1 /* 2 * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* Required for vmsplice */ 11 #ifndef _GNU_SOURCE 12 # define _GNU_SOURCE 13 #endif 14 #include <stdio.h> 15 #include <string.h> 16 #include <unistd.h> 17 18 #include <openssl/engine.h> 19 #include <openssl/async.h> 20 #include <openssl/err.h> 21 #include "internal/nelem.h" 22 23 #include <sys/socket.h> 24 #include <linux/version.h> 25 #define K_MAJ 4 26 #define K_MIN1 1 27 #define K_MIN2 0 28 #if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \ 29 !defined(AF_ALG) 30 # ifndef PEDANTIC 31 # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0" 32 # warning "Skipping Compilation of AFALG engine" 33 # endif 34 void engine_load_afalg_int(void); 35 void engine_load_afalg_int(void) 36 { 37 } 38 #else 39 40 # include <linux/if_alg.h> 41 # include <fcntl.h> 42 # include <sys/utsname.h> 43 44 # include <linux/aio_abi.h> 45 # include <sys/syscall.h> 46 # include <errno.h> 47 48 # include "e_afalg.h" 49 # include "e_afalg_err.c" 50 51 # ifndef SOL_ALG 52 # define SOL_ALG 279 53 # endif 54 55 # ifdef ALG_ZERO_COPY 56 # ifndef SPLICE_F_GIFT 57 # define SPLICE_F_GIFT (0x08) 58 # endif 59 # endif 60 61 # define ALG_AES_IV_LEN 16 62 # define ALG_IV_LEN(len) (sizeof(struct af_alg_iv) + (len)) 63 # define ALG_OP_TYPE unsigned int 64 # define ALG_OP_LEN (sizeof(ALG_OP_TYPE)) 65 66 # ifdef OPENSSL_NO_DYNAMIC_ENGINE 67 void engine_load_afalg_int(void); 68 # endif 69 70 /* Local Linkage Functions */ 71 static int afalg_init_aio(afalg_aio *aio); 72 static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd, 73 unsigned char *buf, size_t len); 74 static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, 75 const char *ciphername); 76 static int afalg_destroy(ENGINE *e); 77 static int afalg_init(ENGINE *e); 78 static int afalg_finish(ENGINE *e); 79 static const EVP_CIPHER *afalg_aes_cbc(int nid); 80 static cbc_handles *get_cipher_handle(int nid); 81 static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 82 const int **nids, int nid); 83 static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, 84 const unsigned char *iv, int enc); 85 static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 86 const unsigned char *in, size_t inl); 87 static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx); 88 static int afalg_chk_platform(void); 89 90 /* Engine Id and Name */ 91 static const char *engine_afalg_id = "afalg"; 92 static const char *engine_afalg_name = "AFALG engine support"; 93 94 static int afalg_cipher_nids[] = { 95 NID_aes_128_cbc, 96 NID_aes_192_cbc, 97 NID_aes_256_cbc, 98 }; 99 100 static cbc_handles cbc_handle[] = {{AES_KEY_SIZE_128, NULL}, 101 {AES_KEY_SIZE_192, NULL}, 102 {AES_KEY_SIZE_256, NULL}}; 103 104 static ossl_inline int io_setup(unsigned n, aio_context_t *ctx) 105 { 106 return syscall(__NR_io_setup, n, ctx); 107 } 108 109 static ossl_inline int eventfd(int n) 110 { 111 return syscall(__NR_eventfd2, n, 0); 112 } 113 114 static ossl_inline int io_destroy(aio_context_t ctx) 115 { 116 return syscall(__NR_io_destroy, ctx); 117 } 118 119 static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb) 120 { 121 return syscall(__NR_io_submit, ctx, n, iocb); 122 } 123 124 static ossl_inline int io_getevents(aio_context_t ctx, long min, long max, 125 struct io_event *events, 126 struct timespec *timeout) 127 { 128 return syscall(__NR_io_getevents, ctx, min, max, events, timeout); 129 } 130 131 static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, 132 OSSL_ASYNC_FD waitfd, void *custom) 133 { 134 close(waitfd); 135 } 136 137 static int afalg_setup_async_event_notification(afalg_aio *aio) 138 { 139 ASYNC_JOB *job; 140 ASYNC_WAIT_CTX *waitctx; 141 void *custom = NULL; 142 int ret; 143 144 if ((job = ASYNC_get_current_job()) != NULL) { 