
25 | 6 files changed, 41 insertions(+), 3 deletions(-) | ||
26 | |||
27 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
28 | index 79b2678..299e84b 100644 | ||
29 | --- a/crypto/engine/eng_cryptodev.c | ||
30 | +++ b/crypto/engine/eng_cryptodev.c | ||
31 | @@ -135,6 +135,7 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | ||
32 | void ENGINE_load_cryptodev(void); | ||
33 | const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; | ||
34 | const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; | ||
35 | +const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; | ||
36 | |||
37 | inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
38 | { | ||
39 | @@ -252,6 +253,7 @@ static struct { | ||
40 | { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, | ||
41 | { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, | ||
42 | { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, | ||
43 | + { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, | ||
44 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
45 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
46 | { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, | ||
47 | @@ -466,6 +468,9 @@ cryptodev_usable_ciphers(const int **nids) | ||
48 | case NID_aes_256_cbc_hmac_sha1: | ||
49 | EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
50 | break; | ||
51 | + case NID_des_ede3_cbc_hmac_sha1: | ||
52 | + EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); | ||
53 | + break; | ||
54 | } | ||
55 | } | ||
56 | return count; | ||
57 | @@ -571,6 +576,7 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
58 | switch (ctx->cipher->nid) { | ||
59 | case NID_aes_128_cbc_hmac_sha1: | ||
60 | case NID_aes_256_cbc_hmac_sha1: | ||
61 | + case NID_des_ede3_cbc_hmac_sha1: | ||
62 | cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
63 | } | ||
64 | cryp.ses = sess->ses; | ||
65 | @@ -763,6 +769,7 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
66 | switch (ctx->cipher->nid) { | ||
67 | case NID_aes_128_cbc_hmac_sha1: | ||
68 | case NID_aes_256_cbc_hmac_sha1: | ||
69 | + case NID_des_ede3_cbc_hmac_sha1: | ||
70 | maclen = SHA_DIGEST_LENGTH; | ||
71 | } | ||
72 | |||
73 | @@ -1082,6 +1089,20 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { | ||
74 | NULL | ||
75 | }; | ||
76 | |||
77 | +const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1 = { | ||
78 | + NID_des_ede3_cbc_hmac_sha1, | ||
79 | + 8, 24, 8, | ||
80 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
81 | + cryptodev_init_aead_key, | ||
82 | + cryptodev_aead_cipher, | ||
83 | + cryptodev_cleanup, | ||
84 | + sizeof(struct dev_crypto_state), | ||
85 | + EVP_CIPHER_set_asn1_iv, | ||
86 | + EVP_CIPHER_get_asn1_iv, | ||
87 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
88 | + NULL | ||
89 | +}; | ||
90 | + | ||
91 | const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { | ||
92 | NID_aes_128_cbc_hmac_sha1, | ||
93 | 16, 16, 16, | ||
94 | @@ -1163,6 +1184,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
95 | case NID_aes_256_cbc: | ||
96 | *cipher = &cryptodev_aes_256_cbc; | ||
97 | break; | ||
98 | + case NID_des_ede3_cbc_hmac_sha1: | ||
99 | + *cipher = &cryptodev_3des_cbc_hmac_sha1; | ||
100 | + break; | ||
101 | case NID_aes_128_cbc_hmac_sha1: | ||
102 | *cipher = &cryptodev_aes_128_cbc_hmac_sha1; | ||
103 | break; | ||
104 | diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h | ||
105 | index bc69665..9f2267a 100644 | ||
106 | --- a/crypto/objects/obj_dat.h | ||
107 | +++ b/crypto/objects/obj_dat.h | ||
108 | @@ -62,9 +62,9 @@ | ||
109 | * [including the GNU Public Licence.] | ||
110 | */ | ||
111 | |||
112 | -#define NUM_NID 920 | ||
113 | -#define NUM_SN 913 | ||
114 | -#define NUM_LN 913 | ||
115 | +#define NUM_NID 921 | ||
116 | +#define NUM_SN 914 | ||
117 | +#define NUM_LN 914 | ||
118 | #define NUM_OBJ 857 | ||
119 | |||
120 | static const unsigned char lvalues[5974]={ | ||
121 | @@ -2399,6 +2399,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ | ||
122 | {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", | ||
123 | NID_aes_256_cbc_hmac_sha1,0,NULL,0}, | ||
124 | {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, | ||
125 | +{"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", | ||
126 | + NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, | ||
127 | }; | ||
128 | |||
129 | static const unsigned int sn_objs[NUM_SN]={ | ||
130 | @@ -2474,6 +2476,7 @@ static const unsigned int sn_objs[NUM_SN]={ | ||
131 | 62, /* "DES-EDE-OFB" */ | ||
132 | 33, /* "DES-EDE3" */ | ||
133 | 44, /* "DES-EDE3-CBC" */ | ||
134 | +920, /* "DES-EDE3-CBC-HMAC-SHA1" */ | ||
135 | 61, /* "DES-EDE3-CFB" */ | ||
136 | 658, /* "DES-EDE3-CFB1" */ | ||
137 | 659, /* "DES-EDE3-CFB8" */ | ||
138 | @@ -3585,6 +3588,7 @@ static const unsigned int ln_objs[NUM_LN]={ | ||
139 | 62, /* "des-ede-ofb" */ | ||
140 | 33, /* "des-ede3" */ | ||
141 | 44, /* "des-ede3-cbc" */ | ||
142 | +920, /* "des-ede3-cbc-hmac-sha1" */ | ||
143 | 61, /* "des-ede3-cfb" */ | ||
144 | 658, /* "des-ede3-cfb1" */ | ||
145 | 659, /* "des-ede3-cfb8" */ | ||
146 | diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h | ||
147 | index b5ea7cd..8751902 100644 | ||
148 | --- a/crypto/objects/obj_mac.h | ||
149 | +++ b/crypto/objects/obj_mac.h | ||
150 | @@ -4030,3 +4030,7 @@ | ||
151 | #define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" | ||
152 | #define NID_aes_256_cbc_hmac_sha1 918 | ||
153 | |||
154 | +#define SN_des_ede3_cbc_hmac_sha1 "DES-EDE3-CBC-HMAC-SHA1" | ||
155 | +#define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" | ||
156 | +#define NID_des_ede3_cbc_hmac_sha1 920 | ||
157 | + | ||
158 | diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num | ||
159 | index 1d0a7c8..9d44bb5 100644 | ||
160 | --- a/crypto/objects/obj_mac.num | ||
161 | +++ b/crypto/objects/obj_mac.num | ||
162 | @@ -917,3 +917,4 @@ aes_128_cbc_hmac_sha1 916 | ||
163 | aes_192_cbc_hmac_sha1 917 | ||
164 | aes_256_cbc_hmac_sha1 918 | ||
165 | rsaesOaep 919 | ||
166 | +des_ede3_cbc_hmac_sha1 920 | ||
167 | diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt | ||
168 | index d3bfad7..90d2fc5 100644 | ||
169 | --- a/crypto/objects/objects.txt | ||
170 | +++ b/crypto/objects/objects.txt | ||
171 | @@ -1290,3 +1290,4 @@ kisa 1 6 : SEED-OFB : seed-ofb | ||
172 | : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 | ||
173 | : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 | ||
174 | : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 | ||
175 | + : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 | ||
176 | diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c | ||
177 | index 8188ff5..310fe76 100644 | ||
178 | --- a/ssl/ssl_ciph.c | ||
179 | +++ b/ssl/ssl_ciph.c | ||
180 | @@ -639,6 +639,10 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, | ||
181 | c->algorithm_mac == SSL_SHA1 && | ||
182 | (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) | ||
183 | *enc = evp, *md = NULL; | ||
184 | + else if (c->algorithm_enc == SSL_3DES && | ||
185 | + c->algorithm_mac == SSL_SHA1 && | ||
186 | + (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) | ||
187 | + *enc = evp, *md = NULL; | ||
188 | return(1); | ||
189 | } | ||
190 | else | ||
191 | -- | ||
192 | 2.3.5 | ||
193 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch new file mode 100644 index 00000000..988d79ea --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch | |||
@@ -0,0 +1,355 @@ | |||
1 | From 1de2b740a3bdcd8e98abb5f4e176d46fd817b932 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 31 Mar 2015 16:30:17 +0300 | ||
4 | Subject: [PATCH 19/26] eng_cryptodev: add support for TLSv1.1 record offload | ||
5 | |||
6 | Supported cipher suites: | ||
7 | - 3des-ede-cbc-sha | ||
8 | - aes-128-cbc-hmac-sha | ||
9 | - aes-256-cbc-hmac-sha | ||
10 | |||
11 | Requires TLS patches on cryptodev and TLS algorithm support in Linux | ||
12 | kernel driver. | ||
13 | |||
