diff options
author | Ting Liu <b28495@freescale.com> | 2014-06-14 13:25:20 +0800 |
---|---|---|
committer | Zhenhua Luo <zhenhua.luo@freescale.com> | 2014-07-11 13:35:09 +0800 |
commit | 6153043bfeefce698a08231a2ed1a52e442574fc (patch) | |
tree | 4256e31a741a7d658f55cb7c2d64b50316b76ff0 /recipes-connectivity | |
parent | c4524b65fbfdacbad625c749e191e8e62be6593c (diff) | |
download | meta-fsl-ppc-6153043bfeefce698a08231a2ed1a52e442574fc.tar.gz |
openssl: use fsl maintained source
add bbappend to use fsl own openssl source code which was tested
Signed-off-by: Ting Liu <b28495@freescale.com>
Diffstat (limited to 'recipes-connectivity')
16 files changed, 5137 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch new file mode 100644 index 0000000..eae6878 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch | |||
@@ -0,0 +1,83 @@ | |||
1 | From f174dd904fb4995a89eed53be3e2ebf7bee25a9b Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Tue, 10 Sep 2013 12:46:46 +0300 | ||
4 | Subject: [PATCH][fsl 01/15] remove double initialization of cryptodev engine | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | cryptodev engine is initialized together with the other engines in | ||
9 | ENGINE_load_builtin_engines. The initialization done through | ||
10 | OpenSSL_add_all_algorithms is redundant. | ||
11 | |||
12 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
13 | --- | ||
14 | crypto/engine/eng_all.c | 11 ----------- | ||
15 | crypto/engine/engine.h | 4 ---- | ||
16 | crypto/evp/c_all.c | 5 ----- | ||
17 | util/libeay.num | 2 +- | ||
18 | 4 files changed, 1 insertion(+), 21 deletions(-) | ||
19 | |||
20 | diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c | ||
21 | index 6093376..f16c043 100644 | ||
22 | --- a/crypto/engine/eng_all.c | ||
23 | +++ b/crypto/engine/eng_all.c | ||
24 | @@ -122,14 +122,3 @@ void ENGINE_load_builtin_engines(void) | ||
25 | #endif | ||
26 | ENGINE_register_all_complete(); | ||
27 | } | ||
28 | - | ||
29 | -#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) | ||
30 | -void ENGINE_setup_bsd_cryptodev(void) { | ||
31 | - static int bsd_cryptodev_default_loaded = 0; | ||
32 | - if (!bsd_cryptodev_default_loaded) { | ||
33 | - ENGINE_load_cryptodev(); | ||
34 | - ENGINE_register_all_complete(); | ||
35 | - } | ||
36 | - bsd_cryptodev_default_loaded=1; | ||
37 | -} | ||
38 | -#endif | ||
39 | diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h | ||
40 | index f8be497..237a6c9 100644 | ||
41 | --- a/crypto/engine/engine.h | ||
42 | +++ b/crypto/engine/engine.h | ||
43 | @@ -740,10 +740,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, | ||
44 | * values. */ | ||
45 | void *ENGINE_get_static_state(void); | ||
46 | |||
47 | -#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) | ||
48 | -void ENGINE_setup_bsd_cryptodev(void); | ||
49 | -#endif | ||
50 | - | ||
51 | /* BEGIN ERROR CODES */ | ||
52 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
53 | * made after this point may be overwritten when the script is next run. | ||
54 | diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c | ||
55 | index 766c4ce..5d6c21b 100644 | ||
56 | --- a/crypto/evp/c_all.c | ||
57 | +++ b/crypto/evp/c_all.c | ||
58 | @@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void) | ||
59 | OPENSSL_cpuid_setup(); | ||
60 | OpenSSL_add_all_ciphers(); | ||
61 | OpenSSL_add_all_digests(); | ||
62 | -#ifndef OPENSSL_NO_ENGINE | ||
63 | -# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) | ||
64 | - ENGINE_setup_bsd_cryptodev(); | ||
65 | -# endif | ||
66 | -#endif | ||
67 | } | ||
68 | diff --git a/util/libeay.num b/util/libeay.num | ||
69 | index aa86b2b..ae50040 100755 | ||
70 | --- a/util/libeay.num | ||
71 | +++ b/util/libeay.num | ||
72 | @@ -2801,7 +2801,7 @@ BIO_indent 3242 EXIST::FUNCTION: | ||
73 | BUF_strlcpy 3243 EXIST::FUNCTION: | ||
74 | OpenSSLDie 3244 EXIST::FUNCTION: | ||
75 | OPENSSL_cleanse 3245 EXIST::FUNCTION: | ||
76 | -ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE | ||
77 | +ENGINE_setup_bsd_cryptodev 3246 NOEXIST::FUNCTION: | ||
78 | ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH | ||
79 | EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES | ||
80 | FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: | ||
81 | -- | ||
82 | 1.7.9.7 | ||
83 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch b/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch new file mode 100644 index 0000000..717a345 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch | |||
@@ -0,0 +1,318 @@ | |||
1 | From 154601fba4907a7eb3f98e670d62cfa15a767500 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 05:56:54 +0545 | ||
4 | Subject: [PATCH][fsl 02/15] ECC Support header for Cryptodev Engine | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | crypto/engine/eng_cryptodev_ec.h | 296 ++++++++++++++++++++++++++++++++++++++ | ||
11 | 1 file changed, 296 insertions(+) | ||
12 | create mode 100644 crypto/engine/eng_cryptodev_ec.h | ||
13 | |||
14 | diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h | ||
15 | new file mode 100644 | ||
16 | index 0000000..77aee71 | ||
17 | --- /dev/null | ||
18 | +++ b/crypto/engine/eng_cryptodev_ec.h | ||
19 | @@ -0,0 +1,296 @@ | ||
20 | +/* | ||
21 | + * Copyright (C) 2012 Freescale Semiconductor, Inc. | ||
22 | + * | ||
23 | + * Redistribution and use in source and binary forms, with or without | ||
24 | + * modification, are permitted provided that the following conditions | ||
25 | + * are met: | ||
26 | + * 1. Redistributions of source code must retain the above copyright | ||
27 | + * notice, this list of conditions and the following disclaimer. | ||
28 | + * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | + * notice, this list of conditions and the following disclaimer in the | ||
30 | + * documentation and/or other materials provided with the distribution. | ||
31 | + * | ||
32 | + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
33 | + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
34 | + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN | ||
35 | + * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
36 | + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED | ||
37 | + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | ||
38 | + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF | ||
39 | + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | ||
40 | + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
41 | + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
42 | + */ | ||
43 | +#ifndef __ENG_EC_H | ||
44 | +#define __ENG_EC_H | ||
45 | + | ||
46 | +#define SPCF_CPARAM_INIT(X,...) \ | ||
47 | +static unsigned char X##_c[] = {__VA_ARGS__} \ | ||
48 | + | ||
49 | +#define SPCF_FREE_BN(X) do { if(X) { BN_clear_free(X); X = NULL; } } while (0) | ||
50 | + | ||
51 | +#define SPCF_COPY_CPARAMS(NIDBUF) \ | ||
52 | + do { \ | ||
53 | + memcpy (buf, NIDBUF, buf_len); \ | ||
54 | + } while (0) | ||
55 | + | ||
56 | +#define SPCF_CPARAM_CASE(X) \ | ||
57 | + case NID_##X: \ | ||
58 | + SPCF_COPY_CPARAMS(X##_c); \ | ||
59 | + break | ||
60 | + | ||
61 | +SPCF_CPARAM_INIT(sect113r1, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, 0xEC, 0x76, | ||
62 | + 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); | ||
63 | +SPCF_CPARAM_INIT(sect113r2, 0x00, 0x54, 0xD9, 0xF0, 0x39, 0x57, 0x17, 0x4A, | ||
64 | + 0x32, 0x32, 0x91, 0x67, 0xD7, 0xFE, 0x71); | ||
65 | +SPCF_CPARAM_INIT(sect131r1, 0x03, 0xDB, 0x89, 0xB4, 0x05, 0xE4, 0x91, 0x16, | ||
66 | + 0x0E, 0x3B, 0x2F, 0x07, 0xB0, 0xCE, 0x20, 0xB3, 0x7E); | ||
67 | +SPCF_CPARAM_INIT(sect131r2, 0x07, 0xCB, 0xB9, 0x92, 0x0D, 0x71, 0xA4, 0x8E, | ||
68 | + 0x09, 0x9C, 0x38, 0xD7, 0x1D, 0xA6, 0x49, 0x0E, 0xB1); | ||
69 | +SPCF_CPARAM_INIT(sect163k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
70 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
71 | + 0x00, 0x00, 0x01); | ||
72 | +SPCF_CPARAM_INIT(sect163r1, 0x05, 0xED, 0x40, 0x3E, 0xD5, 0x8E, 0xB4, 0x5B, | ||
73 | + 0x1C, 0xCE, 0xCA, 0x0F, 0x4F, 0x61, 0x65, 0x55, 0x49, 0x86, | ||
74 | + 0x1B, 0xE0, 0x52); | ||
75 | +SPCF_CPARAM_INIT(sect163r2, 0x07, 0x2C, 0x4E, 0x1E, 0xF7, 0xCB, 0x2F, 0x3A, | ||
76 | + 0x03, 0x5D, 0x33, 0x10, 0x42, 0x94, 0x15, 0x96, 0x09, 0x13, | ||
77 | + 0x8B, 0xB4, 0x04); | ||
78 | +SPCF_CPARAM_INIT(sect193r1, 0x01, 0x67, 0xB3, 0x5E, 0xB4, 0x31, 0x3F, 0x26, | ||
79 | + 0x3D, 0x0F, 0x7A, 0x3D, 0x50, 0x36, 0xF0, 0xA0, 0xA3, 0xC9, | ||
80 | + 0x80, 0xD4, 0x0E, 0x5A, 0x05, 0x3E, 0xD2); | ||
81 | +SPCF_CPARAM_INIT(sect193r2, 0x00, 0x69, 0x89, 0xFE, 0x6B, 0xFE, 0x30, 0xED, | ||
82 | + 0xDC, 0x32, 0x44, 0x26, 0x9F, 0x3A, 0xAD, 0x18, 0xD6, 0x6C, | ||
83 | + 0xF3, 0xDB, 0x3E, 0x33, 0x02, 0xFA, 0xA8); | ||
84 | +SPCF_CPARAM_INIT(sect233k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
85 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
86 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
87 | + 0x00, 0x01); | ||
88 | +SPCF_CPARAM_INIT(sect233r1, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, 0xDF, 0xF1, | ||
89 | + 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, 0xCE, 0x35, | ||
90 | + 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, 0xC0, 0xF2, | ||
91 | + 0x68, 0x6C); | ||
92 | +SPCF_CPARAM_INIT(sect239k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
93 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
94 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
95 | + 0x00, 0x01); | ||
96 | +SPCF_CPARAM_INIT(sect283k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
97 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
98 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
99 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); | ||
100 | +SPCF_CPARAM_INIT(sect283r1, 0x03, 0xD8, 0xC9, 0x3D, 0x3B, 0x0E, 0xA8, 0x1D, | ||
101 | + 0x92, 0x94, 0x03, 0x4D, 0x7E, 0xE3, 0x13, 0x5D, 0x0A, 0xC5, | ||
102 | + 0xFC, 0x8D, 0x9C, 0xB0, 0x27, 0x6F, 0x72, 0x11, 0xF8, 0x80, | ||
103 | + 0xF0, 0xD8, 0x1C, 0xA4, 0xC6, 0xE8, 0x7B, 0x38); | ||
104 | +SPCF_CPARAM_INIT(sect409k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
105 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
106 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
107 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
108 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
109 | + 0x00, 0x00, 0x00, 0x01); | ||
110 | +SPCF_CPARAM_INIT(sect409r1, 0x01, 0x49, 0xB8, 0xB7, 0xBE, 0xBD, 0x9B, 0x63, | ||
111 | + 0x65, 0x3E, 0xF1, 0xCD, 0x8C, 0x6A, 0x5D, 0xD1, 0x05, 0xA2, | ||
112 | + 0xAA, 0xAC, 0x36, 0xFE, 0x2E, 0xAE, 0x43, 0xCF, 0x28, 0xCE, | ||
113 | + 0x1C, 0xB7, 0xC8, 0x30, 0xC1, 0xEC, 0xDB, 0xFA, 0x41, 0x3A, | ||
114 | + 0xB0, 0x7F, 0xE3, 0x5A, 0x57, 0x81, 0x1A, 0xE4, 0xF8, 0x8D, | ||
115 | + 0x30, 0xAC, 0x63, 0xFB); | ||
116 | +SPCF_CPARAM_INIT(sect571k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
117 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
118 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
119 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
120 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
121 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
122 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
123 | + 0x00, 0x00, 0x00, 0x01); | ||
124 | +SPCF_CPARAM_INIT(sect571r1, 0x06, 0x39, 0x5D, 0xB2, 0x2A, 0xB5, 0x94, 0xB1, | ||
125 | + 0x86, 0x8C, 0xED, 0x95, 0x25, 0x78, 0xB6, 0x53, 0x9F, 0xAB, | ||
126 | + 0xA6, 0x94, 0x06, 0xD9, 0xB2, 0x98, 0x61, 0x23, 0xA1, 0x85, | ||
127 | + 0xC8, 0x58, 0x32, 0xE2, 0x5F, 0xD5, 0xB6, 0x38, 0x33, 0xD5, | ||
128 | + 0x14, 0x42, 0xAB, 0xF1, 0xA9, 0xC0, 0x5F, 0xF0, 0xEC, 0xBD, | ||
129 | + 0x88, 0xD7, 0xF7, 0x79, 0x97, 0xF4, 0xDC, 0x91, 0x56, 0xAA, | ||
130 | + 0xF1, 0xCE, 0x08, 0x16, 0x46, 0x86, 0xDD, 0xFF, 0x75, 0x11, | ||
131 | + 0x6F, 0xBC, 0x9A, 0x7A); | ||
132 | +SPCF_CPARAM_INIT(X9_62_c2pnb163v1, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, 0x1F, | ||
133 | + 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, 0x81, | ||
134 | + 0xE7, 0xEA, 0x26, 0xEC); | ||
135 | +SPCF_CPARAM_INIT(X9_62_c2pnb163v2, 0x04, 0x35, 0xC0, 0x19, 0x66, 0x0E, 0x01, | ||
136 | + 0x01, 0xBA, 0x87, 0x0C, 0xA3, 0x9F, 0xD9, 0xA7, 0x76, 0x86, | ||
137 | + 0x50, 0x9D, 0x28, 0x13); | ||
138 | +SPCF_CPARAM_INIT(X9_62_c2pnb163v3, 0x06, 0x55, 0xC4, 0x54, 0xE4, 0x1E, 0x38, | ||
139 | + 0x0C, 0x7A, 0x60, 0xB6, 0x67, 0x9A, 0x5B, 0x7A, 0x3F, 0x3A, | ||
140 | + 0xF6, 0x8E, 0x22, 0xC5); | ||
141 | +SPCF_CPARAM_INIT(X9_62_c2pnb176v1, 0x00, 0x69, 0xF7, 0xDA, 0x36, 0x19, 0xA7, | ||
142 | + 0x42, 0xA3, 0x82, 0xFF, 0x05, 0x08, 0x8F, 0xD3, 0x99, 0x42, | ||
143 | + 0xCA, 0x0F, 0x1D, 0x90, 0xB6, 0x5B); | ||
144 | +SPCF_CPARAM_INIT(X9_62_c2tnb191v1, 0x4C, 0x45, 0x25, 0xAB, 0x0B, 0x68, 0x4A, | ||
145 | + 0x64, 0x44, 0x62, 0x0A, 0x86, 0x45, 0xEF, 0x54, 0x6D, 0x54, | ||
146 | + 0x69, 0x39, 0x68, 0xC2, 0xAE, 0x84, 0xAC); | ||
147 | +SPCF_CPARAM_INIT(X9_62_c2tnb191v2, 0x03, 0x7C, 0x8F, 0x57, 0xA2, 0x25, 0xC7, | ||
148 | + 0xB3, 0xD4, 0xED, 0xD5, 0x88, 0x0F, 0x38, 0x0A, 0xCC, 0x55, | ||
149 | + 0x74, 0xEC, 0xB3, 0x6C, 0x9F, 0x51, 0x21); | ||
150 | +SPCF_CPARAM_INIT(X9_62_c2tnb191v3, 0x37, 0x39, 0xFF, 0x98, 0xB4, 0xD1, 0x69, | ||
151 | + 0x3E, 0xCF, 0x52, 0x7A, 0x98, 0x51, 0xED, 0xCF, 0x99, 0x9D, | ||
152 | + 0x9E, 0x75, 0x05, 0x43, 0x33, 0x43, 0x24); | ||
153 | +SPCF_CPARAM_INIT(X9_62_c2pnb208w1, 0x00, 0xDB, 0x05, 0x3C, 0x41, 0x76, 0xCC, | ||
154 | + 0x1D, 0xA1, 0x27, 0x85, 0x2C, 0xA6, 0xD9, 0x88, 0xBE, 0x1A, | ||
155 | + 0xCC, 0xD1, 0x5B, 0x2A, 0xC1, 0xC1, 0x07, 0x42, 0x57, 0x34); | ||
156 | +SPCF_CPARAM_INIT(X9_62_c2tnb239v1, 0x24, 0x59, 0xFC, 0xF4, 0x51, 0x7B, 0xC5, | ||
157 | + 0xA6, 0xB9, 0x9B, 0xE5, 0xC6, 0xC5, 0x62, 0x85, 0xC0, 0x21, | ||
158 | + 0xFE, 0x32, 0xEE, 0x2B, 0x6F, 0x1C, 0x22, 0xEA, 0x5B, 0xE1, | ||
159 | + 0xB8, 0x4B, 0x93); | ||
160 | +SPCF_CPARAM_INIT(X9_62_c2tnb239v2, 0x64, 0x98, 0x84, 0x19, 0x3B, 0x56, 0x2D, | ||
161 | + 0x4A, 0x50, 0xB4, 0xFA, 0x56, 0x34, 0xE0, 0x34, 0x41, 0x3F, | ||
162 | + 0x94, 0xC4, 0x59, 0xDA, 0x7C, 0xDB, 0x16, 0x64, 0x9D, 0xDD, | ||
163 | + 0xF7, 0xE6, 0x0A); | ||
164 | +SPCF_CPARAM_INIT(X9_62_c2tnb239v3, 0x32, 0x63, 0x2E, 0x65, 0x2B, 0xEE, 0x91, | ||
165 | + 0xC2, 0xE4, 0xA2, 0xF5, 0x42, 0xA3, 0x2D, 0x67, 0xA8, 0xB5, | ||
166 | + 0xB4, 0x5F, 0x21, 0xA0, 0x81, 0x02, 0xFB, 0x1F, 0x2A, 0xFB, | ||
167 | + 0xB6, 0xAC, 0xDA); | ||
168 | +SPCF_CPARAM_INIT(X9_62_c2pnb272w1, 0x00, 0xDA, 0x7B, 0x60, 0x28, 0xF4, 0xC8, | ||
169 | + 0x09, 0xA0, 0xB9, 0x78, 0x81, 0xC3, 0xA5, 0x7E, 0x4D, 0x71, | ||
170 | + 0x81, 0x34, 0xD1, 0x3F, 0xEC, 0xE0, 0x90, 0x85, 0x8A, 0xC3, | ||
171 | + 0x1A, 0xE2, 0xDC, 0x2E, 0xDF, 0x8E, 0x3C, 0x8B); | ||
172 | +SPCF_CPARAM_INIT(X9_62_c2pnb304w1, 0x00, 0x3C, 0x67, 0xB4, 0x07, 0xC6, 0xF3, | ||
173 | + 0x3F, 0x81, 0x0B, 0x17, 0xDC, 0x16, 0xE2, 0x14, 0x8A, 0x2C, | ||
174 | + 0x9C, 0xE2, 0x9D, 0x56, 0x05, 0x23, 0x69, 0x6A, 0x55, 0x93, | ||
175 | + 0x8A, 0x15, 0x40, 0x81, 0xE3, 0xE3, 0xAE, 0xFB, 0xCE, 0x45, | ||
176 | + 0x70, 0xC9); | ||
177 | +SPCF_CPARAM_INIT(X9_62_c2tnb359v1, 0x22, 0x39, 0xAA, 0x58, 0x4A, 0xC5, 0x9A, | ||
178 | + 0xF9, 0x61, 0xD0, 0xFA, 0x2D, 0x52, 0x85, 0xB6, 0xFD, 0xF7, | ||
179 | + 0x34, 0x9B, 0xC6, 0x0E, 0x91, 0xE3, 0x20, 0xF4, 0x71, 0x64, | ||
180 | + 0xCE, 0x11, 0xF5, 0x18, 0xEF, 0xB4, 0xC0, 0x8B, 0x9B, 0xDA, | ||
181 | + 0x99, 0x9A, 0x8A, 0x37, 0xF8, 0x2A, 0x22, 0x61); | ||
182 | +SPCF_CPARAM_INIT(X9_62_c2pnb368w1, 0x00, 0xC0, 0x6C, 0xCF, 0x42, 0x89, 0x3A, | ||
183 | + 0x8A, 0xAA, 0x00, 0x1E, 0x0B, 0xC0, 0xD2, 0xA2, 0x27, 0x66, | ||
184 | + 0xEF, 0x3E, 0x41, 0x88, 0x7C, 0xC6, 0x77, 0x6F, 0x4A, 0x04, | ||
185 | + 0x1E, 0xE4, 0x45, 0x14, 0xB2, 0x0A, 0xFC, 0x4E, 0x5C, 0x30, | ||
186 | + 0x40, 0x60, 0x06, 0x5B, 0xC8, 0xD6, 0xCF, 0x04, 0xD3, 0x25); | ||
187 | +SPCF_CPARAM_INIT(X9_62_c2tnb431r1, 0x64, 0xF5, 0xBB, 0xE9, 0xBB, 0x31, 0x66, | ||
188 | + 0xA3, 0xA0, 0x2F, 0x2F, 0x22, 0xBF, 0x05, 0xD9, 0xF7, 0xDA, | ||
189 | + 0x43, 0xEE, 0x70, 0xC1, 0x79, 0x03, 0x15, 0x2B, 0x70, 0xA0, | ||
190 | + 0xB4, 0x25, 0x9B, 0xD2, 0xFC, 0xB2, 0x20, 0x3B, 0x7F, 0xB8, | ||
191 | + 0xD3, 0x39, 0x4E, 0x20, 0xEB, 0x0E, 0xA9, 0x84, 0xDD, 0xB1, | ||
192 | + 0xE1, 0xF1, 0x4C, 0x67, 0xB1, 0x36, 0x2B); | ||
193 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
194 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); | ||
195 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
196 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
197 | + 0x00, 0x00, 0x00, 0x00, 0x01); | ||
198 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls4, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, | ||
199 | + 0xEC, 0x76, 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); | ||
200 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls5, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, | ||
201 | + 0x1F, 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, | ||
202 | + 0x81, 0xE7, 0xEA, 0x26, 0xEC); | ||
203 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
204 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
205 | + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
206 | + 0x00, 0x00, 0x00, 0x01); | ||
207 | +SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls11, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, | ||
208 | + 0xDF, 0xF1, 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, | ||
209 | + 0xCE, 0x35, 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, | ||
210 | + 0xC0, 0xF2, 0x68, 0x6C); | ||
211 | +/* Oakley curve #3 over 155 bit binary filed */ | ||
212 | +SPCF_CPARAM_INIT(ipsec3, 0x00, 0x31, 0x10, 0x00, 0x00, 0x02, 0x23, 0xA0, 0x00, | ||
213 | + 0xC4, 0x47, 0x40, 0x00, 0x08, 0x8E, 0x80, 0x00, 0x11, 0x1D, | ||
214 | + 0x1D); | ||
215 | +/* Oakley curve #4 over 185 bit binary filed */ | ||
216 | +SPCF_CPARAM_INIT(ipsec4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, | ||
217 | + 0x01, 0x80, 0x00, 0xC0, 0x0C, 0x00, 0x00, 0x00, 0x63, 0x80, | ||
218 | + 0x30, 0x00, 0x1C, 0x00, 0x09); | ||
219 | + | ||
220 | +static inline int | ||
221 | +eng_ec_get_cparam(int nid, unsigned char *buf, unsigned int buf_len) | ||
222 | +{ | ||
223 | + int ret = 0; | ||
224 | + switch (nid) { | ||
225 | + SPCF_CPARAM_CASE(sect113r1); | ||
226 | + SPCF_CPARAM_CASE(sect113r2); | ||
227 | + SPCF_CPARAM_CASE(sect131r1); | ||
228 | + SPCF_CPARAM_CASE(sect131r2); | ||
229 | + SPCF_CPARAM_CASE(sect163k1); | ||
230 | + SPCF_CPARAM_CASE(sect163r1); | ||
231 | + SPCF_CPARAM_CASE(sect163r2); | ||
232 | + SPCF_CPARAM_CASE(sect193r1); | ||
233 | + SPCF_CPARAM_CASE(sect193r2); | ||
234 | + SPCF_CPARAM_CASE(sect233k1); | ||
235 | + SPCF_CPARAM_CASE(sect233r1); | ||
236 | + SPCF_CPARAM_CASE(sect239k1); | ||
237 | + SPCF_CPARAM_CASE(sect283k1); | ||
238 | + SPCF_CPARAM_CASE(sect283r1); | ||
239 | + SPCF_CPARAM_CASE(sect409k1); | ||
240 | + SPCF_CPARAM_CASE(sect409r1); | ||
241 | + SPCF_CPARAM_CASE(sect571k1); | ||
242 | + SPCF_CPARAM_CASE(sect571r1); | ||
243 | + SPCF_CPARAM_CASE(X9_62_c2pnb163v1); | ||
244 | + SPCF_CPARAM_CASE(X9_62_c2pnb163v2); | ||
245 | + SPCF_CPARAM_CASE(X9_62_c2pnb163v3); | ||
246 | + SPCF_CPARAM_CASE(X9_62_c2pnb176v1); | ||
247 | + SPCF_CPARAM_CASE(X9_62_c2tnb191v1); | ||
248 | + SPCF_CPARAM_CASE(X9_62_c2tnb191v2); | ||
249 | + SPCF_CPARAM_CASE(X9_62_c2tnb191v3); | ||
250 | + SPCF_CPARAM_CASE(X9_62_c2pnb208w1); | ||
251 | + SPCF_CPARAM_CASE(X9_62_c2tnb239v1); | ||
252 | + SPCF_CPARAM_CASE(X9_62_c2tnb239v2); | ||
253 | + SPCF_CPARAM_CASE(X9_62_c2tnb239v3); | ||
254 | + SPCF_CPARAM_CASE(X9_62_c2pnb272w1); | ||
255 | + SPCF_CPARAM_CASE(X9_62_c2pnb304w1); | ||
256 | + SPCF_CPARAM_CASE(X9_62_c2tnb359v1); | ||
257 | + SPCF_CPARAM_CASE(X9_62_c2pnb368w1); | ||
258 | + SPCF_CPARAM_CASE(X9_62_c2tnb431r1); | ||
259 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls1); | ||
260 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls3); | ||
261 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls4); | ||
262 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls5); | ||
263 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls10); | ||
264 | + SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls11); | ||
265 | + /* Oakley curve #3 over 155 bit binary filed */ | ||
266 | + SPCF_CPARAM_CASE(ipsec3); | ||
267 | + /* Oakley curve #4 over 185 bit binary filed */ | ||
268 | + SPCF_CPARAM_CASE(ipsec4); | ||
269 | + default: | ||
270 | + ret = -EINVAL; | ||
271 | + break; | ||
272 | + } | ||
273 | + return ret; | ||
274 | +} | ||
275 | + | ||
276 | +/* Copies the curve points to a flat buffer with appropriate padding */ | ||
277 | +static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, | ||
278 | + int xy_len, int crv_len) | ||
279 | +{ | ||
280 | + unsigned char *xy = NULL; | ||
281 | + int len1 = 0, len2 = 0; | ||
282 | + | ||
283 | + len1 = BN_num_bytes(x); | ||
284 | + len2 = BN_num_bytes(y); | ||
285 | + | ||
286 | + if (!(xy = malloc(xy_len))) { | ||
287 | + return NULL; | ||
288 | + } | ||
289 | + | ||
290 | + memset(xy, 0, xy_len); | ||
291 | + | ||
292 | + if (len1 < crv_len) { | ||
293 | + if (!BN_is_zero(x)) | ||
294 | + BN_bn2bin(x, xy + (crv_len - len1)); | ||
295 | + } else { | ||
296 | + BN_bn2bin(x, xy); | ||
297 | + } | ||
298 | + | ||
299 | + if (len2 < crv_len) { | ||
300 | + if (!BN_is_zero(y)) | ||
301 | + BN_bn2bin(y, xy+crv_len+(crv_len-len2)); | ||
302 | + } else { | ||
303 | + BN_bn2bin(y, xy+crv_len); | ||
304 | + } | ||
305 | + | ||
306 | + return xy; | ||
307 | +} | ||
308 | + | ||
309 | +enum curve_t { | ||
310 | + DISCRETE_LOG, | ||
311 | + ECC_PRIME, | ||
312 | + ECC_BINARY, | ||
313 | + MAX_ECC_TYPE | ||
314 | +}; | ||
315 | +#endif | ||
316 | -- | ||
317 | 1.7.9.7 | ||
318 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch new file mode 100644 index 0000000..dd99ca9 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch | |||
@@ -0,0 +1,296 @@ | |||
1 | From 1a8886909afc7e4c9e8539644c815baee8ee4816 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 29 Aug 2013 16:51:18 +0300 | ||
4 | Subject: [PATCH][fsl 03/15] add support for TLS algorithms offload | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Requires TLS patches on cryptodev and TLS algorithm support in Linux | ||
9 | kernel driver. | ||
10 | |||
11 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | --- | ||
13 | crypto/engine/eng_cryptodev.c | 204 ++++++++++++++++++++++++++++++++++++++--- | ||
14 | 1 file changed, 193 insertions(+), 11 deletions(-) | ||
15 | |||
16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
17 | index 5a715ac..123613d 100644 | ||
18 | --- a/crypto/engine/eng_cryptodev.c | ||
19 | +++ b/crypto/engine/eng_cryptodev.c | ||
20 | @@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void) | ||
21 | struct dev_crypto_state { | ||
22 | struct session_op d_sess; | ||
23 | int d_fd; | ||
24 | + unsigned char *aad; | ||
25 | + unsigned int aad_len; | ||
26 | + unsigned int len; | ||
27 | |||
28 | #ifdef USE_CRYPTODEV_DIGESTS | ||
29 | char dummy_mac_key[HASH_MAX_LEN]; | ||
30 | @@ -140,17 +143,19 @@ static struct { | ||
31 | int nid; | ||
32 | int ivmax; | ||
33 | int keylen; | ||
34 | + int mackeylen; | ||
35 | } ciphers[] = { | ||
36 | - { CRYPTO_ARC4, NID_rc4, 0, 16, }, | ||
37 | - { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, | ||
38 | - { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, | ||
39 | - { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, | ||
40 | - { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, }, | ||
41 | - { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, | ||
42 | - { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, | ||
43 | - { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, | ||
44 | - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, | ||
45 | - { 0, NID_undef, 0, 0, }, | ||
46 | + { CRYPTO_ARC4, NID_rc4, 0, 16, 0}, | ||
47 | + { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0}, | ||
48 | + { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0}, | ||
49 | + { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0}, | ||
50 | + { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0}, | ||
51 | + { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0}, | ||
52 | + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, | ||
53 | + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, | ||
54 | + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, | ||
55 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
56 | + { 0, NID_undef, 0, 0, 0}, | ||
57 | }; | ||
58 | |||
59 | #ifdef USE_CRYPTODEV_DIGESTS | ||
60 | @@ -250,13 +255,15 @@ get_cryptodev_ciphers(const int **cnids) | ||
61 | } | ||
62 | memset(&sess, 0, sizeof(sess)); | ||
63 | sess.key = (caddr_t)"123456789abcdefghijklmno"; | ||
64 | + sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO"; | ||
65 | |||
66 | for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { | ||
67 | if (ciphers[i].nid == NID_undef) | ||
68 | continue; | ||
69 | sess.cipher = ciphers[i].id; | ||
70 | sess.keylen = ciphers[i].keylen; | ||
71 | - sess.mac = 0; | ||
72 | + sess.mackeylen = ciphers[i].mackeylen; | ||
73 | + | ||
74 | if (ioctl(fd, CIOCGSESSION, &sess) != -1 && | ||
75 | ioctl(fd, CIOCFSESSION, &sess.ses) != -1) | ||
76 | nids[count++] = ciphers[i].nid; | ||
77 | @@ -414,6 +421,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
78 | return (1); | ||
79 | } | ||
80 | |||
81 | + | ||
82 | +static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
83 | + const unsigned char *in, size_t len) | ||
84 | +{ | ||
85 | + struct crypt_auth_op cryp; | ||
86 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
87 | + struct session_op *sess = &state->d_sess; | ||
88 | + const void *iiv; | ||
89 | + unsigned char save_iv[EVP_MAX_IV_LENGTH]; | ||
90 | + | ||
91 | + if (state->d_fd < 0) | ||
92 | + return (0); | ||
93 | + if (!len) | ||
94 | + return (1); | ||
