diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl-fsl')
26 files changed, 6928 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch new file mode 100644 index 00000000..e7b874f5 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0001-remove-double-initialization-of-cryptodev-engine.patch @@ -0,0 +1,83 @@ +From 9297e3834518ff0558d6e7004a62adfd107e659a Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Tue, 10 Sep 2013 12:46:46 +0300 +Subject: [PATCH 01/26] remove double initialization of cryptodev engine + +cryptodev engine is initialized together with the other engines in +ENGINE_load_builtin_engines. The initialization done through +OpenSSL_add_all_algorithms is redundant. + +Change-Id: Ic9488500967595543ff846f147b36f383db7cb27 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/17222 +--- + crypto/engine/eng_all.c | 11 ----------- + crypto/engine/engine.h | 4 ---- + crypto/evp/c_all.c | 5 ----- + util/libeay.num | 2 +- + 4 files changed, 1 insertion(+), 21 deletions(-) + +diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c +index 6093376..f16c043 100644 +--- a/crypto/engine/eng_all.c ++++ b/crypto/engine/eng_all.c +@@ -122,14 +122,3 @@ void ENGINE_load_builtin_engines(void) + #endif + ENGINE_register_all_complete(); + } +- +-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) +-void ENGINE_setup_bsd_cryptodev(void) { +- static int bsd_cryptodev_default_loaded = 0; +- if (!bsd_cryptodev_default_loaded) { +- ENGINE_load_cryptodev(); +- ENGINE_register_all_complete(); +- } +- bsd_cryptodev_default_loaded=1; +-} +-#endif +diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h +index f8be497..237a6c9 100644 +--- a/crypto/engine/engine.h ++++ b/crypto/engine/engine.h +@@ -740,10 +740,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, + * values. */ + void *ENGINE_get_static_state(void); + +-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) +-void ENGINE_setup_bsd_cryptodev(void); +-#endif +- + /* BEGIN ERROR CODES */ + /* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. +diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c +index 766c4ce..5d6c21b 100644 +--- a/crypto/evp/c_all.c ++++ b/crypto/evp/c_all.c +@@ -82,9 +82,4 @@ void OPENSSL_add_all_algorithms_noconf(void) + OPENSSL_cpuid_setup(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); +-#ifndef OPENSSL_NO_ENGINE +-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) +- ENGINE_setup_bsd_cryptodev(); +-# endif +-#endif + } +diff --git a/util/libeay.num b/util/libeay.num +index aa86b2b..ae50040 100755 +--- a/util/libeay.num ++++ b/util/libeay.num +@@ -2801,7 +2801,7 @@ BIO_indent 3242 EXIST::FUNCTION: + BUF_strlcpy 3243 EXIST::FUNCTION: + OpenSSLDie 3244 EXIST::FUNCTION: + OPENSSL_cleanse 3245 EXIST::FUNCTION: +-ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE ++ENGINE_setup_bsd_cryptodev 3246 NOEXIST::FUNCTION: + ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH + EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES + FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch new file mode 100644 index 00000000..ab2b7ea9 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0002-eng_cryptodev-add-support-for-TLS-algorithms-offload.patch @@ -0,0 +1,317 @@ +From dfd6ba263dc25ea2a4bbc32448b24ca2b1fc40e8 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Thu, 29 Aug 2013 16:51:18 +0300 +Subject: [PATCH 02/26] eng_cryptodev: add support for TLS algorithms offload + +- aes-128-cbc-hmac-sha1 +- aes-256-cbc-hmac-sha1 + +Requires TLS patches on cryptodev and TLS algorithm support in Linux +kernel driver. + +Change-Id: I43048caa348414daddd6c1a5cdc55e769ac1945f +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/17223 +--- + crypto/engine/eng_cryptodev.c | 222 +++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 211 insertions(+), 11 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 5a715ac..7588a28 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -72,6 +72,9 @@ ENGINE_load_cryptodev(void) + struct dev_crypto_state { + struct session_op d_sess; + int d_fd; ++ unsigned char *aad; ++ unsigned int aad_len; ++ unsigned int len; + + #ifdef USE_CRYPTODEV_DIGESTS + char dummy_mac_key[HASH_MAX_LEN]; +@@ -140,17 +143,20 @@ static struct { + int nid; + int ivmax; + int keylen; ++ int mackeylen; + } ciphers[] = { +- { CRYPTO_ARC4, NID_rc4, 0, 16, }, +- { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, +- { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, +- { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, +- { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, }, +- { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, +- { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, +- { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, +- { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, +- { 0, NID_undef, 0, 0, }, ++ { CRYPTO_ARC4, NID_rc4, 0, 16, 0}, ++ { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, 0}, ++ { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, 0}, ++ { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, 0}, ++ { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, 0}, ++ { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, 0}, ++ { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, ++ { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, ++ { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, ++ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, ++ { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { 0, NID_undef, 0, 0, 0}, + }; + + #ifdef USE_CRYPTODEV_DIGESTS +@@ -250,13 +256,15 @@ get_cryptodev_ciphers(const int **cnids) + } + memset(&sess, 0, sizeof(sess)); + sess.key = (caddr_t)"123456789abcdefghijklmno"; ++ sess.mackey = (caddr_t)"123456789ABCDEFGHIJKLMNO"; + + for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { + if (ciphers[i].nid == NID_undef) + continue; + sess.cipher = ciphers[i].id; + sess.keylen = ciphers[i].keylen; +- sess.mac = 0; ++ sess.mackeylen = ciphers[i].mackeylen; ++ + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) + nids[count++] = ciphers[i].nid; +@@ -414,6 +422,67 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + return (1); + } + ++ ++static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, ++ const unsigned char *in, size_t len) ++{ ++ struct crypt_auth_op cryp; ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ const void *iiv; ++ unsigned char save_iv[EVP_MAX_IV_LENGTH]; ++ ++ if (state->d_fd < 0) ++ return (0); ++ if (!len) ++ return (1); ++ if ((len % ctx->cipher->block_size) != 0) ++ return (0); ++ ++ memset(&cryp, 0, sizeof(cryp)); ++ ++ /* TODO: make a seamless integration with cryptodev flags */ ++ switch (ctx->cipher->nid) { ++ case NID_aes_128_cbc_hmac_sha1: ++ case NID_aes_256_cbc_hmac_sha1: ++ cryp.flags = COP_FLAG_AEAD_TLS_TYPE; ++ } ++ cryp.ses = sess->ses; ++ cryp.len = state->len; ++ cryp.src = (caddr_t) in; ++ cryp.dst = (caddr_t) out; ++ cryp.auth_src = state->aad; ++ cryp.auth_len = state->aad_len; ++ ++ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; ++ ++ if (ctx->cipher->iv_len) { ++ cryp.iv = (caddr_t) ctx->iv; ++ if (!ctx->encrypt) { ++ iiv = in + len - ctx->cipher->iv_len; ++ memcpy(save_iv, iiv, ctx->cipher->iv_len); ++ } ++ } else ++ cryp.iv = NULL; ++ ++ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { ++ /* XXX need better errror handling ++ * this can fail for a number of different reasons. ++ */ ++ return (0); ++ } ++ ++ if (ctx->cipher->iv_len) { ++ if (ctx->encrypt) ++ iiv = out + len - ctx->cipher->iv_len; ++ else ++ iiv = save_iv; ++ memcpy(ctx->iv, iiv, ctx->cipher->iv_len); ++ } ++ return (1); ++} ++ ++ + static int + cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +@@ -452,6 +521,45 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + return (1); + } + ++/* Save the encryption key provided by upper layers. ++ * ++ * This function is called by EVP_CipherInit_ex to initialize the algorithm's ++ * extra data. We can't do much here because the mac key is not available. ++ * The next call should/will be to cryptodev_cbc_hmac_sha1_ctrl with parameter ++ * EVP_CTRL_AEAD_SET_MAC_KEY, to set the hmac key. There we call CIOCGSESSION ++ * with both the crypto and hmac keys. ++ */ ++static int cryptodev_init_aead_key(EVP_CIPHER_CTX *ctx, ++ const unsigned char *key, const unsigned char *iv, int enc) ++{ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ int cipher = -1, i; ++ ++ for (i = 0; ciphers[i].id; i++) ++ if (ctx->cipher->nid == ciphers[i].nid && ++ ctx->cipher->iv_len <= ciphers[i].ivmax && ++ ctx->key_len == ciphers[i].keylen) { ++ cipher = ciphers[i].id; ++ break; ++ } ++ ++ if (!ciphers[i].id) { ++ state->d_fd = -1; ++ return (0); ++ } ++ ++ memset(sess, 0, sizeof(struct session_op)); ++ ++ sess->key = (caddr_t)key; ++ sess->keylen = ctx->key_len; ++ sess->cipher = cipher; ++ ++ /* for whatever reason, (1) means success */ ++ return (1); ++} ++ ++ + /* + * free anything we allocated earlier when initting a + * session, and close the session. +@@ -488,6 +596,63 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) + return (ret); + } + ++static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, ++ void *ptr) ++{ ++ switch (type) { ++ case EVP_CTRL_AEAD_SET_MAC_KEY: ++ { ++ /* TODO: what happens with hmac keys larger than 64 bytes? */ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ ++ if ((state->d_fd = get_dev_crypto()) < 0) ++ return (0); ++ ++ /* the rest should have been set in cryptodev_init_aead_key */ ++ sess->mackey = ptr; ++ sess->mackeylen = arg; ++ ++ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { ++ put_dev_crypto(state->d_fd); ++ state->d_fd = -1; ++ return (0); ++ } ++ return (1); ++ } ++ case EVP_CTRL_AEAD_TLS1_AAD: ++ { ++ /* ptr points to the associated data buffer of 13 bytes */ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ unsigned char *p = ptr; ++ unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; ++ unsigned int maclen, padlen; ++ unsigned int bs = ctx->cipher->block_size; ++ ++ state->aad = ptr; ++ state->aad_len = arg; ++ state->len = cryptlen; ++ ++ /* TODO: this should be an extension of EVP_CIPHER struct */ ++ switch (ctx->cipher->nid) { ++ case NID_aes_128_cbc_hmac_sha1: ++ case NID_aes_256_cbc_hmac_sha1: ++ maclen = SHA_DIGEST_LENGTH; ++ } ++ ++ /* space required for encryption (not only TLS padding) */ ++ padlen = maclen; ++ if (ctx->encrypt) { ++ cryptlen += maclen; ++ padlen += bs - (cryptlen % bs); ++ } ++ return padlen; ++ } ++ default: ++ return -1; ++ } ++} ++ + /* + * libcrypto EVP stuff - this is how we get wired to EVP so the engine + * gets called when libcrypto requests a cipher NID. +@@ -600,6 +765,33 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { + NULL + }; + ++const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { ++ NID_aes_128_cbc_hmac_sha1, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { ++ NID_aes_256_cbc_hmac_sha1, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; + /* + * Registered by the ENGINE when used to find out how to deal with + * a particular NID in the ENGINE. this says what we'll do at the +@@ -637,6 +829,12 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc: + *cipher = &cryptodev_aes_256_cbc; + break; ++ case NID_aes_128_cbc_hmac_sha1: ++ *cipher = &cryptodev_aes_128_cbc_hmac_sha1; ++ break; ++ case NID_aes_256_cbc_hmac_sha1: ++ *cipher = &cryptodev_aes_256_cbc_hmac_sha1; ++ break; + default: + *cipher = NULL; + break; +@@ -1384,6 +1582,8 @@ ENGINE_load_cryptodev(void) + } + put_dev_crypto(fd); + ++ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); ++ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + if (!ENGINE_set_id(engine, "cryptodev") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch b/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch new file mode 100644 index 00000000..f0d97e9a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0003-cryptodev-fix-algorithm-registration.patch @@ -0,0 +1,64 @@ +From 084fa469a8fef530d71a0870364df1c7997f6465 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Thu, 31 Jul 2014 14:06:19 +0300 +Subject: [PATCH 03/26] cryptodev: fix algorithm registration + +Cryptodev specific algorithms must register only if available in kernel. + +Change-Id: Iec5af8f4f3138357e4b96f2ec1627278134e4808 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/15326 +Reviewed-by: Horia Ioan Geanta Neag <horia.geanta@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/17224 +--- + crypto/engine/eng_cryptodev.c | 20 +++++++++++++++++--- + 1 file changed, 17 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 7588a28..e3eb98b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -133,6 +133,8 @@ static int cryptodev_dh_compute_key(unsigned char *key, + static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)(void)); + void ENGINE_load_cryptodev(void); ++const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; + + static const ENGINE_CMD_DEFN cryptodev_defns[] = { + { 0, NULL, NULL, 0 } +@@ -342,7 +344,21 @@ get_cryptodev_digests(const int **cnids) + static int + cryptodev_usable_ciphers(const int **nids) + { +- return (get_cryptodev_ciphers(nids)); ++ int i, count; ++ ++ count = get_cryptodev_ciphers(nids); ++ /* add ciphers specific to cryptodev if found in kernel */ ++ for(i = 0; i < count; i++) { ++ switch (*(*nids + i)) { ++ case NID_aes_128_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); ++ break; ++ case NID_aes_256_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); ++ break; ++ } ++ } ++ return count; + } + + static int +@@ -1582,8 +1598,6 @@ ENGINE_load_cryptodev(void) + } + put_dev_crypto(fd); + +- EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); +- EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + if (!ENGINE_set_id(engine, "cryptodev") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || + !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch b/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch new file mode 100644 index 00000000..2d722d8a --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0004-linux-pcc-make-it-more-robust-and-recognize-KERNEL_B.patch @@ -0,0 +1,74 @@ +From 7d770f0324498d1fa78300cc5cecc8c1dcd3b788 Mon Sep 17 00:00:00 2001 +From: Andy Polyakov <appro@openssl.org> +Date: Sun, 21 Oct 2012 18:19:41 +0000 +Subject: [PATCH 04/26] linux-pcc: make it more robust and recognize + KERNEL_BITS variable. + +(cherry picked from commit 78c3e20579d3baa159c8b51b59d415b6e521614b) + +Change-Id: I769c466f052305681ab54a1b6545d94c7fbf5a9d +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + config | 19 +++++++++++++------ + crypto/ppccap.c | 7 +++++++ + 2 files changed, 20 insertions(+), 6 deletions(-) + +diff --git a/config b/config +index 41fa2a6..f37b9e6 100755 +--- a/config ++++ b/config +@@ -587,13 +587,20 @@ case "$GUESSOS" in + fi + ;; + ppc64-*-linux2) +- echo "WARNING! If you wish to build 64-bit library, then you have to" +- echo " invoke './Configure linux-ppc64' *manually*." +- if [ "$TEST" = "false" -a -t 1 ]; then +- echo " You have about 5 seconds to press Ctrl-C to abort." +- (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 ++ if [ -z "$KERNEL_BITS" ]; then ++ echo "WARNING! If you wish to build 64-bit library, then you have to" ++ echo " invoke './Configure linux-ppc64' *manually*." ++ if [ "$TEST" = "false" -a -t 1 ]; then ++ echo " You have about 5 seconds to press Ctrl-C to abort." ++ (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1 ++ fi ++ fi ++ if [ "$KERNEL_BITS" = "64" ]; then ++ OUT="linux-ppc64" ++ else ++ OUT="linux-ppc" ++ (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32" + fi +- OUT="linux-ppc" + ;; + ppc-*-linux2) OUT="linux-ppc" ;; + ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;; +diff --git a/crypto/ppccap.c b/crypto/ppccap.c +index f71ba66..531f1b3 100644 +--- a/crypto/ppccap.c ++++ b/crypto/ppccap.c +@@ -4,6 +4,9 @@ + #include <setjmp.h> + #include <signal.h> + #include <unistd.h> ++#ifdef __linux ++#include <sys/utsname.h> ++#endif + #include <crypto.h> + #include <openssl/bn.h> + +@@ -102,6 +105,10 @@ void OPENSSL_cpuid_setup(void) + + if (sizeof(size_t)==4) + { ++#ifdef __linux ++ struct utsname uts; ++ if (uname(&uts)==0 && strcmp(uts.machine,"ppc64")==0) ++#endif + if (sigsetjmp(ill_jmp,1) == 0) + { + OPENSSL_ppc64_probe(); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch b/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch new file mode 100644 index 00000000..c9ff5aa8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0005-ECC-Support-header-for-Cryptodev-Engine.patch @@ -0,0 +1,318 @@ +From 15abbcd740eafbf2a46b5da24be76acf4982743d Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Tue, 11 Mar 2014 05:56:54 +0545 +Subject: [PATCH 05/26] ECC Support header for Cryptodev Engine + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +--- + crypto/engine/eng_cryptodev_ec.h | 296 +++++++++++++++++++++++++++++++++++++++ + 1 file changed, 296 insertions(+) + create mode 100644 crypto/engine/eng_cryptodev_ec.h + +diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h +new file mode 100644 +index 0000000..77aee71 +--- /dev/null ++++ b/crypto/engine/eng_cryptodev_ec.h +@@ -0,0 +1,296 @@ ++/* ++ * Copyright (C) 2012 Freescale Semiconductor, Inc. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR ++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES ++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN ++ * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED ++ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR ++ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF ++ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING ++ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS ++ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ++ */ ++#ifndef __ENG_EC_H ++#define __ENG_EC_H ++ ++#define SPCF_CPARAM_INIT(X,...) \ ++static unsigned char X##_c[] = {__VA_ARGS__} \ ++ ++#define SPCF_FREE_BN(X) do { if(X) { BN_clear_free(X); X = NULL; } } while (0) ++ ++#define SPCF_COPY_CPARAMS(NIDBUF) \ ++ do { \ ++ memcpy (buf, NIDBUF, buf_len); \ ++ } while (0) ++ ++#define SPCF_CPARAM_CASE(X) \ ++ case NID_##X: \ ++ SPCF_COPY_CPARAMS(X##_c); \ ++ break ++ ++SPCF_CPARAM_INIT(sect113r1, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, 0xEC, 0x76, ++ 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); ++SPCF_CPARAM_INIT(sect113r2, 0x00, 0x54, 0xD9, 0xF0, 0x39, 0x57, 0x17, 0x4A, ++ 0x32, 0x32, 0x91, 0x67, 0xD7, 0xFE, 0x71); ++SPCF_CPARAM_INIT(sect131r1, 0x03, 0xDB, 0x89, 0xB4, 0x05, 0xE4, 0x91, 0x16, ++ 0x0E, 0x3B, 0x2F, 0x07, 0xB0, 0xCE, 0x20, 0xB3, 0x7E); ++SPCF_CPARAM_INIT(sect131r2, 0x07, 0xCB, 0xB9, 0x92, 0x0D, 0x71, 0xA4, 0x8E, ++ 0x09, 0x9C, 0x38, 0xD7, 0x1D, 0xA6, 0x49, 0x0E, 0xB1); ++SPCF_CPARAM_INIT(sect163k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect163r1, 0x05, 0xED, 0x40, 0x3E, 0xD5, 0x8E, 0xB4, 0x5B, ++ 0x1C, 0xCE, 0xCA, 0x0F, 0x4F, 0x61, 0x65, 0x55, 0x49, 0x86, ++ 0x1B, 0xE0, 0x52); ++SPCF_CPARAM_INIT(sect163r2, 0x07, 0x2C, 0x4E, 0x1E, 0xF7, 0xCB, 0x2F, 0x3A, ++ 0x03, 0x5D, 0x33, 0x10, 0x42, 0x94, 0x15, 0x96, 0x09, 0x13, ++ 0x8B, 0xB4, 0x04); ++SPCF_CPARAM_INIT(sect193r1, 0x01, 0x67, 0xB3, 0x5E, 0xB4, 0x31, 0x3F, 0x26, ++ 0x3D, 0x0F, 0x7A, 0x3D, 0x50, 0x36, 0xF0, 0xA0, 0xA3, 0xC9, ++ 0x80, 0xD4, 0x0E, 0x5A, 0x05, 0x3E, 0xD2); ++SPCF_CPARAM_INIT(sect193r2, 0x00, 0x69, 0x89, 0xFE, 0x6B, 0xFE, 0x30, 0xED, ++ 0xDC, 0x32, 0x44, 0x26, 0x9F, 0x3A, 0xAD, 0x18, 0xD6, 0x6C, ++ 0xF3, 0xDB, 0x3E, 0x33, 0x02, 0xFA, 0xA8); ++SPCF_CPARAM_INIT(sect233k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x01); ++SPCF_CPARAM_INIT(sect233r1, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, 0xDF, 0xF1, ++ 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, 0xCE, 0x35, ++ 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, 0xC0, 0xF2, ++ 0x68, 0x6C); ++SPCF_CPARAM_INIT(sect239k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x01); ++SPCF_CPARAM_INIT(sect283k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect283r1, 0x03, 0xD8, 0xC9, 0x3D, 0x3B, 0x0E, 0xA8, 0x1D, ++ 0x92, 0x94, 0x03, 0x4D, 0x7E, 0xE3, 0x13, 0x5D, 0x0A, 0xC5, ++ 0xFC, 0x8D, 0x9C, 0xB0, 0x27, 0x6F, 0x72, 0x11, 0xF8, 0x80, ++ 0xF0, 0xD8, 0x1C, 0xA4, 0xC6, 0xE8, 0x7B, 0x38); ++SPCF_CPARAM_INIT(sect409k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect409r1, 0x01, 0x49, 0xB8, 0xB7, 0xBE, 0xBD, 0x9B, 0x63, ++ 0x65, 0x3E, 0xF1, 0xCD, 0x8C, 0x6A, 0x5D, 0xD1, 0x05, 0xA2, ++ 0xAA, 0xAC, 0x36, 0xFE, 0x2E, 0xAE, 0x43, 0xCF, 0x28, 0xCE, ++ 0x1C, 0xB7, 0xC8, 0x30, 0xC1, 0xEC, 0xDB, 0xFA, 0x41, 0x3A, ++ 0xB0, 0x7F, 0xE3, 0x5A, 0x57, 0x81, 0x1A, 0xE4, 0xF8, 0x8D, ++ 0x30, 0xAC, 0x63, 0xFB); ++SPCF_CPARAM_INIT(sect571k1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(sect571r1, 0x06, 0x39, 0x5D, 0xB2, 0x2A, 0xB5, 0x94, 0xB1, ++ 0x86, 0x8C, 0xED, 0x95, 0x25, 0x78, 0xB6, 0x53, 0x9F, 0xAB, ++ 0xA6, 0x94, 0x06, 0xD9, 0xB2, 0x98, 0x61, 0x23, 0xA1, 0x85, ++ 0xC8, 0x58, 0x32, 0xE2, 0x5F, 0xD5, 0xB6, 0x38, 0x33, 0xD5, ++ 0x14, 0x42, 0xAB, 0xF1, 0xA9, 0xC0, 0x5F, 0xF0, 0xEC, 0xBD, ++ 0x88, 0xD7, 0xF7, 0x79, 0x97, 0xF4, 0xDC, 0x91, 0x56, 0xAA, ++ 0xF1, 0xCE, 0x08, 0x16, 0x46, 0x86, 0xDD, 0xFF, 0x75, 0x11, ++ 0x6F, 0xBC, 0x9A, 0x7A); ++SPCF_CPARAM_INIT(X9_62_c2pnb163v1, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, 0x1F, ++ 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, 0x81, ++ 0xE7, 0xEA, 0x26, 0xEC); ++SPCF_CPARAM_INIT(X9_62_c2pnb163v2, 0x04, 0x35, 0xC0, 0x19, 0x66, 0x0E, 0x01, ++ 0x01, 0xBA, 0x87, 0x0C, 0xA3, 0x9F, 0xD9, 0xA7, 0x76, 0x86, ++ 0x50, 0x9D, 0x28, 0x13); ++SPCF_CPARAM_INIT(X9_62_c2pnb163v3, 0x06, 0x55, 0xC4, 0x54, 0xE4, 0x1E, 0x38, ++ 0x0C, 0x7A, 0x60, 0xB6, 0x67, 0x9A, 0x5B, 0x7A, 0x3F, 0x3A, ++ 0xF6, 0x8E, 0x22, 0xC5); ++SPCF_CPARAM_INIT(X9_62_c2pnb176v1, 0x00, 0x69, 0xF7, 0xDA, 0x36, 0x19, 0xA7, ++ 0x42, 0xA3, 0x82, 0xFF, 0x05, 0x08, 0x8F, 0xD3, 0x99, 0x42, ++ 0xCA, 0x0F, 0x1D, 0x90, 0xB6, 0x5B); ++SPCF_CPARAM_INIT(X9_62_c2tnb191v1, 0x4C, 0x45, 0x25, 0xAB, 0x0B, 0x68, 0x4A, ++ 0x64, 0x44, 0x62, 0x0A, 0x86, 0x45, 0xEF, 0x54, 0x6D, 0x54, ++ 0x69, 0x39, 0x68, 0xC2, 0xAE, 0x84, 0xAC); ++SPCF_CPARAM_INIT(X9_62_c2tnb191v2, 0x03, 0x7C, 0x8F, 0x57, 0xA2, 0x25, 0xC7, ++ 0xB3, 0xD4, 0xED, 0xD5, 0x88, 0x0F, 0x38, 0x0A, 0xCC, 0x55, ++ 0x74, 0xEC, 0xB3, 0x6C, 0x9F, 0x51, 0x21); ++SPCF_CPARAM_INIT(X9_62_c2tnb191v3, 0x37, 0x39, 0xFF, 0x98, 0xB4, 0xD1, 0x69, ++ 0x3E, 0xCF, 0x52, 0x7A, 0x98, 0x51, 0xED, 0xCF, 0x99, 0x9D, ++ 0x9E, 0x75, 0x05, 0x43, 0x33, 0x43, 