| blob | 47295500c0f68522be3b5d1594b9ff40b590e55e |
1 From 90fd7e8f1a316cda86ee442b43fcd7d5e5baeede Mon Sep 17 00:00:00 2001
2 From: Gustavo Zacarias <gustavo@zacarias.com.ar>
3 Date: Sat, 16 May 2015 18:55:08 +0200
4 Subject: cryptodev: Fix issue with signature generation
6 Forward port of 0001-cryptodev-Fix-issue-with-signature-generation.patch
7 from http://rt.openssl.org/Ticket/Display.html?id=2770&user=guest&pass=guest
8 It was originally targetted at 1.0.2-beta3.
10 Without this patch digest acceleration via cryptodev is broken.
12 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
13 Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
14 ---
15 crypto/engine/eng_cryptodev.c | 195 +++++++++++++++++++++++++++++++-----------
16 1 file changed, 146 insertions(+), 49 deletions(-)
18 diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
19 index 926d95c..7021d9a 100644
20 --- a/crypto/engine/eng_cryptodev.c
21 +++ b/crypto/engine/eng_cryptodev.c
22 @@ -2,6 +2,7 @@
23 * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
24 * Copyright (c) 2002 Theo de Raadt
25 * Copyright (c) 2002 Markus Friedl
26 + * Copyright (c) 2012 Nikos Mavrogiannopoulos
27 * All rights reserved.
28 *
29 * Redistribution and use in source and binary forms, with or without
30 @@ -72,7 +73,6 @@ struct dev_crypto_state {
31 struct session_op d_sess;
32 int d_fd;
33 # ifdef USE_CRYPTODEV_DIGESTS
34 - char dummy_mac_key[HASH_MAX_LEN];
35 unsigned char digest_res[HASH_MAX_LEN];
36 char *mac_data;
37 int mac_len;
38 @@ -189,8 +189,10 @@ static struct {
39 static struct {
40 int id;
41 int nid;
42 - int keylen;
43 + int digestlen;
44 } digests[] = {
45 +#if 0
46 + /* HMAC is not supported */
47 {
48 CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16
49 },
50 @@ -198,15 +200,15 @@ static struct {
51 CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20
52 },
53 {
54 - CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16
55 - /* ? */
56 + CRYPTO_SHA2_256_HMAC, NID_hmacWithSHA256, 32
57 },
58 {
59 - CRYPTO_MD5_KPDK, NID_undef, 0
60 + CRYPTO_SHA2_384_HMAC, NID_hmacWithSHA384, 48
61 },
62 {
63 - CRYPTO_SHA1_KPDK, NID_undef, 0
64 + CRYPTO_SHA2_512_HMAC, NID_hmacWithSHA512, 64
65 },
66 +#endif
67 {
68 CRYPTO_MD5, NID_md5, 16
69 },
70 @@ -214,6 +216,15 @@ static struct {
71 CRYPTO_SHA1, NID_sha1, 20
72 },
73 {
74 + CRYPTO_SHA2_256, NID_sha256, 32
75 + },
76 + {
77 + CRYPTO_SHA2_384, NID_sha384, 48
78 + },
79 + {
80 + CRYPTO_SHA2_512, NID_sha512, 64
81 + },
82 + {
83 0, NID_undef, 0
84 },
85 };
86 @@ -288,13 +299,14 @@ static int get_cryptodev_ciphers(const int **cnids)
87 static int nids[CRYPTO_ALGORITHM_MAX];
88 struct session_op sess;
89 int fd, i, count = 0;
90 + unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
92 if ((fd = get_dev_crypto()) < 0) {
93 *cnids = NULL;
94 return (0);
95 }
96 memset(&sess, 0, sizeof(sess));
97 - sess.key = (caddr_t) "123456789abcdefghijklmno";
98 + sess.key = (void*)fake_key;
100 for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
101 if (ciphers[i].nid == NID_undef)
102 @@ -327,18 +339,19 @@ static int get_cryptodev_digests(const int **cnids)
103 static int nids[CRYPTO_ALGORITHM_MAX];
104 struct session_op sess;
105 int fd, i, count = 0;
106 + unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
108 if ((fd = get_dev_crypto()) < 0) {
109 *cnids = NULL;
110 return (0);
111 }
112 memset(&sess, 0, sizeof(sess));
113 - sess.mackey = (caddr_t) "123456789abcdefghijklmno";
114 + sess.mackey = fake_key;
