Check for OPENSSL_NO_RSA, OPENSSL_NO_DSA and OPENSSL_NO_DH and disable
appropriate code if any of them is defined.
This commit is contained in:
		| @@ -60,9 +60,15 @@ | |||||||
| #define HEADER_ENGINE_H | #define HEADER_ENGINE_H | ||||||
|  |  | ||||||
| #include <openssl/bn.h> | #include <openssl/bn.h> | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| #include <openssl/rsa.h> | #include <openssl/rsa.h> | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| #include <openssl/dsa.h> | #include <openssl/dsa.h> | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| #include <openssl/dh.h> | #include <openssl/dh.h> | ||||||
|  | #endif | ||||||
| #include <openssl/rand.h> | #include <openssl/rand.h> | ||||||
| #include <openssl/evp.h> | #include <openssl/evp.h> | ||||||
| #include <openssl/symhacks.h> | #include <openssl/symhacks.h> | ||||||
| @@ -71,6 +77,17 @@ | |||||||
| extern "C" { | extern "C" { | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
|  | /* Fixups for missing algorithms */ | ||||||
|  | #ifdef OPENSSL_NO_RSA | ||||||
|  | typedef void RSA_METHOD; | ||||||
|  | #endif | ||||||
|  | #ifdef OPENSSL_NO_DSA | ||||||
|  | typedef void DSA_METHOD; | ||||||
|  | #endif | ||||||
|  | #ifdef OPENSSL_NO_DH | ||||||
|  | typedef void DH_METHOD; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* These flags are used to control combinations of algorithm (methods) | /* These flags are used to control combinations of algorithm (methods) | ||||||
|  * by bitwise "OR"ing. */ |  * by bitwise "OR"ing. */ | ||||||
| #define ENGINE_METHOD_RSA		(unsigned int)0x0001 | #define ENGINE_METHOD_RSA		(unsigned int)0x0001 | ||||||
| @@ -442,6 +459,7 @@ void ERR_load_ENGINE_strings(void); | |||||||
| #define ENGINE_F_ENGINE_CTRL_CMD_STRING			 171 | #define ENGINE_F_ENGINE_CTRL_CMD_STRING			 171 | ||||||
| #define ENGINE_F_ENGINE_FINISH				 107 | #define ENGINE_F_ENGINE_FINISH				 107 | ||||||
| #define ENGINE_F_ENGINE_FREE				 108 | #define ENGINE_F_ENGINE_FREE				 108 | ||||||
|  | #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE		 177 | ||||||
| #define ENGINE_F_ENGINE_GET_NEXT			 115 | #define ENGINE_F_ENGINE_GET_NEXT			 115 | ||||||
| #define ENGINE_F_ENGINE_GET_PREV			 116 | #define ENGINE_F_ENGINE_GET_PREV			 116 | ||||||
| #define ENGINE_F_ENGINE_INIT				 119 | #define ENGINE_F_ENGINE_INIT				 119 | ||||||
| @@ -492,6 +510,8 @@ void ERR_load_ENGINE_strings(void); | |||||||
| #define ENGINE_R_COMMAND_TAKES_NO_INPUT			 136 | #define ENGINE_R_COMMAND_TAKES_NO_INPUT			 136 | ||||||
| #define ENGINE_R_CONFLICTING_ENGINE_ID			 103 | #define ENGINE_R_CONFLICTING_ENGINE_ID			 103 | ||||||
| #define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED		 119 | #define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED		 119 | ||||||
|  | #define ENGINE_R_DH_NOT_IMPLEMENTED			 139 | ||||||
|  | #define ENGINE_R_DSA_NOT_IMPLEMENTED			 140 | ||||||
| #define ENGINE_R_DSO_FAILURE				 104 | #define ENGINE_R_DSO_FAILURE				 104 | ||||||
| #define ENGINE_R_DSO_FUNCTION_NOT_FOUND			 131 | #define ENGINE_R_DSO_FUNCTION_NOT_FOUND			 131 | ||||||
| #define ENGINE_R_DSO_NOT_FOUND				 132 | #define ENGINE_R_DSO_NOT_FOUND				 132 | ||||||
| @@ -515,9 +535,11 @@ void ERR_load_ENGINE_strings(void); | |||||||
| #define ENGINE_R_NO_REFERENCE				 130 | #define ENGINE_R_NO_REFERENCE				 130 | ||||||
| #define ENGINE_R_NO_SUCH_ENGINE				 116 | #define ENGINE_R_NO_SUCH_ENGINE				 116 | ||||||
| #define ENGINE_R_NO_UNLOAD_FUNCTION			 126 | #define ENGINE_R_NO_UNLOAD_FUNCTION			 126 | ||||||
|  | #define ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED	 142 | ||||||
| #define ENGINE_R_PROVIDE_PARAMETERS			 113 | #define ENGINE_R_PROVIDE_PARAMETERS			 113 | ||||||
| #define ENGINE_R_REQUEST_FAILED				 114 | #define ENGINE_R_REQUEST_FAILED				 114 | ||||||
| #define ENGINE_R_REQUEST_FALLBACK			 118 | #define ENGINE_R_REQUEST_FALLBACK			 118 | ||||||
|  | #define ENGINE_R_RSA_NOT_IMPLEMENTED			 141 | ||||||
| #define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 122 | #define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL		 122 | ||||||
| #define ENGINE_R_UNIT_FAILURE				 115 | #define ENGINE_R_UNIT_FAILURE				 115 | ||||||
|  |  | ||||||
|   | |||||||
| @@ -86,6 +86,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||||||
| {ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0),	"ENGINE_ctrl_cmd_string"}, | {ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0),	"ENGINE_ctrl_cmd_string"}, | ||||||
| {ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0),	"ENGINE_finish"}, | {ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0),	"ENGINE_finish"}, | ||||||
| {ERR_PACK(0,ENGINE_F_ENGINE_FREE,0),	"ENGINE_free"}, | {ERR_PACK(0,ENGINE_F_ENGINE_FREE,0),	"ENGINE_free"}, | ||||||
|  | {ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0),	"ENGINE_GET_DEFAULT_TYPE"}, | ||||||
| {ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0),	"ENGINE_get_next"}, | {ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0),	"ENGINE_get_next"}, | ||||||
| {ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0),	"ENGINE_get_prev"}, | {ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0),	"ENGINE_get_prev"}, | ||||||
| {ERR_PACK(0,ENGINE_F_ENGINE_INIT,0),	"ENGINE_init"}, | {ERR_PACK(0,ENGINE_F_ENGINE_INIT,0),	"ENGINE_init"}, | ||||||
| @@ -139,6 +140,8 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= | |||||||
| {ENGINE_R_COMMAND_TAKES_NO_INPUT         ,"command takes no input"}, | {ENGINE_R_COMMAND_TAKES_NO_INPUT         ,"command takes no input"}, | ||||||
| {ENGINE_R_CONFLICTING_ENGINE_ID          ,"conflicting engine id"}, | {ENGINE_R_CONFLICTING_ENGINE_ID          ,"conflicting engine id"}, | ||||||
| {ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"}, | {ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"}, | ||||||
|  | {ENGINE_R_DH_NOT_IMPLEMENTED             ,"dh not implemented"}, | ||||||
|  | {ENGINE_R_DSA_NOT_IMPLEMENTED            ,"dsa not implemented"}, | ||||||
| {ENGINE_R_DSO_FAILURE                    ,"DSO failure"}, | {ENGINE_R_DSO_FAILURE                    ,"DSO failure"}, | ||||||
| {ENGINE_R_DSO_FUNCTION_NOT_FOUND         ,"dso function not found"}, | {ENGINE_R_DSO_FUNCTION_NOT_FOUND         ,"dso function not found"}, | ||||||
| {ENGINE_R_DSO_NOT_FOUND                  ,"dso not found"}, | {ENGINE_R_DSO_NOT_FOUND                  ,"dso not found"}, | ||||||
| @@ -162,9 +165,11 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= | |||||||
| {ENGINE_R_NO_REFERENCE                   ,"no reference"}, | {ENGINE_R_NO_REFERENCE                   ,"no reference"}, | ||||||
| {ENGINE_R_NO_SUCH_ENGINE                 ,"no such engine"}, | {ENGINE_R_NO_SUCH_ENGINE                 ,"no such engine"}, | ||||||
| {ENGINE_R_NO_UNLOAD_FUNCTION             ,"no unload function"}, | {ENGINE_R_NO_UNLOAD_FUNCTION             ,"no unload function"}, | ||||||
|  | {ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"}, | ||||||
| {ENGINE_R_PROVIDE_PARAMETERS             ,"provide parameters"}, | {ENGINE_R_PROVIDE_PARAMETERS             ,"provide parameters"}, | ||||||