0x24); ++SPCF_CPARAM_INIT(X9_62_c2pnb208w1, 0x00, 0xDB, 0x05, 0x3C, 0x41, 0x76, 0xCC, ++ 0x1D, 0xA1, 0x27, 0x85, 0x2C, 0xA6, 0xD9, 0x88, 0xBE, 0x1A, ++ 0xCC, 0xD1, 0x5B, 0x2A, 0xC1, 0xC1, 0x07, 0x42, 0x57, 0x34); ++SPCF_CPARAM_INIT(X9_62_c2tnb239v1, 0x24, 0x59, 0xFC, 0xF4, 0x51, 0x7B, 0xC5, ++ 0xA6, 0xB9, 0x9B, 0xE5, 0xC6, 0xC5, 0x62, 0x85, 0xC0, 0x21, ++ 0xFE, 0x32, 0xEE, 0x2B, 0x6F, 0x1C, 0x22, 0xEA, 0x5B, 0xE1, ++ 0xB8, 0x4B, 0x93); ++SPCF_CPARAM_INIT(X9_62_c2tnb239v2, 0x64, 0x98, 0x84, 0x19, 0x3B, 0x56, 0x2D, ++ 0x4A, 0x50, 0xB4, 0xFA, 0x56, 0x34, 0xE0, 0x34, 0x41, 0x3F, ++ 0x94, 0xC4, 0x59, 0xDA, 0x7C, 0xDB, 0x16, 0x64, 0x9D, 0xDD, ++ 0xF7, 0xE6, 0x0A); ++SPCF_CPARAM_INIT(X9_62_c2tnb239v3, 0x32, 0x63, 0x2E, 0x65, 0x2B, 0xEE, 0x91, ++ 0xC2, 0xE4, 0xA2, 0xF5, 0x42, 0xA3, 0x2D, 0x67, 0xA8, 0xB5, ++ 0xB4, 0x5F, 0x21, 0xA0, 0x81, 0x02, 0xFB, 0x1F, 0x2A, 0xFB, ++ 0xB6, 0xAC, 0xDA); ++SPCF_CPARAM_INIT(X9_62_c2pnb272w1, 0x00, 0xDA, 0x7B, 0x60, 0x28, 0xF4, 0xC8, ++ 0x09, 0xA0, 0xB9, 0x78, 0x81, 0xC3, 0xA5, 0x7E, 0x4D, 0x71, ++ 0x81, 0x34, 0xD1, 0x3F, 0xEC, 0xE0, 0x90, 0x85, 0x8A, 0xC3, ++ 0x1A, 0xE2, 0xDC, 0x2E, 0xDF, 0x8E, 0x3C, 0x8B); ++SPCF_CPARAM_INIT(X9_62_c2pnb304w1, 0x00, 0x3C, 0x67, 0xB4, 0x07, 0xC6, 0xF3, ++ 0x3F, 0x81, 0x0B, 0x17, 0xDC, 0x16, 0xE2, 0x14, 0x8A, 0x2C, ++ 0x9C, 0xE2, 0x9D, 0x56, 0x05, 0x23, 0x69, 0x6A, 0x55, 0x93, ++ 0x8A, 0x15, 0x40, 0x81, 0xE3, 0xE3, 0xAE, 0xFB, 0xCE, 0x45, ++ 0x70, 0xC9); ++SPCF_CPARAM_INIT(X9_62_c2tnb359v1, 0x22, 0x39, 0xAA, 0x58, 0x4A, 0xC5, 0x9A, ++ 0xF9, 0x61, 0xD0, 0xFA, 0x2D, 0x52, 0x85, 0xB6, 0xFD, 0xF7, ++ 0x34, 0x9B, 0xC6, 0x0E, 0x91, 0xE3, 0x20, 0xF4, 0x71, 0x64, ++ 0xCE, 0x11, 0xF5, 0x18, 0xEF, 0xB4, 0xC0, 0x8B, 0x9B, 0xDA, ++ 0x99, 0x9A, 0x8A, 0x37, 0xF8, 0x2A, 0x22, 0x61); ++SPCF_CPARAM_INIT(X9_62_c2pnb368w1, 0x00, 0xC0, 0x6C, 0xCF, 0x42, 0x89, 0x3A, ++ 0x8A, 0xAA, 0x00, 0x1E, 0x0B, 0xC0, 0xD2, 0xA2, 0x27, 0x66, ++ 0xEF, 0x3E, 0x41, 0x88, 0x7C, 0xC6, 0x77, 0x6F, 0x4A, 0x04, ++ 0x1E, 0xE4, 0x45, 0x14, 0xB2, 0x0A, 0xFC, 0x4E, 0x5C, 0x30, ++ 0x40, 0x60, 0x06, 0x5B, 0xC8, 0xD6, 0xCF, 0x04, 0xD3, 0x25); ++SPCF_CPARAM_INIT(X9_62_c2tnb431r1, 0x64, 0xF5, 0xBB, 0xE9, 0xBB, 0x31, 0x66, ++ 0xA3, 0xA0, 0x2F, 0x2F, 0x22, 0xBF, 0x05, 0xD9, 0xF7, 0xDA, ++ 0x43, 0xEE, 0x70, 0xC1, 0x79, 0x03, 0x15, 0x2B, 0x70, 0xA0, ++ 0xB4, 0x25, 0x9B, 0xD2, 0xFC, 0xB2, 0x20, 0x3B, 0x7F, 0xB8, ++ 0xD3, 0x39, 0x4E, 0x20, 0xEB, 0x0E, 0xA9, 0x84, 0xDD, 0xB1, ++ 0xE1, 0xF1, 0x4C, 0x67, 0xB1, 0x36, 0x2B); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls4, 0x01, 0x73, 0xE8, 0x34, 0xAF, 0x28, ++ 0xEC, 0x76, 0xCB, 0x83, 0xBD, 0x8D, 0xFE, 0xB2, 0xD5); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls5, 0x04, 0x53, 0xE1, 0xE4, 0xB7, 0x29, ++ 0x1F, 0x5C, 0x2D, 0x53, 0xCE, 0x18, 0x48, 0x3F, 0x00, 0x70, ++ 0x81, 0xE7, 0xEA, 0x26, 0xEC); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x01); ++SPCF_CPARAM_INIT(wap_wsg_idm_ecid_wtls11, 0x00, 0x07, 0xD5, 0xEF, 0x43, 0x89, ++ 0xDF, 0xF1, 0x1E, 0xCD, 0xBA, 0x39, 0xC3, 0x09, 0x70, 0xD3, ++ 0xCE, 0x35, 0xCE, 0xBB, 0xA5, 0x84, 0x73, 0xF6, 0x4B, 0x4D, ++ 0xC0, 0xF2, 0x68, 0x6C); ++/* Oakley curve #3 over 155 bit binary filed */ ++SPCF_CPARAM_INIT(ipsec3, 0x00, 0x31, 0x10, 0x00, 0x00, 0x02, 0x23, 0xA0, 0x00, ++ 0xC4, 0x47, 0x40, 0x00, 0x08, 0x8E, 0x80, 0x00, 0x11, 0x1D, ++ 0x1D); ++/* Oakley curve #4 over 185 bit binary filed */ ++SPCF_CPARAM_INIT(ipsec4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, ++ 0x01, 0x80, 0x00, 0xC0, 0x0C, 0x00, 0x00, 0x00, 0x63, 0x80, ++ 0x30, 0x00, 0x1C, 0x00, 0x09); ++ ++static inline int ++eng_ec_get_cparam(int nid, unsigned char *buf, unsigned int buf_len) ++{ ++ int ret = 0; ++ switch (nid) { ++ SPCF_CPARAM_CASE(sect113r1); ++ SPCF_CPARAM_CASE(sect113r2); ++ SPCF_CPARAM_CASE(sect131r1); ++ SPCF_CPARAM_CASE(sect131r2); ++ SPCF_CPARAM_CASE(sect163k1); ++ SPCF_CPARAM_CASE(sect163r1); ++ SPCF_CPARAM_CASE(sect163r2); ++ SPCF_CPARAM_CASE(sect193r1); ++ SPCF_CPARAM_CASE(sect193r2); ++ SPCF_CPARAM_CASE(sect233k1); ++ SPCF_CPARAM_CASE(sect233r1); ++ SPCF_CPARAM_CASE(sect239k1); ++ SPCF_CPARAM_CASE(sect283k1); ++ SPCF_CPARAM_CASE(sect283r1); ++ SPCF_CPARAM_CASE(sect409k1); ++ SPCF_CPARAM_CASE(sect409r1); ++ SPCF_CPARAM_CASE(sect571k1); ++ SPCF_CPARAM_CASE(sect571r1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb163v1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb163v2); ++ SPCF_CPARAM_CASE(X9_62_c2pnb163v3); ++ SPCF_CPARAM_CASE(X9_62_c2pnb176v1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb191v1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb191v2); ++ SPCF_CPARAM_CASE(X9_62_c2tnb191v3); ++ SPCF_CPARAM_CASE(X9_62_c2pnb208w1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb239v1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb239v2); ++ SPCF_CPARAM_CASE(X9_62_c2tnb239v3); ++ SPCF_CPARAM_CASE(X9_62_c2pnb272w1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb304w1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb359v1); ++ SPCF_CPARAM_CASE(X9_62_c2pnb368w1); ++ SPCF_CPARAM_CASE(X9_62_c2tnb431r1); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls1); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls3); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls4); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls5); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls10); ++ SPCF_CPARAM_CASE(wap_wsg_idm_ecid_wtls11); ++ /* Oakley curve #3 over 155 bit binary filed */ ++ SPCF_CPARAM_CASE(ipsec3); ++ /* Oakley curve #4 over 185 bit binary filed */ ++ SPCF_CPARAM_CASE(ipsec4); ++ default: ++ ret = -EINVAL; ++ break; ++ } ++ return ret; ++} ++ ++/* Copies the curve points to a flat buffer with appropriate padding */ ++static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, ++ int xy_len, int crv_len) ++{ ++ unsigned char *xy = NULL; ++ int len1 = 0, len2 = 0; ++ ++ len1 = BN_num_bytes(x); ++ len2 = BN_num_bytes(y); ++ ++ if (!(xy = malloc(xy_len))) { ++ return NULL; ++ } ++ ++ memset(xy, 0, xy_len); ++ ++ if (len1 < crv_len) { ++ if (!BN_is_zero(x)) ++ BN_bn2bin(x, xy + (crv_len - len1)); ++ } else { ++ BN_bn2bin(x, xy); ++ } ++ ++ if (len2 < crv_len) { ++ if (!BN_is_zero(y)) ++ BN_bn2bin(y, xy+crv_len+(crv_len-len2)); ++ } else { ++ BN_bn2bin(y, xy+crv_len); ++ } ++ ++ return xy; ++} ++ ++enum curve_t { ++ DISCRETE_LOG, ++ ECC_PRIME, ++ ECC_BINARY, ++ MAX_ECC_TYPE ++}; ++#endif +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch new file mode 100644 index 00000000..01c268b6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0006-Fixed-private-key-support-for-DH.patch @@ -0,0 +1,33 @@ +From 39a9e609290a8a1163a721915bcde0c7cf8f92f7 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Tue, 11 Mar 2014 05:57:47 +0545 +Subject: [PATCH 06/26] Fixed private key support for DH + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +--- + crypto/dh/dh_ameth.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c +index 02ec2d4..ed32004 100644 +--- a/crypto/dh/dh_ameth.c ++++ b/crypto/dh/dh_ameth.c +@@ -422,6 +422,13 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) + if (to->pkey.dh->g != NULL) + BN_free(to->pkey.dh->g); + to->pkey.dh->g=a; ++ if ((a=BN_dup(from->pkey.dh->q)) != NULL) { ++ if (to->pkey.dh->q != NULL) ++ BN_free(to->pkey.dh->q); ++ to->pkey.dh->q=a; ++ } ++ ++ to->pkey.dh->length = from->pkey.dh->length; + + return 1; + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch b/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch new file mode 100644 index 00000000..12fcd7df --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0007-Fixed-private-key-support-for-DH.patch @@ -0,0 +1,35 @@ +From 8322e4157bf49d992b5b9e460f2c0785865dd1c1 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Thu, 20 Mar 2014 19:55:51 -0500 +Subject: [PATCH 07/26] Fixed private key support for DH + +Upstream-status: Pending + +Required Length of the DH result is not returned in dh method in openssl + +Tested-by: Yashpal Dutta <yashpal.dutta@freescale.com> +--- + crypto/dh/dh_ameth.c | 7 ------- + 1 file changed, 7 deletions(-) + +diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c +index ed32004..02ec2d4 100644 +--- a/crypto/dh/dh_ameth.c ++++ b/crypto/dh/dh_ameth.c +@@ -422,13 +422,6 @@ static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) + if (to->pkey.dh->g != NULL) + BN_free(to->pkey.dh->g); + to->pkey.dh->g=a; +- if ((a=BN_dup(from->pkey.dh->q)) != NULL) { +- if (to->pkey.dh->q != NULL) +- BN_free(to->pkey.dh->q); +- to->pkey.dh->q=a; +- } +- +- to->pkey.dh->length = from->pkey.dh->length; + + return 1; + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch b/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch new file mode 100644 index 00000000..8c8b1f22 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0008-Initial-support-for-PKC-in-cryptodev-engine.patch @@ -0,0 +1,1564 @@ +From 107a10d45db0f2e58482f698add04ed9183f7268 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Tue, 11 Mar 2014 06:29:52 +0545 +Subject: [PATCH 08/26] Initial support for PKC in cryptodev engine + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 1343 ++++++++++++++++++++++++++++++++++++----- + 1 file changed, 1183 insertions(+), 160 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index e3eb98b..7ee314b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -54,11 +54,14 @@ ENGINE_load_cryptodev(void) + #else + + #include <sys/types.h> +-#include <crypto/cryptodev.h> + #include <crypto/dh/dh.h> + #include <crypto/dsa/dsa.h> + #include <crypto/err/err.h> + #include <crypto/rsa/rsa.h> ++#include <crypto/ecdsa/ecs_locl.h> ++#include <crypto/ecdh/ech_locl.h> ++#include <crypto/ec/ec_lcl.h> ++#include <crypto/ec/ec.h> + #include <sys/ioctl.h> + #include <errno.h> + #include <stdio.h> +@@ -68,6 +71,8 @@ ENGINE_load_cryptodev(void) + #include <syslog.h> + #include <errno.h> + #include <string.h> ++#include "eng_cryptodev_ec.h" ++#include <crypto/cryptodev.h> + + struct dev_crypto_state { + struct session_op d_sess; +@@ -116,18 +121,10 @@ static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, + static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, + RSA *rsa, BN_CTX *ctx); + static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); +-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, +- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, +- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, +- BN_CTX *ctx, BN_MONT_CTX *mont); + static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, + int dlen, DSA *dsa); + static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, + DSA_SIG *sig, DSA *dsa); +-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, +- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, +- BN_MONT_CTX *m_ctx); + static int cryptodev_dh_compute_key(unsigned char *key, + const BIGNUM *pub_key, DH *dh); + static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, +@@ -136,6 +133,102 @@ void ENGINE_load_cryptodev(void); + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; + ++inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) ++{ ++ int len; ++ unsigned char *p; ++ ++ len = BN_num_bytes(bn); ++ ++ if (!len) ++ return -1; ++ ++ p = malloc(len); ++ if (!p) ++ return -1; ++ ++ BN_bn2bin(bn,p); ++ ++ *bin = p; ++ *bin_len = len; ++ ++ return 0; ++} ++ ++inline int spcf_bn2bin_ex(BIGNUM *bn, unsigned char **bin, int *bin_len) ++{ ++ int len; ++ unsigned char *p; ++ ++ len = BN_num_bytes(bn); ++ ++ if (!len) ++ return -1; ++ ++ if (len < *bin_len) ++ p = malloc(*bin_len); ++ else ++ p = malloc(len); ++ ++ if (!p) ++ return -ENOMEM; ++ ++ if (len < *bin_len) { ++ /* place padding */ ++ memset(p, 0, (*bin_len - len)); ++ BN_bn2bin(bn,p+(*bin_len-len)); ++ } else { ++ BN_bn2bin(bn,p); ++ } ++ ++ *bin = p; ++ if (len >= *bin_len) ++ *bin_len = len; ++ ++ return 0; ++} ++ ++/** ++ * Convert an ECC F2m 'b' parameter into the 'c' parameter. ++ *Inputs: ++ * q, the curve's modulus ++ * b, the curve's b parameter ++ * (a bignum for b, a buffer for c) ++ * Output: ++ * c, written into bin, right-adjusted to fill q_len bytes. ++ */ ++static int ++eng_ec_compute_cparam(const BIGNUM* b, const BIGNUM* q, ++ unsigned char **bin, int *bin_len) ++{ ++ BIGNUM* c = BN_new(); ++ BIGNUM* exp = BN_new(); ++ BN_CTX *ctx = BN_CTX_new(); ++ int m = BN_num_bits(q) - 1; ++ int ok = 0; ++ ++ if (!c || !exp || !ctx || *bin) ++ goto err; ++ ++ /* ++ * We have to compute c, where b = c^4, i.e., the fourth root of b. ++ * The equation for c is c = b^(2^(m-2)) ++ * Compute exp = 2^(m-2) ++ * (1 << x) == 2^x ++ * and then compute c = b^exp ++ */ ++ BN_lshift(exp, BN_value_one(), m-2); ++ BN_GF2m_mod_exp(c, b, exp, q, ctx); ++ /* Store c */ ++ spcf_bn2bin_ex(c, bin, bin_len); ++ ok = 1; ++err: ++ if (ctx) BN_CTX_free(ctx); ++ if (c) BN_free(c); ++ if (exp) BN_free(exp); ++ return ok; ++} ++ + static const ENGINE_CMD_DEFN cryptodev_defns[] = { + { 0, NULL, NULL, 0 } + }; +@@ -1139,7 +1232,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + static int + bn2crparam(const BIGNUM *a, struct crparam *crp) + { +- int i, j, k; + ssize_t bytes, bits; + u_char *b; + +@@ -1156,15 +1248,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) + + crp->crp_p = (caddr_t) b; + crp->crp_nbits = bits; +- +- for (i = 0, j = 0; i < a->top; i++) { +- for (k = 0; k < BN_BITS2 / 8; k++) { +- if ((j + k) >= bytes) +- return (0); +- b[j + k] = a->d[i] >> (k * 8); +- } +- j += BN_BITS2 / 8; +- } ++ BN_bn2bin(a, crp->crp_p); + return (0); + } + +@@ -1172,22 +1256,14 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) + static int + crparam2bn(struct crparam *crp, BIGNUM *a) + { +- u_int8_t *pd; +- int i, bytes; ++ int bytes; + + bytes = (crp->crp_nbits + 7) / 8; + + if (bytes == 0) + return (-1); + +- if ((pd = (u_int8_t *) malloc(bytes)) == NULL) +- return (-1); +- +- for (i = 0; i < bytes; i++) +- pd[i] = crp->crp_p[bytes - i - 1]; +- +- BN_bin2bn(pd, bytes, a); +- free(pd); ++ BN_bin2bn(crp->crp_p, bytes, a); + + return (0); + } +@@ -1235,6 +1311,32 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + return (ret); + } + ++/* Close an opened instance of cryptodev engine */ ++void cryptodev_close_instance(void *handle) ++{ ++ int fd; ++ ++ if (handle) { ++ fd = *(int *)handle; ++ close(fd); ++ free(handle); ++ } ++} ++ ++/* Create an instance of cryptodev for asynchronous interface */ ++void *cryptodev_init_instance(void) ++{ ++ int *fd = malloc(sizeof(int)); ++ ++ if (fd) { ++ if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { ++ free(fd); ++ return NULL; ++ } ++ } ++ return fd; ++} ++ + static int + cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +@@ -1250,9 +1352,9 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + return (ret); + } + +- memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_MOD_EXP; +- ++ kop.crk_oparams = 0; ++ kop.crk_status = 0; + /* inputs: a^p % m */ + if (bn2crparam(a, &kop.crk_param[0])) + goto err; +@@ -1293,28 +1395,38 @@ static int + cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) + { + struct crypt_kop kop; +- int ret = 1; ++ int ret = 1, f_len, p_len, q_len; ++ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; + + if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { + /* XXX 0 means failure?? */ + return (0); + } + +- memset(&kop, 0, sizeof kop); ++ kop.crk_oparams = 0; ++ kop.crk_status = 0; + kop.crk_op = CRK_MOD_EXP_CRT; ++ f_len = BN_num_bytes(rsa->n); ++ spcf_bn2bin_ex(I, &f, &f_len); ++ spcf_bn2bin(rsa->p, &p, &p_len); ++ spcf_bn2bin(rsa->q, &q, &q_len); ++ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); ++ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); ++ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); + /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ +- if (bn2crparam(rsa->p, &kop.crk_param[0])) +- goto err; +- if (bn2crparam(rsa->q, &kop.crk_param[1])) +- goto err; +- if (bn2crparam(I, &kop.crk_param[2])) +- goto err; +- if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) +- goto err; +- if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) +- goto err; +- if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) +- goto err; ++ kop.crk_param[0].crp_p = p; ++ kop.crk_param[0].crp_nbits = p_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = f; ++ kop.crk_param[2].crp_nbits = f_len * 8; ++ kop.crk_param[3].crp_p = dp; ++ kop.crk_param[3].crp_nbits = p_len * 8; ++ /* dq must of length q, rest all of length p*/ ++ kop.crk_param[4].crp_p = dq; ++ kop.crk_param[4].crp_nbits = q_len * 8; ++ kop.crk_param[5].crp_p = c; ++ kop.crk_param[5].crp_nbits = p_len * 8; + kop.crk_iparams = 6; + + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { +@@ -1350,90 +1462,117 @@ static RSA_METHOD cryptodev_rsa = { + NULL /* rsa_verify */ + }; + +-static int +-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +-{ +- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); +-} +- +-static int +-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, +- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, +- BN_CTX *ctx, BN_MONT_CTX *mont) ++static DSA_SIG * ++cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) + { +- BIGNUM t2; +- int ret = 0; +- +- BN_init(&t2); +- +- /* v = ( g^u1 * y^u2 mod p ) mod q */ +- /* let t1 = g ^ u1 mod p */ +- ret = 0; ++ struct crypt_kop kop; ++ BIGNUM *c = NULL, *d = NULL; ++ DSA_SIG *dsaret = NULL; ++ int q_len = 0, r_len = 0, g_len = 0; ++ int priv_key_len = 0, ret; ++ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; + +- if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) ++ memset(&kop, 0, sizeof kop); ++ if ((c = BN_new()) == NULL) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; ++ } + +- /* let t2 = y ^ u2 mod p */ +- if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) ++ if ((d = BN_new()) == NULL) { ++ BN_free(c); ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; +- /* let u1 = t1 * t2 mod p */ +- if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) ++ } ++ ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; ++ } + +- BN_copy(t1,u1); ++ /* Get order of the field of private keys into plain buffer */ ++ if (spcf_bn2bin (dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + +- ret = 1; +-err: +- BN_free(&t2); +- return(ret); +-} ++ /* sanity test */ ++ if (dlen > r_len) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); ++ goto err; ++ } + +-static DSA_SIG * +-cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) +-{ +- struct crypt_kop kop; +- BIGNUM *r = NULL, *s = NULL; +- DSA_SIG *dsaret = NULL; ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + +- if ((r = BN_new()) == NULL) ++ priv_key_len = r_len; ++ /** ++ * Get private key into a plain buffer. If length is less than ++ * r_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; +- if ((s = BN_new()) == NULL) { +- BN_free(r); ++ } ++ ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- memset(&kop, 0, sizeof kop); ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ + kop.crk_op = CRK_DSA_SIGN; + + /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ +- kop.crk_param[0].crp_p = (caddr_t)dgst; +- kop.crk_param[0].crp_nbits = dlen * 8; +- if (bn2crparam(dsa->p, &kop.crk_param[1])) +- goto err; +- if (bn2crparam(dsa->q, &kop.crk_param[2])) +- goto err; +- if (bn2crparam(dsa->g, &kop.crk_param[3])) +- goto err; +- if (bn2crparam(dsa->priv_key, &kop.crk_param[4])) +- goto err; ++ kop.crk_param[0].crp_p = (void*)f; ++ kop.crk_param[0].crp_nbits = r_len * 8; ++ kop.crk_param[1].crp_p = (void*)q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = (void*)r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = (void*)g; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = (void*)priv_key; ++ kop.crk_param[4].crp_nbits = priv_key_len * 8; + kop.crk_iparams = 5; + +- if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, +- BN_num_bytes(dsa->q), s) == 0) { +- dsaret = DSA_SIG_new(); +- dsaret->r = r; +- dsaret->s = s; +- } else { +- const DSA_METHOD *meth = DSA_OpenSSL(); +- BN_free(r); +- BN_free(s); +- dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); ++ ret = cryptodev_asym(&kop, r_len, c, r_len, d); ++ ++ if (ret) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DECODE_ERROR); ++ goto err; + } +-err: +- kop.crk_param[0].crp_p = NULL; ++ ++ dsaret = DSA_SIG_new(); ++ dsaret->r = c; ++ dsaret->s = d; ++ + zapparams(&kop); + return (dsaret); ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ if (c) ++ BN_free(c); ++ if (d) ++ BN_free(d); ++ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); ++ return (dsaret); ++ } + } + + static int +@@ -1441,42 +1580,179 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, + DSA_SIG *sig, DSA *dsa) + { + struct crypt_kop kop; +- int dsaret = 1; ++ int dsaret = 1, q_len = 0, r_len = 0, g_len = 0; ++ int w_len = 0 ,c_len = 0, d_len = 0, ret = -1; ++ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; ++ unsigned char * c = NULL, * d = NULL, *f = NULL; + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DSA_VERIFY; + +- /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ +- kop.crk_param[0].crp_p = (caddr_t)dgst; +- kop.crk_param[0].crp_nbits = dlen * 8; +- if (bn2crparam(dsa->p, &kop.crk_param[1])) ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ return ret; ++ } ++ ++ /* Get Order of field of private keys */ ++ if (spcf_bn2bin(dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(dsa->q, &kop.crk_param[2])) ++ } ++ ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(dsa->g, &kop.crk_param[3])) ++ } ++ w_len = q_len; ++ /** ++ * Get public key into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(dsa->pub_key, &kop.crk_param[4])) ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(sig->r, &kop.crk_param[5])) ++ } ++ ++ ++ /* Sanity test */ ++ if (dlen > r_len) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(sig->s, &kop.crk_param[6])) ++ } ++ ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ ++ kop.crk_param[0].crp_p = (void*)f; ++ kop.crk_param[0].crp_nbits = r_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = w; ++ kop.crk_param[4].crp_nbits = w_len * 8; ++ kop.crk_param[5].crp_p = c; ++ kop.crk_param[5].crp_nbits = c_len * 8; ++ kop.crk_param[6].crp_p = d; ++ kop.crk_param[6].crp_nbits = d_len * 8; + kop.crk_iparams = 7; + +- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { +-/*OCF success value is 0, if not zero, change dsaret to fail*/ +- if(0 != kop.crk_status) dsaret = 0; +- } else { +- const DSA_METHOD *meth = DSA_OpenSSL(); ++ if ((cryptodev_asym(&kop, 0, NULL, 