diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch')
-rw-r--r-- | recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch | 317 |
1 files changed, 0 insertions, 317 deletions
diff --git a/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch deleted file mode 100644 index ab2b7ea..0000000 --- a/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch +++ /dev/null | |||
@@ -1,317 +0,0 @@ | |||
1 | From dfd6ba263dc25ea2a4bbc32448b24ca2b1fc40e8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cristian Stoica <cristian.stoica@freescale.com> | ||
3 | Date: Thu, 29 Aug 2013 16:51:18 +0300 | ||
4 | Subject: [PATCH 02/26] eng_cryptodev: add support for TLS algorithms offload | ||
5 | |||
6 | - aes-128-cbc-hmac-sha1 | ||
7 | - aes-256-cbc-hmac-sha1 | ||
8 | |||
9 | Requires TLS patches on cryptodev and TLS algorithm support in Linux | ||
10 | kernel driver. | ||
11 | |||
12 | Change-Id: I43048caa348414daddd6c1a5cdc55e769ac1945f | ||
13 | Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> | ||
14 | Reviewed-on: http://git.am.freescale.net:8181/17223 | ||
15 | --- | ||
16 | crypto/engine/eng_cryptodev.c | 222 +++++++++++++++++++++++++++++++++++++++--- | ||
17 | 1 file changed, 211 insertions(+), 11 deletions(-) | ||
18 | |||
19 | diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c | ||
20 | index 5a715ac..7588a28 100644 | ||
21 | --- a/crypto/engine/eng_cryptodev.c | ||
22 | +++ b/crypto/engine/eng_cryptodev.c | ||
23 | @@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void) | ||
24 | struct dev_crypto_state { | ||
25 | struct session_op d_sess; | ||
26 | int d_fd; | ||
27 | + unsigned char *aad; | ||
28 | + unsigned int aad_len; | ||
29 | + unsigned int len; | ||
30 | |||
31 | #ifdef USE_CRYPTODEV_DIGESTS | ||
32 | char dummy_mac_key[HASH_MAX_LEN]; | ||
33 | @@ -140,17 +143,20 @@ static struct { | ||
34 | int nid; | ||
35 | int ivmax; | ||
36 | int keylen; | ||
37 | + int mackeylen; | ||
38 | } ciphers[] = { | ||
39 | - { CRYPTO_ARC4, NID_rc4, 0, 16, }, | ||
40 | - { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, | ||
41 | - { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, | ||
42 | - { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, | ||
43 | - { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, }, | ||
44 | - { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, | ||
45 | - { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, | ||
46 | - { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, | ||
47 | - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, | ||
48 | - { 0, NID_undef, 0, 0, }, | ||
49 | + { CRYPTO_ARC4, NID_rc4, 0, 16, 0}, | ||
50 | + { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0}, | ||
51 | + { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0}, | ||
52 | + { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0}, | ||
53 | + { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0}, | ||
54 | + { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0}, | ||
55 | + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, | ||
56 | + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, | ||
57 | + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, | ||
58 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, | ||
59 | + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, | ||
60 | + { 0, NID_undef, 0, 0, 0}, | ||
61 | }; | ||
62 | |||
63 | #ifdef USE_CRYPTODEV_DIGESTS | ||
64 | @@ -250,13 +256,15 @@ get_cryptodev_ciphers(const int **cnids) | ||
65 | } | ||
66 | memset(&sess, 0, sizeof(sess)); | ||
67 | sess.key = (caddr_t)"123456789abcdefghijklmno"; | ||
68 | + sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO"; | ||
69 | |||
70 | for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { | ||
71 | if (ciphers[i].nid == NID_undef) | ||
72 | continue; | ||
73 | sess.cipher = ciphers[i].id; | ||
74 | sess.keylen = ciphers[i].keylen; | ||
75 | - sess.mac = 0; | ||
76 | + sess.mackeylen = ciphers[i].mackeylen; | ||
77 | + | ||
78 | if (ioctl(fd, CIOCGSESSION, &sess) != -1 && | ||
79 | ioctl(fd, CIOCFSESSION, &sess.ses) != -1) | ||
80 | nids[count++] = ciphers[i].nid; | ||
81 | @@ -414,6 +422,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
82 | return (1); | ||
83 | } | ||
84 | |||
85 | + | ||
