e_devcrypto.c 40 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309
  1. /*
  2. * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "../e_os.h"
  10. #include <string.h>
  11. #include <sys/types.h>
  12. #include <sys/stat.h>
  13. #include <fcntl.h>
  14. #include <sys/ioctl.h>
  15. #include <unistd.h>
  16. #include <assert.h>
  17. #include <openssl/conf.h>
  18. #include <openssl/evp.h>
  19. #include <openssl/err.h>
  20. #include <openssl/engine.h>
  21. #include <openssl/objects.h>
  22. #include <crypto/cryptodev.h>
  23. /* #define ENGINE_DEVCRYPTO_DEBUG */
  24. #if CRYPTO_ALGORITHM_MIN < CRYPTO_ALGORITHM_MAX
  25. # define CHECK_BSD_STYLE_MACROS
  26. #endif
  27. #define engine_devcrypto_id "devcrypto"
  28. /*
  29. * ONE global file descriptor for all sessions. This allows operations
  30. * such as digest session data copying (see digest_copy()), but is also
  31. * saner... why re-open /dev/crypto for every session?
  32. */
  33. static int cfd = -1;
  34. #define DEVCRYPTO_REQUIRE_ACCELERATED 0 /* require confirmation of acceleration */
  35. #define DEVCRYPTO_USE_SOFTWARE 1 /* allow software drivers */
  36. #define DEVCRYPTO_REJECT_SOFTWARE 2 /* only disallow confirmed software drivers */
  37. #define DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS DEVCRYPTO_REJECT_SOFTWARE
  38. static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS;
  39. /*
  40. * cipher/digest status & acceleration definitions
  41. * Make sure the defaults are set to 0
  42. */
  43. struct driver_info_st {
  44. enum devcrypto_status_t {
  45. DEVCRYPTO_STATUS_FAILURE = -3, /* unusable for other reason */
  46. DEVCRYPTO_STATUS_NO_CIOCCPHASH = -2, /* hash state copy not supported */
  47. DEVCRYPTO_STATUS_NO_CIOCGSESSION = -1, /* session open failed */
  48. DEVCRYPTO_STATUS_UNKNOWN = 0, /* not tested yet */
  49. DEVCRYPTO_STATUS_USABLE = 1 /* algo can be used */
  50. } status;
  51. enum devcrypto_accelerated_t {
  52. DEVCRYPTO_NOT_ACCELERATED = -1, /* software implemented */
  53. DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unknown */
  54. DEVCRYPTO_ACCELERATED = 1 /* hardware accelerated */
  55. } accelerated;
  56. char *driver_name;
  57. };
  58. #ifdef OPENSSL_NO_DYNAMIC_ENGINE
  59. void engine_load_devcrypto_int(void);
  60. #endif
  61. static int clean_devcrypto_session(struct session_op *sess) {
  62. if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) {
  63. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  64. return 0;
  65. }
  66. memset(sess, 0, sizeof(struct session_op));
  67. return 1;
  68. }
  69. /******************************************************************************
  70. *
  71. * Ciphers
  72. *
  73. * Because they all do the same basic operation, we have only one set of
  74. * method functions for them all to share, and a mapping table between
  75. * NIDs and cryptodev IDs, with all the necessary size data.
  76. *
  77. *****/
  78. struct cipher_ctx {
  79. struct session_op sess;
  80. int op; /* COP_ENCRYPT or COP_DECRYPT */
  81. unsigned long mode; /* EVP_CIPH_*_MODE */
  82. /* to handle ctr mode being a stream cipher */
  83. unsigned char partial[EVP_MAX_BLOCK_LENGTH];
  84. unsigned int blocksize, num;
  85. };
  86. static const struct cipher_data_st {
  87. int nid;
  88. int blocksize;
  89. int keylen;
  90. int ivlen;
  91. int flags;
  92. int devcryptoid;
  93. } cipher_data[] = {
  94. #ifndef OPENSSL_NO_DES
  95. { NID_des_cbc, 8, 8, 8, EVP_CIPH_CBC_MODE, CRYPTO_DES_CBC },
  96. { NID_des_ede3_cbc, 8, 24, 8, EVP_CIPH_CBC_MODE, CRYPTO_3DES_CBC },
  97. #endif
  98. #ifndef OPENSSL_NO_BF
  99. { NID_bf_cbc, 8, 16, 8, EVP_CIPH_CBC_MODE, CRYPTO_BLF_CBC },
  100. #endif
  101. #ifndef OPENSSL_NO_CAST
  102. { NID_cast5_cbc, 8, 16, 8, EVP_CIPH_CBC_MODE, CRYPTO_CAST_CBC },
  103. #endif
  104. { NID_aes_128_cbc, 16, 128 / 8, 16, EVP_CIPH_CBC_MODE, CRYPTO_AES_CBC },
  105. { NID_aes_192_cbc, 16, 192 / 8, 16, EVP_CIPH_CBC_MODE, CRYPTO_AES_CBC },
  106. { NID_aes_256_cbc, 16, 256 / 8, 16, EVP_CIPH_CBC_MODE, CRYPTO_AES_CBC },
  107. #ifndef OPENSSL_NO_RC4
  108. { NID_rc4, 1, 16, 0, EVP_CIPH_STREAM_CIPHER, CRYPTO_ARC4 },
  109. #endif
  110. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_AES_CTR)
  111. { NID_aes_128_ctr, 16, 128 / 8, 16, EVP_CIPH_CTR_MODE, CRYPTO_AES_CTR },
  112. { NID_aes_192_ctr, 16, 192 / 8, 16, EVP_CIPH_CTR_MODE, CRYPTO_AES_CTR },
  113. { NID_aes_256_ctr, 16, 256 / 8, 16, EVP_CIPH_CTR_MODE, CRYPTO_AES_CTR },
  114. #endif
  115. #if 0 /* Not yet supported */
  116. { NID_aes_128_xts, 16, 128 / 8 * 2, 16, EVP_CIPH_XTS_MODE, CRYPTO_AES_XTS },
  117. { NID_aes_256_xts, 16, 256 / 8 * 2, 16, EVP_CIPH_XTS_MODE, CRYPTO_AES_XTS },
  118. #endif
  119. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_AES_ECB)
  120. { NID_aes_128_ecb, 16, 128 / 8, 0, EVP_CIPH_ECB_MODE, CRYPTO_AES_ECB },
