e_devcrypto.c 43 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382
  1. /*
  2. * Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /* We need to use some deprecated APIs */
  10. #define OPENSSL_SUPPRESS_DEPRECATED
  11. #include "internal/e_os.h"
  12. #include <string.h>
  13. #include <sys/types.h>
  14. #include <sys/stat.h>
  15. #include <fcntl.h>
  16. #include <sys/ioctl.h>
  17. #include <unistd.h>
  18. #include <assert.h>
  19. #include <openssl/conf.h>
  20. #include <openssl/evp.h>
  21. #include <openssl/err.h>
  22. #include <openssl/engine.h>
  23. #include <openssl/objects.h>
  24. #include "crypto/cryptodev.h"
  25. /* #define ENGINE_DEVCRYPTO_DEBUG */
  26. #if CRYPTO_ALGORITHM_MIN < CRYPTO_ALGORITHM_MAX
  27. # define CHECK_BSD_STYLE_MACROS
  28. #endif
  29. #define engine_devcrypto_id "devcrypto"
  30. /*
  31. * Use session2_op on FreeBSD which permits requesting specific
  32. * drivers or classes of drivers at session creation time.
  33. */
  34. #ifdef CIOCGSESSION2
  35. typedef struct session2_op session_op_t;
  36. #else
  37. typedef struct session_op session_op_t;
  38. #endif
  39. /*
  40. * ONE global file descriptor for all sessions. This allows operations
  41. * such as digest session data copying (see digest_copy()), but is also
  42. * saner... why re-open /dev/crypto for every session?
  43. */
  44. static int cfd = -1;
  45. #define DEVCRYPTO_REQUIRE_ACCELERATED 0 /* require confirmation of acceleration */
  46. #define DEVCRYPTO_USE_SOFTWARE 1 /* allow software drivers */
  47. #define DEVCRYPTO_REJECT_SOFTWARE 2 /* only disallow confirmed software drivers */
  48. #define DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS DEVCRYPTO_REJECT_SOFTWARE
  49. static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS;
  50. /*
  51. * cipher/digest status & acceleration definitions
  52. * Make sure the defaults are set to 0
  53. */
  54. struct driver_info_st {
  55. enum devcrypto_status_t {
  56. DEVCRYPTO_STATUS_FAILURE = -3, /* unusable for other reason */
  57. DEVCRYPTO_STATUS_NO_CIOCCPHASH = -2, /* hash state copy not supported */
  58. DEVCRYPTO_STATUS_NO_CIOCGSESSION = -1, /* session open failed */
  59. DEVCRYPTO_STATUS_UNKNOWN = 0, /* not tested yet */
  60. DEVCRYPTO_STATUS_USABLE = 1 /* algo can be used */
  61. } status;
  62. enum devcrypto_accelerated_t {
  63. DEVCRYPTO_NOT_ACCELERATED = -1, /* software implemented */
  64. DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unknown */
  65. DEVCRYPTO_ACCELERATED = 1 /* hardware accelerated */
  66. } accelerated;
  67. char *driver_name;
  68. };
  69. #ifdef OPENSSL_NO_DYNAMIC_ENGINE
  70. void engine_load_devcrypto_int(void);
  71. #endif
  72. static int clean_devcrypto_session(session_op_t *sess) {
  73. if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) {
  74. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  75. return 0;
  76. }
  77. memset(sess, 0, sizeof(*sess));
  78. return 1;
  79. }
  80. /******************************************************************************
  81. *
  82. * Ciphers
  83. *
  84. * Because they all do the same basic operation, we have only one set of
  85. * method functions for them all to share, and a mapping table between
  86. * NIDs and cryptodev IDs, with all the necessary size data.
  87. *
  88. *****/
  89. struct cipher_ctx {
  90. session_op_t sess;
  91. int op; /* COP_ENCRYPT or COP_DECRYPT */
  92. unsigned long mode; /* EVP_CIPH_*_MODE */
  93. /* to handle ctr mode being a stream cipher */
  94. unsigned char partial[EVP_MAX_BLOCK_LENGTH];
  95. unsigned int blocksize, num;
  96. };
  97. static const struct cipher_data_st {
  98. int nid;
  99. int blocksize;
  100. int keylen;
  101. int ivlen;
  102. int flags;
  103. int devcryptoid;
  104. } cipher_data[] = {
  105. #ifndef OPENSSL_NO_DES
  106. { NID_des_cbc, 8, 8, 8, EVP_CIPH_CBC_MODE, CRYPTO_DES_CBC },
  107. { NID_des_ede3_cbc, 8, 24, 8, EVP_CIPH_CBC_MODE, CRYPTO_3DES_CBC },
  108. #endif
  109. #ifndef OPENSSL_NO_BF
  110. { NID_bf_cbc, 8, 16, 8, EVP_CIPH_CBC_MODE, CRYPTO_BLF_CBC },
  111. #endif
  112. #ifndef OPENSSL_NO_CAST
  113. { NID_cast5_cbc, 8, 16, 8, EVP_CIPH_CBC_MODE, CRYPTO_CAST_CBC },
  114. #endif
  115. { NID_aes_128_cbc, 16, 128 / 8, 16, EVP_CIPH_CBC_MODE, CRYPTO_AES_CBC },
  116. { NID_aes_192_cbc, 16, 192 / 8, 16, EVP_CIPH_CBC_MODE, CRYPTO_AES_CBC },
  117. { NID_aes_256_cbc, 16, 256 / 8, 16, EVP_CIPH_CBC_MODE, CRYPTO_AES_CBC },
  118. #ifndef OPENSSL_NO_RC4
  119. { NID_rc4, 1, 16, 0, EVP_CIPH_STREAM_CIPHER, CRYPTO_ARC4 },
  120. #endif
  121. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_AES_CTR)
  122. { NID_aes_128_ctr, 16, 128 / 8, 16, EVP_CIPH_CTR_MODE, CRYPTO_AES_CTR },
  123. { NID_aes_192_ctr, 16, 192 / 8, 16, EVP_CIPH_CTR_MODE, CRYPTO_AES_CTR },
  124. { NID_aes_256_ctr, 16, 256 / 8, 16, EVP_CIPH_CTR_MODE, CRYPTO_AES_CTR },
  125. #endif
  126. #if 0 /* Not yet supported */
  127. { NID_aes_128_xts, 16, 128 / 8 * 2, 16, EVP_CIPH_XTS_MODE, CRYPTO_AES_XTS },
  128. { NID_aes_256_xts, 16, 256 / 8 * 2, 16, EVP_CIPH_XTS_MODE, CRYPTO_AES_XTS },
  129. #endif
  130. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_AES_ECB)
  131. { NID_aes_128_ecb, 16, 128 / 8, 0, EVP_CIPH_ECB_MODE, CRYPTO_AES_ECB },
  132. { NID_aes_192_ecb, 16, 192 / 8, 0, EVP_CIPH_ECB_MODE, CRYPTO_AES_ECB },
  133. { NID_aes_256_ecb, 16, 256 / 8, 0, EVP_CIPH_ECB_MODE, CRYPTO_AES_ECB },
  134. #endif
  135. #if 0 /* Not yet supported */
  136. { NID_aes_128_gcm, 16, 128 / 8, 16, EVP_CIPH_GCM_MODE, CRYPTO_AES_GCM },
  137. { NID_aes_192_gcm, 16, 192 / 8, 16, EVP_CIPH_GCM_MODE, CRYPTO_AES_GCM },
  138. { NID_aes_256_gcm, 16, 256 / 8, 16, EVP_CIPH_GCM_MODE, CRYPTO_AES_GCM },
  139. #endif
  140. #ifndef OPENSSL_NO_CAMELLIA
  141. { NID_camellia_128_cbc, 16, 128 / 8, 16, EVP_CIPH_CBC_MODE,
  142. CRYPTO_CAMELLIA_CBC },
  143. { NID_camellia_192_cbc, 16, 192 / 8, 16, EVP_CIPH_CBC_MODE,
  144. CRYPTO_CAMELLIA_CBC },
  145. { NID_camellia_256_cbc, 16, 256 / 8, 16, EVP_CIPH_CBC_MODE,
  146. CRYPTO_CAMELLIA_CBC },
  147. #endif
  148. };
  149. static size_t find_cipher_data_index(int nid)
  150. {
  151. size_t i;
  152. for (i = 0; i < OSSL_NELEM(cipher_data); i++)
  153. if (nid == cipher_data[i].nid)
  154. return i;
  155. return (size_t)-1;
  156. }
  157. static size_t get_cipher_data_index(int nid)
  158. {
  159. size_t i = find_cipher_data_index(nid);
  160. if (i != (size_t)-1)
  161. return i;
  162. /*
  163. * Code further down must make sure that only NIDs in the table above
  164. * are used. If any other NID reaches this function, there's a grave
  165. * coding error further down.
