import OpenSSL-1.0.1c

author: djm <> 2012-10-13 21:23:58 +0000
committer: djm <> 2012-10-13 21:23:58 +0000
commit: adb31f466163d59ad933cf9d299ce6c610f1cff3 (patch)
tree: cfb338ea736543eb88bd6c3f56f007ecb05dce51 /src/lib/libcrypto/engine
parent: 767ddad28eb81a703656eed39ed362c83ac9e20a (diff)
download: openbsd-adb31f466163d59ad933cf9d299ce6c610f1cff3.tar.gz
openbsd-adb31f466163d59ad933cf9d299ce6c610f1cff3.tar.bz2
openbsd-adb31f466163d59ad933cf9d299ce6c610f1cff3.zip
2 files changed, 83 insertions, 22 deletions
diff --git a/src/lib/libcrypto/engine/Makefile b/src/lib/libcrypto/engine/Makefile
index 9c214824eb..d29bdd09a0 100644
--- a/src/lib/libcrypto/engine/Makefile
+++ b/src/lib/libcrypto/engine/Makefile
@@ -21,12 +21,14 @@ LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
        eng_table.c eng_pkey.c eng_fat.c eng_all.c \
        tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
        tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \
-        eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c
+        eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
+        eng_rsax.c eng_rdrand.c
 LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
        eng_table.o eng_pkey.o eng_fat.o eng_all.o \
        tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
        tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \
-        eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o
+        eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
+        eng_rsax.o eng_rdrand.o
 SRC= $(LIBSRC)
@@ -249,6 +251,34 @@ eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
 eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c
+eng_rdrand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rdrand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_rdrand.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_rdrand.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_rdrand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_rdrand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_rdrand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_rdrand.o: ../../include/openssl/opensslconf.h
+eng_rdrand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rdrand.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_rdrand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rdrand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rdrand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rdrand.o: eng_rdrand.c
+eng_rsax.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rsax.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_rsax.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_rsax.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_rsax.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_rsax.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_rsax.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_rsax.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_rsax.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rsax.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+eng_rsax.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rsax.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rsax.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rsax.o: eng_rsax.c
 eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
 eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/src/lib/libcrypto/engine/eng_cryptodev.c b/src/lib/libcrypto/engine/eng_cryptodev.c
index 52f4ca3901..5a715aca4f 100644
--- a/src/lib/libcrypto/engine/eng_cryptodev.c
+++ b/src/lib/libcrypto/engine/eng_cryptodev.c
@@ -79,8 +79,6 @@ struct dev_crypto_state {
        unsigned char digest_res[HASH_MAX_LEN];
        char *mac_data;
        int mac_len;
-        int copy;
 #endif
 };
@@ -200,6 +198,7 @@ get_dev_crypto(void)
        if ((fd = open_dev_crypto()) == -1)
                return (-1);
+#ifndef CRIOGET_NOT_NEEDED
        if (ioctl(fd, CRIOGET, &retfd) == -1)
                return (-1);
@@ -208,9 +207,19 @@ get_dev_crypto(void)
                close(retfd);
                return (-1);
        }
+#else
+        retfd = fd;
+#endif
        return (retfd);
 }
+static void put_dev_crypto(int fd)
+{
+#ifndef CRIOGET_NOT_NEEDED
+        close(fd);
+#endif
+}
 /* Caching version for asym operations */
 static int
 get_asym_dev_crypto(void)
@@ -252,7 +261,7 @@ get_cryptodev_ciphers(const int **cnids)
                    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
                        nids[count++] = ciphers[i].nid;
        }
-        close(fd);
+        put_dev_crypto(fd);
        if (count > 0)
                *cnids = nids;
@@ -291,7 +300,7 @@ get_cryptodev_digests(const int **cnids)
                    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
                        nids[count++] = digests[i].nid;
        }
-        close(fd);
+        put_dev_crypto(fd);
        if (count > 0)
                *cnids = nids;
@@ -436,7 +445,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
        sess->cipher = cipher;
        if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
-                close(state->d_fd);
+                put_dev_crypto(state->d_fd);
                state->d_fd = -1;
                return (0);
        }
@@ -473,7 +482,7 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
        } else {
                ret = 1;
        }
-        close(state->d_fd);
