projects / openwrt / openwrt.git / blob
? search:


18a430e83da0a9b9cc98f6442abdb4e19c34df77
[openwrt/openwrt.git] / package / libs / openssl / patches / 410-eng_devcrypto-add-configuration-options.patch
1 From 800272d22acf95070f22c870eca15bdba0539a6a Mon Sep 17 00:00:00 2001
2 From: Eneas U de Queiroz <cote2004-github@yahoo.com>
3 Date: Sat, 3 Nov 2018 15:41:10 -0300
4 Subject: [PATCH 2/4] eng_devcrypto: add configuration options
5
6 USE_SOFTDRIVERS: whether to use software (not accelerated) drivers
7 CIPHERS: list of ciphers to enable
8 DIGESTS: list of digests to enable
9
10 Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
11
12 Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
13 Reviewed-by: Richard Levitte <levitte@openssl.org>
14 (Merged from https://github.com/openssl/openssl/pull/7585)
15
16 --- a/crypto/engine/eng_devcrypto.c
17 +++ b/crypto/engine/eng_devcrypto.c
18 @@ -16,6 +16,7 @@
19 #include <unistd.h>
20 #include <assert.h>
21
22 +#include <openssl/conf.h>
23 #include <openssl/evp.h>
24 #include <openssl/err.h>
25 #include <openssl/engine.h>
26 @@ -36,6 +37,30 @@
27 * saner... why re-open /dev/crypto for every session?
28 */
29 static int cfd;
30 +#define DEVCRYPTO_REQUIRE_ACCELERATED 0 /* require confirmation of acceleration */
31 +#define DEVCRYPTO_USE_SOFTWARE 1 /* allow software drivers */
32 +#define DEVCRYPTO_REJECT_SOFTWARE 2 /* only disallow confirmed software drivers */
33 +
34 +#define DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS DEVCRYPTO_REJECT_SOFTWARE
35 +static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS;
36 +
37 +/*
38 + * cipher/digest status & acceleration definitions
39 + * Make sure the defaults are set to 0
40 + */
41 +struct driver_info_st {
42 + enum devcrypto_status_t {
43 + DEVCRYPTO_STATUS_UNUSABLE = -1, /* session open failed */
44 + DEVCRYPTO_STATUS_UNKNOWN = 0, /* not tested yet */
45 + DEVCRYPTO_STATUS_USABLE = 1 /* algo can be used */
46 + } status;
47 +
48 + enum devcrypto_accelerated_t {
49 + DEVCRYPTO_NOT_ACCELERATED = -1, /* software implemented */
50 + DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unkown */
51 + DEVCRYPTO_ACCELERATED = 1 /* hardware accelerated */
52 + } accelerated;
53 +};
54
55 static int clean_devcrypto_session(struct session_op *sess) {
56 if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) {
57 @@ -119,13 +144,22 @@ static const struct cipher_data_st {
58 #endif
59 };
60
61 -static size_t get_cipher_data_index(int nid)
62 +static size_t find_cipher_data_index(int nid)
63 {
64 size_t i;
65
66 for (i = 0; i < OSSL_NELEM(cipher_data); i++)
67 if (nid == cipher_data[i].nid)
68 return i;
69 + return (size_t)-1;
70 +}
71 +
72 +static size_t get_cipher_data_index(int nid)
73 +{
74 + size_t i = find_cipher_data_index(nid);
75 +
76 + if (i != (size_t)-1)
77 + return i;
78
79 /*
80 * Code further down must make sure that only NIDs in the table above
81 @@ -333,19 +367,40 @@ static int cipher_cleanup(EVP_CIPHER_CTX
82 }
83
84 /*
85 - * Keep a table of known nids and associated methods.
86 + * Keep tables of known nids, associated methods, selected ciphers, and driver
87 + * info.
88 * Note that known_cipher_nids[] isn't necessarily indexed the same way as
89 - * cipher_data[] above, which known_cipher_methods[] is.
