]>
Commit | Line | Data |
---|---|---|
440e5d80 | 1 | /* |
6738bf14 | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
7f458a48 | 3 | * |
ab3fa1c0 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
440e5d80 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
7f458a48 | 8 | */ |
9 | ||
10 | /* Required for vmsplice */ | |
4e399729 AP |
11 | #ifndef _GNU_SOURCE |
12 | # define _GNU_SOURCE | |
13 | #endif | |
7f458a48 | 14 | #include <stdio.h> |
15 | #include <string.h> | |
16 | #include <unistd.h> | |
17 | ||
18 | #include <openssl/engine.h> | |
19 | #include <openssl/async.h> | |
6bf73e53 | 20 | #include <openssl/err.h> |
49ea0f09 | 21 | #include "internal/nelem.h" |
7f458a48 | 22 | |
4e399729 | 23 | #include <sys/socket.h> |
7f458a48 | 24 | #include <linux/version.h> |
25 | #define K_MAJ 4 | |
26 | #define K_MIN1 1 | |
27 | #define K_MIN2 0 | |
3ba70235 | 28 | #if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \ |
4e399729 | 29 | !defined(AF_ALG) |
97043e46 RL |
30 | # ifndef PEDANTIC |
31 | # warning "AFALG ENGINE requires Kernel Headers >= 4.1.0" | |
32 | # warning "Skipping Compilation of AFALG engine" | |
33 | # endif | |
a1fd1fb2 | 34 | void engine_load_afalg_int(void); |
627537dd MC |
35 | void engine_load_afalg_int(void) |
36 | { | |
37 | } | |
7f458a48 | 38 | #else |
39 | ||
40 | # include <linux/if_alg.h> | |
7f458a48 | 41 | # include <fcntl.h> |
42 | # include <sys/utsname.h> | |
43 | ||
44 | # include <linux/aio_abi.h> | |
45 | # include <sys/syscall.h> | |
46 | # include <errno.h> | |
47 | ||
48 | # include "e_afalg.h" | |
52df25cf | 49 | # include "e_afalg_err.c" |
7f458a48 | 50 | |
51 | # ifndef SOL_ALG | |
52 | # define SOL_ALG 279 | |
53 | # endif | |
54 | ||
55 | # ifdef ALG_ZERO_COPY | |
56 | # ifndef SPLICE_F_GIFT | |
57 | # define SPLICE_F_GIFT (0x08) | |
58 | # endif | |
59 | # endif | |
60 | ||
61 | # define ALG_AES_IV_LEN 16 | |
62 | # define ALG_IV_LEN(len) (sizeof(struct af_alg_iv) + (len)) | |
63 | # define ALG_OP_TYPE unsigned int | |
64 | # define ALG_OP_LEN (sizeof(ALG_OP_TYPE)) | |
65 | ||
6cba4a66 | 66 | # ifdef OPENSSL_NO_DYNAMIC_ENGINE |
b3599dbb | 67 | void engine_load_afalg_int(void); |
6cba4a66 | 68 | # endif |
69 | ||
7f458a48 | 70 | /* Local Linkage Functions */ |
71 | static int afalg_init_aio(afalg_aio *aio); | |
72 | static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd, | |
73 | unsigned char *buf, size_t len); | |
6cba4a66 | 74 | static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, |
75 | const char *ciphername); | |
7f458a48 | 76 | static int afalg_destroy(ENGINE *e); |
77 | static int afalg_init(ENGINE *e); | |
78 | static int afalg_finish(ENGINE *e); | |
3a7141df | 79 | static const EVP_CIPHER *afalg_aes_cbc(int nid); |
7e8a5e30 | 80 | static cbc_handles *get_cipher_handle(int nid); |
7f458a48 | 81 | static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
82 | const int **nids, int nid); | |
83 | static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
84 | const unsigned char *iv, int enc); | |
85 | static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
86 | const unsigned char *in, size_t inl); | |
87 | static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx); | |
88 | static int afalg_chk_platform(void); | |
89 | ||
90 | /* Engine Id and Name */ | |
91 | static const char *engine_afalg_id = "afalg"; | |
538dbbc6 | 92 | static const char *engine_afalg_name = "AFALG engine support"; |
7f458a48 | 93 | |
a1933888 | 94 | static int afalg_cipher_nids[] = { |
49ea0f09 J |
95 | NID_aes_128_cbc, |
96 | NID_aes_192_cbc, | |
97 | NID_aes_256_cbc, | |
7f458a48 | 98 | }; |
99 | ||
49ea0f09 J |
100 | static cbc_handles cbc_handle[] = {{AES_KEY_SIZE_128, NULL}, |
101 | {AES_KEY_SIZE_192, NULL}, | |
