[thirdparty/openssl.git] / crypto / evp / openbsd_hw.c

/* Written by Ben Laurie, 2001 */
/*
 * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifdef OPENSSL_OPENBSD_DEV_CRYPTO

#include <fcntl.h>
#include <stdio.h>
#include <errno.h>
#include <sys/ioctl.h>
#include <crypto/cryptodev.h>
#include <unistd.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/rsa.h>
#include "evp_locl.h"
#include <assert.h>

/* longest key supported in hardware */
#define MAX_HW_KEY	24
#define MAX_HW_IV	8

#define MD5_DIGEST_LENGTH	16
#define MD5_CBLOCK		64

static int fd;
static int dev_failed;

typedef struct session_op session_op;

#define data(ctx) EVP_C_DATA(session_op,ctx)

static void err(const char *str)
    {
    fprintf(stderr,"%s: errno %d\n",str,errno);
    }

static int dev_crypto_init(session_op *ses)
    {
    if(dev_failed)
	return 0;
    if(!fd)
	{
	int cryptodev_fd;

        if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
	    {
	    err("/dev/crypto");
	    dev_failed=1;
	    return 0;
	    }
        if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
	    {
	    err("CRIOGET failed");
	    close(cryptodev_fd);
	    dev_failed=1;
	    return 0;
	    }
	close(cryptodev_fd);
	}
    assert(ses);
    memset(ses,'\0',sizeof *ses);

    return 1;
    }

static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
    {
    printf("Cleanup %d\n",data(ctx)->ses);
    if(ioctl(fd,CIOCFSESSION,&data(ctx)->ses) == -1)
	err("CIOCFSESSION failed");

    OPENSSL_free(data(ctx)->key);

    return 1;
    }

static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx,int cipher,
			       const unsigned char *key,int klen)
    {
    if(!dev_crypto_init(data(ctx)))
	return 0;

    data(ctx)->key=OPENSSL_malloc(MAX_HW_KEY);

    assert(ctx->cipher->iv_len <= MAX_HW_IV);

    memcpy(data(ctx)->key,key,klen);
    
    data(ctx)->cipher=cipher;
    data(ctx)->keylen=klen;

    if (ioctl(fd,CIOCGSESSION,data(ctx)) == -1)
	{
	err("CIOCGSESSION failed");
	return 0;
	}
    printf("Init %d\n",data(ctx)->ses);
    return 1;
    }

static int dev_crypto_init_digest(session_op *ses,int mac)
    {
    if(!dev_crypto_init(ses))
	return 0;

    ses->mac=mac;

    if (ioctl(fd,CIOCGSESSION,ses) == -1)
	{
	err("CIOCGSESSION failed");
	return 0;
	}
    printf("Init MAC %d\n",ses->ses);
    return 1;
    }

static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
			     const unsigned char *in,unsigned int inl)
    {
    struct crypt_op cryp;
    unsigned char lb[MAX_HW_IV];

    if(!inl)
	return 1;

    assert(data(ctx));
    assert(!dev_failed);

    memset(&cryp,'\0',sizeof cryp);
    cryp.ses=data(ctx)->ses;
    cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
    cryp.flags=0;
    cryp.len=inl;
    assert((inl&(ctx->cipher->block_size-1)) == 0);
    cryp.src=(caddr_t)in;
    cryp.dst=(caddr_t)out;
    cryp.mac=0;
    if(ctx->cipher->iv_len)
	cryp.iv=(caddr_t)ctx->iv;

    if(!ctx->encrypt)
	memcpy(lb,&in[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);

    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
	{
	if(errno == EINVAL) /* buffers are misaligned */
	    {
	    unsigned int cinl=0;
	    char *cin=NULL;
	    char *cout=NULL;

	    /* NB: this can only make cinl != inl with stream ciphers */
	    cinl=(inl+3)/4*4;

	    if(((unsigned long)in&3) || cinl != inl)
		{
		cin=OPENSSL_malloc(cinl);
		memcpy(cin,in,inl);
		cryp.src=cin;
		}

	    if(((unsigned long)out&3) || cinl != inl)
		{
		cout=OPENSSL_malloc(cinl);
		cryp.dst=cout;
		}

	    cryp.len=cinl;

