engine: update uadk engine source

Backport uadk engine patch from linaro.

Signed-off-by: Wenkai Lin <linwenkai6@hisilicon.com>
(cherry picked from commit 4f6b3e8022834a09849728415c9ea73d7fdb794a)

0033-digest-improve-the-digest-performance.patch

@@ -0,0 +1,226 @@
+From 3cbf3c85645d7ec43aa149c1bcf346a556bbf30a Mon Sep 17 00:00:00 2001
+From: Kai Ye <yekai13@huawei.com>
+Date: Tue, 8 Mar 2022 15:44:00 +0800
+Subject: [PATCH 33/36] digest: improve the digest performance
+
+1. The memset function found to be a hotspot function by perf. so should
+   remove the memset in io path. it can improve three times
+   performance.
+2. add some branch predictor function to improve a little performance.
+3. use the uadk_memory_cpy can improve 5% performance.
+
+Signed-off-by: Kai Ye <yekai13@huawei.com>
+---
+ src/Makefile.am   |  4 +--
+ src/uadk.h        |  1 +
+ src/uadk_digest.c | 17 ++++++-------
+ src/uadk_utils.c  | 63 +++++++++++++++++++++++++++++++++++++++++++++++
+ src/uadk_utils.h  | 24 ++++++++++++++++++
+ 5 files changed, 98 insertions(+), 11 deletions(-)
+ create mode 100644 src/uadk_utils.c
+ create mode 100644 src/uadk_utils.h
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 636f559..75595aa 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -7,8 +7,8 @@ UADK_ENGINE_VERSION = -version-number ${MAJOR}:${MINOR}:${REVISION}
+ 
+ lib_LTLIBRARIES=uadk_engine.la
+ 
+-uadk_engine_la_SOURCES=e_uadk.c uadk_cipher.c uadk_digest.c uadk_async.c uadk_rsa.c \
+-		uadk_sm2.c uadk_pkey.c uadk_dh.c uadk_ec.c uadk_ecx.c
++uadk_engine_la_SOURCES=uadk_utils.c e_uadk.c uadk_cipher.c uadk_digest.c uadk_async.c \
++		uadk_rsa.c uadk_sm2.c uadk_pkey.c uadk_dh.c uadk_ec.c uadk_ecx.c
+ uadk_engine_la_LIBADD=-ldl -lwd -lwd_crypto -lpthread
+ uadk_engine_la_LDFLAGS=-module $(UADK_ENGINE_VERSION)
+ 
+diff --git a/src/uadk.h b/src/uadk.h
+index 0f9b0be..384e035 100644
+--- a/src/uadk.h
++++ b/src/uadk.h
+@@ -19,6 +19,7 @@
+ #include <openssl/engine.h>
+ #include <uadk/wd.h>
+ #include <uadk/wd_sched.h>
++#include "uadk_utils.h"
+ 
+ #define ARRAY_SIZE(x)	(sizeof(x) / sizeof((x)[0]))
+ #define ENV_STRING_LEN	256
+diff --git a/src/uadk_digest.c b/src/uadk_digest.c
+index ad24168..355917d 100644
+--- a/src/uadk_digest.c
++++ b/src/uadk_digest.c
+@@ -493,7 +493,7 @@ static int uadk_e_digest_init(EVP_MD_CTX *ctx)
+ 
+ 	priv->state = SEC_DIGEST_INIT;
+ 	ret = uadk_e_init_digest();
+-	if (!ret) {
++	if (unlikely(!ret)) {
+ 		priv->switch_flag = UADK_DO_SOFT;
+ 		fprintf(stderr, "uadk failed to initialize digest.\n");
+ 		goto soft_init;
+@@ -507,7 +507,7 @@ static int uadk_e_digest_init(EVP_MD_CTX *ctx)
+ 		}
+ 	}
+ 
+-	if (i == digest_counts) {
++	if (unlikely(i == digest_counts)) {
+ 		fprintf(stderr, "failed to setup the private ctx.\n");
+ 		return 0;
+ 	}
+@@ -519,11 +519,10 @@ static int uadk_e_digest_init(EVP_MD_CTX *ctx)
+ 		return 0;
+ 
+ 	priv->data = malloc(DIGEST_BLOCK_SIZE);
+-	if (!priv->data) {
++	if (unlikely(!priv->data)) {
+ 		wd_digest_free_sess(priv->sess);
+ 		return 0;
+ 	}
+-	memset(priv->data, 0, DIGEST_BLOCK_SIZE);
+ 
+ 	priv->switch_threshold = sec_digest_get_sw_threshold(nid);
+ 
+@@ -546,7 +545,8 @@ static int digest_update_inner(EVP_MD_CTX *ctx, const void *data, size_t data_le
+ 
+ 	while (priv->last_update_bufflen + left_len > DIGEST_BLOCK_SIZE) {
+ 		copy_to_bufflen = DIGEST_BLOCK_SIZE - priv->last_update_bufflen;
+-		memcpy(priv->data + priv->last_update_bufflen, tmpdata, copy_to_bufflen);
++		uadk_memcpy(priv->data + priv->last_update_bufflen, tmpdata,
++			    copy_to_bufflen);
+ 
+ 		priv->last_update_bufflen = DIGEST_BLOCK_SIZE;
+ 		priv->req.in_bytes = DIGEST_BLOCK_SIZE;
+@@ -567,10 +567,9 @@ static int digest_update_inner(EVP_MD_CTX *ctx, const void *data, size_t data_le
+ 		}
+ 
+ 		priv->last_update_bufflen = 0;
+-		memset(priv->data, 0, DIGEST_BLOCK_SIZE);
+ 		if (left_len <= DIGEST_BLOCK_SIZE) {
+ 			priv->last_update_bufflen = left_len;
+-			memcpy(priv->data, tmpdata, priv->last_update_bufflen);
++			uadk_memcpy(priv->data, tmpdata, priv->last_update_bufflen);
+ 			break;
+ 		}
+ 	}
+@@ -604,7 +603,7 @@ static int uadk_e_digest_update(EVP_MD_CTX *ctx, const void *data, size_t data_l
+ 		goto soft_update;
+ 
+ 	if (priv->last_update_bufflen + data_len <= DIGEST_BLOCK_SIZE) {
+-		memcpy(priv->data + priv->last_update_bufflen, data, data_len);
++		uadk_memcpy(priv->data + priv->last_update_bufflen, data, data_len);
+ 		priv->last_update_bufflen += data_len;
+ 		return 1;
+ 	}
+@@ -697,7 +696,7 @@ static int uadk_e_digest_final(EVP_MD_CTX *ctx, unsigned char *digest)
+ 	priv->e_nid = EVP_MD_nid(EVP_MD_CTX_md(ctx));
+ 
+ 	ret = async_setup_async_event_notification(&op);
+-	if (!ret) {
++	if (unlikely(!ret)) {
+ 		fprintf(stderr, "failed to setup async event notification.\n");
+ 		return 0;
+ 	}
+diff --git a/src/uadk_utils.c b/src/uadk_utils.c
+new file mode 100644
+index 0000000..2b34b3a
+--- /dev/null
++++ b/src/uadk_utils.c
+@@ -0,0 +1,63 @@
++/*
++ * Copyright 2020-2022 Huawei Technologies Co.,Ltd. All rights reserved.
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *     http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ *
++ */
++#include "uadk_utils.h"
++
++#define  UADK_MEM_IMPROVE_THRESHOLD 1024
++
++static void *memcpy_large(void *dstpp, const void *srcpp, size_t len)
++{
++	__asm__ __volatile__(
++			"add x4, %[src], %[count]\n\t"
++			"add x5, %[res], %[count]\n\t"
++			"ldr q0, [%[src]]\n\t"
++			"str q0, [%[res]]\n\t"
++			"sub %[count], %[count], 80\n\t"
++			"and x14, %[src], 15\n\t"
++			"bic %[src], %[src], 15\n\t"
++			"sub x3, %[res], x14\n\t"
++			"add %[count], %[count], x14\n\t"
++
++			"1:\n\t"
++			"ldp q0, q1, [%[src], 16]\n\t"
++			"stp q0, q1, [x3, 16]\n\t"
++			"ldp q0, q1, [%[src], 48]\n\t"
++			"stp q0, q1, [x3, 48]\n\t"
++			"add %[src], %[src], 64\n\t"
++			"add x3, x3, 64\n\t"
++			"subs %[count], %[count], 64\n\t"
++			"b.hi 1b\n\t"
++
++			"ldp q0, q1, [x4, -64]\n\t"
++			"stp q0, q1, [x5, -64]\n\t"
++			"ldp q0, q1, [x4, -32]\n\t"
++			"stp q0, q1, [x5, -32]\n\t"
++
++			: [res] "+r"(dstpp)
++			: [src] "r"(srcpp), [count] "r"(len)
++			  : "x3", "x4", "x5", "x14", "q0", "q1"
++				  );
++
++	return dstpp;
++}
++
++void *uadk_memcpy(void *dstpp, const void *srcpp, size_t len)
++{
++	if (len >= UADK_MEM_IMPROVE_THRESHOLD)
++		return memcpy_large(dstpp, srcpp, len);
++	else
++		return memcpy(dstpp, srcpp, len);
++}
+diff --git a/src/uadk_utils.h b/src/uadk_utils.h
+new file mode 100644
+index 0000000..a16536b
+--- /dev/null
++++ b/src/uadk_utils.h
+@@ -0,0 +1,24 @@
++/*
++ * Copyright 2020-2022 Huawei Technologies Co.,Ltd. All rights reserved.
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *     http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ *
++ */
++#ifndef UADK_UTILS
++#define UADK_UTILS
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++
++void *uadk_memcpy(void *dstpp, const void *srcpp, size_t len);
++#endif
+-- 
+2.24.4
+

