Page MenuHomeFreeBSD
Differential D14634 Diff 40111 security/openssl-chelsio/files/extra-patch-chssl

Changeset View

Standalone View

View Options

security/openssl-chelsio/files/extra-patch-chssl

  • This file was added.
PropertyOld ValueNew Value
fbsd:nokeywordsnullyes
\ No newline at end of property
svn:eol-stylenullnative
\ No newline at end of property
svn:mime-typenulltext/plain
\ No newline at end of property
diff --git a/crypto/openssl/crypto/evp/digest.c b/crypto/openssl/crypto/evp/digest.c
index 4db179629d04..272e8bdceb85 100644
--- a/crypto/openssl/crypto/evp/digest.c
+++ b/crypto/openssl/crypto/evp/digest.c
@@ -185,7 +185,11 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
} else
/* Ask if an ENGINE is reserved for this job */
impl = ENGINE_get_digest_engine(type->type);
- if (impl) {
+ if (impl
+#ifdef CHSSL_OFFLOAD
+ && !ctx->is_chssl
+#endif
+ ) {
/* There's an ENGINE for this job ... (apparently) */
const EVP_MD *d = ENGINE_get_digest(impl, type->type);
if (!d) {
@@ -364,6 +368,26 @@ int EVP_Digest(const void *data, size_t count,
return ret;
}
+#ifdef CHSSL_OFFLOAD
+int CHSSL_EVP_Digest(const void *data, size_t count,
+ unsigned char *md, unsigned int *size,
+ const EVP_MD *type, ENGINE *impl)
+{
+ EVP_MD_CTX ctx;
+ int ret;
+
+ EVP_MD_CTX_init(&ctx);
+ ctx.is_chssl = 1;
+ EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT);
+ ret=EVP_DigestInit_ex(&ctx, type, impl)
+ && EVP_DigestUpdate(&ctx, data, count)
+ && EVP_DigestFinal_ex(&ctx, md, size);
+ EVP_MD_CTX_cleanup(&ctx);
+
+ return ret;
+}
+#endif
+
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
{
if (ctx) {
diff --git a/crypto/openssl/crypto/evp/evp.h b/crypto/openssl/crypto/evp/evp.h
index cf1de15e6d03..690b10aa7ffa 100644
--- a/crypto/openssl/crypto/evp/evp.h
+++ b/crypto/openssl/crypto/evp/evp.h
@@ -270,6 +270,9 @@ struct env_md_ctx_st {
ENGINE *engine; /* functional reference if 'digest' is
* ENGINE-provided */
unsigned long flags;
+#ifdef CHSSL_OFFLOAD
+ unsigned short is_chssl;
+#endif
void *md_data;
/* Public key context for sign/verify */
EVP_PKEY_CTX *pctx;
@@ -597,6 +600,11 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
int EVP_Digest(const void *data, size_t count,
unsigned char *md, unsigned int *size, const EVP_MD *type,
ENGINE *impl);
+#ifdef CHSSL_OFFLOAD
+int CHSSL_EVP_Digest(const void *data, size_t count,
+ unsigned char *md, unsigned int *size, const EVP_MD *type,
+ ENGINE *impl);
+#endif
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
diff --git a/crypto/openssl/crypto/evp/m_sha1.c b/crypto/openssl/crypto/evp/m_sha1.c
index a74e6b77948e..5d445dd2a112 100644
--- a/crypto/openssl/crypto/evp/m_sha1.c
+++ b/crypto/openssl/crypto/evp/m_sha1.c
@@ -68,6 +68,21 @@
# include <openssl/rsa.h>
# endif
+#ifdef CHSSL_OFFLOAD
+#include <arpa/inet.h>
+
+#define uint64_t unsigned long long
+#define htonll(data) ( \
+ (((uint64_t)(data) >> 56) & 0x00000000000000FF) | \
+ (((uint64_t)(data) >> 40) & 0x000000000000FF00) | \
+ (((uint64_t)(data) >> 24) & 0x0000000000FF0000) | \
+ (((uint64_t)(data) >> 8 ) & 0x00000000FF000000) | \
+ (((uint64_t)(data) << 8) & 0x000000FF00000000) | \
+ (((uint64_t)(data) << 24) & 0x0000FF0000000000) | \
+ (((uint64_t)(data) << 40) & 0x00FF000000000000) | \
+ (((uint64_t)(data) << 56) & 0xFF00000000000000))
+#endif
+
static int init(EVP_MD_CTX *ctx)
{
return SHA1_Init(ctx->md_data);
@@ -80,6 +95,20 @@ static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
+#ifdef CHSSL_OFFLOAD
+ if (ctx->is_chssl) {
+ unsigned int *temp;
+ unsigned char *iopad;
+ int i;
+ temp = ctx->md_data;
+ for (i=0; i< 5; i++)
+ temp[i] = htonl(temp[i]);
+ iopad = (unsigned char *)temp;
+ memcpy(md, iopad, 20);
+ return 1;
+ }
+#endif
+
return SHA1_Final(md, ctx->md_data);
}
@@ -127,6 +156,20 @@ static int update256(EVP_MD_CTX *ctx, const void *data, size_t count)
static int final256(EVP_MD_CTX *ctx, unsigned char *md)
{
+#ifdef CHSSL_OFFLOAD
+ if (ctx->is_chssl) {
+ unsigned int *temp;
+ unsigned char *iopad;
+ int i;
+
+ temp = ctx->md_data;
+ for (i=0; i< 8; i++)
+ temp[i] = htonl(temp[i]);
+ iopad = (unsigned char *)temp;
+ memcpy(md, iopad, 32);
+ return 1;
+ }
+#endif
return SHA256_Final(md, ctx->md_data);
}
@@ -190,6 +233,21 @@ static int update512(EVP_MD_CTX *ctx, const void *data, size_t count)
static int final512(EVP_MD_CTX *ctx, unsigned char *md)
{
+#ifdef CHSSL_OFFLOAD
+ if (ctx->is_chssl) {
+ unsigned long long *temp;
+ unsigned char *iopad;
+ int i;
+
+ temp = ctx->md_data;
+ for (i = 0; i < 8; i++)
+ temp[i] = htonll(temp[i]);
+ iopad = (unsigned char *)temp;
+ memcpy(md, iopad, 64);
+ return 1;
+ }
+#endif
+
return SHA512_Final(md, ctx->md_data);
}
diff --git a/crypto/openssl/ssl/Makefile b/crypto/openssl/ssl/Makefile
index 7866a3ccd77b..a4ce38b0d6c2 100644
--- a/crypto/openssl/ssl/Makefile
+++ b/crypto/openssl/ssl/Makefile
@@ -31,7 +31,8 @@ LIBSRC= \
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
- bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
+ bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \
+ ssl_tom.c
LIBOBJ= \
s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_enc.o s2_pkt.o \
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
@@ -42,7 +43,8 @@ LIBOBJ= \
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \
- bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o
+ bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o \
+ ssl_tom.o
SRC= $(LIBSRC)
@@ -1122,3 +1124,4 @@ tls_srp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
tls_srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
tls_srp.o: ../include/openssl/tls1.h ../include/openssl/x509.h
tls_srp.o: ../include/openssl/x509_vfy.h ssl_locl.h tls_srp.c
+ssl_tom.o: ../include/openssl/x509_vfy.h ssl_tom.c
diff --git a/crypto/openssl/ssl/d1_clnt.c b/crypto/openssl/ssl/d1_clnt.c
index 76451a346d86..cd2b6759377e 100644
--- a/crypto/openssl/ssl/d1_clnt.c
+++ b/crypto/openssl/ssl/d1_clnt.c
@@ -127,6 +127,9 @@
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+#include "ssl_tom.h"
+#endif
static const SSL_METHOD *dtls1_get_client_method(int ver);
static int dtls1_get_hello_verify(SSL *s);
@@ -615,6 +618,10 @@ int dtls1_connect(SSL *s)
case SSL3_ST_CW_FINISHED_A:
case SSL3_ST_CW_FINISHED_B:
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (SSL_ofld(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_CONNECT);
+#endif
if (!s->hit)
dtls1_start_timer(s);
ret = ssl3_send_finished(s,
@@ -700,6 +707,10 @@ int dtls1_connect(SSL *s)
SSL3_ST_CR_FINISHED_B);
if (ret <= 0)
goto end;
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (SSL_ofld_rx(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_RX,SSL_ST_CONNECT);
+#endif
dtls1_stop_timer(s);
if (s->hit)
diff --git a/crypto/openssl/ssl/d1_pkt.c b/crypto/openssl/ssl/d1_pkt.c
index 10586fee5408..ee76f6020ca0 100644
--- a/crypto/openssl/ssl/d1_pkt.c
+++ b/crypto/openssl/ssl/d1_pkt.c
@@ -121,6 +121,9 @@
#include <openssl/buffer.h>
#include <openssl/pqueue.h>
#include <openssl/rand.h>
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+#include "ssl_tom.h"
+#endif
/* mod 128 saturating subtract of two 64-bit values in big-endian order */
static int satsub64be(const unsigned char *v1, const unsigned char *v2)
@@ -503,6 +506,10 @@ static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
