diff options
| author | Ting Liu <ting.liu@nxp.com> | 2015-07-29 18:11:18 -0300 |
|---|---|---|
| committer | Zhenhua Luo <zhenhua.luo@nxp.com> | 2016-06-23 10:58:51 +0800 |
| commit | 4cc0cf8255a3726fe3f6cbbe1a877fe2fab7edc6 (patch) | |
| tree | ed1a4cf255057afd5556c1f60fd63b7f1b414f6a /recipes-connectivity/openssl/openssl-qoriq/qoriq/0016-Fixed-DH-keygen-pair-generator.patch | |
| parent | 41d1478e1294d06f0cce58fe847c0b0f1706b808 (diff) | |
| download | meta-fsl-ppc-4cc0cf8255a3726fe3f6cbbe1a877fe2fab7edc6.tar.gz | |
openssl: rename to openssl-qoriq
The QorIQ version of openssl needs to use another recipe name and have
a common provider, which is than choosen for QorIQ-based machines.
The recipe is now called 'openssl-qoriq' and it provides openssl so
the preferrence is set just for QorIQ based machines.
Signed-off-by: Ting Liu <ting.liu@nxp.com>
Diffstat (limited to 'recipes-connectivity/openssl/openssl-qoriq/qoriq/0016-Fixed-DH-keygen-pair-generator.patch')
| -rw-r--r-- | recipes-connectivity/openssl/openssl-qoriq/qoriq/0016-Fixed-DH-keygen-pair-generator.patch | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl-qoriq/qoriq/0016-Fixed-DH-keygen-pair-generator.patch b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0016-Fixed-DH-keygen-pair-generator.patch new file mode 100644 index 0000000..8923cb6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0016-Fixed-DH-keygen-pair-generator.patch | |||
| @@ -0,0 +1,100 @@ | |||
| 1 | From d2c868c6370bcc0d0a254e641907da2cdf992d62 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
| 3 | Date: Thu, 1 May 2014 06:35:45 +0545 | ||
| 4 | Subject: [PATCH 16/26] Fixed DH keygen pair generator | ||
| 5 | |||
| 6 | Upstream-status: Pending | ||
| 7 | |||
| 8 | Wrong Padding results into keygen length error | ||
| 9 | |||
| 10 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
| 11 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
| 12 | --- | ||
| 13 | crypto/engine/eng_cryptodev.c | 50 ++++++++++++++++++++++++++++--------------- | ||
| 14 | 1 file changed, 33 insertions(+), 17 deletions(-) | ||
| 15 | |||
| 16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
| 17 | index dab8fea..13d924f 100644 | ||
| 18 | --- a/crypto/engine/eng_cryptodev.c | ||
| 19 | +++ b/crypto/engine/eng_cryptodev.c | ||
| 20 | @@ -3396,44 +3396,60 @@ sw_try: | ||
| 21 | static int cryptodev_dh_keygen(DH *dh) | ||
| 22 | { | ||
| 23 | struct crypt_kop kop; | ||
| 24 | - int ret = 1, g_len; | ||
| 25 | - unsigned char *g = NULL; | ||
| 26 | + int ret = 1, q_len = 0; | ||
| 27 | + unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; | ||
| 28 | + BIGNUM *pub_key = NULL, *priv_key = NULL; | ||
| 29 | + int generate_new_key = 1; | ||
| 30 | |||
| 31 | - if (dh->priv_key == NULL) { | ||
| 32 | - if ((dh->priv_key=BN_new()) == NULL) | ||
| 33 | - goto sw_try; | ||
| 34 | - } | ||
| 35 | + if (dh->priv_key) | ||
| 36 | + priv_key = dh->priv_key; | ||
| 37 | |||
| 38 | - if (dh->pub_key == NULL) { | ||
| 39 | - if ((dh->pub_key=BN_new()) == NULL) | ||
| 40 | - goto sw_try; | ||
| 41 | - } | ||
| 42 | + if (dh->pub_key) | ||
| 43 | + pub_key = dh->pub_key; | ||
| 44 | |||
| 45 | - g_len = BN_num_bytes(dh->p); | ||
| 46 | + q_len = BN_num_bytes(dh->p); | ||
| 47 | /** | ||
| 48 | * Get generator into a plain buffer. If length is less than | ||
| 49 | * q_len then add leading padding bytes. | ||
| 50 | */ | ||
| 51 | - if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
| 52 | + if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { | ||
| 53 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
| 54 | + goto sw_try; | ||
| 55 | + } | ||
| 56 | + | ||
| 57 | + if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { | ||
| 58 | DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
| 59 | goto sw_try; | ||
| 60 | } | ||
| 61 | |||
| 62 | memset(&kop, 0, sizeof kop); | ||
| 63 | kop.crk_op = CRK_DH_GENERATE_KEY; | ||
| 64 | - if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
| 65 | - goto sw_try; | ||
| 66 | + kop.crk_param[0].crp_p = q; | ||
| 67 | + kop.crk_param[0].crp_nbits = q_len * 8; | ||
| 68 | if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) | ||
| 69 | goto sw_try; | ||
| 70 | kop.crk_param[2].crp_p = g; | ||
| 71 | - kop.crk_param[2].crp_nbits = g_len * 8; | ||
| 72 | + kop.crk_param[2].crp_nbits = q_len * 8; | ||
| 73 | kop.crk_iparams = 3; | ||
| 74 | |||
| 75 | + s = OPENSSL_malloc (q_len); | ||
| 76 | + if (!s) { | ||
| 77 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
| 78 | + goto sw_try; | ||
| 79 | + } | ||
| 80 | + | ||
| 81 | + w = OPENSSL_malloc (q_len); | ||
| 82 | + if (!w) { | ||
| 83 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
| 84 | + goto sw_try; | ||
| 85 | + } | ||
| 86 | + | ||
| 87 | /* pub_key is or prime length while priv key is of length of order */ | ||
| 88 | - if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, | ||
| 89 | - BN_num_bytes(dh->q), dh->priv_key)) | ||
| 90 | + if (cryptodev_asym(&kop, q_len, w, q_len, s)) | ||
| 91 | goto sw_try; | ||
| 92 | |||
| 93 | + dh->pub_key = BN_bin2bn(w, q_len, pub_key); | ||
| 94 | + dh->pub_key = BN_bin2bn(s, q_len, priv_key); | ||
| 95 | return ret; | ||
| 96 | sw_try: | ||
| 97 | { | ||
| 98 | -- | ||
| 99 | 2.3.5 | ||
| 100 | |||