145 /* Async mode */ 146 waitctx = ASYNC_get_wait_ctx(job); 147 if (waitctx == NULL) { 148 ALG_WARN("%s(%d): ASYNC_get_wait_ctx error", __FILE__, __LINE__); 149 return 0; 150 } 151 /* Get waitfd from ASYNC_WAIT_CTX if it is already set */ 152 ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id, 153 &aio->efd, &custom); 154 if (ret == 0) { 155 /* 156 * waitfd is not set in ASYNC_WAIT_CTX, create a new one 157 * and set it. efd will be signaled when AIO operation completes 158 */ 159 aio->efd = eventfd(0); 160 if (aio->efd == -1) { 161 ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, 162 __LINE__); 163 AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, 164 AFALG_R_EVENTFD_FAILED); 165 return 0; 166 } 167 ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id, 168 aio->efd, custom, 169 afalg_waitfd_cleanup); 170 if (ret == 0) { 171 ALG_WARN("%s(%d): Failed to set wait fd", __FILE__, __LINE__); 172 close(aio->efd); 173 return 0; 174 } 175 /* make fd non-blocking in async mode */ 176 if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) { 177 ALG_WARN("%s(%d): Failed to set event fd as NONBLOCKING", 178 __FILE__, __LINE__); 179 } 180 } 181 aio->mode = MODE_ASYNC; 182 } else { 183 /* Sync mode */ 184 aio->efd = eventfd(0); 185 if (aio->efd == -1) { 186 ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, __LINE__); 187 AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, 188 AFALG_R_EVENTFD_FAILED); 189 return 0; 190 } 191 aio->mode = MODE_SYNC; 192 } 193 return 1; 194 } 195 196 static int afalg_init_aio(afalg_aio *aio) 197 { 198 int r = -1; 199 200 /* Initialise for AIO */ 201 aio->aio_ctx = 0; 202 r = io_setup(MAX_INFLIGHTS, &aio->aio_ctx); 203 if (r < 0) { 204 ALG_PERR("%s(%d): io_setup error : ", __FILE__, __LINE__); 205 AFALGerr(AFALG_F_AFALG_INIT_AIO, AFALG_R_IO_SETUP_FAILED); 206 return 0; 207 } 208 209 memset(aio->cbt, 0, sizeof(aio->cbt)); 210 aio->efd = -1; 211 aio->mode = MODE_UNINIT; 212 213 return 1; 214 } 215 216 static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, 217 size_t len) 218 { 219 int r; 220 int retry = 0; 221 unsigned int done = 0; 222 struct iocb *cb; 223 struct timespec timeout; 224 struct io_event events[MAX_INFLIGHTS]; 225 u_int64_t eval = 0; 226 227 timeout.tv_sec = 0; 228 timeout.tv_nsec = 0; 229 230 /* if efd has not been initialised yet do it here */ 231 if (aio->mode == MODE_UNINIT) { 232 r = afalg_setup_async_event_notification(aio); 233 if (r == 0) 234 return 0; 235 } 236 237 cb = &(aio->cbt[0 % MAX_INFLIGHTS]); 238 memset(cb, '\0', sizeof(*cb)); 239 cb->aio_fildes = sfd; 240 cb->aio_lio_opcode = IOCB_CMD_PREAD; 241 /* 242 * The pointer has to be converted to unsigned value first to avoid 243 * sign extension on cast to 64 bit value in 32-bit builds 244 */ 245 cb->aio_buf = (size_t)buf; 246 cb->aio_offset = 0; 247 cb->aio_data = 0; 248 cb->aio_nbytes = len; 249 cb->aio_flags = IOCB_FLAG_RESFD; 250 cb->aio_resfd = aio->efd; 251 252 /* 253 * Perform AIO read on AFALG socket, this in turn performs an async 254 * crypto operation in kernel space 255 */ 256 r = io_read(aio->aio_ctx, 1, &cb); 257 if (r < 0) { 258 ALG_PWARN("%s(%d): io_read failed : ", __FILE__, __LINE__); 259 return 0; 260 } 261 262 do { 263 /* While AIO read is being performed pause job */ 264 ASYNC_pause_job(); 265 266 /* Check for completion of AIO read */ 267 r = read(aio->efd, &eval, sizeof(eval)); 268 if (r < 0) { 269 if (errno == EAGAIN || errno == EWOULDBLOCK) 270 continue; 271 ALG_PERR("%s(%d): read failed for event fd : ", __FILE__, __LINE__); 272 return 0; 273 } else if (r == 0 || eval <= 0) { 274 ALG_WARN("%s(%d): eventfd read %d bytes, eval = %lu\n", __FILE__, 275 __LINE__, r, eval); 276 } 277 if (eval > 0) { 278 279 /* Get results of AIO read */ 280 r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS, 281 events, &timeout); 282 if (r > 0) { 283 /* 284 * events.res indicates the actual status of the operation. 