Главная Обзор Помощь
Регистрация Вход
OpenWrt
/
openwrt
зеркало из https://github.com/openwrt/openwrt.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: da1bb88a2b
Ветки Метки
openwrt
/
target
/
linux
/
generic
/
files
/
crypto
/
ocf
/
ep80579
/
icp_asym.c

icp_asym.c 43 KB
История Исходник

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334 
  1. /***************************************************************************
    2. 

  2.  *
    3. 

  3.  * This file is provided under a dual BSD/GPLv2 license.  When using or 
    4. 

  4.  *   redistributing this file, you may do so under either license.
    5. 

  5.  * 
    6. 

  6.  *   GPL LICENSE SUMMARY
    7. 

  7.  * 
    8. 

  8.  *   Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
    9. 

  9.  * 
    10. 

  10.  *   This program is free software; you can redistribute it and/or modify 
    11. 

  11.  *   it under the terms of version 2 of the GNU General Public License as
    12. 

  12.  *   published by the Free Software Foundation.
    13. 

  13.  * 
    14. 

  14.  *   This program is distributed in the hope that it will be useful, but 
    15. 

  15.  *   WITHOUT ANY WARRANTY; without even the implied warranty of 
    16. 

  16.  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU 
    17. 

  17.  *   General Public License for more details.
    18. 

  18.  * 
    19. 

  19.  *   You should have received a copy of the GNU General Public License 
    20. 

  20.  *   along with this program; if not, write to the Free Software 
    21. 

  21.  *   Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
    22. 

  22.  *   The full GNU General Public License is included in this distribution 
    23. 

  23.  *   in the file called LICENSE.GPL.
    24. 

  24.  * 
    25. 

  25.  *   Contact Information:
    26. 

  26.  *   Intel Corporation
    27. 

  27.  * 
    28. 

  28.  *   BSD LICENSE 
    29. 

  29.  * 
    30. 

  30.  *   Copyright(c) 2007,2008,2009 Intel Corporation. All rights reserved.
    31. 

  31.  *   All rights reserved.
    32. 

  32.  * 
    33. 

  33.  *   Redistribution and use in source and binary forms, with or without 
    34. 

  34.  *   modification, are permitted provided that the following conditions 
    35. 

  35.  *   are met:
    36. 

  36.  * 
    37. 

  37.  *     * Redistributions of source code must retain the above copyright 
    38. 

  38.  *       notice, this list of conditions and the following disclaimer.
    39. 

  39.  *     * Redistributions in binary form must reproduce the above copyright 
    40. 

  40.  *       notice, this list of conditions and the following disclaimer in 
    41. 

  41.  *       the documentation and/or other materials provided with the 
    42. 

  42.  *       distribution.
    43. 

  43.  *     * Neither the name of Intel Corporation nor the names of its 
    44. 

  44.  *       contributors may be used to endorse or promote products derived 
    45. 

  45.  *       from this software without specific prior written permission.
    46. 

  46.  * 
    47. 

  47.  *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    48. 

  48.  *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    49. 

  49.  *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 
    50. 

  50.  *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 
    51. 

  51.  *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
    52. 

  52.  *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 
    53. 

  53.  *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 
    54. 

  54.  *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 
    55. 

  55.  *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
    56. 

  56.  *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 
    57. 

  57.  *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    58. 

  58.  * 
    59. 

  59.  * 
    60. 

  60.  *  version: Security.L.1.0.2-229
    61. 

  61.  *
    62. 

  62.  ***************************************************************************/
    63. 

  63. 

  64. #include "icp_ocf.h"
    65. 

  65. 

  66. /*The following define values (containing the word 'INDEX') are used to find
    67. 

  67. the index of each input buffer of the crypto_kop struct (see OCF cryptodev.h).
    68. 

  68. These values were found through analysis of the OCF OpenSSL patch. If the
    69. 

  69. calling program uses different input buffer positions, these defines will have
    70. 

  70. to be changed.*/
    71. 

  71. 

  72. /*DIFFIE HELLMAN buffer index values*/
    73. 

  73. #define ICP_DH_KRP_PARAM_PRIME_INDEX                            (0)
    74. 

  74. #define ICP_DH_KRP_PARAM_BASE_INDEX                             (1)
    75. 

  75. #define ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX                    (2)
    76. 

  76. #define ICP_DH_KRP_PARAM_RESULT_INDEX                           (3)
    77. 

  77. 

  78. /*MOD EXP buffer index values*/
    79. 

  79. #define ICP_MOD_EXP_KRP_PARAM_BASE_INDEX                        (0)
    80. 

  80. #define ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX                    (1)
    81. 

  81. #define ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX                     (2)
    82. 

  82. #define ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX                      (3)
    83. 

  83. 

  84. /*MOD EXP CRT buffer index values*/
    85. 

  85. #define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX                 (0)
    86. 

  86. #define ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX                 (1)
    87. 

  87. #define ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX                       (2)
    88. 

  88. #define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX             (3)
    89. 

  89. #define ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX             (4)
    90. 

  90. #define ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX              (5)
    91. 

  91. #define ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX                  (6)
    92. 

  92. 

  93. /*DSA sign buffer index values*/
    94. 

  94. #define ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX                       (0)
    95. 

  95. #define ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX                    (1)
    96. 

  96. #define ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX                    (2)
    97. 

  97. #define ICP_DSA_SIGN_KRP_PARAM_G_INDEX                          (3)
    98. 

  98. #define ICP_DSA_SIGN_KRP_PARAM_X_INDEX                          (4)
    99. 

  99. #define ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX                   (5)
    100. 

  100. #define ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX                   (6)
    101. 

  101. 

  102. /*DSA verify buffer index values*/
    103. 

  103. #define ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX                     (0)
    104. 

  104. #define ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX                  (1)
    105. 

  105. #define ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX                  (2)
    106. 

  106. #define ICP_DSA_VERIFY_KRP_PARAM_G_INDEX                        (3)
    107. 

  107. #define ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX                   (4)
    108. 

  108. #define ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX                    (5)
    109. 

  109. #define ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX                    (6)
    110. 

  110. 

  111. /*DSA sign prime Q vs random number K size check values*/
    112. 

  112. #define DONT_RUN_LESS_THAN_CHECK                                (0)
    113. 

  113. #define FAIL_A_IS_GREATER_THAN_B                                (1)
    114. 

  114. #define FAIL_A_IS_EQUAL_TO_B                                    (1)
    115. 

  115. #define SUCCESS_A_IS_LESS_THAN_B                                (0)
    116. 

  116. #define DSA_SIGN_RAND_GEN_VAL_CHECK_MAX_ITERATIONS              (500)
    117. 

  117. 

  118. /* We need to set a cryptokp success value just in case it is set or allocated
    119. 

  119.    and not set to zero outside of this module */
    120. 

  120. #define CRYPTO_OP_SUCCESS                                       (0)
    121. 

  121. 

  122. /*Function to compute Diffie Hellman (DH) phase 1 or phase 2 key values*/
    123. 

  123. static int icp_ocfDrvDHComputeKey(struct cryptkop *krp);
    124. 

  124. 

  125. /*Function to compute a Modular Exponentiation (Mod Exp)*/
    126. 

  126. static int icp_ocfDrvModExp(struct cryptkop *krp);
    127. 

  127. 

  128. /*Function to compute a Mod Exp using the Chinease Remainder Theorem*/
    129. 

  129. static int icp_ocfDrvModExpCRT(struct cryptkop *krp);
    130. 

  130. 

  131. /*Helper function to compute whether the first big number argument is less than
    132. 

  132.  the second big number argument */
    133. 

  133. static int
    134. 

  134. icp_ocfDrvCheckALessThanB(CpaFlatBuffer * pK, CpaFlatBuffer * pQ, int *doCheck);
    135. 

  135. 

  136. /*Function to sign an input with DSA R and S keys*/
    137. 

  137. static int icp_ocfDrvDsaSign(struct cryptkop *krp);
    138. 

  138. 

  139. /*Function to Verify a DSA buffer signature*/
    140. 

  140. static int icp_ocfDrvDsaVerify(struct cryptkop *krp);
    141. 

  141. 

  142. /*Callback function for DH operation*/
    143. 

  143. static void
    144. 

  144. icp_ocfDrvDhP1CallBack(void *callbackTag,
    145. 

  145. 		       CpaStatus status,
    146. 

  146. 		       void *pOpData, CpaFlatBuffer * pLocalOctetStringPV);
    147. 

  147. 

  148. /*Callback function for ME operation*/
    149. 

  149. static void
    150. 

  150. icp_ocfDrvModExpCallBack(void *callbackTag,
    151. 

  151. 			 CpaStatus status,
    152. 

  152. 			 void *pOpData, CpaFlatBuffer * pResult);
    153. 

  153. 

  154. /*Callback function for ME CRT operation*/
    155. 

  155. static void
    156. 

  156. icp_ocfDrvModExpCRTCallBack(void *callbackTag,
    157. 

  157. 			    CpaStatus status,
    158. 

  158. 			    void *pOpData, CpaFlatBuffer * pOutputData);
    159. 

  159. 

  160. /*Callback function for DSA sign operation*/
    161. 

  161. static void
    162. 

  162. icp_ocfDrvDsaRSSignCallBack(void *callbackTag,
    163. 

  163. 			    CpaStatus status,
    164. 

  164. 			    void *pOpData,
    165. 

  165. 			    CpaBoolean protocolStatus,
    166. 

  166. 			    CpaFlatBuffer * pR, CpaFlatBuffer * pS);
    167. 

  167. 

  168. /*Callback function for DSA Verify operation*/
    169. 

  169. static void
    170. 

  170. icp_ocfDrvDsaVerifyCallBack(void *callbackTag,
    171. 

  171. 			    CpaStatus status,
    172. 

  172. 			    void *pOpData, CpaBoolean verifyStatus);
    173. 

  173. 

  174. /* Name        : icp_ocfDrvPkeProcess
    175. 

  175.  *
    176. 

  176.  * Description : This function will choose which PKE process to follow
    177. 

  177.  * based on the input arguments
    178. 

  178.  */
    179. 

  179. int icp_ocfDrvPkeProcess(icp_device_t dev, struct cryptkop *krp, int hint)
    180. 