0034-cipher-support-the-sm4-ecb-alg.patch

@@ -0,0 +1,90 @@
+From 2dc0aa3a544afd4861656f4e876e287aa3ead9b9 Mon Sep 17 00:00:00 2001
+From: Kai Ye <yekai13@huawei.com>
+Date: Tue, 8 Mar 2022 16:15:32 +0800
+Subject: [PATCH 34/36] cipher: support the sm4-ecb alg
+
+the uadk sdk layer has supported the sm4-ecb alg. Kunpeng 920
+supports the sm4-ecb by new chip fs.
+
+Signed-off-by: Kai Ye <yekai13@huawei.com>
+---
+ src/uadk_cipher.c                | 15 ++++++++-------
+ src/v1/alg/ciphers/sec_ciphers.c |  1 +
+ 2 files changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c
+index 8f8af7e..e4595be 100644
+--- a/src/uadk_cipher.c
++++ b/src/uadk_cipher.c
+@@ -87,6 +87,7 @@ static int cipher_920_nids[] = {
+ 	NID_sm4_cbc,
+ 	NID_des_ede3_cbc,
+ 	NID_des_ede3_ecb,
++	NID_sm4_ecb,
+ 	0,
+ };
+ 
+@@ -103,7 +104,6 @@ static int cipher_930_nids[] = {
+ 	NID_aes_128_xts,
+ 	NID_aes_256_xts,
+ 	NID_sm4_cbc,
+-	NID_sm4_ecb,
+ 	NID_des_ede3_cbc,
+ 	NID_des_ede3_ecb,
+ 	NID_aes_128_cfb128,
+@@ -984,6 +984,11 @@ static int bind_v2_cipher(void)
+ 			  sizeof(struct cipher_priv_ctx), uadk_e_cipher_init,
+ 			  uadk_e_do_cipher, uadk_e_cipher_cleanup,
+ 			  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv);
++	UADK_CIPHER_DESCR(sm4_ecb, 16, 16, 16, EVP_CIPH_ECB_MODE,
++			  sizeof(struct cipher_priv_ctx), uadk_e_cipher_init,
++			  uadk_e_do_cipher, uadk_e_cipher_cleanup,
++			  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv);
++
+ 	return 0;
+ }
+ 
+@@ -1037,10 +1042,6 @@ static int bind_v3_cipher(void)
+ 			  sizeof(struct cipher_priv_ctx), uadk_e_cipher_init,
+ 			  uadk_e_do_cipher, uadk_e_cipher_cleanup,
+ 			  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv);
+-	UADK_CIPHER_DESCR(sm4_ecb, 16, 16, 16, EVP_CIPH_ECB_MODE,
+-			  sizeof(struct cipher_priv_ctx), uadk_e_cipher_init,
+-			  uadk_e_do_cipher, uadk_e_cipher_cleanup,
+-			  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv);
+ 
+ 	return 0;
+ }
+@@ -1088,6 +1089,8 @@ static void destroy_v2_cipher(void)
+ 	uadk_des_ede3_cbc = 0;
+ 	EVP_CIPHER_meth_free(uadk_des_ede3_ecb);
+ 	uadk_des_ede3_ecb = 0;
++	EVP_CIPHER_meth_free(uadk_sm4_ecb);
++	uadk_sm4_ecb = 0;
+ }
+ 
+ static void destroy_v3_cipher(void)
+@@ -1116,8 +1119,6 @@ static void destroy_v3_cipher(void)
+ 	uadk_sm4_ofb128 = 0;
+ 	EVP_CIPHER_meth_free(uadk_sm4_ctr);
+ 	uadk_sm4_ctr = 0;
+-	EVP_CIPHER_meth_free(uadk_sm4_ecb);
+-	uadk_sm4_ecb = 0;
+ }
+ 
+ void uadk_e_destroy_cipher(void)
+diff --git a/src/v1/alg/ciphers/sec_ciphers.c b/src/v1/alg/ciphers/sec_ciphers.c
+index 2c619be..b4743ed 100644
+--- a/src/v1/alg/ciphers/sec_ciphers.c
++++ b/src/v1/alg/ciphers/sec_ciphers.c
+@@ -85,6 +85,7 @@ static int g_known_cipher_nids[CIPHERS_COUNT] = {
+ 	NID_sm4_ctr,
+ 	NID_sm4_cbc,
+ 	NID_sm4_ofb128,
++	NID_sm4_ecb,
+ };
+ 
+ #define SEC_CIPHERS_RETURN_FAIL_IF(cond, mesg, ret) \
+-- 
+2.24.4
+

0035-cipher-fix-segmentation-fault-for-uadk_e_ctx_init.patch

@@ -0,0 +1,42 @@
+From 1ff08b383a59150a193870b3150d5265a03864ed Mon Sep 17 00:00:00 2001
+From: Wenkai Lin <linwenkai6@hisilicon.com>
+Date: Thu, 10 Mar 2022 20:03:20 +0800
+Subject: [PATCH 35/36] cipher: fix segmentation fault for uadk_e_ctx_init
+
+if uadk_e_init_cipher failed, there is no need to
+alloc cipher session, and alloc session will meet
+a segmentation fault because sched_init is not
+set by wd_cipher_init.
+
+Signed-off-by: Wenkai Lin <linwenkai6@hisilicon.com>
+---
+ src/uadk_cipher.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c
+index e4595be..d6dd8e8 100644
+--- a/src/uadk_cipher.c
++++ b/src/uadk_cipher.c
+@@ -846,15 +846,16 @@ static void uadk_e_ctx_init(EVP_CIPHER_CTX *ctx, struct cipher_priv_ctx *priv)
+ 	struct sched_params params = {0};
+ 	int ret;
+ 
++	priv->req.iv_bytes = EVP_CIPHER_CTX_iv_length(ctx);
++	priv->req.iv = priv->iv;
++
+ 	ret = uadk_e_init_cipher();
+ 	if (unlikely(!ret)) {
+ 		priv->switch_flag = UADK_DO_SOFT;
+ 		fprintf(stderr, "uadk failed to init cipher HW!\n");
++		return;
+ 	}
+ 
+-	priv->req.iv_bytes = EVP_CIPHER_CTX_iv_length(ctx);
+-	priv->req.iv = priv->iv;
+-
+ 	/*
+ 	 * The internal RR scheduler used by environment variables,
+ 	 * the cipher algorithm does not distinguish between
+-- 
+2.24.4
+

0036-cipher-sm4-ecb-algorithm-is-deleted-by-mistake.patch

@@ -0,0 +1,28 @@
+From cf720869f7637e41ff1094d8bc640180fca55f75 Mon Sep 17 00:00:00 2001
+From: Kai Ye <yekai13@huawei.com>
+Date: Tue, 15 Mar 2022 17:07:59 +0800
+Subject: [PATCH 36/36] cipher: sm4-ecb algorithm is deleted by mistake
+
+Because sm4-ecb alg is deleted by mistake. So this alg
+not be found in hardware V3.
+
+Signed-off-by: Kai Ye <yekai13@huawei.com>
+---
+ src/uadk_cipher.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c
+index d6dd8e8..5ebad64 100644
+--- a/src/uadk_cipher.c
++++ b/src/uadk_cipher.c
+@@ -104,6 +104,7 @@ static int cipher_930_nids[] = {
+ 	NID_aes_128_xts,
+ 	NID_aes_256_xts,
+ 	NID_sm4_cbc,
++	NID_sm4_ecb,
+ 	NID_des_ede3_cbc,
+ 	NID_des_ede3_ecb,
+ 	NID_aes_128_cfb128,
+-- 
+2.24.4
+