90 + * cipher_data[] above, which the other tables are.
91 */
92 static int known_cipher_nids[OSSL_NELEM(cipher_data)];
93 static int known_cipher_nids_amount = -1; /* -1 indicates not yet initialised */
94 static EVP_CIPHER *known_cipher_methods[OSSL_NELEM(cipher_data)] = { NULL, };
95 +static int selected_ciphers[OSSL_NELEM(cipher_data)];
96 +static struct driver_info_st cipher_driver_info[OSSL_NELEM(cipher_data)];
97 +
98 +
99 +static int devcrypto_test_cipher(size_t cipher_data_index)
100 +{
101 + return (cipher_driver_info[cipher_data_index].status == DEVCRYPTO_STATUS_USABLE
102 + && selected_ciphers[cipher_data_index] == 1
103 + && (cipher_driver_info[cipher_data_index].accelerated
104 + == DEVCRYPTO_ACCELERATED
105 + || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
106 + || (cipher_driver_info[cipher_data_index].accelerated
107 + != DEVCRYPTO_NOT_ACCELERATED
108 + && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
109 +}
110
111 static void prepare_cipher_methods(void)
112 {
113 size_t i;
114 struct session_op sess;
115 unsigned long cipher_mode;
116 +#ifdef CIOCGSESSINFO
117 + struct session_info_op siop;
118 +#endif
119 +
120 + memset(&cipher_driver_info, 0, sizeof(cipher_driver_info));
121
122 memset(&sess, 0, sizeof(sess));
123 sess.key = (void *)"01234567890123456789012345678901234567890123456789";
124 @@ -353,15 +408,16 @@ static void prepare_cipher_methods(void)
125 for (i = 0, known_cipher_nids_amount = 0;
126 i < OSSL_NELEM(cipher_data); i++) {
127
128 + selected_ciphers[i] = 1;
129 /*
130 - * Check that the algo is really availably by trying to open and close
131 - * a session.
132 + * Check that the cipher is usable
133 */
134 sess.cipher = cipher_data[i].devcryptoid;
135 sess.keylen = cipher_data[i].keylen;
136 - if (ioctl(cfd, CIOCGSESSION, &sess) < 0
137 - || ioctl(cfd, CIOCFSESSION, &sess.ses) < 0)
138 + if (ioctl(cfd, CIOCGSESSION, &sess) < 0) {
139 + cipher_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
140 continue;
141 + }
142
143 cipher_mode = cipher_data[i].flags & EVP_CIPH_MODE;
144
145 @@ -387,15 +443,41 @@ static void prepare_cipher_methods(void)
146 cipher_cleanup)
147 || !EVP_CIPHER_meth_set_impl_ctx_size(known_cipher_methods[i],
148 sizeof(struct cipher_ctx))) {
149 + cipher_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
150 EVP_CIPHER_meth_free(known_cipher_methods[i]);
151 known_cipher_methods[i] = NULL;
152 } else {
153 + cipher_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
154 +#ifdef CIOCGSESSINFO
155 + siop.ses = sess.ses;
156 + if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0)
157 + cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
158 + else if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY))
159 + cipher_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
160 + else
161 + cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
162 +#endif /* CIOCGSESSINFO */
163 + }
164 + ioctl(cfd, CIOCFSESSION, &sess.ses);
165 + if (devcrypto_test_cipher(i)) {
166 known_cipher_nids[known_cipher_nids_amount++] =
167 cipher_data[i].nid;
168 }
169 }
170 }
171
172 +static void rebuild_known_cipher_nids(ENGINE *e)
173 +{
174 + size_t i;
175 +
176 + for (i = 0, known_cipher_nids_amount = 0; i < OSSL_NELEM(cipher_data); i++) {
177 + if (devcrypto_test_cipher(i))