285 * Handle the error condition first. 286 */ 287 if (events[0].res < 0) { 288 /* 289 * Underlying operation cannot be completed at the time 290 * of previous submission. Resubmit for the operation. 291 */ 292 if (events[0].res == -EBUSY && retry++ < 3) { 293 r = io_read(aio->aio_ctx, 1, &cb); 294 if (r < 0) { 295 ALG_PERR("%s(%d): retry %d for io_read failed : ", 296 __FILE__, __LINE__, retry); 297 return 0; 298 } 299 continue; 300 } else { 301 /* 302 * Retries exceed for -EBUSY or unrecoverable error 303 * condition for this instance of operation. 304 */ 305 ALG_WARN 306 ("%s(%d): Crypto Operation failed with code %lld\n", 307 __FILE__, __LINE__, events[0].res); 308 return 0; 309 } 310 } 311 /* Operation successful. */ 312 done = 1; 313 } else if (r < 0) { 314 ALG_PERR("%s(%d): io_getevents failed : ", __FILE__, __LINE__); 315 return 0; 316 } else { 317 ALG_WARN("%s(%d): io_geteventd read 0 bytes\n", __FILE__, 318 __LINE__); 319 } 320 } 321 } while (!done); 322 323 return 1; 324 } 325 326 static ossl_inline void afalg_set_op_sk(struct cmsghdr *cmsg, 327 const ALG_OP_TYPE op) 328 { 329 cmsg->cmsg_level = SOL_ALG; 330 cmsg->cmsg_type = ALG_SET_OP; 331 cmsg->cmsg_len = CMSG_LEN(ALG_OP_LEN); 332 memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN); 333 } 334 335 static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv, 336 const unsigned int len) 337 { 338 struct af_alg_iv *aiv; 339 340 cmsg->cmsg_level = SOL_ALG; 341 cmsg->cmsg_type = ALG_SET_IV; 342 cmsg->cmsg_len = CMSG_LEN(ALG_IV_LEN(len)); 343 aiv = (struct af_alg_iv *)CMSG_DATA(cmsg); 344 aiv->ivlen = len; 345 memcpy(aiv->iv, iv, len); 346 } 347 348 static ossl_inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key, 349 const int klen) 350 { 351 int ret; 352 ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen); 353 if (ret < 0) { 354 ALG_PERR("%s(%d): Failed to set socket option : ", __FILE__, __LINE__); 355 AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED); 356 return 0; 357 } 358 return 1; 359 } 360 361 static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, 362 const char *ciphername) 363 { 364 struct sockaddr_alg sa; 365 int r = -1; 366 367 actx->bfd = actx->sfd = -1; 368 369 memset(&sa, 0, sizeof(sa)); 370 sa.salg_family = AF_ALG; 371 OPENSSL_strlcpy((char *) sa.salg_type, ciphertype, sizeof(sa.salg_type)); 372 OPENSSL_strlcpy((char *) sa.salg_name, ciphername, sizeof(sa.salg_name)); 373 374 actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0); 375 if (actx->bfd == -1) { 376 ALG_PERR("%s(%d): Failed to open socket : ", __FILE__, __LINE__); 377 AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED); 378 goto err; 379 } 380 381 r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa)); 382 if (r < 0) { 383 ALG_PERR("%s(%d): Failed to bind socket : ", __FILE__, __LINE__); 384 AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED); 385 goto err; 386 } 387 388 actx->sfd = accept(actx->bfd, NULL, 0); 389 if (actx->sfd < 0) { 390 ALG_PERR("%s(%d): Socket Accept Failed : ", __FILE__, __LINE__); 391 AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED); 392 goto err; 393 } 394 395 return 1; 396 397 err: 398 if (actx->bfd >= 0) 399 close(actx->bfd); 400 if (actx->sfd >= 0) 401 close(actx->sfd); 402 actx->bfd = actx->sfd = -1; 403 return 0; 404 } 405 406 static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in, 407 size_t inl, const unsigned char *iv, 408 unsigned int enc) 409 { 410 struct msghdr msg = { 0 }; 411 struct cmsghdr *cmsg; 412 struct iovec iov; 413 ssize_t sbytes; 414 # ifdef ALG_ZERO_COPY 415 int ret; 416 # endif 417 char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)]; 