| {ENGINE_R_REQUEST_FAILED                 ,"request failed"}, | {ENGINE_R_REQUEST_FAILED                 ,"request failed"}, | ||||||
| {ENGINE_R_REQUEST_FALLBACK               ,"request fallback"}, | {ENGINE_R_REQUEST_FALLBACK               ,"request fallback"}, | ||||||
|  | {ENGINE_R_RSA_NOT_IMPLEMENTED            ,"rsa not implemented"}, | ||||||
| {ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL    ,"size too large or too small"}, | {ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL    ,"size too large or too small"}, | ||||||
| {ENGINE_R_UNIT_FAILURE                   ,"unit failure"}, | {ENGINE_R_UNIT_FAILURE                   ,"unit failure"}, | ||||||
| {0,NULL} | {0,NULL} | ||||||
|   | |||||||
| @@ -67,9 +67,15 @@ | |||||||
|  * reference and the caller is responsible for freeing that when they |  * reference and the caller is responsible for freeing that when they | ||||||
|  * are finished with it (with a call to ENGINE_finish() *NOT* just |  * are finished with it (with a call to ENGINE_finish() *NOT* just | ||||||
|  * ENGINE_free()!!!!!!). */ |  * ENGINE_free()!!!!!!). */ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static ENGINE *engine_def_rsa = NULL; | static ENGINE *engine_def_rsa = NULL; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static ENGINE *engine_def_dsa = NULL; | static ENGINE *engine_def_dsa = NULL; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| static ENGINE *engine_def_dh = NULL; | static ENGINE *engine_def_dh = NULL; | ||||||
|  | #endif | ||||||
| static ENGINE *engine_def_rand = NULL; | static ENGINE *engine_def_rand = NULL; | ||||||
| static ENGINE *engine_def_bn_mod_exp = NULL; | static ENGINE *engine_def_bn_mod_exp = NULL; | ||||||
| static ENGINE *engine_def_bn_mod_exp_crt = NULL; | static ENGINE *engine_def_bn_mod_exp_crt = NULL; | ||||||
| @@ -125,9 +131,15 @@ static void engine_def_check(void) | |||||||
| 			goto skip_set_defaults; | 			goto skip_set_defaults; | ||||||
| 		/* OK, we got a functional reference, so we get one each | 		/* OK, we got a functional reference, so we get one each | ||||||
| 		 * for the defaults too. */ | 		 * for the defaults too. */ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 		engine_def_check_util(&engine_def_rsa, e); | 		engine_def_check_util(&engine_def_rsa, e); | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 		engine_def_check_util(&engine_def_dsa, e); | 		engine_def_check_util(&engine_def_dsa, e); | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 		engine_def_check_util(&engine_def_dh, e); | 		engine_def_check_util(&engine_def_dh, e); | ||||||
|  | #endif | ||||||
| 		engine_def_check_util(&engine_def_rand, e); | 		engine_def_check_util(&engine_def_rand, e); | ||||||
| 		engine_def_check_util(&engine_def_bn_mod_exp, e); | 		engine_def_check_util(&engine_def_bn_mod_exp, e); | ||||||
| 		engine_def_check_util(&engine_def_bn_mod_exp_crt, e); | 		engine_def_check_util(&engine_def_bn_mod_exp_crt, e); | ||||||
| @@ -590,12 +602,18 @@ static ENGINE *engine_get_default_type(ENGINE_TYPE t) | |||||||
| 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | ||||||
| 	switch(t) | 	switch(t) | ||||||
| 		{ | 		{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	case ENGINE_TYPE_RSA: | 	case ENGINE_TYPE_RSA: | ||||||
| 		ret = engine_def_rsa; break; | 		ret = engine_def_rsa; break; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	case ENGINE_TYPE_DSA: | 	case ENGINE_TYPE_DSA: | ||||||
| 		ret = engine_def_dsa; break; | 		ret = engine_def_dsa; break; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	case ENGINE_TYPE_DH: | 	case ENGINE_TYPE_DH: | ||||||
| 		ret = engine_def_dh; break; | 		ret = engine_def_dh; break; | ||||||
|  | #endif | ||||||
| 	case ENGINE_TYPE_RAND: | 	case ENGINE_TYPE_RAND: | ||||||
| 		ret = engine_def_rand; break; | 		ret = engine_def_rand; break; | ||||||
| 	case ENGINE_TYPE_BN_MOD_EXP: | 	case ENGINE_TYPE_BN_MOD_EXP: | ||||||
| @@ -615,20 +633,26 @@ static ENGINE *engine_get_default_type(ENGINE_TYPE t) | |||||||
| 	return ret; | 	return ret; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| ENGINE *ENGINE_get_default_RSA(void) | ENGINE *ENGINE_get_default_RSA(void) | ||||||
| 	{ | 	{ | ||||||
| 	return engine_get_default_type(ENGINE_TYPE_RSA); | 	return engine_get_default_type(ENGINE_TYPE_RSA); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| ENGINE *ENGINE_get_default_DSA(void) | ENGINE *ENGINE_get_default_DSA(void) | ||||||
| 	{ | 	{ | ||||||
| 	return engine_get_default_type(ENGINE_TYPE_DSA); | 	return engine_get_default_type(ENGINE_TYPE_DSA); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| ENGINE *ENGINE_get_default_DH(void) | ENGINE *ENGINE_get_default_DH(void) | ||||||
| 	{ | 	{ | ||||||
| 	return engine_get_default_type(ENGINE_TYPE_DH); | 	return engine_get_default_type(ENGINE_TYPE_DH); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| ENGINE *ENGINE_get_default_RAND(void) | ENGINE *ENGINE_get_default_RAND(void) | ||||||
| 	{ | 	{ | ||||||
| @@ -671,15 +695,21 @@ static int engine_set_default_type(ENGINE_TYPE t, ENGINE *e) | |||||||
| 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | ||||||
| 	switch(t) | 	switch(t) | ||||||
| 		{ | 		{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	case ENGINE_TYPE_RSA: | 	case ENGINE_TYPE_RSA: | ||||||
| 		old = engine_def_rsa; | 		old = engine_def_rsa; | ||||||
| 		engine_def_rsa = e; break; | 		engine_def_rsa = e; break; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	case ENGINE_TYPE_DSA: | 	case ENGINE_TYPE_DSA: | ||||||
| 		old = engine_def_dsa; | 		old = engine_def_dsa; | ||||||
| 		engine_def_dsa = e; break; | 		engine_def_dsa = e; break; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	case ENGINE_TYPE_DH: | 	case ENGINE_TYPE_DH: | ||||||
| 		old = engine_def_dh; | 		old = engine_def_dh; | ||||||
| 		engine_def_dh = e; break; | 		engine_def_dh = e; break; | ||||||
|  | #endif | ||||||
| 	case ENGINE_TYPE_RAND: | 	case ENGINE_TYPE_RAND: | ||||||
| 		old = engine_def_rand; | 		old = engine_def_rand; | ||||||
| 		engine_def_rand = e; break; | 		engine_def_rand = e; break; | ||||||
| @@ -702,20 +732,26 @@ static int engine_set_default_type(ENGINE_TYPE t, ENGINE *e) | |||||||
| 	return 1; | 	return 1; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| int ENGINE_set_default_RSA(ENGINE *e) | int ENGINE_set_default_RSA(ENGINE *e) | ||||||
| 	{ | 	{ | ||||||
| 	return engine_set_default_type(ENGINE_TYPE_RSA, e); | 	return engine_set_default_type(ENGINE_TYPE_RSA, e); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| int ENGINE_set_default_DSA(ENGINE *e) | int ENGINE_set_default_DSA(ENGINE *e) | ||||||
| 	{ | 	{ | ||||||
| 	return engine_set_default_type(ENGINE_TYPE_DSA, e); | 	return engine_set_default_type(ENGINE_TYPE_DSA, e); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| int ENGINE_set_default_DH(ENGINE *e) | int ENGINE_set_default_DH(ENGINE *e) | ||||||
| 	{ | 	{ | ||||||
| 	return engine_set_default_type(ENGINE_TYPE_DH, e); | 	return engine_set_default_type(ENGINE_TYPE_DH, e); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| int ENGINE_set_default_RAND(ENGINE *e) | int ENGINE_set_default_RAND(ENGINE *e) | ||||||
