mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-24 02:23:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove Obsolete engines

Browse Source 
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2015-10-13 15:02:47 +01:00
parent f51e5ed6b4
commit 8b7080b0b7
34 changed files with 9 additions and 7785 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -4,6 +4,9 @@
Changes between 1.0.2 and 1.1.0 [xx XXX xxxx]
*) Removed obsolete engines: 4758cca, aep, atalla, cswift, nuron and sureware.
[Matt Caswell]
*) New ASN.1 embed macro.
New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the

18
crypto/engine/eng_all.c
View File

@ -73,29 +73,11 @@ void ENGINE_load_builtin_engines(void)
ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_HW
# ifndef OPENSSL_NO_HW_4758_CCA
ENGINE_load_4758cca();
# endif
/*-
* These engines have been disabled as they do not currently build
#ifndef OPENSSL_NO_HW_AEP
ENGINE_load_aep();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_CSWIFT
ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_NURON
ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_SUREWARE
ENGINE_load_sureware();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
ENGINE_load_ubsec();
#endif

6
doc/crypto/engine.pod
View File

@ -24,14 +24,8 @@ engine - ENGINE cryptographic module support
void ENGINE_load_openssl(void);
void ENGINE_load_dynamic(void);
#ifndef OPENSSL_NO_STATIC_ENGINE
void ENGINE_load_4758cca(void);
void ENGINE_load_aep(void);
void ENGINE_load_atalla(void);
void ENGINE_load_chil(void);
void ENGINE_load_cswift(void);
void ENGINE_load_gmp(void);
void ENGINE_load_nuron(void);
void ENGINE_load_sureware(void);
void ENGINE_load_ubsec(void);
#endif
void ENGINE_load_cryptodev(void);

31
engines/Makefile
View File

@ -3,7 +3,7 @@
#
#The following engines have been disabled as they currently do not build
# aep atalla cswift chil nuron sureware ubsec
# sureware ubsec
DIR= engines
TOP= ..
@ -31,13 +31,11 @@ AFLAGS= $(ASFLAGS)
GENERAL=Makefile engines.com install.com engine_vector.mar
LIB=$(TOP)/libcrypto.a
LIBNAMES= 4758cca gmp padlock capi
LIBSRC= e_4758cca.c \
e_gmp.c \
LIBNAMES= gmp padlock capi
LIBSRC= e_gmp.c \
e_padlock.c \
e_capi.c
LIBOBJ= e_4758cca.o \
e_gmp.o \
LIBOBJ= e_gmp.o \
e_padlock.o \
e_capi.o \
$(ENGINES_ASM_OBJ)
@ -48,11 +46,8 @@ TESTLIBOBJ= e_ossltest.o
SRC= $(LIBSRC)
HEADER= e_4758cca_err.c e_4758cca_err.h \
e_gmp_err.c e_gmp_err.h \
HEADER= e_gmp_err.c e_gmp_err.h \
e_chil_err.c e_chil_err.h \
e_nuron_err.c e_nuron_err.h \
e_sureware_err.c e_sureware_err.h \
e_ubsec_err.c e_ubsec_err.h \
e_capi_err.c e_capi_err.h \
e_ossltest_err.c e_ossltest_err.h
@ -159,22 +154,6 @@ clean:
# DO NOT DELETE THIS LINE -- make depend depends on it.
e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h
e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h
e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
e_4758cca.o: vendor_defns/hw_4758_cca.h
e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h

