diff options
| author | beck <> | 2002-06-11 11:18:44 +0000 |
|---|---|---|
| committer | beck <> | 2002-06-11 11:18:44 +0000 |
| commit | a359633ab5fea6e08cd7f0886274c69a601dee32 (patch) | |
| tree | b201817161e0d3bb11ca508d90cd9732132da2ae /src | |
| parent | 0ece15e0db8691cd0b32d116741d53bd50772910 (diff) | |
| download | openbsd-a359633ab5fea6e08cd7f0886274c69a601dee32.tar.gz openbsd-a359633ab5fea6e08cd7f0886274c69a601dee32.tar.bz2 openbsd-a359633ab5fea6e08cd7f0886274c69a601dee32.zip | |
Make asymmetric crypto work in userland
this will only be used if you both have a card that supports it
with a working driver and you set sysctl kern.userasymcrypto=1
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/engine/hw_cryptodev.c | 150 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/engine/hw_cryptodev.c | 150 |
2 files changed, 228 insertions, 72 deletions
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c index 0a2279f4e3..8f55798421 100644 --- a/src/lib/libcrypto/engine/hw_cryptodev.c +++ b/src/lib/libcrypto/engine/hw_cryptodev.c | |||
| @@ -42,10 +42,12 @@ | |||
| 42 | #include <ssl/objects.h> | 42 | #include <ssl/objects.h> |
| 43 | #include <ssl/engine.h> | 43 | #include <ssl/engine.h> |
| 44 | #include <ssl/evp.h> | 44 | #include <ssl/evp.h> |
| 45 | #include <errno.h> | ||
| 46 | #include <string.h> | ||
| 45 | 47 | ||
| 46 | static int cryptodev_fd = -1; | 48 | static int cryptodev_fd = -1; |
| 47 | static int cryptodev_sessions = 0; | 49 | static int cryptodev_sessions = 0; |
| 48 | static u_int32_t cryptodev_symfeat = 0; | 50 | static u_int32_t cryptodev_asymfeat = 0; |
| 49 | 51 | ||
| 50 | static int bn2crparam(const BIGNUM *a, struct crparam *crp); | 52 | static int bn2crparam(const BIGNUM *a, struct crparam *crp); |
| 51 | static int crparam2bn(struct crparam *crp, BIGNUM *a); | 53 | static int crparam2bn(struct crparam *crp, BIGNUM *a); |
| @@ -67,6 +69,10 @@ static int cryptodev_dh_compute_key(unsigned char *key, | |||
| 67 | const BIGNUM *pub_key, DH *dh); | 69 | const BIGNUM *pub_key, DH *dh); |
| 68 | 70 | ||
| 69 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | 71 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { |
| 72 | {ENGINE_CMD_BASE, | ||
| 73 | "SO_PATH", | ||
| 74 | "Specifies the path to the some stupid shared library", | ||
| 75 | ENGINE_CMD_FLAG_STRING}, | ||
| 70 | { 0, NULL, NULL, 0 } | 76 | { 0, NULL, NULL, 0 } |
| 71 | }; | 77 | }; |
| 72 | 78 | ||
| @@ -124,8 +130,6 @@ check_dev_crypto() | |||
| 124 | return (0); | 130 | return (0); |
| 125 | } | 131 | } |
| 126 | } | 132 | } |
| 127 | ioctl(cryptodev_fd, CIOCSYMFEAT, &cryptodev_symfeat); | ||
| 128 | |||
| 129 | return (1); | 133 | return (1); |
| 130 | } | 134 | } |
| 131 | 135 | ||
| @@ -260,6 +264,8 @@ get_cryptodev_digests(const int **cnids) | |||
| 260 | int | 264 | int |
| 261 | cryptodev_usable_ciphers(const int **nids) | 265 | cryptodev_usable_ciphers(const int **nids) |
| 262 | { | 266 | { |
| 267 | struct syslog_data sd = SYSLOG_DATA_INIT; | ||
| 268 | |||
| 263 | if (!check_dev_crypto()) { | 269 | if (!check_dev_crypto()) { |
| 264 | *nids = NULL; | 270 | *nids = NULL; |
| 265 | return (0); | 271 | return (0); |
| @@ -270,6 +276,14 @@ cryptodev_usable_ciphers(const int **nids) | |||
| 270 | * yet set up to do them | 276 | * yet set up to do them |
| 271 | */ | 277 | */ |
| 272 | return (get_cryptodev_ciphers(nids)); | 278 | return (get_cryptodev_ciphers(nids)); |
| 279 | |||
| 280 | /* | ||
| 281 | * find out what asymmetric crypto algorithms we support | ||
| 282 | */ | ||
| 283 | if (ioctl(cryptodev_fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { | ||
| 284 | syslog_r(LOG_ERR, &sd, "CIOCASYMFEAT failed (%m)"); | ||
| 285 | } | ||
| 286 | |||
| 273 | } | 287 | } |
| 274 | 288 | ||
| 275 | int | 289 | int |
| @@ -652,23 +666,23 @@ cryptodev_sym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | |||
| 652 | int ret = -1; | 666 | int ret = -1; |