  180. {
    181. 

  181. 	CpaStatus lacStatus = CPA_STATUS_SUCCESS;
    182. 

  182. 

  183. 	if (NULL == krp) {
    184. 

  184. 		DPRINTK("%s(): Invalid input parameters, cryptkop = %p\n",
    185. 

  185. 			__FUNCTION__, krp);
    186. 

  186. 		return EINVAL;
    187. 

  187. 	}
    188. 

  188. 

  189. 	if (CPA_TRUE == icp_atomic_read(&icp_ocfDrvIsExiting)) {
    190. 

  190. 		krp->krp_status = ECANCELED;
    191. 

  191. 		return ECANCELED;
    192. 

  192. 	}
    193. 

  193. 

  194. 	switch (krp->krp_op) {
    195. 

  195. 	case CRK_DH_COMPUTE_KEY:
    196. 

  196. 		DPRINTK("%s() doing DH_COMPUTE_KEY\n", __FUNCTION__);
    197. 

  197. 		lacStatus = icp_ocfDrvDHComputeKey(krp);
    198. 

  198. 		if (CPA_STATUS_SUCCESS != lacStatus) {
    199. 

  199. 			EPRINTK("%s(): icp_ocfDrvDHComputeKey failed "
    200. 

  200. 				"(%d).\n", __FUNCTION__, lacStatus);
    201. 

  201. 			krp->krp_status = ECANCELED;
    202. 

  202. 			return ECANCELED;
    203. 

  203. 		}
    204. 

  204. 

  205. 		break;
    206. 

  206. 

  207. 	case CRK_MOD_EXP:
    208. 

  208. 		DPRINTK("%s() doing MOD_EXP \n", __FUNCTION__);
    209. 

  209. 		lacStatus = icp_ocfDrvModExp(krp);
    210. 

  210. 		if (CPA_STATUS_SUCCESS != lacStatus) {
    211. 

  211. 			EPRINTK("%s(): icp_ocfDrvModExp failed (%d).\n",
    212. 

  212. 				__FUNCTION__, lacStatus);
    213. 

  213. 			krp->krp_status = ECANCELED;
    214. 

  214. 			return ECANCELED;
    215. 

  215. 		}
    216. 

  216. 

  217. 		break;
    218. 

  218. 

  219. 	case CRK_MOD_EXP_CRT:
    220. 

  220. 		DPRINTK("%s() doing MOD_EXP_CRT \n", __FUNCTION__);
    221. 

  221. 		lacStatus = icp_ocfDrvModExpCRT(krp);
    222. 

  222. 		if (CPA_STATUS_SUCCESS != lacStatus) {
    223. 

  223. 			EPRINTK("%s(): icp_ocfDrvModExpCRT "
    224. 

  224. 				"failed (%d).\n", __FUNCTION__, lacStatus);
    225. 

  225. 			krp->krp_status = ECANCELED;
    226. 

  226. 			return ECANCELED;
    227. 

  227. 		}
    228. 

  228. 

  229. 		break;
    230. 

  230. 

  231. 	case CRK_DSA_SIGN:
    232. 

  232. 		DPRINTK("%s() doing DSA_SIGN \n", __FUNCTION__);
    233. 

  233. 		lacStatus = icp_ocfDrvDsaSign(krp);
    234. 

  234. 		if (CPA_STATUS_SUCCESS != lacStatus) {
    235. 

  235. 			EPRINTK("%s(): icp_ocfDrvDsaSign "
    236. 

  236. 				"failed (%d).\n", __FUNCTION__, lacStatus);
    237. 

  237. 			krp->krp_status = ECANCELED;
    238. 

  238. 			return ECANCELED;
    239. 

  239. 		}
    240. 

  240. 

  241. 		break;
    242. 

  242. 

  243. 	case CRK_DSA_VERIFY:
    244. 

  244. 		DPRINTK("%s() doing DSA_VERIFY \n", __FUNCTION__);
    245. 

  245. 		lacStatus = icp_ocfDrvDsaVerify(krp);
    246. 

  246. 		if (CPA_STATUS_SUCCESS != lacStatus) {
    247. 

  247. 			EPRINTK("%s(): icp_ocfDrvDsaVerify "
    248. 

  248. 				"failed (%d).\n", __FUNCTION__, lacStatus);
    249. 

  249. 			krp->krp_status = ECANCELED;
    250. 

  250. 			return ECANCELED;
    251. 

  251. 		}
    252. 

  252. 

  253. 		break;
    254. 

  254. 

  255. 	default:
    256. 

  256. 		EPRINTK("%s(): Asymettric function not "
    257. 

  257. 			"supported (%d).\n", __FUNCTION__, krp->krp_op);
    258. 

  258. 		krp->krp_status = EOPNOTSUPP;
    259. 

  259. 		return EOPNOTSUPP;
    260. 

  260. 	}
    261. 

  261. 

  262. 	return ICP_OCF_DRV_STATUS_SUCCESS;
    263. 

  263. }
    264. 

  264. 

  265. /* Name        : icp_ocfDrvSwapBytes
    266. 

  266.  *
    267. 

  267.  * Description : This function is used to swap the byte order of a buffer.
    268. 

  268.  * It has been seen that in general we are passed little endian byte order
    269. 

  269.  * buffers, but LAC only accepts big endian byte order buffers.
    270. 

  270.  */
    271. 

  271. static void inline icp_ocfDrvSwapBytes(u_int8_t * num, u_int32_t buff_len_bytes)
    272. 

  272. {
    273. 

  273. 

  274. 	int i;
    275. 

  275. 	u_int8_t *end_ptr;
    276. 

  276. 	u_int8_t hold_val;
    277. 

  277. 

  278. 	end_ptr = num + (buff_len_bytes - 1);
    279. 

  279. 	buff_len_bytes = buff_len_bytes >> 1;
    280. 

  280. 	for (i = 0; i < buff_len_bytes; i++) {
    281. 

  281. 		hold_val = *num;
    282. 

  282. 		*num = *end_ptr;
    283. 

  283. 		num++;
    284. 

  284. 		*end_ptr = hold_val;
    285. 

  285. 		end_ptr--;
    286. 

  286. 	}
    287. 

  287. }
    288. 

  288. 

  289. /* Name        : icp_ocfDrvDHComputeKey
    290. 

  290.  *
    291. 

  291.  * Description : This function will map Diffie Hellman calls from OCF
    292. 

  292.  * to the LAC API. OCF uses this function for Diffie Hellman Phase1 and
    293. 

  293.  * Phase2. LAC has a separate Diffie Hellman Phase2 call, however both phases
    294. 

  294.  * break down to a modular exponentiation.
    295. 

  295.  */
    296. 

  296. static int icp_ocfDrvDHComputeKey(struct cryptkop *krp)
    297. 

  297. {
    298. 

  298. 	CpaStatus lacStatus = CPA_STATUS_SUCCESS;
    299. 

  299. 	void *callbackTag = NULL;
    300. 

  300. 	CpaCyDhPhase1KeyGenOpData *pPhase1OpData = NULL;
    301. 

  301. 	CpaFlatBuffer *pLocalOctetStringPV = NULL;
    302. 

  302. 	uint32_t dh_prime_len_bytes = 0, dh_prime_len_bits = 0;
    303. 

  303. 

  304. 	/* Input checks - check prime is a multiple of 8 bits to allow for
    305. 

  305. 	   allocation later */
    306. 

  306. 	dh_prime_len_bits =
    307. 

  307. 	    (krp->krp_param[ICP_DH_KRP_PARAM_PRIME_INDEX].crp_nbits);
    308. 

  308. 

  309. 	/* LAC can reject prime lengths based on prime key sizes, we just
    310. 

  310. 	   need to make sure we can allocate space for the base and
    311. 

  311. 	   exponent buffers correctly */
    312. 

  312. 	if ((dh_prime_len_bits % NUM_BITS_IN_BYTE) != 0) {
    313. 

  313. 		APRINTK("%s(): Warning Prime number buffer size is not a "
    314. 

  314. 			"multiple of 8 bits\n", __FUNCTION__);
    315. 

  315. 	}
    316. 

  316. 

  317. 	/* Result storage space should be the same size as the prime as this
    318. 

  318. 	   value can take up the same amount of storage space */
    319. 

  319. 	if (dh_prime_len_bits !=
    320. 

  320. 	    krp->krp_param[ICP_DH_KRP_PARAM_RESULT_INDEX].crp_nbits) {
    321. 

  321. 		DPRINTK("%s(): Return Buffer must be the same size "
    322. 

  322. 			"as the Prime buffer\n", __FUNCTION__);
    323. 

  323. 		krp->krp_status = EINVAL;
    324. 

  324. 		return EINVAL;
    325. 

  325. 	}
    326. 

  326. 	/* Switch to size in bytes */
    327. 

  327. 	BITS_TO_BYTES(dh_prime_len_bytes, dh_prime_len_bits);
    328. 

  328. 

  329. 	callbackTag = krp;
    330. 

  330. 

  331. /*All allocations are set to ICP_M_NOWAIT due to the possibility of getting
    332. 

  332. called in interrupt context*/
    333. 

  333. 	pPhase1OpData = icp_kmem_cache_zalloc(drvDH_zone, ICP_M_NOWAIT);
    334. 

  334. 	if (NULL == pPhase1OpData) {
    335. 

  335. 		APRINTK("%s():Failed to get memory for key gen data\n",
    336. 

  336. 			__FUNCTION__);
    337. 

  337. 		krp->krp_status = ENOMEM;
    338. 

  338. 		return ENOMEM;
    339. 

  339. 	}
    340. 

  340. 

  341. 	pLocalOctetStringPV =
    342. 

  342. 	    icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
    343. 

  343. 	if (NULL == pLocalOctetStringPV) {
    344. 

  344. 		APRINTK("%s():Failed to get memory for pLocalOctetStringPV\n",
    345. 

  345. 			__FUNCTION__);
    346. 

  346. 		ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
    347. 

  347. 		krp->krp_status = ENOMEM;
    348. 

  348. 		return ENOMEM;
    349. 

  349. 	}
    350. 

  350. 

  351. 	/* Link parameters */
    352. 

  352. 	pPhase1OpData->primeP.pData =
    353. 

