diff options
| author | angelos <> | 2002-06-09 00:43:30 +0000 |
|---|---|---|
| committer | angelos <> | 2002-06-09 00:43:30 +0000 |
| commit | 91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9 (patch) | |
| tree | 3165db718f5f7418f463dde02a472038a60c1717 /src/lib/libcrypto/engine | |
| parent | 7f7e8e0a38bb36e3986d0de97a01ab6c0fe3eb9e (diff) | |
| download | openbsd-91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9.tar.gz openbsd-91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9.tar.bz2 openbsd-91d5c7354f7baa9bb8a3b748b9c99fbd261a85a9.zip | |
Pass the right arguments for RSA, DSA, and modexp operations. Fix the
translation between the crypto framework's format and the BN structure.
Diffstat (limited to 'src/lib/libcrypto/engine')
| -rw-r--r-- | src/lib/libcrypto/engine/hw_cryptodev.c | 67 |
1 files changed, 37 insertions, 30 deletions
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c index fe10381906..0a2279f4e3 100644 --- a/src/lib/libcrypto/engine/hw_cryptodev.c +++ b/src/lib/libcrypto/engine/hw_cryptodev.c | |||
| @@ -581,7 +581,7 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, | |||
| 581 | static int | 581 | static int |
| 582 | bn2crparam(const BIGNUM *a, struct crparam *crp) | 582 | bn2crparam(const BIGNUM *a, struct crparam *crp) |
| 583 | { | 583 | { |
| 584 | int i, j, n; | 584 | int i, j, k; |
| 585 | ssize_t words, bytes, bits; | 585 | ssize_t words, bytes, bits; |
| 586 | u_char *b; | 586 | u_char *b; |
| 587 | 587 | ||
| @@ -598,17 +598,13 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) | |||
| 598 | crp->crp_p = b; | 598 | crp->crp_p = b; |
| 599 | crp->crp_nbits = bits; | 599 | crp->crp_nbits = bits; |
| 600 | 600 | ||
| 601 | words = (bits + BN_BITS2 - 1) / BN_BITS2; | 601 | for (i = 0, j = 0; i < a->top; i++) { |
| 602 | 602 | for (k = 0; k < BN_BITS2 / 8; k++) { | |
| 603 | n = 0; | 603 | if ((j + k) >= bytes) |
| 604 | for (i = 0; i < words && n < bytes; i++) { | 604 | return (0); |
| 605 | BN_ULONG word; | 605 | b[j + k] = a->d[i] >> (k * 8); |
| 606 | |||
| 607 | word = a->d[i]; | ||
| 608 | for (j = 0 ; j < BN_BYTES && n < bytes; j++, n++) { | ||
| 609 | *b++ = (word & 0xff); | ||
| 610 | word >>= 8; | ||
| 611 | } | 606 | } |
| 607 | j += BN_BITS2 / 8; | ||
| 612 | } | 608 | } |
| 613 | return (0); | 609 | return (0); |
| 614 | } | 610 | } |
| @@ -617,15 +613,22 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) | |||
| 617 | static int | 613 | static int |
| 618 | crparam2bn(struct crparam *crp, BIGNUM *a) | 614 | crparam2bn(struct crparam *crp, BIGNUM *a) |
| 619 | { | 615 | { |
| 616 | u_int8_t *pd; | ||
| 620 | int i, bytes; | 617 | int i, bytes; |
| 621 | 618 | ||
| 622 | bytes = (crp->crp_nbits + 7)/8; | 619 | bytes = (crp->crp_nbits + 7) / 8; |
| 623 | 620 | ||
| 624 | BN_zero(a); | 621 | if (bytes == 0) |
| 625 | for (i = bytes - 1; i >= 0; i--) { | 622 | return (-1); |
| 626 | BN_lshift(a, a, 8); | 623 | |
| 627 | BN_add_word(a, (u_char)crp->crp_p[i]); | 624 | if ((pd = (u_int8_t *) malloc(bytes)) == NULL) |
| 628 | } | 625 | return (-1); |
| 626 | |||
| 627 | for (i = 0; i < bytes; i++) | ||
| 628 | pd[i] = crp->crp_p[bytes - i - 1]; | ||
| 629 | |||
| 630 | BN_bin2bn(pd, bytes, a); | ||
| 631 | free(pd); | ||
| 629 | 632 | ||
| 630 | return (0); | 633 | return (0); |
| 631 | } | 634 | } |
| @@ -644,23 +647,26 @@ zapparams(struct crypt_kop *kop) | |||
| 644 | } | 647 | } |
| 645 | 648 | ||
| 646 | static int | 649 | static int |
| 647 | cryptodev_sym(struct crypt_kop *kop, BIGNUM *r, BIGNUM *s) | 650 | cryptodev_sym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) |
| 648 | { | 651 | { |
| 649 | int ret = -1; | 652 | int ret = -1; |
| 650 | 653 | ||
| 651 | if (r) { | 654 | if (r) { |