95 | + if ((len % ctx->cipher->block_size) != 0) | ||
96 | + return (0); | ||
97 | + | ||
98 | + memset(&cryp, 0, sizeof(cryp)); | ||
99 | + | ||
100 | + /* TODO: make a seamless integration with cryptodev flags */ | ||
101 | + switch (ctx->cipher->nid) { | ||
102 | + case NID_aes_128_cbc_hmac_sha1: | ||
103 | + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
104 | + } | ||
105 | + cryp.ses = sess->ses; | ||
106 | + cryp.len = state->len; | ||
107 | + cryp.dst_len = len; | ||
108 | + cryp.src = (caddr_t) in; | ||
109 | + cryp.dst = (caddr_t) out; | ||
110 | + cryp.auth_src = state->aad; | ||
111 | + cryp.auth_len = state->aad_len; | ||
112 | + | ||
113 | + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; | ||
114 | + | ||
115 | + if (ctx->cipher->iv_len) { | ||
116 | + cryp.iv = (caddr_t) ctx->iv; | ||
117 | + if (!ctx->encrypt) { | ||
118 | + iiv = in + len - ctx->cipher->iv_len; | ||
119 | + memcpy(save_iv, iiv, ctx->cipher->iv_len); | ||
120 | + } | ||
121 | + } else | ||
122 | + cryp.iv = NULL; | ||
123 | + | ||
124 | + if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { | ||
125 | + /* XXX need better errror handling | ||
126 | + * this can fail for a number of different reasons. | ||
127 | + */ | ||
128 | + return (0); | ||
129 | + } | ||
130 | + | ||
131 | + if (ctx->cipher->iv_len) { | ||
132 | + if (ctx->encrypt) | ||
133 | + iiv = out + len - ctx->cipher->iv_len; | ||
134 | + else | ||
135 | + iiv = save_iv; | ||
136 | + memcpy(ctx->iv, iiv, ctx->cipher->iv_len); | ||
137 | + } | ||
138 | + return (1); | ||
139 | +} | ||
140 | + | ||
141 | + | ||
142 | static int | ||
143 | cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
144 | const unsigned char *iv, int enc) | ||
145 | @@ -452,6 +520,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
146 | return (1); | ||
147 | } | ||
148 | |||
149 | +/* Save the encryption key provided by upper layers. | ||
150 | + * | ||
151 | + * This function is called by EVP_CipherInit_ex to initialize the algorithm's | ||
152 | + * extra data. We can't do much here because the mac key is not available. | ||
153 | + * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter | ||
154 | + * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION | ||
155 | + * with both the crypto and hmac keys. | ||
156 | + */ | ||
157 | +static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx, | ||
158 | + const unsigned char *key, const unsigned char *iv, int enc) | ||
159 | +{ | ||
160 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
161 | + struct session_op *sess = &state->d_sess; | ||
162 | + int cipher = -1, i; | ||
163 | + | ||
164 | + for (i = 0; ciphers[i].id; i++) | ||
165 | + if (ctx->cipher->nid == ciphers[i].nid && | ||
166 | + ctx->cipher->iv_len <= ciphers[i].ivmax && | ||
167 | + ctx->key_len == ciphers[i].keylen) { | ||
168 | + cipher = ciphers[i].id; | ||
169 | + break; | ||
170 | + } | ||
171 | + | ||
172 | + if (!ciphers[i].id) { | ||
173 | + state->d_fd = -1; | ||
174 | + return (0); | ||
175 | + } | ||
176 | + | ||
177 | + memset(sess, 0, sizeof(struct session_op)); | ||
178 | + | ||
179 | + sess->key = (caddr_t)key; | ||
180 | + sess->keylen = ctx->key_len; | ||
181 | + sess->cipher = cipher; | ||
182 | + | ||
183 | + /* for whatever reason, (1) means success */ | ||
184 | + return (1); | ||
185 | +} | ||
186 | + | ||
187 | + | ||
188 | /* | ||
189 | * free anything we allocated earlier when initting a | ||
190 | * session, and close the session. | ||
191 | @@ -488,6 +595,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) | ||
192 | return (ret); | ||
193 | } | ||
194 | |||
195 | +static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
196 | + void *ptr) | ||
197 | +{ | ||
198 | + switch (type) { | ||
199 | + case EVP_CTRL_AEAD_SET_MAC_KEY: | ||
200 | + { | ||
201 | + /* TODO: what happens with hmac keys larger than 64 bytes? */ | ||
202 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
203 | + struct session_op *sess = &state->d_sess; | ||
204 | + | ||
205 | + if ((state->d_fd = get_dev_crypto()) < 0) | ||
206 | + return (0); | ||
207 | + | ||
208 | + /* the rest should have been set in cryptodev_init_aead_key */ | ||
209 | + sess->mackey = ptr; | ||
210 | + sess->mackeylen = arg; | ||
211 | + | ||
212 | + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { | ||
213 | + put_dev_crypto(state->d_fd); | ||
214 | + state->d_fd = -1; | ||
215 | + return (0); | ||
216 | + } | ||
217 | + return (1); | ||
218 | + } | ||
219 | + case EVP_CTRL_AEAD_TLS1_AAD: | ||
220 | + { | ||
221 | + /* ptr points to the associated data buffer of 13 bytes */ | ||
222 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
223 | + unsigned char *p = ptr; | ||
224 | + unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; | ||
225 | + unsigned int maclen, padlen; | ||
226 | + unsigned int bs = ctx->cipher->block_size; | ||
227 | + int j; | ||
228 | + | ||
229 | + state->aad = ptr; | ||
230 | + state->aad_len = arg; | ||
231 | + state->len = cryptlen; | ||
232 | + | ||
233 | + /* TODO: this should be an extension of EVP_CIPHER struct */ | ||
234 | + switch (ctx->cipher->nid) { | ||
235 | + case NID_aes_128_cbc_hmac_sha1: | ||
236 | + maclen = SHA_DIGEST_LENGTH; | ||
237 | + } | ||
238 | + | ||
239 | + /* space required for encryption (not only TLS padding) */ | ||
240 | + padlen = maclen; | ||
241 | + if (ctx->encrypt) { | ||
242 | + cryptlen += maclen; | ||
243 | + padlen += bs - (cryptlen % bs); | ||
244 | + } | ||
245 | + return padlen; | ||
246 | + } | ||
247 | + default: | ||
248 | + return -1; | ||
249 | + } | ||
250 | +} | ||
251 | + | ||
252 | /* | ||
253 | * libcrypto EVP stuff - this is how we get wired to EVP so the engine | ||
254 | * gets called when libcrypto requests a cipher NID. | ||
255 | @@ -600,6 +764,20 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { | ||
256 | NULL | ||
257 | }; | ||
258 | |||
259 | +const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { | ||
260 | + NID_aes_128_cbc_hmac_sha1, | ||
261 | + 16, 16, 16, | ||
262 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
263 | + cryptodev_init_aead_key, | ||
264 | + cryptodev_aead_cipher, | ||
265 | + cryptodev_cleanup, | ||
266 | + sizeof(struct dev_crypto_state), | ||
267 | + EVP_CIPHER_set_asn1_iv, | ||
268 | + EVP_CIPHER_get_asn1_iv, | ||
269 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
270 | + NULL | ||
271 | +}; | ||
272 | + | ||
273 | /* | ||
274 | * Registered by the ENGINE when used to find out how to deal with | ||
275 | * a particular NID in the ENGINE. this says what we'll do at the | ||
276 | @@ -637,6 +815,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
277 | case NID_aes_256_cbc: | ||
278 | *cipher = &cryptodev_aes_256_cbc; | ||
279 | break; | ||
280 | + case NID_aes_128_cbc_hmac_sha1: | ||
281 | + *cipher = &cryptodev_aes_128_cbc_hmac_sha1; | ||
282 | + break; | ||
283 | default: | ||
284 | *cipher = NULL; | ||
285 | break; | ||
286 | @@ -1384,6 +1565,7 @@ ENGINE_load_cryptodev(void) | ||
287 | } | ||
288 | put_dev_crypto(fd); | ||
289 | |||
290 | + EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
291 | if (!ENGINE_set_id(engine, "cryptodev") || | ||
292 | !ENGINE_set_name(engine, "BSD cryptodev engine") || | ||
293 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | ||
294 | -- | ||
295 | 1.7.9.7 | ||
296 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch new file mode 100644 index 0000000..607f603 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | From c994fa6c5eb9b684dd6aff45dd5e8eb98237c31e Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 05:57:47 +0545 | ||
4 | Subject: [PATCH][fsl 04/15] Fixed private key support for DH | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | crypto/dh/dh_ameth.c | 7 +++++++ | ||
11 | 1 file changed, 7 insertions(+) | ||
12 | |||
13 | diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c | ||
14 | index 02ec2d4..ed32004 100644 | ||
15 | --- a/crypto/dh/dh_ameth.c | ||
16 | +++ b/crypto/dh/dh_ameth.c | ||
17 | @@ -422,6 +422,13 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) | ||
18 | if (to->pkey.dh->g != NULL) | ||
19 | BN_free(to->pkey.dh->g); | ||
20 | to->pkey.dh->g=a; | ||
21 | + if ((a=BN_dup(from->pkey.dh->q)) != NULL) { | ||
22 | + if (to->pkey.dh->q != NULL) | ||
23 | + BN_free(to->pkey.dh->q); | ||
24 | + to->pkey.dh->q=a; | ||
25 | + } | ||
26 | + | ||
27 | + to->pkey.dh->length = from->pkey.dh->length; | ||
28 | |||
29 | return 1; | ||
30 | } | ||
31 | -- | ||
32 | 1.7.9.7 | ||
33 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch new file mode 100644 index 0000000..06dff88 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | From 408bdb2a3971edd6a949f5a93bd44d0a6f3eb823 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 20 Mar 2014 19:55:51 -0500 | ||
4 | Subject: [PATCH][fsl 05/15] Fixed private key support for DH | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Required Length of the DH result is not returned in dh method in openssl | ||
9 | |||
10 | Tested-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
11 | --- | ||
12 | crypto/dh/dh_ameth.c | 7 ------- | ||
13 | 1 file changed, 7 deletions(-) | ||
14 | |||
15 | diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c | ||
16 | index ed32004..02ec2d4 100644 | ||
17 | --- a/crypto/dh/dh_ameth.c | ||
18 | +++ b/crypto/dh/dh_ameth.c | ||
19 | @@ -422,13 +422,6 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) | ||
20 | if (to->pkey.dh->g != NULL) | ||
21 | BN_free(to->pkey.dh->g); | ||
22 | to->pkey.dh->g=a; | ||
23 | - if ((a=BN_dup(from->pkey.dh->q)) != NULL) { | ||
24 | - if (to->pkey.dh->q != NULL) | ||
25 | - BN_free(to->pkey.dh->q); | ||
26 | - to->pkey.dh->q=a; | ||
27 | - } | ||
28 | - | ||
29 | - to->pkey.dh->length = from->pkey.dh->length; | ||
30 | |||
31 | return 1; | ||
32 | } | ||
33 | -- | ||
34 | 1.7.9.7 | ||
35 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch new file mode 100644 index 0000000..b5ac55d --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch | |||
@@ -0,0 +1,1563 @@ | |||
1 | From 8e9a39aab2fce48c117460eb1d14bcc02be6de6c Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 06:29:52 +0545 | ||
4 | Subject: [PATCH][fsl 06/15] Initial support for PKC in cryptodev engine | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | crypto/engine/eng_cryptodev.c | 1343 ++++++++++++++++++++++++++++++++++++----- | ||
11 | 1 file changed, 1183 insertions(+), 160 deletions(-) | ||
12 | |||
13 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
14 | index 123613d..88caec1 100644 | ||
15 | --- a/crypto/engine/eng_cryptodev.c | ||
16 | +++ b/crypto/engine/eng_cryptodev.c | ||
17 | @@ -54,11 +54,14 @@ ENGINE_load_cryptodev(void) | ||
18 | #else | ||
19 | |||
20 | #include <sys/types.h> | ||
21 | -#include <crypto/cryptodev.h> | ||
22 | #include <crypto/dh/dh.h> | ||
23 | #include <crypto/dsa/dsa.h> | ||
24 | #include <crypto/err/err.h> | ||
25 | #include <crypto/rsa/rsa.h> | ||
26 | +#include <crypto/ecdsa/ecs_locl.h> | ||
27 | +#include <crypto/ecdh/ech_locl.h> | ||
28 | +#include <crypto/ec/ec_lcl.h> | ||
29 | +#include <crypto/ec/ec.h> | ||
30 | #include <sys/ioctl.h> | ||
31 | #include <errno.h> | ||
32 | #include <stdio.h> | ||
33 | @@ -68,6 +71,8 @@ ENGINE_load_cryptodev(void) | ||
34 | #include <syslog.h> | ||
35 | #include <errno.h> | ||
36 | #include <string.h> | ||
37 | +#include "eng_cryptodev_ec.h" | ||
38 | +#include <crypto/cryptodev.h> | ||
39 | |||
40 | struct dev_crypto_state { | ||
41 | struct session_op d_sess; | ||
42 | @@ -116,24 +121,112 @@ static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, | ||
43 | static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, | ||
44 | RSA *rsa, BN_CTX *ctx); | ||
45 | static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); | ||
46 | -static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, | ||
47 | - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||
48 | -static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, | ||
49 | - BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, | ||
50 | - BN_CTX *ctx, BN_MONT_CTX *mont); | ||
51 | static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, | ||
52 | int dlen, DSA *dsa); | ||
53 | static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, | ||
54 | DSA_SIG *sig, DSA *dsa); | ||
55 | -static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||
56 | - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
57 | - BN_MONT_CTX *m_ctx); | ||
58 | static int cryptodev_dh_compute_key(unsigned char *key, | ||
59 | const BIGNUM *pub_key, DH *dh); | ||
60 | static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, | ||
61 | void (*f)(void)); | ||
62 | void ENGINE_load_cryptodev(void); | ||
63 | |||
64 | +inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
65 | +{ | ||
66 | + int len; | ||
67 | + unsigned char *p; | ||
68 | + | ||
69 | + len = BN_num_bytes(bn); | ||
70 | + | ||
71 | + if (!len) | ||
72 | + return -1; | ||
73 | + | ||
74 | + p = malloc(len); | ||
75 | + if (!p) | ||
76 | + return -1; | ||
77 | + | ||
78 | + BN_bn2bin(bn,p); | ||
79 | + | ||
80 | + *bin = p; | ||
81 | + *bin_len = len; | ||
82 | + | ||
83 | + return 0; | ||
84 | +} | ||
85 | + | ||
86 | +inline int spcf_bn2bin_ex(BIGNUM *bn, unsigned char **bin, int *bin_len) | ||
87 | +{ | ||
88 | + int len; | ||
89 | + unsigned char *p; | ||
90 | + | ||
91 | + len = BN_num_bytes(bn); | ||
92 | + | ||
93 | + if (!len) | ||
94 | + return -1; | ||
95 | + | ||
96 | + if (len < *bin_len) | ||
97 | + p = malloc(*bin_len); | ||
98 | + else | ||
99 | + p = malloc(len); | ||
100 | + | ||
101 | + if (!p) | ||
102 | + return -ENOMEM; | ||
103 | + | ||
104 | + if (len < *bin_len) { | ||
105 | + /* place padding */ | ||
106 | + memset(p, 0, (*bin_len - len)); | ||
107 | + BN_bn2bin(bn,p+(*bin_len-len)); | ||
108 | + } else { | ||
109 | + BN_bn2bin(bn,p); | ||
110 | + } | ||
111 | + | ||
112 | + *bin = p; | ||
113 | + if (len >= *bin_len) | ||
114 | + *bin_len = len; | ||
115 | + | ||
116 | + return 0; | ||
117 | +} | ||
118 | + | ||
119 | +/** | ||
120 | + * Convert an ECC F2m 'b' parameter into the 'c' parameter. | ||
121 | + *Inputs: | ||
122 | + * q, the curve's modulus | ||
123 | + * b, the curve's b parameter | ||
124 | + * (a bignum for b, a buffer for c) | ||
125 | + * Output: | ||
126 | + * c, written into bin, right-adjusted to fill q_len bytes. | ||
127 | + */ | ||
128 | +static int | ||
129 | +eng_ec_compute_cparam(const BIGNUM* b, const BIGNUM* q, | ||
130 | + unsigned char **bin, int *bin_len) | ||
131 | +{ | ||
132 | + BIGNUM* c = BN_new(); | ||
133 | + BIGNUM* exp = BN_new(); | ||
134 | + BN_CTX *ctx = BN_CTX_new(); | ||
135 | + int m = BN_num_bits(q) - 1; | ||
136 | + int ok = 0; | ||
137 | + | ||
138 | + if (!c || !exp || !ctx || *bin) | ||
139 | + goto err; | ||
140 | + | ||
141 | + /* | ||
142 | + * We have to compute c, where b = c^4, i.e., the fourth root of b. | ||
143 | + * The equation for c is c = b^(2^(m-2)) | ||
144 | + * Compute exp = 2^(m-2) | ||
145 | + * (1 << x) == 2^x | ||
146 | + * and then compute c = b^exp | ||
147 | + */ | ||
148 | + BN_lshift(exp, BN_value_one(), m-2); | ||
149 | + BN_GF2m_mod_exp(c, b, exp, q, ctx); | ||
150 | + /* Store c */ | ||
151 | + spcf_bn2bin_ex(c, bin, bin_len); | ||
152 | + ok = 1; | ||
153 | +err: | ||
154 | + if (ctx) BN_CTX_free(ctx); | ||
155 | + if (c) BN_free(c); | ||
156 | + if (exp) BN_free(exp); | ||
157 | + return ok; | ||
158 | +} | ||
159 | + | ||
160 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | ||
161 | { 0, NULL, NULL, 0 } | ||
162 | }; | ||
163 | @@ -1106,7 +1199,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, | ||
164 | static int | ||
165 | bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
166 | { | ||
167 | - int i, j, k; | ||
168 | ssize_t bytes, bits; | ||
169 | u_char *b; | ||
170 | |||
171 | @@ -1123,15 +1215,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
172 | |||
173 | crp->crp_p = (caddr_t) b; | ||
174 | crp->crp_nbits = bits; | ||
175 | - | ||
176 | - for (i = 0, j = 0; i < a->top; i++) { | ||
177 | - for (k = 0; k < BN_BITS2 / 8; k++) { | ||
178 | - if ((j + k) >= bytes) | ||
179 | - return (0); | ||
180 | - b[j + k] = a->d[i] >> (k * 8); | ||
181 | - } | ||
182 | - j += BN_BITS2 / 8; | ||
183 | - } | ||
184 | + BN_bn2bin(a, crp->crp_p); | ||
185 | return (0); | ||
186 | } | ||
187 | |||
188 | @@ -1139,22 +1223,14 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) | ||
189 | static int | ||
190 | crparam2bn(struct crparam *crp, BIGNUM *a) | ||
191 | { | ||
192 | - u_int8_t *pd; | ||
193 | - int i, bytes; | ||
194 | + int bytes; | ||
195 | |||
196 | bytes = (crp->crp_nbits + 7) / 8; | ||
197 | |||
198 | if (bytes == 0) | ||
199 | return (-1); | ||
200 | |||
201 | - if ((pd = (u_int8_t *) malloc(bytes)) == NULL) | ||
202 | - return (-1); | ||
203 | - | ||
204 | - for (i = 0; i < bytes; i++) | ||
205 | - pd[i] = crp->crp_p[bytes - i - 1]; | ||
206 | - | ||
207 | - BN_bin2bn(pd, bytes, a); | ||
208 | - free(pd); | ||
209 | + BN_bin2bn(crp->crp_p, bytes, a); | ||
210 | |||
211 | return (0); | ||
212 | } | ||
213 | @@ -1202,6 +1278,32 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | ||
214 | return (ret); | ||
215 | } | ||
216 | |||
217 | +/* Close an opened instance of cryptodev engine */ | ||
218 | +void cryptodev_close_instance(void *handle) | ||
219 | +{ | ||
220 | + int fd; | ||
221 | + | ||
222 | + if (handle) { | ||
223 | + fd = *(int *)handle; | ||
224 | + close(fd); | ||
225 | + free(handle); | ||
226 | + } | ||
227 | +} | ||
228 | + | ||
229 | +/* Create an instance of cryptodev for asynchronous interface */ | ||
230 | +void *cryptodev_init_instance(void) | ||
231 | +{ | ||
232 | + int *fd = malloc(sizeof(int)); | ||
233 | + | ||
234 | + if (fd) { | ||
235 | + if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { | ||
236 | + free(fd); | ||
237 | + return NULL; | ||
238 | + } | ||
239 | + } | ||
240 | + return fd; | ||
241 | +} | ||
242 | + | ||
243 | static int | ||
244 | cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
245 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | ||
246 | @@ -1217,9 +1319,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
247 | return (ret); | ||
248 | } | ||
249 | |||
250 | - memset(&kop, 0, sizeof kop); | ||
251 | kop.crk_op = CRK_MOD_EXP; | ||
252 | - | ||
253 | + kop.crk_oparams = 0; | ||
254 | + kop.crk_status = 0; | ||
255 | /* inputs: a^p % m */ | ||
256 | if (bn2crparam(a, &kop.crk_param[0])) | ||
257 | goto err; | ||
258 | @@ -1260,28 +1362,38 @@ static int | ||
259 | cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | ||
260 | { | ||
261 | struct crypt_kop kop; | ||
262 | - int ret = 1; | ||
263 | + int ret = 1, f_len, p_len, q_len; | ||
264 | + unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; | ||
265 | |||
266 | if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { | ||
267 | /* XXX 0 means failure?? */ | ||
268 | return (0); | ||
269 | } | ||
270 | |||
271 | - memset(&kop, 0, sizeof kop); | ||
272 | + kop.crk_oparams = 0; | ||
273 | + kop.crk_status = 0; | ||
274 | kop.crk_op = CRK_MOD_EXP_CRT; | ||
275 | + f_len = BN_num_bytes(rsa->n); | ||
276 | + spcf_bn2bin_ex(I, &f, &f_len); | ||
277 | + spcf_bn2bin(rsa->p, &p, &p_len); | ||
278 | + spcf_bn2bin(rsa->q, &q, &q_len); | ||
279 | + spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); | ||
280 | + spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); | ||
281 | + spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); | ||
282 | /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ | ||
283 | - if (bn2crparam(rsa->p, &kop.crk_param[0])) | ||
284 | - goto err; | ||
285 | - if (bn2crparam(rsa->q, &kop.crk_param[1])) | ||
286 | - goto err; | ||
287 | - if (bn2crparam(I, &kop.crk_param[2])) | ||
288 | - goto err; | ||
289 | - if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) | ||
290 | - goto err; | ||
291 | - if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) | ||
292 | - goto err; | ||
293 | - if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) | ||
294 | - goto err; | ||
295 | + kop.crk_param[0].crp_p = p; | ||
296 | + kop.crk_param[0].crp_nbits = p_len * 8; | ||
297 | + kop.crk_param[1].crp_p = q; | ||
298 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
299 | + kop.crk_param[2].crp_p = f; | ||
300 | + kop.crk_param[2].crp_nbits = f_len * 8; | ||
301 | + kop.crk_param[3].crp_p = dp; | ||
302 | + kop.crk_param[3].crp_nbits = p_len * 8; | ||
303 | + /* dq must of length q, rest all of length p*/ | ||
304 | + kop.crk_param[4].crp_p = dq; | ||
305 | + kop.crk_param[4].crp_nbits = q_len * 8; | ||
306 | + kop.crk_param[5].crp_p = c; | ||
307 | + kop.crk_param[5].crp_nbits = p_len * 8; | ||
308 | kop.crk_iparams = 6; | ||
309 | |||
310 | if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { | ||
311 | @@ -1317,90 +1429,117 @@ static RSA_METHOD cryptodev_rsa = { | ||
312 | NULL /* rsa_verify */ | ||
313 | }; | ||
314 | |||
315 | -static int | ||
316 | -cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
317 | - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | ||
318 | -{ | ||
319 | - return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); | ||
320 | -} | ||
321 | - | ||
322 | -static int | ||
323 | -cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, | ||
324 | - BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, | ||
325 | - BN_CTX *ctx, BN_MONT_CTX *mont) | ||
326 | +static DSA_SIG * | ||
327 | +cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||
328 | { | ||
329 | - BIGNUM t2; | ||
330 | - int ret = 0; | ||
331 | - | ||
332 | - BN_init(&t2); | ||
333 | - | ||
334 | - /* v = ( g^u1 * y^u2 mod p ) mod q */ | ||
335 | - /* let t1 = g ^ u1 mod p */ | ||
336 | - ret = 0; | ||
337 | + struct crypt_kop kop; | ||
338 | + BIGNUM *c = NULL, *d = NULL; | ||
339 | + DSA_SIG *dsaret = NULL; | ||
340 | + int q_len = 0, r_len = 0, g_len = 0; | ||
341 | + int priv_key_len = 0, ret; | ||
342 | + unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; | ||
343 | |||
344 | - if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) | ||
345 | + memset(&kop, 0, sizeof kop); | ||
346 | + if ((c = BN_new()) == NULL) { | ||
347 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
348 | goto err; | ||
349 | + } | ||
350 | |||
351 | - /* let t2 = y ^ u2 mod p */ | ||
352 | - if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) | ||
353 | + if ((d = BN_new()) == NULL) { | ||
354 | + BN_free(c); | ||
355 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
356 | goto err; | ||
357 | - /* let u1 = t1 * t2 mod p */ | ||
358 | - if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) | ||
359 | + } | ||
360 | + | ||
361 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
362 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
363 | goto err; | ||
364 | + } | ||
365 | |||
366 | - BN_copy(t1,u1); | ||
367 | + /* Get order of the field of private keys into plain buffer */ | ||
368 | + if (spcf_bn2bin (dsa->q, &r, &r_len)) { | ||
369 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
370 | + goto err; | ||
371 | + } | ||
372 | |||
373 | - ret = 1; | ||
374 | -err: | ||
375 | - BN_free(&t2); | ||
376 | - return(ret); | ||
377 | -} | ||
378 | + /* sanity test */ | ||
379 | + if (dlen > r_len) { | ||
380 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
381 | + goto err; | ||
382 | + } | ||
383 | |||
384 | -static DSA_SIG * | ||
385 | -cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||
386 | -{ | ||
387 | - struct crypt_kop kop; | ||
388 | - BIGNUM *r = NULL, *s = NULL; | ||
389 | - DSA_SIG *dsaret = NULL; | ||
390 | + g_len = q_len; | ||
391 | + /** | ||
392 | + * Get generator into a plain buffer. If length is less than | ||
393 | + * q_len then add leading padding bytes. | ||
394 | + */ | ||
395 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
396 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
397 | + goto err; | ||
398 | + } | ||
399 | |||
400 | - if ((r = BN_new()) == NULL) | ||
401 | + priv_key_len = r_len; | ||
402 | + /** | ||
403 | + * Get private key into a plain buffer. If length is less than | ||
404 | + * r_len then add leading padding bytes. | ||
405 | + */ | ||
406 | + if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { | ||
407 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
408 | goto err; | ||
409 | - if ((s = BN_new()) == NULL) { | ||
410 | - BN_free(r); | ||
411 | + } | ||
412 | + | ||
413 | + /* Allocate memory to store hash. */ | ||
414 | + f = OPENSSL_malloc (r_len); | ||
415 | + if (!f) { | ||
416 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
417 | goto err; | ||
418 | } | ||
419 | |||
420 | - memset(&kop, 0, sizeof kop); | ||
421 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
422 | + if (dlen < r_len) | ||
423 | + memset(f, 0, r_len - dlen); | ||
424 | + | ||
425 | + /* Skip leading bytes if dgst_len < r_len */ | ||
426 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
427 | + | ||
428 | kop.crk_op = CRK_DSA_SIGN; | ||
429 | |||
430 | /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
431 | - kop.crk_param[0].crp_p = (caddr_t)dgst; | ||
432 | - kop.crk_param[0].crp_nbits = dlen * 8; | ||
433 | - if (bn2crparam(dsa->p, &kop.crk_param[1])) | ||
434 | - goto err; | ||
435 | - if (bn2crparam(dsa->q, &kop.crk_param[2])) | ||
436 | - goto err; | ||
437 | - if (bn2crparam(dsa->g, &kop.crk_param[3])) | ||
438 | - goto err; | ||
439 | - if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) | ||
440 | - goto err; | ||
441 | + kop.crk_param[0].crp_p = (void*)f; | ||
442 | + kop.crk_param[0].crp_nbits = r_len * 8; | ||
443 | + kop.crk_param[1].crp_p = (void*)q; | ||
444 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
445 | + kop.crk_param[2].crp_p = (void*)r; | ||