  353. 	    krp->krp_param[ICP_DH_KRP_PARAM_PRIME_INDEX].crp_p;
    354. 

  354. 

  355. 	pPhase1OpData->primeP.dataLenInBytes = dh_prime_len_bytes;
    356. 

  356. 

  357. 	icp_ocfDrvSwapBytes(pPhase1OpData->primeP.pData, dh_prime_len_bytes);
    358. 

  358. 

  359. 	pPhase1OpData->baseG.pData =
    360. 

  360. 	    krp->krp_param[ICP_DH_KRP_PARAM_BASE_INDEX].crp_p;
    361. 

  361. 

  362. 	BITS_TO_BYTES(pPhase1OpData->baseG.dataLenInBytes,
    363. 

  363. 		      krp->krp_param[ICP_DH_KRP_PARAM_BASE_INDEX].crp_nbits);
    364. 

  364. 

  365. 	icp_ocfDrvSwapBytes(pPhase1OpData->baseG.pData,
    366. 

  366. 			    pPhase1OpData->baseG.dataLenInBytes);
    367. 

  367. 

  368. 	pPhase1OpData->privateValueX.pData =
    369. 

  369. 	    krp->krp_param[ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX].crp_p;
    370. 

  370. 

  371. 	BITS_TO_BYTES(pPhase1OpData->privateValueX.dataLenInBytes,
    372. 

  372. 		      krp->krp_param[ICP_DH_KRP_PARAM_PRIVATE_VALUE_INDEX].
    373. 

  373. 		      crp_nbits);
    374. 

  374. 

  375. 	icp_ocfDrvSwapBytes(pPhase1OpData->privateValueX.pData,
    376. 

  376. 			    pPhase1OpData->privateValueX.dataLenInBytes);
    377. 

  377. 

  378. 	/* Output parameters */
    379. 

  379. 	pLocalOctetStringPV->pData =
    380. 

  380. 	    krp->krp_param[ICP_DH_KRP_PARAM_RESULT_INDEX].crp_p;
    381. 

  381. 

  382. 	BITS_TO_BYTES(pLocalOctetStringPV->dataLenInBytes,
    383. 

  383. 		      krp->krp_param[ICP_DH_KRP_PARAM_RESULT_INDEX].crp_nbits);
    384. 

  384. 

  385. 	lacStatus = cpaCyDhKeyGenPhase1(CPA_INSTANCE_HANDLE_SINGLE,
    386. 

  386. 					icp_ocfDrvDhP1CallBack,
    387. 

  387. 					callbackTag, pPhase1OpData,
    388. 

  388. 					pLocalOctetStringPV);
    389. 

  389. 

  390. 	if (CPA_STATUS_SUCCESS != lacStatus) {
    391. 

  391. 		EPRINTK("%s(): DH Phase 1 Key Gen failed (%d).\n",
    392. 

  392. 			__FUNCTION__, lacStatus);
    393. 

  393. 		icp_ocfDrvFreeFlatBuffer(pLocalOctetStringPV);
    394. 

  394. 		ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
    395. 

  395. 	}
    396. 

  396. 

  397. 	return lacStatus;
    398. 

  398. }
    399. 

  399. 

  400. /* Name        : icp_ocfDrvModExp
    401. 

  401.  *
    402. 

  402.  * Description : This function will map ordinary Modular Exponentiation calls
    403. 

  403.  * from OCF to the LAC API.
    404. 

  404.  *
    405. 

  405.  */
    406. 

  406. static int icp_ocfDrvModExp(struct cryptkop *krp)
    407. 

  407. {
    408. 

  408. 	CpaStatus lacStatus = CPA_STATUS_SUCCESS;
    409. 

  409. 	void *callbackTag = NULL;
    410. 

  410. 	CpaCyLnModExpOpData *pModExpOpData = NULL;
    411. 

  411. 	CpaFlatBuffer *pResult = NULL;
    412. 

  412. 

  413. 	if ((krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].crp_nbits %
    414. 

  414. 	     NUM_BITS_IN_BYTE) != 0) {
    415. 

  415. 		DPRINTK("%s(): Warning - modulus buffer size (%d) is not a "
    416. 

  416. 			"multiple of 8 bits\n", __FUNCTION__,
    417. 

  417. 			krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].
    418. 

  418. 			crp_nbits);
    419. 

  419. 	}
    420. 

  420. 

  421. 	/* Result storage space should be the same size as the prime as this
    422. 

  422. 	   value can take up the same amount of storage space */
    423. 

  423. 	if (krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].crp_nbits >
    424. 

  424. 	    krp->krp_param[ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX].crp_nbits) {
    425. 

  425. 		APRINTK("%s(): Return Buffer size must be the same or"
    426. 

  426. 			" greater than the Modulus buffer\n", __FUNCTION__);
    427. 

  427. 		krp->krp_status = EINVAL;
    428. 

  428. 		return EINVAL;
    429. 

  429. 	}
    430. 

  430. 

  431. 	callbackTag = krp;
    432. 

  432. 

  433. 	pModExpOpData = icp_kmem_cache_zalloc(drvLnModExp_zone, ICP_M_NOWAIT);
    434. 

  434. 	if (NULL == pModExpOpData) {
    435. 

  435. 		APRINTK("%s():Failed to get memory for key gen data\n",
    436. 

  436. 			__FUNCTION__);
    437. 

  437. 		krp->krp_status = ENOMEM;
    438. 

  438. 		return ENOMEM;
    439. 

  439. 	}
    440. 

  440. 

  441. 	pResult = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
    442. 

  442. 	if (NULL == pResult) {
    443. 

  443. 		APRINTK("%s():Failed to get memory for ModExp result\n",
    444. 

  444. 			__FUNCTION__);
    445. 

  445. 		ICP_CACHE_FREE(drvLnModExp_zone, pModExpOpData);
    446. 

  446. 		krp->krp_status = ENOMEM;
    447. 

  447. 		return ENOMEM;
    448. 

  448. 	}
    449. 

  449. 

  450. 	/* Link parameters */
    451. 

  451. 	pModExpOpData->modulus.pData =
    452. 

  452. 	    krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].crp_p;
    453. 

  453. 	BITS_TO_BYTES(pModExpOpData->modulus.dataLenInBytes,
    454. 

  454. 		      krp->krp_param[ICP_MOD_EXP_KRP_PARAM_MODULUS_INDEX].
    455. 

  455. 		      crp_nbits);
    456. 

  456. 

  457. 	icp_ocfDrvSwapBytes(pModExpOpData->modulus.pData,
    458. 

  458. 			    pModExpOpData->modulus.dataLenInBytes);
    459. 

  459. 

  460. 	DPRINTK("%s : base (%d)\n", __FUNCTION__, krp->
    461. 

  461. 		krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_nbits);
    462. 

  462. 	pModExpOpData->base.pData =
    463. 

  463. 	    krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].crp_p;
    464. 

  464. 	BITS_TO_BYTES(pModExpOpData->base.dataLenInBytes,
    465. 

  465. 		      krp->krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].
    466. 

  466. 		      crp_nbits);
    467. 

  467. 	icp_ocfDrvSwapBytes(pModExpOpData->base.pData,
    468. 

  468. 			    pModExpOpData->base.dataLenInBytes);
    469. 

  469. 

  470. 	pModExpOpData->exponent.pData =
    471. 

  471. 	    krp->krp_param[ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX].crp_p;
    472. 

  472. 	BITS_TO_BYTES(pModExpOpData->exponent.dataLenInBytes,
    473. 

  473. 		      krp->krp_param[ICP_MOD_EXP_KRP_PARAM_EXPONENT_INDEX].
    474. 

  474. 		      crp_nbits);
    475. 

  475. 

  476. 	icp_ocfDrvSwapBytes(pModExpOpData->exponent.pData,
    477. 

  477. 			    pModExpOpData->exponent.dataLenInBytes);
    478. 

  478. 	/* Output parameters */
    479. 

  479. 	pResult->pData =
    480. 

  480. 	    krp->krp_param[ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX].crp_p,
    481. 

  481. 	    BITS_TO_BYTES(pResult->dataLenInBytes,
    482. 

  482. 			  krp->krp_param[ICP_MOD_EXP_KRP_PARAM_RESULT_INDEX].
    483. 

  483. 			  crp_nbits);
    484. 

  484. 

  485. 	lacStatus = cpaCyLnModExp(CPA_INSTANCE_HANDLE_SINGLE,
    486. 

  486. 				  icp_ocfDrvModExpCallBack,
    487. 

  487. 				  callbackTag, pModExpOpData, pResult);
    488. 

  488. 

  489. 	if (CPA_STATUS_SUCCESS != lacStatus) {
    490. 

  490. 		EPRINTK("%s(): Mod Exp Operation failed (%d).\n",
    491. 

  491. 			__FUNCTION__, lacStatus);
    492. 

  492. 		krp->krp_status = ECANCELED;
    493. 

  493. 		icp_ocfDrvFreeFlatBuffer(pResult);
    494. 

  494. 		ICP_CACHE_FREE(drvLnModExp_zone, pModExpOpData);
    495. 

  495. 	}
    496. 

  496. 

  497. 	return lacStatus;
    498. 

  498. }
    499. 

  499. 

  500. /* Name        : icp_ocfDrvModExpCRT
    501. 

  501.  *
    502. 

  502.  * Description : This function will map ordinary Modular Exponentiation Chinese
    503. 

  503.  * Remainder Theorem implementaion calls from OCF to the LAC API.
    504. 

  504.  *
    505. 

  505.  * Note : Mod Exp CRT for this driver is accelerated through LAC RSA type 2
    506. 

  506.  * decrypt operation. Therefore P and Q input values must always be prime
    507. 

  507.  * numbers. Although basic primality checks are done in LAC, it is up to the
    508. 

  508.  * user to do any correct prime number checking before passing the inputs.
    509. 

  509.  */
    510. 

  510. static int icp_ocfDrvModExpCRT(struct cryptkop *krp)
    511. 

  511. {
    512. 

  512. 	CpaStatus lacStatus = CPA_STATUS_SUCCESS;
    513. 

  513. 	CpaCyRsaDecryptOpData *rsaDecryptOpData = NULL;
    514. 

  514. 	void *callbackTag = NULL;
    515. 