| 	{ | 	{ | ||||||
| @@ -734,15 +770,21 @@ int ENGINE_set_default_BN_mod_exp_crt(ENGINE *e) | |||||||
|  |  | ||||||
| int ENGINE_set_default(ENGINE *e, unsigned int flags) | int ENGINE_set_default(ENGINE *e, unsigned int flags) | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	if((flags & ENGINE_METHOD_RSA) && e->rsa_meth && | 	if((flags & ENGINE_METHOD_RSA) && e->rsa_meth && | ||||||
| 			!ENGINE_set_default_RSA(e)) | 			!ENGINE_set_default_RSA(e)) | ||||||
| 		return 0; | 		return 0; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	if((flags & ENGINE_METHOD_DSA) && e->dsa_meth && | 	if((flags & ENGINE_METHOD_DSA) && e->dsa_meth && | ||||||
| 			!ENGINE_set_default_DSA(e)) | 			!ENGINE_set_default_DSA(e)) | ||||||
| 		return 0; | 		return 0; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	if((flags & ENGINE_METHOD_DH) && e->dh_meth && | 	if((flags & ENGINE_METHOD_DH) && e->dh_meth && | ||||||
| 			!ENGINE_set_default_DH(e)) | 			!ENGINE_set_default_DH(e)) | ||||||
| 		return 0; | 		return 0; | ||||||
|  | #endif | ||||||
| 	if((flags & ENGINE_METHOD_RAND) && e->rand_meth && | 	if((flags & ENGINE_METHOD_RAND) && e->rand_meth && | ||||||
| 			!ENGINE_set_default_RAND(e)) | 			!ENGINE_set_default_RAND(e)) | ||||||
| 		return 0; | 		return 0; | ||||||
|   | |||||||
| @@ -402,20 +402,32 @@ int ENGINE_set_name(ENGINE *e, const char *name) | |||||||
|  |  | ||||||
| int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth) | int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth) | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	e->rsa_meth = rsa_meth; | 	e->rsa_meth = rsa_meth; | ||||||
| 	return 1; | 	return 1; | ||||||
|  | #else | ||||||
|  |         return 0; | ||||||
|  | #endif | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth) | int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth) | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	e->dsa_meth = dsa_meth; | 	e->dsa_meth = dsa_meth; | ||||||
| 	return 1; | 	return 1; | ||||||
|  | #else | ||||||
|  |         return 0; | ||||||
|  | #endif | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth) | int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth) | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	e->dh_meth = dh_meth; | 	e->dh_meth = dh_meth; | ||||||
| 	return 1; | 	return 1; | ||||||
|  | #else | ||||||
|  |         return 0; | ||||||
|  | #endif | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth) | int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth) | ||||||
| @@ -482,9 +494,15 @@ int ENGINE_cpy(ENGINE *dest, const ENGINE *src) | |||||||
| 	{ | 	{ | ||||||
| 	if(ENGINE_set_id(dest, ENGINE_get_id(src)) && | 	if(ENGINE_set_id(dest, ENGINE_get_id(src)) && | ||||||
| 			ENGINE_set_name(dest, ENGINE_get_name(src)) && | 			ENGINE_set_name(dest, ENGINE_get_name(src)) && | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			ENGINE_set_RSA(dest, ENGINE_get_RSA(src)) && | 			ENGINE_set_RSA(dest, ENGINE_get_RSA(src)) && | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			ENGINE_set_DSA(dest, ENGINE_get_DSA(src)) && | 			ENGINE_set_DSA(dest, ENGINE_get_DSA(src)) && | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			ENGINE_set_DH(dest, ENGINE_get_DH(src)) && | 			ENGINE_set_DH(dest, ENGINE_get_DH(src)) && | ||||||
|  | #endif | ||||||
| 			ENGINE_set_RAND(dest, ENGINE_get_RAND(src)) && | 			ENGINE_set_RAND(dest, ENGINE_get_RAND(src)) && | ||||||
| 			ENGINE_set_BN_mod_exp(dest, | 			ENGINE_set_BN_mod_exp(dest, | ||||||
| 					ENGINE_get_BN_mod_exp(src)) && | 					ENGINE_get_BN_mod_exp(src)) && | ||||||
|   | |||||||
| @@ -62,11 +62,6 @@ | |||||||
| #include "cryptlib.h" | #include "cryptlib.h" | ||||||
| #include <openssl/engine.h> | #include <openssl/engine.h> | ||||||
| #include <openssl/dso.h> | #include <openssl/dso.h> | ||||||
| #include <openssl/rsa.h> |  | ||||||
| #include <openssl/dsa.h> |  | ||||||
| #include <openssl/dh.h> |  | ||||||
| #include <openssl/rand.h> |  | ||||||
| #include <openssl/bn.h> |  | ||||||
|  |  | ||||||
| /* This is the only function we need to implement as OpenSSL | /* This is the only function we need to implement as OpenSSL | ||||||
|  * doesn't have a native CRT mod_exp. Perhaps this should be |  * doesn't have a native CRT mod_exp. Perhaps this should be | ||||||
| @@ -88,9 +83,15 @@ ENGINE *ENGINE_openssl() | |||||||
| 		return NULL; | 		return NULL; | ||||||
| 	if(!ENGINE_set_id(ret, engine_openssl_id) || | 	if(!ENGINE_set_id(ret, engine_openssl_id) || | ||||||
| 			!ENGINE_set_name(ret, engine_openssl_name) || | 			!ENGINE_set_name(ret, engine_openssl_name) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			!ENGINE_set_RSA(ret, RSA_get_default_openssl_method()) || | 			!ENGINE_set_RSA(ret, RSA_get_default_openssl_method()) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 			!ENGINE_set_DSA(ret, DSA_get_default_openssl_method()) || | 			!ENGINE_set_DSA(ret, DSA_get_default_openssl_method()) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 			!ENGINE_set_DH(ret, DH_get_default_openssl_method()) || | 			!ENGINE_set_DH(ret, DH_get_default_openssl_method()) || | ||||||
|  | #endif | ||||||
| 			!ENGINE_set_RAND(ret, RAND_SSLeay()) || | 			!ENGINE_set_RAND(ret, RAND_SSLeay()) || | ||||||
| 			!ENGINE_set_BN_mod_exp(ret, BN_mod_exp) || | 			!ENGINE_set_BN_mod_exp(ret, BN_mod_exp) || | ||||||
| 			!ENGINE_set_BN_mod_exp_crt(ret, openssl_mod_exp_crt)) | 			!ENGINE_set_BN_mod_exp_crt(ret, openssl_mod_exp_crt)) | ||||||
|   | |||||||
| @@ -79,12 +79,15 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); | |||||||
| static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx); | 		const BIGNUM *m, BN_CTX *ctx); | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* RSA stuff */ | /* RSA stuff */ | ||||||
| static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); | static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); | ||||||
|  | #endif | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* DSA stuff */ | /* DSA stuff */ | ||||||
| static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | ||||||
| 		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | 		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | ||||||
| @@ -92,12 +95,15 @@ static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | |||||||
| static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | ||||||
| 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||||||
| 		BN_MONT_CTX *m_ctx); | 		BN_MONT_CTX *m_ctx); | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* DH stuff */ | /* DH stuff */ | ||||||
| /* This function is alised to mod_exp (with the DH and mont dropped). */ | /* This function is alised to mod_exp (with the DH and mont dropped). */ | ||||||
| static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | ||||||
| 		const BIGNUM *a, const BIGNUM *p, | 		const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* The definitions for control commands specific to this engine */ | /* The definitions for control commands specific to this engine */ | ||||||