| 653 | 667 | ||
| 654 | if (r) { | 668 | if (r) { |
| 655 | kop->crk_param[kop->crk_iparams].crp_p = malloc(rlen); | 669 | kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); |
| 656 | kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; | 670 | kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; |
| 657 | kop->crk_oparams++; | 671 | kop->crk_oparams++; |
| 658 | } | 672 | } |
| 659 | if (s) { | 673 | if (s) { |
| 660 | kop->crk_param[kop->crk_iparams+1].crp_p = malloc(slen); | 674 | kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); |
| 661 | kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; | 675 | kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; |
| 662 | kop->crk_oparams++; | 676 | kop->crk_oparams++; |
| 663 | } | 677 | } |
| 664 | 678 | ||
| 665 | if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { | 679 | if (ioctl(cryptodev_fd, CIOCKEY, kop) == 0) { |
| 666 | if (r) | 680 | if (r) |
| 667 | crparam2bn(&kop->crk_param[3], r); | 681 | crparam2bn(&kop->crk_param[kop->crk_iparams], r); |
| 668 | if (s) | 682 | if (s) |
| 669 | crparam2bn(&kop->crk_param[4], s); | 683 | crparam2bn(&kop->crk_param[kop->crk_iparams+1], s); |
| 670 | ret = 0; | 684 | ret = 0; |
| 671 | } | 685 | } |
| 672 | return (ret); | 686 | return (ret); |
| 673 | } | 687 | } |
| 674 | 688 | ||
| @@ -677,8 +691,17 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 677 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | 691 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) |
| 678 | { | 692 | { |
| 679 | struct crypt_kop kop; | 693 | struct crypt_kop kop; |
| 680 | int ret = 0; | 694 | int ret = 1; |
| 695 | |||
| 696 | /* Currently, we know we can do mod exp iff we can do any | ||
| 697 | * asymmetric operations at all. | ||
| 698 | */ | ||
| 699 | if (cryptodev_asymfeat == 0) { | ||
| 700 | ret = BN_mod_exp(r, a, p, m, ctx); | ||
| 701 | return (ret); | ||
| 702 | } | ||
| 681 | 703 | ||
| 704 | |||
| 682 | memset(&kop, 0, sizeof kop); | 705 | memset(&kop, 0, sizeof kop); |
| 683 | kop.crk_op = CRK_MOD_EXP; | 706 | kop.crk_op = CRK_MOD_EXP; |
| 684 | 707 | ||
| @@ -692,23 +715,35 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 692 | kop.crk_iparams = 3; | 715 | kop.crk_iparams = 3; |
| 693 | 716 | ||
| 694 | if (cryptodev_sym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { | 717 | if (cryptodev_sym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { |
| 695 | ret = BN_mod_exp(r, a, p, m, ctx); | 718 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
| 719 | ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); | ||
| 696 | } | 720 | } |
| 697 | err: | 721 | err: |
| 698 | zapparams(&kop); | 722 | zapparams(&kop); |
| 699 | return (ret); | 723 | return (ret); |
| 700 | } | 724 | } |
| 701 | 725 | ||
| 726 | static int | ||
| 727 | cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||
| 728 | { | ||
| 729 | int r; | ||
| 730 | BN_CTX *ctx; | ||
| 731 | |||
| 732 | ctx = BN_CTX_new(); | ||
| 733 | r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); | ||
| 734 | BN_CTX_free(ctx); | ||
| 735 | return (r); | ||
| 736 | } | ||
| 702 | 737 | ||
| 703 | static int | 738 | static int |
| 704 | cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | 739 | cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) |
| 705 | { | 740 | { |
| 706 | struct crypt_kop kop; | 741 | struct crypt_kop kop; |
| 707 | int ret = 0; | 742 | int ret = 1; |
| 708 | 743 | ||
| 709 | if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { | 744 | if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { |
| 710 | /* XXX 0 means failure?? */ | 745 | /* XXX 0 means failure?? */ |
| 711 | goto err; | 746 | return (0); |
| 712 | } | 747 | } |
| 713 | 748 | ||
| 714 | memset(&kop, 0, sizeof kop); | 749 | memset(&kop, 0, sizeof kop); |
| @@ -730,7 +765,6 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | |||
| 730 | 765 | ||