  166. */
  167. assert("Code that never should be reached" == NULL);
  168. return -1;
  169. }
  170. static const struct cipher_data_st *get_cipher_data(int nid)
  171. {
  172. return &cipher_data[get_cipher_data_index(nid)];
  173. }
  174. /*
  175. * Following are the three necessary functions to map OpenSSL functionality
  176. * with cryptodev.
  177. */
  178. static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
  179. const unsigned char *iv, int enc)
  180. {
  181. struct cipher_ctx *cipher_ctx =
  182. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  183. const struct cipher_data_st *cipher_d =
  184. get_cipher_data(EVP_CIPHER_CTX_get_nid(ctx));
  185. int ret;
  186. /* cleanup a previous session */
  187. if (cipher_ctx->sess.ses != 0 &&
  188. clean_devcrypto_session(&cipher_ctx->sess) == 0)
  189. return 0;
  190. cipher_ctx->sess.cipher = cipher_d->devcryptoid;
  191. cipher_ctx->sess.keylen = cipher_d->keylen;
  192. cipher_ctx->sess.key = (void *)key;
  193. cipher_ctx->op = enc ? COP_ENCRYPT : COP_DECRYPT;
  194. cipher_ctx->mode = cipher_d->flags & EVP_CIPH_MODE;
  195. cipher_ctx->blocksize = cipher_d->blocksize;
  196. #ifdef CIOCGSESSION2
  197. cipher_ctx->sess.crid = (use_softdrivers == DEVCRYPTO_USE_SOFTWARE) ?
  198. CRYPTO_FLAG_SOFTWARE | CRYPTO_FLAG_HARDWARE :
  199. CRYPTO_FLAG_HARDWARE;
  200. ret = ioctl(cfd, CIOCGSESSION2, &cipher_ctx->sess);
  201. #else
  202. ret = ioctl(cfd, CIOCGSESSION, &cipher_ctx->sess);
  203. #endif
  204. if (ret < 0) {
  205. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  206. return 0;
  207. }
  208. return 1;
  209. }
  210. static int cipher_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  211. const unsigned char *in, size_t inl)
  212. {
  213. struct cipher_ctx *cipher_ctx =
  214. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  215. struct crypt_op cryp;
  216. unsigned char *iv = EVP_CIPHER_CTX_iv_noconst(ctx);
  217. #if !defined(COP_FLAG_WRITE_IV)
  218. unsigned char saved_iv[EVP_MAX_IV_LENGTH];
  219. const unsigned char *ivptr;
  220. size_t nblocks, ivlen;
  221. #endif
  222. memset(&cryp, 0, sizeof(cryp));
  223. cryp.ses = cipher_ctx->sess.ses;
  224. cryp.len = inl;
  225. cryp.src = (void *)in;
  226. cryp.dst = (void *)out;
  227. cryp.iv = (void *)iv;
  228. cryp.op = cipher_ctx->op;
  229. #if !defined(COP_FLAG_WRITE_IV)
  230. cryp.flags = 0;
  231. ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
  232. if (ivlen > 0)
  233. switch (cipher_ctx->mode) {
  234. case EVP_CIPH_CBC_MODE:
  235. assert(inl >= ivlen);
  236. if (!EVP_CIPHER_CTX_is_encrypting(ctx)) {
  237. ivptr = in + inl - ivlen;
  238. memcpy(saved_iv, ivptr, ivlen);
  239. }
  240. break;
  241. case EVP_CIPH_CTR_MODE:
  242. break;
  243. default: /* should not happen */
  244. return 0;
  245. }
  246. #else
  247. cryp.flags = COP_FLAG_WRITE_IV;
  248. #endif
  249. if (ioctl(cfd, CIOCCRYPT, &cryp) < 0) {
  250. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  251. return 0;
  252. }
  253. #if !defined(COP_FLAG_WRITE_IV)
  254. if (ivlen > 0)
  255. switch (cipher_ctx->mode) {
  256. case EVP_CIPH_CBC_MODE:
  257. assert(inl >= ivlen);
  258. if (EVP_CIPHER_CTX_is_encrypting(ctx))
  259. ivptr = out + inl - ivlen;
  260. else
  261. ivptr = saved_iv;
  262. memcpy(iv, ivptr, ivlen);
  263. break;
  264. case EVP_CIPH_CTR_MODE:
  265. nblocks = (inl + cipher_ctx->blocksize - 1)
  266. / cipher_ctx->blocksize;
  267. do {
  268. ivlen--;
  269. nblocks += iv[ivlen];
  270. iv[ivlen] = (uint8_t) nblocks;
  271. nblocks >>= 8;
  272. } while (ivlen);
  273. break;
  274. default: /* should not happen */
  275. return 0;
  276. }
  277. #endif
  278. return 1;
  279. }
  280. static int ctr_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  281. const unsigned char *in, size_t inl)
  282. {
  283. struct cipher_ctx *cipher_ctx =
  284. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  285. size_t nblocks, len;
  286. /* initial partial block */
  287. while (cipher_ctx->num && inl) {
  288. (*out++) = *(in++) ^ cipher_ctx->partial[cipher_ctx->num];
  289. --inl;
  290. cipher_ctx->num = (cipher_ctx->num + 1) % cipher_ctx->blocksize;
  291. }
  292. /* full blocks */
  293. if (inl > (unsigned int) cipher_ctx->blocksize) {
  294. nblocks = inl/cipher_ctx->blocksize;
  295. len = nblocks * cipher_ctx->blocksize;
  296. if (cipher_do_cipher(ctx, out, in, len) < 1)
  297. return 0;
  298. inl -= len;
  299. out += len;
  300. in += len;
  301. }
  302. /* final partial block */
  303. if (inl) {
  304. memset(cipher_ctx->partial, 0, cipher_ctx->blocksize);
  305. if (cipher_do_cipher(ctx, cipher_ctx->partial, cipher_ctx->partial,
  306. cipher_ctx->blocksize) < 1)
  307. return 0;
  308. while (inl--) {