/* decrypt in place in 'rr->input' */
rr->data = rr->input;
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s)))
+ {
+#endif
enc_err = s->method->ssl3_enc->enc(s, 0);
/*-
* enc_err is:
@@ -516,6 +523,9 @@ static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
s->packet_length = 0;
goto err;
}
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ }
+#endif
#ifdef TLS_DEBUG
printf("dec %d\n", rr->length);
{
@@ -528,7 +538,11 @@ static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
/* r->length is now the compressed data plus mac */
if ((sess != NULL) &&
- (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
+ (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ && !(SSL_mac_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s))
+#endif
+ ) {
/* s->read_hash != NULL => mac_size != -1 */
unsigned char *mac = NULL;
unsigned char mac_tmp[EVP_MAX_MD_SIZE];
@@ -684,6 +698,13 @@ int dtls1_get_record(SSL *s)
goto again;
}
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ #define SSL3_RT_CHERROR 127
+ if (SSL_ofld_vers(s) && SSL_ofld_rx(s) && (*(p) == SSL3_RT_CHERROR)) {
+ s->rstate = SSL_ST_READ_ERROR;
+ }
+ else
+#endif
s->rstate = SSL_ST_READ_BODY;
p = s->packet;
@@ -733,11 +754,27 @@ int dtls1_get_record(SSL *s)
/* now s->rstate == SSL_ST_READ_BODY */
}
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (SSL_Chelsio_ofld(s) && SSL_ofld_rx(s)) {
+ if (s->rstate == SSL_ST_READ_ERROR) {
+ i = rr->length;
+ n = ssl3_read_n(s, i, i, 1);
+ s->rstate = SSL_ST_READ_HEADER;
+ if (n<=0) return n;
+ chssl_process_cherror(s);
+ printf("%s rstate SSL_ST_READ_ERROR \n",__func__);
+ goto again;
+ }
+ }
+ /* this may not be required len in Hdr = '13bytes + decrypted payload' */
+#endif
+
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
i = rr->length;
+ printf("%s i:%d rrl:%d pl:%d\n",__func__,i,rr->length,s->packet_length);
n = ssl3_read_n(s, i, i, 1);
/* this packet contained a partial record, dump it */
if (n != i) {
@@ -1680,7 +1717,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
p += 10;
/* Explicit IV length, block ciphers appropriate version flag */
- if (s->enc_write_ctx) {
+ if (s->enc_write_ctx
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ && !(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_Tx_keys(s))
+#endif
+ ) {
int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
if (mode == EVP_CIPH_CBC_MODE) {
eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
@@ -1721,7 +1762,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
* wb->buf
*/
- if (mac_size != 0) {
+ if (mac_size != 0
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ && !(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_Tx_keys(s))
+#endif
+ ) {
if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
goto err;
wr->length += mac_size;
@@ -1734,8 +1779,14 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
if (eivlen)
wr->length += eivlen;
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_Tx_keys(s))) {
+#endif
if (s->method->ssl3_enc->enc(s, 1) < 1)
goto err;
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ }
+#endif
/* record length after mac and block padding */
/*
diff --git a/crypto/openssl/ssl/d1_srvr.c b/crypto/openssl/ssl/d1_srvr.c
index 8502b242e51c..4f2f8d8b3bfa 100644
--- a/crypto/openssl/ssl/d1_srvr.c
+++ b/crypto/openssl/ssl/d1_srvr.c
@@ -125,6 +125,9 @@
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+#include "ssl_tom.h"
+#endif
static const SSL_METHOD *dtls1_get_server_method(int ver);
static int dtls1_send_hello_verify_request(SSL *s);
@@ -752,6 +755,10 @@ int dtls1_accept(SSL *s)
SSL3_ST_SR_FINISHED_B);
if (ret <= 0)
goto end;
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (SSL_ofld_rx(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_RX, SSL_ST_ACCEPT);
+#endif
dtls1_stop_timer(s);
if (s->hit)
s->state = SSL_ST_OK;
@@ -812,8 +819,14 @@ int dtls1_accept(SSL *s)
0, NULL);
}
#endif
-
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (SSL_ofld(s)) {
+ s->s3->tmp.next_state = SSL3_ST_SW_FINISHED_A;
+ s->state = SSL3_ST_SW_FLUSH;
+ } else {
s->state = SSL3_ST_SW_FINISHED_A;
+ }
+#endif
s->init_num = 0;
if (!s->method->ssl3_enc->change_cipher_state(s,
@@ -829,6 +842,10 @@ int dtls1_accept(SSL *s)
case SSL3_ST_SW_FINISHED_A:
case SSL3_ST_SW_FINISHED_B:
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_DTLS)
+ if (SSL_ofld(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_ACCEPT);
+#endif
ret = ssl3_send_finished(s,
SSL3_ST_SW_FINISHED_A,
SSL3_ST_SW_FINISHED_B,
diff --git a/crypto/openssl/ssl/s23_clnt.c b/crypto/openssl/ssl/s23_clnt.c
index add8c9916c8f..53e13c6fe81d 100644
--- a/crypto/openssl/ssl/s23_clnt.c
+++ b/crypto/openssl/ssl/s23_clnt.c
@@ -115,6 +115,9 @@
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
static const SSL_METHOD *ssl23_get_client_method(int ver);
static int ssl23_client_hello(SSL *s);
@@ -221,6 +224,10 @@ int ssl23_connect(SSL *s)
ret = ssl23_client_hello(s);
if (ret <= 0)
goto end;
+#ifdef CHSSL_OFFLOAD
+ if (chssl_new(s))
+ ssl_tls_offload(s);
+#endif
s->state = SSL23_ST_CR_SRVR_HELLO_A;
s->init_num = 0;
diff --git a/crypto/openssl/ssl/s23_srvr.c b/crypto/openssl/ssl/s23_srvr.c
index d3f6db15ccee..15f4736277c2 100644
--- a/crypto/openssl/ssl/s23_srvr.c
+++ b/crypto/openssl/ssl/s23_srvr.c
@@ -118,6 +118,9 @@
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
#endif
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
static const SSL_METHOD *ssl23_get_server_method(int ver);
int ssl23_get_client_hello(SSL *s);
@@ -181,6 +184,10 @@ int ssl23_accept(SSL *s)
/* s->version=SSL3_VERSION; */
s->type = SSL_ST_ACCEPT;
+#ifdef CHSSL_OFFLOAD
+ if (chssl_new(s))
+ ssl_tls_offload(s);
+#endif
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
diff --git a/crypto/openssl/ssl/s3_both.c b/crypto/openssl/ssl/s3_both.c
index 054ded1c9903..24885ba86db1 100644
--- a/crypto/openssl/ssl/s3_both.c
+++ b/crypto/openssl/ssl/s3_both.c
@@ -123,6 +123,9 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
/*
* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
@@ -131,6 +134,9 @@
int ssl3_do_write(SSL *s, int type)
{
int ret;
+#ifdef TLS_DEBUG
+ printf("%s type:%d len:%d \n",__func__,type,s->init_num);
+#endif
ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
s->init_num);
@@ -161,6 +167,9 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
unsigned char *p;
int i;
unsigned long l;
+#ifdef TLS_DEBUG
+ printf("ssl3_send_finished: state:%x a:%x b%x slen:%d M:%x s:%p\n",s->state,a,b,slen,s->method->version,s);
+#endif
if (s->state == a) {
p = ssl_handshake_start(s);
@@ -168,6 +177,9 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
i = s->method->ssl3_enc->final_finish_mac(s,
sender, slen,
s->s3->tmp.finish_md);
+#ifdef TLS_DEBUG
+ printf("ssl3_send_finished: i:%d slen:%d ver:%x s:%p\n",i,slen,s->method->version,s);
+#endif
if (i <= 0)
return 0;
s->s3->tmp.finish_md_len = i;
@@ -244,10 +256,22 @@ int ssl3_get_finished(SSL *s, int a, int b)
* spec message and is in s->s3->tmp.peer_finish_md
*/
#endif
+#ifdef TLS_DEBUG
+ printf("Enter %s \n",__func__);
+#endif
/* 64 argument should actually be 36+4 :-) */
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ /* XXX: Why a smaller maximum message size? */
+ if (SSL_ofld_rx(s))
+ n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 16, &ok);
