Kezdőlap Felfedezés Súgó
Bejelentkezés
PUBLIC_REPOS
/
buildroot
tükrözi: git://git.buildroot.net/buildroot
2
1
Másolás 0
Fájlok
Fa: 58d3978e4e
Branch-ok Tag-ek
buildroot
/
package
/
openssl
/
openssl-003-cryptodev-Fix-issue-with-signature-generation.patch

openssl-003-cryptodev-Fix-issue-with-signature-generation.patch 12 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429 
  1. From fa47376f4c3e03b18ccd52df53d8c5041155d4ed Mon Sep 17 00:00:00 2001
    2. 

  2. From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
    3. 

  3. Date: Fri, 4 Jul 2014 07:31:25 +0200
    4. 

  4. Subject: [PATCH] cryptodev: Fix issue with signature generation
    5. 

  5. 

  6. That patch also enables support for SHA2 hashes, and
    7. 

  7. removes support for hashes that were never supported by
    8. 

  8. cryptodev.
    9. 

  9. ---
    10. 

  10.  crypto/engine/eng_cryptodev.c | 192 ++++++++++++++++++++++++++++++------------
    11. 

  11.  1 file changed, 140 insertions(+), 52 deletions(-)
    12. 

  12. 

  13. diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
    14. 

  14. index 568e131..a1c39e5 100644
    15. 

  15. --- a/crypto/engine/eng_cryptodev.c
    16. 

  16. +++ b/crypto/engine/eng_cryptodev.c
    17. 

  17. @@ -2,6 +2,7 @@
    18. 

  18.   * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
    19. 

  19.   * Copyright (c) 2002 Theo de Raadt
    20. 

  20.   * Copyright (c) 2002 Markus Friedl
    21. 

  21. + * Copyright (c) 2012 Nikos Mavrogiannopoulos
    22. 

  22.   * All rights reserved.
    23. 

  23.   *
    24. 

  24.   * Redistribution and use in source and binary forms, with or without
    25. 

  25. @@ -74,8 +75,6 @@ struct dev_crypto_state {
    26. 

  26.  	int d_fd;
    27. 

  27.  
    28. 

  28.  #ifdef USE_CRYPTODEV_DIGESTS
    29. 

  29. -	char dummy_mac_key[HASH_MAX_LEN];
    30. 

  30. -
    31. 

  31.  	unsigned char digest_res[HASH_MAX_LEN];
    32. 

  32.  	char *mac_data;
    33. 

  33.  	int mac_len;
    34. 

  34. @@ -162,15 +161,21 @@ static struct {
    35. 

  35.  static struct {
    36. 

  36.  	int	id;
    37. 

  37.  	int	nid;
    38. 

  38. -	int 	keylen;
    39. 

  39. +	int 	digestlen;
    40. 

  40.  } digests[] = {
    41. 

  41. +#if 0
    42. 

  42. +        /* HMAC is not supported */
    43. 

  43.  	{ CRYPTO_MD5_HMAC,		NID_hmacWithMD5,	16},
    44. 

  44.  	{ CRYPTO_SHA1_HMAC,		NID_hmacWithSHA1,	20},
    45. 

  45. -	{ CRYPTO_RIPEMD160_HMAC,	NID_ripemd160,		16/*?*/},
    46. 

  46. -	{ CRYPTO_MD5_KPDK,		NID_undef,		0},
    47. 

  47. -	{ CRYPTO_SHA1_KPDK,		NID_undef,		0},
    48. 

  48. +	{ CRYPTO_SHA2_256_HMAC,		NID_hmacWithSHA256,	32},
    49. 

  49. +	{ CRYPTO_SHA2_384_HMAC,		NID_hmacWithSHA384,	48},
    50. 

  50. +	{ CRYPTO_SHA2_512_HMAC,		NID_hmacWithSHA512,	64},
    51. 

  51. +#endif
    52. 

  52.  	{ CRYPTO_MD5,			NID_md5,		16},
    53. 

  53.  	{ CRYPTO_SHA1,			NID_sha1,		20},
    54. 

  54. +	{ CRYPTO_SHA2_256,		NID_sha256,		32},
    55. 