| #define ATALLA_CMD_SO_PATH		ENGINE_CMD_BASE | #define ATALLA_CMD_SO_PATH		ENGINE_CMD_BASE | ||||||
| @@ -109,6 +115,7 @@ static const ENGINE_CMD_DEFN atalla_cmd_defns[] = { | |||||||
| 	{0, NULL, NULL, 0} | 	{0, NULL, NULL, 0} | ||||||
| 	}; | 	}; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* Our internal RSA_METHOD that we provide pointers to */ | /* Our internal RSA_METHOD that we provide pointers to */ | ||||||
| static RSA_METHOD atalla_rsa = | static RSA_METHOD atalla_rsa = | ||||||
| 	{ | 	{ | ||||||
| @@ -126,7 +133,9 @@ static RSA_METHOD atalla_rsa = | |||||||
| 	NULL, | 	NULL, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* Our internal DSA_METHOD that we provide pointers to */ | /* Our internal DSA_METHOD that we provide pointers to */ | ||||||
| static DSA_METHOD atalla_dsa = | static DSA_METHOD atalla_dsa = | ||||||
| 	{ | 	{ | ||||||
| @@ -141,7 +150,9 @@ static DSA_METHOD atalla_dsa = | |||||||
| 	0, /* flags */ | 	0, /* flags */ | ||||||
| 	NULL /* app_data */ | 	NULL /* app_data */ | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* Our internal DH_METHOD that we provide pointers to */ | /* Our internal DH_METHOD that we provide pointers to */ | ||||||
| static DH_METHOD atalla_dh = | static DH_METHOD atalla_dh = | ||||||
| 	{ | 	{ | ||||||
| @@ -154,6 +165,7 @@ static DH_METHOD atalla_dh = | |||||||
| 	0, | 	0, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* Constants used when creating the ENGINE */ | /* Constants used when creating the ENGINE */ | ||||||
| static const char *engine_atalla_id = "atalla"; | static const char *engine_atalla_id = "atalla"; | ||||||
| @@ -163,17 +175,29 @@ static const char *engine_atalla_name = "Atalla hardware engine support"; | |||||||
|  * (indeed - the lock will already be held by our caller!!!) */ |  * (indeed - the lock will already be held by our caller!!!) */ | ||||||
| ENGINE *ENGINE_atalla() | ENGINE *ENGINE_atalla() | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	const RSA_METHOD *meth1; | 	const RSA_METHOD *meth1; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	const DSA_METHOD *meth2; | 	const DSA_METHOD *meth2; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	const DH_METHOD *meth3; | 	const DH_METHOD *meth3; | ||||||
|  | #endif | ||||||
| 	ENGINE *ret = ENGINE_new(); | 	ENGINE *ret = ENGINE_new(); | ||||||
| 	if(!ret) | 	if(!ret) | ||||||
| 		return NULL; | 		return NULL; | ||||||
| 	if(!ENGINE_set_id(ret, engine_atalla_id) || | 	if(!ENGINE_set_id(ret, engine_atalla_id) || | ||||||
| 			!ENGINE_set_name(ret, engine_atalla_name) || | 			!ENGINE_set_name(ret, engine_atalla_name) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			!ENGINE_set_RSA(ret, &atalla_rsa) || | 			!ENGINE_set_RSA(ret, &atalla_rsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 			!ENGINE_set_DSA(ret, &atalla_dsa) || | 			!ENGINE_set_DSA(ret, &atalla_dsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 			!ENGINE_set_DH(ret, &atalla_dh) || | 			!ENGINE_set_DH(ret, &atalla_dh) || | ||||||
|  | #endif | ||||||
| 			!ENGINE_set_BN_mod_exp(ret, atalla_mod_exp) || | 			!ENGINE_set_BN_mod_exp(ret, atalla_mod_exp) || | ||||||
| 			!ENGINE_set_init_function(ret, atalla_init) || | 			!ENGINE_set_init_function(ret, atalla_init) || | ||||||
| 			!ENGINE_set_finish_function(ret, atalla_finish) || | 			!ENGINE_set_finish_function(ret, atalla_finish) || | ||||||
| @@ -184,6 +208,7 @@ ENGINE *ENGINE_atalla() | |||||||
| 		return NULL; | 		return NULL; | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	/* We know that the "PKCS1_SSLeay()" functions hook properly | 	/* We know that the "PKCS1_SSLeay()" functions hook properly | ||||||
| 	 * to the atalla-specific mod_exp and mod_exp_crt so we use | 	 * to the atalla-specific mod_exp and mod_exp_crt so we use | ||||||
| 	 * those functions. NB: We don't use ENGINE_openssl() or | 	 * those functions. NB: We don't use ENGINE_openssl() or | ||||||
| @@ -196,18 +221,23 @@ ENGINE *ENGINE_atalla() | |||||||
| 	atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | 	atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | ||||||
| 	atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | 	atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | ||||||
| 	atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | 	atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish | 	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish | ||||||
| 	 * bits. */ | 	 * bits. */ | ||||||
| 	meth2 = DSA_OpenSSL(); | 	meth2 = DSA_OpenSSL(); | ||||||
| 	atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; | 	atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; | ||||||
| 	atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; | 	atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; | ||||||
| 	atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; | 	atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	/* Much the same for Diffie-Hellman */ | 	/* Much the same for Diffie-Hellman */ | ||||||
| 	meth3 = DH_OpenSSL(); | 	meth3 = DH_OpenSSL(); | ||||||
| 	atalla_dh.generate_key = meth3->generate_key; | 	atalla_dh.generate_key = meth3->generate_key; | ||||||
| 	atalla_dh.compute_key = meth3->compute_key; | 	atalla_dh.compute_key = meth3->compute_key; | ||||||
|  | #endif | ||||||
| 	return ret; | 	return ret; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| @@ -405,6 +435,7 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 		ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED); | 		ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED); | ||||||
| 		goto err; | 		goto err; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	/* Convert the response */ | 	/* Convert the response */ | ||||||
| 	BN_bin2bn((unsigned char *)result->d, numbytes, r); | 	BN_bin2bn((unsigned char *)result->d, numbytes, r); | ||||||
| 	to_return = 1; | 	to_return = 1; | ||||||
| @@ -413,6 +444,7 @@ err: | |||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||||||
| 	{ | 	{ | ||||||
| 	BN_CTX *ctx = NULL; | 	BN_CTX *ctx = NULL; | ||||||
| @@ -436,7 +468,9 @@ err: | |||||||
| 		BN_CTX_free(ctx); | 		BN_CTX_free(ctx); | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* This code was liberated and adapted from the commented-out code in | /* This code was liberated and adapted from the commented-out code in | ||||||
|  * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration |  * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration | ||||||
|  * (it doesn't have a CRT form for RSA), this function means that an |  * (it doesn't have a CRT form for RSA), this function means that an | ||||||
| @@ -464,13 +498,13 @@ end: | |||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  |  | ||||||
| static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | ||||||
| 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||||||
| 		BN_MONT_CTX *m_ctx) | 		BN_MONT_CTX *m_ctx) | ||||||
| 	{ | 	{ | ||||||