0037-rsa-bugfix-about-redundant-and-inefficient-operation.patch

@@ -0,0 +1,694 @@
+From 50692e4bc425c5709a468946cb56ad483be90f7c Mon Sep 17 00:00:00 2001
+From: Zhiqi Song <songzhiqi1@huawei.com>
+Date: Fri, 18 Mar 2022 23:25:47 +0800
+Subject: [PATCH 37/37] rsa: bugfix about redundant and inefficient operations
+
+Includes:
+1. Remove redundant judgment conditions.
+2. Remove redundant function parameters.
+3. Remove the redundant operation in soft RSA keygen method.
+4. Use more efficient BN memory allocation method, and add
+judgment of the results.
+
+Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com>
+---
+ src/uadk_rsa.c | 331 ++++++++++++++++++++++---------------------------
+ 1 file changed, 148 insertions(+), 183 deletions(-)
+
+diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c
+index 1488b98..821cb78 100644
+--- a/src/uadk_rsa.c
++++ b/src/uadk_rsa.c
+@@ -143,7 +143,7 @@ enum {
+ 
+ static int rsa_check_bit_useful(const int bits, int flen)
+ {
+-	if (!flen && flen > bits)
++	if (flen > bits)
+ 		return SOFT;
+ 
+ 	if (bits < RSA_MIN_MODULUS_BITS)
+@@ -411,8 +411,8 @@ static int get_rsa_prime_param(struct rsa_prime_param *param, BN_CTX *ctx)
+ 	return UADK_E_SUCCESS;
+ 
+ end:
+-	fprintf(stderr, "failed to malloc params\n");
+-	return UADK_E_FAIL;
++	fprintf(stderr, "failed to allocate rsa prime params\n");
++	return -ENOMEM;
+ }
+ 
+ static int rsa_primes_gen(int bits, BIGNUM *e_pub, BIGNUM *p,
+@@ -433,13 +433,11 @@ static int rsa_primes_gen(int bits, BIGNUM *e_pub, BIGNUM *p,
+ 
+ 	BN_CTX_start(ctx);
+ 	param = OPENSSL_zalloc(sizeof(struct rsa_prime_param));
+-	if (!param) {
+-		fprintf(stderr, "failed to malloc rsa prime param\n");
++	if (!param)
+ 		goto free_ctx;
+-	}
+ 
+ 	ret = get_rsa_prime_param(param, ctx);
+-	if (!ret)
++	if (ret != UADK_E_SUCCESS)
+ 		goto free_param;
+ 
+ 	/* Divide bits into 'primes' pieces evenly */
+@@ -624,9 +622,10 @@ static int rsa_get_sign_res(int padding, BIGNUM *to_bn, const BIGNUM *n,
+ 	return UADK_E_SUCCESS;
+ }
+ 
+-static int rsa_get_verify_res(int padding, BIGNUM *to_bn, const BIGNUM *n,
+-			      BIGNUM *ret_bn)
++static int rsa_get_verify_res(int padding, const BIGNUM *n, BIGNUM *ret_bn)
+ {
++	BIGNUM *to_bn = NULL;
++
+ 	if ((padding == RSA_X931_PADDING) && ((bn_get_words(ret_bn)[0] & 0xf)
+ 	    != 0x0c)) {
+ 		if (!BN_sub(to_bn, n, ret_bn))
+@@ -840,6 +839,7 @@ static struct uadk_rsa_sess *rsa_new_eng_session(RSA *rsa)
+ 	rsa_sess = OPENSSL_malloc(sizeof(struct uadk_rsa_sess));
+ 	if (!rsa_sess)
+ 		return NULL;
++
+ 	memset(rsa_sess, 0, sizeof(struct uadk_rsa_sess));
+ 	rsa_sess->alg = rsa;
+ 	rsa_sess->is_prikey_ready = UN_SET;
+@@ -971,23 +971,44 @@ static int rsa_get_keygen_param(struct wd_rsa_req *req,
+ 				struct rsa_keygen_param_bn *bn_param)
+ {
+ 	struct wd_rsa_kg_out *out = (struct wd_rsa_kg_out *)req->dst;
++	struct wd_dtb wd_d, wd_n, wd_qinv, wd_dq, wd_dp;
++	BIGNUM *dmp1, *dmq1, *iqmp, *n, *d;
+ 	unsigned int key_bits, key_size;
+-	BIGNUM *dmp1 = BN_new();
+-	BIGNUM *dmq1 = BN_new();
+-	BIGNUM *iqmp = BN_new();
+-	BIGNUM *n = BN_new();
+-	BIGNUM *d = BN_new();
+-	struct wd_dtb wd_d;
+-	struct wd_dtb wd_n;
+-	struct wd_dtb wd_qinv;
+-	struct wd_dtb wd_dq;
+-	struct wd_dtb wd_dp;
++	BN_CTX *bn_ctx;
+ 
+ 	key_bits = wd_rsa_get_key_bits(ctx);
++	if (!key_bits)
++		return UADK_E_FAIL;
++
+ 	key_size = key_bits >> BIT_BYTES_SHIFT;
+ 	wd_rsa_get_kg_out_params(out, &wd_d, &wd_n);
+ 	wd_rsa_get_kg_out_crt_params(out, &wd_qinv, &wd_dq, &wd_dp);
+ 
++	bn_ctx = BN_CTX_new();
++	if (!bn_ctx)
++		return UADK_E_FAIL;
++
++	BN_CTX_start(bn_ctx);
++	dmp1 = BN_CTX_get(bn_ctx);
++	if (!dmp1)
++		goto free_bn_ctx;
++
++	dmq1 = BN_CTX_get(bn_ctx);
++	if (!dmq1)
++		goto free_bn_ctx;
++
++	iqmp = BN_CTX_get(bn_ctx);
++	if (!iqmp)
++		goto free_bn_ctx;
++
++	n = BN_CTX_get(bn_ctx);
++	if (!n)
++		goto free_bn_ctx;
++
++	d = BN_CTX_get(bn_ctx);