  55. +	{ CRYPTO_SHA2_384,		NID_sha384,		48},
    56. 

  56. +	{ CRYPTO_SHA2_512,		NID_sha512,		64},
    57. 

  57.  	{ 0,				NID_undef,		0},
    58. 

  58.  };
    59. 

  59.  #endif
    60. 

  60. @@ -248,13 +253,14 @@ get_cryptodev_ciphers(const int **cnids)
    61. 

  61.  	static int nids[CRYPTO_ALGORITHM_MAX];
    62. 

  62.  	struct session_op sess;
    63. 

  63.  	int fd, i, count = 0;
    64. 

  64. +	unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
    65. 

  65.  
    66. 

  66.  	if ((fd = get_dev_crypto()) < 0) {
    67. 

  67.  		*cnids = NULL;
    68. 

  68.  		return (0);
    69. 

  69.  	}
    70. 

  70.  	memset(&sess, 0, sizeof(sess));
    71. 

  71. -	sess.key = (caddr_t)"123456789abcdefghijklmno";
    72. 

  72. +	sess.key = (void*)fake_key;
    73. 

  73.  
    74. 

  74.  	for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
    75. 

  75.  		if (ciphers[i].nid == NID_undef)
    76. 

  76. @@ -286,6 +292,7 @@ static int
    77. 

  77.  get_cryptodev_digests(const int **cnids)
    78. 

  78.  {
    79. 

  79.  	static int nids[CRYPTO_ALGORITHM_MAX];
    80. 

  80. +	unsigned char fake_key[CRYPTO_CIPHER_MAX_KEY_LEN];
    81. 

  81.  	struct session_op sess;
    82. 

  82.  	int fd, i, count = 0;
    83. 

  83.  
    84. 

  84. @@ -294,12 +301,12 @@ get_cryptodev_digests(const int **cnids)
    85. 

  85.  		return (0);
    86. 

  86.  	}
    87. 

  87.  	memset(&sess, 0, sizeof(sess));
    88. 

  88. -	sess.mackey = (caddr_t)"123456789abcdefghijklmno";
    89. 

  89. +	sess.mackey = fake_key;
    90. 

  90.  	for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
    91. 

  91.  		if (digests[i].nid == NID_undef)
    92. 

  92.  			continue;
    93. 

  93.  		sess.mac = digests[i].id;
    94. 

  94. -		sess.mackeylen = digests[i].keylen;
    95. 

  95. +		sess.mackeylen = 8;
    96. 

  96.  		sess.cipher = 0;
    97. 

  97.  		if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
    98. 

  98.  		    ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
    99. 

  99. @@ -387,14 +394,14 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
    100. 

  100.  	cryp.ses = sess->ses;
    101. 

  101.  	cryp.flags = 0;
    102. 

  102.  	cryp.len = inl;
    103. 

  103. -	cryp.src = (caddr_t) in;
    104. 

  104. -	cryp.dst = (caddr_t) out;
    105. 

  105. +	cryp.src = (void*) in;
    106. 

  106. +	cryp.dst = (void*) out;
    107. 

  107.  	cryp.mac = 0;
    108. 

  108.  
    109. 

  109.  	cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
    110. 

  110.  
    111. 

  111.  	if (ctx->cipher->iv_len) {
    112. 

  112. -		cryp.iv = (caddr_t) ctx->iv;
    113. 

  113. +		cryp.iv = (void*) ctx->iv;
    114. 

  114.  		if (!ctx->encrypt) {
    115. 

  115.  			iiv = in + inl - ctx->cipher->iv_len;
    116. 

  116.  			memcpy(save_iv, iiv, ctx->cipher->iv_len);
    117. 

  117. @@ -445,7 +452,7 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
    118. 

  118.  	if ((state->d_fd = get_dev_crypto()) < 0)
    119. 

  119.  		return (0);
    120. 

  120.  
    121. 

  121. -	sess->key = (caddr_t)key;
    122. 

  122. +	sess->key = (void*)key;
    123. 

  123.  	sess->keylen = ctx->key_len;
    124. 

  124.  	sess->cipher = cipher;
    125. 

  125.  
    126. 

  126. @@ -715,18 +722,6 @@ digest_nid_to_cryptodev(int nid)
    127. 