| 	return atalla_mod_exp(r, a, p, m, ctx); | 	return atalla_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -479,6 +513,7 @@ static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 	return atalla_mod_exp(r, a, p, m, ctx); | 	return atalla_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* This function is aliased to mod_exp (with the dh and mont dropped). */ | /* This function is aliased to mod_exp (with the dh and mont dropped). */ | ||||||
| static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | ||||||
| 		const BIGNUM *a, const BIGNUM *p, | 		const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -486,6 +521,7 @@ static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | |||||||
| 	{ | 	{ | ||||||
| 	return atalla_mod_exp(r, a, p, m, ctx); | 	return atalla_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| #endif /* !OPENSSL_NO_HW_ATALLA */ | #endif /* !OPENSSL_NO_HW_ATALLA */ | ||||||
| #endif /* !OPENSSL_NO_HW */ | #endif /* !OPENSSL_NO_HW */ | ||||||
|   | |||||||
| @@ -94,22 +94,28 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, | 		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, | ||||||
| 		const BIGNUM *iqmp, BN_CTX *ctx); | 		const BIGNUM *iqmp, BN_CTX *ctx); | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* RSA stuff */ | /* RSA stuff */ | ||||||
| static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); | static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); | ||||||
|  | #endif | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* DSA stuff */ | /* DSA stuff */ | ||||||
| static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa); | static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa); | ||||||
| static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, | static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, | ||||||
| 				DSA_SIG *sig, DSA *dsa); | 				DSA_SIG *sig, DSA *dsa); | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* DH stuff */ | /* DH stuff */ | ||||||
| /* This function is alised to mod_exp (with the DH and mont dropped). */ | /* This function is alised to mod_exp (with the DH and mont dropped). */ | ||||||
| static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | ||||||
| 		const BIGNUM *a, const BIGNUM *p, | 		const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* The definitions for control commands specific to this engine */ | /* The definitions for control commands specific to this engine */ | ||||||
| #define CSWIFT_CMD_SO_PATH		ENGINE_CMD_BASE | #define CSWIFT_CMD_SO_PATH		ENGINE_CMD_BASE | ||||||
| @@ -121,6 +127,7 @@ static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { | |||||||
| 	{0, NULL, NULL, 0} | 	{0, NULL, NULL, 0} | ||||||
| 	}; | 	}; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* Our internal RSA_METHOD that we provide pointers to */ | /* Our internal RSA_METHOD that we provide pointers to */ | ||||||
| static RSA_METHOD cswift_rsa = | static RSA_METHOD cswift_rsa = | ||||||
| 	{ | 	{ | ||||||
| @@ -138,7 +145,9 @@ static RSA_METHOD cswift_rsa = | |||||||
| 	NULL, | 	NULL, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* Our internal DSA_METHOD that we provide pointers to */ | /* Our internal DSA_METHOD that we provide pointers to */ | ||||||
| static DSA_METHOD cswift_dsa = | static DSA_METHOD cswift_dsa = | ||||||
| 	{ | 	{ | ||||||
| @@ -153,7 +162,9 @@ static DSA_METHOD cswift_dsa = | |||||||
| 	0, /* flags */ | 	0, /* flags */ | ||||||
| 	NULL /* app_data */ | 	NULL /* app_data */ | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* Our internal DH_METHOD that we provide pointers to */ | /* Our internal DH_METHOD that we provide pointers to */ | ||||||
| static DH_METHOD cswift_dh = | static DH_METHOD cswift_dh = | ||||||
| 	{ | 	{ | ||||||
| @@ -166,6 +177,7 @@ static DH_METHOD cswift_dh = | |||||||
| 	0, | 	0, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* Constants used when creating the ENGINE */ | /* Constants used when creating the ENGINE */ | ||||||
| static const char *engine_cswift_id = "cswift"; | static const char *engine_cswift_id = "cswift"; | ||||||
| @@ -175,16 +187,26 @@ static const char *engine_cswift_name = "CryptoSwift hardware engine support"; | |||||||
|  * (indeed - the lock will already be held by our caller!!!) */ |  * (indeed - the lock will already be held by our caller!!!) */ | ||||||
| ENGINE *ENGINE_cswift() | ENGINE *ENGINE_cswift() | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	const RSA_METHOD *meth1; | 	const RSA_METHOD *meth1; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	const DH_METHOD *meth2; | 	const DH_METHOD *meth2; | ||||||
|  | #endif | ||||||
| 	ENGINE *ret = ENGINE_new(); | 	ENGINE *ret = ENGINE_new(); | ||||||
| 	if(!ret) | 	if(!ret) | ||||||
| 		return NULL; | 		return NULL; | ||||||
| 	if(!ENGINE_set_id(ret, engine_cswift_id) || | 	if(!ENGINE_set_id(ret, engine_cswift_id) || | ||||||
| 			!ENGINE_set_name(ret, engine_cswift_name) || | 			!ENGINE_set_name(ret, engine_cswift_name) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			!ENGINE_set_RSA(ret, &cswift_rsa) || | 			!ENGINE_set_RSA(ret, &cswift_rsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 			!ENGINE_set_DSA(ret, &cswift_dsa) || | 			!ENGINE_set_DSA(ret, &cswift_dsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 			!ENGINE_set_DH(ret, &cswift_dh) || | 			!ENGINE_set_DH(ret, &cswift_dh) || | ||||||
|  | #endif | ||||||
| 			!ENGINE_set_BN_mod_exp(ret, &cswift_mod_exp) || | 			!ENGINE_set_BN_mod_exp(ret, &cswift_mod_exp) || | ||||||
| 			!ENGINE_set_BN_mod_exp_crt(ret, &cswift_mod_exp_crt) || | 			!ENGINE_set_BN_mod_exp_crt(ret, &cswift_mod_exp_crt) || | ||||||
| 			!ENGINE_set_init_function(ret, cswift_init) || | 			!ENGINE_set_init_function(ret, cswift_init) || | ||||||
| @@ -196,6 +218,7 @@ ENGINE *ENGINE_cswift() | |||||||
| 		return NULL; | 		return NULL; | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	/* We know that the "PKCS1_SSLeay()" functions hook properly | 	/* We know that the "PKCS1_SSLeay()" functions hook properly | ||||||
| 	 * to the cswift-specific mod_exp and mod_exp_crt so we use | 	 * to the cswift-specific mod_exp and mod_exp_crt so we use | ||||||
| 	 * those functions. NB: We don't use ENGINE_openssl() or | 	 * those functions. NB: We don't use ENGINE_openssl() or | ||||||
| @@ -208,11 +231,14 @@ ENGINE *ENGINE_cswift() | |||||||
| 	cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | 	cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | ||||||
| 	cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | 	cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | ||||||
| 	cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | 	cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	/* Much the same for Diffie-Hellman */ | 	/* Much the same for Diffie-Hellman */ | ||||||
| 	meth2 = DH_OpenSSL(); | 	meth2 = DH_OpenSSL(); | ||||||
| 	cswift_dh.generate_key = meth2->generate_key; | 	cswift_dh.generate_key = meth2->generate_key; | ||||||
| 	cswift_dh.compute_key = meth2->compute_key; | 	cswift_dh.compute_key = meth2->compute_key; | ||||||
|  | #endif | ||||||
| 	return ret; | 	return ret; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| @@ -572,6 +598,7 @@ err: | |||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|   |   | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||||||