115 for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
116 if (digests[i].nid == NID_undef)
117 continue;
118 sess.mac = digests[i].id;
119 - sess.mackeylen = digests[i].keylen;
120 + sess.mackeylen = 8;
121 sess.cipher = 0;
122 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
123 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
124 @@ -424,14 +437,14 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
125 cryp.ses = sess->ses;
126 cryp.flags = 0;
127 cryp.len = inl;
128 - cryp.src = (caddr_t) in;
129 - cryp.dst = (caddr_t) out;
130 + cryp.src = (void*) in;
131 + cryp.dst = (void*) out;
132 cryp.mac = 0;
134 cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
136 if (ctx->cipher->iv_len) {
137 - cryp.iv = (caddr_t) ctx->iv;
138 + cryp.iv = (void*) ctx->iv;
139 if (!ctx->encrypt) {
140 iiv = in + inl - ctx->cipher->iv_len;
141 memcpy(save_iv, iiv, ctx->cipher->iv_len);
142 @@ -483,7 +496,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
143 if ((state->d_fd = get_dev_crypto()) < 0)
144 return (0);
146 - sess->key = (caddr_t) key;
147 + sess->key = (void*)key;
148 sess->keylen = ctx->key_len;
149 sess->cipher = cipher;
151 @@ -749,16 +762,6 @@ static int digest_nid_to_cryptodev(int nid)
152 return (0);
153 }
155 -static int digest_key_length(int nid)
156 -{
157 - int i;
158 -
159 - for (i = 0; digests[i].id; i++)
160 - if (digests[i].nid == nid)
161 - return digests[i].keylen;
162 - return (0);
163 -}
164 -
165 static int cryptodev_digest_init(EVP_MD_CTX *ctx)
166 {
167 struct dev_crypto_state *state = ctx->md_data;
168 @@ -769,7 +772,6 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
169 printf("cryptodev_digest_init: Can't get digest \n");
170 return (0);
171 }
172 -
173 memset(state, 0, sizeof(struct dev_crypto_state));
175 if ((state->d_fd = get_dev_crypto()) < 0) {
176 @@ -777,8 +779,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
177 return (0);
178 }
180 - sess->mackey = state->dummy_mac_key;
181 - sess->mackeylen = digest_key_length(ctx->digest->type);
182 + sess->mackey = NULL;
183 + sess->mackeylen = 0;
184 sess->mac = digest;
186 if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
187 @@ -794,8 +796,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
188 static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
189 size_t count)
190 {
191 - struct crypt_op cryp;
192 struct dev_crypto_state *state = ctx->md_data;
193 + struct crypt_op cryp;
194 struct session_op *sess = &state->d_sess;
196 if (!data || state->d_fd < 0) {
197 @@ -804,7 +806,7 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
198 }
200 if (!count) {
201 - return (0);
202 + return (1);
203 }
205 if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
206 @@ -828,9 +830,9 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
207 cryp.ses = sess->ses;
208 cryp.flags = 0;
209 cryp.len = count;
210 - cryp.src = (caddr_t) data;
211 + cryp.src = (void*) data;
212 cryp.dst = NULL;
213 - cryp.mac = (caddr_t) state->digest_res;
214 + cryp.mac = (void*) state->digest_res;
215 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
216 printf("cryptodev_digest_update: digest failed\n");
217 return (0);
218 @@ -844,8 +846,6 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
219 struct dev_crypto_state *state = ctx->md_data;
220 struct session_op *sess = &state->d_sess;
222 - int ret = 1;
223 -
224 if (!md || state->d_fd < 0) {
225 printf("cryptodev_digest_final: illegal input\n");
226 return (0);
227 @@ -859,7 +859,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