  121. { NID_aes_192_ecb, 16, 192 / 8, 0, EVP_CIPH_ECB_MODE, CRYPTO_AES_ECB },
  122. { NID_aes_256_ecb, 16, 256 / 8, 0, EVP_CIPH_ECB_MODE, CRYPTO_AES_ECB },
  123. #endif
  124. #if 0 /* Not yet supported */
  125. { NID_aes_128_gcm, 16, 128 / 8, 16, EVP_CIPH_GCM_MODE, CRYPTO_AES_GCM },
  126. { NID_aes_192_gcm, 16, 192 / 8, 16, EVP_CIPH_GCM_MODE, CRYPTO_AES_GCM },
  127. { NID_aes_256_gcm, 16, 256 / 8, 16, EVP_CIPH_GCM_MODE, CRYPTO_AES_GCM },
  128. #endif
  129. #ifndef OPENSSL_NO_CAMELLIA
  130. { NID_camellia_128_cbc, 16, 128 / 8, 16, EVP_CIPH_CBC_MODE,
  131. CRYPTO_CAMELLIA_CBC },
  132. { NID_camellia_192_cbc, 16, 192 / 8, 16, EVP_CIPH_CBC_MODE,
  133. CRYPTO_CAMELLIA_CBC },
  134. { NID_camellia_256_cbc, 16, 256 / 8, 16, EVP_CIPH_CBC_MODE,
  135. CRYPTO_CAMELLIA_CBC },
  136. #endif
  137. };
  138. static size_t find_cipher_data_index(int nid)
  139. {
  140. size_t i;
  141. for (i = 0; i < OSSL_NELEM(cipher_data); i++)
  142. if (nid == cipher_data[i].nid)
  143. return i;
  144. return (size_t)-1;
  145. }
  146. static size_t get_cipher_data_index(int nid)
  147. {
  148. size_t i = find_cipher_data_index(nid);
  149. if (i != (size_t)-1)
  150. return i;
  151. /*
  152. * Code further down must make sure that only NIDs in the table above
  153. * are used. If any other NID reaches this function, there's a grave
  154. * coding error further down.
  155. */
  156. assert("Code that never should be reached" == NULL);
  157. return -1;
  158. }
  159. static const struct cipher_data_st *get_cipher_data(int nid)
  160. {
  161. return &cipher_data[get_cipher_data_index(nid)];
  162. }
  163. /*
  164. * Following are the three necessary functions to map OpenSSL functionality
  165. * with cryptodev.
  166. */
  167. static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
  168. const unsigned char *iv, int enc)
  169. {
  170. struct cipher_ctx *cipher_ctx =
  171. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  172. const struct cipher_data_st *cipher_d =
  173. get_cipher_data(EVP_CIPHER_CTX_nid(ctx));
  174. /* cleanup a previous session */
  175. if (cipher_ctx->sess.ses != 0 &&
  176. clean_devcrypto_session(&cipher_ctx->sess) == 0)
  177. return 0;
  178. cipher_ctx->sess.cipher = cipher_d->devcryptoid;
  179. cipher_ctx->sess.keylen = cipher_d->keylen;
  180. cipher_ctx->sess.key = (void *)key;
  181. cipher_ctx->op = enc ? COP_ENCRYPT : COP_DECRYPT;
  182. cipher_ctx->mode = cipher_d->flags & EVP_CIPH_MODE;
  183. cipher_ctx->blocksize = cipher_d->blocksize;
  184. if (ioctl(cfd, CIOCGSESSION, &cipher_ctx->sess) < 0) {
  185. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  186. return 0;
  187. }
  188. return 1;
  189. }
  190. static int cipher_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  191. const unsigned char *in, size_t inl)
  192. {
  193. struct cipher_ctx *cipher_ctx =
  194. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  195. struct crypt_op cryp;
  196. unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
  197. #if !defined(COP_FLAG_WRITE_IV)
  198. unsigned char saved_iv[EVP_MAX_IV_LENGTH];
  199. const unsigned char *ivptr;
  200. size_t nblocks, ivlen;
  201. #endif
  202. memset(&cryp, 0, sizeof(cryp));
  203. cryp.ses = cipher_ctx->sess.ses;
  204. cryp.len = inl;
  205. cryp.src = (void *)in;
  206. cryp.dst = (void *)out;
  207. cryp.iv = (void *)iv;
  208. cryp.op = cipher_ctx->op;
  209. #if !defined(COP_FLAG_WRITE_IV)
  210. cryp.flags = 0;
  211. ivlen = EVP_CIPHER_CTX_iv_length(ctx);
  212. if (ivlen > 0)
  213. switch (cipher_ctx->mode) {
  214. case EVP_CIPH_CBC_MODE:
  215. assert(inl >= ivlen);
  216. if (!EVP_CIPHER_CTX_encrypting(ctx)) {
  217. ivptr = in + inl - ivlen;
  218. memcpy(saved_iv, ivptr, ivlen);
  219. }
  220. break;
  221. case EVP_CIPH_CTR_MODE:
  222. break;
  223. default: /* should not happen */
  224. return 0;
  225. }
  226. #else
  227. cryp.flags = COP_FLAG_WRITE_IV;
  228. #endif
  229. if (ioctl(cfd, CIOCCRYPT, &cryp) < 0) {
  230. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  231. return 0;
  232. }
  233. #if !defined(COP_FLAG_WRITE_IV)
  234. if (ivlen > 0)
  235. switch (cipher_ctx->mode) {
  236. case EVP_CIPH_CBC_MODE:
  237. assert(inl >= ivlen);
  238. if (EVP_CIPHER_CTX_encrypting(ctx))
  239. ivptr = out + inl - ivlen;
  240. else
  241. ivptr = saved_iv;
  242. memcpy(iv, ivptr, ivlen);
  243. break;
  244. case EVP_CIPH_CTR_MODE:
  245. nblocks = (inl + cipher_ctx->blocksize - 1)
  246. / cipher_ctx->blocksize;
  247. do {
  248. ivlen--;
  249. nblocks += iv[ivlen];
  250. iv[ivlen] = (uint8_t) nblocks;
  251. nblocks >>= 8;
  252. } while (ivlen);
  253. break;
  254. default: /* should not happen */
  255. return 0;
  256. }
  257. #endif
  258. return 1;
  259. }
  260. static int ctr_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  261. const unsigned char *in, size_t inl)
  262. {
  263. struct cipher_ctx *cipher_ctx =