446 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
447 | + kop.crk_param[3].crp_p = (void*)g; | ||
448 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
449 | + kop.crk_param[4].crp_p = (void*)priv_key; | ||
450 | + kop.crk_param[4].crp_nbits = priv_key_len * 8; | ||
451 | kop.crk_iparams = 5; | ||
452 | |||
453 | - if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, | ||
454 | - BN_num_bytes(dsa->q), s) == 0) { | ||
455 | - dsaret = DSA_SIG_new(); | ||
456 | - dsaret->r = r; | ||
457 | - dsaret->s = s; | ||
458 | - } else { | ||
459 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
460 | - BN_free(r); | ||
461 | - BN_free(s); | ||
462 | - dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | ||
463 | + ret = cryptodev_asym(&kop, r_len, c, r_len, d); | ||
464 | + | ||
465 | + if (ret) { | ||
466 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DECODE_ERROR); | ||
467 | + goto err; | ||
468 | } | ||
469 | -err: | ||
470 | - kop.crk_param[0].crp_p = NULL; | ||
471 | + | ||
472 | + dsaret = DSA_SIG_new(); | ||
473 | + dsaret->r = c; | ||
474 | + dsaret->s = d; | ||
475 | + | ||
476 | zapparams(&kop); | ||
477 | return (dsaret); | ||
478 | +err: | ||
479 | + { | ||
480 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
481 | + if (c) | ||
482 | + BN_free(c); | ||
483 | + if (d) | ||
484 | + BN_free(d); | ||
485 | + dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | ||
486 | + return (dsaret); | ||
487 | + } | ||
488 | } | ||
489 | |||
490 | static int | ||
491 | @@ -1408,42 +1547,179 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, | ||
492 | DSA_SIG *sig, DSA *dsa) | ||
493 | { | ||
494 | struct crypt_kop kop; | ||
495 | - int dsaret = 1; | ||
496 | + int dsaret = 1, q_len = 0, r_len = 0, g_len = 0; | ||
497 | + int w_len = 0 ,c_len = 0, d_len = 0, ret = -1; | ||
498 | + unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; | ||
499 | + unsigned char * c = NULL, * d = NULL, *f = NULL; | ||
500 | |||
501 | memset(&kop, 0, sizeof kop); | ||
502 | kop.crk_op = CRK_DSA_VERIFY; | ||
503 | |||
504 | - /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ | ||
505 | - kop.crk_param[0].crp_p = (caddr_t)dgst; | ||
506 | - kop.crk_param[0].crp_nbits = dlen * 8; | ||
507 | - if (bn2crparam(dsa->p, &kop.crk_param[1])) | ||
508 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
509 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
510 | + return ret; | ||
511 | + } | ||
512 | + | ||
513 | + /* Get Order of field of private keys */ | ||
514 | + if (spcf_bn2bin(dsa->q, &r, &r_len)) { | ||
515 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
516 | goto err; | ||
517 | - if (bn2crparam(dsa->q, &kop.crk_param[2])) | ||
518 | + } | ||
519 | + | ||
520 | + g_len = q_len; | ||
521 | + /** | ||
522 | + * Get generator into a plain buffer. If length is less than | ||
523 | + * q_len then add leading padding bytes. | ||
524 | + */ | ||
525 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
526 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
527 | goto err; | ||
528 | - if (bn2crparam(dsa->g, &kop.crk_param[3])) | ||
529 | + } | ||
530 | + w_len = q_len; | ||
531 | + /** | ||
532 | + * Get public key into a plain buffer. If length is less than | ||
533 | + * q_len then add leading padding bytes. | ||
534 | + */ | ||
535 | + if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { | ||
536 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
537 | + goto err; | ||
538 | + } | ||
539 | + /** | ||
540 | + * Get the 1st part of signature into a flat buffer with | ||
541 | + * appropriate padding | ||
542 | + */ | ||
543 | + c_len = r_len; | ||
544 | + | ||
545 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
546 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
547 | goto err; | ||
548 | - if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) | ||
549 | + } | ||
550 | + | ||
551 | + /** | ||
552 | + * Get the 2nd part of signature into a flat buffer with | ||
553 | + * appropriate padding | ||
554 | + */ | ||
555 | + d_len = r_len; | ||
556 | + | ||
557 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
558 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
559 | goto err; | ||
560 | - if (bn2crparam(sig->r, &kop.crk_param[5])) | ||
561 | + } | ||
562 | + | ||
563 | + | ||
564 | + /* Sanity test */ | ||
565 | + if (dlen > r_len) { | ||
566 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
567 | goto err; | ||
568 | - if (bn2crparam(sig->s, &kop.crk_param[6])) | ||
569 | + } | ||
570 | + | ||
571 | + /* Allocate memory to store hash. */ | ||
572 | + f = OPENSSL_malloc (r_len); | ||
573 | + if (!f) { | ||
574 | + DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
575 | goto err; | ||
576 | + } | ||
577 | + | ||
578 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
579 | + if (dlen < r_len) | ||
580 | + memset(f, 0, r_len - dlen); | ||
581 | + | ||
582 | + /* Skip leading bytes if dgst_len < r_len */ | ||
583 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
584 | + | ||
585 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ | ||
586 | + kop.crk_param[0].crp_p = (void*)f; | ||
587 | + kop.crk_param[0].crp_nbits = r_len * 8; | ||
588 | + kop.crk_param[1].crp_p = q; | ||
589 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
590 | + kop.crk_param[2].crp_p = r; | ||
591 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
592 | + kop.crk_param[3].crp_p = g; | ||
593 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
594 | + kop.crk_param[4].crp_p = w; | ||
595 | + kop.crk_param[4].crp_nbits = w_len * 8; | ||
596 | + kop.crk_param[5].crp_p = c; | ||
597 | + kop.crk_param[5].crp_nbits = c_len * 8; | ||
598 | + kop.crk_param[6].crp_p = d; | ||
599 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
600 | kop.crk_iparams = 7; | ||
601 | |||
602 | - if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
603 | -/*OCF success value is 0, if not zero, change dsaret to fail*/ | ||
604 | - if(0 != kop.crk_status) dsaret = 0; | ||
605 | - } else { | ||
606 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
607 | + if ((cryptodev_asym(&kop, 0, NULL, 0, NULL))) { | ||
608 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); | ||
609 | + goto err; | ||
610 | + } | ||
611 | |||
612 | - dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); | ||
613 | + /*OCF success value is 0, if not zero, change dsaret to fail*/ | ||
614 | + if(0 != kop.crk_status) { | ||
615 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); | ||
616 | + goto err; | ||
617 | } | ||
618 | -err: | ||
619 | - kop.crk_param[0].crp_p = NULL; | ||
620 | + | ||
621 | zapparams(&kop); | ||
622 | return (dsaret); | ||
623 | +err: | ||
624 | + { | ||
625 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
626 | + | ||
627 | + dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); | ||
628 | + } | ||
629 | + return dsaret; | ||
630 | } | ||
631 | |||
632 | +/* Cryptodev DSA Key Gen routine */ | ||
633 | +static int cryptodev_dsa_keygen(DSA *dsa) | ||
634 | +{ | ||
635 | + struct crypt_kop kop; | ||
636 | + int ret = 1, g_len; | ||
637 | + unsigned char *g = NULL; | ||
638 | + | ||
639 | + if (dsa->priv_key == NULL) { | ||
640 | + if ((dsa->priv_key=BN_new()) == NULL) | ||
641 | + goto sw_try; | ||
642 | + } | ||
643 | + | ||
644 | + if (dsa->pub_key == NULL) { | ||
645 | + if ((dsa->pub_key=BN_new()) == NULL) | ||
646 | + goto sw_try; | ||
647 | + } | ||
648 | + | ||
649 | + g_len = BN_num_bytes(dsa->p); | ||
650 | + /** | ||
651 | + * Get generator into a plain buffer. If length is less than | ||
652 | + * p_len then add leading padding bytes. | ||
653 | + */ | ||
654 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
655 | + DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
656 | + goto sw_try; | ||
657 | + } | ||
658 | + | ||
659 | + memset(&kop, 0, sizeof kop); | ||
660 | + | ||
661 | + kop.crk_op = CRK_DSA_GENERATE_KEY; | ||
662 | + if (bn2crparam(dsa->p, &kop.crk_param[0])) | ||
663 | + goto sw_try; | ||
664 | + if (bn2crparam(dsa->q, &kop.crk_param[1])) | ||
665 | + goto sw_try; | ||
666 | + kop.crk_param[2].crp_p = g; | ||
667 | + kop.crk_param[2].crp_nbits = g_len * 8; | ||
668 | + kop.crk_iparams = 3; | ||
669 | + | ||
670 | + /* pub_key is or prime length while priv key is of length of order */ | ||
671 | + if (cryptodev_asym(&kop, BN_num_bytes(dsa->p), dsa->pub_key, | ||
672 | + BN_num_bytes(dsa->q), dsa->priv_key)) | ||
673 | + goto sw_try; | ||
674 | + | ||
675 | + return ret; | ||
676 | +sw_try: | ||
677 | + { | ||
678 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
679 | + ret = (meth->dsa_keygen)(dsa); | ||
680 | + } | ||
681 | + return ret; | ||
682 | +} | ||
683 | + | ||
684 | + | ||
685 | + | ||
686 | static DSA_METHOD cryptodev_dsa = { | ||
687 | "cryptodev DSA method", | ||
688 | NULL, | ||
689 | @@ -1457,12 +1733,543 @@ static DSA_METHOD cryptodev_dsa = { | ||
690 | NULL /* app_data */ | ||
691 | }; | ||
692 | |||
693 | -static int | ||
694 | -cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||
695 | - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
696 | - BN_MONT_CTX *m_ctx) | ||
697 | +static ECDSA_METHOD cryptodev_ecdsa = { | ||
698 | + "cryptodev ECDSA method", | ||
699 | + NULL, | ||
700 | + NULL, /* ecdsa_sign_setup */ | ||
701 | + NULL, | ||
702 | + NULL, | ||
703 | + 0, /* flags */ | ||
704 | + NULL /* app_data */ | ||
705 | +}; | ||
706 | + | ||
707 | +typedef enum ec_curve_s | ||
708 | +{ | ||
709 | + EC_PRIME, | ||
710 | + EC_BINARY | ||
711 | +} ec_curve_t; | ||
712 | + | ||
713 | +/* ENGINE handler for ECDSA Sign */ | ||
714 | +static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
715 | + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
716 | { | ||
717 | - return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); | ||
718 | + BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
719 | + BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
720 | + BN_CTX *ctx = NULL; | ||
721 | + ECDSA_SIG *ret = NULL; | ||
722 | + ECDSA_DATA *ecdsa = NULL; | ||
723 | + unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
724 | + unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
725 | + int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
726 | + int g_len = 0, d_len = 0, ab_len = 0; | ||
727 | + const BIGNUM *order = NULL, *priv_key=NULL; | ||
728 | + const EC_GROUP *group = NULL; | ||
729 | + struct crypt_kop kop; | ||
730 | + ec_curve_t ec_crv = EC_PRIME; | ||
731 | + | ||
732 | + memset(&kop, 0, sizeof(kop)); | ||
733 | + ecdsa = ecdsa_check(eckey); | ||
734 | + if (!ecdsa) { | ||
735 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
736 | + return NULL; | ||
737 | + } | ||
738 | + | ||
739 | + group = EC_KEY_get0_group(eckey); | ||
740 | + priv_key = EC_KEY_get0_private_key(eckey); | ||
741 | + | ||
742 | + if (!group || !priv_key) { | ||
743 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
744 | + return NULL; | ||
745 | + } | ||
746 | + | ||
747 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
748 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
749 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
750 | + (y = BN_new()) == NULL) { | ||
751 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
752 | + goto err; | ||
753 | + } | ||
754 | + | ||
755 | + order = &group->order; | ||
756 | + if (!order || BN_is_zero(order)) { | ||
757 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
758 | + goto err; | ||
759 | + } | ||
760 | + | ||
761 | + i = BN_num_bits(order); | ||
762 | + /* Need to truncate digest if it is too long: first truncate whole | ||
763 | + bytes */ | ||
764 | + if (8 * dgst_len > i) | ||
765 | + dgst_len = (i + 7)/8; | ||
766 | + | ||
767 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
768 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
769 | + goto err; | ||
770 | + } | ||
771 | + | ||
772 | + /* If still too long truncate remaining bits with a shift */ | ||
773 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
774 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
775 | + goto err; | ||
776 | + } | ||
777 | + | ||
778 | + /* copy the truncated bits into plain buffer */ | ||
779 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
780 | + fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
781 | + goto err; | ||
782 | + } | ||
783 | + | ||
784 | + ret = ECDSA_SIG_new(); | ||
785 | + if (!ret) { | ||
786 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
787 | + goto err; | ||
788 | + } | ||
789 | + | ||
790 | + /* check if this is prime or binary EC request */ | ||
791 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
792 | + ec_crv = EC_PRIME; | ||
793 | + /* get the generator point pair */ | ||
794 | + if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), | ||
795 | + x, y,ctx)) { | ||
796 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
797 | + goto err; | ||
798 | + } | ||
799 | + | ||
800 | + /* get the ECC curve parameters */ | ||
801 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
802 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
803 | + goto err; | ||
804 | + } | ||
805 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { | ||
806 | + ec_crv = EC_BINARY; | ||
807 | + /* get the ECC curve parameters */ | ||
808 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
809 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
810 | + goto err; | ||
811 | + } | ||
812 | + | ||
813 | + /* get the generator point pair */ | ||
814 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
815 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
816 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
817 | + goto err; | ||
818 | + } | ||
819 | + } else { | ||
820 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
821 | + goto err; | ||
822 | + } | ||
823 | + | ||
824 | + if (spcf_bn2bin(order, &r, &r_len)) { | ||
825 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
826 | + goto err; | ||
827 | + } | ||
828 | + | ||
829 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
830 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
831 | + goto err; | ||
832 | + } | ||
833 | + | ||
834 | + priv_key_len = r_len; | ||
835 | + | ||
836 | + /** | ||
837 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
838 | + * add padding bytes before the key | ||
839 | + */ | ||
840 | + if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { | ||
841 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
842 | + goto err; | ||
843 | + } | ||
844 | + | ||
845 | + /* Generation of ECC curve parameters */ | ||
846 | + ab_len = 2*q_len; | ||
847 | + ab = eng_copy_curve_points(a, b, ab_len, q_len); | ||
848 | + if (!ab) { | ||
849 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
850 | + goto err; | ||
851 | + } | ||
852 | + | ||
853 | + if (ec_crv == EC_BINARY) { | ||
854 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
855 | + { | ||
856 | + unsigned char *c_temp = NULL; | ||
857 | + int c_temp_len = q_len; | ||
858 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
859 | + memcpy(ab+q_len, c_temp, q_len); | ||
860 | + else | ||
861 | + goto err; | ||
862 | + } | ||
863 | + kop.curve_type = ECC_BINARY; | ||
864 | + } | ||
865 | + | ||
866 | + /* Calculation of Generator point */ | ||
867 | + g_len = 2*q_len; | ||
868 | + g_xy = eng_copy_curve_points(x, y, g_len, q_len); | ||
869 | + if (!g_xy) { | ||
870 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
871 | + goto err; | ||
872 | + } | ||
873 | + | ||
874 | + /* Memory allocation for first part of digital signature */ | ||
875 | + c = malloc(r_len); | ||
876 | + if (!c) { | ||
877 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
878 | + goto err; | ||
879 | + } | ||
880 | + | ||
881 | + d_len = r_len; | ||
882 | + | ||
883 | + /* Memory allocation for second part of digital signature */ | ||
884 | + d = malloc(d_len); | ||
885 | + if (!d) { | ||
886 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
887 | + goto err; | ||
888 | + } | ||
889 | + | ||
890 | + /* memory for message representative */ | ||
891 | + f = malloc(r_len); | ||
892 | + if (!f) { | ||
893 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
894 | + goto err; | ||
895 | + } | ||
896 | + | ||
897 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
898 | + memset(f, 0, r_len - dgst_len); | ||
899 | + | ||
900 | + /* Skip leading bytes if dgst_len < r_len */ | ||
901 | + memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); | ||
902 | + | ||
903 | + dgst_len += r_len - dgst_len; | ||
904 | + kop.crk_op = CRK_DSA_SIGN; | ||
905 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
906 | + kop.crk_param[0].crp_p = f; | ||
907 | + kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
908 | + kop.crk_param[1].crp_p = q; | ||
909 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
910 | + kop.crk_param[2].crp_p = r; | ||
911 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
912 | + kop.crk_param[3].crp_p = g_xy; | ||
913 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
914 | + kop.crk_param[4].crp_p = s; | ||
915 | + kop.crk_param[4].crp_nbits = priv_key_len * 8; | ||
916 | + kop.crk_param[5].crp_p = ab; | ||
917 | + kop.crk_param[5].crp_nbits = ab_len * 8; | ||
918 | + kop.crk_iparams = 6; | ||
919 | + kop.crk_param[6].crp_p = c; | ||
920 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
921 | + kop.crk_param[7].crp_p = d; | ||
922 | + kop.crk_param[7].crp_nbits = d_len * 8; | ||
923 | + kop.crk_oparams = 2; | ||
924 | + | ||
925 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
926 | + /* Check if ret->r and s needs to allocated */ | ||
927 | + crparam2bn(&kop.crk_param[6], ret->r); | ||
928 | + crparam2bn(&kop.crk_param[7], ret->s); | ||
929 | + } else { | ||
930 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
931 | + ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); | ||
932 | + } | ||
933 | + kop.crk_param[0].crp_p = NULL; | ||
934 | + zapparams(&kop); | ||
935 | +err: | ||
936 | + if (!ret) { | ||
937 | + ECDSA_SIG_free(ret); | ||
938 | + ret = NULL; | ||
939 | + } | ||
940 | + return ret; | ||
941 | +} | ||
942 | + | ||
943 | +static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
944 | + ECDSA_SIG *sig, EC_KEY *eckey) | ||
945 | +{ | ||
946 | + BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; | ||
947 | + BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; | ||
948 | + BN_CTX *ctx = NULL; | ||
949 | + ECDSA_DATA *ecdsa = NULL; | ||
950 | + unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; | ||
951 | + unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
952 | + int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; | ||
953 | + int d_len = 0, ab_len = 0, ret = -1; | ||
954 | + const EC_POINT *pub_key = NULL; | ||
955 | + const BIGNUM *order = NULL; | ||
956 | + const EC_GROUP *group=NULL; | ||
957 | + ec_curve_t ec_crv = EC_PRIME; | ||
958 | + struct crypt_kop kop; | ||
959 | + | ||
960 | + memset(&kop, 0, sizeof kop); | ||
961 | + ecdsa = ecdsa_check(eckey); | ||
962 | + if (!ecdsa) { | ||
963 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
964 | + return ret; | ||
965 | + } | ||
966 | + | ||
967 | + group = EC_KEY_get0_group(eckey); | ||
968 | + pub_key = EC_KEY_get0_public_key(eckey); | ||
969 | + | ||
970 | + if (!group || !pub_key) { | ||
971 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
972 | + return ret; | ||
973 | + } | ||
974 | + | ||
975 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
976 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
977 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
978 | + (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || | ||
979 | + (w_y = BN_new()) == NULL) { | ||
980 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
981 | + goto err; | ||
982 | + } | ||
983 | + | ||
984 | + order = &group->order; | ||
985 | + if (!order || BN_is_zero(order)) { | ||
986 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); | ||
987 | + goto err; | ||
988 | + } | ||
989 | + | ||
990 | + i = BN_num_bits(order); | ||
991 | + /* Need to truncate digest if it is too long: first truncate whole | ||
992 | + * bytes */ | ||
993 | + if (8 * dgst_len > i) | ||
994 | + dgst_len = (i + 7)/8; | ||
995 | + | ||
996 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
997 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
998 | + goto err; | ||
999 | + } | ||
1000 | + | ||
1001 | + /* If still too long truncate remaining bits with a shift */ | ||
1002 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
1003 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
1004 | + goto err; | ||
1005 | + } | ||
1006 | + /* copy the truncated bits into plain buffer */ | ||
1007 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
1008 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1009 | + goto err; | ||
1010 | + } | ||
1011 | + | ||
1012 | + /* check if this is prime or binary EC request */ | ||
1013 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
1014 | + ec_crv = EC_PRIME; | ||
1015 | + | ||
1016 | + /* get the generator point pair */ | ||
1017 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1018 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1019 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1020 | + goto err; | ||
1021 | + } | ||
1022 | + | ||
1023 | + /* get the public key pair for prime curve */ | ||
1024 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1025 | + pub_key, w_x, w_y,ctx)) { | ||
1026 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1027 | + goto err; | ||
1028 | + } | ||
1029 | + | ||
1030 | + /* get the ECC curve parameters */ | ||
1031 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1032 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1033 | + goto err; | ||
1034 | + } | ||
1035 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ | ||
1036 | + ec_crv = EC_BINARY; | ||
1037 | + /* get the ECC curve parameters */ | ||
1038 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1039 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1040 | + goto err; | ||
1041 | + } | ||
1042 | + | ||
1043 | + /* get the generator point pair */ | ||
1044 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1045 | + EC_GROUP_get0_generator(group),x, y,ctx)) { | ||
1046 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1047 | + goto err; | ||
1048 | + } | ||
1049 | + | ||
1050 | + /* get the public key pair for binary curve */ | ||
1051 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1052 | + pub_key, w_x, w_y,ctx)) { | ||
1053 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1054 | + goto err; | ||
1055 | + } | ||
1056 | + }else { | ||
1057 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1058 | + goto err; | ||
1059 | + } | ||
1060 | + | ||
1061 | + /* Get the order of the subgroup of private keys */ | ||
1062 | + if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { | ||
1063 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1064 | + goto err; | ||
1065 | + } | ||
1066 | + | ||
1067 | + /* Get the irreducible polynomial that creates the field */ | ||
1068 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1069 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1070 | + goto err; | ||
1071 | + } | ||
1072 | + | ||
1073 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1074 | + pub_key_len = 2 * q_len; | ||
1075 | + | ||
1076 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1077 | + if (!w_xy) { | ||
1078 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1079 | + goto err; | ||
1080 | + } | ||
1081 | + | ||
1082 | + /* Generation of ECC curve parameters */ | ||
1083 | + ab_len = 2*q_len; | ||
1084 | + | ||
1085 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1086 | + if (!ab) { | ||
1087 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1088 | + goto err; | ||
1089 | + } | ||
1090 | + | ||
1091 | + if (ec_crv == EC_BINARY) { | ||
1092 | + /* copy b' i.e c(b), instead of only b */ | ||
1093 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1094 | + { | ||
1095 | + unsigned char *c_temp = NULL; | ||
1096 | + int c_temp_len = q_len; | ||
1097 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1098 | + memcpy(ab+q_len, c_temp, q_len); | ||
1099 | + else | ||
1100 | + goto err; | ||
1101 | + } | ||
1102 | + kop.curve_type = ECC_BINARY; | ||
1103 | + } | ||
1104 | + | ||
1105 | + /* Calculation of Generator point */ | ||
1106 | + g_len = 2 * q_len; | ||
1107 | + | ||
1108 | + g_xy = eng_copy_curve_points (x, y, g_len, q_len); | ||
1109 | + if (!g_xy) { | ||
1110 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1111 | + goto err; | ||
1112 | + } | ||
1113 | + | ||
1114 | + /** | ||
1115 | + * Get the 1st part of signature into a flat buffer with | ||
1116 | + * appropriate padding | ||
1117 | + */ | ||
1118 | + if (BN_num_bytes(sig->r) < r_len) | ||
1119 | + c_len = r_len; | ||
1120 | + | ||
1121 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
1122 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1123 | + goto err; | ||
1124 | + } | ||
1125 | + | ||
1126 | + /** | ||
1127 | + * Get the 2nd part of signature into a flat buffer with | ||
1128 | + * appropriate padding | ||
1129 | + */ | ||
1130 | + if (BN_num_bytes(sig->s) < r_len) | ||
1131 | + d_len = r_len; | ||
1132 | + | ||
1133 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
1134 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1135 | + goto err; | ||
1136 | + } | ||
1137 | + | ||
1138 | + /* memory for message representative */ | ||
1139 | + f = malloc(r_len); | ||
1140 | + if (!f) { | ||
1141 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1142 | + goto err; | ||
1143 | + } | ||
1144 | + | ||
1145 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