102 | {AES_KEY_SIZE_256, NULL}}; | |
7f458a48 | 103 | |
2a7de0fd | 104 | static ossl_inline int io_setup(unsigned n, aio_context_t *ctx) |
7f458a48 | 105 | { |
106 | return syscall(__NR_io_setup, n, ctx); | |
107 | } | |
108 | ||
2a7de0fd | 109 | static ossl_inline int eventfd(int n) |
7f458a48 | 110 | { |
bee9c8a4 | 111 | return syscall(__NR_eventfd2, n, 0); |
7f458a48 | 112 | } |
113 | ||
2a7de0fd | 114 | static ossl_inline int io_destroy(aio_context_t ctx) |
7f458a48 | 115 | { |
116 | return syscall(__NR_io_destroy, ctx); | |
117 | } | |
118 | ||
2a7de0fd | 119 | static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb) |
7f458a48 | 120 | { |
121 | return syscall(__NR_io_submit, ctx, n, iocb); | |
122 | } | |
123 | ||
2a7de0fd | 124 | static ossl_inline int io_getevents(aio_context_t ctx, long min, long max, |
7f458a48 | 125 | struct io_event *events, |
126 | struct timespec *timeout) | |
127 | { | |
128 | return syscall(__NR_io_getevents, ctx, min, max, events, timeout); | |
129 | } | |
130 | ||
131 | static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, | |
132 | OSSL_ASYNC_FD waitfd, void *custom) | |
133 | { | |
134 | close(waitfd); | |
135 | } | |
136 | ||
137 | static int afalg_setup_async_event_notification(afalg_aio *aio) | |
138 | { | |
139 | ASYNC_JOB *job; | |
140 | ASYNC_WAIT_CTX *waitctx; | |
141 | void *custom = NULL; | |
6cba4a66 | 142 | int ret; |
7f458a48 | 143 | |
144 | if ((job = ASYNC_get_current_job()) != NULL) { | |
145 | /* Async mode */ | |
146 | waitctx = ASYNC_get_wait_ctx(job); | |
147 | if (waitctx == NULL) { | |
24fa4b8d | 148 | ALG_WARN("%s(%d): ASYNC_get_wait_ctx error", __FILE__, __LINE__); |
7f458a48 | 149 | return 0; |
150 | } | |
46f4e1be | 151 | /* Get waitfd from ASYNC_WAIT_CTX if it is already set */ |
6cba4a66 | 152 | ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id, |
153 | &aio->efd, &custom); | |
154 | if (ret == 0) { | |
155 | /* | |
156 | * waitfd is not set in ASYNC_WAIT_CTX, create a new one | |
157 | * and set it. efd will be signaled when AIO operation completes | |
158 | */ | |
159 | aio->efd = eventfd(0); | |
160 | if (aio->efd == -1) { | |
24fa4b8d BE |
161 | ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, |
162 | __LINE__); | |
7f458a48 | 163 | AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, |
164 | AFALG_R_EVENTFD_FAILED); | |
165 | return 0; | |
166 | } | |
6cba4a66 | 167 | ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id, |
168 | aio->efd, custom, | |
169 | afalg_waitfd_cleanup); | |
170 | if (ret == 0) { | |
24fa4b8d | 171 | ALG_WARN("%s(%d): Failed to set wait fd", __FILE__, __LINE__); |
6cba4a66 | 172 | close(aio->efd); |
7f458a48 | 173 | return 0; |
174 | } | |
175 | /* make fd non-blocking in async mode */ | |
6cba4a66 | 176 | if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) { |
24fa4b8d BE |
177 | ALG_WARN("%s(%d): Failed to set event fd as NONBLOCKING", |
178 | __FILE__, __LINE__); | |
7f458a48 | 179 | } |
180 | } | |
6cba4a66 | 181 | aio->mode = MODE_ASYNC; |
7f458a48 | 182 | } else { |
183 | /* Sync mode */ | |
6cba4a66 | 184 | aio->efd = eventfd(0); |
185 | if (aio->efd == -1) { | |
24fa4b8d | 186 | ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, __LINE__); |
7f458a48 | 187 | AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, |
188 | AFALG_R_EVENTFD_FAILED); | |
189 | return 0; | |
190 | } | |
6cba4a66 | 191 | aio->mode = MODE_SYNC; |
7f458a48 | 192 | } |
193 | return 1; | |
194 | } | |
195 | ||
3a7141df | 196 | static int afalg_init_aio(afalg_aio *aio) |
7f458a48 | 197 | { |
198 | int r = -1; | |
199 | ||
200 | /* Initialise for AIO */ | |
201 | aio->aio_ctx = 0; | |
202 | r = io_setup(MAX_INFLIGHTS, &aio->aio_ctx); | |
203 | if (r < 0) { | |