++	if (!d)
++		goto free_bn_ctx;
++
+ 	BN_bin2bn((unsigned char *)wd_d.data, key_size, d);
+ 	BN_bin2bn((unsigned char *)wd_n.data, key_size, n);
+ 	BN_bin2bn((unsigned char *)wd_qinv.data, wd_qinv.dsize, iqmp);
+@@ -997,16 +1018,13 @@ static int rsa_get_keygen_param(struct wd_rsa_req *req,
+ 	if (!(RSA_set0_key(rsa, n, bn_param->e, d) &&
+ 	    RSA_set0_factors(rsa, bn_param->p, bn_param->q) &&
+ 	    RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)))
+-		goto bn_free;
++		goto free_bn_ctx;
+ 
+ 	return UADK_E_SUCCESS;
+ 
+-bn_free:
+-	BN_clear_free(dmp1);
+-	BN_clear_free(dmq1);
+-	BN_clear_free(iqmp);
+-	BN_clear_free(n);
+-	BN_clear_free(d);
++free_bn_ctx:
++	BN_CTX_end(bn_ctx);
++	BN_CTX_free(bn_ctx);
+ 
+ 	return UADK_E_FAIL;
+ }
+@@ -1093,20 +1111,11 @@ err:
+ 
+ static int uadk_e_soft_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
+ {
+-	const RSA_METHOD *default_meth = RSA_PKCS1_OpenSSL();
+ 	int ret;
+ 
+-	if (!default_meth) {
+-		fprintf(stderr, "failed to get soft method.\n");
+-		return UADK_E_FAIL;
+-	}
+-
+ 	UNUSED(cb);
+-	RSA_set_method(rsa, default_meth);
+ 	ret = RSA_generate_key_ex(rsa, bits, e, NULL);
+ 
+-	RSA_set_method(rsa, rsa_hw_meth);
+-
+ 	return ret;
+ }
+ 
+@@ -1131,7 +1140,7 @@ static int rsa_fill_keygen_data(struct uadk_rsa_sess *rsa_sess,
+ 		return UADK_E_FAIL;
+ 
+ 	wd_rsa_get_crt_prikey_params(key_pair->prikey, NULL, NULL, NULL,
+-				&keygen_param->wd_q, &keygen_param->wd_p);
++				     &keygen_param->wd_q, &keygen_param->wd_p);
+ 	if (!keygen_param->wd_q || !keygen_param->wd_p)
+ 		return UADK_E_FAIL;
+ 
+@@ -1170,9 +1179,11 @@ static int rsa_keygen_param_alloc(struct rsa_keygen_param **keygen_param,
+ 				  struct rsa_keygen_param_bn **keygen_bn_param,
+ 				  struct rsa_keypair **key_pair)
+ {
++	BN_CTX *bn_ctx;
++
+ 	*keygen_param = OPENSSL_malloc(sizeof(struct rsa_keygen_param));
+ 	if (!(*keygen_param))
+-		return -ENOMEM;
++		goto err;
+ 
+ 	*keygen_bn_param = (struct rsa_keygen_param_bn *)
+ 			   OPENSSL_malloc(sizeof(struct rsa_keygen_param_bn));
+@@ -1183,16 +1194,35 @@ static int rsa_keygen_param_alloc(struct rsa_keygen_param **keygen_param,
+ 	if (!(*key_pair))
+ 		goto free_keygen_bn_param;
+ 
+-	(*keygen_bn_param)->e = BN_new();
+-	(*keygen_bn_param)->p = BN_new();
+-	(*keygen_bn_param)->q = BN_new();
++	bn_ctx = BN_CTX_new();
++	if (!bn_ctx)
++		goto free_key_pair;
++
++	BN_CTX_start(bn_ctx);
++	(*keygen_bn_param)->e = BN_CTX_get(bn_ctx);
++	if (!(*keygen_bn_param)->e)
++		goto free_bn_ctx;
++
++	(*keygen_bn_param)->p = BN_CTX_get(bn_ctx);
++	if (!(*keygen_bn_param)->p)
++		goto free_bn_ctx;
++
++	(*keygen_bn_param)->q = BN_CTX_get(bn_ctx);
++	if (!(*keygen_bn_param)->q)
++		goto free_bn_ctx;
+ 
+ 	return UADK_E_SUCCESS;
+ 
++free_bn_ctx:
++	BN_CTX_end(bn_ctx);
++	BN_CTX_free(bn_ctx);
++free_key_pair:
++	OPENSSL_free(*key_pair);
+ free_keygen_bn_param:
+ 	OPENSSL_free(*keygen_bn_param);
+ free_keygen_param:
+ 	OPENSSL_free(*keygen_param);
++err:
+ 	return -ENOMEM;
+ }
+ 
+@@ -1236,81 +1266,56 @@ static void rsa_pkey_param_free(struct rsa_pubkey_param **pub,
+ }
+ 
+ static int rsa_create_pub_bn_ctx(RSA *rsa, struct rsa_pubkey_param *pub,
+-				 BN_CTX **bn_ctx, unsigned char **from_buf)
++				 unsigned char **from_buf, int *num_bytes)
+ {
+-	BIGNUM *ret_bn;
+-	int num_bytes;
+-
+ 	RSA_get0_key(rsa, &pub->n, &pub->e, NULL);
+-
+-	*bn_ctx = BN_CTX_new();
+-	if (!(*bn_ctx))
++	if (!(pub->n) || !(pub->e))
+ 		return UADK_E_FAIL;
+ 
+-	BN_CTX_start(*bn_ctx);
+-	ret_bn = BN_CTX_get(*bn_ctx);
+-	if (!ret_bn)
+-		goto err;
+-
+-	num_bytes = BN_num_bytes(pub->n);
+-	if (!num_bytes)
+-		goto err;
++	*num_bytes = BN_num_bytes(pub->n);
++	if (!(*num_bytes))
++		return UADK_E_FAIL;
+ 
+-	*from_buf = OPENSSL_malloc(num_bytes);
++	*from_buf = OPENSSL_malloc(*num_bytes);
+ 	if (!(*from_buf))
+-		goto err;
++		return -ENOMEM;
+ 
+ 	return UADK_E_SUCCESS;
+-
+-err:
+-	BN_CTX_free(*bn_ctx);
+-	return UADK_E_FAIL;
+ }
+ 
+-static void rsa_free_pub_bn_ctx(BN_CTX **bn_ctx, unsigned char **from_buf)
++static void rsa_free_pub_bn_ctx(unsigned char **from_buf)
+ {
+-	BN_CTX_free(*bn_ctx);
+-
+ 	OPENSSL_free(*from_buf);
+ }
+ 
+ static int rsa_create_pri_bn_ctx(RSA *rsa, struct rsa_prikey_param *pri,
+-				 BN_CTX **bn_ctx, unsigned char **from_buf)
++				 unsigned char **from_buf, int *num_bytes)
+ {
+-	BIGNUM *ret_bn;
+-	int num_bytes;
+-
+ 	RSA_get0_key(rsa, &pri->n, &pri->e, &pri->d);
+-	RSA_get0_factors(rsa, &pri->p, &pri->q);
+-	RSA_get0_crt_params(rsa, &pri->dmp1, &pri->dmq1, &pri->iqmp);
++	if (!(pri->n) || !(pri->e) || !(pri->d))
++		return UADK_E_FAIL;
+ 
+-	*bn_ctx = BN_CTX_new();
+-	if (!(*bn_ctx))
++	RSA_get0_factors(rsa, &pri->p, &pri->q);
++	if (!(pri->p) || !(pri->q))
+ 		return UADK_E_FAIL;
+ 
+-	BN_CTX_start(*bn_ctx);
+-	ret_bn = BN_CTX_get(*bn_ctx);
+-	if (!ret_bn)
+-		goto err;
++	RSA_get0_crt_params(rsa, &pri->dmp1, &pri->dmq1, &pri->iqmp);
++	if (!(pri->dmp1) || !(pri->dmq1) || !(pri->iqmp))
++		return UADK_E_FAIL;
+ 
+-	num_bytes = BN_num_bytes(pri->n);
+-	if (!num_bytes)
+-		goto err;
++	*num_bytes = BN_num_bytes(pri->n);
++	if (!(*num_bytes))
++		return UADK_E_FAIL;
+ 
+-	*from_buf = OPENSSL_malloc(num_bytes);
++	*from_buf = OPENSSL_malloc(*num_bytes);
+ 	if (!(*from_buf))
+-		goto err;
++		return -ENOMEM;
+ 
+ 	return UADK_E_SUCCESS;
+-err:
+-	BN_CTX_free(*bn_ctx);
+-	return UADK_E_FAIL;
+ }
+ 
+-static void rsa_free_pri_bn_ctx(BN_CTX **bn_ctx, unsigned char **from_buf)
++static void rsa_free_pri_bn_ctx(unsigned char **from_buf)
+ {
+-	BN_CTX_free(*bn_ctx);
+-
+ 	OPENSSL_free(*from_buf);
+ }
+ 
+@@ -1318,14 +1323,13 @@ static int uadk_e_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
+ {
+ 	struct rsa_keygen_param *keygen_param = NULL;
+ 	struct rsa_keygen_param_bn *bn_param = NULL;
++	struct uadk_rsa_sess *rsa_sess = NULL;
+ 	struct rsa_keypair *key_pair = NULL;
+-	struct uadk_rsa_sess *rsa_sess;
+ 	int is_crt = 1;
+-	int key_size;
+ 	int ret;
+ 
+-	key_size = rsa_check_bit_useful(bits, 0);
+-	if (!key_size || key_size == SOFT)
++	ret = rsa_check_bit_useful(bits, 0);
++	if (!ret || ret == SOFT)
+ 		goto exe_soft;
+ 
+ 	ret = uadk_e_rsa_init();
+@@ -1388,14 +1392,11 @@ exe_soft:
+ static int uadk_e_rsa_public_encrypt(int flen, const unsigned char *from,
+ 				     unsigned char *to, RSA *rsa, int padding)
+ {
++	struct uadk_rsa_sess *rsa_sess = NULL;
+ 	struct rsa_pubkey_param *pub = NULL;
+-	struct uadk_rsa_sess *rsa_sess;
+ 	unsigned char *from_buf = NULL;
++	int num_bytes, is_crt, ret;
+ 	BIGNUM *ret_bn = NULL;
+-	BN_CTX *bn_ctx = NULL;
+-	int num_bytes;
+-	int is_crt;
+-	int ret;
+ 
+ 	ret = check_rsa_input_para(flen, from, to, rsa);
+ 	if (!ret || ret == SOFT)
+@@ -1417,18 +1418,12 @@ static int uadk_e_rsa_public_encrypt(int flen, const unsigned char *from,
+ 		goto free_pkey;
+ 	}
+ 
+-	ret = rsa_create_pub_bn_ctx(rsa, pub, &bn_ctx, &from_buf);
+-	if (!ret) {
++	ret = rsa_create_pub_bn_ctx(rsa, pub, &from_buf, &num_bytes);
++	if (ret <= 0 || flen > num_bytes) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_sess;
+ 	}
+ 
+-	num_bytes = BN_num_bytes(pub->n);
+-	if (flen > num_bytes) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+ 	ret = add_rsa_pubenc_padding(flen, from, from_buf, num_bytes, padding);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+@@ -1448,7 +1443,7 @@ static int uadk_e_rsa_public_encrypt(int flen, const unsigned char *from,
+ 	}
+ 
+ 	ret_bn = BN_bin2bn((const unsigned char *)rsa_sess->req.dst,
+-			   rsa_sess->req.dst_bytes, ret_bn);
++			   rsa_sess->req.dst_bytes, NULL);
+ 	if (!ret_bn) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_buf;
+@@ -1457,11 +1452,13 @@ static int uadk_e_rsa_public_encrypt(int flen, const unsigned char *from,
+ 	ret = BN_bn2binpad(ret_bn, to, num_bytes);
