2 * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
12 * Copyright (c) 2002 Theo de Raadt
13 * Copyright (c) 2002 Markus Friedl
14 * Copyright (c) 2012 Nikos Mavrogiannopoulos
15 * All rights reserved.
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions
20 * 1. Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 * 2. Redistributions in binary form must reproduce the above copyright
23 * notice, this list of conditions and the following disclaimer in the
24 * documentation and/or other materials provided with the distribution.
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
27 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
28 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
29 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
30 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
31 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
32 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
33 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 #include <openssl/objects.h>
40 #include <internal/engine.h>
41 #include <openssl/evp.h>
42 #include <openssl/bn.h>
43 #include <openssl/crypto.h>
45 #if (defined(__unix__) || defined(unix)) && !defined(USG) && \
46 (defined(OpenBSD) || defined(__FreeBSD__) || defined(__DragonFly__))
47 # include <sys/param.h>
48 # if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) || defined(__DragonFly__)
49 # define HAVE_CRYPTODEV
51 # if (OpenBSD >= 200110)
52 # define HAVE_SYSLOG_R
56 #include <sys/types.h>
58 # include <crypto/cryptodev.h>
59 # include <sys/ioctl.h>
69 #include <openssl/dh.h>
70 #include <openssl/dsa.h>
71 #include <openssl/err.h>
72 #include <openssl/rsa.h>
74 #ifndef HAVE_CRYPTODEV
76 void engine_load_cryptodev_int(void)
78 /* This is a NOP on platforms without /dev/crypto */
84 /* Available on cryptodev-linux but not on FreeBSD 8.4 */
85 # ifndef CRYPTO_HMAC_MAX_KEY_LEN
86 # define CRYPTO_HMAC_MAX_KEY_LEN 512
88 # ifndef CRYPTO_CIPHER_MAX_KEY_LEN
89 # define CRYPTO_CIPHER_MAX_KEY_LEN 64
92 struct dev_crypto_state {
93 struct session_op d_sess;
95 # ifdef USE_CRYPTODEV_DIGESTS
96 unsigned char digest_res[HASH_MAX_LEN];
102 static u_int32_t cryptodev_asymfeat = 0;
104 static RSA_METHOD *cryptodev_rsa;
105 # ifndef OPENSSL_NO_DSA
106 static DSA_METHOD *cryptodev_dsa = NULL;
108 # ifndef OPENSSL_NO_DH
109 static DH_METHOD *cryptodev_dh;
112 static int get_asym_dev_crypto(void);
113 static int open_dev_crypto(void);
114 static int get_dev_crypto(void);
115 static int get_cryptodev_ciphers(const int **cnids);
116 # ifdef USE_CRYPTODEV_DIGESTS
117 static int get_cryptodev_digests(const int **cnids);
119 static int cryptodev_usable_ciphers(const int **nids);
120 static int cryptodev_usable_digests(const int **nids);
121 static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
122 const unsigned char *in, size_t inl);
123 static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
124 const unsigned char *iv, int enc);
125 static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
126 static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
127 const int **nids, int nid);
128 static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
129 const int **nids, int nid);
130 static int bn2crparam(const BIGNUM *a, struct crparam *crp);
131 static int crparam2bn(struct crparam *crp, BIGNUM *a);
132 static void zapparams(struct crypt_kop *kop);
133 static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
134 int slen, BIGNUM *s);
136 static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
137 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
139 static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
141 static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
143 # ifndef OPENSSL_NO_DSA
144 static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, const BIGNUM *a,
145 const BIGNUM *p, const BIGNUM *m,
146 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
147 static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, const BIGNUM *g,
148 const BIGNUM *u1, const BIGNUM *pub_key,
149 const BIGNUM *u2, const BIGNUM *p,
150 BN_CTX *ctx, BN_MONT_CTX *mont);
151 static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
153 static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
154 DSA_SIG *sig, DSA *dsa);
156 # ifndef OPENSSL_NO_DH
157 static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
158 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
160 static int cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
163 static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
165 void engine_load_cryptodev_int(void);
167 static const ENGINE_CMD_DEFN cryptodev_defns[] = {
177 {CRYPTO_ARC4, NID_rc4, 0, 16},
178 {CRYPTO_DES_CBC, NID_des_cbc, 8, 8},
179 # if defined(CRYPTO_3DES_CBC)
180 {CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24},
184 * The marvell-kirkwood armv5 platform doesn't seem to have CRYPTO_3DES_ECB.
185 * Unfortunately, there is no way to detect this, except on BSD, where the
186 * crypto identities are implemented as macros. All other cryptodev
187 * implementations will be without this one.
189 # if defined(CRYPTO_3DES_ECB)
190 {CRYPTO_3DES_ECB, NID_des_ede3_ecb, 0, 24},
193 {CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16},
194 {CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24},
195 {CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32},
196 # if !defined(CRYPTO_ALGORITHM_MIN) || defined(CRYPTO_AES_CTR)
197 {CRYPTO_AES_CTR, NID_aes_128_ctr, 14, 16},
198 {CRYPTO_AES_CTR, NID_aes_192_ctr, 14, 24},
199 {CRYPTO_AES_CTR, NID_aes_256_ctr, 14, 32},
201 # if !defined(CRYPTO_ALGORITHM_MIN) || defined(CRYPTO_AES_ECB)
202 {CRYPTO_AES_ECB, NID_aes_128_ecb, 0, 16},
203 {CRYPTO_AES_ECB, NID_aes_192_ecb, 0, 24},
204 {CRYPTO_AES_ECB, NID_aes_256_ecb, 0, 32},
206 {CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16},
207 {CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16},
208 {CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0},
209 {0, NID_undef, 0, 0},
212 # ifdef USE_CRYPTODEV_DIGESTS
218 {CRYPTO_MD5, NID_md5, 16},
219 {CRYPTO_SHA1, NID_sha1, 20},
220 {CRYPTO_SHA2_256, NID_sha256, 32},
221 {CRYPTO_SHA2_384, NID_sha384, 48},
222 {CRYPTO_SHA2_512, NID_sha512, 64},
228 * Return a fd if /dev/crypto seems usable, 0 otherwise.
230 static int open_dev_crypto(void)
235 if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
238 if (fcntl(fd, F_SETFD, 1) == -1) {
247 static int get_dev_crypto(void)
251 if ((fd = open_dev_crypto()) == -1)
253 # ifndef CRIOGET_NOT_NEEDED
254 if (ioctl(fd, CRIOGET, &retfd) == -1)
258 if (fcntl(retfd, F_SETFD, 1) == -1) {
268 static void put_dev_crypto(int fd)
270 # ifndef CRIOGET_NOT_NEEDED
275 /* Caching version for asym operations */
276 static int get_asym_dev_crypto(void)
281 fd = get_dev_crypto();
286 * Find out what ciphers /dev/crypto will let us have a session for.
287 * XXX note, that some of these openssl doesn't deal with yet!