+ else
+#endif
n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
+#ifdef TLS_DEBUG
+ printf("%s ok:%d n:%d \n",__func__,ok,n);
+#endif
if (!ok)
return ((int)n);
@@ -346,6 +370,9 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
unsigned long l;
long n;
int i, al;
+#ifdef TLS_DEBUG
+ printf("ssl3_get_message st1:%d stn:%d mt:%d max:%d\n",st1,stn,mt,max);
+#endif
if (s->s3->tmp.reuse_message) {
s->s3->tmp.reuse_message = 0;
diff --git a/crypto/openssl/ssl/s3_clnt.c b/crypto/openssl/ssl/s3_clnt.c
index 5b8b2da59f54..e7b319ffe497 100644
--- a/crypto/openssl/ssl/s3_clnt.c
+++ b/crypto/openssl/ssl/s3_clnt.c
@@ -166,6 +166,9 @@
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
#ifndef OPENSSL_NO_TLSEXT
@@ -299,12 +302,22 @@ int ssl3_connect(SSL *s)
ret = ssl3_client_hello(s);
if (ret <= 0)
goto end;
+#ifdef CHSSL_OFFLOAD
+ if (chssl_new(s) || SSL_ofld_vers(s))
+ ssl_tls_offload(s);
+#endif
s->state = SSL3_ST_CR_SRVR_HELLO_A;
s->init_num = 0;
/* turn on buffering for the next lot of output */
+#ifdef CHSSL_OFFLOAD
+ if (!(SSL_ofld(s) && s->renegotiate)) {
+#endif
if (s->bbio != s->wbio)
s->wbio = BIO_push(s->bbio, s->wbio);
+#ifdef CHSSL_OFFLOAD
+ }
+#endif
break;
@@ -485,6 +498,14 @@ int ssl3_connect(SSL *s)
else
s->state = SSL3_ST_CW_FINISHED_A;
#endif
+
+#ifdef CHSSL_OFFLOAD
+ //if (SSL_ofld(s)) {
+ s->s3->tmp.next_state = s->state;
+ s->state = SSL3_ST_CW_FLUSH;
+ //}
+#endif
+
s->init_num = 0;
s->session->cipher = s->s3->tmp.new_cipher;
@@ -509,7 +530,6 @@ int ssl3_connect(SSL *s)
s->state = SSL_ST_ERR;
goto end;
}
-
break;
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
@@ -524,6 +544,10 @@ int ssl3_connect(SSL *s)
case SSL3_ST_CW_FINISHED_A:
case SSL3_ST_CW_FINISHED_B:
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_CONNECT);
+#endif
ret = ssl3_send_finished(s,
SSL3_ST_CW_FINISHED_A,
SSL3_ST_CW_FINISHED_B,
@@ -553,7 +577,6 @@ int ssl3_connect(SSL *s)
s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
else
#endif
-
s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
}
s->init_num = 0;
diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c
index b91456843041..233f73adca3a 100644
--- a/crypto/openssl/ssl/s3_pkt.c
+++ b/crypto/openssl/ssl/s3_pkt.c
@@ -112,11 +112,15 @@
#include <stdio.h>
#include <limits.h>
#include <errno.h>
+ #include <fcntl.h>
#define USE_SOCKETS
#include "ssl_locl.h"
#include <openssl/evp.h>
#include <openssl/buffer.h>
#include <openssl/rand.h>
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
#ifndef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
@@ -152,6 +156,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
long align = 0;
unsigned char *pkt;
SSL3_BUFFER *rb;
+ //printf("%s n:%d \n",__func__,n);
if (n <= 0)
return n;
@@ -161,6 +166,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
if (!ssl3_setup_read_buffer(s))
return -1;
+ //printf("%s left:%d \n",__func__,left);
left = rb->left;
#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
align = (long)rb->buf + SSL3_RT_HEADER_LENGTH;
@@ -212,6 +218,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
s->packet_length += n;
rb->left = left - n;
rb->offset += n;
+ //printf("%s n:%d off:%d\n",__func__,n,rb->offset);
return (n);
}
@@ -228,6 +235,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
s->packet = pkt;
rb->offset = len + align;
}
+ //printf("%s n:%d rb->len:%d off:%d\n",__func__,n,rb->len,rb->offset);
if (n > (int)(rb->len - rb->offset)) { /* does not happen */
SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
@@ -244,6 +252,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
if (max > (int)(rb->len - rb->offset))
max = rb->len - rb->offset;
}
+ //printf("max:%d \n",max);
while (left < n) {
/*
@@ -260,6 +269,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET);
i = -1;
}
+ //printf("bio read:%d sf:%d\n",i,s->rbio->num);
if (i <= 0) {
rb->left = left;
@@ -285,6 +295,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
rb->left = left - n;
s->packet_length += n;
s->rwstate = SSL_NOTHING;
+ //printf("%s Exit n:%d \n",__func__,n);
return (n);
}
@@ -309,7 +320,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
static int ssl3_get_record(SSL *s)
{
int ssl_major, ssl_minor, al;
- int enc_err, n, i, ret = -1;
+ int enc_err = 0, n, i, ret = -1;
SSL3_RECORD *rr;
SSL_SESSION *sess;
unsigned char *p;
@@ -340,12 +351,25 @@ static int ssl3_get_record(SSL *s)
if ((s->rstate != SSL_ST_READ_BODY) ||
(s->packet_length < SSL3_RT_HEADER_LENGTH)) {
n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
- if (n <= 0)
+ if (n <= 0) {
return (n); /* error or non-blocking */
- s->rstate = SSL_ST_READ_BODY;
-
+ }
p = s->packet;
- if (s->msg_callback)
+
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ #define SSL3_RT_CHERROR 127
+ if (SSL_ofld_vers(s) && SSL_ofld_rx(s) && (*(p) == SSL3_RT_CHERROR)) {
+ s->rstate = SSL_ST_READ_ERROR;
+ } else
+#endif
+ s->rstate = SSL_ST_READ_BODY;
+
+ if (s->msg_callback
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ && (SSL_ofld_vers(s) && SSL_ofld_rx(s)
+ && (s->rstate != SSL_ST_READ_ERROR))
+#endif
+ )
s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
s->msg_callback_arg);
@@ -399,18 +423,40 @@ static int ssl3_get_record(SSL *s)
/* now s->rstate == SSL_ST_READ_BODY */
}
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ if (SSL_Chelsio_ofld(s) && SSL_ofld_rx(s)) {
+ if (s->rstate == SSL_ST_READ_ERROR) {
+ i = rr->length;
+ n = ssl3_read_n(s, i, i, 1);
+ s->rstate = SSL_ST_READ_HEADER;
+ if (n<=0)
+ return n;
+ al = chssl_process_cherror(s);
+ printf("%s rstate SSL_ST_READ_ERROR \n",__func__);
+ goto f_err;
+ }
+ }
+
+ /* this may not be required len in Hdr = '5bytes + decrypted payload' */
+#endif
+
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) {
/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
i = rr->length;
n = ssl3_read_n(s, i, i, 1);
- if (n <= 0)
+ if (n <= 0) {
+ //printf("%s n:%d \n",__func__,n);
return (n); /* error or non-blocking io */
+ }
/*
* now n == rr->length, and s->packet_length == SSL3_RT_HEADER_LENGTH
* + rr->length
*/
+#if 0
+ for(i=0;i<16;i++)
+ printf("%x ",s->packet[i]);
+#endif
}
s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
@@ -437,12 +483,17 @@ static int ssl3_get_record(SSL *s)
if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) {
al = SSL_AD_RECORD_OVERFLOW;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+ printf("%s SSL_R_ENCRYPTED_LENGTH_TOO_LONG \n",__func__);
goto f_err;
}
/* decrypt in place in 'rr->input' */
rr->data = rr->input;
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s)))
+#endif
+ {
enc_err = s->method->ssl3_enc->enc(s, 0);
/*-
* enc_err is:
@@ -453,10 +504,17 @@ static int ssl3_get_record(SSL *s)
if (enc_err == 0) {
al = SSL_AD_DECRYPTION_FAILED;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+ printf("%s SSL_R_BLOCK_CIPHER_PAD_IS_WRONG \n",__func__);
goto f_err;
}
+ }
#ifdef TLS_DEBUG
- printf("dec %d\n", rr->length);
+#ifdef CHSSL_OFFLOAD
+ printf("\n dec %d host enc:%d mac:%d enc_err:%d\n",
+ rr->length,SSL_enc_host(s),SSL_mac_host(s),enc_err);
+#else
+ printf("\n dec %d\n", rr->length);
+#endif
{
unsigned int z;
for (z = 0; z < rr->length; z++)
@@ -467,7 +525,13 @@ static int ssl3_get_record(SSL *s)
/* r->length is now the compressed data plus mac */
if ((sess != NULL) &&