  309. out[cipher_ctx->num] = in[cipher_ctx->num]
  310. ^ cipher_ctx->partial[cipher_ctx->num];
  311. cipher_ctx->num++;
  312. }
  313. }
  314. return 1;
  315. }
  316. static int cipher_ctrl(EVP_CIPHER_CTX *ctx, int type, int p1, void* p2)
  317. {
  318. struct cipher_ctx *cipher_ctx =
  319. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  320. EVP_CIPHER_CTX *to_ctx = (EVP_CIPHER_CTX *)p2;
  321. struct cipher_ctx *to_cipher_ctx;
  322. switch (type) {
  323. case EVP_CTRL_COPY:
  324. if (cipher_ctx == NULL)
  325. return 1;
  326. /* when copying the context, a new session needs to be initialized */
  327. to_cipher_ctx =
  328. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(to_ctx);
  329. memset(&to_cipher_ctx->sess, 0, sizeof(to_cipher_ctx->sess));
  330. return cipher_init(to_ctx, (void *)cipher_ctx->sess.key, EVP_CIPHER_CTX_iv(ctx),
  331. (cipher_ctx->op == COP_ENCRYPT));
  332. case EVP_CTRL_INIT:
  333. memset(&cipher_ctx->sess, 0, sizeof(cipher_ctx->sess));
  334. return 1;
  335. default:
  336. break;
  337. }
  338. return -1;
  339. }
  340. static int cipher_cleanup(EVP_CIPHER_CTX *ctx)
  341. {
  342. struct cipher_ctx *cipher_ctx =
  343. (struct cipher_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
  344. return clean_devcrypto_session(&cipher_ctx->sess);
  345. }
  346. /*
  347. * Keep tables of known nids, associated methods, selected ciphers, and driver
  348. * info.
  349. * Note that known_cipher_nids[] isn't necessarily indexed the same way as
  350. * cipher_data[] above, which the other tables are.
  351. */
  352. static int known_cipher_nids[OSSL_NELEM(cipher_data)];
  353. static int known_cipher_nids_amount = -1; /* -1 indicates not yet initialised */
  354. static EVP_CIPHER *known_cipher_methods[OSSL_NELEM(cipher_data)] = { NULL, };
  355. static int selected_ciphers[OSSL_NELEM(cipher_data)];
  356. static struct driver_info_st cipher_driver_info[OSSL_NELEM(cipher_data)];
  357. static int devcrypto_test_cipher(size_t cipher_data_index)
  358. {
  359. return (cipher_driver_info[cipher_data_index].status == DEVCRYPTO_STATUS_USABLE
  360. && selected_ciphers[cipher_data_index] == 1
  361. && (cipher_driver_info[cipher_data_index].accelerated
  362. == DEVCRYPTO_ACCELERATED
  363. || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
  364. || (cipher_driver_info[cipher_data_index].accelerated
  365. != DEVCRYPTO_NOT_ACCELERATED
  366. && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
  367. }
  368. static void prepare_cipher_methods(void)
  369. {
  370. size_t i;
  371. session_op_t sess;
  372. unsigned long cipher_mode;
  373. #ifdef CIOCGSESSION2
  374. struct crypt_find_op fop;
  375. enum devcrypto_accelerated_t accelerated;
  376. #elif defined(CIOCGSESSINFO)
  377. struct session_info_op siop;
  378. #endif
  379. memset(&cipher_driver_info, 0, sizeof(cipher_driver_info));
  380. memset(&sess, 0, sizeof(sess));
  381. sess.key = (void *)"01234567890123456789012345678901234567890123456789";
  382. for (i = 0, known_cipher_nids_amount = 0;
  383. i < OSSL_NELEM(cipher_data); i++) {
  384. selected_ciphers[i] = 1;
  385. /*
  386. * Check that the cipher is usable
  387. */
  388. sess.cipher = cipher_data[i].devcryptoid;
  389. sess.keylen = cipher_data[i].keylen;
  390. #ifdef CIOCGSESSION2
  391. /*
  392. * When using CIOCGSESSION2, first try to allocate a hardware
  393. * ("accelerated") session. If that fails, fall back to
  394. * allocating a software session.
  395. */
  396. sess.crid = CRYPTO_FLAG_HARDWARE;
  397. if (ioctl(cfd, CIOCGSESSION2, &sess) == 0) {
  398. accelerated = DEVCRYPTO_ACCELERATED;
  399. } else {
  400. sess.crid = CRYPTO_FLAG_SOFTWARE;
  401. if (ioctl(cfd, CIOCGSESSION2, &sess) < 0) {
  402. cipher_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCGSESSION;
  403. continue;
  404. }
  405. accelerated = DEVCRYPTO_NOT_ACCELERATED;
  406. }
  407. #else
  408. if (ioctl(cfd, CIOCGSESSION, &sess) < 0) {
  409. cipher_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCGSESSION;
  410. continue;
  411. }
  412. #endif
  413. cipher_mode = cipher_data[i].flags & EVP_CIPH_MODE;
  414. if ((known_cipher_methods[i] =
  415. EVP_CIPHER_meth_new(cipher_data[i].nid,
  416. cipher_mode == EVP_CIPH_CTR_MODE ? 1 :
  417. cipher_data[i].blocksize,
  418. cipher_data[i].keylen)) == NULL
  419. || !EVP_CIPHER_meth_set_iv_length(known_cipher_methods[i],
  420. cipher_data[i].ivlen)
  421. || !EVP_CIPHER_meth_set_flags(known_cipher_methods[i],
  422. cipher_data[i].flags
  423. | EVP_CIPH_CUSTOM_COPY
  424. | EVP_CIPH_CTRL_INIT
  425. | EVP_CIPH_FLAG_DEFAULT_ASN1)
  426. || !EVP_CIPHER_meth_set_init(known_cipher_methods[i], cipher_init)
  427. || !EVP_CIPHER_meth_set_do_cipher(known_cipher_methods[i],
  428. cipher_mode == EVP_CIPH_CTR_MODE ?
