/* #define ENGINE_DEVCRYPTO_DEBUG */
-#ifdef CRYPTO_ALGORITHM_MIN
+#if CRYPTO_ALGORITHM_MIN < CRYPTO_ALGORITHM_MAX
# define CHECK_BSD_STYLE_MACROS
#endif
#define DEVCRYPTO_USE_SOFTWARE 1 /* allow software drivers */
#define DEVCRYPTO_REJECT_SOFTWARE 2 /* only disallow confirmed software drivers */
-#define DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS DEVCRYPTO_REJECT_SOFTWARE
-static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS;
+#define DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS DEVCRYPTO_REJECT_SOFTWARE
+static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS;
/*
* cipher/digest status & acceleration definitions
enum devcrypto_accelerated_t {
DEVCRYPTO_NOT_ACCELERATED = -1, /* software implemented */
- DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unkown */
+ DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unknown */
DEVCRYPTO_ACCELERATED = 1 /* hardware accelerated */
} accelerated;
void engine_load_devcrypto_int(void);
#endif
+static int clean_devcrypto_session(struct session_op *sess) {
+ if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) {
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
+ return 0;
+ }
+ memset(sess, 0, sizeof(struct session_op));
+ return 1;
+}
+
/******************************************************************************
*
* Ciphers
const struct cipher_data_st *cipher_d =
get_cipher_data(EVP_CIPHER_CTX_nid(ctx));
- memset(&cipher_ctx->sess, 0, sizeof(cipher_ctx->sess));
+ /* cleanup a previous session */
+ if (cipher_ctx->sess.ses != 0 &&
+ clean_devcrypto_session(&cipher_ctx->sess) == 0)
+ return 0;
+
cipher_ctx->sess.cipher = cipher_d->devcryptoid;
cipher_ctx->sess.keylen = cipher_d->keylen;
cipher_ctx->sess.key = (void *)key;
cipher_ctx->mode = cipher_d->flags & EVP_CIPH_MODE;
cipher_ctx->blocksize = cipher_d->blocksize;
if (ioctl(cfd, CIOCGSESSION, &cipher_ctx->sess) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
#endif
if (ioctl(cfd, CIOCCRYPT, &cryp) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
static int cipher_ctrl(EVP_CIPHER_CTX *ctx, int type, int p1, void* p2)
{
+ struct cipher_ctx *cipher_ctx =
+ (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
EVP_CIPHER_CTX *to_ctx = (EVP_CIPHER_CTX *)p2;
- struct cipher_ctx *cipher_ctx;
+ struct cipher_ctx *to_cipher_ctx;
- if (type == EVP_CTRL_COPY) {
+ switch (type) {
+
+ case EVP_CTRL_COPY:
+ if (cipher_ctx == NULL)
+ return 1;
/* when copying the context, a new session needs to be initialized */
- cipher_ctx = (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
- return (cipher_ctx == NULL)
- || cipher_init(to_ctx, cipher_ctx->sess.key, EVP_CIPHER_CTX_iv(ctx),
+ to_cipher_ctx =
+ (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(to_ctx);
+ memset(&to_cipher_ctx->sess, 0, sizeof(to_cipher_ctx->sess));
+ return cipher_init(to_ctx, (void *)cipher_ctx->sess.key, EVP_CIPHER_CTX_iv(ctx),
(cipher_ctx->op == COP_ENCRYPT));
+
+ case EVP_CTRL_INIT:
+ memset(&cipher_ctx->sess, 0, sizeof(cipher_ctx->sess));
+ return 1;
+
+ default:
+ break;
}
return -1;
struct cipher_ctx *cipher_ctx =
(struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
- if (ioctl(cfd, CIOCFSESSION, &cipher_ctx->sess.ses) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
- return 0;
- }
-
- return 1;
+ return clean_devcrypto_session(&cipher_ctx->sess);
}
/*