0, NULL))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); ++ goto err; ++ } + +- dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); ++ /*OCF success value is 0, if not zero, change dsaret to fail*/ ++ if(0 != kop.crk_status) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, DSA_R_DECODE_ERROR); ++ goto err; + } +-err: +- kop.crk_param[0].crp_p = NULL; ++ + zapparams(&kop); + return (dsaret); ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); ++ } ++ return dsaret; + } + ++/* Cryptodev DSA Key Gen routine */ ++static int cryptodev_dsa_keygen(DSA *dsa) ++{ ++ struct crypt_kop kop; ++ int ret = 1, g_len; ++ unsigned char *g = NULL; ++ ++ if (dsa->priv_key == NULL) { ++ if ((dsa->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ if (dsa->pub_key == NULL) { ++ if ((dsa->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ g_len = BN_num_bytes(dsa->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * p_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ memset(&kop, 0, sizeof kop); ++ ++ kop.crk_op = CRK_DSA_GENERATE_KEY; ++ if (bn2crparam(dsa->p, &kop.crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dsa->q, &kop.crk_param[1])) ++ goto sw_try; ++ kop.crk_param[2].crp_p = g; ++ kop.crk_param[2].crp_nbits = g_len * 8; ++ kop.crk_iparams = 3; ++ ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym(&kop, BN_num_bytes(dsa->p), dsa->pub_key, ++ BN_num_bytes(dsa->q), dsa->priv_key)) ++ goto sw_try; ++ ++ return ret; ++sw_try: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ret = (meth->dsa_keygen)(dsa); ++ } ++ return ret; ++} ++ ++ ++ + static DSA_METHOD cryptodev_dsa = { + "cryptodev DSA method", + NULL, +@@ -1490,12 +1766,543 @@ static DSA_METHOD cryptodev_dsa = { + NULL /* app_data */ + }; + +-static int +-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, +- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, +- BN_MONT_CTX *m_ctx) ++static ECDSA_METHOD cryptodev_ecdsa = { ++ "cryptodev ECDSA method", ++ NULL, ++ NULL, /* ecdsa_sign_setup */ ++ NULL, ++ NULL, ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ ++typedef enum ec_curve_s ++{ ++ EC_PRIME, ++ EC_BINARY ++} ec_curve_t; ++ ++/* ENGINE handler for ECDSA Sign */ ++static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, ++ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) + { +- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); ++ BIGNUM *m = NULL, *p = NULL, *a = NULL; ++ BIGNUM *b = NULL, *x = NULL, *y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_SIG *ret = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; ++ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; ++ int g_len = 0, d_len = 0, ab_len = 0; ++ const BIGNUM *order = NULL, *priv_key=NULL; ++ const EC_GROUP *group = NULL; ++ struct crypt_kop kop; ++ ec_curve_t ec_crv = EC_PRIME; ++ ++ memset(&kop, 0, sizeof(kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ priv_key = EC_KEY_get0_private_key(eckey); ++ ++ if (!group || !priv_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ goto err; ++ } ++ ++ ret = ECDSA_SIG_new(); ++ if (!ret) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), ++ x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ priv_key_len = r_len; ++ ++ /** ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points(a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop.curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2*q_len; ++ g_xy = eng_copy_curve_points(x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Memory allocation for first part of digital signature */ ++ c = malloc(r_len); ++ if (!c) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ d_len = r_len; ++ ++ /* Memory allocation for second part of digital signature */ ++ d = malloc(d_len); ++ if (!d) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len - dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); ++ ++ dgst_len += r_len - dgst_len; ++ kop.crk_op = CRK_DSA_SIGN; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop.crk_param[0].crp_p = f; ++ kop.crk_param[0].crp_nbits = dgst_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g_xy; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = s; ++ kop.crk_param[4].crp_nbits = priv_key_len * 8; ++ kop.crk_param[5].crp_p = ab; ++ kop.crk_param[5].crp_nbits = ab_len * 8; ++ kop.crk_iparams = 6; ++ kop.crk_param[6].crp_p = c; ++ kop.crk_param[6].crp_nbits = d_len * 8; ++ kop.crk_param[7].crp_p = d; ++ kop.crk_param[7].crp_nbits = d_len * 8; ++ kop.crk_oparams = 2; ++ ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { ++ /* Check if ret->r and s needs to allocated */ ++ crparam2bn(&kop.crk_param[6], ret->r); ++ crparam2bn(&kop.crk_param[7], ret->s); ++ } else { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); ++ } ++ kop.crk_param[0].crp_p = NULL; ++ zapparams(&kop); ++err: ++ if (!ret) { ++ ECDSA_SIG_free(ret); ++ ret = NULL; ++ } ++ return ret; ++} ++ ++static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, ++ ECDSA_SIG *sig, EC_KEY *eckey) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; ++ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; ++ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; ++ int d_len = 0, ab_len = 0, ret = -1; ++ const EC_POINT *pub_key = NULL; ++ const BIGNUM *order = NULL; ++ const EC_GROUP *group=NULL; ++ ec_curve_t ec_crv = EC_PRIME; ++ struct crypt_kop kop; ++ ++ memset(&kop, 0, sizeof kop); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ return ret; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ pub_key = EC_KEY_get0_public_key(eckey); ++ ++ if (!group || !pub_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ return ret; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || ++ (w_y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ * bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group),x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ }else { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* Get the order of the subgroup of private keys */ ++ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop.curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2 * q_len; ++ ++ g_xy = eng_copy_curve_points (x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->r) < r_len) ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->s) < r_len) ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len-dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); ++ dgst_len += r_len-dgst_len; ++ kop.crk_op = CRK_DSA_VERIFY; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop.crk_param[0].crp_p = f; ++ kop.crk_param[0].crp_nbits = dgst_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g_xy; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = w_xy; ++ kop.crk_param[4].crp_nbits = pub_key_len * 8; ++ kop.crk_param[5].crp_p = ab; ++ kop.crk_param[5].crp_nbits = ab_len * 8; ++ kop.crk_param[6].crp_p = c; ++ kop.crk_param[6].crp_nbits = d_len * 8; ++ kop.crk_param[7].crp_p = d; ++ kop.crk_param[7].crp_nbits = d_len * 8; ++ kop.crk_iparams = 8; ++ ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { ++ /*OCF success value is 0, if not zero, change ret to fail*/ ++ if(0 == kop.crk_status) ++ ret = 1; ++ } else { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ++ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ } ++ kop.crk_param[0].crp_p = NULL; ++ zapparams(&kop); ++ ++err: ++ return ret; ++} ++ ++static int cryptodev_dh_keygen(DH *dh) ++{ ++ struct crypt_kop kop; ++ int ret = 1, g_len; ++ unsigned char *g = NULL; ++ ++ if (dh->priv_key == NULL) { ++ if ((dh->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ if (dh->pub_key == NULL) { ++ if ((dh->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ g_len = BN_num_bytes(dh->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ memset(&kop, 0, sizeof kop); ++ kop.crk_op = CRK_DH_GENERATE_KEY; ++ if (bn2crparam(dh->p, &kop.crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dh->q, &kop.crk_param[1])) ++ goto sw_try; ++ kop.crk_param[2].crp_p = g; ++ kop.crk_param[2].crp_nbits = g_len * 8; ++ kop.crk_iparams = 3; ++ ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, ++ BN_num_bytes(dh->q), dh->priv_key)) ++ goto sw_try; ++ ++ return ret; ++sw_try: ++ { ++ const DH_METHOD *meth = DH_OpenSSL(); ++ ret = (meth->generate_key)(dh); ++ } ++ return ret; + } + + static int +@@ -1503,43 +2310,234 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) + { + struct crypt_kop kop; + int dhret = 1; +- int fd, keylen; ++ int fd, p_len; ++ BIGNUM *temp = NULL; ++ unsigned char *padded_pub_key = NULL, *p = NULL; ++ ++ if ((fd = get_asym_dev_crypto()) < 0) ++ goto sw_try; ++ ++ memset(&kop, 0, sizeof kop); ++ kop.crk_op = CRK_DH_COMPUTE_KEY; ++ /* inputs: dh->priv_key pub_key dh->p key */ ++ spcf_bn2bin(dh->p, &p, &p_len); ++ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); ++ if (bn2crparam(dh->priv_key, &kop.crk_param[0])) ++ goto sw_try; ++ ++ kop.crk_param[1].crp_p = padded_pub_key; ++ kop.crk_param[1].crp_nbits = p_len * 8; ++ kop.crk_param[2].crp_p = p; ++ kop.crk_param[2].crp_nbits = p_len * 8; ++ kop.crk_iparams = 3; ++ kop.crk_param[3].crp_p = (void*) key; ++ kop.crk_param[3].crp_nbits = p_len * 8; ++ kop.crk_oparams = 1; ++ dhret = p_len; ++ ++ if (ioctl(fd, CIOCKEY, &kop)) ++ goto sw_try; + +- if ((fd = get_asym_dev_crypto()) < 0) { ++ if ((temp = BN_new())) { ++ if (!BN_bin2bn(key, p_len, temp)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto sw_try; ++ } ++ if (dhret > BN_num_bytes(temp)) ++ dhret=BN_bn2bin(temp,key); ++ BN_free(temp); ++ } ++ ++ kop.crk_param[3].crp_p = NULL; ++ zapparams(&kop); ++ return (dhret); ++sw_try: ++ { + const DH_METHOD *meth = DH_OpenSSL(); + +- return ((meth->compute_key)(key, pub_key, dh)); ++ dhret = (meth->compute_key)(key, pub_key, dh); + } ++ return (dhret); ++} + +- keylen = BN_num_bits(dh->p); ++int cryptodev_ecdh_compute_key(void *out, size_t outlen, ++ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, ++ void *out, size_t *outlen)) ++{ ++ ec_curve_t ec_crv = EC_PRIME; ++ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; ++ BIGNUM * w_x = NULL, *w_y = NULL; ++ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; ++ BIGNUM * p = NULL, *a = NULL, *b = NULL; ++ BN_CTX *ctx; ++ EC_POINT *tmp=NULL; ++ BIGNUM *x=NULL, *y=NULL; ++ const BIGNUM *priv_key; ++ const EC_GROUP* group = NULL; ++ int ret = -1; ++ size_t buflen, len; ++ struct crypt_kop kop; + + memset(&kop, 0, sizeof kop); +- kop.crk_op = CRK_DH_COMPUTE_KEY; + +- /* inputs: dh->priv_key pub_key dh->p key */ +- if (bn2crparam(dh->priv_key, &kop.crk_param[0])) ++ if ((ctx = BN_CTX_new()) == NULL) goto err; ++ BN_CTX_start(ctx); ++ x = BN_CTX_get(ctx); ++ y = BN_CTX_get(ctx); ++ p = BN_CTX_get(ctx); ++ a = BN_CTX_get(ctx); ++ b = BN_CTX_get(ctx); ++ w_x = BN_CTX_get(ctx); ++ w_y = BN_CTX_get(ctx); ++ ++ if (!x || !y || !p || !a || !b || !w_x || !w_y) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); + goto err; +- if (bn2crparam(pub_key, &kop.crk_param[1])) ++ } ++ ++ priv_key = EC_KEY_get0_private_key(ecdh); ++ if (priv_key == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); + goto err; +- if (bn2crparam(dh->p, &kop.crk_param[2])) ++ } ++ ++ group = EC_KEY_get0_group(ecdh); ++ if ((tmp=EC_POINT_new(group)) == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); + goto err; +- kop.crk_iparams = 3; ++ } + +- kop.crk_param[3].crp_p = (caddr_t) key; +- kop.crk_param[3].crp_nbits = keylen * 8; +- kop.crk_oparams = 1; ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == ++ NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; + +- if (ioctl(fd, CIOCKEY, &kop) == -1) { +- const DH_METHOD *meth = DH_OpenSSL(); ++ if (!EC_POINT_get_affine_coordinates_GFp(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } + +- dhret = (meth->compute_key)(key, pub_key, dh); ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ } else { ++ ec_crv = EC_BINARY; ++ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } ++ ++ /* irreducible polynomial that creates the field */ ++ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; + } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop.curve_type = ECC_BINARY; ++ } else ++ kop.curve_type = ECC_PRIME; ++ ++ priv_key_len = r_len; ++ ++ /* ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ buflen = (EC_GROUP_get_degree(group) + 7)/8; ++ len = BN_num_bytes(x); ++ if (len > buflen || q_len < buflen) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); ++ goto err; ++ } ++ ++ kop.crk_op = CRK_DH_COMPUTE_KEY; ++ kop.crk_param[0].crp_p = (void*) s; ++ kop.crk_param[0].crp_nbits = priv_key_len*8; ++ kop.crk_param[1].crp_p = (void*) w_xy; ++ kop.crk_param[1].crp_nbits = pub_key_len*8; ++ kop.crk_param[2].crp_p = (void*) q; ++ kop.crk_param[2].crp_nbits = q_len*8; ++ kop.crk_param[3].crp_p = (void*) ab; ++ kop.crk_param[3].crp_nbits = ab_len*8; ++ kop.crk_iparams = 4; ++ kop.crk_param[4].crp_p = (void*) out; ++ kop.crk_param[4].crp_nbits = q_len*8; ++ kop.crk_oparams = 1; ++ ret = q_len; ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL)) { ++ const ECDH_METHOD *meth = ECDH_OpenSSL(); ++ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); ++ } else ++ ret = q_len; + err: +- kop.crk_param[3].crp_p = NULL; ++ kop.crk_param[4].crp_p = NULL; + zapparams(&kop); +- return (dhret); ++ return ret; + } + ++ + static DH_METHOD cryptodev_dh = { + "cryptodev DH method", + NULL, /* cryptodev_dh_generate_key */ +@@ -1551,6 +2549,14 @@ static DH_METHOD cryptodev_dh = { + NULL /* app_data */ + }; + ++static ECDH_METHOD cryptodev_ecdh = { ++ "cryptodev ECDH method", ++ NULL, /* cryptodev_ecdh_compute_key */ ++ NULL, ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ + /* + * ctrl right now is just a wrapper that doesn't do much + * but I expect we'll want some options soon. +@@ -1634,25 +2640,42 @@ ENGINE_load_cryptodev(void) + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; +- if (cryptodev_asymfeat & CRF_MOD_EXP) { +- cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; +- cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; +- } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; ++ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) ++ cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; + } + + if (ENGINE_set_DH(engine, &cryptodev_dh)){ + const DH_METHOD *dh_meth = DH_OpenSSL(); ++ memcpy(&cryptodev_dh, dh_meth, sizeof(DH_METHOD)); ++ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { ++ cryptodev_dh.compute_key = ++ cryptodev_dh_compute_key; ++ } ++ if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { ++ cryptodev_dh.generate_key = ++ cryptodev_dh_keygen; ++ } ++ } + +- cryptodev_dh.generate_key = dh_meth->generate_key; +- cryptodev_dh.compute_key = dh_meth->compute_key; +- cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; +- if (cryptodev_asymfeat & CRF_MOD_EXP) { +- cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; +- if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) +- cryptodev_dh.compute_key = +- cryptodev_dh_compute_key; ++ if (ENGINE_set_ECDSA(engine, &cryptodev_ecdsa)) { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); ++ if (cryptodev_asymfeat & CRF_DSA_SIGN) { ++ cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; ++ } ++ if (cryptodev_asymfeat & CRF_DSA_VERIFY) { ++ cryptodev_ecdsa.ecdsa_do_verify = ++ cryptodev_ecdsa_verify; ++ } ++ } ++ ++ if (ENGINE_set_ECDH(engine, &cryptodev_ecdh)) { ++ const ECDH_METHOD *ecdh_meth = ECDH_OpenSSL(); ++ memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); ++ if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { ++ cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; + } + } + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch b/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch new file mode 100644 index 00000000..0fb01821 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0009-Added-hwrng-dev-file-as-source-of-RNG.patch @@ -0,0 +1,28 @@ +From 81c4c62a4f5f5542843381bfb34e39a6171d5cdd Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Tue, 11 Mar 2014 06:42:59 +0545 +Subject: [PATCH 09/26] Added hwrng dev file as source of RNG + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +--- + e_os.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/e_os.h b/e_os.h +index 6a0aad1..57c0563 100644 +--- a/e_os.h ++++ b/e_os.h +@@ -79,7 +79,7 @@ extern "C" { + #ifndef DEVRANDOM + /* set this to a comma-separated list of 'random' device files to try out. + * My default, we will try to read at least one of these files */ +-#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" ++#define DEVRANDOM "/dev/hwrng","/dev/urandom","/dev/random","/dev/srandom" + #endif + #ifndef DEVRANDOM_EGD + /* set this to a comma-seperated list of 'egd' sockets to try out. These +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch b/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch new file mode 100644 index 00000000..0f889c0f --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0010-Asynchronous-interface-added-for-PKC-cryptodev-inter.patch @@ -0,0 +1,2039 @@ +From a933e6341fd8989bdd82f8a5446b6f04aa00eef9 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Tue, 11 Mar 2014 07:14:30 +0545 +Subject: [PATCH 10/26] Asynchronous interface added for PKC cryptodev + interface + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +--- + crypto/crypto.h | 16 + + crypto/dh/dh.h | 4 +- + crypto/dsa/dsa.h | 5 + + crypto/ecdh/ech_locl.h | 3 + + crypto/ecdsa/ecs_locl.h | 5 + + crypto/engine/eng_cryptodev.c | 1578 +++++++++++++++++++++++++++++++++++++---- + crypto/engine/eng_int.h | 24 +- + crypto/engine/eng_lib.c | 46 ++ + crypto/engine/engine.h | 24 + + crypto/rsa/rsa.h | 23 + + 10 files changed, 1582 insertions(+), 146 deletions(-) + +diff --git a/crypto/crypto.h b/crypto/crypto.h +index f92fc51..ce12731 100644 +--- a/crypto/crypto.h ++++ b/crypto/crypto.h +@@ -605,6 +605,22 @@ void ERR_load_CRYPTO_strings(void); + #define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 + #define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 + ++/* Additions for Asynchronous PKC Infrastructure */ ++struct pkc_cookie_s { ++ void *cookie; /* To be filled by openssl library primitive method function caller */ ++ void *eng_cookie; /* To be filled by Engine */ ++ /* ++ * Callback handler to be provided by caller. Ensure to pass a ++ * handler which takes the crypto operation to completion. ++ * cookie: Container cookie from library ++ * status: Status of the crypto Job completion. ++ * 0: Job handled without any issue ++ * -EINVAL: Parameters Invalid ++ */ ++ void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); ++ void *eng_handle; ++}; ++ + #ifdef __cplusplus + } + #endif +diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h +index ea59e61..20ffad2 100644 +--- a/crypto/dh/dh.h ++++ b/crypto/dh/dh.h +@@ -118,7 +118,9 @@ struct dh_method + int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ +- ++ int (*compute_key_async)(unsigned char *key,const BIGNUM *pub_key,DH *dh, ++ struct pkc_cookie_s *cookie); ++ int (*generate_key_async)(DH *dh, struct pkc_cookie_s *cookie); + int (*init)(DH *dh); + int (*finish)(DH *dh); + int flags; +diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h +index a6f6d0b..b04a029 100644 +--- a/crypto/dsa/dsa.h ++++ b/crypto/dsa/dsa.h +@@ -140,6 +140,10 @@ struct dsa_method + int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ ++ int (*dsa_do_sign_async)(const unsigned char *dgst, int dlen, DSA *dsa, ++ DSA_SIG *sig, struct pkc_cookie_s *cookie); ++ int (*dsa_do_verify_async)(const unsigned char *dgst, int dgst_len, ++ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie); + int (*init)(DSA *dsa); + int (*finish)(DSA *dsa); + int flags; +@@ -151,6 +155,7 @@ struct dsa_method + BN_GENCB *cb); + /* If this is non-NULL, it is used to generate DSA keys */ + int (*dsa_keygen)(DSA *dsa); ++ int (*dsa_keygen_async)(DSA *dsa, struct pkc_cookie_s *cookie); + }; + + struct dsa_st +diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h +index f6cad6a..adce6b3 100644 +--- a/crypto/ecdh/ech_locl.h ++++ b/crypto/ecdh/ech_locl.h +@@ -67,6 +67,9 @@ struct ecdh_method + const char *name; + int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); ++ int (*compute_key_async)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, ++ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen), ++ struct pkc_cookie_s *cookie); + #if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h +index cb3be13..eb0ebe0 100644 +--- a/crypto/ecdsa/ecs_locl.h ++++ b/crypto/ecdsa/ecs_locl.h +@@ -74,6 +74,11 @@ struct ecdsa_method + BIGNUM **r); + int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, + const ECDSA_SIG *sig, EC_KEY *eckey); ++ int (*ecdsa_do_sign_async)(const unsigned char *dgst, int dgst_len, ++ const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey, ++ ECDSA_SIG *sig, struct pkc_cookie_s *cookie); ++ int (*ecdsa_do_verify_async)(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie); + #if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 7ee314b..9f2416e 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1281,6 +1281,56 @@ zapparams(struct crypt_kop *kop) + } + } + ++/* Any PKC request has at max 2 output parameters and they are stored here to ++be used while copying in the check availability */ ++struct cryptodev_cookie_s { ++ BIGNUM *r; ++ struct crparam r_param; ++ BIGNUM *s; ++ struct crparam s_param; ++ struct crypt_kop *kop; ++}; ++ ++static int ++cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, ++ BIGNUM *s) ++{ ++ int fd; ++ struct pkc_cookie_s *cookie = kop->cookie; ++ struct cryptodev_cookie_s *eng_cookie; ++ ++ fd = *(int *)cookie->eng_handle; ++ ++ eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); ++ ++ if (eng_cookie) { ++ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); ++ if (r) { ++ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; ++ kop->crk_oparams++; ++ eng_cookie->r = r; ++ eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; ++ } ++ if (s) { ++ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams+1].