+ 	if (ret == -1) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_bn;
+ 	}
+ 
++free_bn:
++	BN_free(ret_bn);
+ free_buf:
+-	rsa_free_pub_bn_ctx(&bn_ctx, &from_buf);
++	rsa_free_pub_bn_ctx(&from_buf);
+ free_sess:
+ 	rsa_free_eng_session(rsa_sess);
+ free_pkey:
+@@ -1480,11 +1477,8 @@ static int uadk_e_rsa_private_decrypt(int flen, const unsigned char *from,
+ 	struct rsa_prikey_param *pri = NULL;
+ 	unsigned char *from_buf = NULL;
+ 	struct uadk_rsa_sess *rsa_sess;
++	int num_bytes, len, ret;
+ 	BIGNUM *ret_bn = NULL;
+-	BN_CTX *bn_ctx = NULL;
+-	int num_bytes;
+-	int ret;
+-	int len;
+ 
+ 	ret = check_rsa_input_para(flen, from, to, rsa);
+ 	if (!ret || ret == SOFT)
+@@ -1506,18 +1500,12 @@ static int uadk_e_rsa_private_decrypt(int flen, const unsigned char *from,
+ 		goto free_pkey;
+ 	}
+ 
+-	ret = rsa_create_pri_bn_ctx(rsa, pri, &bn_ctx, &from_buf);
+-	if (!ret) {
++	ret = rsa_create_pri_bn_ctx(rsa, pri, &from_buf, &num_bytes);
++	if (ret <= 0 || flen > num_bytes) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_sess;
+ 	}
+ 
+-	num_bytes = BN_num_bytes(pri->n);
+-	if (flen > num_bytes) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+ 	ret = rsa_fill_prikey(rsa, rsa_sess, pri, from_buf, to);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+@@ -1533,7 +1521,7 @@ static int uadk_e_rsa_private_decrypt(int flen, const unsigned char *from,
+ 	}
+ 
+ 	ret_bn = BN_bin2bn((const unsigned char *)rsa_sess->req.dst,
+-			   rsa_sess->req.dst_bytes, ret_bn);
++			   rsa_sess->req.dst_bytes, NULL);
+ 	if (!ret_bn) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_buf;
+@@ -1542,17 +1530,19 @@ static int uadk_e_rsa_private_decrypt(int flen, const unsigned char *from,
+ 	len = BN_bn2binpad(ret_bn, from_buf, num_bytes);
+ 	if (!len) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_bn;
+ 	}
+ 
+ 	ret = check_rsa_pridec_padding(to, num_bytes, from_buf, len, padding);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_bn;
+ 	}
+ 
++free_bn:
++	BN_free(ret_bn);
+ free_buf:
+-	rsa_free_pri_bn_ctx(&bn_ctx, &from_buf);
++	rsa_free_pri_bn_ctx(&from_buf);
+ free_sess:
+ 	rsa_free_eng_session(rsa_sess);
+ free_pkey:
+@@ -1568,14 +1558,13 @@ exe_soft:
+ static int uadk_e_rsa_private_sign(int flen, const unsigned char *from,
+ 				   unsigned char *to, RSA *rsa, int padding)
+ {
++	struct uadk_rsa_sess *rsa_sess = NULL;
+ 	struct rsa_prikey_param *pri = NULL;
+-	struct uadk_rsa_sess *rsa_sess;
+ 	unsigned char *from_buf = NULL;
+-	BIGNUM *to_bn, *ret_bn;
+-	BN_CTX *bn_ctx = NULL;
++	BIGNUM *ret_bn = NULL;
++	BIGNUM *to_bn = NULL;
+ 	BIGNUM *res = NULL;
+-	int num_bytes;
+-	int ret;
++	int num_bytes, ret;
+ 
+ 	ret = check_rsa_input_para(flen, from, to, rsa);
+ 	if (!ret || ret == SOFT)
+@@ -1597,36 +1586,18 @@ static int uadk_e_rsa_private_sign(int flen, const unsigned char *from,
+ 		goto free_pkey;
+ 	}
+ 
+-	ret = rsa_create_pri_bn_ctx(rsa, pri, &bn_ctx, &from_buf);
+-	if (!ret) {
++	ret = rsa_create_pri_bn_ctx(rsa, pri, &from_buf, &num_bytes);
++	if (ret <= 0 || flen > num_bytes) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_sess;
+ 	}
+ 
+-	to_bn = BN_CTX_get(bn_ctx);
+-	if (!to_bn) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+-	num_bytes = BN_num_bytes(pri->n);
+-	if (flen > num_bytes) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+ 	ret = add_rsa_prienc_padding(flen, from, from_buf, num_bytes, padding);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_buf;
+ 	}
+ 
+-	ret_bn = BN_bin2bn(from_buf, num_bytes, to_bn);
+-	if (!ret_bn) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+ 	ret = rsa_fill_prikey(rsa, rsa_sess, pri, from_buf, to);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+@@ -1639,24 +1610,33 @@ static int uadk_e_rsa_private_sign(int flen, const unsigned char *from,
+ 		goto free_buf;
+ 	}
+ 
+-	ret_bn = NULL;
+ 	ret_bn = BN_bin2bn((const unsigned char *)rsa_sess->req.dst,