86 | +static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
87 | + const unsigned char *in, size_t len) | ||
88 | +{ | ||
89 | + struct crypt_auth_op cryp; | ||
90 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
91 | + struct session_op *sess = &state->d_sess; | ||
92 | + const void *iiv; | ||
93 | + unsigned char save_iv[EVP_MAX_IV_LENGTH]; | ||
94 | + | ||
95 | + if (state->d_fd < 0) | ||
96 | + return (0); | ||
97 | + if (!len) | ||
98 | + return (1); | ||
99 | + if ((len % ctx->cipher->block_size) != 0) | ||
100 | + return (0); | ||
101 | + | ||
102 | + memset(&cryp, 0, sizeof(cryp)); | ||
103 | + | ||
104 | + /* TODO: make a seamless integration with cryptodev flags */ | ||
105 | + switch (ctx->cipher->nid) { | ||
106 | + case NID_aes_128_cbc_hmac_sha1: | ||
107 | + case NID_aes_256_cbc_hmac_sha1: | ||
108 | + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; | ||
109 | + } | ||
110 | + cryp.ses = sess->ses; | ||
111 | + cryp.len = state->len; | ||
112 | + cryp.src = (caddr_t) in; | ||
113 | + cryp.dst = (caddr_t) out; | ||
114 | + cryp.auth_src = state->aad; | ||
115 | + cryp.auth_len = state->aad_len; | ||
116 | + | ||
117 | + cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; | ||
118 | + | ||
119 | + if (ctx->cipher->iv_len) { | ||
120 | + cryp.iv = (caddr_t) ctx->iv; | ||
121 | + if (!ctx->encrypt) { | ||
122 | + iiv = in + len - ctx->cipher->iv_len; | ||
123 | + memcpy(save_iv, iiv, ctx->cipher->iv_len); | ||
124 | + } | ||
125 | + } else | ||
126 | + cryp.iv = NULL; | ||
127 | + | ||
128 | + if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { | ||
129 | + /* XXX need better errror handling | ||
130 | + * this can fail for a number of different reasons. | ||
131 | + */ | ||
132 | + return (0); | ||
133 | + } | ||
134 | + | ||
135 | + if (ctx->cipher->iv_len) { | ||
136 | + if (ctx->encrypt) | ||
137 | + iiv = out + len - ctx->cipher->iv_len; | ||
138 | + else | ||
139 | + iiv = save_iv; | ||
140 | + memcpy(ctx->iv, iiv, ctx->cipher->iv_len); | ||
141 | + } | ||
142 | + return (1); | ||
143 | +} | ||
144 | + | ||
145 | + | ||
146 | static int | ||
147 | cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
148 | const unsigned char *iv, int enc) | ||
149 | @@ -452,6 +521,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
150 | return (1); | ||
151 | } | ||
152 | |||
153 | +/* Save the encryption key provided by upper layers. | ||
154 | + * | ||
155 | + * This function is called by EVP_CipherInit_ex to initialize the algorithm's | ||
156 | + * extra data. We can't do much here because the mac key is not available. | ||
157 | + * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter | ||
158 | + * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION | ||
159 | + * with both the crypto and hmac keys. | ||
160 | + */ | ||
161 | +static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx, | ||
162 | + const unsigned char *key, const unsigned char *iv, int enc) | ||
163 | +{ | ||
164 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
165 | + struct session_op *sess = &state->d_sess; | ||
166 | + int cipher = -1, i; | ||
167 | + | ||
168 | + for (i = 0; ciphers[i].id; i++) | ||
169 | + if (ctx->cipher->nid == ciphers[i].nid && | ||
170 | + ctx->cipher->iv_len <= ciphers[i].ivmax && | ||
171 | + ctx->key_len == ciphers[i].keylen) { | ||
172 | + cipher = ciphers[i].id; | ||
173 | + break; | ||
174 | + } | ||
175 | + | ||
176 | + if (!ciphers[i].id) { | ||
177 | + state->d_fd = -1; | ||
178 | + return (0); | ||
179 | + } | ||
180 | + | ||
181 | + memset(sess, 0, sizeof(struct session_op)); | ||
182 | + | ||
183 | + sess->key = (caddr_t)key; | ||
184 | + sess->keylen = ctx->key_len; | ||
185 | + sess->cipher = cipher; | ||
186 | + | ||
187 | + /* for whatever reason, (1) means success */ | ||
188 | + return (1); | ||
189 | +} | ||
190 | + | ||
191 | + | ||
192 | /* | ||
193 | * free anything we allocated earlier when initting a | ||
194 | * session, and close the session. | ||
195 | @@ -488,6 +596,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) | ||
196 | return (ret); | ||
197 | } | ||
198 | |||
199 | +static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
200 | + void *ptr) | ||
201 | +{ | ||
202 | + switch (type) { | ||
203 | + case EVP_CTRL_AEAD_SET_MAC_KEY: | ||
204 | + { | ||