24fa4b8d | 204 | ALG_PERR("%s(%d): io_setup error : ", __FILE__, __LINE__); |
7f458a48 | 205 | AFALGerr(AFALG_F_AFALG_INIT_AIO, AFALG_R_IO_SETUP_FAILED); |
206 | return 0; | |
207 | } | |
208 | ||
209 | memset(aio->cbt, 0, sizeof(aio->cbt)); | |
7f458a48 | 210 | aio->efd = -1; |
6cba4a66 | 211 | aio->mode = MODE_UNINIT; |
7f458a48 | 212 | |
213 | return 1; | |
214 | } | |
215 | ||
3a7141df RL |
216 | static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, |
217 | size_t len) | |
7f458a48 | 218 | { |
219 | int r; | |
220 | int retry = 0; | |
221 | unsigned int done = 0; | |
222 | struct iocb *cb; | |
223 | struct timespec timeout; | |
224 | struct io_event events[MAX_INFLIGHTS]; | |
225 | u_int64_t eval = 0; | |
226 | ||
227 | timeout.tv_sec = 0; | |
228 | timeout.tv_nsec = 0; | |
229 | ||
230 | /* if efd has not been initialised yet do it here */ | |
6cba4a66 | 231 | if (aio->mode == MODE_UNINIT) { |
7f458a48 | 232 | r = afalg_setup_async_event_notification(aio); |
233 | if (r == 0) | |
234 | return 0; | |
235 | } | |
236 | ||
237 | cb = &(aio->cbt[0 % MAX_INFLIGHTS]); | |
238 | memset(cb, '\0', sizeof(*cb)); | |
239 | cb->aio_fildes = sfd; | |
240 | cb->aio_lio_opcode = IOCB_CMD_PREAD; | |
c27778d8 AP |
241 | /* |
242 | * The pointer has to be converted to unsigned value first to avoid | |
243 | * sign extension on cast to 64 bit value in 32-bit builds | |
244 | */ | |
245 | cb->aio_buf = (size_t)buf; | |
7f458a48 | 246 | cb->aio_offset = 0; |
247 | cb->aio_data = 0; | |
248 | cb->aio_nbytes = len; | |
249 | cb->aio_flags = IOCB_FLAG_RESFD; | |
250 | cb->aio_resfd = aio->efd; | |
251 | ||
252 | /* | |
253 | * Perform AIO read on AFALG socket, this in turn performs an async | |
254 | * crypto operation in kernel space | |
255 | */ | |
256 | r = io_read(aio->aio_ctx, 1, &cb); | |
257 | if (r < 0) { | |
24fa4b8d | 258 | ALG_PWARN("%s(%d): io_read failed : ", __FILE__, __LINE__); |
7f458a48 | 259 | return 0; |
260 | } | |
261 | ||
262 | do { | |
263 | /* While AIO read is being performed pause job */ | |
264 | ASYNC_pause_job(); | |
265 | ||
266 | /* Check for completion of AIO read */ | |
267 | r = read(aio->efd, &eval, sizeof(eval)); | |
268 | if (r < 0) { | |
269 | if (errno == EAGAIN || errno == EWOULDBLOCK) | |
270 | continue; | |
24fa4b8d | 271 | ALG_PERR("%s(%d): read failed for event fd : ", __FILE__, __LINE__); |
7f458a48 | 272 | return 0; |
273 | } else if (r == 0 || eval <= 0) { | |
24fa4b8d BE |
274 | ALG_WARN("%s(%d): eventfd read %d bytes, eval = %lu\n", __FILE__, |
275 | __LINE__, r, eval); | |
7f458a48 | 276 | } |
277 | if (eval > 0) { | |
278 | ||
279 | /* Get results of AIO read */ | |
6cba4a66 | 280 | r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS, |
281 | events, &timeout); | |
7f458a48 | 282 | if (r > 0) { |
283 | /* | |
284 | * events.res indicates the actual status of the operation. | |
285 | * Handle the error condition first. | |
286 | */ | |
287 | if (events[0].res < 0) { | |
288 | /* | |
289 | * Underlying operation cannot be completed at the time | |
290 | * of previous submission. Resubmit for the operation. | |
291 | */ | |
292 | if (events[0].res == -EBUSY && retry++ < 3) { | |
293 | r = io_read(aio->aio_ctx, 1, &cb); | |
294 | if (r < 0) { | |
24fa4b8d BE |
295 | ALG_PERR("%s(%d): retry %d for io_read failed : ", |
296 | __FILE__, __LINE__, retry); | |
7f458a48 | 297 | return 0; |
298 | } | |
299 | continue; | |
300 | } else { | |
301 | /* | |
302 | * Retries exceed for -EBUSY or unrecoverable error | |
303 | * condition for this instance of operation. | |
304 | */ | |
305 | ALG_WARN | |
24fa4b8d BE |
306 | ("%s(%d): Crypto Operation failed with code %lld\n", |
307 | __FILE__, __LINE__, events[0].res); | |
7f458a48 | 308 | return 0; |
309 | } | |
310 | } | |