178 + known_cipher_nids[known_cipher_nids_amount++] = cipher_data[i].nid;
179 + }
180 + ENGINE_unregister_ciphers(e);
181 + ENGINE_register_ciphers(e);
182 +}
183 +
184 static const EVP_CIPHER *get_cipher_method(int nid)
185 {
186 size_t i = get_cipher_data_index(nid);
187 @@ -438,6 +520,36 @@ static int devcrypto_ciphers(ENGINE *e,
188 return *cipher != NULL;
189 }
190
191 +static void devcrypto_select_all_ciphers(int *cipher_list)
192 +{
193 + size_t i;
194 +
195 + for (i = 0; i < OSSL_NELEM(cipher_data); i++)
196 + cipher_list[i] = 1;
197 +}
198 +
199 +static int cryptodev_select_cipher_cb(const char *str, int len, void *usr)
200 +{
201 + int *cipher_list = (int *)usr;
202 + char *name;
203 + const EVP_CIPHER *EVP;
204 + size_t i;
205 +
206 + if (len == 0)
207 + return 1;
208 + if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
209 + return 0;
210 + EVP = EVP_get_cipherbyname(name);
211 + if (EVP == NULL)
212 + fprintf(stderr, "devcrypto: unknown cipher %s\n", name);
213 + else if ((i = find_cipher_data_index(EVP_CIPHER_nid(EVP))) != (size_t)-1)
214 + cipher_list[i] = 1;
215 + else
216 + fprintf(stderr, "devcrypto: cipher %s not available\n", name);
217 + OPENSSL_free(name);
218 + return 1;
219 +}
220 +
221 /*
222 * We only support digests if the cryptodev implementation supports multiple
223 * data updates and session copying. Otherwise, we would be forced to maintain
224 @@ -493,13 +605,22 @@ static const struct digest_data_st {
225 #endif
226 };
227
228 -static size_t get_digest_data_index(int nid)
229 +static size_t find_digest_data_index(int nid)
230 {
231 size_t i;
232
233 for (i = 0; i < OSSL_NELEM(digest_data); i++)
234 if (nid == digest_data[i].nid)
235 return i;
236 + return (size_t)-1;
237 +}
238 +
239 +static size_t get_digest_data_index(int nid)
240 +{
241 + size_t i = find_digest_data_index(nid);
242 +
243 + if (i != (size_t)-1)
244 + return i;
245
246 /*
247 * Code further down must make sure that only NIDs in the table above
248 @@ -516,8 +637,8 @@ static const struct digest_data_st *get_
249 }
250
251 /*
252 - * Following are the four necessary functions to map OpenSSL functionality
253 - * with cryptodev.
254 + * Following are the five necessary functions to map OpenSSL functionality
255 + * with cryptodev: init, update, final, cleanup, and copy.
256 */
257
258 static int digest_init(EVP_MD_CTX *ctx)
259 @@ -630,52 +751,94 @@ static int digest_cleanup(EVP_MD_CTX *ct
260 return clean_devcrypto_session(&digest_ctx->sess);
261 }
262
263 -static int devcrypto_test_digest(size_t digest_data_index)
264 -{
265 - struct session_op sess1, sess2;
266 - struct cphash_op cphash;
267 - int ret=0;
268 -
269 - memset(&sess1, 0, sizeof(sess1));
270 - memset(&sess2, 0, sizeof(sess2));
271 - sess1.mac = digest_data[digest_data_index].devcryptoid;
272 - if (ioctl(cfd, CIOCGSESSION, &sess1) < 0)
273 - return 0;
274 - /* Make sure the driver is capable of hash state copy */
275 - sess2.mac = sess1.mac;
276 - if (ioctl(cfd, CIOCGSESSION, &sess2) >= 0) {
277 - cphash.src_ses = sess1.ses;
278 - cphash.dst_ses = sess2.ses;
279 - if (ioctl(cfd, CIOCCPHASH, &cphash) >= 0)
280 - ret = 1;
281 - ioctl(cfd, CIOCFSESSION, &sess2.ses);
282 - }
283 - ioctl(cfd, CIOCFSESSION, &sess1.ses);
284 - return ret;
285 -}
286 -
287 /*
288 - * Keep a table of known nids and associated methods.
