Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
接近 2 年 前同步成功

通知 12
Star 18
Fork 1
T
Third Party Openssl
提交 04630522 编写于 作者: B Ben Laurie
浏览文件
操作

Opacity. 

Reviewed-by: NMatt Caswell <matt@openssl.org>
上级 402ec2f5
隐藏空白更改
内联 并排
Showing with 65 addition and 69 deletion
crypto/engine/eng_cryptodev.c
浏览文件 @ 04630522
......@@ -1308,12 +1308,12 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
printf("OCF asym process failed, Running in software\n");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
ret = RSA_meth_get_bn_mod_exp(meth)(r, a, p, m, ctx, in_mont);
} else if (ECANCELED == kop.crk_status) {
const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
printf("OCF hardware operation cancelled. Running in Software\n");
ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
ret = RSA_meth_get_bn_mod_exp(meth)(r, a, p, m, ctx, in_mont);
}
/* else cryptodev operation worked ok ==> ret = 1 */
......@@ -1327,8 +1327,12 @@ cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
BN_CTX *ctx)
{
int r;
BIGNUM *n = NULL;
BIGNUM *d = NULL;
ctx = BN_CTX_new();
r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
RSA_get0_key(rsa, &n, NULL, &d);
r = cryptodev_bn_mod_exp(r0, I, d, n, ctx, NULL);
BN_CTX_free(ctx);
return (r);
}
......@@ -1338,8 +1342,18 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
{
struct crypt_kop kop;
int ret = 1;
if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
BIGNUM *p = NULL;
BIGNUM *q = NULL;
BIGNUM *dmp1 = NULL;
BIGNUM *dmq1 = NULL;
BIGNUM *iqmp = NULL;
BIGNUM *n = NULL;
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
RSA_get0_key(rsa, &n, NULL, NULL);
if (!p || !q || !dmp1 || !dmq1 || !iqmp) {
/* XXX 0 means failure?? */
return (0);
}
......@@ -1347,29 +1361,29 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP_CRT;
/* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
if (bn2crparam(rsa->p, &kop.crk_param[0]))
if (bn2crparam(p, &kop.crk_param[0]))
goto err;
if (bn2crparam(rsa->q, &kop.crk_param[1]))
if (bn2crparam(q, &kop.crk_param[1]))
goto err;
if (bn2crparam(I, &kop.crk_param[2]))
goto err;
if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
if (bn2crparam(dmp1, &kop.crk_param[3]))
goto err;
if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
if (bn2crparam(dmq1, &kop.crk_param[4]))
goto err;
if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
if (bn2crparam(iqmp, &kop.crk_param[5]))
goto err;
kop.crk_iparams = 6;
if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
if (cryptodev_asym(&kop, BN_num_bytes(n), r0, 0, NULL)) {
const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
printf("OCF asym process failed, running in Software\n");
ret = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
ret = RSA_meth_get_mod_exp(meth)(r0, I, rsa, ctx);
} else if (ECANCELED == kop.crk_status) {
const RSA_METHOD *meth = RSA_PKCS1_OpenSSL();
printf("OCF hardware operation cancelled. Running in Software\n");
ret = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
ret = RSA_meth_get_mod_exp(meth)(r0, I, rsa, ctx);
}
/* else cryptodev operation worked ok ==> ret = 1 */
......@@ -1378,21 +1392,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
return (ret);
}
static RSA_METHOD cryptodev_rsa = {
"cryptodev RSA method",
NULL, /* rsa_pub_enc */
NULL, /* rsa_pub_dec */
NULL, /* rsa_priv_enc */
NULL, /* rsa_priv_dec */
NULL,
NULL,
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL, /* app_data */
NULL, /* rsa_sign */
NULL /* rsa_verify */
};
static RSA_METHOD *cryptodev_rsa;
#ifndef OPENSSL_NO_DSA
static int
......@@ -1556,24 +1556,29 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
struct crypt_kop kop;
int dhret = 1;
int fd, keylen;
BIGNUM *p = NULL;