14 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
15 | Change-Id: Id414f36a528de3f476b72688cf85714787d7ccae | ||
16 | Reviewed-on: http://git.am.freescale.net:8181/34002 | ||
17 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
18 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
19 | --- | ||
20 | crypto/engine/eng_cryptodev.c | 101 ++++++++++++++++++++++++++++++++++++++---- | ||
21 | crypto/objects/obj_dat.h | 18 ++++++-- | ||
22 | crypto/objects/obj_mac.h | 12 +++++ | ||
23 | crypto/objects/obj_mac.num | 3 ++ | ||
24 | crypto/objects/objects.txt | 3 ++ | ||
25 | ssl/ssl_ciph.c | 26 +++++++++-- | ||
26 | 6 files changed, 148 insertions(+), 15 deletions(-) | ||
27 | |||
28 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
29 | index 299e84b..f71ab27 100644 | ||
30 | --- a/crypto/engine/eng_cryptodev.c | ||
31 | +++ b/crypto/engine/eng_cryptodev.c | ||
32 | @@ -66,6 +66,7 @@ ENGINE_load_cryptodev(void) | ||
33 | #include <sys/ioctl.h> | ||
34 | #include <errno.h> | ||
35 | #include <stdio.h> | ||
36 | +#include <stdbool.h> | ||
37 | #include <unistd.h> | ||
38 | #include <fcntl.h> | ||
39 | #include <stdarg.h> | ||
40 | @@ -133,9 +134,12 @@ static int cryptodev_dh_compute_key(unsigned char *key, | ||
41 | static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | ||
42 | void (*f)(void)); | ||
43 | void ENGINE_load_cryptodev(void); | ||
44 | +const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; | ||
45 | const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; | ||
46 | const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; | ||
47 | -const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; | ||
48 | +const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; | ||
49 | +const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; | ||
50 | +const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; | ||
51 | |||
52 | inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
53 | { | ||
54 | @@ -256,6 +260,9 @@ static struct { | ||
55 | { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, | ||
56 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
57 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
58 | + { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, | ||
59 | + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
60 | + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
61 | { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, | ||
62 | { 0, NID_undef, 0, 0, 0}, | ||
63 | }; | ||
64 | @@ -462,14 +469,23 @@ cryptodev_usable_ciphers(const int **nids) | ||
65 | /* add ciphers specific to cryptodev if found in kernel */ | ||
66 | for(i = 0; i < count; i++) { | ||
67 | switch (*(*nids + i)) { | ||
68 | + case NID_des_ede3_cbc_hmac_sha1: | ||
69 | + EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); | ||
70 | + break; | ||
71 | case NID_aes_128_cbc_hmac_sha1: | ||
72 | EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
73 | break; | ||
74 | case NID_aes_256_cbc_hmac_sha1: | ||
75 | EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
76 | break; | ||
77 | - case NID_des_ede3_cbc_hmac_sha1: | ||
78 | - EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); | ||
79 | + case NID_tls11_des_ede3_cbc_hmac_sha1: | ||
80 | + EVP_add_cipher(&cryptodev_tls11_3des_cbc_hmac_sha1); | ||
81 | + break; | ||
82 | + case NID_tls11_aes_128_cbc_hmac_sha1: | ||
83 | + EVP_add_cipher(&cryptodev_tls11_aes_128_cbc_hmac_sha1); | ||
84 | + break; | ||
85 | + case NID_tls11_aes_256_cbc_hmac_sha1: | ||
86 | + EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); | ||
87 | break; | ||
88 | } | ||
89 | } | ||
90 | @@ -574,9 +590,12 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
91 | |||
92 | /* TODO: make a seamless integration with cryptodev flags */ | ||
93 | switch (ctx->cipher->nid) { | ||
94 | + case NID_des_ede3_cbc_hmac_sha1: | ||
95 | case NID_aes_128_cbc_hmac_sha1: | ||
96 | case NID_aes_256_cbc_hmac_sha1: | ||
97 | - case NID_des_ede3_cbc_hmac_sha1: | ||
98 | + case NID_tls11_des_ede3_cbc_hmac_sha1: | ||
99 | + case NID_tls11_aes_128_cbc_hmac_sha1: | ||
100 | + case NID_tls11_aes_256_cbc_hmac_sha1: | ||
101 | cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
102 | } | ||
103 | cryp.ses = sess->ses; | ||
104 | @@ -758,8 +777,9 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
105 | struct dev_crypto_state *state = ctx->cipher_data; | ||
106 | unsigned char *p = ptr; | ||
107 | unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; | ||
108 | - unsigned int maclen, padlen; | ||
109 | + unsigned int maclen, padlen, len; | ||
110 | unsigned int bs = ctx->cipher->block_size; | ||
111 | + bool aad_needs_fix = false; | ||
112 | |||
113 | state->aad = ptr; | ||
114 | state->aad_len = arg; | ||
115 | @@ -767,10 +787,24 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
116 | |||
117 | /* TODO: this should be an extension of EVP_CIPHER struct */ | ||
118 | switch (ctx->cipher->nid) { | ||
119 | + case NID_des_ede3_cbc_hmac_sha1: | ||
120 | case NID_aes_128_cbc_hmac_sha1: | ||
121 | case NID_aes_256_cbc_hmac_sha1: | ||
122 | - case NID_des_ede3_cbc_hmac_sha1: | ||
123 | maclen = SHA_DIGEST_LENGTH; | ||
124 | + break; | ||
125 | + case NID_tls11_des_ede3_cbc_hmac_sha1: | ||
126 | + case NID_tls11_aes_128_cbc_hmac_sha1: | ||
127 | + case NID_tls11_aes_256_cbc_hmac_sha1: | ||
128 | + maclen = SHA_DIGEST_LENGTH; | ||
129 | + aad_needs_fix = true; | ||
130 | + break; | ||
131 | + } | ||
132 | + | ||
133 | + /* Correct length for AAD Length field */ | ||
134 | + if (ctx->encrypt && aad_needs_fix) { | ||
135 | + len = cryptlen - bs; | ||
136 | + p[arg-2] = len >> 8; | ||
137 | + p[arg-1] = len & 0xff; | ||
138 | } | ||
139 | |||
140 | /* space required for encryption (not only TLS padding) */ | ||
141 | @@ -1131,6 +1165,48 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { | ||
142 | NULL | ||
143 | }; | ||
144 | |||
145 | +const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1 = { | ||
146 | + NID_tls11_des_ede3_cbc_hmac_sha1, | ||
147 | + 8, 24, 8, | ||
148 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
149 | + cryptodev_init_aead_key, | ||
150 | + cryptodev_aead_cipher, | ||
151 | + cryptodev_cleanup, | ||
152 | + sizeof(struct dev_crypto_state), | ||
153 | + EVP_CIPHER_set_asn1_iv, | ||
154 | + EVP_CIPHER_get_asn1_iv, | ||
155 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
156 | + NULL | ||
157 | +}; | ||
158 | + | ||
159 | +const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1 = { | ||
160 | + NID_tls11_aes_128_cbc_hmac_sha1, | ||
161 | + 16, 16, 16, | ||
162 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
163 | + cryptodev_init_aead_key, | ||
164 | + cryptodev_aead_cipher, | ||
165 | + cryptodev_cleanup, | ||
166 | + sizeof(struct dev_crypto_state), | ||
167 | + EVP_CIPHER_set_asn1_iv, | ||
168 | + EVP_CIPHER_get_asn1_iv, | ||
169 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
170 | + NULL | ||
171 | +}; | ||
172 | + | ||
173 | +const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { | ||
174 | + NID_tls11_aes_256_cbc_hmac_sha1, | ||
175 | + 16, 32, 16, | ||
176 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
177 | + cryptodev_init_aead_key, | ||
178 | + cryptodev_aead_cipher, | ||
179 | + cryptodev_cleanup, | ||
180 | + sizeof(struct dev_crypto_state), | ||
181 | + EVP_CIPHER_set_asn1_iv, | ||
182 | + EVP_CIPHER_get_asn1_iv, | ||
183 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
184 | + NULL | ||
185 | +}; | ||
186 | + | ||
187 | const EVP_CIPHER cryptodev_aes_128_gcm = { | ||
188 | NID_aes_128_gcm, | ||
189 | 1, 16, 12, | ||
190 | @@ -1184,6 +1260,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
191 | case NID_aes_256_cbc: | ||
192 | *cipher = &cryptodev_aes_256_cbc; | ||
193 | break; | ||
194 | + case NID_aes_128_gcm: | ||
195 | + *cipher = &cryptodev_aes_128_gcm; | ||
196 | + break; | ||
197 | case NID_des_ede3_cbc_hmac_sha1: | ||
198 | *cipher = &cryptodev_3des_cbc_hmac_sha1; | ||
