summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTing Liu <b28495@freescale.com>2014-06-14 13:25:20 +0800
committerZhenhua Luo <zhenhua.luo@freescale.com>2014-07-11 13:35:09 +0800
commita5a824944072c9cfec826a76ba788e6674ab7fdd (patch)
treef9cab661165fb66c13782c2beb55f301d20672ba
parent8443b0288c81073d9b9095c1d638e2673ae5f739 (diff)
downloadmeta-freescale-a5a824944072c9cfec826a76ba788e6674ab7fdd.tar.gz
openssl: use fsl maintained source
add bbappend to use fsl own openssl source code which was tested Signed-off-by: Ting Liu <b28495@freescale.com>
Diffstat
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch83
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch318
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch296
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch33
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch35
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch1563
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch28
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch2039
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch106
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch153
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch64
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch164
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch43
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch53
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch100
-rw-r--r--meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1g.bbappend59
16 files changed, 5137 insertions, 0 deletions
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch
new file mode 100644
index 000000000..eae68780c
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch
@@ -0,0 +1,83 @@
1From f174dd904fb4995a89eed53be3e2ebf7bee25a9b Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Tue, 10 Sep 2013 12:46:46 +0300
4Subject: [PATCH][fsl 01/15] remove double initialization of cryptodev engine
5
6Upstream-status: Pending
7
8cryptodev engine is initialized together with the other engines in
9ENGINE_load_builtin_engines. The initialization done through
10OpenSSL_add_all_algorithms is redundant.
11
12Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
13---
14 crypto/engine/eng_all.c | 11 -----------
15 crypto/engine/engine.h | 4 ----
16 crypto/evp/c_all.c | 5 -----
17 util/libeay.num | 2 +-
18 4 files changed, 1 insertion(+), 21 deletions(-)
19
20diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
21index 6093376..f16c043 100644
22--- a/crypto/engine/eng_all.c
23+++ b/crypto/engine/eng_all.c
24@@ -122,14 +122,3 @@ void ENGINE_load_builtin_engines(void)
25 #endif
26 ENGINE_register_all_complete();
27 }
28-
29-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
30-void ENGINE_setup_bsd_cryptodev(void) {
31- static int bsd_cryptodev_default_loaded = 0;
32- if (!bsd_cryptodev_default_loaded) {
33- ENGINE_load_cryptodev();
34- ENGINE_register_all_complete();
35- }
36- bsd_cryptodev_default_loaded=1;
37-}
38-#endif
39diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
40index f8be497..237a6c9 100644
41--- a/crypto/engine/engine.h
42+++ b/crypto/engine/engine.h
43@@ -740,10 +740,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
44 * values. */
45 void *ENGINE_get_static_state(void);
46
47-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
48-void ENGINE_setup_bsd_cryptodev(void);
49-#endif
50-
51 /* BEGIN ERROR CODES */
52 /* The following lines are auto generated by the script mkerr.pl. Any changes
53 * made after this point may be overwritten when the script is next run.
54diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c
55index 766c4ce..5d6c21b 100644
56--- a/crypto/evp/c_all.c
57+++ b/crypto/evp/c_all.c
58@@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void)
59 OPENSSL_cpuid_setup();
60 OpenSSL_add_all_ciphers();
61 OpenSSL_add_all_digests();
62-#ifndef OPENSSL_NO_ENGINE
63-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
64- ENGINE_setup_bsd_cryptodev();
65-# endif
66-#endif
67 }
68diff --git a/util/libeay.num b/util/libeay.num
69index aa86b2b..ae50040 100755
70--- a/util/libeay.num
71+++ b/util/libeay.num
72@@ -2801,7 +2801,7 @@ BIO_indent 3242 EXIST::FUNCTION:
73 BUF_strlcpy 3243 EXIST::FUNCTION:
74 OpenSSLDie 3244 EXIST::FUNCTION:
75 OPENSSL_cleanse 3245 EXIST::FUNCTION:
76-ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE
77+ENGINE_setup_bsd_cryptodev 3246 NOEXIST::FUNCTION:
78 ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH
79 EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES
80 FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION:
81--
821.7.9.7
83
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch
new file mode 100644
index 000000000..717a345a4
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0002-ECC-Support-header-for-Cryptodev-Engine.patch
@@ -0,0 +1,318 @@
1From 154601fba4907a7eb3f98e670d62cfa15a767500 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Tue, 11 Mar 2014 05:56:54 +0545
4Subject: [PATCH][fsl 02/15] ECC Support header for Cryptodev Engine
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 crypto/engine/eng_cryptodev_ec.h | 296 ++++++++++++++++++++++++++++++++++++++
11 1 file changed, 296 insertions(+)
12 create mode 100644 crypto/engine/eng_cryptodev_ec.h
13
14diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h
15new file mode 100644
16index 0000000..77aee71
17--- /dev/null
18+++ b/crypto/engine/eng_cryptodev_ec.h
19@@ -0,0 +1,296 @@
20+/*
21+ * Copyright (C) 2012 Freescale Semiconductor, Inc.
22+ *
23+ * Redistribution and use in source and binary forms, with or without
24+ * modification, are permitted provided that the following conditions
25+ * are met:
26+ * 1. Redistributions of source code must retain the above copyright
27+ * notice, this list of conditions and the following disclaimer.
28+ * 2. Redistributions in binary form must reproduce the above copyright
29+ * notice, this list of conditions and the following disclaimer in the
30+ * documentation and/or other materials provided with the distribution.
31+ *
32+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
33+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
34+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
35+ * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
36+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
37+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
38+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
39+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
40+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
41+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42+ */
43+#ifndef __ENG_EC_H
44+#define __ENG_EC_H
45+
46+#define SPCF_CPARAM_INIT(X,...) \
47+static unsigned char X##_c[] = {__VA_ARGS__} \
48+
49+#define SPCF_FREE_BN(X) do { if(X) { BN_clear_free(X); X = NULL; } } while (0)
50+
51+#define SPCF_COPY_CPARAMS(NIDBUF) \
52+ do { \
53+ memcpy (buf, NIDBUF, buf_len); \
54+ } while (0)
55+
56+#define SPCF_CPARAM_CASE(X) \
57+ case NID_##X: \
58+ SPCF_COPY_CPARAMS(X##_c); \
59+ break
60+
61+SPCF_CPARAM_INIT(sect113r1, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, 0xEC, 0x76,
62+ 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5);
63+SPCF_CPARAM_INIT(sect113r2, 0x00, 0x54, 0xD9, 0xF0, 0x39, 0x57, 0x17, 0x4A,
64+ 0x32, 0x32, 0x91, 0x67, 0xD7, 0xFE, 0x71);
65+SPCF_CPARAM_INIT(sect131r1, 0x03, 0xDB, 0x89, 0xB4, 0x05, 0xE4, 0x91, 0x16,
66+ 0x0E, 0x3B, 0x2F, 0x07, 0xB0, 0xCE, 0x20, 0xB3, 0x7E);
67+SPCF_CPARAM_INIT(sect131r2, 0x07, 0xCB, 0xB9, 0x92, 0x0D, 0x71, 0xA4, 0x8E,
68+ 0x09, 0x9C, 0x38, 0xD7, 0x1D, 0xA6, 0x49, 0x0E, 0xB1);
69+SPCF_CPARAM_INIT(sect163k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
70+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
71+ 0x00, 0x00, 0x01);
72+SPCF_CPARAM_INIT(sect163r1, 0x05, 0xED, 0x40, 0x3E, 0xD5, 0x8E, 0xB4, 0x5B,
73+ 0x1C, 0xCE, 0xCA, 0x0F, 0x4F, 0x61, 0x65, 0x55, 0x49, 0x86,
74+ 0x1B, 0xE0, 0x52);
75+SPCF_CPARAM_INIT(sect163r2, 0x07, 0x2C, 0x4E, 0x1E, 0xF7, 0xCB, 0x2F, 0x3A,
76+ 0x03, 0x5D, 0x33, 0x10, 0x42, 0x94, 0x15, 0x96, 0x09, 0x13,
77+ 0x8B, 0xB4, 0x04);
78+SPCF_CPARAM_INIT(sect193r1, 0x01, 0x67, 0xB3, 0x5E, 0xB4, 0x31, 0x3F, 0x26,
79+ 0x3D, 0x0F, 0x7A, 0x3D, 0x50, 0x36, 0xF0, 0xA0, 0xA3, 0xC9,
80+ 0x80, 0xD4, 0x0E, 0x5A, 0x05, 0x3E, 0xD2);
81+SPCF_CPARAM_INIT(sect193r2, 0x00, 0x69, 0x89, 0xFE, 0x6B, 0xFE, 0x30, 0xED,
82+ 0xDC, 0x32, 0x44, 0x26, 0x9F, 0x3A, 0xAD, 0x18, 0xD6, 0x6C,
83+ 0xF3, 0xDB, 0x3E, 0x33, 0x02, 0xFA, 0xA8);
84+SPCF_CPARAM_INIT(sect233k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
85+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
86+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
87+ 0x00, 0x01);
88+SPCF_CPARAM_INIT(sect233r1, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, 0xDF, 0xF1,
89+ 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, 0xCE, 0x35,
90+ 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, 0xC0, 0xF2,
91+ 0x68, 0x6C);
92+SPCF_CPARAM_INIT(sect239k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
93+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
94+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
95+ 0x00, 0x01);
96+SPCF_CPARAM_INIT(sect283k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
97+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
98+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
99+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01);
100+SPCF_CPARAM_INIT(sect283r1, 0x03, 0xD8, 0xC9, 0x3D, 0x3B, 0x0E, 0xA8, 0x1D,
101+ 0x92, 0x94, 0x03, 0x4D, 0x7E, 0xE3, 0x13, 0x5D, 0x0A, 0xC5,
102+ 0xFC, 0x8D, 0x9C, 0xB0, 0x27, 0x6F, 0x72, 0x11, 0xF8, 0x80,
103+ 0xF0, 0xD8, 0x1C, 0xA4, 0xC6, 0xE8, 0x7B, 0x38);
104+SPCF_CPARAM_INIT(sect409k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
105+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
106+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
107+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
108+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
109+ 0x00, 0x00, 0x00, 0x01);
110+SPCF_CPARAM_INIT(sect409r1, 0x01, 0x49, 0xB8, 0xB7, 0xBE, 0xBD, 0x9B, 0x63,
111+ 0x65, 0x3E, 0xF1, 0xCD, 0x8C, 0x6A, 0x5D, 0xD1, 0x05, 0xA2,
112+ 0xAA, 0xAC, 0x36, 0xFE, 0x2E, 0xAE, 0x43, 0xCF, 0x28, 0xCE,
113+ 0x1C, 0xB7, 0xC8, 0x30, 0xC1, 0xEC, 0xDB, 0xFA, 0x41, 0x3A,
114+ 0xB0, 0x7F, 0xE3, 0x5A, 0x57, 0x81, 0x1A, 0xE4, 0xF8, 0x8D,
115+ 0x30, 0xAC, 0x63, 0xFB);
116+SPCF_CPARAM_INIT(sect571k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
117+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
118+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
119+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
120+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
121+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
122+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
123+ 0x00, 0x00, 0x00, 0x01);
124+SPCF_CPARAM_INIT(sect571r1, 0x06, 0x39, 0x5D, 0xB2, 0x2A, 0xB5, 0x94, 0xB1,
125+ 0x86, 0x8C, 0xED, 0x95, 0x25, 0x78, 0xB6, 0x53, 0x9F, 0xAB,
126+ 0xA6, 0x94, 0x06, 0xD9, 0xB2, 0x98, 0x61, 0x23, 0xA1, 0x85,
127+ 0xC8, 0x58, 0x32, 0xE2, 0x5F, 0xD5, 0xB6, 0x38, 0x33, 0xD5,
128+ 0x14, 0x42, 0xAB, 0xF1, 0xA9, 0xC0, 0x5F, 0xF0, 0xEC, 0xBD,
129+ 0x88, 0xD7, 0xF7, 0x79, 0x97, 0xF4, 0xDC, 0x91, 0x56, 0xAA,
130+ 0xF1, 0xCE, 0x08, 0x16, 0x46, 0x86, 0xDD, 0xFF, 0x75, 0x11,
131+ 0x6F, 0xBC, 0x9A, 0x7A);
132+SPCF_CPARAM_INIT(X9_62_c2pnb163v1, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, 0x1F,
133+ 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, 0x81,
134+ 0xE7, 0xEA, 0x26, 0xEC);
135+SPCF_CPARAM_INIT(X9_62_c2pnb163v2, 0x04, 0x35, 0xC0, 0x19, 0x66, 0x0E, 0x01,
136+ 0x01, 0xBA, 0x87, 0x0C, 0xA3, 0x9F, 0xD9, 0xA7, 0x76, 0x86,
137+ 0x50, 0x9D, 0x28, 0x13);
138+SPCF_CPARAM_INIT(X9_62_c2pnb163v3, 0x06, 0x55, 0xC4, 0x54, 0xE4, 0x1E, 0x38,
139+ 0x0C, 0x7A, 0x60, 0xB6, 0x67, 0x9A, 0x5B, 0x7A, 0x3F, 0x3A,
140+ 0xF6, 0x8E, 0x22, 0xC5);
141+SPCF_CPARAM_INIT(X9_62_c2pnb176v1, 0x00, 0x69, 0xF7, 0xDA, 0x36, 0x19, 0xA7,
142+ 0x42, 0xA3, 0x82, 0xFF, 0x05, 0x08, 0x8F, 0xD3, 0x99, 0x42,
143+ 0xCA, 0x0F, 0x1D, 0x90, 0xB6, 0x5B);
144+SPCF_CPARAM_INIT(X9_62_c2tnb191v1, 0x4C, 0x45, 0x25, 0xAB, 0x0B, 0x68, 0x4A,
145+ 0x64, 0x44, 0x62, 0x0A, 0x86, 0x45, 0xEF, 0x54, 0x6D, 0x54,
146+ 0x69, 0x39, 0x68, 0xC2, 0xAE, 0x84, 0xAC);
147+SPCF_CPARAM_INIT(X9_62_c2tnb191v2, 0x03, 0x7C, 0x8F, 0x57, 0xA2, 0x25, 0xC7,
148+ 0xB3, 0xD4, 0xED, 0xD5, 0x88, 0x0F, 0x38, 0x0A, 0xCC, 0x55,
149+ 0x74, 0xEC, 0xB3, 0x6C, 0x9F, 0x51, 0x21);
150+SPCF_CPARAM_INIT(X9_62_c2tnb191v3, 0x37, 0x39, 0xFF, 0x98, 0xB4, 0xD1, 0x69,
151+ 0x3E, 0xCF, 0x52, 0x7A, 0x98, 0x51, 0xED, 0xCF, 0x99, 0x9D,
152+ 0x9E, 0x75, 0x05, 0x43, 0x33, 0x43, 0x24);
153+SPCF_CPARAM_INIT(X9_62_c2pnb208w1, 0x00, 0xDB, 0x05, 0x3C, 0x41, 0x76, 0xCC,
154+ 0x1D, 0xA1, 0x27, 0x85, 0x2C, 0xA6, 0xD9, 0x88, 0xBE, 0x1A,
155+ 0xCC, 0xD1, 0x5B, 0x2A, 0xC1, 0xC1, 0x07, 0x42, 0x57, 0x34);
156+SPCF_CPARAM_INIT(X9_62_c2tnb239v1, 0x24, 0x59, 0xFC, 0xF4, 0x51, 0x7B, 0xC5,
157+ 0xA6, 0xB9, 0x9B, 0xE5, 0xC6, 0xC5, 0x62, 0x85, 0xC0, 0x21,
158+ 0xFE, 0x32, 0xEE, 0x2B, 0x6F, 0x1C, 0x22, 0xEA, 0x5B, 0xE1,
159+ 0xB8, 0x4B, 0x93);
160+SPCF_CPARAM_INIT(X9_62_c2tnb239v2, 0x64, 0x98, 0x84, 0x19, 0x3B, 0x56, 0x2D,
161+ 0x4A, 0x50, 0xB4, 0xFA, 0x56, 0x34, 0xE0, 0x34, 0x41, 0x3F,
162+ 0x94, 0xC4, 0x59, 0xDA, 0x7C, 0xDB, 0x16, 0x64, 0x9D, 0xDD,
163+ 0xF7, 0xE6, 0x0A);
164+SPCF_CPARAM_INIT(X9_62_c2tnb239v3, 0x32, 0x63, 0x2E, 0x65, 0x2B, 0xEE, 0x91,
165+ 0xC2, 0xE4, 0xA2, 0xF5, 0x42, 0xA3, 0x2D, 0x67, 0xA8, 0xB5,
166+ 0xB4, 0x5F, 0x21, 0xA0, 0x81, 0x02, 0xFB, 0x1F, 0x2A, 0xFB,
167+ 0xB6, 0xAC, 0xDA);
168+SPCF_CPARAM_INIT(X9_62_c2pnb272w1, 0x00, 0xDA, 0x7B, 0x60, 0x28, 0xF4, 0xC8,
169+ 0x09, 0xA0, 0xB9, 0x78, 0x81, 0xC3, 0xA5, 0x7E, 0x4D, 0x71,
170+ 0x81, 0x34, 0xD1, 0x3F, 0xEC, 0xE0, 0x90, 0x85, 0x8A, 0xC3,
171+ 0x1A, 0xE2, 0xDC, 0x2E, 0xDF, 0x8E, 0x3C, 0x8B);
172+SPCF_CPARAM_INIT(X9_62_c2pnb304w1, 0x00, 0x3C, 0x67, 0xB4, 0x07, 0xC6, 0xF3,
173+ 0x3F, 0x81, 0x0B, 0x17, 0xDC, 0x16, 0xE2, 0x14, 0x8A, 0x2C,
174+ 0x9C, 0xE2, 0x9D, 0x56, 0x05, 0x23, 0x69, 0x6A, 0x55, 0x93,
175+ 0x8A, 0x15, 0x40, 0x81, 0xE3, 0xE3, 0xAE, 0xFB, 0xCE, 0x45,
176+ 0x70, 0xC9);
177+SPCF_CPARAM_INIT(X9_62_c2tnb359v1, 0x22, 0x39, 0xAA, 0x58, 0x4A, 0xC5, 0x9A,
178+ 0xF9, 0x61, 0xD0, 0xFA, 0x2D, 0x52, 0x85, 0xB6, 0xFD, 0xF7,
179+ 0x34, 0x9B, 0xC6, 0x0E, 0x91, 0xE3, 0x20, 0xF4, 0x71, 0x64,
180+ 0xCE, 0x11, 0xF5, 0x18, 0xEF, 0xB4, 0xC0, 0x8B, 0x9B, 0xDA,
181+ 0x99, 0x9A, 0x8A, 0x37, 0xF8, 0x2A, 0x22, 0x61);
182+SPCF_CPARAM_INIT(X9_62_c2pnb368w1, 0x00, 0xC0, 0x6C, 0xCF, 0x42, 0x89, 0x3A,
183+ 0x8A, 0xAA, 0x00, 0x1E, 0x0B, 0xC0, 0xD2, 0xA2, 0x27, 0x66,
184+ 0xEF, 0x3E, 0x41, 0x88, 0x7C, 0xC6, 0x77, 0x6F, 0x4A, 0x04,
185+ 0x1E, 0xE4, 0x45, 0x14, 0xB2, 0x0A, 0xFC, 0x4E, 0x5C, 0x30,
186+ 0x40, 0x60, 0x06, 0x5B, 0xC8, 0xD6, 0xCF, 0x04, 0xD3, 0x25);
187+SPCF_CPARAM_INIT(X9_62_c2tnb431r1, 0x64, 0xF5, 0xBB, 0xE9, 0xBB, 0x31, 0x66,
188+ 0xA3, 0xA0, 0x2F, 0x2F, 0x22, 0xBF, 0x05, 0xD9, 0xF7, 0xDA,
189+ 0x43, 0xEE, 0x70, 0xC1, 0x79, 0x03, 0x15, 0x2B, 0x70, 0xA0,
190+ 0xB4, 0x25, 0x9B, 0xD2, 0xFC, 0xB2, 0x20, 0x3B, 0x7F, 0xB8,
191+ 0xD3, 0x39, 0x4E, 0x20, 0xEB, 0x0E, 0xA9, 0x84, 0xDD, 0xB1,
192+ 0xE1, 0xF1, 0x4C, 0x67, 0xB1, 0x36, 0x2B);
193+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
194+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01);
195+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
196+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
197+ 0x00, 0x00, 0x00, 0x00, 0x01);
198+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls4, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28,
199+ 0xEC, 0x76, 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5);
200+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls5, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29,
201+ 0x1F, 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70,
202+ 0x81, 0xE7, 0xEA, 0x26, 0xEC);
203+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
204+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
205+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
206+ 0x00, 0x00, 0x00, 0x01);
207+SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls11, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89,
208+ 0xDF, 0xF1, 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3,
209+ 0xCE, 0x35, 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D,
210+ 0xC0, 0xF2, 0x68, 0x6C);
211+/* Oakley curve #3 over 155 bit binary filed */
212+SPCF_CPARAM_INIT(ipsec3, 0x00, 0x31, 0x10, 0x00, 0x00, 0x02, 0x23, 0xA0, 0x00,
213+ 0xC4, 0x47, 0x40, 0x00, 0x08, 0x8E, 0x80, 0x00, 0x11, 0x1D,
214+ 0x1D);
215+/* Oakley curve #4 over 185 bit binary filed */
216+SPCF_CPARAM_INIT(ipsec4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00,
217+ 0x01, 0x80, 0x00, 0xC0, 0x0C, 0x00, 0x00, 0x00, 0x63, 0x80,
218+ 0x30, 0x00, 0x1C, 0x00, 0x09);
219+
220+static inline int
221+eng_ec_get_cparam(int nid, unsigned char *buf, unsigned int buf_len)
222+{
223+ int ret = 0;
224+ switch (nid) {
225+ SPCF_CPARAM_CASE(sect113r1);
226+ SPCF_CPARAM_CASE(sect113r2);
227+ SPCF_CPARAM_CASE(sect131r1);
228+ SPCF_CPARAM_CASE(sect131r2);
229+ SPCF_CPARAM_CASE(sect163k1);
230+ SPCF_CPARAM_CASE(sect163r1);
231+ SPCF_CPARAM_CASE(sect163r2);
232+ SPCF_CPARAM_CASE(sect193r1);
233+ SPCF_CPARAM_CASE(sect193r2);
234+ SPCF_CPARAM_CASE(sect233k1);
235+ SPCF_CPARAM_CASE(sect233r1);
236+ SPCF_CPARAM_CASE(sect239k1);
237+ SPCF_CPARAM_CASE(sect283k1);
238+ SPCF_CPARAM_CASE(sect283r1);
239+ SPCF_CPARAM_CASE(sect409k1);
240+ SPCF_CPARAM_CASE(sect409r1);
241+ SPCF_CPARAM_CASE(sect571k1);
242+ SPCF_CPARAM_CASE(sect571r1);
243+ SPCF_CPARAM_CASE(X9_62_c2pnb163v1);
244+ SPCF_CPARAM_CASE(X9_62_c2pnb163v2);
245+ SPCF_CPARAM_CASE(X9_62_c2pnb163v3);
246+ SPCF_CPARAM_CASE(X9_62_c2pnb176v1);
247+ SPCF_CPARAM_CASE(X9_62_c2tnb191v1);
248+ SPCF_CPARAM_CASE(X9_62_c2tnb191v2);
249+ SPCF_CPARAM_CASE(X9_62_c2tnb191v3);
250+ SPCF_CPARAM_CASE(X9_62_c2pnb208w1);
251+ SPCF_CPARAM_CASE(X9_62_c2tnb239v1);
252+ SPCF_CPARAM_CASE(X9_62_c2tnb239v2);
253+ SPCF_CPARAM_CASE(X9_62_c2tnb239v3);
254+ SPCF_CPARAM_CASE(X9_62_c2pnb272w1);
255+ SPCF_CPARAM_CASE(X9_62_c2pnb304w1);
256+ SPCF_CPARAM_CASE(X9_62_c2tnb359v1);
257+ SPCF_CPARAM_CASE(X9_62_c2pnb368w1);
258+ SPCF_CPARAM_CASE(X9_62_c2tnb431r1);
259+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls1);
260+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls3);
261+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls4);
262+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls5);
263+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls10);
264+ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls11);
265+ /* Oakley curve #3 over 155 bit binary filed */
266+ SPCF_CPARAM_CASE(ipsec3);
267+ /* Oakley curve #4 over 185 bit binary filed */
268+ SPCF_CPARAM_CASE(ipsec4);
269+ default:
270+ ret = -EINVAL;
271+ break;
272+ }
273+ return ret;
274+}
275+
276+/* Copies the curve points to a flat buffer with appropriate padding */
277+static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y,
278+ int xy_len, int crv_len)
279+{
280+ unsigned char *xy = NULL;
281+ int len1 = 0, len2 = 0;
282+
283+ len1 = BN_num_bytes(x);
284+ len2 = BN_num_bytes(y);
285+
286+ if (!(xy = malloc(xy_len))) {
287+ return NULL;
288+ }
289+
290+ memset(xy, 0, xy_len);
291+
292+ if (len1 < crv_len) {
293+ if (!BN_is_zero(x))
294+ BN_bn2bin(x, xy + (crv_len - len1));
295+ } else {
296+ BN_bn2bin(x, xy);
297+ }
298+
299+ if (len2 < crv_len) {
300+ if (!BN_is_zero(y))
301+ BN_bn2bin(y, xy+crv_len+(crv_len-len2));
302+ } else {
303+ BN_bn2bin(y, xy+crv_len);
304+ }
305+
306+ return xy;
307+}
308+
309+enum curve_t {
310+ DISCRETE_LOG,
311+ ECC_PRIME,
312+ ECC_BINARY,
313+ MAX_ECC_TYPE
314+};
315+#endif
316--
3171.7.9.7
318
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch
new file mode 100644
index 000000000..dd99ca9f2
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0003-add-support-for-TLS-algorithms-offload.patch
@@ -0,0 +1,296 @@
1From 1a8886909afc7e4c9e8539644c815baee8ee4816 Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Thu, 29 Aug 2013 16:51:18 +0300
4Subject: [PATCH][fsl 03/15] add support for TLS algorithms offload
5
6Upstream-status: Pending
7
8Requires TLS patches on cryptodev and TLS algorithm support in Linux
9kernel driver.