937
engines/e_4758cca.c
View File

@ -1,937 +0,0 @@
/* Author: Maurice Gittens <maurice@gittens.nl> */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/objects.h>
#include <openssl/engine.h>
#include <openssl/rand.h>
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
# ifndef OPENSSL_NO_HW_4758_CCA
# ifdef FLAT_INC
# include "hw_4758_cca.h"
# else
# include "vendor_defns/hw_4758_cca.h"
# endif
# include "e_4758cca_err.c"
static int ibm_4758_cca_destroy(ENGINE *e);
static int ibm_4758_cca_init(ENGINE *e);
static int ibm_4758_cca_finish(ENGINE *e);
static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
void (*f) (void));
/* rsa functions */
/* -------------*/
# ifndef OPENSSL_NO_RSA
static int cca_rsa_pub_enc(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
static int cca_rsa_priv_dec(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen,
const RSA *rsa);
static int cca_rsa_verify(int dtype, const unsigned char *m,
unsigned int m_len, const unsigned char *sigbuf,
unsigned int siglen, const RSA *rsa);
/* utility functions */
/* ---------------------*/
static EVP_PKEY *ibm_4758_load_privkey(ENGINE *, const char *,
UI_METHOD *ui_method,
void *callback_data);
static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *, const char *,
UI_METHOD *ui_method,
void *callback_data);
static int getModulusAndExponent(const unsigned char *token,
long *exponentLength,
unsigned char *exponent, long *modulusLength,
long *modulusFieldLength,
unsigned char *modulus);
# endif
/* RAND number functions */
/* ---------------------*/
static int cca_get_random_bytes(unsigned char *, int);
static int cca_random_status(void);
# ifndef OPENSSL_NO_RSA
static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
# endif
/* Function pointers for CCA verbs */
/* -------------------------------*/
# ifndef OPENSSL_NO_RSA
static F_KEYRECORDREAD keyRecordRead;
static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
static F_PUBLICKEYEXTRACT publicKeyExtract;
static F_PKAENCRYPT pkaEncrypt;
static F_PKADECRYPT pkaDecrypt;
# endif
static F_RANDOMNUMBERGENERATE randomNumberGenerate;
/* static variables */
/* ----------------*/
static const char *CCA4758_LIB_NAME = NULL;
static const char *get_CCA4758_LIB_NAME(void)
{
if (CCA4758_LIB_NAME)
return CCA4758_LIB_NAME;
return CCA_LIB_NAME;
}
static void free_CCA4758_LIB_NAME(void)
{
if (CCA4758_LIB_NAME)
OPENSSL_free((void *)CCA4758_LIB_NAME);
CCA4758_LIB_NAME = NULL;
}
static long set_CCA4758_LIB_NAME(const char *name)
{
free_CCA4758_LIB_NAME();
return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
}
# ifndef OPENSSL_NO_RSA
static const char *n_keyRecordRead = CSNDKRR;
static const char *n_digitalSignatureGenerate = CSNDDSG;
static const char *n_digitalSignatureVerify = CSNDDSV;
static const char *n_publicKeyExtract = CSNDPKX;
static const char *n_pkaEncrypt = CSNDPKE;
static const char *n_pkaDecrypt = CSNDPKD;
# endif
static const char *n_randomNumberGenerate = CSNBRNG;
# ifndef OPENSSL_NO_RSA
static int hndidx = -1;
# endif
static DSO *dso = NULL;
/* openssl engine initialization structures */
/* ----------------------------------------*/
# define CCA4758_CMD_SO_PATH ENGINE_CMD_BASE
static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = {
{CCA4758_CMD_SO_PATH,
"SO_PATH",
"Specifies the path to the '4758cca' shared library",
ENGINE_CMD_FLAG_STRING},
{0, NULL, NULL, 0}
};
# ifndef OPENSSL_NO_RSA
static RSA_METHOD ibm_4758_cca_rsa = {
"IBM 4758 CCA RSA method",
cca_rsa_pub_enc,
NULL,
NULL,
cca_rsa_priv_dec,
NULL, /* rsa_mod_exp, */
NULL, /* mod_exp_mont, */
NULL, /* init */
NULL, /* finish */
RSA_FLAG_SIGN_VER, /* flags */
NULL, /* app_data */
cca_rsa_sign, /* rsa_sign */
cca_rsa_verify, /* rsa_verify */
NULL /* rsa_keygen */
};
# endif
static RAND_METHOD ibm_4758_cca_rand = {
/* "IBM 4758 RAND method", */
NULL, /* seed */
cca_get_random_bytes, /* get random bytes from the card */
NULL, /* cleanup */
NULL, /* add */
cca_get_random_bytes, /* pseudo rand */
cca_random_status, /* status */
};
static const char *engine_4758_cca_id = "4758cca";
static const char *engine_4758_cca_name =
"IBM 4758 CCA hardware engine support";
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
/* Compatibility hack, the dynamic library uses this form in the path */
static const char *engine_4758_cca_id_alt = "4758_cca";
# endif
/* engine implementation */
/* ---------------------*/
static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_4758_cca_id) ||
!ENGINE_set_name(e, engine_4758_cca_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
# endif
!ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
!ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
!ENGINE_set_init_function(e, ibm_4758_cca_init) ||
!ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
!ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
!ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
# endif
!ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
return 0;
/* Ensure the error handling is set up */
ERR_load_CCA4758_strings();
return 1;
}
# ifdef OPENSSL_NO_DYNAMIC_ENGINE
static ENGINE *engine_4758_cca(void)
{
ENGINE *ret = ENGINE_new();
if (!ret)
return NULL;
if (!bind_helper(ret)) {
ENGINE_free(ret);
return NULL;
}
return ret;
}
void ENGINE_load_4758cca(void)
{
ENGINE *e_4758 = engine_4758_cca();
if (!e_4758)
return;
ENGINE_add(e_4758);
ENGINE_free(e_4758);
ERR_clear_error();
}
# endif
static int ibm_4758_cca_destroy(ENGINE *e)
{
ERR_unload_CCA4758_strings();
free_CCA4758_LIB_NAME();
return 1;
}
static int ibm_4758_cca_init(ENGINE *e)
{
if (dso) {
CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_ALREADY_LOADED);
goto err;
}
dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
if (!dso) {
CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
goto err;
}
#define BINDIT(t, name) (t)DSO_bind_func(dso, name)
# ifndef OPENSSL_NO_RSA
if ((keyRecordRead = BINDIT(F_KEYRECORDREAD, n_keyRecordRead)) == NULL
|| (randomNumberGenerate = BINDIT(F_RANDOMNUMBERGENERATE, n_randomNumberGenerate)) == NULL
|| (digitalSignatureGenerate = BINDIT(F_DIGITALSIGNATUREGENERATE, n_digitalSignatureGenerate)) == NULL
|| (digitalSignatureVerify = BINDIT(F_DIGITALSIGNATUREVERIFY, n_digitalSignatureVerify)) == NULL
|| (publicKeyExtract = BINDIT(F_PUBLICKEYEXTRACT, n_publicKeyExtract)) == NULL
|| (pkaEncrypt = BINDIT(F_PKAENCRYPT, n_pkaEncrypt)) == NULL
|| (pkaDecrypt = BINDIT(F_PKADECRYPT, n_pkaDecrypt)) == NULL)
{
CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
goto err;
}
# else
if ((randomNumberGenerate = BINDIT(F_RANDOMNUMBERGENERATE, n_randomNumberGenerate)) == NULL) {
CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
goto err;
}
# endif
# ifndef OPENSSL_NO_RSA
hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
NULL, NULL, cca_ex_free);
# endif
return 1;
err:
DSO_free(dso);
dso = NULL;
# ifndef OPENSSL_NO_RSA
keyRecordRead = (F_KEYRECORDREAD) 0;
digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
pkaEncrypt = (F_PKAENCRYPT) 0;
pkaDecrypt = (F_PKADECRYPT) 0;
# endif
randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
return 0;
}
static int ibm_4758_cca_finish(ENGINE *e)
{
free_CCA4758_LIB_NAME();
if (!dso) {
CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_NOT_LOADED);
return 0;
}
if (!DSO_free(dso)) {
CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_UNIT_FAILURE);
return 0;
}
dso = NULL;
# ifndef OPENSSL_NO_RSA
keyRecordRead = (F_KEYRECORDREAD) 0;
randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
pkaEncrypt = (F_PKAENCRYPT) 0;
pkaDecrypt = (F_PKADECRYPT) 0;
# endif
randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
return 1;
}
static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
void (*f) (void))
{
int initialised = ((dso == NULL) ? 0 : 1);
switch (cmd) {
case CCA4758_CMD_SO_PATH:
if (p == NULL) {
CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (initialised) {
CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, CCA4758_R_ALREADY_LOADED);
return 0;
}
return set_CCA4758_LIB_NAME((const char *)p);
default:
break;
}
CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
CCA4758_R_COMMAND_NOT_IMPLEMENTED);
return 0;
}
# ifndef OPENSSL_NO_RSA
# define MAX_CCA_PKA_TOKEN_SIZE 2500
static EVP_PKEY *ibm_4758_load_privkey(ENGINE *e, const char *key_id,
UI_METHOD *ui_method,
void *callback_data)
{
RSA *rtmp = NULL;
EVP_PKEY *res = NULL;
unsigned char *keyToken = NULL;
unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
long returnCode;
long reasonCode;
long exitDataLength = 0;
long ruleArrayLength = 0;
unsigned char exitData[8];
unsigned char ruleArray[8];
unsigned char keyLabel[64];
unsigned long keyLabelLength = strlen(key_id);
unsigned char modulus[256];
long modulusFieldLength = sizeof(modulus);
long modulusLength = 0;
unsigned char exponent[256];
long exponentLength = sizeof(exponent);
if (keyLabelLength > sizeof(keyLabel)) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return NULL;
}
memset(keyLabel, ' ', sizeof(keyLabel));
memcpy(keyLabel, key_id, keyLabelLength);
keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
if (!keyToken) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray, keyLabel,
&keyTokenLength, keyToken + sizeof(long));
if (returnCode) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
goto err;
}
publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
keyToken + sizeof(long), &pubKeyTokenLength,
pubKeyToken);
if (returnCode) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
goto err;
}
if (!getModulusAndExponent(pubKeyToken, &exponentLength,
exponent, &modulusLength, &modulusFieldLength,
modulus)) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
goto err;
}
(*(long *)keyToken) = keyTokenLength;
rtmp = RSA_new_method(e);
RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
rtmp->flags |= RSA_FLAG_EXT_PKEY;
res = EVP_PKEY_new();
EVP_PKEY_assign_RSA(res, rtmp);
return res;
err:
OPENSSL_free(keyToken);
return NULL;
}
static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id,
UI_METHOD *ui_method,
void *callback_data)
{
RSA *rtmp = NULL;
EVP_PKEY *res = NULL;
unsigned char *keyToken = NULL;
long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
long returnCode;
long reasonCode;
long exitDataLength = 0;
long ruleArrayLength = 0;
unsigned char exitData[8];
unsigned char ruleArray[8];
unsigned char keyLabel[64];
unsigned long keyLabelLength = strlen(key_id);
unsigned char modulus[512];
long modulusFieldLength = sizeof(modulus);
long modulusLength = 0;
unsigned char exponent[512];
long exponentLength = sizeof(exponent);
if (keyLabelLength > sizeof(keyLabel)) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return NULL;
}
memset(keyLabel, ' ', sizeof(keyLabel));
memcpy(keyLabel, key_id, keyLabelLength);
keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
if (!keyToken) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
&ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
keyToken + sizeof(long));
if (returnCode) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!getModulusAndExponent(keyToken + sizeof(long), &exponentLength,
exponent, &modulusLength, &modulusFieldLength,
modulus)) {
CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
goto err;
}
(*(long *)keyToken) = keyTokenLength;
rtmp = RSA_new_method(e);
RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
rtmp->flags |= RSA_FLAG_EXT_PKEY;
res = EVP_PKEY_new();
EVP_PKEY_assign_RSA(res, rtmp);
return res;
err:
OPENSSL_free(keyToken);
return NULL;
}
static int cca_rsa_pub_enc(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
long returnCode;
long reasonCode;
long lflen = flen;
long exitDataLength = 0;
unsigned char exitData[8];
long ruleArrayLength = 1;
unsigned char ruleArray[8] = "PKCS-1.2";
long dataStructureLength = 0;
unsigned char dataStructure[8];
long outputLength = RSA_size(rsa);
long keyTokenLength;
unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
keyTokenLength = *(long *)keyToken;
keyToken += sizeof(long);
pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
&ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
&dataStructureLength, dataStructure, &keyTokenLength,
keyToken, &outputLength, to);
if (returnCode || reasonCode)
return -(returnCode << 16 | reasonCode);
return outputLength;
}
static int cca_rsa_priv_dec(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
long returnCode;
long reasonCode;
long lflen = flen;
long exitDataLength = 0;
unsigned char exitData[8];
long ruleArrayLength = 1;
unsigned char ruleArray[8] = "PKCS-1.2";
long dataStructureLength = 0;
unsigned char dataStructure[8];
long outputLength = RSA_size(rsa);
long keyTokenLength;
unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
keyTokenLength = *(long *)keyToken;
keyToken += sizeof(long);
pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
&ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
&dataStructureLength, dataStructure, &keyTokenLength,
keyToken, &outputLength, to);
return (returnCode | reasonCode) ? 0 : 1;
}
# define SSL_SIG_LEN 36
static int cca_rsa_verify(int type, const unsigned char *m,
unsigned int m_len, const unsigned char *sigbuf,
unsigned int siglen, const RSA *rsa)
{
long returnCode;
long reasonCode;
long lsiglen = siglen;
long exitDataLength = 0;
unsigned char exitData[8];
long ruleArrayLength = 1;
unsigned char ruleArray[8] = "PKCS-1.1";
long keyTokenLength;
unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
long length = SSL_SIG_LEN;
long keyLength;
unsigned char *hashBuffer = NULL;
X509_SIG sig;
ASN1_TYPE parameter;
X509_ALGOR algorithm;
ASN1_OCTET_STRING digest;
keyTokenLength = *(long *)keyToken;
keyToken += sizeof(long);
if (type == NID_md5 || type == NID_sha1) {
sig.algor = &algorithm;
algorithm.algorithm = OBJ_nid2obj(type);
if (!algorithm.algorithm) {
CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
return 0;
}
if (!OBJ_length(algorithm.algorithm)) {
CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
return 0;
}
parameter.type = V_ASN1_NULL;
parameter.value.ptr = NULL;
algorithm.parameter = &parameter;
sig.digest = &digest;
sig.digest->data = (unsigned char *)m;
sig.digest->length = m_len;
length = i2d_X509_SIG(&sig, NULL);
}
keyLength = RSA_size(rsa);
if (length - RSA_PKCS1_PADDING > keyLength) {
CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return 0;
}
switch (type) {
case NID_md5_sha1:
if (m_len != SSL_SIG_LEN) {
CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return 0;
}
hashBuffer = (unsigned char *)m;
length = m_len;
break;
case NID_md5:
{
unsigned char *ptr;
ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
if (!hashBuffer) {
CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
return 0;
}
i2d_X509_SIG(&sig, &ptr);
}
break;
case NID_sha1:
{
unsigned char *ptr;
ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
if (!hashBuffer) {
CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
return 0;
}
i2d_X509_SIG(&sig, &ptr);
}
break;
default:
return 0;
}
digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray,
&keyTokenLength, keyToken, &length, hashBuffer,
&lsiglen, (unsigned char *)sigbuf);
if (type == NID_sha1 || type == NID_md5)
OPENSSL_clear_free(hashBuffer, keyLength + 1);
return ((returnCode || reasonCode) ? 0 : 1);
}
# define SSL_SIG_LEN 36
static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen,
const RSA *rsa)
{
long returnCode;
long reasonCode;
long exitDataLength = 0;
unsigned char exitData[8];
long ruleArrayLength = 1;
unsigned char ruleArray[8] = "PKCS-1.1";
long outputLength = 256;
long outputBitLength;
long keyTokenLength;
unsigned char *hashBuffer = NULL;
unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
long length = SSL_SIG_LEN;
long keyLength;
X509_SIG sig;
ASN1_TYPE parameter;
X509_ALGOR algorithm;
ASN1_OCTET_STRING digest;
keyTokenLength = *(long *)keyToken;
keyToken += sizeof(long);
if (type == NID_md5 || type == NID_sha1) {
sig.algor = &algorithm;
algorithm.algorithm = OBJ_nid2obj(type);
if (!algorithm.algorithm) {
CCA4758err(CCA4758_F_CCA_RSA_SIGN,
CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
return 0;
}
if (!OBJ_length(algorithm.algorithm)) {
CCA4758err(CCA4758_F_CCA_RSA_SIGN,
CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
return 0;
}
parameter.type = V_ASN1_NULL;
parameter.value.ptr = NULL;
algorithm.parameter = &parameter;
sig.digest = &digest;
sig.digest->data = (unsigned char *)m;
sig.digest->length = m_len;
length = i2d_X509_SIG(&sig, NULL);
}
keyLength = RSA_size(rsa);
if (length - RSA_PKCS1_PADDING > keyLength) {
CCA4758err(CCA4758_F_CCA_RSA_SIGN,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return 0;
}
switch (type) {
case NID_md5_sha1:
if (m_len != SSL_SIG_LEN) {
CCA4758err(CCA4758_F_CCA_RSA_SIGN,
CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
return 0;
}
hashBuffer = (unsigned char *)m;
length = m_len;
break;
case NID_md5:
{
unsigned char *ptr;
ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
if (!hashBuffer) {
CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
return 0;
}
i2d_X509_SIG(&sig, &ptr);
}
break;
case NID_sha1:
{
unsigned char *ptr;
ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
if (!hashBuffer) {
CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
return 0;
}
i2d_X509_SIG(&sig, &ptr);
}
break;
default:
return 0;
}
digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray,
&keyTokenLength, keyToken, &length, hashBuffer,
&outputLength, &outputBitLength, sigret);
if (type == NID_sha1 || type == NID_md5)
OPENSSL_clear_free(hashBuffer, keyLength + 1);
*siglen = outputLength;
return ((returnCode || reasonCode) ? 0 : 1);
}
static int getModulusAndExponent(const unsigned char *token,
long *exponentLength,
unsigned char *exponent, long *modulusLength,
long *modulusFieldLength,
unsigned char *modulus)
{
unsigned long len;
if (*token++ != (char)0x1E) /* internal PKA token? */
return 0;
if (*token++) /* token version must be zero */
return 0;
len = *token++;
len = len << 8;
len |= (unsigned char)*token++;
token += 4; /* skip reserved bytes */
if (*token++ == (char)0x04) {
if (*token++) /* token version must be zero */
return 0;
len = *token++;
len = len << 8;
len |= (unsigned char)*token++;
token += 2; /* skip reserved section */
len = *token++;
len = len << 8;
len |= (unsigned char)*token++;
*exponentLength = len;
len = *token++;
len = len << 8;
len |= (unsigned char)*token++;
*modulusLength = len;
len = *token++;
len = len << 8;
len |= (unsigned char)*token++;
*modulusFieldLength = len;
memcpy(exponent, token, *exponentLength);
token += *exponentLength;
memcpy(modulus, token, *modulusFieldLength);
return 1;
}
return 0;
}
# endif /* OPENSSL_NO_RSA */
static int cca_random_status(void)
{
return 1;
}
static int cca_get_random_bytes(unsigned char *buf, int num)
{
long ret_code;
long reason_code;
long exit_data_length;
unsigned char exit_data[4];
unsigned char form[] = "RANDOM ";
unsigned char rand_buf[8];
while (num >= (int)sizeof(rand_buf)) {
randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
exit_data, form, rand_buf);
if (ret_code)
return 0;
num -= sizeof(rand_buf);
memcpy(buf, rand_buf, sizeof(rand_buf));
buf += sizeof(rand_buf);
}
if (num) {
randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
form, rand_buf);
if (ret_code)
return 0;
memcpy(buf, rand_buf, num);
}
return 1;
}
# ifndef OPENSSL_NO_RSA
static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
long argl, void *argp)
{
OPENSSL_free(item);
}
# endif
/* Goo to handle building as a dynamic engine */
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
static int bind_fn(ENGINE *e, const char *id)
{
if (id && (strcmp(id, engine_4758_cca_id) != 0) &&
(strcmp(id, engine_4758_cca_id_alt) != 0))
return 0;
if (!bind_helper(e))
return 0;
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
# endif /* !OPENSSL_NO_HW_4758_CCA */
#endif /* !OPENSSL_NO_HW */

