]>
Commit | Line | Data |
---|---|---|
440e5d80 | 1 | /* |
6738bf14 | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
7f458a48 | 3 | * |
ab3fa1c0 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
440e5d80 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
7f458a48 | 8 | */ |
9 | ||
10 | /* Required for vmsplice */ | |
4e399729 AP |
11 | #ifndef _GNU_SOURCE |
12 | # define _GNU_SOURCE | |
13 | #endif | |
7f458a48 | 14 | #include <stdio.h> |
15 | #include <string.h> | |
16 | #include <unistd.h> | |
17 | ||
18 | #include <openssl/engine.h> | |
19 | #include <openssl/async.h> | |
6bf73e53 | 20 | #include <openssl/err.h> |
49ea0f09 | 21 | #include "internal/nelem.h" |
7f458a48 | 22 | |
4e399729 | 23 | #include <sys/socket.h> |
7f458a48 | 24 | #include <linux/version.h> |
25 | #define K_MAJ 4 | |
26 | #define K_MIN1 1 | |
27 | #define K_MIN2 0 | |
3ba70235 | 28 | #if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \ |
4e399729 | 29 | !defined(AF_ALG) |
97043e46 RL |
30 | # ifndef PEDANTIC |
31 | # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0" | |
32 | # warning "Skipping Compilation of AFALG engine" | |
33 | # endif | |
a1fd1fb2 | 34 | void engine_load_afalg_int(void); |
627537dd MC |
35 | void engine_load_afalg_int(void) |
36 | { | |
37 | } | |
7f458a48 | 38 | #else |
39 | ||
40 | # include <linux/if_alg.h> | |
7f458a48 | 41 | # include <fcntl.h> |
42 | # include <sys/utsname.h> | |
43 | ||
44 | # include <linux/aio_abi.h> | |
45 | # include <sys/syscall.h> | |
46 | # include <errno.h> | |
47 | ||
48 | # include "e_afalg.h" | |
52df25cf | 49 | # include "e_afalg_err.c" |
7f458a48 | 50 | |
51 | # ifndef SOL_ALG | |
52 | # define SOL_ALG 279 | |
53 | # endif | |
54 | ||
55 | # ifdef ALG_ZERO_COPY | |
56 | # ifndef SPLICE_F_GIFT | |
57 | # define SPLICE_F_GIFT (0x08) | |
58 | # endif | |
59 | # endif | |
60 | ||
61 | # define ALG_AES_IV_LEN 16 | |
62 | # define ALG_IV_LEN(len) (sizeof(struct af_alg_iv) + (len)) | |
63 | # define ALG_OP_TYPE unsigned int | |
64 | # define ALG_OP_LEN (sizeof(ALG_OP_TYPE)) | |
65 | ||
6cba4a66 | 66 | #define ALG_MAX_SALG_NAME 64 |
67 | #define ALG_MAX_SALG_TYPE 14 | |
68 | ||
69 | # ifdef OPENSSL_NO_DYNAMIC_ENGINE | |
b3599dbb | 70 | void engine_load_afalg_int(void); |
6cba4a66 | 71 | # endif |
72 | ||
7f458a48 | 73 | /* Local Linkage Functions */ |
74 | static int afalg_init_aio(afalg_aio *aio); | |
75 | static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd, | |
76 | unsigned char *buf, size_t len); | |
6cba4a66 | 77 | static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, |
78 | const char *ciphername); | |
7f458a48 | 79 | static int afalg_destroy(ENGINE *e); |
80 | static int afalg_init(ENGINE *e); | |
81 | static int afalg_finish(ENGINE *e); | |
3a7141df | 82 | static const EVP_CIPHER *afalg_aes_cbc(int nid); |
7e8a5e30 | 83 | static cbc_handles *get_cipher_handle(int nid); |
7f458a48 | 84 | static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
85 | const int **nids, int nid); | |
86 | static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
87 | const unsigned char *iv, int enc); | |
88 | static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
89 | const unsigned char *in, size_t inl); | |
90 | static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx); | |
91 | static int afalg_chk_platform(void); | |
92 | ||
93 | /* Engine Id and Name */ | |
94 | static const char *engine_afalg_id = "afalg"; | |
538dbbc6 | 95 | static const char *engine_afalg_name = "AFALG engine support"; |
7f458a48 | 96 | |
a1933888 | 97 | static int afalg_cipher_nids[] = { |
49ea0f09 J |
98 | NID_aes_128_cbc, |
99 | NID_aes_192_cbc, | |
100 | NID_aes_256_cbc, | |
7f458a48 | 101 | }; |
102 | ||
49ea0f09 J |
103 | static cbc_handles cbc_handle[] = {{AES_KEY_SIZE_128, NULL}, |
