void *copyAllocPinnedMemoryClean(void *ptr, size_t size, size_t original_size, const char *file, int line) { void *nptr; if ((nptr = qaeCryptoMemAlloc(size, file, line)) == NULL) { MEM_WARN("%s: pinned memory allocation failure\n", __func__); return NULL; } memcpy(nptr, ptr, original_size); return nptr; }
/****************************************************************************** * function: * qat_alloc_pad(unsigned char *in, * int len, * int rLen, * int sign) * * @param in [IN] - pointer to Flat Buffer * @param len [IN] - length of input data (hash) * @param rLen [IN] - length of RSA * @param sign [IN] - 1 for sign operation and 0 for decryption * * description: * This function is used to add PKCS#1 padding into input data buffer * before it pass to cpaCyRsaDecrypt() function. * The function returns a pointer to unsigned char buffer ******************************************************************************/ static unsigned char *qat_alloc_pad(unsigned char *in, int len, int rLen, int sign) { int i = 0; /* out data buffer should have fix length */ unsigned char *out = qaeCryptoMemAlloc(rLen, __FILE__, __LINE__); DEBUG("- Started\n"); if (NULL == out) { WARN("out buffer malloc failed\n"); QATerr(QAT_F_QAT_ALLOC_PAD, QAT_R_OUT_MALLOC_FAILURE); return NULL; } /* First two char are (0x00, 0x01) or (0x00, 0x02) */ out[0] = 0x00; if (sign) { out[1] = 0x01; } else { out[1] = 0x02; } /* * Fill 0xff and end up with 0x00 in out buffer until the length of * actual data space left */ for (i = 2; i < (rLen - len - 1); i++) { out[i] = 0xff; } /* * i has been incremented on beyond the last padding byte to exit for * loop */ out[i] = 0x00; /* shift actual data to the end of out buffer */ memcpy((out + rLen - len), in, len); DEBUG("- Finished\n"); return out; }
static int build_encrypt_op(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding, CpaCyRsaEncryptOpData ** enc_op_data, CpaFlatBuffer ** output_buffer, int alloc_pad) { CpaCyRsaPublicKey *cpa_pub_key = NULL; int rsa_len = 0; const BIGNUM *n = NULL; const BIGNUM *e = NULL; const BIGNUM *d = NULL; DEBUG("- Started\n"); RSA_get0_key((const RSA*)rsa, &n, &e, &d); /* Note: not checking 'd' as it is not used */ if (n == NULL || e == NULL) { WARN("RSA key values n = %p or e = %p are NULL\n", n, e); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_N_E_NULL); return 0; } if (padding != RSA_PKCS1_PADDING) { WARN("Unknown Padding %d\n", padding); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_UNKNOWN_PADDING); return 0; } cpa_pub_key = OPENSSL_zalloc(sizeof(CpaCyRsaPublicKey)); if (NULL == cpa_pub_key) { WARN("Public Key zalloc failed\n"); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_PUB_KEY_MALLOC_FAILURE); return 0; } rsa_len = RSA_size(rsa); /* Output and input data MUST allocate memory for RSA verify process */ /* Memory allocation for EncOpData[IN] */ *enc_op_data = OPENSSL_zalloc(sizeof(CpaCyRsaEncryptOpData)); if (NULL == *enc_op_data) { WARN("Failed to allocate enc_op_data\n"); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_ENC_OP_DATA_MALLOC_FAILURE); OPENSSL_free(cpa_pub_key); return 0; } /* Setup the Encrypt operation Data structure */ (*enc_op_data)->pPublicKey = cpa_pub_key; DEBUG("flen=%d padding=%d\n", flen, padding); /* Passing Public key from big number format to big endian order binary */ if (qat_BN_to_FB(&cpa_pub_key->modulusN, n) != 1 || qat_BN_to_FB(&cpa_pub_key->publicExponentE, e) != 1) { WARN("Failed to convert cpa_pub_key elements to flatbuffer\n"); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_N_E_CONVERT_TO_FB_FAILURE); return 0; } if (alloc_pad) { (*enc_op_data)->inputData.pData = qat_alloc_pad((Cpa8U *) from, flen, rsa_len, 0); } else { (*enc_op_data)->inputData.pData = (Cpa8U *) copyAllocPinnedMemory((void *)from, flen, __FILE__, __LINE__); } if (NULL == (*enc_op_data)->inputData.pData) { WARN("Failed to allocate (*enc_op_data)->inputData.pData\n"); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_INPUT_DATA_MALLOC_FAILURE); return 0; } if (alloc_pad) (*enc_op_data)->inputData.dataLenInBytes = rsa_len; else (*enc_op_data)->inputData.dataLenInBytes = flen; /* * Memory allocation for outputBuffer[OUT] OutputBuffer size initialize * as the size of rsa size */ (*output_buffer) = (CpaFlatBuffer *) OPENSSL_malloc(sizeof(CpaFlatBuffer)); if (NULL == (*output_buffer)) { WARN("Failed to allocate output_buffer\n"); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_OUTPUT_BUF_MALLOC_FAILURE); return 0; } /* * outputBuffer size should large enough to hold the Hash value but * smaller than (RSA_size(rsa)-11) */ (*output_buffer)->dataLenInBytes = rsa_len; (*output_buffer)->pData = qaeCryptoMemAlloc(rsa_len, __FILE__, __LINE__); if (NULL == (*output_buffer)->pData) { WARN("Failed to allocate (*output_buffer)->pData\n"); QATerr(QAT_F_BUILD_ENCRYPT_OP, QAT_R_OUTPUT_BUF_PDATA_MALLOC_FAILURE); return 0;; } DEBUG("- Finished\n"); return 1; }
