summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/engine/hw_cryptodev.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/engine/hw_cryptodev.c')
-rw-r--r--src/lib/libcrypto/engine/hw_cryptodev.c396
1 files changed, 314 insertions, 82 deletions
diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c
index 3e7fff1c1e..0e80ca051a 100644
--- a/src/lib/libcrypto/engine/hw_cryptodev.c
+++ b/src/lib/libcrypto/engine/hw_cryptodev.c
@@ -1,6 +1,6 @@
1/* 1/*
2 * Copyright (c) 2002-2004 Theo de Raadt
2 * Copyright (c) 2002 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
3 * Copyright (c) 2002 Theo de Raadt
4 * Copyright (c) 2002 Markus Friedl 4 * Copyright (c) 2002 Markus Friedl
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
@@ -49,39 +49,57 @@ ENGINE_load_cryptodev(void)
49 return; 49 return;
50} 50}
51 51
52#else 52#else
53 53
54#include <sys/types.h> 54#include <sys/types.h>
55#include <crypto/cryptodev.h> 55#include <crypto/cryptodev.h>
56#include <sys/ioctl.h> 56#include <sys/ioctl.h>
57
57#include <errno.h> 58#include <errno.h>
58#include <stdio.h>
59#include <unistd.h>
60#include <fcntl.h> 59#include <fcntl.h>
60#include <limits.h>
61#include <stdarg.h> 61#include <stdarg.h>
62#include <syslog.h> 62#include <stdio.h>
63#include <errno.h>
64#include <string.h> 63#include <string.h>
64#include <syslog.h>
65#include <unistd.h>
66
67#if defined(__i386__) || defined(__amd64__)
68#include <sys/sysctl.h>
69#include <machine/cpu.h>
70#include <machine/specialreg.h>
71
72#include <ssl/aes.h>
73
74static int check_viac3aes(void);
75#endif
76
77#define CRYPTO_VIAC3_MAX 3
65 78
66struct dev_crypto_state { 79struct dev_crypto_state {
67 struct session_op d_sess; 80 struct session_op d_sess;
68 int d_fd; 81 int d_fd;
69}; 82};
70 83
84struct dev_crypto_cipher {
85 int c_id;
86 int c_nid;
87 int c_ivmax;
88 int c_keylen;
89};
90
71static u_int32_t cryptodev_asymfeat = 0; 91static u_int32_t cryptodev_asymfeat = 0;
72 92
73static int get_asym_dev_crypto(void); 93static int get_asym_dev_crypto(void);
74static int open_dev_crypto(void); 94static int open_dev_crypto(void);
75static int get_dev_crypto(void); 95static int get_dev_crypto(void);
76static int cryptodev_max_iv(int cipher); 96static struct dev_crypto_cipher *cipher_nid_to_cryptodev(int nid);
77static int cryptodev_key_length_valid(int cipher, int len);
78static int cipher_nid_to_cryptodev(int nid);
79static int get_cryptodev_ciphers(const int **cnids); 97static int get_cryptodev_ciphers(const int **cnids);
80/*static int get_cryptodev_digests(const int **cnids);*/ 98/*static int get_cryptodev_digests(const int **cnids);*/
81static int cryptodev_usable_ciphers(const int **nids); 99static int cryptodev_usable_ciphers(const int **nids);
82static int cryptodev_usable_digests(const int **nids); 100static int cryptodev_usable_digests(const int **nids);
83static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 101static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
84 const unsigned char *in, unsigned int inl); 102 const unsigned char *in, size_t inl);
85static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 103static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
86 const unsigned char *iv, int enc); 104 const unsigned char *iv, int enc);
87static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx); 105static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
@@ -98,8 +116,9 @@ static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
98static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, 116static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
99 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 117 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
100static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, 118static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
101 RSA *rsa); 119 RSA *rsa, BN_CTX *ctx);
102static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); 120static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
121 BN_CTX *ctx);
103static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, 122static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
104 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 123 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
105static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, 124static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
@@ -122,18 +141,14 @@ static const ENGINE_CMD_DEFN cryptodev_defns[] = {
122 { 0, NULL, NULL, 0 } 141 { 0, NULL, NULL, 0 }
123}; 142};
124 143
125static struct { 144static struct dev_crypto_cipher ciphers[] = {
126 int id;
127 int nid;
128 int ivmax;
129 int keylen;
130} ciphers[] = {
131 { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, 145 { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, },
132 { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, 146 { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, },
133 { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, 147 { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, },
148 { CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24, },
149 { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, },
134 { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, 150 { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, },
135 { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, 151 { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, },
136 { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, },
137 { 0, NID_undef, 0, 0, }, 152 { 0, NID_undef, 0, 0, },
138}; 153};
139 154
@@ -153,7 +168,7 @@ static struct {
153#endif 168#endif
154 169
155/* 170/*
156 * Return a fd if /dev/crypto seems usable, 0 otherwise. 171 * Return a fd if /dev/crypto seems usable, -1 otherwise.