| 731 | if (cryptodev_sym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { | 766 | if (cryptodev_sym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { |
| 732 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | 767 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
| 733 | |||
| 734 | ret = (*meth->rsa_mod_exp)(r0, I, rsa); | 768 | ret = (*meth->rsa_mod_exp)(r0, I, rsa); |
| 735 | } | 769 | } |
| 736 | err: | 770 | err: |
| @@ -744,8 +778,8 @@ static RSA_METHOD cryptodev_rsa = { | |||
| 744 | NULL, /* rsa_pub_dec */ | 778 | NULL, /* rsa_pub_dec */ |
| 745 | NULL, /* rsa_priv_enc */ | 779 | NULL, /* rsa_priv_enc */ |
| 746 | NULL, /* rsa_priv_dec */ | 780 | NULL, /* rsa_priv_dec */ |
| 747 | cryptodev_rsa_mod_exp, /* rsa_mod_exp */ | 781 | NULL, |
| 748 | cryptodev_bn_mod_exp, /* bn_mod_exp */ | 782 | NULL, |
| 749 | NULL, /* init */ | 783 | NULL, /* init */ |
| 750 | NULL, /* finish */ | 784 | NULL, /* finish */ |
| 751 | 0, /* flags */ | 785 | 0, /* flags */ |
| @@ -798,7 +832,6 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
| 798 | dsaret->s = s; | 832 | dsaret->s = s; |
| 799 | } else { | 833 | } else { |
| 800 | const DSA_METHOD *meth = DSA_OpenSSL(); | 834 | const DSA_METHOD *meth = DSA_OpenSSL(); |
| 801 | |||
| 802 | BN_free(r); | 835 | BN_free(r); |
| 803 | BN_free(s); | 836 | BN_free(s); |
| 804 | dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | 837 | dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); |
| @@ -814,7 +847,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, | |||
| 814 | DSA_SIG *sig, DSA *dsa) | 847 | DSA_SIG *sig, DSA *dsa) |
| 815 | { | 848 | { |
| 816 | struct crypt_kop kop; | 849 | struct crypt_kop kop; |
| 817 | int dsaret = 0; | 850 | int dsaret = 1; |
| 818 | 851 | ||
| 819 | memset(&kop, 0, sizeof kop); | 852 | memset(&kop, 0, sizeof kop); |
| 820 | kop.crk_op = CRK_DSA_VERIFY; | 853 | kop.crk_op = CRK_DSA_VERIFY; |
| @@ -849,13 +882,14 @@ err: | |||
| 849 | return (dsaret); | 882 | return (dsaret); |
| 850 | } | 883 | } |
| 851 | 884 | ||
| 885 | |||
| 852 | static DSA_METHOD cryptodev_dsa = { | 886 | static DSA_METHOD cryptodev_dsa = { |
| 853 | "cryptodev DSA method", | 887 | "cryptodev DSA method", |
| 854 | cryptodev_dsa_do_sign, | 888 | NULL, |
| 855 | NULL, /* dsa_sign_setup */ | 889 | NULL, /* dsa_sign_setup */ |
| 856 | cryptodev_dsa_verify, | 890 | NULL, |
| 857 | NULL, /* dsa_mod_exp */ | 891 | NULL, /* dsa_mod_exp */ |
| 858 | cryptodev_dsa_bn_mod_exp, /* bn_mod_exp */ | 892 | NULL, |
| 859 | NULL, /* init */ | 893 | NULL, /* init */ |
| 860 | NULL, /* finish */ | 894 | NULL, /* finish */ |
| 861 | 0, /* flags */ | 895 | 0, /* flags */ |
| @@ -874,7 +908,7 @@ static int | |||
| 874 | cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | 908 | cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) |
| 875 | { | 909 | { |
| 876 | struct crypt_kop kop; | 910 | struct crypt_kop kop; |
| 877 | int dhret = 0; | 911 | int dhret = 1; |
| 878 | int keylen; | 912 | int keylen; |
| 879 | 913 | ||
| 880 | keylen = BN_num_bits(dh->p); | 914 | keylen = BN_num_bits(dh->p); |
| @@ -909,8 +943,8 @@ err: | |||
| 909 | static DH_METHOD cryptodev_dh = { | 943 | static DH_METHOD cryptodev_dh = { |
| 910 | "cryptodev DH method", | 944 | "cryptodev DH method", |
| 911 | NULL, /* cryptodev_dh_generate_key */ | 945 | NULL, /* cryptodev_dh_generate_key */ |
| 912 | cryptodev_dh_compute_key, | 946 | NULL, |
| 913 | cryptodev_mod_exp_dh, | 947 | NULL, |
| 914 | NULL, | 948 | NULL, |
| 915 | NULL, | 949 | NULL, |
| 916 | 0, /* flags */ | 950 | 0, /* flags */ |
| @@ -939,12 +973,24 @@ void | |||
| 939 | ENGINE_load_cryptodev(void) | 973 | ENGINE_load_cryptodev(void) |
| 940 | { | 974 | { |
| 941 | ENGINE *engine = ENGINE_new(); | 975 | ENGINE *engine = ENGINE_new(); |
| 942 | const RSA_METHOD *rsa_meth; | 976 | struct syslog_data sd = SYSLOG_DATA_INIT; |
| 943 | const DH_METHOD *dh_meth; | ||
| 944 | 977 | ||
| 945 | if (engine == NULL) | 978 | if (engine == NULL) |