104 | {AES_KEY_SIZE_192, NULL}, | |
105 | {AES_KEY_SIZE_256, NULL}}; | |
7f458a48 | 106 | |
2a7de0fd | 107 | static ossl_inline int io_setup(unsigned n, aio_context_t *ctx) |
7f458a48 | 108 | { |
109 | return syscall(__NR_io_setup, n, ctx); | |
110 | } | |
111 | ||
2a7de0fd | 112 | static ossl_inline int eventfd(int n) |
7f458a48 | 113 | { |
bee9c8a4 | 114 | return syscall(__NR_eventfd2, n, 0); |
7f458a48 | 115 | } |
116 | ||
2a7de0fd | 117 | static ossl_inline int io_destroy(aio_context_t ctx) |
7f458a48 | 118 | { |
119 | return syscall(__NR_io_destroy, ctx); | |
120 | } | |
121 | ||
2a7de0fd | 122 | static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb) |
7f458a48 | 123 | { |
124 | return syscall(__NR_io_submit, ctx, n, iocb); | |
125 | } | |
126 | ||
2a7de0fd | 127 | static ossl_inline int io_getevents(aio_context_t ctx, long min, long max, |
7f458a48 | 128 | struct io_event *events, |
129 | struct timespec *timeout) | |
130 | { | |
131 | return syscall(__NR_io_getevents, ctx, min, max, events, timeout); | |
132 | } | |
133 | ||
134 | static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, | |
135 | OSSL_ASYNC_FD waitfd, void *custom) | |
136 | { | |
137 | close(waitfd); | |
138 | } | |
139 | ||
140 | static int afalg_setup_async_event_notification(afalg_aio *aio) | |
141 | { | |
142 | ASYNC_JOB *job; | |
143 | ASYNC_WAIT_CTX *waitctx; | |
144 | void *custom = NULL; | |
6cba4a66 | 145 | int ret; |
7f458a48 | 146 | |
147 | if ((job = ASYNC_get_current_job()) != NULL) { | |
148 | /* Async mode */ | |
149 | waitctx = ASYNC_get_wait_ctx(job); | |
150 | if (waitctx == NULL) { | |
24fa4b8d | 151 | ALG_WARN("%s(%d): ASYNC_get_wait_ctx error", __FILE__, __LINE__); |
7f458a48 | 152 | return 0; |
153 | } | |
46f4e1be | 154 | /* Get waitfd from ASYNC_WAIT_CTX if it is already set */ |
6cba4a66 | 155 | ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id, |
156 | &aio->efd, &custom); | |
157 | if (ret == 0) { | |
158 | /* | |
159 | * waitfd is not set in ASYNC_WAIT_CTX, create a new one | |
160 | * and set it. efd will be signaled when AIO operation completes | |
161 | */ | |
162 | aio->efd = eventfd(0); | |
163 | if (aio->efd == -1) { | |
24fa4b8d BE |
164 | ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, |
165 | __LINE__); | |
7f458a48 | 166 | AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, |
167 | AFALG_R_EVENTFD_FAILED); | |
168 | return 0; | |
169 | } | |
6cba4a66 | 170 | ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id, |
171 | aio->efd, custom, | |
172 | afalg_waitfd_cleanup); | |
173 | if (ret == 0) { | |
24fa4b8d | 174 | ALG_WARN("%s(%d): Failed to set wait fd", __FILE__, __LINE__); |
6cba4a66 | 175 | close(aio->efd); |
7f458a48 | 176 | return 0; |
177 | } | |
178 | /* make fd non-blocking in async mode */ | |
6cba4a66 | 179 | if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) { |
24fa4b8d BE |
180 | ALG_WARN("%s(%d): Failed to set event fd as NONBLOCKING", |
181 | __FILE__, __LINE__); | |
7f458a48 | 182 | } |
183 | } | |
6cba4a66 | 184 | aio->mode = MODE_ASYNC; |
7f458a48 | 185 | } else { |
186 | /* Sync mode */ | |
6cba4a66 | 187 | aio->efd = eventfd(0); |
188 | if (aio->efd == -1) { | |
24fa4b8d | 189 | ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, __LINE__); |
7f458a48 | 190 | AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, |
191 | AFALG_R_EVENTFD_FAILED); | |
192 | return 0; | |
193 | } | |
6cba4a66 | 194 | aio->mode = MODE_SYNC; |
7f458a48 | 195 | } |
196 | return 1; | |
197 | } | |
198 | ||
3a7141df | 199 | static int afalg_init_aio(afalg_aio *aio) |
7f458a48 | 200 | { |
201 | int r = -1; | |
202 | ||
203 | /* Initialise for AIO */ | |
204 | aio->aio_ctx = 0; | |
205 | r = io_setup(MAX_INFLIGHTS, &aio->aio_ctx); | |
206 | if (r < 0) { | |