228 cryp.len = state->mac_len;
229 cryp.src = state->mac_data;
230 cryp.dst = NULL;
231 - cryp.mac = (caddr_t) md;
232 + cryp.mac = (void*)md;
233 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
234 printf("cryptodev_digest_final: digest failed\n");
235 return (0);
236 @@ -870,7 +870,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
238 memcpy(md, state->digest_res, ctx->digest->md_size);
240 - return (ret);
241 + return 1;
242 }
244 static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
245 @@ -921,8 +921,8 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
247 digest = digest_nid_to_cryptodev(to->digest->type);
249 - sess->mackey = dstate->dummy_mac_key;
250 - sess->mackeylen = digest_key_length(to->digest->type);
251 + sess->mackey = NULL;
252 + sess->mackeylen = 0;
253 sess->mac = digest;
255 dstate->d_fd = get_dev_crypto();
256 @@ -947,32 +947,116 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
258 const EVP_MD cryptodev_sha1 = {
259 NID_sha1,
260 - NID_undef,
261 + NID_sha1WithRSAEncryption,
262 SHA_DIGEST_LENGTH,
263 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
264 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
265 + EVP_MD_FLAG_DIGALGID_ABSENT|
266 +#endif
267 EVP_MD_FLAG_ONESHOT,
268 cryptodev_digest_init,
269 cryptodev_digest_update,
270 cryptodev_digest_final,
271 cryptodev_digest_copy,
272 cryptodev_digest_cleanup,
273 - EVP_PKEY_NULL_method,
274 + EVP_PKEY_RSA_method,
275 SHA_CBLOCK,
276 - sizeof(struct dev_crypto_state),
277 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
278 };
280 -const EVP_MD cryptodev_md5 = {
281 +static const EVP_MD cryptodev_sha256 = {
282 + NID_sha256,
283 + NID_sha256WithRSAEncryption,
284 + SHA256_DIGEST_LENGTH,
285 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
286 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
287 + EVP_MD_FLAG_DIGALGID_ABSENT|
288 +#endif
289 + EVP_MD_FLAG_ONESHOT,
290 + cryptodev_digest_init,
291 + cryptodev_digest_update,
292 + cryptodev_digest_final,
293 + cryptodev_digest_copy,
294 + cryptodev_digest_cleanup,
295 + EVP_PKEY_RSA_method,
296 + SHA256_CBLOCK,
297 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
298 +};
299 +
300 +static const EVP_MD cryptodev_sha224 = {
301 + NID_sha224,
302 + NID_sha224WithRSAEncryption,
303 + SHA224_DIGEST_LENGTH,
304 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
305 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
306 + EVP_MD_FLAG_DIGALGID_ABSENT|
307 +#endif
308 + EVP_MD_FLAG_ONESHOT,
309 + cryptodev_digest_init,
310 + cryptodev_digest_update,
311 + cryptodev_digest_final,
312 + cryptodev_digest_copy,
313 + cryptodev_digest_cleanup,
314 + EVP_PKEY_RSA_method,
315 + SHA256_CBLOCK,
316 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
317 +};
318 +
319 +static const EVP_MD cryptodev_sha384 = {
320 + NID_sha384,
321 + NID_sha384WithRSAEncryption,
322 + SHA384_DIGEST_LENGTH,
323 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
324 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
325 + EVP_MD_FLAG_DIGALGID_ABSENT|
326 +#endif
327 + EVP_MD_FLAG_ONESHOT,
328 + cryptodev_digest_init,
329 + cryptodev_digest_update,
330 + cryptodev_digest_final,
331 + cryptodev_digest_copy,
332 + cryptodev_digest_cleanup,
333 + EVP_PKEY_RSA_method,
334 + SHA512_CBLOCK,
335 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
336 +};
337 +
338 +static const EVP_MD cryptodev_sha512 = {
339 + NID_sha512,
340 + NID_sha512WithRSAEncryption,
341 + SHA512_DIGEST_LENGTH,