| 946 | return; | 979 | return; |
| 947 | 980 | ||
| 981 | |||
| 982 | if (!check_dev_crypto()) { | ||
| 983 | return; | ||
| 984 | } | ||
| 985 | |||
| 986 | /* | ||
| 987 | * find out what asymmetric crypto algorithms we support | ||
| 988 | */ | ||
| 989 | if (ioctl(cryptodev_fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { | ||
| 990 | syslog_r(LOG_ERR, &sd, "CIOCASYMFEAT failed (%m)"); | ||
| 991 | return; | ||
| 992 | } | ||
| 993 | |||
| 948 | if (!ENGINE_set_id(engine, "cryptodev") || | 994 | if (!ENGINE_set_id(engine, "cryptodev") || |
| 949 | !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || | 995 | !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || |
| 950 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | 996 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || |
| @@ -955,26 +1001,58 @@ ENGINE_load_cryptodev(void) | |||
| 955 | return; | 1001 | return; |
| 956 | } | 1002 | } |
| 957 | 1003 | ||
| 958 | if ((cryptodev_symfeat & CRSFEAT_RSA) && | 1004 | if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { |
| 959 | ENGINE_set_RSA(engine, &cryptodev_rsa)) { | 1005 | const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); |
| 960 | rsa_meth = RSA_PKCS1_SSLeay(); | 1006 | |
| 1007 | cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; | ||
| 1008 | cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; | ||
| 961 | cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; | 1009 | cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; |
| 962 | cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; | 1010 | cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; |
| 963 | cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_dec; | 1011 | cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; |
| 964 | cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; | 1012 | cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; |
| 1013 | if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
| 1014 | cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; | ||
| 1015 | if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) | ||
| 1016 | cryptodev_rsa.rsa_mod_exp = | ||
| 1017 | cryptodev_rsa_mod_exp; | ||
| 1018 | else | ||
| 1019 | cryptodev_rsa.rsa_mod_exp = | ||
| 1020 | cryptodev_rsa_nocrt_mod_exp; | ||
| 1021 | } | ||
| 965 | } | 1022 | } |
| 966 | 1023 | ||
| 967 | if ((cryptodev_symfeat & CRSFEAT_DSA) && | 1024 | #if 0 |
| 968 | ENGINE_set_DSA(engine, &cryptodev_dsa)) { | 1025 | /* dsa is currently busted. */ |
| 1026 | if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { | ||
| 1027 | const DSA_METHOD *meth = DSA_OpenSSL(); | ||
| 1028 | |||
| 1029 | cryptodev_dsa.dsa_do_sign = meth->dsa_do_sign; | ||
| 1030 | cryptodev_dsa.dsa_do_verify = meth->dsa_do_verify; | ||
| 1031 | cryptodev_dsa.bn_mod_exp = meth->bn_mod_exp; | ||
| 1032 | if (cryptodev_asymfeat & CRF_DSA_SIGN) | ||
| 1033 | cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; | ||
| 1034 | if (cryptodev_asymfeat & CRF_DSA_VERIFY) | ||
| 1035 | cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; | ||
| 1036 | if (cryptodev_asymfeat & CRF_MOD_EXP) | ||
| 1037 | cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; | ||
| 969 | } | 1038 | } |
| 1039 | #endif | ||
| 1040 | |||
| 1041 | |||
| 1042 | if (ENGINE_set_DH(engine, &cryptodev_dh)){ | ||
| 1043 | const DH_METHOD *dh_meth = DH_OpenSSL(); | ||
| 970 | 1044 | ||
| 971 | if ((cryptodev_symfeat & CRSFEAT_DH) && | ||
| 972 | ENGINE_set_DH(engine, &cryptodev_dh)) { | ||
| 973 | dh_meth = DH_OpenSSL(); | ||
| 974 | cryptodev_dh.generate_key = dh_meth->generate_key; | 1045 | cryptodev_dh.generate_key = dh_meth->generate_key; |
| 975 | cryptodev_dh.compute_key = dh_meth->compute_key; | 1046 | cryptodev_dh.compute_key = dh_meth->compute_key; |
| 1047 | cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; | ||
| 1048 | if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
| 1049 | cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; | ||