10
11Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
12---
13 crypto/engine/eng_cryptodev.c | 204 ++++++++++++++++++++++++++++++++++++++---
14 1 file changed, 193 insertions(+), 11 deletions(-)
15
16diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
17index 5a715ac..123613d 100644
18--- a/crypto/engine/eng_cryptodev.c
19+++ b/crypto/engine/eng_cryptodev.c
20@@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void)
21 struct dev_crypto_state {
22 struct session_op d_sess;
23 int d_fd;
24+ unsigned char *aad;
25+ unsigned int aad_len;
26+ unsigned int len;
27
28 #ifdef USE_CRYPTODEV_DIGESTS
29 char dummy_mac_key[HASH_MAX_LEN];
30@@ -140,17 +143,19 @@ static struct {
31 int nid;
32 int ivmax;
33 int keylen;
34+ int mackeylen;
35 } ciphers[] = {
36- { CRYPTO_ARC4, NID_rc4, 0, 16, },
37- { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, },
38- { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, },
39- { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, },
40- { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, },
41- { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, },
42- { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, },
43- { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, },
44- { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, },
45- { 0, NID_undef, 0, 0, },
46+ { CRYPTO_ARC4, NID_rc4, 0, 16, 0},
47+ { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0},
48+ { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0},
49+ { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0},
50+ { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0},
51+ { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0},
52+ { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0},
53+ { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0},
54+ { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0},
55+ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20},
56+ { 0, NID_undef, 0, 0, 0},
57 };
58
59 #ifdef USE_CRYPTODEV_DIGESTS
60@@ -250,13 +255,15 @@ get_cryptodev_ciphers(const int **cnids)
61 }
62 memset(&sess, 0, sizeof(sess));
63 sess.key = (caddr_t)"123456789abcdefghijklmno";
64+ sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO";
65
66 for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
67 if (ciphers[i].nid == NID_undef)
68 continue;
69 sess.cipher = ciphers[i].id;
70 sess.keylen = ciphers[i].keylen;
71- sess.mac = 0;
72+ sess.mackeylen = ciphers[i].mackeylen;
73+
74 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
75 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
76 nids[count++] = ciphers[i].nid;
77@@ -414,6 +421,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
78 return (1);
79 }
80
81+
82+static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
83+ const unsigned char *in, size_t len)
84+{
85+ struct crypt_auth_op cryp;
86+ struct dev_crypto_state *state = ctx->cipher_data;
87+ struct session_op *sess = &state->d_sess;
88+ const void *iiv;
89+ unsigned char save_iv[EVP_MAX_IV_LENGTH];
90+
91+ if (state->d_fd < 0)
92+ return (0);
93+ if (!len)
94+ return (1);
95+ if ((len % ctx->cipher->block_size) != 0)
96+ return (0);
97+
98+ memset(&cryp, 0, sizeof(cryp));
99+
100+ /* TODO: make a seamless integration with cryptodev flags */
101+ switch (ctx->cipher->nid) {
102+ case NID_aes_128_cbc_hmac_sha1:
103+ cryp.flags = COP_FLAG_AEAD_TLS_TYPE;
104+ }
105+ cryp.ses = sess->ses;
106+ cryp.len = state->len;
107+ cryp.dst_len = len;
108+ cryp.src = (caddr_t) in;
109+ cryp.dst = (caddr_t) out;
110+ cryp.auth_src = state->aad;
111+ cryp.auth_len = state->aad_len;
112+
113+ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
114+
115+ if (ctx->cipher->iv_len) {
116+ cryp.iv = (caddr_t) ctx->iv;
117+ if (!ctx->encrypt) {
118+ iiv = in + len - ctx->cipher->iv_len;
119+ memcpy(save_iv, iiv, ctx->cipher->iv_len);
120+ }
121+ } else
122+ cryp.iv = NULL;
123+
124+ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) {
125+ /* XXX need better errror handling
126+ * this can fail for a number of different reasons.
127+ */
128+ return (0);
129+ }
130+
131+ if (ctx->cipher->iv_len) {
132+ if (ctx->encrypt)
133+ iiv = out + len - ctx->cipher->iv_len;
134+ else
135+ iiv = save_iv;
136+ memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
137+ }
138+ return (1);
139+}
140+
141+
142 static int
143 cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
144 const unsigned char *iv, int enc)
145@@ -452,6 +520,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
146 return (1);
147 }
148
149+/* Save the encryption key provided by upper layers.
150+ *
151+ * This function is called by EVP_CipherInit_ex to initialize the algorithm's
152+ * extra data. We can't do much here because the mac key is not available.
153+ * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter
154+ * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION
155+ * with both the crypto and hmac keys.
156+ */
157+static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx,
158+ const unsigned char *key, const unsigned char *iv, int enc)
159+{
160+ struct dev_crypto_state *state = ctx->cipher_data;
161+ struct session_op *sess = &state->d_sess;
162+ int cipher = -1, i;
163+
164+ for (i = 0; ciphers[i].id; i++)
165+ if (ctx->cipher->nid == ciphers[i].nid &&
166+ ctx->cipher->iv_len <= ciphers[i].ivmax &&
167+ ctx->key_len == ciphers[i].keylen) {
168+ cipher = ciphers[i].id;
169+ break;
170+ }
171+
172+ if (!ciphers[i].id) {
173+ state->d_fd = -1;
174+ return (0);
175+ }
176+
177+ memset(sess, 0, sizeof(struct session_op));
178+
179+ sess->key = (caddr_t)key;
180+ sess->keylen = ctx->key_len;
181+ sess->cipher = cipher;
182+
183+ /* for whatever reason, (1) means success */
184+ return (1);
185+}
186+
187+
188 /*
189 * free anything we allocated earlier when initting a
190 * session, and close the session.
191@@ -488,6 +595,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
192 return (ret);
193 }
194
195+static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
196+ void *ptr)
197+{
198+ switch (type) {
199+ case EVP_CTRL_AEAD_SET_MAC_KEY:
200+ {
201+ /* TODO: what happens with hmac keys larger than 64 bytes? */
202+ struct dev_crypto_state *state = ctx->cipher_data;
203+ struct session_op *sess = &state->d_sess;
204+
205+ if ((state->d_fd = get_dev_crypto()) < 0)
206+ return (0);
207+
208+ /* the rest should have been set in cryptodev_init_aead_key */
209+ sess->mackey = ptr;
210+ sess->mackeylen = arg;
211+
212+ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
213+ put_dev_crypto(state->d_fd);
214+ state->d_fd = -1;
215+ return (0);
216+ }
217+ return (1);
218+ }
219+ case EVP_CTRL_AEAD_TLS1_AAD:
220+ {
221+ /* ptr points to the associated data buffer of 13 bytes */
222+ struct dev_crypto_state *state = ctx->cipher_data;
223+ unsigned char *p = ptr;
224+ unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1];
225+ unsigned int maclen, padlen;
226+ unsigned int bs = ctx->cipher->block_size;
227+ int j;
228+
229+ state->aad = ptr;
230+ state->aad_len = arg;
231+ state->len = cryptlen;
232+
233+ /* TODO: this should be an extension of EVP_CIPHER struct */
234+ switch (ctx->cipher->nid) {
235+ case NID_aes_128_cbc_hmac_sha1:
236+ maclen = SHA_DIGEST_LENGTH;
237+ }
238+
239+ /* space required for encryption (not only TLS padding) */
240+ padlen = maclen;
241+ if (ctx->encrypt) {
242+ cryptlen += maclen;
243+ padlen += bs - (cryptlen % bs);
244+ }
245+ return padlen;
246+ }
247+ default:
248+ return -1;
249+ }
250+}
251+
252 /*
253 * libcrypto EVP stuff - this is how we get wired to EVP so the engine
254 * gets called when libcrypto requests a cipher NID.
255@@ -600,6 +764,20 @@ const EVP_CIPHER cryptodev_aes_256_cbc = {
256 NULL
257 };
258
259+const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = {
260+ NID_aes_128_cbc_hmac_sha1,
261+ 16, 16, 16,
262+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER,
263+ cryptodev_init_aead_key,
264+ cryptodev_aead_cipher,
265+ cryptodev_cleanup,
266+ sizeof(struct dev_crypto_state),
267+ EVP_CIPHER_set_asn1_iv,
268+ EVP_CIPHER_get_asn1_iv,
269+ cryptodev_cbc_hmac_sha1_ctrl,
270+ NULL
271+};
272+
273 /*
274 * Registered by the ENGINE when used to find out how to deal with
275 * a particular NID in the ENGINE. this says what we'll do at the
276@@ -637,6 +815,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
277 case NID_aes_256_cbc:
278 *cipher = &cryptodev_aes_256_cbc;
279 break;
280+ case NID_aes_128_cbc_hmac_sha1:
281+ *cipher = &cryptodev_aes_128_cbc_hmac_sha1;
282+ break;
283 default:
284 *cipher = NULL;
285 break;
286@@ -1384,6 +1565,7 @@ ENGINE_load_cryptodev(void)
287 }
288 put_dev_crypto(fd);
289
290+ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1);
291 if (!ENGINE_set_id(engine, "cryptodev") ||
292 !ENGINE_set_name(engine, "BSD cryptodev engine") ||
293 !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
294--
2951.7.9.7
296
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch
new file mode 100644
index 000000000..607f6035c
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0004-Fixed-private-key-support-for-DH.patch
@@ -0,0 +1,33 @@
1From c994fa6c5eb9b684dd6aff45dd5e8eb98237c31e Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Tue, 11 Mar 2014 05:57:47 +0545
4Subject: [PATCH][fsl 04/15] Fixed private key support for DH
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 crypto/dh/dh_ameth.c | 7 +++++++
11 1 file changed, 7 insertions(+)
12
13diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
14index 02ec2d4..ed32004 100644
15--- a/crypto/dh/dh_ameth.c
16+++ b/crypto/dh/dh_ameth.c
17@@ -422,6 +422,13 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
18 if (to->pkey.dh->g != NULL)
19 BN_free(to->pkey.dh->g);
20 to->pkey.dh->g=a;
21+ if ((a=BN_dup(from->pkey.dh->q)) != NULL) {
22+ if (to->pkey.dh->q != NULL)
23+ BN_free(to->pkey.dh->q);
24+ to->pkey.dh->q=a;
25+ }
26+
27+ to->pkey.dh->length = from->pkey.dh->length;
28
29 return 1;
30 }
31--
321.7.9.7
33
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch
new file mode 100644
index 000000000..06dff8819
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0005-Fixed-private-key-support-for-DH.patch
@@ -0,0 +1,35 @@
1From 408bdb2a3971edd6a949f5a93bd44d0a6f3eb823 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Thu, 20 Mar 2014 19:55:51 -0500
4Subject: [PATCH][fsl 05/15] Fixed private key support for DH
5
6Upstream-status: Pending
7
8Required Length of the DH result is not returned in dh method in openssl
9
10Tested-by: Yashpal Dutta <yashpal.dutta@freescale.com>
11---
12 crypto/dh/dh_ameth.c | 7 -------
13 1 file changed, 7 deletions(-)
14
15diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
16index ed32004..02ec2d4 100644
17--- a/crypto/dh/dh_ameth.c
18+++ b/crypto/dh/dh_ameth.c
19@@ -422,13 +422,6 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
20 if (to->pkey.dh->g != NULL)
21 BN_free(to->pkey.dh->g);
22 to->pkey.dh->g=a;
23- if ((a=BN_dup(from->pkey.dh->q)) != NULL) {
24- if (to->pkey.dh->q != NULL)
25- BN_free(to->pkey.dh->q);
26- to->pkey.dh->q=a;
27- }
28-
29- to->pkey.dh->length = from->pkey.dh->length;
30
31 return 1;
32 }
33--
341.7.9.7
35
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch
new file mode 100644
index 000000000..b5ac55db6
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0006-Initial-support-for-PKC-in-cryptodev-engine.patch
@@ -0,0 +1,1563 @@
1From 8e9a39aab2fce48c117460eb1d14bcc02be6de6c Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Tue, 11 Mar 2014 06:29:52 +0545
4Subject: [PATCH][fsl 06/15] Initial support for PKC in cryptodev engine
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 crypto/engine/eng_cryptodev.c | 1343 ++++++++++++++++++++++++++++++++++++-----
11 1 file changed, 1183 insertions(+), 160 deletions(-)
12
13diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
14index 123613d..88caec1 100644
15--- a/crypto/engine/eng_cryptodev.c
16+++ b/crypto/engine/eng_cryptodev.c
17@@ -54,11 +54,14 @@ ENGINE_load_cryptodev(void)
18 #else
19
20 #include <sys/types.h>
21-#include <crypto/cryptodev.h>
22 #include <crypto/dh/dh.h>
23 #include <crypto/dsa/dsa.h>
24 #include <crypto/err/err.h>
25 #include <crypto/rsa/rsa.h>
26+#include <crypto/ecdsa/ecs_locl.h>
27+#include <crypto/ecdh/ech_locl.h>
28+#include <crypto/ec/ec_lcl.h>
29+#include <crypto/ec/ec.h>
30 #include <sys/ioctl.h>
31 #include <errno.h>
32 #include <stdio.h>
33@@ -68,6 +71,8 @@ ENGINE_load_cryptodev(void)
34 #include <syslog.h>
35 #include <errno.h>
36 #include <string.h>
37+#include "eng_cryptodev_ec.h"
38+#include <crypto/cryptodev.h>
39
40 struct dev_crypto_state {
41 struct session_op d_sess;
42@@ -116,24 +121,112 @@ static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
43 static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
44 RSA *rsa, BN_CTX *ctx);
45 static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
46-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
47- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
48-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
49- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
50- BN_CTX *ctx, BN_MONT_CTX *mont);
51 static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst,
52 int dlen, DSA *dsa);
53 static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
54 DSA_SIG *sig, DSA *dsa);
55-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
56- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
57- BN_MONT_CTX *m_ctx);
58 static int cryptodev_dh_compute_key(unsigned char *key,
59 const BIGNUM *pub_key, DH *dh);
60 static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
61 void (*f)(void));
62 void ENGINE_load_cryptodev(void);
63
64+inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len)
65+{
66+ int len;
67+ unsigned char *p;
68+
69+ len = BN_num_bytes(bn);
70+
71+ if (!len)
72+ return -1;
73+
74+ p = malloc(len);
75+ if (!p)
76+ return -1;
77+
78+ BN_bn2bin(bn,p);
79+
80+ *bin = p;
81+ *bin_len = len;
82+
83+ return 0;
84+}
85+
86+inline int spcf_bn2bin_ex(BIGNUM *bn, unsigned char **bin, int *bin_len)
87+{
88+ int len;
89+ unsigned char *p;
90+
91+ len = BN_num_bytes(bn);
92+
93+ if (!len)
94+ return -1;
95+
96+ if (len < *bin_len)
97+ p = malloc(*bin_len);
98+ else
99+ p = malloc(len);
100+
101+ if (!p)
102+ return -ENOMEM;
103+
104+ if (len < *bin_len) {
105+ /* place padding */
106+ memset(p, 0, (*bin_len - len));
107+ BN_bn2bin(bn,p+(*bin_len-len));
108+ } else {
109+ BN_bn2bin(bn,p);
110+ }
111+
112+ *bin = p;
113+ if (len >= *bin_len)
114+ *bin_len = len;
115+
116+ return 0;
117+}
118+
119+/**
120+ * Convert an ECC F2m 'b' parameter into the 'c' parameter.
121+ *Inputs:
122+ * q, the curve's modulus
123+ * b, the curve's b parameter
124+ * (a bignum for b, a buffer for c)
125+ * Output:
126+ * c, written into bin, right-adjusted to fill q_len bytes.
127+ */
128+static int
129+eng_ec_compute_cparam(const BIGNUM* b, const BIGNUM* q,
130+ unsigned char **bin, int *bin_len)
131+{
132+ BIGNUM* c = BN_new();
133+ BIGNUM* exp = BN_new();
134+ BN_CTX *ctx = BN_CTX_new();
135+ int m = BN_num_bits(q) - 1;
136+ int ok = 0;
137+
138+ if (!c || !exp || !ctx || *bin)
139+ goto err;
140+
141+ /*
142+ * We have to compute c, where b = c^4, i.e., the fourth root of b.
143+ * The equation for c is c = b^(2^(m-2))
144+ * Compute exp = 2^(m-2)
145+ * (1 << x) == 2^x
146+ * and then compute c = b^exp
147+ */
148+ BN_lshift(exp, BN_value_one(), m-2);
149+ BN_GF2m_mod_exp(c, b, exp, q, ctx);
150+ /* Store c */
151+ spcf_bn2bin_ex(c, bin, bin_len);
152+ ok = 1;
153+err:
154+ if (ctx) BN_CTX_free(ctx);
155+ if (c) BN_free(c);
156+ if (exp) BN_free(exp);
157+ return ok;
158+}
159+
160 static const ENGINE_CMD_DEFN cryptodev_defns[] = {
161 { 0, NULL, NULL, 0 }
162 };
163@@ -1106,7 +1199,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
164 static int
165 bn2crparam(const BIGNUM *a, struct crparam *crp)
166 {
167- int i, j, k;
168 ssize_t bytes, bits;
169 u_char *b;
170
171@@ -1123,15 +1215,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
172
173 crp->crp_p = (caddr_t) b;
174 crp->crp_nbits = bits;
175-
176- for (i = 0, j = 0; i < a->top; i++) {
177- for (k = 0; k < BN_BITS2 / 8; k++) {
178- if ((j + k) >= bytes)
179- return (0);
180- b[j + k] = a->d[i] >> (k * 8);
181- }
182- j += BN_BITS2 / 8;
183- }
184+ BN_bn2bin(a, crp->crp_p);
185 return (0);
186 }
187
188@@ -1139,22 +1223,14 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
189 static int
190 crparam2bn(struct crparam *crp, BIGNUM *a)
191 {
192- u_int8_t *pd;
193- int i, bytes;
194+ int bytes;
195
196 bytes = (crp->crp_nbits + 7) / 8;
197
198 if (bytes == 0)
199 return (-1);
200
201- if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
202- return (-1);
203-
204- for (i = 0; i < bytes; i++)
205- pd[i] = crp->crp_p[bytes - i - 1];
206-
207- BN_bin2bn(pd, bytes, a);
208- free(pd);
209+ BN_bin2bn(crp->crp_p, bytes, a);
210
211 return (0);
212 }
213@@ -1202,6 +1278,32 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
214 return (ret);
215 }
216
217+/* Close an opened instance of cryptodev engine */
218+void cryptodev_close_instance(void *handle)
219+{
220+ int fd;
221+
222+ if (handle) {
223+ fd = *(int *)handle;
224+ close(fd);
225+ free(handle);
226+ }
227+}
228+
229+/* Create an instance of cryptodev for asynchronous interface */
230+void *cryptodev_init_instance(void)
231+{
232+ int *fd = malloc(sizeof(int));
233+
234+ if (fd) {
235+ if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) {
236+ free(fd);
237+ return NULL;
238+ }
239+ }
240+ return fd;
241+}
242+
243 static int
244 cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
245 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
246@@ -1217,9 +1319,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
247 return (ret);
248 }
249
250- memset(&kop, 0, sizeof kop);
251 kop.crk_op = CRK_MOD_EXP;
252-
253+ kop.crk_oparams = 0;
254+ kop.crk_status = 0;
255 /* inputs: a^p % m */
256 if (bn2crparam(a, &kop.crk_param[0]))
257 goto err;
258@@ -1260,28 +1362,38 @@ static int
259 cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
260 {
261 struct crypt_kop kop;
262- int ret = 1;
263+ int ret = 1, f_len, p_len, q_len;
264+ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL;
265
266 if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
267 /* XXX 0 means failure?? */
268 return (0);
269 }
270
271- memset(&kop, 0, sizeof kop);
272+ kop.crk_oparams = 0;
273+ kop.crk_status = 0;
274 kop.crk_op = CRK_MOD_EXP_CRT;
275+ f_len = BN_num_bytes(rsa->n);
276+ spcf_bn2bin_ex(I, &f, &f_len);
277+ spcf_bn2bin(rsa->p, &p, &p_len);
278+ spcf_bn2bin(rsa->q, &q, &q_len);
279+ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len);
280+ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len);
281+ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len);
282 /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
283- if (bn2crparam(rsa->p, &kop.crk_param[0]))
284- goto err;
285- if (bn2crparam(rsa->q, &kop.crk_param[1]))
286- goto err;
287- if (bn2crparam(I, &kop.crk_param[2]))
288- goto err;
289- if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
290- goto err;
291- if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
292- goto err;
293- if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
294- goto err;
295+ kop.crk_param[0].crp_p = p;
296+ kop.crk_param[0].crp_nbits = p_len * 8;
297+ kop.crk_param[1].crp_p = q;
298+ kop.crk_param[1].crp_nbits = q_len * 8;
299+ kop.crk_param[2].crp_p = f;
300+ kop.crk_param[2].crp_nbits = f_len * 8;
301+ kop.crk_param[3].crp_p = dp;
302+ kop.crk_param[3].crp_nbits = p_len * 8;
303+ /* dq must of length q, rest all of length p*/
304+ kop.crk_param[4].crp_p = dq;
305+ kop.crk_param[4].crp_nbits = q_len * 8;
306+ kop.crk_param[5].crp_p = c;
307+ kop.crk_param[5].crp_nbits = p_len * 8;
308 kop.crk_iparams = 6;
309
310 if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
311@@ -1317,90 +1429,117 @@ static RSA_METHOD cryptodev_rsa = {
312 NULL /* rsa_verify */
313 };
314
315-static int
316-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
317- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
318-{
319- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
320-}
321-
322-static int
323-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
324- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
325- BN_CTX *ctx, BN_MONT_CTX *mont)
326+static DSA_SIG *
327+cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
328 {
329- BIGNUM t2;
330- int ret = 0;
331-
332- BN_init(&t2);
333-
334- /* v = ( g^u1 * y^u2 mod p ) mod q */
335- /* let t1 = g ^ u1 mod p */
336- ret = 0;
337+ struct crypt_kop kop;
338+ BIGNUM *c = NULL, *d = NULL;
339+ DSA_SIG *dsaret = NULL;
340+ int q_len = 0, r_len = 0, g_len = 0;
341+ int priv_key_len = 0, ret;
342+ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL;
343
344- if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont))
345+ memset(&kop, 0, sizeof kop);
346+ if ((c = BN_new()) == NULL) {
347+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
348 goto err;
349+ }
350
351- /* let t2 = y ^ u2 mod p */
352- if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont))
353+ if ((d = BN_new()) == NULL) {
354+ BN_free(c);
355+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
356 goto err;
357- /* let u1 = t1 * t2 mod p */
358- if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx))
359+ }
360+
361+ if (spcf_bn2bin(dsa->p, &q, &q_len)) {
362+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
363 goto err;
364+ }
365
366- BN_copy(t1,u1);
367+ /* Get order of the field of private keys into plain buffer */
368+ if (spcf_bn2bin (dsa->q, &r, &r_len)) {
369+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
370+ goto err;
371+ }
372
373- ret = 1;
374-err:
375- BN_free(&t2);
376- return(ret);
377-}
378+ /* sanity test */
379+ if (dlen > r_len) {
380+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
381+ goto err;
382+ }
383
384-static DSA_SIG *
385-cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
386-{
387- struct crypt_kop kop;
388- BIGNUM *r = NULL, *s = NULL;
389- DSA_SIG *dsaret = NULL;
390+ g_len = q_len;
391+ /**
392+ * Get generator into a plain buffer. If length is less than
393+ * q_len then add leading padding bytes.