288 * returning them here is harmless, as long as we return NULL
289 * when asked for a handler in the cryptodev_engine_ciphers routine
291 static int get_cryptodev_ciphers(const int **cnids)
293 static int nids[CRYPTO_ALGORITHM_MAX];
294 struct session_op sess;
295 int fd, i, count = 0;
296 unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
298 if ((fd = get_dev_crypto()) < 0) {
302 memset(&sess, 0, sizeof(sess));
303 sess.key = (void *)fake_key;
305 for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
306 if (ciphers[i].nid == NID_undef)
308 sess.cipher = ciphers[i].id;
309 sess.keylen = ciphers[i].keylen;
311 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
312 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
313 nids[count++] = ciphers[i].nid;
324 # ifdef USE_CRYPTODEV_DIGESTS
326 * Find out what digests /dev/crypto will let us have a session for.
327 * XXX note, that some of these openssl doesn't deal with yet!
328 * returning them here is harmless, as long as we return NULL
329 * when asked for a handler in the cryptodev_engine_digests routine
331 static int get_cryptodev_digests(const int **cnids)
333 static int nids[CRYPTO_ALGORITHM_MAX];
334 unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
335 struct session_op sess;
336 int fd, i, count = 0;
338 if ((fd = get_dev_crypto()) < 0) {
342 memset(&sess, 0, sizeof(sess));
343 sess.mackey = fake_key;
344 for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
345 if (digests[i].nid == NID_undef)
347 sess.mac = digests[i].id;
350 if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
351 ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
352 nids[count++] = digests[i].nid;
365 * Find the useable ciphers|digests from dev/crypto - this is the first
366 * thing called by the engine init crud which determines what it
367 * can use for ciphers from this engine. We want to return
368 * only what we can do, anything else is handled by software.
370 * If we can't initialize the device to do anything useful for
371 * any reason, we want to return a NULL array, and 0 length,
372 * which forces everything to be done is software. By putting
373 * the initialization of the device in here, we ensure we can
374 * use this engine as the default, and if for whatever reason
375 * /dev/crypto won't do what we want it will just be done in
378 * This can (should) be greatly expanded to perhaps take into
379 * account speed of the device, and what we want to do.
380 * (although the disabling of particular alg's could be controlled
381 * by the device driver with sysctl's.) - this is where we
382 * want most of the decisions made about what we actually want
383 * to use from /dev/crypto.
385 static int cryptodev_usable_ciphers(const int **nids)
387 return (get_cryptodev_ciphers(nids));
390 static int cryptodev_usable_digests(const int **nids)
392 # ifdef USE_CRYPTODEV_DIGESTS
393 return (get_cryptodev_digests(nids));
396 * XXXX just disable all digests for now, because it sucks.
397 * we need a better way to decide this - i.e. I may not
398 * want digests on slow cards like hifn on fast machines,
399 * but might want them on slow or loaded machines, etc.
400 * will also want them when using crypto cards that don't
401 * suck moose gonads - would be nice to be able to decide something
402 * as reasonable default without having hackery that's card dependent.
403 * of course, the default should probably be just do everything,
404 * with perhaps a sysctl to turn algorithms off (or have them off
405 * by default) on cards that generally suck like the hifn.
413 cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
414 const unsigned char *in, size_t inl)
416 struct crypt_op cryp;
417 struct dev_crypto_state *state = EVP_CIPHER_CTX_get_cipher_data(ctx);
418 struct session_op *sess = &state->d_sess;
420 unsigned char save_iv[EVP_MAX_IV_LENGTH];
426 if ((inl % EVP_CIPHER_CTX_block_size(ctx)) != 0)
429 memset(&cryp, 0, sizeof(cryp));
431 cryp.ses = sess->ses;
434 cryp.src = (void *)in;
435 cryp.dst = (void *)out;
438 cryp.op = EVP_CIPHER_CTX_encrypting(ctx) ? COP_ENCRYPT : COP_DECRYPT;
440 if (EVP_CIPHER_CTX_iv_length(ctx) > 0) {
441 cryp.iv = (void *)EVP_CIPHER_CTX_iv(ctx);
442 if (!EVP_CIPHER_CTX_encrypting(ctx)) {
443 iiv = in + inl - EVP_CIPHER_CTX_iv_length(ctx);
444 memcpy(save_iv, iiv, EVP_CIPHER_CTX_iv_length(ctx));
449 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
451 * XXX need better error handling this can fail for a number of
457 if (EVP_CIPHER_CTX_iv_length(ctx) > 0) {
458 if (EVP_CIPHER_CTX_encrypting(ctx))
459 iiv = out + inl - EVP_CIPHER_CTX_iv_length(ctx);
462 memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iiv,
463 EVP_CIPHER_CTX_iv_length(ctx));
469 cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
470 const unsigned char *iv, int enc)
472 struct dev_crypto_state *state = EVP_CIPHER_CTX_get_cipher_data(ctx);
473 struct session_op *sess = &state->d_sess;
476 for (i = 0; ciphers[i].id; i++)
477 if (EVP_CIPHER_CTX_nid(ctx) == ciphers[i].nid &&
478 EVP_CIPHER_CTX_iv_length(ctx) <= ciphers[i].ivmax &&
479 EVP_CIPHER_CTX_key_length(ctx) == ciphers[i].keylen) {
480 cipher = ciphers[i].id;
484 if (!ciphers[i].id) {
489 memset(sess, 0, sizeof(*sess));
491 if ((state->d_fd = get_dev_crypto()) < 0)
494 sess->key = (void *)key;
495 sess->keylen = EVP_CIPHER_CTX_key_length(ctx);
496 sess->cipher = cipher;
498 if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
499 put_dev_crypto(state->d_fd);
507 * free anything we allocated earlier when initing a
508 * session, and close the session.
510 static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
513 struct dev_crypto_state *state = EVP_CIPHER_CTX_get_cipher_data(ctx);
514 struct session_op *sess = &state->d_sess;
520 * XXX if this ioctl fails, something's wrong. the invoker may have called
521 * us with a bogus ctx, or we could have a device that for whatever
522 * reason just doesn't want to play ball - it's not clear what's right
523 * here - should this be an error? should it just increase a counter,
524 * hmm. For right now, we return 0 - I don't believe that to be "right".
525 * we could call the gorpy openssl lib error handlers that print messages
526 * to users of the library. hmm..
529 if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
534 put_dev_crypto(state->d_fd);
541 * libcrypto EVP stuff - this is how we get wired to EVP so the engine
542 * gets called when libcrypto requests a cipher NID.