418 419 memset(cbuf, 0, sizeof(cbuf)); 420 msg.msg_control = cbuf; 421 msg.msg_controllen = sizeof(cbuf); 422 423 /* 424 * cipher direction (i.e. encrypt or decrypt) and iv are sent to the 425 * kernel as part of sendmsg()'s ancillary data 426 */ 427 cmsg = CMSG_FIRSTHDR(&msg); 428 afalg_set_op_sk(cmsg, enc); 429 cmsg = CMSG_NXTHDR(&msg, cmsg); 430 afalg_set_iv_sk(cmsg, iv, ALG_AES_IV_LEN); 431 432 /* iov that describes input data */ 433 iov.iov_base = (unsigned char *)in; 434 iov.iov_len = inl; 435 436 msg.msg_flags = MSG_MORE; 437 438 # ifdef ALG_ZERO_COPY 439 /* 440 * ZERO_COPY mode 441 * Works best when buffer is 4k aligned 442 * OPENS: out of place processing (i.e. out != in) 443 */ 444 445 /* Input data is not sent as part of call to sendmsg() */ 446 msg.msg_iovlen = 0; 447 msg.msg_iov = NULL; 448 449 /* Sendmsg() sends iv and cipher direction to the kernel */ 450 sbytes = sendmsg(actx->sfd, &msg, 0); 451 if (sbytes < 0) { 452 ALG_PERR("%s(%d): sendmsg failed for zero copy cipher operation : ", 453 __FILE__, __LINE__); 454 return 0; 455 } 456 457 /* 458 * vmsplice and splice are used to pin the user space input buffer for 459 * kernel space processing avoiding copys from user to kernel space 460 */ 461 ret = vmsplice(actx->zc_pipe[1], &iov, 1, SPLICE_F_GIFT); 462 if (ret < 0) { 463 ALG_PERR("%s(%d): vmsplice failed : ", __FILE__, __LINE__); 464 return 0; 465 } 466 467 ret = splice(actx->zc_pipe[0], NULL, actx->sfd, NULL, inl, 0); 468 if (ret < 0) { 469 ALG_PERR("%s(%d): splice failed : ", __FILE__, __LINE__); 470 return 0; 471 } 472 # else 473 msg.msg_iovlen = 1; 474 msg.msg_iov = &iov; 475 476 /* Sendmsg() sends iv, cipher direction and input data to the kernel */ 477 sbytes = sendmsg(actx->sfd, &msg, 0); 478 if (sbytes < 0) { 479 ALG_PERR("%s(%d): sendmsg failed for cipher operation : ", __FILE__, 480 __LINE__); 481 return 0; 482 } 483 484 if (sbytes != (ssize_t) inl) { 485 ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes, 486 inl); 487 return 0; 488 } 489 # endif 490 491 return 1; 492 } 493 494 static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, 495 const unsigned char *iv, int enc) 496 { 497 int ciphertype; 498 int ret; 499 afalg_ctx *actx; 500 const char *ciphername; 501 502 if (ctx == NULL || key == NULL) { 503 ALG_WARN("%s(%d): Null Parameter\n", __FILE__, __LINE__); 504 return 0; 505 } 506 507 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { 508 ALG_WARN("%s(%d): Cipher object NULL\n", __FILE__, __LINE__); 509 return 0; 510 } 511 512 actx = EVP_CIPHER_CTX_get_cipher_data(ctx); 513 if (actx == NULL) { 514 ALG_WARN("%s(%d): Cipher data NULL\n", __FILE__, __LINE__); 515 return 0; 516 } 517 518 ciphertype = EVP_CIPHER_CTX_nid(ctx); 519 switch (ciphertype) { 520 case NID_aes_128_cbc: 521 case NID_aes_192_cbc: 522 case NID_aes_256_cbc: 523 ciphername = "cbc(aes)"; 524 break; 525 default: 526 ALG_WARN("%s(%d): Unsupported Cipher type %d\n", __FILE__, __LINE__, 527 ciphertype); 528 return 0; 529 } 530 531 if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) { 532 ALG_WARN("%s(%d): Unsupported IV length :%d\n", __FILE__, __LINE__, 533 EVP_CIPHER_CTX_iv_length(ctx)); 534 return 0; 535 } 536 537 /* Setup AFALG socket for crypto processing */ 538 ret = afalg_create_sk(actx, "skcipher", ciphername); 539 if (ret < 1) 540 return 0; 541 542 543 ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx)); 544 if (ret < 1) 545 goto err; 546 547 /* Setup AIO ctx to allow async AFALG crypto processing */ 548 if (afalg_init_aio(&actx->aio) == 0) 549 goto err; 550 551 # ifdef ALG_ZERO_COPY 552 pipe(actx->zc_pipe); 553 # endif 554 555 actx->init_done = MAGIC_INIT_NUM; 556 557 return 1; 558 559 err: 560 close(actx->sfd); 561 close(actx->bfd); 562 return 0; 563 } 564 