157 */ 172 */
158static int 173static int
159open_dev_crypto(void) 174open_dev_crypto(void)
@@ -180,8 +195,10 @@ get_dev_crypto(void)
180 195
181 if ((fd = open_dev_crypto()) == -1) 196 if ((fd = open_dev_crypto()) == -1)
182 return (-1); 197 return (-1);
183 if (ioctl(fd, CRIOGET, &retfd) == -1) 198 if (ioctl(fd, CRIOGET, &retfd) == -1) {
199 close(fd);
184 return (-1); 200 return (-1);
201 }
185 202
186 /* close on exec */ 203 /* close on exec */
187 if (fcntl(retfd, F_SETFD, 1) == -1) { 204 if (fcntl(retfd, F_SETFD, 1) == -1) {
@@ -202,48 +219,16 @@ get_asym_dev_crypto(void)
202 return fd; 219 return fd;
203} 220}
204 221
205/*
206 * XXXX this needs to be set for each alg - and determined from
207 * a running card.
208 */
209static int
210cryptodev_max_iv(int cipher)
211{
212 int i;
213
214 for (i = 0; ciphers[i].id; i++)
215 if (ciphers[i].id == cipher)
216 return (ciphers[i].ivmax);
217 return (0);
218}
219
220/*
221 * XXXX this needs to be set for each alg - and determined from
222 * a running card. For now, fake it out - but most of these
223 * for real devices should return 1 for the supported key
224 * sizes the device can handle.
225 */
226static int
227cryptodev_key_length_valid(int cipher, int len)
228{
229 int i;
230
231 for (i = 0; ciphers[i].id; i++)
232 if (ciphers[i].id == cipher)
233 return (ciphers[i].keylen == len);
234 return (0);
235}
236
237/* convert libcrypto nids to cryptodev */ 222/* convert libcrypto nids to cryptodev */
238static int 223static struct dev_crypto_cipher *
239cipher_nid_to_cryptodev(int nid) 224cipher_nid_to_cryptodev(int nid)
240{ 225{
241 int i; 226 int i;
242 227
243 for (i = 0; ciphers[i].id; i++) 228 for (i = 0; ciphers[i].c_id; i++)
244 if (ciphers[i].nid == nid) 229 if (ciphers[i].c_nid == nid)
245 return (ciphers[i].id); 230 return (&ciphers[i]);
246 return (0); 231 return (NULL);
247} 232}
248 233
249/* 234/*
@@ -255,7 +240,7 @@ cipher_nid_to_cryptodev(int nid)
255static int 240static int
256get_cryptodev_ciphers(const int **cnids) 241get_cryptodev_ciphers(const int **cnids)
257{ 242{
258 static int nids[CRYPTO_ALGORITHM_MAX]; 243 static int nids[CRYPTO_ALGORITHM_MAX + CRYPTO_VIAC3_MAX + 1];
259 struct session_op sess; 244 struct session_op sess;
260 int fd, i, count = 0; 245 int fd, i, count = 0;
261 246
@@ -266,18 +251,45 @@ get_cryptodev_ciphers(const int **cnids)
266 memset(&sess, 0, sizeof(sess)); 251 memset(&sess, 0, sizeof(sess));
267 sess.key = (caddr_t)"123456781234567812345678"; 252 sess.key = (caddr_t)"123456781234567812345678";
268 253
269 for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { 254 for (i = 0; ciphers[i].c_id && count <= CRYPTO_ALGORITHM_MAX; i++) {
270 if (ciphers[i].nid == NID_undef) 255 if (ciphers[i].c_nid == NID_undef)
271 continue; 256 continue;
272 sess.cipher = ciphers[i].id; 257 sess.cipher = ciphers[i].c_id;
273 sess.keylen = ciphers[i].keylen; 258 sess.keylen = ciphers[i].c_keylen;
274 sess.mac = 0; 259 sess.mac = 0;
275 if (ioctl(fd, CIOCGSESSION, &sess) != -1 && 260 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
276 ioctl(fd, CIOCFSESSION, &sess.ses) != -1) 261 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
277 nids[count++] = ciphers[i].nid; 262 nids[count++] = ciphers[i].c_nid;
278 } 263 }
279 close(fd); 264 close(fd);
280 265
266#if defined(__i386__) || defined(__amd64__)
267 /*
268 * Always check for the VIA C3 AES instructions;
269 * even if /dev/crypto is disabled.