545 static int cryptodev_cipher_ctrl(EVP_CIPHER_CTX *ctx, int type, int p1, void *p2)
547 struct dev_crypto_state *state = EVP_CIPHER_CTX_get_cipher_data(ctx);
548 struct session_op *sess = &state->d_sess;
550 if (type == EVP_CTRL_COPY) {
551 EVP_CIPHER_CTX *out = p2;
552 return cryptodev_init_key(out, (unsigned char *)sess->key,
553 EVP_CIPHER_CTX_iv(ctx), 0);
560 static EVP_CIPHER *rc4_cipher = NULL;
561 static const EVP_CIPHER *cryptodev_rc4(void)
563 if (rc4_cipher == NULL) {
564 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_rc4, 1, 16);
567 || !EVP_CIPHER_meth_set_iv_length(cipher, 0)
568 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_VARIABLE_LENGTH
569 | EVP_CIPH_CUSTOM_COPY)
570 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
571 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
572 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
573 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
574 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
576 dev_crypto_state))) {
577 EVP_CIPHER_meth_free(cipher);
586 static EVP_CIPHER *des_cbc_cipher = NULL;
587 static const EVP_CIPHER *cryptodev_des_cbc(void)
589 if (des_cbc_cipher == NULL) {
590 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_des_cbc, 8, 8);
593 || !EVP_CIPHER_meth_set_iv_length(cipher, 8)
594 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
595 | EVP_CIPH_CUSTOM_COPY)
596 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
597 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
598 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
599 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
600 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
603 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
604 EVP_CIPHER_set_asn1_iv)
605 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
606 EVP_CIPHER_get_asn1_iv)) {
607 EVP_CIPHER_meth_free(cipher);
610 des_cbc_cipher = cipher;
612 return des_cbc_cipher;
616 static EVP_CIPHER *des3_cbc_cipher = NULL;
617 static const EVP_CIPHER *cryptodev_3des_cbc(void)
619 if (des3_cbc_cipher == NULL) {
620 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_des_ede3_cbc, 8, 24);
623 || !EVP_CIPHER_meth_set_iv_length(cipher, 8)
624 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
625 | EVP_CIPH_CUSTOM_COPY)
626 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
627 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
628 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
629 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
630 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
633 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
634 EVP_CIPHER_set_asn1_iv)
635 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
636 EVP_CIPHER_get_asn1_iv)) {
637 EVP_CIPHER_meth_free(cipher);
640 des3_cbc_cipher = cipher;
642 return des3_cbc_cipher;
646 static EVP_CIPHER *des3_ecb_cipher = NULL;
647 static const EVP_CIPHER *cryptodev_3des_ecb(void)
649 if (des3_ecb_cipher == NULL) {
650 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_des_ede3_ecb, 8, 24);
653 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_ECB_MODE)
654 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
655 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
656 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
657 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
658 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
660 dev_crypto_state))) {
661 EVP_CIPHER_meth_free(cipher);
664 des3_ecb_cipher = cipher;
666 return des3_ecb_cipher;
669 static EVP_CIPHER *bf_cbc_cipher = NULL;
670 static const EVP_CIPHER *cryptodev_bf_cbc(void)
672 if (bf_cbc_cipher == NULL) {
673 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_bf_cbc, 8, 16);
676 || !EVP_CIPHER_meth_set_iv_length(cipher, 8)
677 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
678 | EVP_CIPH_CUSTOM_COPY)
679 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
680 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
681 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
682 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
683 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
686 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
687 EVP_CIPHER_set_asn1_iv)
688 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
689 EVP_CIPHER_get_asn1_iv)) {
690 EVP_CIPHER_meth_free(cipher);
693 bf_cbc_cipher = cipher;
695 return bf_cbc_cipher;
698 static EVP_CIPHER *cast_cbc_cipher = NULL;
699 static const EVP_CIPHER *cryptodev_cast_cbc(void)
701 if (cast_cbc_cipher == NULL) {
702 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_cast5_cbc, 8, 16);
705 || !EVP_CIPHER_meth_set_iv_length(cipher, 8)
706 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
707 | EVP_CIPH_CUSTOM_COPY)
708 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
709 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
710 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
711 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
712 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
715 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
716 EVP_CIPHER_set_asn1_iv)
717 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
718 EVP_CIPHER_get_asn1_iv)) {
719 EVP_CIPHER_meth_free(cipher);
722 cast_cbc_cipher = cipher;
724 return cast_cbc_cipher;
727 static EVP_CIPHER *aes_cbc_cipher = NULL;
728 static const EVP_CIPHER *cryptodev_aes_cbc(void)
730 if (aes_cbc_cipher == NULL) {
731 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_128_cbc, 16, 16);
734 || !EVP_CIPHER_meth_set_iv_length(cipher, 16)
735 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
736 | EVP_CIPH_CUSTOM_COPY)
737 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
738 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
739 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
740 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
741 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
744 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
745 EVP_CIPHER_set_asn1_iv)
746 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
747 EVP_CIPHER_get_asn1_iv)) {
748 EVP_CIPHER_meth_free(cipher);
751 aes_cbc_cipher = cipher;
753 return aes_cbc_cipher;
756 static EVP_CIPHER *aes_192_cbc_cipher = NULL;
757 static const EVP_CIPHER *cryptodev_aes_192_cbc(void)
759 if (aes_192_cbc_cipher == NULL) {
760 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_192_cbc, 16, 24);
763 || !EVP_CIPHER_meth_set_iv_length(cipher, 16)
764 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
765 | EVP_CIPH_CUSTOM_COPY)
766 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
767 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
768 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
769 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