565 static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 566 const unsigned char *in, size_t inl) 567 { 568 afalg_ctx *actx; 569 int ret; 570 char nxtiv[ALG_AES_IV_LEN] = { 0 }; 571 572 if (ctx == NULL || out == NULL || in == NULL) { 573 ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, 574 __LINE__); 575 return 0; 576 } 577 578 actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); 579 if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { 580 ALG_WARN("%s afalg ctx passed\n", 581 ctx == NULL ? "NULL" : "Uninitialised"); 582 return 0; 583 } 584 585 /* 586 * set iv now for decrypt operation as the input buffer can be 587 * overwritten for inplace operation where in = out. 588 */ 589 if (EVP_CIPHER_CTX_encrypting(ctx) == 0) { 590 memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN); 591 } 592 593 /* Send input data to kernel space */ 594 ret = afalg_start_cipher_sk(actx, (unsigned char *)in, inl, 595 EVP_CIPHER_CTX_iv(ctx), 596 EVP_CIPHER_CTX_encrypting(ctx)); 597 if (ret < 1) { 598 return 0; 599 } 600 601 /* Perform async crypto operation in kernel space */ 602 ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl); 603 if (ret < 1) 604 return 0; 605 606 if (EVP_CIPHER_CTX_encrypting(ctx)) { 607 memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN), 608 ALG_AES_IV_LEN); 609 } else { 610 memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN); 611 } 612 613 return 1; 614 } 615 616 static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) 617 { 618 afalg_ctx *actx; 619 620 if (ctx == NULL) { 621 ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, 622 __LINE__); 623 return 0; 624 } 625 626 actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); 627 if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { 628 ALG_WARN("%s afalg ctx passed\n", 629 ctx == NULL ? "NULL" : "Uninitialised"); 630 return 0; 631 } 632 633 close(actx->sfd); 634 close(actx->bfd); 635 # ifdef ALG_ZERO_COPY 636 close(actx->zc_pipe[0]); 637 close(actx->zc_pipe[1]); 638 # endif 639 /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */ 640 if (actx->aio.mode == MODE_SYNC) 641 close(actx->aio.efd); 642 io_destroy(actx->aio.aio_ctx); 643 644 return 1; 645 } 646 647 static cbc_handles *get_cipher_handle(int nid) 648 { 649 switch (nid) { 650 case NID_aes_128_cbc: 651 return &cbc_handle[AES_CBC_128]; 652 case NID_aes_192_cbc: 653 return &cbc_handle[AES_CBC_192]; 654 case NID_aes_256_cbc: 655 return &cbc_handle[AES_CBC_256]; 656 default: 657 return NULL; 658 } 659 } 660 661 static const EVP_CIPHER *afalg_aes_cbc(int nid) 662 { 663 cbc_handles *cipher_handle = get_cipher_handle(nid); 664 if (cipher_handle->_hidden == NULL 665 && ((cipher_handle->_hidden = 666 EVP_CIPHER_meth_new(nid, 667 AES_BLOCK_SIZE, 668 cipher_handle->key_size)) == NULL 669 || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden, 670 AES_IV_LEN) 671 || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden, 672 EVP_CIPH_CBC_MODE | 673 EVP_CIPH_FLAG_DEFAULT_ASN1) 674 || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden, 675 afalg_cipher_init) 676 || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden, 677 afalg_do_cipher) 678 || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden, 679 afalg_cipher_cleanup) 680 || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden, 681 sizeof(afalg_ctx)))) { 682 EVP_CIPHER_meth_free(cipher_handle->_hidden); 683 cipher_handle->_hidden= NULL; 684 } 685 return cipher_handle->_hidden; 686 } 687 688 static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 689 const int **nids, int nid) 690 { 691 int r = 1; 692 693 if (cipher == NULL) { 694 *nids = afalg_cipher_nids; 695 return (sizeof(afalg_cipher_nids) / sizeof(afalg_cipher_nids[0])); 696 } 697 698 switch (nid) { 699 case NID_aes_128_cbc: 