  515. 	CpaFlatBuffer *pOutputData = NULL;
    516. 

  516. 

  517. 	/*Parameter input checks are all done by LAC, no need to repeat
    518. 

  518. 	   them here. */
    519. 

  519. 	callbackTag = krp;
    520. 

  520. 

  521. 	rsaDecryptOpData =
    522. 

  522. 	    icp_kmem_cache_zalloc(drvRSADecrypt_zone, ICP_M_NOWAIT);
    523. 

  523. 	if (NULL == rsaDecryptOpData) {
    524. 

  524. 		APRINTK("%s():Failed to get memory"
    525. 

  525. 			" for MOD EXP CRT Op data struct\n", __FUNCTION__);
    526. 

  526. 		krp->krp_status = ENOMEM;
    527. 

  527. 		return ENOMEM;
    528. 

  528. 	}
    529. 

  529. 

  530. 	rsaDecryptOpData->pRecipientPrivateKey
    531. 

  531. 	    = icp_kmem_cache_zalloc(drvRSAPrivateKey_zone, ICP_M_NOWAIT);
    532. 

  532. 	if (NULL == rsaDecryptOpData->pRecipientPrivateKey) {
    533. 

  533. 		APRINTK("%s():Failed to get memory for MOD EXP CRT"
    534. 

  534. 			" private key values struct\n", __FUNCTION__);
    535. 

  535. 		ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData);
    536. 

  536. 		krp->krp_status = ENOMEM;
    537. 

  537. 		return ENOMEM;
    538. 

  538. 	}
    539. 

  539. 

  540. 	rsaDecryptOpData->pRecipientPrivateKey->
    541. 

  541. 	    version = CPA_CY_RSA_VERSION_TWO_PRIME;
    542. 

  542. 	rsaDecryptOpData->pRecipientPrivateKey->
    543. 

  543. 	    privateKeyRepType = CPA_CY_RSA_PRIVATE_KEY_REP_TYPE_2;
    544. 

  544. 

  545. 	pOutputData = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
    546. 

  546. 	if (NULL == pOutputData) {
    547. 

  547. 		APRINTK("%s():Failed to get memory"
    548. 

  548. 			" for MOD EXP CRT output data\n", __FUNCTION__);
    549. 

  549. 		ICP_CACHE_FREE(drvRSAPrivateKey_zone,
    550. 

  550. 			       rsaDecryptOpData->pRecipientPrivateKey);
    551. 

  551. 		ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData);
    552. 

  552. 		krp->krp_status = ENOMEM;
    553. 

  553. 		return ENOMEM;
    554. 

  554. 	}
    555. 

  555. 

  556. 	rsaDecryptOpData->pRecipientPrivateKey->
    557. 

  557. 	    version = CPA_CY_RSA_VERSION_TWO_PRIME;
    558. 

  558. 	rsaDecryptOpData->pRecipientPrivateKey->
    559. 

  559. 	    privateKeyRepType = CPA_CY_RSA_PRIVATE_KEY_REP_TYPE_2;
    560. 

  560. 

  561. 	/* Link parameters */
    562. 

  562. 	rsaDecryptOpData->inputData.pData =
    563. 

  563. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX].crp_p;
    564. 

  564. 	BITS_TO_BYTES(rsaDecryptOpData->inputData.dataLenInBytes,
    565. 

  565. 		      krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_I_INDEX].
    566. 

  566. 		      crp_nbits);
    567. 

  567. 

  568. 	icp_ocfDrvSwapBytes(rsaDecryptOpData->inputData.pData,
    569. 

  569. 			    rsaDecryptOpData->inputData.dataLenInBytes);
    570. 

  570. 

  571. 	rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.prime1P.pData =
    572. 

  572. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX].crp_p;
    573. 

  573. 	BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.
    574. 

  574. 		      prime1P.dataLenInBytes,
    575. 

  575. 		      krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_P_INDEX].
    576. 

  576. 		      crp_nbits);
    577. 

  577. 

  578. 	icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
    579. 

  579. 			    privateKeyRep2.prime1P.pData,
    580. 

  580. 			    rsaDecryptOpData->pRecipientPrivateKey->
    581. 

  581. 			    privateKeyRep2.prime1P.dataLenInBytes);
    582. 

  582. 

  583. 	rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.prime2Q.pData =
    584. 

  584. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX].crp_p;
    585. 

  585. 	BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.
    586. 

  586. 		      prime2Q.dataLenInBytes,
    587. 

  587. 		      krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_PRIME_Q_INDEX].
    588. 

  588. 		      crp_nbits);
    589. 

  589. 

  590. 	icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
    591. 

  591. 			    privateKeyRep2.prime2Q.pData,
    592. 

  592. 			    rsaDecryptOpData->pRecipientPrivateKey->
    593. 

  593. 			    privateKeyRep2.prime2Q.dataLenInBytes);
    594. 

  594. 

  595. 	rsaDecryptOpData->pRecipientPrivateKey->
    596. 

  596. 	    privateKeyRep2.exponent1Dp.pData =
    597. 

  597. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX].crp_p;
    598. 

  598. 	BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->privateKeyRep2.
    599. 

  599. 		      exponent1Dp.dataLenInBytes,
    600. 

  600. 		      krp->
    601. 

  601. 		      krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DP_INDEX].
    602. 

  602. 		      crp_nbits);
    603. 

  603. 

  604. 	icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
    605. 

  605. 			    privateKeyRep2.exponent1Dp.pData,
    606. 

  606. 			    rsaDecryptOpData->pRecipientPrivateKey->
    607. 

  607. 			    privateKeyRep2.exponent1Dp.dataLenInBytes);
    608. 

  608. 

  609. 	rsaDecryptOpData->pRecipientPrivateKey->
    610. 

  610. 	    privateKeyRep2.exponent2Dq.pData =
    611. 

  611. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX].crp_p;
    612. 

  612. 	BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->
    613. 

  613. 		      privateKeyRep2.exponent2Dq.dataLenInBytes,
    614. 

  614. 		      krp->
    615. 

  615. 		      krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_EXPONENT_DQ_INDEX].
    616. 

  616. 		      crp_nbits);
    617. 

  617. 

  618. 	icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
    619. 

  619. 			    privateKeyRep2.exponent2Dq.pData,
    620. 

  620. 			    rsaDecryptOpData->pRecipientPrivateKey->
    621. 

  621. 			    privateKeyRep2.exponent2Dq.dataLenInBytes);
    622. 

  622. 

  623. 	rsaDecryptOpData->pRecipientPrivateKey->
    624. 

  624. 	    privateKeyRep2.coefficientQInv.pData =
    625. 

  625. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX].crp_p;
    626. 

  626. 	BITS_TO_BYTES(rsaDecryptOpData->pRecipientPrivateKey->
    627. 

  627. 		      privateKeyRep2.coefficientQInv.dataLenInBytes,
    628. 

  628. 		      krp->
    629. 

  629. 		      krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_COEFF_QINV_INDEX].
    630. 

  630. 		      crp_nbits);
    631. 

  631. 

  632. 	icp_ocfDrvSwapBytes(rsaDecryptOpData->pRecipientPrivateKey->
    633. 

  633. 			    privateKeyRep2.coefficientQInv.pData,
    634. 

  634. 			    rsaDecryptOpData->pRecipientPrivateKey->
    635. 

  635. 			    privateKeyRep2.coefficientQInv.dataLenInBytes);
    636. 

  636. 

  637. 	/* Output Parameter */
    638. 

  638. 	pOutputData->pData =
    639. 

  639. 	    krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX].crp_p;
    640. 

  640. 	BITS_TO_BYTES(pOutputData->dataLenInBytes,
    641. 

  641. 		      krp->krp_param[ICP_MOD_EXP_CRT_KRP_PARAM_RESULT_INDEX].
    642. 

  642. 		      crp_nbits);
    643. 

  643. 

  644. 	lacStatus = cpaCyRsaDecrypt(CPA_INSTANCE_HANDLE_SINGLE,
    645. 

  645. 				    icp_ocfDrvModExpCRTCallBack,
    646. 

  646. 				    callbackTag, rsaDecryptOpData, pOutputData);
    647. 

  647. 

  648. 	if (CPA_STATUS_SUCCESS != lacStatus) {
    649. 

  649. 		EPRINTK("%s(): Mod Exp CRT Operation failed (%d).\n",
    650. 

  650. 			__FUNCTION__, lacStatus);
    651. 

  651. 		krp->krp_status = ECANCELED;
    652. 

  652. 		icp_ocfDrvFreeFlatBuffer(pOutputData);
    653. 

  653. 		ICP_CACHE_FREE(drvRSAPrivateKey_zone,
    654. 

  654. 			       rsaDecryptOpData->pRecipientPrivateKey);
    655. 

  655. 		ICP_CACHE_FREE(drvRSADecrypt_zone, rsaDecryptOpData);
    656. 

  656. 	}
    657. 

  657. 

  658. 	return lacStatus;
    659. 

  659. }
    660. 

  660. 

  661. /* Name        : icp_ocfDrvCheckALessThanB
    662. 

  662.  *
    663. 

  663.  * Description : This function will check whether the first argument is less
    664. 

  664.  * than the second. It is used to check whether the DSA RS sign Random K
    665. 

  665.  * value is less than the Prime Q value (as defined in the specification)
    666. 

  666.  *
    667. 

  667.  */
    668. 

  668. static int
    669. 

  669. icp_ocfDrvCheckALessThanB(CpaFlatBuffer * pK, CpaFlatBuffer * pQ, int *doCheck)
    670. 

  670. {
    671. 

  671. 

  672. 	uint8_t *MSB_K = pK->pData;
    673. 

  673. 	uint8_t *MSB_Q = pQ->pData;
    674. 

  674. 	uint32_t buffer_lengths_in_bytes = pQ->dataLenInBytes;
    675. 

  675. 

  676. 	if (DONT_RUN_LESS_THAN_CHECK == *doCheck) {
    677. 

  677. 		return FAIL_A_IS_GREATER_THAN_B;
    678. 

  678. 	}
    679. 

  679. 

  680. /*Check MSBs
    681. 