	    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
		{
		err("CIOCCRYPT(2) failed");
		printf("src=%p dst=%p\n",cryp.src,cryp.dst);
		abort();
		return 0;
		}
		
	    if(cout)
		{
		memcpy(out,cout,inl);
		OPENSSL_free(cout);
		}
	    if(cin)
		OPENSSL_free(cin);
	    }
	else 
	    {	    
	    err("CIOCCRYPT failed");
	    abort();
	    return 0;
	    }
	}

    if(ctx->encrypt)
	memcpy(ctx->iv,&out[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
    else
	memcpy(ctx->iv,lb,ctx->cipher->iv_len);

    return 1;
    }

static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
					const unsigned char *key,
					const unsigned char *iv, int enc)
    { return dev_crypto_init_key(ctx,CRYPTO_3DES_CBC,key,24); }

#define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher

BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
		     0, dev_crypto_des_ede3_init_key,
		     dev_crypto_cleanup, 
		     EVP_CIPHER_set_asn1_iv,
		     EVP_CIPHER_get_asn1_iv,
		     NULL)

static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
					const unsigned char *key,
					const unsigned char *iv, int enc)
    { return dev_crypto_init_key(ctx,CRYPTO_ARC4,key,16); }

static const EVP_CIPHER r4_cipher=
    {
    NID_rc4,
    1,16,0,	/* FIXME: key should be up to 256 bytes */
    EVP_CIPH_VARIABLE_LENGTH,
    dev_crypto_rc4_init_key,
    dev_crypto_cipher,
    dev_crypto_cleanup,
    sizeof(session_op),
    NULL,
    NULL,
    NULL
    };

const EVP_CIPHER *EVP_dev_crypto_rc4(void)
    { return &r4_cipher; }

static int dev_crypto_md5_init(void *md_data)
    { return dev_crypto_init_digest(md_data,CRYPTO_MD5); }

static int dev_crypto_md5_update(void *md_data,const void *data,
				 unsigned long len)
    {
    struct crypt_op cryp;
    session_op *ses=md_data;
    char buf[MD5_DIGEST_LENGTH];

    printf("update\n");
    memset(&cryp,'\0',sizeof cryp);
    cryp.ses=ses->ses;
    cryp.len=len;
    cryp.src=(caddr_t)data;
    cryp.dst=buf;

    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
	{
	err("CIOCCRYPT(MAC) failed");
	abort();
	return 0;
	}
    printf("update done\n");
    return 1;
    }

static int dev_crypto_md5_final(unsigned char *md,void *md_data)
    {
    struct crypt_op cryp;
    session_op *ses=md_data;

    printf("final\n");
    memset(&cryp,'\0',sizeof cryp);
    cryp.ses=ses->ses;
    cryp.len=0;
    cryp.op=COP_ENCRYPT;/* required to do the MAC rather than check it */
    cryp.src=(caddr_t)md;
    cryp.dst=(caddr_t)md;

    if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
	{
	err("CIOCCRYPT(MAC,final) failed");
	abort();
	return 0;
	}

    printf("final done\n");
    return 1;
    }

static const EVP_MD md5_md=
    {
    NID_md5,
    NID_md5WithRSAEncryption,
    MD5_DIGEST_LENGTH,
    dev_crypto_md5_init,
    dev_crypto_md5_update,
    dev_crypto_md5_final,
    EVP_PKEY_RSA_method,
    MD5_CBLOCK,
    sizeof(session_op),
    };

