diff options
Diffstat (limited to 'crypto/engine/eng_cryptodev.c')
| -rw-r--r-- | crypto/engine/eng_cryptodev.c | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c index ab38cd52f097..1a1e1c2655ac 100644 --- a/crypto/engine/eng_cryptodev.c +++ b/crypto/engine/eng_cryptodev.c @@ -30,9 +30,13 @@ #include <openssl/engine.h> #include <openssl/evp.h> #include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/rsa.h> +#include <openssl/dh.h> +#include <openssl/err.h> #if (defined(__unix__) || defined(unix)) && !defined(USG) && \ - (defined(OpenBSD) || defined(__FreeBSD_version)) + (defined(OpenBSD) || defined(__FreeBSD__)) #include <sys/param.h> # if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) # define HAVE_CRYPTODEV @@ -79,7 +83,7 @@ static int cryptodev_max_iv(int cipher); static int cryptodev_key_length_valid(int cipher, int len); static int cipher_nid_to_cryptodev(int nid); static int get_cryptodev_ciphers(const int **cnids); -static int get_cryptodev_digests(const int **cnids); +/*static int get_cryptodev_digests(const int **cnids);*/ static int cryptodev_usable_ciphers(const int **nids); static int cryptodev_usable_digests(const int **nids); static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, @@ -100,7 +104,7 @@ static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, - RSA *rsa); + RSA *rsa, BN_CTX *ctx); static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -139,6 +143,7 @@ static struct { { 0, NID_undef, 0, 0, }, }; +#if 0 static struct { int id; int nid; @@ -151,6 +156,7 @@ static struct { { CRYPTO_SHA1, NID_undef, }, { 0, NID_undef, }, }; +#endif /* * Return a fd if /dev/crypto seems usable, 0 otherwise. @@ -285,6 +291,7 @@ get_cryptodev_ciphers(const int **cnids) return (count); } +#if 0 /* unused */ /* * Find out what digests /dev/crypto will let us have a session for. * XXX note, that some of these openssl doesn't deal with yet! @@ -321,6 +328,8 @@ get_cryptodev_digests(const int **cnids) return (count); } +#endif + /* * Find the useable ciphers|digests from dev/crypto - this is the first * thing called by the engine init crud which determines what it @@ -374,7 +383,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, struct crypt_op cryp; struct dev_crypto_state *state = ctx->cipher_data; struct session_op *sess = &state->d_sess; - void *iiv; + const void *iiv; unsigned char save_iv[EVP_MAX_IV_LENGTH]; if (state->d_fd < 0) @@ -398,7 +407,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (ctx->cipher->iv_len) { cryp.iv = (caddr_t) ctx->iv; if (!ctx->encrypt) { - iiv = (void *) in + inl - ctx->cipher->iv_len; + iiv = in + inl - ctx->cipher->iv_len; memcpy(save_iv, iiv, ctx->cipher->iv_len); } } else @@ -413,7 +422,7 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (ctx->cipher->iv_len) { if (ctx->encrypt) - iiv = (void *) out + inl - ctx->cipher->iv_len; + iiv = out + inl - ctx->cipher->iv_len; else iiv = save_iv; memcpy(ctx->iv, iiv, ctx->cipher->iv_len); @@ -443,7 +452,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, if ((state->d_fd = get_dev_crypto()) < 0) return (0); - sess->key = (unsigned char *)key; + sess->key = (char *)key; sess->keylen = ctx->key_len; sess->cipher = cipher; @@ -625,7 +634,7 @@ static int bn2crparam(const BIGNUM *a, struct crparam *crp) { int i, j, k; - ssize_t words, bytes, bits; + ssize_t bytes, bits; u_char *b; crp->crp_p = NULL; @@ -638,7 +647,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) if (b == NULL) return (1); - crp->crp_p = b; + crp->crp_p = (char *)b; crp->crp_nbits = bits; for (i = 0, j = 0; i < a->top; i++) { @@ -756,14 +765,11 @@ err: } static int -cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { int r; - BN_CTX *ctx; - ctx = BN_CTX_new(); r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); - BN_CTX_free(ctx); return (r); } @@ -994,7 +1000,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) goto err; kop.crk_iparams = 3; - kop.crk_param[3].crp_p = key; + kop.crk_param[3].crp_p = (char *)key; kop.crk_param[3].crp_nbits = keylen * 8; kop.crk_oparams = 1; |