  264. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  265. size_t nblocks, len;
  266. /* initial partial block */
  267. while (cipher_ctx->num && inl) {
  268. (*out++) = *(in++) ^ cipher_ctx->partial[cipher_ctx->num];
  269. --inl;
  270. cipher_ctx->num = (cipher_ctx->num + 1) % cipher_ctx->blocksize;
  271. }
  272. /* full blocks */
  273. if (inl > (unsigned int) cipher_ctx->blocksize) {
  274. nblocks = inl/cipher_ctx->blocksize;
  275. len = nblocks * cipher_ctx->blocksize;
  276. if (cipher_do_cipher(ctx, out, in, len) < 1)
  277. return 0;
  278. inl -= len;
  279. out += len;
  280. in += len;
  281. }
  282. /* final partial block */
  283. if (inl) {
  284. memset(cipher_ctx->partial, 0, cipher_ctx->blocksize);
  285. if (cipher_do_cipher(ctx, cipher_ctx->partial, cipher_ctx->partial,
  286. cipher_ctx->blocksize) < 1)
  287. return 0;
  288. while (inl--) {
  289. out[cipher_ctx->num] = in[cipher_ctx->num]
  290. ^ cipher_ctx->partial[cipher_ctx->num];
  291. cipher_ctx->num++;
  292. }
  293. }
  294. return 1;
  295. }
  296. static int cipher_ctrl(EVP_CIPHER_CTX *ctx, int type, int p1, void* p2)
  297. {
  298. struct cipher_ctx *cipher_ctx =
  299. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  300. EVP_CIPHER_CTX *to_ctx = (EVP_CIPHER_CTX *)p2;
  301. struct cipher_ctx *to_cipher_ctx;
  302. switch (type) {
  303. case EVP_CTRL_COPY:
  304. if (cipher_ctx == NULL)
  305. return 1;
  306. /* when copying the context, a new session needs to be initialized */
  307. to_cipher_ctx =
  308. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(to_ctx);
  309. memset(&to_cipher_ctx->sess, 0, sizeof(to_cipher_ctx->sess));
  310. return cipher_init(to_ctx, (void *)cipher_ctx->sess.key, EVP_CIPHER_CTX_iv(ctx),
  311. (cipher_ctx->op == COP_ENCRYPT));
  312. case EVP_CTRL_INIT:
  313. memset(&cipher_ctx->sess, 0, sizeof(cipher_ctx->sess));
  314. return 1;
  315. default:
  316. break;
  317. }
  318. return -1;
  319. }
  320. static int cipher_cleanup(EVP_CIPHER_CTX *ctx)
  321. {
  322. struct cipher_ctx *cipher_ctx =
  323. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  324. return clean_devcrypto_session(&cipher_ctx->sess);
  325. }
  326. /*
  327. * Keep tables of known nids, associated methods, selected ciphers, and driver
  328. * info.
  329. * Note that known_cipher_nids[] isn't necessarily indexed the same way as
  330. * cipher_data[] above, which the other tables are.
  331. */
  332. static int known_cipher_nids[OSSL_NELEM(cipher_data)];
  333. static int known_cipher_nids_amount = -1; /* -1 indicates not yet initialised */
  334. static EVP_CIPHER *known_cipher_methods[OSSL_NELEM(cipher_data)] = { NULL, };
  335. static int selected_ciphers[OSSL_NELEM(cipher_data)];
  336. static struct driver_info_st cipher_driver_info[OSSL_NELEM(cipher_data)];
  337. static int devcrypto_test_cipher(size_t cipher_data_index)
  338. {
  339. return (cipher_driver_info[cipher_data_index].status == DEVCRYPTO_STATUS_USABLE
  340. && selected_ciphers[cipher_data_index] == 1
  341. && (cipher_driver_info[cipher_data_index].accelerated
  342. == DEVCRYPTO_ACCELERATED
  343. || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
  344. || (cipher_driver_info[cipher_data_index].accelerated
  345. != DEVCRYPTO_NOT_ACCELERATED
  346. && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
  347. }
  348. static void prepare_cipher_methods(void)
  349. {
  350. size_t i;
  351. struct session_op sess;
  352. unsigned long cipher_mode;
  353. #ifdef CIOCGSESSINFO
  354. struct session_info_op siop;
  355. #endif
  356. memset(&cipher_driver_info, 0, sizeof(cipher_driver_info));
  357. memset(&sess, 0, sizeof(sess));
  358. sess.key = (void *)"01234567890123456789012345678901234567890123456789";
  359. for (i = 0, known_cipher_nids_amount = 0;
  360. i < OSSL_NELEM(cipher_data); i++) {
  361. selected_ciphers[i] = 1;
  362. /*
  363. * Check that the cipher is usable
  364. */
  365. sess.cipher = cipher_data[i].devcryptoid;
  366. sess.keylen = cipher_data[i].keylen;
  367. if (ioctl(cfd, CIOCGSESSION, &sess) < 0) {
  368. cipher_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCGSESSION;
  369. continue;
  370. }
  371. cipher_mode = cipher_data[i].flags & EVP_CIPH_MODE;
  372. if ((known_cipher_methods[i] =
  373. EVP_CIPHER_meth_new(cipher_data[i].nid,
  374. cipher_mode == EVP_CIPH_CTR_MODE ? 1 :
  375. cipher_data[i].blocksize,
  376. cipher_data[i].keylen)) == NULL
  377. || !EVP_CIPHER_meth_set_iv_length(known_cipher_methods[i],
  378. cipher_data[i].ivlen)
  379. || !EVP_CIPHER_meth_set_flags(known_cipher_methods[i],
  380. cipher_data[i].flags
  381. | EVP_CIPH_CUSTOM_COPY
  382. | EVP_CIPH_CTRL_INIT
  383. | EVP_CIPH_FLAG_DEFAULT_ASN1)
  384. || !EVP_CIPHER_meth_set_init(known_cipher_methods[i], cipher_init)
  385. || !EVP_CIPHER_meth_set_do_cipher(known_cipher_methods[i],
  386. cipher_mode == EVP_CIPH_CTR_MODE ?