const EVP_MD *EVP_dev_crypto_md5(void)
    { return &md5_md; }

#else
static void *dummy=&dummy;
#endif
Commit	Line	Data
0e360199	1	/* Written by Ben Laurie, 2001 */
c518ade1	2	/*
0e360199	3	* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
c518ade1 BL	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	*
	9	* 1. Redistributions of source code must retain the above copyright
	10	* notice, this list of conditions and the following disclaimer.
	11	*
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in
	14	* the documentation and/or other materials provided with the
	15	* distribution.
	16	*
	17	* 3. All advertising materials mentioning features or use of this
	18	* software must display the following acknowledgment:
	19	* "This product includes software developed by the OpenSSL Project
	20	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	21	*
	22	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	23	* endorse or promote products derived from this software without
	24	* prior written permission. For written permission, please contact
	25	* openssl-core@openssl.org.
	26	*
	27	* 5. Products derived from this software may not be called "OpenSSL"
	28	* nor may "OpenSSL" appear in their names without prior written
	29	* permission of the OpenSSL Project.
	30	*
	31	* 6. Redistributions of any form whatsoever must retain the following
	32	* acknowledgment:
	33	* "This product includes software developed by the OpenSSL Project
	34	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	35	*
	36	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	37	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	38	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	39	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	40	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	41	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	42	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	43	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	44	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	45	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	46	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	47	* OF THE POSSIBILITY OF SUCH DAMAGE.
	48	*/
	49
47c3448a RL	50	#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
47c3448a RL	51
c518ade1 BL	52	#include <fcntl.h>
	53	#include <stdio.h>
	54	#include <errno.h>
	55	#include <sys/ioctl.h>
	56	#include <crypto/cryptodev.h>
	57	#include <unistd.h>
	58	#include <openssl/evp.h>
	59	#include <openssl/objects.h>
35e33f0e	60	#include <openssl/rsa.h>
c518ade1 BL	61	#include "evp_locl.h"
	62	#include <assert.h>
	63
dbfc0f8c	64	/* longest key supported in hardware */
c518ade1	65	#define MAX_HW_KEY 24
82b22305	66	#define MAX_HW_IV 8
c518ade1	67
35e33f0e BL	68	#define MD5_DIGEST_LENGTH 16
	69	#define MD5_CBLOCK 64
	70
c518ade1 BL	71	static int fd;
	72	static int dev_failed;
	73
1ba01caa BL	74	typedef struct session_op session_op;
	75
	76	#define data(ctx) EVP_C_DATA(session_op,ctx)
	77
c518ade1 BL	78	static void err(const char *str)
	79	{
	80	fprintf(stderr,"%s: errno %d\n",str,errno);
	81	}
	82
35e33f0e	83	static int dev_crypto_init(session_op *ses)
c518ade1 BL	84	{
	85	if(dev_failed)
	86	return 0;
	87	if(!fd)
	88	{
	89	int cryptodev_fd;
	90
	91	if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
	92	{
	93	err("/dev/crypto");
	94	dev_failed=1;