static int build_decrypt_op_buf(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding, CpaCyRsaDecryptOpData ** dec_op_data, CpaFlatBuffer ** output_buffer, int alloc_pad) { int rsa_len = 0; CpaCyRsaPrivateKey *cpa_prv_key = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *dmp1 = NULL; const BIGNUM *dmq1 = NULL; const BIGNUM *iqmp = NULL; DEBUG("- Started\n"); RSA_get0_factors((const RSA*)rsa, &p, &q); RSA_get0_crt_params((const RSA*)rsa, &dmp1, &dmq1, &iqmp); if (p == NULL || q == NULL || dmp1 == NULL || dmq1 == NULL || iqmp == NULL) { WARN("Either p %p, q %p, dmp1 %p, dmq1 %p, iqmp %p are NULL\n", p, q, dmp1, dmq1, iqmp); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_P_Q_DMP_DMQ_IQMP_NULL); return 0; } /* Padding check */ if ((padding != RSA_NO_PADDING) && (padding != RSA_PKCS1_PADDING)) { WARN("Unknown Padding %d\n", padding); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_PADDING_UNKNOWN); return 0; } cpa_prv_key = (CpaCyRsaPrivateKey *) OPENSSL_zalloc(sizeof(CpaCyRsaPrivateKey)); if (NULL == cpa_prv_key) { WARN("Failed to allocate cpa_prv_key\n"); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_PRIV_KEY_MALLOC_FAILURE); return 0; } DEBUG("flen =%d, padding = %d \n", flen, padding); /* output signature should have same length as RSA(128) */ rsa_len = RSA_size(rsa); /* output and input data MUST allocate memory for sign process */ /* memory allocation for DecOpdata[IN] */ *dec_op_data = OPENSSL_zalloc(sizeof(CpaCyRsaDecryptOpData)); if (NULL == *dec_op_data) { WARN("Failed to allocate dec_op_data\n"); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_DEC_OP_DATA_MALLOC_FAILURE); OPENSSL_free(cpa_prv_key); return 0; } /* Setup the DecOpData structure */ (*dec_op_data)->pRecipientPrivateKey = cpa_prv_key; cpa_prv_key->version = CPA_CY_RSA_VERSION_TWO_PRIME; /* Setup the private key rep type 2 structure */ cpa_prv_key->privateKeyRepType = CPA_CY_RSA_PRIVATE_KEY_REP_TYPE_2; if (qat_BN_to_FB(&cpa_prv_key->privateKeyRep2.prime1P, p) != 1 || qat_BN_to_FB(&cpa_prv_key->privateKeyRep2.prime2Q, q) != 1 || qat_BN_to_FB(&cpa_prv_key->privateKeyRep2.exponent1Dp, dmp1) != 1 || qat_BN_to_FB(&cpa_prv_key->privateKeyRep2.exponent2Dq, dmq1) != 1 || qat_BN_to_FB(&cpa_prv_key->privateKeyRep2.coefficientQInv, iqmp) != 1) { WARN("Failed to convert privateKeyRep2 elements to flatbuffer\n"); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_P_Q_DMP_DMQ_CONVERT_TO_FB_FAILURE); return 0; } if (alloc_pad) { (*dec_op_data)->inputData.pData = qat_alloc_pad((Cpa8U *) from, flen, rsa_len, 1); } else { (*dec_op_data)->inputData.pData = (Cpa8U *) copyAllocPinnedMemory((void *)from, flen, __FILE__, __LINE__); } if (NULL == (*dec_op_data)->inputData.pData) { WARN("Failed to allocate (*dec_op_data)->inputData.pData\n"); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_INPUT_DATA_MALLOC_FAILURE); return 0; } if (alloc_pad) (*dec_op_data)->inputData.dataLenInBytes = rsa_len; else (*dec_op_data)->inputData.dataLenInBytes = flen; *output_buffer = OPENSSL_malloc(sizeof(CpaFlatBuffer)); if (NULL == *output_buffer) { WARN("Failed to allocate output_buffer\n"); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_OUTPUT_BUF_MALLOC_FAILURE); return 0; } /* * Memory allocation for DecOpdata[IN] the size of outputBuffer * should big enough to contain RSA_size */ (*output_buffer)->pData = (Cpa8U *) qaeCryptoMemAlloc(rsa_len, __FILE__, __LINE__); if (NULL == (*output_buffer)->pData) { WARN("Failed to allocate output_buffer->pData\n"); QATerr(QAT_F_BUILD_DECRYPT_OP_BUF, QAT_R_RSA_OUTPUT_BUF_PDATA_MALLOC_FAILURE); return 0; } (*output_buffer)->dataLenInBytes = rsa_len; DEBUG("- Finished\n"); return 1; }