394+ */
395+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) {
396+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
397+ goto err;
398+ }
399
400- if ((r = BN_new()) == NULL)
401+ priv_key_len = r_len;
402+ /**
403+ * Get private key into a plain buffer. If length is less than
404+ * r_len then add leading padding bytes.
405+ */
406+ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) {
407+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
408 goto err;
409- if ((s = BN_new()) == NULL) {
410- BN_free(r);
411+ }
412+
413+ /* Allocate memory to store hash. */
414+ f = OPENSSL_malloc (r_len);
415+ if (!f) {
416+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
417 goto err;
418 }
419
420- memset(&kop, 0, sizeof kop);
421+ /* Add padding, since SEC expects hash to of size r_len */
422+ if (dlen < r_len)
423+ memset(f, 0, r_len - dlen);
424+
425+ /* Skip leading bytes if dgst_len < r_len */
426+ memcpy(f + r_len - dlen, dgst, dlen);
427+
428 kop.crk_op = CRK_DSA_SIGN;
429
430 /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
431- kop.crk_param[0].crp_p = (caddr_t)dgst;
432- kop.crk_param[0].crp_nbits = dlen * 8;
433- if (bn2crparam(dsa->p, &kop.crk_param[1]))
434- goto err;
435- if (bn2crparam(dsa->q, &kop.crk_param[2]))
436- goto err;
437- if (bn2crparam(dsa->g, &kop.crk_param[3]))
438- goto err;
439- if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
440- goto err;
441+ kop.crk_param[0].crp_p = (void*)f;
442+ kop.crk_param[0].crp_nbits = r_len * 8;
443+ kop.crk_param[1].crp_p = (void*)q;
444+ kop.crk_param[1].crp_nbits = q_len * 8;
445+ kop.crk_param[2].crp_p = (void*)r;
446+ kop.crk_param[2].crp_nbits = r_len * 8;
447+ kop.crk_param[3].crp_p = (void*)g;
448+ kop.crk_param[3].crp_nbits = g_len * 8;
449+ kop.crk_param[4].crp_p = (void*)priv_key;
450+ kop.crk_param[4].crp_nbits = priv_key_len * 8;
451 kop.crk_iparams = 5;
452
453- if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
454- BN_num_bytes(dsa->q), s) == 0) {
455- dsaret = DSA_SIG_new();
456- dsaret->r = r;
457- dsaret->s = s;
458- } else {
459- const DSA_METHOD *meth = DSA_OpenSSL();
460- BN_free(r);
461- BN_free(s);
462- dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
463+ ret = cryptodev_asym(&kop, r_len, c, r_len, d);
464+
465+ if (ret) {
466+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DECODE_ERROR);
467+ goto err;
468 }
469-err:
470- kop.crk_param[0].crp_p = NULL;
471+
472+ dsaret = DSA_SIG_new();
473+ dsaret->r = c;
474+ dsaret->s = d;
475+
476 zapparams(&kop);
477 return (dsaret);
478+err:
479+ {
480+ const DSA_METHOD *meth = DSA_OpenSSL();
481+ if (c)
482+ BN_free(c);
483+ if (d)
484+ BN_free(d);
485+ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
486+ return (dsaret);
487+ }
488 }
489
490 static int
491@@ -1408,42 +1547,179 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
492 DSA_SIG *sig, DSA *dsa)
493 {
494 struct crypt_kop kop;
495- int dsaret = 1;
496+ int dsaret = 1, q_len = 0, r_len = 0, g_len = 0;
497+ int w_len = 0 ,c_len = 0, d_len = 0, ret = -1;
498+ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL;
499+ unsigned char * c = NULL, * d = NULL, *f = NULL;
500
501 memset(&kop, 0, sizeof kop);
502 kop.crk_op = CRK_DSA_VERIFY;
503
504- /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
505- kop.crk_param[0].crp_p = (caddr_t)dgst;
506- kop.crk_param[0].crp_nbits = dlen * 8;
507- if (bn2crparam(dsa->p, &kop.crk_param[1]))
508+ if (spcf_bn2bin(dsa->p, &q, &q_len)) {
509+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
510+ return ret;
511+ }
512+
513+ /* Get Order of field of private keys */
514+ if (spcf_bn2bin(dsa->q, &r, &r_len)) {
515+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
516 goto err;
517- if (bn2crparam(dsa->q, &kop.crk_param[2]))
518+ }
519+
520+ g_len = q_len;
521+ /**
522+ * Get generator into a plain buffer. If length is less than
523+ * q_len then add leading padding bytes.
524+ */
525+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) {
526+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
527 goto err;
528- if (bn2crparam(dsa->g, &kop.crk_param[3]))
529+ }
530+ w_len = q_len;
531+ /**
532+ * Get public key into a plain buffer. If length is less than
533+ * q_len then add leading padding bytes.
534+ */
535+ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) {
536+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
537+ goto err;
538+ }
539+ /**
540+ * Get the 1st part of signature into a flat buffer with
541+ * appropriate padding
542+ */
543+ c_len = r_len;
544+
545+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) {
546+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
547 goto err;
548- if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
549+ }
550+
551+ /**
552+ * Get the 2nd part of signature into a flat buffer with
553+ * appropriate padding
554+ */
555+ d_len = r_len;
556+
557+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) {
558+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
559 goto err;
560- if (bn2crparam(sig->r, &kop.crk_param[5]))
561+ }
562+
563+
564+ /* Sanity test */
565+ if (dlen > r_len) {
566+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
567 goto err;
568- if (bn2crparam(sig->s, &kop.crk_param[6]))
569+ }
570+
571+ /* Allocate memory to store hash. */
572+ f = OPENSSL_malloc (r_len);
573+ if (!f) {
574+ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
575 goto err;
576+ }
577+
578+ /* Add padding, since SEC expects hash to of size r_len */
579+ if (dlen < r_len)
580+ memset(f, 0, r_len - dlen);
581+
582+ /* Skip leading bytes if dgst_len < r_len */
583+ memcpy(f + r_len - dlen, dgst, dlen);
584+
585+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
586+ kop.crk_param[0].crp_p = (void*)f;
587+ kop.crk_param[0].crp_nbits = r_len * 8;
588+ kop.crk_param[1].crp_p = q;
589+ kop.crk_param[1].crp_nbits = q_len * 8;
590+ kop.crk_param[2].crp_p = r;
591+ kop.crk_param[2].crp_nbits = r_len * 8;
592+ kop.crk_param[3].crp_p = g;
593+ kop.crk_param[3].crp_nbits = g_len * 8;
594+ kop.crk_param[4].crp_p = w;
595+ kop.crk_param[4].crp_nbits = w_len * 8;
596+ kop.crk_param[5].crp_p = c;
597+ kop.crk_param[5].crp_nbits = c_len * 8;
598+ kop.crk_param[6].crp_p = d;
599+ kop.crk_param[6].crp_nbits = d_len * 8;
600 kop.crk_iparams = 7;
601
602- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
603-/*OCF success value is 0, if not zero, change dsaret to fail*/
604- if(0 != kop.crk_status) dsaret = 0;
605- } else {
606- const DSA_METHOD *meth = DSA_OpenSSL();
607+ if ((cryptodev_asym(&kop, 0, NULL, 0, NULL))) {
608+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR);
609+ goto err;
610+ }
611
612- dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
613+ /*OCF success value is 0, if not zero, change dsaret to fail*/
614+ if(0 != kop.crk_status) {
615+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR);
616+ goto err;
617 }
618-err:
619- kop.crk_param[0].crp_p = NULL;
620+
621 zapparams(&kop);
622 return (dsaret);
623+err:
624+ {
625+ const DSA_METHOD *meth = DSA_OpenSSL();
626+
627+ dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
628+ }
629+ return dsaret;
630 }
631
632+/* Cryptodev DSA Key Gen routine */
633+static int cryptodev_dsa_keygen(DSA *dsa)
634+{
635+ struct crypt_kop kop;
636+ int ret = 1, g_len;
637+ unsigned char *g = NULL;
638+
639+ if (dsa->priv_key == NULL) {
640+ if ((dsa->priv_key=BN_new()) == NULL)
641+ goto sw_try;
642+ }
643+
644+ if (dsa->pub_key == NULL) {
645+ if ((dsa->pub_key=BN_new()) == NULL)
646+ goto sw_try;
647+ }
648+
649+ g_len = BN_num_bytes(dsa->p);
650+ /**
651+ * Get generator into a plain buffer. If length is less than
652+ * p_len then add leading padding bytes.
653+ */
654+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) {
655+ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
656+ goto sw_try;
657+ }
658+
659+ memset(&kop, 0, sizeof kop);
660+
661+ kop.crk_op = CRK_DSA_GENERATE_KEY;
662+ if (bn2crparam(dsa->p, &kop.crk_param[0]))
663+ goto sw_try;
664+ if (bn2crparam(dsa->q, &kop.crk_param[1]))
665+ goto sw_try;
666+ kop.crk_param[2].crp_p = g;
667+ kop.crk_param[2].crp_nbits = g_len * 8;
668+ kop.crk_iparams = 3;
669+
670+ /* pub_key is or prime length while priv key is of length of order */
671+ if (cryptodev_asym(&kop, BN_num_bytes(dsa->p), dsa->pub_key,
672+ BN_num_bytes(dsa->q), dsa->priv_key))
673+ goto sw_try;
674+
675+ return ret;
676+sw_try:
677+ {
678+ const DSA_METHOD *meth = DSA_OpenSSL();
679+ ret = (meth->dsa_keygen)(dsa);
680+ }
681+ return ret;
682+}
683+
684+
685+
686 static DSA_METHOD cryptodev_dsa = {
687 "cryptodev DSA method",
688 NULL,
689@@ -1457,12 +1733,543 @@ static DSA_METHOD cryptodev_dsa = {
690 NULL /* app_data */
691 };
692
693-static int
694-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
695- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
696- BN_MONT_CTX *m_ctx)
697+static ECDSA_METHOD cryptodev_ecdsa = {
698+ "cryptodev ECDSA method",
699+ NULL,
700+ NULL, /* ecdsa_sign_setup */
701+ NULL,
702+ NULL,
703+ 0, /* flags */
704+ NULL /* app_data */
705+};
706+
707+typedef enum ec_curve_s
708+{
709+ EC_PRIME,
710+ EC_BINARY
711+} ec_curve_t;
712+
713+/* ENGINE handler for ECDSA Sign */
714+static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst,
715+ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
716 {
717- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
718+ BIGNUM *m = NULL, *p = NULL, *a = NULL;
719+ BIGNUM *b = NULL, *x = NULL, *y = NULL;
720+ BN_CTX *ctx = NULL;
721+ ECDSA_SIG *ret = NULL;
722+ ECDSA_DATA *ecdsa = NULL;
723+ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL;
724+ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL;
725+ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0;
726+ int g_len = 0, d_len = 0, ab_len = 0;
727+ const BIGNUM *order = NULL, *priv_key=NULL;
728+ const EC_GROUP *group = NULL;
729+ struct crypt_kop kop;
730+ ec_curve_t ec_crv = EC_PRIME;
731+
732+ memset(&kop, 0, sizeof(kop));
733+ ecdsa = ecdsa_check(eckey);
734+ if (!ecdsa) {
735+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
736+ return NULL;
737+ }
738+
739+ group = EC_KEY_get0_group(eckey);
740+ priv_key = EC_KEY_get0_private_key(eckey);
741+
742+ if (!group || !priv_key) {
743+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
744+ return NULL;
745+ }
746+
747+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL ||
748+ (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
749+ (p = BN_new()) == NULL || (x = BN_new()) == NULL ||
750+ (y = BN_new()) == NULL) {
751+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
752+ goto err;
753+ }
754+
755+ order = &group->order;
756+ if (!order || BN_is_zero(order)) {
757+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS);
758+ goto err;
759+ }
760+
761+ i = BN_num_bits(order);
762+ /* Need to truncate digest if it is too long: first truncate whole
763+ bytes */
764+ if (8 * dgst_len > i)
765+ dgst_len = (i + 7)/8;
766+
767+ if (!BN_bin2bn(dgst, dgst_len, m)) {
768+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
769+ goto err;
770+ }
771+
772+ /* If still too long truncate remaining bits with a shift */
773+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
774+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
775+ goto err;
776+ }
777+
778+ /* copy the truncated bits into plain buffer */
779+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) {
780+ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__);
781+ goto err;
782+ }
783+
784+ ret = ECDSA_SIG_new();
785+ if (!ret) {
786+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
787+ goto err;
788+ }
789+
790+ /* check if this is prime or binary EC request */
791+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
792+ ec_crv = EC_PRIME;
793+ /* get the generator point pair */
794+ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group),
795+ x, y,ctx)) {
796+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
797+ goto err;
798+ }
799+
800+ /* get the ECC curve parameters */
801+ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) {
802+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
803+ goto err;
804+ }
805+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) {
806+ ec_crv = EC_BINARY;
807+ /* get the ECC curve parameters */
808+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) {
809+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
810+ goto err;
811+ }
812+
813+ /* get the generator point pair */
814+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
815+ EC_GROUP_get0_generator(group), x, y,ctx)) {
816+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
817+ goto err;
818+ }
819+ } else {
820+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
821+ goto err;
822+ }
823+
824+ if (spcf_bn2bin(order, &r, &r_len)) {
825+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
826+ goto err;
827+ }
828+
829+ if (spcf_bn2bin(p, &q, &q_len)) {
830+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
831+ goto err;
832+ }
833+
834+ priv_key_len = r_len;
835+
836+ /**
837+ * If BN_num_bytes of priv_key returns less then r_len then
838+ * add padding bytes before the key
839+ */
840+ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) {
841+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
842+ goto err;
843+ }
844+
845+ /* Generation of ECC curve parameters */
846+ ab_len = 2*q_len;
847+ ab = eng_copy_curve_points(a, b, ab_len, q_len);
848+ if (!ab) {
849+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
850+ goto err;
851+ }
852+
853+ if (ec_crv == EC_BINARY) {
854+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len))
855+ {
856+ unsigned char *c_temp = NULL;
857+ int c_temp_len = q_len;
858+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len))
859+ memcpy(ab+q_len, c_temp, q_len);
860+ else
861+ goto err;
862+ }
863+ kop.curve_type = ECC_BINARY;
864+ }
865+
866+ /* Calculation of Generator point */
867+ g_len = 2*q_len;
868+ g_xy = eng_copy_curve_points(x, y, g_len, q_len);
869+ if (!g_xy) {
870+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
871+ goto err;
872+ }
873+
874+ /* Memory allocation for first part of digital signature */
875+ c = malloc(r_len);
876+ if (!c) {
877+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
878+ goto err;
879+ }
880+
881+ d_len = r_len;
882+
883+ /* Memory allocation for second part of digital signature */
884+ d = malloc(d_len);
885+ if (!d) {
886+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
887+ goto err;
888+ }
889+
890+ /* memory for message representative */
891+ f = malloc(r_len);
892+ if (!f) {
893+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
894+ goto err;
895+ }
896+
897+ /* Add padding, since SEC expects hash to of size r_len */
898+ memset(f, 0, r_len - dgst_len);
899+
900+ /* Skip leading bytes if dgst_len < r_len */
901+ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len);
902+
903+ dgst_len += r_len - dgst_len;
904+ kop.crk_op = CRK_DSA_SIGN;
905+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
906+ kop.crk_param[0].crp_p = f;
907+ kop.crk_param[0].crp_nbits = dgst_len * 8;
908+ kop.crk_param[1].crp_p = q;
909+ kop.crk_param[1].crp_nbits = q_len * 8;
910+ kop.crk_param[2].crp_p = r;
911+ kop.crk_param[2].crp_nbits = r_len * 8;
912+ kop.crk_param[3].crp_p = g_xy;
913+ kop.crk_param[3].crp_nbits = g_len * 8;
914+ kop.crk_param[4].crp_p = s;
915+ kop.crk_param[4].crp_nbits = priv_key_len * 8;
916+ kop.crk_param[5].crp_p = ab;
917+ kop.crk_param[5].crp_nbits = ab_len * 8;
918+ kop.crk_iparams = 6;
919+ kop.crk_param[6].crp_p = c;
920+ kop.crk_param[6].crp_nbits = d_len * 8;
921+ kop.crk_param[7].crp_p = d;
922+ kop.crk_param[7].crp_nbits = d_len * 8;
923+ kop.crk_oparams = 2;
924+
925+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
926+ /* Check if ret->r and s needs to allocated */
927+ crparam2bn(&kop.crk_param[6], ret->r);
928+ crparam2bn(&kop.crk_param[7], ret->s);
929+ } else {
930+ const ECDSA_METHOD *meth = ECDSA_OpenSSL();
931+ ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey);
932+ }
933+ kop.crk_param[0].crp_p = NULL;
934+ zapparams(&kop);
935+err:
936+ if (!ret) {
937+ ECDSA_SIG_free(ret);
938+ ret = NULL;
939+ }
940+ return ret;
941+}
942+
943+static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len,
944+ ECDSA_SIG *sig, EC_KEY *eckey)
945+{
946+ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL;
947+ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL;
948+ BN_CTX *ctx = NULL;
949+ ECDSA_DATA *ecdsa = NULL;
950+ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL;
951+ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL;
952+ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0;
953+ int d_len = 0, ab_len = 0, ret = -1;
954+ const EC_POINT *pub_key = NULL;
955+ const BIGNUM *order = NULL;
956+ const EC_GROUP *group=NULL;
957+ ec_curve_t ec_crv = EC_PRIME;
958+ struct crypt_kop kop;
959+
960+ memset(&kop, 0, sizeof kop);
961+ ecdsa = ecdsa_check(eckey);
962+ if (!ecdsa) {
963+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
964+ return ret;
965+ }
966+
967+ group = EC_KEY_get0_group(eckey);
968+ pub_key = EC_KEY_get0_public_key(eckey);
969+
970+ if (!group || !pub_key) {
971+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
972+ return ret;
973+ }
974+
975+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL ||
976+ (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
977+ (p = BN_new()) == NULL || (x = BN_new()) == NULL ||
978+ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL ||
979+ (w_y = BN_new()) == NULL) {
980+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
981+ goto err;
982+ }
983+
984+ order = &group->order;
985+ if (!order || BN_is_zero(order)) {
986+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
987+ goto err;
988+ }
989+
990+ i = BN_num_bits(order);
991+ /* Need to truncate digest if it is too long: first truncate whole
992+ * bytes */
993+ if (8 * dgst_len > i)
994+ dgst_len = (i + 7)/8;
995+
996+ if (!BN_bin2bn(dgst, dgst_len, m)) {
997+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
998+ goto err;
999+ }
1000+
1001+ /* If still too long truncate remaining bits with a shift */
1002+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
1003+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
1004+ goto err;
1005+ }
1006+ /* copy the truncated bits into plain buffer */
1007+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) {
1008+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1009+ goto err;
1010+ }
1011+
1012+ /* check if this is prime or binary EC request */
1013+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
1014+ ec_crv = EC_PRIME;
1015+
1016+ /* get the generator point pair */
1017+ if (!EC_POINT_get_affine_coordinates_GFp (group,
1018+ EC_GROUP_get0_generator(group), x, y,ctx)) {
1019+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1020+ goto err;
1021+ }
1022+
1023+ /* get the public key pair for prime curve */
1024+ if (!EC_POINT_get_affine_coordinates_GFp (group,
1025+ pub_key, w_x, w_y,ctx)) {
1026+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1027+ goto err;
1028+ }
1029+
1030+ /* get the ECC curve parameters */
1031+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) {
1032+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1033+ goto err;
1034+ }
1035+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){
1036+ ec_crv = EC_BINARY;
1037+ /* get the ECC curve parameters */
1038+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) {
1039+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1040+ goto err;
1041+ }
1042+
1043+ /* get the generator point pair */
1044+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1045+ EC_GROUP_get0_generator(group),x, y,ctx)) {
1046+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1047+ goto err;
1048+ }
1049+
1050+ /* get the public key pair for binary curve */
1051+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1052+ pub_key, w_x, w_y,ctx)) {
1053+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1054+ goto err;
1055+ }
1056+ }else {
1057+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1058+ goto err;
1059+ }
1060+
1061+ /* Get the order of the subgroup of private keys */
1062+ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) {
1063+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1064+ goto err;
1065+ }
1066+
1067+ /* Get the irreducible polynomial that creates the field */
1068+ if (spcf_bn2bin(p, &q, &q_len)) {
1069+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1070+ goto err;
1071+ }
1072+
1073+ /* Get the public key into a flat buffer with appropriate padding */
1074+ pub_key_len = 2 * q_len;
1075+
1076+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len);
1077+ if (!w_xy) {
1078+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1079+ goto err;
1080+ }
1081+
1082+ /* Generation of ECC curve parameters */
1083+ ab_len = 2*q_len;
1084+
1085+ ab = eng_copy_curve_points (a, b, ab_len, q_len);
1086+ if (!ab) {
1087+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1088+ goto err;
1089+ }
1090+
1091+ if (ec_crv == EC_BINARY) {
1092+ /* copy b' i.e c(b), instead of only b */
1093+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len))
1094+ {
1095+ unsigned char *c_temp = NULL;
1096+ int c_temp_len = q_len;
1097+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len))
1098+ memcpy(ab+q_len, c_temp, q_len);
1099+ else
1100+ goto err;
1101+ }
1102+ kop.curve_type = ECC_BINARY;
1103+ }
1104+
1105+ /* Calculation of Generator point */
1106+ g_len = 2 * q_len;
1107+
1108+ g_xy = eng_copy_curve_points (x, y, g_len, q_len);
1109+ if (!g_xy) {
1110+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1111+ goto err;
1112+ }
1113+
1114+ /**
1115+ * Get the 1st part of signature into a flat buffer with
1116+ * appropriate padding
1117+ */
1118+ if (BN_num_bytes(sig->r) < r_len)
1119+ c_len = r_len;
1120+
1121+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) {
1122+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1123+ goto err;
1124+ }
1125+
1126+ /**
1127+ * Get the 2nd part of signature into a flat buffer with
1128+ * appropriate padding
1129+ */
1130+ if (BN_num_bytes(sig->s) < r_len)
1131+ d_len = r_len;
1132+
1133+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) {
1134+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1135+ goto err;
1136+ }
1137+
1138+ /* memory for message representative */
1139+ f = malloc(r_len);
1140+ if (!f) {
1141+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1142+ goto err;
1143+ }
1144+
1145+ /* Add padding, since SEC expects hash to of size r_len */
1146+ memset(f, 0, r_len-dgst_len);
1147+
1148+ /* Skip leading bytes if dgst_len < r_len */
1149+ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len);
1150+ dgst_len += r_len-dgst_len;
1151+ kop.crk_op = CRK_DSA_VERIFY;
1152+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
1153+ kop.crk_param[0].crp_p = f;
1154+ kop.crk_param[0].crp_nbits = dgst_len * 8;
1155+ kop.crk_param[1].crp_p = q;
1156+ kop.crk_param[1].crp_nbits = q_len * 8;
1157+ kop.crk_param[2].crp_p = r;
1158+ kop.crk_param[2].crp_nbits = r_len * 8;
1159+ kop.crk_param[3].crp_p = g_xy;
1160+ kop.crk_param[3].crp_nbits = g_len * 8;
1161+ kop.crk_param[4].crp_p = w_xy;
1162+ kop.crk_param[4].crp_nbits = pub_key_len * 8;
1163+ kop.crk_param[5].crp_p = ab;
1164+ kop.crk_param[5].crp_nbits = ab_len * 8;
1165+ kop.crk_param[6].crp_p = c;
1166+ kop.crk_param[6].crp_nbits = d_len * 8;
1167+ kop.crk_param[7].crp_p = d;
1168+ kop.crk_param[7].crp_nbits = d_len * 8;
1169+ kop.crk_iparams = 8;
1170+
1171+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
1172+ /*OCF success value is 0, if not zero, change ret to fail*/
1173+ if(0 == kop.crk_status)
1174+ ret = 1;
1175+ } else {
1176+ const ECDSA_METHOD *meth = ECDSA_OpenSSL();
1177+
1178+ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey);
1179+ }
1180+ kop.crk_param[0].crp_p = NULL;
1181+ zapparams(&kop);
1182+
1183+err:
1184+ return ret;
1185+}
1186+
1187+static int cryptodev_dh_keygen(DH *dh)
1188+{
1189+ struct crypt_kop kop;
1190+ int ret = 1, g_len;
1191+ unsigned char *g = NULL;
1192+
1193+ if (dh->priv_key == NULL) {
1194+ if ((dh->priv_key=BN_new()) == NULL)
1195+ goto sw_try;
1196+ }
1197+
1198+ if (dh->pub_key == NULL) {
1199+ if ((dh->pub_key=BN_new()) == NULL)
1200+ goto sw_try;
1201+ }
1202+
1203+ g_len = BN_num_bytes(dh->p);
1204+ /**
1205+ * Get generator into a plain buffer. If length is less than
1206+ * q_len then add leading padding bytes.
