[PATCH 00/22] uadk_engine: some bugfix and cleanup
From: JiangShui Yang <yangjiangshui@h-partners.com> Chenghai Huang (5): uadk_provider: adjust the threshold for SHA384 to use Digest to Calculated key uadk_provider: fix dh memery leak issue in free params uadk_provider: fix rsa memery leak issue in bn_ctx_new uadk_provider: rectify the soft switch contidition of RAS uadk_provider: fix some compilation warning issues Qi Tao (6): uadk_prov: fix some cleancode issues uadk_prov: the query returns the v3 alg array to handle exception uadk_prov: modify the location of creating soft ctx uadk_prov: fix memory leak error uadk_engine: fix cleancode issues uadk_prov: default to turn on the soft switch Weili Qian (3): uadk_engine: fix possible double free issues uadk_engine/ecdh: remove unnecessary call uadk_ecc_set_public_key uadk_provider/sm2: free all applied memory when freectx Zhiqi Song (2): uadk_engine/cipher: fixup the method of obtaining IV in init uadk_engine/hpre: fixup some param release problem Zhushuai Yin (1): uadk_provider:fix dh insufficient performance lizhi (5): uadk_engine/ecdh: Pad the high bits of short shared keys with 0 uadk_provider/ecdh: Pad the high bits of short shared keys with 0 uadk_provider/ecx: fix memory leak of ecx_key uadk_provider/sm2: Fix the race conditions caused by atomic variables uadk_provider/sm2: fix a bug of switching soft compute src/uadk_aead.c | 4 +- src/uadk_async.c | 2 +- src/uadk_cipher.c | 8 +- src/uadk_dh.c | 4 +- src/uadk_digest.c | 5 +- src/uadk_ec.c | 52 +++--- src/uadk_pkey.c | 2 +- src/uadk_prov.h | 4 +- src/uadk_prov_aead.c | 43 +++-- src/uadk_prov_cipher.c | 38 +++-- src/uadk_prov_dh.c | 123 ++++++++------ src/uadk_prov_digest.c | 38 +++-- src/uadk_prov_ecdh_exch.c | 9 +- src/uadk_prov_ecx.c | 29 ++-- src/uadk_prov_ffc.c | 170 +++++++++++++++++--- src/uadk_prov_ffc.h | 38 ++++- src/uadk_prov_hmac.c | 8 +- src/uadk_prov_init.c | 36 +++-- src/uadk_prov_pkey.c | 2 +- src/uadk_prov_rsa.c | 138 ++++++++-------- src/uadk_prov_sm2.c | 331 ++++++++++++++++++++------------------ src/uadk_rsa.c | 2 +- src/uadk_sm2.c | 10 +- 23 files changed, 678 insertions(+), 418 deletions(-) -- 2.33.0
Fixed the following issues: 1. Remove redundant function return value check. 2. Modify inappropriate exception printing. 3. There is no need to check the return value of async_wake_job(). Only need to check req->state to determine if there is an exception in packet reception. Therefore, add "(void)" before the function call. 4. Free the allocated memory before returning an error. 5. The callback function's parameter list does not match the function pointer definition. Signed-off-by: Qi Tao <taoqi10@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_aead.c | 4 ++-- src/uadk_async.c | 2 +- src/uadk_cipher.c | 6 +----- src/uadk_dh.c | 2 +- src/uadk_digest.c | 2 +- src/uadk_pkey.c | 2 +- src/uadk_prov_aead.c | 4 ++-- src/uadk_prov_cipher.c | 4 ++-- src/uadk_prov_dh.c | 2 +- src/uadk_prov_digest.c | 6 +++--- src/uadk_prov_hmac.c | 6 +++--- src/uadk_prov_init.c | 4 +++- src/uadk_prov_pkey.c | 2 +- src/uadk_prov_rsa.c | 2 +- src/uadk_rsa.c | 2 +- 15 files changed, 24 insertions(+), 26 deletions(-) diff --git a/src/uadk_aead.c b/src/uadk_aead.c index 1da7753..69223f1 100644 --- a/src/uadk_aead.c +++ b/src/uadk_aead.c @@ -469,7 +469,7 @@ static int do_aead_sync_inner(struct aead_priv_ctx *priv, unsigned char *out, priv->req.state = 0; ret = wd_do_aead_sync(priv->sess, &priv->req); if (unlikely(ret < 0 || priv->req.state)) { - fprintf(stderr, "do aead task failed, msg state: %d, ret: %d, state: %u!\n", + fprintf(stderr, "do aead task failed, msg state: %u, ret: %d, state: %u!\n", state, ret, priv->req.state); return RET_FAIL; } @@ -547,7 +547,7 @@ static void *uadk_e_aead_cb(struct wd_aead_req *req, void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } return NULL; diff --git a/src/uadk_async.c b/src/uadk_async.c index aab3088..8adc964 100644 --- a/src/uadk_async.c +++ b/src/uadk_async.c @@ -339,7 +339,7 @@ static void *async_poll_process_func(void *args) op->retry = 0; op->done = 1; op->ret = ret; - async_wake_job(op->job); + (void) async_wake_job(op->job); async_free_poll_task(idx, 0); } } diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index a801166..59753da 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -242,10 +242,6 @@ static int uadk_e_cipher_soft_work(EVP_CIPHER_CTX *ctx, unsigned char *out, */ if (!priv->update_iv) { iv = EVP_CIPHER_CTX_iv_noconst(ctx); - if (unlikely(iv == NULL)) { - fprintf(stderr, "get openssl software iv failed.\n"); - return 0; - } memcpy(iv, priv->iv, EVP_CIPHER_CTX_iv_length(ctx)); priv->update_iv = true; } @@ -565,7 +561,7 @@ static void *uadk_e_cipher_cb(struct wd_cipher_req *req, void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } return NULL; diff --git a/src/uadk_dh.c b/src/uadk_dh.c index facfc0e..b7d17c4 100644 --- a/src/uadk_dh.c +++ b/src/uadk_dh.c @@ -259,7 +259,7 @@ static void uadk_e_dh_cb(void *req_t) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_digest.c b/src/uadk_digest.c index e07667d..69f9c5c 100644 --- a/src/uadk_digest.c +++ b/src/uadk_digest.c @@ -801,7 +801,7 @@ static void *uadk_e_digest_cb(void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } return NULL; diff --git a/src/uadk_pkey.c b/src/uadk_pkey.c index 1f8234b..e05c7d0 100644 --- a/src/uadk_pkey.c +++ b/src/uadk_pkey.c @@ -101,7 +101,7 @@ void uadk_e_ecc_cb(void *req_t) op->done = 1; op->ret = 0; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_prov_aead.c b/src/uadk_prov_aead.c index 54e0115..dbbd844 100644 --- a/src/uadk_prov_aead.c +++ b/src/uadk_prov_aead.c @@ -390,7 +390,7 @@ static void *uadk_prov_aead_cb(struct wd_aead_req *req, void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } return NULL; @@ -800,7 +800,7 @@ static int uadk_get_aead_info(struct aead_priv_ctx *priv) } if (unlikely(i == aead_counts)) { - fprintf(stderr, "failed to setup the private ctx.\n"); + fprintf(stderr, "failed to get aead info.\n"); return UADK_AEAD_FAIL; } diff --git a/src/uadk_prov_cipher.c b/src/uadk_prov_cipher.c index f3ab94b..7e94fbc 100644 --- a/src/uadk_prov_cipher.c +++ b/src/uadk_prov_cipher.c @@ -395,7 +395,7 @@ static int uadk_get_cipher_info(struct cipher_priv_ctx *priv) } } - fprintf(stderr, "failed to setup the private ctx.\n"); + fprintf(stderr, "failed to get cipher info.\n"); return UADK_P_FAIL; } @@ -455,7 +455,7 @@ static void async_cb(struct wd_cipher_req *req, void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_prov_dh.c b/src/uadk_prov_dh.c index c75c386..1cb4b45 100644 --- a/src/uadk_prov_dh.c +++ b/src/uadk_prov_dh.c @@ -581,7 +581,7 @@ static void uadk_prov_dh_cb(void *req_t) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_prov_digest.c b/src/uadk_prov_digest.c index 7a5bfff..a13d075 100644 --- a/src/uadk_prov_digest.c +++ b/src/uadk_prov_digest.c @@ -303,7 +303,7 @@ static int uadk_get_digest_info(struct digest_priv_ctx *priv) } if (unlikely(i == digest_counts)) { - fprintf(stderr, "failed to setup the private ctx.\n"); + fprintf(stderr, "failed to digest info.\n"); return UADK_DIGEST_FAIL; } @@ -534,7 +534,7 @@ soft_update: return uadk_digest_soft_update(priv, data, data_len); } -static void uadk_async_cb(struct wd_digest_req *req, void *data) +static void uadk_async_cb(struct wd_digest_req *req) { struct uadk_e_cb_info *digest_cb_param; struct wd_digest_req *req_origin; @@ -550,7 +550,7 @@ static void uadk_async_cb(struct wd_digest_req *req, void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_prov_hmac.c b/src/uadk_prov_hmac.c index db49612..6bf7947 100644 --- a/src/uadk_prov_hmac.c +++ b/src/uadk_prov_hmac.c @@ -361,7 +361,7 @@ static int uadk_get_hmac_info(struct hmac_priv_ctx *priv) } } - fprintf(stderr, "failed to setup the private ctx, algname = %s.\n", priv->alg_name); + fprintf(stderr, "failed to get hmac info, algname = %s.\n", priv->alg_name); return UADK_HMAC_FAIL; } @@ -529,7 +529,7 @@ soft_init: return uadk_hmac_soft_init(priv); } -static void uadk_hmac_async_cb(struct wd_digest_req *req, void *data) +static void uadk_hmac_async_cb(struct wd_digest_req *req) { struct uadk_e_cb_info *hmac_cb_param; struct wd_digest_req *req_origin; @@ -545,7 +545,7 @@ static void uadk_hmac_async_cb(struct wd_digest_req *req, void *data) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_prov_init.c b/src/uadk_prov_init.c index c29500b..20f7068 100644 --- a/src/uadk_prov_init.c +++ b/src/uadk_prov_init.c @@ -470,8 +470,10 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, ctx->libctx = (OSSL_LIB_CTX *)c_get_libctx(handle); ret = uadk_prov_ctx_set_core_bio_method(ctx); - if (!ret) + if (!ret) { + OPENSSL_free(ctx); return UADK_P_FAIL; + } ret = async_module_init(); if (!ret) diff --git a/src/uadk_prov_pkey.c b/src/uadk_prov_pkey.c index ca853ae..ac4541c 100644 --- a/src/uadk_prov_pkey.c +++ b/src/uadk_prov_pkey.c @@ -362,7 +362,7 @@ void uadk_prov_ecc_cb(void *req_t) ecc_async_op->done = 1; ecc_async_op->ret = 0; async_free_poll_task(ecc_async_op->idx, 1); - async_wake_job(ecc_async_op->job); + (void) async_wake_job(ecc_async_op->job); } } diff --git a/src/uadk_prov_rsa.c b/src/uadk_prov_rsa.c index 65e78c3..21f01a2 100644 --- a/src/uadk_prov_rsa.c +++ b/src/uadk_prov_rsa.c @@ -1275,7 +1275,7 @@ static void uadk_e_rsa_cb(void *req_t) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c index 76678a4..1755374 100644 --- a/src/uadk_rsa.c +++ b/src/uadk_rsa.c @@ -1117,7 +1117,7 @@ static void uadk_e_rsa_cb(void *req_t) if (op && op->job && !op->done) { op->done = 1; async_free_poll_task(op->idx, 1); - async_wake_job(op->job); + (void) async_wake_job(op->job); } } -- 2.33.0
From: Weili Qian <qianweili@huawei.com> Since ECDSA_SIG_free() will free br and bs, If the ECDSA_SIG_set0() is invoked in advance, the double free error occurs in the release process if the subsequent execution fails. Therefore, adjust ECDSA_SIG_set0() to the last call. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_ec.c | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/src/uadk_ec.c b/src/uadk_ec.c index aaf0127..22695d4 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -432,40 +432,41 @@ static ECDSA_SIG *create_ecdsa_sig(struct wd_ecc_req *req) ECDSA_SIG *sig; int ret; - sig = ECDSA_SIG_new(); - if (!sig) { - fprintf(stderr, "failed to ECDSA_SIG_new\n"); - return NULL; - } - br = BN_new(); bs = BN_new(); if (!br || !bs) { fprintf(stderr, "failed to BN_new r or s\n"); - goto err; - } - - ret = ECDSA_SIG_set0(sig, br, bs); - if (!ret) { - fprintf(stderr, "failed to ECDSA_SIG_set0\n"); - goto err; + goto free_bn; } wd_ecdsa_get_sign_out_params(req->dst, &r, &s); if (!r || !s) { fprintf(stderr, "failed to get r or s\n"); - goto err; + goto free_bn; } if (!BN_bin2bn((void *)r->data, r->dsize, br) || !BN_bin2bn((void *)s->data, s->dsize, bs)) { fprintf(stderr, "failed to BN_bin2bn r or s\n"); - goto err; + goto free_bn; + } + + sig = ECDSA_SIG_new(); + if (!sig) { + fprintf(stderr, "failed to ECDSA_SIG_new\n"); + goto free_bn; + } + + ret = ECDSA_SIG_set0(sig, br, bs); + if (!ret) { + fprintf(stderr, "failed to ECDSA_SIG_set0\n"); + goto free_sig; } return sig; -err: +free_sig: ECDSA_SIG_free(sig); +free_bn: BN_free(br); BN_free(bs); return NULL; -- 2.33.0