  387. ctr_do_cipher :
  388. cipher_do_cipher)
  389. || !EVP_CIPHER_meth_set_ctrl(known_cipher_methods[i], cipher_ctrl)
  390. || !EVP_CIPHER_meth_set_cleanup(known_cipher_methods[i],
  391. cipher_cleanup)
  392. || !EVP_CIPHER_meth_set_impl_ctx_size(known_cipher_methods[i],
  393. sizeof(struct cipher_ctx))) {
  394. cipher_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE;
  395. EVP_CIPHER_meth_free(known_cipher_methods[i]);
  396. known_cipher_methods[i] = NULL;
  397. } else {
  398. cipher_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
  399. #ifdef CIOCGSESSINFO
  400. siop.ses = sess.ses;
  401. if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0) {
  402. cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
  403. } else {
  404. cipher_driver_info[i].driver_name =
  405. OPENSSL_strndup(siop.cipher_info.cra_driver_name,
  406. CRYPTODEV_MAX_ALG_NAME);
  407. if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY))
  408. cipher_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
  409. else
  410. cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
  411. }
  412. #endif /* CIOCGSESSINFO */
  413. }
  414. ioctl(cfd, CIOCFSESSION, &sess.ses);
  415. if (devcrypto_test_cipher(i)) {
  416. known_cipher_nids[known_cipher_nids_amount++] =
  417. cipher_data[i].nid;
  418. }
  419. }
  420. }
  421. static void rebuild_known_cipher_nids(ENGINE *e)
  422. {
  423. size_t i;
  424. for (i = 0, known_cipher_nids_amount = 0; i < OSSL_NELEM(cipher_data); i++) {
  425. if (devcrypto_test_cipher(i))
  426. known_cipher_nids[known_cipher_nids_amount++] = cipher_data[i].nid;
  427. }
  428. ENGINE_unregister_ciphers(e);
  429. ENGINE_register_ciphers(e);
  430. }
  431. static const EVP_CIPHER *get_cipher_method(int nid)
  432. {
  433. size_t i = get_cipher_data_index(nid);
  434. if (i == (size_t)-1)
  435. return NULL;
  436. return known_cipher_methods[i];
  437. }
  438. static int get_cipher_nids(const int **nids)
  439. {
  440. *nids = known_cipher_nids;
  441. return known_cipher_nids_amount;
  442. }
  443. static void destroy_cipher_method(int nid)
  444. {
  445. size_t i = get_cipher_data_index(nid);
  446. EVP_CIPHER_meth_free(known_cipher_methods[i]);
  447. known_cipher_methods[i] = NULL;
  448. }
  449. static void destroy_all_cipher_methods(void)
  450. {
  451. size_t i;
  452. for (i = 0; i < OSSL_NELEM(cipher_data); i++) {
  453. destroy_cipher_method(cipher_data[i].nid);
  454. OPENSSL_free(cipher_driver_info[i].driver_name);
  455. cipher_driver_info[i].driver_name = NULL;
  456. }
  457. }
  458. static int devcrypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
  459. const int **nids, int nid)
  460. {
  461. if (cipher == NULL)
  462. return get_cipher_nids(nids);
  463. *cipher = get_cipher_method(nid);
  464. return *cipher != NULL;
  465. }
  466. static void devcrypto_select_all_ciphers(int *cipher_list)
  467. {
  468. size_t i;
  469. for (i = 0; i < OSSL_NELEM(cipher_data); i++)
  470. cipher_list[i] = 1;
  471. }
  472. static int cryptodev_select_cipher_cb(const char *str, int len, void *usr)
  473. {
  474. int *cipher_list = (int *)usr;
  475. char *name;
  476. const EVP_CIPHER *EVP;
  477. size_t i;
  478. if (len == 0)
  479. return 1;
  480. if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
  481. return 0;
  482. EVP = EVP_get_cipherbyname(name);
  483. if (EVP == NULL)
  484. fprintf(stderr, "devcrypto: unknown cipher %s\n", name);
  485. else if ((i = find_cipher_data_index(EVP_CIPHER_nid(EVP))) != (size_t)-1)
  486. cipher_list[i] = 1;
  487. else
  488. fprintf(stderr, "devcrypto: cipher %s not available\n", name);
  489. OPENSSL_free(name);
  490. return 1;
  491. }
  492. static void dump_cipher_info(void)
  493. {
  494. size_t i;
  495. const char *name;
  496. fprintf (stderr, "Information about ciphers supported by the /dev/crypto"
  497. " engine:\n");
  498. #ifndef CIOCGSESSINFO
  499. fprintf(stderr, "CIOCGSESSINFO (session info call) unavailable\n");
  500. #endif
  501. for (i = 0; i < OSSL_NELEM(cipher_data); i++) {
  502. name = OBJ_nid2sn(cipher_data[i].nid);
  503. fprintf (stderr, "Cipher %s, NID=%d, /dev/crypto info: id=%d, ",
  504. name ? name : "unknown", cipher_data[i].nid,
  505. cipher_data[i].devcryptoid);
  506. if (cipher_driver_info[i].status == DEVCRYPTO_STATUS_NO_CIOCGSESSION ) {
  507. fprintf (stderr, "CIOCGSESSION (session open call) failed\n");
  508. continue;
  509. }
  510. fprintf (stderr, "driver=%s ", cipher_driver_info[i].driver_name ?
  511. cipher_driver_info[i].driver_name : "unknown");
  512. if (cipher_driver_info[i].accelerated == DEVCRYPTO_ACCELERATED)
  513. fprintf(stderr, "(hw accelerated)");
  514. else if (cipher_driver_info[i].accelerated == DEVCRYPTO_NOT_ACCELERATED)
  515. fprintf(stderr, "(software)");
  516. else
  517. fprintf(stderr, "(acceleration status unknown)");
  518. if (cipher_driver_info[i].status == DEVCRYPTO_STATUS_FAILURE)
  519. fprintf (stderr, ". Cipher setup failed");
  520. fprintf(stderr, "\n");
  521. }
  522. fprintf(stderr, "\n");
  523. }
  524. /*
  525. * We only support digests if the cryptodev implementation supports multiple
  526. * data updates and session copying. Otherwise, we would be forced to maintain
  527. * a cache, which is perilous if there's a lot of data coming in (if someone
  528. * wants to checksum an OpenSSL tarball, for example).
  529. */
  530. #if defined(CIOCCPHASH) && defined(COP_FLAG_UPDATE) && defined(COP_FLAG_FINAL)
  531. #define IMPLEMENT_DIGEST
  532. /******************************************************************************
  533. *
  534. * Digests
  535. *
  536. * Because they all do the same basic operation, we have only one set of
  537. * method functions for them all to share, and a mapping table between
  538. * NIDs and cryptodev IDs, with all the necessary size data.