311 | /* Operation successful. */ | |
312 | done = 1; | |
313 | } else if (r < 0) { | |
24fa4b8d | 314 | ALG_PERR("%s(%d): io_getevents failed : ", __FILE__, __LINE__); |
7f458a48 | 315 | return 0; |
316 | } else { | |
24fa4b8d BE |
317 | ALG_WARN("%s(%d): io_geteventd read 0 bytes\n", __FILE__, |
318 | __LINE__); | |
7f458a48 | 319 | } |
320 | } | |
321 | } while (!done); | |
322 | ||
323 | return 1; | |
324 | } | |
325 | ||
2a7de0fd | 326 | static ossl_inline void afalg_set_op_sk(struct cmsghdr *cmsg, |
574cffd5 | 327 | const ALG_OP_TYPE op) |
7f458a48 | 328 | { |
329 | cmsg->cmsg_level = SOL_ALG; | |
330 | cmsg->cmsg_type = ALG_SET_OP; | |
331 | cmsg->cmsg_len = CMSG_LEN(ALG_OP_LEN); | |
574cffd5 | 332 | memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN); |
7f458a48 | 333 | } |
334 | ||
335 | static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv, | |
336 | const unsigned int len) | |
337 | { | |
338 | struct af_alg_iv *aiv; | |
339 | ||
340 | cmsg->cmsg_level = SOL_ALG; | |
341 | cmsg->cmsg_type = ALG_SET_IV; | |
342 | cmsg->cmsg_len = CMSG_LEN(ALG_IV_LEN(len)); | |
343 | aiv = (struct af_alg_iv *)CMSG_DATA(cmsg); | |
344 | aiv->ivlen = len; | |
345 | memcpy(aiv->iv, iv, len); | |
346 | } | |
347 | ||
2a7de0fd | 348 | static ossl_inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key, |
6cba4a66 | 349 | const int klen) |
7f458a48 | 350 | { |
351 | int ret; | |
6cba4a66 | 352 | ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen); |
353 | if (ret < 0) { | |
24fa4b8d | 354 | ALG_PERR("%s(%d): Failed to set socket option : ", __FILE__, __LINE__); |
6cba4a66 | 355 | AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED); |
356 | return 0; | |
357 | } | |
6cba4a66 | 358 | return 1; |
359 | } | |
360 | ||
361 | static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, | |
362 | const char *ciphername) | |
363 | { | |
364 | struct sockaddr_alg sa; | |
c27778d8 | 365 | int r = -1; |
7f458a48 | 366 | |
367 | actx->bfd = actx->sfd = -1; | |
368 | ||
6cba4a66 | 369 | memset(&sa, 0, sizeof(sa)); |
370 | sa.salg_family = AF_ALG; | |
62cc845f BE |
371 | OPENSSL_strlcpy((char *) sa.salg_type, ciphertype, sizeof(sa.salg_type)); |
372 | OPENSSL_strlcpy((char *) sa.salg_name, ciphername, sizeof(sa.salg_name)); | |
6cba4a66 | 373 | |
374 | actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0); | |
375 | if (actx->bfd == -1) { | |
24fa4b8d | 376 | ALG_PERR("%s(%d): Failed to open socket : ", __FILE__, __LINE__); |
6cba4a66 | 377 | AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED); |
378 | goto err; | |
7f458a48 | 379 | } |
380 | ||
6cba4a66 | 381 | r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa)); |
382 | if (r < 0) { | |
24fa4b8d | 383 | ALG_PERR("%s(%d): Failed to bind socket : ", __FILE__, __LINE__); |
6cba4a66 | 384 | AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED); |
7f458a48 | 385 | goto err; |
386 | } | |
387 | ||
7f458a48 | 388 | actx->sfd = accept(actx->bfd, NULL, 0); |
389 | if (actx->sfd < 0) { | |
24fa4b8d | 390 | ALG_PERR("%s(%d): Socket Accept Failed : ", __FILE__, __LINE__); |
6cba4a66 | 391 | AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED); |
7f458a48 | 392 | goto err; |
393 | } | |
394 | ||
6cba4a66 | 395 | return 1; |
7f458a48 | 396 | |
397 | err: | |
398 | if (actx->bfd >= 0) | |
399 | close(actx->bfd); | |
400 | if (actx->sfd >= 0) | |
401 | close(actx->sfd); | |
402 | actx->bfd = actx->sfd = -1; | |
6cba4a66 | 403 | return 0; |
7f458a48 | 404 | } |
405 | ||
406 | static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in, | |
407 | size_t inl, const unsigned char *iv, | |
408 | unsigned int enc) | |
409 | { | |
64a45882 | 410 | struct msghdr msg; |
7f458a48 | 411 | struct cmsghdr *cmsg; |
412 | struct iovec iov; | |