1
engines/e_4758cca.ec
View File

@ -1 +0,0 @@
L CCA4758 e_4758cca_err.h e_4758cca_err.c

153
engines/e_4758cca_err.c
View File

@ -1,153 +0,0 @@
/* e_4758cca_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "e_4758cca_err.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(0,func,0)
# define ERR_REASON(reason) ERR_PACK(0,0,reason)
static ERR_STRING_DATA CCA4758_str_functs[] = {
{ERR_FUNC(CCA4758_F_CCA_RSA_SIGN), "CCA_RSA_SIGN"},
{ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY), "CCA_RSA_VERIFY"},
{ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL), "IBM_4758_CCA_CTRL"},
{ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH), "IBM_4758_CCA_FINISH"},
{ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT), "IBM_4758_CCA_INIT"},
{ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY), "IBM_4758_LOAD_PRIVKEY"},
{ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY), "IBM_4758_LOAD_PUBKEY"},
{0, NULL}
};
static ERR_STRING_DATA CCA4758_str_reasons[] = {
{ERR_REASON(CCA4758_R_ALREADY_LOADED), "already loaded"},
{ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD),
"asn1 oid unknown for md"},
{ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED),
"command not implemented"},
{ERR_REASON(CCA4758_R_DSO_FAILURE), "dso failure"},
{ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY),
"failed loading private key"},
{ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY),
"failed loading public key"},
{ERR_REASON(CCA4758_R_NOT_LOADED), "not loaded"},
{ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
"size too large or too small"},
{ERR_REASON(CCA4758_R_UNIT_FAILURE), "unit failure"},
{ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
{0, NULL}
};
#endif
#ifdef CCA4758_LIB_NAME
static ERR_STRING_DATA CCA4758_lib_name[] = {
{0, CCA4758_LIB_NAME},
{0, NULL}
};
#endif
static int CCA4758_lib_error_code = 0;
static int CCA4758_error_init = 1;
static void ERR_load_CCA4758_strings(void)
{
if (CCA4758_lib_error_code == 0)
CCA4758_lib_error_code = ERR_get_next_error_library();
if (CCA4758_error_init) {
CCA4758_error_init = 0;
#ifndef OPENSSL_NO_ERR
ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_functs);
ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
#endif
#ifdef CCA4758_LIB_NAME
CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code, 0, 0);
ERR_load_strings(0, CCA4758_lib_name);
#endif
}
}
static void ERR_unload_CCA4758_strings(void)
{
if (CCA4758_error_init == 0) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_functs);
ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
#endif
#ifdef CCA4758_LIB_NAME
ERR_unload_strings(0, CCA4758_lib_name);
#endif
CCA4758_error_init = 1;
}
}
static void ERR_CCA4758_error(int function, int reason, char *file, int line)
{
if (CCA4758_lib_error_code == 0)
CCA4758_lib_error_code = ERR_get_next_error_library();
ERR_PUT_error(CCA4758_lib_error_code, function, reason, file, line);
}

98
engines/e_4758cca_err.h
View File

@ -1,98 +0,0 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_CCA4758_ERR_H
# define HEADER_CCA4758_ERR_H
#ifdef __cplusplus
extern "C" {
#endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
static void ERR_load_CCA4758_strings(void);
static void ERR_unload_CCA4758_strings(void);
static void ERR_CCA4758_error(int function, int reason, char *file, int line);
# define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
/* Error codes for the CCA4758 functions. */
/* Function codes. */
# define CCA4758_F_CCA_RSA_SIGN 105
# define CCA4758_F_CCA_RSA_VERIFY 106
# define CCA4758_F_IBM_4758_CCA_CTRL 100
# define CCA4758_F_IBM_4758_CCA_FINISH 101
# define CCA4758_F_IBM_4758_CCA_INIT 102
# define CCA4758_F_IBM_4758_LOAD_PRIVKEY 103
# define CCA4758_F_IBM_4758_LOAD_PUBKEY 104
/* Reason codes. */
# define CCA4758_R_ALREADY_LOADED 100
# define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD 101
# define CCA4758_R_COMMAND_NOT_IMPLEMENTED 102
# define CCA4758_R_DSO_FAILURE 103
# define CCA4758_R_FAILED_LOADING_PRIVATE_KEY 104
# define CCA4758_R_FAILED_LOADING_PUBLIC_KEY 105
# define CCA4758_R_NOT_LOADED 106
# define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107
# define CCA4758_R_UNIT_FAILURE 108
# define CCA4758_R_UNKNOWN_ALGORITHM_TYPE 109
#ifdef __cplusplus
}
#endif
#endif

1182
engines/e_aep.c
View File

File diff suppressed because it is too large Load Diff

1
engines/e_aep.ec
View File

@ -1 +0,0 @@
L AEPHK e_aep_err.h e_aep_err.c

159
engines/e_aep_err.c
View File

@ -1,159 +0,0 @@
/* e_aep_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "e_aep_err.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(0,func,0)
# define ERR_REASON(reason) ERR_PACK(0,0,reason)
static ERR_STRING_DATA AEPHK_str_functs[] = {
{ERR_FUNC(AEPHK_F_AEP_CTRL), "AEP_CTRL"},
{ERR_FUNC(AEPHK_F_AEP_FINISH), "AEP_FINISH"},
{ERR_FUNC(AEPHK_F_AEP_GET_CONNECTION), "AEP_GET_CONNECTION"},
{ERR_FUNC(AEPHK_F_AEP_INIT), "AEP_INIT"},
{ERR_FUNC(AEPHK_F_AEP_MOD_EXP), "AEP_MOD_EXP"},
{ERR_FUNC(AEPHK_F_AEP_MOD_EXP_CRT), "AEP_MOD_EXP_CRT"},
{ERR_FUNC(AEPHK_F_AEP_RAND), "AEP_RAND"},
{ERR_FUNC(AEPHK_F_AEP_RSA_MOD_EXP), "AEP_RSA_MOD_EXP"},
{0, NULL}
};
static ERR_STRING_DATA AEPHK_str_reasons[] = {
{ERR_REASON(AEPHK_R_ALREADY_LOADED), "already loaded"},
{ERR_REASON(AEPHK_R_CLOSE_HANDLES_FAILED), "close handles failed"},
{ERR_REASON(AEPHK_R_CONNECTIONS_IN_USE), "connections in use"},
{ERR_REASON(AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),
"ctrl command not implemented"},
{ERR_REASON(AEPHK_R_FINALIZE_FAILED), "finalize failed"},
{ERR_REASON(AEPHK_R_GET_HANDLE_FAILED), "get handle failed"},
{ERR_REASON(AEPHK_R_GET_RANDOM_FAILED), "get random failed"},
{ERR_REASON(AEPHK_R_INIT_FAILURE), "init failure"},
{ERR_REASON(AEPHK_R_MISSING_KEY_COMPONENTS), "missing key components"},
{ERR_REASON(AEPHK_R_MOD_EXP_CRT_FAILED), "mod exp crt failed"},
{ERR_REASON(AEPHK_R_MOD_EXP_FAILED), "mod exp failed"},
{ERR_REASON(AEPHK_R_NOT_LOADED), "not loaded"},
{ERR_REASON(AEPHK_R_OK), "ok"},
{ERR_REASON(AEPHK_R_RETURN_CONNECTION_FAILED),
"return connection failed"},
{ERR_REASON(AEPHK_R_SETBNCALLBACK_FAILURE), "setbncallback failure"},
{ERR_REASON(AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
"size too large or too small"},
{ERR_REASON(AEPHK_R_UNIT_FAILURE), "unit failure"},
{0, NULL}
};
#endif
#ifdef AEPHK_LIB_NAME
static ERR_STRING_DATA AEPHK_lib_name[] = {
{0, AEPHK_LIB_NAME},
{0, NULL}
};
#endif
static int AEPHK_lib_error_code = 0;
static int AEPHK_error_init = 1;
static void ERR_load_AEPHK_strings(void)
{
if (AEPHK_lib_error_code == 0)
AEPHK_lib_error_code = ERR_get_next_error_library();
if (AEPHK_error_init) {
AEPHK_error_init = 0;
#ifndef OPENSSL_NO_ERR
ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_functs);
ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
#endif
#ifdef AEPHK_LIB_NAME
AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code, 0, 0);
ERR_load_strings(0, AEPHK_lib_name);
#endif
}
}
static void ERR_unload_AEPHK_strings(void)
{
if (AEPHK_error_init == 0) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_functs);
ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
#endif
#ifdef AEPHK_LIB_NAME
ERR_unload_strings(0, AEPHK_lib_name);
#endif
AEPHK_error_init = 1;
}
}
static void ERR_AEPHK_error(int function, int reason, char *file, int line)
{
if (AEPHK_lib_error_code == 0)
AEPHK_lib_error_code = ERR_get_next_error_library();
ERR_PUT_error(AEPHK_lib_error_code, function, reason, file, line);
}

106
engines/e_aep_err.h
View File

@ -1,106 +0,0 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_AEPHK_ERR_H
# define HEADER_AEPHK_ERR_H
#ifdef __cplusplus
extern "C" {
#endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
static void ERR_load_AEPHK_strings(void);
static void ERR_unload_AEPHK_strings(void);
static void ERR_AEPHK_error(int function, int reason, char *file, int line);
# define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
/* Error codes for the AEPHK functions. */
/* Function codes. */
# define AEPHK_F_AEP_CTRL 100
# define AEPHK_F_AEP_FINISH 101
# define AEPHK_F_AEP_GET_CONNECTION 102
# define AEPHK_F_AEP_INIT 103
# define AEPHK_F_AEP_MOD_EXP 104
# define AEPHK_F_AEP_MOD_EXP_CRT 105
# define AEPHK_F_AEP_RAND 106
# define AEPHK_F_AEP_RSA_MOD_EXP 107
/* Reason codes. */
# define AEPHK_R_ALREADY_LOADED 100
# define AEPHK_R_CLOSE_HANDLES_FAILED 101
# define AEPHK_R_CONNECTIONS_IN_USE 102
# define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
# define AEPHK_R_FINALIZE_FAILED 104
# define AEPHK_R_GET_HANDLE_FAILED 105
# define AEPHK_R_GET_RANDOM_FAILED 106
# define AEPHK_R_INIT_FAILURE 107
# define AEPHK_R_MISSING_KEY_COMPONENTS 108
# define AEPHK_R_MOD_EXP_CRT_FAILED 109
# define AEPHK_R_MOD_EXP_FAILED 110
# define AEPHK_R_NOT_LOADED 111
# define AEPHK_R_OK 112
# define AEPHK_R_RETURN_CONNECTION_FAILED 113
# define AEPHK_R_SETBNCALLBACK_FAILURE 114
# define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL 116
# define AEPHK_R_UNIT_FAILURE 115
#ifdef __cplusplus
}
#endif
#endif