  127.  }
    128. 

  128.  
    129. 

  129.  
    130. 

  130. -static int
    131. 

  131. -digest_key_length(int nid)
    132. 

  132. -{
    133. 

  133. -	int i;
    134. 

  134. -
    135. 

  135. -	for (i = 0; digests[i].id; i++)
    136. 

  136. -		if (digests[i].nid == nid)
    137. 

  137. -			return digests[i].keylen;
    138. 

  138. -	return (0);
    139. 

  139. -}
    140. 

  140. -
    141. 

  141. -
    142. 

  142.  static int cryptodev_digest_init(EVP_MD_CTX *ctx)
    143. 

  143.  {
    144. 

  144.  	struct dev_crypto_state *state = ctx->md_data;
    145. 

  145. @@ -737,7 +732,6 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
    146. 

  146.  		printf("cryptodev_digest_init: Can't get digest \n");
    147. 

  147.  		return (0);
    148. 

  148.  	}
    149. 

  149. -
    150. 

  150.  	memset(state, 0, sizeof(struct dev_crypto_state));
    151. 

  151.  
    152. 

  152.  	if ((state->d_fd = get_dev_crypto()) < 0) {
    153. 

  153. @@ -745,8 +739,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
    154. 

  154.  		return (0);
    155. 

  155.  	}
    156. 

  156.  
    157. 

  157. -	sess->mackey = state->dummy_mac_key;
    158. 

  158. -	sess->mackeylen = digest_key_length(ctx->digest->type);
    159. 

  159. +	sess->mackey = NULL;
    160. 

  160. +	sess->mackeylen = 0;
    161. 

  161.  	sess->mac = digest;
    162. 

  162.  
    163. 

  163.  	if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
    164. 

  164. @@ -762,8 +756,8 @@ static int cryptodev_digest_init(EVP_MD_CTX *ctx)
    165. 

  165.  static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
    166. 

  166.  		size_t count)
    167. 

  167.  {
    168. 

  168. -	struct crypt_op cryp;
    169. 

  169.  	struct dev_crypto_state *state = ctx->md_data;
    170. 

  170. +	struct crypt_op cryp;
    171. 

  171.  	struct session_op *sess = &state->d_sess;
    172. 

  172.  
    173. 

  173.  	if (!data || state->d_fd < 0) {
    174. 

  174. @@ -772,7 +766,7 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
    175. 

  175.  	}
    176. 

  176.  
    177. 

  177.  	if (!count) {
    178. 

  178. -		return (0);
    179. 

  179. +		return (1);
    180. 

  180.  	}
    181. 

  181.  
    182. 

  182.  	if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
    183. 

  183. @@ -795,9 +789,9 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
    184. 

  184.  	cryp.ses = sess->ses;
    185. 

  185.  	cryp.flags = 0;
    186. 

  186.  	cryp.len = count;
    187. 

  187. -	cryp.src = (caddr_t) data;
    188. 

  188. +	cryp.src = (void*) data;
    189. 

  189.  	cryp.dst = NULL;
    190. 

  190. -	cryp.mac = (caddr_t) state->digest_res;
    191. 

  191. +	cryp.mac = (void*) state->digest_res;
    192. 

  192.  	if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
    193. 

  193.  		printf("cryptodev_digest_update: digest failed\n");
    194. 

  194.  		return (0);
    195. 

  195. @@ -812,8 +806,6 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
    196. 

  196.  	struct dev_crypto_state *state = ctx->md_data;
    197. 

  197.  	struct session_op *sess = &state->d_sess;
    198. 

  198.  
    199. 

  199. -	int ret = 1;
    200. 

  200. -
    201. 

  201.  	if (!md || state->d_fd < 0) {
    202. 

  202.  		printf("cryptodev_digest_final: illegal input\n");
    203. 

  203.  		return(0);
    204. 

  204. @@ -827,7 +819,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
    205. 

  205.  		cryp.len = state->mac_len;
    206. 

  206.  		cryp.src = state->mac_data;
    207. 

  207.  		cryp.dst = NULL;
    208. 

  208. -		cryp.mac = (caddr_t)md;
    209. 