| 	{ | 	{ | ||||||
| 	BN_CTX *ctx; | 	BN_CTX *ctx; | ||||||
| @@ -591,6 +618,7 @@ err: | |||||||
| 		BN_CTX_free(ctx); | 		BN_CTX_free(ctx); | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -599,6 +627,7 @@ static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 	return cswift_mod_exp(r, a, p, m, ctx); | 	return cswift_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) | static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||||||
| 	{ | 	{ | ||||||
| 	SW_CONTEXT_HANDLE hac; | 	SW_CONTEXT_HANDLE hac; | ||||||
| @@ -823,7 +852,9 @@ err: | |||||||
| 		} | 		} | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* This function is aliased to mod_exp (with the dh and mont dropped). */ | /* This function is aliased to mod_exp (with the dh and mont dropped). */ | ||||||
| static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | ||||||
| 		const BIGNUM *a, const BIGNUM *p, | 		const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -831,6 +862,7 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, | |||||||
| 	{ | 	{ | ||||||
| 	return cswift_mod_exp(r, a, p, m, ctx); | 	return cswift_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| #endif /* !OPENSSL_NO_HW_CSWIFT */ | #endif /* !OPENSSL_NO_HW_CSWIFT */ | ||||||
| #endif /* !OPENSSL_NO_HW */ | #endif /* !OPENSSL_NO_HW */ | ||||||
|   | |||||||
| @@ -95,8 +95,10 @@ static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); | |||||||
| static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx); | 		const BIGNUM *m, BN_CTX *ctx); | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* RSA stuff */ | /* RSA stuff */ | ||||||
| static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); | static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); | ||||||
|  | #endif | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||||||
| @@ -146,6 +148,7 @@ static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = { | |||||||
| 	{0, NULL, NULL, 0} | 	{0, NULL, NULL, 0} | ||||||
| 	}; | 	}; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* Our internal RSA_METHOD that we provide pointers to */ | /* Our internal RSA_METHOD that we provide pointers to */ | ||||||
| static RSA_METHOD hwcrhk_rsa = | static RSA_METHOD hwcrhk_rsa = | ||||||
| 	{ | 	{ | ||||||
| @@ -163,7 +166,9 @@ static RSA_METHOD hwcrhk_rsa = | |||||||
| 	NULL, | 	NULL, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* Our internal DH_METHOD that we provide pointers to */ | /* Our internal DH_METHOD that we provide pointers to */ | ||||||
| static DH_METHOD hwcrhk_dh = | static DH_METHOD hwcrhk_dh = | ||||||
| 	{ | 	{ | ||||||
| @@ -176,6 +181,7 @@ static DH_METHOD hwcrhk_dh = | |||||||
| 	0, | 	0, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| static RAND_METHOD hwcrhk_rand = | static RAND_METHOD hwcrhk_rand = | ||||||
| 	{ | 	{ | ||||||
| @@ -294,15 +300,23 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { | |||||||
|  * (indeed - the lock will already be held by our caller!!!) */ |  * (indeed - the lock will already be held by our caller!!!) */ | ||||||
| ENGINE *ENGINE_ncipher() | ENGINE *ENGINE_ncipher() | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	const RSA_METHOD *meth1; | 	const RSA_METHOD *meth1; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	const DH_METHOD *meth2; | 	const DH_METHOD *meth2; | ||||||
|  | #endif | ||||||
| 	ENGINE *ret = ENGINE_new(); | 	ENGINE *ret = ENGINE_new(); | ||||||
| 	if(!ret) | 	if(!ret) | ||||||
| 		return NULL; | 		return NULL; | ||||||
| 	if(!ENGINE_set_id(ret, engine_hwcrhk_id) || | 	if(!ENGINE_set_id(ret, engine_hwcrhk_id) || | ||||||
| 			!ENGINE_set_name(ret, engine_hwcrhk_name) || | 			!ENGINE_set_name(ret, engine_hwcrhk_name) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			!ENGINE_set_RSA(ret, &hwcrhk_rsa) || | 			!ENGINE_set_RSA(ret, &hwcrhk_rsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 			!ENGINE_set_DH(ret, &hwcrhk_dh) || | 			!ENGINE_set_DH(ret, &hwcrhk_dh) || | ||||||
|  | #endif | ||||||
| 			!ENGINE_set_RAND(ret, &hwcrhk_rand) || | 			!ENGINE_set_RAND(ret, &hwcrhk_rand) || | ||||||
| 			!ENGINE_set_BN_mod_exp(ret, hwcrhk_mod_exp) || | 			!ENGINE_set_BN_mod_exp(ret, hwcrhk_mod_exp) || | ||||||
| 			!ENGINE_set_init_function(ret, hwcrhk_init) || | 			!ENGINE_set_init_function(ret, hwcrhk_init) || | ||||||
| @@ -316,6 +330,7 @@ ENGINE *ENGINE_ncipher() | |||||||
| 		return NULL; | 		return NULL; | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	/* We know that the "PKCS1_SSLeay()" functions hook properly | 	/* We know that the "PKCS1_SSLeay()" functions hook properly | ||||||
| 	 * to the cswift-specific mod_exp and mod_exp_crt so we use | 	 * to the cswift-specific mod_exp and mod_exp_crt so we use | ||||||
| 	 * those functions. NB: We don't use ENGINE_openssl() or | 	 * those functions. NB: We don't use ENGINE_openssl() or | ||||||
| @@ -328,11 +343,14 @@ ENGINE *ENGINE_ncipher() | |||||||
| 	hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | 	hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | ||||||
| 	hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | 	hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | ||||||
| 	hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | 	hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	/* Much the same for Diffie-Hellman */ | 	/* Much the same for Diffie-Hellman */ | ||||||
| 	meth2 = DH_OpenSSL(); | 	meth2 = DH_OpenSSL(); | ||||||
| 	hwcrhk_dh.generate_key = meth2->generate_key; | 	hwcrhk_dh.generate_key = meth2->generate_key; | ||||||
| 	hwcrhk_dh.compute_key = meth2->compute_key; | 	hwcrhk_dh.compute_key = meth2->compute_key; | ||||||
|  | #endif | ||||||
| 	return ret; | 	return ret; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| @@ -343,18 +361,24 @@ ENGINE *ENGINE_ncipher() | |||||||
|  * implicitly. */ |  * implicitly. */ | ||||||
| static DSO *hwcrhk_dso = NULL; | static DSO *hwcrhk_dso = NULL; | ||||||
| static HWCryptoHook_ContextHandle hwcrhk_context = 0; | static HWCryptoHook_ContextHandle hwcrhk_context = 0; | ||||||
| static int hndidx = -1;	/* Index for KM handle.  Not really used yet. */ | #ifndef OPENSSL_NO_RSA | ||||||
|  | static int hndidx_rsa = -1;    /* Index for KM handle.  Not really used yet. */ | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* These are the function pointers that are (un)set when the library has | /* These are the function pointers that are (un)set when the library has | ||||||
|  * successfully (un)loaded. */ |  * successfully (un)loaded. */ | ||||||
| static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL; | static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL; | ||||||
| static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL; | static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL; | ||||||
| static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL; | static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL; | static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL; | ||||||
|  | #endif | ||||||