621
engines/e_atalla.c
View File

@ -1,621 +0,0 @@
/* crypto/engine/hw_atalla.c */
/*
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
* 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/buffer.h>
#include <openssl/dso.h>
#include <openssl/engine.h>
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
# ifndef OPENSSL_NO_HW_ATALLA
# ifdef FLAT_INC
# include "atalla.h"
# else
# include "vendor_defns/atalla.h"
# endif
# define ATALLA_LIB_NAME "atalla engine"
# include "e_atalla_err.c"
static int atalla_destroy(ENGINE *e);
static int atalla_init(ENGINE *e);
static int atalla_finish(ENGINE *e);
static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
/* BIGNUM stuff */
static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
# ifndef OPENSSL_NO_RSA
/* RSA stuff */
static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
BN_CTX *ctx);
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx);
# endif
# ifndef OPENSSL_NO_DSA
/* DSA stuff */
static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
BN_CTX *ctx, BN_MONT_CTX *in_mont);
static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx);
# endif
# ifndef OPENSSL_NO_DH
/* DH stuff */
/* This function is alised to mod_exp (with the DH and mont dropped). */
static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx);
# endif
/* The definitions for control commands specific to this engine */
# define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE
static const ENGINE_CMD_DEFN atalla_cmd_defns[] = {
{ATALLA_CMD_SO_PATH,
"SO_PATH",
"Specifies the path to the 'atasi' shared library",
ENGINE_CMD_FLAG_STRING},
{0, NULL, NULL, 0}
};
# ifndef OPENSSL_NO_RSA
/* Our internal RSA_METHOD that we provide pointers to */
static RSA_METHOD atalla_rsa = {
"Atalla RSA method",
NULL,
NULL,
NULL,
NULL,
atalla_rsa_mod_exp,
atalla_mod_exp_mont,
NULL,
NULL,
0,
NULL,
NULL,
NULL,
NULL
};
# endif
# ifndef OPENSSL_NO_DSA
/* Our internal DSA_METHOD that we provide pointers to */
static DSA_METHOD atalla_dsa = {
"Atalla DSA method",
NULL, /* dsa_do_sign */
NULL, /* dsa_sign_setup */
NULL, /* dsa_do_verify */
atalla_dsa_mod_exp, /* dsa_mod_exp */
atalla_mod_exp_dsa, /* bn_mod_exp */
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
# endif
# ifndef OPENSSL_NO_DH
/* Our internal DH_METHOD that we provide pointers to */
static DH_METHOD atalla_dh = {
"Atalla DH method",
NULL,
NULL,
atalla_mod_exp_dh,
NULL,
NULL,
0,
NULL,
NULL
};
# endif
/* Constants used when creating the ENGINE */
static const char *engine_atalla_id = "atalla";
static const char *engine_atalla_name = "Atalla hardware engine support";
/*
* This internal function is used by ENGINE_atalla() and possibly by the
* "dynamic" ENGINE support too
*/
static int bind_helper(ENGINE *e)
{
# ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
# endif
# ifndef OPENSSL_NO_DSA
const DSA_METHOD *meth2;
# endif
# ifndef OPENSSL_NO_DH
const DH_METHOD *meth3;
# endif
if (!ENGINE_set_id(e, engine_atalla_id) ||
!ENGINE_set_name(e, engine_atalla_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &atalla_rsa) ||
# endif
# ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(e, &atalla_dsa) ||
# endif
# ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &atalla_dh) ||
# endif
!ENGINE_set_destroy_function(e, atalla_destroy) ||
!ENGINE_set_init_function(e, atalla_init) ||
!ENGINE_set_finish_function(e, atalla_finish) ||
!ENGINE_set_ctrl_function(e, atalla_ctrl) ||
!ENGINE_set_cmd_defns(e, atalla_cmd_defns))
return 0;
# ifndef OPENSSL_NO_RSA
/*
* We know that the "PKCS1_SSLeay()" functions hook properly to the
* atalla-specific mod_exp and mod_exp_crt so we use those functions. NB:
* We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
meth1 = RSA_PKCS1_SSLeay();
atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
# endif
# ifndef OPENSSL_NO_DSA
/*
* Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
*/
meth2 = DSA_OpenSSL();
atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
# endif
# ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth3 = DH_OpenSSL();
atalla_dh.generate_key = meth3->generate_key;
atalla_dh.compute_key = meth3->compute_key;
# endif
/* Ensure the atalla error handling is set up */
ERR_load_ATALLA_strings();
return 1;
}
# ifdef OPENSSL_NO_DYNAMIC_ENGINE
static ENGINE *engine_atalla(void)
{
ENGINE *ret = ENGINE_new();
if (!ret)
return NULL;
if (!bind_helper(ret)) {
ENGINE_free(ret);
return NULL;
}
return ret;
}
void ENGINE_load_atalla(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_atalla();
if (!toadd)
return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
# endif
/*
* This is a process-global DSO handle used for loading and unloading the
* Atalla library. NB: This is only set (or unset) during an init() or
* finish() call (reference counts permitting) and they're operating with
* global locks, so this should be thread-safe implicitly.
*/
static DSO *atalla_dso = NULL;
/*
* These are the function pointers that are (un)set when the library has
* successfully (un)loaded.
*/
static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics =
NULL;
/*
* These are the static string constants for the DSO file name and the
* function symbol names to bind to. Regrettably, the DSO name on *nix
* appears to be "atasi.so" rather than something more consistent like
* "libatasi.so". At the time of writing, I'm not sure what the file name on
* win32 is but clearly native name translation is not possible (eg
* libatasi.so on *nix, and atasi.dll on win32). For the purposes of testing,
* I have created a symbollic link called "libatasi.so" so that we can use
* native name-translation - a better solution will be needed.
*/
static const char *ATALLA_LIBNAME = NULL;
static const char *get_ATALLA_LIBNAME(void)
{
if (ATALLA_LIBNAME)
return ATALLA_LIBNAME;
return "atasi";
}
static void free_ATALLA_LIBNAME(void)
{
OPENSSL_free(ATALLA_LIBNAME);
ATALLA_LIBNAME = NULL;
}
static long set_ATALLA_LIBNAME(const char *name)
{
free_ATALLA_LIBNAME();
return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
}
static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
/* Destructor (complements the "ENGINE_atalla()" constructor) */
static int atalla_destroy(ENGINE *e)
{
free_ATALLA_LIBNAME();
/*
* Unload the atalla error strings so any error state including our
* functs or reasons won't lead to a segfault (they simply get displayed
* without corresponding string data because none will be found).
*/
ERR_unload_ATALLA_strings();
return 1;
}
/* (de)initialisation functions. */
static int atalla_init(ENGINE *e)
{
tfnASI_GetHardwareConfig *p1;
tfnASI_RSAPrivateKeyOpFn *p2;
tfnASI_GetPerformanceStatistics *p3;
/*
* Not sure of the origin of this magic value, but Ben's code had it and
* it seemed to have been working for a few people. :-)
*/
unsigned int config_buf[1024];
if (atalla_dso != NULL) {
ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_ALREADY_LOADED);
goto err;
}
/*
* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be changed
* unfortunately because the Atalla drivers don't have standard library
* names that can be platform-translated well.
*/
/*
* TODO: Work out how to actually map to the names the Atalla drivers
* really use - for now a symbollic link needs to be created on the host
* system from libatasi.so to atasi.so on unix variants.
*/
atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
if (atalla_dso == NULL) {
ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
goto err;
}
#define BINDIT(t, name) (t *)DSO_bind_func(atalla_dso, name)
if ((p1 = BINDIT(tfnASI_GetHardwareConfig, ATALLA_F1)) == NULL
|| (p2 = BINDIT(tfnASI_RSAPrivateKeyOpFn, ATALLA_F2)) == NULL
|| (p3 = BINDIT(tfnASI_GetPerformanceStatistics, ATALLA_F3)) == NULL) {
ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
goto err;
}
/* Copy the pointers */
p_Atalla_GetHardwareConfig = p1;
p_Atalla_RSAPrivateKeyOpFn = p2;
p_Atalla_GetPerformanceStatistics = p3;
/*
* Perform a basic test to see if there's actually any unit running.
*/
if (p1(0L, config_buf) != 0) {
ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_UNIT_FAILURE);
goto err;
}
/* Everything's fine. */
return 1;
err:
DSO_free(atalla_dso);
atalla_dso = NULL;
p_Atalla_GetHardwareConfig = NULL;
p_Atalla_RSAPrivateKeyOpFn = NULL;
p_Atalla_GetPerformanceStatistics = NULL;
return 0;
}
static int atalla_finish(ENGINE *e)
{
free_ATALLA_LIBNAME();
if (atalla_dso == NULL) {
ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_NOT_LOADED);
return 0;
}
if (!DSO_free(atalla_dso)) {
ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_UNIT_FAILURE);
return 0;
}
atalla_dso = NULL;
p_Atalla_GetHardwareConfig = NULL;
p_Atalla_RSAPrivateKeyOpFn = NULL;
p_Atalla_GetPerformanceStatistics = NULL;
return 1;
}
static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
{
int initialised = ((atalla_dso == NULL) ? 0 : 1);
switch (cmd) {
case ATALLA_CMD_SO_PATH:
if (p == NULL) {
ATALLAerr(ATALLA_F_ATALLA_CTRL, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (initialised) {
ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_ALREADY_LOADED);
return 0;
}
return set_ATALLA_LIBNAME((const char *)p);
default:
break;
}
ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
return 0;
}
static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx)
{
/*
* I need somewhere to store temporary serialised values for use with the
* Atalla API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX but
* access their arrays directly as byte arrays <grin>. This way I don't
* have to clean anything up.
*/
BIGNUM *modulus;
BIGNUM *exponent;
BIGNUM *argument;
BIGNUM *result;
RSAPrivateKey keydata;
int to_return, numbytes;
modulus = exponent = argument = result = NULL;
to_return = 0; /* expect failure */
if (!atalla_dso) {
ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_NOT_LOADED);
goto err;
}
/* Prepare the params */
BN_CTX_start(ctx);
modulus = BN_CTX_get(ctx);
exponent = BN_CTX_get(ctx);
argument = BN_CTX_get(ctx);
result = BN_CTX_get(ctx);
if (!result) {
ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_CTX_FULL);
goto err;
}
if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
!bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) {
ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_EXPAND_FAIL);
goto err;
}
/* Prepare the key-data */
memset(&keydata, 0, sizeof(keydata));
numbytes = BN_num_bytes(m);
memset(exponent->d, 0, numbytes);
memset(modulus->d, 0, numbytes);
BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
keydata.privateExponent.data = (unsigned char *)exponent->d;
keydata.privateExponent.len = numbytes;
keydata.modulus.data = (unsigned char *)modulus->d;
keydata.modulus.len = numbytes;
/* Prepare the argument */
memset(argument->d, 0, numbytes);
memset(result->d, 0, numbytes);
BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
/* Perform the operation */
if (p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
(unsigned char *)argument->d,
keydata.modulus.len) != 0) {
ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_REQUEST_FAILED);
goto err;
}
/* Convert the response */
BN_bin2bn((unsigned char *)result->d, numbytes, r);
to_return = 1;
err:
BN_CTX_end(ctx);
return to_return;
}
# ifndef OPENSSL_NO_RSA
static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
BN_CTX *ctx)
{
int to_return = 0;
if (!atalla_dso) {
ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP, ATALLA_R_NOT_LOADED);
goto err;
}
if (!rsa->d || !rsa->n) {
ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,
ATALLA_R_MISSING_KEY_COMPONENTS);
goto err;
}
to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
err:
return to_return;
}
# endif
# ifndef OPENSSL_NO_DSA
/*
* This code was liberated and adapted from the commented-out code in
* dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
* doesn't have a CRT form for RSA), this function means that an Atalla
* system running with a DSA server certificate can handshake around 5 or 6
* times faster/more than an equivalent system running with RSA. Just check
* out the "signs" statistics from the RSA and DSA parts of "openssl speed
* -engine atalla dsa1024 rsa1024".
*/
static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
BN_CTX *ctx, BN_MONT_CTX *in_mont)
{
BIGNUM t;
int to_return = 0;
BN_init(&t);
/* let rr = a1 ^ p1 mod m */
if (!atalla_mod_exp(rr, a1, p1, m, ctx))
goto end;
/* let t = a2 ^ p2 mod m */
if (!atalla_mod_exp(&t, a2, p2, m, ctx))
goto end;
/* let rr = rr * t mod m */
if (!BN_mod_mul(rr, rr, &t, m, ctx))
goto end;
to_return = 1;
end:
BN_free(&t);
return to_return;
}
static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
return atalla_mod_exp(r, a, p, m, ctx);
}
# endif
# ifndef OPENSSL_NO_RSA
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
return atalla_mod_exp(r, a, p, m, ctx);
}
# endif
# ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
{
return atalla_mod_exp(r, a, p, m, ctx);
}
# endif
/*
* This stuff is needed if this ENGINE is being compiled into a
* self-contained shared-library.
*/
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
static int bind_fn(ENGINE *e, const char *id)
{
if (id && (strcmp(id, engine_atalla_id) != 0))
return 0;
if (!bind_helper(e))
return 0;
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
# endif /* !OPENSSL_NO_HW_ATALLA */
#endif /* !OPENSSL_NO_HW */

1
engines/e_atalla.ec
View File

@ -1 +0,0 @@
L ATALLA e_atalla_err.h e_atalla_err.c

145
engines/e_atalla_err.c
View File

@ -1,145 +0,0 @@
/* e_atalla_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "e_atalla_err.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(0,func,0)
# define ERR_REASON(reason) ERR_PACK(0,0,reason)
static ERR_STRING_DATA ATALLA_str_functs[] = {
{ERR_FUNC(ATALLA_F_ATALLA_CTRL), "ATALLA_CTRL"},
{ERR_FUNC(ATALLA_F_ATALLA_FINISH), "ATALLA_FINISH"},
{ERR_FUNC(ATALLA_F_ATALLA_INIT), "ATALLA_INIT"},
{ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP), "ATALLA_MOD_EXP"},
{ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP), "ATALLA_RSA_MOD_EXP"},
{0, NULL}
};
static ERR_STRING_DATA ATALLA_str_reasons[] = {
{ERR_REASON(ATALLA_R_ALREADY_LOADED), "already loaded"},
{ERR_REASON(ATALLA_R_BN_CTX_FULL), "bn ctx full"},
{ERR_REASON(ATALLA_R_BN_EXPAND_FAIL), "bn expand fail"},
{ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED),
"ctrl command not implemented"},
{ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS), "missing key components"},
{ERR_REASON(ATALLA_R_NOT_LOADED), "not loaded"},
{ERR_REASON(ATALLA_R_REQUEST_FAILED), "request failed"},
{ERR_REASON(ATALLA_R_UNIT_FAILURE), "unit failure"},
{0, NULL}
};
#endif
#ifdef ATALLA_LIB_NAME
static ERR_STRING_DATA ATALLA_lib_name[] = {
{0, ATALLA_LIB_NAME},
{0, NULL}
};
#endif
static int ATALLA_lib_error_code = 0;
static int ATALLA_error_init = 1;
static void ERR_load_ATALLA_strings(void)
{
if (ATALLA_lib_error_code == 0)
ATALLA_lib_error_code = ERR_get_next_error_library();
if (ATALLA_error_init) {
ATALLA_error_init = 0;
#ifndef OPENSSL_NO_ERR
ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_functs);
ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
#endif
#ifdef ATALLA_LIB_NAME
ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code, 0, 0);
ERR_load_strings(0, ATALLA_lib_name);
#endif
}
}
static void ERR_unload_ATALLA_strings(void)
{
if (ATALLA_error_init == 0) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_functs);
ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
#endif
#ifdef ATALLA_LIB_NAME
ERR_unload_strings(0, ATALLA_lib_name);
#endif
ATALLA_error_init = 1;
}
}
static void ERR_ATALLA_error(int function, int reason, char *file, int line)
{
if (ATALLA_lib_error_code == 0)
ATALLA_lib_error_code = ERR_get_next_error_library();
ERR_PUT_error(ATALLA_lib_error_code, function, reason, file, line);
}

