summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2004-02-03 20:26:31 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2004-02-03 20:26:31 +0000
commita6b34b5258d5d76afceea87514721923a5654e17 (patch)
tree7da814c8d44426748320381bcb1d175ebc373bd3 /lib
parentabb03187ca7075e4b1d25946cad7ce0b00f99ccb (diff)
oops, software key gen bug
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/src/crypto/engine/hw_cryptodev.c45
1 files changed, 10 insertions, 35 deletions
diff --git a/lib/libssl/src/crypto/engine/hw_cryptodev.c b/lib/libssl/src/crypto/engine/hw_cryptodev.c
index 06671a51bf1..4959c67e92e 100644
--- a/lib/libssl/src/crypto/engine/hw_cryptodev.c
+++ b/lib/libssl/src/crypto/engine/hw_cryptodev.c
@@ -55,8 +55,6 @@ ENGINE_load_cryptodev(void)
#include <crypto/cryptodev.h>
#include <sys/ioctl.h>
-#include <ssl/aes.h>
-
#include <errno.h>
#include <stdio.h>
#include <unistd.h>
@@ -70,7 +68,7 @@ ENGINE_load_cryptodev(void)
#include <sys/sysctl.h>
#include <machine/cpu.h>
#include <machine/specialreg.h>
-static int check_viac3aes(void);
+static void check_viac3aes(void);
#endif
struct dev_crypto_state {
@@ -261,26 +259,7 @@ get_cryptodev_ciphers(const int **cnids)
* On i386, always check for the VIA C3 AES instructions;
* even if /dev/crypto is disabled.
*/
- if (check_viac3aes() == 1) {
- int have_NID_aes_128_cbc = 0;
- int have_NID_aes_192_cbc = 0;
- int have_NID_aes_256_cbc = 0;
-
- for (i = 0; i < count; i++) {
- if (nids[i] == NID_aes_128_cbc)
- have_NID_aes_128_cbc = 1;
- if (nids[i] == NID_aes_192_cbc)
- have_NID_aes_192_cbc = 1;
- if (nids[i] == NID_aes_256_cbc)
- have_NID_aes_256_cbc = 1;
- }
- if (!have_NID_aes_128_cbc)
- nids[count++] = NID_aes_128_cbc;
- if (!have_NID_aes_192_cbc)
- nids[count++] = NID_aes_192_cbc;
- if (!have_NID_aes_256_cbc)
- nids[count++] = NID_aes_256_cbc;
- }
+ check_viac3aes();
#endif
if (count > 0)
@@ -653,7 +632,7 @@ xcrypt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
useout = spare;
}
- cw[0] = C3_CRYPT_CWLO_ALG_AES | C3_CRYPT_CWLO_KEYGEN_SW |
+ cw[0] = C3_CRYPT_CWLO_ALG_AES | C3_CRYPT_CWLO_KEYGEN_HW |
C3_CRYPT_CWLO_NORMAL |
ctx->encrypt ? C3_CRYPT_CWLO_ENCRYPT : C3_CRYPT_CWLO_DECRYPT;
cw[1] = cw[2] = cw[3] = 0;
@@ -708,10 +687,7 @@ static int
xcrypt_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
- if (enc)
- AES_set_encrypt_key(key, 128, ctx->cipher_data);
- else
- AES_set_decrypt_key(key, 128, ctx->cipher_data);
+ bcopy(key, ctx->cipher_data, ctx->key_len);
return (1);
}
@@ -722,7 +698,7 @@ xcrypt_cleanup(EVP_CIPHER_CTX *ctx)
return (1);
}
-static int
+static void
check_viac3aes(void)
{
int mib[2] = { CTL_MACHDEP, CPU_XCRYPT }, value;
@@ -730,25 +706,24 @@ check_viac3aes(void)
if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), &value, &size,
NULL, 0) < 0)
- return (0);
+ return;
if (value == 0)
- return (0);
+ return;
cryptodev_aes_128_cbc.init = xcrypt_init_key;
cryptodev_aes_128_cbc.do_cipher = xcrypt_cipher;
cryptodev_aes_128_cbc.cleanup = xcrypt_cleanup;
- cryptodev_aes_128_cbc.ctx_size = sizeof(AES_KEY);
+ cryptodev_aes_128_cbc.ctx_size = 128;
cryptodev_aes_192_cbc.init = xcrypt_init_key;
cryptodev_aes_192_cbc.do_cipher = xcrypt_cipher;
cryptodev_aes_192_cbc.cleanup = xcrypt_cleanup;
- cryptodev_aes_192_cbc.ctx_size = sizeof(AES_KEY);
+ cryptodev_aes_192_cbc.ctx_size = 128;
cryptodev_aes_256_cbc.init = xcrypt_init_key;
cryptodev_aes_256_cbc.do_cipher = xcrypt_cipher;
cryptodev_aes_256_cbc.cleanup = xcrypt_cleanup;
- cryptodev_aes_256_cbc.ctx_size = sizeof(AES_KEY);
- return (1);
+ cryptodev_aes_256_cbc.ctx_size = 128;
}
#endif /* __i386__ */