770 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
773 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
774 EVP_CIPHER_set_asn1_iv)
775 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
776 EVP_CIPHER_get_asn1_iv)) {
777 EVP_CIPHER_meth_free(cipher);
780 aes_192_cbc_cipher = cipher;
782 return aes_192_cbc_cipher;
785 static EVP_CIPHER *aes_256_cbc_cipher = NULL;
786 static const EVP_CIPHER *cryptodev_aes_256_cbc(void)
788 if (aes_256_cbc_cipher == NULL) {
789 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_256_cbc, 16, 32);
792 || !EVP_CIPHER_meth_set_iv_length(cipher, 16)
793 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CBC_MODE
794 | EVP_CIPH_CUSTOM_COPY)
795 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
796 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
797 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
798 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
799 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
802 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
803 EVP_CIPHER_set_asn1_iv)
804 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
805 EVP_CIPHER_get_asn1_iv)) {
806 EVP_CIPHER_meth_free(cipher);
809 aes_256_cbc_cipher = cipher;
811 return aes_256_cbc_cipher;
814 static EVP_CIPHER *aes_ctr_cipher = NULL;
815 static const EVP_CIPHER *cryptodev_aes_ctr(void)
817 if (aes_ctr_cipher == NULL) {
818 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_128_ctr, 16, 16);
821 || !EVP_CIPHER_meth_set_iv_length(cipher, 14)
822 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CTR_MODE
823 | EVP_CIPH_CUSTOM_COPY)
824 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
825 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
826 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
827 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
828 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
831 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
832 EVP_CIPHER_set_asn1_iv)
833 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
834 EVP_CIPHER_get_asn1_iv)) {
835 EVP_CIPHER_meth_free(cipher);
838 aes_ctr_cipher = cipher;
840 return aes_ctr_cipher;
843 static EVP_CIPHER *aes_192_ctr_cipher = NULL;
844 static const EVP_CIPHER *cryptodev_aes_192_ctr(void)
846 if (aes_192_ctr_cipher == NULL) {
847 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_192_ctr, 16, 24);
850 || !EVP_CIPHER_meth_set_iv_length(cipher, 14)
851 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CTR_MODE
852 | EVP_CIPH_CUSTOM_COPY)
853 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
854 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
855 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
856 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
857 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
860 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
861 EVP_CIPHER_set_asn1_iv)
862 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
863 EVP_CIPHER_get_asn1_iv)) {
864 EVP_CIPHER_meth_free(cipher);
867 aes_192_ctr_cipher = cipher;
869 return aes_192_ctr_cipher;
872 static EVP_CIPHER *aes_256_ctr_cipher = NULL;
873 static const EVP_CIPHER *cryptodev_aes_256_ctr(void)
875 if (aes_256_ctr_cipher == NULL) {
876 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_256_ctr, 16, 32);
879 || !EVP_CIPHER_meth_set_iv_length(cipher, 14)
880 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_CTR_MODE
881 | EVP_CIPH_CUSTOM_COPY)
882 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
883 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
884 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
885 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
886 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
889 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
890 EVP_CIPHER_set_asn1_iv)
891 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
892 EVP_CIPHER_get_asn1_iv)) {
893 EVP_CIPHER_meth_free(cipher);
896 aes_256_ctr_cipher = cipher;
898 return aes_256_ctr_cipher;
901 static EVP_CIPHER *aes_ecb_cipher = NULL;
902 static const EVP_CIPHER *cryptodev_aes_ecb(void)
904 if (aes_ecb_cipher == NULL) {
905 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_128_ecb, 16, 16);
908 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_ECB_MODE)
909 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
910 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
911 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
912 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
913 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
916 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
917 EVP_CIPHER_set_asn1_iv)
918 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
919 EVP_CIPHER_get_asn1_iv)) {
920 EVP_CIPHER_meth_free(cipher);
923 aes_ecb_cipher = cipher;
925 return aes_ecb_cipher;
928 static EVP_CIPHER *aes_192_ecb_cipher = NULL;
929 static const EVP_CIPHER *cryptodev_aes_192_ecb(void)
931 if (aes_192_ecb_cipher == NULL) {
932 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_192_ecb, 16, 24);
935 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_ECB_MODE)
936 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
937 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
938 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
939 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
940 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
943 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
944 EVP_CIPHER_set_asn1_iv)
945 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
946 EVP_CIPHER_get_asn1_iv)) {
947 EVP_CIPHER_meth_free(cipher);
950 aes_192_ecb_cipher = cipher;
952 return aes_192_ecb_cipher;
955 static EVP_CIPHER *aes_256_ecb_cipher = NULL;
956 static const EVP_CIPHER *cryptodev_aes_256_ecb(void)
958 if (aes_256_ecb_cipher == NULL) {
959 EVP_CIPHER *cipher = EVP_CIPHER_meth_new(NID_aes_256_ecb, 16, 32);
962 || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_ECB_MODE)
963 || !EVP_CIPHER_meth_set_init(cipher, cryptodev_init_key)
964 || !EVP_CIPHER_meth_set_do_cipher(cipher, cryptodev_cipher)
965 || !EVP_CIPHER_meth_set_cleanup(cipher, cryptodev_cleanup)
966 || !EVP_CIPHER_meth_set_ctrl(cipher, cryptodev_cipher_ctrl)
967 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher,
970 || !EVP_CIPHER_meth_set_set_asn1_params(cipher,
971 EVP_CIPHER_set_asn1_iv)
972 || !EVP_CIPHER_meth_set_get_asn1_params(cipher,
973 EVP_CIPHER_get_asn1_iv)) {
974 EVP_CIPHER_meth_free(cipher);
977 aes_256_ecb_cipher = cipher;
979 return aes_256_ecb_cipher;
983 * Registered by the ENGINE when used to find out how to deal with
984 * a particular NID in the ENGINE. this says what we'll do at the
985 * top level - note, that list is restricted by what we answer with
988 cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
989 const int **nids, int nid)