94
engines/e_atalla_err.h
View File

@ -1,94 +0,0 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_ATALLA_ERR_H
# define HEADER_ATALLA_ERR_H
#ifdef __cplusplus
extern "C" {
#endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
static void ERR_load_ATALLA_strings(void);
static void ERR_unload_ATALLA_strings(void);
static void ERR_ATALLA_error(int function, int reason, char *file, int line);
# define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
/* Error codes for the ATALLA functions. */
/* Function codes. */
# define ATALLA_F_ATALLA_CTRL 100
# define ATALLA_F_ATALLA_FINISH 101
# define ATALLA_F_ATALLA_INIT 102
# define ATALLA_F_ATALLA_MOD_EXP 103
# define ATALLA_F_ATALLA_RSA_MOD_EXP 104
/* Reason codes. */
# define ATALLA_R_ALREADY_LOADED 100
# define ATALLA_R_BN_CTX_FULL 101
# define ATALLA_R_BN_EXPAND_FAIL 102
# define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
# define ATALLA_R_MISSING_KEY_COMPONENTS 104
# define ATALLA_R_NOT_LOADED 105
# define ATALLA_R_REQUEST_FAILED 106
# define ATALLA_R_UNIT_FAILURE 107
#ifdef __cplusplus
}
#endif
#endif

1081
engines/e_cswift.c
View File

File diff suppressed because it is too large Load Diff

1
engines/e_cswift.ec
View File

@ -1 +0,0 @@
L CSWIFT e_cswift_err.h e_cswift_err.c

150
engines/e_cswift_err.c
View File

@ -1,150 +0,0 @@
/* e_cswift_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "e_cswift_err.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(0,func,0)
# define ERR_REASON(reason) ERR_PACK(0,0,reason)
static ERR_STRING_DATA CSWIFT_str_functs[] = {
{ERR_FUNC(CSWIFT_F_CSWIFT_CTRL), "CSWIFT_CTRL"},
{ERR_FUNC(CSWIFT_F_CSWIFT_DSA_SIGN), "CSWIFT_DSA_SIGN"},
{ERR_FUNC(CSWIFT_F_CSWIFT_DSA_VERIFY), "CSWIFT_DSA_VERIFY"},
{ERR_FUNC(CSWIFT_F_CSWIFT_FINISH), "CSWIFT_FINISH"},
{ERR_FUNC(CSWIFT_F_CSWIFT_INIT), "CSWIFT_INIT"},
{ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP), "CSWIFT_MOD_EXP"},
{ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP_CRT), "CSWIFT_MOD_EXP_CRT"},
{ERR_FUNC(CSWIFT_F_CSWIFT_RAND_BYTES), "CSWIFT_RAND_BYTES"},
{ERR_FUNC(CSWIFT_F_CSWIFT_RSA_MOD_EXP), "CSWIFT_RSA_MOD_EXP"},
{0, NULL}
};
static ERR_STRING_DATA CSWIFT_str_reasons[] = {
{ERR_REASON(CSWIFT_R_ALREADY_LOADED), "already loaded"},
{ERR_REASON(CSWIFT_R_BAD_KEY_SIZE), "bad key size"},
{ERR_REASON(CSWIFT_R_BN_CTX_FULL), "bn ctx full"},
{ERR_REASON(CSWIFT_R_BN_EXPAND_FAIL), "bn expand fail"},
{ERR_REASON(CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED),
"ctrl command not implemented"},
{ERR_REASON(CSWIFT_R_MISSING_KEY_COMPONENTS), "missing key components"},
{ERR_REASON(CSWIFT_R_NOT_LOADED), "not loaded"},
{ERR_REASON(CSWIFT_R_REQUEST_FAILED), "request failed"},
{ERR_REASON(CSWIFT_R_UNIT_FAILURE), "unit failure"},
{0, NULL}
};
#endif
#ifdef CSWIFT_LIB_NAME
static ERR_STRING_DATA CSWIFT_lib_name[] = {
{0, CSWIFT_LIB_NAME},
{0, NULL}
};
#endif
static int CSWIFT_lib_error_code = 0;
static int CSWIFT_error_init = 1;
static void ERR_load_CSWIFT_strings(void)
{
if (CSWIFT_lib_error_code == 0)
CSWIFT_lib_error_code = ERR_get_next_error_library();
if (CSWIFT_error_init) {
CSWIFT_error_init = 0;
#ifndef OPENSSL_NO_ERR
ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
#endif
#ifdef CSWIFT_LIB_NAME
CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code, 0, 0);
ERR_load_strings(0, CSWIFT_lib_name);
#endif
}
}
static void ERR_unload_CSWIFT_strings(void)
{
if (CSWIFT_error_init == 0) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
#endif
#ifdef CSWIFT_LIB_NAME
ERR_unload_strings(0, CSWIFT_lib_name);
#endif
CSWIFT_error_init = 1;
}
}
static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
{
if (CSWIFT_lib_error_code == 0)
CSWIFT_lib_error_code = ERR_get_next_error_library();
ERR_PUT_error(CSWIFT_lib_error_code, function, reason, file, line);
}

99
engines/e_cswift_err.h
View File

@ -1,99 +0,0 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_CSWIFT_ERR_H
# define HEADER_CSWIFT_ERR_H
#ifdef __cplusplus
extern "C" {
#endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
static void ERR_load_CSWIFT_strings(void);
static void ERR_unload_CSWIFT_strings(void);
static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
# define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
/* Error codes for the CSWIFT functions. */
/* Function codes. */
# define CSWIFT_F_CSWIFT_CTRL 100
# define CSWIFT_F_CSWIFT_DSA_SIGN 101
# define CSWIFT_F_CSWIFT_DSA_VERIFY 102
# define CSWIFT_F_CSWIFT_FINISH 103
# define CSWIFT_F_CSWIFT_INIT 104
# define CSWIFT_F_CSWIFT_MOD_EXP 105
# define CSWIFT_F_CSWIFT_MOD_EXP_CRT 106
# define CSWIFT_F_CSWIFT_RAND_BYTES 108
# define CSWIFT_F_CSWIFT_RSA_MOD_EXP 107
/* Reason codes. */
# define CSWIFT_R_ALREADY_LOADED 100
# define CSWIFT_R_BAD_KEY_SIZE 101
# define CSWIFT_R_BN_CTX_FULL 102
# define CSWIFT_R_BN_EXPAND_FAIL 103
# define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED 104
# define CSWIFT_R_MISSING_KEY_COMPONENTS 105
# define CSWIFT_R_NOT_LOADED 106
# define CSWIFT_R_REQUEST_FAILED 107
# define CSWIFT_R_UNIT_FAILURE 108
#ifdef __cplusplus
}
#endif
#endif

435
engines/e_nuron.c
View File

@ -1,435 +0,0 @@
/* crypto/engine/hw_nuron.c */
/*
* Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
* Thorpe's Atalla implementation.
*/
/* ====================================================================
* Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/buffer.h>
#include <openssl/dso.h>
#include <openssl/engine.h>
#ifndef OPENSSL_NO_RSA
# include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_DSA
# include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
# ifndef OPENSSL_NO_HW_NURON
# define NURON_LIB_NAME "nuron engine"
# include "e_nuron_err.c"
static const char *NURON_LIBNAME = NULL;
static const char *get_NURON_LIBNAME(void)
{
if (NURON_LIBNAME)
return NURON_LIBNAME;
return "nuronssl";
}
static void free_NURON_LIBNAME(void)
{
OPENSSL_free(NURON_LIBNAME);
NURON_LIBNAME = NULL;
}
static long set_NURON_LIBNAME(const char *name)
{
free_NURON_LIBNAME();
return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
}
static const char *NURON_F1 = "nuron_mod_exp";
/* The definitions for control commands specific to this engine */
# define NURON_CMD_SO_PATH ENGINE_CMD_BASE
static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
{NURON_CMD_SO_PATH,
"SO_PATH",
"Specifies the path to the 'nuronssl' shared library",
ENGINE_CMD_FLAG_STRING},
{0, NULL, NULL, 0}
};
typedef int tfnModExp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m);
static tfnModExp *pfnModExp = NULL;
static DSO *pvDSOHandle = NULL;
static int nuron_destroy(ENGINE *e)
{
free_NURON_LIBNAME();
ERR_unload_NURON_strings();
return 1;
}
static int nuron_init(ENGINE *e)
{
if (pvDSOHandle != NULL) {
NURONerr(NURON_F_NURON_INIT, NURON_R_ALREADY_LOADED);
return 0;
}
pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
if (!pvDSOHandle) {
NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_NOT_FOUND);
return 0;
}
pfnModExp = (tfnModExp *) DSO_bind_func(pvDSOHandle, NURON_F1);
if (!pfnModExp) {
NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_FUNCTION_NOT_FOUND);
return 0;
}
return 1;
}
static int nuron_finish(ENGINE *e)
{
free_NURON_LIBNAME();
if (pvDSOHandle == NULL) {
NURONerr(NURON_F_NURON_FINISH, NURON_R_NOT_LOADED);
return 0;
}
if (!DSO_free(pvDSOHandle)) {
NURONerr(NURON_F_NURON_FINISH, NURON_R_DSO_FAILURE);
return 0;
}
pvDSOHandle = NULL;
pfnModExp = NULL;
return 1;
}
static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
{
int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
switch (cmd) {
case NURON_CMD_SO_PATH:
if (p == NULL) {
NURONerr(NURON_F_NURON_CTRL, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (initialised) {
NURONerr(NURON_F_NURON_CTRL, NURON_R_ALREADY_LOADED);
return 0;
}
return set_NURON_LIBNAME((const char *)p);
default:
break;
}
NURONerr(NURON_F_NURON_CTRL, NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
return 0;
}
static int nuron_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx)
{
if (!pvDSOHandle) {
NURONerr(NURON_F_NURON_MOD_EXP, NURON_R_NOT_LOADED);
return 0;
}
return pfnModExp(r, a, p, m);
}
# ifndef OPENSSL_NO_RSA
static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
BN_CTX *ctx)
{
return nuron_mod_exp(r0, I, rsa->d, rsa->n, ctx);
}
# endif
# ifndef OPENSSL_NO_DSA
/*
* This code was liberated and adapted from the commented-out code in
* dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
* doesn't have a CRT form for RSA), this function means that an Atalla
* system running with a DSA server certificate can handshake around 5 or 6
* times faster/more than an equivalent system running with RSA. Just check
* out the "signs" statistics from the RSA and DSA parts of "openssl speed
* -engine atalla dsa1024 rsa1024".
*/
static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
BN_CTX *ctx, BN_MONT_CTX *in_mont)
{
BIGNUM t;
int to_return = 0;
BN_init(&t);
/* let rr = a1 ^ p1 mod m */
if (!nuron_mod_exp(rr, a1, p1, m, ctx))
goto end;
/* let t = a2 ^ p2 mod m */
if (!nuron_mod_exp(&t, a2, p2, m, ctx))
goto end;
/* let rr = rr * t mod m */
if (!BN_mod_mul(rr, rr, &t, m, ctx))
goto end;
to_return = 1;
end:
BN_free(&t);
return to_return;
}
static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
return nuron_mod_exp(r, a, p, m, ctx);
}
# endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
# ifndef OPENSSL_NO_RSA
static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
return nuron_mod_exp(r, a, p, m, ctx);
}
# endif
# ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
{
return nuron_mod_exp(r, a, p, m, ctx);
}
# endif
# ifndef OPENSSL_NO_RSA
static RSA_METHOD nuron_rsa = {
"Nuron RSA method",
NULL,
NULL,
NULL,
NULL,
nuron_rsa_mod_exp,
nuron_mod_exp_mont,
NULL,
NULL,
0,
NULL,
NULL,
NULL,
NULL
};
# endif
# ifndef OPENSSL_NO_DSA
static DSA_METHOD nuron_dsa = {
"Nuron DSA method",
NULL, /* dsa_do_sign */
NULL, /* dsa_sign_setup */
NULL, /* dsa_do_verify */
nuron_dsa_mod_exp, /* dsa_mod_exp */
nuron_mod_exp_dsa, /* bn_mod_exp */
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
# endif
# ifndef OPENSSL_NO_DH
static DH_METHOD nuron_dh = {
"Nuron DH method",
NULL,
NULL,
nuron_mod_exp_dh,
NULL,
NULL,
0,
NULL,
NULL
};
# endif
/* Constants used when creating the ENGINE */
static const char *engine_nuron_id = "nuron";
static const char *engine_nuron_name = "Nuron hardware engine support";
/*
* This internal function is used by ENGINE_nuron() and possibly by the
* "dynamic" ENGINE support too
*/
static int bind_helper(ENGINE *e)
{
# ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
# endif
# ifndef OPENSSL_NO_DSA
const DSA_METHOD *meth2;
# endif
# ifndef OPENSSL_NO_DH
const DH_METHOD *meth3;
# endif
if (!ENGINE_set_id(e, engine_nuron_id) ||
!ENGINE_set_name(e, engine_nuron_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &nuron_rsa) ||
# endif
# ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(e, &nuron_dsa) ||
# endif
# ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &nuron_dh) ||
# endif
!ENGINE_set_destroy_function(e, nuron_destroy) ||
!ENGINE_set_init_function(e, nuron_init) ||
!ENGINE_set_finish_function(e, nuron_finish) ||
!ENGINE_set_ctrl_function(e, nuron_ctrl) ||
!ENGINE_set_cmd_defns(e, nuron_cmd_defns))
return 0;
# ifndef OPENSSL_NO_RSA
/*
* We know that the "PKCS1_SSLeay()" functions hook properly to the
* nuron-specific mod_exp and mod_exp_crt so we use those functions. NB:
* We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
meth1 = RSA_PKCS1_SSLeay();
nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
# endif
# ifndef OPENSSL_NO_DSA
/*
* Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
*/
meth2 = DSA_OpenSSL();
nuron_dsa.dsa_do_sign = meth2->dsa_do_sign;
nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
nuron_dsa.dsa_do_verify = meth2->dsa_do_verify;
# endif
# ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth3 = DH_OpenSSL();
nuron_dh.generate_key = meth3->generate_key;
nuron_dh.compute_key = meth3->compute_key;
# endif
/* Ensure the nuron error handling is set up */
ERR_load_NURON_strings();
return 1;
}
# ifdef OPENSSL_NO_DYNAMIC_ENGINE
static ENGINE *engine_nuron(void)
{
ENGINE *ret = ENGINE_new();
if (!ret)
return NULL;
if (!bind_helper(ret)) {
ENGINE_free(ret);
return NULL;
}
return ret;
}
void ENGINE_load_nuron(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_nuron();
if (!toadd)
return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
# endif
/*
* This stuff is needed if this ENGINE is being compiled into a
* self-contained shared-library.
*/
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
static int bind_fn(ENGINE *e, const char *id)
{
if (id && (strcmp(id, engine_nuron_id) != 0))
return 0;
if (!bind_helper(e))
return 0;
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
# endif /* !OPENSSL_NO_HW_NURON */
#endif /* !OPENSSL_NO_HW */