  539. *
  540. *****/
  541. struct digest_ctx {
  542. struct session_op sess;
  543. /* This signals that the init function was called, not that it succeeded. */
  544. int init_called;
  545. unsigned char digest_res[HASH_MAX_LEN];
  546. };
  547. static const struct digest_data_st {
  548. int nid;
  549. int blocksize;
  550. int digestlen;
  551. int devcryptoid;
  552. } digest_data[] = {
  553. #ifndef OPENSSL_NO_MD5
  554. { NID_md5, /* MD5_CBLOCK */ 64, 16, CRYPTO_MD5 },
  555. #endif
  556. { NID_sha1, SHA_CBLOCK, 20, CRYPTO_SHA1 },
  557. #ifndef OPENSSL_NO_RMD160
  558. # if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_RIPEMD160)
  559. { NID_ripemd160, /* RIPEMD160_CBLOCK */ 64, 20, CRYPTO_RIPEMD160 },
  560. # endif
  561. #endif
  562. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_224)
  563. { NID_sha224, SHA256_CBLOCK, 224 / 8, CRYPTO_SHA2_224 },
  564. #endif
  565. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_256)
  566. { NID_sha256, SHA256_CBLOCK, 256 / 8, CRYPTO_SHA2_256 },
  567. #endif
  568. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_384)
  569. { NID_sha384, SHA512_CBLOCK, 384 / 8, CRYPTO_SHA2_384 },
  570. #endif
  571. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_512)
  572. { NID_sha512, SHA512_CBLOCK, 512 / 8, CRYPTO_SHA2_512 },
  573. #endif
  574. };
  575. static size_t find_digest_data_index(int nid)
  576. {
  577. size_t i;
  578. for (i = 0; i < OSSL_NELEM(digest_data); i++)
  579. if (nid == digest_data[i].nid)
  580. return i;
  581. return (size_t)-1;
  582. }
  583. static size_t get_digest_data_index(int nid)
  584. {
  585. size_t i = find_digest_data_index(nid);
  586. if (i != (size_t)-1)
  587. return i;
  588. /*
  589. * Code further down must make sure that only NIDs in the table above
  590. * are used. If any other NID reaches this function, there's a grave
  591. * coding error further down.
  592. */
  593. assert("Code that never should be reached" == NULL);
  594. return -1;
  595. }
  596. static const struct digest_data_st *get_digest_data(int nid)
  597. {
  598. return &digest_data[get_digest_data_index(nid)];
  599. }
  600. /*
  601. * Following are the five necessary functions to map OpenSSL functionality
  602. * with cryptodev: init, update, final, cleanup, and copy.
  603. */
  604. static int digest_init(EVP_MD_CTX *ctx)
  605. {
  606. struct digest_ctx *digest_ctx =
  607. (struct digest_ctx *)EVP_MD_CTX_md_data(ctx);
  608. const struct digest_data_st *digest_d =
  609. get_digest_data(EVP_MD_CTX_type(ctx));
  610. digest_ctx->init_called = 1;
  611. memset(&digest_ctx->sess, 0, sizeof(digest_ctx->sess));
  612. digest_ctx->sess.mac = digest_d->devcryptoid;
  613. if (ioctl(cfd, CIOCGSESSION, &digest_ctx->sess) < 0) {
  614. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  615. return 0;
  616. }
  617. return 1;
  618. }
  619. static int digest_op(struct digest_ctx *ctx, const void *src, size_t srclen,
  620. void *res, unsigned int flags)
  621. {
  622. struct crypt_op cryp;
  623. memset(&cryp, 0, sizeof(cryp));
  624. cryp.ses = ctx->sess.ses;
  625. cryp.len = srclen;
  626. cryp.src = (void *)src;
  627. cryp.dst = NULL;
  628. cryp.mac = res;
  629. cryp.flags = flags;
  630. return ioctl(cfd, CIOCCRYPT, &cryp);
  631. }
  632. static int digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
  633. {
  634. struct digest_ctx *digest_ctx =
  635. (struct digest_ctx *)EVP_MD_CTX_md_data(ctx);
  636. if (count == 0)
  637. return 1;
  638. if (digest_ctx == NULL)
  639. return 0;
  640. if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
  641. if (digest_op(digest_ctx, data, count, digest_ctx->digest_res, 0) >= 0)
  642. return 1;
  643. } else if (digest_op(digest_ctx, data, count, NULL, COP_FLAG_UPDATE) >= 0) {
  644. return 1;
  645. }
  646. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  647. return 0;
  648. }
  649. static int digest_final(EVP_MD_CTX *ctx, unsigned char *md)
  650. {
  651. struct digest_ctx *digest_ctx =
  652. (struct digest_ctx *)EVP_MD_CTX_md_data(ctx);
  653. if (md == NULL || digest_ctx == NULL)
  654. return 0;
  655. if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
  656. memcpy(md, digest_ctx->digest_res, EVP_MD_CTX_size(ctx));
  657. } else if (digest_op(digest_ctx, NULL, 0, md, COP_FLAG_FINAL) < 0) {
  658. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  659. return 0;
  660. }
  661. return 1;
  662. }
  663. static int digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
  664. {
  665. struct digest_ctx *digest_from =
  666. (struct digest_ctx *)EVP_MD_CTX_md_data(from);
  667. struct digest_ctx *digest_to =
  668. (struct digest_ctx *)EVP_MD_CTX_md_data(to);
  669. struct cphash_op cphash;
  670. if (digest_from == NULL || digest_from->init_called != 1)
  671. return 1;
  672. if (!digest_init(to)) {
  673. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  674. return 0;
  675. }
  676. cphash.src_ses = digest_from->sess.ses;
  677. cphash.dst_ses = digest_to->sess.ses;
  678. if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
  679. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  680. return 0;
  681. }
  682. return 1;
  683. }
  684. static int digest_cleanup(EVP_MD_CTX *ctx)
  685. {
  686. struct digest_ctx *digest_ctx =
  687. (struct digest_ctx *)EVP_MD_CTX_md_data(ctx);
  688. if (digest_ctx == NULL)
  689. return 1;
  690. return clean_devcrypto_session(&digest_ctx->sess);
  691. }
  692. /*
  693. * Keep tables of known nids, associated methods, selected digests, and
  694. * driver info.
  695. * Note that known_digest_nids[] isn't necessarily indexed the same way as
  696. * digest_data[] above, which the other tables are.