BIGNUM *priv_key = NULL;
if ((fd = get_asym_dev_crypto()) < 0) {
const DH_METHOD *meth = DH_OpenSSL();
return ((meth->compute_key) (key, pub_key, dh));
return DH_meth_get_compute_key(meth)(key, pub_key, dh);
}
keylen = BN_num_bits(dh->p);
DH_get0_pqg(dh, &p, NULL, NULL);
DH_get0_key(dh, NULL, &priv_key);
keylen = BN_num_bits(p);
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DH_COMPUTE_KEY;
/* inputs: dh->priv_key pub_key dh->p key */
if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
if (bn2crparam(priv_key, &kop.crk_param[0]))
goto err;
if (bn2crparam(pub_key, &kop.crk_param[1]))
goto err;
if (bn2crparam(dh->p, &kop.crk_param[2]))
if (bn2crparam(p, &kop.crk_param[2]))
goto err;
kop.crk_iparams = 3;
......@@ -1584,7 +1589,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
if (ioctl(fd, CIOCKEY, &kop) == -1) {
const DH_METHOD *meth = DH_OpenSSL();
dhret = (meth->compute_key) (key, pub_key, dh);
dhret = DH_meth_get_compute_key(meth)(key, pub_key, dh);
}
err:
kop.crk_param[3].crp_p = NULL;
......@@ -1592,16 +1597,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
return (dhret);
}
static DH_METHOD cryptodev_dh = {
"cryptodev DH method",
NULL, /* cryptodev_dh_generate_key */
NULL,
NULL,
NULL,
NULL,
0, /* flags */
NULL /* app_data */
};
static DH_METHOD *cryptodev_dh;
#endif /* ndef OPENSSL_NO_DH */
......@@ -1661,21 +1657,19 @@ void engine_load_cryptodev_int(void)
return;
}
if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
const RSA_METHOD *rsa_meth = RSA_PKCS1_OpenSSL();
cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
if (cryptodev_asymfeat & CRF_MOD_EXP) {
cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_mod_exp;
else
cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_nocrt_mod_exp;
cryptodev_rsa = RSA_meth_dup(RSA_PKCS1_OpenSSL());
if (cryptodev_rsa != NULL) {
RSA_meth_set1_name(cryptodev_rsa, "cryptodev RSA method");
RSA_meth_set_flags(cryptodev_rsa, 0);
if (ENGINE_set_RSA(engine, cryptodev_rsa)) {
if (cryptodev_asymfeat & CRF_MOD_EXP) {
RSA_meth_set_bn_mod_exp(cryptodev_rsa, cryptodev_bn_mod_exp);
if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
RSA_meth_set_mod_exp(cryptodev_rsa, cryptodev_rsa_mod_exp);
else
RSA_meth_set_mod_exp(cryptodev_rsa,
cryptodev_rsa_nocrt_mod_exp);
}
}
}
......@@ -1688,7 +1682,8 @@ void engine_load_cryptodev_int(void)
if (cryptodev_asymfeat & CRF_DSA_SIGN)
DSA_meth_set_sign(cryptodev_dsa, cryptodev_dsa_do_sign);
if (cryptodev_asymfeat & CRF_MOD_EXP) {
DSA_meth_set_bn_mod_exp(cryptodev_dsa, cryptodev_dsa_bn_mod_exp);
DSA_meth_set_bn_mod_exp(cryptodev_dsa,
cryptodev_dsa_bn_mod_exp);
DSA_meth_set_mod_exp(cryptodev_dsa, cryptodev_dsa_dsa_mod_exp);
}
if (cryptodev_asymfeat & CRF_DSA_VERIFY)
......@@ -1701,16 +1696,17 @@ void engine_load_cryptodev_int(void)
#endif
#ifndef OPENSSL_NO_DH
if (ENGINE_set_DH(engine, &cryptodev_dh)) {
const DH_METHOD *dh_meth = DH_OpenSSL();
cryptodev_dh.generate_key = dh_meth->generate_key;
cryptodev_dh.compute_key = dh_meth->compute_key;
cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
if (cryptodev_asymfeat & CRF_MOD_EXP) {
cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
cryptodev_dh.compute_key = cryptodev_dh_compute_key;
cryptodev_dh = DH_meth_dup(DH_OpenSSL());
if (cryptodev_dh != NULL) {
DH_meth_set1_name(cryptodev_dh, "cryptodev DH method");
DH_meth_set_flags(cryptodev_dh, 0);
if (ENGINE_set_DH(engine, cryptodev_dh)) {
if (cryptodev_asymfeat & CRF_MOD_EXP) {
DH_meth_set_bn_mod_exp(cryptodev_dh, cryptodev_mod_exp_dh);
if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
DH_meth_set_compute_key(cryptodev_dh,
cryptodev_dh_compute_key);
}
}
}
#endif
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册