24fa4b8d | 207 | ALG_PERR("%s(%d): io_setup error : ", __FILE__, __LINE__); |
7f458a48 | 208 | AFALGerr(AFALG_F_AFALG_INIT_AIO, AFALG_R_IO_SETUP_FAILED); |
209 | return 0; | |
210 | } | |
211 | ||
212 | memset(aio->cbt, 0, sizeof(aio->cbt)); | |
7f458a48 | 213 | aio->efd = -1; |
6cba4a66 | 214 | aio->mode = MODE_UNINIT; |
7f458a48 | 215 | |
216 | return 1; | |
217 | } | |
218 | ||
3a7141df RL |
219 | static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, |
220 | size_t len) | |
7f458a48 | 221 | { |
222 | int r; | |
223 | int retry = 0; | |
224 | unsigned int done = 0; | |
225 | struct iocb *cb; | |
226 | struct timespec timeout; | |
227 | struct io_event events[MAX_INFLIGHTS]; | |
228 | u_int64_t eval = 0; | |
229 | ||
230 | timeout.tv_sec = 0; | |
231 | timeout.tv_nsec = 0; | |
232 | ||
233 | /* if efd has not been initialised yet do it here */ | |
6cba4a66 | 234 | if (aio->mode == MODE_UNINIT) { |
7f458a48 | 235 | r = afalg_setup_async_event_notification(aio); |
236 | if (r == 0) | |
237 | return 0; | |
238 | } | |
239 | ||
240 | cb = &(aio->cbt[0 % MAX_INFLIGHTS]); | |
241 | memset(cb, '\0', sizeof(*cb)); | |
242 | cb->aio_fildes = sfd; | |
243 | cb->aio_lio_opcode = IOCB_CMD_PREAD; | |
c27778d8 AP |
244 | /* |
245 | * The pointer has to be converted to unsigned value first to avoid | |
246 | * sign extension on cast to 64 bit value in 32-bit builds | |
247 | */ | |
248 | cb->aio_buf = (size_t)buf; | |
7f458a48 | 249 | cb->aio_offset = 0; |
250 | cb->aio_data = 0; | |
251 | cb->aio_nbytes = len; | |
252 | cb->aio_flags = IOCB_FLAG_RESFD; | |
253 | cb->aio_resfd = aio->efd; | |
254 | ||
255 | /* | |
256 | * Perform AIO read on AFALG socket, this in turn performs an async | |
257 | * crypto operation in kernel space | |
258 | */ | |
259 | r = io_read(aio->aio_ctx, 1, &cb); | |
260 | if (r < 0) { | |
24fa4b8d | 261 | ALG_PWARN("%s(%d): io_read failed : ", __FILE__, __LINE__); |
7f458a48 | 262 | return 0; |
263 | } | |
264 | ||
265 | do { | |
266 | /* While AIO read is being performed pause job */ | |
267 | ASYNC_pause_job(); | |
268 | ||
269 | /* Check for completion of AIO read */ | |
270 | r = read(aio->efd, &eval, sizeof(eval)); | |
271 | if (r < 0) { | |
272 | if (errno == EAGAIN || errno == EWOULDBLOCK) | |
273 | continue; | |
24fa4b8d | 274 | ALG_PERR("%s(%d): read failed for event fd : ", __FILE__, __LINE__); |
7f458a48 | 275 | return 0; |
276 | } else if (r == 0 || eval <= 0) { | |
24fa4b8d BE |
277 | ALG_WARN("%s(%d): eventfd read %d bytes, eval = %lu\n", __FILE__, |
278 | __LINE__, r, eval); | |
7f458a48 | 279 | } |
280 | if (eval > 0) { | |
281 | ||
282 | /* Get results of AIO read */ | |
6cba4a66 | 283 | r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS, |
284 | events, &timeout); | |
7f458a48 | 285 | if (r > 0) { |
286 | /* | |
287 | * events.res indicates the actual status of the operation. | |
288 | * Handle the error condition first. | |
289 | */ | |
290 | if (events[0].res < 0) { | |
291 | /* | |
292 | * Underlying operation cannot be completed at the time | |
293 | * of previous submission. Resubmit for the operation. | |
294 | */ | |
295 | if (events[0].res == -EBUSY && retry++ < 3) { | |
296 | r = io_read(aio->aio_ctx, 1, &cb); | |
297 | if (r < 0) { | |
24fa4b8d BE |
298 | ALG_PERR("%s(%d): retry %d for io_read failed : ", |
299 | __FILE__, __LINE__, retry); | |
7f458a48 | 300 | return 0; |
301 | } | |
302 | continue; | |
303 | } else { | |
304 | /* | |
305 | * Retries exceed for -EBUSY or unrecoverable error | |
306 | * condition for this instance of operation. | |
307 | */ | |
308 | ALG_WARN | |
24fa4b8d BE |
309 | ("%s(%d): Crypto Operation failed with code %lld\n", |
310 | __FILE__, __LINE__, events[0].res); | |
7f458a48 | 311 | return 0; |
312 | } | |
313 | } | |