  429. ctr_do_cipher :
  430. cipher_do_cipher)
  431. || !EVP_CIPHER_meth_set_ctrl(known_cipher_methods[i], cipher_ctrl)
  432. || !EVP_CIPHER_meth_set_cleanup(known_cipher_methods[i],
  433. cipher_cleanup)
  434. || !EVP_CIPHER_meth_set_impl_ctx_size(known_cipher_methods[i],
  435. sizeof(struct cipher_ctx))) {
  436. cipher_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE;
  437. EVP_CIPHER_meth_free(known_cipher_methods[i]);
  438. known_cipher_methods[i] = NULL;
  439. } else {
  440. cipher_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
  441. #ifdef CIOCGSESSION2
  442. cipher_driver_info[i].accelerated = accelerated;
  443. fop.crid = sess.crid;
  444. if (ioctl(cfd, CIOCFINDDEV, &fop) == 0) {
  445. cipher_driver_info[i].driver_name =
  446. OPENSSL_strndup(fop.name, sizeof(fop.name));
  447. }
  448. #elif defined(CIOCGSESSINFO)
  449. siop.ses = sess.ses;
  450. if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0) {
  451. cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
  452. } else {
  453. cipher_driver_info[i].driver_name =
  454. OPENSSL_strndup(siop.cipher_info.cra_driver_name,
  455. CRYPTODEV_MAX_ALG_NAME);
  456. if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY))
  457. cipher_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
  458. else
  459. cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
  460. }
  461. #endif /* CIOCGSESSINFO */
  462. }
  463. ioctl(cfd, CIOCFSESSION, &sess.ses);
  464. if (devcrypto_test_cipher(i)) {
  465. known_cipher_nids[known_cipher_nids_amount++] =
  466. cipher_data[i].nid;
  467. }
  468. }
  469. }
  470. static void rebuild_known_cipher_nids(ENGINE *e)
  471. {
  472. size_t i;
  473. for (i = 0, known_cipher_nids_amount = 0; i < OSSL_NELEM(cipher_data); i++) {
  474. if (devcrypto_test_cipher(i))
  475. known_cipher_nids[known_cipher_nids_amount++] = cipher_data[i].nid;
  476. }
  477. ENGINE_unregister_ciphers(e);
  478. ENGINE_register_ciphers(e);
  479. }
  480. static const EVP_CIPHER *get_cipher_method(int nid)
  481. {
  482. size_t i = get_cipher_data_index(nid);
  483. if (i == (size_t)-1)
  484. return NULL;
  485. return known_cipher_methods[i];
  486. }
  487. static int get_cipher_nids(const int **nids)
  488. {
  489. *nids = known_cipher_nids;
  490. return known_cipher_nids_amount;
  491. }
  492. static void destroy_cipher_method(int nid)
  493. {
  494. size_t i = get_cipher_data_index(nid);
  495. EVP_CIPHER_meth_free(known_cipher_methods[i]);
  496. known_cipher_methods[i] = NULL;
  497. }
  498. static void destroy_all_cipher_methods(void)
  499. {
  500. size_t i;
  501. for (i = 0; i < OSSL_NELEM(cipher_data); i++) {
  502. destroy_cipher_method(cipher_data[i].nid);
  503. OPENSSL_free(cipher_driver_info[i].driver_name);
  504. cipher_driver_info[i].driver_name = NULL;
  505. }
  506. }
  507. static int devcrypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
  508. const int **nids, int nid)
  509. {
  510. if (cipher == NULL)
  511. return get_cipher_nids(nids);
  512. *cipher = get_cipher_method(nid);
  513. return *cipher != NULL;
  514. }
  515. static void devcrypto_select_all_ciphers(int *cipher_list)
  516. {
  517. size_t i;
  518. for (i = 0; i < OSSL_NELEM(cipher_data); i++)
  519. cipher_list[i] = 1;
  520. }
  521. static int cryptodev_select_cipher_cb(const char *str, int len, void *usr)
  522. {
  523. int *cipher_list = (int *)usr;
  524. char *name;
  525. const EVP_CIPHER *EVP;
  526. size_t i;
  527. if (len == 0)
  528. return 1;
  529. if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
  530. return 0;
  531. EVP = EVP_get_cipherbyname(name);
  532. if (EVP == NULL)
  533. fprintf(stderr, "devcrypto: unknown cipher %s\n", name);
  534. else if ((i = find_cipher_data_index(EVP_CIPHER_get_nid(EVP))) != (size_t)-1)
  535. cipher_list[i] = 1;
  536. else
  537. fprintf(stderr, "devcrypto: cipher %s not available\n", name);
  538. OPENSSL_free(name);
  539. return 1;
  540. }
  541. static void dump_cipher_info(void)
  542. {
  543. size_t i;
  544. const char *name;
  545. fprintf (stderr, "Information about ciphers supported by the /dev/crypto"
  546. " engine:\n");
  547. #ifndef CIOCGSESSINFO
  548. fprintf(stderr, "CIOCGSESSINFO (session info call) unavailable\n");
  549. #endif
  550. for (i = 0; i < OSSL_NELEM(cipher_data); i++) {
  551. name = OBJ_nid2sn(cipher_data[i].nid);
  552. fprintf (stderr, "Cipher %s, NID=%d, /dev/crypto info: id=%d, ",
  553. name ? name : "unknown", cipher_data[i].nid,
  554. cipher_data[i].devcryptoid);
  555. if (cipher_driver_info[i].status == DEVCRYPTO_STATUS_NO_CIOCGSESSION) {
  556. fprintf (stderr, "CIOCGSESSION (session open call) failed\n");
  557. continue;
  558. }
  559. fprintf (stderr, "driver=%s ", cipher_driver_info[i].driver_name ?
  560. cipher_driver_info[i].driver_name : "unknown");
  561. if (cipher_driver_info[i].accelerated == DEVCRYPTO_ACCELERATED)
  562. fprintf(stderr, "(hw accelerated)");
  563. else if (cipher_driver_info[i].accelerated == DEVCRYPTO_NOT_ACCELERATED)
  564. fprintf(stderr, "(software)");
  565. else
  566. fprintf(stderr, "(acceleration status unknown)");
  567. if (cipher_driver_info[i].status == DEVCRYPTO_STATUS_FAILURE)
  568. fprintf (stderr, ". Cipher setup failed");
  569. fprintf(stderr, "\n");
  570. }
  571. fprintf(stderr, "\n");
  572. }
  573. /*
  574. * We only support digests if the cryptodev implementation supports multiple
  575. * data updates and session copying. Otherwise, we would be forced to maintain
  576. * a cache, which is perilous if there's a lot of data coming in (if someone
  577. * wants to checksum an OpenSSL tarball, for example).