|| !EVP_CIPHER_meth_set_flags(known_cipher_methods[i],
cipher_data[i].flags
| EVP_CIPH_CUSTOM_COPY
+ | EVP_CIPH_CTRL_INIT
| EVP_CIPH_FLAG_DEFAULT_ASN1)
|| !EVP_CIPHER_meth_set_init(known_cipher_methods[i], cipher_init)
|| !EVP_CIPHER_meth_set_do_cipher(known_cipher_methods[i],
static const struct digest_data_st {
int nid;
+ int blocksize;
int digestlen;
int devcryptoid;
} digest_data[] = {
#ifndef OPENSSL_NO_MD5
- { NID_md5, 16, CRYPTO_MD5 },
+ { NID_md5, /* MD5_CBLOCK */ 64, 16, CRYPTO_MD5 },
#endif
- { NID_sha1, 20, CRYPTO_SHA1 },
+ { NID_sha1, SHA_CBLOCK, 20, CRYPTO_SHA1 },
#ifndef OPENSSL_NO_RMD160
# if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_RIPEMD160)
- { NID_ripemd160, 20, CRYPTO_RIPEMD160 },
+ { NID_ripemd160, /* RIPEMD160_CBLOCK */ 64, 20, CRYPTO_RIPEMD160 },
# endif
#endif
#if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_224)
- { NID_sha224, 224 / 8, CRYPTO_SHA2_224 },
+ { NID_sha224, SHA256_CBLOCK, 224 / 8, CRYPTO_SHA2_224 },
#endif
#if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_256)
- { NID_sha256, 256 / 8, CRYPTO_SHA2_256 },
+ { NID_sha256, SHA256_CBLOCK, 256 / 8, CRYPTO_SHA2_256 },
#endif
#if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_384)
- { NID_sha384, 384 / 8, CRYPTO_SHA2_384 },
+ { NID_sha384, SHA512_CBLOCK, 384 / 8, CRYPTO_SHA2_384 },
#endif
#if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_512)
- { NID_sha512, 512 / 8, CRYPTO_SHA2_512 },
+ { NID_sha512, SHA512_CBLOCK, 512 / 8, CRYPTO_SHA2_512 },
#endif
};
memset(&digest_ctx->sess, 0, sizeof(digest_ctx->sess));
digest_ctx->sess.mac = digest_d->devcryptoid;
if (ioctl(cfd, CIOCGSESSION, &digest_ctx->sess) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
-
return 1;
}
return 1;
}
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
memcpy(md, digest_ctx->digest_res, EVP_MD_CTX_size(ctx));
} else if (digest_op(digest_ctx, NULL, 0, md, COP_FLAG_FINAL) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
return 1;
if (!digest_init(to)) {
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
cphash.src_ses = digest_from->sess.ses;
cphash.dst_ses = digest_to->sess.ses;
if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
+ ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
return 0;
}
return 1;
if (digest_ctx == NULL)
return 1;
- if (ioctl(cfd, CIOCFSESSION, &digest_ctx->sess.ses) < 0) {
- SYSerr(SYS_F_IOCTL, errno);
- return 0;
- }
- return 1;
+
+ return clean_devcrypto_session(&digest_ctx->sess);
}
/*
}
if ((known_digest_methods[i] = EVP_MD_meth_new(digest_data[i].nid,
NID_undef)) == NULL
+ || !EVP_MD_meth_set_input_blocksize(known_digest_methods[i],
+ digest_data[i].blocksize)
|| !EVP_MD_meth_set_result_size(known_digest_methods[i],
digest_data[i].digestlen)
|| !EVP_MD_meth_set_init(known_digest_methods[i], digest_init)
OPENSSL_MSTR(DEVCRYPTO_USE_SOFTWARE) "=allow all drivers, "
OPENSSL_MSTR(DEVCRYPTO_REJECT_SOFTWARE)
"=use if acceleration can't be determined) [default="
- OPENSSL_MSTR(DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS) "]",
+ OPENSSL_MSTR(DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS) "]",
ENGINE_CMD_FLAG_NUMERIC},
#endif
static int close_devcrypto(void)
{
+ int ret;
+
if (cfd < 0)
return 1;
+ ret = close(cfd);
cfd = -1;
- if (close(cfd) == 0) {
+ if (ret != 0) {
fprintf(stderr, "Error closing /dev/crypto: %s\n", strerror(errno));
return 0;
}
projects / openssl.git / blobdiff