  681. if A == B, check next MSB
    682. 

  682. if A > B, return A_IS_GREATER_THAN_B
    683. 

  683. if A < B, return A_IS_LESS_THAN_B (success)
    684. 

  684. */
    685. 

  685. 	while (*MSB_K == *MSB_Q) {
    686. 

  686. 		MSB_K++;
    687. 

  687. 		MSB_Q++;
    688. 

  688. 

  689. 		buffer_lengths_in_bytes--;
    690. 

  690. 		if (0 == buffer_lengths_in_bytes) {
    691. 

  691. 			DPRINTK("%s() Buffers have equal value!!\n",
    692. 

  692. 				__FUNCTION__);
    693. 

  693. 			return FAIL_A_IS_EQUAL_TO_B;
    694. 

  694. 		}
    695. 

  695. 

  696. 	}
    697. 

  697. 

  698. 	if (*MSB_K < *MSB_Q) {
    699. 

  699. 		return SUCCESS_A_IS_LESS_THAN_B;
    700. 

  700. 	} else {
    701. 

  701. 		return FAIL_A_IS_GREATER_THAN_B;
    702. 

  702. 	}
    703. 

  703. 

  704. }
    705. 

  705. 

  706. /* Name        : icp_ocfDrvDsaSign
    707. 

  707.  *
    708. 

  708.  * Description : This function will map DSA RS Sign from OCF to the LAC API.
    709. 

  709.  *
    710. 

  710.  * NOTE: From looking at OCF patch to OpenSSL and even the number of input
    711. 

  711.  * parameters, OCF expects us to generate the random seed value. This value
    712. 

  712.  * is generated and passed to LAC, however the number is discared in the
    713. 

  713.  * callback and not returned to the user.
    714. 

  714.  */
    715. 

  715. static int icp_ocfDrvDsaSign(struct cryptkop *krp)
    716. 

  716. {
    717. 

  717. 	CpaStatus lacStatus = CPA_STATUS_SUCCESS;
    718. 

  718. 	CpaCyDsaRSSignOpData *dsaRsSignOpData = NULL;
    719. 

  719. 	void *callbackTag = NULL;
    720. 

  720. 	CpaCyRandGenOpData randGenOpData;
    721. 

  721. 	int primeQSizeInBytes = 0;
    722. 

  722. 	int doCheck = 0;
    723. 

  723. 	CpaFlatBuffer randData;
    724. 

  724. 	CpaBoolean protocolStatus = CPA_FALSE;
    725. 

  725. 	CpaFlatBuffer *pR = NULL;
    726. 

  726. 	CpaFlatBuffer *pS = NULL;
    727. 

  727. 

  728. 	callbackTag = krp;
    729. 

  729. 

  730. 	BITS_TO_BYTES(primeQSizeInBytes,
    731. 

  731. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX].
    732. 

  732. 		      crp_nbits);
    733. 

  733. 

  734. 	if (DSA_RS_SIGN_PRIMEQ_SIZE_IN_BYTES != primeQSizeInBytes) {
    735. 

  735. 		APRINTK("%s(): DSA PRIME Q size not equal to the "
    736. 

  736. 			"FIPS defined 20bytes, = %d\n",
    737. 

  737. 			__FUNCTION__, primeQSizeInBytes);
    738. 

  738. 		krp->krp_status = EDOM;
    739. 

  739. 		return EDOM;
    740. 

  740. 	}
    741. 

  741. 

  742. 	dsaRsSignOpData =
    743. 

  743. 	    icp_kmem_cache_zalloc(drvDSARSSign_zone, ICP_M_NOWAIT);
    744. 

  744. 	if (NULL == dsaRsSignOpData) {
    745. 

  745. 		APRINTK("%s():Failed to get memory"
    746. 

  746. 			" for DSA RS Sign Op data struct\n", __FUNCTION__);
    747. 

  747. 		krp->krp_status = ENOMEM;
    748. 

  748. 		return ENOMEM;
    749. 

  749. 	}
    750. 

  750. 

  751. 	dsaRsSignOpData->K.pData =
    752. 

  752. 	    icp_kmem_cache_alloc(drvDSARSSignKValue_zone, ICP_M_NOWAIT);
    753. 

  753. 

  754. 	if (NULL == dsaRsSignOpData->K.pData) {
    755. 

  755. 		APRINTK("%s():Failed to get memory"
    756. 

  756. 			" for DSA RS Sign Op Random value\n", __FUNCTION__);
    757. 

  757. 		ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
    758. 

  758. 		krp->krp_status = ENOMEM;
    759. 

  759. 		return ENOMEM;
    760. 

  760. 	}
    761. 

  761. 

  762. 	pR = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
    763. 

  763. 	if (NULL == pR) {
    764. 

  764. 		APRINTK("%s():Failed to get memory"
    765. 

  765. 			" for DSA signature R\n", __FUNCTION__);
    766. 

  766. 		ICP_CACHE_FREE(drvDSARSSignKValue_zone,
    767. 

  767. 			       dsaRsSignOpData->K.pData);
    768. 

  768. 		ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
    769. 

  769. 		krp->krp_status = ENOMEM;
    770. 

  770. 		return ENOMEM;
    771. 

  771. 	}
    772. 

  772. 

  773. 	pS = icp_kmem_cache_zalloc(drvFlatBuffer_zone, ICP_M_NOWAIT);
    774. 

  774. 	if (NULL == pS) {
    775. 

  775. 		APRINTK("%s():Failed to get memory"
    776. 

  776. 			" for DSA signature S\n", __FUNCTION__);
    777. 

  777. 		icp_ocfDrvFreeFlatBuffer(pR);
    778. 

  778. 		ICP_CACHE_FREE(drvDSARSSignKValue_zone,
    779. 

  779. 			       dsaRsSignOpData->K.pData);
    780. 

  780. 		ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
    781. 

  781. 		krp->krp_status = ENOMEM;
    782. 

  782. 		return ENOMEM;
    783. 

  783. 	}
    784. 

  784. 

  785. 	/*link prime number parameter for ease of processing */
    786. 

  786. 	dsaRsSignOpData->P.pData =
    787. 

  787. 	    krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX].crp_p;
    788. 

  788. 	BITS_TO_BYTES(dsaRsSignOpData->P.dataLenInBytes,
    789. 

  789. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_P_INDEX].
    790. 

  790. 		      crp_nbits);
    791. 

  791. 

  792. 	icp_ocfDrvSwapBytes(dsaRsSignOpData->P.pData,
    793. 

  793. 			    dsaRsSignOpData->P.dataLenInBytes);
    794. 

  794. 

  795. 	dsaRsSignOpData->Q.pData =
    796. 

  796. 	    krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX].crp_p;
    797. 

  797. 	BITS_TO_BYTES(dsaRsSignOpData->Q.dataLenInBytes,
    798. 

  798. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_PRIME_Q_INDEX].
    799. 

  799. 		      crp_nbits);
    800. 

  800. 

  801. 	icp_ocfDrvSwapBytes(dsaRsSignOpData->Q.pData,
    802. 

  802. 			    dsaRsSignOpData->Q.dataLenInBytes);
    803. 

  803. 

  804. 	/*generate random number with equal buffer size to Prime value Q,
    805. 

  805. 	   but value less than Q */
    806. 

  806. 	dsaRsSignOpData->K.dataLenInBytes = dsaRsSignOpData->Q.dataLenInBytes;
    807. 

  807. 

  808. 	randGenOpData.generateBits = CPA_TRUE;
    809. 

  809. 	randGenOpData.lenInBytes = dsaRsSignOpData->K.dataLenInBytes;
    810. 

  810. 

  811. 	icp_ocfDrvPtrAndLenToFlatBuffer(dsaRsSignOpData->K.pData,
    812. 

  812. 					dsaRsSignOpData->K.dataLenInBytes,
    813. 

  813. 					&randData);
    814. 

  814. 

  815. 	doCheck = 0;
    816. 

  816. 	while (icp_ocfDrvCheckALessThanB(&(dsaRsSignOpData->K),
    817. 

  817. 					 &(dsaRsSignOpData->Q), &doCheck)) {
    818. 

  818. 

  819. 		if (CPA_STATUS_SUCCESS
    820. 

  820. 		    != cpaCyRandGen(CPA_INSTANCE_HANDLE_SINGLE,
    821. 

  821. 				    NULL, NULL, &randGenOpData, &randData)) {
    822. 

  822. 			APRINTK("%s(): ERROR - Failed to generate DSA RS Sign K"
    823. 

  823. 				"value\n", __FUNCTION__);
    824. 

  824. 			icp_ocfDrvFreeFlatBuffer(pS);
    825. 

  825. 			icp_ocfDrvFreeFlatBuffer(pR);
    826. 

  826. 			ICP_CACHE_FREE(drvDSARSSignKValue_zone,
    827. 

  827. 				       dsaRsSignOpData->K.pData);
    828. 

  828. 			ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
    829. 

  829. 			krp->krp_status = EAGAIN;
    830. 

  830. 			return EAGAIN;
    831. 

  831. 		}
    832. 

  832. 

  833. 		doCheck++;
    834. 

  834. 		if (DSA_SIGN_RAND_GEN_VAL_CHECK_MAX_ITERATIONS == doCheck) {
    835. 

  835. 			APRINTK("%s(): ERROR - Failed to find DSA RS Sign K "
    836. 

  836. 				"value less than Q value\n", __FUNCTION__);
    837. 

  837. 			icp_ocfDrvFreeFlatBuffer(pS);
    838. 

  838. 			icp_ocfDrvFreeFlatBuffer(pR);
    839. 

  839. 			ICP_CACHE_FREE(drvDSARSSignKValue_zone,
    840. 

  840. 				       dsaRsSignOpData->K.pData);
    841. 

  841. 			ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
    842. 

  842. 			krp->krp_status = EAGAIN;
    843. 

  843. 			return EAGAIN;
    844. 

  844. 		}
    845. 

  845. 

  846. 	}
    847. 

  847. 	/*Rand Data - no need to swap bytes for pK */
    848. 

  848. 

  849. 	/* Link parameters */
    850. 

  850. 	dsaRsSignOpData->G.pData =
    851. 

  851. 	    krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_G_INDEX].crp_p;
    852. 