- (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
+ (s->enc_read_ctx != NULL) &&
+ (EVP_MD_CTX_md(s->read_hash) != NULL)
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ &&
+ !(SSL_mac_offload(s) && SSL_ofld_vers(s) && SSL_ofld_rx(s))
+#endif
+ ) {
/* s->read_hash != NULL => mac_size != -1 */
unsigned char *mac = NULL;
unsigned char mac_tmp[EVP_MAX_MD_SIZE];
@@ -491,6 +555,7 @@ static int ssl3_get_record(SSL *s)
orig_len < mac_size + 1)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT);
+ printf("%s SSL_R_LENGTH_TOO_SHORT \n",__func__);
goto f_err;
}
@@ -533,6 +598,7 @@ static int ssl3_get_record(SSL *s)
al = SSL_AD_BAD_RECORD_MAC;
SSLerr(SSL_F_SSL3_GET_RECORD,
SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
+ printf("%s SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC \n",__func__);
goto f_err;
}
@@ -541,6 +607,7 @@ static int ssl3_get_record(SSL *s)
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra) {
al = SSL_AD_RECORD_OVERFLOW;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+ printf("%s SSL_R_COMPRESSED_LENGTH_TOO_LONG \n",__func__);
goto f_err;
}
if (!ssl3_do_uncompress(s)) {
@@ -553,6 +620,7 @@ static int ssl3_get_record(SSL *s)
if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH + extra) {
al = SSL_AD_RECORD_OVERFLOW;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
+ printf("%s rr->length :%d extra:%zu\n",__func__,rr->length,extra);
goto f_err;
}
@@ -575,11 +643,13 @@ static int ssl3_get_record(SSL *s)
if (empty_record_count > MAX_EMPTY_RECORDS) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_RECORD_TOO_SMALL);
+ printf("rr->length == 0 empty_record_count:%d\n",empty_record_count);
+ printf("%s SSL_F_SSL3_GET_RECORD \n",__func__);
goto f_err;
}
goto again;
}
-#if 0
+#ifdef TLS_DEBUG
fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type,
rr->length);
#endif
@@ -701,7 +771,11 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
SSL_USE_EXPLICIT_IV(s) &&
s->enc_write_ctx != NULL &&
EVP_CIPHER_flags(s->enc_write_ctx->cipher) &
- EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
+ EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+#ifdef CHSSL_OFFLOAD
+ && !SSL_ofld(s)
+#endif
+ ) {
unsigned char aad[13];
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
int packlen;
@@ -986,7 +1060,11 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
plen = p;
p += 2;
/* Explicit IV length, block ciphers appropriate version flag */
- if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) {
+ if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)
+#ifdef CHSSL_OFFLOAD
+ && !(SSL_enc_offload(s) && SSL_ofld_vers(s))
+#endif
+ ) {
int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
if (mode == EVP_CIPH_CBC_MODE) {
eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
@@ -1027,7 +1105,11 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
* wb->buf
*/
- if (mac_size != 0) {
+ if (mac_size != 0
+#ifdef CHSSL_OFFLOAD
+ && !(SSL_enc_offload(s) && SSL_ofld_vers(s))
+#endif
+ ) {
if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
goto err;
wr->length += mac_size;
@@ -1043,8 +1125,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
wr->length += eivlen;
}
+#ifdef CHSSL_OFFLOAD
+ if (!(SSL_enc_offload(s) && SSL_ofld_vers(s))) {
+#endif
if (s->method->ssl3_enc->enc(s, 1) < 1)
goto err;
+#ifdef CHSSL_OFFLOAD
+ }
+#endif
/* record length after mac and block padding */
s2n(wr->length, plen);
@@ -1172,8 +1260,10 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
void (*cb) (const SSL *ssl, int type2, int val) = NULL;
if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
- if (!ssl3_setup_read_buffer(s))
+ if (!ssl3_setup_read_buffer(s)) {
+ printf("%s ssl3_setup_read_buffer fail \n",__func__);
return (-1);
+ }
if ((type && (type != SSL3_RT_APPLICATION_DATA)
&& (type != SSL3_RT_HANDSHAKE)) || (peek
@@ -1232,9 +1322,10 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
/* get new packet if necessary */
if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
ret = ssl3_get_record(s);
- if (ret <= 0)
+ if (ret <= 0) {
return (ret);
}
+ }
/*
* Reset the count of consecutive warning alerts if we've got a non-empty
@@ -1276,8 +1367,10 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
goto f_err;
}
- if (len <= 0)
+ if (len <= 0) {
+ printf("%s len:%d \n",__func__,len);
return (len);
+ }
if ((unsigned int)len > rr->length)
n = rr->length;
@@ -1296,6 +1389,9 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
ssl3_release_read_buffer(s);
}
}
+#ifdef TLS_DEBUG
+ printf("%s %d n:%d \n",__func__,__LINE__,n);
+#endif
return (n);
}
@@ -1337,6 +1433,9 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
s->rwstate = SSL_READING;
BIO_clear_retry_flags(SSL_get_rbio(s));
BIO_set_retry_read(SSL_get_rbio(s));
+#ifdef TLS_DEBUG
+ printf("%s TLS1_RT_HEARTBEAT \n",__func__);
+#endif
return (-1);
}
#endif
@@ -1666,7 +1765,6 @@ int ssl3_do_change_cipher_spec(SSL *s)
int i;
const char *sender;
int slen;
-
if (s->state & SSL_ST_ACCEPT)
i = SSL3_CHANGE_CIPHER_SERVER_READ;
else
@@ -1677,25 +1775,39 @@ int ssl3_do_change_cipher_spec(SSL *s)
/* might happen if dtls1_read_bytes() calls this */
SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
SSL_R_CCS_RECEIVED_EARLY);
- return (0);
+ goto err;
}
s->session->cipher = s->s3->tmp.new_cipher;
- if (!s->method->ssl3_enc->setup_key_block(s))
- return (0);
+ if (!s->method->ssl3_enc->setup_key_block(s)) {
+ goto err;
+ }
}
- if (!s->method->ssl3_enc->change_cipher_state(s, i))
- return (0);
+ if (!s->method->ssl3_enc->change_cipher_state(s, i)){
+ printf("change_cipher_state error \n");
+ goto err;
+ }
/*
* we have to record the message digest at this point so we can get it
* before we read the finished message
*/
if (s->state & SSL_ST_CONNECT) {
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ if (SSL_ofld_rx(s)) {
+ chssl_program_hwkey_context(s, KEY_WRITE_RX, SSL_ST_CONNECT);
+ if (SSL_clr_quiesce(s))
+ chssl_clear_tom(s);
+ }
+#endif
sender = s->method->ssl3_enc->server_finished_label;
slen = s->method->ssl3_enc->server_finished_label_len;
} else {
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ if (SSL_ofld_rx(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_RX, SSL_ST_ACCEPT);
+#endif
sender = s->method->ssl3_enc->client_finished_label;
slen = s->method->ssl3_enc->client_finished_label_len;
}
@@ -1707,9 +1819,16 @@ int ssl3_do_change_cipher_spec(SSL *s)
SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
return 0;
}
+
s->s3->tmp.peer_finish_md_len = i;
return (1);
+err:
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ if (SSL_ofld_rx(s))
+ chssl_clear_quies(s);
+#endif
+ return (0);
}
int ssl3_send_alert(SSL *s, int level, int desc)
diff --git a/crypto/openssl/ssl/s3_srvr.c b/crypto/openssl/ssl/s3_srvr.c
index 0fb4845d44fa..74afc08f66b8 100644
--- a/crypto/openssl/ssl/s3_srvr.c
+++ b/crypto/openssl/ssl/s3_srvr.c
@@ -169,6 +169,9 @@
# include <openssl/krb5_asn.h>
#endif
#include <openssl/md5.h>
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
#ifndef OPENSSL_NO_SSL3_METHOD
static const SSL_METHOD *ssl3_get_server_method(int ver);
@@ -250,6 +253,9 @@ int ssl3_accept(SSL *s)
for (;;) {
state = s->state;
+#ifdef TLS_DEBUG
+ fprintf(stderr, "%s: state %d\n", __func__, state);
+#endif
switch (s->state) {
case SSL_ST_RENEGOTIATE:
s->renegotiate = 1;
@@ -270,6 +276,10 @@ int ssl3_accept(SSL *s)
return -1;
}
s->type = SSL_ST_ACCEPT;
+#ifdef CHSSL_OFFLOAD
+ if (chssl_new(s))
+ ssl_tls_offload(s);
+#endif
if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) {
@@ -423,6 +433,12 @@ int ssl3_accept(SSL *s)
else
s->state = SSL3_ST_SW_CERT_A;
s->init_num = 0;
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s) && s->new_session) {
+ s->s3->tmp.next_state = s->state;
+ s->state = SSL3_ST_SW_FLUSH;
+ }
+#endif
break;
case SSL3_ST_SW_CERT_A:
@@ -453,6 +469,12 @@ int ssl3_accept(SSL *s)
s->state = SSL3_ST_SW_KEY_EXCH_A;
#endif
s->init_num = 0;
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s) && s->new_session) {
+ s->s3->tmp.next_state = s->state;
+ s->state = SSL3_ST_SW_FLUSH;
+ }
+#endif
break;
case SSL3_ST_SW_KEY_EXCH_A:
@@ -505,6 +527,12 @@ int ssl3_accept(SSL *s)
s->state = SSL3_ST_SW_CERT_REQ_A;
s->init_num = 0;
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s) && s->new_session) {
+ s->s3->tmp.next_state = s->state;
+ s->state = SSL3_ST_SW_FLUSH;
+ }
+#endif
break;
case SSL3_ST_SW_CERT_REQ_A:
@@ -765,6 +793,12 @@ int ssl3_accept(SSL *s)
goto end;
s->state = SSL3_ST_SW_CHANGE_A;
s->init_num = 0;
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s) && s->new_session) {
+ s->s3->tmp.next_state = s->state;
+ s->state = SSL3_ST_SW_FLUSH;
+ }
+#endif
break;
case SSL3_ST_SW_CERT_STATUS_A:
@@ -774,6 +808,12 @@ int ssl3_accept(SSL *s)
goto end;
s->state = SSL3_ST_SW_KEY_EXCH_A;
s->init_num = 0;
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s) && s->new_session) {
+ s->s3->tmp.next_state = s->state;
+ s->state = SSL3_ST_SW_FLUSH;
+ }
+#endif
break;
#endif
@@ -794,7 +834,17 @@ int ssl3_accept(SSL *s)
if (ret <= 0)
goto end;
+
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s)) {
+ s->s3->tmp.next_state = SSL3_ST_SW_FINISHED_A;
+ s->state = SSL3_ST_SW_FLUSH;
+ } else {
s->state = SSL3_ST_SW_FINISHED_A;
+ }
+#else
+ s->state = SSL3_ST_SW_FINISHED_A;
+#endif
s->init_num = 0;
if (!s->method->ssl3_enc->change_cipher_state(s,
@@ -804,11 +854,14 @@ int ssl3_accept(SSL *s)
s->state = SSL_ST_ERR;
goto end;
}
-
break;
case SSL3_ST_SW_FINISHED_A:
case SSL3_ST_SW_FINISHED_B:
+#ifdef CHSSL_OFFLOAD
+ if (SSL_ofld(s))
+ chssl_program_hwkey_context(s, KEY_WRITE_TX, SSL_ST_ACCEPT);
+#endif
ret = ssl3_send_finished(s,
SSL3_ST_SW_FINISHED_A,
SSL3_ST_SW_FINISHED_B,
@@ -831,6 +884,7 @@ int ssl3_accept(SSL *s)
} else
s->s3->tmp.next_state = SSL_ST_OK;
s->init_num = 0;
+
break;
case SSL_ST_OK:
diff --git a/crypto/openssl/ssl/ssl.h b/crypto/openssl/ssl/ssl.h
index 3cf96a239bab..2ae116f78020 100644
--- a/crypto/openssl/ssl/ssl.h
+++ b/crypto/openssl/ssl/ssl.h
@@ -1408,11 +1408,47 @@ int SSL_extension_supported(unsigned int ext_type);
# define SSL_READING 3
# define SSL_X509_LOOKUP 4
+#ifdef CHSSL_OFFLOAD
+enum {
+ SSL_ENC_HOST = 0,
+ SSL_ENC_OFLD,
+};
+
+enum {
+ SSL_MAC_HOST = 0,
+ SSL_MAC_OFLD,
+};
+
+enum {
+ KEY_SPACE_AVAIL = 0,
+ KEY_SPACE_NOTAVL,
+};
+
+struct ch_ssl_st {
+ int nl_fd;
+ int sock_fd;
+ char ofld_tx_enable;
+ char ofld_rx_enable;
+ char ofld_enc;
+ char ofld_mac;
+ char key_state;
+ char rx_keys_copied;
+ char tx_keys_copied;
+ void *key_context;
+};
+#endif
+
/* These will only be used when doing non-blocking IO */
# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+#ifdef CHSSL_OFFLOAD
+# define SSL_enc_offload(s) (SSL_enc(s) == SSL_ENC_OFLD)
+# define SSL_enc_host(s) (SSL_enc(s) == SSL_ENC_HOST)
+# define SSL_mac_offload(s) (SSL_mac(s) == SSL_MAC_OFLD)
+# define SSL_mac_host(s) (SSL_mac(s) == SSL_MAC_HOST)
+#endif
# define SSL_MAC_FLAG_READ_MAC_STREAM 1
# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
@@ -1447,6 +1483,7 @@ struct ssl_st {
char *wbio;
char *bbio;
# endif
+
/*
* This holds a variable that indicates what we were doing when a 0 or -1
* is returned. This is needed for non-blocking IO so we know what
@@ -1568,6 +1605,9 @@ struct ssl_st {
unsigned int max_psk_len);
# endif
SSL_CTX *ctx;
+#ifdef CHSSL_OFFLOAD
+ struct ch_ssl_st *chssl;
+#endif
/*
* set this flag to 1 and a sleep(1) is put into all SSL_read() and
* SSL_write() calls, good for nbio debuging :-)
@@ -1758,6 +1798,9 @@ extern "C" {
# define SSL_ST_READ_HEADER 0xF0
# define SSL_ST_READ_BODY 0xF1
# define SSL_ST_READ_DONE 0xF2
+#ifdef CHSSL_OFFLOAD
+# define SSL_ST_READ_ERROR 0xF3
+#endif
/*-
* Obtain latest Finished message
@@ -2136,6 +2179,23 @@ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
int SSL_want(const SSL *s);
int SSL_clear(SSL *s);
+#ifdef CHSSL_OFFLOAD
+int SSL_enc(const SSL *s);
+int SSL_mac(const SSL *s);
+#ifdef CHSSL_TLS_RX
+int SSL_Rx_keys(const SSL *s);
+#endif
+int SSL_Tx_keys(const SSL *s);
+int SSL_ofld(const SSL *s);
+int SSL_compress(const SSL *s);
+int SSL_Chelsio_ofld(const SSL *s);
+#ifdef CHSSL_TLS_RX
+int chssl_clear_quies(const SSL *s);
+#endif
+int chssl_clear_tom(const SSL *s);
+int chssl_process_cherror(SSL *s);
+void chssl_program_hwkey_context(SSL *s, int rw, int state);
+#endif
void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
diff --git a/crypto/openssl/ssl/ssl_lib.c b/crypto/openssl/ssl/ssl_lib.c
index 3539f4b8d20a..2d0fee71d50d 100644
--- a/crypto/openssl/ssl/ssl_lib.c
+++ b/crypto/openssl/ssl/ssl_lib.c
@@ -159,6 +159,9 @@
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif
+#ifdef CHSSL_OFFLOAD
+#include "ssl_tom.h"
+#endif
const char *SSL_version_str = OPENSSL_VERSION_TEXT;
@@ -742,6 +745,7 @@ int SSL_set_fd(SSL *s, int fd)
}
BIO_set_fd(bio, fd, BIO_NOCLOSE);
SSL_set_bio(s, bio, bio);
+ //printf("SSL_set_fd: fd:%d bio_fd:%d BIO:%p:%p:%p\n",fd,bio->num,bio,s->wbio,s->rbio);
ret = 1;
err:
return (ret);
@@ -1068,6 +1072,11 @@ int SSL_shutdown(SSL *s)
SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
return -1;
}
+#ifdef CHSSL_OFFLOAD
+ if (s->chssl) {
+ chssl_free(s);
+ }
+#endif
if (!SSL_in_init(s)) {
return s->method->ssl_shutdown(s);
diff --git a/crypto/openssl/ssl/ssl_tom.c b/crypto/openssl/ssl/ssl_tom.c
new file mode 100644
index 000000000000..8699667cc211
--- /dev/null
+++ b/crypto/openssl/ssl/ssl_tom.c
@@ -0,0 +1,725 @@
+/* ssl/ssl_tom.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * w
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ * Chelsio Software written by Atul Gupta (atul.gupta@chelsio.com)
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <poll.h>
+#include <string.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#ifdef __linux__
+#include <linux/genetlink.h>
+#include <linux/types.h>
+#endif
+#ifdef __FreeBSD__
+#include <netinet/tcp.h>
+#endif
+#include "ssl_locl.h"
+#include <openssl/ssl.h>
+#include <netinet/in.h>
+#include "ssl_tom.h"
+#include <sys/uio.h>
+
+#ifdef CHSSL_OFFLOAD
+int ssl_tls_offload(SSL *s)
+{
+#ifdef __FreeBSD__
+ socklen_t optlen;
+#endif
+ int ret, mode = 0;
+
+ if ((s->wbio == NULL) || (s->rbio == NULL)) {
+ SSLerr(SSL_R_BAD_STATE, SSL_R_BIO_NOT_SET);
+ return mode;
+ }
+ s->chssl->sock_fd = s->wbio->num = s->rbio->num;
+
+#ifdef __linux__
+ ret = ioctl(s->chssl->sock_fd, IOCTL_TLSOM_GET_TLS_TOM, &mode);
+ if (!ret && mode)
+ s->chssl->ofld_rx_enable = s->chssl->ofld_tx_enable = TLS_OFLD_TRUE;
+ else
+ s->chssl->ofld_rx_enable = s->chssl->ofld_tx_enable = TLS_OFLD_FALSE;
+#else
+ optlen = sizeof(mode);
+ ret = getsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_GET_TLS_TOM,