1
engines/e_nuron.ec
View File

@ -1 +0,0 @@
L NURON e_nuron_err.h e_nuron_err.c

142
engines/e_nuron_err.c
View File

@ -1,142 +0,0 @@
/* e_nuron_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "e_nuron_err.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(0,func,0)
# define ERR_REASON(reason) ERR_PACK(0,0,reason)
static ERR_STRING_DATA NURON_str_functs[] = {
{ERR_FUNC(NURON_F_NURON_CTRL), "NURON_CTRL"},
{ERR_FUNC(NURON_F_NURON_FINISH), "NURON_FINISH"},
{ERR_FUNC(NURON_F_NURON_INIT), "NURON_INIT"},
{ERR_FUNC(NURON_F_NURON_MOD_EXP), "NURON_MOD_EXP"},
{0, NULL}
};
static ERR_STRING_DATA NURON_str_reasons[] = {
{ERR_REASON(NURON_R_ALREADY_LOADED), "already loaded"},
{ERR_REASON(NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED),
"ctrl command not implemented"},
{ERR_REASON(NURON_R_DSO_FAILURE), "dso failure"},
{ERR_REASON(NURON_R_DSO_FUNCTION_NOT_FOUND), "dso function not found"},
{ERR_REASON(NURON_R_DSO_NOT_FOUND), "dso not found"},
{ERR_REASON(NURON_R_NOT_LOADED), "not loaded"},
{0, NULL}
};
#endif
#ifdef NURON_LIB_NAME
static ERR_STRING_DATA NURON_lib_name[] = {
{0, NURON_LIB_NAME},
{0, NULL}
};
#endif
static int NURON_lib_error_code = 0;
static int NURON_error_init = 1;
static void ERR_load_NURON_strings(void)
{
if (NURON_lib_error_code == 0)
NURON_lib_error_code = ERR_get_next_error_library();
if (NURON_error_init) {
NURON_error_init = 0;
#ifndef OPENSSL_NO_ERR
ERR_load_strings(NURON_lib_error_code, NURON_str_functs);
ERR_load_strings(NURON_lib_error_code, NURON_str_reasons);
#endif
#ifdef NURON_LIB_NAME
NURON_lib_name->error = ERR_PACK(NURON_lib_error_code, 0, 0);
ERR_load_strings(0, NURON_lib_name);
#endif
}
}
static void ERR_unload_NURON_strings(void)
{
if (NURON_error_init == 0) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(NURON_lib_error_code, NURON_str_functs);
ERR_unload_strings(NURON_lib_error_code, NURON_str_reasons);
#endif
#ifdef NURON_LIB_NAME
ERR_unload_strings(0, NURON_lib_name);
#endif
NURON_error_init = 1;
}
}
static void ERR_NURON_error(int function, int reason, char *file, int line)
{
if (NURON_lib_error_code == 0)
NURON_lib_error_code = ERR_get_next_error_library();
ERR_PUT_error(NURON_lib_error_code, function, reason, file, line);
}

91
engines/e_nuron_err.h
View File

@ -1,91 +0,0 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_NURON_ERR_H
# define HEADER_NURON_ERR_H
#ifdef __cplusplus
extern "C" {
#endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
static void ERR_load_NURON_strings(void);
static void ERR_unload_NURON_strings(void);
static void ERR_NURON_error(int function, int reason, char *file, int line);
# define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
/* Error codes for the NURON functions. */
/* Function codes. */
# define NURON_F_NURON_CTRL 100
# define NURON_F_NURON_FINISH 101
# define NURON_F_NURON_INIT 102
# define NURON_F_NURON_MOD_EXP 103
/* Reason codes. */
# define NURON_R_ALREADY_LOADED 100
# define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED 101
# define NURON_R_DSO_FAILURE 102
# define NURON_R_DSO_FUNCTION_NOT_FOUND 103
# define NURON_R_DSO_NOT_FOUND 104
# define NURON_R_NOT_LOADED 105
#ifdef __cplusplus
}
#endif
#endif

1074
engines/e_sureware.c
View File

File diff suppressed because it is too large Load Diff

1
engines/e_sureware.ec
View File

@ -1 +0,0 @@
L SUREWARE e_sureware_err.h e_sureware_err.c

154
engines/e_sureware_err.c
View File

@ -1,154 +0,0 @@
/* e_sureware_err.c */
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/*
* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file,
* only reason strings will be preserved.
*/
#include <stdio.h>
#include <openssl/err.h>
#include "e_sureware_err.h"
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
# define ERR_FUNC(func) ERR_PACK(0,func,0)
# define ERR_REASON(reason) ERR_PACK(0,0,reason)
static ERR_STRING_DATA SUREWARE_str_functs[] = {
{ERR_FUNC(SUREWARE_F_SUREWAREHK_CTRL), "SUREWAREHK_CTRL"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_DH_EX_FREE), "SUREWAREHK_DH_EX_FREE"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN), "SUREWAREHK_DSA_DO_SIGN"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_EX_FREE), "SUREWAREHK_EX_FREE"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_FINISH), "SUREWAREHK_FINISH"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_INIT), "SUREWAREHK_INIT"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY), "SUREWAREHK_LOAD_PRIVKEY"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY), "SUREWAREHK_LOAD_PUBKEY"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_MODEXP), "SUREWAREHK_MODEXP"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_BYTES), "SUREWAREHK_RAND_BYTES"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_SEED), "SUREWAREHK_RAND_SEED"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC), "SUREWAREHK_RSA_PRIV_DEC"},
{ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_SIGN), "SUREWAREHK_RSA_SIGN"},
{ERR_FUNC(SUREWARE_F_SUREWARE_LOAD_PUBLIC), "SUREWARE_LOAD_PUBLIC"},
{0, NULL}
};
static ERR_STRING_DATA SUREWARE_str_reasons[] = {
{ERR_REASON(SUREWARE_R_BIO_WAS_FREED), "bio was freed"},
{ERR_REASON(SUREWARE_R_MISSING_KEY_COMPONENTS), "missing key components"},
{ERR_REASON(SUREWARE_R_PADDING_CHECK_FAILED), "padding check failed"},
{ERR_REASON(SUREWARE_R_REQUEST_FAILED), "request failed"},
{ERR_REASON(SUREWARE_R_REQUEST_FALLBACK), "request fallback"},
{ERR_REASON(SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
"size too large or too small"},
{ERR_REASON(SUREWARE_R_UNIT_FAILURE), "unit failure"},
{ERR_REASON(SUREWARE_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
{0, NULL}
};
#endif
#ifdef SUREWARE_LIB_NAME
static ERR_STRING_DATA SUREWARE_lib_name[] = {
{0, SUREWARE_LIB_NAME},
{0, NULL}
};
#endif
static int SUREWARE_lib_error_code = 0;
static int SUREWARE_error_init = 1;
static void ERR_load_SUREWARE_strings(void)
{
if (SUREWARE_lib_error_code == 0)
SUREWARE_lib_error_code = ERR_get_next_error_library();
if (SUREWARE_error_init) {
SUREWARE_error_init = 0;
#ifndef OPENSSL_NO_ERR
ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
#endif
#ifdef SUREWARE_LIB_NAME
SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code, 0, 0);
ERR_load_strings(0, SUREWARE_lib_name);
#endif
}
}
static void ERR_unload_SUREWARE_strings(void)
{
if (SUREWARE_error_init == 0) {
#ifndef OPENSSL_NO_ERR
ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
#endif
#ifdef SUREWARE_LIB_NAME
ERR_unload_strings(0, SUREWARE_lib_name);
#endif
SUREWARE_error_init = 1;
}
}
static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
{
if (SUREWARE_lib_error_code == 0)
SUREWARE_lib_error_code = ERR_get_next_error_library();
ERR_PUT_error(SUREWARE_lib_error_code, function, reason, file, line);
}

104
engines/e_sureware_err.h
View File

@ -1,104 +0,0 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_SUREWARE_ERR_H
# define HEADER_SUREWARE_ERR_H
#ifdef __cplusplus
extern "C" {
#endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
static void ERR_load_SUREWARE_strings(void);
static void ERR_unload_SUREWARE_strings(void);
static void ERR_SUREWARE_error(int function, int reason, char *file,
int line);
# define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
/* Error codes for the SUREWARE functions. */
/* Function codes. */
# define SUREWARE_F_SUREWAREHK_CTRL 100
# define SUREWARE_F_SUREWAREHK_DH_EX_FREE 112
# define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN 101
# define SUREWARE_F_SUREWAREHK_EX_FREE 102
# define SUREWARE_F_SUREWAREHK_FINISH 103
# define SUREWARE_F_SUREWAREHK_INIT 104
# define SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY 105
# define SUREWARE_F_SUREWAREHK_LOAD_PUBKEY 113
# define SUREWARE_F_SUREWAREHK_MODEXP 107
# define SUREWARE_F_SUREWAREHK_RAND_BYTES 108
# define SUREWARE_F_SUREWAREHK_RAND_SEED 109
# define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC 110
# define SUREWARE_F_SUREWAREHK_RSA_SIGN 111
# define SUREWARE_F_SUREWARE_LOAD_PUBLIC 106
/* Reason codes. */
# define SUREWARE_R_BIO_WAS_FREED 100
# define SUREWARE_R_MISSING_KEY_COMPONENTS 105
# define SUREWARE_R_PADDING_CHECK_FAILED 106
# define SUREWARE_R_REQUEST_FAILED 101
# define SUREWARE_R_REQUEST_FALLBACK 102
# define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 103
# define SUREWARE_R_UNIT_FAILURE 104
# define SUREWARE_R_UNKNOWN_PADDING_TYPE 107
#ifdef __cplusplus
}
#endif
#endif