From: lizhi <lizhi206@huawei.com> To ensure consistency with the results of openssl software calculations, pad the high bits of shared keys that are shorter than the standard length with 0. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_ec.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/src/uadk_ec.c b/src/uadk_ec.c index 22695d4..6b4cdc6 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -1182,6 +1182,9 @@ static int ecdh_get_shared_key(const EC_KEY *ecdh, struct wd_ecc_req *req) { struct wd_ecc_point *shared_key = NULL; + const EC_GROUP *group; + size_t key_size_std; + size_t len; wd_ecxdh_get_out_params(req->dst, &shared_key); if (!shared_key) { @@ -1189,8 +1192,15 @@ static int ecdh_get_shared_key(const EC_KEY *ecdh, return 0; } - *outlen = shared_key->x.dsize; + group = EC_KEY_get0_group(ecdh); + key_size_std = (size_t)(EC_GROUP_get_degree(group) + + UADK_ECC_PADDING) >> TRANS_BITS_BYTES_SHIFT; + if (unlikely(key_size_std > UADK_ECC_MAX_KEY_BYTES || key_size_std == 0)) { + fprintf(stderr, "failed to get the proper filed size %zu\n", key_size_std); + return 0; + } + *outlen = key_size_std; *out = OPENSSL_zalloc(*outlen); if (!*out) { fprintf(stderr, "failed to alloc output key, outlen = %zu\n", @@ -1198,7 +1208,8 @@ static int ecdh_get_shared_key(const EC_KEY *ecdh, return 0; } - memcpy(*out, (unsigned char *)shared_key->x.data, *outlen); + len = key_size_std < shared_key->x.dsize ? key_size_std : shared_key->x.dsize; + memcpy(*out + *outlen - len, shared_key->x.data, len); return 1; } -- 2.33.0
From: Weili Qian <qianweili@huawei.com> The public key "pub_key" has been transferred to the uadk interface as input. Therefore, uadk_ecc_set_public_key is redundant. Remove it. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_ec.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/uadk_ec.c b/src/uadk_ec.c index 6b4cdc6..d15e742 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -1364,10 +1364,6 @@ static int ecdh_compute_key(unsigned char **out, size_t *outlen, if (ret) goto uninit_iot; - ret = uadk_ecc_set_public_key(sess, ecdh); - if (ret) - goto uninit_iot; - ret = uadk_ecc_crypto(sess, &req, (void *)sess); if (!ret) goto uninit_iot; -- 2.33.0
From: lizhi <lizhi206@huawei.com> To ensure consistency with the results of openssl software calculations, pad the high bits of shared keys that are shorter than the standard length with 0. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_ecdh_exch.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/uadk_prov_ecdh_exch.c b/src/uadk_prov_ecdh_exch.c index f3b2e68..f508b9f 100644 --- a/src/uadk_prov_ecdh_exch.c +++ b/src/uadk_prov_ecdh_exch.c @@ -275,6 +275,7 @@ static int ecdh_get_shared_key(unsigned char *secret, struct wd_ecc_req *req) { struct wd_ecc_point *shared_key = NULL; + size_t len; wd_ecxdh_get_out_params(req->dst, &shared_key); if (!shared_key) { @@ -282,10 +283,12 @@ static int ecdh_get_shared_key(unsigned char *secret, return UADK_P_FAIL; } - size = size < shared_key->x.dsize ? size : shared_key->x.dsize; - *psecretlen = size; + len = size < shared_key->x.dsize ? size : shared_key->x.dsize; + + memset(secret, 0, size - len); + memcpy(secret + size - len, (unsigned char *)shared_key->x.data, len); - memcpy(secret, (unsigned char *)shared_key->x.data, size); + *psecretlen = size; return UADK_P_SUCCESS; } -- 2.33.0
From: lizhi <lizhi206@huawei.com> Fix the memory leak caused by reference counting in ecx_key. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_ecx.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/src/uadk_prov_ecx.c b/src/uadk_prov_ecx.c index 3cc7fa1..8f3ea19 100644 --- a/src/uadk_prov_ecx.c +++ b/src/uadk_prov_ecx.c @@ -909,8 +909,10 @@ static void uadk_keyexch_x448_freectx(void *vecxctx) if (ecxctx == NULL) return; + uadk_prov_ecx_key_free(ecxctx->key); + uadk_prov_ecx_key_free(ecxctx->peerkey); + OPENSSL_free(ecxctx); - ecxctx = NULL; } static int uadk_keyexch_x448_set_ctx_params(void *ecxctx, const OSSL_PARAM params[]) @@ -947,6 +949,16 @@ static int uadk_keyexch_x448_get_ctx_params(void *ecxctx, OSSL_PARAM params[]) return get_default_x448_keyexch().get_ctx_params(ecxctx, params); } +static int ossl_ecx_key_up_ref(ECX_KEY *key) +{ + int i = 0; + + if (UADK_CRYPTO_UP_REF(&key->references, &i, key->lock) <= 0) + return UADK_P_FAIL; + + return ((i > 1) ? UADK_P_SUCCESS : UADK_P_FAIL); +} + static int uadk_keyexch_ecx_init(void *vecxctx, void *vkey, ossl_unused const OSSL_PARAM params[]) { @@ -963,7 +975,7 @@ static int uadk_keyexch_ecx_init(void *vecxctx, void *vkey, return UADK_P_FAIL; } - if (key->keylen != ecxctx->keylen) { + if (key->keylen != ecxctx->keylen || !ossl_ecx_key_up_ref(key)) { fprintf(stderr, "invalid: key->keylen(%zu) != ecxctx->keylen(%zu)\n", key->keylen, ecxctx->keylen); return UADK_P_FAIL; @@ -981,16 +993,6 @@ static int uadk_keyexch_x448_init(void *vecxctx, void *vkey, return uadk_keyexch_ecx_init(vecxctx, vkey, params); } -static int ossl_ecx_key_up_ref(ECX_KEY *key) -{ - int i = 0; - - if (UADK_CRYPTO_UP_REF(&key->references, &i, key->lock) <= 0) - return UADK_P_FAIL; - - return ((i > 1) ? UADK_P_SUCCESS : UADK_P_FAIL); -} - static int uadk_keyexch_ecx_set_peer(void *vecxctx, void *vkey) { PROV_ECX_KEYEXCH_CTX *ecxctx = (PROV_ECX_KEYEXCH_CTX *)vecxctx; @@ -1556,6 +1558,9 @@ static void uadk_keyexch_x25519_freectx(void *vecxctx) if (ecxctx == NULL) return; + uadk_prov_ecx_key_free(ecxctx->key); + uadk_prov_ecx_key_free(ecxctx->peerkey); + OPENSSL_free(ecxctx); } -- 2.33.0
From: Zhushuai Yin <yinzhushuai@huawei.com> The code should not use only q to randomly generate prikeys. Otherwise, the prikey length is too long and the performance is affected. Signed-off-by: Zhushuai Yin <yinzhushuai@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_dh.c | 84 ++++++++++++++++------ src/uadk_prov_ffc.c | 170 ++++++++++++++++++++++++++++++++++++++------ src/uadk_prov_ffc.h | 38 +++++++++- 3 files changed, 246 insertions(+), 46 deletions(-) diff --git a/src/uadk_prov_dh.c b/src/uadk_prov_dh.c index 1cb4b45..cb40cff 100644 --- a/src/uadk_prov_dh.c +++ b/src/uadk_prov_dh.c @@ -482,36 +482,74 @@ static void uadk_DH_set_flags(DH *dh, int flags) dh->flags |= flags; } +static int uadk_dh_gen_prikey_undef(const DH *dh, BIGNUM *new_prikey) +{ + int bits; + + bits = uadk_DH_get_length(dh) ? + uadk_DH_get_length(dh) : BN_num_bits(uadk_DH_get0_p(dh)) - 1; + if (!BN_priv_rand(new_prikey, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) { + fprintf(stderr, "failed to BN_priv_rand\n"); + return UADK_P_FAIL; + } + return UADK_P_SUCCESS; +} + static int dh_gen_rand_prikey(const DH *dh, BIGNUM *new_prikey) { - const BIGNUM *q = uadk_DH_get0_q(dh); - int bits, cnt; + int qbits, max_strength, n, cnt = 0; + BIGNUM *m, *two_powN = NULL; - if (q) { - cnt = 0; - do { - if (!BN_priv_rand_range(new_prikey, q)) { - fprintf(stderr, "failed to BN_priv_rand_range\n"); - return UADK_P_FAIL; - } + n = dh->length; + if (DH_get_nid(dh) == NID_undef || dh->params.q == NULL) + return uadk_dh_gen_prikey_undef(dh, new_prikey); - cnt++; - if (cnt > RAND_MAX_CNT) { - fprintf(stderr, "failed to get appropriate prikey, timeout\n"); - return UADK_P_FAIL; - } - } while (BN_is_zero(new_prikey) || BN_is_one(new_prikey)); - } else { - bits = uadk_DH_get_length(dh) ? - uadk_DH_get_length(dh) : BN_num_bits(uadk_DH_get0_p(dh)) - 1; - if (!BN_priv_rand(new_prikey, bits, BN_RAND_TOP_ONE, - BN_RAND_BOTTOM_ANY)) { - fprintf(stderr, "failed to BN_priv_rand\n"); - return UADK_P_FAIL; - } + max_strength = ossl_ifc_ffc_compute_security_bits(BN_num_bits(dh->params.p)); + /* Deal with the edge cases where the value of n and/or s is not set */ + if (dh->length > BN_num_bits(dh->params.q) || max_strength == 0) + return UADK_P_FAIL; + + if (n == 0) + n = dh->params.keylength ? dh->params.keylength : (max_strength << 1); + + qbits = BN_num_bits(dh->params.q); + /* Step (2) : check range of n */ + if (n < (max_strength << 1) || n > qbits) { + fprintf(stderr, "n is invalid!\n"); + return UADK_P_FAIL; } + two_powN = BN_new(); + /* 2^n */ + if (two_powN == NULL || !BN_lshift(two_powN, BN_value_one(), n)) { + fprintf(stderr, "failed to BN_new or two_powN is zero\n"); + goto err; + } + + /* Step (5) : M = min(2 ^ n, q) */ + m = (BN_cmp(two_powN, dh->params.q) > 0) ? dh->params.q : two_powN; + + do { + if (!BN_priv_rand_range_ex(new_prikey, two_powN, 0, NULL) + || !BN_add_word(new_prikey, 1)) { + fprintf(stderr, "failed to BN_priv_rand_range_ex\n"); + goto err; + } + /* Step (6) : loop if c > M - 2 (i.e. c + 1 >= M) */ + if (BN_cmp(new_prikey, m) < 0) + break; + + if (cnt++ > RAND_MAX_CNT) { + fprintf(stderr, "failed to get appropriate prikey, timeout\n"); + goto err; + } + } while (1); + + BN_free(two_powN); return UADK_P_SUCCESS; +err: + BN_free(two_powN); + return UADK_P_FAIL; } static int uadk_prov_dh_prepare_prikey(struct uadk_dh_sess *dh_sess, const DH *dh, BIGNUM **prikey) diff --git a/src/uadk_prov_ffc.c b/src/uadk_prov_ffc.c index 015c1b9..a760a72 100644 --- a/src/uadk_prov_ffc.c +++ b/src/uadk_prov_ffc.c @@ -34,7 +34,7 @@ */ static const BN_ULONG modp_1536_p[] = { BN_DEF(0xFFFFFFFF, 0xFFFFFFFF), BN_DEF(0xCA237327, 0xF1746C08), - BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), + BN_DEF((0x4ABC9804), (0x670C354E)), BN_DEF((0x7096966D), (0x9ED52907)), BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), @@ -80,32 +80,32 @@ static const BN_ULONG modp_2048_p[] = { BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), - BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), + BN_DEF((0xA163BF05), (0xC2007CB8)), BN_DEF(0xECE45B3D, 0x49286651), BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), - BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), + BN_DEF((0x625E7EC6), (0xE485B576)), BN_DEF(0x6D51C245, 0x4FE1356D), BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), - BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), + BN_DEF((0x8E3404DD), (0x514A0879)), BN_DEF(0x3B139B22, 0x020BBEA6), BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) }; /* q = (p - 1) / 2 */ static const BN_ULONG modp_2048_q[] = { BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), BN_DEF(0x45565534, 0x0AB9472D), - BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), + BN_DEF((0x4C7D0288), 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), - BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), + BN_DEF((0x255E4C02), 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), - BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), + BN_DEF((0x7A035BF6), 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), - BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), + BN_DEF((0x4533E63A), 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), }; @@ -132,14 +132,14 @@ static const BN_ULONG modp_3072_p[] = { BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), - BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), + BN_DEF((0xFD24CF5F), (0x69163FA8)), BN_DEF(0x1C55D39A, 0x98DA4836), BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), - BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), + BN_DEF((0x7C4B1FE6), (0xAE9F2411)), BN_DEF(0x5A899FA5, 0xEE386BFB), BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), - BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), + BN_DEF((0x8A67CC74), (0x29024E08)), BN_DEF(0x80DC1CD1, 0xC4C6628B), BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) }; /* q = (p - 1) / 2 */ @@ -154,18 +154,18 @@ static const BN_ULONG modp_3072_q[] = { BN_DEF(0x2C6DF785, 0x767DC282), BN_DEF(0xEF8E5D32, 0xD42A90D5), BN_DEF(0x82283D19, 0xD6998B86), BN_DEF(0x45556216, 0x0AB9472D), BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), - BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), + BN_DEF(0x4AAC0B8C, (0xEF15E5FB)), BN_DEF(0x37A62964, 0xDAE2AEF8), BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), - BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), + BN_DEF(0x255E4C02, (0xB3861AA7)), BN_DEF(0xB84B4B36, 0xCF6A9483), BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), - BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), + BN_DEF(0x7A035BF6, (0x85FFAE5B)), BN_DEF(0xD31BF6B5, 0x7A262174), BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), - BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), + BN_DEF(0xC71A026E, (0x28A5043C)), BN_DEF(0x1D89CD91, 0x0105DF53), BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), }; @@ -201,14 +201,14 @@ static const BN_ULONG modp_4096_p[] = { BN_DEF(0x2E36CE3B, 0x32905E46), BN_DEF(0xCA18217C, 0xF1746C08), BN_DEF(0x4ABC9804, 0x670C354E), BN_DEF(0x7096966D, 0x9ED52907), BN_DEF(0x208552BB, 0x1C62F356), BN_DEF(0xDCA3AD96, 0x83655D23), - BN_DEF(0xFD24CF5F, 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), + BN_DEF((0xFD24CF5F), 0x69163FA8), BN_DEF(0x1C55D39A, 0x98DA4836), BN_DEF(0xA163BF05, 0xC2007CB8), BN_DEF(0xECE45B3D, 0x49286651), - BN_DEF(0x7C4B1FE6, 0xAE9F2411), BN_DEF(0x5A899FA5, 0xEE386BFB), + BN_DEF(0x7C4B1FE6, (0xAE9F2411)), BN_DEF(0x5A899FA5, 0xEE386BFB), BN_DEF(0xF406B7ED, 0x0BFF5CB6), BN_DEF(0xA637ED6B, 0xF44C42E9), - BN_DEF(0x625E7EC6, 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), + BN_DEF((0x625E7EC6), 0xE485B576), BN_DEF(0x6D51C245, 0x4FE1356D), BN_DEF(0xF25F1437, 0x302B0A6D), BN_DEF(0xCD3A431B, 0xEF9519B3), BN_DEF(0x8E3404DD, 0x514A0879), BN_DEF(0x3B139B22, 0x020BBEA6), - BN_DEF(0x8A67CC74, 0x29024E08), BN_DEF(0x80DC1CD1, 0xC4C6628B), + BN_DEF(0x8A67CC74, (0x29024E08)), BN_DEF(0x80DC1CD1, 0xC4C6628B), BN_DEF(0x2168C234, 0xC90FDAA2), BN_DEF(0xFFFFFFFF, 0xFFFFFFFF) }; /* q = (p - 1) / 2 */ @@ -233,15 +233,15 @@ static const BN_ULONG modp_4096_q[] = { BN_DEF(0x4C7D0288, 0x8AE9130C), BN_DEF(0x754AB572, 0x1CCAA4BE), BN_DEF(0x4AAC0B8C, 0xEF15E5FB), BN_DEF(0x37A62964, 0xDAE2AEF8), BN_DEF(0x7603D147, 0xCD93C1D1), BN_DEF(0x0C074301, 0xF1CF3B96), - BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, 0x78BA3604), + BN_DEF(0x171B671D, 0x19482F23), BN_DEF(0x650C10BE, (0x78BA3604)), BN_DEF(0x255E4C02, 0xB3861AA7), BN_DEF(0xB84B4B36, 0xCF6A9483), BN_DEF(0x1042A95D, 0x0E3179AB), BN_DEF(0xEE51D6CB, 0xC1B2AE91), BN_DEF(0x7E9267AF, 0x348B1FD4), BN_DEF(0x0E2AE9CD, 0xCC6D241B), - BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, 0x24943328), + BN_DEF(0x50B1DF82, 0xE1003E5C), BN_DEF(0xF6722D9E, (0x24943328)), BN_DEF(0xBE258FF3, 0xD74F9208), BN_DEF(0xAD44CFD2, 0xF71C35FD), BN_DEF(0x7A035BF6, 0x85FFAE5B), BN_DEF(0xD31BF6B5, 0x7A262174), BN_DEF(0x312F3F63, 0xF242DABB), BN_DEF(0xB6A8E122, 0xA7F09AB6), - BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, 0xF7CA8CD9), + BN_DEF(0xF92F8A1B, 0x98158536), BN_DEF(0xE69D218D, (0xF7CA8CD9)), BN_DEF(0xC71A026E, 0x28A5043C), BN_DEF(0x1D89CD91, 0x0105DF53), BN_DEF(0x4533E63A, 0x94812704), BN_DEF(0xC06E0E68, 0x62633145), BN_DEF(0x10B4611A, 0xE487ED51), BN_DEF(0xFFFFFFFF, 0x7FFFFFFF), @@ -1886,3 +1886,129 @@ int ossl_ffc_params_FIPS186_4_generate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, FFC_PARAM_MODE_GENERATE, type, L, N, res, cb); } + +/* + * Multiply two scaled integers together and rescale the result. + */ +static ossl_inline uint64_t mul2(uint64_t a, uint64_t b) +{ + return a * b / DH_SCALE; +} + +/* + * Calculate the natural logarithm of a 64 bit scaled integer. + * This is done by calculating a base two logarithm and scaling. + * The maximum logarithm (base 2) is 64 and this reduces base e, so + * a 32 bit result should not overflow. The argument passed must be + * greater than unity so we don't need to handle negative results. + */ +static uint32_t ilog_e(uint64_t v) +{ + uint32_t i, r = 0; + + /* + * Scale down the value into the range 1 .. 2. + * + * If fractional numbers need to be processed, another loop needs + * to go here that checks v < scale and if so multiplies it by 2 and + * reduces r by scale. This also means making r signed. + */ + while (v >= (DH_C1_923 << 1)) { + v >>= 1; + r += DH_C1_923; + } + for (i = (DH_C1_923 >> 1); i != 0; i = (i >> 1)) { + v = mul2(v, v); + if (v >= (DH_C1_923 << 1)) { + v >>= 1; + r += i; + } + } + r = (r * (uint64_t)DH_C1_923) / DH_LOG_E; + return r; +} + +/* + * Calculate the cube root of a 64 bit scaled integer. + * Although the cube root of a 64 bit number does fit into a 32 bit unsigned + * integer, this is not guaranteed after scaling, so this function has a + * 64 bit return. This uses the shifting nth root algorithm with some + * algebraic simplifications. + */ +static uint64_t icbrt64(uint64_t x) +{ + uint64_t r = 0; + uint64_t b; + int s; + + for (s = DH_MAX_EXPONENT; s >= 0; s -= DH_EXPONENT_SHIFT_3) { + r <<= 1; + b = DH_EXPONENT_SHIFT_3 * r * (r + 1) + 1; + if ((x >> s) >= b) { + x -= b << s; + r++; + } + } + return r * DH_CBRT_SCALE; +} + +uint16_t ossl_ifc_ffc_compute_security_bits(int n) +{ + uint16_t y, cap; + uint32_t lx; + uint64_t x; + + /* + * Look for common values as listed in standards. + * These values are not exactly equal to the results from the formulae in + * the standards but are defined to be canonical. + */ + switch (n) { + case DH_STANDARDS_P_2048BIT: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */ + return DH_P_SECURITY_112BITS; + case DH_STANDARDS_P_3072BIT: /* SP 800-56B rev 2 Appendix D and FIPS 140-2 IG 7.5 */ + return DH_P_SECURITY_128BITS; + case DH_STANDARDS_P_4096BIT: /* SP 800-56B rev 2 Appendix D */ + return DH_P_SECURITY_152BITS; + case DH_STANDARDS_P_6144BIT: /* SP 800-56B rev 2 Appendix D */ + return DH_P_SECURITY_176BITS; + case DH_STANDARDS_P_7680BIT: /* FIPS 140-2 IG 7.5 */ + return DH_P_SECURITY_192BITS; + case DH_STANDARDS_P_8192BIT: /* SP 800-56B rev 2 Appendix D */ + return DH_P_SECURITY_200BITS; + case DH_STANDARDS_P_15360BIT: /* FIPS 140-2 IG 7.5 */ + return DH_P_SECURITY_256BITS; + } + + /* + * The first incorrect result (i.e. not accurate or off by one low) occurs + * for n = 699668. The true value here is 1200. Instead of using this n + * as the check threshold, the smallest n such that the correct result is + * 1200 is used instead. + */ + if (n >= DH_STANDARDS_P_MAX_BIT) + return DH_P_SECURITY_1200BITS; + if (n < DH_STANDARDS_P_MIN_BIT) + return 0; + + /* + * To ensure that the output is non-decreasing with respect to n, + * a cap needs to be applied to the two values where the function over + * estimates the strength (according to the above fast path). + */ + if (n <= DH_STANDARDS_P_7680BIT) + cap = DH_P_SECURITY_192BITS; + else if (n <= DH_STANDARDS_P_15360BIT) + cap = DH_P_SECURITY_256BITS; + else + cap = DH_P_SECURITY_1200BITS; + + x = n * DH_LOG_2; + lx = ilog_e(x); + y = (uint16_t)((mul2(DH_C1_923, icbrt64(mul2(mul2(x, lx), lx))) - DH_C4_690) + / DH_LOG_2); + y = (y + DH_CAI_NUM4) & ~DH_CAI_NUM7; + if (y > cap) + y = cap; + return y; +} diff --git a/src/uadk_prov_ffc.h b/src/uadk_prov_ffc.h index d63a5ce..1e1536a 100644 --- a/src/uadk_prov_ffc.h +++ b/src/uadk_prov_ffc.h @@ -106,6 +106,42 @@ 0, BN_FLG_STATIC_DATA \ } \ +/* Define some constants, none exceed 32 bits */ +#define DH_LOG_2 0x02c5c8 +#define DH_LOG_E 0x05c551 +#define DH_C1_923 0x07b126 +#define DH_C4_690 0x12c28f +#define DH_CBRT_SCALE (1 << (2 * 18 / 3)) +#define DH_SCALE (1 << 18) +#define DH_MAX_EXPONENT 63 +#define DH_EXPONENT_SHIFT_3 3 + +/* modulus size */ +#define DH_STANDARDS_P_2048BIT 2048 +#define DH_STANDARDS_P_3072BIT 3072 +#define DH_STANDARDS_P_4096BIT 4096 +#define DH_STANDARDS_P_6144BIT 6144 +#define DH_STANDARDS_P_7680BIT 7680 +#define DH_STANDARDS_P_8192BIT 8192 +#define DH_STANDARDS_P_15360BIT 15360 +#define DH_STANDARDS_P_MAX_BIT 687737 +#define DH_STANDARDS_P_MIN_BIT 8 + + +/* security bits */ +#define DH_P_SECURITY_112BITS 112 +#define DH_P_SECURITY_128BITS 128 +#define DH_P_SECURITY_152BITS 152 +#define DH_P_SECURITY_176BITS 176 +#define DH_P_SECURITY_192BITS 192 +#define DH_P_SECURITY_200BITS 200 +#define DH_P_SECURITY_256BITS 256 +#define DH_P_SECURITY_1200BITS 1200 + +/* constant adjustment item */ +#define DH_CAI_NUM4 4 +#define DH_CAI_NUM7 7 + /* * Finite field cryptography (FFC) domain parameters are used by DH and DSA. * Refer to FIPS186_4 Appendix A & B. @@ -325,5 +361,5 @@ int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx, int ossl_ffc_params_FIPS186_4_generate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type, size_t L, size_t N, int *res, BN_GENCB *cb); - +uint16_t ossl_ifc_ffc_compute_security_bits(int n); #endif -- 2.33.0