	95	return 0;
	96	}
	97	if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
	98	{
	99	err("CRIOGET failed");
	100	close(cryptodev_fd);
	101	dev_failed=1;
	102	return 0;
	103	}
	104	close(cryptodev_fd);
	105	}
35e33f0e BL	106	assert(ses);
35e33f0e BL	107	memset(ses,'\0',sizeof *ses);
1ba01caa	108
c518ade1 BL	109	return 1;
	110	}
	111
	112	static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
	113	{
82b22305	114	printf("Cleanup %d\n",data(ctx)->ses);
0713f8ab	115	if(ioctl(fd,CIOCFSESSION,&data(ctx)->ses) == -1)
c518ade1 BL	116	err("CIOCFSESSION failed");
c518ade1 BL	117
1ba01caa	118	OPENSSL_free(data(ctx)->key);
c518ade1 BL	119
	120	return 1;
	121	}
	122
82b22305 BL	123	static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx,int cipher,
82b22305 BL	124	const unsigned char *key,int klen)
c518ade1	125	{
35e33f0e	126	if(!dev_crypto_init(data(ctx)))
82b22305 BL	127	return 0;
82b22305 BL	128
35e33f0e BL	129	data(ctx)->key=OPENSSL_malloc(MAX_HW_KEY);
35e33f0e BL	130
82b22305 BL	131	assert(ctx->cipher->iv_len <= MAX_HW_IV);
	132
	133	memcpy(data(ctx)->key,key,klen);
c518ade1	134
82b22305	135	data(ctx)->cipher=cipher;
82b22305	136	data(ctx)->keylen=klen;
c518ade1	137
1ba01caa	138	if (ioctl(fd,CIOCGSESSION,data(ctx)) == -1)
c518ade1 BL	139	{
c518ade1 BL	140	err("CIOCGSESSION failed");
82b22305	141	return 0;
c518ade1	142	}
82b22305	143	printf("Init %d\n",data(ctx)->ses);
c518ade1 BL	144	return 1;
	145	}
	146
35e33f0e BL	147	static int dev_crypto_init_digest(session_op *ses,int mac)
	148	{
	149	if(!dev_crypto_init(ses))
	150	return 0;
	151
	152	ses->mac=mac;
	153
	154	if (ioctl(fd,CIOCGSESSION,ses) == -1)
	155	{
	156	err("CIOCGSESSION failed");
	157	return 0;
	158	}
	159	printf("Init MAC %d\n",ses->ses);
	160	return 1;
	161	}
	162
82b22305 BL	163	static int dev_crypto_cipher(EVP_CIPHER_CTX ctx,unsigned char out,
82b22305 BL	164	const unsigned char *in,unsigned int inl)
c518ade1 BL	165	{
c518ade1 BL	166	struct crypt_op cryp;
82b22305	167	unsigned char lb[MAX_HW_IV];
c518ade1	168
35e33f0e BL	169	if(!inl)
	170	return 1;
	171
1ba01caa	172	assert(data(ctx));
c518ade1 BL	173	assert(!dev_failed);
	174
	175	memset(&cryp,'\0',sizeof cryp);
1ba01caa	176	cryp.ses=data(ctx)->ses;
c518ade1 BL	177	cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
c518ade1 BL	178	cryp.flags=0;
c518ade1	179	cryp.len=inl;
35e33f0e	180	assert((inl&(ctx->cipher->block_size-1)) == 0);
c518ade1 BL	181	cryp.src=(caddr_t)in;
	182	cryp.dst=(caddr_t)out;
	183	cryp.mac=0;
82b22305 BL	184	if(ctx->cipher->iv_len)
82b22305 BL	185	cryp.iv=(caddr_t)ctx->iv;
c518ade1 BL	186
c518ade1 BL	187	if(!ctx->encrypt)
82b22305	188	memcpy(lb,&in[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
c518ade1	189
35e33f0e	190	if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
c518ade1	191	{
35e33f0e BL	192	if(errno == EINVAL) /* buffers are misaligned */
	193	{
	194	unsigned int cinl=0;
	195	char *cin=NULL;
	196	char *cout=NULL;
	197
	198	/* NB: this can only make cinl != inl with stream ciphers */
	199	cinl=(inl+3)/4*4;
	200
	201	if(((unsigned long)in&3) \|\| cinl != inl)
	202	{
	203	cin=OPENSSL_malloc(cinl);
	204	memcpy(cin,in,inl);
	205	cryp.src=cin;
	206	}
	207
	208	if(((unsigned long)out&3) \|\| cinl != inl)
	209	{
	210	cout=OPENSSL_malloc(cinl);
	211	cryp.dst=cout;
	212	}
	213
	214	cryp.len=cinl;
	215
	216	if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