992 return (cryptodev_usable_ciphers(nids));
996 *cipher = cryptodev_rc4();
998 case NID_des_ede3_cbc:
999 *cipher = cryptodev_3des_cbc();
1001 case NID_des_ede3_ecb:
1002 *cipher = cryptodev_3des_ecb();
1005 *cipher = cryptodev_des_cbc();
1008 *cipher = cryptodev_bf_cbc();
1011 *cipher = cryptodev_cast_cbc();
1013 case NID_aes_128_cbc:
1014 *cipher = cryptodev_aes_cbc();
1016 case NID_aes_192_cbc:
1017 *cipher = cryptodev_aes_192_cbc();
1019 case NID_aes_256_cbc:
1020 *cipher = cryptodev_aes_256_cbc();
1022 case NID_aes_128_ctr:
1023 *cipher = cryptodev_aes_ctr();
1025 case NID_aes_192_ctr:
1026 *cipher = cryptodev_aes_192_ctr();
1028 case NID_aes_256_ctr:
1029 *cipher = cryptodev_aes_256_ctr();
1031 case NID_aes_128_ecb:
1032 *cipher = cryptodev_aes_ecb();
1034 case NID_aes_192_ecb:
1035 *cipher = cryptodev_aes_192_ecb();
1037 case NID_aes_256_ecb:
1038 *cipher = cryptodev_aes_256_ecb();
1044 return (*cipher != NULL);
1047 # ifdef USE_CRYPTODEV_DIGESTS
1049 /* convert digest type to cryptodev */
1050 static int digest_nid_to_cryptodev(int nid)
1054 for (i = 0; digests[i].id; i++)
1055 if (digests[i].nid == nid)
1056 return (digests[i].id);
1060 static int cryptodev_digest_init(EVP_MD_CTX *ctx)
1062 struct dev_crypto_state *state = EVP_MD_CTX_md_data(ctx);
1063 struct session_op *sess = &state->d_sess;
1066 if ((digest = digest_nid_to_cryptodev(EVP_MD_CTX_type(ctx))) == NID_undef) {
1067 printf("cryptodev_digest_init: Can't get digest \n");
1071 memset(state, 0, sizeof(*state));
1073 if ((state->d_fd = get_dev_crypto()) < 0) {
1074 printf("cryptodev_digest_init: Can't get Dev \n");
1078 sess->mackey = NULL;
1079 sess->mackeylen = 0;
1082 if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
1083 put_dev_crypto(state->d_fd);
1085 printf("cryptodev_digest_init: Open session failed\n");
1092 static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
1095 struct crypt_op cryp;
1096 struct dev_crypto_state *state = EVP_MD_CTX_md_data(ctx);
1097 struct session_op *sess = &state->d_sess;
1100 if (!data || state->d_fd < 0) {
1101 printf("cryptodev_digest_update: illegal inputs \n");
1109 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
1110 /* if application doesn't support one buffer */
1111 new_mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
1113 if (!new_mac_data) {
1114 printf("cryptodev_digest_update: realloc failed\n");
1117 state->mac_data = new_mac_data;
1119 memcpy(state->mac_data + state->mac_len, data, count);
1120 state->mac_len += count;
1125 memset(&cryp, 0, sizeof(cryp));
1127 cryp.ses = sess->ses;
1130 cryp.src = (void *)data;
1132 cryp.mac = (void *)state->digest_res;
1133 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
1134 printf("cryptodev_digest_update: digest failed\n");
1140 static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
1142 struct crypt_op cryp;
1143 struct dev_crypto_state *state = EVP_MD_CTX_md_data(ctx);
1144 struct session_op *sess = &state->d_sess;
1146 if (!md || state->d_fd < 0) {
1147 printf("cryptodev_digest_final: illegal input\n");
1151 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
1152 /* if application doesn't support one buffer */
1153 memset(&cryp, 0, sizeof(cryp));
1154 cryp.ses = sess->ses;
1156 cryp.len = state->mac_len;
1157 cryp.src = (void *)state->mac_data;
1159 cryp.mac = (void *)md;
1160 if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
1161 printf("cryptodev_digest_final: digest failed\n");
1168 memcpy(md, state->digest_res, EVP_MD_CTX_size(ctx));
1173 static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
1176 struct dev_crypto_state *state = EVP_MD_CTX_md_data(ctx);
1177 struct session_op *sess = &state->d_sess;
1182 if (state->d_fd < 0) {
1183 printf("cryptodev_digest_cleanup: illegal input\n");
1187 OPENSSL_free(state->mac_data);
1188 state->mac_data = NULL;
1191 if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
1192 printf("cryptodev_digest_cleanup: failed to close session\n");
1197 put_dev_crypto(state->d_fd);
1203 static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
1205 struct dev_crypto_state *fstate = EVP_MD_CTX_md_data(from);
1206 struct dev_crypto_state *dstate = EVP_MD_CTX_md_data(to);
1207 struct session_op *sess;
1210 if (dstate == NULL || fstate == NULL)
1213 memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
1215 sess = &dstate->d_sess;
1217 digest = digest_nid_to_cryptodev(EVP_MD_CTX_type(to));
1219 sess->mackey = NULL;
1220 sess->mackeylen = 0;
1223 dstate->d_fd = get_dev_crypto();
1225 if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
1226 put_dev_crypto(dstate->d_fd);
1228 printf("cryptodev_digest_copy: Open session failed\n");
1232 if (fstate->mac_len != 0) {
1233 if (fstate->mac_data != NULL) {
1234 dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
1235 if (dstate->mac_data == NULL) {
1236 printf("cryptodev_digest_copy: mac_data allocation failed\n");
1239 memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
1240 dstate->mac_len = fstate->mac_len;
1247 static EVP_MD *sha1_md = NULL;
1248 static const EVP_MD *cryptodev_sha1(void)
1250 if (sha1_md == NULL) {
1251 EVP_MD *md = EVP_MD_meth_new(NID_sha1, NID_undef);
1254 || !EVP_MD_meth_set_result_size(md, SHA_DIGEST_LENGTH)
1255 || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_ONESHOT)
1256 || !EVP_MD_meth_set_input_blocksize(md, SHA_CBLOCK)
1257 || !EVP_MD_meth_set_app_datasize(md,
1258 sizeof(struct dev_crypto_state))
1259 || !EVP_MD_meth_set_init(md, cryptodev_digest_init)
1260 || !EVP_MD_meth_set_update(md, cryptodev_digest_update)
1261 || !EVP_MD_meth_set_final(md, cryptodev_digest_final)
1262 || !EVP_MD_meth_set_copy(md, cryptodev_digest_copy)
1263 || !EVP_MD_meth_set_cleanup(md, cryptodev_digest_cleanup)) {
1264 EVP_MD_meth_free(md);
1272 static EVP_MD *sha256_md = NULL;
1273 static const EVP_MD *cryptodev_sha256(void)
1275 if (sha256_md == NULL) {
1276 EVP_MD *md = EVP_MD_meth_new(NID_sha256, NID_undef);
1279 || !EVP_MD_meth_set_result_size(md, SHA256_DIGEST_LENGTH)
1280 || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_ONESHOT)
1281 || !EVP_MD_meth_set_input_blocksize(md, SHA256_CBLOCK)
1282 || !EVP_MD_meth_set_app_datasize(md,
1283 sizeof(struct dev_crypto_state))
1284 || !EVP_MD_meth_set_init(md, cryptodev_digest_init)
1285 || !EVP_MD_meth_set_update(md, cryptodev_digest_update)
1286 || !EVP_MD_meth_set_final(md, cryptodev_digest_final)
1287 || !EVP_MD_meth_set_copy(md, cryptodev_digest_copy)
1288 || !EVP_MD_meth_set_cleanup(md, cryptodev_digest_cleanup)) {
1289 EVP_MD_meth_free(md);
1297 static EVP_MD *sha224_md = NULL;
1298 static const EVP_MD *cryptodev_sha224(void)
1300 if (sha224_md == NULL) {
1301 EVP_MD *md = EVP_MD_meth_new(NID_sha224, NID_undef);
1304 || !EVP_MD_meth_set_result_size(md, SHA224_DIGEST_LENGTH)
1305 || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_ONESHOT)
1306 || !EVP_MD_meth_set_input_blocksize(md, SHA256_CBLOCK)