  209. +		cryp.mac = (void*)md;
    210. 

  210.  		if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
    211. 

  211.  			printf("cryptodev_digest_final: digest failed\n");
    212. 

  212.  			return (0);
    213. 

  213. @@ -838,7 +830,7 @@ static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
    214. 

  214.  
    215. 

  215.  	memcpy(md, state->digest_res, ctx->digest->md_size);
    216. 

  216.  
    217. 

  217. -	return (ret);
    218. 

  218. +	return 1;
    219. 

  219.  }
    220. 

  220.  
    221. 

  221.  
    222. 

  222. @@ -890,8 +882,8 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
    223. 

  223.  
    224. 

  224.  	digest = digest_nid_to_cryptodev(to->digest->type);
    225. 

  225.  
    226. 

  226. -	sess->mackey = dstate->dummy_mac_key;
    227. 

  227. -	sess->mackeylen = digest_key_length(to->digest->type);
    228. 

  228. +	sess->mackey = NULL;
    229. 

  229. +	sess->mackeylen = 0;
    230. 

  230.  	sess->mac = digest;
    231. 

  231.  
    232. 

  232.  	dstate->d_fd = get_dev_crypto();
    233. 

  233. @@ -916,34 +908,117 @@ static int cryptodev_digest_copy(EVP_MD_CTX *to,const EVP_MD_CTX *from)
    234. 

  234.  }
    235. 

  235.  
    236. 

  236.  
    237. 

  237. -const EVP_MD cryptodev_sha1 = {
    238. 

  238. +static const EVP_MD cryptodev_sha1 = {
    239. 

  239.  	NID_sha1,
    240. 

  240. -	NID_undef, 
    241. 

  241. +	NID_sha1WithRSAEncryption,
    242. 

  242.  	SHA_DIGEST_LENGTH, 
    243. 

  243. +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
    244. 

  244. +	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
    245. 

  245. +	EVP_MD_FLAG_DIGALGID_ABSENT|
    246. 

  246. +#endif
    247. 

  247.  	EVP_MD_FLAG_ONESHOT,
    248. 

  248.  	cryptodev_digest_init,
    249. 

  249.  	cryptodev_digest_update,
    250. 

  250.  	cryptodev_digest_final,
    251. 

  251.  	cryptodev_digest_copy,
    252. 

  252.  	cryptodev_digest_cleanup,
    253. 

  253. -	EVP_PKEY_NULL_method,
    254. 

  254. +	EVP_PKEY_RSA_method,
    255. 

  255.  	SHA_CBLOCK,
    256. 

  256. -	sizeof(struct dev_crypto_state),
    257. 

  257. +	sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
    258. 

  258. +};
    259. 

  259. +
    260. 

  260. +static const EVP_MD cryptodev_sha256 = {
    261. 

  261. +	NID_sha256,
    262. 

  262. +	NID_sha256WithRSAEncryption,
    263. 

  263. +	SHA256_DIGEST_LENGTH, 
    264. 

  264. +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
    265. 

  265. +	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
    266. 

  266. +	EVP_MD_FLAG_DIGALGID_ABSENT|
    267. 

  267. +#endif
    268. 

  268. +	EVP_MD_FLAG_ONESHOT,
    269. 

  269. +	cryptodev_digest_init,
    270. 

  270. +	cryptodev_digest_update,
    271. 

  271. +	cryptodev_digest_final,
    272. 

  272. +	cryptodev_digest_copy,
    273. 

  273. +	cryptodev_digest_cleanup,
    274. 

  274. +	EVP_PKEY_RSA_method,
    275. 

  275. +	SHA256_CBLOCK,
    276. 

  276. +	sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
    277. 

  277. +};
    278. 

  278. +static const EVP_MD cryptodev_sha224 = {
    279. 

  279. +	NID_sha224,
    280. 

  280. +	NID_sha224WithRSAEncryption, 
    281. 

  281. +	SHA224_DIGEST_LENGTH, 
    282. 

  282. +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
    283. 

  283. +	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
    284. 

  284. +	EVP_MD_FLAG_DIGALGID_ABSENT|
    285. 

  285. +#endif
    286. 