199 | break; | ||
200 | @@ -1193,8 +1272,14 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
201 | case NID_aes_256_cbc_hmac_sha1: | ||
202 | *cipher = &cryptodev_aes_256_cbc_hmac_sha1; | ||
203 | break; | ||
204 | - case NID_aes_128_gcm: | ||
205 | - *cipher = &cryptodev_aes_128_gcm; | ||
206 | + case NID_tls11_des_ede3_cbc_hmac_sha1: | ||
207 | + *cipher = &cryptodev_tls11_3des_cbc_hmac_sha1; | ||
208 | + break; | ||
209 | + case NID_tls11_aes_128_cbc_hmac_sha1: | ||
210 | + *cipher = &cryptodev_tls11_aes_128_cbc_hmac_sha1; | ||
211 | + break; | ||
212 | + case NID_tls11_aes_256_cbc_hmac_sha1: | ||
213 | + *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; | ||
214 | break; | ||
215 | default: | ||
216 | *cipher = NULL; | ||
217 | diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h | ||
218 | index 9f2267a..dc89b0a 100644 | ||
219 | --- a/crypto/objects/obj_dat.h | ||
220 | +++ b/crypto/objects/obj_dat.h | ||
221 | @@ -62,9 +62,9 @@ | ||
222 | * [including the GNU Public Licence.] | ||
223 | */ | ||
224 | |||
225 | -#define NUM_NID 921 | ||
226 | -#define NUM_SN 914 | ||
227 | -#define NUM_LN 914 | ||
228 | +#define NUM_NID 924 | ||
229 | +#define NUM_SN 917 | ||
230 | +#define NUM_LN 917 | ||
231 | #define NUM_OBJ 857 | ||
232 | |||
233 | static const unsigned char lvalues[5974]={ | ||
234 | @@ -2401,6 +2401,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ | ||
235 | {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, | ||
236 | {"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", | ||
237 | NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, | ||
238 | +{"TLS11-DES-EDE3-CBC-HMAC-SHA1","tls11-des-ede3-cbc-hmac-sha1", | ||
239 | + NID_tls11_des_ede3_cbc_hmac_sha1,0,NULL,0}, | ||
240 | +{"TLS11-AES-128-CBC-HMAC-SHA1","tls11-aes-128-cbc-hmac-sha1", | ||
241 | + NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, | ||
242 | +{"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", | ||
243 | + NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, | ||
244 | }; | ||
245 | |||
246 | static const unsigned int sn_objs[NUM_SN]={ | ||
247 | @@ -2586,6 +2592,9 @@ static const unsigned int sn_objs[NUM_SN]={ | ||
248 | 100, /* "SN" */ | ||
249 | 16, /* "ST" */ | ||
250 | 143, /* "SXNetID" */ | ||
251 | +922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ | ||
252 | +923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ | ||
253 | +921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ | ||
254 | 458, /* "UID" */ | ||
255 | 0, /* "UNDEF" */ | ||
256 | 11, /* "X500" */ | ||
257 | @@ -4205,6 +4214,9 @@ static const unsigned int ln_objs[NUM_LN]={ | ||
258 | 459, /* "textEncodedORAddress" */ | ||
259 | 293, /* "textNotice" */ | ||
260 | 106, /* "title" */ | ||
261 | +922, /* "tls11-aes-128-cbc-hmac-sha1" */ | ||
262 | +923, /* "tls11-aes-256-cbc-hmac-sha1" */ | ||
263 | +921, /* "tls11-des-ede3-cbc-hmac-sha1" */ | ||
264 | 682, /* "tpBasis" */ | ||
265 | 436, /* "ucl" */ | ||
266 | 0, /* "undefined" */ | ||
267 | diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h | ||
268 | index 8751902..f181890 100644 | ||
269 | --- a/crypto/objects/obj_mac.h | ||
270 | +++ b/crypto/objects/obj_mac.h | ||
271 | @@ -4034,3 +4034,15 @@ | ||
272 | #define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" | ||
273 | #define NID_des_ede3_cbc_hmac_sha1 920 | ||
274 | |||
275 | +#define SN_tls11_des_ede3_cbc_hmac_sha1 "TLS11-DES-EDE3-CBC-HMAC-SHA1" | ||
276 | +#define LN_tls11_des_ede3_cbc_hmac_sha1 "tls11-des-ede3-cbc-hmac-sha1" | ||
277 | +#define NID_tls11_des_ede3_cbc_hmac_sha1 921 | ||
278 | + | ||
279 | +#define SN_tls11_aes_128_cbc_hmac_sha1 "TLS11-AES-128-CBC-HMAC-SHA1" | ||
280 | +#define LN_tls11_aes_128_cbc_hmac_sha1 "tls11-aes-128-cbc-hmac-sha1" | ||
281 | +#define NID_tls11_aes_128_cbc_hmac_sha1 922 | ||
282 | + | ||
283 | +#define SN_tls11_aes_256_cbc_hmac_sha1 "TLS11-AES-256-CBC-HMAC-SHA1" | ||
284 | +#define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" | ||
285 | +#define NID_tls11_aes_256_cbc_hmac_sha1 923 | ||
286 | + | ||
287 | diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num | ||
288 | index 9d44bb5..a02b58c 100644 | ||
289 | --- a/crypto/objects/obj_mac.num | ||
290 | +++ b/crypto/objects/obj_mac.num | ||
291 | @@ -918,3 +918,6 @@ aes_192_cbc_hmac_sha1 917 | ||
292 | aes_256_cbc_hmac_sha1 918 | ||
293 | rsaesOaep 919 | ||
294 | des_ede3_cbc_hmac_sha1 920 | ||
295 | +tls11_des_ede3_cbc_hmac_sha1 921 | ||
296 | +tls11_aes_128_cbc_hmac_sha1 922 | ||
297 | +tls11_aes_256_cbc_hmac_sha1 923 | ||
298 | diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt | ||
299 | index 90d2fc5..1973658 100644 | ||
300 | --- a/crypto/objects/objects.txt | ||
301 | +++ b/crypto/objects/objects.txt | ||
302 | @@ -1291,3 +1291,6 @@ kisa 1 6 : SEED-OFB : seed-ofb | ||
303 | : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 | ||
304 | : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 | ||
305 | : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 | ||
306 | + : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 | ||
307 | + : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 | ||
308 | + : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 | ||
309 | diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c | ||
310 | index 310fe76..0408986 100644 | ||
311 | --- a/ssl/ssl_ciph.c | ||
312 | +++ b/ssl/ssl_ciph.c | ||
313 | @@ -631,17 +631,35 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, | ||
314 | c->algorithm_mac == SSL_MD5 && | ||
315 | (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) | ||
316 | *enc = evp, *md = NULL; | ||
317 | - else if (c->algorithm_enc == SSL_AES128 && | ||
318 | + else if (s->ssl_version == TLS1_VERSION && | ||
319 | + c->algorithm_enc == SSL_3DES && | ||
320 | + c->algorithm_mac == SSL_SHA1 && | ||
321 | + (evp=EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) | ||
322 | + *enc = evp, *md = NULL; | ||
323 | + else if (s->ssl_version == TLS1_VERSION && | ||
324 | + c->algorithm_enc == SSL_AES128 && | ||
325 | c->algorithm_mac == SSL_SHA1 && | ||
326 | (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) | ||
327 | *enc = evp, *md = NULL; | ||
328 | - else if (c->algorithm_enc == SSL_AES256 && | ||
329 | + else if (s->ssl_version == TLS1_VERSION && | ||
330 | + c->algorithm_enc == SSL_AES256 && | ||
331 | c->algorithm_mac == SSL_SHA1 && | ||
332 | (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) | ||
333 | *enc = evp, *md = NULL; | ||
334 | - else if (c->algorithm_enc == SSL_3DES && | ||
335 | + else if (s->ssl_version == TLS1_1_VERSION && | ||
336 | + c->algorithm_enc == SSL_3DES && | ||
337 | + c->algorithm_mac == SSL_SHA1 && | ||
338 | + (evp=EVP_get_cipherbyname("TLS11-DES-EDE3-CBC-HMAC-SHA1"))) | ||
339 | + *enc = evp, *md = NULL; | ||
340 | + else if (s->ssl_version == TLS1_1_VERSION && | ||
341 | + c->algorithm_enc == SSL_AES128 && | ||
342 | + c->algorithm_mac == SSL_SHA1 && | ||
343 | + (evp=EVP_get_cipherbyname("TLS11-AES-128-CBC-HMAC-SHA1"))) | ||
344 | + *enc = evp, *md = NULL; | ||
345 | + else if (s->ssl_version == TLS1_1_VERSION && | ||
346 | + c->algorithm_enc == SSL_AES256 && | ||
347 | c->algorithm_mac == SSL_SHA1 && | ||
348 | - (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) | ||
349 | + (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) | ||
350 | *enc = evp, *md = NULL; | ||
351 | return(1); | ||
352 | } | ||
353 | -- | ||
354 | 2.3.5 | ||
355 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch new file mode 100644 index 00000000..7370c496 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch | |||
@@ -0,0 +1,359 @@ | |||
1 | From a58703e6601fcfcfe69fdb3e7152ed76b40d67e9 Mon Sep 17 00:00:00 2001 | ||
2 | From: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
3 | Date: Tue, 31 Mar 2015 16:32:35 +0300 | ||
4 | Subject: [PATCH 20/26] eng_cryptodev: add support for TLSv1.2 record offload | ||
5 | |||
6 | Supported cipher suites: | ||