270 */
271 if (check_viac3aes() >= 1) {
272 int have_NID_aes_128_cbc = 0;
273 int have_NID_aes_192_cbc = 0;
274 int have_NID_aes_256_cbc = 0;
275
276 for (i = 0; i < count; i++) {
277 if (nids[i] == NID_aes_128_cbc)
278 have_NID_aes_128_cbc = 1;
279 if (nids[i] == NID_aes_192_cbc)
280 have_NID_aes_192_cbc = 1;
281 if (nids[i] == NID_aes_256_cbc)
282 have_NID_aes_256_cbc = 1;
283 }
284 if (!have_NID_aes_128_cbc)
285 nids[count++] = NID_aes_128_cbc;
286 if (!have_NID_aes_192_cbc)
287 nids[count++] = NID_aes_192_cbc;
288 if (!have_NID_aes_256_cbc)
289 nids[count++] = NID_aes_256_cbc;
290 }
291#endif
292
281 if (count > 0) 293 if (count > 0)
282 *cnids = nids; 294 *cnids = nids;
283 else 295 else
@@ -371,7 +383,7 @@ cryptodev_usable_digests(const int **nids)
371 383
372static int 384static int
373cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 385cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
374 const unsigned char *in, unsigned int inl) 386 const unsigned char *in, size_t inl)
375{ 387{
376 struct crypt_op cryp; 388 struct crypt_op cryp;
377 struct dev_crypto_state *state = ctx->cipher_data; 389 struct dev_crypto_state *state = ctx->cipher_data;
@@ -429,15 +441,15 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
429{ 441{
430 struct dev_crypto_state *state = ctx->cipher_data; 442 struct dev_crypto_state *state = ctx->cipher_data;
431 struct session_op *sess = &state->d_sess; 443 struct session_op *sess = &state->d_sess;
432 int cipher; 444 struct dev_crypto_cipher *cipher;
433 445
434 if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef) 446 if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NULL)
435 return (0); 447 return (0);
436 448
437 if (ctx->cipher->iv_len > cryptodev_max_iv(cipher)) 449 if (ctx->cipher->iv_len > cipher->c_ivmax)
438 return (0); 450 return (0);
439 451
440 if (!cryptodev_key_length_valid(cipher, ctx->key_len)) 452 if (ctx->key_len != cipher->c_keylen)
441 return (0); 453 return (0);
442 454
443 memset(sess, 0, sizeof(struct session_op)); 455 memset(sess, 0, sizeof(struct session_op));
@@ -447,7 +459,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
447 459
448 sess->key = (unsigned char *)key; 460 sess->key = (unsigned char *)key;
449 sess->keylen = ctx->key_len; 461 sess->keylen = ctx->key_len;
450 sess->cipher = cipher; 462 sess->cipher = cipher->c_id;
451 463
452 if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { 464 if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
453 close(state->d_fd); 465 close(state->d_fd);
@@ -552,7 +564,7 @@ const EVP_CIPHER cryptodev_cast_cbc = {
552 NULL 564 NULL
553}; 565};
554 566
555const EVP_CIPHER cryptodev_aes_cbc = { 567EVP_CIPHER cryptodev_aes_128_cbc = {
556 NID_aes_128_cbc, 568 NID_aes_128_cbc,
557 16, 16, 16, 569 16, 16, 16,
558 EVP_CIPH_CBC_MODE, 570 EVP_CIPH_CBC_MODE,
@@ -565,6 +577,225 @@ const EVP_CIPHER cryptodev_aes_cbc = {
565 NULL 577 NULL
566}; 578};
567 579
580EVP_CIPHER cryptodev_aes_192_cbc = {
581 NID_aes_192_cbc,
582 16, 24, 16,
583 EVP_CIPH_CBC_MODE,
584 cryptodev_init_key,
585 cryptodev_cipher,
586 cryptodev_cleanup,
587 sizeof(struct dev_crypto_state),
588 EVP_CIPHER_set_asn1_iv,
589 EVP_CIPHER_get_asn1_iv,
590 NULL
591};
592
593EVP_CIPHER cryptodev_aes_256_cbc = {
594 NID_aes_256_cbc,
595 16, 32, 16,
596 EVP_CIPH_CBC_MODE,
597 cryptodev_init_key,
598 cryptodev_cipher,
599 cryptodev_cleanup,
600 sizeof(struct dev_crypto_state),
601 EVP_CIPHER_set_asn1_iv,
602 EVP_CIPHER_get_asn1_iv,
603 NULL
604};
605
606#if defined(__i386__) || defined(__amd64__)
607
608static inline void
609viac3_xcrypt_cbc(int *cw, const void *src, void *dst, void *key, int rep,
610 void *iv)
611{
612#ifdef notdef
613 printf("cw %p[%x %x %x %x] src %p dst %p key %p rep %x iv %p\n",
614 cw, cw[0], cw[1], cw[2], cw[3],
615 src, dst, key, rep, iv);
616#endif
617#if defined(__i386__)
618
619 /*
620 * Clear bit 30 of EFLAGS.
