static const EVP_CIPHER *afalg_aes_cbc(int nid) { cbc_handles *cipher_handle = get_cipher_handle(nid); if (cipher_handle->_hidden == NULL && ((cipher_handle->_hidden = EVP_CIPHER_meth_new(nid, AES_BLOCK_SIZE, cipher_handle->key_size)) == NULL || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden, AES_IV_LEN) || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1) || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden, afalg_cipher_init) || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden, afalg_do_cipher) || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden, afalg_cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden, sizeof(afalg_ctx)))) { EVP_CIPHER_meth_free(cipher_handle->_hidden); cipher_handle->_hidden= NULL; } return cipher_handle->_hidden; }
static void prepare_cipher_methods() { size_t i; struct session_op sess; int cfd; if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) return; memset(&sess, 0, sizeof(sess)); sess.key = (void *)"01234567890123456789012345678901234567890123456789"; for (i = 0, known_cipher_nids_amount = 0; i < OSSL_NELEM(cipher_data); i++) { /* * Check that the algo is really availably by trying to open and close * a session. */ sess.cipher = cipher_data[i].devcryptoid; sess.keylen = cipher_data[i].keylen; if (ioctl(cfd, CIOCGSESSION, &sess) < 0 || ioctl(cfd, CIOCFSESSION, &sess) < 0) continue; if ((known_cipher_methods[i] = EVP_CIPHER_meth_new(cipher_data[i].nid, cipher_data[i].blocksize, cipher_data[i].keylen)) == NULL || !EVP_CIPHER_meth_set_iv_length(known_cipher_methods[i], cipher_data[i].ivlen) || !EVP_CIPHER_meth_set_flags(known_cipher_methods[i], cipher_data[i].flags | EVP_CIPH_FLAG_DEFAULT_ASN1) || !EVP_CIPHER_meth_set_init(known_cipher_methods[i], cipher_init) || !EVP_CIPHER_meth_set_do_cipher(known_cipher_methods[i], cipher_do_cipher) || !EVP_CIPHER_meth_set_cleanup(known_cipher_methods[i], cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(known_cipher_methods[i], sizeof(struct cipher_ctx))) { EVP_CIPHER_meth_free(known_cipher_methods[i]); known_cipher_methods[i] = NULL; } else { known_cipher_nids[known_cipher_nids_amount++] = cipher_data[i].nid; } } close(cfd); }
static const EVP_CIPHER * make_ctr_evp (size_t keylen, EVP_CIPHER *aes_ctr_cipher, int type) { #ifdef HAVE_OPAQUE_STRUCTS aes_ctr_cipher = EVP_CIPHER_meth_new(type, 16, keylen); if(aes_ctr_cipher) { EVP_CIPHER_meth_set_iv_length(aes_ctr_cipher, 16); EVP_CIPHER_meth_set_init(aes_ctr_cipher, aes_ctr_init); EVP_CIPHER_meth_set_do_cipher(aes_ctr_cipher, aes_ctr_do_cipher); EVP_CIPHER_meth_set_cleanup(aes_ctr_cipher, aes_ctr_cleanup); } #else aes_ctr_cipher->nid = type; aes_ctr_cipher->block_size = 16; aes_ctr_cipher->key_len = keylen; aes_ctr_cipher->iv_len = 16; aes_ctr_cipher->init = aes_ctr_init; aes_ctr_cipher->do_cipher = aes_ctr_do_cipher; aes_ctr_cipher->cleanup = aes_ctr_cleanup; #endif return aes_ctr_cipher; }
static const EVP_CIPHER *afalg_aes_128_cbc(void) { if (_hidden_aes_128_cbc == NULL && ((_hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, AES_BLOCK_SIZE, AES_KEY_SIZE_128)) == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc, AES_IV_LEN) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, afalg_cipher_init) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, afalg_do_cipher) || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc, afalg_cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, sizeof(afalg_ctx)))) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc); _hidden_aes_128_cbc = NULL; } return _hidden_aes_128_cbc; }
static int bind_dasync(ENGINE *e) { /* Setup RSA_METHOD */ if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) == NULL || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0 || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0 || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0 || RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) == 0 || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0 || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0 || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0 || RSA_meth_set_finish(dasync_rsa_method, dasync_rsa_finish) == 0) { DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); return 0; } /* Ensure the dasync error handling is set up */ ERR_load_DASYNC_strings(); if (!ENGINE_set_id(e, engine_dasync_id) || !ENGINE_set_name(e, engine_dasync_name) || !ENGINE_set_RSA(e, dasync_rsa_method) || !ENGINE_set_digests(e, dasync_digests) || !ENGINE_set_ciphers(e, dasync_ciphers) || !ENGINE_set_destroy_function(e, dasync_destroy) || !ENGINE_set_init_function(e, dasync_init) || !ENGINE_set_finish_function(e, dasync_finish)) { DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); return 