1207+ */
1208+ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) {
1209+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
1210+ goto sw_try;
1211+ }
1212+
1213+ memset(&kop, 0, sizeof kop);
1214+ kop.crk_op = CRK_DH_GENERATE_KEY;
1215+ if (bn2crparam(dh->p, &kop.crk_param[0]))
1216+ goto sw_try;
1217+ if (bn2crparam(dh->q, &kop.crk_param[1]))
1218+ goto sw_try;
1219+ kop.crk_param[2].crp_p = g;
1220+ kop.crk_param[2].crp_nbits = g_len * 8;
1221+ kop.crk_iparams = 3;
1222+
1223+ /* pub_key is or prime length while priv key is of length of order */
1224+ if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key,
1225+ BN_num_bytes(dh->q), dh->priv_key))
1226+ goto sw_try;
1227+
1228+ return ret;
1229+sw_try:
1230+ {
1231+ const DH_METHOD *meth = DH_OpenSSL();
1232+ ret = (meth->generate_key)(dh);
1233+ }
1234+ return ret;
1235 }
1236
1237 static int
1238@@ -1470,43 +2277,234 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
1239 {
1240 struct crypt_kop kop;
1241 int dhret = 1;
1242- int fd, keylen;
1243+ int fd, p_len;
1244+ BIGNUM *temp = NULL;
1245+ unsigned char *padded_pub_key = NULL, *p = NULL;
1246+
1247+ if ((fd = get_asym_dev_crypto()) < 0)
1248+ goto sw_try;
1249+
1250+ memset(&kop, 0, sizeof kop);
1251+ kop.crk_op = CRK_DH_COMPUTE_KEY;
1252+ /* inputs: dh->priv_key pub_key dh->p key */
1253+ spcf_bn2bin(dh->p, &p, &p_len);
1254+ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len);
1255+ if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
1256+ goto sw_try;
1257+
1258+ kop.crk_param[1].crp_p = padded_pub_key;
1259+ kop.crk_param[1].crp_nbits = p_len * 8;
1260+ kop.crk_param[2].crp_p = p;
1261+ kop.crk_param[2].crp_nbits = p_len * 8;
1262+ kop.crk_iparams = 3;
1263+ kop.crk_param[3].crp_p = (void*) key;
1264+ kop.crk_param[3].crp_nbits = p_len * 8;
1265+ kop.crk_oparams = 1;
1266+ dhret = p_len;
1267+
1268+ if (ioctl(fd, CIOCKEY, &kop))
1269+ goto sw_try;
1270
1271- if ((fd = get_asym_dev_crypto()) < 0) {
1272+ if ((temp = BN_new())) {
1273+ if (!BN_bin2bn(key, p_len, temp)) {
1274+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
1275+ goto sw_try;
1276+ }
1277+ if (dhret > BN_num_bytes(temp))
1278+ dhret=BN_bn2bin(temp,key);
1279+ BN_free(temp);
1280+ }
1281+
1282+ kop.crk_param[3].crp_p = NULL;
1283+ zapparams(&kop);
1284+ return (dhret);
1285+sw_try:
1286+ {
1287 const DH_METHOD *meth = DH_OpenSSL();
1288
1289- return ((meth->compute_key)(key, pub_key, dh));
1290+ dhret = (meth->compute_key)(key, pub_key, dh);
1291 }
1292+ return (dhret);
1293+}
1294
1295- keylen = BN_num_bits(dh->p);
1296+int cryptodev_ecdh_compute_key(void *out, size_t outlen,
1297+ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen,
1298+ void *out, size_t *outlen))
1299+{
1300+ ec_curve_t ec_crv = EC_PRIME;
1301+ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL;
1302+ BIGNUM * w_x = NULL, *w_y = NULL;
1303+ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0;
1304+ BIGNUM * p = NULL, *a = NULL, *b = NULL;
1305+ BN_CTX *ctx;
1306+ EC_POINT *tmp=NULL;
1307+ BIGNUM *x=NULL, *y=NULL;
1308+ const BIGNUM *priv_key;
1309+ const EC_GROUP* group = NULL;
1310+ int ret = -1;
1311+ size_t buflen, len;
1312+ struct crypt_kop kop;
1313
1314 memset(&kop, 0, sizeof kop);
1315- kop.crk_op = CRK_DH_COMPUTE_KEY;
1316
1317- /* inputs: dh->priv_key pub_key dh->p key */
1318- if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
1319+ if ((ctx = BN_CTX_new()) == NULL) goto err;
1320+ BN_CTX_start(ctx);
1321+ x = BN_CTX_get(ctx);
1322+ y = BN_CTX_get(ctx);
1323+ p = BN_CTX_get(ctx);
1324+ a = BN_CTX_get(ctx);
1325+ b = BN_CTX_get(ctx);
1326+ w_x = BN_CTX_get(ctx);
1327+ w_y = BN_CTX_get(ctx);
1328+
1329+ if (!x || !y || !p || !a || !b || !w_x || !w_y) {
1330+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
1331 goto err;
1332- if (bn2crparam(pub_key, &kop.crk_param[1]))
1333+ }
1334+
1335+ priv_key = EC_KEY_get0_private_key(ecdh);
1336+ if (priv_key == NULL) {
1337+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
1338 goto err;
1339- if (bn2crparam(dh->p, &kop.crk_param[2]))
1340+ }
1341+
1342+ group = EC_KEY_get0_group(ecdh);
1343+ if ((tmp=EC_POINT_new(group)) == NULL) {
1344+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
1345 goto err;
1346- kop.crk_iparams = 3;
1347+ }
1348
1349- kop.crk_param[3].crp_p = (caddr_t) key;
1350- kop.crk_param[3].crp_nbits = keylen * 8;
1351- kop.crk_oparams = 1;
1352+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
1353+ NID_X9_62_prime_field) {
1354+ ec_crv = EC_PRIME;
1355
1356- if (ioctl(fd, CIOCKEY, &kop) == -1) {
1357- const DH_METHOD *meth = DH_OpenSSL();
1358+ if (!EC_POINT_get_affine_coordinates_GFp(group,
1359+ EC_GROUP_get0_generator(group), x, y, ctx)) {
1360+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
1361+ goto err;
1362+ }
1363
1364- dhret = (meth->compute_key)(key, pub_key, dh);
1365+ /* get the ECC curve parameters */
1366+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) {
1367+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1368+ goto err;
1369+ }
1370+
1371+ /* get the public key pair for prime curve */
1372+ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) {
1373+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1374+ goto err;
1375+ }
1376+ } else {
1377+ ec_crv = EC_BINARY;
1378+
1379+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1380+ EC_GROUP_get0_generator(group), x, y, ctx)) {
1381+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
1382+ goto err;
1383+ }
1384+
1385+ /* get the ECC curve parameters */
1386+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) {
1387+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1388+ goto err;
1389+ }
1390+
1391+ /* get the public key pair for binary curve */
1392+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1393+ pub_key, w_x, w_y,ctx)) {
1394+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1395+ goto err;
1396+ }
1397+ }
1398+
1399+ /* irreducible polynomial that creates the field */
1400+ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) {
1401+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1402+ goto err;
1403+ }
1404+
1405+ /* Get the irreducible polynomial that creates the field */
1406+ if (spcf_bn2bin(p, &q, &q_len)) {
1407+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1408+ goto err;
1409 }
1410+
1411+ /* Get the public key into a flat buffer with appropriate padding */
1412+ pub_key_len = 2 * q_len;
1413+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len);
1414+ if (!w_xy) {
1415+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1416+ goto err;
1417+ }
1418+
1419+ /* Generation of ECC curve parameters */
1420+ ab_len = 2*q_len;
1421+ ab = eng_copy_curve_points (a, b, ab_len, q_len);
1422+ if (!ab) {
1423+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1424+ goto err;
1425+ }
1426+
1427+ if (ec_crv == EC_BINARY) {
1428+ /* copy b' i.e c(b), instead of only b */
1429+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len))
1430+ {
1431+ unsigned char *c_temp = NULL;
1432+ int c_temp_len = q_len;
1433+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len))
1434+ memcpy(ab+q_len, c_temp, q_len);
1435+ else
1436+ goto err;
1437+ }
1438+ kop.curve_type = ECC_BINARY;
1439+ } else
1440+ kop.curve_type = ECC_PRIME;
1441+
1442+ priv_key_len = r_len;
1443+
1444+ /*
1445+ * If BN_num_bytes of priv_key returns less then r_len then
1446+ * add padding bytes before the key
1447+ */
1448+ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) {
1449+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1450+ goto err;
1451+ }
1452+
1453+ buflen = (EC_GROUP_get_degree(group) + 7)/8;
1454+ len = BN_num_bytes(x);
1455+ if (len > buflen || q_len < buflen) {
1456+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR);
1457+ goto err;
1458+ }
1459+
1460+ kop.crk_op = CRK_DH_COMPUTE_KEY;
1461+ kop.crk_param[0].crp_p = (void*) s;
1462+ kop.crk_param[0].crp_nbits = priv_key_len*8;
1463+ kop.crk_param[1].crp_p = (void*) w_xy;
1464+ kop.crk_param[1].crp_nbits = pub_key_len*8;
1465+ kop.crk_param[2].crp_p = (void*) q;
1466+ kop.crk_param[2].crp_nbits = q_len*8;
1467+ kop.crk_param[3].crp_p = (void*) ab;
1468+ kop.crk_param[3].crp_nbits = ab_len*8;
1469+ kop.crk_iparams = 4;
1470+ kop.crk_param[4].crp_p = (void*) out;
1471+ kop.crk_param[4].crp_nbits = q_len*8;
1472+ kop.crk_oparams = 1;
1473+ ret = q_len;
1474+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL)) {
1475+ const ECDH_METHOD *meth = ECDH_OpenSSL();
1476+ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF);
1477+ } else
1478+ ret = q_len;
1479 err:
1480- kop.crk_param[3].crp_p = NULL;
1481+ kop.crk_param[4].crp_p = NULL;
1482 zapparams(&kop);
1483- return (dhret);
1484+ return ret;
1485 }
1486
1487+
1488 static DH_METHOD cryptodev_dh = {
1489 "cryptodev DH method",
1490 NULL, /* cryptodev_dh_generate_key */
1491@@ -1518,6 +2516,14 @@ static DH_METHOD cryptodev_dh = {
1492 NULL /* app_data */
1493 };
1494
1495+static ECDH_METHOD cryptodev_ecdh = {
1496+ "cryptodev ECDH method",
1497+ NULL, /* cryptodev_ecdh_compute_key */
1498+ NULL,
1499+ 0, /* flags */
1500+ NULL /* app_data */
1501+};
1502+
1503 /*
1504 * ctrl right now is just a wrapper that doesn't do much
1505 * but I expect we'll want some options soon.
1506@@ -1602,25 +2608,42 @@ ENGINE_load_cryptodev(void)
1507 memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
1508 if (cryptodev_asymfeat & CRF_DSA_SIGN)
1509 cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
1510- if (cryptodev_asymfeat & CRF_MOD_EXP) {
1511- cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
1512- cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
1513- }
1514 if (cryptodev_asymfeat & CRF_DSA_VERIFY)
1515 cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
1516+ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY)
1517+ cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen;
1518 }
1519
1520 if (ENGINE_set_DH(engine, &cryptodev_dh)){
1521 const DH_METHOD *dh_meth = DH_OpenSSL();
1522+ memcpy(&cryptodev_dh, dh_meth, sizeof(DH_METHOD));
1523+ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) {
1524+ cryptodev_dh.compute_key =
1525+ cryptodev_dh_compute_key;
1526+ }
1527+ if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) {
1528+ cryptodev_dh.generate_key =
1529+ cryptodev_dh_keygen;
1530+ }
1531+ }
1532
1533- cryptodev_dh.generate_key = dh_meth->generate_key;
1534- cryptodev_dh.compute_key = dh_meth->compute_key;
1535- cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
1536- if (cryptodev_asymfeat & CRF_MOD_EXP) {
1537- cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
1538- if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
1539- cryptodev_dh.compute_key =
1540- cryptodev_dh_compute_key;
1541+ if (ENGINE_set_ECDSA(engine, &cryptodev_ecdsa)) {
1542+ const ECDSA_METHOD *meth = ECDSA_OpenSSL();
1543+ memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD));
1544+ if (cryptodev_asymfeat & CRF_DSA_SIGN) {
1545+ cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign;
1546+ }
1547+ if (cryptodev_asymfeat & CRF_DSA_VERIFY) {
1548+ cryptodev_ecdsa.ecdsa_do_verify =
1549+ cryptodev_ecdsa_verify;
1550+ }
1551+ }
1552+
1553+ if (ENGINE_set_ECDH(engine, &cryptodev_ecdh)) {
1554+ const ECDH_METHOD *ecdh_meth = ECDH_OpenSSL();
1555+ memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD));
1556+ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) {
1557+ cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key;
1558 }
1559 }
1560
1561--
15621.7.9.7
1563
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch
new file mode 100644
index 000000000..afe9f7cf8
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0007-Added-hwrng-dev-file-as-source-of-RNG.patch
@@ -0,0 +1,28 @@
1From 6ee6f7acad9824244b32ac23248f1d12f2c2b201 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Tue, 11 Mar 2014 06:42:59 +0545
4Subject: [PATCH][fsl 07/15] Added hwrng dev file as source of RNG
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9---
10 e_os.h | 2 +-
11 1 file changed, 1 insertion(+), 1 deletion(-)
12
13diff --git a/e_os.h b/e_os.h
14index 6a0aad1..57c0563 100644
15--- a/e_os.h
16+++ b/e_os.h
17@@ -79,7 +79,7 @@ extern "C" {
18 #ifndef DEVRANDOM
19 /* set this to a comma-separated list of 'random' device files to try out.
20 * My default, we will try to read at least one of these files */
21-#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"
22+#define DEVRANDOM "/dev/hwrng","/dev/urandom","/dev/random","/dev/srandom"
23 #endif
24 #ifndef DEVRANDOM_EGD
25 /* set this to a comma-seperated list of 'egd' sockets to try out. These
26--
271.7.9.7
28
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch
new file mode 100644
index 000000000..d8b5d9527
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch
@@ -0,0 +1,2039 @@
1From 68f8054c5a1f72e40884782d2d548892406d6049 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Tue, 11 Mar 2014 07:14:30 +0545
4Subject: [PATCH][fsl 08/15] Asynchronous interface added for PKC cryptodev
5 interface
6
7Upstream-status: Pending
8
9Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
10---
11 crypto/crypto.h | 16 +
12 crypto/dh/dh.h | 4 +-
13 crypto/dsa/dsa.h | 5 +
14 crypto/ecdh/ech_locl.h | 3 +
15 crypto/ecdsa/ecs_locl.h | 5 +
16 crypto/engine/eng_cryptodev.c | 1578 +++++++++++++++++++++++++++++++++++++----
17 crypto/engine/eng_int.h | 24 +-
18 crypto/engine/eng_lib.c | 46 ++
19 crypto/engine/engine.h | 24 +
20 crypto/rsa/rsa.h | 23 +
21 10 files changed, 1582 insertions(+), 146 deletions(-)
22
23diff --git a/crypto/crypto.h b/crypto/crypto.h
24index f92fc51..ce12731 100644
25--- a/crypto/crypto.h
26+++ b/crypto/crypto.h
27@@ -605,6 +605,22 @@ void ERR_load_CRYPTO_strings(void);
28 #define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
29 #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
30
31+/* Additions for Asynchronous PKC Infrastructure */
32+struct pkc_cookie_s {
33+ void *cookie; /* To be filled by openssl library primitive method function caller */
34+ void *eng_cookie; /* To be filled by Engine */
35+ /*
36+ * Callback handler to be provided by caller. Ensure to pass a
37+ * handler which takes the crypto operation to completion.
38+ * cookie: Container cookie from library
39+ * status: Status of the crypto Job completion.