  852. 	BITS_TO_BYTES(dsaRsSignOpData->G.dataLenInBytes,
    853. 

  853. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_G_INDEX].crp_nbits);
    854. 

  854. 

  855. 	icp_ocfDrvSwapBytes(dsaRsSignOpData->G.pData,
    856. 

  856. 			    dsaRsSignOpData->G.dataLenInBytes);
    857. 

  857. 

  858. 	dsaRsSignOpData->X.pData =
    859. 

  859. 	    krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_X_INDEX].crp_p;
    860. 

  860. 	BITS_TO_BYTES(dsaRsSignOpData->X.dataLenInBytes,
    861. 

  861. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_X_INDEX].crp_nbits);
    862. 

  862. 	icp_ocfDrvSwapBytes(dsaRsSignOpData->X.pData,
    863. 

  863. 			    dsaRsSignOpData->X.dataLenInBytes);
    864. 

  864. 

  865. 	/*OpenSSL dgst parameter is left in big endian byte order, 
    866. 

  866. 	   therefore no byte swap is required */
    867. 

  867. 	dsaRsSignOpData->M.pData =
    868. 

  868. 	    krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX].crp_p;
    869. 

  869. 	BITS_TO_BYTES(dsaRsSignOpData->M.dataLenInBytes,
    870. 

  870. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_DGST_INDEX].
    871. 

  871. 		      crp_nbits);
    872. 

  872. 

  873. 	/* Output Parameters */
    874. 

  874. 	pS->pData = krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX].crp_p;
    875. 

  875. 	BITS_TO_BYTES(pS->dataLenInBytes,
    876. 

  876. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_S_RESULT_INDEX].
    877. 

  877. 		      crp_nbits);
    878. 

  878. 

  879. 	pR->pData = krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX].crp_p;
    880. 

  880. 	BITS_TO_BYTES(pR->dataLenInBytes,
    881. 

  881. 		      krp->krp_param[ICP_DSA_SIGN_KRP_PARAM_R_RESULT_INDEX].
    882. 

  882. 		      crp_nbits);
    883. 

  883. 

  884. 	lacStatus = cpaCyDsaSignRS(CPA_INSTANCE_HANDLE_SINGLE,
    885. 

  885. 				   icp_ocfDrvDsaRSSignCallBack,
    886. 

  886. 				   callbackTag, dsaRsSignOpData,
    887. 

  887. 				   &protocolStatus, pR, pS);
    888. 

  888. 

  889. 	if (CPA_STATUS_SUCCESS != lacStatus) {
    890. 

  890. 		EPRINTK("%s(): DSA RS Sign Operation failed (%d).\n",
    891. 

  891. 			__FUNCTION__, lacStatus);
    892. 

  892. 		krp->krp_status = ECANCELED;
    893. 

  893. 		icp_ocfDrvFreeFlatBuffer(pS);
    894. 

  894. 		icp_ocfDrvFreeFlatBuffer(pR);
    895. 

  895. 		ICP_CACHE_FREE(drvDSARSSignKValue_zone,
    896. 

  896. 			       dsaRsSignOpData->K.pData);
    897. 

  897. 		ICP_CACHE_FREE(drvDSARSSign_zone, dsaRsSignOpData);
    898. 

  898. 	}
    899. 

  899. 

  900. 	return lacStatus;
    901. 

  901. }
    902. 

  902. 

  903. /* Name        : icp_ocfDrvDsaVerify
    904. 

  904.  *
    905. 

  905.  * Description : This function will map DSA RS Verify from OCF to the LAC API.
    906. 

  906.  *
    907. 

  907.  */
    908. 

  908. static int icp_ocfDrvDsaVerify(struct cryptkop *krp)
    909. 

  909. {
    910. 

  910. 	CpaStatus lacStatus = CPA_STATUS_SUCCESS;
    911. 

  911. 	CpaCyDsaVerifyOpData *dsaVerifyOpData = NULL;
    912. 

  912. 	void *callbackTag = NULL;
    913. 

  913. 	CpaBoolean verifyStatus = CPA_FALSE;
    914. 

  914. 

  915. 	callbackTag = krp;
    916. 

  916. 

  917. 	dsaVerifyOpData =
    918. 

  918. 	    icp_kmem_cache_zalloc(drvDSAVerify_zone, ICP_M_NOWAIT);
    919. 

  919. 	if (NULL == dsaVerifyOpData) {
    920. 

  920. 		APRINTK("%s():Failed to get memory"
    921. 

  921. 			" for DSA Verify Op data struct\n", __FUNCTION__);
    922. 

  922. 		krp->krp_status = ENOMEM;
    923. 

  923. 		return ENOMEM;
    924. 

  924. 	}
    925. 

  925. 

  926. 	/* Link parameters */
    927. 

  927. 	dsaVerifyOpData->P.pData =
    928. 

  928. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX].crp_p;
    929. 

  929. 	BITS_TO_BYTES(dsaVerifyOpData->P.dataLenInBytes,
    930. 

  930. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_P_INDEX].
    931. 

  931. 		      crp_nbits);
    932. 

  932. 	icp_ocfDrvSwapBytes(dsaVerifyOpData->P.pData,
    933. 

  933. 			    dsaVerifyOpData->P.dataLenInBytes);
    934. 

  934. 

  935. 	dsaVerifyOpData->Q.pData =
    936. 

  936. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX].crp_p;
    937. 

  937. 	BITS_TO_BYTES(dsaVerifyOpData->Q.dataLenInBytes,
    938. 

  938. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PRIME_Q_INDEX].
    939. 

  939. 		      crp_nbits);
    940. 

  940. 	icp_ocfDrvSwapBytes(dsaVerifyOpData->Q.pData,
    941. 

  941. 			    dsaVerifyOpData->Q.dataLenInBytes);
    942. 

  942. 

  943. 	dsaVerifyOpData->G.pData =
    944. 

  944. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_G_INDEX].crp_p;
    945. 

  945. 	BITS_TO_BYTES(dsaVerifyOpData->G.dataLenInBytes,
    946. 

  946. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_G_INDEX].
    947. 

  947. 		      crp_nbits);
    948. 

  948. 	icp_ocfDrvSwapBytes(dsaVerifyOpData->G.pData,
    949. 

  949. 			    dsaVerifyOpData->G.dataLenInBytes);
    950. 

  950. 

  951. 	dsaVerifyOpData->Y.pData =
    952. 

  952. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX].crp_p;
    953. 

  953. 	BITS_TO_BYTES(dsaVerifyOpData->Y.dataLenInBytes,
    954. 

  954. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_PUBKEY_INDEX].
    955. 

  955. 		      crp_nbits);
    956. 

  956. 	icp_ocfDrvSwapBytes(dsaVerifyOpData->Y.pData,
    957. 

  957. 			    dsaVerifyOpData->Y.dataLenInBytes);
    958. 

  958. 

  959. 	/*OpenSSL dgst parameter is left in big endian byte order, 
    960. 

  960. 	   therefore no byte swap is required */
    961. 

  961. 	dsaVerifyOpData->M.pData =
    962. 

  962. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX].crp_p;
    963. 

  963. 	BITS_TO_BYTES(dsaVerifyOpData->M.dataLenInBytes,
    964. 

  964. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_DGST_INDEX].
    965. 

  965. 		      crp_nbits);
    966. 

  966. 

  967. 	dsaVerifyOpData->R.pData =
    968. 

  968. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX].crp_p;
    969. 

  969. 	BITS_TO_BYTES(dsaVerifyOpData->R.dataLenInBytes,
    970. 

  970. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_R_INDEX].
    971. 

  971. 		      crp_nbits);
    972. 

  972. 	icp_ocfDrvSwapBytes(dsaVerifyOpData->R.pData,
    973. 

  973. 			    dsaVerifyOpData->R.dataLenInBytes);
    974. 

  974. 

  975. 	dsaVerifyOpData->S.pData =
    976. 

  976. 	    krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX].crp_p;
    977. 

  977. 	BITS_TO_BYTES(dsaVerifyOpData->S.dataLenInBytes,
    978. 

  978. 		      krp->krp_param[ICP_DSA_VERIFY_KRP_PARAM_SIG_S_INDEX].
    979. 

  979. 		      crp_nbits);
    980. 

  980. 	icp_ocfDrvSwapBytes(dsaVerifyOpData->S.pData,
    981. 

  981. 			    dsaVerifyOpData->S.dataLenInBytes);
    982. 

  982. 

  983. 	lacStatus = cpaCyDsaVerify(CPA_INSTANCE_HANDLE_SINGLE,
    984. 

  984. 				   icp_ocfDrvDsaVerifyCallBack,
    985. 

  985. 				   callbackTag, dsaVerifyOpData, &verifyStatus);
    986. 

  986. 

  987. 	if (CPA_STATUS_SUCCESS != lacStatus) {
    988. 

  988. 		EPRINTK("%s(): DSA Verify Operation failed (%d).\n",
    989. 

  989. 			__FUNCTION__, lacStatus);
    990. 

  990. 		ICP_CACHE_FREE(drvDSAVerify_zone, dsaVerifyOpData);
    991. 

  991. 		krp->krp_status = ECANCELED;
    992. 

  992. 	}
    993. 

  993. 

  994. 	return lacStatus;
    995. 

  995. }
    996. 

  996. 

  997. /* Name        : icp_ocfDrvDhP1Callback
    998. 

  998.  *
    999. 

  999.  * Description : When this function returns it signifies that the LAC
    1000. 

  1000.  * component has completed the DH operation.
    1001. 

  1001.  */
    1002. 

  1002. static void
    1003. 

  1003. icp_ocfDrvDhP1CallBack(void *callbackTag,
    1004. 

  1004. 		       CpaStatus status,
    1005. 

  1005. 		       void *pOpData, CpaFlatBuffer * pLocalOctetStringPV)
    1006. 

  1006. {
    1007. 

  1007. 	struct cryptkop *krp = NULL;
    1008. 

  1008. 	CpaCyDhPhase1KeyGenOpData *pPhase1OpData = NULL;
    1009. 

  1009. 

  1010. 	if (NULL == callbackTag) {
    1011. 