413 | ssize_t sbytes; | |
414 | # ifdef ALG_ZERO_COPY | |
415 | int ret; | |
416 | # endif | |
a1933888 | 417 | char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)]; |
7f458a48 | 418 | |
64a45882 | 419 | memset(&msg, 0, sizeof(msg)); |
a1933888 | 420 | memset(cbuf, 0, sizeof(cbuf)); |
7f458a48 | 421 | msg.msg_control = cbuf; |
a1933888 | 422 | msg.msg_controllen = sizeof(cbuf); |
7f458a48 | 423 | |
424 | /* | |
425 | * cipher direction (i.e. encrypt or decrypt) and iv are sent to the | |
426 | * kernel as part of sendmsg()'s ancillary data | |
427 | */ | |
428 | cmsg = CMSG_FIRSTHDR(&msg); | |
429 | afalg_set_op_sk(cmsg, enc); | |
430 | cmsg = CMSG_NXTHDR(&msg, cmsg); | |
431 | afalg_set_iv_sk(cmsg, iv, ALG_AES_IV_LEN); | |
432 | ||
433 | /* iov that describes input data */ | |
434 | iov.iov_base = (unsigned char *)in; | |
435 | iov.iov_len = inl; | |
436 | ||
437 | msg.msg_flags = MSG_MORE; | |
438 | ||
439 | # ifdef ALG_ZERO_COPY | |
440 | /* | |
441 | * ZERO_COPY mode | |
442 | * Works best when buffer is 4k aligned | |
443 | * OPENS: out of place processing (i.e. out != in) | |
444 | */ | |
445 | ||
446 | /* Input data is not sent as part of call to sendmsg() */ | |
447 | msg.msg_iovlen = 0; | |
448 | msg.msg_iov = NULL; | |
449 | ||
450 | /* Sendmsg() sends iv and cipher direction to the kernel */ | |
451 | sbytes = sendmsg(actx->sfd, &msg, 0); | |
452 | if (sbytes < 0) { | |
24fa4b8d BE |
453 | ALG_PERR("%s(%d): sendmsg failed for zero copy cipher operation : ", |
454 | __FILE__, __LINE__); | |
7f458a48 | 455 | return 0; |
456 | } | |
457 | ||
458 | /* | |
459 | * vmsplice and splice are used to pin the user space input buffer for | |
460 | * kernel space processing avoiding copys from user to kernel space | |
461 | */ | |
462 | ret = vmsplice(actx->zc_pipe[1], &iov, 1, SPLICE_F_GIFT); | |
463 | if (ret < 0) { | |
24fa4b8d | 464 | ALG_PERR("%s(%d): vmsplice failed : ", __FILE__, __LINE__); |
7f458a48 | 465 | return 0; |
466 | } | |
467 | ||
468 | ret = splice(actx->zc_pipe[0], NULL, actx->sfd, NULL, inl, 0); | |
469 | if (ret < 0) { | |
24fa4b8d | 470 | ALG_PERR("%s(%d): splice failed : ", __FILE__, __LINE__); |
7f458a48 | 471 | return 0; |
472 | } | |
473 | # else | |
474 | msg.msg_iovlen = 1; | |
475 | msg.msg_iov = &iov; | |
476 | ||
477 | /* Sendmsg() sends iv, cipher direction and input data to the kernel */ | |
478 | sbytes = sendmsg(actx->sfd, &msg, 0); | |
479 | if (sbytes < 0) { | |
24fa4b8d BE |
480 | ALG_PERR("%s(%d): sendmsg failed for cipher operation : ", __FILE__, |
481 | __LINE__); | |
7f458a48 | 482 | return 0; |
483 | } | |
484 | ||
485 | if (sbytes != (ssize_t) inl) { | |
6cba4a66 | 486 | ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes, |
7f458a48 | 487 | inl); |
488 | return 0; | |
489 | } | |
490 | # endif | |
491 | ||
492 | return 1; | |
493 | } | |
494 | ||
495 | static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
496 | const unsigned char *iv, int enc) | |
497 | { | |
498 | int ciphertype; | |
6cba4a66 | 499 | int ret; |
7f458a48 | 500 | afalg_ctx *actx; |
62cc845f | 501 | const char *ciphername; |
7f458a48 | 502 | |
503 | if (ctx == NULL || key == NULL) { | |
24fa4b8d | 504 | ALG_WARN("%s(%d): Null Parameter\n", __FILE__, __LINE__); |
7f458a48 | 505 | return 0; |
506 | } | |
507 | ||
508 | if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { | |
24fa4b8d | 509 | ALG_WARN("%s(%d): Cipher object NULL\n", __FILE__, __LINE__); |
7f458a48 | 510 | return 0; |
511 | } | |
512 | ||
44ab2dfd | 513 | actx = EVP_CIPHER_CTX_get_cipher_data(ctx); |
7f458a48 | 514 | if (actx == NULL) { |
24fa4b8d | 515 | ALG_WARN("%s(%d): Cipher data NULL\n", __FILE__, __LINE__); |
7f458a48 | 516 | return 0; |
517 | } | |
518 | ||
