diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2004-02-03 20:26:31 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2004-02-03 20:26:31 +0000 |
commit | a6b34b5258d5d76afceea87514721923a5654e17 (patch) | |
tree | 7da814c8d44426748320381bcb1d175ebc373bd3 /lib | |
parent | abb03187ca7075e4b1d25946cad7ce0b00f99ccb (diff) |
oops, software key gen bug
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libssl/src/crypto/engine/hw_cryptodev.c | 45 |
1 files changed, 10 insertions, 35 deletions
diff --git a/lib/libssl/src/crypto/engine/hw_cryptodev.c b/lib/libssl/src/crypto/engine/hw_cryptodev.c index 06671a51bf1..4959c67e92e 100644 --- a/lib/libssl/src/crypto/engine/hw_cryptodev.c +++ b/lib/libssl/src/crypto/engine/hw_cryptodev.c @@ -55,8 +55,6 @@ ENGINE_load_cryptodev(void) #include <crypto/cryptodev.h> #include <sys/ioctl.h> -#include <ssl/aes.h> - #include <errno.h> #include <stdio.h> #include <unistd.h> @@ -70,7 +68,7 @@ ENGINE_load_cryptodev(void) #include <sys/sysctl.h> #include <machine/cpu.h> #include <machine/specialreg.h> -static int check_viac3aes(void); +static void check_viac3aes(void); #endif struct dev_crypto_state { @@ -261,26 +259,7 @@ get_cryptodev_ciphers(const int **cnids) * On i386, always check for the VIA C3 AES instructions; * even if /dev/crypto is disabled. */ - if (check_viac3aes() == 1) { - int have_NID_aes_128_cbc = 0; - int have_NID_aes_192_cbc = 0; - int have_NID_aes_256_cbc = 0; - - for (i = 0; i < count; i++) { - if (nids[i] == NID_aes_128_cbc) - have_NID_aes_128_cbc = 1; - if (nids[i] == NID_aes_192_cbc) - have_NID_aes_192_cbc = 1; - if (nids[i] == NID_aes_256_cbc) - have_NID_aes_256_cbc = 1; - } - if (!have_NID_aes_128_cbc) - nids[count++] = NID_aes_128_cbc; - if (!have_NID_aes_192_cbc) - nids[count++] = NID_aes_192_cbc; - if (!have_NID_aes_256_cbc) - nids[count++] = NID_aes_256_cbc; - } + check_viac3aes(); #endif if (count > 0) @@ -653,7 +632,7 @@ xcrypt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, useout = spare; } - cw[0] = C3_CRYPT_CWLO_ALG_AES | C3_CRYPT_CWLO_KEYGEN_SW | + cw[0] = C3_CRYPT_CWLO_ALG_AES | C3_CRYPT_CWLO_KEYGEN_HW | C3_CRYPT_CWLO_NORMAL | ctx->encrypt ? C3_CRYPT_CWLO_ENCRYPT : C3_CRYPT_CWLO_DECRYPT; cw[1] = cw[2] = cw[3] = 0; @@ -708,10 +687,7 @@ static int xcrypt_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - if (enc) - AES_set_encrypt_key(key, 128, ctx->cipher_data); - else - AES_set_decrypt_key(key, 128, ctx->cipher_data); + bcopy(key, ctx->cipher_data, ctx->key_len); return (1); } @@ -722,7 +698,7 @@ xcrypt_cleanup(EVP_CIPHER_CTX *ctx) return (1); } -static int +static void check_viac3aes(void) { int mib[2] = { CTL_MACHDEP, CPU_XCRYPT }, value; @@ -730,25 +706,24 @@ check_viac3aes(void) if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), &value, &size, NULL, 0) < 0) - return (0); + return; if (value == 0) - return (0); + return; cryptodev_aes_128_cbc.init = xcrypt_init_key; cryptodev_aes_128_cbc.do_cipher = xcrypt_cipher; cryptodev_aes_128_cbc.cleanup = xcrypt_cleanup; - cryptodev_aes_128_cbc.ctx_size = sizeof(AES_KEY); + cryptodev_aes_128_cbc.ctx_size = 128; cryptodev_aes_192_cbc.init = xcrypt_init_key; cryptodev_aes_192_cbc.do_cipher = xcrypt_cipher; cryptodev_aes_192_cbc.cleanup = xcrypt_cleanup; - cryptodev_aes_192_cbc.ctx_size = sizeof(AES_KEY); + cryptodev_aes_192_cbc.ctx_size = 128; cryptodev_aes_256_cbc.init = xcrypt_init_key; cryptodev_aes_256_cbc.do_cipher = xcrypt_cipher; cryptodev_aes_256_cbc.cleanup = xcrypt_cleanup; - cryptodev_aes_256_cbc.ctx_size = sizeof(AES_KEY); - return (1); + cryptodev_aes_256_cbc.ctx_size = 128; } #endif /* __i386__ */ |