7 | - 3des-ede-cbc-sha | ||
8 | - aes-128-cbc-hmac-sha | ||
9 | - aes-256-cbc-hmac-sha | ||
10 | - aes-128-cbc-hmac-sha256 | ||
11 | - aes-256-cbc-hmac-sha256 | ||
12 | |||
13 | Requires TLS patches on cryptodev and TLS algorithm support in Linux | ||
14 | kernel driver. | ||
15 | |||
16 | Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> | ||
17 | Change-Id: I0ac6953dd62e2655a59d8f3eaefd012b7ecebf55 | ||
18 | Reviewed-on: http://git.am.freescale.net:8181/34003 | ||
19 | Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
20 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
21 | --- | ||
22 | crypto/engine/eng_cryptodev.c | 123 ++++++++++++++++++++++++++++++++++++++++++ | ||
23 | crypto/objects/obj_dat.h | 26 +++++++-- | ||
24 | crypto/objects/obj_mac.h | 20 +++++++ | ||
25 | crypto/objects/obj_mac.num | 5 ++ | ||
26 | crypto/objects/objects.txt | 5 ++ | ||
27 | ssl/ssl_ciph.c | 25 +++++++++ | ||
28 | 6 files changed, 201 insertions(+), 3 deletions(-) | ||
29 | |||
30 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
31 | index f71ab27..fa5fe1b 100644 | ||
32 | --- a/crypto/engine/eng_cryptodev.c | ||
33 | +++ b/crypto/engine/eng_cryptodev.c | ||
34 | @@ -140,6 +140,11 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; | ||
35 | const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; | ||
36 | const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; | ||
37 | const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; | ||
38 | +const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1; | ||
39 | +const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1; | ||
40 | +const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1; | ||
41 | +const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256; | ||
42 | +const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256; | ||
43 | |||
44 | inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
45 | { | ||
46 | @@ -263,6 +268,11 @@ static struct { | ||
47 | { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, | ||
48 | { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
49 | { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
50 | + { CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, NID_tls12_des_ede3_cbc_hmac_sha1, 8, 24, 20}, | ||
51 | + { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
52 | + { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
53 | + { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_128_cbc_hmac_sha256, 16, 16, 32}, | ||
54 | + { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_256_cbc_hmac_sha256, 16, 32, 32}, | ||
55 | { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, | ||
56 | { 0, NID_undef, 0, 0, 0}, | ||
57 | }; | ||
58 | @@ -487,6 +497,21 @@ cryptodev_usable_ciphers(const int **nids) | ||
59 | case NID_tls11_aes_256_cbc_hmac_sha1: | ||
60 | EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); | ||
61 | break; | ||
62 | + case NID_tls12_des_ede3_cbc_hmac_sha1: | ||
63 | + EVP_add_cipher(&cryptodev_tls12_3des_cbc_hmac_sha1); | ||
64 | + break; | ||
65 | + case NID_tls12_aes_128_cbc_hmac_sha1: | ||
66 | + EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha1); | ||
67 | + break; | ||
68 | + case NID_tls12_aes_256_cbc_hmac_sha1: | ||
69 | + EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha1); | ||
70 | + break; | ||
71 | + case NID_tls12_aes_128_cbc_hmac_sha256: | ||
72 | + EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha256); | ||
73 | + break; | ||
74 | + case NID_tls12_aes_256_cbc_hmac_sha256: | ||
75 | + EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha256); | ||
76 | + break; | ||
77 | } | ||
78 | } | ||
79 | return count; | ||
80 | @@ -596,6 +621,11 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
81 | case NID_tls11_des_ede3_cbc_hmac_sha1: | ||
82 | case NID_tls11_aes_128_cbc_hmac_sha1: | ||
83 | case NID_tls11_aes_256_cbc_hmac_sha1: | ||
84 | + case NID_tls12_des_ede3_cbc_hmac_sha1: | ||
85 | + case NID_tls12_aes_128_cbc_hmac_sha1: | ||
86 | + case NID_tls12_aes_256_cbc_hmac_sha1: | ||
87 | + case NID_tls12_aes_128_cbc_hmac_sha256: | ||
88 | + case NID_tls12_aes_256_cbc_hmac_sha256: | ||
89 | cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
90 | } | ||
91 | cryp.ses = sess->ses; | ||
92 | @@ -795,9 +825,17 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
93 | case NID_tls11_des_ede3_cbc_hmac_sha1: | ||
94 | case NID_tls11_aes_128_cbc_hmac_sha1: | ||
95 | case NID_tls11_aes_256_cbc_hmac_sha1: | ||
96 | + case NID_tls12_des_ede3_cbc_hmac_sha1: | ||
97 | + case NID_tls12_aes_128_cbc_hmac_sha1: | ||
98 | + case NID_tls12_aes_256_cbc_hmac_sha1: | ||
99 | maclen = SHA_DIGEST_LENGTH; | ||
100 | aad_needs_fix = true; | ||
101 | break; | ||
102 | + case NID_tls12_aes_128_cbc_hmac_sha256: | ||
103 | + case NID_tls12_aes_256_cbc_hmac_sha256: | ||
104 | + maclen = SHA256_DIGEST_LENGTH; | ||
105 | + aad_needs_fix = true; | ||
106 | + break; | ||
107 | } | ||
108 | |||
109 | /* Correct length for AAD Length field */ | ||
110 | @@ -1207,6 +1245,76 @@ const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { | ||
111 | NULL | ||
112 | }; | ||
113 | |||
114 | +const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1 = { | ||
115 | + NID_tls12_des_ede3_cbc_hmac_sha1, | ||
116 | + 8, 24, 8, | ||
117 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
118 | + cryptodev_init_aead_key, | ||
119 | + cryptodev_aead_cipher, | ||
120 | + cryptodev_cleanup, | ||
121 | + sizeof(struct dev_crypto_state), | ||
122 | + EVP_CIPHER_set_asn1_iv, | ||
123 | + EVP_CIPHER_get_asn1_iv, | ||
124 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
125 | + NULL | ||
126 | +}; | ||
127 | + | ||
128 | +const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1 = { | ||
129 | + NID_tls12_aes_128_cbc_hmac_sha1, | ||
130 | + 16, 16, 16, | ||
131 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
132 | + cryptodev_init_aead_key, | ||
133 | + cryptodev_aead_cipher, | ||
134 | + cryptodev_cleanup, | ||
135 | + sizeof(struct dev_crypto_state), | ||
136 | + EVP_CIPHER_set_asn1_iv, | ||
137 | + EVP_CIPHER_get_asn1_iv, | ||
138 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
139 | + NULL | ||
140 | +}; | ||
141 | + | ||
142 | +const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1 = { | ||
143 | + NID_tls12_aes_256_cbc_hmac_sha1, | ||
144 | + 16, 32, 16, | ||
145 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
146 | + cryptodev_init_aead_key, | ||
147 | + cryptodev_aead_cipher, | ||
148 | + cryptodev_cleanup, | ||
149 | + sizeof(struct dev_crypto_state), | ||
150 | + EVP_CIPHER_set_asn1_iv, | ||
151 | + EVP_CIPHER_get_asn1_iv, | ||
152 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
153 | + NULL | ||
154 | +}; | ||
155 | + | ||
156 | +const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256 = { | ||
157 | + NID_tls12_aes_128_cbc_hmac_sha256, | ||
158 | + 16, 16, 16, | ||
159 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
160 | + cryptodev_init_aead_key, | ||
161 | + cryptodev_aead_cipher, | ||
162 | + cryptodev_cleanup, | ||
163 | + sizeof(struct dev_crypto_state), | ||
164 | + EVP_CIPHER_set_asn1_iv, | ||
165 | + EVP_CIPHER_get_asn1_iv, | ||
166 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
167 | + NULL | ||
168 | +}; | ||
169 | + | ||
170 | +const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256 = { | ||
171 | + NID_tls12_aes_256_cbc_hmac_sha256, | ||
172 | + 16, 32, 16, | ||
173 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
174 | + cryptodev_init_aead_key, | ||
175 | + cryptodev_aead_cipher, | ||
176 | + cryptodev_cleanup, | ||
177 | + sizeof(struct dev_crypto_state), | ||
178 | + EVP_CIPHER_set_asn1_iv, | ||
179 | + EVP_CIPHER_get_asn1_iv, | ||
180 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
181 | + NULL | ||
182 | +}; | ||
183 | + | ||
184 | const EVP_CIPHER cryptodev_aes_128_gcm = { | ||
185 | NID_aes_128_gcm, | ||
186 | 1, 16, 12, | ||