| static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL; | static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL; | static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL; | ||||||
| static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL; | static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL; | ||||||
| static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; | static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; | ||||||
|  | #endif | ||||||
| static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; | static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; | ||||||
|  |  | ||||||
| /* Used in the DSO operations. */ | /* Used in the DSO operations. */ | ||||||
| @@ -363,11 +387,15 @@ static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME; | |||||||
| static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; | static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; | ||||||
| static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; | static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; | ||||||
| static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; | static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA"; | static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA"; | ||||||
|  | #endif | ||||||
| static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes"; | static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes"; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey"; | static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey"; | ||||||
| static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey"; | static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey"; | ||||||
| static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey"; | static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey"; | ||||||
|  | #endif | ||||||
| static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; | static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; | ||||||
|  |  | ||||||
| /* HWCryptoHook library functions and mechanics - these are used by the | /* HWCryptoHook library functions and mechanics - these are used by the | ||||||
| @@ -403,10 +431,12 @@ static int hwcrhk_init(ENGINE *e) | |||||||
| 	HWCryptoHook_Init_t *p1; | 	HWCryptoHook_Init_t *p1; | ||||||
| 	HWCryptoHook_Finish_t *p2; | 	HWCryptoHook_Finish_t *p2; | ||||||
| 	HWCryptoHook_ModExp_t *p3; | 	HWCryptoHook_ModExp_t *p3; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	HWCryptoHook_RSA_t *p4; | 	HWCryptoHook_RSA_t *p4; | ||||||
| 	HWCryptoHook_RSALoadKey_t *p5; | 	HWCryptoHook_RSALoadKey_t *p5; | ||||||
| 	HWCryptoHook_RSAGetPublicKey_t *p6; | 	HWCryptoHook_RSAGetPublicKey_t *p6; | ||||||
| 	HWCryptoHook_RSAUnloadKey_t *p7; | 	HWCryptoHook_RSAUnloadKey_t *p7; | ||||||
|  | #endif | ||||||
| 	HWCryptoHook_RandomBytes_t *p8; | 	HWCryptoHook_RandomBytes_t *p8; | ||||||
| 	HWCryptoHook_ModExpCRT_t *p9; | 	HWCryptoHook_ModExpCRT_t *p9; | ||||||
|  |  | ||||||
| @@ -428,6 +458,7 @@ static int hwcrhk_init(ENGINE *e) | |||||||
| 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || | 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || | ||||||
| 		!(p3 = (HWCryptoHook_ModExp_t *) | 		!(p3 = (HWCryptoHook_ModExp_t *) | ||||||
| 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || | 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 		!(p4 = (HWCryptoHook_RSA_t *) | 		!(p4 = (HWCryptoHook_RSA_t *) | ||||||
| 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || | 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || | ||||||
| 		!(p5 = (HWCryptoHook_RSALoadKey_t *) | 		!(p5 = (HWCryptoHook_RSALoadKey_t *) | ||||||
| @@ -436,6 +467,7 @@ static int hwcrhk_init(ENGINE *e) | |||||||
| 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || | 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || | ||||||
| 		!(p7 = (HWCryptoHook_RSAUnloadKey_t *) | 		!(p7 = (HWCryptoHook_RSAUnloadKey_t *) | ||||||
| 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || | 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || | ||||||
|  | #endif | ||||||
| 		!(p8 = (HWCryptoHook_RandomBytes_t *) | 		!(p8 = (HWCryptoHook_RandomBytes_t *) | ||||||
| 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || | 			DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || | ||||||
| 		!(p9 = (HWCryptoHook_ModExpCRT_t *) | 		!(p9 = (HWCryptoHook_ModExpCRT_t *) | ||||||
| @@ -448,10 +480,12 @@ static int hwcrhk_init(ENGINE *e) | |||||||
| 	p_hwcrhk_Init = p1; | 	p_hwcrhk_Init = p1; | ||||||
| 	p_hwcrhk_Finish = p2; | 	p_hwcrhk_Finish = p2; | ||||||
| 	p_hwcrhk_ModExp = p3; | 	p_hwcrhk_ModExp = p3; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	p_hwcrhk_RSA = p4; | 	p_hwcrhk_RSA = p4; | ||||||
| 	p_hwcrhk_RSALoadKey = p5; | 	p_hwcrhk_RSALoadKey = p5; | ||||||
| 	p_hwcrhk_RSAGetPublicKey = p6; | 	p_hwcrhk_RSAGetPublicKey = p6; | ||||||
| 	p_hwcrhk_RSAUnloadKey = p7; | 	p_hwcrhk_RSAUnloadKey = p7; | ||||||
|  | #endif | ||||||
| 	p_hwcrhk_RandomBytes = p8; | 	p_hwcrhk_RandomBytes = p8; | ||||||
| 	p_hwcrhk_ModExpCRT = p9; | 	p_hwcrhk_ModExpCRT = p9; | ||||||
|  |  | ||||||
| @@ -476,10 +510,12 @@ static int hwcrhk_init(ENGINE *e) | |||||||
| 		goto err; | 		goto err; | ||||||
| 		} | 		} | ||||||
| 	/* Everything's fine. */ | 	/* Everything's fine. */ | ||||||
| 	if (hndidx == -1) | #ifndef OPENSSL_NO_RSA | ||||||
| 		hndidx = RSA_get_ex_new_index(0, | 	if (hndidx_rsa == -1) | ||||||
|  | 		hndidx_rsa = RSA_get_ex_new_index(0, | ||||||
| 			"nFast HWCryptoHook RSA key handle", | 			"nFast HWCryptoHook RSA key handle", | ||||||
| 			NULL, NULL, hwcrhk_ex_free); | 			NULL, NULL, hwcrhk_ex_free); | ||||||
|  | #endif | ||||||
| 	return 1; | 	return 1; | ||||||
| err: | err: | ||||||
| 	if(hwcrhk_dso) | 	if(hwcrhk_dso) | ||||||
| @@ -488,10 +524,12 @@ err: | |||||||
| 	p_hwcrhk_Init = NULL; | 	p_hwcrhk_Init = NULL; | ||||||
| 	p_hwcrhk_Finish = NULL; | 	p_hwcrhk_Finish = NULL; | ||||||
| 	p_hwcrhk_ModExp = NULL; | 	p_hwcrhk_ModExp = NULL; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	p_hwcrhk_RSA = NULL; | 	p_hwcrhk_RSA = NULL; | ||||||
| 	p_hwcrhk_RSALoadKey = NULL; | 	p_hwcrhk_RSALoadKey = NULL; | ||||||
| 	p_hwcrhk_RSAGetPublicKey = NULL; | 	p_hwcrhk_RSAGetPublicKey = NULL; | ||||||
| 	p_hwcrhk_RSAUnloadKey = NULL; | 	p_hwcrhk_RSAUnloadKey = NULL; | ||||||
|  | #endif | ||||||
| 	p_hwcrhk_ModExpCRT = NULL; | 	p_hwcrhk_ModExpCRT = NULL; | ||||||
| 	p_hwcrhk_RandomBytes = NULL; | 	p_hwcrhk_RandomBytes = NULL; | ||||||
| 	return 0; | 	return 0; | ||||||
| @@ -520,10 +558,12 @@ static int hwcrhk_finish(ENGINE *e) | |||||||
| 	p_hwcrhk_Init = NULL; | 	p_hwcrhk_Init = NULL; | ||||||
| 	p_hwcrhk_Finish = NULL; | 	p_hwcrhk_Finish = NULL; | ||||||
| 	p_hwcrhk_ModExp = NULL; | 	p_hwcrhk_ModExp = NULL; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	p_hwcrhk_RSA = NULL; | 	p_hwcrhk_RSA = NULL; | ||||||
| 	p_hwcrhk_RSALoadKey = NULL; | 	p_hwcrhk_RSALoadKey = NULL; | ||||||
| 	p_hwcrhk_RSAGetPublicKey = NULL; | 	p_hwcrhk_RSAGetPublicKey = NULL; | ||||||
| 	p_hwcrhk_RSAUnloadKey = NULL; | 	p_hwcrhk_RSAUnloadKey = NULL; | ||||||
|  | #endif | ||||||
| 	p_hwcrhk_ModExpCRT = NULL; | 	p_hwcrhk_ModExpCRT = NULL; | ||||||