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; ++ kop->crk_oparams++; ++ eng_cookie->s = s; ++ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; ++ } ++ } else ++ return -ENOMEM; ++ ++ eng_cookie->kop = kop; ++ cookie->eng_cookie = eng_cookie; ++ return ioctl(fd, CIOCASYMASYNCRYPT, kop); ++} ++ + static int + cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + { +@@ -1337,6 +1387,44 @@ void *cryptodev_init_instance(void) + return fd; + } + ++#include <poll.h> ++ ++/* Return 0 on success and 1 on failure */ ++int cryptodev_check_availability(void *eng_handle) ++{ ++ int fd = *(int *)eng_handle; ++ struct pkc_cookie_list_s cookie_list; ++ struct pkc_cookie_s *cookie; ++ int i; ++ ++ /* FETCH COOKIE returns number of cookies extracted */ ++ if (ioctl(fd, CIOCASYMFETCHCOOKIE, &cookie_list) <= 0) ++ return 1; ++ ++ for (i = 0; i < cookie_list.cookie_available; i++) { ++ cookie = cookie_list.cookie[i]; ++ if (cookie) { ++ struct cryptodev_cookie_s *eng_cookie = cookie->eng_cookie; ++ if (eng_cookie) { ++ struct crypt_kop *kop = eng_cookie->kop; ++ ++ if (eng_cookie->r) ++ crparam2bn(&eng_cookie->r_param, eng_cookie->r); ++ if (eng_cookie->s) ++ crparam2bn(&eng_cookie->s_param, eng_cookie->s); ++ if (kop->crk_op == CRK_DH_COMPUTE_KEY) ++ kop->crk_oparams = 0; ++ ++ zapparams(eng_cookie->kop); ++ free(eng_cookie->kop); ++ free (eng_cookie); ++ } ++ cookie->pkc_callback(cookie, cookie_list.status[i]); ++ } ++ } ++ return 0; ++} ++ + static int + cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) +@@ -1382,6 +1470,63 @@ err: + } + + static int ++cryptodev_bn_mod_exp_async(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, ++ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1; ++ ++ /* Currently, we know we can do mod exp iff we can do any ++ * asymmetric operations at all. ++ */ ++ if (cryptodev_asymfeat == 0 || !kop) { ++ ret = BN_mod_exp(r, a, p, m, ctx); ++ return (ret); ++ } ++ ++ kop->crk_oparams = 0; ++ kop->crk_status = 0; ++ kop->crk_op = CRK_MOD_EXP; ++ kop->cookie = cookie; ++ /* inputs: a^p % m */ ++ if (bn2crparam(a, &kop->crk_param[0])) ++ goto err; ++ if (bn2crparam(p, &kop->crk_param[1])) ++ goto err; ++ if (bn2crparam(m, &kop->crk_param[2])) ++ goto err; ++ ++ kop->crk_iparams = 3; ++ if (cryptodev_asym_async(kop, BN_num_bytes(m), r, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ++ ++ if (kop) ++ free(kop); ++ ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); ++ if (ret) ++ /* Call the completion handler immediately */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} ++ ++static int ++cryptodev_rsa_nocrt_mod_exp_async(BIGNUM *r0, const BIGNUM *I, ++ RSA *rsa, BN_CTX *ctx, struct pkc_cookie_s *cookie) ++{ ++ int r; ++ ctx = BN_CTX_new(); ++ r = cryptodev_bn_mod_exp_async(r0, I, rsa->d, rsa->n, ctx, NULL, cookie); ++ BN_CTX_free(ctx); ++ return r; ++} ++ ++static int + cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) + { + int r; +@@ -1446,6 +1591,62 @@ err: + return (ret); + } + ++static int ++cryptodev_rsa_mod_exp_async(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx, ++ struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1, f_len, p_len, q_len; ++ unsigned char *f = NULL, *p = NULL, *q = NULL, *dp = NULL, *dq = NULL, *c = NULL; ++ ++ if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp || !kop) { ++ return (0); ++ } ++ ++ kop->crk_oparams = 0; ++ kop->crk_status = 0; ++ kop->crk_op = CRK_MOD_EXP_CRT; ++ f_len = BN_num_bytes(rsa->n); ++ spcf_bn2bin_ex(I, &f, &f_len); ++ spcf_bn2bin(rsa->p, &p, &p_len); ++ spcf_bn2bin(rsa->q, &q, &q_len); ++ spcf_bn2bin_ex(rsa->dmp1, &dp, &p_len); ++ spcf_bn2bin_ex(rsa->iqmp, &c, &p_len); ++ spcf_bn2bin_ex(rsa->dmq1, &dq, &q_len); ++ /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ ++ kop->crk_param[0].crp_p = p; ++ kop->crk_param[0].crp_nbits = p_len * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = f; ++ kop->crk_param[2].crp_nbits = f_len * 8; ++ kop->crk_param[3].crp_p = dp; ++ kop->crk_param[3].crp_nbits = p_len * 8; ++ /* dq must of length q, rest all of length p*/ ++ kop->crk_param[4].crp_p = dq; ++ kop->crk_param[4].crp_nbits = q_len * 8; ++ kop->crk_param[5].crp_p = c; ++ kop->crk_param[5].crp_nbits = p_len * 8; ++ kop->crk_iparams = 6; ++ kop->cookie = cookie; ++ if (cryptodev_asym_async(kop, BN_num_bytes(rsa->n), r0, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ++ ++ if (kop) ++ free(kop); ++ ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); ++ if (ret) ++ /* Call user completion handler immediately */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return (ret); ++} ++ + static RSA_METHOD cryptodev_rsa = { + "cryptodev RSA method", + NULL, /* rsa_pub_enc */ +@@ -1454,6 +1655,12 @@ static RSA_METHOD cryptodev_rsa = { + NULL, /* rsa_priv_dec */ + NULL, + NULL, ++ NULL, /* rsa_pub_enc */ ++ NULL, /* rsa_pub_dec */ ++ NULL, /* rsa_priv_enc */ ++ NULL, /* rsa_priv_dec */ ++ NULL, ++ NULL, + NULL, /* init */ + NULL, /* finish */ + 0, /* flags */ +@@ -1751,126 +1958,424 @@ sw_try: + return ret; + } + ++/* Cryptodev DSA Key Gen routine */ ++static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1, g_len; ++ unsigned char *g = NULL; + ++ if (!kop) ++ goto sw_try; + +-static DSA_METHOD cryptodev_dsa = { +- "cryptodev DSA method", +- NULL, +- NULL, /* dsa_sign_setup */ +- NULL, +- NULL, /* dsa_mod_exp */ +- NULL, +- NULL, /* init */ +- NULL, /* finish */ +- 0, /* flags */ +- NULL /* app_data */ +-}; ++ if (dsa->priv_key == NULL) { ++ if ((dsa->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } + +-static ECDSA_METHOD cryptodev_ecdsa = { +- "cryptodev ECDSA method", +- NULL, +- NULL, /* ecdsa_sign_setup */ +- NULL, +- NULL, +- 0, /* flags */ +- NULL /* app_data */ +-}; ++ if (dsa->pub_key == NULL) { ++ if ((dsa->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } + +-typedef enum ec_curve_s +-{ +- EC_PRIME, +- EC_BINARY +-} ec_curve_t; ++ g_len = BN_num_bytes(dsa->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } + +-/* ENGINE handler for ECDSA Sign */ +-static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, +- int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) +-{ +- BIGNUM *m = NULL, *p = NULL, *a = NULL; +- BIGNUM *b = NULL, *x = NULL, *y = NULL; +- BN_CTX *ctx = NULL; +- ECDSA_SIG *ret = NULL; +- ECDSA_DATA *ecdsa = NULL; +- unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; +- unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; +- int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; +- int g_len = 0, d_len = 0, ab_len = 0; +- const BIGNUM *order = NULL, *priv_key=NULL; +- const EC_GROUP *group = NULL; +- struct crypt_kop kop; +- ec_curve_t ec_crv = EC_PRIME; ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ kop->crk_op = CRK_DSA_GENERATE_KEY; ++ if (bn2crparam(dsa->p, &kop->crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dsa->q, &kop->crk_param[1])) ++ goto sw_try; ++ kop->crk_param[2].crp_p = g; ++ kop->crk_param[2].crp_nbits = g_len * 8; ++ kop->crk_iparams = 3; ++ kop->cookie = cookie; + +- memset(&kop, 0, sizeof(kop)); +- ecdsa = ecdsa_check(eckey); +- if (!ecdsa) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); +- return NULL; ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym_async(kop, BN_num_bytes(dsa->p), dsa->pub_key, ++ BN_num_bytes(dsa->q), dsa->priv_key)) ++ goto sw_try; ++ ++ return ret; ++sw_try: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->dsa_keygen)(dsa); ++ cookie->pkc_callback(cookie, 0); + } ++ return ret; ++} + +- group = EC_KEY_get0_group(eckey); +- priv_key = EC_KEY_get0_private_key(eckey); ++static int ++cryptodev_dsa_do_sign_async(const unsigned char *dgst, int dlen, DSA *dsa, ++ DSA_SIG *sig, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ DSA_SIG *dsaret = NULL; ++ int q_len = 0, r_len = 0, g_len = 0; ++ int priv_key_len = 0, ret = 1; ++ unsigned char *q = NULL, *r = NULL, *g = NULL, *priv_key = NULL, *f = NULL; + +- if (!group || !priv_key) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); +- return NULL; ++ if (((sig->r = BN_new()) == NULL) || !kop) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; + } + +- if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || +- (a = BN_new()) == NULL || (b = BN_new()) == NULL || +- (p = BN_new()) == NULL || (x = BN_new()) == NULL || +- (y = BN_new()) == NULL) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ if ((sig->s = BN_new()) == NULL) { ++ BN_free(sig->r); ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- order = &group->order; +- if (!order || BN_is_zero(order)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } + +- i = BN_num_bits(order); +- /* Need to truncate digest if it is too long: first truncate whole +- bytes */ +- if (8 * dgst_len > i) +- dgst_len = (i + 7)/8; ++ /* Get order of the field of private keys into plain buffer */ ++ if (spcf_bn2bin (dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } + +- if (!BN_bin2bn(dgst, dgst_len, m)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ /* sanity test */ ++ if (dlen > r_len) { ++ DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } + +- /* If still too long truncate remaining bits with a shift */ +- if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- /* copy the truncated bits into plain buffer */ +- if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { +- fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ priv_key_len = r_len; ++ /** ++ * Get private key into a plain buffer. If length is less than ++ * r_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->priv_key, &priv_key, &priv_key_len)) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- ret = ECDSA_SIG_new(); +- if (!ret) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(DSA_F_DSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } + +- /* check if this is prime or binary EC request */ +- if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { +- ec_crv = EC_PRIME; +- /* get the generator point pair */ +- if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), +- x, y,ctx)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); +- goto err; +- } ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); + +- /* get the ECC curve parameters */ +- if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ ++ dlen = r_len; ++ ++ memset(kop, 0, sizeof( struct crypt_kop)); ++ kop->crk_op = CRK_DSA_SIGN; ++ ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop->crk_param[0].crp_p = (void*)f; ++ kop->crk_param[0].crp_nbits = dlen * 8; ++ kop->crk_param[1].crp_p = (void*)q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = (void*)r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = (void*)g; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = (void*)priv_key; ++ kop->crk_param[4].crp_nbits = priv_key_len * 8; ++ kop->crk_iparams = 5; ++ kop->cookie = cookie; ++ ++ if (cryptodev_asym_async(kop, r_len, sig->r, r_len, sig->s)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ BN_free(sig->r); ++ BN_free(sig->s); ++ dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); ++ sig->r = dsaret->r; ++ sig->s = dsaret->s; ++ /* Call user callback immediately */ ++ cookie->pkc_callback(cookie, 0); ++ ret = dsaret; ++ } ++ return ret; ++} ++ ++static int ++cryptodev_dsa_verify_async(const unsigned char *dgst, int dlen, ++ DSA_SIG *sig, DSA *dsa, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int q_len = 0, r_len = 0, g_len = 0; ++ int w_len = 0 ,c_len = 0, d_len = 0, ret = 1; ++ unsigned char * q = NULL, * r = NULL, * w = NULL, * g = NULL; ++ unsigned char *c = NULL, * d = NULL, *f = NULL; ++ ++ if (!kop) ++ goto err; ++ ++ if (spcf_bn2bin(dsa->p, &q, &q_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ return ret; ++ } ++ ++ /* Get Order of field of private keys */ ++ if (spcf_bn2bin(dsa->q, &r, &r_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ g_len = q_len; ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->g, &g, &g_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ w_len = q_len; ++ /** ++ * Get public key into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. ++ */ ++ if (spcf_bn2bin_ex(dsa->pub_key, &w, &w_len)) { ++ DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ ++ /* Sanity test */ ++ if (dlen > r_len) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Allocate memory to store hash. */ ++ f = OPENSSL_malloc (r_len); ++ if (!f) { ++ DSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ if (dlen < r_len) ++ memset(f, 0, r_len - dlen); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dlen, dgst, dlen); ++ ++ dlen = r_len; ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */ ++ kop->crk_param[0].crp_p = (void*)f; ++ kop->crk_param[0].crp_nbits = dlen * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = g; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = w; ++ kop->crk_param[4].crp_nbits = w_len * 8; ++ kop->crk_param[5].crp_p = c; ++ kop->crk_param[5].crp_nbits = c_len * 8; ++ kop->crk_param[6].crp_p = d; ++ kop->crk_param[6].crp_nbits = d_len * 8; ++ kop->crk_iparams = 7; ++ kop->crk_op = CRK_DSA_VERIFY; ++ kop->cookie = cookie; ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const DSA_METHOD *meth = DSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ++ ret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa); ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} ++ ++static DSA_METHOD cryptodev_dsa = { ++ "cryptodev DSA method", ++ NULL, ++ NULL, /* dsa_sign_setup */ ++ NULL, ++ NULL, /* dsa_mod_exp */ ++ NULL, ++ NULL, ++ NULL, ++ NULL, ++ NULL, /* init */ ++ NULL, /* finish */ ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ ++static ECDSA_METHOD cryptodev_ecdsa = { ++ "cryptodev ECDSA method", ++ NULL, ++ NULL, /* ecdsa_sign_setup */ ++ NULL, ++ NULL, ++ NULL, ++ NULL, ++ 0, /* flags */ ++ NULL /* app_data */ ++}; ++ ++typedef enum ec_curve_s ++{ ++ EC_PRIME, ++ EC_BINARY ++} ec_curve_t; ++ ++/* ENGINE handler for ECDSA Sign */ ++static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, ++ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL; ++ BIGNUM *b = NULL, *x = NULL, *y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_SIG *ret = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; ++ unsigned char * s = NULL, *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; ++ int g_len = 0, d_len = 0, ab_len = 0; ++ const BIGNUM *order = NULL, *priv_key=NULL; ++ const EC_GROUP *group = NULL; ++ struct crypt_kop kop; ++ ec_curve_t ec_crv = EC_PRIME; ++ ++ memset(&kop, 0, sizeof(kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ priv_key = EC_KEY_get0_private_key(eckey); ++ ++ if (!group || !priv_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ return NULL; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ goto err; ++ } ++ ++ ret = ECDSA_SIG_new(); ++ if (!ret) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, EC_GROUP_get0_generator(group), ++ x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); + goto err; + } + } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { +@@ -2195,63 +2700,581 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, + } + + /** +- * Get the 2nd part of signature into a flat buffer with +- * appropriate padding ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->s) < r_len) ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len-dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); ++ dgst_len += r_len-dgst_len; ++ kop.crk_op = CRK_DSA_VERIFY; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop.crk_param[0].crp_p = f; ++ kop.crk_param[0].crp_nbits = dgst_len * 8; ++ kop.crk_param[1].crp_p = q; ++ kop.crk_param[1].crp_nbits = q_len * 8; ++ kop.crk_param[2].crp_p = r; ++ kop.crk_param[2].crp_nbits = r_len * 8; ++ kop.crk_param[3].crp_p = g_xy; ++ kop.crk_param[3].crp_nbits = g_len * 8; ++ kop.crk_param[4].crp_p = w_xy; ++ kop.crk_param[4].crp_nbits = pub_key_len * 8; ++ kop.crk_param[5].crp_p = ab; ++ kop.crk_param[5].crp_nbits = ab_len * 8; ++ kop.crk_param[6].crp_p = c; ++ kop.crk_param[6].crp_nbits = d_len * 8; ++ kop.crk_param[7].crp_p = d; ++ kop.crk_param[7].crp_nbits = d_len * 8; ++ kop.crk_iparams = 8; ++ ++ if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { ++ /*OCF success value is 0, if not zero, change ret to fail*/ ++ if(0 == kop.crk_status) ++ ret = 1; ++ } else { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ++ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ } ++ kop.crk_param[0].crp_p = NULL; ++ zapparams(&kop); ++ ++err: ++ return ret; ++} ++ ++static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, ++ int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey, ++ ECDSA_SIG *sig, struct pkc_cookie_s *cookie) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL; ++ BIGNUM *b = NULL, *x = NULL, *y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_SIG *sig_ret = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char * q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL; ++ unsigned char * s = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, priv_key_len = 0, r_len = 0; ++ int g_len = 0, ab_len = 0, ret = 1; ++ const BIGNUM *order = NULL, *priv_key=NULL; ++ const EC_GROUP *group = NULL; ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ ec_curve_t ec_crv = EC_PRIME; ++ ++ if (!(sig->r = BN_new()) || !kop) ++ goto err; ++ if ((sig->s = BN_new()) == NULL) { ++ BN_free(r); ++ goto err; ++ } ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ priv_key = EC_KEY_get0_private_key(eckey); ++ ++ if (!group || !priv_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ fprintf(stderr, "%s:%d: OPENSSL_malloc failec\n", __FUNCTION__, __LINE__); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ++ == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field) { ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else { ++ printf("Unsupported Curve\n"); ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ priv_key_len = r_len; ++ ++ /** ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex(priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points(a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop->curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2*q_len; ++ g_xy = eng_copy_curve_points(x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len - dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len - dgst_len, tmp_dgst, dgst_len); ++ ++ dgst_len += r_len - dgst_len; ++ ++ kop->crk_op = CRK_DSA_SIGN; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop->crk_param[0].crp_p = f; ++ kop->crk_param[0].crp_nbits = dgst_len * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = g_xy; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = s; ++ kop->crk_param[4].crp_nbits = priv_key_len * 8; ++ kop->crk_param[5].crp_p = ab; ++ kop->crk_param[5].crp_nbits = ab_len * 8; ++ kop->crk_iparams = 6; ++ kop->cookie = cookie; ++ ++ if (cryptodev_asym_async(kop, r_len, sig->r , r_len, sig->s)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ BN_free(sig->r); ++ BN_free(sig->s); ++ if (kop) ++ free(kop); ++ sig_ret = (meth->ecdsa_do_sign)(dgst, dgst_len, in_kinv, in_r, eckey); ++ sig->r = sig_ret->r; ++ sig->s = sig_ret->s; ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} ++ ++static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, ++ const ECDSA_SIG *sig, EC_KEY *eckey, struct pkc_cookie_s *cookie) ++{ ++ BIGNUM *m = NULL, *p = NULL, *a = NULL, *b = NULL; ++ BIGNUM *x = NULL, *y = NULL, *w_x = NULL, *w_y = NULL; ++ BN_CTX *ctx = NULL; ++ ECDSA_DATA *ecdsa = NULL; ++ unsigned char *q = NULL, *r = NULL, *ab = NULL, *g_xy = NULL, *w_xy = NULL; ++ unsigned char *c = NULL, *d = NULL, *f = NULL, *tmp_dgst = NULL; ++ int i = 0, q_len = 0, pub_key_len = 0, r_len = 0, c_len = 0, g_len = 0; ++ int d_len = 0, ab_len = 0, ret = 1; ++ const EC_POINT *pub_key = NULL; ++ const BIGNUM *order = NULL; ++ const EC_GROUP *group=NULL; ++ ec_curve_t ec_crv = EC_PRIME; ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ ++ if (!kop) ++ goto err; ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ecdsa = ecdsa_check(eckey); ++ if (!ecdsa) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ group = EC_KEY_get0_group(eckey); ++ pub_key = EC_KEY_get0_public_key(eckey); ++ ++ if (!group || !pub_key) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_PASSED_NULL_PARAMETER); ++ goto err; ++ } ++ ++ if ((ctx = BN_CTX_new()) == NULL || (m = BN_new()) == NULL || ++ (a = BN_new()) == NULL || (b = BN_new()) == NULL || ++ (p = BN_new()) == NULL || (x = BN_new()) == NULL || ++ (y = BN_new()) == NULL || (w_x = BN_new()) == NULL || ++ (w_y = BN_new()) == NULL) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ order = &group->order; ++ if (!order || BN_is_zero(order)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); ++ goto err; ++ } ++ ++ i = BN_num_bits(order); ++ /* Need to truncate digest if it is too long: first truncate whole ++ * bytes */ ++ if (8 * dgst_len > i) ++ dgst_len = (i + 7)/8; ++ ++ if (!BN_bin2bn(dgst, dgst_len, m)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* If still too long truncate remaining bits with a shift */ ++ if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); ++ goto err; ++ } ++ /* copy the truncated bits into plain buffer */ ++ if (spcf_bn2bin(m, &tmp_dgst, &dgst_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* check if this is prime or binary EC request */ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ EC_GROUP_get0_generator(group), x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ } else if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_characteristic_two_field){ ++ ec_crv = EC_BINARY; ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the generator point pair */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group),x, y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ }else { ++ printf("Unsupported Curve\n"); ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); ++ goto err; ++ } ++ ++ /* Get the order of the subgroup of private keys */ ++ if (spcf_bn2bin((BIGNUM*)order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ eng_ec_get_cparam (EC_GROUP_get_curve_name(group), ++ ab+q_len, q_len); ++ kop->curve_type = ECC_BINARY; ++ } ++ ++ /* Calculation of Generator point */ ++ g_len = 2 * q_len; ++ ++ g_xy = eng_copy_curve_points (x, y, g_len, q_len); ++ if (!g_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 1st part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->r) < r_len) ++ c_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->r, &c, &c_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /** ++ * Get the 2nd part of signature into a flat buffer with ++ * appropriate padding ++ */ ++ if (BN_num_bytes(sig->s) < r_len) ++ d_len = r_len; ++ ++ if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* memory for message representative */ ++ f = malloc(r_len); ++ if (!f) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Add padding, since SEC expects