From: Chenghai Huang <huangchenghai2@huawei.com> Increase the key length threshold for SHA384 to use digest to calculate keys. Changed the value from 64 to 128. Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_hmac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/uadk_prov_hmac.c b/src/uadk_prov_hmac.c index 6bf7947..badb8c1 100644 --- a/src/uadk_prov_hmac.c +++ b/src/uadk_prov_hmac.c @@ -114,7 +114,7 @@ static struct hmac_info hmac_info_table[] = { {WD_DIGEST_SHA256, NID_sha256, SHA_SMALL_PACKET_OFFLOAD_THRESHOLD_DEFAULT, 32, 64, PROV_NAMES_SHA2_256}, {WD_DIGEST_SHA384, NID_sha384, SHA_SMALL_PACKET_OFFLOAD_THRESHOLD_DEFAULT, - 48, 64, PROV_NAMES_SHA2_384}, + 48, 128, PROV_NAMES_SHA2_384}, {WD_DIGEST_SHA512, NID_sha512, SHA_SMALL_PACKET_OFFLOAD_THRESHOLD_DEFAULT, 64, 128, PROV_NAMES_SHA2_512}, {WD_DIGEST_SHA512_224, NID_sha512_224, SHA_SMALL_PACKET_OFFLOAD_THRESHOLD_DEFAULT, -- 2.33.0
If the soft switch is not turned on and the device is not found, and the returned algorithm array does not contain the current algorithm, it will switch to soft algorithm execution, which is inconsistent with expectations. Therefore, in abnormal scenarios, the v3 algorithm array needs to be returned, and the exception should be returned in the uadk_provider process. Signed-off-by: Qi Tao <taoqi10@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_init.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/src/uadk_prov_init.c b/src/uadk_prov_init.c index 20f7068..1ce1235 100644 --- a/src/uadk_prov_init.c +++ b/src/uadk_prov_init.c @@ -280,41 +280,41 @@ static const OSSL_ALGORITHM *uadk_query(void *provctx, int operation_id, ver = uadk_prov_cipher_version(); if (!ver && uadk_get_sw_offload_state()) break; - else if (ver == HW_SEC_V3) - return uadk_prov_ciphers_v3; - return uadk_prov_ciphers_v2; + else if (ver == HW_SEC_V2) + return uadk_prov_ciphers_v2; + return uadk_prov_ciphers_v3; case OSSL_OP_SIGNATURE: uadk_prov_signature_alg(); ver = uadk_prov_pkey_version(); if (!ver && uadk_get_sw_offload_state()) break; - else if (ver == HW_PKEY_V3) - return uadk_prov_signature_v3; - return uadk_prov_signature_v2; + else if (ver == HW_PKEY_V2) + return uadk_prov_signature_v2; + return uadk_prov_signature_v3; case OSSL_OP_KEYMGMT: uadk_prov_keymgmt_alg(); ver = uadk_prov_pkey_version(); if (!ver && uadk_get_sw_offload_state()) break; - else if (ver == HW_PKEY_V3) - return uadk_prov_keymgmt_v3; - return uadk_prov_keymgmt_v2; + else if (ver == HW_PKEY_V2) + return uadk_prov_keymgmt_v2; + return uadk_prov_keymgmt_v3; case OSSL_OP_ASYM_CIPHER: uadk_prov_asym_cipher_alg(); ver = uadk_prov_pkey_version(); if (!ver && uadk_get_sw_offload_state()) break; - else if (ver == HW_PKEY_V3) - return uadk_prov_asym_cipher_v3; - return uadk_prov_asym_cipher_v2; + else if (ver == HW_PKEY_V2) + return uadk_prov_asym_cipher_v2; + return uadk_prov_asym_cipher_v3; case OSSL_OP_KEYEXCH: uadk_prov_keyexch_alg(); ver = uadk_prov_pkey_version(); if (!ver && uadk_get_sw_offload_state()) break; - else if (ver == HW_PKEY_V3) - return uadk_prov_keyexch_v3; - return uadk_prov_keyexch_v2; + else if (ver == HW_PKEY_V2) + return uadk_prov_keyexch_v2; + return uadk_prov_keyexch_v3; default: break; } -- 2.33.0
A soft ctx is created only when the soft switch is turned on. Otherwise, it is meaningless. Signed-off-by: Qi Tao <taoqi10@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_aead.c | 29 ++++++++++++++++++----------- src/uadk_prov_cipher.c | 27 ++++++++++++++++++--------- src/uadk_prov_digest.c | 29 ++++++++++++++++++----------- 3 files changed, 54 insertions(+), 31 deletions(-) diff --git a/src/uadk_prov_aead.c b/src/uadk_prov_aead.c index dbbd844..3965f60 100644 --- a/src/uadk_prov_aead.c +++ b/src/uadk_prov_aead.c @@ -153,7 +153,7 @@ static void uadk_aead_mutex_infork(void) pthread_mutex_unlock(&aead_mutex); } -static int uadk_fetch_sw_aead(struct aead_priv_ctx *priv) +static int uadk_create_aead_soft_ctx(struct aead_priv_ctx *priv) { if (priv->sw_aead) return UADK_AEAD_SUCCESS; @@ -172,12 +172,24 @@ static int uadk_fetch_sw_aead(struct aead_priv_ctx *priv) break; } - if (unlikely(priv->sw_aead == NULL)) { + if (unlikely(!priv->sw_aead)) { fprintf(stderr, "aead failed to fetch\n"); return UADK_AEAD_FAIL; } + priv->sw_ctx = EVP_CIPHER_CTX_new(); + if (!priv->sw_ctx) { + fprintf(stderr, "EVP_AEAD_CTX_new failed.\n"); + goto free; + } + return UADK_AEAD_SUCCESS; + +free: + EVP_CIPHER_free(priv->sw_aead); + priv->sw_aead = NULL; + + return UADK_AEAD_FAIL; } static int uadk_prov_aead_soft_init(struct aead_priv_ctx *priv, const unsigned char *key, @@ -185,7 +197,7 @@ static int uadk_prov_aead_soft_init(struct aead_priv_ctx *priv, const unsigned c { int ret; - if (!priv->sw_aead || !priv->sw_ctx) + if (!priv->sw_aead) return UADK_AEAD_FAIL; if (priv->req.op_type == WD_CIPHER_ENCRYPTION_DIGEST) @@ -208,7 +220,7 @@ static int uadk_aead_soft_update(struct aead_priv_ctx *priv, unsigned char *out, { int ret; - if (!priv->sw_aead || !priv->sw_ctx) + if (!priv->sw_aead) return UADK_AEAD_FAIL; if (priv->req.op_type == WD_CIPHER_ENCRYPTION_DIGEST) @@ -230,7 +242,7 @@ static int uadk_aead_soft_final(struct aead_priv_ctx *priv, unsigned char *diges { int ret; - if (!priv->sw_aead || !priv->sw_ctx) + if (!priv->sw_aead) goto error; if (priv->req.op_type == WD_CIPHER_ENCRYPTION_DIGEST) { @@ -834,7 +846,7 @@ static int uadk_prov_aead_init(struct aead_priv_ctx *priv, const unsigned char * priv->stream_switch_flag = 0; if (uadk_get_sw_offload_state()) - uadk_fetch_sw_aead(priv); + uadk_create_aead_soft_ctx(priv); ret = uadk_prov_aead_dev_init(priv); if (unlikely(ret < 0)) { @@ -1118,9 +1130,7 @@ static void *uadk_prov_aead_dupctx(void *ctx) fprintf(stderr, "EVP_CIPHER_CTX_dup failed in ctx copy.\n"); goto free_data; } - } - if (dst_ctx->sw_aead) { ret = EVP_CIPHER_up_ref(dst_ctx->sw_aead); if (!ret) goto free_dup; @@ -1176,9 +1186,6 @@ static void *uadk_##nm##_newctx(void *provctx) \ ctx->ivlen = iv_len; \ ctx->nid = e_nid; \ ctx->taglen = tag_len; \ - ctx->sw_ctx = EVP_CIPHER_CTX_new(); \ - if (ctx->sw_ctx == NULL) \ - fprintf(stderr, "EVP_AEAD_CTX_new failed.\n"); \ strncpy(ctx->alg_name, #algnm, ALG_NAME_SIZE - 1); \ \ return ctx; \ diff --git a/src/uadk_prov_cipher.c b/src/uadk_prov_cipher.c index 7e94fbc..6d3e2c1 100644 --- a/src/uadk_prov_cipher.c +++ b/src/uadk_prov_cipher.c @@ -202,7 +202,7 @@ static int ossl_cipher_cbc_cts_mode_name2id(const char *name) return -1; } -static int uadk_fetch_sw_cipher(struct cipher_priv_ctx *priv) +static int uadk_create_cipher_soft_ctx(struct cipher_priv_ctx *priv) { if (priv->sw_cipher) return UADK_P_SUCCESS; @@ -293,19 +293,31 @@ static int uadk_fetch_sw_cipher(struct cipher_priv_ctx *priv) break; } - if (unlikely(priv->sw_cipher == NULL)) { + if (unlikely(!priv->sw_cipher)) { fprintf(stderr, "cipher failed to fetch\n"); return UADK_P_FAIL; } + priv->sw_ctx = EVP_CIPHER_CTX_new(); + if (!priv->sw_ctx) { + fprintf(stderr, "EVP_CIPHER_CTX_new failed.\n"); + goto free; + } + return UADK_P_SUCCESS; + +free: + EVP_CIPHER_free(priv->sw_cipher); + priv->sw_cipher = NULL; + + return UADK_P_FAIL; } static int uadk_prov_cipher_sw_init(struct cipher_priv_ctx *priv, const unsigned char *key, const unsigned char *iv) { - if (!priv->sw_cipher || !priv->sw_ctx) + if (!priv->sw_cipher) return UADK_P_FAIL; if (!EVP_CipherInit_ex2(priv->sw_ctx, priv->sw_cipher, key, iv, @@ -322,7 +334,7 @@ static int uadk_prov_cipher_sw_init(struct cipher_priv_ctx *priv, static int uadk_prov_cipher_soft_update(struct cipher_priv_ctx *priv, unsigned char *out, int *outl, const unsigned char *in, size_t len) { - if (!priv->sw_cipher || !priv->sw_ctx) + if (!priv->sw_cipher) return UADK_P_FAIL; if (!EVP_CipherInit_ex2(priv->sw_ctx, priv->sw_cipher, priv->key, priv->iv, @@ -346,7 +358,7 @@ static int uadk_prov_cipher_soft_final(struct cipher_priv_ctx *priv, unsigned ch { int sw_final_len = 0; - if (!priv->sw_cipher || !priv->sw_ctx) + if (!priv->sw_cipher) return UADK_P_FAIL; if (!EVP_CipherFinal_ex(priv->sw_ctx, out, &sw_final_len)) { @@ -428,7 +440,7 @@ static int uadk_prov_cipher_init(struct cipher_priv_ctx *priv, priv->switch_threshold = SMALL_PACKET_OFFLOAD_THRESHOLD_DEFAULT; if (uadk_get_sw_offload_state()) - uadk_fetch_sw_cipher(priv); + uadk_create_cipher_soft_ctx(priv); ret = uadk_prov_cipher_dev_init(priv); if (unlikely(ret <= 0)) { @@ -1351,9 +1363,6 @@ static void *uadk_##nm##_newctx(void *provctx) \ ctx->ivlen = iv_len; \ ctx->nid = e_nid; \ ctx->cts_mode = WD_CIPHER_CBC_CS1; \ - ctx->sw_ctx = EVP_CIPHER_CTX_new(); \ - if (ctx->sw_ctx == NULL) \ - fprintf(stderr, "EVP_CIPHER_CTX_new failed.\n"); \ strncpy(ctx->alg_name, #algnm, ALG_NAME_SIZE - 1); \ if (strcmp(#typ, "block") == 0) \ ctx->pad = 1; \ diff --git a/src/uadk_prov_digest.c b/src/uadk_prov_digest.c index a13d075..98e25e1 100644 --- a/src/uadk_prov_digest.c +++ b/src/uadk_prov_digest.c @@ -130,7 +130,7 @@ static EVP_MD_CTX *EVP_MD_CTX_dup(const EVP_MD_CTX *in) return out; } -static int uadk_digests_soft_md(struct digest_priv_ctx *priv) +static int uadk_create_digest_soft_ctx(struct digest_priv_ctx *priv) { if (priv->soft_md) return UADK_DIGEST_SUCCESS; @@ -169,17 +169,29 @@ static int uadk_digests_soft_md(struct digest_priv_ctx *priv) break; } - if (unlikely(priv->soft_md == NULL)) { + if (unlikely(!priv->soft_md)) { fprintf(stderr, "digest failed to fetch\n"); return UADK_DIGEST_FAIL; } + priv->soft_ctx = EVP_MD_CTX_new(); + if (!priv->soft_ctx) { + fprintf(stderr, "EVP_MD_CTX_new failed.\n"); + goto free; + } + return UADK_DIGEST_SUCCESS; + +free: + EVP_MD_free(priv->soft_md); + priv->soft_md = NULL; + + return UADK_DIGEST_FAIL; } static int uadk_digest_soft_init(struct digest_priv_ctx *priv) { - if (!priv->soft_md || !priv->soft_ctx) + if (!priv->soft_md) return UADK_DIGEST_FAIL; if (!EVP_DigestInit_ex(priv->soft_ctx, priv->soft_md, NULL)) { @@ -195,7 +207,7 @@ static int uadk_digest_soft_init(struct digest_priv_ctx *priv) static int uadk_digest_soft_update(struct digest_priv_ctx *priv, const void *data, size_t len) { - if (priv->soft_md == NULL) + if (!priv->soft_md) return UADK_DIGEST_FAIL; if (!EVP_DigestUpdate(priv->soft_ctx, data, len)) { @@ -212,7 +224,7 @@ static int uadk_digest_soft_final(struct digest_priv_ctx *priv, unsigned char *d { unsigned int digest_length; - if (priv->soft_md == NULL) + if (!priv->soft_md) return UADK_DIGEST_FAIL; if (!EVP_DigestFinal_ex(priv->soft_ctx, digest, &digest_length)) { @@ -837,9 +849,7 @@ static void *uadk_prov_dupctx(void *dctx) fprintf(stderr, "EVP_MD_CTX_new failed in ctx copy.\n"); goto free_data; } - } - if (dst_ctx->soft_md) { ret = EVP_MD_up_ref(dst_ctx->soft_md); if (!ret) goto free_dup; @@ -868,7 +878,7 @@ static int uadk_prov_init(void *dctx, const OSSL_PARAM params[]) } if (uadk_get_sw_offload_state()) - uadk_digests_soft_md(priv); + uadk_create_digest_soft_ctx(priv); ret = uadk_get_digest_info(priv); if (unlikely(!ret)) @@ -981,9 +991,6 @@ static void *uadk_##name##_newctx(void *provctx) \ ctx->blk_size = blksize; \ ctx->md_size = mdsize; \ ctx->e_nid = nid; \ - ctx->soft_ctx = EVP_MD_CTX_new(); \ - if (ctx->soft_ctx == NULL) \ - fprintf(stderr, "EVP_MD_CTX_new failed.\n"); \ strncpy(ctx->alg_name, #name, ALG_NAME_SIZE - 1); \ ptr = strchr(ctx->alg_name, '_'); \ if (ptr != NULL) \ -- 2.33.0