187 | @@ -1281,6 +1389,21 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
188 | case NID_tls11_aes_256_cbc_hmac_sha1: | ||
189 | *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; | ||
190 | break; | ||
191 | + case NID_tls12_des_ede3_cbc_hmac_sha1: | ||
192 | + *cipher = &cryptodev_tls12_3des_cbc_hmac_sha1; | ||
193 | + break; | ||
194 | + case NID_tls12_aes_128_cbc_hmac_sha1: | ||
195 | + *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha1; | ||
196 | + break; | ||
197 | + case NID_tls12_aes_256_cbc_hmac_sha1: | ||
198 | + *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha1; | ||
199 | + break; | ||
200 | + case NID_tls12_aes_128_cbc_hmac_sha256: | ||
201 | + *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha256; | ||
202 | + break; | ||
203 | + case NID_tls12_aes_256_cbc_hmac_sha256: | ||
204 | + *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha256; | ||
205 | + break; | ||
206 | default: | ||
207 | *cipher = NULL; | ||
208 | break; | ||
209 | diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h | ||
210 | index dc89b0a..dfe19da 100644 | ||
211 | --- a/crypto/objects/obj_dat.h | ||
212 | +++ b/crypto/objects/obj_dat.h | ||
213 | @@ -62,9 +62,9 @@ | ||
214 | * [including the GNU Public Licence.] | ||
215 | */ | ||
216 | |||
217 | -#define NUM_NID 924 | ||
218 | -#define NUM_SN 917 | ||
219 | -#define NUM_LN 917 | ||
220 | +#define NUM_NID 929 | ||
221 | +#define NUM_SN 922 | ||
222 | +#define NUM_LN 922 | ||
223 | #define NUM_OBJ 857 | ||
224 | |||
225 | static const unsigned char lvalues[5974]={ | ||
226 | @@ -2407,6 +2407,16 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ | ||
227 | NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, | ||
228 | {"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", | ||
229 | NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, | ||
230 | +{"TLS12-DES-EDE3-CBC-HMAC-SHA1","tls12-des-ede3-cbc-hmac-sha1", | ||
231 | + NID_tls12_des_ede3_cbc_hmac_sha1,0,NULL,0}, | ||
232 | +{"TLS12-AES-128-CBC-HMAC-SHA1","tls12-aes-128-cbc-hmac-sha1", | ||
233 | + NID_tls12_aes_128_cbc_hmac_sha1,0,NULL,0}, | ||
234 | +{"TLS12-AES-256-CBC-HMAC-SHA1","tls12-aes-256-cbc-hmac-sha1", | ||
235 | + NID_tls12_aes_256_cbc_hmac_sha1,0,NULL,0}, | ||
236 | +{"TLS12-AES-128-CBC-HMAC-SHA256","tls12-aes-128-cbc-hmac-sha256", | ||
237 | + NID_tls12_aes_128_cbc_hmac_sha256,0,NULL,0}, | ||
238 | +{"TLS12-AES-256-CBC-HMAC-SHA256","tls12-aes-256-cbc-hmac-sha256", | ||
239 | + NID_tls12_aes_256_cbc_hmac_sha256,0,NULL,0}, | ||
240 | }; | ||
241 | |||
242 | static const unsigned int sn_objs[NUM_SN]={ | ||
243 | @@ -2595,6 +2605,11 @@ static const unsigned int sn_objs[NUM_SN]={ | ||
244 | 922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ | ||
245 | 923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ | ||
246 | 921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ | ||
247 | +925, /* "TLS12-AES-128-CBC-HMAC-SHA1" */ | ||
248 | +927, /* "TLS12-AES-128-CBC-HMAC-SHA256" */ | ||
249 | +926, /* "TLS12-AES-256-CBC-HMAC-SHA1" */ | ||
250 | +928, /* "TLS12-AES-256-CBC-HMAC-SHA256" */ | ||
251 | +924, /* "TLS12-DES-EDE3-CBC-HMAC-SHA1" */ | ||
252 | 458, /* "UID" */ | ||
253 | 0, /* "UNDEF" */ | ||
254 | 11, /* "X500" */ | ||
255 | @@ -4217,6 +4232,11 @@ static const unsigned int ln_objs[NUM_LN]={ | ||
256 | 922, /* "tls11-aes-128-cbc-hmac-sha1" */ | ||
257 | 923, /* "tls11-aes-256-cbc-hmac-sha1" */ | ||
258 | 921, /* "tls11-des-ede3-cbc-hmac-sha1" */ | ||
259 | +925, /* "tls12-aes-128-cbc-hmac-sha1" */ | ||
260 | +927, /* "tls12-aes-128-cbc-hmac-sha256" */ | ||
261 | +926, /* "tls12-aes-256-cbc-hmac-sha1" */ | ||
262 | +928, /* "tls12-aes-256-cbc-hmac-sha256" */ | ||
263 | +924, /* "tls12-des-ede3-cbc-hmac-sha1" */ | ||
264 | 682, /* "tpBasis" */ | ||
265 | 436, /* "ucl" */ | ||
266 | 0, /* "undefined" */ | ||
267 | diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h | ||
268 | index f181890..5af125e 100644 | ||
269 | --- a/crypto/objects/obj_mac.h | ||
270 | +++ b/crypto/objects/obj_mac.h | ||
271 | @@ -4046,3 +4046,23 @@ | ||
272 | #define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" | ||
273 | #define NID_tls11_aes_256_cbc_hmac_sha1 923 | ||
274 | |||
275 | +#define SN_tls12_des_ede3_cbc_hmac_sha1 "TLS12-DES-EDE3-CBC-HMAC-SHA1" | ||
276 | +#define LN_tls12_des_ede3_cbc_hmac_sha1 "tls12-des-ede3-cbc-hmac-sha1" | ||
277 | +#define NID_tls12_des_ede3_cbc_hmac_sha1 924 | ||
278 | + | ||
279 | +#define SN_tls12_aes_128_cbc_hmac_sha1 "TLS12-AES-128-CBC-HMAC-SHA1" | ||
280 | +#define LN_tls12_aes_128_cbc_hmac_sha1 "tls12-aes-128-cbc-hmac-sha1" | ||
281 | +#define NID_tls12_aes_128_cbc_hmac_sha1 925 | ||
282 | + | ||
283 | +#define SN_tls12_aes_256_cbc_hmac_sha1 "TLS12-AES-256-CBC-HMAC-SHA1" | ||
284 | +#define LN_tls12_aes_256_cbc_hmac_sha1 "tls12-aes-256-cbc-hmac-sha1" | ||
285 | +#define NID_tls12_aes_256_cbc_hmac_sha1 926 | ||
286 | + | ||
287 | +#define SN_tls12_aes_128_cbc_hmac_sha256 "TLS12-AES-128-CBC-HMAC-SHA256" | ||
288 | +#define LN_tls12_aes_128_cbc_hmac_sha256 "tls12-aes-128-cbc-hmac-sha256" | ||
289 | +#define NID_tls12_aes_128_cbc_hmac_sha256 927 | ||
290 | + | ||
291 | +#define SN_tls12_aes_256_cbc_hmac_sha256 "TLS12-AES-256-CBC-HMAC-SHA256" | ||
292 | +#define LN_tls12_aes_256_cbc_hmac_sha256 "tls12-aes-256-cbc-hmac-sha256" | ||
293 | +#define NID_tls12_aes_256_cbc_hmac_sha256 928 | ||
294 | + | ||
295 | diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num | ||
296 | index a02b58c..deeba3a 100644 | ||
297 | --- a/crypto/objects/obj_mac.num | ||
298 | +++ b/crypto/objects/obj_mac.num | ||
299 | @@ -921,3 +921,8 @@ des_ede3_cbc_hmac_sha1 920 | ||
300 | tls11_des_ede3_cbc_hmac_sha1 921 | ||
301 | tls11_aes_128_cbc_hmac_sha1 922 | ||
302 | tls11_aes_256_cbc_hmac_sha1 923 | ||
303 | +tls12_des_ede3_cbc_hmac_sha1 924 | ||
304 | +tls12_aes_128_cbc_hmac_sha1 925 | ||
305 | +tls12_aes_256_cbc_hmac_sha1 926 | ||
306 | +tls12_aes_128_cbc_hmac_sha256 927 | ||
307 | +tls12_aes_256_cbc_hmac_sha256 928 | ||
308 | diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt | ||
309 | index 1973658..6e4ac93 100644 | ||
310 | --- a/crypto/objects/objects.txt | ||
311 | +++ b/crypto/objects/objects.txt | ||
312 | @@ -1294,3 +1294,8 @@ kisa 1 6 : SEED-OFB : seed-ofb | ||
313 | : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 | ||
314 | : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 | ||
315 | : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 | ||
316 | + : TLS12-DES-EDE3-CBC-HMAC-SHA1 : tls12-des-ede3-cbc-hmac-sha1 | ||
317 | + : TLS12-AES-128-CBC-HMAC-SHA1 : tls12-aes-128-cbc-hmac-sha1 | ||
318 | + : TLS12-AES-256-CBC-HMAC-SHA1 : tls12-aes-256-cbc-hmac-sha1 | ||
319 | + : TLS12-AES-128-CBC-HMAC-SHA256 : tls12-aes-128-cbc-hmac-sha256 | ||
320 | + : TLS12-AES-256-CBC-HMAC-SHA256 : tls12-aes-256-cbc-hmac-sha256 | ||
321 | diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c | ||
322 | index 0408986..77a82f6 100644 | ||
323 | --- a/ssl/ssl_ciph.c | ||
324 | +++ b/ssl/ssl_ciph.c | ||
325 | @@ -661,6 +661,31 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, | ||
326 | c->algorithm_mac == SSL_SHA1 && | ||
327 | (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) | ||
328 | *enc = evp, *md = NULL; | ||
329 | + else if (s->ssl_version == TLS1_2_VERSION && | ||
330 | + c->algorithm_enc == SSL_3DES && | ||
331 | + c->algorithm_mac == SSL_SHA1 && | ||
332 | + (evp=EVP_get_cipherbyname("TLS12-DES-EDE3-CBC-HMAC-SHA1"))) | ||
333 | + *enc = evp, *md = NULL; | ||
334 | + else if (s->ssl_version == TLS1_2_VERSION && | ||
335 | + c->algorithm_enc == SSL_AES128 && | ||
336 | + c->algorithm_mac == SSL_SHA1 && | ||
337 | + (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA1"))) | ||
338 | + *enc = evp, *md = NULL; | ||
339 | + else if (s->ssl_version == TLS1_2_VERSION && | ||
340 | + c->algorithm_enc == SSL_AES256 && | ||
341 | + c->algorithm_mac == SSL_SHA1 && | ||
342 | + (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA1"))) | ||