+        put_dev_crypto(state->d_fd);
        state->d_fd = -1;
        return (ret);
@@ -686,7 +695,7 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
        sess->mac = digest;
        if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
-                close(state->d_fd);
+                put_dev_crypto(state->d_fd);
                state->d_fd = -1;
                printf("cryptodev_digest_init: Open session failed\n");
                return (0);
@@ -758,14 +767,12 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
        if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {
                /* if application doesn't support one buffer */
                memset(&cryp, 0, sizeof(cryp));
                cryp.ses = sess->ses;
                cryp.flags = 0;
                cryp.len = state->mac_len;
                cryp.src = state->mac_data;
                cryp.dst = NULL;
                cryp.mac = (caddr_t)md;
                if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
                        printf("cryptodev_digest_final: digest failed\n");
                        return (0);
@@ -786,6 +793,9 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
        struct dev_crypto_state *state = ctx->md_data;
        struct session_op *sess = &state->d_sess;
+        if (state == NULL)
+          return 0;
        if (state->d_fd < 0) {
                printf("cryptodev_digest_cleanup: illegal input\n");
                return (0);
@@ -797,16 +807,13 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
                state->mac_len = 0;
        }
-        if (state->copy)
-                return 1;
        if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
                printf("cryptodev_digest_cleanup: failed to close session\n");
                ret = 0;
        } else {
                ret = 1;
        }
-        close(state->d_fd);     
+        put_dev_crypto(state->d_fd);    
        state->d_fd = -1;
        return (ret);
@@ -816,15 +823,39 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
 {
        struct dev_crypto_state *fstate = from->md_data;
        struct dev_crypto_state *dstate = to->md_data;
+        struct session_op *sess;
+        int digest;
-        memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+        if (dstate == NULL || fstate == NULL)
+          return 1;
-        if (fstate->mac_len != 0) {
+        memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
-                dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
-                memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+        sess = &dstate->d_sess;
+        digest = digest_nid_to_cryptodev(to->digest->type);
+        sess->mackey = dstate->dummy_mac_key;
+        sess->mackeylen = digest_key_length(to->digest->type);
+        sess->mac = digest;
+        dstate->d_fd = get_dev_crypto();
+        if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
+                put_dev_crypto(dstate->d_fd);
+                dstate->d_fd = -1;
+                printf("cryptodev_digest_init: Open session failed\n");
+                return (0);
        }
-        dstate->copy = 1;
+        if (fstate->mac_len != 0) {
+                if (fstate->mac_data != NULL)
+                        {
+                        dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+                        memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+                        dstate->mac_len = fstate->mac_len;
+                        }
+        }
        return 1;
 }
@@ -1347,11 +1378,11 @@ ENGINE_load_cryptodev(void)
         * find out what asymmetric crypto algorithms we support
         */
        if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
-                close(fd);
+                put_dev_crypto(fd);
                ENGINE_free(engine);
                return;
        }
-        close(fd);
+        put_dev_crypto(fd);
        if (!ENGINE_set_id(engine, "cryptodev") ||
            !ENGINE_set_name(engine, "BSD cryptodev engine") ||
author	djm <>	2012-10-13 21:23:58 +0000
committer	djm <>	2012-10-13 21:23:58 +0000
commit	adb31f466163d59ad933cf9d299ce6c610f1cff3 (patch)
tree	cfb338ea736543eb88bd6c3f56f007ecb05dce51 /src/lib/libcrypto/engine
parent	767ddad28eb81a703656eed39ed362c83ac9e20a (diff)
download	openbsd-adb31f466163d59ad933cf9d299ce6c610f1cff3.tar.gz openbsd-adb31f466163d59ad933cf9d299ce6c610f1cff3.tar.bz2 openbsd-adb31f466163d59ad933cf9d299ce6c610f1cff3.zip

diff --git a/src/lib/libcrypto/engine/Makefile b/src/lib/libcrypto/engine/Makefile index 9c214824eb..d29bdd09a0 100644 --- a/src/lib/libcrypto/engine/Makefile +++ b/src/lib/libcrypto/engine/Makefile
@@ -21,12 +21,14 @@ LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
21	eng_table.c eng_pkey.c eng_fat.c eng_all.c \	21	eng_table.c eng_pkey.c eng_fat.c eng_all.c \
22	tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \	22	tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
23	tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \	23	tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \
24	eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c	24	eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
		25	eng_rsax.c eng_rdrand.c
25	LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \	26	LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
26	eng_table.o eng_pkey.o eng_fat.o eng_all.o \	27	eng_table.o eng_pkey.o eng_fat.o eng_all.o \