  578. */
  579. #if defined(CIOCCPHASH) && defined(COP_FLAG_UPDATE) && defined(COP_FLAG_FINAL)
  580. #define IMPLEMENT_DIGEST
  581. /******************************************************************************
  582. *
  583. * Digests
  584. *
  585. * Because they all do the same basic operation, we have only one set of
  586. * method functions for them all to share, and a mapping table between
  587. * NIDs and cryptodev IDs, with all the necessary size data.
  588. *
  589. *****/
  590. struct digest_ctx {
  591. session_op_t sess;
  592. /* This signals that the init function was called, not that it succeeded. */
  593. int init_called;
  594. unsigned char digest_res[HASH_MAX_LEN];
  595. };
  596. static const struct digest_data_st {
  597. int nid;
  598. int blocksize;
  599. int digestlen;
  600. int devcryptoid;
  601. } digest_data[] = {
  602. #ifndef OPENSSL_NO_MD5
  603. { NID_md5, /* MD5_CBLOCK */ 64, 16, CRYPTO_MD5 },
  604. #endif
  605. { NID_sha1, SHA_CBLOCK, 20, CRYPTO_SHA1 },
  606. #ifndef OPENSSL_NO_RMD160
  607. # if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_RIPEMD160)
  608. { NID_ripemd160, /* RIPEMD160_CBLOCK */ 64, 20, CRYPTO_RIPEMD160 },
  609. # endif
  610. #endif
  611. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_224)
  612. { NID_sha224, SHA256_CBLOCK, 224 / 8, CRYPTO_SHA2_224 },
  613. #endif
  614. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_256)
  615. { NID_sha256, SHA256_CBLOCK, 256 / 8, CRYPTO_SHA2_256 },
  616. #endif
  617. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_384)
  618. { NID_sha384, SHA512_CBLOCK, 384 / 8, CRYPTO_SHA2_384 },
  619. #endif
  620. #if !defined(CHECK_BSD_STYLE_MACROS) || defined(CRYPTO_SHA2_512)
  621. { NID_sha512, SHA512_CBLOCK, 512 / 8, CRYPTO_SHA2_512 },
  622. #endif
  623. };
  624. static size_t find_digest_data_index(int nid)
  625. {
  626. size_t i;
  627. for (i = 0; i < OSSL_NELEM(digest_data); i++)
  628. if (nid == digest_data[i].nid)
  629. return i;
  630. return (size_t)-1;
  631. }
  632. static size_t get_digest_data_index(int nid)
  633. {
  634. size_t i = find_digest_data_index(nid);
  635. if (i != (size_t)-1)
  636. return i;
  637. /*
  638. * Code further down must make sure that only NIDs in the table above
  639. * are used. If any other NID reaches this function, there's a grave
  640. * coding error further down.
  641. */
  642. assert("Code that never should be reached" == NULL);
  643. return -1;
  644. }
  645. static const struct digest_data_st *get_digest_data(int nid)
  646. {
  647. return &digest_data[get_digest_data_index(nid)];
  648. }
  649. /*
  650. * Following are the five necessary functions to map OpenSSL functionality
  651. * with cryptodev: init, update, final, cleanup, and copy.
  652. */
  653. static int digest_init(EVP_MD_CTX *ctx)
  654. {
  655. struct digest_ctx *digest_ctx =
  656. (struct digest_ctx *)EVP_MD_CTX_get0_md_data(ctx);
  657. const struct digest_data_st *digest_d =
  658. get_digest_data(EVP_MD_CTX_get_type(ctx));
  659. digest_ctx->init_called = 1;
  660. memset(&digest_ctx->sess, 0, sizeof(digest_ctx->sess));
  661. digest_ctx->sess.mac = digest_d->devcryptoid;
  662. if (ioctl(cfd, CIOCGSESSION, &digest_ctx->sess) < 0) {
  663. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  664. return 0;
  665. }
  666. return 1;
  667. }
  668. static int digest_op(struct digest_ctx *ctx, const void *src, size_t srclen,
  669. void *res, unsigned int flags)
  670. {
  671. struct crypt_op cryp;
  672. memset(&cryp, 0, sizeof(cryp));
  673. cryp.ses = ctx->sess.ses;
  674. cryp.len = srclen;
  675. cryp.src = (void *)src;
  676. cryp.dst = NULL;
  677. cryp.mac = res;
  678. cryp.flags = flags;
  679. return ioctl(cfd, CIOCCRYPT, &cryp);
  680. }
  681. static int digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
  682. {
  683. struct digest_ctx *digest_ctx =
  684. (struct digest_ctx *)EVP_MD_CTX_get0_md_data(ctx);
  685. if (count == 0)
  686. return 1;
  687. if (digest_ctx == NULL)
  688. return 0;
  689. if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
  690. if (digest_op(digest_ctx, data, count, digest_ctx->digest_res, 0) >= 0)
  691. return 1;
  692. } else if (digest_op(digest_ctx, data, count, NULL, COP_FLAG_UPDATE) >= 0) {
  693. return 1;
  694. }
  695. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  696. return 0;
  697. }
  698. static int digest_final(EVP_MD_CTX *ctx, unsigned char *md)
  699. {
  700. struct digest_ctx *digest_ctx =
  701. (struct digest_ctx *)EVP_MD_CTX_get0_md_data(ctx);
  702. if (md == NULL || digest_ctx == NULL)
  703. return 0;
  704. if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_ONESHOT)) {
  705. memcpy(md, digest_ctx->digest_res, EVP_MD_CTX_get_size(ctx));
  706. } else if (digest_op(digest_ctx, NULL, 0, md, COP_FLAG_FINAL) < 0) {
  707. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  708. return 0;
  709. }
  710. return 1;
  711. }
  712. static int digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
  713. {
  714. struct digest_ctx *digest_from =
  715. (struct digest_ctx *)EVP_MD_CTX_get0_md_data(from);
  716. struct digest_ctx *digest_to =
  717. (struct digest_ctx *)EVP_MD_CTX_get0_md_data(to);
  718. struct cphash_op cphash;
  719. if (digest_from == NULL || digest_from->init_called != 1)
  720. return 1;
  721. if (!digest_init(to)) {
  722. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  723. return 0;
  724. }
  725. cphash.src_ses = digest_from->sess.ses;
  726. cphash.dst_ses = digest_to->sess.ses;
  727. if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
  728. ERR_raise_data(ERR_LIB_SYS, errno, "calling ioctl()");
  729. return 0;
  730. }
  731. return 1;
  732. }
  733. static int digest_cleanup(EVP_MD_CTX *ctx)
  734. {
  735. struct digest_ctx *digest_ctx =
  736. (struct digest_ctx *)EVP_MD_CTX_get0_md_data(ctx);
  737. if (digest_ctx == NULL)
  738. return 1;
  739. return clean_devcrypto_session(&digest_ctx->sess);
  740. }
  741. /*
  742. * Keep tables of known nids, associated methods, selected digests, and
  743. * driver info.