From: Chenghai Huang <huangchenghai2@huawei.com> It need to release ffc before dh free. Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_dh.c | 37 ++++++++++++++++--------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/src/uadk_prov_dh.c b/src/uadk_prov_dh.c index cb40cff..2b34127 100644 --- a/src/uadk_prov_dh.c +++ b/src/uadk_prov_dh.c @@ -1212,9 +1212,10 @@ free_dh: } static int uadk_prov_dh_gen_params_cb(PROV_DH_KEYMGMT_CTX *gctx, DH *dh, - OSSL_CALLBACK *cb, void *cb_params, BN_GENCB *gencb) + OSSL_CALLBACK *cb, void *cb_params) { - int ret; + int ret = UADK_P_SUCCESS; + BN_GENCB *gencb; if (cb == NULL || cb_params == NULL) { fprintf(stderr, "invalid: cb function or param is NULL\n"); @@ -1242,27 +1243,18 @@ static int uadk_prov_dh_gen_params_cb(PROV_DH_KEYMGMT_CTX *gctx, DH *dh, gctx->pbits, gctx->qbits, gencb); if (ret <= 0) { fprintf(stderr, "failed to generate ffc parameters\n"); - goto free_cb; + ret = UADK_P_FAIL; } } - return UADK_P_SUCCESS; - -free_cb: if (gencb) BN_GENCB_free(gencb); - return UADK_P_FAIL; -} - -static void uadk_prov_dh_free_params_cb(BN_GENCB *gencb) -{ - if (gencb) - BN_GENCB_free(gencb); + return ret; } static DH *uadk_prov_dh_gen_params(PROV_DH_KEYMGMT_CTX *gctx, FFC_PARAMS **ffc, - OSSL_CALLBACK *cb, void *cb_params, BN_GENCB *gencb) + OSSL_CALLBACK *cb, void *cb_params) { DH *dh = NULL; int ret; @@ -1277,7 +1269,7 @@ static DH *uadk_prov_dh_gen_params(PROV_DH_KEYMGMT_CTX *gctx, FFC_PARAMS **ffc, if (dh == NULL || *ffc == NULL) return NULL; - ret = uadk_prov_dh_gen_params_cb(gctx, dh, cb, cb_params, gencb); + ret = uadk_prov_dh_gen_params_cb(gctx, dh, cb, cb_params); if (ret == UADK_P_FAIL) { ossl_dh_free_ex(dh); return NULL; @@ -1287,14 +1279,19 @@ static DH *uadk_prov_dh_gen_params(PROV_DH_KEYMGMT_CTX *gctx, FFC_PARAMS **ffc, return dh; } -static void uadk_prov_dh_free_params(DH *dh, BN_GENCB *gencb) +static void uadk_prov_dh_free_params(DH *dh) { + FFC_PARAMS *ffc; + + ffc = ossl_dh_get0_params(dh); + if (ffc) + ossl_ffc_params_cleanup(ffc); + /* * Release DH object that allocated by uadk_prov_dh_gen_params_ex() or * uadk_prov_dh_gen_params_with_group(). */ ossl_dh_free_ex(dh); - uadk_prov_dh_free_params_cb(gencb); } static void *uadk_dh_sw_gen(void *genctx, OSSL_CALLBACK *cb, void *cb_params) @@ -1309,7 +1306,6 @@ static void *uadk_dh_sw_gen(void *genctx, OSSL_CALLBACK *cb, void *cb_params) static void *uadk_keymgmt_dh_gen(void *genctx, OSSL_CALLBACK *cb, void *cb_params) { PROV_DH_KEYMGMT_CTX *gctx = (PROV_DH_KEYMGMT_CTX *)genctx; - BN_GENCB *gencb = NULL; FFC_PARAMS *ffc = NULL; DH *dh = NULL; int ret; @@ -1327,7 +1323,7 @@ static void *uadk_keymgmt_dh_gen(void *genctx, OSSL_CALLBACK *cb, void *cb_param if (gctx->group_nid != NID_undef) gctx->gen_type = DH_PARAMGEN_TYPE_GROUP; - dh = uadk_prov_dh_gen_params(gctx, &ffc, cb, cb_params, gencb); + dh = uadk_prov_dh_gen_params(gctx, &ffc, cb, cb_params); if (dh == NULL || ffc == NULL) { ret = UADK_DO_SOFT; goto free_gen_params; @@ -1354,12 +1350,11 @@ static void *uadk_keymgmt_dh_gen(void *genctx, OSSL_CALLBACK *cb, void *cb_param uadk_DH_clear_flags(dh, DH_FLAG_TYPE_MASK); uadk_DH_set_flags(dh, gctx->dh_type); - uadk_prov_dh_free_params_cb(gencb); return dh; free_gen_params: - uadk_prov_dh_free_params(dh, gencb); + uadk_prov_dh_free_params(dh); if (ret == UADK_DO_SOFT) return uadk_dh_sw_gen(genctx, cb, cb_params); -- 2.33.0
From: Zhiqi Song <songzhiqi1@huawei.com> EVP_CipherInit_ex() may not directly transfer the iv parameter, so we should try to get iv from cipher 'ctx' and copy it to 'priv'. Test with: openssl genpkey -algorithm RSA -out private_key.pem -aes256 \ -pass pass:1234 openssl pkey -in private_key.pem -out decrypted_private_key.pem \ -passin pass:1234 -engine uadk_engine Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_cipher.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index 59753da..95af193 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -506,6 +506,8 @@ static int uadk_e_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, if (iv) memcpy(priv->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); + else + memcpy(priv->iv, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_iv_length(ctx)); for (i = 0; i < cipher_counts; i++) { if (nid == cipher_info_table[i].nid) { -- 2.33.0
From: Zhiqi Song <songzhiqi1@huawei.com> 1. Fixup the private key is not securely released. 2. Fixup the abnormal branch may double free br and bs. 3. Check whether the 'siglen' address is empty. Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_dh.c | 2 +- src/uadk_sm2.c | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/uadk_dh.c b/src/uadk_dh.c index b7d17c4..011bf56 100644 --- a/src/uadk_dh.c +++ b/src/uadk_dh.c @@ -870,7 +870,7 @@ static int uadk_e_dh_generate_key(DH *dh) free_data: if (dh_sess->key_flag == KEY_GEN_BY_ENGINE) - BN_free(priv_key); + BN_clear_free(priv_key); dh_free_eng_session(dh_sess); soft_log: fprintf(stderr, "switch to execute openssl software calculation.\n"); diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index b8548d1..170d320 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -413,10 +413,11 @@ static int sign_bin_to_ber(EC_KEY *ec, struct wd_dtb *r, struct wd_dtb *s, return 0; free_s: - BN_free(bs); + BN_clear_free(bs); free_r: - BN_free(br); + BN_clear_free(br); free_sig: + ECDSA_SIG_set0(e_sig, NULL, NULL); ECDSA_SIG_free(e_sig); return ret; @@ -679,6 +680,11 @@ static int sm2_sign_check(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EC_KEY *ec = EVP_PKEY_get0(p_key); const int sig_sz = ECDSA_size(ec); + if (!siglen) { + fprintf(stderr, "siglen is NULL\n"); + return -EINVAL; + } + /* * If 'sig' is NULL, users can use sm2_decrypt API to obtain the valid 'siglen' first, * then users use the value of 'signlen' to alloc the memory of 'sig' and call the -- 2.33.0
Fix memory leak error and correct the function return value error. Signed-off-by: Qi Tao <taoqi10@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_aead.c | 10 +++++++--- src/uadk_prov_rsa.c | 18 +++++++++--------- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/src/uadk_prov_aead.c b/src/uadk_prov_aead.c index 3965f60..59c13b4 100644 --- a/src/uadk_prov_aead.c +++ b/src/uadk_prov_aead.c @@ -572,7 +572,7 @@ static int uadk_prov_do_aes_gcm_first(struct aead_priv_ctx *priv, unsigned char if (inlen > MAX_AAD_LEN) { if (priv->mode != ASYNC_MODE) - return SWITCH_TO_SOFT; + goto soft; fprintf(stderr, "the aad len is out of range, aad len = %zu.\n", inlen); return UADK_AEAD_FAIL; @@ -587,13 +587,17 @@ static int uadk_prov_do_aes_gcm_first(struct aead_priv_ctx *priv, unsigned char } if (!priv->req.assoc_bytes) - return SWITCH_TO_SOFT; + goto soft; ret = uadk_do_aead_sync_inner(priv, out, in, inlen, AEAD_MSG_FIRST); if (unlikely(ret < 0)) - return SWITCH_TO_SOFT; + goto soft; return UADK_AEAD_SUCCESS; + +soft: + fprintf(stderr, "aead failed to update aad, switch to soft.\n"); + return SWITCH_TO_SOFT; } static int uadk_prov_do_aes_gcm_update(struct aead_priv_ctx *priv, unsigned char *out, diff --git a/src/uadk_prov_rsa.c b/src/uadk_prov_rsa.c index 21f01a2..eb651c0 100644 --- a/src/uadk_prov_rsa.c +++ b/src/uadk_prov_rsa.c @@ -1464,6 +1464,12 @@ static void rsa_keygen_param_free(struct rsa_keygen_param **keygen_param, static int rsa_pkey_param_alloc(struct rsa_pubkey_param **pub, struct rsa_prikey_param **pri) { + if (pub) { + *pub = OPENSSL_malloc(sizeof(struct rsa_pubkey_param)); + if (!(*pub)) + return -ENOMEM; + } + if (pri) { *pri = OPENSSL_malloc(sizeof(struct rsa_prikey_param)); if (!(*pri)) { @@ -1473,12 +1479,6 @@ static int rsa_pkey_param_alloc(struct rsa_pubkey_param **pub, } } - if (pub) { - *pub = OPENSSL_malloc(sizeof(struct rsa_pubkey_param)); - if (!(*pub)) - return -ENOMEM; - } - return UADK_E_SUCCESS; } @@ -2479,7 +2479,7 @@ static const OSSL_PARAM *uadk_asym_cipher_rsa_gettable_ctx_params(void *vprsactx void *provctx) { if (!get_default_rsa_asym_cipher().gettable_ctx_params) - return UADK_E_FAIL; + return NULL; return get_default_rsa_asym_cipher().gettable_ctx_params(vprsactx, provctx); } @@ -2496,7 +2496,7 @@ static const OSSL_PARAM *uadk_asym_cipher_rsa_settable_ctx_params(void *vprsactx void *provctx) { if (!get_default_rsa_asym_cipher().settable_ctx_params) - return UADK_E_FAIL; + return NULL; return get_default_rsa_asym_cipher().settable_ctx_params(vprsactx, provctx); } @@ -2768,7 +2768,7 @@ static void *uadk_keymgmt_rsa_dup(const void *keydata_from, int selection) static void *uadk_asym_cipher_rsa_dupctx(void *vprsactx) { if (!get_default_rsa_asym_cipher().dupctx) - return UADK_E_FAIL; + return NULL; return get_default_rsa_asym_cipher().dupctx(vprsactx); } -- 2.33.0
From: Chenghai Huang <huangchenghai2@huawei.com> Use bn_new instead of bn_ctx_new to avoid memery leak. Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_rsa.c | 129 +++++++++++++++++++++----------------------- 1 file changed, 60 insertions(+), 69 deletions(-) diff --git a/src/uadk_prov_rsa.c b/src/uadk_prov_rsa.c index eb651c0..983caf9 100644 --- a/src/uadk_prov_rsa.c +++ b/src/uadk_prov_rsa.c @@ -1201,13 +1201,12 @@ static int rsa_fill_prikey(RSA *rsa, struct uadk_rsa_sess *rsa_sess, } static int rsa_get_keygen_param(struct wd_rsa_req *req, handle_t ctx, RSA *rsa, - struct rsa_keygen_param_bn *bn_param, BN_CTX **bn_ctx_in) + struct rsa_keygen_param_bn *bn_param) { struct wd_rsa_kg_out *out = (struct wd_rsa_kg_out *)req->dst; struct wd_dtb wd_d, wd_n, wd_qinv, wd_dq, wd_dp; BIGNUM *dmp1, *dmq1, *iqmp, *d, *n; unsigned int key_bits, key_size; - BN_CTX *bn_ctx = *bn_ctx_in; key_bits = wd_rsa_get_key_bits(ctx); if (!key_bits) @@ -1217,25 +1216,25 @@ static int rsa_get_keygen_param(struct wd_rsa_req *req, handle_t ctx, RSA *rsa, wd_rsa_get_kg_out_params(out, &wd_d, &wd_n); wd_rsa_get_kg_out_crt_params(out, &wd_qinv, &wd_dq, &wd_dp); - dmq1 = BN_CTX_get(bn_ctx); + dmq1 = BN_secure_new(); if (!dmq1) return UADK_E_FAIL; - dmp1 = BN_CTX_get(bn_ctx); + dmp1 = BN_secure_new(); if (!dmp1) - return UADK_E_FAIL; + goto free_bn_dq; - iqmp = BN_CTX_get(bn_ctx); + iqmp = BN_new(); if (!iqmp) - return UADK_E_FAIL; + goto free_bn_dp; - n = BN_CTX_get(bn_ctx); + n = BN_new(); if (!n) - return UADK_E_FAIL; + goto free_bn_qinv; - d = BN_CTX_get(bn_ctx); + d = BN_secure_new(); if (!d) - return UADK_E_FAIL; + goto free_bn_n; BN_bin2bn((unsigned char *)wd_n.data, key_size, n); BN_bin2bn((unsigned char *)wd_d.data, key_size, d); @@ -1246,9 +1245,22 @@ static int rsa_get_keygen_param(struct wd_rsa_req *req, handle_t ctx, RSA *rsa, if (!