289 + * Keep tables of known nids, associated methods, selected digests, and
290 + * driver info.
291 * Note that known_digest_nids[] isn't necessarily indexed the same way as
292 - * digest_data[] above, which known_digest_methods[] is.
293 + * digest_data[] above, which the other tables are.
294 */
295 static int known_digest_nids[OSSL_NELEM(digest_data)];
296 static int known_digest_nids_amount = -1; /* -1 indicates not yet initialised */
297 static EVP_MD *known_digest_methods[OSSL_NELEM(digest_data)] = { NULL, };
298 +static int selected_digests[OSSL_NELEM(digest_data)];
299 +static struct driver_info_st digest_driver_info[OSSL_NELEM(digest_data)];
300 +
301 +static int devcrypto_test_digest(size_t digest_data_index)
302 +{
303 + return (digest_driver_info[digest_data_index].status == DEVCRYPTO_STATUS_USABLE
304 + && selected_digests[digest_data_index] == 1
305 + && (digest_driver_info[digest_data_index].accelerated
306 + == DEVCRYPTO_ACCELERATED
307 + || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
308 + || (digest_driver_info[digest_data_index].accelerated
309 + != DEVCRYPTO_NOT_ACCELERATED
310 + && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
311 +}
312 +
313 +static void rebuild_known_digest_nids(ENGINE *e)
314 +{
315 + size_t i;
316 +
317 + for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data); i++) {
318 + if (devcrypto_test_digest(i))
319 + known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
320 + }
321 + ENGINE_unregister_digests(e);
322 + ENGINE_register_digests(e);
323 +}
324
325 static void prepare_digest_methods(void)
326 {
327 size_t i;
328 + struct session_op sess1, sess2;
329 +#ifdef CIOCGSESSINFO
330 + struct session_info_op siop;
331 +#endif
332 + struct cphash_op cphash;
333 +
334 + memset(&digest_driver_info, 0, sizeof(digest_driver_info));
335 +
336 + memset(&sess1, 0, sizeof(sess1));
337 + memset(&sess2, 0, sizeof(sess2));
338
339 for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data);
340 i++) {
341
342 + selected_digests[i] = 1;
343 +
344 /*
345 - * Check that the algo is usable
346 + * Check that the digest is usable
347 */
348 - if (!devcrypto_test_digest(i))
349 - continue;
350 + sess1.mac = digest_data[i].devcryptoid;
351 + sess2.ses = 0;
352 + if (ioctl(cfd, CIOCGSESSION, &sess1) < 0) {
353 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
354 + goto finish;
355 + }
356
357 +#ifdef CIOCGSESSINFO
358 + /* gather hardware acceleration info from the driver */
359 + siop.ses = sess1.ses;
360 + if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0)
361 + digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
362 + else if (siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)
363 + digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
364 + else
365 + digest_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
366 +#endif
367 +
368 + /* digest must be capable of hash state copy */
369 + sess2.mac = sess1.mac;
370 + if (ioctl(cfd, CIOCGSESSION, &sess2) < 0) {
371 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
372 + goto finish;
373 + }
374 + cphash.src_ses = sess1.ses;