  697. */
  698. static int known_digest_nids[OSSL_NELEM(digest_data)];
  699. static int known_digest_nids_amount = -1; /* -1 indicates not yet initialised */
  700. static EVP_MD *known_digest_methods[OSSL_NELEM(digest_data)] = { NULL, };
  701. static int selected_digests[OSSL_NELEM(digest_data)];
  702. static struct driver_info_st digest_driver_info[OSSL_NELEM(digest_data)];
  703. static int devcrypto_test_digest(size_t digest_data_index)
  704. {
  705. return (digest_driver_info[digest_data_index].status == DEVCRYPTO_STATUS_USABLE
  706. && selected_digests[digest_data_index] == 1
  707. && (digest_driver_info[digest_data_index].accelerated
  708. == DEVCRYPTO_ACCELERATED
  709. || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
  710. || (digest_driver_info[digest_data_index].accelerated
  711. != DEVCRYPTO_NOT_ACCELERATED
  712. && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
  713. }
  714. static void rebuild_known_digest_nids(ENGINE *e)
  715. {
  716. size_t i;
  717. for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data); i++) {
  718. if (devcrypto_test_digest(i))
  719. known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
  720. }
  721. ENGINE_unregister_digests(e);
  722. ENGINE_register_digests(e);
  723. }
  724. static void prepare_digest_methods(void)
  725. {
  726. size_t i;
  727. struct session_op sess1, sess2;
  728. #ifdef CIOCGSESSINFO
  729. struct session_info_op siop;
  730. #endif
  731. struct cphash_op cphash;
  732. memset(&digest_driver_info, 0, sizeof(digest_driver_info));
  733. memset(&sess1, 0, sizeof(sess1));
  734. memset(&sess2, 0, sizeof(sess2));
  735. for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data);
  736. i++) {
  737. selected_digests[i] = 1;
  738. /*
  739. * Check that the digest is usable
  740. */
  741. sess1.mac = digest_data[i].devcryptoid;
  742. sess2.ses = 0;
  743. if (ioctl(cfd, CIOCGSESSION, &sess1) < 0) {
  744. digest_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCGSESSION;
  745. goto finish;
  746. }
  747. #ifdef CIOCGSESSINFO
  748. /* gather hardware acceleration info from the driver */
  749. siop.ses = sess1.ses;
  750. if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0) {
  751. digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
  752. } else {
  753. digest_driver_info[i].driver_name =
  754. OPENSSL_strndup(siop.hash_info.cra_driver_name,
  755. CRYPTODEV_MAX_ALG_NAME);
  756. if (siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)
  757. digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
  758. else
  759. digest_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
  760. }
  761. #endif
  762. /* digest must be capable of hash state copy */
  763. sess2.mac = sess1.mac;
  764. if (ioctl(cfd, CIOCGSESSION, &sess2) < 0) {
  765. digest_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE;
  766. goto finish;
  767. }
  768. cphash.src_ses = sess1.ses;
  769. cphash.dst_ses = sess2.ses;
  770. if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
  771. digest_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCCPHASH;
  772. goto finish;
  773. }
  774. if ((known_digest_methods[i] = EVP_MD_meth_new(digest_data[i].nid,
  775. NID_undef)) == NULL
  776. || !EVP_MD_meth_set_input_blocksize(known_digest_methods[i],
  777. digest_data[i].blocksize)
  778. || !EVP_MD_meth_set_result_size(known_digest_methods[i],
  779. digest_data[i].digestlen)
  780. || !EVP_MD_meth_set_init(known_digest_methods[i], digest_init)
  781. || !EVP_MD_meth_set_update(known_digest_methods[i], digest_update)
  782. || !EVP_MD_meth_set_final(known_digest_methods[i], digest_final)
  783. || !EVP_MD_meth_set_copy(known_digest_methods[i], digest_copy)
  784. || !EVP_MD_meth_set_cleanup(known_digest_methods[i], digest_cleanup)
  785. || !EVP_MD_meth_set_app_datasize(known_digest_methods[i],
  786. sizeof(struct digest_ctx))) {
  787. digest_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE;
  788. EVP_MD_meth_free(known_digest_methods[i]);
  789. known_digest_methods[i] = NULL;
  790. goto finish;
  791. }
  792. digest_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
  793. finish:
  794. ioctl(cfd, CIOCFSESSION, &sess1.ses);
  795. if (sess2.ses != 0)
  796. ioctl(cfd, CIOCFSESSION, &sess2.ses);
  797. if (devcrypto_test_digest(i))
  798. known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
  799. }
  800. }
  801. static const EVP_MD *get_digest_method(int nid)
  802. {
  803. size_t i = get_digest_data_index(nid);
  804. if (i == (size_t)-1)
  805. return NULL;
  806. return known_digest_methods[i];
  807. }
  808. static int get_digest_nids(const int **nids)
  809. {
  810. *nids = known_digest_nids;
  811. return known_digest_nids_amount;
  812. }
  813. static void destroy_digest_method(int nid)
  814. {
  815. size_t i = get_digest_data_index(nid);
  816. EVP_MD_meth_free(known_digest_methods[i]);
  817. known_digest_methods[i] = NULL;
  818. }
  819. static void destroy_all_digest_methods(void)
  820. {
  821. size_t i;
  822. for (i = 0; i < OSSL_NELEM(digest_data); i++) {
  823. destroy_digest_method(digest_data[i].nid);
  824. OPENSSL_free(digest_driver_info[i].driver_name);
  825. digest_driver_info[i].driver_name = NULL;
  826. }
  827. }
  828. static int devcrypto_digests(ENGINE *e, const EVP_MD **digest,