(uadk_rsa_set0_key(rsa, n, bn_param->e, d) && uadk_rsa_set0_factors(rsa, bn_param->p, bn_param->q) && uadk_rsa_set0_crt_params(rsa, dmp1, dmq1, iqmp))) - return UADK_E_FAIL; + goto free_bn_d; return UADK_E_SUCCESS; + +free_bn_d: + BN_clear_free(d); +free_bn_n: + BN_clear_free(n); +free_bn_qinv: + BN_clear_free(iqmp); +free_bn_dp: + BN_clear_free(dmp1); +free_bn_dq: + BN_clear_free(dmq1); + + return UADK_E_FAIL; } static void uadk_e_rsa_cb(void *req_t) @@ -1388,10 +1400,8 @@ static void rsa_free_keygen_data(struct uadk_rsa_sess *rsa_sess) static int rsa_keygen_param_alloc(struct rsa_keygen_param **keygen_param, struct rsa_keygen_param_bn **keygen_bn_param, - struct rsa_keypair **key_pair, BN_CTX **bn_ctx_in) + struct rsa_keypair **key_pair) { - BN_CTX *bn_ctx; - *keygen_param = OPENSSL_malloc(sizeof(struct rsa_keygen_param)); if (!(*keygen_param)) goto error; @@ -1405,30 +1415,24 @@ static int rsa_keygen_param_alloc(struct rsa_keygen_param **keygen_param, if (!(*key_pair)) goto free_keygen_bn_param; - bn_ctx = BN_CTX_new(); - if (!bn_ctx) - goto free_key_pair; - - BN_CTX_start(bn_ctx); - *bn_ctx_in = bn_ctx; - - (*keygen_bn_param)->p = BN_CTX_get(bn_ctx); + (*keygen_bn_param)->p = BN_secure_new(); if (!(*keygen_bn_param)->p) - goto free_bn_ctx; + goto free_key_pair; - (*keygen_bn_param)->q = BN_CTX_get(bn_ctx); + (*keygen_bn_param)->q = BN_secure_new(); if (!(*keygen_bn_param)->q) - goto free_bn_ctx; + goto free_p; - (*keygen_bn_param)->e = BN_CTX_get(bn_ctx); + (*keygen_bn_param)->e = BN_new(); if (!(*keygen_bn_param)->e) - goto free_bn_ctx; + goto free_q; return UADK_E_SUCCESS; -free_bn_ctx: - BN_CTX_end(bn_ctx); - BN_CTX_free(bn_ctx); +free_q: + BN_clear_free((*keygen_bn_param)->q); +free_p: + BN_clear_free((*keygen_bn_param)->p); free_key_pair: OPENSSL_free(*key_pair); free_keygen_bn_param: @@ -1441,20 +1445,11 @@ error: static void rsa_keygen_param_free(struct rsa_keygen_param **keygen_param, struct rsa_keygen_param_bn **keygen_bn_param, - struct rsa_keypair **key_pair, BN_CTX **bn_ctx, - int free_bn_ctx_tag) + struct rsa_keypair **key_pair) { - /* - * When an abnormal situation occurs, uadk engine needs to - * switch to software keygen function, so we need to free - * BN ctx we alloced before. But in normal situation, - * the BN ctx should be freed by OpenSSL tools or users. - * Therefore, we use a tag to distinguish these cases. - */ - if (free_bn_ctx_tag == UADK_DO_SOFT) { - BN_CTX_end(*bn_ctx); - BN_CTX_free(*bn_ctx); - } + BN_clear_free((*keygen_bn_param)->p); + BN_clear_free((*keygen_bn_param)->q); + BN_clear_free((*keygen_bn_param)->e); OPENSSL_free(*key_pair); OPENSSL_free(*keygen_param); @@ -1551,7 +1546,6 @@ static int uadk_prov_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) struct rsa_keygen_param_bn *bn_param = NULL; struct uadk_rsa_sess *rsa_sess = NULL; struct rsa_keypair *key_pair = NULL; - BN_CTX *bn_ctx = NULL; int is_crt = 1; int ret; @@ -1559,7 +1553,7 @@ static int uadk_prov_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) if (ret != UADK_E_SUCCESS) return ret; - ret = rsa_keygen_param_alloc(&keygen_param, &bn_param, &key_pair, &bn_ctx); + ret = rsa_keygen_param_alloc(&keygen_param, &bn_param, &key_pair); if (ret == -ENOMEM) return UADK_E_FAIL; @@ -1571,18 +1565,18 @@ static int uadk_prov_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) ret = rsa_primes_gen(bits, e, bn_param->p, bn_param->q, cb); if (!ret) { - ret = UADK_E_FAIL; + ret = UADK_DO_SOFT; goto free_sess; } if (!BN_copy(bn_param->e, e)) { - ret = UADK_E_FAIL; + ret = UADK_DO_SOFT; goto free_sess; } ret = rsa_fill_keygen_data(rsa_sess, key_pair, keygen_param, bn_param); if (!ret) { - ret = UADK_E_FAIL; + ret = UADK_DO_SOFT; goto free_sess; } @@ -1592,16 +1586,16 @@ static int uadk_prov_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) goto free_kg_in_out; } - ret = rsa_get_keygen_param(&rsa_sess->req, rsa_sess->sess, rsa, bn_param, &bn_ctx); + ret = rsa_get_keygen_param(&rsa_sess->req, rsa_sess->sess, rsa, bn_param); if (!ret) - ret = UADK_E_FAIL; + ret = UADK_DO_SOFT; free_kg_in_out: rsa_free_keygen_data(rsa_sess); free_sess: rsa_free_eng_session(rsa_sess); free_keygen: - rsa_keygen_param_free(&keygen_param, &bn_param, &key_pair, &bn_ctx, ret); + rsa_keygen_param_free(&keygen_param, &bn_param, &key_pair); return ret; } @@ -1765,21 +1759,20 @@ static int sign_trans_bn(struct uadk_rsa_sess *rsa_sess, unsigned char *from_buf to_bn = BN_bin2bn(from_buf, num_bytes, NULL); if (!to_bn) { - BN_free(sign_bn); - - return UADK_E_FAIL; + ret = UADK_E_FAIL; + goto free_sign_bn; } ret = rsa_get_sign_res(padding, to_bn, pri->n, sign_bn, &res); - if (!ret) { - BN_free(to_bn); - BN_free(sign_bn); - - return UADK_E_FAIL; - } + if (!ret) + goto free_to_bn; ret = BN_bn2binpad(res, to, num_bytes); +free_to_bn: + BN_free(to_bn); +free_sign_bn: + BN_free(sign_bn); return ret; } @@ -1855,17 +1848,15 @@ static int verify_trans_bn(struct uadk_rsa_sess *rsa_sess, unsigned char *from_b return UADK_E_FAIL; ret = rsa_get_verify_res(padding, pub->n, verify_bn); - if (!ret) { - BN_free(verify_bn); - return UADK_E_FAIL; - } + if (!ret) + goto verify_end; *len = BN_bn2binpad(verify_bn, from_buf, num_bytes); - if (*len == 0) { - BN_free(verify_bn); - return UADK_E_FAIL; - } + if (*len == 0) + ret = UADK_E_FAIL; +verify_end: + BN_free(verify_bn); return ret; } -- 2.33.0
From: Chenghai Huang <huangchenghai2@huawei.com> Switch to software computing only when hardware-related services fail. Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_rsa.c | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/src/uadk_prov_rsa.c b/src/uadk_prov_rsa.c index 983caf9..facac0e 100644 --- a/src/uadk_prov_rsa.c +++ b/src/uadk_prov_rsa.c @@ -1445,11 +1445,20 @@ error: static void rsa_keygen_param_free(struct rsa_keygen_param **keygen_param, struct rsa_keygen_param_bn **keygen_bn_param, - struct rsa_keypair **key_pair) + struct rsa_keypair **key_pair, int free_bn_ctx_tag) { - BN_clear_free((*keygen_bn_param)->p); - BN_clear_free((*keygen_bn_param)->q); - BN_clear_free((*keygen_bn_param)->e); + /* + * When an abnormal situation occurs, uadk engine needs to + * switch to software keygen function, so we need to free + * BN we alloced before. But in normal situation, + * the BN should be freed by OpenSSL tools or users. + * Therefore, we use a tag to distinguish these cases. + */ + if (free_bn_ctx_tag == UADK_DO_SOFT) { + BN_clear_free((*keygen_bn_param)->p); + BN_clear_free((*keygen_bn_param)->q); + BN_clear_free((*keygen_bn_param)->e); + } OPENSSL_free(*key_pair); OPENSSL_free(*keygen_param); @@ -1565,18 +1574,18 @@ static int uadk_prov_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) ret = rsa_primes_gen(bits, e, bn_param->p, bn_param->q, cb); if (!ret) { - ret = UADK_DO_SOFT; + ret = UADK_E_FAIL; goto free_sess; } if (!BN_copy(bn_param->e, e)) { - ret = UADK_DO_SOFT; + ret = UADK_E_FAIL; goto free_sess; } ret = rsa_fill_keygen_data(rsa_sess, key_pair, keygen_param, bn_param); if (!ret) { - ret = UADK_DO_SOFT; + ret = UADK_E_FAIL; goto free_sess; } @@ -1588,14 +1597,14 @@ static int uadk_prov_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) ret = rsa_get_keygen_param(&rsa_sess->req, rsa_sess->sess, rsa, bn_param); if (!ret) - ret = UADK_DO_SOFT; + ret = UADK_E_FAIL; free_kg_in_out: rsa_free_keygen_data(rsa_sess); free_sess: rsa_free_eng_session(rsa_sess); free_keygen: - rsa_keygen_param_free(&keygen_param, &bn_param, &key_pair); + rsa_keygen_param_free(&keygen_param, &bn_param, &key_pair, ret); return ret; } -- 2.33.0
1. Code comments are placed above or to the right of the corresponding code 2. An array declaration must explicitly specify its size. 3. Do not abuse typedef or #define to set aliases for primitive types. Signed-off-by: Qi Tao <taoqi10@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_digest.c | 3 ++- src/uadk_prov.h | 4 ++-- src/uadk_prov_rsa.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/uadk_digest.c b/src/uadk_digest.c index 69f9c5c..0b4e8c5 100644 --- a/src/uadk_digest.c +++ b/src/uadk_digest.c @@ -100,6 +100,7 @@ struct evp_md_ctx_st { int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); }; # else +/* EVP_MD_CTX */ struct evp_md_ctx_st { const EVP_MD *reqdigest; /* The original requested digest */ const EVP_MD *digest; @@ -119,7 +120,7 @@ struct evp_md_ctx_st { */ void *algctx; EVP_MD *fetched_digest; -} /* EVP_MD_CTX */; +}; #endif struct digest_priv_ctx { diff --git a/src/uadk_prov.h b/src/uadk_prov.h index ac83ee5..3ac4ac3 100644 --- a/src/uadk_prov.h +++ b/src/uadk_prov.h @@ -172,8 +172,8 @@ extern const OSSL_DISPATCH uadk_sm4_ctr_functions[FUNC_MAX_NUM]; extern const OSSL_DISPATCH uadk_aes_128_gcm_functions[FUNC_MAX_NUM]; extern const OSSL_DISPATCH uadk_aes_192_gcm_functions[FUNC_MAX_NUM]; extern const OSSL_DISPATCH uadk_aes_256_gcm_functions[FUNC_MAX_NUM]; -extern const OSSL_DISPATCH uadk_des_ede3_cbc_functions[]; -extern const OSSL_DISPATCH uadk_des_ede3_ecb_functions[]; +extern const OSSL_DISPATCH uadk_des_ede3_cbc_functions[FUNC_MAX_NUM]; +extern const OSSL_DISPATCH uadk_des_ede3_ecb_functions[FUNC_MAX_NUM]; extern const OSSL_DISPATCH uadk_rsa_signature_functions[FUNC_MAX_NUM]; extern const OSSL_DISPATCH uadk_rsa_keymgmt_functions[FUNC_MAX_NUM]; diff --git a/src/uadk_prov_rsa.c b/src/uadk_prov_rsa.c index facac0e..88789c0 100644 --- a/src/uadk_prov_rsa.c +++ b/src/uadk_prov_rsa.c @@ -223,7 +223,7 @@ struct rsa_st { /* Be careful using this if the RSA structure is shared */ CRYPTO_EX_DATA ex_data; - CRYPTO_REF_COUNT references; + int references; int flags; /* Used to cache montgomery values */ BN_MONT_CTX *_method_mod_n; -- 2.33.0