27	tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \	28	tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
28	tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \	29	tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \
29	eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o	30	eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
		31	eng_rsax.o eng_rdrand.o
30		32
31	SRC= $(LIBSRC)	33	SRC= $(LIBSRC)
32		34
@@ -249,6 +251,34 @@ eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
249	eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h	251	eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
250	eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h	252	eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
251	eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c	253	eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c
		254	eng_rdrand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
		255	eng_rdrand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
		256	eng_rdrand.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
		257	eng_rdrand.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
		258	eng_rdrand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
		259	eng_rdrand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
		260	eng_rdrand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
		261	eng_rdrand.o: ../../include/openssl/opensslconf.h
		262	eng_rdrand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
		263	eng_rdrand.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
		264	eng_rdrand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
		265	eng_rdrand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
		266	eng_rdrand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
		267	eng_rdrand.o: eng_rdrand.c
		268	eng_rsax.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
		269	eng_rsax.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
		270	eng_rsax.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
		271	eng_rsax.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
		272	eng_rsax.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
		273	eng_rsax.o: ../../include/openssl/err.h ../../include/openssl/evp.h
		274	eng_rsax.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
		275	eng_rsax.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
		276	eng_rsax.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
		277	eng_rsax.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
		278	eng_rsax.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
		279	eng_rsax.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
		280	eng_rsax.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
		281	eng_rsax.o: eng_rsax.c
252	eng_table.o: ../../e_os.h ../../include/openssl/asn1.h	282	eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
253	eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h	283	eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
254	eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h	284	eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h


diff --git a/src/lib/libcrypto/engine/eng_cryptodev.c b/src/lib/libcrypto/engine/eng_cryptodev.c index 52f4ca3901..5a715aca4f 100644 --- a/src/lib/libcrypto/engine/eng_cryptodev.c +++ b/src/lib/libcrypto/engine/eng_cryptodev.c
@@ -79,8 +79,6 @@ struct dev_crypto_state {
79	unsigned char digest_res[HASH_MAX_LEN];	79	unsigned char digest_res[HASH_MAX_LEN];
80	char *mac_data;	80	char *mac_data;
81	int mac_len;	81	int mac_len;
82
83	int copy;
84	#endif	82	#endif
85	};	83	};
86		84
@@ -200,6 +198,7 @@ get_dev_crypto(void)
200		198
201	if ((fd = open_dev_crypto()) == -1)	199	if ((fd = open_dev_crypto()) == -1)
202	return (-1);	200	return (-1);
		201	#ifndef CRIOGET_NOT_NEEDED
203	if (ioctl(fd, CRIOGET, &retfd) == -1)	202	if (ioctl(fd, CRIOGET, &retfd) == -1)
204	return (-1);	203	return (-1);
205		204
@@ -208,9 +207,19 @@ get_dev_crypto(void)
208	close(retfd);	207	close(retfd);
209	return (-1);	208	return (-1);
210	}	209	}
		210	#else
		211	retfd = fd;
		212	#endif
211	return (retfd);	213	return (retfd);
212	}	214	}
213		215
		216	static void put_dev_crypto(int fd)
		217	{
		218	#ifndef CRIOGET_NOT_NEEDED
		219	close(fd);
		220	#endif
		221	}
		222
214	/* Caching version for asym operations */	223	/* Caching version for asym operations */
215	static int	224	static int
216	get_asym_dev_crypto(void)	225	get_asym_dev_crypto(void)
@@ -252,7 +261,7 @@ get_cryptodev_ciphers(const int **cnids)
252	ioctl(fd, CIOCFSESSION, &sess.ses) != -1)	261	ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
253	nids[count++] = ciphers[i].nid;	262	nids[count++] = ciphers[i].nid;
254	}	263	}
255	close(fd);	264	put_dev_crypto(fd);
256		265
257	if (count > 0)	266	if (count > 0)
258	*cnids = nids;	267	*cnids = nids;
@@ -291,7 +300,7 @@ get_cryptodev_digests(const int **cnids)
291	ioctl(fd, CIOCFSESSION, &sess.ses) != -1)	300	ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
292	nids[count++] = digests[i].nid;	301	nids[count++] = digests[i].nid;
293	}	302	}
294	close(fd);	303	put_dev_crypto(fd);
295		304
296	if (count > 0)	305	if (count > 0)
297	*cnids = nids;	306	*cnids = nids;
@@ -436,7 +445,7 @@ cryptodev_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
436	sess->cipher = cipher;	445	sess->cipher = cipher;
437		446
438	if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {	447	if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