621 */
622 __asm __volatile("pushfl; popfl");
623
624 /*
625 * Cannot simply place key into "b" register, since the compiler
626 * -pic mode uses that register; so instead we must dance a little.
627 */
628 __asm __volatile("pushl %%ebx; movl %0, %%ebx; rep xcrypt-cbc; popl %%ebx" :
629 : "m" (key), "a" (iv), "c" (rep), "d" (cw), "S" (src), "D" (dst)
630 : "memory", "cc");
631#else
632
633 /*
634 * Clear bit 30 of EFLAGS.
635 */
636 __asm __volatile("pushfq; popfq");
637 __asm __volatile("rep xcrypt-cbc" :
638 : "b" (key), "a" (iv), "c" (rep), "d" (cw), "S" (src), "D" (dst)
639 : "memory", "cc");
640#endif
641
642}
643
644#define ISUNALIGNED(x) ((long)(x)) & 15
645#define DOALIGN(v) ((void *)(((long)(v) + 15) & ~15))
646
647static int
648xcrypt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
649 const unsigned char *in, size_t inl)
650{
651 unsigned char *save_iv_store[EVP_MAX_IV_LENGTH + 15];
652 unsigned char *save_iv = DOALIGN(save_iv_store);
653 unsigned char *ivs_store[EVP_MAX_IV_LENGTH + 15];
654 unsigned char *ivs = DOALIGN(ivs_store);
655 void *iiv, *iv = NULL, *ivp = NULL;
656 const void *usein = in;
657 void *useout = out, *spare;
658 int cws[4 + 3], *cw = DOALIGN(cws);
659
660 if (!inl)
661 return (1);
662 if ((inl % ctx->cipher->block_size) != 0)
663 return (0);
664 if (inl > UINT_MAX)
665 return (0);
666
667 if (ISUNALIGNED(in) || ISUNALIGNED(out)) {
668 spare = malloc(inl);
669 if (spare == NULL)
670 return (0);
671
672 if (ISUNALIGNED(in)) {
673 bcopy(in, spare, inl);
674 usein = spare;
675 }
676 if (ISUNALIGNED(out))
677 useout = spare;
678 }
679
680 cw[0] = C3_CRYPT_CWLO_ALG_AES | C3_CRYPT_CWLO_KEYGEN_SW |
681 C3_CRYPT_CWLO_NORMAL;
682 cw[0] |= ctx->encrypt ? C3_CRYPT_CWLO_ENCRYPT : C3_CRYPT_CWLO_DECRYPT;
683 cw[1] = cw[2] = cw[3] = 0;
684
685 switch (ctx->key_len * 8) {
686 case 128:
687 cw[0] |= C3_CRYPT_CWLO_KEY128;
688 break;
689 case 192:
690 cw[0] |= C3_CRYPT_CWLO_KEY192;
691 break;
692 case 256:
693 cw[0] |= C3_CRYPT_CWLO_KEY256;
694 break;
695 }
696
697 if (ctx->cipher->iv_len) {
698 iv = (caddr_t) ctx->iv;
699 if (!ctx->encrypt) {
700 iiv = (void *) in + inl - ctx->cipher->iv_len;
701 memcpy(save_iv, iiv, ctx->cipher->iv_len);
702 }
703 }
704
705 ivp = iv;
706 if (ISUNALIGNED(iv)) {
707 bcopy(iv, ivs, ctx->cipher->iv_len);
708 ivp = ivs;
709 }
710
711 viac3_xcrypt_cbc(cw, usein, useout, ctx->cipher_data, inl / 16, ivp);
712
713 if (ISUNALIGNED(in) || ISUNALIGNED(out)) {
714 if (ISUNALIGNED(out))
715 bcopy(spare, out, inl);
716 free(spare);
717 }
718
719 if (ivp == ivs)
720 bcopy(ivp, iv, ctx->cipher->iv_len);
721
722 if (ctx->cipher->iv_len) {
723 if (ctx->encrypt)
724 iiv = (void *) out + inl - ctx->cipher->iv_len;
725 else
726 iiv = save_iv;
727 memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
728 }
729 return (1);
730}
731
732static int
733xcrypt_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
734 const unsigned char *iv, int enc)
735{
736 AES_KEY *k = ctx->cipher_data;
737#ifndef AES_ASM
738 int i;
739#endif
740
741 bzero(k, sizeof *k);
742 if (enc)
743 AES_set_encrypt_key(key, ctx->key_len * 8, k);
744 else
745 AES_set_decrypt_key(key, ctx->key_len * 8, k);
746
747#ifndef AES_ASM
748 /*
749 * XXX Damn OpenSSL byte swaps the expanded key!!