  1011. 		DPRINTK("%s(): Invalid input parameters - "
    1012. 

  1012. 			"callbackTag data is NULL\n", __FUNCTION__);
    1013. 

  1013. 		return;
    1014. 

  1014. 	}
    1015. 

  1015. 	krp = (struct cryptkop *)callbackTag;
    1016. 

  1016. 

  1017. 	if (NULL == pOpData) {
    1018. 

  1018. 		DPRINTK("%s(): Invalid input parameters - "
    1019. 

  1019. 			"Operation Data is NULL\n", __FUNCTION__);
    1020. 

  1020. 		krp->krp_status = ECANCELED;
    1021. 

  1021. 		crypto_kdone(krp);
    1022. 

  1022. 		return;
    1023. 

  1023. 	}
    1024. 

  1024. 	pPhase1OpData = (CpaCyDhPhase1KeyGenOpData *) pOpData;
    1025. 

  1025. 

  1026. 	if (NULL == pLocalOctetStringPV) {
    1027. 

  1027. 		DPRINTK("%s(): Invalid input parameters - "
    1028. 

  1028. 			"pLocalOctetStringPV Data is NULL\n", __FUNCTION__);
    1029. 

  1029. 		memset(pPhase1OpData, 0, sizeof(CpaCyDhPhase1KeyGenOpData));
    1030. 

  1030. 		ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
    1031. 

  1031. 		krp->krp_status = ECANCELED;
    1032. 

  1032. 		crypto_kdone(krp);
    1033. 

  1033. 		return;
    1034. 

  1034. 	}
    1035. 

  1035. 

  1036. 	if (CPA_STATUS_SUCCESS == status) {
    1037. 

  1037. 		krp->krp_status = CRYPTO_OP_SUCCESS;
    1038. 

  1038. 	} else {
    1039. 

  1039. 		APRINTK("%s(): Diffie Hellman Phase1 Key Gen failed - "
    1040. 

  1040. 			"Operation Status = %d\n", __FUNCTION__, status);
    1041. 

  1041. 		krp->krp_status = ECANCELED;
    1042. 

  1042. 	}
    1043. 

  1043. 

  1044. 	icp_ocfDrvSwapBytes(pLocalOctetStringPV->pData,
    1045. 

  1045. 			    pLocalOctetStringPV->dataLenInBytes);
    1046. 

  1046. 

  1047. 	icp_ocfDrvFreeFlatBuffer(pLocalOctetStringPV);
    1048. 

  1048. 	memset(pPhase1OpData, 0, sizeof(CpaCyDhPhase1KeyGenOpData));
    1049. 

  1049. 	ICP_CACHE_FREE(drvDH_zone, pPhase1OpData);
    1050. 

  1050. 

  1051. 	crypto_kdone(krp);
    1052. 

  1052. 

  1053. 	return;
    1054. 

  1054. }
    1055. 

  1055. 

  1056. /* Name        : icp_ocfDrvModExpCallBack
    1057. 

  1057.  *
    1058. 

  1058.  * Description : When this function returns it signifies that the LAC
    1059. 

  1059.  * component has completed the Mod Exp operation.
    1060. 

  1060.  */
    1061. 

  1061. static void
    1062. 

  1062. icp_ocfDrvModExpCallBack(void *callbackTag,
    1063. 

  1063. 			 CpaStatus status,
    1064. 

  1064. 			 void *pOpdata, CpaFlatBuffer * pResult)
    1065. 

  1065. {
    1066. 

  1066. 	struct cryptkop *krp = NULL;
    1067. 

  1067. 	CpaCyLnModExpOpData *pLnModExpOpData = NULL;
    1068. 

  1068. 

  1069. 	if (NULL == callbackTag) {
    1070. 

  1070. 		DPRINTK("%s(): Invalid input parameters - "
    1071. 

  1071. 			"callbackTag data is NULL\n", __FUNCTION__);
    1072. 

  1072. 		return;
    1073. 

  1073. 	}
    1074. 

  1074. 	krp = (struct cryptkop *)callbackTag;
    1075. 

  1075. 

  1076. 	if (NULL == pOpdata) {
    1077. 

  1077. 		DPRINTK("%s(): Invalid Mod Exp input parameters - "
    1078. 

  1078. 			"Operation Data is NULL\n", __FUNCTION__);
    1079. 

  1079. 		krp->krp_status = ECANCELED;
    1080. 

  1080. 		crypto_kdone(krp);
    1081. 

  1081. 		return;
    1082. 

  1082. 	}
    1083. 

  1083. 	pLnModExpOpData = (CpaCyLnModExpOpData *) pOpdata;
    1084. 

  1084. 

  1085. 	if (NULL == pResult) {
    1086. 

  1086. 		DPRINTK("%s(): Invalid input parameters - "
    1087. 

  1087. 			"pResult data is NULL\n", __FUNCTION__);
    1088. 

  1088. 		krp->krp_status = ECANCELED;
    1089. 

  1089. 		memset(pLnModExpOpData, 0, sizeof(CpaCyLnModExpOpData));
    1090. 

  1090. 		ICP_CACHE_FREE(drvLnModExp_zone, pLnModExpOpData);
    1091. 

  1091. 		crypto_kdone(krp);
    1092. 

  1092. 		return;
    1093. 

  1093. 	}
    1094. 

  1094. 

  1095. 	if (CPA_STATUS_SUCCESS == status) {
    1096. 

  1096. 		krp->krp_status = CRYPTO_OP_SUCCESS;
    1097. 

  1097. 	} else {
    1098. 

  1098. 		APRINTK("%s(): LAC Mod Exp Operation failed - "
    1099. 

  1099. 			"Operation Status = %d\n", __FUNCTION__, status);
    1100. 

  1100. 		krp->krp_status = ECANCELED;
    1101. 

  1101. 	}
    1102. 

  1102. 

  1103. 	icp_ocfDrvSwapBytes(pResult->pData, pResult->dataLenInBytes);
    1104. 

  1104. 

  1105. 	/*switch base size value back to original */
    1106. 

  1106. 	if (pLnModExpOpData->base.pData ==
    1107. 

  1107. 	    (uint8_t *) & (krp->
    1108. 

  1108. 			   krp_param[ICP_MOD_EXP_KRP_PARAM_BASE_INDEX].
    1109. 

  1109. 			   crp_nbits)) {
    1110. 

  1110. 		*((uint32_t *) pLnModExpOpData->base.pData) =
    1111. 

  1111. 		    ntohl(*((uint32_t *) pLnModExpOpData->base.pData));
    1112. 

  1112. 	}
    1113. 

  1113. 	icp_ocfDrvFreeFlatBuffer(pResult);
    1114. 

  1114. 	memset(pLnModExpOpData, 0, sizeof(CpaCyLnModExpOpData));
    1115. 

  1115. 	ICP_CACHE_FREE(drvLnModExp_zone, pLnModExpOpData);
    1116. 

  1116. 

  1117. 	crypto_kdone(krp);
    1118. 

  1118. 

  1119. 	return;
    1120. 

  1120. 

  1121. }
    1122. 

  1122. 

  1123. /* Name        : icp_ocfDrvModExpCRTCallBack
    1124. 

  1124.  *
    1125. 

  1125.  * Description : When this function returns it signifies that the LAC
    1126. 

  1126.  * component has completed the Mod Exp CRT operation.
    1127. 

  1127.  */
    1128. 

  1128. static void
    1129. 

  1129. icp_ocfDrvModExpCRTCallBack(void *callbackTag,
    1130. 

  1130. 			    CpaStatus status,
    1131. 

  1131. 			    void *pOpData, CpaFlatBuffer * pOutputData)
    1132. 

  1132. {
    1133. 

  1133. 	struct cryptkop *krp = NULL;
    1134. 

  1134. 	CpaCyRsaDecryptOpData *pDecryptData = NULL;
    1135. 

  1135. 

  1136. 	if (NULL == callbackTag) {
    1137. 

  1137. 		DPRINTK("%s(): Invalid input parameters - "
    1138. 

  1138. 			"callbackTag data is NULL\n", __FUNCTION__);
    1139. 

  1139. 		return;
    1140. 

  1140. 	}
    1141. 

  1141. 

  1142. 	krp = (struct cryptkop *)callbackTag;
    1143. 

  1143. 

  1144. 	if (NULL == pOpData) {
    1145. 

  1145. 		DPRINTK("%s(): Invalid input parameters - "
    1146. 

  1146. 			"Operation Data is NULL\n", __FUNCTION__);
    1147. 

  1147. 		krp->krp_status = ECANCELED;
    1148. 

  1148. 		crypto_kdone(krp);
    1149. 

  1149. 		return;
    1150. 

  1150. 	}
    1151. 

  1151. 	pDecryptData = (CpaCyRsaDecryptOpData *) pOpData;
    1152. 

  1152. 

  1153. 	if (NULL == pOutputData) {
    1154. 

  1154. 		DPRINTK("%s(): Invalid input parameter - "
    1155. 

  1155. 			"pOutputData is NULL\n", __FUNCTION__);
    1156. 

  1156. 		memset(pDecryptData->pRecipientPrivateKey, 0,
    1157. 

  1157. 		       sizeof(CpaCyRsaPrivateKey));
    1158. 

  1158. 		ICP_CACHE_FREE(drvRSAPrivateKey_zone,
    1159. 

  1159. 			       pDecryptData->pRecipientPrivateKey);
    1160. 

  1160. 		memset(pDecryptData, 0, sizeof(CpaCyRsaDecryptOpData));
    1161. 

  1161. 		ICP_CACHE_FREE(drvRSADecrypt_zone, pDecryptData);
    1162. 

  1162. 		krp->krp_status = ECANCELED;
    1163. 

  1163. 		crypto_kdone(krp);
    1164. 

  1164. 		return;
    1165. 

  1165. 	}
    1166. 

  1166. 

  1167. 	if (CPA_STATUS_SUCCESS == status) {
    1168. 

  1168. 		krp->krp_status = CRYPTO_OP_SUCCESS;
    1169. 

  1169. 	} else {
    1170. 

  1170. 		APRINTK("%s(): LAC Mod Exp CRT operation failed - "
    1171. 

  1171. 			"Operation Status = %d\n", __FUNCTION__, status);
    1172. 