  829. const int **nids, int nid)
  830. {
  831. if (digest == NULL)
  832. return get_digest_nids(nids);
  833. *digest = get_digest_method(nid);
  834. return *digest != NULL;
  835. }
  836. static void devcrypto_select_all_digests(int *digest_list)
  837. {
  838. size_t i;
  839. for (i = 0; i < OSSL_NELEM(digest_data); i++)
  840. digest_list[i] = 1;
  841. }
  842. static int cryptodev_select_digest_cb(const char *str, int len, void *usr)
  843. {
  844. int *digest_list = (int *)usr;
  845. char *name;
  846. const EVP_MD *EVP;
  847. size_t i;
  848. if (len == 0)
  849. return 1;
  850. if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
  851. return 0;
  852. EVP = EVP_get_digestbyname(name);
  853. if (EVP == NULL)
  854. fprintf(stderr, "devcrypto: unknown digest %s\n", name);
  855. else if ((i = find_digest_data_index(EVP_MD_type(EVP))) != (size_t)-1)
  856. digest_list[i] = 1;
  857. else
  858. fprintf(stderr, "devcrypto: digest %s not available\n", name);
  859. OPENSSL_free(name);
  860. return 1;
  861. }
  862. static void dump_digest_info(void)
  863. {
  864. size_t i;
  865. const char *name;
  866. fprintf (stderr, "Information about digests supported by the /dev/crypto"
  867. " engine:\n");
  868. #ifndef CIOCGSESSINFO
  869. fprintf(stderr, "CIOCGSESSINFO (session info call) unavailable\n");
  870. #endif
  871. for (i = 0; i < OSSL_NELEM(digest_data); i++) {
  872. name = OBJ_nid2sn(digest_data[i].nid);
  873. fprintf (stderr, "Digest %s, NID=%d, /dev/crypto info: id=%d, driver=%s",
  874. name ? name : "unknown", digest_data[i].nid,
  875. digest_data[i].devcryptoid,
  876. digest_driver_info[i].driver_name ? digest_driver_info[i].driver_name : "unknown");
  877. if (digest_driver_info[i].status == DEVCRYPTO_STATUS_NO_CIOCGSESSION) {
  878. fprintf (stderr, ". CIOCGSESSION (session open) failed\n");
  879. continue;
  880. }
  881. if (digest_driver_info[i].accelerated == DEVCRYPTO_ACCELERATED)
  882. fprintf(stderr, " (hw accelerated)");
  883. else if (digest_driver_info[i].accelerated == DEVCRYPTO_NOT_ACCELERATED)
  884. fprintf(stderr, " (software)");
  885. else
  886. fprintf(stderr, " (acceleration status unknown)");
  887. if (cipher_driver_info[i].status == DEVCRYPTO_STATUS_FAILURE)
  888. fprintf (stderr, ". Cipher setup failed\n");
  889. else if (digest_driver_info[i].status == DEVCRYPTO_STATUS_NO_CIOCCPHASH)
  890. fprintf(stderr, ", CIOCCPHASH failed\n");
  891. else
  892. fprintf(stderr, ", CIOCCPHASH capable\n");
  893. }
  894. fprintf(stderr, "\n");
  895. }
  896. #endif
  897. /******************************************************************************
  898. *
  899. * CONTROL COMMANDS
  900. *
  901. *****/
  902. #define DEVCRYPTO_CMD_USE_SOFTDRIVERS ENGINE_CMD_BASE
  903. #define DEVCRYPTO_CMD_CIPHERS (ENGINE_CMD_BASE + 1)
  904. #define DEVCRYPTO_CMD_DIGESTS (ENGINE_CMD_BASE + 2)
  905. #define DEVCRYPTO_CMD_DUMP_INFO (ENGINE_CMD_BASE + 3)
  906. static const ENGINE_CMD_DEFN devcrypto_cmds[] = {
  907. #ifdef CIOCGSESSINFO
  908. {DEVCRYPTO_CMD_USE_SOFTDRIVERS,
  909. "USE_SOFTDRIVERS",
  910. "specifies whether to use software (not accelerated) drivers ("
  911. OPENSSL_MSTR(DEVCRYPTO_REQUIRE_ACCELERATED) "=use only accelerated drivers, "
  912. OPENSSL_MSTR(DEVCRYPTO_USE_SOFTWARE) "=allow all drivers, "
  913. OPENSSL_MSTR(DEVCRYPTO_REJECT_SOFTWARE)
  914. "=use if acceleration can't be determined) [default="
  915. OPENSSL_MSTR(DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS) "]",
  916. ENGINE_CMD_FLAG_NUMERIC},
  917. #endif
  918. {DEVCRYPTO_CMD_CIPHERS,
  919. "CIPHERS",
  920. "either ALL, NONE, or a comma-separated list of ciphers to enable [default=ALL]",
  921. ENGINE_CMD_FLAG_STRING},
  922. #ifdef IMPLEMENT_DIGEST
  923. {DEVCRYPTO_CMD_DIGESTS,
  924. "DIGESTS",
  925. "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
  926. ENGINE_CMD_FLAG_STRING},
  927. #endif
  928. {DEVCRYPTO_CMD_DUMP_INFO,
  929. "DUMP_INFO",
  930. "dump info about each algorithm to stderr; use 'openssl engine -pre DUMP_INFO devcrypto'",
  931. ENGINE_CMD_FLAG_NO_INPUT},
  932. {0, NULL, NULL, 0}
  933. };
  934. static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
  935. {
  936. int *new_list;
  937. switch (cmd) {
  938. #ifdef CIOCGSESSINFO
  939. case DEVCRYPTO_CMD_USE_SOFTDRIVERS:
  940. switch (i) {
  941. case DEVCRYPTO_REQUIRE_ACCELERATED:
  942. case DEVCRYPTO_USE_SOFTWARE:
  943. case DEVCRYPTO_REJECT_SOFTWARE:
  944. break;
  945. default:
  946. fprintf(stderr, "devcrypto: invalid value (%ld) for USE_SOFTDRIVERS\n", i);
  947. return 0;
  948. }
  949. if (use_softdrivers == i)
  950. return 1;
  951. use_softdrivers = i;
  952. #ifdef IMPLEMENT_DIGEST
  953. rebuild_known_digest_nids(e);
  954. #endif
  955. rebuild_known_cipher_nids(e);
  956. return 1;
  957. #endif /* CIOCGSESSINFO */
  958. case DEVCRYPTO_CMD_CIPHERS:
  959. if (p == NULL)
  960. return 1;
  961. if (strcasecmp((const char *)p, "ALL") == 0) {
  962. devcrypto_select_all_ciphers(selected_ciphers);
  963. } else if (strcasecmp((const char*)p, "NONE") == 0) {
  964. memset(selected_ciphers, 0, sizeof(selected_ciphers));
  965. } else {
  966. new_list=OPENSSL_zalloc(sizeof(selected_ciphers));
  967. if (!CONF_parse_list(p, ',', 1, cryptodev_select_cipher_cb, new_list)) {