1146 | + memset(f, 0, r_len-dgst_len); | ||
1147 | + | ||
1148 | + /* Skip leading bytes if dgst_len < r_len */ | ||
1149 | + memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
1150 | + dgst_len += r_len-dgst_len; | ||
1151 | + kop.crk_op = CRK_DSA_VERIFY; | ||
1152 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1153 | + kop.crk_param[0].crp_p = f; | ||
1154 | + kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
1155 | + kop.crk_param[1].crp_p = q; | ||
1156 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
1157 | + kop.crk_param[2].crp_p = r; | ||
1158 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
1159 | + kop.crk_param[3].crp_p = g_xy; | ||
1160 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
1161 | + kop.crk_param[4].crp_p = w_xy; | ||
1162 | + kop.crk_param[4].crp_nbits = pub_key_len * 8; | ||
1163 | + kop.crk_param[5].crp_p = ab; | ||
1164 | + kop.crk_param[5].crp_nbits = ab_len * 8; | ||
1165 | + kop.crk_param[6].crp_p = c; | ||
1166 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
1167 | + kop.crk_param[7].crp_p = d; | ||
1168 | + kop.crk_param[7].crp_nbits = d_len * 8; | ||
1169 | + kop.crk_iparams = 8; | ||
1170 | + | ||
1171 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
1172 | + /*OCF success value is 0, if not zero, change ret to fail*/ | ||
1173 | + if(0 == kop.crk_status) | ||
1174 | + ret = 1; | ||
1175 | + } else { | ||
1176 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1177 | + | ||
1178 | + ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
1179 | + } | ||
1180 | + kop.crk_param[0].crp_p = NULL; | ||
1181 | + zapparams(&kop); | ||
1182 | + | ||
1183 | +err: | ||
1184 | + return ret; | ||
1185 | +} | ||
1186 | + | ||
1187 | +static int cryptodev_dh_keygen(DH *dh) | ||
1188 | +{ | ||
1189 | + struct crypt_kop kop; | ||
1190 | + int ret = 1, g_len; | ||
1191 | + unsigned char *g = NULL; | ||
1192 | + | ||
1193 | + if (dh->priv_key == NULL) { | ||
1194 | + if ((dh->priv_key=BN_new()) == NULL) | ||
1195 | + goto sw_try; | ||
1196 | + } | ||
1197 | + | ||
1198 | + if (dh->pub_key == NULL) { | ||
1199 | + if ((dh->pub_key=BN_new()) == NULL) | ||
1200 | + goto sw_try; | ||
1201 | + } | ||
1202 | + | ||
1203 | + g_len = BN_num_bytes(dh->p); | ||
1204 | + /** | ||
1205 | + * Get generator into a plain buffer. If length is less than | ||
1206 | + * q_len then add leading padding bytes. | ||
1207 | + */ | ||
1208 | + if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
1209 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
1210 | + goto sw_try; | ||
1211 | + } | ||
1212 | + | ||
1213 | + memset(&kop, 0, sizeof kop); | ||
1214 | + kop.crk_op = CRK_DH_GENERATE_KEY; | ||
1215 | + if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
1216 | + goto sw_try; | ||
1217 | + if (bn2crparam(dh->q, &kop.crk_param[1])) | ||
1218 | + goto sw_try; | ||
1219 | + kop.crk_param[2].crp_p = g; | ||
1220 | + kop.crk_param[2].crp_nbits = g_len * 8; | ||
1221 | + kop.crk_iparams = 3; | ||
1222 | + | ||
1223 | + /* pub_key is or prime length while priv key is of length of order */ | ||
1224 | + if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, | ||
1225 | + BN_num_bytes(dh->q), dh->priv_key)) | ||
1226 | + goto sw_try; | ||
1227 | + | ||
1228 | + return ret; | ||
1229 | +sw_try: | ||
1230 | + { | ||
1231 | + const DH_METHOD *meth = DH_OpenSSL(); | ||
1232 | + ret = (meth->generate_key)(dh); | ||
1233 | + } | ||
1234 | + return ret; | ||
1235 | } | ||
1236 | |||
1237 | static int | ||
1238 | @@ -1470,43 +2277,234 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | ||
1239 | { | ||
1240 | struct crypt_kop kop; | ||
1241 | int dhret = 1; | ||
1242 | - int fd, keylen; | ||
1243 | + int fd, p_len; | ||
1244 | + BIGNUM *temp = NULL; | ||
1245 | + unsigned char *padded_pub_key = NULL, *p = NULL; | ||
1246 | + | ||
1247 | + if ((fd = get_asym_dev_crypto()) < 0) | ||
1248 | + goto sw_try; | ||
1249 | + | ||
1250 | + memset(&kop, 0, sizeof kop); | ||
1251 | + kop.crk_op = CRK_DH_COMPUTE_KEY; | ||
1252 | + /* inputs: dh->priv_key pub_key dh->p key */ | ||
1253 | + spcf_bn2bin(dh->p, &p, &p_len); | ||
1254 | + spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); | ||
1255 | + if (bn2crparam(dh->priv_key, &kop.crk_param[0])) | ||
1256 | + goto sw_try; | ||
1257 | + | ||
1258 | + kop.crk_param[1].crp_p = padded_pub_key; | ||
1259 | + kop.crk_param[1].crp_nbits = p_len * 8; | ||
1260 | + kop.crk_param[2].crp_p = p; | ||
1261 | + kop.crk_param[2].crp_nbits = p_len * 8; | ||
1262 | + kop.crk_iparams = 3; | ||
1263 | + kop.crk_param[3].crp_p = (void*) key; | ||
1264 | + kop.crk_param[3].crp_nbits = p_len * 8; | ||
1265 | + kop.crk_oparams = 1; | ||
1266 | + dhret = p_len; | ||
1267 | + | ||
1268 | + if (ioctl(fd, CIOCKEY, &kop)) | ||
1269 | + goto sw_try; | ||
1270 | |||
1271 | - if ((fd = get_asym_dev_crypto()) < 0) { | ||
1272 | + if ((temp = BN_new())) { | ||
1273 | + if (!BN_bin2bn(key, p_len, temp)) { | ||
1274 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
1275 | + goto sw_try; | ||
1276 | + } | ||
1277 | + if (dhret > BN_num_bytes(temp)) | ||
1278 | + dhret=BN_bn2bin(temp,key); | ||
1279 | + BN_free(temp); | ||
1280 | + } | ||
1281 | + | ||
1282 | + kop.crk_param[3].crp_p = NULL; | ||
1283 | + zapparams(&kop); | ||
1284 | + return (dhret); | ||
1285 | +sw_try: | ||
1286 | + { | ||
1287 | const DH_METHOD *meth = DH_OpenSSL(); | ||
1288 | |||
1289 | - return ((meth->compute_key)(key, pub_key, dh)); | ||
1290 | + dhret = (meth->compute_key)(key, pub_key, dh); | ||
1291 | } | ||
1292 | + return (dhret); | ||
1293 | +} | ||
1294 | |||
1295 | - keylen = BN_num_bits(dh->p); | ||
1296 | +int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
1297 | + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
1298 | + void *out, size_t *outlen)) | ||
1299 | +{ | ||
1300 | + ec_curve_t ec_crv = EC_PRIME; | ||
1301 | + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
1302 | + BIGNUM * w_x = NULL, *w_y = NULL; | ||
1303 | + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
1304 | + BIGNUM * p = NULL, *a = NULL, *b = NULL; | ||
1305 | + BN_CTX *ctx; | ||
1306 | + EC_POINT *tmp=NULL; | ||
1307 | + BIGNUM *x=NULL, *y=NULL; | ||
1308 | + const BIGNUM *priv_key; | ||
1309 | + const EC_GROUP* group = NULL; | ||
1310 | + int ret = -1; | ||
1311 | + size_t buflen, len; | ||
1312 | + struct crypt_kop kop; | ||
1313 | |||
1314 | memset(&kop, 0, sizeof kop); | ||
1315 | - kop.crk_op = CRK_DH_COMPUTE_KEY; | ||
1316 | |||
1317 | - /* inputs: dh->priv_key pub_key dh->p key */ | ||
1318 | - if (bn2crparam(dh->priv_key, &kop.crk_param[0])) | ||
1319 | + if ((ctx = BN_CTX_new()) == NULL) goto err; | ||
1320 | + BN_CTX_start(ctx); | ||
1321 | + x = BN_CTX_get(ctx); | ||
1322 | + y = BN_CTX_get(ctx); | ||
1323 | + p = BN_CTX_get(ctx); | ||
1324 | + a = BN_CTX_get(ctx); | ||
1325 | + b = BN_CTX_get(ctx); | ||
1326 | + w_x = BN_CTX_get(ctx); | ||
1327 | + w_y = BN_CTX_get(ctx); | ||
1328 | + | ||
1329 | + if (!x || !y || !p || !a || !b || !w_x || !w_y) { | ||
1330 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1331 | goto err; | ||
1332 | - if (bn2crparam(pub_key, &kop.crk_param[1])) | ||
1333 | + } | ||
1334 | + | ||
1335 | + priv_key = EC_KEY_get0_private_key(ecdh); | ||
1336 | + if (priv_key == NULL) { | ||
1337 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); | ||
1338 | goto err; | ||
1339 | - if (bn2crparam(dh->p, &kop.crk_param[2])) | ||
1340 | + } | ||
1341 | + | ||
1342 | + group = EC_KEY_get0_group(ecdh); | ||
1343 | + if ((tmp=EC_POINT_new(group)) == NULL) { | ||
1344 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1345 | goto err; | ||
1346 | - kop.crk_iparams = 3; | ||
1347 | + } | ||
1348 | |||
1349 | - kop.crk_param[3].crp_p = (caddr_t) key; | ||
1350 | - kop.crk_param[3].crp_nbits = keylen * 8; | ||
1351 | - kop.crk_oparams = 1; | ||
1352 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == | ||
1353 | + NID_X9_62_prime_field) { | ||
1354 | + ec_crv = EC_PRIME; | ||
1355 | |||
1356 | - if (ioctl(fd, CIOCKEY, &kop) == -1) { | ||
1357 | - const DH_METHOD *meth = DH_OpenSSL(); | ||
1358 | + if (!EC_POINT_get_affine_coordinates_GFp(group, | ||
1359 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1360 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1361 | + goto err; | ||
1362 | + } | ||
1363 | |||
1364 | - dhret = (meth->compute_key)(key, pub_key, dh); | ||
1365 | + /* get the ECC curve parameters */ | ||
1366 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1367 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1368 | + goto err; | ||
1369 | + } | ||
1370 | + | ||
1371 | + /* get the public key pair for prime curve */ | ||
1372 | + if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { | ||
1373 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1374 | + goto err; | ||
1375 | + } | ||
1376 | + } else { | ||
1377 | + ec_crv = EC_BINARY; | ||
1378 | + | ||
1379 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1380 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1381 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1382 | + goto err; | ||
1383 | + } | ||
1384 | + | ||
1385 | + /* get the ECC curve parameters */ | ||
1386 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1387 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1388 | + goto err; | ||
1389 | + } | ||
1390 | + | ||
1391 | + /* get the public key pair for binary curve */ | ||
1392 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1393 | + pub_key, w_x, w_y,ctx)) { | ||
1394 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1395 | + goto err; | ||
1396 | + } | ||
1397 | + } | ||
1398 | + | ||
1399 | + /* irreducible polynomial that creates the field */ | ||
1400 | + if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { | ||
1401 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1402 | + goto err; | ||
1403 | + } | ||
1404 | + | ||
1405 | + /* Get the irreducible polynomial that creates the field */ | ||
1406 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1407 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1408 | + goto err; | ||
1409 | } | ||
1410 | + | ||
1411 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1412 | + pub_key_len = 2 * q_len; | ||
1413 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1414 | + if (!w_xy) { | ||
1415 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1416 | + goto err; | ||
1417 | + } | ||
1418 | + | ||
1419 | + /* Generation of ECC curve parameters */ | ||
1420 | + ab_len = 2*q_len; | ||
1421 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1422 | + if (!ab) { | ||
1423 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1424 | + goto err; | ||
1425 | + } | ||
1426 | + | ||
1427 | + if (ec_crv == EC_BINARY) { | ||
1428 | + /* copy b' i.e c(b), instead of only b */ | ||
1429 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1430 | + { | ||
1431 | + unsigned char *c_temp = NULL; | ||
1432 | + int c_temp_len = q_len; | ||
1433 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1434 | + memcpy(ab+q_len, c_temp, q_len); | ||
1435 | + else | ||
1436 | + goto err; | ||
1437 | + } | ||
1438 | + kop.curve_type = ECC_BINARY; | ||
1439 | + } else | ||
1440 | + kop.curve_type = ECC_PRIME; | ||
1441 | + | ||
1442 | + priv_key_len = r_len; | ||
1443 | + | ||
1444 | + /* | ||
1445 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
1446 | + * add padding bytes before the key | ||
1447 | + */ | ||
1448 | + if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { | ||
1449 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1450 | + goto err; | ||
1451 | + } | ||
1452 | + | ||
1453 | + buflen = (EC_GROUP_get_degree(group) + 7)/8; | ||
1454 | + len = BN_num_bytes(x); | ||
1455 | + if (len > buflen || q_len < buflen) { | ||
1456 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); | ||
1457 | + goto err; | ||
1458 | + } | ||
1459 | + | ||
1460 | + kop.crk_op = CRK_DH_COMPUTE_KEY; | ||
1461 | + kop.crk_param[0].crp_p = (void*) s; | ||
1462 | + kop.crk_param[0].crp_nbits = priv_key_len*8; | ||
1463 | + kop.crk_param[1].crp_p = (void*) w_xy; | ||
1464 | + kop.crk_param[1].crp_nbits = pub_key_len*8; | ||
1465 | + kop.crk_param[2].crp_p = (void*) q; | ||
1466 | + kop.crk_param[2].crp_nbits = q_len*8; | ||
1467 | + kop.crk_param[3].crp_p = (void*) ab; | ||
1468 | + kop.crk_param[3].crp_nbits = ab_len*8; | ||
1469 | + kop.crk_iparams = 4; | ||
1470 | + kop.crk_param[4].crp_p = (void*) out; | ||
1471 | + kop.crk_param[4].crp_nbits = q_len*8; | ||
1472 | + kop.crk_oparams = 1; | ||
1473 | + ret = q_len; | ||
1474 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL)) { | ||
1475 | + const ECDH_METHOD *meth = ECDH_OpenSSL(); | ||
1476 | + ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); | ||
1477 | + } else | ||
1478 | + ret = q_len; | ||
1479 | err: | ||
1480 | - kop.crk_param[3].crp_p = NULL; | ||
1481 | + kop.crk_param[4].crp_p = NULL; | ||
1482 | zapparams(&kop); | ||
1483 | - return (dhret); | ||
1484 | + return ret; | ||
1485 | } | ||
1486 | |||
1487 | + | ||
1488 | static DH_METHOD cryptodev_dh = { | ||
1489 | "cryptodev DH method", | ||
1490 | NULL, /* cryptodev_dh_generate_key */ | ||
1491 | @@ -1518,6 +2516,14 @@ static DH_METHOD cryptodev_dh = { | ||
1492 | NULL /* app_data */ | ||
1493 | }; | ||
1494 | |||
1495 | +static ECDH_METHOD cryptodev_ecdh = { | ||
1496 | + "cryptodev ECDH method", | ||
1497 | + NULL, /* cryptodev_ecdh_compute_key */ | ||
1498 | + NULL, | ||
1499 | + 0, /* flags */ | ||
1500 | + NULL /* app_data */ | ||
1501 | +}; | ||
1502 | + | ||
1503 | /* | ||
1504 | * ctrl right now is just a wrapper that doesn't do much | ||
1505 | * but I expect we'll want some options soon. | ||
1506 | @@ -1602,25 +2608,42 @@ ENGINE_load_cryptodev(void) | ||
1507 | memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); | ||
1508 | if (cryptodev_asymfeat & CRF_DSA_SIGN) | ||
1509 | cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; | ||
1510 | - if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
1511 | - cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; | ||
1512 | - cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; | ||
1513 | - } | ||
1514 | if (cryptodev_asymfeat & CRF_DSA_VERIFY) | ||
1515 | cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; | ||
1516 | + if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) | ||
1517 | + cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; | ||
1518 | } | ||
1519 | |||
1520 | if (ENGINE_set_DH(engine, &cryptodev_dh)){ | ||
1521 | const DH_METHOD *dh_meth = DH_OpenSSL(); | ||
1522 | + memcpy(&cryptodev_dh, dh_meth, sizeof(DH_METHOD)); | ||
1523 | + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1524 | + cryptodev_dh.compute_key = | ||
1525 | + cryptodev_dh_compute_key; | ||
1526 | + } | ||
1527 | + if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { | ||
1528 | + cryptodev_dh.generate_key = | ||
1529 | + cryptodev_dh_keygen; | ||
1530 | + } | ||
1531 | + } | ||
1532 | |||
1533 | - cryptodev_dh.generate_key = dh_meth->generate_key; | ||
1534 | - cryptodev_dh.compute_key = dh_meth->compute_key; | ||
1535 | - cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; | ||
1536 | - if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
1537 | - cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; | ||
1538 | - if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) | ||
1539 | - cryptodev_dh.compute_key = | ||
1540 | - cryptodev_dh_compute_key; | ||
1541 | + if (ENGINE_set_ECDSA(engine, &cryptodev_ecdsa)) { | ||
1542 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1543 | + memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); | ||
1544 | + if (cryptodev_asymfeat & CRF_DSA_SIGN) { | ||
1545 | + cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; | ||
1546 | + } | ||
1547 | + if (cryptodev_asymfeat & CRF_DSA_VERIFY) { | ||
1548 | + cryptodev_ecdsa.ecdsa_do_verify = | ||
1549 | + cryptodev_ecdsa_verify; | ||
1550 | + } | ||
1551 | + } | ||
1552 | + | ||
1553 | + if (ENGINE_set_ECDH(engine, &cryptodev_ecdh)) { | ||
1554 | + const ECDH_METHOD *ecdh_meth = ECDH_OpenSSL(); | ||
1555 | + memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); | ||
1556 | + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1557 | + cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; | ||
1558 | } | ||
1559 | } | ||
1560 | |||
1561 | -- | ||
1562 | 1.7.9.7 | ||
1563 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch b/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch new file mode 100644 index 0000000..afe9f7c --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | From 6ee6f7acad9824244b32ac23248f1d12f2c2b201 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 06:42:59 +0545 | ||
4 | Subject: [PATCH][fsl 07/15] Added hwrng dev file as source of RNG | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | --- | ||
10 | e_os.h | 2 +- | ||
11 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
12 | |||
13 | diff --git a/e_os.h b/e_os.h | ||
14 | index 6a0aad1..57c0563 100644 | ||
15 | --- a/e_os.h | ||
16 | +++ b/e_os.h | ||
17 | @@ -79,7 +79,7 @@ extern "C" { | ||
18 | #ifndef DEVRANDOM | ||
19 | /* set this to a comma-separated list of 'random' device files to try out. | ||
20 | * My default, we will try to read at least one of these files */ | ||
21 | -#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" | ||
22 | +#define DEVRANDOM "/dev/hwrng","/dev/urandom","/dev/random","/dev/srandom" | ||
23 | #endif | ||
24 | #ifndef DEVRANDOM_EGD | ||
25 | /* set this to a comma-seperated list of 'egd' sockets to try out. These | ||
26 | -- | ||
27 | 1.7.9.7 | ||
28 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch b/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch new file mode 100644 index 0000000..d8b5d95 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch | |||
@@ -0,0 +1,2039 @@ | |||
1 | From 68f8054c5a1f72e40884782d2d548892406d6049 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 11 Mar 2014 07:14:30 +0545 | ||
4 | Subject: [PATCH][fsl 08/15] Asynchronous interface added for PKC cryptodev | ||
5 | interface | ||
6 | |||
7 | Upstream-status: Pending | ||
8 | |||
9 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
10 | --- | ||
11 | crypto/crypto.h | 16 + | ||
12 | crypto/dh/dh.h | 4 +- | ||
13 | crypto/dsa/dsa.h | 5 + | ||
14 | crypto/ecdh/ech_locl.h | 3 + | ||
15 | crypto/ecdsa/ecs_locl.h | 5 + | ||
16 | crypto/engine/eng_cryptodev.c | 1578 +++++++++++++++++++++++++++++++++++++---- | ||
17 | crypto/engine/eng_int.h | 24 +- | ||
18 | crypto/engine/eng_lib.c | 46 ++ | ||
19 | crypto/engine/engine.h | 24 + | ||
20 | crypto/rsa/rsa.h | 23 + | ||
21 | 10 files changed, 1582 insertions(+), 146 deletions(-) | ||
22 | |||
23 | diff --git a/crypto/crypto.h b/crypto/crypto.h | ||
24 | index f92fc51..ce12731 100644 | ||
25 | --- a/crypto/crypto.h | ||
26 | +++ b/crypto/crypto.h | ||
27 | @@ -605,6 +605,22 @@ void ERR_load_CRYPTO_strings(void); | ||
28 | #define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 | ||
29 | #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 | ||
30 | |||
31 | +/* Additions for Asynchronous PKC Infrastructure */ | ||
32 | +struct pkc_cookie_s { | ||
33 | + void *cookie; /* To be filled by openssl library primitive method function caller */ | ||
34 | + void *eng_cookie; /* To be filled by Engine */ | ||
35 | + /* | ||
36 | + * Callback handler to be provided by caller. Ensure to pass a | ||
37 | + * handler which takes the crypto operation to completion. | ||
38 | + * cookie: Container cookie from library | ||
39 | + * status: Status of the crypto Job completion. | ||
40 | + * 0: Job handled without any issue | ||
41 | + * -EINVAL: Parameters Invalid | ||
42 | + */ | ||
43 | + void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); | ||
44 | + void *eng_handle; | ||
45 | +}; | ||
46 | + | ||
47 | #ifdef __cplusplus | ||
48 | } | ||
49 | #endif | ||
50 | diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h | ||
51 | index ea59e61..20ffad2 100644 | ||
52 | --- a/crypto/dh/dh.h | ||
53 | +++ b/crypto/dh/dh.h | ||
54 | @@ -118,7 +118,9 @@ struct dh_method | ||
55 | int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||
56 | const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
57 | BN_MONT_CTX *m_ctx); /* Can be null */ | ||
58 | - | ||
59 | + int (*compute_key_async)(unsigned char *key,const BIGNUM *pub_key,DH *dh, | ||
60 | + struct pkc_cookie_s *cookie); | ||
61 | + int (*generate_key_async)(DH *dh, struct pkc_cookie_s *cookie); | ||
62 | int (*init)(DH *dh); | ||
63 | int (*finish)(DH *dh); | ||
64 | int flags; | ||
65 | diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h | ||
66 | index a6f6d0b..b04a029 100644 | ||
67 | --- a/crypto/dsa/dsa.h | ||
68 | +++ b/crypto/dsa/dsa.h | ||
69 | @@ -140,6 +140,10 @@ struct dsa_method | ||
70 | int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
71 | const BIGNUM *m, BN_CTX *ctx, | ||
72 | BN_MONT_CTX *m_ctx); /* Can be null */ | ||
73 | + int (*dsa_do_sign_async)(const unsigned char *dgst, int dlen, DSA *dsa, | ||
74 | + DSA_SIG *sig, struct pkc_cookie_s *cookie); | ||
75 | + int (*dsa_do_verify_async)(const unsigned char *dgst, int dgst_len, | ||
76 | + DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie); | ||
77 | int (*init)(DSA *dsa); | ||
78 | int (*finish)(DSA *dsa); | ||
79 | int flags; | ||
80 | @@ -151,6 +155,7 @@ struct dsa_method | ||
81 | BN_GENCB *cb); | ||
82 | /* If this is non-NULL, it is used to generate DSA keys */ | ||
83 | int (*dsa_keygen)(DSA *dsa); | ||
84 | + int (*dsa_keygen_async)(DSA *dsa, struct pkc_cookie_s *cookie); | ||
85 | }; | ||
86 | |||
87 | struct dsa_st | ||
88 | diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h | ||
89 | index f6cad6a..adce6b3 100644 | ||
90 | --- a/crypto/ecdh/ech_locl.h | ||
91 | +++ b/crypto/ecdh/ech_locl.h | ||
92 | @@ -67,6 +67,9 @@ struct ecdh_method | ||
93 | const char *name; | ||
94 | int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, | ||
95 | void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); | ||
96 | + int (*compute_key_async)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, | ||
97 | + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen), | ||
98 | + struct pkc_cookie_s *cookie); | ||
99 | #if 0 | ||
100 | int (*init)(EC_KEY *eckey); | ||
101 | int (*finish)(EC_KEY *eckey); | ||
102 | diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h | ||
103 | index cb3be13..eb0ebe0 100644 | ||
104 | --- a/crypto/ecdsa/ecs_locl.h | ||
105 | +++ b/crypto/ecdsa/ecs_locl.h | ||
106 | @@ -74,6 +74,11 @@ struct ecdsa_method | ||
107 | BIGNUM **r); | ||
108 | int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, | ||
109 | const ECDSA_SIG *sig, EC_KEY *eckey); | ||
110 | + int (*ecdsa_do_sign_async)(const unsigned char *dgst, int dgst_len, | ||
111 | + const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey, | ||
112 | + ECDSA_SIG *sig, struct pkc_cookie_s *cookie); | ||
113 | + int (*ecdsa_do_verify_async)(const unsigned char *dgst, int dgst_len, | ||
114 | + const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie); | ||
115 | #if 0 | ||
116 | int (*init)(EC_KEY *eckey); | ||
117 | int (*finish)(EC_KEY *eckey); | ||
118 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
119 | index 88caec1..c5e8fb3 100644 | ||
120 | --- a/crypto/engine/eng_cryptodev.c | ||
121 | +++ b/crypto/engine/eng_cryptodev.c | ||
122 | @@ -1248,6 +1248,56 @@ zapparams(struct crypt_kop *kop) | ||
123 | } | ||
124 | } | ||
125 | |||
126 | +/* Any PKC request has at max 2 output parameters and they are stored here to | ||
127 | +be used while copying in the check availability */ | ||
128 | +struct cryptodev_cookie_s { | ||
129 | + BIGNUM *r; | ||
130 | + struct crparam r_param; | ||
131 | + BIGNUM *s; | ||
132 | + struct crparam s_param; | ||
133 | + struct crypt_kop *kop; | ||
134 | +}; | ||
135 | + | ||
136 | +static int | ||
137 | +cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, | ||
138 | + BIGNUM *s) | ||
139 | +{ | ||
140 | + int fd; | ||
141 | + struct pkc_cookie_s *cookie = kop->cookie; | ||
142 | + struct cryptodev_cookie_s *eng_cookie; | ||
143 | + | ||
144 | + fd = *(int *)cookie->eng_handle; | ||
145 | + | ||
146 | + eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); | ||
147 | + | ||
148 | + if (eng_cookie) { | ||
149 | + memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); | ||
150 | + if (r) { | ||
151 | + kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); | ||
152 | + if (!kop->crk_param[kop->crk_iparams].crp_p) | ||
153 | + return -ENOMEM; | ||
154 | + kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; | ||
155 | + kop->crk_oparams++; | ||
156 | + eng_cookie->r = r; | ||
157 | + eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; | ||
158 | + } | ||
159 | + if (s) { | ||
160 | + kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); | ||
161 | + if (!kop->crk_param[kop->crk_iparams+1].crp_p) | ||
162 | + return -ENOMEM; | ||
163 | + kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; | ||
164 | + kop->crk_oparams++; | ||
165 | + eng_cookie->s = s; | ||
166 | + eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; | ||
167 | + } | ||
168 | + } else | ||
169 | + return -ENOMEM; | ||
170 | + | ||
171 | + eng_cookie->kop = kop; | ||
172 | + cookie->eng_cookie = eng_cookie; | ||
173 | + return ioctl(fd, CIOCASYMASYNCRYPT, kop); | ||
174 | +} | ||
175 | + | ||
176 | static int | ||
177 | cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | ||
178 | { | ||
179 | @@ -1304,6 +1354,44 @@ void *cryptodev_init_instance(void) | ||
180 | return fd; | ||
181 | } | ||
182 | |||
183 | +#include <poll.h> | ||
184 | + | ||
185 | +/* Return 0 on success and 1 on failure */ | ||
186 | +int cryptodev_check_availability(void *eng_handle) | ||
187 | +{ | ||
188 | + int fd = *(int *)eng_handle; | ||
189 | + struct pkc_cookie_list_s cookie_list; | ||
190 | + struct pkc_cookie_s *cookie; | ||
191 | + int i; | ||
192 | + | ||
193 | + /* FETCH COOKIE returns number of cookies extracted */ | ||
194 | + if (ioctl(fd, CIOCASYMFETCHCOOKIE, &cookie_list) <= 0) | ||
195 | + return 1; | ||
196 | + | ||
197 | + for (i = 0; i < cookie_list.cookie_available; i++) { | ||
198 | + cookie = cookie_list.cookie[i]; | ||
199 | + if (cookie) { | ||
200 | + struct cryptodev_cookie_s *eng_cookie = cookie->eng_cookie; | ||
201 | + if (eng_cookie) { | ||
202 | + struct crypt_kop *kop = eng_cookie->kop; | ||
203 | + | ||
204 | + if (eng_cookie->r) | ||
205 | + crparam2bn(&eng_cookie->r_param, eng_cookie->r); | ||
206 | + if (eng_cookie->s) | ||
207 | + crparam2bn(&eng_cookie->s_param, eng_cookie->s); | ||
208 | + if (kop->crk_op == CRK_DH_COMPUTE_KEY) | ||
209 | + kop->crk_oparams = 0; | ||
210 | + | ||
211 | + zapparams(eng_cookie->kop); | ||
212 | + free(eng_cookie->kop); | ||
213 | + free (eng_cookie); | ||
214 | + } | ||
215 | + cookie->pkc_callback(cookie, cookie_list.status[i]); | ||
216 | + } | ||
217 | + } | ||
218 | + return 0; | ||
219 | +} | ||
220 | + | ||
221 | static int | ||
222 | cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
223 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | ||
224 | @@ -1349,6 +1437,63 @@ err: | ||
225 | } | ||
226 | |||
227 | static int | ||
228 | +cryptodev_bn_mod_exp_async(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
229 | + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, struct pkc_cookie_s *cookie) | ||
230 | +{ | ||
231 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
232 | + int ret = 1; | ||
233 | + | ||
234 | + /* Currently, we know we can do mod exp iff we can do any | ||
235 | + * asymmetric operations at all. | ||
236 | + */ | ||
237 | + if (cryptodev_asymfeat == 0 || !kop) { | ||
238 | + ret = BN_mod_exp(r, a, p, m, ctx); | ||
239 | + return (ret); | ||
240 | + } | ||
241 | + | ||
242 | + kop->crk_oparams = 0; | ||
243 | + kop->crk_status = 0; | ||
244 | + kop->crk_op = CRK_MOD_EXP; | ||
245 | + kop->cookie = cookie; | ||
246 | + /* inputs: a^p % m */ | ||
247 | + if (bn2crparam(a, &kop->crk_param[0])) | ||
248 | + goto err; | ||
249 | + if (bn2crparam(p, &kop->crk_param[1])) | ||
250 | + goto err; | ||
251 | + if (bn2crparam(m, &kop->crk_param[2])) | ||
252 | + goto err; | ||
253 | + | ||
254 | + kop->crk_iparams = 3; | ||
255 | + if (cryptodev_asym_async(kop, BN_num_bytes(m), r, 0, NULL)) | ||
256 | + goto err; | ||
257 | + | ||
258 | + return ret; | ||
259 | +err: | ||
260 | + { | ||
261 | + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
262 | + | ||
263 | + if (kop) | ||
264 | + free(kop); | ||
265 | + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); | ||
266 | + if (ret) | ||
267 | + /* Call the completion handler immediately */ | ||
268 | + cookie->pkc_callback(cookie, 0); | ||
269 | + } | ||
270 | + return ret; | ||
271 | +} | ||
272 | + | ||
273 | +static int | ||
274 | +cryptodev_rsa_nocrt_mod_exp_async(BIGNUM *r0, const BIGNUM *I, | ||
275 | + RSA *rsa, BN_CTX *ctx, struct pkc_cookie_s *cookie) | ||
276 | +{ | ||
277 | + int r; | ||
278 | + ctx = BN_CTX_new(); | ||
279 | + r = cryptodev_bn_mod_exp_async(r0, I, rsa->d, rsa->n, ctx, NULL, cookie); | ||
280 | + BN_CTX_free(ctx); | ||
281 | + return r; | ||
282 | +} | ||
283 | + | ||
284 | +static int | ||
285 | cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | ||
286 | { | ||
287 | int r; | ||
288 | @@ -1413,6 +1558,62 @@ err: | ||
289 | return (ret); | ||
290 | } | ||
291 | |||
292 | +static int | ||
293 | +cryptodev_rsa_mod_exp_async(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx, | ||
294 | + struct pkc_cookie_s *cookie) | ||
295 | +{ | ||
296 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
297 | + int ret = 1, f_len, p_len, q_len; | ||
298 | + unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; | ||
299 | + | ||
300 | + if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp || !kop) { | ||
301 | + return (0); | ||
302 | + } | ||
303 | + | ||
304 | + kop->crk_oparams = 0; | ||
305 | + kop->crk_status = 0; | ||
306 | + kop->crk_op = CRK_MOD_EXP_CRT; | ||
307 | + f_len = BN_num_bytes(rsa->n); | ||
308 | + spcf_bn2bin_ex(I, &f, &f_len); | ||
309 | + spcf_bn2bin(rsa->p, &p, &p_len); | ||
310 | + spcf_bn2bin(rsa->q, &q, &q_len); | ||
311 | + spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); | ||
312 | + spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); | ||
313 | + spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); | ||
314 | + /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ | ||
315 | + kop->crk_param[0].crp_p = p; | ||
316 | + kop->crk_param[0].crp_nbits = p_len * 8; | ||
317 | + kop->crk_param[1].crp_p = q; | ||
318 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
319 | + kop->crk_param[2].crp_p = f; | ||
320 | + kop->crk_param[2].crp_nbits = f_len * 8; | ||
321 | + kop->crk_param[3].crp_p = dp; | ||
322 | + kop->crk_param[3].crp_nbits = p_len * 8; | ||
323 | + /* dq must of length q, rest all of length p*/ | ||
324 | + kop->crk_param[4].crp_p = dq; | ||
325 | + kop->crk_param[4].crp_nbits = q_len * 8; | ||
326 | + kop->crk_param[5].crp_p = c; | ||
327 | + kop->crk_param[5].crp_nbits = p_len * 8; | ||
328 | + kop->crk_iparams = 6; | ||
329 | + kop->cookie = cookie; | ||
330 | + if (cryptodev_asym_async(kop, BN_num_bytes(rsa->n), r0, 0, NULL)) | ||
331 | + goto err; | ||
332 | + | ||
333 | + return ret; | ||
334 | +err: | ||
335 | + { | ||
336 | + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
337 | + | ||
338 | + if (kop) | ||
339 | + free(kop); | ||
340 | + ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); | ||
341 | + if (ret) | ||
342 | + /* Call user completion handler immediately */ | ||
343 | + cookie->pkc_callback(cookie, 0); | ||
344 | + } | ||
345 | + return (ret); | ||
346 | +} | ||
347 | + | ||
348 | static RSA_METHOD cryptodev_rsa = { | ||
349 | "cryptodev RSA method", | ||
350 | NULL, /* rsa_pub_enc */ | ||
351 | @@ -1421,6 +1622,12 @@ static RSA_METHOD cryptodev_rsa = { | ||
352 | NULL, /* rsa_priv_dec */ | ||
353 | NULL, | ||
354 | NULL, | ||
355 | + NULL, /* rsa_pub_enc */ | ||
356 | + NULL, /* rsa_pub_dec */ | ||
357 | + NULL, /* rsa_priv_enc */ | ||
358 | + NULL, /* rsa_priv_dec */ | ||
359 | + NULL, | ||
360 | + NULL, | ||
361 | NULL, /* init */ | ||
362 | NULL, /* finish */ | ||
363 | 0, /* flags */ | ||
364 | @@ -1718,126 +1925,424 @@ sw_try: | ||
365 | return ret; | ||
366 | } | ||
367 | |||
368 | +/* Cryptodev DSA Key Gen routine */ | ||
369 | +static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) | ||
370 | +{ | ||
371 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
372 | + int ret = 1, g_len; | ||
373 | + unsigned char *g = NULL; | ||
374 | |||
375 | + if (!kop) | ||
376 | + goto sw_try; | ||
377 | |||
378 | -static DSA_METHOD cryptodev_dsa = { | ||
379 | - "cryptodev DSA method", | ||
380 | - NULL, | ||
381 | - NULL, /* dsa_sign_setup */ | ||
382 | - NULL, | ||
383 | - NULL, /* dsa_mod_exp */ | ||
384 | - NULL, | ||
385 | - NULL, /* init */ | ||
386 | - NULL, /* finish */ | ||
387 | - 0, /* flags */ | ||
388 | - NULL /* app_data */ | ||
389 | -}; | ||
390 | + if (dsa->priv_key == NULL) { | ||
391 | + if ((dsa->priv_key=BN_new()) == NULL) | ||
392 | + goto sw_try; | ||
393 | + } | ||
394 | |||
395 | -static ECDSA_METHOD cryptodev_ecdsa = { | ||
396 | - "cryptodev ECDSA method", | ||
397 | - NULL, | ||
398 | - NULL, /* ecdsa_sign_setup */ | ||
399 | - NULL, | ||
400 | - NULL, | ||
401 | - 0, /* flags */ | ||
402 | - NULL /* app_data */ | ||
403 | -}; | ||
404 | + if (dsa->pub_key == NULL) { | ||
405 | + if ((dsa->pub_key=BN_new()) == NULL) | ||
406 | + goto sw_try; | ||
407 | + } | ||
408 | |||
409 | -typedef enum ec_curve_s | ||
410 | -{ | ||
411 | - EC_PRIME, | ||
412 | - EC_BINARY | ||
413 | -} ec_curve_t; | ||
414 | + g_len = BN_num_bytes(dsa->p); | ||
415 | + /** | ||
416 | + * Get generator into a plain buffer. If length is less than | ||
417 | + * q_len then add leading padding bytes. | ||
418 | + */ | ||
419 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
420 | + DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
421 | + goto sw_try; | ||
422 | + } | ||
423 | |||
424 | -/* ENGINE handler for ECDSA Sign */ | ||
425 | -static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
426 | - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
427 | -{ | ||
428 | - BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
429 | - BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
430 | - BN_CTX *ctx = NULL; | ||
431 | - ECDSA_SIG *ret = NULL; | ||
432 | - ECDSA_DATA *ecdsa = NULL; | ||
433 | - unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
434 | - unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
435 | - int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
436 | - int g_len = 0, d_len = 0, ab_len = 0; | ||
437 | - const BIGNUM *order = NULL, *priv_key=NULL; | ||
438 | - const EC_GROUP *group = NULL; | ||
439 | - struct crypt_kop kop; | ||
440 | - ec_curve_t ec_crv = EC_PRIME; | ||
441 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
442 | + kop->crk_op = CRK_DSA_GENERATE_KEY; | ||
443 | + if (bn2crparam(dsa->p, &kop->crk_param[0])) | ||
444 | + goto sw_try; | ||
445 | + if (bn2crparam(dsa->q, &kop->crk_param[1])) | ||
446 | + goto sw_try; | ||
447 | + kop->crk_param[2].crp_p = g; | ||
448 | + kop->crk_param[2].crp_nbits = g_len * 8; | ||
449 | + kop->crk_iparams = 3; | ||
450 | + kop->cookie = cookie; | ||
451 | |||
452 | - memset(&kop, 0, sizeof(kop)); | ||
453 | - ecdsa = ecdsa_check(eckey); | ||
454 | - if (!ecdsa) { | ||
455 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
456 | - return NULL; | ||
457 | + /* pub_key is or prime length while priv key is of length of order */ | ||
458 | + if (cryptodev_asym_async(kop, BN_num_bytes(dsa->p), dsa->pub_key, | ||
459 | + BN_num_bytes(dsa->q), dsa->priv_key)) | ||
460 | + goto sw_try; | ||
461 | + | ||
462 | + return ret; | ||
463 | +sw_try: | ||
464 | + { | ||
465 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
466 | + | ||
467 | + if (kop) | ||
468 | + free(kop); | ||
469 | + ret = (meth->dsa_keygen)(dsa); | ||
470 | + cookie->pkc_callback(cookie, 0); | ||
471 | } | ||
472 | + return ret; | ||
473 | +} | ||
474 | |||
475 | - group = EC_KEY_get0_group(eckey); | ||
476 | - priv_key = EC_KEY_get0_private_key(eckey); | ||
477 | +static int | ||
478 | +cryptodev_dsa_do_sign_async(const unsigned char *dgst, int dlen, DSA *dsa, | ||
479 | + DSA_SIG *sig, struct pkc_cookie_s *cookie) | ||
480 | +{ | ||
481 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
482 | + DSA_SIG *dsaret = NULL; | ||
483 | + int q_len = 0, r_len = 0, g_len = 0; | ||
484 | + int priv_key_len = 0, ret = 1; | ||
485 | + unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; | ||
486 | |||
487 | - if (!group || !priv_key) { | ||
488 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
489 | - return NULL; | ||
490 | + if (((sig->r = BN_new()) == NULL) || !kop) { | ||
491 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
492 | + goto err; | ||
493 | } | ||
494 | |||
495 | - if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
496 | - (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
497 | - (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
498 | - (y = BN_new()) == NULL) { | ||
499 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
500 | + if ((sig->s = BN_new()) == NULL) { | ||
501 | + BN_free(sig->r); | ||
502 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
503 | goto err; | ||
504 | } | ||
505 | |||
506 | - order = &group->order; | ||
507 | - if (!order || BN_is_zero(order)) { | ||
508 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
509 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
510 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
511 | goto err; | ||
512 | } | ||
513 | |||
514 | - i = BN_num_bits(order); | ||
515 | - /* Need to truncate digest if it is too long: first truncate whole | ||
516 | - bytes */ | ||
517 | - if (8 * dgst_len > i) | ||
518 | - dgst_len = (i + 7)/8; | ||
519 | + /* Get order of the field of private keys into plain buffer */ | ||
520 | + if (spcf_bn2bin (dsa->q, &r, &r_len)) { | ||
521 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
522 | + goto err; | ||
523 | + } | ||
524 | |||
525 | - if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
526 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
527 | + /* sanity test */ | ||
528 | + if (dlen > r_len) { | ||
529 | + DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
530 | goto err; | ||
531 | } | ||
532 | |||
533 | - /* If still too long truncate remaining bits with a shift */ | ||
534 | - if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
535 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
536 | + g_len = q_len; | ||
537 | + /** | ||
538 | + * Get generator into a plain buffer. If length is less than | ||
539 | + * q_len then add leading padding bytes. | ||
540 | + */ | ||
541 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
542 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
543 | goto err; | ||
544 | } | ||
545 | |||
546 | - /* copy the truncated bits into plain buffer */ | ||
547 | - if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
548 | - fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
549 | + priv_key_len = r_len; | ||
550 | + /** | ||
551 | + * Get private key into a plain buffer. If length is less than | ||
552 | + * r_len then add leading padding bytes. | ||
553 | + */ | ||
554 | + if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { | ||
555 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
556 | goto err; | ||
557 | } | ||
558 | |||
559 | - ret = ECDSA_SIG_new(); | ||
560 | - if (!ret) { | ||
561 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
562 | + /* Allocate memory to store hash. */ | ||
563 | + f = OPENSSL_malloc (r_len); | ||
564 | + if (!f) { | ||
565 | + DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
566 | goto err; | ||
567 | } | ||
568 | |||
569 | - /* check if this is prime or binary EC request */ | ||
570 | - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
571 | - ec_crv = EC_PRIME; | ||
572 | - /* get the generator point pair */ | ||
573 | - if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), | ||
574 | - x, y,ctx)) { | ||
575 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
576 | - goto err; | ||
577 | - } | ||
578 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
579 | + if (dlen < r_len) | ||
580 | + memset(f, 0, r_len - dlen); | ||
581 | |||
582 | - /* get the ECC curve parameters */ | ||
583 | - if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
584 | - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
585 | + /* Skip leading bytes if dgst_len < r_len */ | ||
586 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
587 | + | ||
588 | + dlen = r_len; | ||
589 | + | ||
590 | + memset(kop, 0, sizeof( struct crypt_kop)); | ||
591 | + kop->crk_op = CRK_DSA_SIGN; | ||
592 | + | ||
593 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
594 | + kop->crk_param[0].crp_p = (void*)f; | ||
595 | + kop->crk_param[0].crp_nbits = dlen * 8; | ||
596 | + kop->crk_param[1].crp_p = (void*)q; | ||
597 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
598 | + kop->crk_param[2].crp_p = (void*)r; | ||
599 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
600 | + kop->crk_param[3].crp_p = (void*)g; | ||
601 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
602 | + kop->crk_param[4].crp_p = (void*)priv_key; | ||
603 | + kop->crk_param[4].crp_nbits = priv_key_len * 8; | ||
604 | + kop->crk_iparams = 5; | ||
605 | + kop->cookie = cookie; | ||
606 | + | ||
607 | + if (cryptodev_asym_async(kop, r_len, sig->r, r_len, sig->s)) | ||
608 | + goto err; | ||
609 | + | ||
610 | + return ret; | ||
611 | +err: | ||
612 | + { | ||
613 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
614 | + | ||
615 | + if (kop) | ||
616 | + free(kop); | ||
617 | + BN_free(sig->r); | ||
618 | + BN_free(sig->s); | ||
619 | + dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | ||
620 | + sig->r = dsaret->r; | ||
621 | + sig->s = dsaret->s; | ||
622 | + /* Call user callback immediately */ | ||
623 | + cookie->pkc_callback(cookie, 0); | ||
624 | + ret = dsaret; | ||
625 | + } | ||
626 | + return ret; | ||
627 | +} | ||
628 | + | ||
629 | +static int | ||
630 | +cryptodev_dsa_verify_async(const unsigned char *dgst, int dlen, | ||
631 | + DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie) | ||
632 | +{ | ||
633 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
634 | + int q_len = 0, r_len = 0, g_len = 0; | ||
635 | + int w_len = 0 ,c_len = 0, d_len = 0, ret = 1; | ||
636 | + unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; | ||
637 | + unsigned char *c = NULL, * d = NULL, *f = NULL; | ||
638 | + | ||
639 | + if (!kop) | ||
640 | + goto err; | ||
641 | + | ||
642 | + if (spcf_bn2bin(dsa->p, &q, &q_len)) { | ||
643 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
644 | + return ret; | ||
645 | + } | ||
646 | + | ||
647 | + /* Get Order of field of private keys */ | ||
648 | + if (spcf_bn2bin(dsa->q, &r, &r_len)) { | ||
649 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
650 | + goto err; | ||
651 | + } | ||
652 | + | ||
653 | + g_len = q_len; | ||
654 | + /** | ||
655 | + * Get generator into a plain buffer. If length is less than | ||
656 | + * q_len then add leading padding bytes. | ||
657 | + */ | ||
658 | + if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { | ||
659 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
660 | + goto err; | ||
661 | + } | ||
662 | + w_len = q_len; | ||
663 | + /** | ||
664 | + * Get public key into a plain buffer. If length is less than | ||
665 | + * q_len then add leading padding bytes. | ||
666 | + */ | ||
667 | + if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { | ||
668 | + DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
669 | + goto err; | ||
670 | + } | ||
671 | + /** | ||
672 | + * Get the 1st part of signature into a flat buffer with | ||
673 | + * appropriate padding | ||
674 | + */ | ||
675 | + c_len = r_len; | ||
676 | + | ||
677 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
678 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
679 | + goto err; | ||
680 | + } | ||
681 | + | ||
682 | + /** | ||
683 | + * Get the 2nd part of signature into a flat buffer with | ||
684 | + * appropriate padding | ||
685 | + */ | ||
686 | + d_len = r_len; | ||
687 | + | ||
688 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
689 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
690 | + goto err; | ||
691 | + } | ||
692 | + | ||
693 | + | ||
694 | + /* Sanity test */ | ||
695 | + if (dlen > r_len) { | ||
696 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
697 | + goto err; | ||
698 | + } | ||
699 | + | ||
700 | + /* Allocate memory to store hash. */ | ||
701 | + f = OPENSSL_malloc (r_len); | ||
702 | + if (!f) { | ||
703 | + DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
704 | + goto err; | ||
705 | + } | ||
706 | + | ||
707 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
708 | + if (dlen < r_len) | ||
709 | + memset(f, 0, r_len - dlen); | ||
710 | + | ||
711 | + /* Skip leading bytes if dgst_len < r_len */ | ||
712 | + memcpy(f + r_len - dlen, dgst, dlen); | ||
713 | + | ||
714 | + dlen = r_len; | ||
715 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
716 | + | ||
717 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ | ||
718 | + kop->crk_param[0].crp_p = (void*)f; | ||
719 | + kop->crk_param[0].crp_nbits = dlen * 8; | ||
720 | + kop->crk_param[1].crp_p = q; | ||
721 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
722 | + kop->crk_param[2].crp_p = r; | ||
723 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
724 | + kop->crk_param[3].crp_p = g; | ||
725 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
726 | + kop->crk_param[4].crp_p = w; | ||
727 | + kop->crk_param[4].crp_nbits = w_len * 8; | ||
728 | + kop->crk_param[5].crp_p = c; | ||
729 | + kop->crk_param[5].crp_nbits = c_len * 8; | ||
730 | + kop->crk_param[6].crp_p = d; | ||
731 | + kop->crk_param[6].crp_nbits = d_len * 8; | ||
732 | + kop->crk_iparams = 7; | ||
733 | + kop->crk_op = CRK_DSA_VERIFY; | ||
734 | + kop->cookie = cookie; | ||
735 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
736 | + goto err; | ||
737 | + | ||
738 | + return ret; | ||
739 | +err: | ||
740 | + { | ||
741 | + const DSA_METHOD *meth = DSA_OpenSSL(); | ||
742 | + | ||
743 | + if (kop) | ||
744 | + free(kop); | ||
745 | + | ||
746 | + ret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); | ||
747 | + cookie->pkc_callback(cookie, 0); | ||
748 | + } | ||
749 | + return ret; | ||
750 | +} | ||
751 | + | ||
752 | +static DSA_METHOD cryptodev_dsa = { | ||
753 | + "cryptodev DSA method", | ||
754 | + NULL, | ||
755 | + NULL, /* dsa_sign_setup */ | ||
756 | + NULL, | ||
757 | + NULL, /* dsa_mod_exp */ | ||
758 | + NULL, | ||
759 | + NULL, | ||
760 | + NULL, | ||
761 | + NULL, | ||
762 | + NULL, /* init */ | ||
763 | + NULL, /* finish */ | ||
764 | + 0, /* flags */ | ||
765 | + NULL /* app_data */ | ||
766 | +}; | ||
767 | + | ||
768 | +static ECDSA_METHOD cryptodev_ecdsa = { | ||
769 | + "cryptodev ECDSA method", | ||
770 | + NULL, | ||
771 | + NULL, /* ecdsa_sign_setup */ | ||
772 | + NULL, | ||
773 | + NULL, | ||
774 | + NULL, | ||
775 | + NULL, | ||
776 | + 0, /* flags */ | ||
777 | + NULL /* app_data */ | ||
778 | +}; | ||
779 | + | ||
780 | +typedef enum ec_curve_s | ||
781 | +{ | ||
782 | + EC_PRIME, | ||
783 | + EC_BINARY | ||
784 | +} ec_curve_t; | ||
785 | + | ||
786 | +/* ENGINE handler for ECDSA Sign */ | ||
787 | +static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
788 | + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
789 | +{ | ||
790 | + BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
791 | + BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
792 | + BN_CTX *ctx = NULL; | ||
793 | + ECDSA_SIG *ret = NULL; | ||
794 | + ECDSA_DATA *ecdsa = NULL; | ||
795 | + unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
796 | + unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
797 | + int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
798 | + int g_len = 0, d_len = 0, ab_len = 0; | ||
799 | + const BIGNUM *order = NULL, *priv_key=NULL; | ||
800 | + const EC_GROUP *group = NULL; | ||
801 | + struct crypt_kop kop; | ||
802 | + ec_curve_t ec_crv = EC_PRIME; | ||
803 | + | ||
804 | + memset(&kop, 0, sizeof(kop)); | ||
805 | + ecdsa = ecdsa_check(eckey); | ||
806 | + if (!ecdsa) { | ||
807 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
808 | + return NULL; | ||
809 | + } | ||
810 | + | ||
811 | + group = EC_KEY_get0_group(eckey); | ||
812 | + priv_key = EC_KEY_get0_private_key(eckey); | ||
813 | + | ||
814 | + if (!group || !priv_key) { | ||
815 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
816 | + return NULL; | ||
817 | + } | ||
818 | + | ||
819 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
820 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
821 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
822 | + (y = BN_new()) == NULL) { | ||
823 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
824 | + goto err; | ||
825 | + } | ||
826 | + | ||
827 | + order = &group->order; | ||
828 | + if (!order || BN_is_zero(order)) { | ||
829 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
830 | + goto err; | ||
831 | + } | ||
832 | + | ||
833 | + i = BN_num_bits(order); | ||
834 | + /* Need to truncate digest if it is too long: first truncate whole | ||
835 | + bytes */ | ||
836 | + if (8 * dgst_len > i) | ||
837 | + dgst_len = (i + 7)/8; | ||
838 | + | ||
839 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
840 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
841 | + goto err; | ||
842 | + } | ||
843 | + | ||
844 | + /* If still too long truncate remaining bits with a shift */ | ||
845 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
846 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
847 | + goto err; | ||
848 | + } | ||
849 | + | ||
850 | + /* copy the truncated bits into plain buffer */ | ||
851 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
852 | + fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
853 | + goto err; | ||
854 | + } | ||
855 | + | ||
856 | + ret = ECDSA_SIG_new(); | ||
857 | + if (!ret) { | ||
858 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
859 | + goto err; | ||
860 | + } | ||
861 | + | ||
862 | + /* check if this is prime or binary EC request */ | ||
863 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
864 | + ec_crv = EC_PRIME; | ||
865 | + /* get the generator point pair */ | ||
866 | + if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), | ||
867 | + x, y,ctx)) { | ||
868 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
869 | + goto err; | ||
870 | + } | ||
871 | + | ||
872 | + /* get the ECC curve parameters */ | ||
873 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
874 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
875 | goto err; | ||
876 | } | ||
877 | } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { | ||
878 | @@ -2162,63 +2667,581 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
879 | } | ||
880 | |||
881 | /** | ||
882 | - * Get the 2nd part of signature into a flat buffer with | ||
883 | - * appropriate padding | ||
884 | + * Get the 2nd part of signature into a flat buffer with | ||
885 | + * appropriate padding | ||
886 | + */ | ||
887 | + if (BN_num_bytes(sig->s) < r_len) | ||