1307 || !EVP_MD_meth_set_app_datasize(md,
1308 sizeof(struct dev_crypto_state))
1309 || !EVP_MD_meth_set_init(md, cryptodev_digest_init)
1310 || !EVP_MD_meth_set_update(md, cryptodev_digest_update)
1311 || !EVP_MD_meth_set_final(md, cryptodev_digest_final)
1312 || !EVP_MD_meth_set_copy(md, cryptodev_digest_copy)
1313 || !EVP_MD_meth_set_cleanup(md, cryptodev_digest_cleanup)) {
1314 EVP_MD_meth_free(md);
1322 static EVP_MD *sha384_md = NULL;
1323 static const EVP_MD *cryptodev_sha384(void)
1325 if (sha384_md == NULL) {
1326 EVP_MD *md = EVP_MD_meth_new(NID_sha384, NID_undef);
1329 || !EVP_MD_meth_set_result_size(md, SHA384_DIGEST_LENGTH)
1330 || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_ONESHOT)
1331 || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK)
1332 || !EVP_MD_meth_set_app_datasize(md,
1333 sizeof(struct dev_crypto_state))
1334 || !EVP_MD_meth_set_init(md, cryptodev_digest_init)
1335 || !EVP_MD_meth_set_update(md, cryptodev_digest_update)
1336 || !EVP_MD_meth_set_final(md, cryptodev_digest_final)
1337 || !EVP_MD_meth_set_copy(md, cryptodev_digest_copy)
1338 || !EVP_MD_meth_set_cleanup(md, cryptodev_digest_cleanup)) {
1339 EVP_MD_meth_free(md);
1347 static EVP_MD *sha512_md = NULL;
1348 static const EVP_MD *cryptodev_sha512(void)
1350 if (sha512_md == NULL) {
1351 EVP_MD *md = EVP_MD_meth_new(NID_sha512, NID_undef);
1354 || !EVP_MD_meth_set_result_size(md, SHA512_DIGEST_LENGTH)
1355 || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_ONESHOT)
1356 || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK)
1357 || !EVP_MD_meth_set_app_datasize(md,
1358 sizeof(struct dev_crypto_state))
1359 || !EVP_MD_meth_set_init(md, cryptodev_digest_init)
1360 || !EVP_MD_meth_set_update(md, cryptodev_digest_update)
1361 || !EVP_MD_meth_set_final(md, cryptodev_digest_final)
1362 || !EVP_MD_meth_set_copy(md, cryptodev_digest_copy)
1363 || !EVP_MD_meth_set_cleanup(md, cryptodev_digest_cleanup)) {
1364 EVP_MD_meth_free(md);
1372 static EVP_MD *md5_md = NULL;
1373 static const EVP_MD *cryptodev_md5(void)
1375 if (md5_md == NULL) {
1376 EVP_MD *md = EVP_MD_meth_new(NID_md5, NID_undef);
1379 || !EVP_MD_meth_set_result_size(md, 16 /* MD5_DIGEST_LENGTH */ )
1380 || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_ONESHOT)
1381 || !EVP_MD_meth_set_input_blocksize(md, 64 /* MD5_CBLOCK */ )
1382 || !EVP_MD_meth_set_app_datasize(md,
1383 sizeof(struct dev_crypto_state))
1384 || !EVP_MD_meth_set_init(md, cryptodev_digest_init)
1385 || !EVP_MD_meth_set_update(md, cryptodev_digest_update)
1386 || !EVP_MD_meth_set_final(md, cryptodev_digest_final)
1387 || !EVP_MD_meth_set_copy(md, cryptodev_digest_copy)
1388 || !EVP_MD_meth_set_cleanup(md, cryptodev_digest_cleanup)) {
1389 EVP_MD_meth_free(md);
1397 # endif /* USE_CRYPTODEV_DIGESTS */
1400 cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
1401 const int **nids, int nid)
1404 return (cryptodev_usable_digests(nids));
1407 # ifdef USE_CRYPTODEV_DIGESTS
1409 *digest = cryptodev_md5();
1412 *digest = cryptodev_sha1();
1415 *digest = cryptodev_sha256();
1418 *digest = cryptodev_sha224();
1421 *digest = cryptodev_sha384();
1424 *digest = cryptodev_sha512();
1427 # endif /* USE_CRYPTODEV_DIGESTS */
1431 return (*digest != NULL);
1434 static int cryptodev_engine_destroy(ENGINE *e)
1436 EVP_CIPHER_meth_free(rc4_cipher);
1438 EVP_CIPHER_meth_free(des_cbc_cipher);
1439 des_cbc_cipher = NULL;
1440 EVP_CIPHER_meth_free(des3_cbc_cipher);
1441 des3_cbc_cipher = NULL;
1442 EVP_CIPHER_meth_free(des3_ecb_cipher);
1443 des3_ecb_cipher = NULL;
1444 EVP_CIPHER_meth_free(bf_cbc_cipher);
1445 bf_cbc_cipher = NULL;
1446 EVP_CIPHER_meth_free(cast_cbc_cipher);
1447 cast_cbc_cipher = NULL;
1448 EVP_CIPHER_meth_free(aes_cbc_cipher);
1449 aes_cbc_cipher = NULL;
1450 EVP_CIPHER_meth_free(aes_192_cbc_cipher);
1451 aes_192_cbc_cipher = NULL;
1452 EVP_CIPHER_meth_free(aes_256_cbc_cipher);
1453 aes_256_cbc_cipher = NULL;
1454 EVP_CIPHER_meth_free(aes_ctr_cipher);
1455 aes_ctr_cipher = NULL;
1456 EVP_CIPHER_meth_free(aes_192_ctr_cipher);
1457 aes_192_ctr_cipher = NULL;
1458 EVP_CIPHER_meth_free(aes_256_ctr_cipher);
1459 aes_256_ctr_cipher = NULL;
1460 EVP_CIPHER_meth_free(aes_ecb_cipher);
1461 aes_ecb_cipher = NULL;
1462 EVP_CIPHER_meth_free(aes_192_ecb_cipher);
1463 aes_192_ecb_cipher = NULL;
1464 EVP_CIPHER_meth_free(aes_256_ecb_cipher);
1465 aes_256_ecb_cipher = NULL;
1466 # ifdef USE_CRYPTODEV_DIGESTS
1467 EVP_MD_meth_free(sha1_md);
1469 EVP_MD_meth_free(sha256_md);
1471 EVP_MD_meth_free(sha224_md);
1473 EVP_MD_meth_free(sha384_md);
1475 EVP_MD_meth_free(sha512_md);
1477 EVP_MD_meth_free(md5_md);
1480 RSA_meth_free(cryptodev_rsa);
1481 cryptodev_rsa = NULL;
1482 # ifndef OPENSSL_NO_DSA
1483 DSA_meth_free(cryptodev_dsa);
1484 cryptodev_dsa = NULL;
1486 # ifndef OPENSSL_NO_DH
1487 DH_meth_free(cryptodev_dh);
1488 cryptodev_dh = NULL;
1494 * Convert a BIGNUM to the representation that /dev/crypto needs.
1495 * Upon completion of use, the caller is responsible for freeing
1498 static int bn2crparam(const BIGNUM *a, struct crparam *crp)
1500 ssize_t bytes, bits;
1506 bits = BN_num_bits(a);
1507 bytes = BN_num_bytes(a);
1509 b = OPENSSL_zalloc(bytes);
1513 crp->crp_p = (void *)b;
1514 crp->crp_nbits = bits;
1520 /* Convert a /dev/crypto parameter to a BIGNUM */
1521 static int crparam2bn(struct crparam *crp, BIGNUM *a)
1526 bytes = (crp->crp_nbits + 7) / 8;
1531 if ((pd = OPENSSL_malloc(bytes)) == NULL)
1534 for (i = 0; i < bytes; i++)
1535 pd[i] = crp->crp_p[bytes - i - 1];
1537 BN_bin2bn(pd, bytes, a);
1543 static void zapparams(struct crypt_kop *kop)
1547 for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
1548 OPENSSL_free(kop->crk_param[i].crp_p);
1549 kop->crk_param[i].crp_p = NULL;
1550 kop->crk_param[i].crp_nbits = 0;
1555 cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
1559 if ((fd = get_asym_dev_crypto()) < 0)
1563 kop->crk_param[kop->crk_iparams].crp_p = OPENSSL_zalloc(rlen);
1564 if (kop->crk_param[kop->crk_iparams].crp_p == NULL)
1566 kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
1570 kop->crk_param[kop->crk_iparams + 1].crp_p = OPENSSL_zalloc(slen);
1571 /* No need to free the kop->crk_iparams parameter if it was allocated,
1572 * callers of this routine have to free allocated parameters through
1573 * zapparams both in case of success and failure
1575 if (kop->crk_param[kop->crk_iparams + 1].crp_p == NULL)
1577 kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
1581 if (ioctl(fd, CIOCKEY, kop) == 0) {
1583 crparam2bn(&kop->crk_param[kop->crk_iparams], r);
1585 crparam2bn(&kop->crk_param[kop->crk_iparams + 1], s);
1593 cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
1594 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
1596 struct crypt_kop kop;
1600 * Currently, we know we can do mod exp iff we can do any asymmetric
1601 * operations at all.