| 1050 | if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) | ||
| 1051 | cryptodev_dh.compute_key = | ||
| 1052 | cryptodev_dh_compute_key; | ||
| 1053 | } | ||
| 976 | } | 1054 | } |
| 977 | 1055 | ||
| 978 | ENGINE_add(engine); | 1056 | ENGINE_add(engine); |
| 979 | ENGINE_free(engine); | 1057 | ENGINE_free(engine); |
| 980 | ERR_clear_error(); | 1058 | ERR_clear_error(); |
diff --git a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c index 0a2279f4e3..8f55798421 100644 --- a/src/lib/libssl/src/crypto/engine/hw_cryptodev.c +++ b/src/lib/libssl/src/crypto/engine/hw_cryptodev.c | |||
| @@ -42,10 +42,12 @@ | |||
| 42 | #include <ssl/objects.h> | 42 | #include <ssl/objects.h> |
| 43 | #include <ssl/engine.h> | 43 | #include <ssl/engine.h> |
| 44 | #include <ssl/evp.h> | 44 | #include <ssl/evp.h> |
| 45 | #include <errno.h> | ||
| 46 | #include <string.h> | ||
| 45 | 47 | ||
| 46 | static int cryptodev_fd = -1; | 48 | static int cryptodev_fd = -1; |
| 47 | static int cryptodev_sessions = 0; | 49 | static int cryptodev_sessions = 0; |
| 48 | static u_int32_t cryptodev_symfeat = 0; | 50 | static u_int32_t cryptodev_asymfeat = 0; |
| 49 | 51 | ||
| 50 | static int bn2crparam(const BIGNUM *a, struct crparam *crp); | 52 | static int bn2crparam(const BIGNUM *a, struct crparam *crp); |
| 51 | static int crparam2bn(struct crparam *crp, BIGNUM *a); | 53 | static int crparam2bn(struct crparam *crp, BIGNUM *a); |
| @@ -67,6 +69,10 @@ static int cryptodev_dh_compute_key(unsigned char *key, | |||
| 67 | const BIGNUM *pub_key, DH *dh); | 69 | const BIGNUM *pub_key, DH *dh); |
| 68 | 70 | ||
| 69 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { | 71 | static const ENGINE_CMD_DEFN cryptodev_defns[] = { |
| 72 | {ENGINE_CMD_BASE, | ||
| 73 | "SO_PATH", | ||
| 74 | "Specifies the path to the some stupid shared library", | ||
| 75 | ENGINE_CMD_FLAG_STRING}, | ||
| 70 | { 0, NULL, NULL, 0 } | 76 | { 0, NULL, NULL, 0 } |
| 71 | }; | 77 | }; |
| 72 | 78 | ||
| @@ -124,8 +130,6 @@ check_dev_crypto() | |||
| 124 | return (0); | 130 | return (0); |
| 125 | } | 131 | } |
| 126 | } | 132 | } |
| 127 | ioctl(cryptodev_fd, CIOCSYMFEAT, &cryptodev_symfeat); | ||
| 128 | |||
| 129 | return (1); | 133 | return (1); |
| 130 | } | 134 | } |
| 131 | 135 | ||
| @@ -260,6 +264,8 @@ get_cryptodev_digests(const int **cnids) | |||
| 260 | int | 264 | int |
| 261 | cryptodev_usable_ciphers(const int **nids) | 265 | cryptodev_usable_ciphers(const int **nids) |
| 262 | { | 266 | { |
| 267 | struct syslog_data sd = SYSLOG_DATA_INIT; | ||
| 268 | |||
| 263 | if (!check_dev_crypto()) { | 269 | if (!check_dev_crypto()) { |
| 264 | *nids = NULL; | 270 | *nids = NULL; |
| 265 | return (0); | 271 | return (0); |
| @@ -270,6 +276,14 @@ cryptodev_usable_ciphers(const int **nids) | |||
| 270 | * yet set up to do them | 276 | * yet set up to do them |
| 271 | */ | 277 | */ |
| 272 | return (get_cryptodev_ciphers(nids)); | 278 | return (get_cryptodev_ciphers(nids)); |
| 279 | |||
| 280 | /* | ||
| 281 | * find out what asymmetric crypto algorithms we support | ||
| 282 | */ | ||
| 283 | if (ioctl(cryptodev_fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { | ||
| 284 | syslog_r(LOG_ERR, &sd, "CIOCASYMFEAT failed (%m)"); | ||
| 285 | } | ||
| 286 | |||
| 273 | } | 287 | } |
| 274 | 288 | ||
| 275 | int | 289 | int |
| @@ -652,23 +666,23 @@ cryptodev_sym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) | |||
| 652 | int ret = -1; | 666 | int ret = -1; |
| 653 | 667 | ||
| 654 | if (r) { | 668 | if (r) { |
| 655 | kop->crk_param[kop->crk_iparams].crp_p = malloc(rlen); | 669 | kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); |
| 656 | kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; | 670 | kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; |
| 657 | kop->crk_oparams++; | 671 | kop->crk_oparams++; |
| 658 | } | 672 | } |
| 659 | if (s) { | 673 | if (s) { |