	217	{
	218	err("CIOCCRYPT(2) failed");
	219	printf("src=%p dst=%p\n",cryp.src,cryp.dst);
	220	abort();
	221	return 0;
	222	}
	223
	224	if(cout)
	225	{
	226	memcpy(out,cout,inl);
	227	OPENSSL_free(cout);
	228	}
	229	if(cin)
	230	OPENSSL_free(cin);
	231	}
	232	else
	233	{
	234	err("CIOCCRYPT failed");
	235	abort();
	236	return 0;
	237	}
c518ade1 BL	238	}
	239
	240	if(ctx->encrypt)
82b22305	241	memcpy(ctx->iv,&out[cryp.len-ctx->cipher->iv_len],ctx->cipher->iv_len);
c518ade1	242	else
82b22305	243	memcpy(ctx->iv,lb,ctx->cipher->iv_len);
c518ade1 BL	244
	245	return 1;
	246	}
	247
82b22305 BL	248	static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
	249	const unsigned char *key,
	250	const unsigned char *iv, int enc)
	251	{ return dev_crypto_init_key(ctx,CRYPTO_3DES_CBC,key,24); }
	252
	253	#define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
	254
1ba01caa	255	BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
c518ade1 BL	256	0, dev_crypto_des_ede3_init_key,
	257	dev_crypto_cleanup,
	258	EVP_CIPHER_set_asn1_iv,
	259	EVP_CIPHER_get_asn1_iv,
	260	NULL)
82b22305 BL	261
	262	static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
	263	const unsigned char *key,
	264	const unsigned char *iv, int enc)
	265	{ return dev_crypto_init_key(ctx,CRYPTO_ARC4,key,16); }
	266
	267	static const EVP_CIPHER r4_cipher=
	268	{
	269	NID_rc4,
	270	1,16,0, /* FIXME: key should be up to 256 bytes */
	271	EVP_CIPH_VARIABLE_LENGTH,
	272	dev_crypto_rc4_init_key,
	273	dev_crypto_cipher,
	274	dev_crypto_cleanup,
	275	sizeof(session_op),
	276	NULL,
	277	NULL,
	278	NULL
	279	};
	280
	281	const EVP_CIPHER *EVP_dev_crypto_rc4(void)
	282	{ return &r4_cipher; }
	283
35e33f0e BL	284	static int dev_crypto_md5_init(void *md_data)
	285	{ return dev_crypto_init_digest(md_data,CRYPTO_MD5); }
	286
	287	static int dev_crypto_md5_update(void md_data,const void data,
	288	unsigned long len)
	289	{
	290	struct crypt_op cryp;
	291	session_op *ses=md_data;
	292	char buf[MD5_DIGEST_LENGTH];
	293
	294	printf("update\n");
	295	memset(&cryp,'\0',sizeof cryp);
	296	cryp.ses=ses->ses;
	297	cryp.len=len;
	298	cryp.src=(caddr_t)data;
	299	cryp.dst=buf;
	300
	301	if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
	302	{
	303	err("CIOCCRYPT(MAC) failed");
	304	abort();
	305	return 0;
	306	}
	307	printf("update done\n");
	308	return 1;
	309	}
	310
	311	static int dev_crypto_md5_final(unsigned char md,void md_data)
	312	{
	313	struct crypt_op cryp;
	314	session_op *ses=md_data;
	315
	316	printf("final\n");
	317	memset(&cryp,'\0',sizeof cryp);
	318	cryp.ses=ses->ses;
	319	cryp.len=0;
	320	cryp.op=COP_ENCRYPT;/* required to do the MAC rather than check it */
	321	cryp.src=(caddr_t)md;
	322	cryp.dst=(caddr_t)md;
	323
	324	if(ioctl(fd, CIOCCRYPT, &cryp) == -1)
	325	{
	326	err("CIOCCRYPT(MAC,final) failed");
	327	abort();
	328	return 0;
	329	}
	330
	331	printf("final done\n");
	332	return 1;
	333	}
	334
	335	static const EVP_MD md5_md=
	336	{
	337	NID_md5,
	338	NID_md5WithRSAEncryption,
	339	MD5_DIGEST_LENGTH,
	340	dev_crypto_md5_init,
	341	dev_crypto_md5_update,
	342	dev_crypto_md5_final,
	343	EVP_PKEY_RSA_method,
	344	MD5_CBLOCK,
	345	sizeof(session_op),
	346	};
	347
348	const EVP_MD *EVP_dev_crypto_md5(void)
349	{ return &md5_md; }
350
0e063544 BL	351	#else
0e063544 BL	352	static void *dummy=&dummy;
47c3448a	353	#endif