343 | + *enc = evp, *md = NULL; | ||
344 | + else if (s->ssl_version == TLS1_2_VERSION && | ||
345 | + c->algorithm_enc == SSL_AES128 && | ||
346 | + c->algorithm_mac == SSL_SHA256 && | ||
347 | + (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA256"))) | ||
348 | + *enc = evp, *md = NULL; | ||
349 | + else if (s->ssl_version == TLS1_2_VERSION && | ||
350 | + c->algorithm_enc == SSL_AES256 && | ||
351 | + c->algorithm_mac == SSL_SHA256 && | ||
352 | + (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA256"))) | ||
353 | + *enc = evp, *md = NULL; | ||
354 | return(1); | ||
355 | } | ||
356 | else | ||
357 | -- | ||
358 | 2.3.5 | ||
359 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch b/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch new file mode 100644 index 00000000..16cc6882 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch | |||
@@ -0,0 +1,75 @@ | |||
1 | From ea4abc255c6c5feec01cb1e30c6082cfe47860e2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 19 Feb 2015 16:11:53 +0200 | ||
4 | Subject: [PATCH 21/26] cryptodev: drop redundant function | ||
5 | |||
6 | get_dev_crypto already caches the result. Another cache in-between is | ||
7 | useless. | ||
8 | |||
9 | Change-Id: Ibd162529d3fb7a561a17f1a707d5d287c1586a3a | ||
10 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | Reviewed-on: http://git.am.freescale.net:8181/34216 | ||
12 | --- | ||
13 | crypto/engine/eng_cryptodev.c | 18 +++--------------- | ||
14 | 1 file changed, 3 insertions(+), 15 deletions(-) | ||
15 | |||
16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
17 | index fa5fe1b..1ab5551 100644 | ||
18 | --- a/crypto/engine/eng_cryptodev.c | ||
19 | +++ b/crypto/engine/eng_cryptodev.c | ||
20 | @@ -96,7 +96,6 @@ struct dev_crypto_state { | ||
21 | |||
22 | static u_int32_t cryptodev_asymfeat = 0; | ||
23 | |||
24 | -static int get_asym_dev_crypto(void); | ||
25 | static int open_dev_crypto(void); | ||
26 | static int get_dev_crypto(void); | ||
27 | static int get_cryptodev_ciphers(const int **cnids); | ||
28 | @@ -357,17 +356,6 @@ static void put_dev_crypto(int fd) | ||
29 | #endif | ||
30 | } | ||
31 | |||
32 | -/* Caching version for asym operations */ | ||
33 | -static int | ||
34 | -get_asym_dev_crypto(void) | ||
35 | -{ | ||
36 | - static int fd = -1; | ||
37 | - | ||
38 | - if (fd == -1) | ||
39 | - fd = get_dev_crypto(); | ||
40 | - return fd; | ||
41 | -} | ||
42 | - | ||
43 | /* | ||
44 | * Find out what ciphers /dev/crypto will let us have a session for. | ||
45 | * XXX note, that some of these openssl doesn't deal with yet! | ||
46 | @@ -1796,7 +1784,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | ||
47 | { | ||
48 | int fd, ret = -1; | ||
49 | |||
50 | - if ((fd = get_asym_dev_crypto()) < 0) | ||
51 | + if ((fd = get_dev_crypto()) < 0) | ||
52 | return (ret); | ||
53 | |||
54 | if (r) { | ||
55 | @@ -2374,7 +2362,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
56 | int p_len, q_len; | ||
57 | int i; | ||
58 | |||
59 | - if ((fd = get_asym_dev_crypto()) < 0) | ||
60 | + if ((fd = get_dev_crypto()) < 0) | ||
61 | goto sw_try; | ||
62 | |||
63 | if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; | ||
64 | @@ -3928,7 +3916,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | ||
65 | BIGNUM *temp = NULL; | ||
66 | unsigned char *padded_pub_key = NULL, *p = NULL; | ||
67 | |||
68 | - if ((fd = get_asym_dev_crypto()) < 0) | ||
69 | + if ((fd = get_dev_crypto()) < 0) | ||
70 | goto sw_try; | ||
71 | |||
72 | memset(&kop, 0, sizeof kop); | ||
73 | -- | ||
74 | 2.3.5 | ||
75 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch b/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch new file mode 100644 index 00000000..0b2f0f1b --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | From 75e3e7d600eb72e7374b1ecf5ece7b831bc98ed8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Tue, 17 Feb 2015 13:12:53 +0200 | ||
4 | Subject: [PATCH 22/26] cryptodev: do not zero the buffer before use | ||
5 | |||
6 | - The buffer is just about to be overwritten. Zeroing it before that has | ||
7 | no purpose | ||
8 | |||
9 | Change-Id: I478c31bd2e254561474a7edf5e37980ca04217ce | ||
10 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | Reviewed-on: http://git.am.freescale.net:8181/34217 | ||
12 | --- | ||
13 | crypto/engine/eng_cryptodev.c | 13 ++++--------- | ||
14 | 1 file changed, 4 insertions(+), 9 deletions(-) | ||
15 | |||
16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
17 | index 1ab5551..dbc5989 100644 | ||
18 | --- a/crypto/engine/eng_cryptodev.c | ||
19 | +++ b/crypto/engine/eng_cryptodev.c | ||
20 | @@ -1681,21 +1681,16 @@ static int | ||
21 | bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
22 | { | ||
23 | ssize_t bytes, bits; | ||
24 | - u_char *b; | ||
25 | - | ||
26 | - crp->crp_p = NULL; | ||
27 | - crp->crp_nbits = 0; | ||
28 | |||
29 | bits = BN_num_bits(a); | ||
30 | bytes = (bits + 7) / 8; | ||
31 | |||
32 | - b = malloc(bytes); | ||
33 | - if (b == NULL) | ||
34 | + crp->crp_nbits = bits; | ||
35 | + crp->crp_p = malloc(bytes); | ||
36 | + | ||
37 | + if (crp->crp_p == NULL) | ||
38 | return (1); | ||
39 | - memset(b, 0, bytes); | ||
40 | |||
41 | - crp->crp_p = (caddr_t) b; | ||
42 | - crp->crp_nbits = bits; | ||
43 | BN_bn2bin(a, crp->crp_p); | ||
44 | return (0); | ||
45 | } | ||
46 | -- | ||
47 | 2.3.5 | ||
48 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch b/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch new file mode 100644 index 00000000..5ff1c5ca --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch | |||
@@ -0,0 +1,72 @@ | |||
1 | From 4453b06b940fc03a0973cfd96f908e46cce61054 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Wed, 18 Feb 2015 10:39:46 +0200 | ||
4 | Subject: [PATCH 23/26] cryptodev: clean-up code layout | ||
5 | |||
6 | This is just a refactoring that uses else branch to check for malloc failures | ||
7 | |||
8 | Change-Id: I6dc157af36d6ec51a4edfc82cf97fae2e7e83628 | ||
9 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
10 | Reviewed-on: http://git.am.freescale.net:8181/34218 | ||
11 | --- | ||
12 | crypto/engine/eng_cryptodev.c | 42 ++++++++++++++++++++---------------------- | ||
13 | 1 file changed, 20 insertions(+), 22 deletions(-) | ||
14 | |||
15 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
16 | index dbc5989..dceb4f5 100644 | ||
17 | --- a/crypto/engine/eng_cryptodev.c | ||
18 | +++ b/crypto/engine/eng_cryptodev.c | ||
19 | @@ -1745,30 +1745,28 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, | ||
20 | fd = *(int *)cookie->eng_handle; | ||
21 | |||
22 | eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); | ||
23 | - | ||
24 | - if (eng_cookie) { | ||
25 | - memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); | ||
26 | - if (r) { | ||
27 | - kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); | ||
28 | - if (!kop->crk_param[kop->crk_iparams].crp_p) | ||
29 | - return -ENOMEM; | ||
30 | - kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; | ||
31 | - kop->crk_oparams++; | ||
32 | - eng_cookie->r = r; | ||
33 | - eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; | ||
34 | - } | ||
35 | - if (s) { | ||
36 | - kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); | ||
37 | - if (!kop->crk_param[kop->crk_iparams+1].crp_p) | ||
38 | - return -ENOMEM; | ||
39 | - kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; | ||
40 | - kop->crk_oparams++; | ||
41 | - eng_cookie->s = s; | ||
42 | - eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; | ||
43 | - } | ||
44 | - } else | ||
45 | + if (!eng_cookie) | ||
46 | return -ENOMEM; | ||
47 | |||
48 | + memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); | ||
49 | + if (r) { | ||
50 | + kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); | ||
51 | + if (!kop->crk_param[kop->crk_iparams].crp_p) | ||
52 | + return -ENOMEM; | ||
53 | + kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; | ||
