1 Forward port of 0001-cryptodev-Fix-issue-with-signature-generation.patch
2 from http://rt.openssl.org/Ticket/Display.html?id=2770&user=guest&pass=guest
3 It was originally targetted at 1.0.2-beta3.
5 Without this patch digest acceleration via cryptodev is broken.
7 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
9 diff -Nura openssl-1.0.2.orig/crypto/engine/eng_cryptodev.c openssl-1.0.2/crypto/engine/eng_cryptodev.c
10 --- openssl-1.0.2.orig/crypto/engine/eng_cryptodev.c 2015-01-28 14:59:58.146682462 -0300
11 +++ openssl-1.0.2/crypto/engine/eng_cryptodev.c 2015-01-28 15:29:25.107649077 -0300
13 * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
14 * Copyright (c) 2002 Theo de Raadt
15 * Copyright (c) 2002 Markus Friedl
16 + * Copyright (c) 2012 Nikos Mavrogiannopoulos
17 * All rights reserved.
19 * Redistribution and use in source and binary forms, with or without
21 struct session_op d_sess;
23 # ifdef USE_CRYPTODEV_DIGESTS
24 - char dummy_mac_key[HASH_MAX_LEN];
25 unsigned char digest_res[HASH_MAX_LEN];
36 + /* HMAC is not supported */
38 CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16
41 CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20
44 - CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16
46 + CRYPTO_SHA2_256_HMAC, NID_hmacWithSHA256, 32
49 - CRYPTO_MD5_KPDK, NID_undef, 0
50 + CRYPTO_SHA2_384_HMAC, NID_hmacWithSHA384, 48
53 - CRYPTO_SHA1_KPDK, NID_undef, 0
54 + CRYPTO_SHA2_512_HMAC, NID_hmacWithSHA512, 64
58 CRYPTO_MD5, NID_md5, 16
61 CRYPTO_SHA1, NID_sha1, 20
64 + CRYPTO_SHA2_256, NID_sha256, 32
67 + CRYPTO_SHA2_384, NID_sha384, 48
70 + CRYPTO_SHA2_512, NID_sha512, 64
77 static int nids[CRYPTO_ALGORITHM_MAX];
78 struct session_op sess;
80 + unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
82 if ((fd = get_dev_crypto()) < 0) {
86 memset(&sess, 0, sizeof(sess));
87 - sess.key = (caddr_t) "123456789abcdefghijklmno";
88 + sess.key = (void*)fake_key;
90 for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
91 if (ciphers[i].nid == NID_undef)
93 static int nids[CRYPTO_ALGORITHM_MAX];
94 struct session_op sess;
96 + unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
98 if ((fd = get_dev_crypto()) < 0) {
102 memset(&sess, 0, sizeof(sess));
103 - sess.mackey = (caddr_t) "123456789abcdefghijklmno";
104 + sess.mackey = fake_key;
105 for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
106 if (digests[i].nid == NID_undef)
108 sess.mac = digests[i].id;
109 - sess.mackeylen = digests[i].keylen;
110 + sess.mackeylen = 8;
112 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
113 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
114 @@ -424,14 +437,14 @@
115 cryp.ses = sess->ses;
118 - cryp.src = (caddr_t) in;
119 - cryp.dst = (caddr_t) out;
120 + cryp.src = (void*) in;
121 + cryp.dst = (void*) out;
124 cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
126 if (ctx->cipher->iv_len) {
127 - cryp.iv = (caddr_t) ctx->iv;
128 + cryp.iv = (void*) ctx->iv;
130 iiv = in + inl - ctx->cipher->iv_len;
131 memcpy(save_iv, iiv, ctx->cipher->iv_len);
133 if ((state->d_fd = get_dev_crypto()) < 0)
136 - sess->key = (caddr_t) key;
137 + sess->key = (void*)key;
138 sess->keylen = ctx->key_len;
139 sess->cipher = cipher;
145 -static int digest_key_length(int nid)
149 - for (i = 0; digests[i].id; i++)
150 - if (digests[i].nid == nid)
151 - return digests[i].keylen;
155 static int cryptodev_digest_init(EVP_MD_CTX *ctx)