| 660 | kop->crk_param[kop->crk_iparams+1].crp_p = malloc(slen); | 674 | kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); |
| 661 | kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; | 675 | kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; |
| 662 | kop->crk_oparams++; | 676 | kop->crk_oparams++; |
| 663 | } | 677 | } |
| 664 | 678 | ||
| 665 | if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { | 679 | if (ioctl(cryptodev_fd, CIOCKEY, kop) == 0) { |
| 666 | if (r) | 680 | if (r) |
| 667 | crparam2bn(&kop->crk_param[3], r); | 681 | crparam2bn(&kop->crk_param[kop->crk_iparams], r); |
| 668 | if (s) | 682 | if (s) |
| 669 | crparam2bn(&kop->crk_param[4], s); | 683 | crparam2bn(&kop->crk_param[kop->crk_iparams+1], s); |
| 670 | ret = 0; | 684 | ret = 0; |
| 671 | } | 685 | } |
| 672 | return (ret); | 686 | return (ret); |
| 673 | } | 687 | } |
| 674 | 688 | ||
| @@ -677,8 +691,17 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 677 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) | 691 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) |
| 678 | { | 692 | { |
| 679 | struct crypt_kop kop; | 693 | struct crypt_kop kop; |
| 680 | int ret = 0; | 694 | int ret = 1; |
| 695 | |||
| 696 | /* Currently, we know we can do mod exp iff we can do any | ||
| 697 | * asymmetric operations at all. | ||
| 698 | */ | ||
| 699 | if (cryptodev_asymfeat == 0) { | ||
| 700 | ret = BN_mod_exp(r, a, p, m, ctx); | ||
| 701 | return (ret); | ||
| 702 | } | ||
| 681 | 703 | ||
| 704 | |||
| 682 | memset(&kop, 0, sizeof kop); | 705 | memset(&kop, 0, sizeof kop); |
| 683 | kop.crk_op = CRK_MOD_EXP; | 706 | kop.crk_op = CRK_MOD_EXP; |
| 684 | 707 | ||
| @@ -692,23 +715,35 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||
| 692 | kop.crk_iparams = 3; | 715 | kop.crk_iparams = 3; |
| 693 | 716 | ||
| 694 | if (cryptodev_sym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { | 717 | if (cryptodev_sym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { |
| 695 | ret = BN_mod_exp(r, a, p, m, ctx); | 718 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
| 719 | ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); | ||
| 696 | } | 720 | } |
| 697 | err: | 721 | err: |
| 698 | zapparams(&kop); | 722 | zapparams(&kop); |
| 699 | return (ret); | 723 | return (ret); |
| 700 | } | 724 | } |
| 701 | 725 | ||
| 726 | static int | ||
| 727 | cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||
| 728 | { | ||
| 729 | int r; | ||
| 730 | BN_CTX *ctx; | ||
| 731 | |||
| 732 | ctx = BN_CTX_new(); | ||
| 733 | r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); | ||
| 734 | BN_CTX_free(ctx); | ||
| 735 | return (r); | ||
| 736 | } | ||
| 702 | 737 | ||
| 703 | static int | 738 | static int |
| 704 | cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | 739 | cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) |
| 705 | { | 740 | { |
| 706 | struct crypt_kop kop; | 741 | struct crypt_kop kop; |
| 707 | int ret = 0; | 742 | int ret = 1; |
| 708 | 743 | ||
| 709 | if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { | 744 | if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { |
| 710 | /* XXX 0 means failure?? */ | 745 | /* XXX 0 means failure?? */ |
| 711 | goto err; | 746 | return (0); |
| 712 | } | 747 | } |
| 713 | 748 | ||
| 714 | memset(&kop, 0, sizeof kop); | 749 | memset(&kop, 0, sizeof kop); |
| @@ -730,7 +765,6 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | |||
| 730 | 765 | ||
| 731 | if (cryptodev_sym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { | 766 | if (cryptodev_sym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { |
| 732 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | 767 | const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
| 733 | |||
| 734 | ret = (*meth->rsa_mod_exp)(r0, I, rsa); | 768 | ret = (*meth->rsa_mod_exp)(r0, I, rsa); |
| 735 | } | 769 | } |
| 736 | err: | 770 | err: |