  968. OPENSSL_free(new_list);
  969. return 0;
  970. }
  971. memcpy(selected_ciphers, new_list, sizeof(selected_ciphers));
  972. OPENSSL_free(new_list);
  973. }
  974. rebuild_known_cipher_nids(e);
  975. return 1;
  976. #ifdef IMPLEMENT_DIGEST
  977. case DEVCRYPTO_CMD_DIGESTS:
  978. if (p == NULL)
  979. return 1;
  980. if (strcasecmp((const char *)p, "ALL") == 0) {
  981. devcrypto_select_all_digests(selected_digests);
  982. } else if (strcasecmp((const char*)p, "NONE") == 0) {
  983. memset(selected_digests, 0, sizeof(selected_digests));
  984. } else {
  985. new_list=OPENSSL_zalloc(sizeof(selected_digests));
  986. if (!CONF_parse_list(p, ',', 1, cryptodev_select_digest_cb, new_list)) {
  987. OPENSSL_free(new_list);
  988. return 0;
  989. }
  990. memcpy(selected_digests, new_list, sizeof(selected_digests));
  991. OPENSSL_free(new_list);
  992. }
  993. rebuild_known_digest_nids(e);
  994. return 1;
  995. #endif /* IMPLEMENT_DIGEST */
  996. case DEVCRYPTO_CMD_DUMP_INFO:
  997. dump_cipher_info();
  998. #ifdef IMPLEMENT_DIGEST
  999. dump_digest_info();
  1000. #endif
  1001. return 1;
  1002. default:
  1003. break;
  1004. }
  1005. return 0;
  1006. }
  1007. /******************************************************************************
  1008. *
  1009. * LOAD / UNLOAD
  1010. *
  1011. *****/
  1012. /*
  1013. * Opens /dev/crypto
  1014. */
  1015. static int open_devcrypto(void)
  1016. {
  1017. if (cfd >= 0)
  1018. return 1;
  1019. if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
  1020. #ifndef ENGINE_DEVCRYPTO_DEBUG
  1021. if (errno != ENOENT)
  1022. #endif
  1023. fprintf(stderr, "Could not open /dev/crypto: %s\n", strerror(errno));
  1024. return 0;
  1025. }
  1026. return 1;
  1027. }
  1028. static int close_devcrypto(void)
  1029. {
  1030. int ret;
  1031. if (cfd < 0)
  1032. return 1;
  1033. ret = close(cfd);
  1034. cfd = -1;
  1035. if (ret != 0) {
  1036. fprintf(stderr, "Error closing /dev/crypto: %s\n", strerror(errno));
  1037. return 0;
  1038. }
  1039. return 1;
  1040. }
  1041. static int devcrypto_unload(ENGINE *e)
  1042. {
  1043. destroy_all_cipher_methods();
  1044. #ifdef IMPLEMENT_DIGEST
  1045. destroy_all_digest_methods();
  1046. #endif
  1047. close_devcrypto();
  1048. return 1;
  1049. }
  1050. static int bind_devcrypto(ENGINE *e) {
  1051. if (!ENGINE_set_id(e, engine_devcrypto_id)
  1052. || !ENGINE_set_name(e, "/dev/crypto engine")
  1053. || !ENGINE_set_destroy_function(e, devcrypto_unload)
  1054. || !ENGINE_set_cmd_defns(e, devcrypto_cmds)
  1055. || !ENGINE_set_ctrl_function(e, devcrypto_ctrl))
  1056. return 0;
  1057. prepare_cipher_methods();
  1058. #ifdef IMPLEMENT_DIGEST
  1059. prepare_digest_methods();
  1060. #endif
  1061. return (ENGINE_set_ciphers(e, devcrypto_ciphers)
  1062. #ifdef IMPLEMENT_DIGEST
  1063. && ENGINE_set_digests(e, devcrypto_digests)
  1064. #endif
  1065. /*
  1066. * Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD
  1067. * implementations, it seems to only exist in FreeBSD, and regarding the
  1068. * parameters in its crypt_kop, the manual crypto(4) has this to say:
  1069. *
  1070. * The semantics of these arguments are currently undocumented.
  1071. *
  1072. * Reading through the FreeBSD source code doesn't give much more than
  1073. * their CRK_MOD_EXP implementation for ubsec.
  1074. *
  1075. * It doesn't look much better with cryptodev-linux. They have the crypt_kop
  1076. * structure as well as the command (CRK_*) in cryptodev.h, but no support
  1077. * seems to be implemented at all for the moment.
  1078. *
  1079. * At the time of writing, it seems impossible to write proper support for
  1080. * FreeBSD's asym features without some very deep knowledge and access to
  1081. * specific kernel modules.
  1082. *
  1083. * /Richard Levitte, 2017-05-11
  1084. */
  1085. #if 0
  1086. # ifndef OPENSSL_NO_RSA
  1087. && ENGINE_set_RSA(e, devcrypto_rsa)
  1088. # endif
  1089. # ifndef OPENSSL_NO_DSA
  1090. && ENGINE_set_DSA(e, devcrypto_dsa)
  1091. # endif
  1092. # ifndef OPENSSL_NO_DH
  1093. && ENGINE_set_DH(e, devcrypto_dh)
  1094. # endif
  1095. # ifndef OPENSSL_NO_EC
  1096. && ENGINE_set_EC(e, devcrypto_ec)
  1097. # endif
  1098. #endif
  1099. );
  1100. }
  1101. #ifdef OPENSSL_NO_DYNAMIC_ENGINE
  1102. /*
  1103. * In case this engine is built into libcrypto, then it doesn't offer any
  1104. * ability to be dynamically loadable.
  1105. */
  1106. void engine_load_devcrypto_int(void)
  1107. {
  1108. ENGINE *e = NULL;
  1109. if (!open_devcrypto())
  1110. return;
  1111. if ((e = ENGINE_new()) == NULL
  1112. || !bind_devcrypto(e)) {
  1113. close_devcrypto();
  1114. ENGINE_free(e);
  1115. return;
  1116. }
  1117. ENGINE_add(e);
  1118. ENGINE_free(e); /* Loose our local reference */
  1119. ERR_clear_error();
  1120. }
  1121. #else
  1122. static int bind_helper(ENGINE *e, const char *id)
  1123. {
  1124. if ((id && (strcmp(id, engine_devcrypto_id) != 0))
  1125. || !open_devcrypto())
  1126. return 0;
  1127. if (!bind_devcrypto(e)) {
  1128. close_devcrypto();
  1129. return 0;
  1130. }
  1131. return 1;
  1132. }
  1133. IMPLEMENT_DYNAMIC_CHECK_FN()
  1134. IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
  1135. #endif