0; } /* * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests * supplied by this engine */ _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption); if (_hidden_sha1_md == NULL || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH) || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK) || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md, sizeof(EVP_MD *) + sizeof(SHA_CTX)) || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT) || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init) || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update) || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) { EVP_MD_meth_free(_hidden_sha1_md); _hidden_sha1_md = NULL; } _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, 16 /* block size */, 16 /* key len */); if (_hidden_aes_128_cbc == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_PIPELINE) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, dasync_aes128_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, dasync_aes128_cbc_cipher) || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc, dasync_aes128_cbc_cleanup) || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc, dasync_aes128_cbc_ctrl) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, sizeof(struct dasync_pipeline_ctx))) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc); _hidden_aes_128_cbc = NULL; } _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( NID_aes_128_cbc_hmac_sha1, 16 /* block size */, 16 /* key len */); if (_hidden_aes_128_cbc_hmac_sha1 == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_PIPELINE) || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_init_key) || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_cipher) || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_cleanup) || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_ctrl) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, sizeof(struct dasync_pipeline_ctx))) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); _hidden_aes_128_cbc_hmac_sha1 = NULL; } return 1; }
static void prepare_cipher_methods(void) { size_t i; struct session_op sess; unsigned long cipher_mode; #ifdef CIOCGSESSINFO struct session_info_op siop; #endif memset(&cipher_driver_info, 0, sizeof(cipher_driver_info)); memset(&sess, 0, sizeof(sess)); sess.key = (void *)"01234567890123456789012345678901234567890123456789"; for (i = 0, known_cipher_nids_amount = 0; i < OSSL_NELEM(cipher_data); i++) { selected_ciphers[i] = 1; /* * Check that the cipher is usable */ sess.cipher = cipher_data[i].devcryptoid; sess.keylen = cipher_data[i].keylen; if (ioctl(cfd, CIOCGSESSION, &sess) < 0) { cipher_driver_info[i].status = DEVCRYPTO_STATUS_NO_CIOCGSESSION; continue; } cipher_mode = cipher_data[i].flags & EVP_CIPH_MODE; if ((known_cipher_methods[i] = EVP_CIPHER_meth_new(cipher_data[i].nid, cipher_mode == EVP_CIPH_CTR_MODE ? 1 : cipher_data[i].blocksize, cipher_data[i].keylen)) == NULL || !EVP_CIPHER_meth_set_iv_length(known_cipher_methods[i], cipher_data[i].ivlen) || !EVP_CIPHER_meth_set_flags(known_cipher_methods[i], cipher_data[i].flags | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CTRL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) || !EVP_CIPHER_meth_set_init(known_cipher_methods[i], cipher_init) || !EVP_CIPHER_meth_set_do_cipher(known_cipher_methods[i], cipher_mode == EVP_CIPH_CTR_MODE ? ctr_do_cipher : cipher_do_cipher) || !EVP_CIPHER_meth_set_ctrl(known_cipher_methods[i], cipher_ctrl) || !EVP_CIPHER_meth_set_cleanup(known_cipher_methods[i], cipher_cleanup) || !EVP_CIPHER_meth_set_impl_ctx_size(known_cipher_methods[i], sizeof(struct cipher_ctx))) { cipher_driver_info[i].status = DEVCRYPTO_STATUS_FAILURE; EVP_CIPHER_meth_free(known_cipher_methods[i]); known_cipher_methods[i] = NULL; } else { cipher_driver_info[i].status = DEVCRYPTO_STATUS_USABLE; #ifdef CIOCGSESSINFO siop.ses = sess.ses; if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0) { cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN; } else { cipher_driver_info[i].driver_name = OPENSSL_strndup(siop.cipher_info.cra_driver_name, CRYPTODEV_MAX_ALG_NAME); if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)) cipher_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED; else cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED; } #endif /* CIOCGSESSINFO */ } ioctl(cfd, CIOCFSESSION, &sess.ses); if (devcrypto_test_cipher(i)) { known_cipher_nids[known_cipher_nids_amount++] = cipher_data[i].nid; } } }