diff options
| author | Jason Wright <jason@cvs.openbsd.org> | 2003-08-20 20:17:12 +0000 |
|---|---|---|
| committer | Jason Wright <jason@cvs.openbsd.org> | 2003-08-20 20:17:12 +0000 |
| commit | 8d5a5cf46ab13b2cd778bd8578103e2cf89dfeef (patch) | |
| tree | d2a248374a9b59640e4a4815871cabf5b7d624aa | |
| parent | bf4083607e8a2ef6fcfa9ca5e1287fd5fe3c5e16 (diff) | |
- The safenet chip really likes it's big nums to be written to different
parts of memory... picky picky ;)
- zero the bignum memory after copying out the result (one less copy of
sensitive material floating around...)... Why don't vendors provide a
bit you can toggle that does this?
- Oh, and modexp now works.
| -rw-r--r-- | sys/dev/pci/safe.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/sys/dev/pci/safe.c b/sys/dev/pci/safe.c index ff1bc73da35..de11d8eb3cc 100644 --- a/sys/dev/pci/safe.c +++ b/sys/dev/pci/safe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: safe.c,v 1.7 2003/08/20 16:28:35 jason Exp $ */ +/* $OpenBSD: safe.c,v 1.8 2003/08/20 20:17:11 jason Exp $ */ /*- * Copyright (c) 2003 Sam Leffler, Errno Consulting @@ -279,7 +279,6 @@ safe_attach(struct device *parent, struct device *self, void *aux) if (devinfo & SAFE_DEVINFO_RNG) printf(" rng"); -#ifdef notyet bzero(algs, sizeof(algs)); if (devinfo & SAFE_DEVINFO_PKEY) { printf(" key"); @@ -287,7 +286,6 @@ safe_attach(struct device *parent, struct device *self, void *aux) crypto_kregister(sc->sc_cid, algs, safe_kprocess); timeout_set(&sc->sc_pkto, safe_kpoll, sc); } -#endif bzero(algs, sizeof(algs)); if (devinfo & SAFE_DEVINFO_DES) { @@ -1937,10 +1935,10 @@ safe_kstart(struct safe_softc *sc) safe_kload_reg(sc, a_off, b_off - a_off, &krp->krp_param[SAFE_CRK_PARAM_EXP]); WRITE_REG(sc, SAFE_PK_A_ADDR, a_off >> 2); - safe_kload_reg(sc, a_off, b_off - a_off, + safe_kload_reg(sc, b_off, b_off - a_off, &krp->krp_param[SAFE_CRK_PARAM_MOD]); WRITE_REG(sc, SAFE_PK_B_ADDR, b_off >> 2); - safe_kload_reg(sc, a_off, b_off - a_off, + safe_kload_reg(sc, c_off, b_off - a_off, &krp->krp_param[SAFE_CRK_PARAM_BASE]); WRITE_REG(sc, SAFE_PK_C_ADDR, c_off >> 2); WRITE_REG(sc, SAFE_PK_D_ADDR, d_off >> 2); @@ -2033,6 +2031,9 @@ safe_kpoll(void *vsc) res->crp_nbits = sc->sc_pk_reslen * 8; res->crp_nbits = safe_ksigbits(res); + for (i = SAFE_PK_RAM_START; i < SAFE_PK_RAM_END; i += 4) + WRITE_REG(sc, i, 0); + crypto_kdone(q->pkq_krp); free(q, M_DEVBUF); sc->sc_pkq_cur = NULL; |