  744. * Note that known_digest_nids[] isn't necessarily indexed the same way as
  745. * digest_data[] above, which the other tables are.
  746. */
  747. static int known_digest_nids[OSSL_NELEM(digest_data)];
  748. static int known_digest_nids_amount = -1; /* -1 indicates not yet initialised */
  749. static EVP_MD *known_digest_methods[OSSL_NELEM(digest_data)] = { NULL, };
  750. static int selected_digests[OSSL_NELEM(digest_data)];
  751. static struct driver_info_st digest_driver_info[OSSL_NELEM(digest_data)];
  752. static int devcrypto_test_digest(size_t digest_data_index)
  753. {
  754. return (digest_driver_info[digest_data_index].status == DEVCRYPTO_STATUS_USABLE
  755. && selected_digests[digest_data_index] == 1
  756. && (digest_driver_info[digest_data_index].accelerated
  757. == DEVCRYPTO_ACCELERATED
  758. || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
  759. || (digest_driver_info[digest_data_index].accelerated
  760. != DEVCRYPTO_NOT_ACCELERATED
  761. && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
  762. }
  763. static void rebuild_known_digest_nids(ENGINE *e)
  764. {
  765. size_t i;
  766. for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data); i++) {
  767. if (devcrypto_test_digest(i))
  768. known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
  769. }
  770. ENGINE_unregister_digests(e);
  771. ENGINE_register_digests(e);
  772. }
  773. static void prepare_digest_methods(void)
  774. {
  775. size_t i;
  776. session_op_t sess1, sess2;
  777. #ifdef CIOCGSESSINFO
  778. struct session_info_op siop;
  779. #endif
  780. struct cphash_op cphash;
  781. memset(&digest_driver_info, 0, sizeof(digest_driver_info));
  782. memset(&sess1, 0, sizeof(sess1));
  783. memset(&sess2, 0, sizeof(sess2));
  784. for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data);
  785. i++) {
  786. selected_digests[i] = 1;
  787. /*
  788. * Check that the digest is usable
  789. */
  790. sess1.mac = digest_data[i].devcryptoid;
  791. sess2.ses = 0;
  792. if (ioctl(cfd, CIOCGSESSION, &sess1) < 0) {
  793. digest_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCGSESSION;
  794. goto finish;
  795. }
  796. #ifdef CIOCGSESSINFO
  797. /* gather hardware acceleration info from the driver */
  798. siop.ses = sess1.ses;
  799. if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0) {
  800. digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
  801. } else {
  802. digest_driver_info[i].driver_name =
  803. OPENSSL_strndup(siop.hash_info.cra_driver_name,
  804. CRYPTODEV_MAX_ALG_NAME);
  805. if (siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)
  806. digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
  807. else
  808. digest_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
  809. }
  810. #endif
  811. /* digest must be capable of hash state copy */
  812. sess2.mac = sess1.mac;
  813. if (ioctl(cfd, CIOCGSESSION, &sess2) < 0) {
  814. digest_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE;
  815. goto finish;
  816. }
  817. cphash.src_ses = sess1.ses;
  818. cphash.dst_ses = sess2.ses;
  819. if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
  820. digest_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCCPHASH;
  821. goto finish;
  822. }
  823. if ((known_digest_methods[i] = EVP_MD_meth_new(digest_data[i].nid,
  824. NID_undef)) == NULL
  825. || !EVP_MD_meth_set_input_blocksize(known_digest_methods[i],
  826. digest_data[i].blocksize)
  827. || !EVP_MD_meth_set_result_size(known_digest_methods[i],
  828. digest_data[i].digestlen)
  829. || !EVP_MD_meth_set_init(known_digest_methods[i], digest_init)
  830. || !EVP_MD_meth_set_update(known_digest_methods[i], digest_update)
  831. || !EVP_MD_meth_set_final(known_digest_methods[i], digest_final)
  832. || !EVP_MD_meth_set_copy(known_digest_methods[i], digest_copy)
  833. || !EVP_MD_meth_set_cleanup(known_digest_methods[i], digest_cleanup)
  834. || !EVP_MD_meth_set_app_datasize(known_digest_methods[i],
  835. sizeof(struct digest_ctx))) {
  836. digest_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE;
  837. EVP_MD_meth_free(known_digest_methods[i]);
  838. known_digest_methods[i] = NULL;
  839. goto finish;
  840. }
  841. digest_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
  842. finish:
  843. ioctl(cfd, CIOCFSESSION, &sess1.ses);
  844. if (sess2.ses != 0)
  845. ioctl(cfd, CIOCFSESSION, &sess2.ses);
  846. if (devcrypto_test_digest(i))
  847. known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
  848. }
  849. }
  850. static const EVP_MD *get_digest_method(int nid)
  851. {
  852. size_t i = get_digest_data_index(nid);
  853. if (i == (size_t)-1)
  854. return NULL;
  855. return known_digest_methods[i];
  856. }
  857. static int get_digest_nids(const int **nids)
  858. {
  859. *nids = known_digest_nids;
  860. return known_digest_nids_amount;
  861. }
  862. static void destroy_digest_method(int nid)
  863. {
  864. size_t i = get_digest_data_index(nid);
  865. EVP_MD_meth_free(known_digest_methods[i]);
  866. known_digest_methods[i] = NULL;
  867. }
  868. static void destroy_all_digest_methods(void)
  869. {
  870. size_t i;
  871. for (i = 0; i < OSSL_NELEM(digest_data); i++) {
  872. destroy_digest_method(digest_data[i].nid);
  873. OPENSSL_free(digest_driver_info[i].driver_name);
  874. digest_driver_info[i].driver_name = NULL;
  875. }
  876. }
  877. static int devcrypto_digests(ENGINE *e, const EVP_MD **digest,
  878. const int **nids, int nid)
  879. {
  880. if (digest == NULL)
  881. return get_digest_nids(nids);
  882. *digest = get_digest_method(nid);