From: Weili Qian <qianweili@huawei.com> When uadk_signature_sm2_freectx is called, all allocated memory is freed to prevent memory leak. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_sm2.c | 288 +++++++++++++++++++++++--------------------- 1 file changed, 148 insertions(+), 140 deletions(-) diff --git a/src/uadk_prov_sm2.c b/src/uadk_prov_sm2.c index 9fcefc6..465e233 100644 --- a/src/uadk_prov_sm2.c +++ b/src/uadk_prov_sm2.c @@ -132,6 +132,11 @@ typedef struct { unsigned char *aid; size_t aid_len; + /* main digest */ + EVP_MD *md; + EVP_MD_CTX *mdctx; + size_t mdsize; + /* * SM2 ID used for calculating the Z value, * distinguishing Identifier, ISO/IEC 15946-3 @@ -749,6 +754,7 @@ static void *uadk_signature_sm2_newctx(void *provctx, const char *propq) * can be set with set_ctx_params API. */ smctx->sm2_md->mdsize = SM3_DIGEST_LENGTH; + psm2ctx->mdsize = SM3_DIGEST_LENGTH; smctx->sm2_md->md_nid = NID_sm3; strcpy(psm2ctx->mdname, OSSL_DIGEST_NAME_SM3); smctx->sm2_md->mdctx = EVP_MD_CTX_new(); @@ -791,18 +797,24 @@ static void uadk_signature_sm2_freectx(void *vpsm2ctx) return; smctx = psm2ctx->sm2_pctx; - if (smctx == NULL) - goto free_psm2ctx; + if (smctx) { + if (smctx->sess) + wd_ecc_free_sess(smctx->sess); - /* - * Pkey and md related data in smctx->sm2_md and smctx->sm2_pd will - * release by some openssl tools, such as dgst, after call freectx. - * Free pkey and md related data in our provider will cause double-free - * with openssl dgst tool, maybe it is an openssl bug, fix it later. - */ - OPENSSL_free(smctx); + if (smctx->sm2_md) { + EVP_MD_free(smctx->sm2_md->md); + EVP_MD_CTX_free(smctx->sm2_md->mdctx); + OPENSSL_free(smctx->sm2_md); + } + + if (smctx->sm2_pd) { + BN_free(smctx->sm2_pd->order); + OPENSSL_free(smctx->sm2_pd); + } + + OPENSSL_free(smctx); + } -free_psm2ctx: if (psm2ctx->propq) OPENSSL_free(psm2ctx->propq); if (psm2ctx->key) @@ -811,7 +823,6 @@ free_psm2ctx: OPENSSL_free(psm2ctx->id); OPENSSL_free(psm2ctx); - return; } static int uadk_prov_sm2_check_md_params(SM2_PROV_CTX *smctx) @@ -966,6 +977,9 @@ static int uadk_prov_sm2_update_sess(SM2_PROV_CTX *smctx) smctx->sm2_pd->prikey = NULL; smctx->sm2_pd->pubkey = NULL; + + if (smctx->sm2_pd->order) + BN_free(smctx->sm2_pd->order); smctx->sm2_pd->order = order; return UADK_P_SUCCESS; @@ -1286,34 +1300,28 @@ static int uadk_prov_sm2_sign(PROV_SM2_SIGN_CTX *psm2ctx, ret = uadk_prov_sm2_update_private_key(smctx, psm2ctx->key); if (ret == UADK_P_FAIL) - return ret; + goto uninit_iot; ret = uadk_prov_ecc_crypto(smctx->sess, &req, smctx); if (ret == UADK_P_FAIL) { fprintf(stderr, "failed to uadk_ecc_crypto, ret = %d\n", ret); - return ret; + goto uninit_iot; } wd_sm2_get_sign_out_params(req.dst, &r, &s); if (r == NULL || s == NULL) { fprintf(stderr, "failed to get sign result\n"); - return UADK_P_FAIL; + ret = UADK_P_FAIL; + goto uninit_iot; } ret = uadk_prov_sm2_sign_bin_to_ber(r, s, sig, siglen); - if (ret == UADK_P_FAIL) - goto uninit_iot; - - wd_ecc_del_in(smctx->sess, req.src); - wd_ecc_del_out(smctx->sess, req.dst); - - return UADK_P_SUCCESS; uninit_iot: wd_ecc_del_in(smctx->sess, req.src); wd_ecc_del_out(smctx->sess, req.dst); - return UADK_P_FAIL; + return ret; } static int uadk_signature_sm2_sign_sw(void *vpsm2ctx, unsigned char *sig, size_t *siglen, @@ -1363,7 +1371,7 @@ static int uadk_signature_sm2_sign(void *vpsm2ctx, unsigned char *sig, size_t *s if (sigsize < (size_t)ecsize) { fprintf(stderr, "sigsize(%zu) < ecsize(%d)\n", sigsize, ecsize); - goto do_soft; + return UADK_P_FAIL; } ret = uadk_prov_sm2_check_tbs_params(psm2ctx, tbs, tbslen); @@ -1980,136 +1988,123 @@ static int uadk_signature_sm2_digest_verify_final(void *vpsm2ctx, const unsigned return uadk_signature_sm2_verify(vpsm2ctx, sig, siglen, digest, (size_t)dlen); } -static int check_signature_src_ctx(PROV_SM2_SIGN_CTX *srcctx) +static SM2_PROV_CTX *sm2_copy_src_smctx(SM2_PROV_CTX *src_smctx) { - SM2_PROV_CTX *src_smctx; - - if (srcctx == NULL) { - fprintf(stderr, "invalid: src ctx is NULL\n"); - return UADK_P_FAIL; - } + SM2_PROV_CTX *dst_smctx; + int ret; - if (srcctx->key != NULL && !EC_KEY_up_ref(srcctx->key)) { - fprintf(stderr, "failed to check srcctx key reference\n"); - return UADK_P_FAIL; + if (src_smctx == NULL || src_smctx->sm2_md == NULL || src_smctx->sm2_pd == NULL) { + fprintf(stderr, "invalid: src_smctx is NULL to dupctx\n"); + return NULL; } - src_smctx = srcctx->sm2_pctx; - if (src_smctx == NULL) { - fprintf(stderr, "invalid: src_smctx is NULL\n"); - return UADK_P_FAIL; + dst_smctx = OPENSSL_zalloc(sizeof(SM2_PROV_CTX)); + if (dst_smctx == NULL) { + fprintf(stderr, "failed to alloc dst_smctx\n"); + return NULL; } + dst_smctx->init_status = src_smctx->init_status; - if (src_smctx->sm2_md == NULL) { - fprintf(stderr, "invalid: sm2_md is NULL\n"); - return UADK_P_FAIL; + dst_smctx->sm2_md = OPENSSL_zalloc(sizeof(SM2_MD_DATA)); + if (dst_smctx->sm2_md == NULL) { + fprintf(stderr, "failed to alloc dst_smctx->sm2_md\n"); + goto free_dst_smctx; } if (src_smctx->sm2_md->md != NULL && !EVP_MD_up_ref(src_smctx->sm2_md->md)) { fprintf(stderr, "failed to check srcctx md reference\n"); - return UADK_P_FAIL; + goto free_sm2_md; } + dst_smctx->sm2_md->md = src_smctx->sm2_md->md; + dst_smctx->sm2_md->mdsize = src_smctx->sm2_md->mdsize; + dst_smctx->sm2_md->md_nid = src_smctx->sm2_md->md_nid; - return UADK_P_SUCCESS; -} - -static int create_dst_ctx_data(SM2_PROV_CTX *dst_smctx) -{ - dst_smctx->sm2_md = OPENSSL_zalloc(sizeof(SM2_MD_DATA)); - if (dst_smctx->sm2_md == NULL) { - fprintf(stderr, "failed to alloc dst_smctx->sm2_md\n"); - return UADK_P_FAIL; + if (src_smctx->sm2_md->mdctx != NULL) { + dst_smctx->sm2_md->mdctx = EVP_MD_CTX_new(); + if (dst_smctx->sm2_md->mdctx == NULL || + EVP_MD_CTX_copy_ex(dst_smctx->sm2_md->mdctx, src_smctx->sm2_md->mdctx) == 0) { + fprintf(stderr, "failed to new dst mdctx or copy src mdctx\n"); + goto free_mdctx; + } } dst_smctx->sm2_pd = OPENSSL_zalloc(sizeof(SM2_PKEY_DATA)); if (dst_smctx->sm2_pd == NULL) { - fprintf(stderr, "failed to alloc dst_smctx->sm2_pd\n"); - OPENSSL_free(dst_smctx->sm2_md); - return UADK_P_FAIL; + fprintf(stderr, "failed to alloc sm2_pd\n"); + goto free_mdctx; } - return UADK_P_SUCCESS; -} - -static void release_dst_ctx_data(SM2_PROV_CTX *dst_smctx) -{ - if (dst_smctx->sm2_md) - OPENSSL_free(dst_smctx->sm2_md); + if (src_smctx->sess) { + ret = uadk_prov_sm2_update_sess(dst_smctx); + if (!ret) + goto free_sm2_pd; + } - if (dst_smctx->sm2_pd) - OPENSSL_free(dst_smctx->sm2_pd); -} + return dst_smctx; -static void copy_ctx_data(SM2_PROV_CTX *dst_smctx, SM2_PROV_CTX *src_smctx) -{ - dst_smctx->sm2_md->md = src_smctx->sm2_md->md; - dst_smctx->sm2_md->mdsize = src_smctx->sm2_md->mdsize; - dst_smctx->sm2_md->md_nid = src_smctx->sm2_md->md_nid; - dst_smctx->sm2_pd = src_smctx->sm2_pd; - dst_smctx->sess = src_smctx->sess; - dst_smctx->init_status = src_smctx->init_status; +free_sm2_pd: + OPENSSL_free(dst_smctx->sm2_pd); +free_mdctx: + if (dst_smctx->sm2_md->mdctx != NULL) + EVP_MD_CTX_free(dst_smctx->sm2_md->mdctx); + EVP_MD_free(dst_smctx->sm2_md->md); +free_sm2_md: + OPENSSL_free(dst_smctx->sm2_md); +free_dst_smctx: + OPENSSL_free(dst_smctx); + return NULL; } static void *uadk_signature_sm2_dupctx(void *vpsm2ctx) { PROV_SM2_SIGN_CTX *srcctx = (PROV_SM2_SIGN_CTX *)vpsm2ctx; - SM2_PROV_CTX *dst_smctx, *src_smctx; PROV_SM2_SIGN_CTX *dstctx; - if (check_signature_src_ctx(srcctx) == UADK_P_FAIL) + if (srcctx == NULL) { + fprintf(stderr, "invalid: src ctx is NULL to dupctx!\n"); return NULL; - src_smctx = srcctx->sm2_pctx; + } dstctx = OPENSSL_zalloc(sizeof(PROV_SM2_SIGN_CTX)); if (dstctx == NULL) { fprintf(stderr, "failed to alloc dst ctx\n"); return NULL; } + *dstctx = *srcctx; + dstctx->key = NULL; + dstctx->id = NULL; + dstctx->sm2_pctx = NULL; + dstctx->propq = NULL; - memcpy(dstctx, srcctx, sizeof(PROV_SM2_SIGN_CTX)); - dstctx->key = srcctx->key; - - dst_smctx = OPENSSL_zalloc(sizeof(SM2_PROV_CTX)); - if (dst_smctx == NULL) { - fprintf(stderr, "failed to alloc dst_smctx\n"); - goto free_dstctx; + if (srcctx->key != NULL && !EC_KEY_up_ref(srcctx->key)) { + fprintf(stderr, "failed to check srcctx key reference\n"); + goto free_ctx; } - dstctx->sm2_pctx = dst_smctx; - - if (create_dst_ctx_data(dst_smctx) == UADK_P_FAIL) - goto free_dst_smctx; + dstctx->key = srcctx->key; - if (src_smctx->sm2_md->mdctx != NULL) { - dst_smctx->sm2_md->mdctx = EVP_MD_CTX_new(); - if (dst_smctx->sm2_md->mdctx == NULL || - EVP_MD_CTX_copy_ex(dst_smctx->sm2_md->mdctx, src_smctx->sm2_md->mdctx) == 0) { - fprintf(stderr, "failed to new dst mdctx or copy src mdctx\n"); - goto free_dst_ctx_data; - } + if (srcctx->propq) { + dstctx->propq = OPENSSL_strdup(srcctx->propq); + if (dstctx->propq == NULL) + goto free_ctx; } - copy_ctx_data(dst_smctx, src_smctx); + dstctx->sm2_pctx = sm2_copy_src_smctx(srcctx->sm2_pctx); + if (dstctx->sm2_pctx == NULL) + goto free_ctx; if (srcctx->id != NULL) { dstctx->id = OPENSSL_malloc(srcctx->id_len); if (dstctx->id == NULL) { fprintf(stderr, "failed to alloc id\n"); - goto free_dst_mdctx; + goto free_ctx; } - dstctx->id_len = srcctx->id_len; memcpy(dstctx->id, srcctx->id, srcctx->id_len); } return dstctx; -free_dst_mdctx: - EVP_MD_CTX_free(dst_smctx->sm2_md->mdctx); -free_dst_ctx_data: - release_dst_ctx_data(dst_smctx); -free_dst_smctx: - OPENSSL_free(dst_smctx); -free_dstctx: - OPENSSL_free(dstctx); +free_ctx: + uadk_signature_sm2_freectx(dstctx); return NULL; } @@ -2428,6 +2423,15 @@ free_psm2ctx: return NULL; } +static void ossl_prov_digest_reset(struct PROV_DIGEST *pd) +{ + EVP_MD_free(pd->alloc_md); + +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + ENGINE_finish(pd->engine); +#endif +} + static void uadk_asym_cipher_sm2_freectx(void *vpsm2ctx) { PROV_SM2_ASYM_CTX *psm2ctx = (PROV_SM2_ASYM_CTX *)vpsm2ctx; @@ -2438,16 +2442,23 @@ static void uadk_asym_cipher_sm2_freectx(void *vpsm2ctx) smctx = psm2ctx->sm2_pctx; if (smctx) { - if (smctx->sm2_md) + if (smctx->sm2_md) { + EVP_MD_free(smctx->sm2_md->md); OPENSSL_free(smctx->sm2_md); - if (smctx->sm2_pd) + } + if (smctx->sm2_pd) { + BN_free(smctx->sm2_pd->order); OPENSSL_free(smctx->sm2_pd); + } + if (smctx->sess) + wd_ecc_free_sess(smctx->sess); OPENSSL_free(smctx); } if (psm2ctx->key) EC_KEY_free(psm2ctx->key); + ossl_prov_digest_reset(&psm2ctx->md); OPENSSL_free(psm2ctx); } @@ -3070,65 +3081,62 @@ static int uadk_asym_cipher_sm2_decrypt(void *vpsm2ctx, unsigned char *out, size return uadk_prov_sm2_decrypt(psm2ctx, out, outlen, in, inlen); } +static int ossl_prov_digest_copy(struct PROV_DIGEST *dst, const struct PROV_DIGEST *src) +{ + if (src->alloc_md != NULL && !EVP_MD_up_ref(src->alloc_md)) + return UADK_P_FAIL; + +#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) + if (src->engine != NULL && !ENGINE_init(src->engine)) { + EVP_MD_free(src->alloc_md); + return UADK_P_FAIL; + } +#endif + dst->engine = src->engine; + dst->md = src->md; + dst->alloc_md = src->alloc_md; + + return UADK_P_SUCCESS; +} + static void *uadk_asym_cipher_sm2_dupctx(void *vpsm2ctx) { PROV_SM2_ASYM_CTX *srcctx = (PROV_SM2_ASYM_CTX *)vpsm2ctx; - SM2_PROV_CTX *dst_smctx, *src_smctx; PROV_SM2_ASYM_CTX *dstctx; + int ret; if (srcctx == NULL) { fprintf(stderr, "src ctx is NULL\n"); return NULL; } - src_smctx = srcctx->sm2_pctx; - if (src_smctx == NULL) { - fprintf(stderr, "src_smctx is NULL\n"); - return NULL; - } - - if (src_smctx->sm2_md == NULL) { - fprintf(stderr, "src_smctx is NULL\n"); - return NULL; - } - dstctx = OPENSSL_zalloc(sizeof(PROV_SM2_ASYM_CTX)); if (dstctx == NULL) { fprintf(stderr, "failed to alloc dst ctx\n"); return NULL; } *dstctx = *srcctx; + dstctx->key = NULL; + dstctx->sm2_pctx = NULL; + memset(&dstctx->md, 0, sizeof(dstctx->md)); - dst_smctx = OPENSSL_zalloc(sizeof(SM2_PROV_CTX)); - if (dst_smctx == NULL) { - fprintf(stderr, "failed to alloc dst_smctx\n"); - goto free; - } - - dst_smctx->sm2_md = OPENSSL_zalloc(sizeof(SM2_MD_DATA)); - if (dst_smctx->sm2_md == NULL) { - fprintf(stderr, "failed to alloc dst_smd\n"); - goto free; - } + ret = ossl_prov_digest_copy(&srcctx->md, &dstctx->md); + if (!ret) + goto free_ctx; - if (dstctx->key != NULL && !EC_KEY_up_ref(dstctx->key)) { + if (srcctx->key != NULL && !EC_KEY_up_ref(srcctx->key)) { fprintf(stderr, "failed to check dstctx key reference\n"); - goto free; - } - - if (dst_smctx->sm2_md->alloc_md && !EVP_MD_up_ref(dst_smctx->sm2_md->alloc_md)) { - fprintf(stderr, "failed to check alloc_md reference\n"); - goto free; + goto free_ctx; } + dstctx->key = srcctx->key; - dst_smctx->sm2_md->md = src_smctx->sm2_md->md; - dst_smctx->sm2_md->alloc_md = src_smctx->sm2_md->alloc_md; - - dstctx->sm2_pctx = dst_smctx; + dstctx->sm2_pctx = sm2_copy_src_smctx(srcctx->sm2_pctx); + if (dstctx->sm2_pctx == NULL) + goto free_ctx; return dstctx; -free: +free_ctx: uadk_asym_cipher_sm2_freectx(dstctx); return NULL; } -- 2.33.0