+ &mode, &optlen);
+ s->chssl->ofld_rx_enable = s->chssl->ofld_tx_enable = TLS_OFLD_FALSE;
+ if (ret == 0) {
+ switch (mode) {
+ case TLS_TOM_BOTH:
+ s->chssl->ofld_rx_enable = TLS_OFLD_TRUE;
+ /* FALLTHROUGH */
+ case TLS_TOM_TXONLY:
+ s->chssl->ofld_tx_enable = TLS_OFLD_TRUE;
+ break;
+ }
+ }
+#endif
+
+ return mode;
+}
+
+int SSL_ofld_vers(const SSL *s)
+{
+ return (s->version == TLS1_1_VERSION || s->version == TLS1_2_VERSION
+ || s->version == DTLS1_2_VERSION);
+}
+
+int SSL_ofld(const SSL *s)
+{
+ return(SSL_ofld_vers(s) && s->chssl && s->chssl->ofld_tx_enable);
+}
+
+#ifdef CHSSL_TLS_RX
+int SSL_ofld_rx(const SSL *s)
+{
+ return(s->chssl && s->chssl->ofld_rx_enable);
+}
+#endif
+
+int SSL_compress(const SSL *s)
+{
+ return(s->compress != NULL);
+}
+
+#ifdef CHSSL_TLS_RX
+int SSL_Rx_keys(const SSL *s)
+{
+ return(s->chssl && s->chssl->rx_keys_copied);
+}
+#endif
+
+int SSL_Tx_keys(const SSL *s)
+{
+ return(s->chssl && s->chssl->tx_keys_copied);
+}
+
+int SSL_enc(const SSL *s)
+{
+ return(s->chssl && s->chssl->ofld_tx_enable && s->chssl->ofld_enc);
+}
+
+int SSL_mac(const SSL *s)
+{
+ return(s->chssl && s->chssl->ofld_tx_enable && s->chssl->ofld_mac);
+}
+
+int SSL_Chelsio_ofld(const SSL *s)
+{
+ return (SSL_ofld(s) && SSL_ofld_rx(s) && SSL_enc(s) && SSL_mac(s));
+}
+
+#ifdef CHSSL_TLS_RX
+int SSL_clr_quiesce(const SSL *s)
+{
+ return (SSL_ofld_rx(s) && (s->chssl->key_state == KEY_SPACE_NOTAVL));
+}
+#endif
+
+/*
+ * Determine HW capability for Digest and Cipher Offload
+ */
+static int tls_ofld_enc_mac(SSL *s)
+{
+ const EVP_CIPHER *p;
+ const SSL_CIPHER *c;
+
+ c = s->s3->tmp.new_cipher;
+ p = s->s3->tmp.new_sym_enc;
+
+ switch(c->algorithm_enc) {
+ case SSL_AES128GCM:
+ case SSL_AES256GCM:
+ s->chssl->ofld_enc = SSL_ENC_OFLD;
+ s->chssl->ofld_mac = SSL_MAC_OFLD;
+ return TLS_OFLD_TRUE;
+
+ case SSL_AES128 :
+ case SSL_AES256 :
+ switch(EVP_CIPHER_mode(p)) {
+ case EVP_CIPH_CTR_MODE:
+ case EVP_CIPH_CBC_MODE:
+ s->chssl->ofld_enc = SSL_ENC_OFLD;
+ break;
+ default:
+ chssl_print(cl,"No HW support\n");
+ return TLS_OFLD_FALSE;
+ }
+ break;
+
+ case SSL_eNULL:
+ s->chssl->ofld_enc = SSL_ENC_OFLD;
+ break;
+
+ default:
+ chssl_print(cl,"No HW support for ENC\n");
+ s->chssl->ofld_enc = SSL_ENC_HOST;
+ return TLS_OFLD_FALSE;
+ }
+
+ switch(c->algorithm_mac) {
+ case SSL_SHA1:
+ case SSL_SHA256:
+ case SSL_SHA384:
+ s->chssl->ofld_mac= SSL_MAC_OFLD;
+ break;
+
+ default:
+ s->chssl->ofld_mac= SSL_MAC_HOST;
+ /* Revert enc mode to non-offload */
+ s->chssl->ofld_enc = SSL_ENC_HOST;
+ chssl_print(cl,"No HW support for MAC\n");
+ return TLS_OFLD_FALSE;
+ }
+ return TLS_OFLD_TRUE;
+}
+
+/*
+ * Authentication Mode expected by HW
+ */
+static unsigned char get_auth_mode(SSL *s)
+{
+ const SSL_CIPHER *c = s->s3->tmp.new_cipher;
+
+ if(c==NULL) return CHSSL_SHA_NOP;
+
+ switch(c->algorithm_mac) {
+ case SSL_SHA1:
+ return CHSSL_SHA1;
+ case SSL_SHA256:
+ return CHSSL_SHA256;
+ case SSL_SHA384:
+ return CHSSL_SHA512_384;
+ case SSL_AEAD:
+ return CHSSL_GHASH;
+ default:
+ return CHSSL_SHA_NOP;
+}
+}
+
+/*
+ * Cipher Mode expected by HW
+ */
+static unsigned char get_cipher_mode(SSL *s)
+{
+ const EVP_CIPHER *c = s->s3->tmp.new_sym_enc;
+
+ switch(EVP_CIPHER_mode(c)) {
+ case EVP_CIPH_CBC_MODE:
+ return CHSSL_AES_CBC;
+ case EVP_CIPH_GCM_MODE:
+ return CHSSL_AES_GCM;
+ case EVP_CIPH_CTR_MODE:
+ return CHSSL_AES_CTR;
+ case EVP_CIPH_STREAM_CIPHER:
+ return CHSSL_CIPH_NOP;
+ default:
+ chssl_print(cl,"invalid cipher mode\n");
+ return CHSSL_CIPH_NOP;
+ }
+}
+
+static void chssl_compute_ipad_opad(unsigned char *key,
+ unsigned char *ipad,
+ unsigned char *opad,
+ int k)
+{
+ int i;
+
+ if(k < MAX_MAC_KSZ) {
+ for(i=k; i < MAX_MAC_KSZ; i++) {
+ ipad[i] = 0x0;
+ opad[i] = 0x0;
+ }
+ }
+ for(i=0; i < MAX_MAC_KSZ; i++) {
+ ipad[i] = key[i] ^ 0x36;
+ opad[i] = key[i] ^ 0x5c;
+ }
+
+ if(k == SHA_DIGEST_LENGTH) {
+ CHSSL_EVP_Digest(ipad, MAX_MAC_KSZ, ipad, NULL, EVP_sha1(), NULL);
+ CHSSL_EVP_Digest(opad, MAX_MAC_KSZ, opad, NULL, EVP_sha1(), NULL);
+ } else if (k == SHA256_DIGEST_LENGTH) {
+ CHSSL_EVP_Digest(ipad, MAX_MAC_KSZ, ipad, NULL, EVP_sha256(), NULL);
+ CHSSL_EVP_Digest(opad, MAX_MAC_KSZ, opad, NULL, EVP_sha256(), NULL);
+ }
+}
+
+static void chssl_compute_ipad_opad_512(unsigned char *key,
+ unsigned char *ipad,
+ unsigned char *opad,
+ int k)
+{
+ int i;
+ unsigned char ipad_512[SHA512_BLOCK] = {0};
+ unsigned char opad_512[SHA512_BLOCK] = {0};
+
+ for(i = 0; i < SHA512_BLOCK; i++) {
+ if (i < k) {
+ ipad_512[i] = key[i] ^ 0x36;
+ opad_512[i] = key[i] ^ 0x5c;
+ } else {
+ ipad_512[i] = 0x36;
+ opad_512[i] = 0x5c;
+ }
+ }
+
+ if(k == SHA384_DIGEST_LENGTH) {
+ CHSSL_EVP_Digest(ipad_512, SHA512_BLOCK, ipad_512, NULL,
+ EVP_sha384(), NULL);
+ CHSSL_EVP_Digest(opad_512, SHA512_BLOCK, opad_512, NULL,
+ EVP_sha384(), NULL);
+ } else if (k == SHA512_DIGEST_LENGTH) {
+ CHSSL_EVP_Digest(ipad_512, SHA512_BLOCK, ipad_512, NULL,
+ EVP_sha512(), NULL);
+ CHSSL_EVP_Digest(opad_512, SHA512_BLOCK, opad_512, NULL,
+ EVP_sha512(), NULL);
+ }
+ memcpy(ipad, ipad_512, MAX_MAC_KSZ);
+ memcpy(opad, opad_512, MAX_MAC_KSZ);
+}
+
+static void chssl_compute_cipher_key(unsigned char *key,
+ int key_len,
+ unsigned char *ghash)
+{
+ int len,len1;
+ EVP_CIPHER_CTX ctx;
+ unsigned char plaintext[GHASH_SIZE] = {0};
+
+ EVP_CIPHER_CTX_init(&ctx);
+ if(key_len == 16)
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, NULL);
+ else
+ EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, NULL);
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ EVP_EncryptUpdate(&ctx, ghash, &len, plaintext, 16);
+ EVP_EncryptFinal_ex(&ctx, ghash+len, &len1);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+}
+
+/*
+ * Create key Context for receive/transmit and program on HW
+ */
+static int ssl_key_context(SSL *s, int rw, int state)
+{
+ const EVP_CIPHER *c;
+ const EVP_MD *m;
+ const SSL_CIPHER *sc;
+ unsigned int mac_key_size = 0, cipher_key_size, iv_size;
+ unsigned char *key;
+ unsigned char s_ipad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */
+ unsigned char s_opad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */
+ unsigned char c_ipad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */
+ unsigned char c_opad_hash[MAX_MAC_KSZ]= {0x0}; /* blk sz for hashing */
+
+ unsigned char s_mac_key[MAX_MAC_KSZ] = {0x0};
+ unsigned char c_mac_key[MAX_MAC_KSZ] = {0x0};
+ unsigned char s_key[MAX_CIPHER_KSZ] = {0x0};
+ unsigned char c_key[MAX_CIPHER_KSZ] = {0x0};
+ unsigned char s_iv[MAX_CIPHER_KSZ] = {0x0};
+ unsigned char c_iv[MAX_CIPHER_KSZ] = {0x0};
+ unsigned char ghash[GHASH_SIZE] = {0x0};
+ int pad = 12;
+ int index = 0;
+ int ret = 0;
+ struct tls_key_context *kctx = s->chssl->key_context;
+
+ if (!tls_ofld_enc_mac(s)) {
+ return ret;
+ }
+
+ c = s->s3->tmp.new_sym_enc;
+ m = s->s3->tmp.new_hash;
+ sc = s->s3->tmp.new_cipher;
+ kctx->l_p_key = rw;
+
+ if (s->new_session)
+ kctx->l_p_key |= F_KEY_CLR_LOC;
+ key = s->s3->tmp.key_block;
+
+ if (s->version >= TLS1_VERSION)
+ mac_key_size = s->s3->tmp.new_mac_secret_size;
+ else
+ if (m) mac_key_size = m->md_size;
+ kctx->mac_secret_size = mac_key_size;
+
+ cipher_key_size = EVP_CIPHER_key_length(c);
+ kctx->cipher_secret_size = cipher_key_size;
+
+ iv_size = (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) ?