750 *
751 * XXX But only if we're using the C implementation of AES
752 */
753 for (i = 0; i < 4 * (AES_MAXNR + 1); i++)
754 k->rd_key[i] = htonl(k->rd_key[i]);
755#endif
756
757 return (1);
758}
759
760static int
761xcrypt_cleanup(EVP_CIPHER_CTX *ctx)
762{
763 bzero(ctx->cipher_data, ctx->cipher->ctx_size);
764 return (1);
765}
766
767static int
768check_viac3aes(void)
769{
770 int mib[2] = { CTL_MACHDEP, CPU_XCRYPT }, value;
771 size_t size = sizeof(value);
772
773 if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), &value, &size,
774 NULL, 0) < 0)
775 return (0);
776 if (value == 0)
777 return (0);
778
779 if (value & C3_HAS_AES) {
780 cryptodev_aes_128_cbc.init = xcrypt_init_key;
781 cryptodev_aes_128_cbc.do_cipher = xcrypt_cipher;
782 cryptodev_aes_128_cbc.cleanup = xcrypt_cleanup;
783 cryptodev_aes_128_cbc.ctx_size = sizeof(AES_KEY);
784
785 cryptodev_aes_192_cbc.init = xcrypt_init_key;
786 cryptodev_aes_192_cbc.do_cipher = xcrypt_cipher;
787 cryptodev_aes_192_cbc.cleanup = xcrypt_cleanup;
788 cryptodev_aes_192_cbc.ctx_size = sizeof(AES_KEY);
789
790 cryptodev_aes_256_cbc.init = xcrypt_init_key;
791 cryptodev_aes_256_cbc.do_cipher = xcrypt_cipher;
792 cryptodev_aes_256_cbc.cleanup = xcrypt_cleanup;
793 cryptodev_aes_256_cbc.ctx_size = sizeof(AES_KEY);
794 }
795 return (value);
796}
797#endif /* __i386__ || __amd64__ */
798
568/* 799/*
569 * Registered by the ENGINE when used to find out how to deal with 800 * Registered by the ENGINE when used to find out how to deal with
570 * a particular NID in the ENGINE. this says what we'll do at the 801 * a particular NID in the ENGINE. this says what we'll do at the
@@ -591,7 +822,13 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
591 *cipher = &cryptodev_cast_cbc; 822 *cipher = &cryptodev_cast_cbc;
592 break; 823 break;
593 case NID_aes_128_cbc: 824 case NID_aes_128_cbc:
594 *cipher = &cryptodev_aes_cbc; 825 *cipher = &cryptodev_aes_128_cbc;
826 break;
827 case NID_aes_192_cbc:
828 *cipher = &cryptodev_aes_192_cbc;
829 break;
830 case NID_aes_256_cbc:
831 *cipher = &cryptodev_aes_256_cbc;
595 break; 832 break;
596 default: 833 default:
597 *cipher = NULL; 834 *cipher = NULL;
@@ -758,19 +995,14 @@ err:
758} 995}
759 996
760static int 997static int
761cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) 998cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
999 BN_CTX *ctx)
762{ 1000{
763 int r; 1001 return (RSA_PKCS1_SSLeay()->rsa_mod_exp)(r0, I, rsa, ctx);
764 BN_CTX *ctx;
765
766 ctx = BN_CTX_new();
767 r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
768 BN_CTX_free(ctx);
769 return (r);
770} 1002}
771 1003
772static int 1004static int
773cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) 1005cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
774{ 1006{
775 struct crypt_kop kop; 1007 struct crypt_kop kop;
776 int ret = 1; 1008 int ret = 1;
@@ -799,7 +1031,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
799 1031
800 if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { 1032 if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
801 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); 1033 const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
802 ret = (*meth->rsa_mod_exp)(r0, I, rsa); 1034 ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx);
803 } 1035 }
804err: 1036err:
805 zapparams(&kop); 1037 zapparams(&kop);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 14:17:39 +0000