314 | /* Operation successful. */ | |
315 | done = 1; | |
316 | } else if (r < 0) { | |
24fa4b8d | 317 | ALG_PERR("%s(%d): io_getevents failed : ", __FILE__, __LINE__); |
7f458a48 | 318 | return 0; |
319 | } else { | |
24fa4b8d BE |
320 | ALG_WARN("%s(%d): io_geteventd read 0 bytes\n", __FILE__, |
321 | __LINE__); | |
7f458a48 | 322 | } |
323 | } | |
324 | } while (!done); | |
325 | ||
326 | return 1; | |
327 | } | |
328 | ||
2a7de0fd | 329 | static ossl_inline void afalg_set_op_sk(struct cmsghdr *cmsg, |
574cffd5 | 330 | const ALG_OP_TYPE op) |
7f458a48 | 331 | { |
332 | cmsg->cmsg_level = SOL_ALG; | |
333 | cmsg->cmsg_type = ALG_SET_OP; | |
334 | cmsg->cmsg_len = CMSG_LEN(ALG_OP_LEN); | |
574cffd5 | 335 | memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN); |
7f458a48 | 336 | } |
337 | ||
338 | static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv, | |
339 | const unsigned int len) | |
340 | { | |
341 | struct af_alg_iv *aiv; | |
342 | ||
343 | cmsg->cmsg_level = SOL_ALG; | |
344 | cmsg->cmsg_type = ALG_SET_IV; | |
345 | cmsg->cmsg_len = CMSG_LEN(ALG_IV_LEN(len)); | |
346 | aiv = (struct af_alg_iv *)CMSG_DATA(cmsg); | |
347 | aiv->ivlen = len; | |
348 | memcpy(aiv->iv, iv, len); | |
349 | } | |
350 | ||
2a7de0fd | 351 | static ossl_inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key, |
6cba4a66 | 352 | const int klen) |
7f458a48 | 353 | { |
354 | int ret; | |
6cba4a66 | 355 | ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen); |
356 | if (ret < 0) { | |
24fa4b8d | 357 | ALG_PERR("%s(%d): Failed to set socket option : ", __FILE__, __LINE__); |
6cba4a66 | 358 | AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED); |
359 | return 0; | |
360 | } | |
6cba4a66 | 361 | return 1; |
362 | } | |
363 | ||
364 | static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, | |
365 | const char *ciphername) | |
366 | { | |
367 | struct sockaddr_alg sa; | |
c27778d8 | 368 | int r = -1; |
7f458a48 | 369 | |
370 | actx->bfd = actx->sfd = -1; | |
371 | ||
6cba4a66 | 372 | memset(&sa, 0, sizeof(sa)); |
373 | sa.salg_family = AF_ALG; | |
374 | strncpy((char *) sa.salg_type, ciphertype, ALG_MAX_SALG_TYPE); | |
375 | sa.salg_type[ALG_MAX_SALG_TYPE-1] = '\0'; | |
376 | strncpy((char *) sa.salg_name, ciphername, ALG_MAX_SALG_NAME); | |
377 | sa.salg_name[ALG_MAX_SALG_NAME-1] = '\0'; | |
378 | ||
379 | actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0); | |
380 | if (actx->bfd == -1) { | |
24fa4b8d | 381 | ALG_PERR("%s(%d): Failed to open socket : ", __FILE__, __LINE__); |
6cba4a66 | 382 | AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED); |
383 | goto err; | |
7f458a48 | 384 | } |
385 | ||
6cba4a66 | 386 | r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa)); |
387 | if (r < 0) { | |
24fa4b8d | 388 | ALG_PERR("%s(%d): Failed to bind socket : ", __FILE__, __LINE__); |
6cba4a66 | 389 | AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED); |
7f458a48 | 390 | goto err; |
391 | } | |
392 | ||
7f458a48 | 393 | actx->sfd = accept(actx->bfd, NULL, 0); |
394 | if (actx->sfd < 0) { | |
24fa4b8d | 395 | ALG_PERR("%s(%d): Socket Accept Failed : ", __FILE__, __LINE__); |
6cba4a66 | 396 | AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED); |
7f458a48 | 397 | goto err; |
398 | } | |
399 | ||
6cba4a66 | 400 | return 1; |
7f458a48 | 401 | |
402 | err: | |
403 | if (actx->bfd >= 0) | |
404 | close(actx->bfd); | |
405 | if (actx->sfd >= 0) | |
406 | close(actx->sfd); | |
407 | actx->bfd = actx->sfd = -1; | |
6cba4a66 | 408 | return 0; |
7f458a48 | 409 | } |
410 | ||
411 | static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in, | |
412 | size_t inl, const unsigned char *iv, | |
413 | unsigned int enc) | |
414 | { | |
64a45882 | 415 | struct msghdr msg; |
7f458a48 | 416 | struct cmsghdr *cmsg; |
417 | struct iovec iov; | |
418 | ssize_t sbytes; | |
419 | # ifdef ALG_ZERO_COPY | |
420 | int ret; | |
421 | # endif | |
a1933888 | 422 | char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)]; |
7f458a48 | 423 | |
64a45882 | 424 | memset(&msg, 0, sizeof(msg)); |
a1933888 | 425 | memset(cbuf, 0, sizeof(cbuf)); |
7f458a48 | 426 | msg.msg_control = cbuf; |
a1933888 | 427 | msg.msg_controllen = sizeof(cbuf); |
7f458a48 | 428 | |
429 | /* | |
430 | * cipher direction (i.e. encrypt or decrypt) and iv are sent to the | |
431 | * kernel as part of sendmsg()'s ancillary data | |
432 | */ | |
433 | cmsg = CMSG_FIRSTHDR(&msg); | |
434 | afalg_set_op_sk(cmsg, enc); | |
435 | cmsg = CMSG_NXTHDR(&msg, cmsg); | |
436 | afalg_set_iv_sk(cmsg, iv, ALG_AES_IV_LEN); | |
437 | ||
438 | /* iov that describes input data */ | |
439 | iov.iov_base = (unsigned char *)in; | |
440 | iov.iov_len = inl; | |
441 | ||
442 | msg.msg_flags = MSG_MORE; | |
443 | ||
444 | # ifdef ALG_ZERO_COPY | |
445 | /* | |
446 | * ZERO_COPY mode | |
447 | * Works best when buffer is 4k aligned | |
448 | * OPENS: out of place processing (i.e. out != in) | |
449 | */ | |
450 | ||
451 | /* Input data is not sent as part of call to sendmsg() */ | |
452 | msg.msg_iovlen = 0; | |
453 | msg.msg_iov = NULL; | |
454 | ||
455 | /* Sendmsg() sends iv and cipher direction to the kernel */ | |
456 | sbytes = sendmsg(actx->sfd, &msg, 0); | |
457 | if (sbytes < 0) { | |
24fa4b8d BE |
458 | ALG_PERR("%s(%d): sendmsg failed for zero copy cipher operation : ", |
459 | __FILE__, __LINE__); | |
7f458a48 | 460 | return 0; |
461 | } | |
462 | ||
463 | /* | |
464 | * vmsplice and splice are used to pin the user space input buffer for | |
465 | * kernel space processing avoiding copys from user to kernel space | |
466 | */ | |
467 | ret = vmsplice(actx->zc_pipe[1], &iov, 1, SPLICE_F_GIFT); | |
468 | if (ret < 0) { | |
24fa4b8d | 469 | ALG_PERR("%s(%d): vmsplice failed : ", __FILE__, __LINE__); |
7f458a48 | 470 | return 0; |
471 | } | |
472 | ||
473 | ret = splice(actx->zc_pipe[0], NULL, actx->sfd, NULL, inl, 0); | |
474 | if (ret < 0) { | |
24fa4b8d | 475 | ALG_PERR("%s(%d): splice failed : ", __FILE__, __LINE__); |
7f458a48 | 476 | return 0; |
477 | } | |
478 | # else | |
479 | msg.msg_iovlen = 1; | |
480 | msg.msg_iov = &iov; | |
481 | ||
482 | /* Sendmsg() sends iv, cipher direction and input data to the kernel */ | |
483 | sbytes = sendmsg(actx->sfd, &msg, 0); | |
484 | if (sbytes < 0) { | |
24fa4b8d BE |
485 | ALG_PERR("%s(%d): sendmsg failed for cipher operation : ", __FILE__, |
486 | __LINE__); | |
7f458a48 | 487 | return 0; |
488 | } | |
489 | ||
490 | if (sbytes != (ssize_t) inl) { | |
6cba4a66 | 491 | ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes, |
7f458a48 | 492 | inl); |
493 | return 0; | |
494 | } | |
495 | # endif | |
496 | ||
497 | return 1; | |
498 | } | |
499 | ||
500 | static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
501 | const unsigned char *iv, int enc) | |
502 | { | |
503 | int ciphertype; | |
6cba4a66 | 504 | int ret; |
7f458a48 | 505 | afalg_ctx *actx; |
6cba4a66 | 506 | char ciphername[ALG_MAX_SALG_NAME]; |
7f458a48 | 507 | |
508 | if (ctx == NULL || key == NULL) { | |
24fa4b8d | 509 | ALG_WARN("%s(%d): Null Parameter\n", __FILE__, __LINE__); |
7f458a48 | 510 | return 0; |
511 | } | |
512 | ||
513 | if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { | |
24fa4b8d | 514 | ALG_WARN("%s(%d): Cipher object NULL\n", __FILE__, __LINE__); |
7f458a48 | 515 | return 0; |
516 | } | |
517 | ||
44ab2dfd | 518 | actx = EVP_CIPHER_CTX_get_cipher_data(ctx); |
7f458a48 | 519 | if (actx == NULL) { |
24fa4b8d | 520 | ALG_WARN("%s(%d): Cipher data NULL\n", __FILE__, __LINE__); |
7f458a48 | 521 | return 0; |
522 | } | |
523 | ||
524 | ciphertype = EVP_CIPHER_CTX_nid(ctx); | |