+-			   rsa_sess->req.dst_bytes, ret_bn);
++			   rsa_sess->req.dst_bytes, NULL);
+ 	if (!ret_bn) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_buf;
+ 	}
+ 
++	to_bn = BN_bin2bn(from_buf, num_bytes, NULL);
++	if (!to_bn) {
++		ret = UADK_DO_SOFT;
++		goto free_ret_bn;
++	}
++
+ 	ret = rsa_get_sign_res(padding, to_bn, pri->n, ret_bn, &res);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_to_bn;
+ 	}
+ 
+ 	ret = BN_bn2binpad(res, to, num_bytes);
+ 
++free_to_bn:
++	BN_free(to_bn);
++free_ret_bn:
++	BN_free(ret_bn);
+ free_buf:
+-	rsa_free_pri_bn_ctx(&bn_ctx, &from_buf);
++	rsa_free_pri_bn_ctx(&from_buf);
+ free_sess:
+ 	rsa_free_eng_session(rsa_sess);
+ free_pkey:
+@@ -1672,15 +1652,11 @@ exe_soft:
+ static int uadk_e_rsa_public_verify(int flen, const unsigned char *from,
+ 				    unsigned char *to, RSA *rsa, int padding)
+ {
+-	struct uadk_rsa_sess *rsa_sess;
++	struct uadk_rsa_sess *rsa_sess = NULL;
++	struct rsa_pubkey_param *pub = NULL;
++	int num_bytes, is_crt, len, ret;
+ 	unsigned char *from_buf = NULL;
+-	struct rsa_pubkey_param *pub;
+-	BIGNUM *ret_bn, *to_bn;
+-	BN_CTX *bn_ctx = NULL;
+-	int num_bytes;
+-	int is_crt;
+-	int ret;
+-	int len;
++	BIGNUM *ret_bn = NULL;
+ 
+ 	ret = check_rsa_input_para(flen, from, to, rsa);
+ 	if (!ret)
+@@ -1704,25 +1680,12 @@ static int uadk_e_rsa_public_verify(int flen, const unsigned char *from,
+ 		goto free_pkey;
+ 	}
+ 
+-	ret = rsa_create_pub_bn_ctx(rsa, pub, &bn_ctx, &from_buf);
+-	if (!ret) {
++	ret = rsa_create_pub_bn_ctx(rsa, pub, &from_buf, &num_bytes);
++	if (ret <= 0 || flen > num_bytes) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_sess;
+ 	}
+ 
+-	to_bn = BN_CTX_get(bn_ctx);
+-	if (!to_bn) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+-	num_bytes = BN_num_bytes(pub->n);
+-	ret_bn = BN_bin2bn(from_buf, num_bytes, to_bn);
+-	if (!ret_bn) {
+-		ret = UADK_DO_SOFT;
+-		goto free_buf;
+-	}
+-
+ 	ret = rsa_fill_pubkey(pub, rsa_sess, from_buf, to);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+@@ -1736,34 +1699,35 @@ static int uadk_e_rsa_public_verify(int flen, const unsigned char *from,
+ 		goto free_buf;
+ 	}
+ 
+-	ret_bn = NULL;
+ 	ret_bn = BN_bin2bn((const unsigned char *)rsa_sess->req.dst,
+-			   rsa_sess->req.dst_bytes, ret_bn);
++			    rsa_sess->req.dst_bytes, NULL);
+ 	if (!ret_bn) {
+ 		ret = UADK_DO_SOFT;
+ 		goto free_buf;
+ 	}
+ 
+-	ret = rsa_get_verify_res(padding, to_bn, pub->n, ret_bn);
++	ret = rsa_get_verify_res(padding, pub->n, ret_bn);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_bn;
+ 	}
+ 
+ 	len = BN_bn2binpad(ret_bn, from_buf, num_bytes);
+ 	if (!len) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_bn;
+ 	}
+ 
+ 	ret = check_rsa_pubdec_padding(to, num_bytes, from_buf, len, padding);
+ 	if (!ret) {
+ 		ret = UADK_DO_SOFT;
+-		goto free_buf;
++		goto free_bn;
+ 	}
+ 
++free_bn:
++	BN_free(ret_bn);
+ free_buf:
+-	rsa_free_pub_bn_ctx(&bn_ctx, &from_buf);
++	rsa_free_pub_bn_ctx(&from_buf);
+ free_sess:
+ 	rsa_free_eng_session(rsa_sess);
+ free_pkey:
+@@ -1786,7 +1750,7 @@ static RSA_METHOD *uadk_e_get_rsa_sw_methods(void)
+ 	(void)RSA_meth_set_priv_enc(rsa_sw_meth, RSA_meth_get_priv_enc(meth));
+ 	(void)RSA_meth_set_pub_dec(rsa_sw_meth, RSA_meth_get_pub_dec(meth));
+ 	(void)RSA_meth_set_priv_dec(rsa_sw_meth, RSA_meth_get_priv_dec(meth));
+-	(void)RSA_meth_set_keygen(rsa_sw_meth, RSA_meth_get_keygen(meth));
++	(void)RSA_meth_set_keygen(rsa_sw_meth, uadk_e_soft_rsa_keygen);
+ 	(void)RSA_meth_set_mod_exp(rsa_sw_meth, RSA_meth_get_mod_exp(meth));
+ 	(void)RSA_meth_set_bn_mod_exp(rsa_sw_meth,
+ 				      RSA_meth_get_bn_mod_exp(meth));
+@@ -1798,6 +1762,7 @@ static RSA_METHOD *uadk_e_get_rsa_hw_methods(void)
+ {
+ 	if (rsa_hw_meth)
+ 		return rsa_hw_meth;
++
+ 	rsa_hw_meth = RSA_meth_new("uadk hardware rsa method", 0);
+ 	if (!rsa_hw_meth) {
+ 		fprintf(stderr, "failed to allocate rsa hardware method\n");
+-- 
+2.24.4
+