40+ * 0: Job handled without any issue
41+ * -EINVAL: Parameters Invalid
42+ */
43+ void (*pkc_callback)(struct pkc_cookie_s *cookie, int status);
44+ void *eng_handle;
45+};
46+
47 #ifdef __cplusplus
48 }
49 #endif
50diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
51index ea59e61..20ffad2 100644
52--- a/crypto/dh/dh.h
53+++ b/crypto/dh/dh.h
54@@ -118,7 +118,9 @@ struct dh_method
55 int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
56 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
57 BN_MONT_CTX *m_ctx); /* Can be null */
58-
59+ int (*compute_key_async)(unsigned char *key,const BIGNUM *pub_key,DH *dh,
60+ struct pkc_cookie_s *cookie);
61+ int (*generate_key_async)(DH *dh, struct pkc_cookie_s *cookie);
62 int (*init)(DH *dh);
63 int (*finish)(DH *dh);
64 int flags;
65diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
66index a6f6d0b..b04a029 100644
67--- a/crypto/dsa/dsa.h
68+++ b/crypto/dsa/dsa.h
69@@ -140,6 +140,10 @@ struct dsa_method
70 int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
71 const BIGNUM *m, BN_CTX *ctx,
72 BN_MONT_CTX *m_ctx); /* Can be null */
73+ int (*dsa_do_sign_async)(const unsigned char *dgst, int dlen, DSA *dsa,
74+ DSA_SIG *sig, struct pkc_cookie_s *cookie);
75+ int (*dsa_do_verify_async)(const unsigned char *dgst, int dgst_len,
76+ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie);
77 int (*init)(DSA *dsa);
78 int (*finish)(DSA *dsa);
79 int flags;
80@@ -151,6 +155,7 @@ struct dsa_method
81 BN_GENCB *cb);
82 /* If this is non-NULL, it is used to generate DSA keys */
83 int (*dsa_keygen)(DSA *dsa);
84+ int (*dsa_keygen_async)(DSA *dsa, struct pkc_cookie_s *cookie);
85 };
86
87 struct dsa_st
88diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h
89index f6cad6a..adce6b3 100644
90--- a/crypto/ecdh/ech_locl.h
91+++ b/crypto/ecdh/ech_locl.h
92@@ -67,6 +67,9 @@ struct ecdh_method
93 const char *name;
94 int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
95 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
96+ int (*compute_key_async)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
97+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen),
98+ struct pkc_cookie_s *cookie);
99 #if 0
100 int (*init)(EC_KEY *eckey);
101 int (*finish)(EC_KEY *eckey);
102diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h
103index cb3be13..eb0ebe0 100644
104--- a/crypto/ecdsa/ecs_locl.h
105+++ b/crypto/ecdsa/ecs_locl.h
106@@ -74,6 +74,11 @@ struct ecdsa_method
107 BIGNUM **r);
108 int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
109 const ECDSA_SIG *sig, EC_KEY *eckey);
110+ int (*ecdsa_do_sign_async)(const unsigned char *dgst, int dgst_len,
111+ const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey,
112+ ECDSA_SIG *sig, struct pkc_cookie_s *cookie);
113+ int (*ecdsa_do_verify_async)(const unsigned char *dgst, int dgst_len,
114+ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie);
115 #if 0
116 int (*init)(EC_KEY *eckey);
117 int (*finish)(EC_KEY *eckey);
118diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
119index 88caec1..c5e8fb3 100644
120--- a/crypto/engine/eng_cryptodev.c
121+++ b/crypto/engine/eng_cryptodev.c
122@@ -1248,6 +1248,56 @@ zapparams(struct crypt_kop *kop)
123 }
124 }
125
126+/* Any PKC request has at max 2 output parameters and they are stored here to
127+be used while copying in the check availability */
128+struct cryptodev_cookie_s {
129+ BIGNUM *r;
130+ struct crparam r_param;
131+ BIGNUM *s;
132+ struct crparam s_param;
133+ struct crypt_kop *kop;
134+};
135+
136+static int
137+cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
138+ BIGNUM *s)
139+{
140+ int fd;
141+ struct pkc_cookie_s *cookie = kop->cookie;
142+ struct cryptodev_cookie_s *eng_cookie;
143+
144+ fd = *(int *)cookie->eng_handle;
145+
146+ eng_cookie = malloc(sizeof(struct cryptodev_cookie_s));
147+
148+ if (eng_cookie) {
149+ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s));
150+ if (r) {
151+ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
152+ if (!kop->crk_param[kop->crk_iparams].crp_p)
153+ return -ENOMEM;
154+ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
155+ kop->crk_oparams++;
156+ eng_cookie->r = r;
157+ eng_cookie->r_param = kop->crk_param[kop->crk_iparams];
158+ }
159+ if (s) {
160+ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char));
161+ if (!kop->crk_param[kop->crk_iparams+1].crp_p)
162+ return -ENOMEM;
163+ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8;
164+ kop->crk_oparams++;
165+ eng_cookie->s = s;
166+ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1];
167+ }
168+ } else
169+ return -ENOMEM;
170+
171+ eng_cookie->kop = kop;
172+ cookie->eng_cookie = eng_cookie;
173+ return ioctl(fd, CIOCASYMASYNCRYPT, kop);
174+}
175+
176 static int
177 cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
178 {
179@@ -1304,6 +1354,44 @@ void *cryptodev_init_instance(void)
180 return fd;
181 }
182
183+#include <poll.h>
184+
185+/* Return 0 on success and 1 on failure */
186+int cryptodev_check_availability(void *eng_handle)
187+{
188+ int fd = *(int *)eng_handle;
189+ struct pkc_cookie_list_s cookie_list;
190+ struct pkc_cookie_s *cookie;
191+ int i;
192+
193+ /* FETCH COOKIE returns number of cookies extracted */
194+ if (ioctl(fd, CIOCASYMFETCHCOOKIE, &cookie_list) <= 0)
195+ return 1;
196+
197+ for (i = 0; i < cookie_list.cookie_available; i++) {
198+ cookie = cookie_list.cookie[i];
199+ if (cookie) {
200+ struct cryptodev_cookie_s *eng_cookie = cookie->eng_cookie;
201+ if (eng_cookie) {
202+ struct crypt_kop *kop = eng_cookie->kop;
203+
204+ if (eng_cookie->r)
205+ crparam2bn(&eng_cookie->r_param, eng_cookie->r);
206+ if (eng_cookie->s)
207+ crparam2bn(&eng_cookie->s_param, eng_cookie->s);
208+ if (kop->crk_op == CRK_DH_COMPUTE_KEY)
209+ kop->crk_oparams = 0;
210+
211+ zapparams(eng_cookie->kop);
212+ free(eng_cookie->kop);
213+ free (eng_cookie);
214+ }
215+ cookie->pkc_callback(cookie, cookie_list.status[i]);
216+ }
217+ }
218+ return 0;
219+}
220+
221 static int
222 cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
223 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
224@@ -1349,6 +1437,63 @@ err:
225 }
226
227 static int
228+cryptodev_bn_mod_exp_async(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
229+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, struct pkc_cookie_s *cookie)
230+{
231+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
232+ int ret = 1;
233+
234+ /* Currently, we know we can do mod exp iff we can do any
235+ * asymmetric operations at all.
236+ */
237+ if (cryptodev_asymfeat == 0 || !kop) {
238+ ret = BN_mod_exp(r, a, p, m, ctx);
239+ return (ret);
240+ }
241+
242+ kop->crk_oparams = 0;
243+ kop->crk_status = 0;
244+ kop->crk_op = CRK_MOD_EXP;
245+ kop->cookie = cookie;
246+ /* inputs: a^p % m */
247+ if (bn2crparam(a, &kop->crk_param[0]))
248+ goto err;
249+ if (bn2crparam(p, &kop->crk_param[1]))
250+ goto err;
251+ if (bn2crparam(m, &kop->crk_param[2]))
252+ goto err;
253+
254+ kop->crk_iparams = 3;
255+ if (cryptodev_asym_async(kop, BN_num_bytes(m), r, 0, NULL))
256+ goto err;
257+
258+ return ret;
259+err:
260+ {
261+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
262+
263+ if (kop)
264+ free(kop);
265+ ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
266+ if (ret)
267+ /* Call the completion handler immediately */
268+ cookie->pkc_callback(cookie, 0);
269+ }
270+ return ret;
271+}
272+
273+static int
274+cryptodev_rsa_nocrt_mod_exp_async(BIGNUM *r0, const BIGNUM *I,
275+ RSA *rsa, BN_CTX *ctx, struct pkc_cookie_s *cookie)
276+{
277+ int r;
278+ ctx = BN_CTX_new();
279+ r = cryptodev_bn_mod_exp_async(r0, I, rsa->d, rsa->n, ctx, NULL, cookie);
280+ BN_CTX_free(ctx);
281+ return r;
282+}
283+
284+static int
285 cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
286 {
287 int r;
288@@ -1413,6 +1558,62 @@ err:
289 return (ret);
290 }
291
292+static int
293+cryptodev_rsa_mod_exp_async(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx,
294+ struct pkc_cookie_s *cookie)
295+{
296+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
297+ int ret = 1, f_len, p_len, q_len;
298+ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL;
299+
300+ if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp || !kop) {
301+ return (0);
302+ }
303+
304+ kop->crk_oparams = 0;
305+ kop->crk_status = 0;
306+ kop->crk_op = CRK_MOD_EXP_CRT;
307+ f_len = BN_num_bytes(rsa->n);
308+ spcf_bn2bin_ex(I, &f, &f_len);
309+ spcf_bn2bin(rsa->p, &p, &p_len);
310+ spcf_bn2bin(rsa->q, &q, &q_len);
311+ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len);
312+ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len);
313+ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len);
314+ /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
315+ kop->crk_param[0].crp_p = p;
316+ kop->crk_param[0].crp_nbits = p_len * 8;
317+ kop->crk_param[1].crp_p = q;
318+ kop->crk_param[1].crp_nbits = q_len * 8;
319+ kop->crk_param[2].crp_p = f;
320+ kop->crk_param[2].crp_nbits = f_len * 8;
321+ kop->crk_param[3].crp_p = dp;
322+ kop->crk_param[3].crp_nbits = p_len * 8;
323+ /* dq must of length q, rest all of length p*/
324+ kop->crk_param[4].crp_p = dq;
325+ kop->crk_param[4].crp_nbits = q_len * 8;
326+ kop->crk_param[5].crp_p = c;
327+ kop->crk_param[5].crp_nbits = p_len * 8;
328+ kop->crk_iparams = 6;
329+ kop->cookie = cookie;
330+ if (cryptodev_asym_async(kop, BN_num_bytes(rsa->n), r0, 0, NULL))
331+ goto err;
332+
333+ return ret;
334+err:
335+ {
336+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
337+
338+ if (kop)
339+ free(kop);
340+ ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
341+ if (ret)
342+ /* Call user completion handler immediately */
343+ cookie->pkc_callback(cookie, 0);
344+ }
345+ return (ret);
346+}
347+
348 static RSA_METHOD cryptodev_rsa = {
349 "cryptodev RSA method",
350 NULL, /* rsa_pub_enc */
351@@ -1421,6 +1622,12 @@ static RSA_METHOD cryptodev_rsa = {
352 NULL, /* rsa_priv_dec */
353 NULL,
354 NULL,
355+ NULL, /* rsa_pub_enc */
356+ NULL, /* rsa_pub_dec */
357+ NULL, /* rsa_priv_enc */
358+ NULL, /* rsa_priv_dec */
359+ NULL,
360+ NULL,
361 NULL, /* init */
362 NULL, /* finish */
363 0, /* flags */
364@@ -1718,126 +1925,424 @@ sw_try:
365 return ret;
366 }
367
368+/* Cryptodev DSA Key Gen routine */
369+static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie)
370+{
371+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
372+ int ret = 1, g_len;
373+ unsigned char *g = NULL;
374
375+ if (!kop)
376+ goto sw_try;
377
378-static DSA_METHOD cryptodev_dsa = {
379- "cryptodev DSA method",
380- NULL,
381- NULL, /* dsa_sign_setup */
382- NULL,
383- NULL, /* dsa_mod_exp */
384- NULL,
385- NULL, /* init */
386- NULL, /* finish */
387- 0, /* flags */
388- NULL /* app_data */
389-};
390+ if (dsa->priv_key == NULL) {
391+ if ((dsa->priv_key=BN_new()) == NULL)
392+ goto sw_try;
393+ }
394
395-static ECDSA_METHOD cryptodev_ecdsa = {
396- "cryptodev ECDSA method",
397- NULL,
398- NULL, /* ecdsa_sign_setup */
399- NULL,
400- NULL,
401- 0, /* flags */
402- NULL /* app_data */
403-};
404+ if (dsa->pub_key == NULL) {
405+ if ((dsa->pub_key=BN_new()) == NULL)
406+ goto sw_try;
407+ }
408
409-typedef enum ec_curve_s
410-{
411- EC_PRIME,
412- EC_BINARY
413-} ec_curve_t;
414+ g_len = BN_num_bytes(dsa->p);
415+ /**
416+ * Get generator into a plain buffer. If length is less than
417+ * q_len then add leading padding bytes.
418+ */
419+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) {
420+ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
421+ goto sw_try;
422+ }
423
424-/* ENGINE handler for ECDSA Sign */
425-static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst,
426- int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
427-{
428- BIGNUM *m = NULL, *p = NULL, *a = NULL;
429- BIGNUM *b = NULL, *x = NULL, *y = NULL;
430- BN_CTX *ctx = NULL;
431- ECDSA_SIG *ret = NULL;
432- ECDSA_DATA *ecdsa = NULL;
433- unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL;
434- unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL;
435- int i = 0, q_len = 0, priv_key_len = 0, r_len = 0;
436- int g_len = 0, d_len = 0, ab_len = 0;
437- const BIGNUM *order = NULL, *priv_key=NULL;
438- const EC_GROUP *group = NULL;
439- struct crypt_kop kop;
440- ec_curve_t ec_crv = EC_PRIME;
441+ memset(kop, 0, sizeof(struct crypt_kop));
442+ kop->crk_op = CRK_DSA_GENERATE_KEY;
443+ if (bn2crparam(dsa->p, &kop->crk_param[0]))
444+ goto sw_try;
445+ if (bn2crparam(dsa->q, &kop->crk_param[1]))
446+ goto sw_try;
447+ kop->crk_param[2].crp_p = g;
448+ kop->crk_param[2].crp_nbits = g_len * 8;
449+ kop->crk_iparams = 3;
450+ kop->cookie = cookie;
451
452- memset(&kop, 0, sizeof(kop));
453- ecdsa = ecdsa_check(eckey);
454- if (!ecdsa) {
455- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
456- return NULL;
457+ /* pub_key is or prime length while priv key is of length of order */
458+ if (cryptodev_asym_async(kop, BN_num_bytes(dsa->p), dsa->pub_key,
459+ BN_num_bytes(dsa->q), dsa->priv_key))
460+ goto sw_try;
461+
462+ return ret;
463+sw_try:
464+ {
465+ const DSA_METHOD *meth = DSA_OpenSSL();
466+
467+ if (kop)
468+ free(kop);
469+ ret = (meth->dsa_keygen)(dsa);
470+ cookie->pkc_callback(cookie, 0);
471 }
472+ return ret;
473+}
474
475- group = EC_KEY_get0_group(eckey);
476- priv_key = EC_KEY_get0_private_key(eckey);
477+static int
478+cryptodev_dsa_do_sign_async(const unsigned char *dgst, int dlen, DSA *dsa,
479+ DSA_SIG *sig, struct pkc_cookie_s *cookie)
480+{
481+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
482+ DSA_SIG *dsaret = NULL;
483+ int q_len = 0, r_len = 0, g_len = 0;
484+ int priv_key_len = 0, ret = 1;
485+ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL;
486
487- if (!group || !priv_key) {
488- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
489- return NULL;
490+ if (((sig->r = BN_new()) == NULL) || !kop) {
491+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
492+ goto err;
493 }
494
495- if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL ||
496- (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
497- (p = BN_new()) == NULL || (x = BN_new()) == NULL ||
498- (y = BN_new()) == NULL) {
499- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
500+ if ((sig->s = BN_new()) == NULL) {
501+ BN_free(sig->r);
502+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
503 goto err;
504 }
505
506- order = &group->order;
507- if (!order || BN_is_zero(order)) {
508- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS);
509+ if (spcf_bn2bin(dsa->p, &q, &q_len)) {
510+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
511 goto err;
512 }
513
514- i = BN_num_bits(order);
515- /* Need to truncate digest if it is too long: first truncate whole
516- bytes */
517- if (8 * dgst_len > i)
518- dgst_len = (i + 7)/8;
519+ /* Get order of the field of private keys into plain buffer */
520+ if (spcf_bn2bin (dsa->q, &r, &r_len)) {
521+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
522+ goto err;
523+ }
524
525- if (!BN_bin2bn(dgst, dgst_len, m)) {
526- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
527+ /* sanity test */
528+ if (dlen > r_len) {
529+ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
530 goto err;
531 }
532
533- /* If still too long truncate remaining bits with a shift */
534- if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
535- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
536+ g_len = q_len;
537+ /**
538+ * Get generator into a plain buffer. If length is less than
539+ * q_len then add leading padding bytes.
540+ */
541+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) {
542+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
543 goto err;
544 }
545
546- /* copy the truncated bits into plain buffer */
547- if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) {
548- fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__);
549+ priv_key_len = r_len;
550+ /**
551+ * Get private key into a plain buffer. If length is less than
552+ * r_len then add leading padding bytes.
553+ */
554+ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) {
555+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
556 goto err;
557 }
558
559- ret = ECDSA_SIG_new();
560- if (!ret) {
561- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
562+ /* Allocate memory to store hash. */
563+ f = OPENSSL_malloc (r_len);
564+ if (!f) {
565+ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
566 goto err;
567 }
568
569- /* check if this is prime or binary EC request */
570- if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
571- ec_crv = EC_PRIME;
572- /* get the generator point pair */
573- if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group),
574- x, y,ctx)) {
575- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
576- goto err;
577- }
578+ /* Add padding, since SEC expects hash to of size r_len */
579+ if (dlen < r_len)
580+ memset(f, 0, r_len - dlen);
581
582- /* get the ECC curve parameters */
583- if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) {
584- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
585+ /* Skip leading bytes if dgst_len < r_len */
586+ memcpy(f + r_len - dlen, dgst, dlen);
587+
588+ dlen = r_len;
589+
590+ memset(kop, 0, sizeof( struct crypt_kop));
591+ kop->crk_op = CRK_DSA_SIGN;
592+
593+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
594+ kop->crk_param[0].crp_p = (void*)f;
595+ kop->crk_param[0].crp_nbits = dlen * 8;
596+ kop->crk_param[1].crp_p = (void*)q;
597+ kop->crk_param[1].crp_nbits = q_len * 8;
598+ kop->crk_param[2].crp_p = (void*)r;
599+ kop->crk_param[2].crp_nbits = r_len * 8;
600+ kop->crk_param[3].crp_p = (void*)g;
601+ kop->crk_param[3].crp_nbits = g_len * 8;
602+ kop->crk_param[4].crp_p = (void*)priv_key;
603+ kop->crk_param[4].crp_nbits = priv_key_len * 8;
604+ kop->crk_iparams = 5;
605+ kop->cookie = cookie;
606+
607+ if (cryptodev_asym_async(kop, r_len, sig->r, r_len, sig->s))
608+ goto err;
609+
610+ return ret;
611+err:
612+ {
613+ const DSA_METHOD *meth = DSA_OpenSSL();
614+
615+ if (kop)
616+ free(kop);
617+ BN_free(sig->r);
618+ BN_free(sig->s);
619+ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
620+ sig->r = dsaret->r;
621+ sig->s = dsaret->s;
622+ /* Call user callback immediately */
623+ cookie->pkc_callback(cookie, 0);
624+ ret = dsaret;
625+ }
626+ return ret;
627+}
628+
629+static int
630+cryptodev_dsa_verify_async(const unsigned char *dgst, int dlen,
631+ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie)
632+{
633+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
634+ int q_len = 0, r_len = 0, g_len = 0;
635+ int w_len = 0 ,c_len = 0, d_len = 0, ret = 1;
636+ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL;
637+ unsigned char *c = NULL, * d = NULL, *f = NULL;
638+
639+ if (!kop)
640+ goto err;
641+
642+ if (spcf_bn2bin(dsa->p, &q, &q_len)) {
643+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
644+ return ret;
645+ }
646+
647+ /* Get Order of field of private keys */
648+ if (spcf_bn2bin(dsa->q, &r, &r_len)) {
649+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
650+ goto err;
651+ }
652+
653+ g_len = q_len;
654+ /**
655+ * Get generator into a plain buffer. If length is less than
656+ * q_len then add leading padding bytes.
657+ */
658+ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) {
659+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
660+ goto err;
661+ }
662+ w_len = q_len;
663+ /**
664+ * Get public key into a plain buffer. If length is less than
665+ * q_len then add leading padding bytes.
