int
UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
{
struct crypt_kop kop;
u_int8_t *ale, *ble, *cle;
static int crypto_fd = -1;
if (crypto_fd == -1 && ioctl(devcrypto(), CRIOGET, &crypto_fd) == -1)
err(1, "CRIOGET");
if ((ale = bignum_to_le(a, NULL)) == NULL)
err(1, "bignum_to_le, a");
if ((ble = bignum_to_le(b, NULL)) == NULL)
err(1, "bignum_to_le, b");
if ((cle = bignum_to_le(c, NULL)) == NULL)
err(1, "bignum_to_le, c");
bzero(&kop, sizeof(kop));
kop.crk_op = CRK_MOD_EXP;
kop.crk_iparams = 3;
kop.crk_oparams = 1;
kop.crk_crid = crid;
kop.crk_param[0].crp_p = ale;
kop.crk_param[0].crp_nbits = BN_num_bytes(a) * 8;
kop.crk_param[1].crp_p = ble;
kop.crk_param[1].crp_nbits = BN_num_bytes(b) * 8;
kop.crk_param[2].crp_p = cle;
kop.crk_param[2].crp_nbits = BN_num_bytes(c) * 8;
kop.crk_param[3].crp_p = cle;
kop.crk_param[3].crp_nbits = BN_num_bytes(c) * 8;
if (ioctl(crypto_fd, CIOCKEY2, &kop) == -1)
err(1, "CIOCKEY2");
if (verbose)
printf("device = %s\n", crfind(kop.crk_crid));
bzero(ale, BN_num_bytes(a));
free(ale);
bzero(ble, BN_num_bytes(b));
free(ble);
if (kop.crk_status != 0) {
printf("error %d\n", kop.crk_status);
bzero(cle, BN_num_bytes(c));
free(cle);
return (-1);
} else {
res = le_to_bignum(res, cle, BN_num_bytes(c));
bzero(cle, BN_num_bytes(c));
free(cle);
if (res == NULL)
err(1, "le_to_bignum");
return (0);
}
return (0);
}
static void
runtest(struct alg *alg, int count, int size, u_long cmd, struct timeval *tv)
{
int i, fd = crget();
struct timeval start, stop, dt;
char *cleartext, *ciphertext, *originaltext;
struct session2_op sop;
struct crypt_op cop;
char iv[EALG_MAX_BLOCK_LEN];
bzero(&sop, sizeof(sop));
if (!alg->ishash) {
sop.keylen = (alg->minkeylen + alg->maxkeylen)/2;
sop.key = (char *) malloc(sop.keylen);
if (sop.key == NULL)
err(1, "malloc (key)");
for (i = 0; i < sop.keylen; i++)
sop.key[i] = rdigit();
sop.cipher = alg->code;
} else {
sop.mackeylen = (alg->minkeylen + alg->maxkeylen)/2;
sop.mackey = (char *) malloc(sop.mackeylen);
if (sop.mackey == NULL)
err(1, "malloc (mac)");
for (i = 0; i < sop.mackeylen; i++)
sop.mackey[i] = rdigit();
sop.mac = alg->code;
}
sop.crid = crid;
if (ioctl(fd, cmd, &sop) < 0) {
if (cmd == CIOCGSESSION || cmd == CIOCGSESSION2) {
close(fd);
if (verbose) {
printf("cipher %s", alg->name);
if (alg->ishash)
printf(" mackeylen %u\n", sop.mackeylen);
else
printf(" keylen %u\n", sop.keylen);
perror("CIOCGSESSION");
}
/* hardware doesn't support algorithm; skip it */
return;
}
printf("cipher %s keylen %u mackeylen %u\n",
alg->name, sop.keylen, sop.mackeylen);
err(1, "CIOCGSESSION");
}
originaltext = malloc(3*size);
if (originaltext == NULL)
err(1, "malloc (text)");
cleartext = originaltext+size;
ciphertext = cleartext+size;
for (i = 0; i < size; i++)
cleartext[i] = rdigit();
memcpy(originaltext, cleartext, size);
for (i = 0; i < N(iv); i++)
iv[i] = rdigit();
if (verbose) {
printf("session = 0x%x\n", sop.ses);
printf("device = %s\n", crfind(sop.crid));
printf("count = %d, size = %d\n", count, size);
if (!alg->ishash) {
printf("iv:");
hexdump(iv, sizeof iv);
}
printf("cleartext:");
hexdump(cleartext, MIN(size, CHUNK));
}
gettimeofday(&start, NULL);
if (!alg->ishash) {
for (i = 0; i < count; i++) {
cop.ses = sop.ses;
cop.op = COP_ENCRYPT;
cop.flags = opflags;
cop.len = size;
cop.src = cleartext;
cop.dst = ciphertext;
cop.mac = 0;
cop.iv = iv;
if (ioctl(fd, CIOCCRYPT, &cop) < 0)
err(1, "ioctl(CIOCCRYPT)");
if (verify && bcmp(ciphertext, cleartext, size) == 0) {
printf("cipher text unchanged:");
hexdump(ciphertext, size);
}
memset(cleartext, 'x', MIN(size, CHUNK));
cop.ses = sop.ses;
cop.op = COP_DECRYPT;
cop.flags = opflags;
cop.len = size;
cop.src = ciphertext;
cop.dst = cleartext;
cop.mac = 0;
cop.iv = iv;
if (ioctl(fd, CIOCCRYPT, &cop) < 0)
err(1, "ioctl(CIOCCRYPT)");
if (verify && bcmp(cleartext, originaltext, size) != 0) {
printf("decrypt mismatch:\n");
printf("original:");
hexdump(originaltext, size);
printf("cleartext:");
hexdump(cleartext, size);
}
}
} else {
for (i = 0; i < count; i++) {
cop.ses = sop.ses;
cop.op = 0;
cop.flags = opflags;
cop.len = size;
cop.src = cleartext;
cop.dst = 0;
cop.mac = ciphertext;
cop.iv = 0;
if (ioctl(fd, CIOCCRYPT, &cop) < 0)
err(1, "ioctl(CIOCCRYPT)");
}
}
gettimeofday(&stop, NULL);
if (ioctl(fd, CIOCFSESSION, &sop.ses) < 0)
perror("ioctl(CIOCFSESSION)");
if (verbose) {
printf("cleartext:");
hexdump(cleartext, MIN(size, CHUNK));
}
timersub(&stop, &start, tv);
free(originaltext);
close(fd);
}