hash to of size r_len */ ++ memset(f, 0, r_len-dgst_len); ++ ++ /* Skip leading bytes if dgst_len < r_len */ ++ memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); ++ ++ dgst_len += r_len-dgst_len; ++ ++ kop->crk_op = CRK_DSA_VERIFY; ++ /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ ++ kop->crk_param[0].crp_p = f; ++ kop->crk_param[0].crp_nbits = dgst_len * 8; ++ kop->crk_param[1].crp_p = q; ++ kop->crk_param[1].crp_nbits = q_len * 8; ++ kop->crk_param[2].crp_p = r; ++ kop->crk_param[2].crp_nbits = r_len * 8; ++ kop->crk_param[3].crp_p = g_xy; ++ kop->crk_param[3].crp_nbits = g_len * 8; ++ kop->crk_param[4].crp_p = w_xy; ++ kop->crk_param[4].crp_nbits = pub_key_len * 8; ++ kop->crk_param[5].crp_p = ab; ++ kop->crk_param[5].crp_nbits = ab_len * 8; ++ kop->crk_param[6].crp_p = c; ++ kop->crk_param[6].crp_nbits = d_len * 8; ++ kop->crk_param[7].crp_p = d; ++ kop->crk_param[7].crp_nbits = d_len * 8; ++ kop->crk_iparams = 8; ++ kop->cookie = cookie; ++ ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return ret; ++err: ++ { ++ const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ cookie->pkc_callback(cookie, 0); ++ } ++ ++ return ret; ++} ++ ++/* Cryptodev DH Key Gen routine */ ++static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1, g_len; ++ unsigned char *g = NULL; ++ ++ if (!kop) ++ goto sw_try; ++ ++ if (dh->priv_key == NULL) { ++ if ((dh->priv_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ if (dh->pub_key == NULL) { ++ if ((dh->pub_key=BN_new()) == NULL) ++ goto sw_try; ++ } ++ ++ g_len = BN_num_bytes(dh->p); ++ /** ++ * Get generator into a plain buffer. If length is less than ++ * q_len then add leading padding bytes. + */ +- if (BN_num_bytes(sig->s) < r_len) +- d_len = r_len; +- +- if (spcf_bn2bin_ex(sig->s, &d, &d_len)) { +- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); +- goto err; +- } +- +- /* memory for message representative */ +- f = malloc(r_len); +- if (!f) { +- ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); +- goto err; ++ if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; + } + +- /* Add padding, since SEC expects hash to of size r_len */ +- memset(f, 0, r_len-dgst_len); ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ kop->crk_op = CRK_DH_GENERATE_KEY; ++ if (bn2crparam(dh->p, &kop->crk_param[0])) ++ goto sw_try; ++ if (bn2crparam(dh->q, &kop->crk_param[1])) ++ goto sw_try; ++ kop->crk_param[2].crp_p = g; ++ kop->crk_param[2].crp_nbits = g_len * 8; ++ kop->crk_iparams = 3; ++ kop->cookie = cookie; + +- /* Skip leading bytes if dgst_len < r_len */ +- memcpy(f + r_len-dgst_len, tmp_dgst, dgst_len); +- dgst_len += r_len-dgst_len; +- kop.crk_op = CRK_DSA_VERIFY; +- /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */ +- kop.crk_param[0].crp_p = f; +- kop.crk_param[0].crp_nbits = dgst_len * 8; +- kop.crk_param[1].crp_p = q; +- kop.crk_param[1].crp_nbits = q_len * 8; +- kop.crk_param[2].crp_p = r; +- kop.crk_param[2].crp_nbits = r_len * 8; +- kop.crk_param[3].crp_p = g_xy; +- kop.crk_param[3].crp_nbits = g_len * 8; +- kop.crk_param[4].crp_p = w_xy; +- kop.crk_param[4].crp_nbits = pub_key_len * 8; +- kop.crk_param[5].crp_p = ab; +- kop.crk_param[5].crp_nbits = ab_len * 8; +- kop.crk_param[6].crp_p = c; +- kop.crk_param[6].crp_nbits = d_len * 8; +- kop.crk_param[7].crp_p = d; +- kop.crk_param[7].crp_nbits = d_len * 8; +- kop.crk_iparams = 8; ++ /* pub_key is or prime length while priv key is of length of order */ ++ if (cryptodev_asym_async(kop, BN_num_bytes(dh->p), dh->pub_key, ++ BN_num_bytes(dh->q), dh->priv_key)) ++ goto sw_try; + +- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { +- /*OCF success value is 0, if not zero, change ret to fail*/ +- if(0 == kop.crk_status) +- ret = 1; +- } else { +- const ECDSA_METHOD *meth = ECDSA_OpenSSL(); ++ return ret; ++sw_try: ++ { ++ const DH_METHOD *meth = DH_OpenSSL(); + +- ret = (meth->ecdsa_do_verify)(dgst, dgst_len, sig, eckey); ++ if (kop) ++ free(kop); ++ ret = (meth->generate_key)(dh); ++ cookie->pkc_callback(cookie, 0); + } +- kop.crk_param[0].crp_p = NULL; +- zapparams(&kop); +- +-err: + return ret; + } + +@@ -2360,6 +3383,54 @@ sw_try: + return (dhret); + } + ++/* Return Length if successful and 0 on failure */ ++static int ++cryptodev_dh_compute_key_async(unsigned char *key, const BIGNUM *pub_key, ++ DH *dh, struct pkc_cookie_s *cookie) ++{ ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ int ret = 1; ++ int fd, p_len; ++ unsigned char *padded_pub_key = NULL, *p = NULL; ++ ++ fd = *(int *)cookie->eng_handle; ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ kop->crk_op = CRK_DH_COMPUTE_KEY; ++ /* inputs: dh->priv_key pub_key dh->p key */ ++ spcf_bn2bin(dh->p, &p, &p_len); ++ spcf_bn2bin_ex(pub_key, &padded_pub_key, &p_len); ++ ++ if (bn2crparam(dh->priv_key, &kop->crk_param[0])) ++ goto err; ++ kop->crk_param[1].crp_p = padded_pub_key; ++ kop->crk_param[1].crp_nbits = p_len * 8; ++ kop->crk_param[2].crp_p = p; ++ kop->crk_param[2].crp_nbits = p_len * 8; ++ kop->crk_iparams = 3; ++ ++ kop->cookie = cookie; ++ kop->crk_param[3].crp_p = (void*) key; ++ kop->crk_param[3].crp_nbits = p_len * 8; ++ kop->crk_oparams = 1; ++ ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return p_len; ++err: ++ { ++ const DH_METHOD *meth = DH_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->compute_key)(key, pub_key, dh); ++ /* Call user cookie handler */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return (ret); ++} ++ + int cryptodev_ecdh_compute_key(void *out, size_t outlen, + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen)) +@@ -2537,6 +3608,190 @@ err: + return ret; + } + ++int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, ++ const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, ++ void *out, size_t *outlen), struct pkc_cookie_s *cookie) ++{ ++ ec_curve_t ec_crv = EC_PRIME; ++ unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; ++ BIGNUM * w_x = NULL, *w_y = NULL; ++ int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; ++ BIGNUM * p = NULL, *a = NULL, *b = NULL; ++ BN_CTX *ctx; ++ EC_POINT *tmp=NULL; ++ BIGNUM *x=NULL, *y=NULL; ++ const BIGNUM *priv_key; ++ const EC_GROUP* group = NULL; ++ int ret = 1; ++ size_t buflen, len; ++ struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); ++ ++ if (!(ctx = BN_CTX_new()) || !kop) ++ goto err; ++ ++ memset(kop, 0, sizeof(struct crypt_kop)); ++ ++ BN_CTX_start(ctx); ++ x = BN_CTX_get(ctx); ++ y = BN_CTX_get(ctx); ++ p = BN_CTX_get(ctx); ++ a = BN_CTX_get(ctx); ++ b = BN_CTX_get(ctx); ++ w_x = BN_CTX_get(ctx); ++ w_y = BN_CTX_get(ctx); ++ ++ if (!x || !y || !p || !a || !b || !w_x || !w_y) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ priv_key = EC_KEY_get0_private_key(ecdh); ++ if (priv_key == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); ++ goto err; ++ } ++ ++ group = EC_KEY_get0_group(ecdh); ++ if ((tmp=EC_POINT_new(group)) == NULL) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == ++ NID_X9_62_prime_field) { ++ ec_crv = EC_PRIME; ++ ++ if (!EC_POINT_get_affine_coordinates_GFp(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for prime curve */ ++ if (!EC_POINT_get_affine_coordinates_GFp (group, pub_key, w_x, w_y,ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ } else { ++ ec_crv = EC_BINARY; ++ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ EC_GROUP_get0_generator(group), x, y, ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); ++ goto err; ++ } ++ ++ /* get the ECC curve parameters */ ++ if (!EC_GROUP_get_curve_GF2m(group, p, a, b , ctx)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* get the public key pair for binary curve */ ++ if (!EC_POINT_get_affine_coordinates_GF2m(group, ++ pub_key, w_x, w_y,ctx)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); ++ goto err; ++ } ++ } ++ ++ /* irreducible polynomial that creates the field */ ++ if (spcf_bn2bin((BIGNUM*)&group->order, &r, &r_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Get the irreducible polynomial that creates the field */ ++ if (spcf_bn2bin(p, &q, &q_len)) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ /* Get the public key into a flat buffer with appropriate padding */ ++ pub_key_len = 2 * q_len; ++ w_xy = eng_copy_curve_points (w_x, w_y, pub_key_len, q_len); ++ if (!w_xy) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ /* Generation of ECC curve parameters */ ++ ab_len = 2*q_len; ++ ab = eng_copy_curve_points (a, b, ab_len, q_len); ++ if (!ab) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); ++ goto err; ++ } ++ ++ if (ec_crv == EC_BINARY) { ++ /* copy b' i.e c(b), instead of only b */ ++ if (eng_ec_get_cparam(EC_GROUP_get_curve_name(group), ab+q_len, q_len)) ++ { ++ unsigned char *c_temp = NULL; ++ int c_temp_len = q_len; ++ if (eng_ec_compute_cparam(b, p, &c_temp, &c_temp_len)) ++ memcpy(ab+q_len, c_temp, q_len); ++ else ++ goto err; ++ } ++ kop->curve_type = ECC_BINARY; ++ } else ++ kop->curve_type = ECC_PRIME; ++ ++ priv_key_len = r_len; ++ ++ /* ++ * If BN_num_bytes of priv_key returns less then r_len then ++ * add padding bytes before the key ++ */ ++ if (spcf_bn2bin_ex((BIGNUM *)priv_key, &s, &priv_key_len)) { ++ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); ++ goto err; ++ } ++ ++ buflen = (EC_GROUP_get_degree(group) + 7)/8; ++ len = BN_num_bytes(x); ++ if (len > buflen || q_len < buflen) { ++ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); ++ goto err; ++ } ++ ++ kop->crk_op = CRK_DH_COMPUTE_KEY; ++ kop->crk_param[0].crp_p = (void *) s; ++ kop->crk_param[0].crp_nbits = priv_key_len*8; ++ kop->crk_param[1].crp_p = (void *) w_xy; ++ kop->crk_param[1].crp_nbits = pub_key_len*8; ++ kop->crk_param[2].crp_p = (void *) q; ++ kop->crk_param[2].crp_nbits = q_len*8; ++ kop->crk_param[3].crp_p = (void *) ab; ++ kop->crk_param[3].crp_nbits = ab_len*8; ++ kop->crk_iparams = 4; ++ kop->crk_param[4].crp_p = (void *) out; ++ kop->crk_param[4].crp_nbits = q_len*8; ++ kop->crk_oparams = 1; ++ kop->cookie = cookie; ++ if (cryptodev_asym_async(kop, 0, NULL, 0, NULL)) ++ goto err; ++ ++ return q_len; ++err: ++ { ++ const ECDH_METHOD *meth = ECDH_OpenSSL(); ++ ++ if (kop) ++ free(kop); ++ ret = (meth->compute_key)(out, outlen, pub_key, ecdh, KDF); ++ /* Call user cookie handler */ ++ cookie->pkc_callback(cookie, 0); ++ } ++ return ret; ++} + + static DH_METHOD cryptodev_dh = { + "cryptodev DH method", +@@ -2545,6 +3800,8 @@ static DH_METHOD cryptodev_dh = { + NULL, + NULL, + NULL, ++ NULL, ++ NULL, + 0, /* flags */ + NULL /* app_data */ + }; +@@ -2553,6 +3810,7 @@ static ECDH_METHOD cryptodev_ecdh = { + "cryptodev ECDH method", + NULL, /* cryptodev_ecdh_compute_key */ + NULL, ++ NULL, + 0, /* flags */ + NULL /* app_data */ + }; +@@ -2625,12 +3883,19 @@ ENGINE_load_cryptodev(void) + cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; +- if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) ++ cryptodev_rsa.bn_mod_exp_async = ++ cryptodev_bn_mod_exp_async; ++ if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) { + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_mod_exp; +- else ++ cryptodev_rsa.rsa_mod_exp_async = ++ cryptodev_rsa_mod_exp_async; ++ } else { + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_nocrt_mod_exp; ++ cryptodev_rsa.rsa_mod_exp_async = ++ cryptodev_rsa_nocrt_mod_exp_async; ++ } + } + } + +@@ -2638,12 +3903,21 @@ ENGINE_load_cryptodev(void) + const DSA_METHOD *meth = DSA_OpenSSL(); + + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); +- if (cryptodev_asymfeat & CRF_DSA_SIGN) ++ if (cryptodev_asymfeat & CRF_DSA_SIGN) { + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; +- if (cryptodev_asymfeat & CRF_DSA_VERIFY) ++ cryptodev_dsa.dsa_do_sign_async = ++ cryptodev_dsa_do_sign_async; ++ } ++ if (cryptodev_asymfeat & CRF_DSA_VERIFY) { + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; +- if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) ++ cryptodev_dsa.dsa_do_verify_async = ++ cryptodev_dsa_verify_async; ++ } ++ if (cryptodev_asymfeat & CRF_DSA_GENERATE_KEY) { + cryptodev_dsa.dsa_keygen = cryptodev_dsa_keygen; ++ cryptodev_dsa.dsa_keygen_async = ++ cryptodev_dsa_keygen_async; ++ } + } + + if (ENGINE_set_DH(engine, &cryptodev_dh)){ +@@ -2652,10 +3926,15 @@ ENGINE_load_cryptodev(void) + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { + cryptodev_dh.compute_key = + cryptodev_dh_compute_key; ++ cryptodev_dh.compute_key_async = ++ cryptodev_dh_compute_key_async; + } + if (cryptodev_asymfeat & CRF_DH_GENERATE_KEY) { + cryptodev_dh.generate_key = + cryptodev_dh_keygen; ++ cryptodev_dh.generate_key_async = ++ cryptodev_dh_keygen_async; ++ + } + } + +@@ -2664,10 +3943,14 @@ ENGINE_load_cryptodev(void) + memcpy(&cryptodev_ecdsa, meth, sizeof(ECDSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) { + cryptodev_ecdsa.ecdsa_do_sign = cryptodev_ecdsa_do_sign; ++ cryptodev_ecdsa.ecdsa_do_sign_async = ++ cryptodev_ecdsa_do_sign_async; + } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) { + cryptodev_ecdsa.ecdsa_do_verify = + cryptodev_ecdsa_verify; ++ cryptodev_ecdsa.ecdsa_do_verify_async = ++ cryptodev_ecdsa_verify_async; + } + } + +@@ -2676,9 +3959,16 @@ ENGINE_load_cryptodev(void) + memcpy(&cryptodev_ecdh, ecdh_meth, sizeof(ECDH_METHOD)); + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) { + cryptodev_ecdh.compute_key = cryptodev_ecdh_compute_key; ++ cryptodev_ecdh.compute_key_async = ++ cryptodev_ecdh_compute_key_async; + } + } + ++ ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); ++ ENGINE_set_close_instance(engine, cryptodev_close_instance); ++ ENGINE_set_init_instance(engine, cryptodev_init_instance); ++ ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); ++ + ENGINE_add(engine); + ENGINE_free(engine); + ERR_clear_error(); +diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h +index 451ef8f..8fc3077 100644 +--- a/crypto/engine/eng_int.h ++++ b/crypto/engine/eng_int.h +@@ -181,7 +181,29 @@ struct engine_st + ENGINE_LOAD_KEY_PTR load_pubkey; + + ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; +- ++ /* ++ * Instantiate Engine handle to be passed in check_pkc_availability ++ * Ensure that Engine is instantiated before any pkc asynchronous call. ++ */ ++ void *(*engine_init_instance)(void); ++ /* ++ * Instantiated Engine handle will be closed with this call. ++ * Ensure that no pkc asynchronous call is made after this call ++ */ ++ void (*engine_close_instance)(void *handle); ++ /* ++ * Check availability will extract the data from kernel. ++ * eng_handle: This is the Engine handle corresponds to which ++ * the cookies needs to be polled. ++ * return 0 if cookie available else 1 ++ */ ++ int (*check_pkc_availability)(void *eng_handle); ++ /* ++ * The following map is used to check if the engine supports asynchronous implementation ++ * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous ++ * implementation need to check this features using "int ENGINE_get_async_map(engine *)"; ++ */ ++ int async_map; + const ENGINE_CMD_DEFN *cmd_defns; + int flags; + /* reference count on the structure itself */ +diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c +index 18a6664..6fa621c 100644 +--- a/crypto/engine/eng_lib.c ++++ b/crypto/engine/eng_lib.c +@@ -98,7 +98,11 @@ void engine_set_all_null(ENGINE *e) + e->ctrl = NULL; + e->load_privkey = NULL; + e->load_pubkey = NULL; ++ e->check_pkc_availability = NULL; ++ e->engine_init_instance = NULL; ++ e->engine_close_instance = NULL; + e->cmd_defns = NULL; ++ e->async_map = 0; + e->flags = 0; + } + +@@ -233,6 +237,48 @@ int ENGINE_set_id(ENGINE *e, const char *id) + return 1; + } + ++void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) ++ { ++ e->engine_init_instance = engine_init_instance; ++ } ++ ++void ENGINE_set_close_instance(ENGINE *e, ++ void (*engine_close_instance)(void *)) ++ { ++ e->engine_close_instance = engine_close_instance; ++ } ++ ++void ENGINE_set_async_map(ENGINE *e, int async_map) ++ { ++ e->async_map = async_map; ++ } ++ ++void *ENGINE_init_instance(ENGINE *e) ++ { ++ return e->engine_init_instance(); ++ } ++ ++void ENGINE_close_instance(ENGINE *e, void *eng_handle) ++ { ++ e->engine_close_instance(eng_handle); ++ } ++ ++int ENGINE_get_async_map(ENGINE *e) ++ { ++ return e->async_map; ++ } ++ ++void ENGINE_set_check_pkc_availability(ENGINE *e, ++ int (*check_pkc_availability)(void *eng_handle)) ++ { ++ e->check_pkc_availability = check_pkc_availability; ++ } ++ ++int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) ++ { ++ return e->check_pkc_availability(eng_handle); ++ } ++ + int ENGINE_set_name(ENGINE *e, const char *name) + { + if(name == NULL) +diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h +index 237a6c9..ccff86a 100644 +--- a/crypto/engine/engine.h ++++ b/crypto/engine/engine.h +@@ -473,6 +473,30 @@ ENGINE *ENGINE_new(void); + int ENGINE_free(ENGINE *e); + int ENGINE_up_ref(ENGINE *e); + int ENGINE_set_id(ENGINE *e, const char *id); ++void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); ++void ENGINE_set_close_instance(ENGINE *e, ++ void (*engine_free_instance)(void *)); ++/* ++ * Following FLAGS are bitmap store in async_map to set asynchronous interface capability ++ *of the engine ++ */ ++#define ENGINE_RSA_ASYNC 0x0001 ++#define ENGINE_DSA_ASYNC 0x0002 ++#define ENGINE_DH_ASYNC 0x0004 ++#define ENGINE_ECDSA_ASYNC 0x0008 ++#define ENGINE_ECDH_ASYNC 0x0010 ++#define ENGINE_ALLPKC_ASYNC 0x001F ++/* Engine implementation will set the bitmap based on above flags using following API */ ++void ENGINE_set_async_map(ENGINE *e, int async_map); ++ /* Application need to check the bitmap based on above flags using following API ++ * to confirm asynchronous methods supported ++ */ ++int ENGINE_get_async_map(ENGINE *e); ++void *ENGINE_init_instance(ENGINE *e); ++void ENGINE_close_instance(ENGINE *e, void *eng_handle); ++void ENGINE_set_check_pkc_availability(ENGINE *e, ++ int (*check_pkc_availability)(void *eng_handle)); ++int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); + int ENGINE_set_name(ENGINE *e, const char *name); + int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); + int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h +index 5f269e5..6ef1b15 100644 +--- a/crypto/rsa/rsa.h ++++ b/crypto/rsa/rsa.h +@@ -101,6 +101,29 @@ struct rsa_meth_st + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ ++ /* ++ * Cookie in the following _async variant must be allocated before ++ * submission and can be freed once its corresponding callback ++ * handler is called ++ */ ++ int (*rsa_pub_enc_asyn)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_pub_dec_async)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_priv_enc_async)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_priv_dec_async)(int flen,const unsigned char *from, ++ unsigned char *to, RSA *rsa, int padding, ++ struct pkc_cookie_s *cookie); ++ int (*rsa_mod_exp_async)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, ++ BN_CTX *ctx, struct pkc_cookie_s *cookie); ++ int (*bn_mod_exp_async)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, ++ const BIGNUM *m, BN_CTX *ctx, ++ BN_MONT_CTX *m_ctx, struct pkc_cookie_s *cookie); ++ + int (*init)(RSA *rsa); /* called at new */ + int (*finish)(RSA *rsa); /* called at free */ + int flags; /* RSA_METHOD_FLAG_* things */ +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch b/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch new file mode 100644 index 00000000..244d230e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0011-Add-RSA-keygen-operation-and-support-gendsa-command-.patch @@ -0,0 +1,153 @@ +From e4fc051f8ae1c093b25ca346c2ec351ff3b700d1 Mon Sep 17 00:00:00 2001 +From: Hou Zhiqiang <B48286@freescale.com> +Date: Wed, 2 Apr 2014 16:10:43 +0800 +Subject: [PATCH 11/26] Add RSA keygen operation and support gendsa command + with hardware engine + +Upstream-status: Pending + +Signed-off-by: Hou Zhiqiang <B48286@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 118 ++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 118 insertions(+) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 9f2416e..b2919a8 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1906,6 +1906,121 @@ err: + return dsaret; + } + ++/* Cryptodev RSA Key Gen routine */ ++static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) ++{ ++ struct crypt_kop kop; ++ int ret, fd; ++ int p_len, q_len; ++ int i; ++ ++ if ((fd = get_asym_dev_crypto()) < 0) ++ return fd; ++ ++ if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; ++ if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; ++ if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; ++ if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; ++ if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; ++ if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; ++ if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; ++ if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; ++ ++ BN_copy(rsa->e, e); ++ ++ p_len = (bits+1) / (2 * 8); ++ q_len = (bits - p_len * 8) / 8; ++ memset(&kop, 0, sizeof kop); ++ kop.crk_op = CRK_RSA_GENERATE_KEY; ++ ++ /* p length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* q length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* n length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = bits; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0x00, p_len + q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* d length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = bits; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* dp1 length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* dq1 length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ /* i length */ ++ kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); ++ if (!kop.crk_param[kop.crk_iparams].crp_p) ++ goto err; ++ kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; ++ memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); ++ kop.crk_iparams++; ++ kop.crk_oparams++; ++ ++ if (ioctl(fd, CIOCKEY, &kop) == 0) { ++ BN_bin2bn(kop.crk_param[0].crp_p, ++ p_len, rsa->p); ++ BN_bin2bn(kop.crk_param[1].crp_p, ++ q_len, rsa->q); ++ BN_bin2bn(kop.crk_param[2].crp_p, ++ bits / 8, rsa->n); ++ BN_bin2bn(kop.crk_param[3].crp_p, ++ bits / 8, rsa->d); ++ BN_bin2bn(kop.crk_param[4].crp_p, ++ p_len, rsa->dmp1); ++ BN_bin2bn(kop.crk_param[5].crp_p, ++ q_len, rsa->dmq1); ++ BN_bin2bn(kop.crk_param[6].crp_p, ++ p_len, rsa->iqmp); ++ return 1; ++ } ++sw_try: ++ { ++ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ++ ret = (meth->rsa_keygen)(rsa, bits, e, cb); ++ } ++ return ret; ++ ++err: ++ for (i = 0; i < CRK_MAXPARAM; i++) ++ free(kop.crk_param[i].crp_p); ++ return 0; ++ ++} ++ + /* Cryptodev DSA Key Gen routine */ + static int cryptodev_dsa_keygen(DSA *dsa) + { +@@ -3896,6 +4011,9 @@ ENGINE_load_cryptodev(void) + cryptodev_rsa.rsa_mod_exp_async = + cryptodev_rsa_nocrt_mod_exp_async; + } ++ if (cryptodev_asymfeat & CRF_RSA_GENERATE_KEY) ++ cryptodev_rsa.rsa_keygen = ++ cryptodev_rsa_keygen; + } + } + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch b/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch new file mode 100644 index 00000000..7f907da4 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0012-RSA-Keygen-Fix.patch @@ -0,0 +1,64 @@ +From ac777f046da7151386d667391362ecb553ceee90 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Wed, 16 Apr 2014 22:53:04 +0545 +Subject: [PATCH 12/26] RSA Keygen Fix + +Upstream-status: Pending + +If Kernel driver doesn't support RSA Keygen or same returns +error handling the keygen operation, the keygen is gracefully +handled by software supported rsa_keygen handler + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index b2919a8..ed5f20f 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1915,7 +1915,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + int i; + + if ((fd = get_asym_dev_crypto()) < 0) +- return fd; ++ goto sw_try; + + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; + if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; +@@ -1936,7 +1936,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + /* p length */ + kop.crk_param[kop.crk_iparams].crp_p = calloc(p_len + 1, sizeof(char)); + if (!kop.crk_param[kop.crk_iparams].crp_p) +- goto err; ++ goto sw_try; + kop.crk_param[kop.crk_iparams].crp_nbits = p_len * 8; + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, p_len + 1); + kop.crk_iparams++; +@@ -1944,7 +1944,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + /* q length */ + kop.crk_param[kop.crk_iparams].crp_p = calloc(q_len + 1, sizeof(char)); + if (!kop.crk_param[kop.crk_iparams].crp_p) +- goto err; ++ goto sw_try; + kop.crk_param[kop.crk_iparams].crp_nbits = q_len * 8; + memset(kop.crk_param[kop.crk_iparams].crp_p, 0xff, q_len + 1); + kop.crk_iparams++; +@@ -2009,8 +2009,10 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + } + sw_try: + { +- const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); +- ret = (meth->rsa_keygen)(rsa, bits, e, cb); ++ const RSA_METHOD *meth = rsa->meth; ++ rsa->meth = RSA_PKCS1_SSLeay(); ++ ret = RSA_generate_key_ex(rsa, bits, e, cb); ++ rsa->meth = meth; + } + return ret; + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch b/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch new file mode 100644 index 00000000..c9d8ace8 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0013-Removed-local-copy-of-curve_t-type.patch @@ -0,0 +1,164 @@ +From 6aaa306cdf878250d7b6eaf30978de313653886b Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Thu, 17 Apr 2014 06:57:59 +0545 +Subject: [PATCH 13/26] Removed local copy of curve_t type + +Upstream-status: Pending + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 34 ++++++++++++++-------------------- + crypto/engine/eng_cryptodev_ec.h | 7 ------- + 2 files changed, 14 insertions(+), 27 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index ed5f20f..5d883fa 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -2398,12 +2398,6 @@ static ECDSA_METHOD cryptodev_ecdsa = { + NULL /* app_data */ + }; + +-typedef enum ec_curve_s +-{ +- EC_PRIME, +- EC_BINARY +-} ec_curve_t; +- + /* ENGINE handler for ECDSA Sign */ + static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, + int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) +@@ -2420,7 +2414,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, + const BIGNUM *order = NULL, *priv_key=NULL; + const EC_GROUP *group = NULL; + struct crypt_kop kop; +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + + memset(&kop, 0, sizeof(kop)); + ecdsa = ecdsa_check(eckey); +@@ -2553,7 +2547,7 @@ static ECDSA_SIG *cryptodev_ecdsa_do_sign( const unsigned char *dgst, + else + goto err; + } +- kop.curve_type = ECC_BINARY; ++ kop.curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -2647,7 +2641,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, + const EC_POINT *pub_key = NULL; + const BIGNUM *order = NULL; + const EC_GROUP *group=NULL; +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + struct crypt_kop kop; + + memset(&kop, 0, sizeof kop); +@@ -2792,7 +2786,7 @@ static int cryptodev_ecdsa_verify(const unsigned char *dgst, int dgst_len, + else + goto err; + } +- kop.curve_type = ECC_BINARY; ++ kop.curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -2893,7 +2887,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, + const BIGNUM *order = NULL, *priv_key=NULL; + const EC_GROUP *group = NULL; + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + + if (!(sig->r = BN_new()) || !kop) + goto err; +@@ -3029,7 +3023,7 @@ static int cryptodev_ecdsa_do_sign_async( const unsigned char *dgst, + else + goto err; + } +- kop->curve_type = ECC_BINARY; ++ kop->curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -3105,7 +3099,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, + const EC_POINT *pub_key = NULL; + const BIGNUM *order = NULL; + const EC_GROUP *group=NULL; +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + struct crypt_kop *kop = malloc(sizeof(struct crypt_kop)); + + if (!kop) +@@ -3247,7 +3241,7 @@ static int cryptodev_ecdsa_verify_async(const unsigned char *dgst, int dgst_len, + /* copy b' i.e c(b), instead of only b */ + eng_ec_get_cparam (EC_GROUP_get_curve_name(group), + ab+q_len, q_len); +- kop->curve_type = ECC_BINARY; ++ kop->curve_type = EC_BINARY; + } + + /* Calculation of Generator point */ +@@ -3552,7 +3546,7 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen)) + { +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; + BIGNUM * w_x = NULL, *w_y = NULL; + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; +@@ -3678,9 +3672,9 @@ int cryptodev_ecdh_compute_key(void *out, size_t outlen, + else + goto err; + } +- kop.curve_type = ECC_BINARY; ++ kop.curve_type = EC_BINARY; + } else +- kop.curve_type = ECC_PRIME; ++ kop.curve_type = EC_PRIME; + + priv_key_len = r_len; + +@@ -3729,7 +3723,7 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, + const EC_POINT *pub_key, EC_KEY *ecdh, void *(*KDF)(const void *in, size_t inlen, + void *out, size_t *outlen), struct pkc_cookie_s *cookie) + { +- ec_curve_t ec_crv = EC_PRIME; ++ enum ec_curve_t ec_crv = EC_PRIME; + unsigned char * q = NULL, *w_xy = NULL, *ab = NULL, *s = NULL, *r = NULL; + BIGNUM * w_x = NULL, *w_y = NULL; + int q_len = 0, ab_len = 0, pub_key_len = 0, r_len = 0, priv_key_len = 0; +@@ -3857,9 +3851,9 @@ int cryptodev_ecdh_compute_key_async(void *out, size_t outlen, + else + goto err; + } +- kop->curve_type = ECC_BINARY; ++ kop->curve_type = EC_BINARY; + } else +- kop->curve_type = ECC_PRIME; ++ kop->curve_type = EC_PRIME; + + priv_key_len = r_len; + +diff --git a/crypto/engine/eng_cryptodev_ec.h b/crypto/engine/eng_cryptodev_ec.h +index 77aee71..a4b8da5 100644 +--- a/crypto/engine/eng_cryptodev_ec.h ++++ b/crypto/engine/eng_cryptodev_ec.h +@@ -286,11 +286,4 @@ static inline unsigned char *eng_copy_curve_points(BIGNUM * x, BIGNUM * y, + + return xy; + } +- +-enum curve_t { +- DISCRETE_LOG, +- ECC_PRIME, +- ECC_BINARY, +- MAX_ECC_TYPE +-}; + #endif +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch b/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch new file mode 100644 index 00000000..198bed70 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0014-Modulus-parameter-is-not-populated-by-dhparams.patch @@ -0,0 +1,43 @@ +From 14623ca9e417ccef1ad3f4138acfac0ebe682f1f Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Tue, 22 Apr 2014 22:58:33 +0545 +Subject: [PATCH 14/26] Modulus parameter is not populated by dhparams + +Upstream-status: Pending + +When dhparams are created, modulus parameter required for +private key generation is not populated. So, falling back +to software for proper population of modulus parameters followed +by private key generation + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 5d883fa..6d69336 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -3364,7 +3364,7 @@ static int cryptodev_dh_keygen_async(DH *dh, struct pkc_cookie_s *cookie) + kop->crk_op = CRK_DH_GENERATE_KEY; + if (bn2crparam(dh->p, &kop->crk_param[0])) + goto sw_try; +- if (bn2crparam(dh->q, &kop->crk_param[1])) ++ if (!dh->q || bn2crparam(dh->q, &kop->crk_param[1])) + goto sw_try; + kop->crk_param[2].crp_p = g; + kop->crk_param[2].crp_nbits = g_len * 8; +@@ -3419,7 +3419,7 @@ static int cryptodev_dh_keygen(DH *dh) + kop.crk_op = CRK_DH_GENERATE_KEY; + if (bn2crparam(dh->p, &kop.crk_param[0])) + goto sw_try; +- if (bn2crparam(dh->q, &kop.crk_param[1])) ++ if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) + goto sw_try; + kop.crk_param[2].crp_p = g; + kop.crk_param[2].crp_nbits = g_len * 8; +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch b/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch new file mode 100644 index 00000000..59330a1e --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0015-SW-Backoff-mechanism-for-dsa-keygen.patch @@ -0,0 +1,53 @@ +From 10be401a33e6ebcc325d6747914c70595cd53d0a Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Thu, 24 Apr 2014 00:35:34 +0545 +Subject: [PATCH 15/26] SW Backoff mechanism for dsa keygen + +Upstream-status: Pending + +DSA Keygen is not handled in default openssl dsa method. Due to +same null function pointer in SW DSA method, the backoff for dsa +keygen gives segmentation fault. + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 6d69336..dab8fea 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -2069,8 +2069,10 @@ static int cryptodev_dsa_keygen(DSA *dsa) + return ret; + sw_try: + { +- const DSA_METHOD *meth = DSA_OpenSSL(); +- ret = (meth->dsa_keygen)(dsa); ++ const DSA_METHOD *meth = dsa->meth; ++ dsa->meth = DSA_OpenSSL(); ++ ret = DSA_generate_key(dsa); ++ dsa->meth = meth; + } + return ret; + } +@@ -2124,11 +2126,13 @@ static int cryptodev_dsa_keygen_async(DSA *dsa, struct pkc_cookie_s *cookie) + return ret; + sw_try: + { +- const DSA_METHOD *meth = DSA_OpenSSL(); ++ const DSA_METHOD *meth = dsa->meth; + ++ dsa->meth = DSA_OpenSSL(); + if (kop) + free(kop); +- ret = (meth->dsa_keygen)(dsa); ++ ret = DSA_generate_key(dsa); ++ dsa->meth = meth; + cookie->pkc_callback(cookie, 0); + } + return ret; +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch new file mode 100644 index 00000000..8923cb63 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0016-Fixed-DH-keygen-pair-generator.patch @@ -0,0 +1,100 @@ +From d2c868c6370bcc0d0a254e641907da2cdf992d62 Mon Sep 17 00:00:00 2001 +From: Yashpal Dutta <yashpal.dutta@freescale.com> +Date: Thu, 1 May 2014 06:35:45 +0545 +Subject: [PATCH 16/26] Fixed DH keygen pair generator + +Upstream-status: Pending + +Wrong Padding results into keygen length error + +Signed-off-by: Yashpal Dutta <yashpal.dutta@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 50 ++++++++++++++++++++++++++++--------------- + 1 file changed, 33 insertions(+), 17 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index dab8fea..13d924f 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -3396,44 +3396,60 @@ sw_try: + static int cryptodev_dh_keygen(DH *dh) + { + struct crypt_kop kop; +- int ret = 1, g_len; +- unsigned char *g = NULL; ++ int ret = 1, q_len = 0; ++ unsigned char *q = NULL, *g = NULL, *s = NULL, *w = NULL; ++ BIGNUM *pub_key = NULL, *priv_key = NULL; ++ int generate_new_key = 1; + +- if (dh->priv_key == NULL) { +- if ((dh->priv_key=BN_new()) == NULL) +- goto sw_try; +- } ++ if (dh->priv_key) ++ priv_key = dh->priv_key; + +- if (dh->pub_key == NULL) { +- if ((dh->pub_key=BN_new()) == NULL) +- goto sw_try; +- } ++ if (dh->pub_key) ++ pub_key = dh->pub_key; + +- g_len = BN_num_bytes(dh->p); ++ q_len = BN_num_bytes(dh->p); + /** + * Get generator into a plain buffer. If length is less than + * q_len then add leading padding bytes. + */ +- if (spcf_bn2bin_ex(dh->g, &g, &g_len)) { ++ if (spcf_bn2bin_ex(dh->g, &g, &q_len)) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ if (spcf_bn2bin_ex(dh->p, &q, &q_len)) { + DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); + goto sw_try; + } + + memset(&kop, 0, sizeof kop); + kop.crk_op = CRK_DH_GENERATE_KEY; +- if (bn2crparam(dh->p, &kop.crk_param[0])) +- goto sw_try; ++ kop.crk_param[0].crp_p = q; ++ kop.crk_param[0].crp_nbits = q_len * 8; + if (!dh->q || bn2crparam(dh->q, &kop.crk_param[1])) + goto sw_try; + kop.crk_param[2].crp_p = g; +- kop.crk_param[2].crp_nbits = g_len * 8; ++ kop.crk_param[2].crp_nbits = q_len * 8; + kop.crk_iparams = 3; + ++ s = OPENSSL_malloc (q_len); ++ if (!s) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ ++ w = OPENSSL_malloc (q_len); ++ if (!w) { ++ DSAerr(DH_F_DH_GENERATE_KEY, ERR_R_MALLOC_FAILURE); ++ goto sw_try; ++ } ++ + /* pub_key is or prime length while priv key is of length of order */ +- if (cryptodev_asym(&kop, BN_num_bytes(dh->p), dh->pub_key, +- BN_num_bytes(dh->q), dh->priv_key)) ++ if (cryptodev_asym(&kop, q_len, w, q_len, s)) + goto sw_try; + ++ dh->pub_key = BN_bin2bn(w, q_len, pub_key); ++ dh->pub_key = BN_bin2bn(s, q_len, priv_key); + return ret; + sw_try: + { +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch b/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch new file mode 100644 index 00000000..bd9e61ac --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0017-cryptodev-add-support-for-aes-gcm-algorithm-offloadi.patch @@ -0,0 +1,309 @@ +From 11b55103463bac614e00d74e9f196ec4ec6bade1 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Mon, 16 Jun 2014 14:06:21 +0300 +Subject: [PATCH 17/26] cryptodev: add support for aes-gcm algorithm offloading + +Change-Id: I3b77dc5ef8b8f707309549244a02852d95b36168 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/17226 +--- + apps/speed.c | 6 +- + crypto/engine/eng_cryptodev.c | 229 +++++++++++++++++++++++++++++++++++++++++- + 2 files changed, 233 insertions(+), 2 deletions(-) + +diff --git a/apps/speed.c b/apps/speed.c +index 9886ca3..099dede 100644 +--- a/apps/speed.c ++++ b/apps/speed.c +@@ -224,7 +224,11 @@ + #endif + + #undef BUFSIZE +-#define BUFSIZE ((long)1024*8+1) ++/* The buffer overhead allows GCM tag at the end of the encrypted data. This ++ avoids buffer overflows from cryptodev since Linux kernel GCM ++ implementation allways adds the tag - unlike e_aes.c:aes_gcm_cipher() ++ which doesn't */ ++#define BUFSIZE ((long)1024*8 + EVP_GCM_TLS_TAG_LEN) + int run=0; + + static int mr=0; +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 13d924f..4493490 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -78,8 +78,10 @@ struct dev_crypto_state { + struct session_op d_sess; + int d_fd; + unsigned char *aad; +- unsigned int aad_len; ++ int aad_len; + unsigned int len; ++ unsigned char *iv; ++ int ivlen; + + #ifdef USE_CRYPTODEV_DIGESTS + char dummy_mac_key[HASH_MAX_LEN]; +@@ -251,6 +253,7 @@ static struct { + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, + { 0, NID_undef, 0, 0, 0}, + }; + +@@ -271,6 +274,19 @@ static struct { + }; + #endif + ++/* increment counter (64-bit int) by 1 */ ++static void ctr64_inc(unsigned char *counter) { ++ int n=8; ++ unsigned char c; ++ ++ do { ++ --n; ++ c = counter[n]; ++ ++c; ++ counter[n] = c; ++ if (c) return; ++ } while (n); ++} + /* + * Return a fd if /dev/crypto seems usable, 0 otherwise. + */ +@@ -762,6 +778,197 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + } + } + ++static int cryptodev_init_gcm_key(EVP_CIPHER_CTX *ctx, ++ const unsigned char *key, const unsigned char *iv, int enc) ++{ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ int cipher = -1, i; ++ if (!iv && !key) ++ return 1; ++ ++ if (iv) ++ memcpy(ctx->iv, iv, ctx->cipher->iv_len); ++ ++ for (i = 0; ciphers[i].id; i++) ++ if (ctx->cipher->nid == ciphers[i].nid && ++ ctx->cipher->iv_len <= ciphers[i].ivmax && ++ ctx->key_len == ciphers[i].keylen) { ++ cipher = ciphers[i].id; ++ break; ++ } ++ ++ if (!ciphers[i].id) { ++ state->d_fd = -1; ++ return 0; ++ } ++ ++ memset(sess, 0, sizeof(struct session_op)); ++ ++ if ((state->d_fd = get_dev_crypto()) < 0) ++ return 0; ++ ++ sess->key = (unsigned char *) key; ++ sess->keylen = ctx->key_len; ++ sess->cipher = cipher; ++ ++ if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { ++ put_dev_crypto(state->d_fd); ++ state->d_fd = -1; ++ return 0; ++ } ++ return 1; ++} ++ ++static int cryptodev_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, ++ const unsigned char *in, size_t len) ++{ ++ struct crypt_auth_op cryp = {0}; ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ int rv = len; ++ ++ if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ? ++ EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, ++ EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) ++ return 0; ++ ++ in += EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ out += EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ ++ if (ctx->encrypt) { ++ len -= EVP_GCM_TLS_TAG_LEN; ++ } ++ cryp.ses = sess->ses; ++ cryp.len = len; ++ cryp.src = (unsigned char*) in; ++ cryp.dst = out; ++ cryp.auth_src = state->aad; ++ cryp.auth_len = state->aad_len; ++ cryp.iv = ctx->iv; ++ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; ++ ++ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { ++ return 0; ++ } ++ ++ if (ctx->encrypt) ++ ctr64_inc(state->iv + state->ivlen - 8); ++ else ++ rv = len - EVP_GCM_TLS_TAG_LEN; ++ ++ return rv; ++} ++ ++static int cryptodev_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, ++ const unsigned char *in, size_t len) ++{ ++ struct crypt_auth_op cryp; ++ struct dev_crypto_state *state = ctx->cipher_data; ++ struct session_op *sess = &state->d_sess; ++ ++ if (state->d_fd < 0) ++ return 0; ++ ++ if ((len % ctx->cipher->block_size) != 0) ++ return 0; ++ ++ if (state->aad_len >= 0) ++ return cryptodev_gcm_tls_cipher(ctx, out, in, len); ++ ++ memset(&cryp, 0, sizeof(cryp)); ++ ++ cryp.ses = sess->ses; ++ cryp.len = len; ++ cryp.src = (unsigned char*) in; ++ cryp.dst = out; ++ cryp.auth_src = NULL; ++ cryp.auth_len = 0; ++ cryp.iv = ctx->iv; ++ cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT; ++ ++ if (ioctl(state->d_fd, CIOCAUTHCRYPT, &cryp) == -1) { ++ return 0; ++ } ++ ++ return len; ++} ++ ++static int cryptodev_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, ++ void *ptr) ++{ ++ struct dev_crypto_state *state = ctx->cipher_data; ++ switch (type) { ++ case EVP_CTRL_INIT: ++ { ++ state->ivlen = ctx->cipher->iv_len; ++ state->iv = ctx->iv; ++ state->aad_len = -1; ++ return 1; ++ } ++ case EVP_CTRL_GCM_SET_IV_FIXED: ++ { ++ /* Special case: -1 length restores whole IV */ ++ if (arg == -1) ++ { ++ memcpy(state->iv, ptr, state->ivlen); ++ return 1; ++ } ++ /* Fixed field must be at least 4 bytes and invocation field ++ * at least 8. ++ */ ++ if ((arg < 4) || (state->ivlen - arg) < 8) ++ return 0; ++ if (arg) ++ memcpy(state->iv, ptr, arg); ++ if (ctx->encrypt && ++ RAND_bytes(state->iv + arg, state->ivlen - arg) <= 0) ++ return 0; ++ return 1; ++ } ++ case EVP_CTRL_AEAD_TLS1_AAD: ++ { ++ unsigned int len; ++ if (arg != 13) ++ return 0; ++ ++ memcpy(ctx->buf, ptr, arg); ++ len=ctx->buf[arg-2] << 8 | ctx->buf[arg-1]; ++ ++ /* Correct length for explicit IV */ ++ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; ++ ++ /* If decrypting correct for tag too */ ++ if (!ctx->encrypt) ++ len -= EVP_GCM_TLS_TAG_LEN; ++ ++ ctx->buf[arg-2] = len >> 8; ++ ctx->buf[arg-1] = len & 0xff; ++ ++ state->aad = ctx->buf; ++ state->aad_len = arg; ++ state->len = len; ++ ++ /* Extra padding: tag appended to record */ ++ return EVP_GCM_TLS_TAG_LEN; ++ } ++ case EVP_CTRL_GCM_SET_IV_INV: ++ { ++ if (ctx->encrypt) ++ return 0; ++ memcpy(state->iv + state->ivlen - arg, ptr, arg); ++ return 1; ++ } ++ case EVP_CTRL_GCM_IV_GEN: ++ if (arg <= 0 || arg > state->ivlen) ++ arg = state->ivlen; ++ memcpy(ptr, state->iv + state->ivlen - arg, arg); ++ return 1; ++ default: ++ return -1; ++ } ++} + /* + * libcrypto EVP stuff - this is how we get wired to EVP so the engine + * gets called when libcrypto requests a cipher NID. +@@ -901,6 +1108,23 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { + cryptodev_cbc_hmac_sha1_ctrl, + NULL + }; ++ ++const EVP_CIPHER cryptodev_aes_128_gcm = { ++ NID_aes_128_gcm, ++ 1, 16, 12, ++ EVP_CIPH_GCM_MODE | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ ++ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ ++ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT, ++ cryptodev_init_gcm_key, ++ cryptodev_gcm_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_gcm_ctrl, ++ NULL ++}; ++ + /* + * Registered by the ENGINE when used to find out how to deal with + * a particular NID in the ENGINE. this says what we'll do at the +@@ -944,6 +1168,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc_hmac_sha1: + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; + break; ++ case NID_aes_128_gcm: ++ *cipher = &cryptodev_aes_128_gcm; ++ break; + default: + *cipher = NULL; + break; +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch b/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch new file mode 100644 index 00000000..1118a6fc --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0018-eng_cryptodev-extend-TLS-offload-with-3des_cbc_hmac_.patch @@ -0,0 +1,193 @@ +From 21e3ca4ec77f9258aa4001f07faac1c4942b48b4 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus <tudor.ambarus@freescale.com> +Date: Fri, 9 May 2014 17:54:06 +0300 +Subject: [PATCH 18/26] eng_cryptodev: extend TLS offload with + 3des_cbc_hmac_sha1 + +Both obj_mac.h and obj_dat.h were generated using the scripts +from crypto/objects: + +$ cd crypto/objects +$ perl objects.pl objects.txt obj_mac.num obj_mac.h +$ perl obj_dat.pl obj_mac.h obj_dat.h + +Change-Id: I94f13cdd09df67e33e6acd3c00aab47cb358ac46 +Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34001 +--- + crypto/engine/eng_cryptodev.c | 24 ++++++++++++++++++++++++ + crypto/objects/obj_dat.h | 10 +++++++--- + crypto/objects/obj_mac.h | 4 ++++ + crypto/objects/obj_mac.num | 1 + + crypto/objects/objects.txt | 1 + + ssl/ssl_ciph.c | 4 ++++ + 6 files changed, 41 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 