157 struct dev_crypto_state *state = ctx->md_data;
159 printf("cryptodev_digest_init: Can't get digest \n");
163 memset(state, 0, sizeof(struct dev_crypto_state));
165 if ((state->d_fd = get_dev_crypto()) < 0) {
170 - sess->mackey = state->dummy_mac_key;
171 - sess->mackeylen = digest_key_length(ctx->digest->type);
172 + sess->mackey = NULL;
173 + sess->mackeylen = 0;
176 if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
178 static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
181 - struct crypt_op cryp;
182 struct dev_crypto_state *state = ctx->md_data;
183 + struct crypt_op cryp;
184 struct session_op *sess = &state->d_sess;
186 if (!data || state->d_fd < 0) {
195 if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
197 cryp.ses = sess->ses;
200 - cryp.src = (caddr_t) data;
201 + cryp.src = (void*) data;
203 - cryp.mac = (caddr_t) state->digest_res;
204 + cryp.mac = (void*) state->digest_res;
205 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
206 printf("cryptodev_digest_update: digest failed\n");
209 struct dev_crypto_state *state = ctx->md_data;
210 struct session_op *sess = &state->d_sess;
214 if (!md || state->d_fd < 0) {
215 printf("cryptodev_digest_final: illegal input\n");
218 cryp.len = state->mac_len;
219 cryp.src = state->mac_data;
221 - cryp.mac = (caddr_t) md;
222 + cryp.mac = (void*)md;
223 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
224 printf("cryptodev_digest_final: digest failed\n");
228 memcpy(md, state->digest_res, ctx->digest->md_size);
234 static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
237 digest = digest_nid_to_cryptodev(to->digest->type);
239 - sess->mackey = dstate->dummy_mac_key;
240 - sess->mackeylen = digest_key_length(to->digest->type);
241 + sess->mackey = NULL;
242 + sess->mackeylen = 0;
245 dstate->d_fd = get_dev_crypto();
246 @@ -947,32 +947,116 @@
248 const EVP_MD cryptodev_sha1 = {
251 + NID_sha1WithRSAEncryption,
253 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
254 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
255 + EVP_MD_FLAG_DIGALGID_ABSENT|
258 cryptodev_digest_init,
259 cryptodev_digest_update,
260 cryptodev_digest_final,
261 cryptodev_digest_copy,
262 cryptodev_digest_cleanup,
263 - EVP_PKEY_NULL_method,
264 + EVP_PKEY_RSA_method,
266 - sizeof(struct dev_crypto_state),
267 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
270 -const EVP_MD cryptodev_md5 = {
271 +static const EVP_MD cryptodev_sha256 = {
273 + NID_sha256WithRSAEncryption,
274 + SHA256_DIGEST_LENGTH,
275 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
276 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
277 + EVP_MD_FLAG_DIGALGID_ABSENT|
279 + EVP_MD_FLAG_ONESHOT,
280 + cryptodev_digest_init,
281 + cryptodev_digest_update,
282 + cryptodev_digest_final,
283 + cryptodev_digest_copy,
284 + cryptodev_digest_cleanup,
285 + EVP_PKEY_RSA_method,
287 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
290 +static const EVP_MD cryptodev_sha224 = {
292 + NID_sha224WithRSAEncryption,
293 + SHA224_DIGEST_LENGTH,
294 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
295 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
296 + EVP_MD_FLAG_DIGALGID_ABSENT|
298 + EVP_MD_FLAG_ONESHOT,
299 + cryptodev_digest_init,
300 + cryptodev_digest_update,
301 + cryptodev_digest_final,
302 + cryptodev_digest_copy,
303 + cryptodev_digest_cleanup,
304 + EVP_PKEY_RSA_method,
