1 files changed, 155 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl-qoriq/qoriq/0008-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0008-Add-RSA-keygen-operation-and-support-gendsa-command-.patch
new file mode 100644
index 000000000..ccd24e316
--- /dev/null
+++ b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0008-Add-RSA-keygen-operation-and-support-gendsa-command-.patch
@@ -0,0 +1,155 @@
+From 94a3fc9f437c20726209cea19256c419837055a2 Mon Sep 17 00:00:00 2001
+From: Hou Zhiqiang <B48286@freescale.com>
+Date: Wed, 2 Apr 2014 16:10:43 +0800
+Subject: [PATCH 08/48] Add RSA keygen operation and support gendsa command
+ with hardware engine
+Upstream-status: Pending
+Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
+Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
+---
+ crypto/engine/eng_cryptodev.c | 120 ++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 120 insertions(+)
+diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
+index 8303630..44017a3 100644
+--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
+@@ -2009,6 +2009,124 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
+     }
+ }
+ 
+/* Cryptodev RSA Key Gen routine */
+static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
+{
+    struct crypt_kop kop;
+    int ret, fd;
+    int p_len, q_len;
+    int i;
+
+    if ((fd = get_asym_dev_crypto()) < 0)
+        return fd;
+
+    if (!rsa->n && ((rsa->n = BN_new()) == NULL))
+        goto err;
+    if (!rsa->d && ((rsa->d = BN_new()) == NULL))
+        goto err;
+    if (!rsa->e && ((rsa->e = BN_new()) == NULL))
+        goto err;
+    if (!rsa->p && ((rsa->p = BN_new()) == NULL))
+        goto err;
+    if (!rsa->q && ((rsa->q = BN_new()) == NULL))
+        goto err;
+    if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL))
+        goto err;
+    if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL))
+        goto err;
+    if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
+        goto err;
+
+    BN_copy(rsa->e, e);
+
+    p_len = (bits + 1) / (2 * 8);
+    q_len = (bits - p_len * 8) / 8;
+    memset(&kop, 0, sizeof kop);
+    kop.crk_op = CRK_RSA_GENERATE_KEY;
+
+    /* p length */
+    kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+    /* q length */
+    kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+    /* n length */
+    kop.crk_param[kop.crk_iparams].crp_p =
+        calloc(p_len + q_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = bits;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+    /* d length */
+    kop.crk_param[kop.crk_iparams].crp_p =
+        calloc(p_len + q_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = bits;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+    /* dp1 length */
+    kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+    /* dq1 length */
+    kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+    /* i length */
+    kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
+    if (!kop.crk_param[kop.crk_iparams].crp_p)
+        goto err;
+    kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
+    memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
+    kop.crk_iparams++;
+    kop.crk_oparams++;
+
+    if (ioctl(fd, CIOCKEY, &kop) == 0) {
+        BN_bin2bn(kop.crk_param[0].crp_p, p_len, rsa->p);
+        BN_bin2bn(kop.crk_param[1].crp_p, q_len, rsa->q);
+        BN_bin2bn(kop.crk_param[2].crp_p, bits / 8, rsa->n);
+        BN_bin2bn(kop.crk_param[3].crp_p, bits / 8, rsa->d);
+        BN_bin2bn(kop.crk_param[4].crp_p, p_len, rsa->dmp1);
+        BN_bin2bn(kop.crk_param[5].crp_p, q_len, rsa->dmq1);
+        BN_bin2bn(kop.crk_param[6].crp_p, p_len, rsa->iqmp);
+        return 1;
+    }
+ sw_try:
+    {
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        ret = (meth->rsa_keygen) (rsa, bits, e, cb);
+    }
+    return ret;
+
+ err:
+    for (i = 0; i < CRK_MAXPARAM; i++)
+        free(kop.crk_param[i].crp_p);
+    return 0;
+
+}
+
+ /* Cryptodev DSA Key Gen routine */
+ static int cryptodev_dsa_keygen(DSA *dsa)
+ {
+@@ -4035,6 +4153,8 @@ void ENGINE_load_cryptodev(void)
+                 cryptodev_rsa.rsa_mod_exp_async =
+                     cryptodev_rsa_nocrt_mod_exp_async;
+             }
+            if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY)
+                cryptodev_rsa.rsa_keygen = cryptodev_rsa_keygen;
+         }
+     }
+ 
+-- 
+2.7.0

diff --git a/recipes-connectivity/openssl/openssl-qoriq/qoriq/0008-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0008-Add-RSA-keygen-operation-and-support-gendsa-command-.patch new file mode 100644 index 000000000..ccd24e316 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-qoriq/qoriq/0008-Add-RSA-keygen-operation-and-support-gendsa-command-.patch
@@ -0,0 +1,155 @@
	1	From 94a3fc9f437c20726209cea19256c419837055a2 Mon Sep 17 00:00:00 2001
	2	From: Hou Zhiqiang <B48286@freescale.com>
	3	Date: Wed, 2 Apr 2014 16:10:43 +0800
	4	Subject: [PATCH 08/48] Add RSA keygen operation and support gendsa command
	5	with hardware engine
	6
	7	Upstream-status: Pending
	8