1603 if (cryptodev_asymfeat == 0) {
1604 ret = BN_mod_exp(r, a, p, m, ctx);
1608 memset(&kop, 0, sizeof(kop));
1609 kop.crk_op = CRK_MOD_EXP;
1611 /* inputs: a^p % m */
1612 if (bn2crparam(a, &kop.crk_param[0]))
1614 if (bn2crparam(p, &kop.crk_param[1]))
1616 if (bn2crparam(m, &kop.crk_param[2]))
1618 kop.crk_iparams = 3;
1620 if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
1621 const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
1622 printf("OCF asym process failed, Running in software\n");
1623 ret = RSA_meth_get_bn_mod_exp(meth) (r, a, p, m, ctx, in_mont);
1625 } else if (ECANCELED == kop.crk_status) {
1626 const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
1627 printf("OCF hardware operation cancelled. Running in Software\n");
1628 ret = RSA_meth_get_bn_mod_exp(meth) (r, a, p, m, ctx, in_mont);
1630 /* else cryptodev operation worked ok ==> ret = 1 */
1638 cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
1641 const BIGNUM *n = NULL;
1642 const BIGNUM *d = NULL;
1645 RSA_get0_key(rsa, &n, NULL, &d);
1646 r = cryptodev_bn_mod_exp(r0, I, d, n, ctx, NULL);
1652 cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
1654 struct crypt_kop kop;
1656 const BIGNUM *p = NULL;
1657 const BIGNUM *q = NULL;
1658 const BIGNUM *dmp1 = NULL;
1659 const BIGNUM *dmq1 = NULL;
1660 const BIGNUM *iqmp = NULL;
1661 const BIGNUM *n = NULL;
1663 RSA_get0_factors(rsa, &p, &q);
1664 RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
1665 RSA_get0_key(rsa, &n, NULL, NULL);
1667 if (!p || !q || !dmp1 || !dmq1 || !iqmp) {
1668 /* XXX 0 means failure?? */
1672 memset(&kop, 0, sizeof(kop));
1673 kop.crk_op = CRK_MOD_EXP_CRT;
1674 /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
1675 if (bn2crparam(p, &kop.crk_param[0]))
1677 if (bn2crparam(q, &kop.crk_param[1]))
1679 if (bn2crparam(I, &kop.crk_param[2]))
1681 if (bn2crparam(dmp1, &kop.crk_param[3]))
1683 if (bn2crparam(dmq1, &kop.crk_param[4]))
1685 if (bn2crparam(iqmp, &kop.crk_param[5]))
1687 kop.crk_iparams = 6;
1689 if (cryptodev_asym(&kop, BN_num_bytes(n), r0, 0, NULL)) {
1690 const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
1691 printf("OCF asym process failed, running in Software\n");
1692 ret = RSA_meth_get_mod_exp(meth) (r0, I, rsa, ctx);
1694 } else if (ECANCELED == kop.crk_status) {
1695 const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
1696 printf("OCF hardware operation cancelled. Running in Software\n");
1697 ret = RSA_meth_get_mod_exp(meth) (r0, I, rsa, ctx);
1699 /* else cryptodev operation worked ok ==> ret = 1 */
1706 # ifndef OPENSSL_NO_DSA
1708 cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
1709 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
1711 return cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx);
1715 cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, const BIGNUM *g,
1716 const BIGNUM *u1, const BIGNUM *pub_key,
1717 const BIGNUM *u2, const BIGNUM *p, BN_CTX *ctx,
1720 const BIGNUM *dsag, *dsap, *dsapub_key;
1723 const DSA_METHOD *meth;
1724 int (*bn_mod_exp) (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *,
1725 const BIGNUM *, BN_CTX *, BN_MONT_CTX *);
1731 /* v = ( g^u1 * y^u2 mod p ) mod q */
1732 /* let t1 = g ^ u1 mod p */
1735 DSA_get0_pqg(dsa, &dsap, NULL, &dsag);
1736 DSA_get0_key(dsa, &dsapub_key, NULL);
1738 meth = DSA_get_method(dsa);
1741 bn_mod_exp = DSA_meth_get_bn_mod_exp(meth);
1742 if (bn_mod_exp == NULL)
1745 if (!bn_mod_exp(dsa, t1, dsag, u1, dsap, ctx, mont))
1748 /* let t2 = y ^ u2 mod p */
1749 if (!bn_mod_exp(dsa, t2, dsapub_key, u2, dsap, ctx, mont))
1751 /* let t1 = t1 * t2 mod p */
1752 if (!BN_mod_mul(t1, t1, t2, dsap, ctx))
1761 static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
1764 struct crypt_kop kop;
1766 const BIGNUM *dsap = NULL, *dsaq = NULL, *dsag = NULL;
1767 const BIGNUM *priv_key = NULL;
1768 DSA_SIG *dsasig, *dsaret = NULL;
1770 dsasig = DSA_SIG_new();
1774 memset(&kop, 0, sizeof(kop));
1775 kop.crk_op = CRK_DSA_SIGN;
1777 /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
1778 kop.crk_param[0].crp_p = (void *)dgst;
1779 kop.crk_param[0].crp_nbits = dlen * 8;
1780 DSA_get0_pqg(dsa, &dsap, &dsaq, &dsag);
1781 DSA_get0_key(dsa, NULL, &priv_key);
1782 if (bn2crparam(dsap, &kop.crk_param[1]))
1784 if (bn2crparam(dsaq, &kop.crk_param[2]))
1786 if (bn2crparam(dsag, &kop.crk_param[3]))
1788 if (bn2crparam(priv_key, &kop.crk_param[4]))
1790 kop.crk_iparams = 5;
1798 if (cryptodev_asym(&kop, BN_num_bytes(dsaq), r, BN_num_bytes(dsaq), s) == 0) {
1799 DSA_SIG_set0(dsasig, r, s);
1802 dsaret = DSA_meth_get_sign(DSA_OpenSSL())(dgst, dlen, dsa);
1805 if (dsaret != dsasig)
1806 DSA_SIG_free(dsasig);
1807 kop.crk_param[0].crp_p = NULL;
1813 cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
1814 DSA_SIG *sig, DSA *dsa)
1816 struct crypt_kop kop;
1818 const BIGNUM *pr, *ps, *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL;
1820 memset(&kop, 0, sizeof(kop));
1821 kop.crk_op = CRK_DSA_VERIFY;
1823 /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