+ EVP_GCM_TLS_FIXED_IV_LEN:
+ EVP_CIPHER_iv_length(c);
+ kctx->iv_size = iv_size;
+ kctx->iv_ctrl = 1;
+ kctx->iv_algo = 0;
+
+ if ((mac_key_size == SHA256_DIGEST_LENGTH) ||
+ (mac_key_size == SHA384_DIGEST_LENGTH))
+ pad = 0;
+
+ if (mac_key_size) {
+ memcpy(c_mac_key, key, mac_key_size);
+ key += mac_key_size;
+ memcpy(s_mac_key, key, mac_key_size);
+ key += mac_key_size;
+ }
+ memcpy(c_key, key, cipher_key_size);
+ key += cipher_key_size;
+ memcpy(s_key, key, cipher_key_size);
+ key += cipher_key_size;
+
+ memcpy(c_iv, key, iv_size);
+ key += iv_size;
+ memcpy(s_iv, key, iv_size);
+
+ if (s->chssl->ofld_mac) {
+ /* IPAD/OPAD for SHA384/512 calculated over 128B block */
+ if (mac_key_size >= SHA384_DIGEST_LENGTH) {
+ chssl_compute_ipad_opad_512(c_mac_key, c_ipad_hash,
+ c_opad_hash, mac_key_size);
+ chssl_compute_ipad_opad_512(s_mac_key, s_ipad_hash,
+ s_opad_hash, mac_key_size);
+ } else {
+ chssl_compute_ipad_opad(c_mac_key, c_ipad_hash,
+ c_opad_hash, mac_key_size);
+ chssl_compute_ipad_opad(s_mac_key, s_ipad_hash,
+ s_opad_hash, mac_key_size);
+ }
+ }
+
+ if (state == SSL_ST_ACCEPT) {
+ memcpy(kctx->tx.key, s_key, cipher_key_size);
+ memcpy(kctx->rx.key, c_key, cipher_key_size);
+ } else {
+ memcpy(kctx->tx.key, c_key, cipher_key_size);
+ memcpy(kctx->rx.key, s_key, cipher_key_size);
+ }
+
+ if (mac_key_size == SHA384_DIGEST_LENGTH) mac_key_size = MAX_MAC_KSZ;
+ index = cipher_key_size;
+ if (s->chssl->ofld_mac) {
+ if (mac_key_size) {
+ if (state == SSL_ST_ACCEPT)
+ memcpy(kctx->tx.key+index, s_ipad_hash, mac_key_size);
+ else
+ memcpy(kctx->tx.key+index, c_ipad_hash, mac_key_size);
+
+ index += (mac_key_size + pad);
+ if (state == SSL_ST_ACCEPT)
+ memcpy(kctx->tx.key+index, s_opad_hash, mac_key_size);
+ else
+ memcpy(kctx->tx.key+index, c_opad_hash, mac_key_size);
+
+ index += (mac_key_size + pad);
+ } else {
+ if (state == SSL_ST_ACCEPT) {
+ chssl_compute_cipher_key(s_key, cipher_key_size, ghash);
+ memcpy(kctx->tx.key+index, ghash, GHASH_SIZE);
+ } else {
+ chssl_compute_cipher_key(c_key, cipher_key_size, ghash);
+ memcpy(kctx->tx.key+index, ghash, GHASH_SIZE);
+ }
+ index += GHASH_SIZE;
+ }
+ }
+ kctx->tx_key_info_size = TLS_TX_HDR_SZ + index;
+
+ index = cipher_key_size;
+ if (s->chssl->ofld_mac) {
+ if (mac_key_size) {
+ if (state == SSL_ST_ACCEPT)
+ memcpy(kctx->rx.key+index, c_ipad_hash, mac_key_size);
+ else
+ memcpy(kctx->rx.key+index, s_ipad_hash, mac_key_size);
+
+ index += (mac_key_size + pad);
+ if (state == SSL_ST_ACCEPT)
+ memcpy(kctx->rx.key+index, c_opad_hash, mac_key_size);
+ else
+ memcpy(kctx->rx.key+index, s_opad_hash, mac_key_size);
+
+ index += (mac_key_size + pad);
+ } else {
+ if (state == SSL_ST_ACCEPT) {
+ chssl_compute_cipher_key(c_key, cipher_key_size, ghash);
+ memcpy(kctx->rx.key+index, ghash, GHASH_SIZE);
+ } else {
+ chssl_compute_cipher_key(s_key, cipher_key_size, ghash);
+ memcpy(kctx->rx.key+index, ghash, GHASH_SIZE);
+ }
+ index += GHASH_SIZE;
+ }
+ }
+
+ kctx->tx_key_info_size = TLS_RX_HDR_SZ + index;
+
+ if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
+ if (state == SSL_ST_ACCEPT) {
+ memcpy(kctx->tx.salt, s_iv, SALT_SIZE);
+ memcpy(kctx->rx.salt, c_iv, SALT_SIZE);
+ } else {
+ memcpy(kctx->tx.salt, c_iv, SALT_SIZE);
+ memcpy(kctx->rx.salt, s_iv, SALT_SIZE);
+ }
+ }
+
+ kctx->proto_ver = s->version;
+ kctx->state.auth_mode = get_auth_mode(s);
+ kctx->state.enc_mode = get_cipher_mode(s);
+ if (s->version == DTLS1_2_VERSION)
+ kctx->dtls_epoch = s->d1->r_epoch;
+
+ if (s->max_send_fragment)
+ kctx->frag_size = s->max_send_fragment;
+ else
+ kctx->frag_size = SSL3_RT_MAX_PLAIN_LENGTH;
+
+ /* handle renegotiation here */
+ if(!s->chssl->tx_keys_copied)
+ kctx->tx_seq_no = 0;
+ else
+ kctx->tx_seq_no = 1;
+
+ if(!s->chssl->rx_keys_copied)
+ kctx->rx_seq_no = 0;
+ else
+ kctx->rx_seq_no = 1;
+
+ if(EVP_CIPHER_mode(c) != EVP_CIPH_GCM_MODE) {
+ if (!SSL_mac(s) && SSL_enc(s))
+ kctx->hmac_ctrl = 0;
+ else
+ kctx->hmac_ctrl = 1;
+ }
+ kctx->sock_fd = s->chssl->sock_fd;
+
+ return 1;
+}
+
+void chssl_program_hwkey_context(SSL *s, int rw, int state)
+{
+ int ret = 0;
+
+ if (!s->chssl->key_context) {
+ s->chssl->key_context = (struct tls_key_context *)
+ OPENSSL_malloc(sizeof(struct tls_key_context));
+ if (s->chssl->key_context == NULL)
+ return;
+ }
+
+ memset(s->chssl->key_context, 0, sizeof(struct tls_key_context));
+ if((ret = ssl_key_context(s, rw, state)) <=0) {
+#ifdef CHSSL_TLS_RX
+ /* Clear quiesce after CCS receive */
+ if (rw == KEY_WRITE_RX) {
+ ret = chssl_clear_tom(s);
+ s->chssl->ofld_rx_enable = TLS_OFLD_FALSE;
+ s->chssl->ofld_tx_enable = TLS_OFLD_FALSE;
+ }
+#endif
+ goto end;
+ }
+
+#ifdef __linux__
+ ret = ioctl(s->chssl->sock_fd, IOCTL_TLSOM_SET_TLS_CONTEXT,
+ s->chssl->key_context);
+#else
+ ret = setsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_SET_TLS_CONTEXT,
+ s->chssl->key_context, sizeof(struct tls_key_context));
+#endif
+ if (!ret) {
+ if (rw & KEY_WRITE_TX)
+ s->chssl->tx_keys_copied = 1;
+ else
+ s->chssl->rx_keys_copied = 1;
+ } else {
+ s->chssl->ofld_rx_enable = TLS_OFLD_FALSE;
+ s->chssl->ofld_tx_enable = TLS_OFLD_FALSE;
+ s->chssl->key_state = KEY_SPACE_NOTAVL;
+ }
+
+end:
+ free(s->chssl->key_context);
+ s->chssl->key_context = NULL;
+ return;
+}
+
+#ifdef CHSSL_TLS_RX
+int chssl_clear_quies(const SSL *s)
+{
+#ifdef __linux__
+ return ioctl(s->chssl->sock_fd, IOCTL_TLSOM_CLR_QUIES);
+#else
+ return setsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_CLR_QUIES,
+ NULL, 0);
+#endif
+}
+
+int chssl_clear_tom(const SSL *s)
+{
+#ifdef __linux__
+ return ioctl(s->chssl->sock_fd, IOCTL_TLSOM_CLR_TLS_TOM);
+#else
+ return setsockopt(s->chssl->sock_fd, IPPROTO_TCP, TCP_TLSOM_CLR_TLS_TOM,
+ NULL, 0);
+#endif
+}
+#endif
+
+int chssl_process_cherror(SSL *s)
+{
+ const char *buf = (const char *)&(s->s3->rbuf.buf[0]);
+ unsigned int err = atoi(buf);
+
+ switch (err) {
+ case 0:
+ return SSL_AD_BAD_RECORD_MAC;
+ case 1:
+ case 2:
+ return SSL_AD_ILLEGAL_PARAMETER;
+ case 3:
+ return SSL_AD_RECORD_OVERFLOW;
+ case 4:
+ return SSL_AD_INTERNAL_ERROR;
+ }
+ return 0;
+}
+
+struct ch_ssl_st *chssl_new(SSL *s)
+{
+ if (s->chssl)
+ return s->chssl;
+ s->chssl = OPENSSL_malloc(sizeof(struct ch_ssl_st));
+ if (s->chssl)
+ memset(s->chssl, 0, sizeof(struct ch_ssl_st));
+ return s->chssl;
+}
+
+struct ch_ssl_st *chssl_free(SSL *s)
+{
+ if (!s->chssl)
+ return NULL;
+
+ free(s->chssl);
+ s->chssl = NULL;
+ return NULL;
+}
+#endif
diff --git a/crypto/openssl/ssl/ssl_tom.h b/crypto/openssl/ssl/ssl_tom.h
new file mode 100644
index 000000000000..1381b8abeafd
--- /dev/null
+++ b/crypto/openssl/ssl/ssl_tom.h
@@ -0,0 +1,181 @@
+/*
+ * Common Header file TLSOM functionalities
+ *
+ * Copyright (C) 2011-2015 Chelsio Communications. All rights reserved.