	9	Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
	10	Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
	11	---
	12	crypto/engine/eng_cryptodev.c \| 120 ++++++++++++++++++++++++++++++++++++++++++
	13	1 file changed, 120 insertions(+)
	14
	15	diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
	16	index 8303630..44017a3 100644
	17	--- a/crypto/engine/eng_cryptodev.c
	18	+++ b/crypto/engine/eng_cryptodev.c
	19	@@ -2009,6 +2009,124 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
	20	}
	21	}
	22
	23	+/* Cryptodev RSA Key Gen routine */
	24	+static int cryptodev_rsa_keygen(RSA rsa, int bits, BIGNUM e, BN_GENCB *cb)
	25	+{
	26	+ struct crypt_kop kop;
	27	+ int ret, fd;
	28	+ int p_len, q_len;
	29	+ int i;
	30	+
	31	+ if ((fd = get_asym_dev_crypto()) < 0)
	32	+ return fd;
	33	+
	34	+ if (!rsa->n && ((rsa->n = BN_new()) == NULL))
	35	+ goto err;
	36	+ if (!rsa->d && ((rsa->d = BN_new()) == NULL))
	37	+ goto err;
	38	+ if (!rsa->e && ((rsa->e = BN_new()) == NULL))
	39	+ goto err;
	40	+ if (!rsa->p && ((rsa->p = BN_new()) == NULL))
	41	+ goto err;
	42	+ if (!rsa->q && ((rsa->q = BN_new()) == NULL))
	43	+ goto err;
	44	+ if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL))
	45	+ goto err;
	46	+ if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL))
	47	+ goto err;
	48	+ if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
	49	+ goto err;
	50	+
	51	+ BN_copy(rsa->e, e);
	52	+
	53	+ p_len = (bits + 1) / (2 * 8);
	54	+ q_len = (bits - p_len * 8) / 8;
	55	+ memset(&kop, 0, sizeof kop);
	56	+ kop.crk_op = CRK_RSA_GENERATE_KEY;
	57	+
	58	+ /* p length */
	59	+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
	60	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	61	+ goto err;
	62	+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
	63	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
	64	+ kop.crk_iparams++;
	65	+ kop.crk_oparams++;
	66	+ /* q length */
	67	+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
	68	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	69	+ goto err;
	70	+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
	71	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
	72	+ kop.crk_iparams++;
	73	+ kop.crk_oparams++;
	74	+ /* n length */
	75	+ kop.crk_param[kop.crk_iparams].crp_p =
	76	+ calloc(p_len + q_len + 1, sizeof(char));
	77	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	78	+ goto err;
	79	+ kop.crk_param[kop.crk_iparams].crp_nbits = bits;
	80	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1);
	81	+ kop.crk_iparams++;
	82	+ kop.crk_oparams++;
	83	+ /* d length */
	84	+ kop.crk_param[kop.crk_iparams].crp_p =
	85	+ calloc(p_len + q_len + 1, sizeof(char));
	86	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	87	+ goto err;
	88	+ kop.crk_param[kop.crk_iparams].crp_nbits = bits;
	89	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1);
	90	+ kop.crk_iparams++;
	91	+ kop.crk_oparams++;
	92	+ /* dp1 length */
	93	+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
	94	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	95	+ goto err;
	96	+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
	97	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
	98	+ kop.crk_iparams++;
	99	+ kop.crk_oparams++;
	100	+ /* dq1 length */
	101	+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
	102	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	103	+ goto err;
	104	+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
	105	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
	106	+ kop.crk_iparams++;
	107	+ kop.crk_oparams++;
	108	+ /* i length */
	109	+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
	110	+ if (!kop.crk_param[kop.crk_iparams].crp_p)
	111	+ goto err;
	112	+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
	113	+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
	114	+ kop.crk_iparams++;
	115	+ kop.crk_oparams++;
	116	+
	117	+ if (ioctl(fd, CIOCKEY, &kop) == 0) {
	118	+ BN_bin2bn(kop.crk_param[0].crp_p, p_len, rsa->p);
	119	+ BN_bin2bn(kop.crk_param[1].crp_p, q_len, rsa->q);
	120	+ BN_bin2bn(kop.crk_param[2].crp_p, bits / 8, rsa->n);
	121	+ BN_bin2bn(kop.crk_param[3].crp_p, bits / 8, rsa->d);
	122	+ BN_bin2bn(kop.crk_param[4].crp_p, p_len, rsa->dmp1);
	123	+ BN_bin2bn(kop.crk_param[5].crp_p, q_len, rsa->dmq1);
	124	+ BN_bin2bn(kop.crk_param[6].crp_p, p_len, rsa->iqmp);
	125	+ return 1;
	126	+ }
	127	+ sw_try:
	128	+ {
	129	+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
	130	+ ret = (meth->rsa_keygen) (rsa, bits, e, cb);
	131	+ }
	132	+ return ret;
	133	+
	134	+ err:
	135	+ for (i = 0; i < CRK_MAXPARAM; i++)
	136	+ free(kop.crk_param[i].crp_p);
	137	+ return 0;
	138	+
	139	+}
	140	+
	141	/* Cryptodev DSA Key Gen routine */
	142	static int cryptodev_dsa_keygen(DSA *dsa)
	143	{
	144	@@ -4035,6 +4153,8 @@ void ENGINE_load_cryptodev(void)
	145	cryptodev_rsa.rsa_mod_exp_async =
	146	cryptodev_rsa_nocrt_mod_exp_async;
	147	}
	148	+ if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY)
	149	+ cryptodev_rsa.rsa_keygen = cryptodev_rsa_keygen;
	150	}
	151	}
	152
	153	--
	154	2.7.0
	155