79b2678..299e84b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -135,6 +135,7 @@ static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void ENGINE_load_cryptodev(void); + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; + + inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) + { +@@ -252,6 +253,7 @@ static struct { + { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, 0}, + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, 0}, + { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, 0}, ++ { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, +@@ -466,6 +468,9 @@ cryptodev_usable_ciphers(const int **nids) + case NID_aes_256_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + break; ++ case NID_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); ++ break; + } + } + return count; +@@ -571,6 +576,7 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + switch (ctx->cipher->nid) { + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: ++ case NID_des_ede3_cbc_hmac_sha1: + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; + } + cryp.ses = sess->ses; +@@ -763,6 +769,7 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + switch (ctx->cipher->nid) { + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: ++ case NID_des_ede3_cbc_hmac_sha1: + maclen = SHA_DIGEST_LENGTH; + } + +@@ -1082,6 +1089,20 @@ const EVP_CIPHER cryptodev_aes_256_cbc = { + NULL + }; + ++const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1 = { ++ NID_des_ede3_cbc_hmac_sha1, ++ 8, 24, 8, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1 = { + NID_aes_128_cbc_hmac_sha1, + 16, 16, 16, +@@ -1163,6 +1184,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc: + *cipher = &cryptodev_aes_256_cbc; + break; ++ case NID_des_ede3_cbc_hmac_sha1: ++ *cipher = &cryptodev_3des_cbc_hmac_sha1; ++ break; + case NID_aes_128_cbc_hmac_sha1: + *cipher = &cryptodev_aes_128_cbc_hmac_sha1; + break; +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index bc69665..9f2267a 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,9 +62,9 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 920 +-#define NUM_SN 913 +-#define NUM_LN 913 ++#define NUM_NID 921 ++#define NUM_SN 914 ++#define NUM_LN 914 + #define NUM_OBJ 857 + + static const unsigned char lvalues[5974]={ +@@ -2399,6 +2399,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", + NID_aes_256_cbc_hmac_sha1,0,NULL,0}, + {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, ++{"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", ++ NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2474,6 +2476,7 @@ static const unsigned int sn_objs[NUM_SN]={ + 62, /* "DES-EDE-OFB" */ + 33, /* "DES-EDE3" */ + 44, /* "DES-EDE3-CBC" */ ++920, /* "DES-EDE3-CBC-HMAC-SHA1" */ + 61, /* "DES-EDE3-CFB" */ + 658, /* "DES-EDE3-CFB1" */ + 659, /* "DES-EDE3-CFB8" */ +@@ -3585,6 +3588,7 @@ static const unsigned int ln_objs[NUM_LN]={ + 62, /* "des-ede-ofb" */ + 33, /* "des-ede3" */ + 44, /* "des-ede3-cbc" */ ++920, /* "des-ede3-cbc-hmac-sha1" */ + 61, /* "des-ede3-cfb" */ + 658, /* "des-ede3-cfb1" */ + 659, /* "des-ede3-cfb8" */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index b5ea7cd..8751902 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -4030,3 +4030,7 @@ + #define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" + #define NID_aes_256_cbc_hmac_sha1 918 + ++#define SN_des_ede3_cbc_hmac_sha1 "DES-EDE3-CBC-HMAC-SHA1" ++#define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" ++#define NID_des_ede3_cbc_hmac_sha1 920 ++ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 1d0a7c8..9d44bb5 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -917,3 +917,4 @@ aes_128_cbc_hmac_sha1 916 + aes_192_cbc_hmac_sha1 917 + aes_256_cbc_hmac_sha1 918 + rsaesOaep 919 ++des_ede3_cbc_hmac_sha1 920 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index d3bfad7..90d2fc5 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1290,3 +1290,4 @@ kisa 1 6 : SEED-OFB : seed-ofb + : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 + : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 + : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 ++ : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 8188ff5..310fe76 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -639,6 +639,10 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; ++ else if (c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; + return(1); + } + else +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch new file mode 100644 index 00000000..988d79ea --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0019-eng_cryptodev-add-support-for-TLSv1.1-record-offload.patch @@ -0,0 +1,355 @@ +From 1de2b740a3bdcd8e98abb5f4e176d46fd817b932 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus <tudor.ambarus@freescale.com> +Date: Tue, 31 Mar 2015 16:30:17 +0300 +Subject: [PATCH 19/26] eng_cryptodev: add support for TLSv1.1 record offload + +Supported cipher suites: +- 3des-ede-cbc-sha +- aes-128-cbc-hmac-sha +- aes-256-cbc-hmac-sha + +Requires TLS patches on cryptodev and TLS algorithm support in Linux +kernel driver. + +Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> +Change-Id: Id414f36a528de3f476b72688cf85714787d7ccae +Reviewed-on: http://git.am.freescale.net:8181/34002 +Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 101 ++++++++++++++++++++++++++++++++++++++---- + crypto/objects/obj_dat.h | 18 ++++++-- + crypto/objects/obj_mac.h | 12 +++++ + crypto/objects/obj_mac.num | 3 ++ + crypto/objects/objects.txt | 3 ++ + ssl/ssl_ciph.c | 26 +++++++++-- + 6 files changed, 148 insertions(+), 15 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 299e84b..f71ab27 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -66,6 +66,7 @@ ENGINE_load_cryptodev(void) + #include <sys/ioctl.h> + #include <errno.h> + #include <stdio.h> ++#include <stdbool.h> + #include <unistd.h> + #include <fcntl.h> + #include <stdarg.h> +@@ -133,9 +134,12 @@ static int cryptodev_dh_compute_key(unsigned char *key, + static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)(void)); + void ENGINE_load_cryptodev(void); ++const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; +-const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; + + inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) + { +@@ -256,6 +260,9 @@ static struct { + { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, ++ { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, ++ { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, + { 0, NID_undef, 0, 0, 0}, + }; +@@ -462,14 +469,23 @@ cryptodev_usable_ciphers(const int **nids) + /* add ciphers specific to cryptodev if found in kernel */ + for(i = 0; i < count; i++) { + switch (*(*nids + i)) { ++ case NID_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); ++ break; + case NID_aes_128_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1); + break; + case NID_aes_256_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1); + break; +- case NID_des_ede3_cbc_hmac_sha1: +- EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1); ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls11_3des_cbc_hmac_sha1); ++ break; ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls11_aes_128_cbc_hmac_sha1); ++ break; ++ case NID_tls11_aes_256_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); + break; + } + } +@@ -574,9 +590,12 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + + /* TODO: make a seamless integration with cryptodev flags */ + switch (ctx->cipher->nid) { ++ case NID_des_ede3_cbc_hmac_sha1: + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: +- case NID_des_ede3_cbc_hmac_sha1: ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ case NID_tls11_aes_256_cbc_hmac_sha1: + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; + } + cryp.ses = sess->ses; +@@ -758,8 +777,9 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + struct dev_crypto_state *state = ctx->cipher_data; + unsigned char *p = ptr; + unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1]; +- unsigned int maclen, padlen; ++ unsigned int maclen, padlen, len; + unsigned int bs = ctx->cipher->block_size; ++ bool aad_needs_fix = false; + + state->aad = ptr; + state->aad_len = arg; +@@ -767,10 +787,24 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + + /* TODO: this should be an extension of EVP_CIPHER struct */ + switch (ctx->cipher->nid) { ++ case NID_des_ede3_cbc_hmac_sha1: + case NID_aes_128_cbc_hmac_sha1: + case NID_aes_256_cbc_hmac_sha1: +- case NID_des_ede3_cbc_hmac_sha1: + maclen = SHA_DIGEST_LENGTH; ++ break; ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ case NID_tls11_aes_256_cbc_hmac_sha1: ++ maclen = SHA_DIGEST_LENGTH; ++ aad_needs_fix = true; ++ break; ++ } ++ ++ /* Correct length for AAD Length field */ ++ if (ctx->encrypt && aad_needs_fix) { ++ len = cryptlen - bs; ++ p[arg-2] = len >> 8; ++ p[arg-1] = len & 0xff; + } + + /* space required for encryption (not only TLS padding) */ +@@ -1131,6 +1165,48 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = { + NULL + }; + ++const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1 = { ++ NID_tls11_des_ede3_cbc_hmac_sha1, ++ 8, 24, 8, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1 = { ++ NID_tls11_aes_128_cbc_hmac_sha1, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { ++ NID_tls11_aes_256_cbc_hmac_sha1, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ + const EVP_CIPHER cryptodev_aes_128_gcm = { + NID_aes_128_gcm, + 1, 16, 12, +@@ -1184,6 +1260,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc: + *cipher = &cryptodev_aes_256_cbc; + break; ++ case NID_aes_128_gcm: ++ *cipher = &cryptodev_aes_128_gcm; ++ break; + case NID_des_ede3_cbc_hmac_sha1: + *cipher = &cryptodev_3des_cbc_hmac_sha1; + break; +@@ -1193,8 +1272,14 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_aes_256_cbc_hmac_sha1: + *cipher = &cryptodev_aes_256_cbc_hmac_sha1; + break; +- case NID_aes_128_gcm: +- *cipher = &cryptodev_aes_128_gcm; ++ case NID_tls11_des_ede3_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls11_3des_cbc_hmac_sha1; ++ break; ++ case NID_tls11_aes_128_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls11_aes_128_cbc_hmac_sha1; ++ break; ++ case NID_tls11_aes_256_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; + break; + default: + *cipher = NULL; +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index 9f2267a..dc89b0a 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,9 +62,9 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 921 +-#define NUM_SN 914 +-#define NUM_LN 914 ++#define NUM_NID 924 ++#define NUM_SN 917 ++#define NUM_LN 917 + #define NUM_OBJ 857 + + static const unsigned char lvalues[5974]={ +@@ -2401,6 +2401,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, + {"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1", + NID_des_ede3_cbc_hmac_sha1,0,NULL,0}, ++{"TLS11-DES-EDE3-CBC-HMAC-SHA1","tls11-des-ede3-cbc-hmac-sha1", ++ NID_tls11_des_ede3_cbc_hmac_sha1,0,NULL,0}, ++{"TLS11-AES-128-CBC-HMAC-SHA1","tls11-aes-128-cbc-hmac-sha1", ++ NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, ++{"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", ++ NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2586,6 +2592,9 @@ static const unsigned int sn_objs[NUM_SN]={ + 100, /* "SN" */ + 16, /* "ST" */ + 143, /* "SXNetID" */ ++922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ ++923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ ++921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ + 458, /* "UID" */ + 0, /* "UNDEF" */ + 11, /* "X500" */ +@@ -4205,6 +4214,9 @@ static const unsigned int ln_objs[NUM_LN]={ + 459, /* "textEncodedORAddress" */ + 293, /* "textNotice" */ + 106, /* "title" */ ++922, /* "tls11-aes-128-cbc-hmac-sha1" */ ++923, /* "tls11-aes-256-cbc-hmac-sha1" */ ++921, /* "tls11-des-ede3-cbc-hmac-sha1" */ + 682, /* "tpBasis" */ + 436, /* "ucl" */ + 0, /* "undefined" */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index 8751902..f181890 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -4034,3 +4034,15 @@ + #define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1" + #define NID_des_ede3_cbc_hmac_sha1 920 + ++#define SN_tls11_des_ede3_cbc_hmac_sha1 "TLS11-DES-EDE3-CBC-HMAC-SHA1" ++#define LN_tls11_des_ede3_cbc_hmac_sha1 "tls11-des-ede3-cbc-hmac-sha1" ++#define NID_tls11_des_ede3_cbc_hmac_sha1 921 ++ ++#define SN_tls11_aes_128_cbc_hmac_sha1 "TLS11-AES-128-CBC-HMAC-SHA1" ++#define LN_tls11_aes_128_cbc_hmac_sha1 "tls11-aes-128-cbc-hmac-sha1" ++#define NID_tls11_aes_128_cbc_hmac_sha1 922 ++ ++#define SN_tls11_aes_256_cbc_hmac_sha1 "TLS11-AES-256-CBC-HMAC-SHA1" ++#define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" ++#define NID_tls11_aes_256_cbc_hmac_sha1 923 ++ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index 9d44bb5..a02b58c 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -918,3 +918,6 @@ aes_192_cbc_hmac_sha1 917 + aes_256_cbc_hmac_sha1 918 + rsaesOaep 919 + des_ede3_cbc_hmac_sha1 920 ++tls11_des_ede3_cbc_hmac_sha1 921 ++tls11_aes_128_cbc_hmac_sha1 922 ++tls11_aes_256_cbc_hmac_sha1 923 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index 90d2fc5..1973658 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1291,3 +1291,6 @@ kisa 1 6 : SEED-OFB : seed-ofb + : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 + : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 + : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1 ++ : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 ++ : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 ++ : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 310fe76..0408986 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -631,17 +631,35 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, + c->algorithm_mac == SSL_MD5 && + (evp=EVP_get_cipherbyname("RC4-HMAC-MD5"))) + *enc = evp, *md = NULL; +- else if (c->algorithm_enc == SSL_AES128 && ++ else if (s->ssl_version == TLS1_VERSION && ++ c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_VERSION && ++ c->algorithm_enc == SSL_AES128 && + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; +- else if (c->algorithm_enc == SSL_AES256 && ++ else if (s->ssl_version == TLS1_VERSION && ++ c->algorithm_enc == SSL_AES256 && + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; +- else if (c->algorithm_enc == SSL_3DES && ++ else if (s->ssl_version == TLS1_1_VERSION && ++ c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS11-DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_1_VERSION && ++ c->algorithm_enc == SSL_AES128 && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS11-AES-128-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_1_VERSION && ++ c->algorithm_enc == SSL_AES256 && + c->algorithm_mac == SSL_SHA1 && +- (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1"))) ++ (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; + return(1); + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch b/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch new file mode 100644 index 00000000..7370c496 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0020-eng_cryptodev-add-support-for-TLSv1.2-record-offload.patch @@ -0,0 +1,359 @@ +From a58703e6601fcfcfe69fdb3e7152ed76b40d67e9 Mon Sep 17 00:00:00 2001 +From: Tudor Ambarus <tudor.ambarus@freescale.com> +Date: Tue, 31 Mar 2015 16:32:35 +0300 +Subject: [PATCH 20/26] eng_cryptodev: add support for TLSv1.2 record offload + +Supported cipher suites: +- 3des-ede-cbc-sha +- aes-128-cbc-hmac-sha +- aes-256-cbc-hmac-sha +- aes-128-cbc-hmac-sha256 +- aes-256-cbc-hmac-sha256 + +Requires TLS patches on cryptodev and TLS algorithm support in Linux +kernel driver. + +Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com> +Change-Id: I0ac6953dd62e2655a59d8f3eaefd012b7ecebf55 +Reviewed-on: http://git.am.freescale.net:8181/34003 +Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com> +Tested-by: Cristian Stoica <cristian.stoica@freescale.com> +--- + crypto/engine/eng_cryptodev.c | 123 ++++++++++++++++++++++++++++++++++++++++++ + crypto/objects/obj_dat.h | 26 +++++++-- + crypto/objects/obj_mac.h | 20 +++++++ + crypto/objects/obj_mac.num | 5 ++ + crypto/objects/objects.txt | 5 ++ + ssl/ssl_ciph.c | 25 +++++++++ + 6 files changed, 201 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index f71ab27..fa5fe1b 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -140,6 +140,11 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1; + const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1; ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256; ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256; + + inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len) + { +@@ -263,6 +268,11 @@ static struct { + { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20}, + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20}, + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_TLS12_3DES_CBC_HMAC_SHA1, NID_tls12_des_ede3_cbc_hmac_sha1, 8, 24, 20}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_128_cbc_hmac_sha1, 16, 16, 20}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA1, NID_tls12_aes_256_cbc_hmac_sha1, 16, 32, 20}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_128_cbc_hmac_sha256, 16, 16, 32}, ++ { CRYPTO_TLS12_AES_CBC_HMAC_SHA256, NID_tls12_aes_256_cbc_hmac_sha256, 16, 32, 32}, + { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0}, + { 0, NID_undef, 0, 0, 0}, + }; +@@ -487,6 +497,21 @@ cryptodev_usable_ciphers(const int **nids) + case NID_tls11_aes_256_cbc_hmac_sha1: + EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1); + break; ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls12_3des_cbc_hmac_sha1); ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha1); ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha1: ++ EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha1); ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ EVP_add_cipher(&cryptodev_tls12_aes_128_cbc_hmac_sha256); ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha256: ++ EVP_add_cipher(&cryptodev_tls12_aes_256_cbc_hmac_sha256); ++ break; + } + } + return count; +@@ -596,6 +621,11 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + case NID_tls11_des_ede3_cbc_hmac_sha1: + case NID_tls11_aes_128_cbc_hmac_sha1: + case NID_tls11_aes_256_cbc_hmac_sha1: ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ case NID_tls12_aes_256_cbc_hmac_sha1: ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ case NID_tls12_aes_256_cbc_hmac_sha256: + cryp.flags = COP_FLAG_AEAD_TLS_TYPE; + } + cryp.ses = sess->ses; +@@ -795,9 +825,17 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + case NID_tls11_des_ede3_cbc_hmac_sha1: + case NID_tls11_aes_128_cbc_hmac_sha1: + case NID_tls11_aes_256_cbc_hmac_sha1: ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ case NID_tls12_aes_256_cbc_hmac_sha1: + maclen = SHA_DIGEST_LENGTH; + aad_needs_fix = true; + break; ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ case NID_tls12_aes_256_cbc_hmac_sha256: ++ maclen = SHA256_DIGEST_LENGTH; ++ aad_needs_fix = true; ++ break; + } + + /* Correct length for AAD Length field */ +@@ -1207,6 +1245,76 @@ const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = { + NULL + }; + ++const EVP_CIPHER cryptodev_tls12_3des_cbc_hmac_sha1 = { ++ NID_tls12_des_ede3_cbc_hmac_sha1, ++ 8, 24, 8, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha1 = { ++ NID_tls12_aes_128_cbc_hmac_sha1, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha1 = { ++ NID_tls12_aes_256_cbc_hmac_sha1, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_128_cbc_hmac_sha256 = { ++ NID_tls12_aes_128_cbc_hmac_sha256, ++ 16, 16, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ ++const EVP_CIPHER cryptodev_tls12_aes_256_cbc_hmac_sha256 = { ++ NID_tls12_aes_256_cbc_hmac_sha256, ++ 16, 32, 16, ++ EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER, ++ cryptodev_init_aead_key, ++ cryptodev_aead_cipher, ++ cryptodev_cleanup, ++ sizeof(struct dev_crypto_state), ++ EVP_CIPHER_set_asn1_iv, ++ EVP_CIPHER_get_asn1_iv, ++ cryptodev_cbc_hmac_sha1_ctrl, ++ NULL ++}; ++ + const EVP_CIPHER cryptodev_aes_128_gcm = { + NID_aes_128_gcm, + 1, 16, 12, +@@ -1281,6 +1389,21 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + case NID_tls11_aes_256_cbc_hmac_sha1: + *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1; + break; ++ case NID_tls12_des_ede3_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls12_3des_cbc_hmac_sha1; ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha1; ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha1: ++ *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha1; ++ break; ++ case NID_tls12_aes_128_cbc_hmac_sha256: ++ *cipher = &cryptodev_tls12_aes_128_cbc_hmac_sha256; ++ break; ++ case NID_tls12_aes_256_cbc_hmac_sha256: ++ *cipher = &cryptodev_tls12_aes_256_cbc_hmac_sha256; ++ break; + default: + *cipher = NULL; + break; +diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h +index dc89b0a..dfe19da 100644 +--- a/crypto/objects/obj_dat.h ++++ b/crypto/objects/obj_dat.h +@@ -62,9 +62,9 @@ + * [including the GNU Public Licence.] + */ + +-#define NUM_NID 924 +-#define NUM_SN 917 +-#define NUM_LN 917 ++#define NUM_NID 929 ++#define NUM_SN 922 ++#define NUM_LN 922 + #define NUM_OBJ 857 + + static const unsigned char lvalues[5974]={ +@@ -2407,6 +2407,16 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ + NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0}, + {"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1", + NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-DES-EDE3-CBC-HMAC-SHA1","tls12-des-ede3-cbc-hmac-sha1", ++ NID_tls12_des_ede3_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-AES-128-CBC-HMAC-SHA1","tls12-aes-128-cbc-hmac-sha1", ++ NID_tls12_aes_128_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-AES-256-CBC-HMAC-SHA1","tls12-aes-256-cbc-hmac-sha1", ++ NID_tls12_aes_256_cbc_hmac_sha1,0,NULL,0}, ++{"TLS12-AES-128-CBC-HMAC-SHA256","tls12-aes-128-cbc-hmac-sha256", ++ NID_tls12_aes_128_cbc_hmac_sha256,0,NULL,0}, ++{"TLS12-AES-256-CBC-HMAC-SHA256","tls12-aes-256-cbc-hmac-sha256", ++ NID_tls12_aes_256_cbc_hmac_sha256,0,NULL,0}, + }; + + static const unsigned int sn_objs[NUM_SN]={ +@@ -2595,6 +2605,11 @@ static const unsigned int sn_objs[NUM_SN]={ + 922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */ + 923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */ + 921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */ ++925, /* "TLS12-AES-128-CBC-HMAC-SHA1" */ ++927, /* "TLS12-AES-128-CBC-HMAC-SHA256" */ ++926, /* "TLS12-AES-256-CBC-HMAC-SHA1" */ ++928, /* "TLS12-AES-256-CBC-HMAC-SHA256" */ ++924, /* "TLS12-DES-EDE3-CBC-HMAC-SHA1" */ + 458, /* "UID" */ + 0, /* "UNDEF" */ + 11, /* "X500" */ +@@ -4217,6 +4232,11 @@ static const unsigned int ln_objs[NUM_LN]={ + 922, /* "tls11-aes-128-cbc-hmac-sha1" */ + 923, /* "tls11-aes-256-cbc-hmac-sha1" */ + 921, /* "tls11-des-ede3-cbc-hmac-sha1" */ ++925, /* "tls12-aes-128-cbc-hmac-sha1" */ ++927, /* "tls12-aes-128-cbc-hmac-sha256" */ ++926, /* "tls12-aes-256-cbc-hmac-sha1" */ ++928, /* "tls12-aes-256-cbc-hmac-sha256" */ ++924, /* "tls12-des-ede3-cbc-hmac-sha1" */ + 682, /* "tpBasis" */ + 436, /* "ucl" */ + 0, /* "undefined" */ +diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h +index f181890..5af125e 100644 +--- a/crypto/objects/obj_mac.h ++++ b/crypto/objects/obj_mac.h +@@ -4046,3 +4046,23 @@ + #define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1" + #define NID_tls11_aes_256_cbc_hmac_sha1 923 + ++#define SN_tls12_des_ede3_cbc_hmac_sha1 "TLS12-DES-EDE3-CBC-HMAC-SHA1" ++#define LN_tls12_des_ede3_cbc_hmac_sha1 "tls12-des-ede3-cbc-hmac-sha1" ++#define NID_tls12_des_ede3_cbc_hmac_sha1 924 ++ ++#define SN_tls12_aes_128_cbc_hmac_sha1 "TLS12-AES-128-CBC-HMAC-SHA1" ++#define LN_tls12_aes_128_cbc_hmac_sha1 "tls12-aes-128-cbc-hmac-sha1" ++#define NID_tls12_aes_128_cbc_hmac_sha1 925 ++ ++#define SN_tls12_aes_256_cbc_hmac_sha1 "TLS12-AES-256-CBC-HMAC-SHA1" ++#define LN_tls12_aes_256_cbc_hmac_sha1 "tls12-aes-256-cbc-hmac-sha1" ++#define NID_tls12_aes_256_cbc_hmac_sha1 926 ++ ++#define SN_tls12_aes_128_cbc_hmac_sha256 "TLS12-AES-128-CBC-HMAC-SHA256" ++#define LN_tls12_aes_128_cbc_hmac_sha256 "tls12-aes-128-cbc-hmac-sha256" ++#define NID_tls12_aes_128_cbc_hmac_sha256 927 ++ ++#define SN_tls12_aes_256_cbc_hmac_sha256 "TLS12-AES-256-CBC-HMAC-SHA256" ++#define LN_tls12_aes_256_cbc_hmac_sha256 "tls12-aes-256-cbc-hmac-sha256" ++#define NID_tls12_aes_256_cbc_hmac_sha256 928 ++ +diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num +index a02b58c..deeba3a 100644 +--- a/crypto/objects/obj_mac.num ++++ b/crypto/objects/obj_mac.num +@@ -921,3 +921,8 @@ des_ede3_cbc_hmac_sha1 920 + tls11_des_ede3_cbc_hmac_sha1 921 + tls11_aes_128_cbc_hmac_sha1 922 + tls11_aes_256_cbc_hmac_sha1 923 ++tls12_des_ede3_cbc_hmac_sha1 924 ++tls12_aes_128_cbc_hmac_sha1 925 ++tls12_aes_256_cbc_hmac_sha1 926 ++tls12_aes_128_cbc_hmac_sha256 927 ++tls12_aes_256_cbc_hmac_sha256 928 +diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt +index 1973658..6e4ac93 100644 +--- a/crypto/objects/objects.txt ++++ b/crypto/objects/objects.txt +@@ -1294,3 +1294,8 @@ kisa 1 6 : SEED-OFB : seed-ofb + : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1 + : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1 + : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1 ++ : TLS12-DES-EDE3-CBC-HMAC-SHA1 : tls12-des-ede3-cbc-hmac-sha1 ++ : TLS12-AES-128-CBC-HMAC-SHA1 : tls12-aes-128-cbc-hmac-sha1 ++ : TLS12-AES-256-CBC-HMAC-SHA1 : tls12-aes-256-cbc-hmac-sha1 ++ : TLS12-AES-128-CBC-HMAC-SHA256 : tls12-aes-128-cbc-hmac-sha256 ++ : TLS12-AES-256-CBC-HMAC-SHA256 : tls12-aes-256-cbc-hmac-sha256 +diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c +index 0408986..77a82f6 100644 +--- a/ssl/ssl_ciph.c ++++ b/ssl/ssl_ciph.c +@@ -661,6 +661,31 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, + c->algorithm_mac == SSL_SHA1 && + (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1"))) + *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_3DES && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS12-DES-EDE3-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES128 && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES256 && ++ c->algorithm_mac == SSL_SHA1 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA1"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES128 && ++ c->algorithm_mac == SSL_SHA256 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-128-CBC-HMAC-SHA256"))) ++ *enc = evp, *md = NULL; ++ else if (s->ssl_version == TLS1_2_VERSION && ++ c->algorithm_enc == SSL_AES256 && ++ c->algorithm_mac == SSL_SHA256 && ++ (evp=EVP_get_cipherbyname("TLS12-AES-256-CBC-HMAC-SHA256"))) ++ *enc = evp, *md = NULL; + return(1); + } + else +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch b/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch new file mode 100644 index 00000000..16cc6882 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0021-cryptodev-drop-redundant-function.patch @@ -0,0 +1,75 @@ +From ea4abc255c6c5feec01cb1e30c6082cfe47860e2 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Thu, 19 Feb 2015 16:11:53 +0200 +Subject: [PATCH 21/26] cryptodev: drop redundant function + +get_dev_crypto already caches the result. Another cache in-between is +useless. + +Change-Id: Ibd162529d3fb7a561a17f1a707d5d287c1586a3a +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34216 +--- + crypto/engine/eng_cryptodev.c | 18 +++--------------- + 1 file changed, 3 insertions(+), 15 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index fa5fe1b..1ab5551 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -96,7 +96,6 @@ struct dev_crypto_state { + + static u_int32_t cryptodev_asymfeat = 0; + +-static int get_asym_dev_crypto(void); + static int open_dev_crypto(void); + static int get_dev_crypto(void); + static int get_cryptodev_ciphers(const int **cnids); +@@ -357,17 +356,6 @@ static void put_dev_crypto(int fd) + #endif + } + +-/* Caching version for asym operations */ +-static int +-get_asym_dev_crypto(void) +-{ +- static int fd = -1; +- +- if (fd == -1) +- fd = get_dev_crypto(); +- return fd; +-} +- + /* + * Find out what ciphers /dev/crypto will let us have a session for. + * XXX note, that some of these openssl doesn't deal with yet! +@@ -1796,7 +1784,7 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + { + int fd, ret = -1; + +- if ((fd = get_asym_dev_crypto()) < 0) ++ if ((fd = get_dev_crypto()) < 0) + return (ret); + + if (r) { +@@ -2374,7 +2362,7 @@ static int cryptodev_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) + int p_len, q_len; + int i; + +- if ((fd = get_asym_dev_crypto()) < 0) ++ if ((fd = get_dev_crypto()) < 0) + goto sw_try; + + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; +@@ -3928,7 +3916,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) + BIGNUM *temp = NULL; + unsigned char *padded_pub_key = NULL, *p = NULL; + +- if ((fd = get_asym_dev_crypto()) < 0) ++ if ((fd = get_dev_crypto()) < 0) + goto sw_try; + + memset(&kop, 0, sizeof kop); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch b/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch new file mode 100644 index 00000000..0b2f0f1b --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0022-cryptodev-do-not-zero-the-buffer-before-use.patch @@ -0,0 +1,48 @@ +From 75e3e7d600eb72e7374b1ecf5ece7b831bc98ed8 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Tue, 17 Feb 2015 13:12:53 +0200 +Subject: [PATCH 22/26] cryptodev: do not zero the buffer before use + +- The buffer is just about to be overwritten. Zeroing it before that has + no purpose + +Change-Id: I478c31bd2e254561474a7edf5e37980ca04217ce +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34217 +--- + crypto/engine/eng_cryptodev.c | 13 ++++--------- + 1 file changed, 4 insertions(+), 9 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index 1ab5551..dbc5989 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1681,21 +1681,16 @@ static int + bn2crparam(const BIGNUM *a, struct crparam *crp) + { + ssize_t bytes, bits; +- u_char *b; +- +- crp->crp_p = NULL; +- crp->crp_nbits = 0; + + bits = BN_num_bits(a); + bytes = (bits + 7) / 8; + +- b = malloc(bytes); +- if (b == NULL) ++ crp->crp_nbits = bits; ++ crp->crp_p = malloc(bytes); ++ ++ if (crp->crp_p == NULL) + return (1); +- memset(b, 0, bytes); + +- crp->crp_p = (caddr_t) b; +- crp->crp_nbits = bits; + BN_bn2bin(a, crp->crp_p); + return (0); + } +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch b/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch new file mode 100644 index 00000000..5ff1c5ca --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0023-cryptodev-clean-up-code-layout.patch @@ -0,0 +1,72 @@ +From 4453b06b940fc03a0973cfd96f908e46cce61054 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Wed, 18 Feb 2015 10:39:46 +0200 +Subject: [PATCH 23/26] cryptodev: clean-up code layout + +This is just a refactoring that uses else branch to check for malloc failures + +Change-Id: I6dc157af36d6ec51a4edfc82cf97fae2e7e83628 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34218 +--- + crypto/engine/eng_cryptodev.c | 42 ++++++++++++++++++++---------------------- + 1 file changed, 20 insertions(+), 22 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index dbc5989..dceb4f5 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1745,30 +1745,28 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, + fd = *(int *)cookie->eng_handle; + + eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); +- +- if (eng_cookie) { +- memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); +- if (r) { +- kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); +- if (!kop->crk_param[kop->crk_iparams].crp_p) +- return -ENOMEM; +- kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; +- kop->crk_oparams++; +- eng_cookie->r = r; +- eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; +- } +- if (s) { +- kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); +- if (!kop->crk_param[kop->crk_iparams+1].crp_p) +- return -ENOMEM; +- kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; +- kop->crk_oparams++; +- eng_cookie->s = s; +- eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; +- } +- } else ++ if (!eng_cookie) + return -ENOMEM; + ++ memset(eng_cookie, 0, sizeof(struct cryptodev_cookie_s)); ++ if (r) { ++ kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; ++ kop->crk_oparams++; ++ eng_cookie->r = r; ++ eng_cookie->r_param = kop->crk_param[kop->crk_iparams]; ++ } ++ if (s) { ++ kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); ++ if (!kop->crk_param[kop->crk_iparams+1].crp_p) ++ return -ENOMEM; ++ kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; ++ kop->crk_oparams++; ++ eng_cookie->s = s; ++ eng_cookie->s_param = kop->crk_param[kop->crk_iparams + 1]; ++ } + eng_cookie->kop = kop; + cookie->eng_cookie = eng_cookie; + return ioctl(fd, CIOCASYMASYNCRYPT, kop); +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch b/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch new file mode 100644 index 00000000..e798d3e2 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0024-cryptodev-do-not-cache-file-descriptor-in-open.patch @@ -0,0 +1,100 @@ +From a44701abd995b3db80001d0c5d88e9ead05972c1 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Thu, 19 Feb 2015 16:43:29 +0200 +Subject: [PATCH 24/26] cryptodev: do not cache file descriptor in 'open' + +The file descriptor returned by get_dev_crypto is cached after a +successful return. The issue is, it is cached inside 'open_dev_crypto' +which is no longer useful as a general purpose open("/dev/crypto") +function. + +This patch is a refactoring that moves the caching operation from +open_dev_crypto to get_dev_crypto and leaves the former as a simpler +function true to its name + +Change-Id: I980170969410381973ce75f6679a4a1401738847 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34219 +--- + crypto/engine/eng_cryptodev.c | 50 +++++++++++++++++++++---------------------- + 1 file changed, 24 insertions(+), 26 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index dceb4f5..b74fc7c 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -306,47 +306,45 @@ static void ctr64_inc(unsigned char *counter) { + if (c) return; + } while (n); + } +-/* +- * Return a fd if /dev/crypto seems usable, 0 otherwise. +- */ +-static int +-open_dev_crypto(void) ++ ++static int open_dev_crypto(void) + { +- static int fd = -1; ++ int fd; + +- if (fd == -1) { +- if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) +- return (-1); +- /* close on exec */ +- if (fcntl(fd, F_SETFD, 1) == -1) { +- close(fd); +- fd = -1; +- return (-1); +- } ++ fd = open("/dev/crypto", O_RDWR, 0); ++ if ( fd < 0) ++ return -1; ++ ++ /* close on exec */ ++ if (fcntl(fd, F_SETFD, 1) == -1) { ++ close(fd); ++ return -1; + } +- return (fd); ++ ++ return fd; + } + +-static int +-get_dev_crypto(void) ++static int get_dev_crypto(void) + { +- int fd, retfd; ++ static int fd = -1; ++ int retfd; + +- if ((fd = open_dev_crypto()) == -1) +- return (-1); +-#ifndef CRIOGET_NOT_NEEDED ++ if (fd == -1) ++ fd = open_dev_crypto(); ++#ifdef CRIOGET_NOT_NEEDED ++ return fd; ++#else ++ if (fd == -1) ++ return -1; + if (ioctl(fd, CRIOGET, &retfd) == -1) + return (-1); +- + /* close on exec */ + if (fcntl(retfd, F_SETFD, 1) == -1) { + close(retfd); + return (-1); + } +-#else +- retfd = fd; ++ return retfd; + #endif +- return (retfd); + } + + static void put_dev_crypto(int fd) +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch b/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch new file mode 100644 index 00000000..a48dc6a6 --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0025-cryptodev-put_dev_crypto-should-be-an-int.patch @@ -0,0 +1,35 @@ +From 84a8007b6e92fe4c2696cc9e330207ee03303a20 Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Thu, 19 Feb 2015 13:09:32 +0200 +Subject: [PATCH 25/26] cryptodev: put_dev_crypto should be an int + +Change-Id: Ie0a83bc07a37132286c098b17ef35d98de74b043 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34220 +--- + crypto/engine/eng_cryptodev.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index b74fc7c..c9db27d 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -347,10 +347,12 @@ static int get_dev_crypto(void) + #endif + } + +-static void put_dev_crypto(int fd) ++static int put_dev_crypto(int fd) + { +-#ifndef CRIOGET_NOT_NEEDED +- close(fd); ++#ifdef CRIOGET_NOT_NEEDED ++ return 0; ++#else ++ return close(fd); + #endif + } + +-- +2.3.5 + diff --git a/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch b/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch new file mode 100644 index 00000000..6527ac8f --- /dev/null +++ b/recipes-connectivity/openssl/openssl-fsl/0026-cryptodev-simplify-cryptodev-pkc-support-code.patch @@ -0,0 +1,250 @@ +From 787539e7720c99785f6c664a7484842bba08f6ed Mon Sep 17 00:00:00 2001 +From: Cristian Stoica <cristian.stoica@freescale.com> +Date: Thu, 19 Feb 2015 13:39:52 +0200 +Subject: [PATCH 26/26] cryptodev: simplify cryptodev pkc support code + +- Engine init returns directly a file descriptor instead of a pointer to one +- Similarly, the Engine close will now just close the file + +Change-Id: Ief736d0776c7009dee002204fb1d4ce9d31c8787 +Signed-off-by: Cristian Stoica <cristian.stoica@freescale.com> +Reviewed-on: http://git.am.freescale.net:8181/34221 +--- + crypto/crypto.h | 2 +- + crypto/engine/eng_cryptodev.c | 35 +++----------------------- + crypto/engine/eng_int.h | 14 +++-------- + crypto/engine/eng_lib.c | 57 +++++++++++++++++++++---------------------- + crypto/engine/engine.h | 13 +++++----- + 5 files changed, 42 insertions(+), 79 deletions(-) + +diff --git a/crypto/crypto.h b/crypto/crypto.h +index ce12731..292427e 100644 +--- a/crypto/crypto.h ++++ b/crypto/crypto.h +@@ -618,7 +618,7 @@ struct pkc_cookie_s { + * -EINVAL: Parameters Invalid + */ + void (*pkc_callback)(struct pkc_cookie_s *cookie, int status); +- void *eng_handle; ++ int eng_handle; + }; + + #ifdef __cplusplus +diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c +index c9db27d..f173bde 100644 +--- a/crypto/engine/eng_cryptodev.c ++++ b/crypto/engine/eng_cryptodev.c +@@ -1742,7 +1742,7 @@ cryptodev_asym_async(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, + struct pkc_cookie_s *cookie = kop->cookie; + struct cryptodev_cookie_s *eng_cookie; + +- fd = *(int *)cookie->eng_handle; ++ fd = cookie->eng_handle; + + eng_cookie = malloc(sizeof(struct cryptodev_cookie_s)); + if (!eng_cookie) +@@ -1802,38 +1802,11 @@ cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) + return (ret); + } + +-/* Close an opened instance of cryptodev engine */ +-void cryptodev_close_instance(void *handle) +-{ +- int fd; +- +- if (handle) { +- fd = *(int *)handle; +- close(fd); +- free(handle); +- } +-} +- +-/* Create an instance of cryptodev for asynchronous interface */ +-void *cryptodev_init_instance(void) +-{ +- int *fd = malloc(sizeof(int)); +- +- if (fd) { +- if ((*fd = open("/dev/crypto", O_RDWR, 0)) == -1) { +- free(fd); +- return NULL; +- } +- } +- return fd; +-} +- + #include <poll.h> + + /* Return 0 on success and 1 on failure */ +-int cryptodev_check_availability(void *eng_handle) ++int cryptodev_check_availability(int fd) + { +- int fd = *(int *)eng_handle; + struct pkc_cookie_list_s cookie_list; + struct pkc_cookie_s *cookie; + int i; +@@ -4540,8 +4513,8 @@ ENGINE_load_cryptodev(void) + } + + ENGINE_set_check_pkc_availability(engine, cryptodev_check_availability); +- ENGINE_set_close_instance(engine, cryptodev_close_instance); +- ENGINE_set_init_instance(engine, cryptodev_init_instance); ++ ENGINE_set_close_instance(engine, put_dev_crypto); ++ ENGINE_set_open_instance(engine, open_dev_crypto); + ENGINE_set_async_map(engine, ENGINE_ALLPKC_ASYNC); + + ENGINE_add(engine); +diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h +index 8fc3077..8fb79c0 100644 +--- a/crypto/engine/eng_int.h ++++ b/crypto/engine/eng_int.h +@@ -181,23 +181,15 @@ struct engine_st + ENGINE_LOAD_KEY_PTR load_pubkey; + + ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; +- /* +- * Instantiate Engine handle to be passed in check_pkc_availability +- * Ensure that Engine is instantiated before any pkc asynchronous call. +- */ +- void *(*engine_init_instance)(void); +- /* +- * Instantiated Engine handle will be closed with this call. +- * Ensure that no pkc asynchronous call is made after this call +- */ +- void (*engine_close_instance)(void *handle); ++ int (*engine_open_instance)(void); ++ int (*engine_close_instance)(int fd); + /* + * Check availability will extract the data from kernel. + * eng_handle: This is the Engine handle corresponds to which + * the cookies needs to be polled. + * return 0 if cookie available else 1 + */ +- int (*check_pkc_availability)(void *eng_handle); ++ int (*check_pkc_availability)(int fd); + /* + * The following map is used to check if the engine supports asynchronous implementation + * ENGINE_ASYNC_FLAG* for available bitmap. Any application checking for asynchronous +diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c +index 6fa621c..6c9471b 100644 +--- a/crypto/engine/eng_lib.c ++++ b/crypto/engine/eng_lib.c +@@ -99,7 +99,7 @@ void engine_set_all_null(ENGINE *e) + e->load_privkey = NULL; + e->load_pubkey = NULL; + e->check_pkc_availability = NULL; +- e->engine_init_instance = NULL; ++ e->engine_open_instance = NULL; + e->engine_close_instance = NULL; + e->cmd_defns = NULL; + e->async_map = 0; +@@ -237,47 +237,46 @@ int ENGINE_set_id(ENGINE *e, const char *id) + return 1; + } + +-void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)) +- { +- e->engine_init_instance = engine_init_instance; +- } ++void ENGINE_set_open_instance(ENGINE *e, int (*engine_open_instance)(void)) ++{ ++ e->engine_open_instance = engine_open_instance; ++} + +-void ENGINE_set_close_instance(ENGINE *e, +- void (*engine_close_instance)(void *)) +- { +- e->engine_close_instance = engine_close_instance; +- } ++void ENGINE_set_close_instance(ENGINE *e, int (*engine_close_instance)(int)) ++{ ++ e->engine_close_instance = engine_close_instance; ++} + + void ENGINE_set_async_map(ENGINE *e, int async_map) + { + e->async_map = async_map; + } + +-void *ENGINE_init_instance(ENGINE *e) +- { +- return e->engine_init_instance(); +- } +- +-void ENGINE_close_instance(ENGINE *e, void *eng_handle) +- { +- e->engine_close_instance(eng_handle); +- } +- + int ENGINE_get_async_map(ENGINE *e) + { + return e->async_map; + } + +-void ENGINE_set_check_pkc_availability(ENGINE *e, +- int (*check_pkc_availability)(void *eng_handle)) +- { +- e->check_pkc_availability = check_pkc_availability; +- } ++int ENGINE_open_instance(ENGINE *e) ++{ ++ return e->engine_open_instance(); ++} + +-int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle) +- { +- return e->check_pkc_availability(eng_handle); +- } ++int ENGINE_close_instance(ENGINE *e, int fd) ++{ ++ return e->engine_close_instance(fd); ++} ++ ++void ENGINE_set_check_pkc_availability(ENGINE *e, ++ int (*check_pkc_availability)(int fd)) ++{ ++ e->check_pkc_availability = check_pkc_availability; ++} ++ ++int ENGINE_check_pkc_availability(ENGINE *e, int fd) ++{ ++ return e->check_pkc_availability(fd); ++} + + int ENGINE_set_name(ENGINE *e, const char *name) + { +diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h +index ccff86a..3ba3e97 100644 +--- a/crypto/engine/engine.h ++++ b/crypto/engine/engine.h +@@ -473,9 +473,6 @@ ENGINE *ENGINE_new(void); + int ENGINE_free(ENGINE *e); + int ENGINE_up_ref(ENGINE *e); + int ENGINE_set_id(ENGINE *e, const char *id); +-void ENGINE_set_init_instance(ENGINE *e, void *(*engine_init_instance)(void)); +-void ENGINE_set_close_instance(ENGINE *e, +- void (*engine_free_instance)(void *)); + /* + * Following FLAGS are bitmap store in async_map to set asynchronous interface capability + *of the engine +@@ -492,11 +489,13 @@ void ENGINE_set_async_map(ENGINE *e, int async_map); + * to confirm asynchronous methods supported + */ + int ENGINE_get_async_map(ENGINE *e); +-void *ENGINE_init_instance(ENGINE *e); +-void ENGINE_close_instance(ENGINE *e, void *eng_handle); ++int ENGINE_open_instance(ENGINE *e); ++int ENGINE_close_instance(ENGINE *e, int fd); ++void ENGINE_set_init_instance(ENGINE *e, int(*engine_init_instance)(void)); ++void ENGINE_set_close_instance(ENGINE *e, int(*engine_close_instance)(int)); + void ENGINE_set_check_pkc_availability(ENGINE *e, +- int (*check_pkc_availability)(void *eng_handle)); +-int ENGINE_check_pkc_availability(ENGINE *e, void *eng_handle); ++ int (*check_pkc_availability)(int fd)); ++int ENGINE_check_pkc_availability(ENGINE *e, int fd); + int ENGINE_set_name(ENGINE *e, const char *name); + int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); + int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); +-- +2.3.5 + |