uadk_engine.spec

@@ -3,7 +3,7 @@
 Name:          uadk_engine
 Summary:       UADK Accelerator Engine
 Version:       1.0.0
-Release:       5
+Release:       6
 License:       Apache-2.0
 Source:        %{name}-%{version}.tar.gz
 ExclusiveOS:   linux
@@ -48,6 +48,11 @@ Patch0029:	0029-ecc-cleanup-print-log.patch
 Patch0030:	0030-engine-fix-function-return-type.patch
 Patch0031:	0031-rsa-fixup-about-the-wrong-copy.patch
 Patch0032:	0032-README-modify-the-engine-id-name.patch
+Patch0033:	0033-digest-improve-the-digest-performance.patch
+Patch0034:	0034-cipher-support-the-sm4-ecb-alg.patch
+Patch0035:	0035-cipher-fix-segmentation-fault-for-uadk_e_ctx_init.patch
+Patch0036:	0036-cipher-sm4-ecb-algorithm-is-deleted-by-mistake.patch
+Patch0037:	0037-rsa-bugfix-about-redundant-and-inefficient-operation.patch
 
 %description
 This package contains the UADK Accelerator Engine
@@ -97,6 +102,9 @@ fi
 /sbin/ldconfig
 
 %changelog
+* Mon Mar 21 2022 linwenkai <linwenkai6@hisilicon.com> 1.0.0-6
+- Backport uadk engine patch for v1.0.0
+
 * Thu Mar 3 2022 linwenkai <linwenkai6@hisilicon.com> 1.0.0-5
 - Backport uadk engine patch for v1.0.0