375 + cphash.dst_ses = sess2.ses;
376 + if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
377 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
378 + goto finish;
379 + }
380 if ((known_digest_methods[i] = EVP_MD_meth_new(digest_data[i].nid,
381 NID_undef)) == NULL
382 || !EVP_MD_meth_set_input_blocksize(known_digest_methods[i],
383 @@ -689,11 +852,18 @@ static void prepare_digest_methods(void)
384 || !EVP_MD_meth_set_cleanup(known_digest_methods[i], digest_cleanup)
385 || !EVP_MD_meth_set_app_datasize(known_digest_methods[i],
386 sizeof(struct digest_ctx))) {
387 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
388 EVP_MD_meth_free(known_digest_methods[i]);
389 known_digest_methods[i] = NULL;
390 - } else {
391 - known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
392 + goto finish;
393 }
394 + digest_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
395 +finish:
396 + ioctl(cfd, CIOCFSESSION, &sess1.ses);
397 + if (sess2.ses != 0)
398 + ioctl(cfd, CIOCFSESSION, &sess2.ses);
399 + if (devcrypto_test_digest(i))
400 + known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
401 }
402 }
403
404 @@ -739,7 +909,153 @@ static int devcrypto_digests(ENGINE *e,
405 return *digest != NULL;
406 }
407
408 +static void devcrypto_select_all_digests(int *digest_list)
409 +{
410 + size_t i;
411 +
412 + for (i = 0; i < OSSL_NELEM(digest_data); i++)
413 + digest_list[i] = 1;
414 +}
415 +
416 +static int cryptodev_select_digest_cb(const char *str, int len, void *usr)
417 +{
418 + int *digest_list = (int *)usr;
419 + char *name;
420 + const EVP_MD *EVP;
421 + size_t i;
422 +
423 + if (len == 0)
424 + return 1;
425 + if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
426 + return 0;
427 + EVP = EVP_get_digestbyname(name);
428 + if (EVP == NULL)
429 + fprintf(stderr, "devcrypto: unknown digest %s\n", name);
430 + else if ((i = find_digest_data_index(EVP_MD_type(EVP))) != (size_t)-1)
431 + digest_list[i] = 1;
432 + else
433 + fprintf(stderr, "devcrypto: digest %s not available\n", name);
434 + OPENSSL_free(name);
435 + return 1;
436 +}
437 +
438 +#endif
439 +
440 +/******************************************************************************
441 + *
442 + * CONTROL COMMANDS
443 + *
444 + *****/
445 +
446 +#define DEVCRYPTO_CMD_USE_SOFTDRIVERS ENGINE_CMD_BASE
447 +#define DEVCRYPTO_CMD_CIPHERS (ENGINE_CMD_BASE + 1)
448 +#define DEVCRYPTO_CMD_DIGESTS (ENGINE_CMD_BASE + 2)
449 +#define DEVCRYPTO_CMD_DUMP_INFO (ENGINE_CMD_BASE + 3)
450 +
451 +/* Helper macros for CPP string composition */
452 +#ifndef OPENSSL_MSTR
453 +# define OPENSSL_MSTR_HELPER(x) #x
454 +# define OPENSSL_MSTR(x) OPENSSL_MSTR_HELPER(x)
455 +#endif
456 +
457 +static const ENGINE_CMD_DEFN devcrypto_cmds[] = {
458 +#ifdef CIOCGSESSINFO
459 + {DEVCRYPTO_CMD_USE_SOFTDRIVERS,
460 + "USE_SOFTDRIVERS",
461 + "specifies whether to use software (not accelerated) drivers ("
462 + OPENSSL_MSTR(DEVCRYPTO_REQUIRE_ACCELERATED) "=use only accelerated drivers, "
463 + OPENSSL_MSTR(DEVCRYPTO_USE_SOFTWARE) "=allow all drivers, "
464 + OPENSSL_MSTR(DEVCRYPTO_REJECT_SOFTWARE)
465 + "=use if acceleration can't be determined) [default="