306 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
309 +static const EVP_MD cryptodev_sha384 = {
311 + NID_sha384WithRSAEncryption,
312 + SHA384_DIGEST_LENGTH,
313 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
314 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
315 + EVP_MD_FLAG_DIGALGID_ABSENT|
317 + EVP_MD_FLAG_ONESHOT,
318 + cryptodev_digest_init,
319 + cryptodev_digest_update,
320 + cryptodev_digest_final,
321 + cryptodev_digest_copy,
322 + cryptodev_digest_cleanup,
323 + EVP_PKEY_RSA_method,
325 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
328 +static const EVP_MD cryptodev_sha512 = {
330 + NID_sha512WithRSAEncryption,
331 + SHA512_DIGEST_LENGTH,
332 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
333 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
334 + EVP_MD_FLAG_DIGALGID_ABSENT|
336 + EVP_MD_FLAG_ONESHOT,
337 + cryptodev_digest_init,
338 + cryptodev_digest_update,
339 + cryptodev_digest_final,
340 + cryptodev_digest_copy,
341 + cryptodev_digest_cleanup,
342 + EVP_PKEY_RSA_method,
344 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
347 +static const EVP_MD cryptodev_md5 = {
350 + NID_md5WithRSAEncryption,
351 16 /* MD5_DIGEST_LENGTH */ ,
352 +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
353 + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
354 + EVP_MD_FLAG_DIGALGID_ABSENT|
357 cryptodev_digest_init,
358 cryptodev_digest_update,
359 cryptodev_digest_final,
360 cryptodev_digest_copy,
361 cryptodev_digest_cleanup,
362 - EVP_PKEY_NULL_method,
363 + EVP_PKEY_RSA_method,
364 64 /* MD5_CBLOCK */ ,
365 - sizeof(struct dev_crypto_state),
366 + sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
369 # endif /* USE_CRYPTODEV_DIGESTS */
370 @@ -992,6 +1076,18 @@
372 *digest = &cryptodev_sha1;
375 + *digest = &cryptodev_sha224;
378 + *digest = &cryptodev_sha256;
381 + *digest = &cryptodev_sha384;
384 + *digest = &cryptodev_sha512;
387 # endif /* USE_CRYPTODEV_DIGESTS */
389 @@ -1022,7 +1118,7 @@
393 - crp->crp_p = (caddr_t) b;
394 + crp->crp_p = (void*) b;
395 crp->crp_nbits = bits;
397 for (i = 0, j = 0; i < a->top; i++) {
398 @@ -1277,7 +1373,7 @@
399 kop.crk_op = CRK_DSA_SIGN;
401 /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
402 - kop.crk_param[0].crp_p = (caddr_t) dgst;
403 + kop.crk_param[0].crp_p = (void*)dgst;
404 kop.crk_param[0].crp_nbits = dlen * 8;
405 if (bn2crparam(dsa->p, &kop.crk_param[1]))
407 @@ -1317,7 +1413,7 @@
408 kop.crk_op = CRK_DSA_VERIFY;
410 /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
411 - kop.crk_param[0].crp_p = (caddr_t) dgst;
412 + kop.crk_param[0].crp_p = (void*)dgst;
413 kop.crk_param[0].crp_nbits = dlen * 8;
414 if (bn2crparam(dsa->p, &kop.crk_param[1]))
416 @@ -1398,9 +1494,10 @@
420 - kop.crk_param[3].crp_p = (caddr_t) key;
421 - kop.crk_param[3].crp_nbits = keylen * 8;
422 + kop.crk_param[3].crp_p = (void*) key;
423 + kop.crk_param[3].crp_nbits = keylen;
425 + dhret = keylen / 8;
427 if (ioctl(fd, CIOCKEY, &kop) == -1) {
428 const DH_METHOD *meth = DH_OpenSSL();
429 @@ -1470,7 +1567,7 @@
432 if (!ENGINE_set_id(engine, "cryptodev") ||
433 - !ENGINE_set_name(engine, "BSD cryptodev engine") ||
434 + !ENGINE_set_name(engine, "cryptodev engine") ||
435 !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
436 !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
437 !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||