54 | + kop->crk_oparams++; | ||
55 | + eng_cookie->r = r; | ||
56 | + eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; | ||
57 | + } | ||
58 | + if (s) { | ||
59 | + kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); | ||
60 | + if (!kop->crk_param[kop->crk_iparams+1].crp_p) | ||
61 | + return -ENOMEM; | ||
62 | + kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; | ||
63 | + kop->crk_oparams++; | ||
64 | + eng_cookie->s = s; | ||
65 | + eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; | ||
66 | + } | ||
67 | eng_cookie->kop = kop; | ||
68 | cookie->eng_cookie = eng_cookie; | ||
69 | return ioctl(fd, CIOCASYMASYNCRYPT, kop); | ||
70 | -- | ||
71 | 2.3.5 | ||
72 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch b/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch new file mode 100644 index 00000000..e798d3e2 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch | |||
@@ -0,0 +1,100 @@ | |||
1 | From a44701abd995b3db80001d0c5d88e9ead05972c1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 19 Feb 2015 16:43:29 +0200 | ||
4 | Subject: [PATCH 24/26] cryptodev: do not cache file descriptor in 'open' | ||
5 | |||
6 | The file descriptor returned by get_dev_crypto is cached after a | ||
7 | successful return. The issue is, it is cached inside 'open_dev_crypto' | ||
8 | which is no longer useful as a general purpose open("/dev/crypto") | ||
9 | function. | ||
10 | |||
11 | This patch is a refactoring that moves the caching operation from | ||
12 | open_dev_crypto to get_dev_crypto and leaves the former as a simpler | ||
13 | function true to its name | ||
14 | |||
15 | Change-Id: I980170969410381973ce75f6679a4a1401738847 | ||
16 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
17 | Reviewed-on: http://git.am.freescale.net:8181/34219 | ||
18 | --- | ||
19 | crypto/engine/eng_cryptodev.c | 50 +++++++++++++++++++++---------------------- | ||
20 | 1 file changed, 24 insertions(+), 26 deletions(-) | ||
21 | |||
22 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
23 | index dceb4f5..b74fc7c 100644 | ||
24 | --- a/crypto/engine/eng_cryptodev.c | ||
25 | +++ b/crypto/engine/eng_cryptodev.c | ||
26 | @@ -306,47 +306,45 @@ static void ctr64_inc(unsigned char *counter) { | ||
27 | if (c) return; | ||
28 | } while (n); | ||
29 | } | ||
30 | -/* | ||
31 | - * Return a fd if /dev/crypto seems usable, 0 otherwise. | ||
32 | - */ | ||
33 | -static int | ||
34 | -open_dev_crypto(void) | ||
35 | + | ||
36 | +static int open_dev_crypto(void) | ||
37 | { | ||
38 | - static int fd = -1; | ||
39 | + int fd; | ||
40 | |||
41 | - if (fd == -1) { | ||
42 | - if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) | ||
43 | - return (-1); | ||
44 | - /* close on exec */ | ||
45 | - if (fcntl(fd, F_SETFD, 1) == -1) { | ||
46 | - close(fd); | ||
47 | - fd = -1; | ||
48 | - return (-1); | ||
49 | - } | ||
50 | + fd = open("/dev/crypto", O_RDWR, 0); | ||
51 | + if ( fd < 0) | ||
52 | + return -1; | ||
53 | + | ||
54 | + /* close on exec */ | ||
55 | + if (fcntl(fd, F_SETFD, 1) == -1) { | ||
56 | + close(fd); | ||
57 | + return -1; | ||
58 | } | ||
59 | - return (fd); | ||
60 | + | ||
61 | + return fd; | ||
62 | } | ||
63 | |||
64 | -static int | ||
65 | -get_dev_crypto(void) | ||
66 | +static int get_dev_crypto(void) | ||
67 | { | ||
68 | - int fd, retfd; | ||
69 | + static int fd = -1; | ||
70 | + int retfd; | ||
71 | |||
72 | - if ((fd = open_dev_crypto()) == -1) | ||
73 | - return (-1); | ||
74 | -#ifndef CRIOGET_NOT_NEEDED | ||
75 | + if (fd == -1) | ||
76 | + fd = open_dev_crypto(); | ||
77 | +#ifdef CRIOGET_NOT_NEEDED | ||
78 | + return fd; | ||
79 | +#else | ||
80 | + if (fd == -1) | ||
81 | + return -1; | ||
82 | if (ioctl(fd, CRIOGET, &retfd) == -1) | ||
83 | return (-1); | ||
84 | - | ||
85 | /* close on exec */ | ||
86 | if (fcntl(retfd, F_SETFD, 1) == -1) { | ||
87 | close(retfd); | ||
88 | return (-1); | ||
89 | } | ||
90 | -#else | ||
91 | - retfd = fd; | ||
92 | + return retfd; | ||
93 | #endif | ||
94 | - return (retfd); | ||
95 | } | ||
96 | |||
97 | static void put_dev_crypto(int fd) | ||
98 | -- | ||
99 | 2.3.5 | ||
100 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch b/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch new file mode 100644 index 00000000..a48dc6a6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | From 84a8007b6e92fe4c2696cc9e330207ee03303a20 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 19 Feb 2015 13:09:32 +0200 | ||
4 | Subject: [PATCH 25/26] cryptodev: put_dev_crypto should be an int | ||
5 | |||
6 | Change-Id: Ie0a83bc07a37132286c098b17ef35d98de74b043 | ||
7 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
8 | Reviewed-on: http://git.am.freescale.net:8181/34220 | ||
9 | --- | ||
10 | crypto/engine/eng_cryptodev.c | 8 +++++--- | ||
11 | 1 file changed, 5 insertions(+), 3 deletions(-) | ||
12 | |||
13 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
14 | index b74fc7c..c9db27d 100644 | ||
15 | --- a/crypto/engine/eng_cryptodev.c | ||
16 | +++ b/crypto/engine/eng_cryptodev.c | ||
17 | @@ -347,10 +347,12 @@ static int get_dev_crypto(void) | ||
18 | #endif | ||
19 | } | ||
20 | |||
21 | -static void put_dev_crypto(int fd) | ||
22 | +static int put_dev_crypto(int fd) | ||
23 | { | ||
24 | -#ifndef CRIOGET_NOT_NEEDED | ||
25 | - close(fd); | ||
26 | +#ifdef CRIOGET_NOT_NEEDED | ||
27 | + return 0; | ||
28 | +#else | ||
29 | + return close(fd); | ||
30 | #endif | ||
31 | } | ||
32 | |||
33 | -- | ||
34 | 2.3.5 | ||
35 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch b/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch new file mode 100644 index 00000000..6527ac8f --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch | |||
@@ -0,0 +1,250 @@ | |||
1 | From 787539e7720c99785f6c664a7484842bba08f6ed Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 19 Feb 2015 13:39:52 +0200 | ||
4 | Subject: [PATCH 26/26] cryptodev: simplify cryptodev pkc support code | ||
5 | |||
6 | - Engine init returns directly a file descriptor instead of a pointer to one | ||
7 | - Similarly, the Engine close will now just close the file | ||
8 | |||
9 | Change-Id: Ief736d0776c7009dee002204fb1d4ce9d31c8787 | ||
10 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | Reviewed-on: http://git.am.freescale.net:8181/34221 | ||
12 | --- | ||
13 | crypto/crypto.h | 2 +- | ||
14 | crypto/engine/eng_cryptodev.c | 35 +++----------------------- | ||
15 | crypto/engine/eng_int.h | 14 +++-------- | ||
16 | crypto/engine/eng_lib.c | 57 +++++++++++++++++++++---------------------- | ||
17 | crypto/engine/engine.h | 13 +++++----- | ||
18 | 5 files changed, 42 insertions(+), 79 deletions(-) | ||
19 | |||
20 | diff --git a/crypto/crypto.h b/crypto/crypto.h | ||
21 | index ce12731..292427e 100644 | ||
22 | --- a/crypto/crypto.h | ||
23 | +++ b/crypto/crypto.h | ||
24 | @@ -618,7 +618,7 @@ struct pkc_cookie_s { | ||
25 | * -EINVAL: Parameters Invalid | ||
26 | */ | ||
27 | void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); | ||
28 | - void *eng_handle; | ||
29 | + int eng_handle; | ||
30 | }; | ||
31 | |||
32 | #ifdef __cplusplus | ||
33 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
34 | index c9db27d..f173bde 100644 | ||
35 | --- a/crypto/engine/eng_cryptodev.c | ||
36 | +++ b/crypto/engine/eng_cryptodev.c | ||
37 | @@ -1742,7 +1742,7 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, | ||
38 | struct pkc_cookie_s *cookie = kop->cookie; | ||
39 | struct cryptodev_cookie_s *eng_cookie; | ||
40 | |||
41 | - fd = *(int *)cookie->eng_handle; | ||
42 | + fd = cookie->eng_handle; | ||
43 | |||
44 | eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); | ||
45 | if (!eng_cookie) | ||
46 | @@ -1802,38 +1802,11 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | ||
47 | return (ret); | ||
48 | } | ||
49 | |||
50 | -/* Close an opened instance of cryptodev engine */ | ||
51 | -void cryptodev_close_instance(void *handle) | ||