3
engines/makeengines.com
View File

@ -94,7 +94,7 @@ $! library that isn't necessarely ported to VMS.
$!
$ ENGINES = "," + P6
$ IF ENGINES .EQS. "," THEN -
ENGINES = ",4758cca,padlock,capi,"
ENGINES = ",padlock,capi,"
$!
$! GOST requires a 64-bit integer type, unavailable on VAX.
$!
@ -155,7 +155,6 @@ $ ENGINE_ = "engine_vector.mar"
$ TV_OBJ_NAME = OBJ_DIR + F$PARSE(ENGINE_,,,"NAME","SYNTAX_ONLY") + ".OBJ"
$ TV_OBJ = ",''TV_OBJ_NAME'"
$ ENDIF
$ ENGINE_4758CCA = "e_4758cca"
$ ENGINE_padlock = "e_padlock"
$ ENGINE_capi = "e_capi"
$

235
engines/vendor_defns/aep.h
View File

@ -1,235 +0,0 @@
/*
* This header declares the necessary definitions for using the
* exponentiation acceleration capabilities, and rnd number generation of the
* AEP card.
*/
/*
*
* Some AEP defines
*
*/
/*
* Successful return value
*/
#define AEP_R_OK 0x00000000
/*
* Miscelleanous unsuccessful return value
*/
#define AEP_R_GENERAL_ERROR 0x10000001
/*
* Insufficient host memory
*/
#define AEP_R_HOST_MEMORY 0x10000002
#define AEP_R_FUNCTION_FAILED 0x10000006
/*
* Invalid arguments in function call
*/
#define AEP_R_ARGUMENTS_BAD 0x10020000
#define AEP_R_NO_TARGET_RESOURCES 0x10030000
/*
* Error occuring on socket operation
*/
#define AEP_R_SOCKERROR 0x10000010
/*
* Socket has been closed from the other end
*/
#define AEP_R_SOCKEOF 0x10000011
/*
* Invalid handles
*/
#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3
#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000
/*
* Transaction has not yet returned from accelerator
*/
#define AEP_R_TRANSACTION_NOT_READY 0x00010000
/*
* There is already a thread waiting on this transaction
*/
#define AEP_R_TRANSACTION_CLAIMED 0x10050000
/*
* The transaction timed out
*/
#define AEP_R_TIMED_OUT 0x10060000
#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000
#define AEP_R_TARGET_ERROR 0x10080000
/*
* Error in the AEP daemon process
*/
#define AEP_R_DAEMON_ERROR 0x10090000
/*
* Invalid ctx id
*/
#define AEP_R_INVALID_CTX_ID 0x10009000
#define AEP_R_NO_KEY_MANAGER 0x1000a000
/*
* Error obtaining a mutex
*/
#define AEP_R_MUTEX_BAD 0x000001A0
/*
* Fxn call before AEP_Initialise ot after AEP_Finialise
*/
#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190
/*
* AEP_Initialise has already been called
*/
#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191
/*
* Maximum number of connections to daemon reached
*/
#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200
/*
*
* Some AEP Type definitions
*
*/
/* an unsigned 8-bit value */
typedef unsigned char AEP_U8;
/* an unsigned 8-bit character */
typedef char AEP_CHAR;
/* a BYTE-sized Boolean flag */
typedef AEP_U8 AEP_BBOOL;
/*
* Unsigned value, at least 16 bits long
*/
typedef unsigned short AEP_U16;
/* an unsigned value, at least 32 bits long */
#ifdef SIXTY_FOUR_BIT_LONG
typedef unsigned int AEP_U32;
#else
typedef unsigned long AEP_U32;
#endif
#ifdef SIXTY_FOUR_BIT_LONG
typedef unsigned long AEP_U64;
#else
typedef struct {
unsigned long l1, l2;
} AEP_U64;
#endif
/* at least 32 bits; each bit is a Boolean flag */
typedef AEP_U32 AEP_FLAGS;
typedef AEP_U8 *AEP_U8_PTR;
typedef AEP_CHAR *AEP_CHAR_PTR;
typedef AEP_U32 *AEP_U32_PTR;
typedef AEP_U64 *AEP_U64_PTR;
typedef void *AEP_VOID_PTR;
/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR;
/*
* Used to identify an AEP connection handle
*/
typedef AEP_U32 AEP_CONNECTION_HNDL;
/*
* Pointer to an AEP connection handle
*/
typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR;
/*
* Used by an application (in conjunction with the apps process id) to
* identify an individual transaction
*/
typedef AEP_U32 AEP_TRANSACTION_ID;
/*
* Pointer to an applications transaction identifier
*/
typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR;
/*
* Return value type
*/
typedef AEP_U32 AEP_RV;
#define MAX_PROCESS_CONNECTIONS 256
#define RAND_BLK_SIZE 1024
typedef enum {
NotConnected = 0,
Connected = 1,
InUse = 2
} AEP_CONNECTION_STATE;
typedef struct AEP_CONNECTION_ENTRY {
AEP_CONNECTION_STATE conn_state;
AEP_CONNECTION_HNDL conn_hndl;
} AEP_CONNECTION_ENTRY;
typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
AEP_VOID_PTR pA, AEP_VOID_PTR pP,
AEP_VOID_PTR pN,
AEP_VOID_PTR pResult,
AEP_TRANSACTION_ID *pidTransID);
typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
AEP_VOID_PTR pA, AEP_VOID_PTR pP,
AEP_VOID_PTR pQ,
AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
AEP_VOID_PTR pIqmp,
AEP_VOID_PTR pResult,
AEP_TRANSACTION_ID *pidTransID);
#ifdef AEPRAND
typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
AEP_U32 Len,
AEP_U32 Type,
AEP_VOID_PTR pResult,
AEP_TRANSACTION_ID *pidTransID);
#endif
typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
typedef AEP_RV t_AEP_Finalize(void);
typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)
(AEP_VOID_PTR ArbBigNum,
AEP_U32 *BigNumSize),
AEP_RV (*MakeAEPBigNumFunc) (AEP_VOID_PTR
ArbBigNum,
AEP_U32
BigNumSize,
unsigned char
*AEP_BigNum),
AEP_RV (*ConverAEPBigNumFunc) (void
*ArbBigNum,
AEP_U32
BigNumSize,
unsigned
char
*AEP_BigNum));

44
engines/vendor_defns/atalla.h
View File

@ -1,44 +0,0 @@
/*
* This header declares the necessary definitions for using the
* exponentiation acceleration capabilities of Atalla cards. The only
* cryptographic operation is performed by "ASI_RSAPrivateKeyOpFn" and this
* takes a structure that defines an "RSA private key". However, it is really
* only performing a regular mod_exp using the supplied modulus and exponent
* - no CRT form is being used. Hence, it is a generic mod_exp function in
* disguise, and we use it as such. Thanks to the people at Atalla for
* letting me know these definitions are fine and that they can be reproduced
* here. Geoff.
*/
typedef struct ItemStr {
unsigned char *data;
int len;
} Item;
typedef struct RSAPrivateKeyStr {
void *reserved;
Item version;
Item modulus;
Item publicExponent;
Item privateExponent;
Item prime[2];
Item exponent[2];
Item coefficient;
} RSAPrivateKey;
/*
* Predeclare the function pointer types that we dynamically load from the
* DSO. These use the same names and form that Ben's original support code
* had (in crypto/bn/bn_exp.c) unless of course I've inadvertently changed
* the style somewhere along the way!
*/
typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
unsigned int *ret_buf);
typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
unsigned char *output,
unsigned char *input,
unsigned int modulus_len);

223
engines/vendor_defns/cswift.h
View File

@ -1,223 +0,0 @@
/*
* Attribution notice: Rainbow have generously allowed me to reproduce the
* necessary definitions here from their API. This means the support can
* build independently of whether application builders have the API or
* hardware. This will allow developers to easily produce software that has
* latent hardware support for any users that have accelertors installed,
* without the developers themselves needing anything extra. I have only
* clipped the parts from the CryptoSwift header files that are (or seem)
* relevant to the CryptoSwift support code. This is simply to keep the file
* sizes reasonable. [Geoff]
*/
/*
* NB: These type widths do *not* seem right in general, in particular
* they're not terribly friendly to 64-bit architectures (unsigned long) will
* be 64-bit on IA-64 for a start. I'm leaving these alone as they agree with
* Rainbow's API and this will only be called into question on platforms with
* Rainbow support anyway! ;-)
*/
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
typedef long SW_STATUS; /* status */
typedef unsigned char SW_BYTE; /* 8 bit byte */
typedef unsigned short SW_U16; /* 16 bit number */
#if defined(_IRIX)
# include <sgidefs.h>
typedef __uint32_t SW_U32;
#else
typedef unsigned long SW_U32; /* 32 bit integer */
#endif
#if defined(OPENSSL_SYS_WIN32)
typedef struct _SW_U64 {
SW_U32 low32;
SW_U32 high32;
} SW_U64; /* 64 bit integer */
#else /* Unix variants */
typedef struct _SW_U64 {
SW_U32 low32;
SW_U32 high32;
} SW_U64; /* 64 bit integer */
#endif
/* status codes */
#define SW_OK (0L)
#define SW_ERR_BASE (-10000L)
#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */
#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */
/* up yet */
#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */
/* time out */
#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */
/* execute the command */
#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */
/* NULL */
#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */
/* small, too large. */
#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */
/* handle */
#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */
/* standing at this */
/* context handle */
#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */
#define SW_ERR_NO_PENDING (SW_ERR_BASE-10) /* No request is pending. */
#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11) /* Not enough memory */
#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12) /* Invalid algorithm type */
/* in SW_PARAM structure */
#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13) /* No key is associated with */
/* context. */
/* swAttachKeyParam() is */
/* not called. */
#define SW_ERR_KEY_CMD_MISMATCH \
(SW_ERR_BASE-14) /* Cannot perform requested */
/* SW_COMMAND_CODE since */
/* key attached via */
/* swAttachKeyParam() */
/* cannot be used for this */
/* SW_COMMAND_CODE. */
#define SW_ERR_NOT_IMPLEMENTED \
(SW_ERR_BASE-15) /* Not implemented */
#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16) /* Bad command code */
#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17) /* too small or too large in */
/* the "initems" or */
/* "outitems". */
#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18) /* Bad accelerator number */
#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19) /* At least one of the self */
/* test fail, look at the */
/* selfTestBitmap in */
/* SW_ACCELERATOR_INFO for */
/* details. */
#define SW_ERR_MISALIGN (SW_ERR_BASE-20) /* Certain alogrithms require */
/* key materials aligned */
/* in certain order, e.g. */
/* 128 bit for CRT */
#define SW_ERR_OUTPUT_NULL_PTR \
(SW_ERR_BASE-21) /* a required pointer is */
/* NULL */
#define SW_ERR_OUTPUT_SIZE \
(SW_ERR_BASE-22) /* size is invalid, too */
/* small, too large. */
#define SW_ERR_FIRMWARE_CHECKSUM \
(SW_ERR_BASE-23) /* firmware checksum mismatch */
/* download failed. */
#define SW_ERR_UNKNOWN_FIRMWARE \
(SW_ERR_BASE-24) /* unknown firmware error */
#define SW_ERR_INTERRUPT (SW_ERR_BASE-25) /* request is abort when */
/* it's waiting to be */
/* completed. */
#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26) /* error in writing to Non- */
/* volatile memory */
#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27) /* out of range error in */
/* writing to NV memory */
#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28) /* Random Number Generation */
/* failure */
#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29) /* DSS Sign or Verify failure */
#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30) /* Failure in various math */
/* calculations */
#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31) /* Error in accessing on - */
/* board memory */
#define SW_ERR_FIRMWARE_VERSION \
(SW_ERR_BASE-32) /* Wrong version in firmware */
/* update */
#define SW_ERR_ZERO_WORKING_ACCELERATOR \
(SW_ERR_BASE-44) /* All accelerators are bad */
/* algorithm type */
#define SW_ALG_CRT 1
#define SW_ALG_EXP 2
#define SW_ALG_DSA 3
#define SW_ALG_NVDATA 4
/* command code */
#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */
/* Chinese Remainder Theorem (CRT) */
#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */
#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */
#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */
#define SW_CMD_RAND 5 /* perform random number generation */
#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */
#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */
typedef SW_U32 SW_ALGTYPE; /* alogrithm type */
typedef SW_U32 SW_STATE; /* state */
typedef SW_U32 SW_COMMAND_CODE; /* command code */
typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */
typedef struct _SW_LARGENUMBER {
SW_U32 nbytes; /* number of bytes in the buffer "value" */
SW_BYTE *value; /* the large integer as a string of */
/* bytes in network (big endian) order */
} SW_LARGENUMBER;
#if defined(OPENSSL_SYS_WIN32)
# include <windows.h>
typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
# define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE
# define SW_CALLCONV _stdcall
#else /* Unix variants */
typedef int SW_OSHANDLE; /* handle to driver */
# define SW_OS_INVALID_HANDLE (-1)
# define SW_CALLCONV
#endif
typedef struct _SW_CRT {
SW_LARGENUMBER p; /* prime number p */
SW_LARGENUMBER q; /* prime number q */
SW_LARGENUMBER dmp1; /* exponent1 */
SW_LARGENUMBER dmq1; /* exponent2 */
SW_LARGENUMBER iqmp; /* CRT coefficient */
} SW_CRT;
typedef struct _SW_EXP {
SW_LARGENUMBER modulus; /* modulus */
SW_LARGENUMBER exponent; /* exponent */
} SW_EXP;
typedef struct _SW_DSA {
SW_LARGENUMBER p; /* */
SW_LARGENUMBER q; /* */
SW_LARGENUMBER g; /* */
SW_LARGENUMBER key; /* private/public key */
} SW_DSA;
typedef struct _SW_NVDATA {
SW_U32 accnum; /* accelerator board number */
SW_U32 offset; /* offset in byte */
} SW_NVDATA;
typedef struct _SW_PARAM {
SW_ALGTYPE type; /* type of the alogrithm */
union {
SW_CRT crt;
SW_EXP exp;
SW_DSA dsa;
SW_NVDATA nvdata;
} up;
} SW_PARAM;
typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
/*
* Now the OpenSSL bits, these function types are the for the function
* pointers that will bound into the Rainbow shared libraries.
*/
typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE
*hac);
typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
SW_PARAM *key_params);
typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
SW_COMMAND_CODE cmd,
SW_LARGENUMBER pin[],
SW_U32 pin_count,
SW_LARGENUMBER pout[],
SW_U32 pout_count);
typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE
hac);
#ifdef __cplusplus
}
#endif /* __cplusplus */