  883. return *digest != NULL;
  884. }
  885. static void devcrypto_select_all_digests(int *digest_list)
  886. {
  887. size_t i;
  888. for (i = 0; i < OSSL_NELEM(digest_data); i++)
  889. digest_list[i] = 1;
  890. }
  891. static int cryptodev_select_digest_cb(const char *str, int len, void *usr)
  892. {
  893. int *digest_list = (int *)usr;
  894. char *name;
  895. const EVP_MD *EVP;
  896. size_t i;
  897. if (len == 0)
  898. return 1;
  899. if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
  900. return 0;
  901. EVP = EVP_get_digestbyname(name);
  902. if (EVP == NULL)
  903. fprintf(stderr, "devcrypto: unknown digest %s\n", name);
  904. else if ((i = find_digest_data_index(EVP_MD_get_type(EVP))) != (size_t)-1)
  905. digest_list[i] = 1;
  906. else
  907. fprintf(stderr, "devcrypto: digest %s not available\n", name);
  908. OPENSSL_free(name);
  909. return 1;
  910. }
  911. static void dump_digest_info(void)
  912. {
  913. size_t i;
  914. const char *name;
  915. fprintf (stderr, "Information about digests supported by the /dev/crypto"
  916. " engine:\n");
  917. #ifndef CIOCGSESSINFO
  918. fprintf(stderr, "CIOCGSESSINFO (session info call) unavailable\n");
  919. #endif
  920. for (i = 0; i < OSSL_NELEM(digest_data); i++) {
  921. name = OBJ_nid2sn(digest_data[i].nid);
  922. fprintf (stderr, "Digest %s, NID=%d, /dev/crypto info: id=%d, driver=%s",
  923. name ? name : "unknown", digest_data[i].nid,
  924. digest_data[i].devcryptoid,
  925. digest_driver_info[i].driver_name ? digest_driver_info[i].driver_name : "unknown");
  926. if (digest_driver_info[i].status == DEVCRYPTO_STATUS_NO_CIOCGSESSION) {
  927. fprintf (stderr, ". CIOCGSESSION (session open) failed\n");
  928. continue;
  929. }
  930. if (digest_driver_info[i].accelerated == DEVCRYPTO_ACCELERATED)
  931. fprintf(stderr, " (hw accelerated)");
  932. else if (digest_driver_info[i].accelerated == DEVCRYPTO_NOT_ACCELERATED)
  933. fprintf(stderr, " (software)");
  934. else
  935. fprintf(stderr, " (acceleration status unknown)");
  936. if (cipher_driver_info[i].status == DEVCRYPTO_STATUS_FAILURE)
  937. fprintf (stderr, ". Cipher setup failed\n");
  938. else if (digest_driver_info[i].status == DEVCRYPTO_STATUS_NO_CIOCCPHASH)
  939. fprintf(stderr, ", CIOCCPHASH failed\n");
  940. else
  941. fprintf(stderr, ", CIOCCPHASH capable\n");
  942. }
  943. fprintf(stderr, "\n");
  944. }
  945. #endif
  946. /******************************************************************************
  947. *
  948. * CONTROL COMMANDS
  949. *
  950. *****/
  951. #define DEVCRYPTO_CMD_USE_SOFTDRIVERS ENGINE_CMD_BASE
  952. #define DEVCRYPTO_CMD_CIPHERS (ENGINE_CMD_BASE + 1)
  953. #define DEVCRYPTO_CMD_DIGESTS (ENGINE_CMD_BASE + 2)
  954. #define DEVCRYPTO_CMD_DUMP_INFO (ENGINE_CMD_BASE + 3)
  955. static const ENGINE_CMD_DEFN devcrypto_cmds[] = {
  956. #if defined(CIOCGSESSINFO) || defined(CIOCGSESSION2)
  957. {DEVCRYPTO_CMD_USE_SOFTDRIVERS,
  958. "USE_SOFTDRIVERS",
  959. "specifies whether to use software (not accelerated) drivers ("
  960. OPENSSL_MSTR(DEVCRYPTO_REQUIRE_ACCELERATED) "=use only accelerated drivers, "
  961. OPENSSL_MSTR(DEVCRYPTO_USE_SOFTWARE) "=allow all drivers, "
  962. OPENSSL_MSTR(DEVCRYPTO_REJECT_SOFTWARE)
  963. "=use if acceleration can't be determined) [default="
  964. OPENSSL_MSTR(DEVCRYPTO_DEFAULT_USE_SOFTDRIVERS) "]",
  965. ENGINE_CMD_FLAG_NUMERIC},
  966. #endif
  967. {DEVCRYPTO_CMD_CIPHERS,
  968. "CIPHERS",
  969. "either ALL, NONE, or a comma-separated list of ciphers to enable [default=ALL]",
  970. ENGINE_CMD_FLAG_STRING},
  971. #ifdef IMPLEMENT_DIGEST
  972. {DEVCRYPTO_CMD_DIGESTS,
  973. "DIGESTS",
  974. "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
  975. ENGINE_CMD_FLAG_STRING},
  976. #endif
  977. {DEVCRYPTO_CMD_DUMP_INFO,
  978. "DUMP_INFO",
  979. "dump info about each algorithm to stderr; use 'openssl engine -pre DUMP_INFO devcrypto'",
  980. ENGINE_CMD_FLAG_NO_INPUT},
  981. {0, NULL, NULL, 0}
  982. };
  983. static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
  984. {
  985. int *new_list;
  986. switch (cmd) {
  987. #if defined(CIOCGSESSINFO) || defined(CIOCGSESSION2)
  988. case DEVCRYPTO_CMD_USE_SOFTDRIVERS:
  989. switch (i) {
  990. case DEVCRYPTO_REQUIRE_ACCELERATED:
  991. case DEVCRYPTO_USE_SOFTWARE:
  992. case DEVCRYPTO_REJECT_SOFTWARE:
  993. break;
  994. default:
  995. fprintf(stderr, "devcrypto: invalid value (%ld) for USE_SOFTDRIVERS\n", i);
  996. return 0;
  997. }
  998. if (use_softdrivers == i)
  999. return 1;
  1000. use_softdrivers = i;
  1001. #ifdef IMPLEMENT_DIGEST
  1002. rebuild_known_digest_nids(e);
  1003. #endif
  1004. rebuild_known_cipher_nids(e);
  1005. return 1;
  1006. #endif /* CIOCGSESSINFO || CIOCGSESSION2 */
  1007. case DEVCRYPTO_CMD_CIPHERS:
  1008. if (p == NULL)
  1009. return 1;
  1010. if (OPENSSL_strcasecmp((const char *)p, "ALL") == 0) {
  1011. devcrypto_select_all_ciphers(selected_ciphers);
  1012. } else if (OPENSSL_strcasecmp((const char*)p, "NONE") == 0) {
  1013. memset(selected_ciphers, 0, sizeof(selected_ciphers));
  1014. } else {
  1015. new_list=OPENSSL_zalloc(sizeof(selected_ciphers));
  1016. if (!CONF_parse_list(p, ',', 1, cryptodev_select_cipher_cb, new_list)) {
  1017. OPENSSL_free(new_list);
  1018. return 0;
  1019. }
  1020. memcpy(selected_ciphers, new_list, sizeof(selected_ciphers));
  1021. OPENSSL_free(new_list);
  1022. }
  1023. rebuild_known_cipher_nids(e);
  1024. return 1;
  1025. #ifdef IMPLEMENT_DIGEST
  1026. case DEVCRYPTO_CMD_DIGESTS:
  1027. if (p == NULL)
  1028. return 1;