519 | ciphertype = EVP_CIPHER_CTX_nid(ctx); | |
520 | switch (ciphertype) { | |
521 | case NID_aes_128_cbc: | |
49ea0f09 J |
522 | case NID_aes_192_cbc: |
523 | case NID_aes_256_cbc: | |
62cc845f | 524 | ciphername = "cbc(aes)"; |
7f458a48 | 525 | break; |
526 | default: | |
24fa4b8d BE |
527 | ALG_WARN("%s(%d): Unsupported Cipher type %d\n", __FILE__, __LINE__, |
528 | ciphertype); | |
7f458a48 | 529 | return 0; |
530 | } | |
531 | ||
532 | if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) { | |
24fa4b8d BE |
533 | ALG_WARN("%s(%d): Unsupported IV length :%d\n", __FILE__, __LINE__, |
534 | EVP_CIPHER_CTX_iv_length(ctx)); | |
7f458a48 | 535 | return 0; |
536 | } | |
537 | ||
538 | /* Setup AFALG socket for crypto processing */ | |
6cba4a66 | 539 | ret = afalg_create_sk(actx, "skcipher", ciphername); |
540 | if (ret < 1) | |
7f458a48 | 541 | return 0; |
6cba4a66 | 542 | |
543 | ||
544 | ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx)); | |
545 | if (ret < 1) | |
546 | goto err; | |
7f458a48 | 547 | |
548 | /* Setup AIO ctx to allow async AFALG crypto processing */ | |
6cba4a66 | 549 | if (afalg_init_aio(&actx->aio) == 0) |
550 | goto err; | |
551 | ||
7f458a48 | 552 | # ifdef ALG_ZERO_COPY |
553 | pipe(actx->zc_pipe); | |
554 | # endif | |
555 | ||
556 | actx->init_done = MAGIC_INIT_NUM; | |
557 | ||
558 | return 1; | |
6cba4a66 | 559 | |
560 | err: | |
561 | close(actx->sfd); | |
562 | close(actx->bfd); | |
563 | return 0; | |
7f458a48 | 564 | } |
565 | ||
566 | static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
567 | const unsigned char *in, size_t inl) | |
568 | { | |
569 | afalg_ctx *actx; | |
570 | int ret; | |
571 | char nxtiv[ALG_AES_IV_LEN] = { 0 }; | |
572 | ||
573 | if (ctx == NULL || out == NULL || in == NULL) { | |
24fa4b8d BE |
574 | ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, |
575 | __LINE__); | |
7f458a48 | 576 | return 0; |
577 | } | |
578 | ||
44ab2dfd | 579 | actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); |
7f458a48 | 580 | if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { |
581 | ALG_WARN("%s afalg ctx passed\n", | |
582 | ctx == NULL ? "NULL" : "Uninitialised"); | |
583 | return 0; | |
584 | } | |
585 | ||
586 | /* | |
587 | * set iv now for decrypt operation as the input buffer can be | |
588 | * overwritten for inplace operation where in = out. | |
589 | */ | |
590 | if (EVP_CIPHER_CTX_encrypting(ctx) == 0) { | |
591 | memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN); | |
592 | } | |
593 | ||
594 | /* Send input data to kernel space */ | |
595 | ret = afalg_start_cipher_sk(actx, (unsigned char *)in, inl, | |
596 | EVP_CIPHER_CTX_iv(ctx), | |
597 | EVP_CIPHER_CTX_encrypting(ctx)); | |
598 | if (ret < 1) { | |
599 | return 0; | |
600 | } | |
601 | ||
602 | /* Perform async crypto operation in kernel space */ | |
603 | ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl); | |
6cba4a66 | 604 | if (ret < 1) |
7f458a48 | 605 | return 0; |
7f458a48 | 606 | |
607 | if (EVP_CIPHER_CTX_encrypting(ctx)) { | |
608 | memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN), | |
609 | ALG_AES_IV_LEN); | |
610 | } else { | |
611 | memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN); | |
612 | } | |
613 | ||
614 | return 1; | |
615 | } | |
616 | ||
617 | static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) | |
618 | { | |
619 | afalg_ctx *actx; | |
620 | ||
621 | if (ctx == NULL) { | |
24fa4b8d BE |
622 | ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, |
623 | __LINE__); | |
7f458a48 | 624 | return 0; |
625 | } | |
626 | ||
44ab2dfd | 627 | actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); |
7f458a48 | 628 | if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { |
629 | ALG_WARN("%s afalg ctx passed\n", | |