888 | + d_len = r_len; | ||
889 | + | ||
890 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
891 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
892 | + goto err; | ||
893 | + } | ||
894 | + | ||
895 | + /* memory for message representative */ | ||
896 | + f = malloc(r_len); | ||
897 | + if (!f) { | ||
898 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
899 | + goto err; | ||
900 | + } | ||
901 | + | ||
902 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
903 | + memset(f, 0, r_len-dgst_len); | ||
904 | + | ||
905 | + /* Skip leading bytes if dgst_len < r_len */ | ||
906 | + memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
907 | + dgst_len += r_len-dgst_len; | ||
908 | + kop.crk_op = CRK_DSA_VERIFY; | ||
909 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
910 | + kop.crk_param[0].crp_p = f; | ||
911 | + kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
912 | + kop.crk_param[1].crp_p = q; | ||
913 | + kop.crk_param[1].crp_nbits = q_len * 8; | ||
914 | + kop.crk_param[2].crp_p = r; | ||
915 | + kop.crk_param[2].crp_nbits = r_len * 8; | ||
916 | + kop.crk_param[3].crp_p = g_xy; | ||
917 | + kop.crk_param[3].crp_nbits = g_len * 8; | ||
918 | + kop.crk_param[4].crp_p = w_xy; | ||
919 | + kop.crk_param[4].crp_nbits = pub_key_len * 8; | ||
920 | + kop.crk_param[5].crp_p = ab; | ||
921 | + kop.crk_param[5].crp_nbits = ab_len * 8; | ||
922 | + kop.crk_param[6].crp_p = c; | ||
923 | + kop.crk_param[6].crp_nbits = d_len * 8; | ||
924 | + kop.crk_param[7].crp_p = d; | ||
925 | + kop.crk_param[7].crp_nbits = d_len * 8; | ||
926 | + kop.crk_iparams = 8; | ||
927 | + | ||
928 | + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
929 | + /*OCF success value is 0, if not zero, change ret to fail*/ | ||
930 | + if(0 == kop.crk_status) | ||
931 | + ret = 1; | ||
932 | + } else { | ||
933 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
934 | + | ||
935 | + ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
936 | + } | ||
937 | + kop.crk_param[0].crp_p = NULL; | ||
938 | + zapparams(&kop); | ||
939 | + | ||
940 | +err: | ||
941 | + return ret; | ||
942 | +} | ||
943 | + | ||
944 | +static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, | ||
945 | + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey, | ||
946 | + ECDSA_SIG *sig, struct pkc_cookie_s *cookie) | ||
947 | +{ | ||
948 | + BIGNUM *m = NULL, *p = NULL, *a = NULL; | ||
949 | + BIGNUM *b = NULL, *x = NULL, *y = NULL; | ||
950 | + BN_CTX *ctx = NULL; | ||
951 | + ECDSA_SIG *sig_ret = NULL; | ||
952 | + ECDSA_DATA *ecdsa = NULL; | ||
953 | + unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; | ||
954 | + unsigned char * s = NULL, *f = NULL, *tmp_dgst = NULL; | ||
955 | + int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; | ||
956 | + int g_len = 0, ab_len = 0, ret = 1; | ||
957 | + const BIGNUM *order = NULL, *priv_key=NULL; | ||
958 | + const EC_GROUP *group = NULL; | ||
959 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
960 | + ec_curve_t ec_crv = EC_PRIME; | ||
961 | + | ||
962 | + if (!(sig->r = BN_new()) || !kop) | ||
963 | + goto err; | ||
964 | + if ((sig->s = BN_new()) == NULL) { | ||
965 | + BN_free(r); | ||
966 | + goto err; | ||
967 | + } | ||
968 | + | ||
969 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
970 | + ecdsa = ecdsa_check(eckey); | ||
971 | + if (!ecdsa) { | ||
972 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
973 | + goto err; | ||
974 | + } | ||
975 | + | ||
976 | + group = EC_KEY_get0_group(eckey); | ||
977 | + priv_key = EC_KEY_get0_private_key(eckey); | ||
978 | + | ||
979 | + if (!group || !priv_key) { | ||
980 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); | ||
981 | + goto err; | ||
982 | + } | ||
983 | + | ||
984 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
985 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
986 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
987 | + (y = BN_new()) == NULL) { | ||
988 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
989 | + goto err; | ||
990 | + } | ||
991 | + | ||
992 | + order = &group->order; | ||
993 | + if (!order || BN_is_zero(order)) { | ||
994 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); | ||
995 | + goto err; | ||
996 | + } | ||
997 | + | ||
998 | + i = BN_num_bits(order); | ||
999 | + /* Need to truncate digest if it is too long: first truncate whole | ||
1000 | + bytes */ | ||
1001 | + if (8 * dgst_len > i) | ||
1002 | + dgst_len = (i + 7)/8; | ||
1003 | + | ||
1004 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
1005 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
1006 | + goto err; | ||
1007 | + } | ||
1008 | + | ||
1009 | + /* If still too long truncate remaining bits with a shift */ | ||
1010 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
1011 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); | ||
1012 | + goto err; | ||
1013 | + } | ||
1014 | + | ||
1015 | + /* copy the truncated bits into plain buffer */ | ||
1016 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
1017 | + fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); | ||
1018 | + goto err; | ||
1019 | + } | ||
1020 | + | ||
1021 | + /* check if this is prime or binary EC request */ | ||
1022 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) | ||
1023 | + == NID_X9_62_prime_field) { | ||
1024 | + ec_crv = EC_PRIME; | ||
1025 | + /* get the generator point pair */ | ||
1026 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1027 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1028 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1029 | + goto err; | ||
1030 | + } | ||
1031 | + | ||
1032 | + /* get the ECC curve parameters */ | ||
1033 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { | ||
1034 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1035 | + goto err; | ||
1036 | + } | ||
1037 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { | ||
1038 | + ec_crv = EC_BINARY; | ||
1039 | + /* get the ECC curve parameters */ | ||
1040 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1041 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1042 | + goto err; | ||
1043 | + } | ||
1044 | + | ||
1045 | + /* get the generator point pair */ | ||
1046 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1047 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1048 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1049 | + goto err; | ||
1050 | + } | ||
1051 | + } else { | ||
1052 | + printf("Unsupported Curve\n"); | ||
1053 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1054 | + goto err; | ||
1055 | + } | ||
1056 | + | ||
1057 | + if (spcf_bn2bin(order, &r, &r_len)) { | ||
1058 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1059 | + goto err; | ||
1060 | + } | ||
1061 | + | ||
1062 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1063 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1064 | + goto err; | ||
1065 | + } | ||
1066 | + | ||
1067 | + priv_key_len = r_len; | ||
1068 | + | ||
1069 | + /** | ||
1070 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
1071 | + * add padding bytes before the key | ||
1072 | + */ | ||
1073 | + if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { | ||
1074 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1075 | + goto err; | ||
1076 | + } | ||
1077 | + | ||
1078 | + /* Generation of ECC curve parameters */ | ||
1079 | + ab_len = 2*q_len; | ||
1080 | + ab = eng_copy_curve_points(a, b, ab_len, q_len); | ||
1081 | + if (!ab) { | ||
1082 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1083 | + goto err; | ||
1084 | + } | ||
1085 | + | ||
1086 | + if (ec_crv == EC_BINARY) { | ||
1087 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1088 | + { | ||
1089 | + unsigned char *c_temp = NULL; | ||
1090 | + int c_temp_len = q_len; | ||
1091 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1092 | + memcpy(ab+q_len, c_temp, q_len); | ||
1093 | + else | ||
1094 | + goto err; | ||
1095 | + } | ||
1096 | + kop->curve_type = ECC_BINARY; | ||
1097 | + } | ||
1098 | + | ||
1099 | + /* Calculation of Generator point */ | ||
1100 | + g_len = 2*q_len; | ||
1101 | + g_xy = eng_copy_curve_points(x, y, g_len, q_len); | ||
1102 | + if (!g_xy) { | ||
1103 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1104 | + goto err; | ||
1105 | + } | ||
1106 | + | ||
1107 | + /* memory for message representative */ | ||
1108 | + f = malloc(r_len); | ||
1109 | + if (!f) { | ||
1110 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1111 | + goto err; | ||
1112 | + } | ||
1113 | + | ||
1114 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
1115 | + memset(f, 0, r_len - dgst_len); | ||
1116 | + | ||
1117 | + /* Skip leading bytes if dgst_len < r_len */ | ||
1118 | + memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); | ||
1119 | + | ||
1120 | + dgst_len += r_len - dgst_len; | ||
1121 | + | ||
1122 | + kop->crk_op = CRK_DSA_SIGN; | ||
1123 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1124 | + kop->crk_param[0].crp_p = f; | ||
1125 | + kop->crk_param[0].crp_nbits = dgst_len * 8; | ||
1126 | + kop->crk_param[1].crp_p = q; | ||
1127 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
1128 | + kop->crk_param[2].crp_p = r; | ||
1129 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
1130 | + kop->crk_param[3].crp_p = g_xy; | ||
1131 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
1132 | + kop->crk_param[4].crp_p = s; | ||
1133 | + kop->crk_param[4].crp_nbits = priv_key_len * 8; | ||
1134 | + kop->crk_param[5].crp_p = ab; | ||
1135 | + kop->crk_param[5].crp_nbits = ab_len * 8; | ||
1136 | + kop->crk_iparams = 6; | ||
1137 | + kop->cookie = cookie; | ||
1138 | + | ||
1139 | + if (cryptodev_asym_async(kop, r_len, sig->r , r_len, sig->s)) | ||
1140 | + goto err; | ||
1141 | + | ||
1142 | + return ret; | ||
1143 | +err: | ||
1144 | + { | ||
1145 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1146 | + BN_free(sig->r); | ||
1147 | + BN_free(sig->s); | ||
1148 | + if (kop) | ||
1149 | + free(kop); | ||
1150 | + sig_ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); | ||
1151 | + sig->r = sig_ret->r; | ||
1152 | + sig->s = sig_ret->s; | ||
1153 | + cookie->pkc_callback(cookie, 0); | ||
1154 | + } | ||
1155 | + return ret; | ||
1156 | +} | ||
1157 | + | ||
1158 | +static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, | ||
1159 | + const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie) | ||
1160 | +{ | ||
1161 | + BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; | ||
1162 | + BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; | ||
1163 | + BN_CTX *ctx = NULL; | ||
1164 | + ECDSA_DATA *ecdsa = NULL; | ||
1165 | + unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; | ||
1166 | + unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; | ||
1167 | + int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; | ||
1168 | + int d_len = 0, ab_len = 0, ret = 1; | ||
1169 | + const EC_POINT *pub_key = NULL; | ||
1170 | + const BIGNUM *order = NULL; | ||
1171 | + const EC_GROUP *group=NULL; | ||
1172 | + ec_curve_t ec_crv = EC_PRIME; | ||
1173 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1174 | + | ||
1175 | + if (!kop) | ||
1176 | + goto err; | ||
1177 | + | ||
1178 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1179 | + ecdsa = ecdsa_check(eckey); | ||
1180 | + if (!ecdsa) { | ||
1181 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
1182 | + goto err; | ||
1183 | + } | ||
1184 | + | ||
1185 | + group = EC_KEY_get0_group(eckey); | ||
1186 | + pub_key = EC_KEY_get0_public_key(eckey); | ||
1187 | + | ||
1188 | + if (!group || !pub_key) { | ||
1189 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); | ||
1190 | + goto err; | ||
1191 | + } | ||
1192 | + | ||
1193 | + if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || | ||
1194 | + (a = BN_new()) == NULL || (b = BN_new()) == NULL || | ||
1195 | + (p = BN_new()) == NULL || (x = BN_new()) == NULL || | ||
1196 | + (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || | ||
1197 | + (w_y = BN_new()) == NULL) { | ||
1198 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1199 | + goto err; | ||
1200 | + } | ||
1201 | + | ||
1202 | + order = &group->order; | ||
1203 | + if (!order || BN_is_zero(order)) { | ||
1204 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); | ||
1205 | + goto err; | ||
1206 | + } | ||
1207 | + | ||
1208 | + i = BN_num_bits(order); | ||
1209 | + /* Need to truncate digest if it is too long: first truncate whole | ||
1210 | + * bytes */ | ||
1211 | + if (8 * dgst_len > i) | ||
1212 | + dgst_len = (i + 7)/8; | ||
1213 | + | ||
1214 | + if (!BN_bin2bn(dgst, dgst_len, m)) { | ||
1215 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
1216 | + goto err; | ||
1217 | + } | ||
1218 | + | ||
1219 | + /* If still too long truncate remaining bits with a shift */ | ||
1220 | + if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { | ||
1221 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); | ||
1222 | + goto err; | ||
1223 | + } | ||
1224 | + /* copy the truncated bits into plain buffer */ | ||
1225 | + if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { | ||
1226 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1227 | + goto err; | ||
1228 | + } | ||
1229 | + | ||
1230 | + /* check if this is prime or binary EC request */ | ||
1231 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { | ||
1232 | + ec_crv = EC_PRIME; | ||
1233 | + | ||
1234 | + /* get the generator point pair */ | ||
1235 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1236 | + EC_GROUP_get0_generator(group), x, y,ctx)) { | ||
1237 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1238 | + goto err; | ||
1239 | + } | ||
1240 | + | ||
1241 | + /* get the public key pair for prime curve */ | ||
1242 | + if (!EC_POINT_get_affine_coordinates_GFp (group, | ||
1243 | + pub_key, w_x, w_y,ctx)) { | ||
1244 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1245 | + goto err; | ||
1246 | + } | ||
1247 | + | ||
1248 | + /* get the ECC curve parameters */ | ||
1249 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1250 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1251 | + goto err; | ||
1252 | + } | ||
1253 | + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ | ||
1254 | + ec_crv = EC_BINARY; | ||
1255 | + /* get the ECC curve parameters */ | ||
1256 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1257 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1258 | + goto err; | ||
1259 | + } | ||
1260 | + | ||
1261 | + /* get the generator point pair */ | ||
1262 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1263 | + EC_GROUP_get0_generator(group),x, y,ctx)) { | ||
1264 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1265 | + goto err; | ||
1266 | + } | ||
1267 | + | ||
1268 | + /* get the public key pair for binary curve */ | ||
1269 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1270 | + pub_key, w_x, w_y,ctx)) { | ||
1271 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1272 | + goto err; | ||
1273 | + } | ||
1274 | + }else { | ||
1275 | + printf("Unsupported Curve\n"); | ||
1276 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); | ||
1277 | + goto err; | ||
1278 | + } | ||
1279 | + | ||
1280 | + /* Get the order of the subgroup of private keys */ | ||
1281 | + if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { | ||
1282 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1283 | + goto err; | ||
1284 | + } | ||
1285 | + | ||
1286 | + /* Get the irreducible polynomial that creates the field */ | ||
1287 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1288 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1289 | + goto err; | ||
1290 | + } | ||
1291 | + | ||
1292 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1293 | + pub_key_len = 2 * q_len; | ||
1294 | + | ||
1295 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1296 | + if (!w_xy) { | ||
1297 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1298 | + goto err; | ||
1299 | + } | ||
1300 | + | ||
1301 | + /* Generation of ECC curve parameters */ | ||
1302 | + ab_len = 2*q_len; | ||
1303 | + | ||
1304 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1305 | + if (!ab) { | ||
1306 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1307 | + goto err; | ||
1308 | + } | ||
1309 | + | ||
1310 | + if (ec_crv == EC_BINARY) { | ||
1311 | + /* copy b' i.e c(b), instead of only b */ | ||
1312 | + eng_ec_get_cparam (EC_GROUP_get_curve_name(group), | ||
1313 | + ab+q_len, q_len); | ||
1314 | + kop->curve_type = ECC_BINARY; | ||
1315 | + } | ||
1316 | + | ||
1317 | + /* Calculation of Generator point */ | ||
1318 | + g_len = 2 * q_len; | ||
1319 | + | ||
1320 | + g_xy = eng_copy_curve_points (x, y, g_len, q_len); | ||
1321 | + if (!g_xy) { | ||
1322 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1323 | + goto err; | ||
1324 | + } | ||
1325 | + | ||
1326 | + /** | ||
1327 | + * Get the 1st part of signature into a flat buffer with | ||
1328 | + * appropriate padding | ||
1329 | + */ | ||
1330 | + if (BN_num_bytes(sig->r) < r_len) | ||
1331 | + c_len = r_len; | ||
1332 | + | ||
1333 | + if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { | ||
1334 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1335 | + goto err; | ||
1336 | + } | ||
1337 | + | ||
1338 | + /** | ||
1339 | + * Get the 2nd part of signature into a flat buffer with | ||
1340 | + * appropriate padding | ||
1341 | + */ | ||
1342 | + if (BN_num_bytes(sig->s) < r_len) | ||
1343 | + d_len = r_len; | ||
1344 | + | ||
1345 | + if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
1346 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1347 | + goto err; | ||
1348 | + } | ||
1349 | + | ||
1350 | + /* memory for message representative */ | ||
1351 | + f = malloc(r_len); | ||
1352 | + if (!f) { | ||
1353 | + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1354 | + goto err; | ||
1355 | + } | ||
1356 | + | ||
1357 | + /* Add padding, since SEC expects hash to of size r_len */ | ||
1358 | + memset(f, 0, r_len-dgst_len); | ||
1359 | + | ||
1360 | + /* Skip leading bytes if dgst_len < r_len */ | ||
1361 | + memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
1362 | + | ||
1363 | + dgst_len += r_len-dgst_len; | ||
1364 | + | ||
1365 | + kop->crk_op = CRK_DSA_VERIFY; | ||
1366 | + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1367 | + kop->crk_param[0].crp_p = f; | ||
1368 | + kop->crk_param[0].crp_nbits = dgst_len * 8; | ||
1369 | + kop->crk_param[1].crp_p = q; | ||
1370 | + kop->crk_param[1].crp_nbits = q_len * 8; | ||
1371 | + kop->crk_param[2].crp_p = r; | ||
1372 | + kop->crk_param[2].crp_nbits = r_len * 8; | ||
1373 | + kop->crk_param[3].crp_p = g_xy; | ||
1374 | + kop->crk_param[3].crp_nbits = g_len * 8; | ||
1375 | + kop->crk_param[4].crp_p = w_xy; | ||
1376 | + kop->crk_param[4].crp_nbits = pub_key_len * 8; | ||
1377 | + kop->crk_param[5].crp_p = ab; | ||
1378 | + kop->crk_param[5].crp_nbits = ab_len * 8; | ||
1379 | + kop->crk_param[6].crp_p = c; | ||
1380 | + kop->crk_param[6].crp_nbits = d_len * 8; | ||
1381 | + kop->crk_param[7].crp_p = d; | ||
1382 | + kop->crk_param[7].crp_nbits = d_len * 8; | ||
1383 | + kop->crk_iparams = 8; | ||
1384 | + kop->cookie = cookie; | ||
1385 | + | ||
1386 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
1387 | + goto err; | ||
1388 | + | ||
1389 | + return ret; | ||
1390 | +err: | ||
1391 | + { | ||
1392 | + const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1393 | + | ||
1394 | + if (kop) | ||
1395 | + free(kop); | ||
1396 | + ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
1397 | + cookie->pkc_callback(cookie, 0); | ||
1398 | + } | ||
1399 | + | ||
1400 | + return ret; | ||
1401 | +} | ||
1402 | + | ||
1403 | +/* Cryptodev DH Key Gen routine */ | ||
1404 | +static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) | ||
1405 | +{ | ||
1406 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1407 | + int ret = 1, g_len; | ||
1408 | + unsigned char *g = NULL; | ||
1409 | + | ||
1410 | + if (!kop) | ||
1411 | + goto sw_try; | ||
1412 | + | ||
1413 | + if (dh->priv_key == NULL) { | ||
1414 | + if ((dh->priv_key=BN_new()) == NULL) | ||
1415 | + goto sw_try; | ||
1416 | + } | ||
1417 | + | ||
1418 | + if (dh->pub_key == NULL) { | ||
1419 | + if ((dh->pub_key=BN_new()) == NULL) | ||
1420 | + goto sw_try; | ||
1421 | + } | ||
1422 | + | ||
1423 | + g_len = BN_num_bytes(dh->p); | ||
1424 | + /** | ||
1425 | + * Get generator into a plain buffer. If length is less than | ||
1426 | + * q_len then add leading padding bytes. | ||
1427 | */ | ||
1428 | - if (BN_num_bytes(sig->s) < r_len) | ||
1429 | - d_len = r_len; | ||
1430 | - | ||
1431 | - if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { | ||
1432 | - ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1433 | - goto err; | ||
1434 | - } | ||
1435 | - | ||
1436 | - /* memory for message representative */ | ||
1437 | - f = malloc(r_len); | ||
1438 | - if (!f) { | ||
1439 | - ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); | ||
1440 | - goto err; | ||
1441 | + if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
1442 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
1443 | + goto sw_try; | ||
1444 | } | ||
1445 | |||
1446 | - /* Add padding, since SEC expects hash to of size r_len */ | ||
1447 | - memset(f, 0, r_len-dgst_len); | ||
1448 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1449 | + kop->crk_op = CRK_DH_GENERATE_KEY; | ||
1450 | + if (bn2crparam(dh->p, &kop->crk_param[0])) | ||
1451 | + goto sw_try; | ||
1452 | + if (bn2crparam(dh->q, &kop->crk_param[1])) | ||
1453 | + goto sw_try; | ||
1454 | + kop->crk_param[2].crp_p = g; | ||
1455 | + kop->crk_param[2].crp_nbits = g_len * 8; | ||
1456 | + kop->crk_iparams = 3; | ||
1457 | + kop->cookie = cookie; | ||
1458 | |||
1459 | - /* Skip leading bytes if dgst_len < r_len */ | ||
1460 | - memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); | ||
1461 | - dgst_len += r_len-dgst_len; | ||
1462 | - kop.crk_op = CRK_DSA_VERIFY; | ||
1463 | - /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ | ||
1464 | - kop.crk_param[0].crp_p = f; | ||
1465 | - kop.crk_param[0].crp_nbits = dgst_len * 8; | ||
1466 | - kop.crk_param[1].crp_p = q; | ||
1467 | - kop.crk_param[1].crp_nbits = q_len * 8; | ||
1468 | - kop.crk_param[2].crp_p = r; | ||
1469 | - kop.crk_param[2].crp_nbits = r_len * 8; | ||
1470 | - kop.crk_param[3].crp_p = g_xy; | ||
1471 | - kop.crk_param[3].crp_nbits = g_len * 8; | ||
1472 | - kop.crk_param[4].crp_p = w_xy; | ||
1473 | - kop.crk_param[4].crp_nbits = pub_key_len * 8; | ||
1474 | - kop.crk_param[5].crp_p = ab; | ||
1475 | - kop.crk_param[5].crp_nbits = ab_len * 8; | ||
1476 | - kop.crk_param[6].crp_p = c; | ||
1477 | - kop.crk_param[6].crp_nbits = d_len * 8; | ||
1478 | - kop.crk_param[7].crp_p = d; | ||
1479 | - kop.crk_param[7].crp_nbits = d_len * 8; | ||
1480 | - kop.crk_iparams = 8; | ||
1481 | + /* pub_key is or prime length while priv key is of length of order */ | ||
1482 | + if (cryptodev_asym_async(kop, BN_num_bytes(dh->p), dh->pub_key, | ||
1483 | + BN_num_bytes(dh->q), dh->priv_key)) | ||
1484 | + goto sw_try; | ||
1485 | |||
1486 | - if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { | ||
1487 | - /*OCF success value is 0, if not zero, change ret to fail*/ | ||
1488 | - if(0 == kop.crk_status) | ||
1489 | - ret = 1; | ||
1490 | - } else { | ||
1491 | - const ECDSA_METHOD *meth = ECDSA_OpenSSL(); | ||
1492 | + return ret; | ||
1493 | +sw_try: | ||
1494 | + { | ||
1495 | + const DH_METHOD *meth = DH_OpenSSL(); | ||
1496 | |||
1497 | - ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); | ||
1498 | + if (kop) | ||
1499 | + free(kop); | ||
1500 | + ret = (meth->generate_key)(dh); | ||
1501 | + cookie->pkc_callback(cookie, 0); | ||
1502 | } | ||
1503 | - kop.crk_param[0].crp_p = NULL; | ||
1504 | - zapparams(&kop); | ||
1505 | - | ||
1506 | -err: | ||
1507 | return ret; | ||
1508 | } | ||
1509 | |||
1510 | @@ -2327,6 +3350,54 @@ sw_try: | ||
1511 | return (dhret); | ||
1512 | } | ||
1513 | |||
1514 | +/* Return Length if successful and 0 on failure */ | ||
1515 | +static int | ||
1516 | +cryptodev_dh_compute_key_async(unsigned char *key, const BIGNUM *pub_key, | ||
1517 | + DH *dh, struct pkc_cookie_s *cookie) | ||
1518 | +{ | ||
1519 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1520 | + int ret = 1; | ||
1521 | + int fd, p_len; | ||
1522 | + unsigned char *padded_pub_key = NULL, *p = NULL; | ||
1523 | + | ||
1524 | + fd = *(int *)cookie->eng_handle; | ||
1525 | + | ||
1526 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1527 | + kop->crk_op = CRK_DH_COMPUTE_KEY; | ||
1528 | + /* inputs: dh->priv_key pub_key dh->p key */ | ||
1529 | + spcf_bn2bin(dh->p, &p, &p_len); | ||
1530 | + spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); | ||
1531 | + | ||
1532 | + if (bn2crparam(dh->priv_key, &kop->crk_param[0])) | ||
1533 | + goto err; | ||
1534 | + kop->crk_param[1].crp_p = padded_pub_key; | ||
1535 | + kop->crk_param[1].crp_nbits = p_len * 8; | ||
1536 | + kop->crk_param[2].crp_p = p; | ||
1537 | + kop->crk_param[2].crp_nbits = p_len * 8; | ||
1538 | + kop->crk_iparams = 3; | ||
1539 | + | ||
1540 | + kop->cookie = cookie; | ||
1541 | + kop->crk_param[3].crp_p = (void*) key; | ||
1542 | + kop->crk_param[3].crp_nbits = p_len * 8; | ||
1543 | + kop->crk_oparams = 1; | ||
1544 | + | ||
1545 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
1546 | + goto err; | ||
1547 | + | ||
1548 | + return p_len; | ||
1549 | +err: | ||
1550 | + { | ||
1551 | + const DH_METHOD *meth = DH_OpenSSL(); | ||
1552 | + | ||
1553 | + if (kop) | ||
1554 | + free(kop); | ||
1555 | + ret = (meth->compute_key)(key, pub_key, dh); | ||