52 | -{ | ||
53 | - int fd; | ||
54 | - | ||
55 | - if (handle) { | ||
56 | - fd = *(int *)handle; | ||
57 | - close(fd); | ||
58 | - free(handle); | ||
59 | - } | ||
60 | -} | ||
61 | - | ||
62 | -/* Create an instance of cryptodev for asynchronous interface */ | ||
63 | -void *cryptodev_init_instance(void) | ||
64 | -{ | ||
65 | - int *fd = malloc(sizeof(int)); | ||
66 | - | ||
67 | - if (fd) { | ||
68 | - if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { | ||
69 | - free(fd); | ||
70 | - return NULL; | ||
71 | - } | ||
72 | - } | ||
73 | - return fd; | ||
74 | -} | ||
75 | - | ||
76 | #include <poll.h> | ||
77 | |||
78 | /* Return 0 on success and 1 on failure */ | ||
79 | -int cryptodev_check_availability(void *eng_handle) | ||
80 | +int cryptodev_check_availability(int fd) | ||
81 | { | ||
82 | - int fd = *(int *)eng_handle; | ||
83 | struct pkc_cookie_list_s cookie_list; | ||
84 | struct pkc_cookie_s *cookie; | ||
85 | int i; | ||
86 | @@ -4540,8 +4513,8 @@ ENGINE_load_cryptodev(void) | ||
87 | } | ||
88 | |||
89 | ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); | ||
90 | - ENGINE_set_close_instance(engine, cryptodev_close_instance); | ||
91 | - ENGINE_set_init_instance(engine, cryptodev_init_instance); | ||
92 | + ENGINE_set_close_instance(engine, put_dev_crypto); | ||
93 | + ENGINE_set_open_instance(engine, open_dev_crypto); | ||
94 | ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); | ||
95 | |||
96 | ENGINE_add(engine); | ||
97 | diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h | ||
98 | index 8fc3077..8fb79c0 100644 | ||
99 | --- a/crypto/engine/eng_int.h | ||
100 | +++ b/crypto/engine/eng_int.h | ||
101 | @@ -181,23 +181,15 @@ struct engine_st | ||
102 | ENGINE_LOAD_KEY_PTR load_pubkey; | ||
103 | |||
104 | ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; | ||
105 | - /* | ||
106 | - * Instantiate Engine handle to be passed in check_pkc_availability | ||
107 | - * Ensure that Engine is instantiated before any pkc asynchronous call. | ||
108 | - */ | ||
109 | - void *(*engine_init_instance)(void); | ||
110 | - /* | ||
111 | - * Instantiated Engine handle will be closed with this call. | ||
112 | - * Ensure that no pkc asynchronous call is made after this call | ||
113 | - */ | ||
114 | - void (*engine_close_instance)(void *handle); | ||
115 | + int (*engine_open_instance)(void); | ||
116 | + int (*engine_close_instance)(int fd); | ||
117 | /* | ||
118 | * Check availability will extract the data from kernel. | ||
119 | * eng_handle: This is the Engine handle corresponds to which | ||
120 | * the cookies needs to be polled. | ||
121 | * return 0 if cookie available else 1 | ||
122 | */ | ||
123 | - int (*check_pkc_availability)(void *eng_handle); | ||
124 | + int (*check_pkc_availability)(int fd); | ||
125 | /* | ||
126 | * The following map is used to check if the engine supports asynchronous implementation | ||
127 | * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous | ||
128 | diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c | ||
129 | index 6fa621c..6c9471b 100644 | ||
130 | --- a/crypto/engine/eng_lib.c | ||
131 | +++ b/crypto/engine/eng_lib.c | ||
132 | @@ -99,7 +99,7 @@ void engine_set_all_null(ENGINE *e) | ||
133 | e->load_privkey = NULL; | ||
134 | e->load_pubkey = NULL; | ||
135 | e->check_pkc_availability = NULL; | ||
136 | - e->engine_init_instance = NULL; | ||
137 | + e->engine_open_instance = NULL; | ||
138 | e->engine_close_instance = NULL; | ||
139 | e->cmd_defns = NULL; | ||
140 | e->async_map = 0; | ||
141 | @@ -237,47 +237,46 @@ int ENGINE_set_id(ENGINE *e, const char *id) | ||
142 | return 1; | ||
143 | } | ||
144 | |||
145 | -void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) | ||
146 | - { | ||
147 | - e->engine_init_instance = engine_init_instance; | ||
148 | - } | ||
149 | +void ENGINE_set_open_instance(ENGINE *e, int (*engine_open_instance)(void)) | ||
150 | +{ | ||
151 | + e->engine_open_instance = engine_open_instance; | ||
152 | +} | ||
153 | |||
154 | -void ENGINE_set_close_instance(ENGINE *e, | ||
155 | - void (*engine_close_instance)(void *)) | ||
156 | - { | ||
157 | - e->engine_close_instance = engine_close_instance; | ||
158 | - } | ||
159 | +void ENGINE_set_close_instance(ENGINE *e, int (*engine_close_instance)(int)) | ||
160 | +{ | ||
161 | + e->engine_close_instance = engine_close_instance; | ||
162 | +} | ||
163 | |||
164 | void ENGINE_set_async_map(ENGINE *e, int async_map) | ||
165 | { | ||
166 | e->async_map = async_map; | ||
167 | } | ||
168 | |||
169 | -void *ENGINE_init_instance(ENGINE *e) | ||
170 | - { | ||
171 | - return e->engine_init_instance(); | ||
172 | - } | ||
173 | - | ||
174 | -void ENGINE_close_instance(ENGINE *e, void *eng_handle) | ||
175 | - { | ||
176 | - e->engine_close_instance(eng_handle); | ||
177 | - } | ||
178 | - | ||
179 | int ENGINE_get_async_map(ENGINE *e) | ||
180 | { | ||
181 | return e->async_map; | ||
182 | } | ||
183 | |||
184 | -void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
185 | - int (*check_pkc_availability)(void *eng_handle)) | ||
186 | - { | ||
187 | - e->check_pkc_availability = check_pkc_availability; | ||
188 | - } | ||
189 | +int ENGINE_open_instance(ENGINE *e) | ||
190 | +{ | ||
191 | + return e->engine_open_instance(); | ||
192 | +} | ||
193 | |||
194 | -int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) | ||
195 | - { | ||
196 | - return e->check_pkc_availability(eng_handle); | ||
197 | - } | ||
198 | +int ENGINE_close_instance(ENGINE *e, int fd) | ||
199 | +{ | ||
200 | + return e->engine_close_instance(fd); | ||
201 | +} | ||
202 | + | ||
203 | +void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
204 | + int (*check_pkc_availability)(int fd)) | ||
205 | +{ | ||
206 | + e->check_pkc_availability = check_pkc_availability; | ||
207 | +} | ||
208 | + | ||
209 | +int ENGINE_check_pkc_availability(ENGINE *e, int fd) | ||
210 | +{ | ||
211 | + return e->check_pkc_availability(fd); | ||
212 | +} | ||
213 | |||
214 | int ENGINE_set_name(ENGINE *e, const char *name) | ||
215 | { | ||
216 | diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h | ||
217 | index ccff86a..3ba3e97 100644 | ||
218 | --- a/crypto/engine/engine.h | ||
219 | +++ b/crypto/engine/engine.h | ||
220 | @@ -473,9 +473,6 @@ ENGINE *ENGINE_new(void); | ||
221 | int ENGINE_free(ENGINE *e); | ||
222 | int ENGINE_up_ref(ENGINE *e); | ||
223 | int ENGINE_set_id(ENGINE *e, const char *id); | ||
224 | -void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); | ||
225 | -void ENGINE_set_close_instance(ENGINE *e, | ||
226 | - void (*engine_free_instance)(void *)); | ||
227 | /* | ||
228 | * Following FLAGS are bitmap store in async_map to set asynchronous interface capability | ||
229 | *of the engine | ||
230 | @@ -492,11 +489,13 @@ void ENGINE_set_async_map(ENGINE *e, int async_map); | ||
231 | * to confirm asynchronous methods supported | ||
232 | */ | ||
233 | int ENGINE_get_async_map(ENGINE *e); | ||
234 | -void *ENGINE_init_instance(ENGINE *e); | ||
235 | -void ENGINE_close_instance(ENGINE *e, void *eng_handle); | ||
236 | +int ENGINE_open_instance(ENGINE *e); | ||
237 | +int ENGINE_close_instance(ENGINE *e, int fd); | ||
238 | +void ENGINE_set_init_instance(ENGINE *e, int(*engine_init_instance)(void)); | ||
239 | +void ENGINE_set_close_instance(ENGINE *e, int(*engine_close_instance)(int)); | ||
240 | void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
241 | - int (*check_pkc_availability)(void *eng_handle)); | ||
242 | -int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); | ||
243 | + int (*check_pkc_availability)(int fd)); | ||
244 | +int ENGINE_check_pkc_availability(ENGINE *e, int fd); | ||
245 | int ENGINE_set_name(ENGINE *e, const char *name); | ||
246 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); | ||
247 | int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); | ||
248 | -- | ||
249 | 2.3.5 | ||
250 | |||