630 | ctx == NULL ? "NULL" : "Uninitialised"); | |
631 | return 0; | |
632 | } | |
633 | ||
634 | close(actx->sfd); | |
635 | close(actx->bfd); | |
636 | # ifdef ALG_ZERO_COPY | |
637 | close(actx->zc_pipe[0]); | |
638 | close(actx->zc_pipe[1]); | |
639 | # endif | |
6cba4a66 | 640 | /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */ |
641 | if (actx->aio.mode == MODE_SYNC) | |
642 | close(actx->aio.efd); | |
7f458a48 | 643 | io_destroy(actx->aio.aio_ctx); |
644 | ||
645 | return 1; | |
646 | } | |
647 | ||
f1138840 | 648 | static cbc_handles *get_cipher_handle(int nid) |
49ea0f09 J |
649 | { |
650 | switch (nid) { | |
651 | case NID_aes_128_cbc: | |
652 | return &cbc_handle[AES_CBC_128]; | |
653 | case NID_aes_192_cbc: | |
654 | return &cbc_handle[AES_CBC_192]; | |
655 | case NID_aes_256_cbc: | |
656 | return &cbc_handle[AES_CBC_256]; | |
657 | default: | |
658 | return NULL; | |
659 | } | |
660 | } | |
661 | ||
3a7141df | 662 | static const EVP_CIPHER *afalg_aes_cbc(int nid) |
7f458a48 | 663 | { |
49ea0f09 J |
664 | cbc_handles *cipher_handle = get_cipher_handle(nid); |
665 | if (cipher_handle->_hidden == NULL | |
666 | && ((cipher_handle->_hidden = | |
667 | EVP_CIPHER_meth_new(nid, | |
668 | AES_BLOCK_SIZE, | |
669 | cipher_handle->key_size)) == NULL | |
670 | || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden, | |
671 | AES_IV_LEN) | |
672 | || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden, | |
673 | EVP_CIPH_CBC_MODE | | |
674 | EVP_CIPH_FLAG_DEFAULT_ASN1) | |
675 | || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden, | |
676 | afalg_cipher_init) | |
677 | || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden, | |
678 | afalg_do_cipher) | |
679 | || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden, | |
680 | afalg_cipher_cleanup) | |
681 | || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden, | |
682 | sizeof(afalg_ctx)))) { | |
683 | EVP_CIPHER_meth_free(cipher_handle->_hidden); | |
684 | cipher_handle->_hidden= NULL; | |
685 | } | |
686 | return cipher_handle->_hidden; | |
7f458a48 | 687 | } |
688 | ||
689 | static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
690 | const int **nids, int nid) | |
691 | { | |
692 | int r = 1; | |
693 | ||
694 | if (cipher == NULL) { | |
695 | *nids = afalg_cipher_nids; | |
696 | return (sizeof(afalg_cipher_nids) / sizeof(afalg_cipher_nids[0])); | |
697 | } | |
698 | ||
699 | switch (nid) { | |
700 | case NID_aes_128_cbc: | |
49ea0f09 J |
701 | case NID_aes_192_cbc: |
702 | case NID_aes_256_cbc: | |
703 | *cipher = afalg_aes_cbc(nid); | |
7f458a48 | 704 | break; |
705 | default: | |
706 | *cipher = NULL; | |
707 | r = 0; | |
708 | } | |
7f458a48 | 709 | return r; |
710 | } | |
711 | ||
712 | static int bind_afalg(ENGINE *e) | |
713 | { | |
714 | /* Ensure the afalg error handling is set up */ | |
49ea0f09 | 715 | unsigned short i; |
7f458a48 | 716 | ERR_load_AFALG_strings(); |
717 | ||
718 | if (!ENGINE_set_id(e, engine_afalg_id) | |
719 | || !ENGINE_set_name(e, engine_afalg_name) | |
720 | || !ENGINE_set_destroy_function(e, afalg_destroy) | |
721 | || !ENGINE_set_init_function(e, afalg_init) | |
722 | || !ENGINE_set_finish_function(e, afalg_finish)) { | |
723 | AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); | |
724 | return 0; | |
725 | } | |
726 | ||
6cba4a66 | 727 | /* |
49ea0f09 | 728 | * Create _hidden_aes_xxx_cbc by calling afalg_aes_xxx_cbc |
6cba4a66 | 729 | * now, as bind_aflag can only be called by one thread at a |
730 | * time. | |
731 | */ | |
49ea0f09 J |
732 | for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { |
733 | if (afalg_aes_cbc(afalg_cipher_nids[i]) == NULL) { | |
734 | AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); | |