1556 | + /* Call user cookie handler */ | ||
1557 | + cookie->pkc_callback(cookie, 0); | ||
1558 | + } | ||
1559 | + return (ret); | ||
1560 | +} | ||
1561 | + | ||
1562 | int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
1563 | const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
1564 | void *out, size_t *outlen)) | ||
1565 | @@ -2504,6 +3575,190 @@ err: | ||
1566 | return ret; | ||
1567 | } | ||
1568 | |||
1569 | +int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, | ||
1570 | + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
1571 | + void *out, size_t *outlen), struct pkc_cookie_s *cookie) | ||
1572 | +{ | ||
1573 | + ec_curve_t ec_crv = EC_PRIME; | ||
1574 | + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
1575 | + BIGNUM * w_x = NULL, *w_y = NULL; | ||
1576 | + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
1577 | + BIGNUM * p = NULL, *a = NULL, *b = NULL; | ||
1578 | + BN_CTX *ctx; | ||
1579 | + EC_POINT *tmp=NULL; | ||
1580 | + BIGNUM *x=NULL, *y=NULL; | ||
1581 | + const BIGNUM *priv_key; | ||
1582 | + const EC_GROUP* group = NULL; | ||
1583 | + int ret = 1; | ||
1584 | + size_t buflen, len; | ||
1585 | + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
1586 | + | ||
1587 | + if (!(ctx = BN_CTX_new()) || !kop) | ||
1588 | + goto err; | ||
1589 | + | ||
1590 | + memset(kop, 0, sizeof(struct crypt_kop)); | ||
1591 | + | ||
1592 | + BN_CTX_start(ctx); | ||
1593 | + x = BN_CTX_get(ctx); | ||
1594 | + y = BN_CTX_get(ctx); | ||
1595 | + p = BN_CTX_get(ctx); | ||
1596 | + a = BN_CTX_get(ctx); | ||
1597 | + b = BN_CTX_get(ctx); | ||
1598 | + w_x = BN_CTX_get(ctx); | ||
1599 | + w_y = BN_CTX_get(ctx); | ||
1600 | + | ||
1601 | + if (!x || !y || !p || !a || !b || !w_x || !w_y) { | ||
1602 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1603 | + goto err; | ||
1604 | + } | ||
1605 | + | ||
1606 | + priv_key = EC_KEY_get0_private_key(ecdh); | ||
1607 | + if (priv_key == NULL) { | ||
1608 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); | ||
1609 | + goto err; | ||
1610 | + } | ||
1611 | + | ||
1612 | + group = EC_KEY_get0_group(ecdh); | ||
1613 | + if ((tmp=EC_POINT_new(group)) == NULL) { | ||
1614 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); | ||
1615 | + goto err; | ||
1616 | + } | ||
1617 | + | ||
1618 | + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == | ||
1619 | + NID_X9_62_prime_field) { | ||
1620 | + ec_crv = EC_PRIME; | ||
1621 | + | ||
1622 | + if (!EC_POINT_get_affine_coordinates_GFp(group, | ||
1623 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1624 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1625 | + goto err; | ||
1626 | + } | ||
1627 | + | ||
1628 | + /* get the ECC curve parameters */ | ||
1629 | + if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { | ||
1630 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1631 | + goto err; | ||
1632 | + } | ||
1633 | + | ||
1634 | + /* get the public key pair for prime curve */ | ||
1635 | + if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { | ||
1636 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1637 | + goto err; | ||
1638 | + } | ||
1639 | + } else { | ||
1640 | + ec_crv = EC_BINARY; | ||
1641 | + | ||
1642 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1643 | + EC_GROUP_get0_generator(group), x, y, ctx)) { | ||
1644 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); | ||
1645 | + goto err; | ||
1646 | + } | ||
1647 | + | ||
1648 | + /* get the ECC curve parameters */ | ||
1649 | + if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { | ||
1650 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1651 | + goto err; | ||
1652 | + } | ||
1653 | + | ||
1654 | + /* get the public key pair for binary curve */ | ||
1655 | + if (!EC_POINT_get_affine_coordinates_GF2m(group, | ||
1656 | + pub_key, w_x, w_y,ctx)) { | ||
1657 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); | ||
1658 | + goto err; | ||
1659 | + } | ||
1660 | + } | ||
1661 | + | ||
1662 | + /* irreducible polynomial that creates the field */ | ||
1663 | + if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { | ||
1664 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1665 | + goto err; | ||
1666 | + } | ||
1667 | + | ||
1668 | + /* Get the irreducible polynomial that creates the field */ | ||
1669 | + if (spcf_bn2bin(p, &q, &q_len)) { | ||
1670 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1671 | + goto err; | ||
1672 | + } | ||
1673 | + | ||
1674 | + /* Get the public key into a flat buffer with appropriate padding */ | ||
1675 | + pub_key_len = 2 * q_len; | ||
1676 | + w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); | ||
1677 | + if (!w_xy) { | ||
1678 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1679 | + goto err; | ||
1680 | + } | ||
1681 | + | ||
1682 | + /* Generation of ECC curve parameters */ | ||
1683 | + ab_len = 2*q_len; | ||
1684 | + ab = eng_copy_curve_points (a, b, ab_len, q_len); | ||
1685 | + if (!ab) { | ||
1686 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
1687 | + goto err; | ||
1688 | + } | ||
1689 | + | ||
1690 | + if (ec_crv == EC_BINARY) { | ||
1691 | + /* copy b' i.e c(b), instead of only b */ | ||
1692 | + if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) | ||
1693 | + { | ||
1694 | + unsigned char *c_temp = NULL; | ||
1695 | + int c_temp_len = q_len; | ||
1696 | + if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) | ||
1697 | + memcpy(ab+q_len, c_temp, q_len); | ||
1698 | + else | ||
1699 | + goto err; | ||
1700 | + } | ||
1701 | + kop->curve_type = ECC_BINARY; | ||
1702 | + } else | ||
1703 | + kop->curve_type = ECC_PRIME; | ||
1704 | + | ||
1705 | + priv_key_len = r_len; | ||
1706 | + | ||
1707 | + /* | ||
1708 | + * If BN_num_bytes of priv_key returns less then r_len then | ||
1709 | + * add padding bytes before the key | ||
1710 | + */ | ||
1711 | + if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { | ||
1712 | + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); | ||
1713 | + goto err; | ||
1714 | + } | ||
1715 | + | ||
1716 | + buflen = (EC_GROUP_get_degree(group) + 7)/8; | ||
1717 | + len = BN_num_bytes(x); | ||
1718 | + if (len > buflen || q_len < buflen) { | ||
1719 | + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); | ||
1720 | + goto err; | ||
1721 | + } | ||
1722 | + | ||
1723 | + kop->crk_op = CRK_DH_COMPUTE_KEY; | ||
1724 | + kop->crk_param[0].crp_p = (void *) s; | ||
1725 | + kop->crk_param[0].crp_nbits = priv_key_len*8; | ||
1726 | + kop->crk_param[1].crp_p = (void *) w_xy; | ||
1727 | + kop->crk_param[1].crp_nbits = pub_key_len*8; | ||
1728 | + kop->crk_param[2].crp_p = (void *) q; | ||
1729 | + kop->crk_param[2].crp_nbits = q_len*8; | ||
1730 | + kop->crk_param[3].crp_p = (void *) ab; | ||
1731 | + kop->crk_param[3].crp_nbits = ab_len*8; | ||
1732 | + kop->crk_iparams = 4; | ||
1733 | + kop->crk_param[4].crp_p = (void *) out; | ||
1734 | + kop->crk_param[4].crp_nbits = q_len*8; | ||
1735 | + kop->crk_oparams = 1; | ||
1736 | + kop->cookie = cookie; | ||
1737 | + if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) | ||
1738 | + goto err; | ||
1739 | + | ||
1740 | + return q_len; | ||
1741 | +err: | ||
1742 | + { | ||
1743 | + const ECDH_METHOD *meth = ECDH_OpenSSL(); | ||
1744 | + | ||
1745 | + if (kop) | ||
1746 | + free(kop); | ||
1747 | + ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); | ||
1748 | + /* Call user cookie handler */ | ||
1749 | + cookie->pkc_callback(cookie, 0); | ||
1750 | + } | ||
1751 | + return ret; | ||
1752 | +} | ||
1753 | |||
1754 | static DH_METHOD cryptodev_dh = { | ||
1755 | "cryptodev DH method", | ||
1756 | @@ -2512,6 +3767,8 @@ static DH_METHOD cryptodev_dh = { | ||
1757 | NULL, | ||
1758 | NULL, | ||
1759 | NULL, | ||
1760 | + NULL, | ||
1761 | + NULL, | ||
1762 | 0, /* flags */ | ||
1763 | NULL /* app_data */ | ||
1764 | }; | ||
1765 | @@ -2520,6 +3777,7 @@ static ECDH_METHOD cryptodev_ecdh = { | ||
1766 | "cryptodev ECDH method", | ||
1767 | NULL, /* cryptodev_ecdh_compute_key */ | ||
1768 | NULL, | ||
1769 | + NULL, | ||
1770 | 0, /* flags */ | ||
1771 | NULL /* app_data */ | ||
1772 | }; | ||
1773 | @@ -2593,12 +3851,19 @@ ENGINE_load_cryptodev(void) | ||
1774 | cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; | ||
1775 | if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
1776 | cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; | ||
1777 | - if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) | ||
1778 | + cryptodev_rsa.bn_mod_exp_async = | ||
1779 | + cryptodev_bn_mod_exp_async; | ||
1780 | + if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) { | ||
1781 | cryptodev_rsa.rsa_mod_exp = | ||
1782 | cryptodev_rsa_mod_exp; | ||
1783 | - else | ||
1784 | + cryptodev_rsa.rsa_mod_exp_async = | ||
1785 | + cryptodev_rsa_mod_exp_async; | ||
1786 | + } else { | ||
1787 | cryptodev_rsa.rsa_mod_exp = | ||
1788 | cryptodev_rsa_nocrt_mod_exp; | ||
1789 | + cryptodev_rsa.rsa_mod_exp_async = | ||
1790 | + cryptodev_rsa_nocrt_mod_exp_async; | ||
1791 | + } | ||
1792 | } | ||
1793 | } | ||
1794 | |||
1795 | @@ -2606,12 +3871,21 @@ ENGINE_load_cryptodev(void) | ||
1796 | const DSA_METHOD *meth = DSA_OpenSSL(); | ||
1797 | |||
1798 | memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); | ||
1799 | - if (cryptodev_asymfeat & CRF_DSA_SIGN) | ||
1800 | + if (cryptodev_asymfeat & CRF_DSA_SIGN) { | ||
1801 | cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; | ||
1802 | - if (cryptodev_asymfeat & CRF_DSA_VERIFY) | ||
1803 | + cryptodev_dsa.dsa_do_sign_async = | ||
1804 | + cryptodev_dsa_do_sign_async; | ||
1805 | + } | ||
1806 | + if (cryptodev_asymfeat & CRF_DSA_VERIFY) { | ||
1807 | cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; | ||
1808 | - if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) | ||
1809 | + cryptodev_dsa.dsa_do_verify_async = | ||
1810 | + cryptodev_dsa_verify_async; | ||
1811 | + } | ||
1812 | + if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) { | ||
1813 | cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; | ||
1814 | + cryptodev_dsa.dsa_keygen_async = | ||
1815 | + cryptodev_dsa_keygen_async; | ||
1816 | + } | ||
1817 | } | ||
1818 | |||
1819 | if (ENGINE_set_DH(engine, &cryptodev_dh)){ | ||
1820 | @@ -2620,10 +3894,15 @@ ENGINE_load_cryptodev(void) | ||
1821 | if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1822 | cryptodev_dh.compute_key = | ||
1823 | cryptodev_dh_compute_key; | ||
1824 | + cryptodev_dh.compute_key_async = | ||
1825 | + cryptodev_dh_compute_key_async; | ||
1826 | } | ||
1827 | if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { | ||
1828 | cryptodev_dh.generate_key = | ||
1829 | cryptodev_dh_keygen; | ||
1830 | + cryptodev_dh.generate_key_async = | ||
1831 | + cryptodev_dh_keygen_async; | ||
1832 | + | ||
1833 | } | ||
1834 | } | ||
1835 | |||
1836 | @@ -2632,10 +3911,14 @@ ENGINE_load_cryptodev(void) | ||
1837 | memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); | ||
1838 | if (cryptodev_asymfeat & CRF_DSA_SIGN) { | ||
1839 | cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; | ||
1840 | + cryptodev_ecdsa.ecdsa_do_sign_async = | ||
1841 | + cryptodev_ecdsa_do_sign_async; | ||
1842 | } | ||
1843 | if (cryptodev_asymfeat & CRF_DSA_VERIFY) { | ||
1844 | cryptodev_ecdsa.ecdsa_do_verify = | ||
1845 | cryptodev_ecdsa_verify; | ||
1846 | + cryptodev_ecdsa.ecdsa_do_verify_async = | ||
1847 | + cryptodev_ecdsa_verify_async; | ||
1848 | } | ||
1849 | } | ||
1850 | |||
1851 | @@ -2644,9 +3927,16 @@ ENGINE_load_cryptodev(void) | ||
1852 | memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); | ||
1853 | if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { | ||
1854 | cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; | ||
1855 | + cryptodev_ecdh.compute_key_async = | ||
1856 | + cryptodev_ecdh_compute_key_async; | ||
1857 | } | ||
1858 | } | ||
1859 | |||
1860 | + ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); | ||
1861 | + ENGINE_set_close_instance(engine, cryptodev_close_instance); | ||
1862 | + ENGINE_set_init_instance(engine, cryptodev_init_instance); | ||
1863 | + ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); | ||
1864 | + | ||
1865 | ENGINE_add(engine); | ||
1866 | ENGINE_free(engine); | ||
1867 | ERR_clear_error(); | ||
1868 | diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h | ||
1869 | index 451ef8f..8fc3077 100644 | ||
1870 | --- a/crypto/engine/eng_int.h | ||
1871 | +++ b/crypto/engine/eng_int.h | ||
1872 | @@ -181,7 +181,29 @@ struct engine_st | ||
1873 | ENGINE_LOAD_KEY_PTR load_pubkey; | ||
1874 | |||
1875 | ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; | ||
1876 | - | ||
1877 | + /* | ||
1878 | + * Instantiate Engine handle to be passed in check_pkc_availability | ||
1879 | + * Ensure that Engine is instantiated before any pkc asynchronous call. | ||
1880 | + */ | ||
1881 | + void *(*engine_init_instance)(void); | ||
1882 | + /* | ||
1883 | + * Instantiated Engine handle will be closed with this call. | ||
1884 | + * Ensure that no pkc asynchronous call is made after this call | ||
1885 | + */ | ||
1886 | + void (*engine_close_instance)(void *handle); | ||
1887 | + /* | ||
1888 | + * Check availability will extract the data from kernel. | ||
1889 | + * eng_handle: This is the Engine handle corresponds to which | ||
1890 | + * the cookies needs to be polled. | ||
1891 | + * return 0 if cookie available else 1 | ||
1892 | + */ | ||
1893 | + int (*check_pkc_availability)(void *eng_handle); | ||
1894 | + /* | ||
1895 | + * The following map is used to check if the engine supports asynchronous implementation | ||
1896 | + * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous | ||
1897 | + * implementation need to check this features using "int ENGINE_get_async_map(engine *)"; | ||
1898 | + */ | ||
1899 | + int async_map; | ||
1900 | const ENGINE_CMD_DEFN *cmd_defns; | ||
1901 | int flags; | ||
1902 | /* reference count on the structure itself */ | ||
1903 | diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c | ||
1904 | index 18a6664..6fa621c 100644 | ||
1905 | --- a/crypto/engine/eng_lib.c | ||
1906 | +++ b/crypto/engine/eng_lib.c | ||
1907 | @@ -98,7 +98,11 @@ void engine_set_all_null(ENGINE *e) | ||
1908 | e->ctrl = NULL; | ||
1909 | e->load_privkey = NULL; | ||
1910 | e->load_pubkey = NULL; | ||
1911 | + e->check_pkc_availability = NULL; | ||
1912 | + e->engine_init_instance = NULL; | ||
1913 | + e->engine_close_instance = NULL; | ||
1914 | e->cmd_defns = NULL; | ||
1915 | + e->async_map = 0; | ||
1916 | e->flags = 0; | ||
1917 | } | ||
1918 | |||
1919 | @@ -233,6 +237,48 @@ int ENGINE_set_id(ENGINE *e, const char *id) | ||
1920 | return 1; | ||
1921 | } | ||
1922 | |||
1923 | +void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) | ||
1924 | + { | ||
1925 | + e->engine_init_instance = engine_init_instance; | ||
1926 | + } | ||
1927 | + | ||
1928 | +void ENGINE_set_close_instance(ENGINE *e, | ||
1929 | + void (*engine_close_instance)(void *)) | ||
1930 | + { | ||
1931 | + e->engine_close_instance = engine_close_instance; | ||
1932 | + } | ||
1933 | + | ||
1934 | +void ENGINE_set_async_map(ENGINE *e, int async_map) | ||
1935 | + { | ||
1936 | + e->async_map = async_map; | ||
1937 | + } | ||
1938 | + | ||
1939 | +void *ENGINE_init_instance(ENGINE *e) | ||
1940 | + { | ||
1941 | + return e->engine_init_instance(); | ||
1942 | + } | ||
1943 | + | ||
1944 | +void ENGINE_close_instance(ENGINE *e, void *eng_handle) | ||
1945 | + { | ||
1946 | + e->engine_close_instance(eng_handle); | ||
1947 | + } | ||
1948 | + | ||
1949 | +int ENGINE_get_async_map(ENGINE *e) | ||
1950 | + { | ||
1951 | + return e->async_map; | ||
1952 | + } | ||
1953 | + | ||
1954 | +void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
1955 | + int (*check_pkc_availability)(void *eng_handle)) | ||
1956 | + { | ||
1957 | + e->check_pkc_availability = check_pkc_availability; | ||
1958 | + } | ||
1959 | + | ||
1960 | +int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) | ||
1961 | + { | ||
1962 | + return e->check_pkc_availability(eng_handle); | ||
1963 | + } | ||
1964 | + | ||
1965 | int ENGINE_set_name(ENGINE *e, const char *name) | ||
1966 | { | ||
1967 | if(name == NULL) | ||
1968 | diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h | ||
1969 | index 237a6c9..ccff86a 100644 | ||
1970 | --- a/crypto/engine/engine.h | ||
1971 | +++ b/crypto/engine/engine.h | ||
1972 | @@ -473,6 +473,30 @@ ENGINE *ENGINE_new(void); | ||
1973 | int ENGINE_free(ENGINE *e); | ||
1974 | int ENGINE_up_ref(ENGINE *e); | ||
1975 | int ENGINE_set_id(ENGINE *e, const char *id); | ||
1976 | +void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); | ||
1977 | +void ENGINE_set_close_instance(ENGINE *e, | ||
1978 | + void (*engine_free_instance)(void *)); | ||
1979 | +/* | ||
1980 | + * Following FLAGS are bitmap store in async_map to set asynchronous interface capability | ||
1981 | + *of the engine | ||
1982 | + */ | ||
1983 | +#define ENGINE_RSA_ASYNC 0x0001 | ||
1984 | +#define ENGINE_DSA_ASYNC 0x0002 | ||
1985 | +#define ENGINE_DH_ASYNC 0x0004 | ||
1986 | +#define ENGINE_ECDSA_ASYNC 0x0008 | ||
1987 | +#define ENGINE_ECDH_ASYNC 0x0010 | ||
1988 | +#define ENGINE_ALLPKC_ASYNC 0x001F | ||
1989 | +/* Engine implementation will set the bitmap based on above flags using following API */ | ||
1990 | +void ENGINE_set_async_map(ENGINE *e, int async_map); | ||
1991 | + /* Application need to check the bitmap based on above flags using following API | ||
1992 | + * to confirm asynchronous methods supported | ||
1993 | + */ | ||
1994 | +int ENGINE_get_async_map(ENGINE *e); | ||
1995 | +void *ENGINE_init_instance(ENGINE *e); | ||
1996 | +void ENGINE_close_instance(ENGINE *e, void *eng_handle); | ||
1997 | +void ENGINE_set_check_pkc_availability(ENGINE *e, | ||
1998 | + int (*check_pkc_availability)(void *eng_handle)); | ||
1999 | +int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); | ||
2000 | int ENGINE_set_name(ENGINE *e, const char *name); | ||
2001 | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); | ||
2002 | int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); | ||
2003 | diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h | ||
2004 | index 5f269e5..6ef1b15 100644 | ||
2005 | --- a/crypto/rsa/rsa.h | ||
2006 | +++ b/crypto/rsa/rsa.h | ||
2007 | @@ -101,6 +101,29 @@ struct rsa_meth_st | ||
2008 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
2009 | const BIGNUM *m, BN_CTX *ctx, | ||
2010 | BN_MONT_CTX *m_ctx); /* Can be null */ | ||
2011 | + /* | ||
2012 | + * Cookie in the following _async variant must be allocated before | ||
2013 | + * submission and can be freed once its corresponding callback | ||
2014 | + * handler is called | ||
2015 | + */ | ||
2016 | + int (*rsa_pub_enc_asyn)(int flen,const unsigned char *from, | ||
2017 | + unsigned char *to, RSA *rsa, int padding, | ||
2018 | + struct pkc_cookie_s *cookie); | ||
2019 | + int (*rsa_pub_dec_async)(int flen,const unsigned char *from, | ||
2020 | + unsigned char *to, RSA *rsa, int padding, | ||
2021 | + struct pkc_cookie_s *cookie); | ||
2022 | + int (*rsa_priv_enc_async)(int flen,const unsigned char *from, | ||
2023 | + unsigned char *to, RSA *rsa, int padding, | ||
2024 | + struct pkc_cookie_s *cookie); | ||
2025 | + int (*rsa_priv_dec_async)(int flen,const unsigned char *from, | ||
2026 | + unsigned char *to, RSA *rsa, int padding, | ||
2027 | + struct pkc_cookie_s *cookie); | ||
2028 | + int (*rsa_mod_exp_async)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, | ||
2029 | + BN_CTX *ctx, struct pkc_cookie_s *cookie); | ||
2030 | + int (*bn_mod_exp_async)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
2031 | + const BIGNUM *m, BN_CTX *ctx, | ||
2032 | + BN_MONT_CTX *m_ctx, struct pkc_cookie_s *cookie); | ||
2033 | + | ||
2034 | int (*init)(RSA *rsa); /* called at new */ | ||
2035 | int (*finish)(RSA *rsa); /* called at free */ | ||
2036 | int flags; /* RSA_METHOD_FLAG_* things */ | ||
2037 | -- | ||
2038 | 1.7.9.7 | ||
2039 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch b/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch new file mode 100644 index 0000000..a417884 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch | |||
@@ -0,0 +1,106 @@ | |||
1 | From 6555c11c9f62fc37c60bb335cfeb5c9d641e493a Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Fri, 21 Mar 2014 16:22:27 +0200 | ||
4 | Subject: [PATCH][fsl 09/15] eng_cryptodev: extend TLS offload with new | ||
5 | algorithms | ||
6 | |||
7 | Upstream-status: Pending | ||
8 | |||
9 | - aes-192-cbc-hmac-sha1 | ||
10 | - aes-256-cbc-hmac-sha1 | ||
11 | |||
12 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
13 | --- | ||
14 | crypto/engine/eng_cryptodev.c | 41 +++++++++++++++++++++++++++++++++++++++++ | ||
15 | 1 file changed, 41 insertions(+) | ||
16 | |||
17 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
18 | index c5e8fb3..e2d4c53 100644 | ||
19 | --- a/crypto/engine/eng_cryptodev.c | ||
20 | +++ b/crypto/engine/eng_cryptodev.c | ||
21 | @@ -248,6 +248,8 @@ static struct { | ||
22 | { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, | ||
23 | { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, | ||
24 | { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
25 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_192_cbc_hmac_sha1, 16, 24, 20}, | ||
26 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
27 | { 0, NID_undef, 0, 0, 0}, | ||
28 | }; | ||
29 | |||
30 | @@ -536,6 +538,8 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
31 | /* TODO: make a seamless integration with cryptodev flags */ | ||
32 | switch (ctx->cipher->nid) { | ||
33 | case NID_aes_128_cbc_hmac_sha1: | ||
34 | + case NID_aes_192_cbc_hmac_sha1: | ||
35 | + case NID_aes_256_cbc_hmac_sha1: | ||
36 | cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
37 | } | ||
38 | cryp.ses = sess->ses; | ||
39 | @@ -729,6 +733,8 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
40 | /* TODO: this should be an extension of EVP_CIPHER struct */ | ||
41 | switch (ctx->cipher->nid) { | ||
42 | case NID_aes_128_cbc_hmac_sha1: | ||
43 | + case NID_aes_192_cbc_hmac_sha1: | ||
44 | + case NID_aes_256_cbc_hmac_sha1: | ||
45 | maclen = SHA_DIGEST_LENGTH; | ||
46 | } | ||
47 | |||
48 | @@ -871,6 +877,33 @@ const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { | ||
49 | NULL | ||
50 | }; | ||
51 | |||
52 | +const EVP_CIPHER cryptodev_aes_192_cbc_hmac_sha1 = { | ||
53 | + NID_aes_192_cbc_hmac_sha1, | ||
54 | + 16, 24, 16, | ||
55 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
56 | + cryptodev_init_aead_key, | ||
57 | + cryptodev_aead_cipher, | ||
58 | + cryptodev_cleanup, | ||
59 | + sizeof(struct dev_crypto_state), | ||
60 | + EVP_CIPHER_set_asn1_iv, | ||
61 | + EVP_CIPHER_get_asn1_iv, | ||
62 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
63 | + NULL | ||
64 | +}; | ||
65 | + | ||
66 | +const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { | ||
67 | + NID_aes_256_cbc_hmac_sha1, | ||
68 | + 16, 32, 16, | ||
69 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
70 | + cryptodev_init_aead_key, | ||
71 | + cryptodev_aead_cipher, | ||
72 | + cryptodev_cleanup, | ||
73 | + sizeof(struct dev_crypto_state), | ||
74 | + EVP_CIPHER_set_asn1_iv, | ||
75 | + EVP_CIPHER_get_asn1_iv, | ||
76 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
77 | + NULL | ||
78 | +}; | ||
79 | /* | ||
80 | * Registered by the ENGINE when used to find out how to deal with | ||
81 | * a particular NID in the ENGINE. this says what we'll do at the | ||
82 | @@ -911,6 +944,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
83 | case NID_aes_128_cbc_hmac_sha1: | ||
84 | *cipher = &cryptodev_aes_128_cbc_hmac_sha1; | ||
85 | break; | ||
86 | + case NID_aes_192_cbc_hmac_sha1: | ||
87 | + *cipher = &cryptodev_aes_192_cbc_hmac_sha1; | ||
88 | + break; | ||
89 | + case NID_aes_256_cbc_hmac_sha1: | ||
90 | + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; | ||
91 | + break; | ||
92 | default: | ||
93 | *cipher = NULL; | ||
94 | break; | ||
95 | @@ -3830,6 +3869,8 @@ ENGINE_load_cryptodev(void) | ||
96 | put_dev_crypto(fd); | ||
97 | |||
98 | EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
99 | + EVP_add_cipher(&cryptodev_aes_192_cbc_hmac_sha1); | ||
100 | + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
101 | if (!ENGINE_set_id(engine, "cryptodev") || | ||
102 | !ENGINE_set_name(engine, "BSD cryptodev engine") || | ||
103 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | ||
104 | -- | ||
105 | 1.7.9.7 | ||
106 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch new file mode 100644 index 0000000..4eaaeaa --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch | |||
@@ -0,0 +1,153 @@ | |||
1 | From a08f27a22d2c78f058b63dd2565925ca92ad08b2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Hou Zhiqiang <B48286@freescale.com> | ||
3 | Date: Wed, 2 Apr 2014 16:10:43 +0800 | ||
4 | Subject: [PATCH][fsl 10/15] Add RSA keygen operation and support gendsa | ||
5 | command with hardware engine | ||
6 | |||
7 | Upstream-status: Pending | ||
8 | |||
9 | Signed-off-by: Hou Zhiqiang <B48286@freescale.com> | ||
10 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
11 | --- | ||
12 | crypto/engine/eng_cryptodev.c | 118 +++++++++++++++++++++++++++++++++++++++++ | ||
13 | 1 file changed, 118 insertions(+) | ||
14 | |||
15 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
16 | index e2d4c53..0a6567c 100644 | ||
17 | --- a/crypto/engine/eng_cryptodev.c | ||
18 | +++ b/crypto/engine/eng_cryptodev.c | ||
19 | @@ -1912,6 +1912,121 @@ err: | ||
20 | return dsaret; | ||
21 | } | ||
22 | |||
23 | +/* Cryptodev RSA Key Gen routine */ | ||
24 | +static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
25 | +{ | ||
26 | + struct crypt_kop kop; | ||