525 | switch (ciphertype) { | |
526 | case NID_aes_128_cbc: | |
49ea0f09 J |
527 | case NID_aes_192_cbc: |
528 | case NID_aes_256_cbc: | |
6cba4a66 | 529 | strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME); |
7f458a48 | 530 | break; |
531 | default: | |
24fa4b8d BE |
532 | ALG_WARN("%s(%d): Unsupported Cipher type %d\n", __FILE__, __LINE__, |
533 | ciphertype); | |
7f458a48 | 534 | return 0; |
535 | } | |
6cba4a66 | 536 | ciphername[ALG_MAX_SALG_NAME-1]='\0'; |
7f458a48 | 537 | |
538 | if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) { | |
24fa4b8d BE |
539 | ALG_WARN("%s(%d): Unsupported IV length :%d\n", __FILE__, __LINE__, |
540 | EVP_CIPHER_CTX_iv_length(ctx)); | |
7f458a48 | 541 | return 0; |
542 | } | |
543 | ||
544 | /* Setup AFALG socket for crypto processing */ | |
6cba4a66 | 545 | ret = afalg_create_sk(actx, "skcipher", ciphername); |
546 | if (ret < 1) | |
7f458a48 | 547 | return 0; |
6cba4a66 | 548 | |
549 | ||
550 | ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx)); | |
551 | if (ret < 1) | |
552 | goto err; | |
7f458a48 | 553 | |
554 | /* Setup AIO ctx to allow async AFALG crypto processing */ | |
6cba4a66 | 555 | if (afalg_init_aio(&actx->aio) == 0) |
556 | goto err; | |
557 | ||
7f458a48 | 558 | # ifdef ALG_ZERO_COPY |
559 | pipe(actx->zc_pipe); | |
560 | # endif | |
561 | ||
562 | actx->init_done = MAGIC_INIT_NUM; | |
563 | ||
564 | return 1; | |
6cba4a66 | 565 | |
566 | err: | |
567 | close(actx->sfd); | |
568 | close(actx->bfd); | |
569 | return 0; | |
7f458a48 | 570 | } |
571 | ||
572 | static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
573 | const unsigned char *in, size_t inl) | |
574 | { | |
575 | afalg_ctx *actx; | |
576 | int ret; | |
577 | char nxtiv[ALG_AES_IV_LEN] = { 0 }; | |
578 | ||
579 | if (ctx == NULL || out == NULL || in == NULL) { | |
24fa4b8d BE |
580 | ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, |
581 | __LINE__); | |
7f458a48 | 582 | return 0; |
583 | } | |
584 | ||
44ab2dfd | 585 | actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); |
7f458a48 | 586 | if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { |
587 | ALG_WARN("%s afalg ctx passed\n", | |
588 | ctx == NULL ? "NULL" : "Uninitialised"); | |
589 | return 0; | |
590 | } | |
591 | ||
592 | /* | |
593 | * set iv now for decrypt operation as the input buffer can be | |
594 | * overwritten for inplace operation where in = out. | |
595 | */ | |
596 | if (EVP_CIPHER_CTX_encrypting(ctx) == 0) { | |
597 | memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN); | |
598 | } | |
599 | ||
600 | /* Send input data to kernel space */ | |
601 | ret = afalg_start_cipher_sk(actx, (unsigned char *)in, inl, | |
602 | EVP_CIPHER_CTX_iv(ctx), | |
603 | EVP_CIPHER_CTX_encrypting(ctx)); | |
604 | if (ret < 1) { | |
605 | return 0; | |
606 | } | |
607 | ||
608 | /* Perform async crypto operation in kernel space */ | |
609 | ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl); | |
6cba4a66 | 610 | if (ret < 1) |
7f458a48 | 611 | return 0; |
7f458a48 | 612 | |
613 | if (EVP_CIPHER_CTX_encrypting(ctx)) { | |
614 | memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN), | |
615 | ALG_AES_IV_LEN); | |
616 | } else { | |
617 | memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN); | |
618 | } | |
619 | ||
620 | return 1; | |
621 | } | |
622 | ||
623 | static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) | |
624 | { | |
625 | afalg_ctx *actx; | |
626 | ||
627 | if (ctx == NULL) { | |
24fa4b8d BE |
628 | ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, |
629 | __LINE__); | |
7f458a48 | 630 | return 0; |
631 | } | |
632 | ||
44ab2dfd | 633 | actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); |
7f458a48 | 634 | if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { |
635 | ALG_WARN("%s afalg ctx passed\n", | |
636 | ctx == NULL ? "NULL" : "Uninitialised"); | |
637 | return 0; | |
638 | } | |
639 | ||
640 | close(actx->sfd); | |
641 | close(actx->bfd); | |
642 | # ifdef ALG_ZERO_COPY | |
643 | close(actx->zc_pipe[0]); | |
644 | close(actx->zc_pipe[1]); | |
645 | # endif | |
6cba4a66 | 646 | /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */ |
647 | if (actx->aio.mode == MODE_SYNC) | |
648 | close(actx->aio.efd); | |
7f458a48 | 649 | io_destroy(actx->aio.aio_ctx); |
650 | ||
651 | return 1; | |
652 | } | |
653 | ||
f1138840 | 654 | static cbc_handles *get_cipher_handle(int nid) |
49ea0f09 J |
655 | { |
656 | switch (nid) { | |
657 | case NID_aes_128_cbc: | |
658 | return &cbc_handle[AES_CBC_128]; | |
659 | case NID_aes_192_cbc: | |
660 | return &cbc_handle[AES_CBC_192]; | |
661 | case NID_aes_256_cbc: | |
662 | return &cbc_handle[AES_CBC_256]; | |
663 | default: | |
664 | return NULL; | |
665 | } | |
666 | } | |
667 | ||
3a7141df | 668 | static const EVP_CIPHER *afalg_aes_cbc(int nid) |
7f458a48 | 669 | { |
49ea0f09 J |
670 | cbc_handles *cipher_handle = get_cipher_handle(nid); |
671 | if (cipher_handle->_hidden == NULL | |
672 | && ((cipher_handle->_hidden = | |
673 | EVP_CIPHER_meth_new(nid, | |
674 | AES_BLOCK_SIZE, | |
675 | cipher_handle->key_size)) == NULL | |
676 | || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden, | |
677 | AES_IV_LEN) | |
678 | || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden, | |
679 | EVP_CIPH_CBC_MODE | | |
680 | EVP_CIPH_FLAG_DEFAULT_ASN1) | |
681 | || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden, | |
682 | afalg_cipher_init) | |
683 | || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden, | |
684 | afalg_do_cipher) | |
685 | || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden, | |
686 | afalg_cipher_cleanup) | |
687 | || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden, | |
688 | sizeof(afalg_ctx)))) { | |
689 | EVP_CIPHER_meth_free(cipher_handle->_hidden); | |
690 | cipher_handle->_hidden= NULL; | |
691 | } | |
692 | return cipher_handle->_hidden; | |
7f458a48 | 693 | } |
694 | ||
695 | static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
696 | const int **nids, int nid) | |
697 | { | |
698 | int r = 1; | |
699 | ||
700 | if (cipher == NULL) { | |
701 | *nids = afalg_cipher_nids; | |
702 | return (sizeof(afalg_cipher_nids) / sizeof(afalg_cipher_nids[0])); | |
703 | } | |
704 | ||
705 | switch (nid) { | |
706 | case NID_aes_128_cbc: | |
49ea0f09 J |
707 | case NID_aes_192_cbc: |
708 | case NID_aes_256_cbc: | |
709 | *cipher = afalg_aes_cbc(nid); | |
7f458a48 | 710 | break; |
711 | default: | |
712 | *cipher = NULL; | |
713 | r = 0; | |
714 | } | |
7f458a48 | 715 | return r; |
716 | } | |
717 | ||
718 | static int bind_afalg(ENGINE *e) | |
719 | { | |
720 | /* Ensure the afalg error handling is set up */ | |
49ea0f09 | 721 | unsigned short i; |
7f458a48 | 722 | ERR_load_AFALG_strings(); |
723 | ||
724 | if (!ENGINE_set_id(e, engine_afalg_id) | |
725 | || !ENGINE_set_name(e, engine_afalg_name) | |
726 | || !ENGINE_set_destroy_function(e, afalg_destroy) | |
727 | || !ENGINE_set_init_function(e, afalg_init) | |
728 | || !ENGINE_set_finish_function(e, afalg_finish)) { | |
729 | AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); | |
730 | return 0; | |
731 | } | |
732 | ||
6cba4a66 | 733 | /* |
49ea0f09 | 734 | * Create _hidden_aes_xxx_cbc by calling afalg_aes_xxx_cbc |
6cba4a66 | 735 | * now, as bind_aflag can only be called by one thread at a |
736 | * time. | |
737 | */ | |
49ea0f09 J |
738 | for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { |
739 | if (afalg_aes_cbc(afalg_cipher_nids[i]) == NULL) { | |
740 | AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); | |
