1) The keylen in cryptodev_dh_compute_key is already in bits. So, avoid multiplying it with 8 while passing it to cryptodev.
2) cryptodev_dh_compute_key must return size of secret generated as expected by openssl. Signed-off-by: Yashpal Dutta <[email protected]> --- crypto/engine/eng_cryptodev.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c index 5a715ac..a4dc093 100644 --- a/crypto/engine/eng_cryptodev.c +++ b/crypto/engine/eng_cryptodev.c @@ -1312,8 +1312,9 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) kop.crk_iparams = 3; kop.crk_param[3].crp_p = (caddr_t) key; - kop.crk_param[3].crp_nbits = keylen * 8; + kop.crk_param[3].crp_nbits = keylen; kop.crk_oparams = 1; + dhret = keylen/8; if (ioctl(fd, CIOCKEY, &kop) == -1) { const DH_METHOD *meth = DH_OpenSSL(); -- 1.7.0.4 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