+ *
+ * Written by Atul Gupta
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the LICENSE file included in this
+ * release for licensing terms and conditions.
+ */
+#ifdef __linux__
+#include <linux/byteorder/little_endian.h>
+#endif
+#ifndef __TLSOM_CMN_H
+#define __TLSOM_CMN_H
+
+#define TLSOM_SUCCESS 0
+#define TLSOM_FAILURE -1
+
+#ifdef CHSSL_DEBUG
+ #define chssl_print(f,c) fprintf(f,c)
+#else
+ #define chssl_print(f,c) ;
+#endif
+
+#define MAX_MAC_KSZ 64 /*512 bits */
+#define SHA512_BLOCK 128 /* Block size for 512 */
+#define MAX_CIPHER_KSZ 32 /* 256 bits */
+#define CIPHER_BLOCK_SZ 16
+#define IV_SIZE (4+8) /*reserved 8 bytes */
+#define SALT_SIZE 4
+#define TLS_TX_HDR_SZ 16
+#define TLS_RX_HDR_SZ 16
+#define GHASH_SIZE 16
+#define MAX_TLS_KSZ (2*MAX_MAC_KSZ + MAX_CIPHER_KSZ)
+
+#ifdef __FreeBSD__
+#include <dev/cxgbe/tom/t4_tls.h>
+#endif
+#ifdef __linux__
+/* XXX: TCP_TLSKEY is not used */
+#define TCP_TLSKEY 291 /* Program Key Context on HW */
+#define IOCTL_TLSOM_SET_TLS_CONTEXT 201 /* Program Key Context on HW */
+#define IOCTL_TLSOM_GET_TLS_TOM 202 /* Query the TLS offload mode */
+#define IOCTL_TLSOM_CLR_TLS_TOM 203 /* Clear the Key */
+#define IOCTL_TLSOM_CLR_QUIES 204 /* Clear the Quiesec */
+#endif
+
+enum {
+ TLS_OFLD_FALSE = 0,
+ TLS_OFLD_TRUE,
+};
+
+#ifdef __linux__
+/* Can accomodate 16, 11-15 are reserved */
+enum {
+ CHSSL_SHA_NOP,
+ CHSSL_SHA1,
+ CHSSL_SHA224,
+ CHSSL_SHA256,
+ CHSSL_GHASH,
+ CHSSL_SHA512_224,
+ CHSSL_SHA512_256,
+ CHSSL_SHA512_384,
+ CHSSL_SHA512_512,
+ CHSSL_CBCMAC,
+ CHSSL_CMAC,
+};
+
+/* Can accomodate 16, 8-15 are reserved */
+enum {
+ CHSSL_CIPH_NOP,
+ CHSSL_AES_CBC,
+ CHSSL_AES_GCM,
+ CHSSL_AES_CTR,
+ CHSSL_AES_GEN,
+ CHSSL_IPSEC_ESP,
+ CHSSL_AES_XTS,
+ CHSSL_AES_CCM,
+};
+
+#define KEY_WRITE_RX 0x1 /* Program Receive Key */
+#define KEY_WRITE_TX 0x2 /* Program Transmit Key */
+#define KEY_DELETE_RX 0x4 /* Delete Receive Key */
+#define KEY_DELETE_TX 0x8 /* Delete Transmit Key */
+
+#define S_KEY_CLR_LOC 4
+#define M_KEY_CLR_LOC 0xf
+#define V_KEY_CLR_LOC(x) ((x) << S_KEY_CLR_LOC)
+#define G_FW_WR_EQUIQ(s) (((x) >> S_KEY_CLR_LOC) & M_KEY_CLR_LOC)
+#define F_KEY_CLR_LOC V_KEY_CLR_LOC(1U)
+
+/* XXX: Not used. */
+#define S_KEY_GET_LOC 0
+#define M_KEY_GET_LOC 0xf
+#define V_KEY_GET_LOC(x) ((x) << S_KEY_GET_LOC)
+#define G_KEY_GET_LOC(s) (((x) >> S_KEY_GET_LOC) & M_KEY_GET_LOC)
+
+/* XXX: Not used. */
+enum {
+ CHSSL_OFLDMODE_NONE,
+ CHSSL_OFLDMODE_ALLIN_HOST,
+ CHSSL_OFLDMODE_ALLIN_CARD,
+ CHSSL_OFLDMODE_MACIN_HOST,
+ CHSSL_OFLDMODE_FRAGMENTATIONIN_HOST,
+};
+
+/* XXX: Not used. */
+enum {
+ CHSSL_HOST_FRAGMENT,
+ CHSSL_CARD_FRAGMENT,
+};
+
+struct tls_ofld_state {
+ unsigned char enc_mode;
+ unsigned char mac_mode;
+ unsigned char key_loc;
+ unsigned char ofld_mode;
+ unsigned char auth_mode;
+ unsigned char resv[3];
+};
+
+struct tls_tx_ctxt {
+ unsigned char salt[SALT_SIZE];
+ unsigned char key[MAX_CIPHER_KSZ];
+ unsigned char ipad[MAX_MAC_KSZ];
+ unsigned char opad[MAX_MAC_KSZ];
+};
+
+struct tls_rx_ctxt {
+ unsigned char salt[SALT_SIZE];
+ unsigned char key[MAX_CIPHER_KSZ];
+ unsigned char ipad[MAX_MAC_KSZ];
+ unsigned char opad[MAX_MAC_KSZ];
+};
+
+struct tls_key_context {
+ struct tls_tx_ctxt tx;
+ struct tls_rx_ctxt rx;
+
+ unsigned char l_p_key;
+ unsigned char hmac_ctrl;
+ unsigned char mac_first;
+ unsigned char iv_size;
+ unsigned char iv_ctrl;
+ unsigned char iv_algo;
+ unsigned char tx_seq_no;
+ unsigned char rx_seq_no;
+
+ struct tls_ofld_state state;
+
+ unsigned int tx_key_info_size;
+ unsigned int rx_key_info_size;
+ unsigned int frag_size;
+ unsigned int mac_secret_size;
+ unsigned int cipher_secret_size;
+ int proto_ver;
+ unsigned int sock_fd;
+ unsigned short dtls_epoch;
+ unsigned short rsv;
+};
+#endif
+
+/* XXX: Not used. */
+struct tls_key_location {
+ unsigned int sock_fd;
+ unsigned int key_location;
+};
+
+struct ch_ssl_st *chssl_new(SSL *s);
+struct ch_ssl_st *chssl_free(SSL *s);
+int ssl_tls_offload(SSL *s);
+int SSL_ofld_vers(const SSL *s);
+#ifdef CHSSL_TLS_RX
+int SSL_ofld_rx(const SSL *s);
+int SSL_clr_quiesce(const SSL *s);
+#endif
+#endif
+
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c
index 1a4387b78eb9..c0dbb8a9cebf 100644
--- a/crypto/openssl/ssl/t1_lib.c
+++ b/crypto/openssl/ssl/t1_lib.c
@@ -121,6 +121,9 @@
#include <openssl/ocsp.h>
#include <openssl/rand.h>
#include "ssl_locl.h"
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+#include "ssl_tom.h"
+#endif
const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
@@ -4051,6 +4054,10 @@ int tls1_process_heartbeat(SSL *s)
s->tlsext_hb_pending = 0;
}
}
+#if defined(CHSSL_OFFLOAD) && defined(CHSSL_TLS_RX)
+ if (SSL_ofld_rx(s))
+ chssl_clear_quies(s);
+#endif
return 0;
}