205 | + /* TODO: what happens with hmac keys larger than 64 bytes? */ | ||
206 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
207 | + struct session_op *sess = &state->d_sess; | ||
208 | + | ||
209 | + if ((state->d_fd = get_dev_crypto()) < 0) | ||
210 | + return (0); | ||
211 | + | ||
212 | + /* the rest should have been set in cryptodev_init_aead_key */ | ||
213 | + sess->mackey = ptr; | ||
214 | + sess->mackeylen = arg; | ||
215 | + | ||
216 | + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { | ||
217 | + put_dev_crypto(state->d_fd); | ||
218 | + state->d_fd = -1; | ||
219 | + return (0); | ||
220 | + } | ||
221 | + return (1); | ||
222 | + } | ||
223 | + case EVP_CTRL_AEAD_TLS1_AAD: | ||
224 | + { | ||
225 | + /* ptr points to the associated data buffer of 13 bytes */ | ||
226 | + struct dev_crypto_state *state = ctx->cipher_data; | ||
227 | + unsigned char *p = ptr; | ||
228 | + unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; | ||
229 | + unsigned int maclen, padlen; | ||
230 | + unsigned int bs = ctx->cipher->block_size; | ||
231 | + | ||
232 | + state->aad = ptr; | ||
233 | + state->aad_len = arg; | ||
234 | + state->len = cryptlen; | ||
235 | + | ||
236 | + /* TODO: this should be an extension of EVP_CIPHER struct */ | ||
237 | + switch (ctx->cipher->nid) { | ||
238 | + case NID_aes_128_cbc_hmac_sha1: | ||
239 | + case NID_aes_256_cbc_hmac_sha1: | ||
240 | + maclen = SHA_DIGEST_LENGTH; | ||
241 | + } | ||
242 | + | ||
243 | + /* space required for encryption (not only TLS padding) */ | ||
244 | + padlen = maclen; | ||
245 | + if (ctx->encrypt) { | ||
246 | + cryptlen += maclen; | ||
247 | + padlen += bs - (cryptlen % bs); | ||
248 | + } | ||
249 | + return padlen; | ||
250 | + } | ||
251 | + default: | ||
252 | + return -1; | ||
253 | + } | ||
254 | +} | ||
255 | + | ||
256 | /* | ||
257 | * libcrypto EVP stuff - this is how we get wired to EVP so the engine | ||
258 | * gets called when libcrypto requests a cipher NID. | ||
259 | @@ -600,6 +765,33 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { | ||
260 | NULL | ||
261 | }; | ||
262 | |||
263 | +const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { | ||
264 | + NID_aes_128_cbc_hmac_sha1, | ||
265 | + 16, 16, 16, | ||
266 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
267 | + cryptodev_init_aead_key, | ||
268 | + cryptodev_aead_cipher, | ||
269 | + cryptodev_cleanup, | ||
270 | + sizeof(struct dev_crypto_state), | ||
271 | + EVP_CIPHER_set_asn1_iv, | ||
272 | + EVP_CIPHER_get_asn1_iv, | ||
273 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
274 | + NULL | ||
275 | +}; | ||
276 | + | ||
277 | +const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { | ||
278 | + NID_aes_256_cbc_hmac_sha1, | ||
279 | + 16, 32, 16, | ||
280 | + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, | ||
281 | + cryptodev_init_aead_key, | ||
282 | + cryptodev_aead_cipher, | ||
283 | + cryptodev_cleanup, | ||
284 | + sizeof(struct dev_crypto_state), | ||
285 | + EVP_CIPHER_set_asn1_iv, | ||
286 | + EVP_CIPHER_get_asn1_iv, | ||
287 | + cryptodev_cbc_hmac_sha1_ctrl, | ||
288 | + NULL | ||
289 | +}; | ||
290 | /* | ||
291 | * Registered by the ENGINE when used to find out how to deal with | ||
292 | * a particular NID in the ENGINE. this says what we'll do at the | ||
293 | @@ -637,6 +829,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | ||
294 | case NID_aes_256_cbc: | ||
295 | *cipher = &cryptodev_aes_256_cbc; | ||
296 | break; | ||
297 | + case NID_aes_128_cbc_hmac_sha1: | ||
298 | + *cipher = &cryptodev_aes_128_cbc_hmac_sha1; | ||
299 | + break; | ||
300 | + case NID_aes_256_cbc_hmac_sha1: | ||
301 | + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; | ||
302 | + break; | ||
303 | default: | ||
304 | *cipher = NULL; | ||
305 | break; | ||
306 | @@ -1384,6 +1582,8 @@ ENGINE_load_cryptodev(void) | ||
307 | } | ||
308 | put_dev_crypto(fd); | ||
309 | |||
310 | + EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); | ||
311 | + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); | ||
312 | if (!ENGINE_set_id(engine, "cryptodev") || | ||
313 | !ENGINE_set_name(engine, "BSD cryptodev engine") || | ||
314 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | ||
315 | -- | ||
316 | 2.3.5 | ||
317 | |||