| @@ -744,8 +778,8 @@ static RSA_METHOD cryptodev_rsa = { | |||
| 744 | NULL, /* rsa_pub_dec */ | 778 | NULL, /* rsa_pub_dec */ |
| 745 | NULL, /* rsa_priv_enc */ | 779 | NULL, /* rsa_priv_enc */ |
| 746 | NULL, /* rsa_priv_dec */ | 780 | NULL, /* rsa_priv_dec */ |
| 747 | cryptodev_rsa_mod_exp, /* rsa_mod_exp */ | 781 | NULL, |
| 748 | cryptodev_bn_mod_exp, /* bn_mod_exp */ | 782 | NULL, |
| 749 | NULL, /* init */ | 783 | NULL, /* init */ |
| 750 | NULL, /* finish */ | 784 | NULL, /* finish */ |
| 751 | 0, /* flags */ | 785 | 0, /* flags */ |
| @@ -798,7 +832,6 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
| 798 | dsaret->s = s; | 832 | dsaret->s = s; |
| 799 | } else { | 833 | } else { |
| 800 | const DSA_METHOD *meth = DSA_OpenSSL(); | 834 | const DSA_METHOD *meth = DSA_OpenSSL(); |
| 801 | |||
| 802 | BN_free(r); | 835 | BN_free(r); |
| 803 | BN_free(s); | 836 | BN_free(s); |
| 804 | dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); | 837 | dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); |
| @@ -814,7 +847,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, | |||
| 814 | DSA_SIG *sig, DSA *dsa) | 847 | DSA_SIG *sig, DSA *dsa) |
| 815 | { | 848 | { |
| 816 | struct crypt_kop kop; | 849 | struct crypt_kop kop; |
| 817 | int dsaret = 0; | 850 | int dsaret = 1; |
| 818 | 851 | ||
| 819 | memset(&kop, 0, sizeof kop); | 852 | memset(&kop, 0, sizeof kop); |
| 820 | kop.crk_op = CRK_DSA_VERIFY; | 853 | kop.crk_op = CRK_DSA_VERIFY; |
| @@ -849,13 +882,14 @@ err: | |||
| 849 | return (dsaret); | 882 | return (dsaret); |
| 850 | } | 883 | } |
| 851 | 884 | ||
| 885 | |||
| 852 | static DSA_METHOD cryptodev_dsa = { | 886 | static DSA_METHOD cryptodev_dsa = { |
| 853 | "cryptodev DSA method", | 887 | "cryptodev DSA method", |
| 854 | cryptodev_dsa_do_sign, | 888 | NULL, |
| 855 | NULL, /* dsa_sign_setup */ | 889 | NULL, /* dsa_sign_setup */ |
| 856 | cryptodev_dsa_verify, | 890 | NULL, |
| 857 | NULL, /* dsa_mod_exp */ | 891 | NULL, /* dsa_mod_exp */ |
| 858 | cryptodev_dsa_bn_mod_exp, /* bn_mod_exp */ | 892 | NULL, |
| 859 | NULL, /* init */ | 893 | NULL, /* init */ |
| 860 | NULL, /* finish */ | 894 | NULL, /* finish */ |
| 861 | 0, /* flags */ | 895 | 0, /* flags */ |
| @@ -874,7 +908,7 @@ static int | |||
| 874 | cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | 908 | cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) |
| 875 | { | 909 | { |
| 876 | struct crypt_kop kop; | 910 | struct crypt_kop kop; |
| 877 | int dhret = 0; | 911 | int dhret = 1; |
| 878 | int keylen; | 912 | int keylen; |
| 879 | 913 | ||
| 880 | keylen = BN_num_bits(dh->p); | 914 | keylen = BN_num_bits(dh->p); |
| @@ -909,8 +943,8 @@ err: | |||
| 909 | static DH_METHOD cryptodev_dh = { | 943 | static DH_METHOD cryptodev_dh = { |
| 910 | "cryptodev DH method", | 944 | "cryptodev DH method", |
| 911 | NULL, /* cryptodev_dh_generate_key */ | 945 | NULL, /* cryptodev_dh_generate_key */ |
| 912 | cryptodev_dh_compute_key, | 946 | NULL, |
| 913 | cryptodev_mod_exp_dh, | 947 | NULL, |
| 914 | NULL, | 948 | NULL, |
| 915 | NULL, | 949 | NULL, |
| 916 | 0, /* flags */ | 950 | 0, /* flags */ |
| @@ -939,12 +973,24 @@ void | |||
| 939 | ENGINE_load_cryptodev(void) | 973 | ENGINE_load_cryptodev(void) |
| 940 | { | 974 | { |
| 941 | ENGINE *engine = ENGINE_new(); | 975 | ENGINE *engine = ENGINE_new(); |
| 942 | const RSA_METHOD *rsa_meth; | 976 | struct syslog_data sd = SYSLOG_DATA_INIT; |
| 943 | const DH_METHOD *dh_meth; | ||
| 944 | 977 | ||
| 945 | if (engine == NULL) | 978 | if (engine == NULL) |
| 946 | return; | 979 | return; |
| 947 | 980 | ||
| 981 | |||
| 982 | if (!check_dev_crypto()) { | ||
| 983 | return; | ||
| 984 | } | ||
| 985 | |||
| 986 | /* | ||
| 987 | * find out what asymmetric crypto algorithms we support | ||
| 988 | */ | ||
| 989 | if (ioctl(cryptodev_fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { | ||
| 990 | syslog_r(LOG_ERR, &sd, "CIOCASYMFEAT failed (%m)"); | ||
| 991 | return; | ||