  1029. if (OPENSSL_strcasecmp((const char *)p, "ALL") == 0) {
  1030. devcrypto_select_all_digests(selected_digests);
  1031. } else if (OPENSSL_strcasecmp((const char*)p, "NONE") == 0) {
  1032. memset(selected_digests, 0, sizeof(selected_digests));
  1033. } else {
  1034. new_list=OPENSSL_zalloc(sizeof(selected_digests));
  1035. if (!CONF_parse_list(p, ',', 1, cryptodev_select_digest_cb, new_list)) {
  1036. OPENSSL_free(new_list);
  1037. return 0;
  1038. }
  1039. memcpy(selected_digests, new_list, sizeof(selected_digests));
  1040. OPENSSL_free(new_list);
  1041. }
  1042. rebuild_known_digest_nids(e);
  1043. return 1;
  1044. #endif /* IMPLEMENT_DIGEST */
  1045. case DEVCRYPTO_CMD_DUMP_INFO:
  1046. dump_cipher_info();
  1047. #ifdef IMPLEMENT_DIGEST
  1048. dump_digest_info();
  1049. #endif
  1050. return 1;
  1051. default:
  1052. break;
  1053. }
  1054. return 0;
  1055. }
  1056. /******************************************************************************
  1057. *
  1058. * LOAD / UNLOAD
  1059. *
  1060. *****/
  1061. /*
  1062. * Opens /dev/crypto
  1063. */
  1064. static int open_devcrypto(void)
  1065. {
  1066. int fd;
  1067. if (cfd >= 0)
  1068. return 1;
  1069. if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
  1070. #ifndef ENGINE_DEVCRYPTO_DEBUG
  1071. if (errno != ENOENT)
  1072. #endif
  1073. fprintf(stderr, "Could not open /dev/crypto: %s\n", strerror(errno));
  1074. return 0;
  1075. }
  1076. #ifdef CRIOGET
  1077. if (ioctl(fd, CRIOGET, &cfd) < 0) {
  1078. fprintf(stderr, "Could not create crypto fd: %s\n", strerror(errno));
  1079. close(fd);
  1080. cfd = -1;
  1081. return 0;
  1082. }
  1083. close(fd);
  1084. #else
  1085. cfd = fd;
  1086. #endif
  1087. return 1;
  1088. }
  1089. static int close_devcrypto(void)
  1090. {
  1091. int ret;
  1092. if (cfd < 0)
  1093. return 1;
  1094. ret = close(cfd);
  1095. cfd = -1;
  1096. if (ret != 0) {
  1097. fprintf(stderr, "Error closing /dev/crypto: %s\n", strerror(errno));
  1098. return 0;
  1099. }
  1100. return 1;
  1101. }
  1102. static int devcrypto_unload(ENGINE *e)
  1103. {
  1104. destroy_all_cipher_methods();
  1105. #ifdef IMPLEMENT_DIGEST
  1106. destroy_all_digest_methods();
  1107. #endif
  1108. close_devcrypto();
  1109. return 1;
  1110. }
  1111. static int bind_devcrypto(ENGINE *e) {
  1112. if (!ENGINE_set_id(e, engine_devcrypto_id)
  1113. || !ENGINE_set_name(e, "/dev/crypto engine")
  1114. || !ENGINE_set_destroy_function(e, devcrypto_unload)
  1115. || !ENGINE_set_cmd_defns(e, devcrypto_cmds)
  1116. || !ENGINE_set_ctrl_function(e, devcrypto_ctrl))
  1117. return 0;
  1118. prepare_cipher_methods();
  1119. #ifdef IMPLEMENT_DIGEST
  1120. prepare_digest_methods();
  1121. #endif
  1122. return (ENGINE_set_ciphers(e, devcrypto_ciphers)
  1123. #ifdef IMPLEMENT_DIGEST
  1124. && ENGINE_set_digests(e, devcrypto_digests)
  1125. #endif
  1126. /*
  1127. * Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD
  1128. * implementations, it seems to only exist in FreeBSD, and regarding the
  1129. * parameters in its crypt_kop, the manual crypto(4) has this to say:
  1130. *
  1131. * The semantics of these arguments are currently undocumented.
  1132. *
  1133. * Reading through the FreeBSD source code doesn't give much more than
  1134. * their CRK_MOD_EXP implementation for ubsec.
  1135. *
  1136. * It doesn't look much better with cryptodev-linux. They have the crypt_kop
  1137. * structure as well as the command (CRK_*) in cryptodev.h, but no support
  1138. * seems to be implemented at all for the moment.
  1139. *
  1140. * At the time of writing, it seems impossible to write proper support for
  1141. * FreeBSD's asym features without some very deep knowledge and access to
  1142. * specific kernel modules.
  1143. *
  1144. * /Richard Levitte, 2017-05-11
  1145. */
  1146. #if 0
  1147. && ENGINE_set_RSA(e, devcrypto_rsa)
  1148. # ifndef OPENSSL_NO_DSA
  1149. && ENGINE_set_DSA(e, devcrypto_dsa)
  1150. # endif
  1151. # ifndef OPENSSL_NO_DH
  1152. && ENGINE_set_DH(e, devcrypto_dh)
  1153. # endif
  1154. # ifndef OPENSSL_NO_EC
  1155. && ENGINE_set_EC(e, devcrypto_ec)
  1156. # endif
  1157. #endif
  1158. );
  1159. }
  1160. #ifdef OPENSSL_NO_DYNAMIC_ENGINE
  1161. /*
  1162. * In case this engine is built into libcrypto, then it doesn't offer any
  1163. * ability to be dynamically loadable.
  1164. */
  1165. void engine_load_devcrypto_int(void)
  1166. {
  1167. ENGINE *e = NULL;
  1168. if (!open_devcrypto())
  1169. return;
  1170. if ((e = ENGINE_new()) == NULL
  1171. || !bind_devcrypto(e)) {
  1172. close_devcrypto();
  1173. ENGINE_free(e);
  1174. return;
  1175. }
  1176. ERR_set_mark();
  1177. ENGINE_add(e);
  1178. /*
  1179. * If the "add" worked, it gets a structural reference. So either way, we
  1180. * release our just-created reference.
  1181. */
  1182. ENGINE_free(e); /* Loose our local reference */
  1183. /*
  1184. * If the "add" didn't work, it was probably a conflict because it was
  1185. * already added (eg. someone calling ENGINE_load_blah then calling
  1186. * ENGINE_load_builtin_engines() perhaps).
  1187. */
  1188. ERR_pop_to_mark();
  1189. }
  1190. #else
  1191. static int bind_helper(ENGINE *e, const char *id)
  1192. {
  1193. if ((id && (strcmp(id, engine_devcrypto_id) != 0))
  1194. || !open_devcrypto())
  1195. return 0;
  1196. if (!bind_devcrypto(e)) {
  1197. close_devcrypto();
  1198. return 0;
  1199. }
  1200. return 1;
  1201. }
  1202. IMPLEMENT_DYNAMIC_CHECK_FN()
  1203. IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
  1204. #endif