int UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) { struct crypt_kop kop; u_int8_t *ale, *ble, *cle; static int crypto_fd = -1; if (crypto_fd == -1 && ioctl(devcrypto(), CRIOGET, &crypto_fd) == -1) err(1, "CRIOGET"); if ((ale = bignum_to_le(a, NULL)) == NULL) err(1, "bignum_to_le, a"); if ((ble = bignum_to_le(b, NULL)) == NULL) err(1, "bignum_to_le, b"); if ((cle = bignum_to_le(c, NULL)) == NULL) err(1, "bignum_to_le, c"); bzero(&kop, sizeof(kop)); kop.crk_op = CRK_MOD_EXP; kop.crk_iparams = 3; kop.crk_oparams = 1; kop.crk_crid = crid; kop.crk_param[0].crp_p = ale; kop.crk_param[0].crp_nbits = BN_num_bytes(a) * 8; kop.crk_param[1].crp_p = ble; kop.crk_param[1].crp_nbits = BN_num_bytes(b) * 8; kop.crk_param[2].crp_p = cle; kop.crk_param[2].crp_nbits = BN_num_bytes(c) * 8; kop.crk_param[3].crp_p = cle; kop.crk_param[3].crp_nbits = BN_num_bytes(c) * 8; if (ioctl(crypto_fd, CIOCKEY2, &kop) == -1) err(1, "CIOCKEY2"); if (verbose) printf("device = %s\n", crfind(kop.crk_crid)); bzero(ale, BN_num_bytes(a)); free(ale); bzero(ble, BN_num_bytes(b)); free(ble); if (kop.crk_status != 0) { printf("error %d\n", kop.crk_status); bzero(cle, BN_num_bytes(c)); free(cle); return (-1); } else { res = le_to_bignum(res, cle, BN_num_bytes(c)); bzero(cle, BN_num_bytes(c)); free(cle); if (res == NULL) err(1, "le_to_bignum"); return (0); } return (0); }
static void runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv) { int i, fd = crget(); struct timeval start, stop, dt; char *cleartext, *ciphertext, *originaltext; struct session2_op sop; struct crypt_op cop; char iv[EALG_MAX_BLOCK_LEN]; bzero(&sop, sizeof(sop)); if (!alg->ishash) { sop.keylen = (alg->minkeylen + alg->maxkeylen)/2; sop.key = (char *) malloc(sop.keylen); if (sop.key == NULL) err(1, "malloc (key)"); for (i = 0; i < sop.keylen; i++) sop.key[i] = rdigit(); sop.cipher = alg->code; } else { sop.mackeylen = (alg->minkeylen + alg->maxkeylen)/2; sop.mackey = (char *) malloc(sop.mackeylen); if (sop.mackey == NULL) err(1, "malloc (mac)"); for (i = 0; i < sop.mackeylen; i++) sop.mackey[i] = rdigit(); sop.mac = alg->code; } sop.crid = crid; if (ioctl(fd, cmd, &sop) < 0) { if (cmd == CIOCGSESSION || cmd == CIOCGSESSION2) { close(fd); if (verbose) { printf("cipher %s", alg->name); if (alg->ishash) printf(" mackeylen %u\n", sop.mackeylen); else printf(" keylen %u\n", sop.keylen); perror("CIOCGSESSION"); } /* hardware doesn't support algorithm; skip it */ return; } printf("cipher %s keylen %u mackeylen %u\n", alg->name, sop.keylen, sop.mackeylen); err(1, "CIOCGSESSION"); } originaltext = malloc(3*size); if (originaltext == NULL) err(1, "malloc (text)"); cleartext = originaltext+size; ciphertext = cleartext+size; for (i = 0; i < size; i++) cleartext[i] = rdigit(); memcpy(originaltext, cleartext, size); for (i = 0; i < N(iv); i++) iv[i] = rdigit(); if (verbose) { printf("session = 0x%x\n", sop.ses); printf("device = %s\n", crfind(sop.crid)); printf("count = %d, size = %d\n", count, size); if (!alg->ishash) { printf("iv:"); hexdump(iv, sizeof iv); } printf("cleartext:"); hexdump(cleartext, MIN(size, CHUNK)); } gettimeofday(&start, NULL); if (!alg->ishash) { for (i = 0; i < count; i++) { cop.ses = sop.ses; cop.op = COP_ENCRYPT; cop.flags = opflags; cop.len = size; cop.src = cleartext; cop.dst = ciphertext; cop.mac = 0; cop.iv = iv; if (ioctl(fd, CIOCCRYPT, &cop) < 0) err(1, "ioctl(CIOCCRYPT)"); if (verify && bcmp(ciphertext, cleartext, size) == 0) { printf("cipher text unchanged:"); hexdump(ciphertext, size); } memset(cleartext, 'x', MIN(size, CHUNK)); cop.ses = sop.ses; cop.op = COP_DECRYPT; cop.flags = opflags; cop.len = size; cop.src = ciphertext; cop.dst = cleartext; cop.mac = 0; cop.iv = iv; if (ioctl(fd, CIOCCRYPT, &cop) < 0) err(1, "ioctl(CIOCCRYPT)"); if (verify && bcmp(cleartext, originaltext, size) != 0) { printf("decrypt mismatch:\n"); printf("original:"); hexdump(originaltext, size); printf("cleartext:"); hexdump(cleartext, size); } } } else { for (i = 0; i < count; i++) { cop.ses = sop.ses; cop.op = 0; cop.flags = opflags; cop.len = size; cop.src = cleartext; cop.dst = 0; cop.mac = ciphertext; cop.iv = 0; if (ioctl(fd, CIOCCRYPT, &cop) < 0) err(1, "ioctl(CIOCCRYPT)"); } } gettimeofday(&stop, NULL); if (ioctl(fd, CIOCFSESSION, &sop.ses) < 0) perror("ioctl(CIOCFSESSION)"); if (verbose) { printf("cleartext:"); hexdump(cleartext, MIN(size, CHUNK)); } timersub(&stop, &start, tv); free(originaltext); close(fd); }