735 | return 0; | |
736 | } | |
6cba4a66 | 737 | } |
738 | ||
7f458a48 | 739 | if (!ENGINE_set_ciphers(e, afalg_ciphers)) { |
740 | AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); | |
741 | return 0; | |
742 | } | |
743 | ||
744 | return 1; | |
745 | } | |
746 | ||
747 | # ifndef OPENSSL_NO_DYNAMIC_ENGINE | |
748 | static int bind_helper(ENGINE *e, const char *id) | |
749 | { | |
750 | if (id && (strcmp(id, engine_afalg_id) != 0)) | |
751 | return 0; | |
752 | ||
753 | if (!afalg_chk_platform()) | |
754 | return 0; | |
755 | ||
756 | if (!bind_afalg(e)) | |
757 | return 0; | |
758 | return 1; | |
759 | } | |
760 | ||
761 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
762 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
763 | # endif | |
6cba4a66 | 764 | |
7f458a48 | 765 | static int afalg_chk_platform(void) |
766 | { | |
767 | int ret; | |
768 | int i; | |
769 | int kver[3] = { -1, -1, -1 }; | |
25b9d11c | 770 | int sock; |
7f458a48 | 771 | char *str; |
772 | struct utsname ut; | |
773 | ||
774 | ret = uname(&ut); | |
775 | if (ret != 0) { | |
6cba4a66 | 776 | AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, |
777 | AFALG_R_FAILED_TO_GET_PLATFORM_INFO); | |
7f458a48 | 778 | return 0; |
779 | } | |
780 | ||
781 | str = strtok(ut.release, "."); | |
782 | for (i = 0; i < 3 && str != NULL; i++) { | |
783 | kver[i] = atoi(str); | |
784 | str = strtok(NULL, "."); | |
785 | } | |
786 | ||
787 | if (KERNEL_VERSION(kver[0], kver[1], kver[2]) | |
788 | < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) { | |
6cba4a66 | 789 | ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n", |
7f458a48 | 790 | kver[0], kver[1], kver[2]); |
6cba4a66 | 791 | ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n", |
7f458a48 | 792 | K_MAJ, K_MIN1, K_MIN2); |
793 | AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, | |
794 | AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG); | |
795 | return 0; | |
796 | } | |
797 | ||
25b9d11c MC |
798 | /* Test if we can actually create an AF_ALG socket */ |
799 | sock = socket(AF_ALG, SOCK_SEQPACKET, 0); | |
800 | if (sock == -1) { | |
801 | AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED); | |
802 | return 0; | |
803 | } | |
804 | close(sock); | |
805 | ||
7f458a48 | 806 | return 1; |
807 | } | |
808 | ||
809 | # ifdef OPENSSL_NO_DYNAMIC_ENGINE | |
810 | static ENGINE *engine_afalg(void) | |
811 | { | |
812 | ENGINE *ret = ENGINE_new(); | |
813 | if (ret == NULL) | |
814 | return NULL; | |
815 | if (!bind_afalg(ret)) { | |
816 | ENGINE_free(ret); | |
817 | return NULL; | |
818 | } | |
819 | return ret; | |
820 | } | |
821 | ||
b3599dbb | 822 | void engine_load_afalg_int(void) |
7f458a48 | 823 | { |
824 | ENGINE *toadd; | |
825 | ||
826 | if (!afalg_chk_platform()) | |
827 | return; | |
828 | ||
829 | toadd = engine_afalg(); | |
830 | if (toadd == NULL) | |
831 | return; | |
832 | ENGINE_add(toadd); | |
833 | ENGINE_free(toadd); | |
834 | ERR_clear_error(); | |
835 | } | |
836 | # endif | |
837 | ||
838 | static int afalg_init(ENGINE *e) | |
839 | { | |
840 | return 1; | |
841 | } | |
842 | ||
843 | static int afalg_finish(ENGINE *e) | |
844 | { | |
845 | return 1; | |
846 | } | |
847 | ||
49ea0f09 J |
848 | static int free_cbc(void) |
849 | { | |
a3d7fd28 | 850 | short unsigned int i; |
49ea0f09 J |
851 | for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { |
852 | EVP_CIPHER_meth_free(cbc_handle[i]._hidden); | |
853 | cbc_handle[i]._hidden = NULL; | |
854 | } | |
855 | return 1; | |
856 | } | |
857 | ||
7f458a48 | 858 | static int afalg_destroy(ENGINE *e) |
859 | { | |
860 | ERR_unload_AFALG_strings(); | |
49ea0f09 | 861 | free_cbc(); |
7f458a48 | 862 | return 1; |
863 | } | |
864 | ||
865 | #endif /* KERNEL VERSION */ |