| 652 | kop->crk_param[kop->crk_iparams].crp_p = malloc(256); | 655 | kop->crk_param[kop->crk_iparams].crp_p = malloc(rlen); |
| 653 | kop->crk_param[kop->crk_iparams].crp_nbits = 256 * 8; | 656 | kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; |
| 654 | kop->crk_oparams++; | 657 | kop->crk_oparams++; |
| 655 | } | 658 | } |
| 656 | if (s) { | 659 | if (s) { |
| 657 | kop->crk_param[kop->crk_iparams+1].crp_p = malloc(256); | 660 | kop->crk_param[kop->crk_iparams+1].crp_p = malloc(slen); |
| 658 | kop->crk_param[kop->crk_iparams+1].crp_nbits = 256 * 8; | 661 | kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; |
| 659 | kop->crk_oparams++; | 662 | kop->crk_oparams++; |
| 660 | } | 663 | } |
| 661 | 664 | ||
| 662 | if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { | 665 | if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { |
| 663 | crparam2bn(&kop->crk_param[3], r); | 666 | if (r) |
| 667 | crparam2bn(&kop->crk_param[3], r); | ||
| 668 | if (s) | ||
| 669 | crparam2bn(&kop->crk_param[4], s); | ||
| 664 | ret = 0; | 670 | ret = 0; |
| 665 | } | 671 | } |
| 666 | return (ret); | 672 | return (ret); |
| @@ -676,16 +682,16 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 676 | memset(&kop, 0, sizeof kop); | 682 | memset(&kop, 0, sizeof kop); |
| 677 | kop.crk_op = CRK_MOD_EXP; | 683 | kop.crk_op = CRK_MOD_EXP; |
| 678 | 684 | ||
| 679 | /* inputs: a m p */ | 685 | /* inputs: a^p % m */ |
| 680 | if (bn2crparam(a, &kop.crk_param[0])) | 686 | if (bn2crparam(a, &kop.crk_param[0])) |
| 681 | goto err; | 687 | goto err; |
| 682 | if (bn2crparam(m, &kop.crk_param[1])) | 688 | if (bn2crparam(p, &kop.crk_param[1])) |
| 683 | goto err; | 689 | goto err; |
| 684 | if (bn2crparam(p, &kop.crk_param[2])) | 690 | if (bn2crparam(m, &kop.crk_param[2])) |
| 685 | goto err; | 691 | goto err; |
| 686 | kop.crk_iparams = 3; | 692 | kop.crk_iparams = 3; |
| 687 | 693 | ||
| 688 | if (cryptodev_sym(&kop, r, NULL) == -1) { | 694 | if (cryptodev_sym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { |
| 689 | ret = BN_mod_exp(r, a, p, m, ctx); | 695 | ret = BN_mod_exp(r, a, p, m, ctx); |
| 690 | } | 696 | } |
| 691 | err: | 697 | err: |
| @@ -722,7 +728,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | |||
| 722 | goto err; | 728 | goto err; |
| 723 | kop.crk_iparams = 6; | 729 | kop.crk_iparams = 6; |
| 724 | 730 | ||
| 725 | if (cryptodev_sym(&kop, r0, NULL) == -1) { | 731 | if (cryptodev_sym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { |
| 726 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | 732 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
| 727 | 733 | ||
| 728 | ret = (*meth->rsa_mod_exp)(r0, I, rsa); | 734 | ret = (*meth->rsa_mod_exp)(r0, I, rsa); |
| @@ -785,7 +791,8 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
| 785 | goto err; | 791 | goto err; |
| 786 | kop.crk_iparams = 5; | 792 | kop.crk_iparams = 5; |
| 787 | 793 | ||
| 788 | if (cryptodev_sym(&kop, r, s) == 0) { | 794 | if (cryptodev_sym(&kop, BN_num_bytes(dsa->q), r, |
| 795 | BN_num_bytes(dsa->q), s) == 0) { | ||
| 789 | dsaret = DSA_SIG_new(); | 796 | dsaret = DSA_SIG_new(); |
| 790 | dsaret->r = r; | 797 | dsaret->r = r; |
| 791 | dsaret->s = s; | 798 | dsaret->s = s; |
| @@ -829,7 +836,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, | |||
| 829 | goto err; | 836 | goto err; |
| 830 | kop.crk_iparams = 7; | 837 | kop.crk_iparams = 7; |
| 831 | 838 | ||
| 832 | if (cryptodev_sym(&kop, NULL, NULL) == 0) { | 839 | if (cryptodev_sym(&kop, 0, NULL, 0, NULL) == 0) { |
| 833 | dsaret = kop.crk_status; | 840 | dsaret = kop.crk_status; |
| 834 | } else { | 841 | } else { |
| 835 | const DSA_METHOD *meth = DSA_OpenSSL(); | 842 | const DSA_METHOD *meth = DSA_OpenSSL(); |