diff --git a/Configure b/Configure index 1a578be09150d73b8e55e051b2cb8004d5b6f92b..5fd33630664ee8634657819c09090014ff1eb2d4 100755 --- a/Configure +++ b/Configure @@ -1183,7 +1183,11 @@ if ($target =~ m/^linux/) { my ($ma, $mi1, $mi2) = split("\\.", $verstr); ($mi2) = $mi2 =~ /(\d+)/; my $ver = $ma*10000 + $mi1*100 + $mi2; - $config{afalg}="afalg" if ($ver >= $minver); + if ($ver >= $minver) { + $config{afalg}="afalg"; + } else { + push @{$config{openssl_other_defines}}, "OPENSSL_NO_AFALGENG"; + } } } push @{$config{engdirs}}, $config{afalg}; diff --git a/crypto/include/internal/engine.h b/crypto/include/internal/engine.h index 4b70e55360f5ed90c67ac225a388d72bc86b3467..abdb8cc49f15dbe91e718165f51b181956c9cfaa 100644 --- a/crypto/include/internal/engine.h +++ b/crypto/include/internal/engine.h @@ -61,3 +61,4 @@ void engine_load_dynamic_internal(void); void engine_load_padlock_internal(void); void engine_load_capi_internal(void); void engine_load_dasync_internal(void); +void engine_load_afalg_internal(void); diff --git a/crypto/init.c b/crypto/init.c index 613606ebdc8e52e4086fcfefd05999656ca0ab51..2c0bde66f47e68842c3e910fe8799d8df9b072ce 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -470,6 +470,18 @@ static void ossl_init_engine_dasync(void) engine_load_dasync_internal(); engine_inited = 1; } +# if !defined(OPENSSL_NO_AFALGENG) +static OPENSSL_INIT_ONCE engine_afalg = OPENSSL_INIT_ONCE_STATIC_INIT; +static void ossl_init_engine_afalg(void) +{ +# ifdef OPENSSL_INIT_DEBUG + fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_afalg: " + "engine_load_afalg_internal()\n"); +# endif + engine_load_afalg_internal(); + engine_inited = 1; +} +# endif # endif #endif @@ -718,9 +730,15 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) if (opts & OPENSSL_INIT_ENGINE_DASYNC) { ossl_init_once_run(&engine_dasync, ossl_init_engine_dasync); } +# if !defined(OPENSSL_NO_AFALGENG) + if (opts & OPENSSL_INIT_ENGINE_AFALG) { + ossl_init_once_run(&engine_afalg, ossl_init_engine_afalg); + } +# endif # endif if (opts & (OPENSSL_INIT_ENGINE_ALL_BUILTIN - | OPENSSL_INIT_ENGINE_DASYNC | OPENSSL_INIT_ENGINE_OPENSSL)) { + | OPENSSL_INIT_ENGINE_DASYNC | OPENSSL_INIT_ENGINE_OPENSSL + | OPENSSL_INIT_ENGINE_AFALG)) { ENGINE_register_all_complete(); } #endif diff --git a/engines/afalg/Makefile.in b/engines/afalg/Makefile.in index 8120272324e4eb1239ca87c1cfd370032e2d3f58..448e10e7450f57ca3e77611cda595ac75defbdc1 100644 --- a/engines/afalg/Makefile.in +++ b/engines/afalg/Makefile.in @@ -61,7 +61,7 @@ install: mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ fi -depend: +depend: @[ -z "$(THIS)" ] || $(TOP)/util/domd $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) $(TESTLIBSRC) files: diff --git a/engines/afalg/build.info b/engines/afalg/build.info index 5336de7995a10721d1ecdfcac91a4db1df4664ca..c5d541b91d82711e1efa7284e867e56c31c98201 100644 --- a/engines/afalg/build.info +++ b/engines/afalg/build.info @@ -1,8 +1,13 @@ {- use File::Spec::Functions qw/:DEFAULT rel2abs/; -} -IF[{- $config{afalg} eq "afalg" -}] - ENGINES=libafalg - SOURCE[libafalg]=e_afalg.c e_afalg_err.c - DEPEND[libafalg]=../../libcrypto - INCLUDE[libafalg]= {- rel2abs(catdir($builddir,"../include")) -} ../../include +IF[{- $config{afalg} eq "afalg" -}] + IF[{- $config{no_shared} -}] + LIBS=../../libcrypto + SOURCE[../../libcrypto]=e_afalg.c e_afalg_err.c + ELSE + ENGINES=libafalg + SOURCE[libafalg]=e_afalg.c e_afalg_err.c + DEPEND[libafalg]=../../libcrypto + INCLUDE[libafalg]= {- rel2abs(catdir($builddir,"../include")) -} ../../include + ENDIF ENDIF diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c index b3ca38accbed9de9b6df21220d6a38abcb0135b6..30a5e388c46d6b88ca61f3272113af8000a6d64c 100644 --- a/engines/afalg/e_afalg.c +++ b/engines/afalg/e_afalg.c @@ -99,11 +99,19 @@ # define ALG_OP_TYPE unsigned int # define ALG_OP_LEN (sizeof(ALG_OP_TYPE)) +#define ALG_MAX_SALG_NAME 64 +#define ALG_MAX_SALG_TYPE 14 + +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +void engine_load_afalg_internal(void); +# endif + /* Local Linkage Functions */ static int afalg_init_aio(afalg_aio *aio); static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd, unsigned char *buf, size_t len); -static int afalg_create_bind_sk(void); +static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, + const char *ciphername); static int afalg_destroy(ENGINE *e); static int afalg_init(ENGINE *e); static int afalg_finish(ENGINE *e); @@ -165,6 +173,7 @@ static int afalg_setup_async_event_notification(afalg_aio *aio) ASYNC_JOB *job; ASYNC_WAIT_CTX *waitctx; void *custom = NULL; + int ret; if ((job = ASYNC_get_current_job()) != NULL) { /* Async mode */ @@ -174,45 +183,45 @@ static int afalg_setup_async_event_notification(afalg_aio *aio) return 0; } /* Get waitfd from ASYNC_WAIT_CTX if it is alreday set */ - if (0 == ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id, - &aio->efd_async, &custom)) { - /* waitfd is not set in ASYNC_WAIT_CTX so we set it */ - /* efd_async will be signaled when AIO operation completes */ - aio->efd_async = eventfd(0); - if (aio->efd_async == -1) { + ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id, + &aio->efd, &custom); + if (ret == 0) { + /* + * waitfd is not set in ASYNC_WAIT_CTX, create a new one + * and set it. efd will be signaled when AIO operation completes + */ + aio->efd = eventfd(0); + if (aio->efd == -1) { ALG_PERR("%s: Failed to get eventfd : ", __func__); AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, AFALG_R_EVENTFD_FAILED); return 0; } - if (0 == - ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id, - aio->efd_async, custom, - afalg_waitfd_cleanup)) { + ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id, + aio->efd, custom, + afalg_waitfd_cleanup); + if (ret == 0) { ALG_WARN("%s: Failed to set wait fd", __func__); - close(aio->efd_async); + close(aio->efd); return 0; } /* make fd non-blocking in async mode */ - if (fcntl(aio->efd_async, F_SETFL, O_NONBLOCK) != 0) { + if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) { ALG_WARN("%s: Failed to set event fd as NONBLOCKING", __func__); } } - /* efd_async is the active fd to be used */ - aio->efd = aio->efd_async; + aio->mode = MODE_ASYNC; } else { /* Sync mode */ - /* efd_sync will be signaled when AIO operation completes */ - aio->efd_sync = eventfd(0); - if (aio->efd_sync == -1) { + aio->efd = eventfd(0); + if (aio->efd == -1) { ALG_PERR("%s: Failed to get eventfd : ", __func__); AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, AFALG_R_EVENTFD_FAILED); return 0; } - /* efd_async is the active fd to be used */ - aio->efd = aio->efd_sync; + aio->mode = MODE_SYNC; } return 1; } @@ -231,9 +240,8 @@ int afalg_init_aio(afalg_aio *aio) } memset(aio->cbt, 0, sizeof(aio->cbt)); - aio->efd_sync = -1; - aio->efd_async = -1; aio->efd = -1; + aio->mode = MODE_UNINIT; return 1; } @@ -253,7 +261,7 @@ int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, timeout.tv_nsec = 0; /* if efd has not been initialised yet do it here */ - if (aio->efd == -1) { + if (aio->mode == MODE_UNINIT) { r = afalg_setup_async_event_notification(aio); if (r == 0) return 0; @@ -276,7 +284,7 @@ int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, */ r = io_read(aio->aio_ctx, 1, &cb); if (r < 0) { - ALG_PERR("%s: io_read failed : ", __func__); + ALG_PWARN("%s: io_read failed : ", __func__); return 0; } @@ -298,7 +306,8 @@ int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, if (eval > 0) { /* Get results of AIO read */ - r = io_getevents(aio->aio_ctx, 1, 1, events, &timeout); + r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS, + events, &timeout); if (r > 0) { /* * events.res indicates the actual status of the operation. @@ -342,41 +351,6 @@ int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, return 1; } -static int afalg_create_bind_sk(void) -{ - struct sockaddr_alg sa = { - .salg_family = AF_ALG, - .salg_type = "skcipher", - .salg_name = "cbc(aes)" - }; - - int sfd; - int r = -1; - - /* Create AFALG socket for crypto processing */ - sfd = socket(AF_ALG, SOCK_SEQPACKET, 0); - if (sfd == -1) { - ALG_PERR("%s: Failed to open socket : ", __func__); - AFALGerr(AFALG_F_AFALG_CREATE_BIND_SK, AFALG_R_SOCKET_CREATE_FAILED); - goto err; - } - - /* Set cipher algorithm for aes-cbc */ - r = bind(sfd, (struct sockaddr *)&sa, sizeof(sa)); - if (r < 0) { - ALG_PERR("%s: Failed to bind socket : ", __func__); - AFALGerr(AFALG_F_AFALG_CREATE_BIND_SK, AFALG_R_SOCKET_BIND_FAILED); - goto err; - } - - return sfd; - - err: - if (sfd >= 0) - close(sfd); - return r; -} - static inline void afalg_set_op_sk(struct cmsghdr *cmsg, const unsigned int op) { @@ -399,38 +373,57 @@ static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv, memcpy(aiv->iv, iv, len); } -static void afalg_socket(afalg_ctx *actx, const unsigned char *key, - const int klen) +static inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key, + const int klen) { int ret; + ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen); + if (ret < 0) { + ALG_PERR("%s: Failed to set socket option : ", __func__); + AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED); + return 0; + } + + return 1; +} + +static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, + const char *ciphername) +{ + struct sockaddr_alg sa; actx->bfd = actx->sfd = -1; + int r = -1; - actx->bfd = afalg_create_bind_sk(); - if (actx->bfd < 0) { - return; + memset(&sa, 0, sizeof(sa)); + sa.salg_family = AF_ALG; + strncpy((char *) sa.salg_type, ciphertype, ALG_MAX_SALG_TYPE); + sa.salg_type[ALG_MAX_SALG_TYPE-1] = '\0'; + strncpy((char *) sa.salg_name, ciphername, ALG_MAX_SALG_NAME); + sa.salg_name[ALG_MAX_SALG_NAME-1] = '\0'; + + actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0); + if (actx->bfd == -1) { + ALG_PERR("%s: Failed to open socket : ", __func__); + AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED); + goto err; } - /* - * Send cipher key to the kernel in preparation for future crypto - * requests - */ - ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen); - if (ret < 0) { - ALG_PERR("%s: Failed to set socket option : ", __func__); - AFALGerr(AFALG_F_AFALG_SOCKET, AFALG_R_SOCKET_SET_KEY_FAILED); + r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa)); + if (r < 0) { + ALG_PERR("%s: Failed to bind socket : ", __func__); + AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED); goto err; } - /* Get fd to perform future aes-cbc operations with given key */ actx->sfd = accept(actx->bfd, NULL, 0); if (actx->sfd < 0) { ALG_PERR("%s: Socket Accept Failed : ", __func__); - AFALGerr(AFALG_F_AFALG_SOCKET, AFALG_R_SOCKET_BIND_FAILED); + AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED); goto err; } - return; + return 1; err: if (actx->bfd >= 0) @@ -438,7 +431,7 @@ static void afalg_socket(afalg_ctx *actx, const unsigned char *key, if (actx->sfd >= 0) close(actx->sfd); actx->bfd = actx->sfd = -1; - return; + return 0; } static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in, @@ -522,7 +515,7 @@ static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in, } if (sbytes != (ssize_t) inl) { - ALG_ERR("Cipher operation send bytes %zd != inlen %zd\n", sbytes, + ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes, inl); return 0; } @@ -535,7 +528,9 @@ static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ciphertype; + int ret; afalg_ctx *actx; + char ciphername[ALG_MAX_SALG_NAME]; if (ctx == NULL || key == NULL) { ALG_WARN("%s: Null Parameter\n", __func__); @@ -556,30 +551,34 @@ static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, ciphertype = EVP_CIPHER_CTX_nid(ctx); switch (ciphertype) { case NID_aes_128_cbc: + strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME); break; default: ALG_WARN("%s: Unsupported Cipher type %d\n", __func__, ciphertype); return 0; } + ciphername[ALG_MAX_SALG_NAME-1]='\0'; if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) { - ALG_ERR("%s: Unsupported IV length :%d\n", __func__, + ALG_WARN("%s: Unsupported IV length :%d\n", __func__, EVP_CIPHER_CTX_iv_length(ctx)); return 0; } /* Setup AFALG socket for crypto processing */ - afalg_socket(actx, key, EVP_CIPHER_CTX_key_length(ctx)); - if (actx->sfd < 0) { + ret = afalg_create_sk(actx, "skcipher", ciphername); + if (ret < 1) return 0; - } + + + ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx)); + if (ret < 1) + goto err; /* Setup AIO ctx to allow async AFALG crypto processing */ - if (afalg_init_aio(&actx->aio) == 0) { - close(actx->sfd); - close(actx->bfd); - return 0; - } + if (afalg_init_aio(&actx->aio) == 0) + goto err; + # ifdef ALG_ZERO_COPY pipe(actx->zc_pipe); # endif @@ -587,6 +586,11 @@ static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, actx->init_done = MAGIC_INIT_NUM; return 1; + +err: + close(actx->sfd); + close(actx->bfd); + return 0; } static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, @@ -626,10 +630,8 @@ static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* Perform async crypto operation in kernel space */ ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl); - if (ret < 1) { - ALG_WARN("%s: Socket cipher operation failed\n", __func__); + if (ret < 1) return 0; - } if (EVP_CIPHER_CTX_encrypting(ctx)) { memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN), @@ -663,9 +665,9 @@ static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) close(actx->zc_pipe[0]); close(actx->zc_pipe[1]); # endif - /* close sync mode efd, async mode is closed in afalg_waitfd_cleanup() */ - if (actx->aio.efd_sync >= 0) - close(actx->aio.efd_sync); + /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */ + if (actx->aio.mode == MODE_SYNC) + close(actx->aio.efd); io_destroy(actx->aio.aio_ctx); return 1; @@ -732,6 +734,16 @@ static int bind_afalg(ENGINE *e) return 0; } + /* + * Create _hidden_aes_128_cbc by calling afalg_aes_128_cbc + * now, as bind_aflag can only be called by one thread at a + * time. + */ + if (afalg_aes_128_cbc() == NULL) { + AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); + return 0; + } + if (!ENGINE_set_ciphers(e, afalg_ciphers)) { AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); return 0; @@ -757,6 +769,7 @@ static int bind_helper(ENGINE *e, const char *id) IMPLEMENT_DYNAMIC_CHECK_FN() IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) # endif + static int afalg_chk_platform(void) { int ret; @@ -767,7 +780,8 @@ static int afalg_chk_platform(void) ret = uname(&ut); if (ret != 0) { - ALG_ERR("%s: Failed to get system information\n", __func__); + AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, + AFALG_R_FAILED_TO_GET_PLATFORM_INFO); return 0; } @@ -779,9 +793,9 @@ static int afalg_chk_platform(void) if (KERNEL_VERSION(kver[0], kver[1], kver[2]) < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) { - ALG_WARN("ASYNC AFALG not supported this kernel(%d.%d.%d)\n", + ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n", kver[0], kver[1], kver[2]); - ALG_WARN("ASYNC AFALG requires kernel version %d.%d.%d or later\n", + ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n", K_MAJ, K_MIN1, K_MIN2); AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG); @@ -804,7 +818,7 @@ static ENGINE *engine_afalg(void) return ret; } -static void ENGINE_load_afalg(void) +void engine_load_afalg_internal(void) { ENGINE *toadd; diff --git a/engines/afalg/e_afalg.h b/engines/afalg/e_afalg.h index 6c92485f3fce4821ee6f371734a08683aeb82058..8b589e4b4b67f1e5ffddb1ea5ce7413e8f8336f5 100644 --- a/engines/afalg/e_afalg.h +++ b/engines/afalg/e_afalg.h @@ -71,6 +71,11 @@ fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \ perror(NULL); \ } while(0) +# define ALG_PWARN(x, ...) \ + do { \ + fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \ + perror(NULL); \ + } while(0) # ifndef AES_BLOCK_SIZE # define AES_BLOCK_SIZE 16 @@ -80,11 +85,15 @@ # define MAX_INFLIGHTS 1 +typedef enum { + MODE_UNINIT = 0, + MODE_SYNC, + MODE_ASYNC +} op_mode; + struct afalg_aio_st { - int efd_sync; /* event fd when sync mode is used */ - int efd_async; /* event fd when async mode is used */ - int efd; /* event fd that is currently in use equal - to either efd_sync or efd_async */ + int efd; + op_mode mode; aio_context_t aio_ctx; struct io_event events[MAX_INFLIGHTS]; struct iocb cbt[MAX_INFLIGHTS]; diff --git a/engines/afalg/e_afalg_err.c b/engines/afalg/e_afalg_err.c index 332470157000afddcdabce95d53d0ea61a502ac0..71c4a010d655f42a98d1d66c2e315a1ed9b67f0c 100644 --- a/engines/afalg/e_afalg_err.c +++ b/engines/afalg/e_afalg_err.c @@ -72,9 +72,11 @@ static ERR_STRING_DATA AFALG_str_functs[] = { {ERR_FUNC(AFALG_F_AFALG_CHK_PLATFORM), "afalg_chk_platform"}, {ERR_FUNC(AFALG_F_AFALG_CREATE_BIND_SK), "afalg_create_bind_sk"}, {ERR_FUNC(AFALG_F_AFALG_CREATE_BIND_SOCKET), "afalg_create_bind_sk"}, + {ERR_FUNC(AFALG_F_AFALG_CREATE_SK), "afalg_create_sk"}, {ERR_FUNC(AFALG_F_AFALG_INIT_AIO), "afalg_init_aio"}, {ERR_FUNC(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION), "afalg_setup_async_event_notification"}, + {ERR_FUNC(AFALG_F_AFALG_SET_KEY), "afalg_set_key"}, {ERR_FUNC(AFALG_F_AFALG_SOCKET), "afalg_socket"}, {ERR_FUNC(AFALG_F_AFALG_START_CIPHER_SK), "afalg_start_cipher_sk"}, {ERR_FUNC(AFALG_F_BIND_AFALG), "bind_afalg"}, @@ -83,6 +85,8 @@ static ERR_STRING_DATA