666+ */
667+ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) {
668+ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
669+ goto err;
670+ }
671+ /**
672+ * Get the 1st part of signature into a flat buffer with
673+ * appropriate padding
674+ */
675+ c_len = r_len;
676+
677+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) {
678+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
679+ goto err;
680+ }
681+
682+ /**
683+ * Get the 2nd part of signature into a flat buffer with
684+ * appropriate padding
685+ */
686+ d_len = r_len;
687+
688+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) {
689+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
690+ goto err;
691+ }
692+
693+
694+ /* Sanity test */
695+ if (dlen > r_len) {
696+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
697+ goto err;
698+ }
699+
700+ /* Allocate memory to store hash. */
701+ f = OPENSSL_malloc (r_len);
702+ if (!f) {
703+ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
704+ goto err;
705+ }
706+
707+ /* Add padding, since SEC expects hash to of size r_len */
708+ if (dlen < r_len)
709+ memset(f, 0, r_len - dlen);
710+
711+ /* Skip leading bytes if dgst_len < r_len */
712+ memcpy(f + r_len - dlen, dgst, dlen);
713+
714+ dlen = r_len;
715+ memset(kop, 0, sizeof(struct crypt_kop));
716+
717+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
718+ kop->crk_param[0].crp_p = (void*)f;
719+ kop->crk_param[0].crp_nbits = dlen * 8;
720+ kop->crk_param[1].crp_p = q;
721+ kop->crk_param[1].crp_nbits = q_len * 8;
722+ kop->crk_param[2].crp_p = r;
723+ kop->crk_param[2].crp_nbits = r_len * 8;
724+ kop->crk_param[3].crp_p = g;
725+ kop->crk_param[3].crp_nbits = g_len * 8;
726+ kop->crk_param[4].crp_p = w;
727+ kop->crk_param[4].crp_nbits = w_len * 8;
728+ kop->crk_param[5].crp_p = c;
729+ kop->crk_param[5].crp_nbits = c_len * 8;
730+ kop->crk_param[6].crp_p = d;
731+ kop->crk_param[6].crp_nbits = d_len * 8;
732+ kop->crk_iparams = 7;
733+ kop->crk_op = CRK_DSA_VERIFY;
734+ kop->cookie = cookie;
735+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL))
736+ goto err;
737+
738+ return ret;
739+err:
740+ {
741+ const DSA_METHOD *meth = DSA_OpenSSL();
742+
743+ if (kop)
744+ free(kop);
745+
746+ ret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
747+ cookie->pkc_callback(cookie, 0);
748+ }
749+ return ret;
750+}
751+
752+static DSA_METHOD cryptodev_dsa = {
753+ "cryptodev DSA method",
754+ NULL,
755+ NULL, /* dsa_sign_setup */
756+ NULL,
757+ NULL, /* dsa_mod_exp */
758+ NULL,
759+ NULL,
760+ NULL,
761+ NULL,
762+ NULL, /* init */
763+ NULL, /* finish */
764+ 0, /* flags */
765+ NULL /* app_data */
766+};
767+
768+static ECDSA_METHOD cryptodev_ecdsa = {
769+ "cryptodev ECDSA method",
770+ NULL,
771+ NULL, /* ecdsa_sign_setup */
772+ NULL,
773+ NULL,
774+ NULL,
775+ NULL,
776+ 0, /* flags */
777+ NULL /* app_data */
778+};
779+
780+typedef enum ec_curve_s
781+{
782+ EC_PRIME,
783+ EC_BINARY
784+} ec_curve_t;
785+
786+/* ENGINE handler for ECDSA Sign */
787+static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst,
788+ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
789+{
790+ BIGNUM *m = NULL, *p = NULL, *a = NULL;
791+ BIGNUM *b = NULL, *x = NULL, *y = NULL;
792+ BN_CTX *ctx = NULL;
793+ ECDSA_SIG *ret = NULL;
794+ ECDSA_DATA *ecdsa = NULL;
795+ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL;
796+ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL;
797+ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0;
798+ int g_len = 0, d_len = 0, ab_len = 0;
799+ const BIGNUM *order = NULL, *priv_key=NULL;
800+ const EC_GROUP *group = NULL;
801+ struct crypt_kop kop;
802+ ec_curve_t ec_crv = EC_PRIME;
803+
804+ memset(&kop, 0, sizeof(kop));
805+ ecdsa = ecdsa_check(eckey);
806+ if (!ecdsa) {
807+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
808+ return NULL;
809+ }
810+
811+ group = EC_KEY_get0_group(eckey);
812+ priv_key = EC_KEY_get0_private_key(eckey);
813+
814+ if (!group || !priv_key) {
815+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
816+ return NULL;
817+ }
818+
819+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL ||
820+ (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
821+ (p = BN_new()) == NULL || (x = BN_new()) == NULL ||
822+ (y = BN_new()) == NULL) {
823+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
824+ goto err;
825+ }
826+
827+ order = &group->order;
828+ if (!order || BN_is_zero(order)) {
829+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS);
830+ goto err;
831+ }
832+
833+ i = BN_num_bits(order);
834+ /* Need to truncate digest if it is too long: first truncate whole
835+ bytes */
836+ if (8 * dgst_len > i)
837+ dgst_len = (i + 7)/8;
838+
839+ if (!BN_bin2bn(dgst, dgst_len, m)) {
840+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
841+ goto err;
842+ }
843+
844+ /* If still too long truncate remaining bits with a shift */
845+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
846+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
847+ goto err;
848+ }
849+
850+ /* copy the truncated bits into plain buffer */
851+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) {
852+ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__);
853+ goto err;
854+ }
855+
856+ ret = ECDSA_SIG_new();
857+ if (!ret) {
858+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
859+ goto err;
860+ }
861+
862+ /* check if this is prime or binary EC request */
863+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
864+ ec_crv = EC_PRIME;
865+ /* get the generator point pair */
866+ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group),
867+ x, y,ctx)) {
868+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
869+ goto err;
870+ }
871+
872+ /* get the ECC curve parameters */
873+ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) {
874+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
875 goto err;
876 }
877 } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) {
878@@ -2162,63 +2667,581 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len,
879 }
880
881 /**
882- * Get the 2nd part of signature into a flat buffer with
883- * appropriate padding
884+ * Get the 2nd part of signature into a flat buffer with
885+ * appropriate padding
886+ */
887+ if (BN_num_bytes(sig->s) < r_len)
888+ d_len = r_len;
889+
890+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) {
891+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
892+ goto err;
893+ }
894+
895+ /* memory for message representative */
896+ f = malloc(r_len);
897+ if (!f) {
898+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
899+ goto err;
900+ }
901+
902+ /* Add padding, since SEC expects hash to of size r_len */
903+ memset(f, 0, r_len-dgst_len);
904+
905+ /* Skip leading bytes if dgst_len < r_len */
906+ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len);
907+ dgst_len += r_len-dgst_len;
908+ kop.crk_op = CRK_DSA_VERIFY;
909+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
910+ kop.crk_param[0].crp_p = f;
911+ kop.crk_param[0].crp_nbits = dgst_len * 8;
912+ kop.crk_param[1].crp_p = q;
913+ kop.crk_param[1].crp_nbits = q_len * 8;
914+ kop.crk_param[2].crp_p = r;
915+ kop.crk_param[2].crp_nbits = r_len * 8;
916+ kop.crk_param[3].crp_p = g_xy;
917+ kop.crk_param[3].crp_nbits = g_len * 8;
918+ kop.crk_param[4].crp_p = w_xy;
919+ kop.crk_param[4].crp_nbits = pub_key_len * 8;
920+ kop.crk_param[5].crp_p = ab;
921+ kop.crk_param[5].crp_nbits = ab_len * 8;
922+ kop.crk_param[6].crp_p = c;
923+ kop.crk_param[6].crp_nbits = d_len * 8;
924+ kop.crk_param[7].crp_p = d;
925+ kop.crk_param[7].crp_nbits = d_len * 8;
926+ kop.crk_iparams = 8;
927+
928+ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
929+ /*OCF success value is 0, if not zero, change ret to fail*/
930+ if(0 == kop.crk_status)
931+ ret = 1;
932+ } else {
933+ const ECDSA_METHOD *meth = ECDSA_OpenSSL();
934+
935+ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey);
936+ }
937+ kop.crk_param[0].crp_p = NULL;
938+ zapparams(&kop);
939+
940+err:
941+ return ret;
942+}
943+
944+static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst,
945+ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey,
946+ ECDSA_SIG *sig, struct pkc_cookie_s *cookie)
947+{
948+ BIGNUM *m = NULL, *p = NULL, *a = NULL;
949+ BIGNUM *b = NULL, *x = NULL, *y = NULL;
950+ BN_CTX *ctx = NULL;
951+ ECDSA_SIG *sig_ret = NULL;
952+ ECDSA_DATA *ecdsa = NULL;
953+ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL;
954+ unsigned char * s = NULL, *f = NULL, *tmp_dgst = NULL;
955+ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0;
956+ int g_len = 0, ab_len = 0, ret = 1;
957+ const BIGNUM *order = NULL, *priv_key=NULL;
958+ const EC_GROUP *group = NULL;
959+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
960+ ec_curve_t ec_crv = EC_PRIME;
961+
962+ if (!(sig->r = BN_new()) || !kop)
963+ goto err;
964+ if ((sig->s = BN_new()) == NULL) {
965+ BN_free(r);
966+ goto err;
967+ }
968+
969+ memset(kop, 0, sizeof(struct crypt_kop));
970+ ecdsa = ecdsa_check(eckey);
971+ if (!ecdsa) {
972+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
973+ goto err;
974+ }
975+
976+ group = EC_KEY_get0_group(eckey);
977+ priv_key = EC_KEY_get0_private_key(eckey);
978+
979+ if (!group || !priv_key) {
980+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
981+ goto err;
982+ }
983+
984+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL ||
985+ (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
986+ (p = BN_new()) == NULL || (x = BN_new()) == NULL ||
987+ (y = BN_new()) == NULL) {
988+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
989+ goto err;
990+ }
991+
992+ order = &group->order;
993+ if (!order || BN_is_zero(order)) {
994+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS);
995+ goto err;
996+ }
997+
998+ i = BN_num_bits(order);
999+ /* Need to truncate digest if it is too long: first truncate whole
1000+ bytes */
1001+ if (8 * dgst_len > i)
1002+ dgst_len = (i + 7)/8;
1003+
1004+ if (!BN_bin2bn(dgst, dgst_len, m)) {
1005+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
1006+ goto err;
1007+ }
1008+
1009+ /* If still too long truncate remaining bits with a shift */
1010+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
1011+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
1012+ goto err;
1013+ }
1014+
1015+ /* copy the truncated bits into plain buffer */
1016+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) {
1017+ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__);
1018+ goto err;
1019+ }
1020+
1021+ /* check if this is prime or binary EC request */
1022+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group))
1023+ == NID_X9_62_prime_field) {
1024+ ec_crv = EC_PRIME;
1025+ /* get the generator point pair */
1026+ if (!EC_POINT_get_affine_coordinates_GFp (group,
1027+ EC_GROUP_get0_generator(group), x, y,ctx)) {
1028+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1029+ goto err;
1030+ }
1031+
1032+ /* get the ECC curve parameters */
1033+ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) {
1034+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1035+ goto err;
1036+ }
1037+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) {
1038+ ec_crv = EC_BINARY;
1039+ /* get the ECC curve parameters */
1040+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) {
1041+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1042+ goto err;
1043+ }
1044+
1045+ /* get the generator point pair */
1046+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1047+ EC_GROUP_get0_generator(group), x, y,ctx)) {
1048+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1049+ goto err;
1050+ }
1051+ } else {
1052+ printf("Unsupported Curve\n");
1053+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1054+ goto err;
1055+ }
1056+
1057+ if (spcf_bn2bin(order, &r, &r_len)) {
1058+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1059+ goto err;
1060+ }
1061+
1062+ if (spcf_bn2bin(p, &q, &q_len)) {
1063+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1064+ goto err;
1065+ }
1066+
1067+ priv_key_len = r_len;
1068+
1069+ /**
1070+ * If BN_num_bytes of priv_key returns less then r_len then
1071+ * add padding bytes before the key
1072+ */
1073+ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) {
1074+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1075+ goto err;
1076+ }
1077+
1078+ /* Generation of ECC curve parameters */
1079+ ab_len = 2*q_len;
1080+ ab = eng_copy_curve_points(a, b, ab_len, q_len);
1081+ if (!ab) {
1082+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1083+ goto err;
1084+ }
1085+
1086+ if (ec_crv == EC_BINARY) {
1087+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len))
1088+ {
1089+ unsigned char *c_temp = NULL;
1090+ int c_temp_len = q_len;
1091+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len))
1092+ memcpy(ab+q_len, c_temp, q_len);
1093+ else
1094+ goto err;
1095+ }
1096+ kop->curve_type = ECC_BINARY;
1097+ }
1098+
1099+ /* Calculation of Generator point */
1100+ g_len = 2*q_len;
1101+ g_xy = eng_copy_curve_points(x, y, g_len, q_len);
1102+ if (!g_xy) {
1103+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1104+ goto err;
1105+ }
1106+
1107+ /* memory for message representative */
1108+ f = malloc(r_len);
1109+ if (!f) {
1110+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1111+ goto err;
1112+ }
1113+
1114+ /* Add padding, since SEC expects hash to of size r_len */
1115+ memset(f, 0, r_len - dgst_len);
1116+
1117+ /* Skip leading bytes if dgst_len < r_len */
1118+ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len);
1119+
1120+ dgst_len += r_len - dgst_len;
1121+
1122+ kop->crk_op = CRK_DSA_SIGN;
1123+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
1124+ kop->crk_param[0].crp_p = f;
1125+ kop->crk_param[0].crp_nbits = dgst_len * 8;
1126+ kop->crk_param[1].crp_p = q;
1127+ kop->crk_param[1].crp_nbits = q_len * 8;
1128+ kop->crk_param[2].crp_p = r;
1129+ kop->crk_param[2].crp_nbits = r_len * 8;
1130+ kop->crk_param[3].crp_p = g_xy;
1131+ kop->crk_param[3].crp_nbits = g_len * 8;
1132+ kop->crk_param[4].crp_p = s;
1133+ kop->crk_param[4].crp_nbits = priv_key_len * 8;
1134+ kop->crk_param[5].crp_p = ab;
1135+ kop->crk_param[5].crp_nbits = ab_len * 8;
1136+ kop->crk_iparams = 6;
1137+ kop->cookie = cookie;
1138+
1139+ if (cryptodev_asym_async(kop, r_len, sig->r , r_len, sig->s))
1140+ goto err;
1141+
1142+ return ret;
1143+err:
1144+ {
1145+ const ECDSA_METHOD *meth = ECDSA_OpenSSL();
1146+ BN_free(sig->r);
1147+ BN_free(sig->s);
1148+ if (kop)
1149+ free(kop);
1150+ sig_ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey);
1151+ sig->r = sig_ret->r;
1152+ sig->s = sig_ret->s;
1153+ cookie->pkc_callback(cookie, 0);
1154+ }
1155+ return ret;
1156+}
1157+
1158+static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len,
1159+ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie)
1160+{
1161+ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL;
1162+ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL;
1163+ BN_CTX *ctx = NULL;
1164+ ECDSA_DATA *ecdsa = NULL;
1165+ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL;
1166+ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL;
1167+ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0;
1168+ int d_len = 0, ab_len = 0, ret = 1;
1169+ const EC_POINT *pub_key = NULL;
1170+ const BIGNUM *order = NULL;
1171+ const EC_GROUP *group=NULL;
1172+ ec_curve_t ec_crv = EC_PRIME;
1173+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
1174+
1175+ if (!kop)
1176+ goto err;
1177+
1178+ memset(kop, 0, sizeof(struct crypt_kop));
1179+ ecdsa = ecdsa_check(eckey);
1180+ if (!ecdsa) {
1181+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
1182+ goto err;
1183+ }
1184+
1185+ group = EC_KEY_get0_group(eckey);
1186+ pub_key = EC_KEY_get0_public_key(eckey);
1187+
1188+ if (!group || !pub_key) {
1189+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
1190+ goto err;
1191+ }
1192+
1193+ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL ||
1194+ (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
1195+ (p = BN_new()) == NULL || (x = BN_new()) == NULL ||
1196+ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL ||
1197+ (w_y = BN_new()) == NULL) {
1198+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1199+ goto err;
1200+ }
1201+
1202+ order = &group->order;
1203+ if (!order || BN_is_zero(order)) {
1204+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
1205+ goto err;
1206+ }
1207+
1208+ i = BN_num_bits(order);
1209+ /* Need to truncate digest if it is too long: first truncate whole
1210+ * bytes */
1211+ if (8 * dgst_len > i)
1212+ dgst_len = (i + 7)/8;
1213+
1214+ if (!BN_bin2bn(dgst, dgst_len, m)) {
1215+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
1216+ goto err;
1217+ }
1218+
1219+ /* If still too long truncate remaining bits with a shift */
1220+ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
1221+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
1222+ goto err;
1223+ }
1224+ /* copy the truncated bits into plain buffer */
1225+ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) {
1226+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1227+ goto err;
1228+ }
1229+
1230+ /* check if this is prime or binary EC request */
1231+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) {
1232+ ec_crv = EC_PRIME;
1233+
1234+ /* get the generator point pair */
1235+ if (!EC_POINT_get_affine_coordinates_GFp (group,
1236+ EC_GROUP_get0_generator(group), x, y,ctx)) {
1237+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1238+ goto err;
1239+ }
1240+
1241+ /* get the public key pair for prime curve */
1242+ if (!EC_POINT_get_affine_coordinates_GFp (group,
1243+ pub_key, w_x, w_y,ctx)) {
1244+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1245+ goto err;
1246+ }
1247+
1248+ /* get the ECC curve parameters */
1249+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) {
1250+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1251+ goto err;
1252+ }
1253+ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){
1254+ ec_crv = EC_BINARY;
1255+ /* get the ECC curve parameters */
1256+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) {
1257+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1258+ goto err;
1259+ }
1260+
1261+ /* get the generator point pair */
1262+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1263+ EC_GROUP_get0_generator(group),x, y,ctx)) {
1264+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1265+ goto err;
1266+ }
1267+
1268+ /* get the public key pair for binary curve */
1269+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1270+ pub_key, w_x, w_y,ctx)) {
1271+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1272+ goto err;
1273+ }
1274+ }else {
1275+ printf("Unsupported Curve\n");
1276+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
1277+ goto err;
1278+ }
1279+
1280+ /* Get the order of the subgroup of private keys */
1281+ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) {
1282+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1283+ goto err;
1284+ }
1285+
1286+ /* Get the irreducible polynomial that creates the field */
1287+ if (spcf_bn2bin(p, &q, &q_len)) {
1288+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1289+ goto err;
1290+ }
1291+
1292+ /* Get the public key into a flat buffer with appropriate padding */
1293+ pub_key_len = 2 * q_len;
1294+
1295+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len);
1296+ if (!w_xy) {
1297+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1298+ goto err;
1299+ }
1300+
1301+ /* Generation of ECC curve parameters */
1302+ ab_len = 2*q_len;
1303+
1304+ ab = eng_copy_curve_points (a, b, ab_len, q_len);
1305+ if (!ab) {
1306+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1307+ goto err;
1308+ }
1309+
1310+ if (ec_crv == EC_BINARY) {
1311+ /* copy b' i.e c(b), instead of only b */
1312+ eng_ec_get_cparam (EC_GROUP_get_curve_name(group),
1313+ ab+q_len, q_len);
1314+ kop->curve_type = ECC_BINARY;
1315+ }
1316+
1317+ /* Calculation of Generator point */
1318+ g_len = 2 * q_len;
1319+
1320+ g_xy = eng_copy_curve_points (x, y, g_len, q_len);
1321+ if (!g_xy) {
1322+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1323+ goto err;
1324+ }
1325+
1326+ /**
1327+ * Get the 1st part of signature into a flat buffer with
1328+ * appropriate padding
1329+ */
1330+ if (BN_num_bytes(sig->r) < r_len)
1331+ c_len = r_len;
1332+
1333+ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) {
1334+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1335+ goto err;
1336+ }
1337+
1338+ /**
1339+ * Get the 2nd part of signature into a flat buffer with
1340+ * appropriate padding
1341+ */
1342+ if (BN_num_bytes(sig->s) < r_len)
1343+ d_len = r_len;
1344+
1345+ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) {
1346+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1347+ goto err;
1348+ }
1349+
1350+ /* memory for message representative */
1351+ f = malloc(r_len);
1352+ if (!f) {
1353+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1354+ goto err;
1355+ }
1356+
1357+ /* Add padding, since SEC expects hash to of size r_len */
1358+ memset(f, 0, r_len-dgst_len);
1359+
1360+ /* Skip leading bytes if dgst_len < r_len */
1361+ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len);
1362+
1363+ dgst_len += r_len-dgst_len;
1364+
1365+ kop->crk_op = CRK_DSA_VERIFY;
1366+ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
1367+ kop->crk_param[0].crp_p = f;
1368+ kop->crk_param[0].crp_nbits = dgst_len * 8;
1369+ kop->crk_param[1].crp_p = q;
1370+ kop->crk_param[1].crp_nbits = q_len * 8;
1371+ kop->crk_param[2].crp_p = r;
1372+ kop->crk_param[2].crp_nbits = r_len * 8;
1373+ kop->crk_param[3].crp_p = g_xy;
1374+ kop->crk_param[3].crp_nbits = g_len * 8;
1375+ kop->crk_param[4].crp_p = w_xy;
1376+ kop->crk_param[4].crp_nbits = pub_key_len * 8;
1377+ kop->crk_param[5].crp_p = ab;
1378+ kop->crk_param[5].crp_nbits = ab_len * 8;
1379+ kop->crk_param[6].crp_p = c;
1380+ kop->crk_param[6].crp_nbits = d_len * 8;
1381+ kop->crk_param[7].crp_p = d;
1382+ kop->crk_param[7].crp_nbits = d_len * 8;
1383+ kop->crk_iparams = 8;
1384+ kop->cookie = cookie;
1385+
1386+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL))
1387+ goto err;
1388+
1389+ return ret;
1390+err:
1391+ {
1392+ const ECDSA_METHOD *meth = ECDSA_OpenSSL();
1393+
1394+ if (kop)
1395+ free(kop);
1396+ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey);
1397+ cookie->pkc_callback(cookie, 0);
1398+ }
1399+
1400+ return ret;
1401+}
1402+
1403+/* Cryptodev DH Key Gen routine */
1404+static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie)
1405+{
1406+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
1407+ int ret = 1, g_len;
1408+ unsigned char *g = NULL;
1409+
1410+ if (!kop)
1411+ goto sw_try;
1412+
1413+ if (dh->priv_key == NULL) {
1414+ if ((dh->priv_key=BN_new()) == NULL)
1415+ goto sw_try;
1416+ }
1417+
1418+ if (dh->pub_key == NULL) {
1419+ if ((dh->pub_key=BN_new()) == NULL)
1420+ goto sw_try;
1421+ }
1422+
1423+ g_len = BN_num_bytes(dh->p);
1424+ /**
1425+ * Get generator into a plain buffer. If length is less than
1426+ * q_len then add leading padding bytes.
1427 */
1428- if (BN_num_bytes(sig->s) < r_len)
1429- d_len = r_len;
1430-
1431- if (spcf_bn2bin_ex(sig->s, &d, &d_len)) {
1432- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1433- goto err;
1434- }
1435-
1436- /* memory for message representative */
1437- f = malloc(r_len);
1438- if (!f) {
1439- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
1440- goto err;
1441+ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) {
1442+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
1443+ goto sw_try;
1444 }
1445
1446- /* Add padding, since SEC expects hash to of size r_len */
1447- memset(f, 0, r_len-dgst_len);
1448+ memset(kop, 0, sizeof(struct crypt_kop));
1449+ kop->crk_op = CRK_DH_GENERATE_KEY;
1450+ if (bn2crparam(dh->p, &kop->crk_param[0]))
1451+ goto sw_try;
1452+ if (bn2crparam(dh->q, &kop->crk_param[1]))
1453+ goto sw_try;
1454+ kop->crk_param[2].crp_p = g;
1455+ kop->crk_param[2].crp_nbits = g_len * 8;
1456+ kop->crk_iparams = 3;
1457+ kop->cookie = cookie;
1458
1459- /* Skip leading bytes if dgst_len < r_len */
1460- memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len);
1461- dgst_len += r_len-dgst_len;
1462- kop.crk_op = CRK_DSA_VERIFY;
1463- /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
1464- kop.crk_param[0].crp_p = f;
1465- kop.crk_param[0].crp_nbits = dgst_len * 8;
1466- kop.crk_param[1].crp_p = q;
1467- kop.crk_param[1].crp_nbits = q_len * 8;
1468- kop.crk_param[2].crp_p = r;
1469- kop.crk_param[2].crp_nbits = r_len * 8;
1470- kop.crk_param[3].crp_p = g_xy;
1471- kop.crk_param[3].crp_nbits = g_len * 8;
1472- kop.crk_param[4].crp_p = w_xy;
1473- kop.crk_param[4].crp_nbits = pub_key_len * 8;
1474- kop.crk_param[5].crp_p = ab;
1475- kop.crk_param[5].crp_nbits = ab_len * 8;
1476- kop.crk_param[6].crp_p = c;
1477- kop.crk_param[6].crp_nbits = d_len * 8;
1478- kop.crk_param[7].crp_p = d;
1479- kop.crk_param[7].crp_nbits = d_len * 8;
1480- kop.crk_iparams = 8;
1481+ /* pub_key is or prime length while priv key is of length of order */
1482+ if (cryptodev_asym_async(kop, BN_num_bytes(dh->p), dh->pub_key,
1483+ BN_num_bytes(dh->q), dh->priv_key))
1484+ goto sw_try;
1485
1486- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
1487- /*OCF success value is 0, if not zero, change ret to fail*/
1488- if(0 == kop.crk_status)
1489- ret = 1;
1490- } else {
1491- const ECDSA_METHOD *meth = ECDSA_OpenSSL();
1492+ return ret;
1493+sw_try:
1494+ {
1495+ const DH_METHOD *meth = DH_OpenSSL();
1496
1497- ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey);
1498+ if (kop)
1499+ free(kop);
1500+ ret = (meth->generate_key)(dh);
1501+ cookie->pkc_callback(cookie, 0);
1502 }
1503- kop.crk_param[0].crp_p = NULL;
1504- zapparams(&kop);
1505-
1506-err:
1507 return ret;
1508 }
1509
1510@@ -2327,6 +3350,54 @@ sw_try:
1511 return (dhret);
1512 }
1513
1514+/* Return Length if successful and 0 on failure */
1515+static int
1516+cryptodev_dh_compute_key_async(unsigned char *key, const BIGNUM *pub_key,
1517+ DH *dh, struct pkc_cookie_s *cookie)
1518+{
1519+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
1520+ int ret = 1;
1521+ int fd, p_len;
1522+ unsigned char *padded_pub_key = NULL, *p = NULL;
1523+
1524+ fd = *(int *)cookie->eng_handle;
1525+
1526+ memset(kop, 0, sizeof(struct crypt_kop));
1527+ kop->crk_op = CRK_DH_COMPUTE_KEY;
1528+ /* inputs: dh->priv_key pub_key dh->p key */
1529+ spcf_bn2bin(dh->p, &p, &p_len);
1530+ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len);
1531+
1532+ if (bn2crparam(dh->priv_key, &kop->crk_param[0]))
1533+ goto err;
1534+ kop->crk_param[1].crp_p = padded_pub_key;
1535+ kop->crk_param[1].crp_nbits = p_len * 8;
1536+ kop->crk_param[2].crp_p = p;
1537+ kop->crk_param[2].crp_nbits = p_len * 8;
1538+ kop->crk_iparams = 3;
1539+
1540+ kop->cookie = cookie;
1541+ kop->crk_param[3].crp_p = (void*) key;
1542+ kop->crk_param[3].crp_nbits = p_len * 8;
1543+ kop->crk_oparams = 1;
1544+
1545+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL))
1546+ goto err;
1547+
1548+ return p_len;
1549+err:
1550+ {
1551+ const DH_METHOD *meth = DH_OpenSSL();
1552+
1553+ if (kop)
1554+ free(kop);
1555+ ret = (meth->compute_key)(key, pub_key, dh);
1556+ /* Call user cookie handler */
1557+ cookie->pkc_callback(cookie, 0);
1558+ }
1559+ return (ret);
1560+}
1561+
1562 int cryptodev_ecdh_compute_key(void *out, size_t outlen,
1563 const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen,
1564 void *out, size_t *outlen))
1565@@ -2504,6 +3575,190 @@ err:
1566 return ret;
1567 }
1568
1569+int cryptodev_ecdh_compute_key_async(void *out, size_t outlen,
1570+ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen,
1571+ void *out, size_t *outlen), struct pkc_cookie_s *cookie)
1572+{
1573+ ec_curve_t ec_crv = EC_PRIME;
1574+ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL;
1575+ BIGNUM * w_x = NULL, *w_y = NULL;
1576+ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0;
1577+ BIGNUM * p = NULL, *a = NULL, *b = NULL;
1578+ BN_CTX *ctx;
1579+ EC_POINT *tmp=NULL;
1580+ BIGNUM *x=NULL, *y=NULL;
1581+ const BIGNUM *priv_key;
1582+ const EC_GROUP* group = NULL;
1583+ int ret = 1;
1584+ size_t buflen, len;
1585+ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
1586+
1587+ if (!(ctx = BN_CTX_new()) || !kop)
1588+ goto err;
1589+
1590+ memset(kop, 0, sizeof(struct crypt_kop));
1591+
1592+ BN_CTX_start(ctx);
1593+ x = BN_CTX_get(ctx);
1594+ y = BN_CTX_get(ctx);
1595+ p = BN_CTX_get(ctx);
1596+ a = BN_CTX_get(ctx);
1597+ b = BN_CTX_get(ctx);
1598+ w_x = BN_CTX_get(ctx);
1599+ w_y = BN_CTX_get(ctx);
1600+
1601+ if (!x || !y || !p || !a || !b || !w_x || !w_y) {
1602+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
1603+ goto err;
1604+ }
1605+
1606+ priv_key = EC_KEY_get0_private_key(ecdh);
1607+ if (priv_key == NULL) {
1608+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
1609+ goto err;
1610+ }
1611+
1612+ group = EC_KEY_get0_group(ecdh);
1613+ if ((tmp=EC_POINT_new(group)) == NULL) {
1614+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
1615+ goto err;
1616+ }
1617+
1618+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
1619+ NID_X9_62_prime_field) {
1620+ ec_crv = EC_PRIME;
1621+
1622+ if (!EC_POINT_get_affine_coordinates_GFp(group,
1623+ EC_GROUP_get0_generator(group), x, y, ctx)) {
1624+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
1625+ goto err;
1626+ }
1627+
1628+ /* get the ECC curve parameters */
1629+ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) {
1630+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1631+ goto err;
1632+ }
1633+
1634+ /* get the public key pair for prime curve */
1635+ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) {
1636+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1637+ goto err;
1638+ }
1639+ } else {
1640+ ec_crv = EC_BINARY;
1641+
1642+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1643+ EC_GROUP_get0_generator(group), x, y, ctx)) {
1644+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
1645+ goto err;
1646+ }
1647+
1648+ /* get the ECC curve parameters */
1649+ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) {
1650+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1651+ goto err;
1652+ }
1653+
1654+ /* get the public key pair for binary curve */
1655+ if (!EC_POINT_get_affine_coordinates_GF2m(group,
1656+ pub_key, w_x, w_y,ctx)) {
1657+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
1658+ goto err;
1659+ }
1660+ }
1661+
1662+ /* irreducible polynomial that creates the field */
1663+ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) {
1664+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1665+ goto err;
1666+ }
1667+
1668+ /* Get the irreducible polynomial that creates the field */
1669+ if (spcf_bn2bin(p, &q, &q_len)) {
1670+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1671+ goto err;
1672+ }
1673+
1674+ /* Get the public key into a flat buffer with appropriate padding */
1675+ pub_key_len = 2 * q_len;
1676+ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len);
1677+ if (!w_xy) {
1678+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1679+ goto err;
1680+ }
1681+
1682+ /* Generation of ECC curve parameters */
1683+ ab_len = 2*q_len;
1684+ ab = eng_copy_curve_points (a, b, ab_len, q_len);
1685+ if (!ab) {
1686+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
1687+ goto err;
1688+ }
1689+
1690+ if (ec_crv == EC_BINARY) {
1691+ /* copy b' i.e c(b), instead of only b */
1692+ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len))
1693+ {
1694+ unsigned char *c_temp = NULL;
1695+ int c_temp_len = q_len;
1696+ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len))
1697+ memcpy(ab+q_len, c_temp, q_len);
1698+ else
1699+ goto err;
1700+ }
1701+ kop->curve_type = ECC_BINARY;
1702+ } else
1703+ kop->curve_type = ECC_PRIME;
1704+
1705+ priv_key_len = r_len;
1706+
1707+ /*
1708+ * If BN_num_bytes of priv_key returns less then r_len then
1709+ * add padding bytes before the key
1710+ */
1711+ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) {
1712+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
1713+ goto err;
1714+ }
1715+
1716+ buflen = (EC_GROUP_get_degree(group) + 7)/8;
1717+ len = BN_num_bytes(x);
1718+ if (len > buflen || q_len < buflen) {
1719+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
1720+ goto err;
1721+ }
1722+
1723+ kop->crk_op = CRK_DH_COMPUTE_KEY;
1724+ kop->crk_param[0].crp_p = (void *) s;
1725+ kop->crk_param[0].crp_nbits = priv_key_len*8;
1726+ kop->crk_param[1].crp_p = (void *) w_xy;
1727+ kop->crk_param[1].crp_nbits = pub_key_len*8;
1728+ kop->crk_param[2].crp_p = (void *) q;
1729+ kop->crk_param[2].crp_nbits = q_len*8;
1730+ kop->crk_param[3].crp_p = (void *) ab;
1731+ kop->crk_param[3].crp_nbits = ab_len*8;
1732+ kop->crk_iparams = 4;
1733+ kop->crk_param[4].crp_p = (void *) out;
1734+ kop->crk_param[4].crp_nbits = q_len*8;
1735+ kop->crk_oparams = 1;
1736+ kop->cookie = cookie;
1737+ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL))
1738+ goto err;
1739+
1740+ return q_len;
1741+err:
1742+ {
1743+ const ECDH_METHOD *meth = ECDH_OpenSSL();
1744+
1745+ if (kop)
1746+ free(kop);
1747+ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF);
1748+ /* Call user cookie handler */
1749+ cookie->pkc_callback(cookie, 0);
1750+ }
1751+ return ret;
1752+}
1753
1754 static DH_METHOD cryptodev_dh = {
1755 "cryptodev DH method",
1756@@ -2512,6 +3767,8 @@ static DH_METHOD cryptodev_dh = {
1757 NULL,
1758 NULL,
1759 NULL,
1760+ NULL,
1761+ NULL,
1762 0, /* flags */
1763 NULL /* app_data */
1764 };
1765@@ -2520,6 +3777,7 @@ static ECDH_METHOD cryptodev_ecdh = {
1766 "cryptodev ECDH method",
1767 NULL, /* cryptodev_ecdh_compute_key */
1768 NULL,
1769+ NULL,
1770 0, /* flags */
1771 NULL /* app_data */
1772 };
1773@@ -2593,12 +3851,19 @@ ENGINE_load_cryptodev(void)
1774 cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
1775 if (cryptodev_asymfeat & CRF_MOD_EXP) {
1776 cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
1777- if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
1778+ cryptodev_rsa.bn_mod_exp_async =
1779+ cryptodev_bn_mod_exp_async;
1780+ if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) {
1781 cryptodev_rsa.rsa_mod_exp =
1782 cryptodev_rsa_mod_exp;
1783- else
1784+ cryptodev_rsa.rsa_mod_exp_async =
1785+ cryptodev_rsa_mod_exp_async;
1786+ } else {
1787 cryptodev_rsa.rsa_mod_exp =
1788 cryptodev_rsa_nocrt_mod_exp;
1789+ cryptodev_rsa.rsa_mod_exp_async =
1790+ cryptodev_rsa_nocrt_mod_exp_async;
1791+ }
1792 }
1793 }
1794
1795@@ -2606,12 +3871,21 @@ ENGINE_load_cryptodev(void)
1796 const DSA_METHOD *meth = DSA_OpenSSL();
1797
1798 memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
1799- if (cryptodev_asymfeat & CRF_DSA_SIGN)
1800+ if (cryptodev_asymfeat & CRF_DSA_SIGN) {
1801 cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
1802- if (cryptodev_asymfeat & CRF_DSA_VERIFY)
1803+ cryptodev_dsa.dsa_do_sign_async =
1804+ cryptodev_dsa_do_sign_async;
1805+ }
1806+ if (cryptodev_asymfeat & CRF_DSA_VERIFY) {
1807 cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
1808- if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY)
1809+ cryptodev_dsa.dsa_do_verify_async =
1810+ cryptodev_dsa_verify_async;
1811+ }
1812+ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) {
1813 cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen;
1814+ cryptodev_dsa.dsa_keygen_async =
1815+ cryptodev_dsa_keygen_async;
1816+ }
1817 }
1818
1819 if (ENGINE_set_DH(engine, &cryptodev_dh)){
1820@@ -2620,10 +3894,15 @@ ENGINE_load_cryptodev(void)
1821 if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) {
1822 cryptodev_dh.compute_key =
1823 cryptodev_dh_compute_key;
1824+ cryptodev_dh.compute_key_async =
1825+ cryptodev_dh_compute_key_async;
1826 }
1827 if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) {
1828 cryptodev_dh.generate_key =
1829 cryptodev_dh_keygen;
1830+ cryptodev_dh.generate_key_async =
1831+ cryptodev_dh_keygen_async;
1832+
1833 }
1834 }
1835
1836@@ -2632,10 +3911,14 @@ ENGINE_load_cryptodev(void)
1837 memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD));
1838 if (cryptodev_asymfeat & CRF_DSA_SIGN) {
1839 cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign;
1840+ cryptodev_ecdsa.ecdsa_do_sign_async =
1841+ cryptodev_ecdsa_do_sign_async;
1842 }
1843 if (cryptodev_asymfeat & CRF_DSA_VERIFY) {
1844 cryptodev_ecdsa.ecdsa_do_verify =
1845 cryptodev_ecdsa_verify;
1846+ cryptodev_ecdsa.ecdsa_do_verify_async =
1847+ cryptodev_ecdsa_verify_async;
1848 }
1849 }
1850
1851@@ -2644,9 +3927,16 @@ ENGINE_load_cryptodev(void)
1852 memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD));
1853 if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) {
1854 cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key;
1855+ cryptodev_ecdh.compute_key_async =
1856+ cryptodev_ecdh_compute_key_async;
1857 }
1858 }
1859
1860+ ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability);
1861+ ENGINE_set_close_instance(engine, cryptodev_close_instance);
1862+ ENGINE_set_init_instance(engine, cryptodev_init_instance);
1863+ ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC);
1864+
1865 ENGINE_add(engine);
1866 ENGINE_free(engine);
1867 ERR_clear_error();
1868diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h
1869index 451ef8f..8fc3077 100644
1870--- a/crypto/engine/eng_int.h
1871+++ b/crypto/engine/eng_int.h
1872@@ -181,7 +181,29 @@ struct engine_st
1873 ENGINE_LOAD_KEY_PTR load_pubkey;
1874
1875 ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
1876-
1877+ /*
1878+ * Instantiate Engine handle to be passed in check_pkc_availability
1879+ * Ensure that Engine is instantiated before any pkc asynchronous call.
1880+ */
1881+ void *(*engine_init_instance)(void);
1882+ /*
1883+ * Instantiated Engine handle will be closed with this call.
1884+ * Ensure that no pkc asynchronous call is made after this call
1885+ */
1886+ void (*engine_close_instance)(void *handle);
1887+ /*
1888+ * Check availability will extract the data from kernel.
1889+ * eng_handle: This is the Engine handle corresponds to which
1890+ * the cookies needs to be polled.
1891+ * return 0 if cookie available else 1
1892+ */
1893+ int (*check_pkc_availability)(void *eng_handle);
1894+ /*
1895+ * The following map is used to check if the engine supports asynchronous implementation
1896+ * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous
1897+ * implementation need to check this features using "int ENGINE_get_async_map(engine *)";
1898+ */
1899+ int async_map;
1900 const ENGINE_CMD_DEFN *cmd_defns;
1901 int flags;
1902 /* reference count on the structure itself */
1903diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
1904index 18a6664..6fa621c 100644
1905--- a/crypto/engine/eng_lib.c
1906+++ b/crypto/engine/eng_lib.c
1907@@ -98,7 +98,11 @@ void engine_set_all_null(ENGINE *e)
1908 e->ctrl = NULL;
1909 e->load_privkey = NULL;
1910 e->load_pubkey = NULL;
1911+ e->check_pkc_availability = NULL;
1912+ e->engine_init_instance = NULL;
1913+ e->engine_close_instance = NULL;
1914 e->cmd_defns = NULL;
1915+ e->async_map = 0;
1916 e->flags = 0;
1917 }
1918
1919@@ -233,6 +237,48 @@ int ENGINE_set_id(ENGINE *e, const char *id)
1920 return 1;
1921 }
1922
1923+void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void))
1924+ {
1925+ e->engine_init_instance = engine_init_instance;
1926+ }
1927+
1928+void ENGINE_set_close_instance(ENGINE *e,
1929+ void (*engine_close_instance)(void *))
1930+ {
1931+ e->engine_close_instance = engine_close_instance;
1932+ }
1933+
1934+void ENGINE_set_async_map(ENGINE *e, int async_map)
1935+ {
1936+ e->async_map = async_map;
1937+ }
1938+
1939+void *ENGINE_init_instance(ENGINE *e)
1940+ {
1941+ return e->engine_init_instance();
1942+ }
1943+
1944+void ENGINE_close_instance(ENGINE *e, void *eng_handle)
1945+ {
1946+ e->engine_close_instance(eng_handle);
1947+ }
1948+
1949+int ENGINE_get_async_map(ENGINE *e)
1950+ {
1951+ return e->async_map;
1952+ }
1953+
1954+void ENGINE_set_check_pkc_availability(ENGINE *e,
1955+ int (*check_pkc_availability)(void *eng_handle))
1956+ {
1957+ e->check_pkc_availability = check_pkc_availability;
1958+ }
1959+
1960+int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle)
1961+ {
1962+ return e->check_pkc_availability(eng_handle);
1963+ }
1964+
1965 int ENGINE_set_name(ENGINE *e, const char *name)
1966 {
1967 if(name == NULL)
1968diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
1969index 237a6c9..ccff86a 100644
1970--- a/crypto/engine/engine.h
1971+++ b/crypto/engine/engine.h
1972@@ -473,6 +473,30 @@ ENGINE *ENGINE_new(void);
1973 int ENGINE_free(ENGINE *e);
1974 int ENGINE_up_ref(ENGINE *e);
1975 int ENGINE_set_id(ENGINE *e, const char *id);
1976+void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void));
1977+void ENGINE_set_close_instance(ENGINE *e,
1978+ void (*engine_free_instance)(void *));
1979+/*
1980+ * Following FLAGS are bitmap store in async_map to set asynchronous interface capability
1981+ *of the engine
1982+ */
1983+#define ENGINE_RSA_ASYNC 0x0001
1984+#define ENGINE_DSA_ASYNC 0x0002
1985+#define ENGINE_DH_ASYNC 0x0004
1986+#define ENGINE_ECDSA_ASYNC 0x0008
1987+#define ENGINE_ECDH_ASYNC 0x0010
1988+#define ENGINE_ALLPKC_ASYNC 0x001F
1989+/* Engine implementation will set the bitmap based on above flags using following API */
1990+void ENGINE_set_async_map(ENGINE *e, int async_map);
1991+ /* Application need to check the bitmap based on above flags using following API
1992+ * to confirm asynchronous methods supported
1993+ */
1994+int ENGINE_get_async_map(ENGINE *e);
1995+void *ENGINE_init_instance(ENGINE *e);
1996+void ENGINE_close_instance(ENGINE *e, void *eng_handle);
1997+void ENGINE_set_check_pkc_availability(ENGINE *e,
1998+ int (*check_pkc_availability)(void *eng_handle));
1999+int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle);
2000 int ENGINE_set_name(ENGINE *e, const char *name);
2001 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
2002 int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
2003diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
2004index 5f269e5..6ef1b15 100644
2005--- a/crypto/rsa/rsa.h
2006+++ b/crypto/rsa/rsa.h
2007@@ -101,6 +101,29 @@ struct rsa_meth_st
2008 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
2009 const BIGNUM *m, BN_CTX *ctx,
2010 BN_MONT_CTX *m_ctx); /* Can be null */
2011+ /*
2012+ * Cookie in the following _async variant must be allocated before
2013+ * submission and can be freed once its corresponding callback
2014+ * handler is called
2015+ */
2016+ int (*rsa_pub_enc_asyn)(int flen,const unsigned char *from,
2017+ unsigned char *to, RSA *rsa, int padding,
2018+ struct pkc_cookie_s *cookie);
2019+ int (*rsa_pub_dec_async)(int flen,const unsigned char *from,
2020+ unsigned char *to, RSA *rsa, int padding,
2021+ struct pkc_cookie_s *cookie);
2022+ int (*rsa_priv_enc_async)(int flen,const unsigned char *from,
2023+ unsigned char *to, RSA *rsa, int padding,
2024+ struct pkc_cookie_s *cookie);
2025+ int (*rsa_priv_dec_async)(int flen,const unsigned char *from,
2026+ unsigned char *to, RSA *rsa, int padding,
2027+ struct pkc_cookie_s *cookie);
2028+ int (*rsa_mod_exp_async)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
2029+ BN_CTX *ctx, struct pkc_cookie_s *cookie);
2030+ int (*bn_mod_exp_async)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
2031+ const BIGNUM *m, BN_CTX *ctx,
2032+ BN_MONT_CTX *m_ctx, struct pkc_cookie_s *cookie);
2033+
2034 int (*init)(RSA *rsa); /* called at new */
2035 int (*finish)(RSA *rsa); /* called at free */
2036 int flags; /* RSA_METHOD_FLAG_* things */
2037--
20381.7.9.7
2039
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch
new file mode 100644
index 000000000..a4178841b
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch
@@ -0,0 +1,106 @@
1From 6555c11c9f62fc37c60bb335cfeb5c9d641e493a Mon Sep 17 00:00:00 2001
2From: Cristian Stoica <cristian.stoica@freescale.com>
3Date: Fri, 21 Mar 2014 16:22:27 +0200
4Subject: [PATCH][fsl 09/15] eng_cryptodev: extend TLS offload with new
5 algorithms
6
7Upstream-status: Pending
8
9- aes-192-cbc-hmac-sha1
10- aes-256-cbc-hmac-sha1
11
12Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com>
13---
14 crypto/engine/eng_cryptodev.c | 41 +++++++++++++++++++++++++++++++++++++++++
15 1 file changed, 41 insertions(+)
16
17diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
18index c5e8fb3..e2d4c53 100644
19--- a/crypto/engine/eng_cryptodev.c
20+++ b/crypto/engine/eng_cryptodev.c
21@@ -248,6 +248,8 @@ static struct {
22 { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0},
23 { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0},
24 { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20},
25+ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_192_cbc_hmac_sha1, 16, 24, 20},
26+ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20},
27 { 0, NID_undef, 0, 0, 0},
28 };
29
30@@ -536,6 +538,8 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
31 /* TODO: make a seamless integration with cryptodev flags */
32 switch (ctx->cipher->nid) {
33 case NID_aes_128_cbc_hmac_sha1:
34+ case NID_aes_192_cbc_hmac_sha1:
35+ case NID_aes_256_cbc_hmac_sha1:
36 cryp.flags = COP_FLAG_AEAD_TLS_TYPE;
37 }
38 cryp.ses = sess->ses;
39@@ -729,6 +733,8 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
40 /* TODO: this should be an extension of EVP_CIPHER struct */
41 switch (ctx->cipher->nid) {
42 case NID_aes_128_cbc_hmac_sha1:
43+ case NID_aes_192_cbc_hmac_sha1:
44+ case NID_aes_256_cbc_hmac_sha1:
45 maclen = SHA_DIGEST_LENGTH;
46 }
47
48@@ -871,6 +877,33 @@ const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = {
49 NULL
50 };
51
52+const EVP_CIPHER cryptodev_aes_192_cbc_hmac_sha1 = {
53+ NID_aes_192_cbc_hmac_sha1,
54+ 16, 24, 16,
55+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER,
56+ cryptodev_init_aead_key,
57+ cryptodev_aead_cipher,
58+ cryptodev_cleanup,
59+ sizeof(struct dev_crypto_state),
60+ EVP_CIPHER_set_asn1_iv,
61+ EVP_CIPHER_get_asn1_iv,
62+ cryptodev_cbc_hmac_sha1_ctrl,
63+ NULL
64+};
65+
66+const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = {
67+ NID_aes_256_cbc_hmac_sha1,
68+ 16, 32, 16,
69+ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER,
70+ cryptodev_init_aead_key,
71+ cryptodev_aead_cipher,
72+ cryptodev_cleanup,
73+ sizeof(struct dev_crypto_state),
74+ EVP_CIPHER_set_asn1_iv,
75+ EVP_CIPHER_get_asn1_iv,
76+ cryptodev_cbc_hmac_sha1_ctrl,
77+ NULL
78+};
79 /*
80 * Registered by the ENGINE when used to find out how to deal with
81 * a particular NID in the ENGINE. this says what we'll do at the