439	close(state->d_fd);	448	put_dev_crypto(state->d_fd);
440	state->d_fd = -1;	449	state->d_fd = -1;
441	return (0);	450	return (0);
442	}	451	}
@@ -473,7 +482,7 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
473	} else {	482	} else {
474	ret = 1;	483	ret = 1;
475	}	484	}
476	close(state->d_fd);	485	put_dev_crypto(state->d_fd);
477	state->d_fd = -1;	486	state->d_fd = -1;
478		487
479	return (ret);	488	return (ret);
@@ -686,7 +695,7 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
686	sess->mac = digest;	695	sess->mac = digest;
687		696
688	if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {	697	if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
689	close(state->d_fd);	698	put_dev_crypto(state->d_fd);
690	state->d_fd = -1;	699	state->d_fd = -1;
691	printf("cryptodev_digest_init: Open session failed\n");	700	printf("cryptodev_digest_init: Open session failed\n");
692	return (0);	701	return (0);
@@ -758,14 +767,12 @@ static int cryptodev_digest_final(EVP_MD_CTX ctx, unsigned char md)
758	if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {	767	if (! (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) ) {
759	/* if application doesn't support one buffer */	768	/* if application doesn't support one buffer */
760	memset(&cryp, 0, sizeof(cryp));	769	memset(&cryp, 0, sizeof(cryp));
761
762	cryp.ses = sess->ses;	770	cryp.ses = sess->ses;
763	cryp.flags = 0;	771	cryp.flags = 0;
764	cryp.len = state->mac_len;	772	cryp.len = state->mac_len;
765	cryp.src = state->mac_data;	773	cryp.src = state->mac_data;
766	cryp.dst = NULL;	774	cryp.dst = NULL;
767	cryp.mac = (caddr_t)md;	775	cryp.mac = (caddr_t)md;
768
769	if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {	776	if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
770	printf("cryptodev_digest_final: digest failed\n");	777	printf("cryptodev_digest_final: digest failed\n");
771	return (0);	778	return (0);
@@ -786,6 +793,9 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
786	struct dev_crypto_state *state = ctx->md_data;	793	struct dev_crypto_state *state = ctx->md_data;
787	struct session_op *sess = &state->d_sess;	794	struct session_op *sess = &state->d_sess;
788		795
		796	if (state == NULL)
		797	return 0;
		798
789	if (state->d_fd < 0) {	799	if (state->d_fd < 0) {
790	printf("cryptodev_digest_cleanup: illegal input\n");	800	printf("cryptodev_digest_cleanup: illegal input\n");
791	return (0);	801	return (0);
@@ -797,16 +807,13 @@ static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
797	state->mac_len = 0;	807	state->mac_len = 0;
798	}	808	}
799		809
800	if (state->copy)
801	return 1;
802
803	if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {	810	if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
804	printf("cryptodev_digest_cleanup: failed to close session\n");	811	printf("cryptodev_digest_cleanup: failed to close session\n");
805	ret = 0;	812	ret = 0;
806	} else {	813	} else {
807	ret = 1;	814	ret = 1;
808	}	815	}
809	close(state->d_fd);	816	put_dev_crypto(state->d_fd);
810	state->d_fd = -1;	817	state->d_fd = -1;
811		818
812	return (ret);	819	return (ret);
@@ -816,15 +823,39 @@ static int cryptodev_digest_copy(EVP_MD_CTX to,const EVP_MD_CTX from)
816	{	823	{
817	struct dev_crypto_state *fstate = from->md_data;	824	struct dev_crypto_state *fstate = from->md_data;
818	struct dev_crypto_state *dstate = to->md_data;	825	struct dev_crypto_state *dstate = to->md_data;
		826	struct session_op *sess;
		827	int digest;
819		828
820	memcpy(dstate, fstate, sizeof(struct dev_crypto_state));	829	if (dstate == NULL \|\| fstate == NULL)
		830	return 1;
821		831
822	if (fstate->mac_len != 0) {	832	memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
823	dstate->mac_data = OPENSSL_malloc(fstate->mac_len);	833
824	memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);	834	sess = &dstate->d_sess;
		835
		836	digest = digest_nid_to_cryptodev(to->digest->type);
		837
		838	sess->mackey = dstate->dummy_mac_key;
		839	sess->mackeylen = digest_key_length(to->digest->type);
		840	sess->mac = digest;
		841
		842	dstate->d_fd = get_dev_crypto();
		843
		844	if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
		845	put_dev_crypto(dstate->d_fd);
		846	dstate->d_fd = -1;
		847	printf("cryptodev_digest_init: Open session failed\n");
		848	return (0);
825	}	849	}
826		850
827	dstate->copy = 1;	851	if (fstate->mac_len != 0) {
		852	if (fstate->mac_data != NULL)
		853	{
		854	dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
		855	memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
		856	dstate->mac_len = fstate->mac_len;
		857	}
		858	}
828		859
829	return 1;	860	return 1;
830	}	861	}
@@ -1347,11 +1378,11 @@ ENGINE_load_cryptodev(void)
1347	* find out what asymmetric crypto algorithms we support	1378	* find out what asymmetric crypto algorithms we support
1348	*/	1379	*/
1349	if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {	1380	if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
1350	close(fd);	1381	put_dev_crypto(fd);
1351	ENGINE_free(engine);	1382	ENGINE_free(engine);
1352	return;	1383	return;
1353	}	1384	}
1354	close(fd);	1385	put_dev_crypto(fd);
1355		1386
1356	if (!ENGINE_set_id(engine, "cryptodev") \|\|	1387	if (!ENGINE_set_id(engine, "cryptodev") \|\|
1357	!ENGINE_set_name(engine, "BSD cryptodev engine") \|\|	1388	!ENGINE_set_name(engine, "BSD cryptodev engine") \|\|