27 | + int ret, fd; | ||
28 | + int p_len, q_len; | ||
29 | + int i; | ||
30 | + | ||
31 | + if ((fd = get_asym_dev_crypto()) < 0) | ||
32 | + return fd; | ||
33 | + | ||
34 | + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; | ||
35 | + if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; | ||
36 | + if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; | ||
37 | + if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; | ||
38 | + if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; | ||
39 | + if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; | ||
40 | + if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; | ||
41 | + if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; | ||
42 | + | ||
43 | + BN_copy(rsa->e, e); | ||
44 | + | ||
45 | + p_len = (bits+1) / (2 * 8); | ||
46 | + q_len = (bits - p_len * 8) / 8; | ||
47 | + memset(&kop, 0, sizeof kop); | ||
48 | + kop.crk_op = CRK_RSA_GENERATE_KEY; | ||
49 | + | ||
50 | + /* p length */ | ||
51 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
52 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
53 | + goto err; | ||
54 | + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
55 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
56 | + kop.crk_iparams++; | ||
57 | + kop.crk_oparams++; | ||
58 | + /* q length */ | ||
59 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); | ||
60 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
61 | + goto err; | ||
62 | + kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; | ||
63 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); | ||
64 | + kop.crk_iparams++; | ||
65 | + kop.crk_oparams++; | ||
66 | + /* n length */ | ||
67 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); | ||
68 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
69 | + goto err; | ||
70 | + kop.crk_param[kop.crk_iparams].crp_nbits = bits; | ||
71 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1); | ||
72 | + kop.crk_iparams++; | ||
73 | + kop.crk_oparams++; | ||
74 | + /* d length */ | ||
75 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); | ||
76 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
77 | + goto err; | ||
78 | + kop.crk_param[kop.crk_iparams].crp_nbits = bits; | ||
79 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1); | ||
80 | + kop.crk_iparams++; | ||
81 | + kop.crk_oparams++; | ||
82 | + /* dp1 length */ | ||
83 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
84 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
85 | + goto err; | ||
86 | + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
87 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
88 | + kop.crk_iparams++; | ||
89 | + kop.crk_oparams++; | ||
90 | + /* dq1 length */ | ||
91 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); | ||
92 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
93 | + goto err; | ||
94 | + kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; | ||
95 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); | ||
96 | + kop.crk_iparams++; | ||
97 | + kop.crk_oparams++; | ||
98 | + /* i length */ | ||
99 | + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
100 | + if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
101 | + goto err; | ||
102 | + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
103 | + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
104 | + kop.crk_iparams++; | ||
105 | + kop.crk_oparams++; | ||
106 | + | ||
107 | + if (ioctl(fd, CIOCKEY, &kop) == 0) { | ||
108 | + BN_bin2bn(kop.crk_param[0].crp_p, | ||
109 | + p_len, rsa->p); | ||
110 | + BN_bin2bn(kop.crk_param[1].crp_p, | ||
111 | + q_len, rsa->q); | ||
112 | + BN_bin2bn(kop.crk_param[2].crp_p, | ||
113 | + bits / 8, rsa->n); | ||
114 | + BN_bin2bn(kop.crk_param[3].crp_p, | ||
115 | + bits / 8, rsa->d); | ||
116 | + BN_bin2bn(kop.crk_param[4].crp_p, | ||
117 | + p_len, rsa->dmp1); | ||
118 | + BN_bin2bn(kop.crk_param[5].crp_p, | ||
119 | + q_len, rsa->dmq1); | ||
120 | + BN_bin2bn(kop.crk_param[6].crp_p, | ||
121 | + p_len, rsa->iqmp); | ||
122 | + return 1; | ||
123 | + } | ||
124 | +sw_try: | ||
125 | + { | ||
126 | + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
127 | + ret = (meth->rsa_keygen)(rsa, bits, e, cb); | ||
128 | + } | ||
129 | + return ret; | ||
130 | + | ||
131 | +err: | ||
132 | + for (i = 0; i < CRK_MAXPARAM; i++) | ||
133 | + free(kop.crk_param[i].crp_p); | ||
134 | + return 0; | ||
135 | + | ||
136 | +} | ||
137 | + | ||
138 | /* Cryptodev DSA Key Gen routine */ | ||
139 | static int cryptodev_dsa_keygen(DSA *dsa) | ||
140 | { | ||
141 | @@ -3905,6 +4020,9 @@ ENGINE_load_cryptodev(void) | ||
142 | cryptodev_rsa.rsa_mod_exp_async = | ||
143 | cryptodev_rsa_nocrt_mod_exp_async; | ||
144 | } | ||
145 | + if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY) | ||
146 | + cryptodev_rsa.rsa_keygen = | ||
147 | + cryptodev_rsa_keygen; | ||
148 | } | ||
149 | } | ||
150 | |||
151 | -- | ||
152 | 1.7.9.7 | ||
153 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch b/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch new file mode 100644 index 0000000..b2d636a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch | |||
@@ -0,0 +1,64 @@ | |||
1 | From f44fc935d5bc601cd625a64a366e64b19f2bb730 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Wed, 16 Apr 2014 22:53:04 +0545 | ||
4 | Subject: [PATCH][fsl 11/15] RSA Keygen Fix | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | If Kernel driver doesn't support RSA Keygen or same returns | ||
9 | error handling the keygen operation, the keygen is gracefully | ||
10 | handled by software supported rsa_keygen handler | ||
11 | |||
12 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
13 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
14 | --- | ||
15 | crypto/engine/eng_cryptodev.c | 12 +++++++----- | ||
16 | 1 file changed, 7 insertions(+), 5 deletions(-) | ||
17 | |||
18 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
19 | index 0a6567c..5d54f7e 100644 | ||
20 | --- a/crypto/engine/eng_cryptodev.c | ||
21 | +++ b/crypto/engine/eng_cryptodev.c | ||
22 | @@ -1921,7 +1921,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
23 | int i; | ||
24 | |||
25 | if ((fd = get_asym_dev_crypto()) < 0) | ||
26 | - return fd; | ||
27 | + goto sw_try; | ||
28 | |||
29 | if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; | ||
30 | if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; | ||
31 | @@ -1942,7 +1942,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
32 | /* p length */ | ||
33 | kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); | ||
34 | if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
35 | - goto err; | ||
36 | + goto sw_try; | ||
37 | kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; | ||
38 | memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); | ||
39 | kop.crk_iparams++; | ||
40 | @@ -1950,7 +1950,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
41 | /* q length */ | ||
42 | kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); | ||
43 | if (!kop.crk_param[kop.crk_iparams].crp_p) | ||
44 | - goto err; | ||
45 | + goto sw_try; | ||
46 | kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; | ||
47 | memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); | ||
48 | kop.crk_iparams++; | ||
49 | @@ -2015,8 +2015,10 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) | ||
50 | } | ||
51 | sw_try: | ||
52 | { | ||
53 | - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||
54 | - ret = (meth->rsa_keygen)(rsa, bits, e, cb); | ||
55 | + const RSA_METHOD *meth = rsa->meth; | ||
56 | + rsa->meth = RSA_PKCS1_SSLeay(); | ||
57 | + ret = RSA_generate_key_ex(rsa, bits, e, cb); | ||
58 | + rsa->meth = meth; | ||
59 | } | ||
60 | return ret; | ||
61 | |||
62 | -- | ||
63 | 1.7.9.7 | ||
64 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch b/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch new file mode 100644 index 0000000..077b08e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch | |||
@@ -0,0 +1,164 @@ | |||
1 | From 7a6848210c3b2f42aed4de60646e0e63c0e35fcb Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 17 Apr 2014 06:57:59 +0545 | ||
4 | Subject: [PATCH][fsl 12/15] Removed local copy of curve_t type | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
9 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
10 | --- | ||
11 | crypto/engine/eng_cryptodev.c | 34 ++++++++++++++-------------------- | ||
12 | crypto/engine/eng_cryptodev_ec.h | 7 ------- | ||
13 | 2 files changed, 14 insertions(+), 27 deletions(-) | ||
14 | |||
15 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
16 | index 5d54f7e..33447c8 100644 | ||
17 | --- a/crypto/engine/eng_cryptodev.c | ||
18 | +++ b/crypto/engine/eng_cryptodev.c | ||
19 | @@ -2404,12 +2404,6 @@ static ECDSA_METHOD cryptodev_ecdsa = { | ||
20 | NULL /* app_data */ | ||
21 | }; | ||
22 | |||
23 | -typedef enum ec_curve_s | ||
24 | -{ | ||
25 | - EC_PRIME, | ||
26 | - EC_BINARY | ||
27 | -} ec_curve_t; | ||
28 | - | ||
29 | /* ENGINE handler for ECDSA Sign */ | ||
30 | static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
31 | int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | ||
32 | @@ -2426,7 +2420,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
33 | const BIGNUM *order = NULL, *priv_key=NULL; | ||
34 | const EC_GROUP *group = NULL; | ||
35 | struct crypt_kop kop; | ||
36 | - ec_curve_t ec_crv = EC_PRIME; | ||
37 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
38 | |||
39 | memset(&kop, 0, sizeof(kop)); | ||
40 | ecdsa = ecdsa_check(eckey); | ||
41 | @@ -2559,7 +2553,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, | ||
42 | else | ||
43 | goto err; | ||
44 | } | ||
45 | - kop.curve_type = ECC_BINARY; | ||
46 | + kop.curve_type = EC_BINARY; | ||
47 | } | ||
48 | |||
49 | /* Calculation of Generator point */ | ||
50 | @@ -2653,7 +2647,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
51 | const EC_POINT *pub_key = NULL; | ||
52 | const BIGNUM *order = NULL; | ||
53 | const EC_GROUP *group=NULL; | ||
54 | - ec_curve_t ec_crv = EC_PRIME; | ||
55 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
56 | struct crypt_kop kop; | ||
57 | |||
58 | memset(&kop, 0, sizeof kop); | ||
59 | @@ -2798,7 +2792,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, | ||
60 | else | ||
61 | goto err; | ||
62 | } | ||
63 | - kop.curve_type = ECC_BINARY; | ||
64 | + kop.curve_type = EC_BINARY; | ||
65 | } | ||
66 | |||
67 | /* Calculation of Generator point */ | ||
68 | @@ -2899,7 +2893,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, | ||
69 | const BIGNUM *order = NULL, *priv_key=NULL; | ||
70 | const EC_GROUP *group = NULL; | ||
71 | struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
72 | - ec_curve_t ec_crv = EC_PRIME; | ||
73 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
74 | |||
75 | if (!(sig->r = BN_new()) || !kop) | ||
76 | goto err; | ||
77 | @@ -3035,7 +3029,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, | ||
78 | else | ||
79 | goto err; | ||
80 | } | ||
81 | - kop->curve_type = ECC_BINARY; | ||
82 | + kop->curve_type = EC_BINARY; | ||
83 | } | ||
84 | |||
85 | /* Calculation of Generator point */ | ||
86 | @@ -3111,7 +3105,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, | ||
87 | const EC_POINT *pub_key = NULL; | ||
88 | const BIGNUM *order = NULL; | ||
89 | const EC_GROUP *group=NULL; | ||
90 | - ec_curve_t ec_crv = EC_PRIME; | ||
91 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
92 | struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); | ||
93 | |||
94 | if (!kop) | ||
95 | @@ -3253,7 +3247,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, | ||
96 | /* copy b' i.e c(b), instead of only b */ | ||
97 | eng_ec_get_cparam (EC_GROUP_get_curve_name(group), | ||
98 | ab+q_len, q_len); | ||
99 | - kop->curve_type = ECC_BINARY; | ||
100 | + kop->curve_type = EC_BINARY; | ||
101 | } | ||
102 | |||
103 | /* Calculation of Generator point */ | ||
104 | @@ -3558,7 +3552,7 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
105 | const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
106 | void *out, size_t *outlen)) | ||
107 | { | ||
108 | - ec_curve_t ec_crv = EC_PRIME; | ||
109 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
110 | unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
111 | BIGNUM * w_x = NULL, *w_y = NULL; | ||
112 | int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
113 | @@ -3684,9 +3678,9 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, | ||
114 | else | ||
115 | goto err; | ||
116 | } | ||
117 | - kop.curve_type = ECC_BINARY; | ||
118 | + kop.curve_type = EC_BINARY; | ||
119 | } else | ||
120 | - kop.curve_type = ECC_PRIME; | ||
121 | + kop.curve_type = EC_PRIME; | ||
122 | |||
123 | priv_key_len = r_len; | ||
124 | |||
125 | @@ -3735,7 +3729,7 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, | ||
126 | const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, | ||
127 | void *out, size_t *outlen), struct pkc_cookie_s *cookie) | ||
128 | { | ||
129 | - ec_curve_t ec_crv = EC_PRIME; | ||
130 | + enum ec_curve_t ec_crv = EC_PRIME; | ||
131 | unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; | ||
132 | BIGNUM * w_x = NULL, *w_y = NULL; | ||
133 | int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; | ||
134 | @@ -3863,9 +3857,9 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, | ||
135 | else | ||
136 | goto err; | ||
137 | } | ||
138 | - kop->curve_type = ECC_BINARY; | ||
139 | + kop->curve_type = EC_BINARY; | ||
140 | } else | ||
141 | - kop->curve_type = ECC_PRIME; | ||
142 | + kop->curve_type = EC_PRIME; | ||
143 | |||
144 | priv_key_len = r_len; | ||
145 | |||
146 | diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h | ||
147 | index 77aee71..a4b8da5 100644 | ||
148 | --- a/crypto/engine/eng_cryptodev_ec.h | ||
149 | +++ b/crypto/engine/eng_cryptodev_ec.h | ||
150 | @@ -286,11 +286,4 @@ static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, | ||
151 | |||
152 | return xy; | ||
153 | } | ||
154 | - | ||
155 | -enum curve_t { | ||
156 | - DISCRETE_LOG, | ||
157 | - ECC_PRIME, | ||
158 | - ECC_BINARY, | ||
159 | - MAX_ECC_TYPE | ||
160 | -}; | ||
161 | #endif | ||
162 | -- | ||
163 | 1.7.9.7 | ||
164 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch b/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch new file mode 100644 index 0000000..11f0622 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | From 8aabfeb1308188a46d3f370cd757de130e73eb9b Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Tue, 22 Apr 2014 22:58:33 +0545 | ||
4 | Subject: [PATCH][fsl 13/15] Modulus parameter is not populated by dhparams | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | When dhparams are created, modulus parameter required for | ||
9 | private key generation is not populated. So, falling back | ||
10 | to software for proper population of modulus parameters followed | ||
11 | by private key generation | ||
12 | |||
13 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
14 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
15 | --- | ||
16 | crypto/engine/eng_cryptodev.c | 4 ++-- | ||
17 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
18 | |||
19 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
20 | index 33447c8..8de8f09 100644 | ||
21 | --- a/crypto/engine/eng_cryptodev.c | ||
22 | +++ b/crypto/engine/eng_cryptodev.c | ||
23 | @@ -3370,7 +3370,7 @@ static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) | ||
24 | kop->crk_op = CRK_DH_GENERATE_KEY; | ||
25 | if (bn2crparam(dh->p, &kop->crk_param[0])) | ||
26 | goto sw_try; | ||
27 | - if (bn2crparam(dh->q, &kop->crk_param[1])) | ||
28 | + if (!dh->q || bn2crparam(dh->q, &kop->crk_param[1])) | ||
29 | goto sw_try; | ||
30 | kop->crk_param[2].crp_p = g; | ||
31 | kop->crk_param[2].crp_nbits = g_len * 8; | ||
32 | @@ -3425,7 +3425,7 @@ static int cryptodev_dh_keygen(DH *dh) | ||
33 | kop.crk_op = CRK_DH_GENERATE_KEY; | ||
34 | if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
35 | goto sw_try; | ||
36 | - if (bn2crparam(dh->q, &kop.crk_param[1])) | ||
37 | + if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) | ||
38 | goto sw_try; | ||
39 | kop.crk_param[2].crp_p = g; | ||
40 | kop.crk_param[2].crp_nbits = g_len * 8; | ||
41 | -- | ||
42 | 1.7.9.7 | ||
43 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch b/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch new file mode 100644 index 0000000..e5aa1ba --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | From 8b1ed323d08dce8b6e303ce63a82337543e9187f Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 24 Apr 2014 00:35:34 +0545 | ||
4 | Subject: [PATCH][fsl 14/15] SW Backoff mechanism for dsa keygen | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | DSA Keygen is not handled in default openssl dsa method. Due to | ||
9 | same null function pointer in SW DSA method, the backoff for dsa | ||
10 | keygen gives segmentation fault. | ||
11 | |||
12 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
13 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
14 | --- | ||
15 | crypto/engine/eng_cryptodev.c | 12 ++++++++---- | ||
16 | 1 file changed, 8 insertions(+), 4 deletions(-) | ||
17 | |||
18 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
19 | index 8de8f09..7c2661f 100644 | ||
20 | --- a/crypto/engine/eng_cryptodev.c | ||
21 | +++ b/crypto/engine/eng_cryptodev.c | ||
22 | @@ -2075,8 +2075,10 @@ static int cryptodev_dsa_keygen(DSA *dsa) | ||
23 | return ret; | ||
24 | sw_try: | ||
25 | { | ||
26 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
27 | - ret = (meth->dsa_keygen)(dsa); | ||
28 | + const DSA_METHOD *meth = dsa->meth; | ||
29 | + dsa->meth = DSA_OpenSSL(); | ||
30 | + ret = DSA_generate_key(dsa); | ||
31 | + dsa->meth = meth; | ||
32 | } | ||
33 | return ret; | ||
34 | } | ||
35 | @@ -2130,11 +2132,13 @@ static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) | ||
36 | return ret; | ||
37 | sw_try: | ||
38 | { | ||
39 | - const DSA_METHOD *meth = DSA_OpenSSL(); | ||
40 | + const DSA_METHOD *meth = dsa->meth; | ||
41 | |||
42 | + dsa->meth = DSA_OpenSSL(); | ||
43 | if (kop) | ||
44 | free(kop); | ||
45 | - ret = (meth->dsa_keygen)(dsa); | ||
46 | + ret = DSA_generate_key(dsa); | ||
47 | + dsa->meth = meth; | ||
48 | cookie->pkc_callback(cookie, 0); | ||
49 | } | ||
50 | return ret; | ||
51 | -- | ||
52 | 1.7.9.7 | ||
53 | |||
diff --git a/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch b/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch new file mode 100644 index 0000000..99e6094 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch | |||
@@ -0,0 +1,100 @@ | |||
1 | From 9dfc18846063a110070782ede699c513b30257e5 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
3 | Date: Thu, 1 May 2014 06:35:45 +0545 | ||
4 | Subject: [PATCH][fsl 15/15] Fixed DH keygen pair generator | ||
5 | |||
6 | Upstream-status: Pending | ||
7 | |||
8 | Wrong Padding results into keygen length error | ||
9 | |||
10 | Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> | ||
11 | Tested-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
12 | --- | ||
13 | crypto/engine/eng_cryptodev.c | 50 +++++++++++++++++++++++++++-------------- | ||
14 | 1 file changed, 33 insertions(+), 17 deletions(-) | ||
15 | |||
16 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
17 | index 7c2661f..703eee4 100644 | ||
18 | --- a/crypto/engine/eng_cryptodev.c | ||
19 | +++ b/crypto/engine/eng_cryptodev.c | ||
20 | @@ -3402,44 +3402,60 @@ sw_try: | ||
21 | static int cryptodev_dh_keygen(DH *dh) | ||
22 | { | ||
23 | struct crypt_kop kop; | ||
24 | - int ret = 1, g_len; | ||
25 | - unsigned char *g = NULL; | ||
26 | + int ret = 1, q_len = 0; | ||
27 | + unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; | ||
28 | + BIGNUM *pub_key = NULL, *priv_key = NULL; | ||
29 | + int generate_new_key = 1; | ||
30 | |||
31 | - if (dh->priv_key == NULL) { | ||
32 | - if ((dh->priv_key=BN_new()) == NULL) | ||
33 | - goto sw_try; | ||
34 | - } | ||
35 | + if (dh->priv_key) | ||
36 | + priv_key = dh->priv_key; | ||
37 | |||
38 | - if (dh->pub_key == NULL) { | ||
39 | - if ((dh->pub_key=BN_new()) == NULL) | ||
40 | - goto sw_try; | ||
41 | - } | ||
42 | + if (dh->pub_key) | ||
43 | + pub_key = dh->pub_key; | ||
44 | |||
45 | - g_len = BN_num_bytes(dh->p); | ||
46 | + q_len = BN_num_bytes(dh->p); | ||
47 | /** | ||
48 | * Get generator into a plain buffer. If length is less than | ||
49 | * q_len then add leading padding bytes. | ||
50 | */ | ||
51 | - if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { | ||
52 | + if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { | ||
53 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
54 | + goto sw_try; | ||
55 | + } | ||
56 | + | ||
57 | + if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { | ||
58 | DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
59 | goto sw_try; | ||
60 | } | ||
61 | |||
62 | memset(&kop, 0, sizeof kop); | ||
63 | kop.crk_op = CRK_DH_GENERATE_KEY; | ||
64 | - if (bn2crparam(dh->p, &kop.crk_param[0])) | ||
65 | - goto sw_try; | ||
66 | + kop.crk_param[0].crp_p = q; | ||
67 | + kop.crk_param[0].crp_nbits = q_len * 8; | ||
68 | if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) | ||
69 | goto sw_try; | ||
70 | kop.crk_param[2].crp_p = g; | ||
71 | - kop.crk_param[2].crp_nbits = g_len * 8; | ||
72 | + kop.crk_param[2].crp_nbits = q_len * 8; | ||
73 | kop.crk_iparams = 3; | ||
74 | |||
75 | + s = OPENSSL_malloc (q_len); | ||
76 | + if (!s) { | ||
77 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
78 | + goto sw_try; | ||
79 | + } | ||
80 | + | ||
81 | + w = OPENSSL_malloc (q_len); | ||
82 | + if (!w) { | ||
83 | + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); | ||
84 | + goto sw_try; | ||
85 | + } | ||
86 | + | ||
87 | /* pub_key is or prime length while priv key is of length of order */ | ||
88 | - if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, | ||
89 | - BN_num_bytes(dh->q), dh->priv_key)) | ||
90 | + if (cryptodev_asym(&kop, q_len, w, q_len, s)) | ||
91 | goto sw_try; | ||
92 | |||
93 | + dh->pub_key = BN_bin2bn(w, q_len, pub_key); | ||
94 | + dh->pub_key = BN_bin2bn(s, q_len, priv_key); | ||
95 | return ret; | ||
96 | sw_try: | ||
97 | { | ||
98 | -- | ||
99 | 1.7.9.7 | ||
100 | |||
diff --git a/recipes-connectivity/openssl/openssl_1.0.1g.bbappend b/recipes-connectivity/openssl/openssl_1.0.1g.bbappend new file mode 100644 index 0000000..f3e49ae --- /dev/null +++ b/recipes-connectivity/openssl/openssl_1.0.1g.bbappend | |||
@@ -0,0 +1,59 @@ | |||
1 | FILESEXTRAPATHS_prepend := "${THISDIR}/openssl-fsl" | ||
2 | |||
3 | RDEPENDS_${PN}_class-target += "cryptodev-module" | ||
4 | |||
5 | # base package is taken from Freescale repository | ||
6 | SRCBRANCH = "OpenSSL_1_0_1-stable" | ||
7 | SRC_URI = "git://git.openssl.org/openssl.git;branch=${SRCBRANCH} \ | ||
8 | file://0001-remove-double-initialization-of-cryptodev-engine.patch \ | ||
9 | file://0002-ECC-Support-header-for-Cryptodev-Engine.patch \ | ||
10 | file://0003-add-support-for-TLS-algorithms-offload.patch \ | ||
11 | file://0004-Fixed-private-key-support-for-DH.patch \ | ||
12 | file://0005-Fixed-private-key-support-for-DH.patch \ | ||
13 | file://0006-Initial-support-for-PKC-in-cryptodev-engine.patch \ | ||
14 | file://0007-Added-hwrng-dev-file-as-source-of-RNG.patch \ | ||
15 | file://0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch \ | ||
16 | file://0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch \ | ||
17 | file://0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch \ | ||
18 | file://0011-RSA-Keygen-Fix.patch \ | ||
19 | file://0012-Removed-local-copy-of-curve_t-type.patch \ | ||
20 | file://0013-Modulus-parameter-is-not-populated-by-dhparams.patch \ | ||
21 | file://0014-SW-Backoff-mechanism-for-dsa-keygen.patch \ | ||
22 | file://0015-Fixed-DH-keygen-pair-generator.patch \ | ||
23 | " | ||
24 | SRCREV = "b2d951e4232d2f90168f9a3dd0b7df9ecf2d81a8" | ||
25 | |||
26 | SRC_URI += "file://configure-targets.patch \ | ||
27 | file://shared-libs.patch \ | ||
28 | file://oe-ldflags.patch \ | ||
29 | file://engines-install-in-libdir-ssl.patch \ | ||
30 | file://openssl-fix-link.patch \ | ||
31 | file://debian/version-script.patch \ | ||
32 | file://debian/pic.patch \ | ||
33 | file://debian/c_rehash-compat.patch \ | ||
34 | file://debian/ca.patch \ | ||
35 | file://debian/make-targets.patch \ | ||
36 | file://debian/no-rpath.patch \ | ||
37 | file://debian/man-dir.patch \ | ||
38 | file://debian/man-section.patch \ | ||
39 | file://debian/no-symbolic.patch \ | ||
40 | file://debian/debian-targets.patch \ | ||
41 | file://openssl_fix_for_x32.patch \ | ||
42 | file://openssl-fix-doc.patch \ | ||
43 | file://fix-cipher-des-ede3-cfb1.patch \ | ||
44 | file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \ | ||
45 | file://openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch \ | ||
46 | file://initial-aarch64-bits.patch \ | ||
47 | file://find.pl \ | ||
48 | file://openssl-fix-des.pod-error.patch \ | ||
49 | " | ||
50 | S = "${WORKDIR}/git" | ||
51 | |||
52 | # Digest offloading through cryptodev is not recommended because of the | ||
53 | # performance penalty of the Openssl engine interface. Openssl generates a huge | ||
54 | # number of calls to digest functions for even a small amount of work data. | ||
55 | # For example there are 70 calls to cipher code and over 10000 to digest code | ||
56 | # when downloading only 10 files of 700 bytes each. | ||
57 | # Do not build OpenSSL with cryptodev digest support until engine digest | ||
58 | # interface gets some rework: | ||
59 | CFLAG := "${@'${CFLAG}'.replace('-DUSE_CRYPTODEV_DIGESTS', '')}" | ||