  286. +	EVP_MD_FLAG_ONESHOT,
    287. 

  287. +	cryptodev_digest_init,
    288. 

  288. +	cryptodev_digest_update,
    289. 

  289. +	cryptodev_digest_final,
    290. 

  290. +	cryptodev_digest_copy,
    291. 

  291. +	cryptodev_digest_cleanup,
    292. 

  292. +	EVP_PKEY_RSA_method,
    293. 

  293. +	SHA256_CBLOCK,
    294. 

  294. +	sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
    295. 

  295. +};
    296. 

  296. +
    297. 

  297. +static const EVP_MD cryptodev_sha384 = {
    298. 

  298. +	NID_sha384,
    299. 

  299. +	NID_sha384WithRSAEncryption, 
    300. 

  300. +	SHA384_DIGEST_LENGTH, 
    301. 

  301. +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
    302. 

  302. +	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
    303. 

  303. +	EVP_MD_FLAG_DIGALGID_ABSENT|
    304. 

  304. +#endif
    305. 

  305. +	EVP_MD_FLAG_ONESHOT,
    306. 

  306. +	cryptodev_digest_init,
    307. 

  307. +	cryptodev_digest_update,
    308. 

  308. +	cryptodev_digest_final,
    309. 

  309. +	cryptodev_digest_copy,
    310. 

  310. +	cryptodev_digest_cleanup,
    311. 

  311. +	EVP_PKEY_RSA_method,
    312. 

  312. +	SHA512_CBLOCK,
    313. 

  313. +	sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
    314. 

  314. +};
    315. 

  315. +
    316. 

  316. +static const EVP_MD cryptodev_sha512 = {
    317. 

  317. +	NID_sha512,
    318. 

  318. +	NID_sha512WithRSAEncryption, 
    319. 

  319. +	SHA512_DIGEST_LENGTH, 
    320. 

  320. +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
    321. 

  321. +	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
    322. 

  322. +	EVP_MD_FLAG_DIGALGID_ABSENT|
    323. 

  323. +#endif
    324. 

  324. +	EVP_MD_FLAG_ONESHOT,
    325. 

  325. +	cryptodev_digest_init,
    326. 

  326. +	cryptodev_digest_update,
    327. 

  327. +	cryptodev_digest_final,
    328. 

  328. +	cryptodev_digest_copy,
    329. 

  329. +	cryptodev_digest_cleanup,
    330. 

  330. +	EVP_PKEY_RSA_method,
    331. 

  331. +	SHA512_CBLOCK,
    332. 

  332. +	sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
    333. 

  333.  };
    334. 

  334.  
    335. 

  335. -const EVP_MD cryptodev_md5 = {
    336. 

  336. +static const EVP_MD cryptodev_md5 = {
    337. 

  337.  	NID_md5,
    338. 

  338. -	NID_undef, 
    339. 

  339. +	NID_md5WithRSAEncryption, 
    340. 

  340.  	16 /* MD5_DIGEST_LENGTH */, 
    341. 

  341. +#if defined(EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) && defined(EVP_MD_FLAG_DIGALGID_ABSENT)
    342. 

  342. +	EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|
    343. 

  343. +	EVP_MD_FLAG_DIGALGID_ABSENT|
    344. 

  344. +#endif
    345. 

  345.  	EVP_MD_FLAG_ONESHOT,
    346. 

  346.  	cryptodev_digest_init,
    347. 

  347.  	cryptodev_digest_update,
    348. 

  348.  	cryptodev_digest_final,
    349. 

  349.  	cryptodev_digest_copy,
    350. 

  350.  	cryptodev_digest_cleanup,
    351. 

  351. -	EVP_PKEY_NULL_method,
    352. 

  352. +	EVP_PKEY_RSA_method,
    353. 

  353.  	64 /* MD5_CBLOCK */,
    354. 

  354. -	sizeof(struct dev_crypto_state),
    355. 

  355. +	sizeof(EVP_MD *)+sizeof(struct dev_crypto_state),
    356. 

  356.  };
    357. 

  357.  
    358. 

  358.  #endif /* USE_CRYPTODEV_DIGESTS */
    359. 

  359. @@ -964,6 +1039,18 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
    360. 