700 case NID_aes_192_cbc: 701 case NID_aes_256_cbc: 702 *cipher = afalg_aes_cbc(nid); 703 break; 704 default: 705 *cipher = NULL; 706 r = 0; 707 } 708 return r; 709 } 710 711 static int bind_afalg(ENGINE *e) 712 { 713 /* Ensure the afalg error handling is set up */ 714 unsigned short i; 715 ERR_load_AFALG_strings(); 716 717 if (!ENGINE_set_id(e, engine_afalg_id) 718 || !ENGINE_set_name(e, engine_afalg_name) 719 || !ENGINE_set_destroy_function(e, afalg_destroy) 720 || !ENGINE_set_init_function(e, afalg_init) 721 || !ENGINE_set_finish_function(e, afalg_finish)) { 722 AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); 723 return 0; 724 } 725 726 /* 727 * Create _hidden_aes_xxx_cbc by calling afalg_aes_xxx_cbc 728 * now, as bind_aflag can only be called by one thread at a 729 * time. 730 */ 731 for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { 732 if (afalg_aes_cbc(afalg_cipher_nids[i]) == NULL) { 733 AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); 734 return 0; 735 } 736 } 737 738 if (!ENGINE_set_ciphers(e, afalg_ciphers)) { 739 AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); 740 return 0; 741 } 742 743 return 1; 744 } 745 746 # ifndef OPENSSL_NO_DYNAMIC_ENGINE 747 static int bind_helper(ENGINE *e, const char *id) 748 { 749 if (id && (strcmp(id, engine_afalg_id) != 0)) 750 return 0; 751 752 if (!afalg_chk_platform()) 753 return 0; 754 755 if (!bind_afalg(e)) 756 return 0; 757 return 1; 758 } 759 760 IMPLEMENT_DYNAMIC_CHECK_FN() 761 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) 762 # endif 763 764 static int afalg_chk_platform(void) 765 { 766 int ret; 767 int i; 768 int kver[3] = { -1, -1, -1 }; 769 int sock; 770 char *str; 771 struct utsname ut; 772 773 ret = uname(&ut); 774 if (ret != 0) { 775 AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, 776 AFALG_R_FAILED_TO_GET_PLATFORM_INFO); 777 return 0; 778 } 779 780 str = strtok(ut.release, "."); 781 for (i = 0; i < 3 && str != NULL; i++) { 782 kver[i] = atoi(str); 783 str = strtok(NULL, "."); 784 } 785 786 if (KERNEL_VERSION(kver[0], kver[1], kver[2]) 787 < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) { 788 ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n", 789 kver[0], kver[1], kver[2]); 790 ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n", 791 K_MAJ, K_MIN1, K_MIN2); 792 AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, 793 AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG); 794 return 0; 795 } 796 797 /* Test if we can actually create an AF_ALG socket */ 798 sock = socket(AF_ALG, SOCK_SEQPACKET, 0); 799 if (sock == -1) { 800 AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED); 801 return 0; 802 } 803 close(sock); 804 805 return 1; 806 } 807 808 # ifdef OPENSSL_NO_DYNAMIC_ENGINE 809 static ENGINE *engine_afalg(void) 810 { 811 ENGINE *ret = ENGINE_new(); 812 if (ret == NULL) 813 return NULL; 814 if (!bind_afalg(ret)) { 815 ENGINE_free(ret); 816 return NULL; 817 } 818 return ret; 819 } 820 821 void engine_load_afalg_int(void) 822 { 823 ENGINE *toadd; 824 825 if (!afalg_chk_platform()) 826 return; 827 828 toadd = engine_afalg(); 829 if (toadd == NULL) 830 return; 831 ENGINE_add(toadd); 832 ENGINE_free(toadd); 833 ERR_clear_error(); 834 } 835 # endif 836 837 static int afalg_init(ENGINE *e) 838 { 839 return 1; 840 } 841 842 static int afalg_finish(ENGINE *e) 843 { 844 return 1; 845 } 846 847 static int free_cbc(void) 848 { 849 short unsigned int i; 850 for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { 851 EVP_CIPHER_meth_free(cbc_handle[i]._hidden); 852 cbc_handle[i]._hidden = NULL; 853 } 854 return 1; 855 } 856 857 static int afalg_destroy(ENGINE *e) 858 { 859 ERR_unload_AFALG_strings(); 860 free_cbc(); 861 return 1; 862 } 863 864 #endif /* KERNEL VERSION */ 865