  1172. 		krp->krp_status = ECANCELED;
    1173. 

  1173. 	}
    1174. 

  1174. 

  1175. 	icp_ocfDrvSwapBytes(pOutputData->pData, pOutputData->dataLenInBytes);
    1176. 

  1176. 

  1177. 	icp_ocfDrvFreeFlatBuffer(pOutputData);
    1178. 

  1178. 	memset(pDecryptData->pRecipientPrivateKey, 0,
    1179. 

  1179. 	       sizeof(CpaCyRsaPrivateKey));
    1180. 

  1180. 	ICP_CACHE_FREE(drvRSAPrivateKey_zone,
    1181. 

  1181. 		       pDecryptData->pRecipientPrivateKey);
    1182. 

  1182. 	memset(pDecryptData, 0, sizeof(CpaCyRsaDecryptOpData));
    1183. 

  1183. 	ICP_CACHE_FREE(drvRSADecrypt_zone, pDecryptData);
    1184. 

  1184. 

  1185. 	crypto_kdone(krp);
    1186. 

  1186. 

  1187. 	return;
    1188. 

  1188. }
    1189. 

  1189. 

  1190. /* Name        : icp_ocfDrvDsaRSSignCallBack
    1191. 

  1191.  *
    1192. 

  1192.  * Description : When this function returns it signifies that the LAC
    1193. 

  1193.  * component has completed the DSA RS sign operation.
    1194. 

  1194.  */
    1195. 

  1195. static void
    1196. 

  1196. icp_ocfDrvDsaRSSignCallBack(void *callbackTag,
    1197. 

  1197. 			    CpaStatus status,
    1198. 

  1198. 			    void *pOpData,
    1199. 

  1199. 			    CpaBoolean protocolStatus,
    1200. 

  1200. 			    CpaFlatBuffer * pR, CpaFlatBuffer * pS)
    1201. 

  1201. {
    1202. 

  1202. 	struct cryptkop *krp = NULL;
    1203. 

  1203. 	CpaCyDsaRSSignOpData *pSignData = NULL;
    1204. 

  1204. 

  1205. 	if (NULL == callbackTag) {
    1206. 

  1206. 		DPRINTK("%s(): Invalid input parameters - "
    1207. 

  1207. 			"callbackTag data is NULL\n", __FUNCTION__);
    1208. 

  1208. 		return;
    1209. 

  1209. 	}
    1210. 

  1210. 

  1211. 	krp = (struct cryptkop *)callbackTag;
    1212. 

  1212. 

  1213. 	if (NULL == pOpData) {
    1214. 

  1214. 		DPRINTK("%s(): Invalid input parameters - "
    1215. 

  1215. 			"Operation Data is NULL\n", __FUNCTION__);
    1216. 

  1216. 		krp->krp_status = ECANCELED;
    1217. 

  1217. 		crypto_kdone(krp);
    1218. 

  1218. 		return;
    1219. 

  1219. 	}
    1220. 

  1220. 	pSignData = (CpaCyDsaRSSignOpData *) pOpData;
    1221. 

  1221. 

  1222. 	if (NULL == pR) {
    1223. 

  1223. 		DPRINTK("%s(): Invalid input parameter - "
    1224. 

  1224. 			"pR sign is NULL\n", __FUNCTION__);
    1225. 

  1225. 		icp_ocfDrvFreeFlatBuffer(pS);
    1226. 

  1226. 		ICP_CACHE_FREE(drvDSARSSign_zone, pSignData);
    1227. 

  1227. 		krp->krp_status = ECANCELED;
    1228. 

  1228. 		crypto_kdone(krp);
    1229. 

  1229. 		return;
    1230. 

  1230. 	}
    1231. 

  1231. 

  1232. 	if (NULL == pS) {
    1233. 

  1233. 		DPRINTK("%s(): Invalid input parameter - "
    1234. 

  1234. 			"pS sign is NULL\n", __FUNCTION__);
    1235. 

  1235. 		icp_ocfDrvFreeFlatBuffer(pR);
    1236. 

  1236. 		ICP_CACHE_FREE(drvDSARSSign_zone, pSignData);
    1237. 

  1237. 		krp->krp_status = ECANCELED;
    1238. 

  1238. 		crypto_kdone(krp);
    1239. 

  1239. 		return;
    1240. 

  1240. 	}
    1241. 

  1241. 

  1242. 	if (CPA_STATUS_SUCCESS != status) {
    1243. 

  1243. 		APRINTK("%s(): LAC DSA RS Sign operation failed - "
    1244. 

  1244. 			"Operation Status = %d\n", __FUNCTION__, status);
    1245. 

  1245. 		krp->krp_status = ECANCELED;
    1246. 

  1246. 	} else {
    1247. 

  1247. 		krp->krp_status = CRYPTO_OP_SUCCESS;
    1248. 

  1248. 

  1249. 		if (CPA_TRUE != protocolStatus) {
    1250. 

  1250. 			DPRINTK("%s(): LAC DSA RS Sign operation failed due "
    1251. 

  1251. 				"to protocol error\n", __FUNCTION__);
    1252. 

  1252. 			krp->krp_status = EIO;
    1253. 

  1253. 		}
    1254. 

  1254. 	}
    1255. 

  1255. 

  1256. 	/* Swap bytes only when the callback status is successful and
    1257. 

  1257. 	   protocolStatus is set to true */
    1258. 

  1258. 	if (CPA_STATUS_SUCCESS == status && CPA_TRUE == protocolStatus) {
    1259. 

  1259. 		icp_ocfDrvSwapBytes(pR->pData, pR->dataLenInBytes);
    1260. 

  1260. 		icp_ocfDrvSwapBytes(pS->pData, pS->dataLenInBytes);
    1261. 

  1261. 	}
    1262. 

  1262. 

  1263. 	icp_ocfDrvFreeFlatBuffer(pR);
    1264. 

  1264. 	icp_ocfDrvFreeFlatBuffer(pS);
    1265. 

  1265. 	memset(pSignData->K.pData, 0, pSignData->K.dataLenInBytes);
    1266. 

  1266. 	ICP_CACHE_FREE(drvDSARSSignKValue_zone, pSignData->K.pData);
    1267. 

  1267. 	memset(pSignData, 0, sizeof(CpaCyDsaRSSignOpData));
    1268. 

  1268. 	ICP_CACHE_FREE(drvDSARSSign_zone, pSignData);
    1269. 

  1269. 	crypto_kdone(krp);
    1270. 

  1270. 

  1271. 	return;
    1272. 

  1272. }
    1273. 

  1273. 

  1274. /* Name        : icp_ocfDrvDsaVerifyCallback
    1275. 

  1275.  *
    1276. 

  1276.  * Description : When this function returns it signifies that the LAC
    1277. 

  1277.  * component has completed the DSA Verify operation.
    1278. 

  1278.  */
    1279. 

  1279. static void
    1280. 

  1280. icp_ocfDrvDsaVerifyCallBack(void *callbackTag,
    1281. 

  1281. 			    CpaStatus status,
    1282. 

  1282. 			    void *pOpData, CpaBoolean verifyStatus)
    1283. 

  1283. {
    1284. 

  1284. 

  1285. 	struct cryptkop *krp = NULL;
    1286. 

  1286. 	CpaCyDsaVerifyOpData *pVerData = NULL;
    1287. 

  1287. 

  1288. 	if (NULL == callbackTag) {
    1289. 

  1289. 		DPRINTK("%s(): Invalid input parameters - "
    1290. 

  1290. 			"callbackTag data is NULL\n", __FUNCTION__);
    1291. 

  1291. 		return;
    1292. 

  1292. 	}
    1293. 

  1293. 

  1294. 	krp = (struct cryptkop *)callbackTag;
    1295. 

  1295. 

  1296. 	if (NULL == pOpData) {
    1297. 

  1297. 		DPRINTK("%s(): Invalid input parameters - "
    1298. 

  1298. 			"Operation Data is NULL\n", __FUNCTION__);
    1299. 

  1299. 		krp->krp_status = ECANCELED;
    1300. 

  1300. 		crypto_kdone(krp);
    1301. 

  1301. 		return;
    1302. 

  1302. 	}
    1303. 

  1303. 	pVerData = (CpaCyDsaVerifyOpData *) pOpData;
    1304. 

  1304. 

  1305. 	if (CPA_STATUS_SUCCESS != status) {
    1306. 

  1306. 		APRINTK("%s(): LAC DSA Verify operation failed - "
    1307. 

  1307. 			"Operation Status = %d\n", __FUNCTION__, status);
    1308. 

  1308. 		krp->krp_status = ECANCELED;
    1309. 

  1309. 	} else {
    1310. 

  1310. 		krp->krp_status = CRYPTO_OP_SUCCESS;
    1311. 

  1311. 

  1312. 		if (CPA_TRUE != verifyStatus) {
    1313. 

  1313. 			DPRINTK("%s(): DSA signature invalid\n", __FUNCTION__);
    1314. 

  1314. 			krp->krp_status = EIO;
    1315. 

  1315. 		}
    1316. 

  1316. 	}
    1317. 

  1317. 

  1318. 	/* Swap bytes only when the callback status is successful and
    1319. 

  1319. 	   verifyStatus is set to true */
    1320. 

  1320. 	/*Just swapping back the key values for now. Possibly all
    1321. 

  1321. 	   swapped buffers need to be reverted */
    1322. 

  1322. 	if (CPA_STATUS_SUCCESS == status && CPA_TRUE == verifyStatus) {
    1323. 

  1323. 		icp_ocfDrvSwapBytes(pVerData->R.pData,
    1324. 

  1324. 				    pVerData->R.dataLenInBytes);
    1325. 

  1325. 		icp_ocfDrvSwapBytes(pVerData->S.pData,
    1326. 

  1326. 				    pVerData->S.dataLenInBytes);
    1327. 

  1327. 	}
    1328. 

  1328. 

  1329. 	memset(pVerData, 0, sizeof(CpaCyDsaVerifyOpData));
    1330. 

  1330. 	ICP_CACHE_FREE(drvDSAVerify_zone, pVerData);
    1331. 

  1331. 	crypto_kdone(krp);
    1332. 

  1332. 

  1333. 	return;
    1334. 

  1334. }
    1335.