  360.  	case NID_sha1:
    361. 

  361.  		*digest = &cryptodev_sha1;
    362. 

  362.   		break;
    363. 

  363. +	case NID_sha224:
    364. 

  364. +		*digest = &cryptodev_sha224;
    365. 

  365. + 		break;
    366. 

  366. +	case NID_sha256:
    367. 

  367. +		*digest = &cryptodev_sha256;
    368. 

  368. + 		break;
    369. 

  369. +	case NID_sha384:
    370. 

  370. +		*digest = &cryptodev_sha384;
    371. 

  371. + 		break;
    372. 

  372. +	case NID_sha512:
    373. 

  373. +		*digest = &cryptodev_sha512;
    374. 

  374. + 		break;
    375. 

  375.  	default:
    376. 

  376.  #endif /* USE_CRYPTODEV_DIGESTS */
    377. 

  377.  		*digest = NULL;
    378. 

  378. @@ -995,7 +1082,7 @@ bn2crparam(const BIGNUM *a, struct crparam *crp)
    379. 

  379.  		return (1);
    380. 

  380.  	memset(b, 0, bytes);
    381. 

  381.  
    382. 

  382. -	crp->crp_p = (caddr_t) b;
    383. 

  383. +	crp->crp_p = (void*) b;
    384. 

  384.  	crp->crp_nbits = bits;
    385. 

  385.  
    386. 

  386.  	for (i = 0, j = 0; i < a->top; i++) {
    387. 

  387. @@ -1248,7 +1335,7 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
    388. 

  388.  	kop.crk_op = CRK_DSA_SIGN;
    389. 

  389.  
    390. 

  390.  	/* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
    391. 

  391. -	kop.crk_param[0].crp_p = (caddr_t)dgst;
    392. 

  392. +	kop.crk_param[0].crp_p = (void*)dgst;
    393. 

  393.  	kop.crk_param[0].crp_nbits = dlen * 8;
    394. 

  394.  	if (bn2crparam(dsa->p, &kop.crk_param[1]))
    395. 

  395.  		goto err;
    396. 

  396. @@ -1288,7 +1375,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
    397. 

  397.  	kop.crk_op = CRK_DSA_VERIFY;
    398. 

  398.  
    399. 

  399.  	/* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
    400. 

  400. -	kop.crk_param[0].crp_p = (caddr_t)dgst;
    401. 

  401. +	kop.crk_param[0].crp_p = (void*)dgst;
    402. 

  402.  	kop.crk_param[0].crp_nbits = dlen * 8;
    403. 

  403.  	if (bn2crparam(dsa->p, &kop.crk_param[1]))
    404. 

  404.  		goto err;
    405. 

  405. @@ -1366,9 +1453,10 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
    406. 

  406.  		goto err;
    407. 

  407.  	kop.crk_iparams = 3;
    408. 

  408.  
    409. 

  409. -	kop.crk_param[3].crp_p = (caddr_t) key;
    410. 

  410. -	kop.crk_param[3].crp_nbits = keylen * 8;
    411. 

  411. +	kop.crk_param[3].crp_p = (void*) key;
    412. 

  412. +	kop.crk_param[3].crp_nbits = keylen;
    413. 

  413.  	kop.crk_oparams = 1;
    414. 

  414. +	dhret = keylen/8;
    415. 

  415.  
    416. 

  416.  	if (ioctl(fd, CIOCKEY, &kop) == -1) {
    417. 

  417.  		const DH_METHOD *meth = DH_OpenSSL();
    418. 

  418. @@ -1440,7 +1528,7 @@ ENGINE_load_cryptodev(void)
    419. 

  419.  	put_dev_crypto(fd);
    420. 

  420.  
    421. 

  421.  	if (!ENGINE_set_id(engine, "cryptodev") ||
    422. 

  422. -	    !ENGINE_set_name(engine, "BSD cryptodev engine") ||
    423. 

  423. +	    !ENGINE_set_name(engine, "cryptodev engine") ||
    424. 

  424.  	    !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
    425. 

  425.  	    !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
    426. 

  426.  	    !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
    427. 

  427. -- 
    428. 

  428. 2.0.0
    429. 

  429.