summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
authorangelos <>2002-06-09 00:43:30 +0000
committerangelos <>2002-06-09 00:43:30 +0000
commit91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9 (patch)
tree3165db718f5f7418f463dde02a472038a60c1717 /src/lib/libc
parent7f7e8e0a38bb36e3986d0de97a01ab6c0fe3eb9e (diff)
downloadopenbsd-91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9.tar.gz
openbsd-91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9.tar.bz2
openbsd-91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9.zip
Pass the right arguments for RSA, DSA, and modexp operations. Fix the
translation between the crypto framework's format and the BN structure.
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/engine/hw_cryptodev.c67
1 files changed, 37 insertions, 30 deletions
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c
index fe10381906..0a2279f4e3 100644
--- a/src/lib/libcrypto/engine/hw_cryptodev.c
+++ b/src/lib/libcrypto/engine/hw_cryptodev.c
@@ -581,7 +581,7 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
581static int 581static int
582bn2crparam(const BIGNUM *a, struct crparam *crp) 582bn2crparam(const BIGNUM *a, struct crparam *crp)
583{ 583{
584 int i, j, n; 584 int i, j, k;
585 ssize_t words, bytes, bits; 585 ssize_t words, bytes, bits;
586 u_char *b; 586 u_char *b;
587 587
@@ -598,17 +598,13 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
598 crp->crp_p = b; 598 crp->crp_p = b;
599 crp->crp_nbits = bits; 599 crp->crp_nbits = bits;
600 600
601 words = (bits + BN_BITS2 - 1) / BN_BITS2; 601 for (i = 0, j = 0; i < a->top; i++) {
602 602 for (k = 0; k < BN_BITS2 / 8; k++) {
603 n = 0; 603 if ((j + k) >= bytes)
604 for (i = 0; i < words && n < bytes; i++) { 604 return (0);
605 BN_ULONG word; 605 b[j + k] = a->d[i] >> (k * 8);
606
607 word = a->d[i];
608 for (j = 0 ; j < BN_BYTES && n < bytes; j++, n++) {
609 *b++ = (word & 0xff);
610 word >>= 8;
611 } 606 }
607 j += BN_BITS2 / 8;
612 } 608 }
613 return (0); 609 return (0);
614} 610}
@@ -617,15 +613,22 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
617static int 613static int
618crparam2bn(struct crparam *crp, BIGNUM *a) 614crparam2bn(struct crparam *crp, BIGNUM *a)
619{ 615{
616 u_int8_t *pd;
620 int i, bytes; 617 int i, bytes;
621 618
622 bytes = (crp->crp_nbits + 7)/8; 619 bytes = (crp->crp_nbits + 7) / 8;
623 620
624 BN_zero(a); 621 if (bytes == 0)
625 for (i = bytes - 1; i >= 0; i--) { 622 return (-1);
626 BN_lshift(a, a, 8); 623
627 BN_add_word(a, (u_char)crp->crp_p[i]); 624 if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
628 } 625 return (-1);
626
627 for (i = 0; i < bytes; i++)
628 pd[i] = crp->crp_p[bytes - i - 1];
629
630 BN_bin2bn(pd, bytes, a);
631 free(pd);
629 632
630 return (0); 633 return (0);
631} 634}
@@ -644,23 +647,26 @@ zapparams(struct crypt_kop *kop)
644} 647}
645 648
646static int 649static int
647cryptodev_sym(struct crypt_kop *kop, BIGNUM *r, BIGNUM *s) 650cryptodev_sym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
648{ 651{
649 int ret = -1; 652 int ret = -1;
650 653
651 if (r) { 654 if (r) {
652 kop->crk_param[kop->crk_iparams].crp_p = malloc(256); 655 kop->crk_param[kop->crk_iparams].crp_p = malloc(rlen);
653 kop->crk_param[kop->crk_iparams].crp_nbits = 256 * 8; 656 kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
654 kop->crk_oparams++; 657 kop->crk_oparams++;
655 } 658 }
656 if (s) { 659 if (s) {
657 kop->crk_param[kop->crk_iparams+1].crp_p = malloc(256); 660 kop->crk_param[kop->crk_iparams+1].crp_p = malloc(slen);
658 kop->crk_param[kop->crk_iparams+1].crp_nbits = 256 * 8; 661 kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8;
659 kop->crk_oparams++; 662 kop->crk_oparams++;
660 } 663 }
661 664
662 if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { 665 if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) {
663 crparam2bn(&kop->crk_param[3], r); 666 if (r)
667 crparam2bn(&kop->crk_param[3], r);
668 if (s)
669 crparam2bn(&kop->crk_param[4], s);
664 ret = 0; 670 ret = 0;
665 } 671 }
666 return (ret); 672 return (ret);
@@ -676,16 +682,16 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
676 memset(&kop, 0, sizeof kop); 682 memset(&kop, 0, sizeof kop);
677 kop.crk_op = CRK_MOD_EXP; 683 kop.crk_op = CRK_MOD_EXP;
678 684
679 /* inputs: a m p */ 685 /* inputs: a^p % m */
680 if (bn2crparam(a, &kop.crk_param[0])) 686 if (bn2crparam(a, &kop.crk_param[0]))
681 goto err; 687 goto err;
682 if (bn2crparam(m, &kop.crk_param[1])) 688 if (bn2crparam(p, &kop.crk_param[1]))
683 goto err; 689 goto err;
684 if (bn2crparam(p, &kop.crk_param[2])) 690 if (bn2crparam(m, &kop.crk_param[2]))
685 goto err; 691 goto err;
686 kop.crk_iparams = 3; 692 kop.crk_iparams = 3;
687 693
688 if (cryptodev_sym(&kop, r, NULL) == -1) { 694 if (cryptodev_sym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
689 ret = BN_mod_exp(r, a, p, m, ctx); 695 ret = BN_mod_exp(r, a, p, m, ctx);
690 } 696 }
691err: 697err:
@@ -722,7 +728,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
722 goto err; 728 goto err;
723 kop.crk_iparams = 6; 729 kop.crk_iparams = 6;
724 730
725 if (cryptodev_sym(&kop, r0, NULL) == -1) { 731 if (cryptodev_sym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
726 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); 732 const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
727 733
728 ret = (*meth->rsa_mod_exp)(r0, I, rsa); 734 ret = (*meth->rsa_mod_exp)(r0, I, rsa);
@@ -785,7 +791,8 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
785 goto err; 791 goto err;
786 kop.crk_iparams = 5; 792 kop.crk_iparams = 5;
787 793
788 if (cryptodev_sym(&kop, r, s) == 0) { 794 if (cryptodev_sym(&kop, BN_num_bytes(dsa->q), r,
795 BN_num_bytes(dsa->q), s) == 0) {
789 dsaret = DSA_SIG_new(); 796 dsaret = DSA_SIG_new();
790 dsaret->r = r; 797 dsaret->r = r;
791 dsaret->s = s; 798 dsaret->s = s;
@@ -829,7 +836,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
829 goto err; 836 goto err;
830 kop.crk_iparams = 7; 837 kop.crk_iparams = 7;
831 838
832 if (cryptodev_sym(&kop, NULL, NULL) == 0) { 839 if (cryptodev_sym(&kop, 0, NULL, 0, NULL) == 0) {
833 dsaret = kop.crk_status; 840 dsaret = kop.crk_status;
834 } else { 841 } else {
835 const DSA_METHOD *meth = DSA_OpenSSL(); 842 const DSA_METHOD *meth = DSA_OpenSSL();