1824 kop.crk_param[0].crp_p = (void *)dgst;
1825 kop.crk_param[0].crp_nbits = dlen * 8;
1826 DSA_get0_pqg(dsa, &p, &q, &g);
1827 if (bn2crparam(p, &kop.crk_param[1]))
1829 if (bn2crparam(q, &kop.crk_param[2]))
1831 if (bn2crparam(g, &kop.crk_param[3]))
1833 DSA_get0_key(dsa, &pub_key, NULL);
1834 if (bn2crparam(pub_key, &kop.crk_param[4]))
1836 DSA_SIG_get0(sig, &pr, &ps);
1837 if (bn2crparam(pr, &kop.crk_param[5]))
1839 if (bn2crparam(ps, &kop.crk_param[6]))
1841 kop.crk_iparams = 7;
1843 if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
1845 * OCF success value is 0, if not zero, change dsaret to fail
1847 if (0 != kop.crk_status)
1850 dsaret = DSA_meth_get_verify(DSA_OpenSSL())(dgst, dlen, sig, dsa);
1853 kop.crk_param[0].crp_p = NULL;
1859 # ifndef OPENSSL_NO_DH
1861 cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
1862 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
1865 return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
1869 cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
1871 struct crypt_kop kop;
1874 const BIGNUM *p = NULL;
1875 const BIGNUM *priv_key = NULL;
1877 if ((fd = get_asym_dev_crypto()) < 0) {
1878 const DH_METHOD *meth = DH_OpenSSL();
1880 return DH_meth_get_compute_key(meth) (key, pub_key, dh);
1883 DH_get0_pqg(dh, &p, NULL, NULL);
1884 DH_get0_key(dh, NULL, &priv_key);
1886 keylen = BN_num_bits(p);
1888 memset(&kop, 0, sizeof(kop));
1889 kop.crk_op = CRK_DH_COMPUTE_KEY;
1891 /* inputs: dh->priv_key pub_key dh->p key */
1892 if (bn2crparam(priv_key, &kop.crk_param[0]))
1894 if (bn2crparam(pub_key, &kop.crk_param[1]))
1896 if (bn2crparam(p, &kop.crk_param[2]))
1898 kop.crk_iparams = 3;
1900 kop.crk_param[3].crp_p = (void *)key;
1901 kop.crk_param[3].crp_nbits = keylen;
1902 kop.crk_oparams = 1;
1904 if (ioctl(fd, CIOCKEY, &kop) == -1) {
1905 const DH_METHOD *meth = DH_OpenSSL();
1907 dhret = DH_meth_get_compute_key(meth) (key, pub_key, dh);
1910 kop.crk_param[3].crp_p = NULL;
1915 # endif /* ndef OPENSSL_NO_DH */
1918 * ctrl right now is just a wrapper that doesn't do much
1919 * but I expect we'll want some options soon.
1921 static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
1923 # ifdef HAVE_SYSLOG_R
1924 struct syslog_data sd = SYSLOG_DATA_INIT;
1929 # ifdef HAVE_SYSLOG_R
1930 syslog_r(LOG_ERR, &sd, "cryptodev_ctrl: unknown command %d", cmd);
1932 syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
1939 void engine_load_cryptodev_int(void)
1941 ENGINE *engine = ENGINE_new();
1946 if ((fd = get_dev_crypto()) < 0) {
1947 ENGINE_free(engine);
1952 * find out what asymmetric crypto algorithms we support
1954 if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
1956 ENGINE_free(engine);
1961 if (!ENGINE_set_id(engine, "cryptodev") ||
1962 !ENGINE_set_name(engine, "cryptodev engine") ||
1963 !ENGINE_set_destroy_function(engine, cryptodev_engine_destroy) ||
1964 !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
1965 !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
1966 !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
1967 !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
1968 ENGINE_free(engine);
1972 cryptodev_rsa = RSA_meth_dup(RSA_PKCS1_OpenSSL());
1973 if (cryptodev_rsa != NULL) {
1974 RSA_meth_set1_name(cryptodev_rsa, "cryptodev RSA method");
1975 RSA_meth_set_flags(cryptodev_rsa, 0);
1976 if (ENGINE_set_RSA(engine, cryptodev_rsa)) {
1977 if (cryptodev_asymfeat & CRF_MOD_EXP) {
1978 RSA_meth_set_bn_mod_exp(cryptodev_rsa, cryptodev_bn_mod_exp);
1979 if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
1980 RSA_meth_set_mod_exp(cryptodev_rsa, cryptodev_rsa_mod_exp);
1982 RSA_meth_set_mod_exp(cryptodev_rsa,
1983 cryptodev_rsa_nocrt_mod_exp);
1987 ENGINE_free(engine);
1991 # ifndef OPENSSL_NO_DSA
1992 cryptodev_dsa = DSA_meth_dup(DSA_OpenSSL());
1993 if (cryptodev_dsa != NULL) {
1994 DSA_meth_set1_name(cryptodev_dsa, "cryptodev DSA method");
1995 DSA_meth_set_flags(cryptodev_dsa, 0);
1996 if (ENGINE_set_DSA(engine, cryptodev_dsa)) {
1997 if (cryptodev_asymfeat & CRF_DSA_SIGN)
1998 DSA_meth_set_sign(cryptodev_dsa, cryptodev_dsa_do_sign);
1999 if (cryptodev_asymfeat & CRF_MOD_EXP) {
2000 DSA_meth_set_bn_mod_exp(cryptodev_dsa,
2001 cryptodev_dsa_bn_mod_exp);
2002 DSA_meth_set_mod_exp(cryptodev_dsa, cryptodev_dsa_dsa_mod_exp);
2004 if (cryptodev_asymfeat & CRF_DSA_VERIFY)
2005 DSA_meth_set_verify(cryptodev_dsa, cryptodev_dsa_verify);
2008 ENGINE_free(engine);
2013 # ifndef OPENSSL_NO_DH
2014 cryptodev_dh = DH_meth_dup(DH_OpenSSL());
2015 if (cryptodev_dh != NULL) {
2016 DH_meth_set1_name(cryptodev_dh, "cryptodev DH method");
2017 DH_meth_set_flags(cryptodev_dh, 0);
2018 if (ENGINE_set_DH(engine, cryptodev_dh)) {
2019 if (cryptodev_asymfeat & CRF_MOD_EXP) {
2020 DH_meth_set_bn_mod_exp(cryptodev_dh, cryptodev_mod_exp_dh);
2021 if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
2022 DH_meth_set_compute_key(cryptodev_dh,
2023 cryptodev_dh_compute_key);
2027 ENGINE_free(engine);
2033 ENGINE_free(engine);
2037 #endif /* HAVE_CRYPTODEV */