| 992 | } | ||
| 993 | |||
| 948 | if (!ENGINE_set_id(engine, "cryptodev") || | 994 | if (!ENGINE_set_id(engine, "cryptodev") || |
| 949 | !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || | 995 | !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || |
| 950 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || | 996 | !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || |
| @@ -955,26 +1001,58 @@ ENGINE_load_cryptodev(void) | |||
| 955 | return; | 1001 | return; |
| 956 | } | 1002 | } |
| 957 | 1003 | ||
| 958 | if ((cryptodev_symfeat & CRSFEAT_RSA) && | 1004 | if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { |
| 959 | ENGINE_set_RSA(engine, &cryptodev_rsa)) { | 1005 | const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); |
| 960 | rsa_meth = RSA_PKCS1_SSLeay(); | 1006 | |
| 1007 | cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; | ||
| 1008 | cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; | ||
| 961 | cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; | 1009 | cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; |
| 962 | cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; | 1010 | cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; |
| 963 | cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_dec; | 1011 | cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; |
| 964 | cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; | 1012 | cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; |
| 1013 | if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
| 1014 | cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; | ||
| 1015 | if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) | ||
| 1016 | cryptodev_rsa.rsa_mod_exp = | ||
| 1017 | cryptodev_rsa_mod_exp; | ||
| 1018 | else | ||
| 1019 | cryptodev_rsa.rsa_mod_exp = | ||
| 1020 | cryptodev_rsa_nocrt_mod_exp; | ||
| 1021 | } | ||
| 965 | } | 1022 | } |
| 966 | 1023 | ||
| 967 | if ((cryptodev_symfeat & CRSFEAT_DSA) && | 1024 | #if 0 |
| 968 | ENGINE_set_DSA(engine, &cryptodev_dsa)) { | 1025 | /* dsa is currently busted. */ |
| 1026 | if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { | ||
| 1027 | const DSA_METHOD *meth = DSA_OpenSSL(); | ||
| 1028 | |||
| 1029 | cryptodev_dsa.dsa_do_sign = meth->dsa_do_sign; | ||
| 1030 | cryptodev_dsa.dsa_do_verify = meth->dsa_do_verify; | ||
| 1031 | cryptodev_dsa.bn_mod_exp = meth->bn_mod_exp; | ||
| 1032 | if (cryptodev_asymfeat & CRF_DSA_SIGN) | ||
| 1033 | cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; | ||
| 1034 | if (cryptodev_asymfeat & CRF_DSA_VERIFY) | ||
| 1035 | cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; | ||
| 1036 | if (cryptodev_asymfeat & CRF_MOD_EXP) | ||
| 1037 | cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; | ||
| 969 | } | 1038 | } |
| 1039 | #endif | ||
| 1040 | |||
| 1041 | |||
| 1042 | if (ENGINE_set_DH(engine, &cryptodev_dh)){ | ||
| 1043 | const DH_METHOD *dh_meth = DH_OpenSSL(); | ||
| 970 | 1044 | ||
| 971 | if ((cryptodev_symfeat & CRSFEAT_DH) && | ||
| 972 | ENGINE_set_DH(engine, &cryptodev_dh)) { | ||
| 973 | dh_meth = DH_OpenSSL(); | ||
| 974 | cryptodev_dh.generate_key = dh_meth->generate_key; | 1045 | cryptodev_dh.generate_key = dh_meth->generate_key; |
| 975 | cryptodev_dh.compute_key = dh_meth->compute_key; | 1046 | cryptodev_dh.compute_key = dh_meth->compute_key; |
| 1047 | cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; | ||
| 1048 | if (cryptodev_asymfeat & CRF_MOD_EXP) { | ||
| 1049 | cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; | ||
| 1050 | if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) | ||
| 1051 | cryptodev_dh.compute_key = | ||
| 1052 | cryptodev_dh_compute_key; | ||
| 1053 | } | ||
| 976 | } | 1054 | } |
| 977 | 1055 | ||
| 978 | ENGINE_add(engine); | 1056 | ENGINE_add(engine); |
| 979 | ENGINE_free(engine); | 1057 | ENGINE_free(engine); |
| 980 | ERR_clear_error(); | 1058 | ERR_clear_error(); |