342 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
343 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
344 + EVP_MD_FLAG_DIGALGID_ABSENT|
345 +#endif
346 + EVP_MD_FLAG_ONESHOT,
347 + cryptodev_digest_init,
348 + cryptodev_digest_update,
349 + cryptodev_digest_final,
350 + cryptodev_digest_copy,
351 + cryptodev_digest_cleanup,
352 + EVP_PKEY_RSA_method,
353 + SHA512_CBLOCK,
354 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
355 +};
356 +
357 +static const EVP_MD cryptodev_md5 = {
358 NID_md5,
359 - NID_undef,
360 + NID_md5WithRSAEncryption,
361 16 /* MD5_DIGEST_LENGTH */ ,
362 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
363 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
364 + EVP_MD_FLAG_DIGALGID_ABSENT|
365 +#endif
366 EVP_MD_FLAG_ONESHOT,
367 cryptodev_digest_init,
368 cryptodev_digest_update,
369 cryptodev_digest_final,
370 cryptodev_digest_copy,
371 cryptodev_digest_cleanup,
372 - EVP_PKEY_NULL_method,
373 + EVP_PKEY_RSA_method,
374 64 /* MD5_CBLOCK */ ,
375 - sizeof(struct dev_crypto_state),
376 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
377 };
379 # endif /* USE_CRYPTODEV_DIGESTS */
380 @@ -992,6 +1076,18 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
381 case NID_sha1:
382 *digest = &cryptodev_sha1;
383 break;
384 + case NID_sha224:
385 + *digest = &cryptodev_sha224;
386 + break;
387 + case NID_sha256:
388 + *digest = &cryptodev_sha256;
389 + break;
390 + case NID_sha384:
391 + *digest = &cryptodev_sha384;
392 + break;
393 + case NID_sha512:
394 + *digest = &cryptodev_sha512;
395 + break;
396 default:
397 # endif /* USE_CRYPTODEV_DIGESTS */
398 *digest = NULL;
399 @@ -1022,7 +1118,7 @@ static int bn2crparam(const BIGNUM *a, struct crparam *crp)
400 return (1);
401 memset(b, 0, bytes);
403 - crp->crp_p = (caddr_t) b;
404 + crp->crp_p = (void*) b;
405 crp->crp_nbits = bits;
407 for (i = 0, j = 0; i < a->top; i++) {
408 @@ -1277,7 +1373,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
409 kop.crk_op = CRK_DSA_SIGN;
411 /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
412 - kop.crk_param[0].crp_p = (caddr_t) dgst;
413 + kop.crk_param[0].crp_p = (void*)dgst;
414 kop.crk_param[0].crp_nbits = dlen * 8;
415 if (bn2crparam(dsa->p, &kop.crk_param[1]))
416 goto err;
417 @@ -1317,7 +1413,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
418 kop.crk_op = CRK_DSA_VERIFY;
420 /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
421 - kop.crk_param[0].crp_p = (caddr_t) dgst;
422 + kop.crk_param[0].crp_p = (void*)dgst;
423 kop.crk_param[0].crp_nbits = dlen * 8;
424 if (bn2crparam(dsa->p, &kop.crk_param[1]))
425 goto err;
426 @@ -1398,9 +1494,10 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
427 goto err;
428 kop.crk_iparams = 3;
430 - kop.crk_param[3].crp_p = (caddr_t) key;
431 - kop.crk_param[3].crp_nbits = keylen * 8;
432 + kop.crk_param[3].crp_p = (void*) key;
433 + kop.crk_param[3].crp_nbits = keylen;
434 kop.crk_oparams = 1;
435 + dhret = keylen / 8;
437 if (ioctl(fd, CIOCKEY, &kop) == -1) {
438 const DH_METHOD *meth = DH_OpenSSL();
439 @@ -1470,7 +1567,7 @@ void ENGINE_load_cryptodev(void)
440 put_dev_crypto(fd);
442 if (!ENGINE_set_id(engine, "cryptodev") ||
443 - !ENGINE_set_name(engine, "BSD cryptodev engine") ||
444 + !ENGINE_set_name(engine, "cryptodev engine") ||
445 !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
446 !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
447 !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
448 --
449 1.9.1