741 | return 0; | |
742 | } | |
6cba4a66 | 743 | } |
744 | ||
7f458a48 | 745 | if (!ENGINE_set_ciphers(e, afalg_ciphers)) { |
746 | AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); | |
747 | return 0; | |
748 | } | |
749 | ||
750 | return 1; | |
751 | } | |
752 | ||
753 | # ifndef OPENSSL_NO_DYNAMIC_ENGINE | |
754 | static int bind_helper(ENGINE *e, const char *id) | |
755 | { | |
756 | if (id && (strcmp(id, engine_afalg_id) != 0)) | |
757 | return 0; | |
758 | ||
759 | if (!afalg_chk_platform()) | |
760 | return 0; | |
761 | ||
762 | if (!bind_afalg(e)) | |
763 | return 0; | |
764 | return 1; | |
765 | } | |
766 | ||
767 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
768 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
769 | # endif | |
6cba4a66 | 770 | |
7f458a48 | 771 | static int afalg_chk_platform(void) |
772 | { | |
773 | int ret; | |
774 | int i; | |
775 | int kver[3] = { -1, -1, -1 }; | |
25b9d11c | 776 | int sock; |
7f458a48 | 777 | char *str; |
778 | struct utsname ut; | |
779 | ||
780 | ret = uname(&ut); | |
781 | if (ret != 0) { | |
6cba4a66 | 782 | AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, |
783 | AFALG_R_FAILED_TO_GET_PLATFORM_INFO); | |
7f458a48 | 784 | return 0; |
785 | } | |
786 | ||
787 | str = strtok(ut.release, "."); | |
788 | for (i = 0; i < 3 && str != NULL; i++) { | |
789 | kver[i] = atoi(str); | |
790 | str = strtok(NULL, "."); | |
791 | } | |
792 | ||
793 | if (KERNEL_VERSION(kver[0], kver[1], kver[2]) | |
794 | < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) { | |
6cba4a66 | 795 | ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n", |
7f458a48 | 796 | kver[0], kver[1], kver[2]); |
6cba4a66 | 797 | ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n", |
7f458a48 | 798 | K_MAJ, K_MIN1, K_MIN2); |
799 | AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, | |
800 | AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG); | |
801 | return 0; | |
802 | } | |
803 | ||
25b9d11c MC |
804 | /* Test if we can actually create an AF_ALG socket */ |
805 | sock = socket(AF_ALG, SOCK_SEQPACKET, 0); | |
806 | if (sock == -1) { | |
807 | AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED); | |
808 | return 0; | |
809 | } | |
810 | close(sock); | |
811 | ||
7f458a48 | 812 | return 1; |
813 | } | |
814 | ||
815 | # ifdef OPENSSL_NO_DYNAMIC_ENGINE | |
816 | static ENGINE *engine_afalg(void) | |
817 | { | |
818 | ENGINE *ret = ENGINE_new(); | |
819 | if (ret == NULL) | |
820 | return NULL; | |
821 | if (!bind_afalg(ret)) { | |
822 | ENGINE_free(ret); | |
823 | return NULL; | |
824 | } | |
825 | return ret; | |
826 | } | |
827 | ||
b3599dbb | 828 | void engine_load_afalg_int(void) |
7f458a48 | 829 | { |
830 | ENGINE *toadd; | |
831 | ||
832 | if (!afalg_chk_platform()) | |
833 | return; | |
834 | ||
835 | toadd = engine_afalg(); | |
836 | if (toadd == NULL) | |
837 | return; | |
838 | ENGINE_add(toadd); | |
839 | ENGINE_free(toadd); | |
840 | ERR_clear_error(); | |
841 | } | |
842 | # endif | |
843 | ||
844 | static int afalg_init(ENGINE *e) | |
845 | { | |
846 | return 1; | |
847 | } | |
848 | ||
849 | static int afalg_finish(ENGINE *e) | |
850 | { | |
851 | return 1; | |
852 | } | |
853 | ||
49ea0f09 J |
854 | static int free_cbc(void) |
855 | { | |
a3d7fd28 | 856 | short unsigned int i; |
49ea0f09 J |
857 | for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { |
858 | EVP_CIPHER_meth_free(cbc_handle[i]._hidden); | |
859 | cbc_handle[i]._hidden = NULL; | |
860 | } | |
861 | return 1; | |
862 | } | |
863 | ||
7f458a48 | 864 | static int afalg_destroy(ENGINE *e) |
865 | { | |
866 | ERR_unload_AFALG_strings(); | |
49ea0f09 | 867 | free_cbc(); |
7f458a48 | 868 | return 1; |
869 | } | |
870 | ||
871 | #endif /* KERNEL VERSION */ |