From: lizhi <lizhi206@huawei.com> 1. Atomic variables may cause race conditions in multi-thread, replace them with thread locks. 2. Add null check conditions for the obtained soft computing functions. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_sm2.c | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/src/uadk_prov_sm2.c b/src/uadk_prov_sm2.c index 465e233..b748414 100644 --- a/src/uadk_prov_sm2.c +++ b/src/uadk_prov_sm2.c @@ -32,6 +32,9 @@ #define SM2_GET_SIGNLEN 1 #define SM3_DIGEST_LENGTH 32 +static pthread_mutex_t sign_mutex = PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t asym_mutex = PTHREAD_MUTEX_INITIALIZER; + UADK_PKEY_KEYMGMT_DESCR(sm2, SM2); UADK_PKEY_SIGNATURE_DESCR(sm2, SM2); UADK_PKEY_ASYM_CIPHER_DESCR(sm2, SM2); @@ -703,19 +706,19 @@ static UADK_PKEY_SIGNATURE get_default_sm2_signature(void) static UADK_PKEY_SIGNATURE s_signature; static int initilazed; - if (__atomic_compare_exchange_n(&initilazed, &(int){0}, 1, false, __ATOMIC_SEQ_CST, - __ATOMIC_SEQ_CST)) { + pthread_mutex_lock(&sign_mutex); + if (!initilazed) { UADK_PKEY_SIGNATURE *signature = (UADK_PKEY_SIGNATURE *)EVP_SIGNATURE_fetch(NULL, "SM2", "provider=default"); - if (signature) { s_signature = *signature; EVP_SIGNATURE_free((EVP_SIGNATURE *)signature); + initilazed = 1; } else { - __atomic_store_n(&initilazed, 0, __ATOMIC_SEQ_CST); fprintf(stderr, "failed to EVP_SIGNATURE_fetch default SM2 provider\n"); } } + pthread_mutex_unlock(&sign_mutex); return s_signature; } @@ -988,7 +991,7 @@ static int uadk_prov_sm2_update_sess(SM2_PROV_CTX *smctx) static int uadk_signature_sm2_sign_init_sw(void *vpsm2ctx, void *ec, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().sign_init) { fprintf(stderr, "switch to software sm2 sign_init.\n"); return get_default_sm2_signature().sign_init(vpsm2ctx, ec, params); } @@ -1327,7 +1330,7 @@ uninit_iot: static int uadk_signature_sm2_sign_sw(void *vpsm2ctx, unsigned char *sig, size_t *siglen, size_t sigsize, const unsigned char *tbs, size_t tbslen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().sign) { fprintf(stderr, "switch to soft sm2 sign\n"); return get_default_sm2_signature().sign(vpsm2ctx, sig, siglen, sigsize, tbs, tbslen); @@ -1509,7 +1512,7 @@ uninit_iot: static int uadk_signature_sm2_verify_sw(void *vpsm2ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().verify) { fprintf(stderr, "switch to soft sm2 verify\n"); return get_default_sm2_signature().verify(vpsm2ctx, sig, siglen, tbs, tbslen); } @@ -2170,7 +2173,7 @@ static int uadk_prov_sm2_locate_id_digest(PROV_SM2_SIGN_CTX *psm2ctx, const OSS static int uadk_signature_sm2_set_ctx_params_sw(void *vpsm2ctx, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().set_ctx_params) { fprintf(stderr, "switch to software sm2 set_ctx_params\n"); return get_default_sm2_signature().set_ctx_params(vpsm2ctx, params); } @@ -2360,8 +2363,8 @@ static UADK_PKEY_ASYM_CIPHER get_default_sm2_asym_cipher(void) static UADK_PKEY_ASYM_CIPHER s_asym_cipher; static int initilazed; - if (__atomic_compare_exchange_n(&initilazed, &(int){0}, 1, false, __ATOMIC_SEQ_CST, - __ATOMIC_SEQ_CST)) { + pthread_mutex_lock(&asym_mutex); + if (!initilazed) { UADK_PKEY_ASYM_CIPHER *asym_cipher = (UADK_PKEY_ASYM_CIPHER *)EVP_ASYM_CIPHER_fetch(NULL, "SM2", "provider=default"); @@ -2369,11 +2372,13 @@ static UADK_PKEY_ASYM_CIPHER get_default_sm2_asym_cipher(void) if (asym_cipher) { s_asym_cipher = *asym_cipher; EVP_ASYM_CIPHER_free((EVP_ASYM_CIPHER *)asym_cipher); + initilazed = 1; } else { - __atomic_store_n(&initilazed, 0, __ATOMIC_SEQ_CST); fprintf(stderr, "failed to EVP_ASYM_CIPHER_fetch default SM2 provider\n"); } } + pthread_mutex_unlock(&asym_mutex); + return s_asym_cipher; } @@ -2477,7 +2482,7 @@ static void uadk_prov_sm2_set_default_md(PROV_SM2_ASYM_CTX *psm2ctx) static int uadk_asym_cipher_sm2_encrypt_init_sw(void *vpsm2ctx, void *vkey, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().encrypt_init) { fprintf(stderr, "switch to software sm2 encrypt init\n"); return get_default_sm2_asym_cipher().encrypt_init(vpsm2ctx, vkey, params); } @@ -2684,7 +2689,7 @@ static int uadk_prov_sm2_encrypt_sw(PROV_SM2_ASYM_CTX *vpsm2ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().encrypt) { fprintf(stderr, "switch to software sm2 encrypt\n"); return get_default_sm2_asym_cipher().encrypt(vpsm2ctx, out, outlen, 0, in, inlen); } @@ -2967,7 +2972,7 @@ static int uadk_prov_sm2_decrypt_sw(PROV_SM2_ASYM_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().decrypt) { fprintf(stderr, "switch to software sm2 decrypt\n"); return get_default_sm2_asym_cipher().decrypt(ctx, out, outlen, 0, in, inlen); } @@ -3189,7 +3194,7 @@ static int uadk_asym_cipher_sm2_get_ctx_params(void *vpsm2ctx, OSSL_PARAM *param static EVP_MD *uadk_prov_load_digest_from_params(SM2_MD_DATA *smd, const OSSL_PARAM params[], OSSL_LIB_CTX *ctx) { - const char *propquery; + const char *propquery = NULL; const OSSL_PARAM *p; /* Load common param properties, p can be NULL */ @@ -3227,7 +3232,7 @@ static EVP_MD *uadk_prov_load_digest_from_params(SM2_MD_DATA *smd, const OSSL_PA static int uadk_asym_cipher_sm2_set_ctx_params_sw(void *vpsm2ctx, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().set_ctx_params) { fprintf(stderr, "switch to software sm2 set ctx params\n"); return get_default_sm2_asym_cipher().set_ctx_params(vpsm2ctx, params); } -- 2.33.0
From: lizhi <lizhi206@huawei.com> Fixed a bug where, under scenarios with insufficient contexts, the signature verification, encryption, and decryption processes failed to switch openssl soft computation. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_sm2.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/uadk_prov_sm2.c b/src/uadk_prov_sm2.c index b748414..6ae70c6 100644 --- a/src/uadk_prov_sm2.c +++ b/src/uadk_prov_sm2.c @@ -1534,7 +1534,7 @@ static int uadk_signature_sm2_verify(void *vpsm2ctx, const unsigned char *sig, s ret = uadk_prov_sm2_check_tbs_params(psm2ctx, tbs, tbslen); if (ret == UADK_P_FAIL) { fprintf(stderr, "failed to check sm2 verify params\n"); - return ret; + goto do_soft; } ret = uadk_prov_sm2_verify(psm2ctx, sig, siglen, tbs, tbslen); @@ -2827,7 +2827,7 @@ static int uadk_asym_cipher_sm2_encrypt(void *vpsm2ctx, unsigned char *out, size ret = uadk_prov_sm2_encrypt_check(psm2ctx, out, outlen, in, inlen); if (ret == UADK_P_FAIL) - return ret; + return uadk_prov_sm2_encrypt_sw(vpsm2ctx, out, outlen, in, inlen); /* If out is NULL, compute outlen size and return */ if (out == NULL) { @@ -3074,7 +3074,7 @@ static int uadk_asym_cipher_sm2_decrypt(void *vpsm2ctx, unsigned char *out, size smctx = psm2ctx->sm2_pctx; ret = uadk_prov_sm2_decrypt_check(smctx, out, outlen, in, inlen); if (ret == UADK_P_FAIL) - return ret; + return uadk_prov_sm2_decrypt_sw(vpsm2ctx, out, outlen, in, inlen); if (out == NULL) { if (!uadk_prov_sm2_plaintext_size(in, inlen, outlen)) -- 2.33.0
Set enable_sw_offload to 1 to enable the soft switch by default. Signed-off-by: Qi Tao <taoqi10@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/uadk_prov_init.c b/src/uadk_prov_init.c index 1ce1235..af289a8 100644 --- a/src/uadk_prov_init.c +++ b/src/uadk_prov_init.c @@ -45,7 +45,7 @@ struct uadk_provider_params { } uadk_params; /* offload small packets to sw */ -int enable_sw_offload; +int enable_sw_offload = 1; const OSSL_ALGORITHM uadk_prov_digests[] = { { PROV_NAMES_MD5, UADK_DEFAULT_PROPERTIES, -- 2.33.0
From: Chenghai Huang <huangchenghai2@huawei.com> 1.Use the local variable to set sched_params to avoid warning: warning: storing the address of local variable 'params' in '*priv.setup.sched_param' [-Wdangling-pointer=] 2.Add static before internal functions. 3.Remove unused variables and tags. Signed-off-by: Chenghai Huang <huangchenghai2@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_cipher.c | 7 +++++-- src/uadk_prov_digest.c | 3 +-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/uadk_prov_cipher.c b/src/uadk_prov_cipher.c index 6d3e2c1..ab9b239 100644 --- a/src/uadk_prov_cipher.c +++ b/src/uadk_prov_cipher.c @@ -579,6 +579,7 @@ init_err: static int uadk_prov_cipher_ctx_init(struct cipher_priv_ctx *priv) { + struct wd_cipher_sess_setup setup = {0}; struct sched_params params = {0}; int ret; @@ -601,10 +602,12 @@ static int uadk_prov_cipher_ctx_init(struct cipher_priv_ctx *priv) params.type = 0; /* Use the default numa parameters */ params.numa_id = -1; - priv->setup.sched_param = ¶ms; + setup.sched_param = ¶ms; + setup.alg = priv->setup.alg; + setup.mode = priv->setup.mode; if (!priv->sess) { - priv->sess = wd_cipher_alloc_sess(&priv->setup); + priv->sess = wd_cipher_alloc_sess(&setup); if (!priv->sess) { fprintf(stderr, "uadk failed to alloc session!\n"); return UADK_P_FAIL; diff --git a/src/uadk_prov_digest.c b/src/uadk_prov_digest.c index 98e25e1..808a758 100644 --- a/src/uadk_prov_digest.c +++ b/src/uadk_prov_digest.c @@ -814,7 +814,6 @@ static void uadk_prov_freectx(void *dctx) static void *uadk_prov_dupctx(void *dctx) { struct digest_priv_ctx *dst_ctx, *src_ctx; - int ret; src_ctx = (struct digest_priv_ctx *)dctx; if (!dctx) @@ -957,7 +956,7 @@ static int uadk_prov_digest(void *dctx, const unsigned char *in, size_t inl, return ret; } - if (unlikely(outl != NULL)) + if (outl) *outl = priv->md_size; return UADK_DIGEST_SUCCESS; -- 2.33.0
participants (1)
-
Qi Tao