150
engines/vendor_defns/hw_4758_cca.h
View File

@ -1,150 +0,0 @@
/**********************************************************************/
/* */
/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */
/* */
/* Maurice Gittens <maurice@gittens.nl> */
/* */
/**********************************************************************/
#ifndef __HW_4758_CCA__
# define __HW_4758_CCA__
/*
* Only WIN32 support for now
*/
# if defined(WIN32)
# define CCA_LIB_NAME "CSUNSAPI"
# define CSNDPKX "CSNDPKX_32"
# define CSNDKRR "CSNDKRR_32"
# define CSNDPKE "CSNDPKE_32"
# define CSNDPKD "CSNDPKD_32"
# define CSNDDSV "CSNDDSV_32"
# define CSNDDSG "CSNDDSG_32"
# define CSNBRNG "CSNBRNG_32"
# define SECURITYAPI __stdcall
# else
/*
* Fixme!! Find out the values of these constants for other platforms.
*/
# define CCA_LIB_NAME "CSUNSAPI"
# define CSNDPKX "CSNDPKX"
# define CSNDKRR "CSNDKRR"
# define CSNDPKE "CSNDPKE"
# define CSNDPKD "CSNDPKD"
# define CSNDDSV "CSNDDSV"
# define CSNDDSG "CSNDDSG"
# define CSNBRNG "CSNBRNG"
# define SECURITYAPI
# endif
/*
* security API prototypes
*/
/* PKA Key Record Read */
typedef void (SECURITYAPI * F_KEYRECORDREAD)
(long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char *exit_data,
long *rule_array_count,
unsigned char *rule_array,
unsigned char *key_label, long *key_token_length, unsigned char *key_token);
/* Random Number Generate */
typedef void (SECURITYAPI * F_RANDOMNUMBERGENERATE)
(long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char *exit_data,
unsigned char *form, unsigned char *random_number);
/* Digital Signature Generate */
typedef void (SECURITYAPI * F_DIGITALSIGNATUREGENERATE)
(long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char *exit_data,
long *rule_array_count,
unsigned char *rule_array,
long *PKA_private_key_id_length,
unsigned char *PKA_private_key_id,
long *hash_length,
unsigned char *hash,
long *signature_field_length,
long *signature_bit_length, unsigned char *signature_field);
/* Digital Signature Verify */
typedef void (SECURITYAPI * F_DIGITALSIGNATUREVERIFY) (long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char
*exit_data,
long *rule_array_count,
unsigned char
*rule_array,
long
*PKA_public_key_id_length,
unsigned char
*PKA_public_key_id,
long *hash_length,
unsigned char *hash,
long
*signature_field_length,
unsigned char
*signature_field);
/* PKA Public Key Extract */
typedef void (SECURITYAPI * F_PUBLICKEYEXTRACT) (long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char *exit_data,
long *rule_array_count,
unsigned char *rule_array,
long
*source_key_identifier_length,
unsigned char
*source_key_identifier,
long
*target_key_token_length,
unsigned char
*target_key_token);
/* PKA Encrypt */
typedef void (SECURITYAPI * F_PKAENCRYPT)
(long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char *exit_data,
long *rule_array_count,
unsigned char *rule_array,
long *key_value_length,
unsigned char *key_value,
long *data_struct_length,
unsigned char *data_struct,
long *RSA_public_key_length,
unsigned char *RSA_public_key,
long *RSA_encipher_length, unsigned char *RSA_encipher);
/* PKA Decrypt */
typedef void (SECURITYAPI * F_PKADECRYPT)
(long *return_code,
long *reason_code,
long *exit_data_length,
unsigned char *exit_data,
long *rule_array_count,
unsigned char *rule_array,
long *enciphered_key_length,
unsigned char *enciphered_key,
long *data_struct_length,
unsigned char *data_struct,
long *RSA_private_key_length,
unsigned char *RSA_private_key,
long *key_value_length, unsigned char *key_value);
#endif

250
engines/vendor_defns/sureware.h
View File

@ -1,250 +0,0 @@
/*-
* Written by Corinne Dive-Reclus(cdive@baltimore.com)
*
* Copyright@2001 Baltimore Technologies Ltd.
*
* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifdef WIN32
# define SW_EXPORT __declspec ( dllexport )
#else
# define SW_EXPORT
#endif
/*
* List of exposed SureWare errors
*/
#define SUREWAREHOOK_ERROR_FAILED -1
#define SUREWAREHOOK_ERROR_FALLBACK -2
#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
#define SUREWAREHOOK_ERROR_DATA_SIZE -4
#define SUREWAREHOOK_ERROR_INVALID_PAD -5
/*-
* -----------------WARNING-----------------------------------
* In all the following functions:
* msg is a string with at least 24 bytes free.
* A 24 bytes string will be concatenated to the existing content of msg.
*/
/*-
* SureWare Initialisation function
* in param threadsafe, if !=0, thread safe enabled
* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
*/
typedef int SureWareHook_Init_t(char *const msg, int threadsafe);
extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
/*-
* SureWare Finish function
*/
typedef void SureWareHook_Finish_t(void);
extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
/*-
* PRE_CONDITION:
* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
*/
/*-
* SureWare RAND Bytes function
* In case of failure, the content of buf is unpredictable.
* return 1 if success
* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in/out param buf : a num bytes long buffer where random bytes will be put
* in param num : the number of bytes into buf
*/
typedef int SureWareHook_Rand_Bytes_t(char *const msg, unsigned char *buf,
int num);
extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
/*-
* SureWare RAND Seed function
* Adds some seed to the Hardware Random Number Generator
* return 1 if success
* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param buf : the seed to add into the HRNG
* in param num : the number of bytes into buf
*/
typedef int SureWareHook_Rand_Seed_t(char *const msg, const void *buf,
int num);
extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
/*-
* SureWare Load Private Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the private protected key file without the extension
".sws"
* out param hptr : a pointer to a buffer allocated by SureWare_Hook
* out param num: the effective key length in bytes
* out param keytype: 1 if RSA 2 if DSA
*/
typedef int SureWareHook_Load_Privkey_t(char *const msg, const char *key_id,
char **hptr, unsigned long *num,
char *keytype);
extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
/*-
* SureWare Info Public Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the private protected key file without the extension
".swp"
* out param hptr : a pointer to a buffer allocated by SureWare_Hook
* out param num: the effective key length in bytes
* out param keytype: 1 if RSA 2 if DSA
*/
typedef int SureWareHook_Info_Pubkey_t(char *const msg, const char *key_id,
unsigned long *num, char *keytype);
extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
/*-
* SureWare Load Public Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the public protected key file without the extension
".swp"
* in param num : the bytes size of n and e
* out param n: where to write modulus in bn format
* out param e: where to write exponent in bn format
*/
typedef int SureWareHook_Load_Rsa_Pubkey_t(char *const msg,
const char *key_id,
unsigned long num,
unsigned long *n,
unsigned long *e);
extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
/*-
* SureWare Load DSA Public Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the public protected key file without the extension
".swp"
* in param num : the bytes size of n and e
* out param pub: where to write pub key in bn format
* out param p: where to write prime in bn format
* out param q: where to write sunprime (length 20 bytes) in bn format
* out param g: where to write base in bn format
*/
typedef int SureWareHook_Load_Dsa_Pubkey_t(char *const msg,
const char *key_id,
unsigned long num,
unsigned long *pub,
unsigned long *p, unsigned long *q,
unsigned long *g);
extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
/*-
* SureWare Free function
* Destroy the key into the hardware if destroy==1
*/
typedef void SureWareHook_Free_t(char *p, int destroy);
extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
#define SUREWARE_PKCS1_PAD 1
#define SUREWARE_ISO9796_PAD 2
#define SUREWARE_NO_PAD 0
/*-
* SureWare RSA Private Decryption
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param flen : byte size of from and to
* in param from : encrypted data buffer, should be a not-null valid pointer
* out param tlen: byte size of decrypted data, if error, unexpected value
* out param to : decrypted data buffer, should be a not-null valid pointer
* in param prsa: a protected key pointer, should be a not-null valid pointer
* int padding: padding id as follow
* SUREWARE_PKCS1_PAD
* SUREWARE_NO_PAD
*
*/
typedef int SureWareHook_Rsa_Priv_Dec_t(char *const msg, int flen,
unsigned char *from, int *tlen,
unsigned char *to, char *prsa,
int padding);
extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
/*-
* SureWare RSA Signature
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param flen : byte size of from and to
* in param from : encrypted data buffer, should be a not-null valid pointer
* out param tlen: byte size of decrypted data, if error, unexpected value
* out param to : decrypted data buffer, should be a not-null valid pointer
* in param prsa: a protected key pointer, should be a not-null valid pointer
* int padding: padding id as follow
* SUREWARE_PKCS1_PAD
* SUREWARE_ISO9796_PAD
*
*/
typedef int SureWareHook_Rsa_Sign_t(char *const msg, int flen,
unsigned char *from, int *tlen,
unsigned char *to, char *prsa,
int padding);
extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
/*-
* SureWare DSA Signature
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param flen : byte size of from and to
* in param from : encrypted data buffer, should be a not-null valid pointer
* out param to : decrypted data buffer, should be a 40bytes valid pointer
* in param pdsa: a protected key pointer, should be a not-null valid pointer
*
*/
typedef int SureWareHook_Dsa_Sign_t(char *const msg, int flen,
const unsigned char *from,
unsigned long *r, unsigned long *s,
char *pdsa);
extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
/*-
* SureWare Mod Exp
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* mod and res are mlen bytes long.
* exp is elen bytes long
* data is dlen bytes long
* mlen,elen and dlen are all multiple of sizeof(unsigned long)
*/
typedef int SureWareHook_Mod_Exp_t(char *const msg, int mlen,
const unsigned long *mod, int elen,
const unsigned long *exponent, int dlen,
unsigned long *data, unsigned long *res);
extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;