AFALG_str_functs[] = { static ERR_STRING_DATA AFALG_str_reasons[] = { {ERR_REASON(AFALG_R_EVENTFD_FAILED), "eventfd failed"}, + {ERR_REASON(AFALG_R_FAILED_TO_GET_PLATFORM_INFO), + "failed to get platform info"}, {ERR_REASON(AFALG_R_INIT_FAILED), "init failed"}, {ERR_REASON(AFALG_R_IO_SETUP_FAILED), "io setup failed"}, {ERR_REASON(AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG), @@ -90,6 +94,7 @@ static ERR_STRING_DATA AFALG_str_reasons[] = { {ERR_REASON(AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG), "kernel does not support async afalg"}, {ERR_REASON(AFALG_R_MEM_ALLOC_FAILED), "mem alloc failed"}, + {ERR_REASON(AFALG_R_SOCKET_ACCEPT_FAILED), "socket accept failed"}, {ERR_REASON(AFALG_R_SOCKET_BIND_FAILED), "socket bind failed"}, {ERR_REASON(AFALG_R_SOCKET_CREATE_FAILED), "socket create failed"}, {ERR_REASON(AFALG_R_SOCKET_OPERATION_FAILED), "socket operation failed"}, diff --git a/engines/afalg/e_afalg_err.h b/engines/afalg/e_afalg_err.h index e6a654c74bc4526dd511762af2d1d8a3021285e8..64468c38687e37a33575ba8592d57bd4b1e6748b 100644 --- a/engines/afalg/e_afalg_err.h +++ b/engines/afalg/e_afalg_err.h @@ -75,19 +75,23 @@ void ERR_AFALG_error(int function, int reason, char *file, int line); # define AFALG_F_AFALG_CHK_PLATFORM 100 # define AFALG_F_AFALG_CREATE_BIND_SK 106 # define AFALG_F_AFALG_CREATE_BIND_SOCKET 105 +# define AFALG_F_AFALG_CREATE_SK 108 # define AFALG_F_AFALG_INIT_AIO 101 # define AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION 107 +# define AFALG_F_AFALG_SET_KEY 109 # define AFALG_F_AFALG_SOCKET 102 # define AFALG_F_AFALG_START_CIPHER_SK 103 # define AFALG_F_BIND_AFALG 104 /* Reason codes. */ # define AFALG_R_EVENTFD_FAILED 108 +# define AFALG_R_FAILED_TO_GET_PLATFORM_INFO 111 # define AFALG_R_INIT_FAILED 100 # define AFALG_R_IO_SETUP_FAILED 105 # define AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG 101 # define AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG 107 # define AFALG_R_MEM_ALLOC_FAILED 102 +# define AFALG_R_SOCKET_ACCEPT_FAILED 110 # define AFALG_R_SOCKET_BIND_FAILED 103 # define AFALG_R_SOCKET_CREATE_FAILED 109 # define AFALG_R_SOCKET_OPERATION_FAILED 104 diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index fb6a2b9ec4939d2a472c6ae9ddfa8e6ef4a2333e..24e924566339258c129bb122d5b84df9b510e2da 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -546,6 +546,7 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, # define OPENSSL_INIT_ENGINE_CAPI 0x00002000L # define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L # define OPENSSL_INIT_ENGINE_DASYNC 0x00008000L +# define OPENSSL_INIT_ENGINE_AFALG 0x00010000L /* OPENSSL_INIT flag 0x00010000 reserved for internal use */ /* OPENSSL_INIT flag range 0xfff00000 reserved for OPENSSL_init_ssl() */ /* Max OPENSSL_INIT flag value is 0x80000000 */ diff --git a/include/openssl/engine.h b/include/openssl/engine.h index c1dd45b020f03b947959dd4dafe1f020bd8df556..7b7b2a12f415858f1f2d20b48a5bffd1aae40b87 100644 --- a/include/openssl/engine.h +++ b/include/openssl/engine.h @@ -398,6 +398,8 @@ ENGINE *ENGINE_by_id(const char *id); OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL) # define ENGINE_load_dasync() \ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DASYNC, NULL) +# define ENGINE_load_afalg() \ + OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL) # endif # define ENGINE_load_cryptodev() \ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL)