1 From 1de2b740a3bdcd8e98abb5f4e176d46fd817b932 Mon Sep 17 00:00:00 2001
2 From: Tudor Ambarus <tudor.ambarus@freescale.com>
3 Date: Tue, 31 Mar 2015 16:30:17 +0300
4 Subject: [PATCH 19/26] eng_cryptodev: add support for TLSv1.1 record offload
6 Supported cipher suites:
11 Requires TLS patches on cryptodev and TLS algorithm support in Linux
14 Signed-off-by: Tudor Ambarus <tudor.ambarus@freescale.com>
15 Change-Id: Id414f36a528de3f476b72688cf85714787d7ccae
16 Reviewed-on: http://git.am.freescale.net:8181/34002
17 Reviewed-by: Cristian Stoica <cristian.stoica@freescale.com>
18 Tested-by: Cristian Stoica <cristian.stoica@freescale.com>
20 crypto/engine/eng_cryptodev.c | 101 ++++++++++++++++++++++++++++++++++++++----
21 crypto/objects/obj_dat.h | 18 ++++++--
22 crypto/objects/obj_mac.h | 12 +++++
23 crypto/objects/obj_mac.num | 3 ++
24 crypto/objects/objects.txt | 3 ++
25 ssl/ssl_ciph.c | 26 +++++++++--
26 6 files changed, 148 insertions(+), 15 deletions(-)
28 diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
29 index 299e84b..f71ab27 100644
30 --- a/crypto/engine/eng_cryptodev.c
31 +++ b/crypto/engine/eng_cryptodev.c
32 @@ -66,6 +66,7 @@ ENGINE_load_cryptodev(void)
33 #include <sys/ioctl.h>
40 @@ -133,9 +134,12 @@ static int cryptodev_dh_compute_key(unsigned char *key,
41 static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
43 void ENGINE_load_cryptodev(void);
44 +const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1;
45 const EVP_CIPHER cryptodev_aes_128_cbc_hmac_sha1;
46 const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1;
47 -const EVP_CIPHER cryptodev_3des_cbc_hmac_sha1;
48 +const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1;
49 +const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1;
50 +const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1;
52 inline int spcf_bn2bin(BIGNUM *bn, unsigned char **bin, int *bin_len)
54 @@ -256,6 +260,9 @@ static struct {
55 { CRYPTO_TLS10_3DES_CBC_HMAC_SHA1, NID_des_ede3_cbc_hmac_sha1, 8, 24, 20},
56 { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_128_cbc_hmac_sha1, 16, 16, 20},
57 { CRYPTO_TLS10_AES_CBC_HMAC_SHA1, NID_aes_256_cbc_hmac_sha1, 16, 32, 20},
58 + { CRYPTO_TLS11_3DES_CBC_HMAC_SHA1, NID_tls11_des_ede3_cbc_hmac_sha1, 8, 24, 20},
59 + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_128_cbc_hmac_sha1, 16, 16, 20},
60 + { CRYPTO_TLS11_AES_CBC_HMAC_SHA1, NID_tls11_aes_256_cbc_hmac_sha1, 16, 32, 20},
61 { CRYPTO_AES_GCM, NID_aes_128_gcm, 16, 16, 0},
62 { 0, NID_undef, 0, 0, 0},
64 @@ -462,14 +469,23 @@ cryptodev_usable_ciphers(const int **nids)
65 /* add ciphers specific to cryptodev if found in kernel */
66 for(i = 0; i < count; i++) {
67 switch (*(*nids + i)) {
68 + case NID_des_ede3_cbc_hmac_sha1:
69 + EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1);
71 case NID_aes_128_cbc_hmac_sha1:
72 EVP_add_cipher(&cryptodev_aes_128_cbc_hmac_sha1);
74 case NID_aes_256_cbc_hmac_sha1:
75 EVP_add_cipher(&cryptodev_aes_256_cbc_hmac_sha1);
77 - case NID_des_ede3_cbc_hmac_sha1:
78 - EVP_add_cipher(&cryptodev_3des_cbc_hmac_sha1);
79 + case NID_tls11_des_ede3_cbc_hmac_sha1:
80 + EVP_add_cipher(&cryptodev_tls11_3des_cbc_hmac_sha1);
82 + case NID_tls11_aes_128_cbc_hmac_sha1:
83 + EVP_add_cipher(&cryptodev_tls11_aes_128_cbc_hmac_sha1);
85 + case NID_tls11_aes_256_cbc_hmac_sha1:
86 + EVP_add_cipher(&cryptodev_tls11_aes_256_cbc_hmac_sha1);
90 @@ -574,9 +590,12 @@ static int cryptodev_aead_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
92 /* TODO: make a seamless integration with cryptodev flags */
93 switch (ctx->cipher->nid) {
94 + case NID_des_ede3_cbc_hmac_sha1:
95 case NID_aes_128_cbc_hmac_sha1:
96 case NID_aes_256_cbc_hmac_sha1:
97 - case NID_des_ede3_cbc_hmac_sha1:
98 + case NID_tls11_des_ede3_cbc_hmac_sha1:
99 + case NID_tls11_aes_128_cbc_hmac_sha1:
100 + case NID_tls11_aes_256_cbc_hmac_sha1:
101 cryp.flags = COP_FLAG_AEAD_TLS_TYPE;
103 cryp.ses = sess->ses;
104 @@ -758,8 +777,9 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
105 struct dev_crypto_state *state = ctx->cipher_data;
106 unsigned char *p = ptr;
107 unsigned int cryptlen = p[arg - 2] << 8 | p[arg - 1];
108 - unsigned int maclen, padlen;
109 + unsigned int maclen, padlen, len;
110 unsigned int bs = ctx->cipher->block_size;
111 + bool aad_needs_fix = false;
114 state->aad_len = arg;
115 @@ -767,10 +787,24 @@ static int cryptodev_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
117 /* TODO: this should be an extension of EVP_CIPHER struct */
118 switch (ctx->cipher->nid) {
119 + case NID_des_ede3_cbc_hmac_sha1:
120 case NID_aes_128_cbc_hmac_sha1:
121 case NID_aes_256_cbc_hmac_sha1:
122 - case NID_des_ede3_cbc_hmac_sha1:
123 maclen = SHA_DIGEST_LENGTH;
125 + case NID_tls11_des_ede3_cbc_hmac_sha1:
126 + case NID_tls11_aes_128_cbc_hmac_sha1:
127 + case NID_tls11_aes_256_cbc_hmac_sha1:
128 + maclen = SHA_DIGEST_LENGTH;
129 + aad_needs_fix = true;
133 + /* Correct length for AAD Length field */
134 + if (ctx->encrypt && aad_needs_fix) {
135 + len = cryptlen - bs;
136 + p[arg-2] = len >> 8;
137 + p[arg-1] = len & 0xff;
140 /* space required for encryption (not only TLS padding) */
141 @@ -1131,6 +1165,48 @@ const EVP_CIPHER cryptodev_aes_256_cbc_hmac_sha1 = {
145 +const EVP_CIPHER cryptodev_tls11_3des_cbc_hmac_sha1 = {
146 + NID_tls11_des_ede3_cbc_hmac_sha1,
148 + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER,
149 + cryptodev_init_aead_key,
150 + cryptodev_aead_cipher,
152 + sizeof(struct dev_crypto_state),
153 + EVP_CIPHER_set_asn1_iv,
154 + EVP_CIPHER_get_asn1_iv,
155 + cryptodev_cbc_hmac_sha1_ctrl,
159 +const EVP_CIPHER cryptodev_tls11_aes_128_cbc_hmac_sha1 = {
160 + NID_tls11_aes_128_cbc_hmac_sha1,
162 + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER,
163 + cryptodev_init_aead_key,
164 + cryptodev_aead_cipher,
166 + sizeof(struct dev_crypto_state),
167 + EVP_CIPHER_set_asn1_iv,
168 + EVP_CIPHER_get_asn1_iv,
169 + cryptodev_cbc_hmac_sha1_ctrl,
173 +const EVP_CIPHER cryptodev_tls11_aes_256_cbc_hmac_sha1 = {
174 + NID_tls11_aes_256_cbc_hmac_sha1,
176 + EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_AEAD_CIPHER,
177 + cryptodev_init_aead_key,
178 + cryptodev_aead_cipher,
180 + sizeof(struct dev_crypto_state),
181 + EVP_CIPHER_set_asn1_iv,
182 + EVP_CIPHER_get_asn1_iv,
183 + cryptodev_cbc_hmac_sha1_ctrl,
187 const EVP_CIPHER cryptodev_aes_128_gcm = {
190 @@ -1184,6 +1260,9 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
191 case NID_aes_256_cbc:
192 *cipher = &cryptodev_aes_256_cbc;
194 + case NID_aes_128_gcm:
195 + *cipher = &cryptodev_aes_128_gcm;
197 case NID_des_ede3_cbc_hmac_sha1:
198 *cipher = &cryptodev_3des_cbc_hmac_sha1;
200 @@ -1193,8 +1272,14 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
201 case NID_aes_256_cbc_hmac_sha1:
202 *cipher = &cryptodev_aes_256_cbc_hmac_sha1;
204 - case NID_aes_128_gcm:
205 - *cipher = &cryptodev_aes_128_gcm;
206 + case NID_tls11_des_ede3_cbc_hmac_sha1:
207 + *cipher = &cryptodev_tls11_3des_cbc_hmac_sha1;
209 + case NID_tls11_aes_128_cbc_hmac_sha1:
210 + *cipher = &cryptodev_tls11_aes_128_cbc_hmac_sha1;
212 + case NID_tls11_aes_256_cbc_hmac_sha1:
213 + *cipher = &cryptodev_tls11_aes_256_cbc_hmac_sha1;
217 diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
218 index 9f2267a..dc89b0a 100644
219 --- a/crypto/objects/obj_dat.h
220 +++ b/crypto/objects/obj_dat.h
222 * [including the GNU Public Licence.]
233 static const unsigned char lvalues[5974]={
234 @@ -2401,6 +2401,12 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
235 {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0},
236 {"DES-EDE3-CBC-HMAC-SHA1","des-ede3-cbc-hmac-sha1",
237 NID_des_ede3_cbc_hmac_sha1,0,NULL,0},
238 +{"TLS11-DES-EDE3-CBC-HMAC-SHA1","tls11-des-ede3-cbc-hmac-sha1",
239 + NID_tls11_des_ede3_cbc_hmac_sha1,0,NULL,0},
240 +{"TLS11-AES-128-CBC-HMAC-SHA1","tls11-aes-128-cbc-hmac-sha1",
241 + NID_tls11_aes_128_cbc_hmac_sha1,0,NULL,0},
242 +{"TLS11-AES-256-CBC-HMAC-SHA1","tls11-aes-256-cbc-hmac-sha1",
243 + NID_tls11_aes_256_cbc_hmac_sha1,0,NULL,0},
246 static const unsigned int sn_objs[NUM_SN]={
247 @@ -2586,6 +2592,9 @@ static const unsigned int sn_objs[NUM_SN]={
251 +922, /* "TLS11-AES-128-CBC-HMAC-SHA1" */
252 +923, /* "TLS11-AES-256-CBC-HMAC-SHA1" */
253 +921, /* "TLS11-DES-EDE3-CBC-HMAC-SHA1" */
257 @@ -4205,6 +4214,9 @@ static const unsigned int ln_objs[NUM_LN]={
258 459, /* "textEncodedORAddress" */
259 293, /* "textNotice" */
261 +922, /* "tls11-aes-128-cbc-hmac-sha1" */
262 +923, /* "tls11-aes-256-cbc-hmac-sha1" */
263 +921, /* "tls11-des-ede3-cbc-hmac-sha1" */
267 diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
268 index 8751902..f181890 100644
269 --- a/crypto/objects/obj_mac.h
270 +++ b/crypto/objects/obj_mac.h
271 @@ -4034,3 +4034,15 @@
272 #define LN_des_ede3_cbc_hmac_sha1 "des-ede3-cbc-hmac-sha1"
273 #define NID_des_ede3_cbc_hmac_sha1 920
275 +#define SN_tls11_des_ede3_cbc_hmac_sha1 "TLS11-DES-EDE3-CBC-HMAC-SHA1"
276 +#define LN_tls11_des_ede3_cbc_hmac_sha1 "tls11-des-ede3-cbc-hmac-sha1"
277 +#define NID_tls11_des_ede3_cbc_hmac_sha1 921
279 +#define SN_tls11_aes_128_cbc_hmac_sha1 "TLS11-AES-128-CBC-HMAC-SHA1"
280 +#define LN_tls11_aes_128_cbc_hmac_sha1 "tls11-aes-128-cbc-hmac-sha1"
281 +#define NID_tls11_aes_128_cbc_hmac_sha1 922
283 +#define SN_tls11_aes_256_cbc_hmac_sha1 "TLS11-AES-256-CBC-HMAC-SHA1"
284 +#define LN_tls11_aes_256_cbc_hmac_sha1 "tls11-aes-256-cbc-hmac-sha1"
285 +#define NID_tls11_aes_256_cbc_hmac_sha1 923
287 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
288 index 9d44bb5..a02b58c 100644
289 --- a/crypto/objects/obj_mac.num
290 +++ b/crypto/objects/obj_mac.num
291 @@ -918,3 +918,6 @@ aes_192_cbc_hmac_sha1 917
292 aes_256_cbc_hmac_sha1 918
294 des_ede3_cbc_hmac_sha1 920
295 +tls11_des_ede3_cbc_hmac_sha1 921
296 +tls11_aes_128_cbc_hmac_sha1 922
297 +tls11_aes_256_cbc_hmac_sha1 923
298 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
299 index 90d2fc5..1973658 100644
300 --- a/crypto/objects/objects.txt
301 +++ b/crypto/objects/objects.txt
302 @@ -1291,3 +1291,6 @@ kisa 1 6 : SEED-OFB : seed-ofb
303 : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1
304 : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1
305 : DES-EDE3-CBC-HMAC-SHA1 : des-ede3-cbc-hmac-sha1
306 + : TLS11-DES-EDE3-CBC-HMAC-SHA1 : tls11-des-ede3-cbc-hmac-sha1
307 + : TLS11-AES-128-CBC-HMAC-SHA1 : tls11-aes-128-cbc-hmac-sha1
308 + : TLS11-AES-256-CBC-HMAC-SHA1 : tls11-aes-256-cbc-hmac-sha1
309 diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
310 index 310fe76..0408986 100644
313 @@ -631,17 +631,35 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
314 c->algorithm_mac == SSL_MD5 &&
315 (evp=EVP_get_cipherbyname("RC4-HMAC-MD5")))
316 *enc = evp, *md = NULL;
317 - else if (c->algorithm_enc == SSL_AES128 &&
318 + else if (s->ssl_version == TLS1_VERSION &&
319 + c->algorithm_enc == SSL_3DES &&
320 + c->algorithm_mac == SSL_SHA1 &&
321 + (evp=EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1")))
322 + *enc = evp, *md = NULL;
323 + else if (s->ssl_version == TLS1_VERSION &&
324 + c->algorithm_enc == SSL_AES128 &&
325 c->algorithm_mac == SSL_SHA1 &&
326 (evp=EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
327 *enc = evp, *md = NULL;
328 - else if (c->algorithm_enc == SSL_AES256 &&
329 + else if (s->ssl_version == TLS1_VERSION &&
330 + c->algorithm_enc == SSL_AES256 &&
331 c->algorithm_mac == SSL_SHA1 &&
332 (evp=EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
333 *enc = evp, *md = NULL;
334 - else if (c->algorithm_enc == SSL_3DES &&
335 + else if (s->ssl_version == TLS1_1_VERSION &&
336 + c->algorithm_enc == SSL_3DES &&
337 + c->algorithm_mac == SSL_SHA1 &&
338 + (evp=EVP_get_cipherbyname("TLS11-DES-EDE3-CBC-HMAC-SHA1")))
339 + *enc = evp, *md = NULL;
340 + else if (s->ssl_version == TLS1_1_VERSION &&
341 + c->algorithm_enc == SSL_AES128 &&
342 + c->algorithm_mac == SSL_SHA1 &&
343 + (evp=EVP_get_cipherbyname("TLS11-AES-128-CBC-HMAC-SHA1")))
344 + *enc = evp, *md = NULL;
345 + else if (s->ssl_version == TLS1_1_VERSION &&
346 + c->algorithm_enc == SSL_AES256 &&
347 c->algorithm_mac == SSL_SHA1 &&
348 - (evp = EVP_get_cipherbyname("DES-EDE3-CBC-HMAC-SHA1")))
349 + (evp=EVP_get_cipherbyname("TLS11-AES-256-CBC-HMAC-SHA1")))
350 *enc = evp, *md = NULL;