466 + OPENSSL_MSTR(DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS) "]",
467 + ENGINE_CMD_FLAG_NUMERIC},
468 +#endif
469 +
470 + {DEVCRYPTO_CMD_CIPHERS,
471 + "CIPHERS",
472 + "either ALL, NONE, or a comma-separated list of ciphers to enable [default=ALL]",
473 + ENGINE_CMD_FLAG_STRING},
474 +
475 +#ifdef IMPLEMENT_DIGEST
476 + {DEVCRYPTO_CMD_DIGESTS,
477 + "DIGESTS",
478 + "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
479 + ENGINE_CMD_FLAG_STRING},
480 +#endif
481 +
482 + {0, NULL, NULL, 0}
483 +};
484 +
485 +static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
486 +{
487 + int *new_list;
488 + switch (cmd) {
489 +#ifdef CIOCGSESSINFO
490 + case DEVCRYPTO_CMD_USE_SOFTDRIVERS:
491 + switch (i) {
492 + case DEVCRYPTO_REQUIRE_ACCELERATED:
493 + case DEVCRYPTO_USE_SOFTWARE:
494 + case DEVCRYPTO_REJECT_SOFTWARE:
495 + break;
496 + default:
497 + fprintf(stderr, "devcrypto: invalid value (%ld) for USE_SOFTDRIVERS\n", i);
498 + return 0;
499 + }
500 + if (use_softdrivers == i)
501 + return 1;
502 + use_softdrivers = i;
503 +#ifdef IMPLEMENT_DIGEST
504 + rebuild_known_digest_nids(e);
505 #endif
506 + rebuild_known_cipher_nids(e);
507 + return 1;
508 +#endif /* CIOCGSESSINFO */
509 +
510 + case DEVCRYPTO_CMD_CIPHERS:
511 + if (p == NULL)
512 + return 1;
513 + if (strcasecmp((const char *)p, "ALL") == 0) {
514 + devcrypto_select_all_ciphers(selected_ciphers);
515 + } else if (strcasecmp((const char*)p, "NONE") == 0) {
516 + memset(selected_ciphers, 0, sizeof(selected_ciphers));
517 + } else {
518 + new_list=OPENSSL_zalloc(sizeof(selected_ciphers));
519 + if (!CONF_parse_list(p, ',', 1, cryptodev_select_cipher_cb, new_list)) {
520 + OPENSSL_free(new_list);
521 + return 0;
522 + }
523 + memcpy(selected_ciphers, new_list, sizeof(selected_ciphers));
524 + OPENSSL_free(new_list);
525 + }
526 + rebuild_known_cipher_nids(e);
527 + return 1;
528 +
529 +#ifdef IMPLEMENT_DIGEST
530 + case DEVCRYPTO_CMD_DIGESTS:
531 + if (p == NULL)
532 + return 1;
533 + if (strcasecmp((const char *)p, "ALL") == 0) {
534 + devcrypto_select_all_digests(selected_digests);
535 + } else if (strcasecmp((const char*)p, "NONE") == 0) {
536 + memset(selected_digests, 0, sizeof(selected_digests));
537 + } else {
538 + new_list=OPENSSL_zalloc(sizeof(selected_digests));
539 + if (!CONF_parse_list(p, ',', 1, cryptodev_select_digest_cb, new_list)) {
540 + OPENSSL_free(new_list);
541 + return 0;
542 + }
543 + memcpy(selected_digests, new_list, sizeof(selected_digests));
544 + OPENSSL_free(new_list);
545 + }
546 + rebuild_known_digest_nids(e);
547 + return 1;
548 +#endif /* IMPLEMENT_DIGEST */
549 +
550 + default:
551 + break;
552 + }
553 + return 0;
554 +}
555
556 /******************************************************************************
557 *
558 @@ -793,6 +1109,8 @@ void engine_load_devcrypto_int()
559
560 if (!ENGINE_set_id(e, "devcrypto")
561 || !ENGINE_set_name(e, "/dev/crypto engine")
562 + || !ENGINE_set_cmd_defns(e, devcrypto_cmds)
563 + || !ENGINE_set_ctrl_function(e, devcrypto_ctrl)
564
565 /*
566 * Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD
OpenWrt Source Repository