1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
From a08f27a22d2c78f058b63dd2565925ca92ad08b2 Mon Sep 17 00:00:00 2001
From: Hou Zhiqiang <B48286@freescale.com>
Date: Wed, 2 Apr 2014 16:10:43 +0800
Subject: [PATCH][fsl 10/15] Add RSA keygen operation and support gendsa
command with hardware engine
Upstream-status: Pending
Signed-off-by: Hou Zhiqiang <B48286@freescale.com>
Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
---
crypto/engine/eng_cryptodev.c | 118 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 118 insertions(+)
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index e2d4c53..0a6567c 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -1912,6 +1912,121 @@ err:
return dsaret;
}
+/* Cryptodev RSA Key Gen routine */
+static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
+{
+ struct crypt_kop kop;
+ int ret, fd;
+ int p_len, q_len;
+ int i;
+
+ if ((fd = get_asym_dev_crypto()) < 0)
+ return fd;
+
+ if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err;
+ if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err;
+ if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err;
+ if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err;
+ if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err;
+ if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err;
+ if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err;
+ if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err;
+
+ BN_copy(rsa->e, e);
+
+ p_len = (bits+1) / (2 * 8);
+ q_len = (bits - p_len * 8) / 8;
+ memset(&kop, 0, sizeof kop);
+ kop.crk_op = CRK_RSA_GENERATE_KEY;
+
+ /* p length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+ /* q length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+ /* n length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = bits;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+ /* d length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = bits;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+ /* dp1 length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+ /* dq1 length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+ /* i length */
+ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char));
+ if (!kop.crk_param[kop.crk_iparams].crp_p)
+ goto err;
+ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8;
+ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1);
+ kop.crk_iparams++;
+ kop.crk_oparams++;
+
+ if (ioctl(fd, CIOCKEY, &kop) == 0) {
+ BN_bin2bn(kop.crk_param[0].crp_p,
+ p_len, rsa->p);
+ BN_bin2bn(kop.crk_param[1].crp_p,
+ q_len, rsa->q);
+ BN_bin2bn(kop.crk_param[2].crp_p,
+ bits / 8, rsa->n);
+ BN_bin2bn(kop.crk_param[3].crp_p,
+ bits / 8, rsa->d);
+ BN_bin2bn(kop.crk_param[4].crp_p,
+ p_len, rsa->dmp1);
+ BN_bin2bn(kop.crk_param[5].crp_p,
+ q_len, rsa->dmq1);
+ BN_bin2bn(kop.crk_param[6].crp_p,
+ p_len, rsa->iqmp);
+ return 1;
+ }
+sw_try:
+ {
+ const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+ ret = (meth->rsa_keygen)(rsa, bits, e, cb);
+ }
+ return ret;
+
+err:
+ for (i = 0; i < CRK_MAXPARAM; i++)
+ free(kop.crk_param[i].crp_p);
+ return 0;
+
+}
+
/* Cryptodev DSA Key Gen routine */
static int cryptodev_dsa_keygen(DSA *dsa)
{
@@ -3905,6 +4020,9 @@ ENGINE_load_cryptodev(void)
cryptodev_rsa.rsa_mod_exp_async =
cryptodev_rsa_nocrt_mod_exp_async;
}
+ if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY)
+ cryptodev_rsa.rsa_keygen =
+ cryptodev_rsa_keygen;
}
}
--
1.7.9.7
|