82@@ -911,6 +944,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
83 case NID_aes_128_cbc_hmac_sha1:
84 *cipher = &cryptodev_aes_128_cbc_hmac_sha1;
85 break;
86+ case NID_aes_192_cbc_hmac_sha1:
87+ *cipher = &cryptodev_aes_192_cbc_hmac_sha1;
88+ break;
89+ case NID_aes_256_cbc_hmac_sha1:
90+ *cipher = &cryptodev_aes_256_cbc_hmac_sha1;
91+ break;
92 default:
93 *cipher = NULL;
94 break;
95@@ -3830,6 +3869,8 @@ ENGINE_load_cryptodev(void)
96 put_dev_crypto(fd);
97
98 EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1);
99+ EVP_add_cipher(&cryptodev_aes_192_cbc_hmac_sha1);
100+ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1);
101 if (!ENGINE_set_id(engine, "cryptodev") ||
102 !ENGINE_set_name(engine, "BSD cryptodev engine") ||
103 !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
104--
1051.7.9.7
106
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch
new file mode 100644
index 000000000..4eaaeaaa1
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch
@@ -0,0 +1,153 @@
1From a08f27a22d2c78f058b63dd2565925ca92ad08b2 Mon Sep 17 00:00:00 2001
2From: Hou Zhiqiang <B48286@freescale.com>
3Date: Wed, 2 Apr 2014 16:10:43 +0800
4Subject: [PATCH][fsl 10/15] Add RSA keygen operation and support gendsa
5 command with hardware engine
6
7Upstream-status: Pending
8
9Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
10Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
11---
12 crypto/engine/eng_cryptodev.c | 118 +++++++++++++++++++++++++++++++++++++++++
13 1 file changed, 118 insertions(+)
14
15diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
16index e2d4c53..0a6567c 100644
17--- a/crypto/engine/eng_cryptodev.c
18+++ b/crypto/engine/eng_cryptodev.c
19@@ -1912,6 +1912,121 @@ err:
20 return dsaret;
21 }
22
23+/* Cryptodev RSA Key Gen routine */
24+static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
25+{
26+ struct crypt_kop kop;
27+ int ret, fd;
28+ int p_len, q_len;
29+ int i;
30+
31+ if ((fd = get_asym_dev_crypto()) < 0)
32+ return fd;
33+
34+ if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err;
35+ if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err;
36+ if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err;
37+ if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err;
38+ if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err;
39+ if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err;
40+ if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err;
41+ if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err;
42+
43+ BN_copy(rsa->e, e);
44+
45+ p_len = (bits+1) / (2 * 8);
46+ q_len = (bits - p_len * 8) / 8;
47+ memset(&kop, 0, sizeof kop);
48+ kop.crk_op = CRK_RSA_GENERATE_KEY;
49+
50+ /* p length */
51+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
52+ if (!kop.crk_param[kop.crk_iparams].crp_p)
53+ goto err;
54+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
55+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
56+ kop.crk_iparams++;
57+ kop.crk_oparams++;
58+ /* q length */
59+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
60+ if (!kop.crk_param[kop.crk_iparams].crp_p)
61+ goto err;
62+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
63+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
64+ kop.crk_iparams++;
65+ kop.crk_oparams++;
66+ /* n length */
67+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char));
68+ if (!kop.crk_param[kop.crk_iparams].crp_p)
69+ goto err;
70+ kop.crk_param[kop.crk_iparams].crp_nbits = bits;
71+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1);
72+ kop.crk_iparams++;
73+ kop.crk_oparams++;
74+ /* d length */
75+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char));
76+ if (!kop.crk_param[kop.crk_iparams].crp_p)
77+ goto err;
78+ kop.crk_param[kop.crk_iparams].crp_nbits = bits;
79+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1);
80+ kop.crk_iparams++;
81+ kop.crk_oparams++;
82+ /* dp1 length */
83+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
84+ if (!kop.crk_param[kop.crk_iparams].crp_p)
85+ goto err;
86+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
87+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
88+ kop.crk_iparams++;
89+ kop.crk_oparams++;
90+ /* dq1 length */
91+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
92+ if (!kop.crk_param[kop.crk_iparams].crp_p)
93+ goto err;
94+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
95+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
96+ kop.crk_iparams++;
97+ kop.crk_oparams++;
98+ /* i length */
99+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
100+ if (!kop.crk_param[kop.crk_iparams].crp_p)
101+ goto err;
102+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
103+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
104+ kop.crk_iparams++;
105+ kop.crk_oparams++;
106+
107+ if (ioctl(fd, CIOCKEY, &kop) == 0) {
108+ BN_bin2bn(kop.crk_param[0].crp_p,
109+ p_len, rsa->p);
110+ BN_bin2bn(kop.crk_param[1].crp_p,
111+ q_len, rsa->q);
112+ BN_bin2bn(kop.crk_param[2].crp_p,
113+ bits / 8, rsa->n);
114+ BN_bin2bn(kop.crk_param[3].crp_p,
115+ bits / 8, rsa->d);
116+ BN_bin2bn(kop.crk_param[4].crp_p,
117+ p_len, rsa->dmp1);
118+ BN_bin2bn(kop.crk_param[5].crp_p,
119+ q_len, rsa->dmq1);
120+ BN_bin2bn(kop.crk_param[6].crp_p,
121+ p_len, rsa->iqmp);
122+ return 1;
123+ }
124+sw_try:
125+ {
126+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
127+ ret = (meth->rsa_keygen)(rsa, bits, e, cb);
128+ }
129+ return ret;
130+
131+err:
132+ for (i = 0; i < CRK_MAXPARAM; i++)
133+ free(kop.crk_param[i].crp_p);
134+ return 0;
135+
136+}
137+
138 /* Cryptodev DSA Key Gen routine */
139 static int cryptodev_dsa_keygen(DSA *dsa)
140 {
141@@ -3905,6 +4020,9 @@ ENGINE_load_cryptodev(void)
142 cryptodev_rsa.rsa_mod_exp_async =
143 cryptodev_rsa_nocrt_mod_exp_async;
144 }
145+ if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY)
146+ cryptodev_rsa.rsa_keygen =
147+ cryptodev_rsa_keygen;
148 }
149 }
150
151--
1521.7.9.7
153
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch
new file mode 100644
index 000000000..b2d636a4d
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0011-RSA-Keygen-Fix.patch
@@ -0,0 +1,64 @@
1From f44fc935d5bc601cd625a64a366e64b19f2bb730 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Wed, 16 Apr 2014 22:53:04 +0545
4Subject: [PATCH][fsl 11/15] RSA Keygen Fix
5
6Upstream-status: Pending
7
8If Kernel driver doesn't support RSA Keygen or same returns
9error handling the keygen operation, the keygen is gracefully
10handled by software supported rsa_keygen handler
11
12Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
13Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
14---
15 crypto/engine/eng_cryptodev.c | 12 +++++++-----
16 1 file changed, 7 insertions(+), 5 deletions(-)
17
18diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
19index 0a6567c..5d54f7e 100644
20--- a/crypto/engine/eng_cryptodev.c
21+++ b/crypto/engine/eng_cryptodev.c
22@@ -1921,7 +1921,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
23 int i;
24
25 if ((fd = get_asym_dev_crypto()) < 0)
26- return fd;
27+ goto sw_try;
28
29 if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err;
30 if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err;
31@@ -1942,7 +1942,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
32 /* p length */
33 kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
34 if (!kop.crk_param[kop.crk_iparams].crp_p)
35- goto err;
36+ goto sw_try;
37 kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
38 memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
39 kop.crk_iparams++;
40@@ -1950,7 +1950,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
41 /* q length */
42 kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
43 if (!kop.crk_param[kop.crk_iparams].crp_p)
44- goto err;
45+ goto sw_try;
46 kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
47 memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
48 kop.crk_iparams++;
49@@ -2015,8 +2015,10 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
50 }
51 sw_try:
52 {
53- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
54- ret = (meth->rsa_keygen)(rsa, bits, e, cb);
55+ const RSA_METHOD *meth = rsa->meth;
56+ rsa->meth = RSA_PKCS1_SSLeay();
57+ ret = RSA_generate_key_ex(rsa, bits, e, cb);
58+ rsa->meth = meth;
59 }
60 return ret;
61
62--
631.7.9.7
64
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch
new file mode 100644
index 000000000..077b08e78
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0012-Removed-local-copy-of-curve_t-type.patch
@@ -0,0 +1,164 @@
1From 7a6848210c3b2f42aed4de60646e0e63c0e35fcb Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Thu, 17 Apr 2014 06:57:59 +0545
4Subject: [PATCH][fsl 12/15] Removed local copy of curve_t type
5
6Upstream-status: Pending
7
8Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
9Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
10---
11 crypto/engine/eng_cryptodev.c | 34 ++++++++++++++--------------------
12 crypto/engine/eng_cryptodev_ec.h | 7 -------
13 2 files changed, 14 insertions(+), 27 deletions(-)
14
15diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
16index 5d54f7e..33447c8 100644
17--- a/crypto/engine/eng_cryptodev.c
18+++ b/crypto/engine/eng_cryptodev.c
19@@ -2404,12 +2404,6 @@ static ECDSA_METHOD cryptodev_ecdsa = {
20 NULL /* app_data */
21 };
22
23-typedef enum ec_curve_s
24-{
25- EC_PRIME,
26- EC_BINARY
27-} ec_curve_t;
28-
29 /* ENGINE handler for ECDSA Sign */
30 static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst,
31 int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
32@@ -2426,7 +2420,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst,
33 const BIGNUM *order = NULL, *priv_key=NULL;
34 const EC_GROUP *group = NULL;
35 struct crypt_kop kop;
36- ec_curve_t ec_crv = EC_PRIME;
37+ enum ec_curve_t ec_crv = EC_PRIME;
38
39 memset(&kop, 0, sizeof(kop));
40 ecdsa = ecdsa_check(eckey);
41@@ -2559,7 +2553,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst,
42 else
43 goto err;
44 }
45- kop.curve_type = ECC_BINARY;
46+ kop.curve_type = EC_BINARY;
47 }
48
49 /* Calculation of Generator point */
50@@ -2653,7 +2647,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len,
51 const EC_POINT *pub_key = NULL;
52 const BIGNUM *order = NULL;
53 const EC_GROUP *group=NULL;
54- ec_curve_t ec_crv = EC_PRIME;
55+ enum ec_curve_t ec_crv = EC_PRIME;
56 struct crypt_kop kop;
57
58 memset(&kop, 0, sizeof kop);
59@@ -2798,7 +2792,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len,
60 else
61 goto err;
62 }
63- kop.curve_type = ECC_BINARY;
64+ kop.curve_type = EC_BINARY;
65 }
66
67 /* Calculation of Generator point */
68@@ -2899,7 +2893,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst,
69 const BIGNUM *order = NULL, *priv_key=NULL;
70 const EC_GROUP *group = NULL;
71 struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
72- ec_curve_t ec_crv = EC_PRIME;
73+ enum ec_curve_t ec_crv = EC_PRIME;
74
75 if (!(sig->r = BN_new()) || !kop)
76 goto err;
77@@ -3035,7 +3029,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst,
78 else
79 goto err;
80 }
81- kop->curve_type = ECC_BINARY;
82+ kop->curve_type = EC_BINARY;
83 }
84
85 /* Calculation of Generator point */
86@@ -3111,7 +3105,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len,
87 const EC_POINT *pub_key = NULL;
88 const BIGNUM *order = NULL;
89 const EC_GROUP *group=NULL;
90- ec_curve_t ec_crv = EC_PRIME;
91+ enum ec_curve_t ec_crv = EC_PRIME;
92 struct crypt_kop *kop = malloc(sizeof(struct crypt_kop));
93
94 if (!kop)
95@@ -3253,7 +3247,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len,
96 /* copy b' i.e c(b), instead of only b */
97 eng_ec_get_cparam (EC_GROUP_get_curve_name(group),
98 ab+q_len, q_len);
99- kop->curve_type = ECC_BINARY;
100+ kop->curve_type = EC_BINARY;
101 }
102
103 /* Calculation of Generator point */
104@@ -3558,7 +3552,7 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen,
105 const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen,
106 void *out, size_t *outlen))
107 {
108- ec_curve_t ec_crv = EC_PRIME;
109+ enum ec_curve_t ec_crv = EC_PRIME;
110 unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL;
111 BIGNUM * w_x = NULL, *w_y = NULL;
112 int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0;
113@@ -3684,9 +3678,9 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen,
114 else
115 goto err;
116 }
117- kop.curve_type = ECC_BINARY;
118+ kop.curve_type = EC_BINARY;
119 } else
120- kop.curve_type = ECC_PRIME;
121+ kop.curve_type = EC_PRIME;
122
123 priv_key_len = r_len;
124
125@@ -3735,7 +3729,7 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen,
126 const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen,
127 void *out, size_t *outlen), struct pkc_cookie_s *cookie)
128 {
129- ec_curve_t ec_crv = EC_PRIME;
130+ enum ec_curve_t ec_crv = EC_PRIME;
131 unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL;
132 BIGNUM * w_x = NULL, *w_y = NULL;
133 int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0;
134@@ -3863,9 +3857,9 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen,
135 else
136 goto err;
137 }
138- kop->curve_type = ECC_BINARY;
139+ kop->curve_type = EC_BINARY;
140 } else
141- kop->curve_type = ECC_PRIME;
142+ kop->curve_type = EC_PRIME;
143
144 priv_key_len = r_len;
145
146diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h
147index 77aee71..a4b8da5 100644
148--- a/crypto/engine/eng_cryptodev_ec.h
149+++ b/crypto/engine/eng_cryptodev_ec.h
150@@ -286,11 +286,4 @@ static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y,
151
152 return xy;
153 }
154-
155-enum curve_t {
156- DISCRETE_LOG,
157- ECC_PRIME,
158- ECC_BINARY,
159- MAX_ECC_TYPE
160-};
161 #endif
162--
1631.7.9.7
164
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch
new file mode 100644
index 000000000..11f062263
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0013-Modulus-parameter-is-not-populated-by-dhparams.patch
@@ -0,0 +1,43 @@
1From 8aabfeb1308188a46d3f370cd757de130e73eb9b Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Tue, 22 Apr 2014 22:58:33 +0545
4Subject: [PATCH][fsl 13/15] Modulus parameter is not populated by dhparams
5
6Upstream-status: Pending
7
8When dhparams are created, modulus parameter required for
9private key generation is not populated. So, falling back
10to software for proper population of modulus parameters followed
11by private key generation
12
13Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
14Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
15---
16 crypto/engine/eng_cryptodev.c | 4 ++--
17 1 file changed, 2 insertions(+), 2 deletions(-)
18
19diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
20index 33447c8..8de8f09 100644
21--- a/crypto/engine/eng_cryptodev.c
22+++ b/crypto/engine/eng_cryptodev.c
23@@ -3370,7 +3370,7 @@ static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie)
24 kop->crk_op = CRK_DH_GENERATE_KEY;
25 if (bn2crparam(dh->p, &kop->crk_param[0]))
26 goto sw_try;
27- if (bn2crparam(dh->q, &kop->crk_param[1]))
28+ if (!dh->q || bn2crparam(dh->q, &kop->crk_param[1]))
29 goto sw_try;
30 kop->crk_param[2].crp_p = g;
31 kop->crk_param[2].crp_nbits = g_len * 8;
32@@ -3425,7 +3425,7 @@ static int cryptodev_dh_keygen(DH *dh)
33 kop.crk_op = CRK_DH_GENERATE_KEY;
34 if (bn2crparam(dh->p, &kop.crk_param[0]))
35 goto sw_try;
36- if (bn2crparam(dh->q, &kop.crk_param[1]))
37+ if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1]))
38 goto sw_try;
39 kop.crk_param[2].crp_p = g;
40 kop.crk_param[2].crp_nbits = g_len * 8;
41--
421.7.9.7
43
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch
new file mode 100644
index 000000000..e5aa1baa3
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0014-SW-Backoff-mechanism-for-dsa-keygen.patch
@@ -0,0 +1,53 @@
1From 8b1ed323d08dce8b6e303ce63a82337543e9187f Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Thu, 24 Apr 2014 00:35:34 +0545
4Subject: [PATCH][fsl 14/15] SW Backoff mechanism for dsa keygen
5
6Upstream-status: Pending
7
8DSA Keygen is not handled in default openssl dsa method. Due to
9same null function pointer in SW DSA method, the backoff for dsa
10keygen gives segmentation fault.
11
12Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
13Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
14---
15 crypto/engine/eng_cryptodev.c | 12 ++++++++----
16 1 file changed, 8 insertions(+), 4 deletions(-)
17
18diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
19index 8de8f09..7c2661f 100644
20--- a/crypto/engine/eng_cryptodev.c
21+++ b/crypto/engine/eng_cryptodev.c
22@@ -2075,8 +2075,10 @@ static int cryptodev_dsa_keygen(DSA *dsa)
23 return ret;
24 sw_try:
25 {
26- const DSA_METHOD *meth = DSA_OpenSSL();
27- ret = (meth->dsa_keygen)(dsa);
28+ const DSA_METHOD *meth = dsa->meth;
29+ dsa->meth = DSA_OpenSSL();
30+ ret = DSA_generate_key(dsa);
31+ dsa->meth = meth;
32 }
33 return ret;
34 }
35@@ -2130,11 +2132,13 @@ static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie)
36 return ret;
37 sw_try:
38 {
39- const DSA_METHOD *meth = DSA_OpenSSL();
40+ const DSA_METHOD *meth = dsa->meth;
41
42+ dsa->meth = DSA_OpenSSL();
43 if (kop)
44 free(kop);
45- ret = (meth->dsa_keygen)(dsa);
46+ ret = DSA_generate_key(dsa);
47+ dsa->meth = meth;
48 cookie->pkc_callback(cookie, 0);
49 }
50 return ret;
51--
521.7.9.7
53
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch
new file mode 100644
index 000000000..99e6094f7
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl-fsl/0015-Fixed-DH-keygen-pair-generator.patch
@@ -0,0 +1,100 @@
1From 9dfc18846063a110070782ede699c513b30257e5 Mon Sep 17 00:00:00 2001
2From: Yashpal Dutta <yashpal.dutta@freescale.com>
3Date: Thu, 1 May 2014 06:35:45 +0545
4Subject: [PATCH][fsl 15/15] Fixed DH keygen pair generator
5
6Upstream-status: Pending
7
8Wrong Padding results into keygen length error
9
10Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com>
11Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
12---
13 crypto/engine/eng_cryptodev.c | 50 +++++++++++++++++++++++++++--------------
14 1 file changed, 33 insertions(+), 17 deletions(-)
15
16diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
17index 7c2661f..703eee4 100644
18--- a/crypto/engine/eng_cryptodev.c
19+++ b/crypto/engine/eng_cryptodev.c
20@@ -3402,44 +3402,60 @@ sw_try:
21 static int cryptodev_dh_keygen(DH *dh)
22 {
23 struct crypt_kop kop;
24- int ret = 1, g_len;
25- unsigned char *g = NULL;
26+ int ret = 1, q_len = 0;
27+ unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL;
28+ BIGNUM *pub_key = NULL, *priv_key = NULL;
29+ int generate_new_key = 1;
30
31- if (dh->priv_key == NULL) {
32- if ((dh->priv_key=BN_new()) == NULL)
33- goto sw_try;
34- }
35+ if (dh->priv_key)
36+ priv_key = dh->priv_key;
37
38- if (dh->pub_key == NULL) {
39- if ((dh->pub_key=BN_new()) == NULL)
40- goto sw_try;
41- }
42+ if (dh->pub_key)
43+ pub_key = dh->pub_key;
44
45- g_len = BN_num_bytes(dh->p);
46+ q_len = BN_num_bytes(dh->p);
47 /**
48 * Get generator into a plain buffer. If length is less than
49 * q_len then add leading padding bytes.
50 */
51- if (spcf_bn2bin_ex(dh->g, &g, &g_len)) {
52+ if (spcf_bn2bin_ex(dh->g, &g, &q_len)) {
53+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
54+ goto sw_try;
55+ }
56+
57+ if (spcf_bn2bin_ex(dh->p, &q, &q_len)) {
58 DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
59 goto sw_try;
60 }
61
62 memset(&kop, 0, sizeof kop);
63 kop.crk_op = CRK_DH_GENERATE_KEY;
64- if (bn2crparam(dh->p, &kop.crk_param[0]))
65- goto sw_try;
66+ kop.crk_param[0].crp_p = q;
67+ kop.crk_param[0].crp_nbits = q_len * 8;
68 if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1]))
69 goto sw_try;
70 kop.crk_param[2].crp_p = g;
71- kop.crk_param[2].crp_nbits = g_len * 8;
72+ kop.crk_param[2].crp_nbits = q_len * 8;
73 kop.crk_iparams = 3;
74
75+ s = OPENSSL_malloc (q_len);
76+ if (!s) {
77+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
78+ goto sw_try;
79+ }
80+
81+ w = OPENSSL_malloc (q_len);
82+ if (!w) {
83+ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE);
84+ goto sw_try;
85+ }
86+
87 /* pub_key is or prime length while priv key is of length of order */
88- if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key,
89- BN_num_bytes(dh->q), dh->priv_key))
90+ if (cryptodev_asym(&kop, q_len, w, q_len, s))
91 goto sw_try;
92
93+ dh->pub_key = BN_bin2bn(w, q_len, pub_key);
94+ dh->pub_key = BN_bin2bn(s, q_len, priv_key);
95 return ret;
96 sw_try:
97 {
98--
991.7.9.7
100
diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1g.bbappend b/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1g.bbappend
new file mode 100644
index 000000000..f3e49aebe
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl_1.0.1g.bbappend
@@ -0,0 +1,59 @@
1FILESEXTRAPATHS_prepend := "${THISDIR}/openssl-fsl"
2
3RDEPENDS_${PN}_class-target += "cryptodev-module"
4
5# base package is taken from Freescale repository
6SRCBRANCH = "OpenSSL_1_0_1-stable"
7SRC_URI = "git://git.openssl.org/openssl.git;branch=${SRCBRANCH} \
8 file://0001-remove-double-initialization-of-cryptodev-engine.patch \
9 file://0002-ECC-Support-header-for-Cryptodev-Engine.patch \
10 file://0003-add-support-for-TLS-algorithms-offload.patch \
11 file://0004-Fixed-private-key-support-for-DH.patch \
12 file://0005-Fixed-private-key-support-for-DH.patch \
13 file://0006-Initial-support-for-PKC-in-cryptodev-engine.patch \
14 file://0007-Added-hwrng-dev-file-as-source-of-RNG.patch \
15 file://0008-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch \
16 file://0009-eng_cryptodev-extend-TLS-offload-with-new-algorithms.patch \
17 file://0010-Add-RSA-keygen-operation-and-support-gendsa-command-.patch \
18 file://0011-RSA-Keygen-Fix.patch \
19 file://0012-Removed-local-copy-of-curve_t-type.patch \
20 file://0013-Modulus-parameter-is-not-populated-by-dhparams.patch \
21 file://0014-SW-Backoff-mechanism-for-dsa-keygen.patch \
22 file://0015-Fixed-DH-keygen-pair-generator.patch \
23"
24SRCREV = "b2d951e4232d2f90168f9a3dd0b7df9ecf2d81a8"
25
26SRC_URI += "file://configure-targets.patch \
27 file://shared-libs.patch \
28 file://oe-ldflags.patch \
29 file://engines-install-in-libdir-ssl.patch \
30 file://openssl-fix-link.patch \
31 file://debian/version-script.patch \
32 file://debian/pic.patch \
33 file://debian/c_rehash-compat.patch \
34 file://debian/ca.patch \
35 file://debian/make-targets.patch \
36 file://debian/no-rpath.patch \
37 file://debian/man-dir.patch \
38 file://debian/man-section.patch \
39 file://debian/no-symbolic.patch \
40 file://debian/debian-targets.patch \
41 file://openssl_fix_for_x32.patch \
42 file://openssl-fix-doc.patch \
43 file://fix-cipher-des-ede3-cfb1.patch \
44 file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \
45 file://openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch \
46 file://initial-aarch64-bits.patch \
47 file://find.pl \
48 file://openssl-fix-des.pod-error.patch \
49 "
50S = "${WORKDIR}/git"
51
52# Digest offloading through cryptodev is not recommended because of the
53# performance penalty of the Openssl engine interface. Openssl generates a huge
54# number of calls to digest functions for even a small amount of work data.
55# For example there are 70 calls to cipher code and over 10000 to digest code
56# when downloading only 10 files of 700 bytes each.
57# Do not build OpenSSL with cryptodev digest support until engine digest
58# interface gets some rework:
59CFLAG := "${@'${CFLAG}'.replace('-DUSE_CRYPTODEV_DIGESTS', '')}"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-12-11 06:44:33 +0000