| 	p_hwcrhk_RandomBytes = NULL; | 	p_hwcrhk_RandomBytes = NULL; | ||||||
| 	return to_return; | 	return to_return; | ||||||
| @@ -613,11 +653,17 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) | |||||||
| static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, | static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, | ||||||
| 	const char *passphrase) | 	const char *passphrase) | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	RSA *rtmp = NULL; | 	RSA *rtmp = NULL; | ||||||
|  | #endif | ||||||
| 	EVP_PKEY *res = NULL; | 	EVP_PKEY *res = NULL; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	HWCryptoHook_MPI e, n; | 	HWCryptoHook_MPI e, n; | ||||||
| 	HWCryptoHook_RSAKeyHandle *hptr; | 	HWCryptoHook_RSAKeyHandle *hptr; | ||||||
|  | #endif | ||||||
|  | #if !defined(OPENSSL_NO_RSA) | ||||||
| 	HWCryptoHook_ErrMsgBuf rmsg; | 	HWCryptoHook_ErrMsgBuf rmsg; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| 	if(!hwcrhk_context) | 	if(!hwcrhk_context) | ||||||
| 		{ | 		{ | ||||||
| @@ -625,6 +671,7 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, | |||||||
| 			ENGINE_R_NOT_INITIALISED); | 			ENGINE_R_NOT_INITIALISED); | ||||||
| 		goto err; | 		goto err; | ||||||
| 		} | 		} | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); | 	hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); | ||||||
| 	if (!hptr) | 	if (!hptr) | ||||||
| 		{ | 		{ | ||||||
| @@ -646,8 +693,10 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, | |||||||
| 			ENGINE_R_NO_KEY); | 			ENGINE_R_NO_KEY); | ||||||
| 		goto err; | 		goto err; | ||||||
| 		} | 		} | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	rtmp = RSA_new_method(eng); | 	rtmp = RSA_new_method(eng); | ||||||
| 	RSA_set_ex_data(rtmp, hndidx, (char *)hptr); | 	RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); | ||||||
| 	rtmp->e = BN_new(); | 	rtmp->e = BN_new(); | ||||||
| 	rtmp->n = BN_new(); | 	rtmp->n = BN_new(); | ||||||
| 	rtmp->flags |= RSA_FLAG_EXT_PKEY; | 	rtmp->flags |= RSA_FLAG_EXT_PKEY; | ||||||
| @@ -660,7 +709,7 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, | |||||||
| 		ERR_add_error_data(1,rmsg.buf); | 		ERR_add_error_data(1,rmsg.buf); | ||||||
| 		goto err; | 		goto err; | ||||||
| 		} | 		} | ||||||
| 			 |  | ||||||
| 	bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG)); | 	bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG)); | ||||||
| 	bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG)); | 	bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG)); | ||||||
| 	MPI2BN(rtmp->e, e); | 	MPI2BN(rtmp->e, e); | ||||||
| @@ -680,24 +729,36 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, | |||||||
|  |  | ||||||
| 	res = EVP_PKEY_new(); | 	res = EVP_PKEY_new(); | ||||||
| 	EVP_PKEY_assign_RSA(res, rtmp); | 	EVP_PKEY_assign_RSA(res, rtmp); | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  |         if (!res) | ||||||
|  |                 ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY, | ||||||
|  |                         ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED); | ||||||
|  |  | ||||||
| 	return res; | 	return res; | ||||||
|  err: |  err: | ||||||
| 	if (res) | 	if (res) | ||||||
| 		EVP_PKEY_free(res); | 		EVP_PKEY_free(res); | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	if (rtmp) | 	if (rtmp) | ||||||
| 		RSA_free(rtmp); | 		RSA_free(rtmp); | ||||||
|  | #endif | ||||||
| 	return NULL; | 	return NULL; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, | static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, | ||||||
| 	const char *passphrase) | 	const char *passphrase) | ||||||
| 	{ | 	{ | ||||||
| 	EVP_PKEY *res = hwcrhk_load_privkey(eng, key_id, passphrase); | 	EVP_PKEY *res = NULL; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
|  |         res = hwcrhk_load_privkey(eng, key_id, passphrase); | ||||||
|  | #endif | ||||||
|  |  | ||||||
| 	if (res) | 	if (res) | ||||||
| 		switch(res->type) | 		switch(res->type) | ||||||
| 			{ | 			{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 		case EVP_PKEY_RSA: | 		case EVP_PKEY_RSA: | ||||||
| 			{ | 			{ | ||||||
| 			RSA *rsa = NULL; | 			RSA *rsa = NULL; | ||||||
| @@ -710,6 +771,7 @@ static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, | |||||||
| 			CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); | 			CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); | ||||||
| 			RSA_free(rsa); | 			RSA_free(rsa); | ||||||
| 			} | 			} | ||||||
|  | #endif | ||||||
| 		default: | 		default: | ||||||
| 			ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY, | 			ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY, | ||||||
| 				ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); | 				ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); | ||||||
| @@ -779,7 +841,8 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| err: | err: | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|   |  | ||||||
|  | #ifndef OPENSSL_NO_RSA  | ||||||
| static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) | static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) | ||||||
| 	{ | 	{ | ||||||
| 	char tempbuf[1024]; | 	char tempbuf[1024]; | ||||||
| @@ -796,7 +859,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) | |||||||
| 	/* This provides support for nForce keys.  Since that's opaque data | 	/* This provides support for nForce keys.  Since that's opaque data | ||||||
| 	   all we do is provide a handle to the proper key and let HWCryptoHook | 	   all we do is provide a handle to the proper key and let HWCryptoHook | ||||||
| 	   take care of the rest. */ | 	   take care of the rest. */ | ||||||
| 	if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx)) | 	if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa)) | ||||||
| 		!= NULL) | 		!= NULL) | ||||||
| 		{ | 		{ | ||||||
| 		HWCryptoHook_MPI m_a, m_r; | 		HWCryptoHook_MPI m_a, m_r; | ||||||
| @@ -894,6 +957,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) | |||||||
| err: | err: | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -961,16 +1025,24 @@ static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, | |||||||
| { | { | ||||||
| 	char tempbuf[1024]; | 	char tempbuf[1024]; | ||||||
| 	HWCryptoHook_ErrMsgBuf rmsg; | 	HWCryptoHook_ErrMsgBuf rmsg; | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	HWCryptoHook_RSAKeyHandle *hptr; | 	HWCryptoHook_RSAKeyHandle *hptr; | ||||||
|  | #endif | ||||||
|  | #if !defined(OPENSSL_NO_RSA) | ||||||
| 	int ret; | 	int ret; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| 	rmsg.buf = tempbuf; | 	rmsg.buf = tempbuf; | ||||||
| 	rmsg.size = 1024; | 	rmsg.size = 1024; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	hptr = (HWCryptoHook_RSAKeyHandle *) item; | 	hptr = (HWCryptoHook_RSAKeyHandle *) item; | ||||||
| 	if(!hptr) return; | 	if(hptr) | ||||||
| 	ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL); |                 { | ||||||
| 	OPENSSL_free(hptr); |                 ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL); | ||||||
|  |                 OPENSSL_free(hptr); | ||||||
|  |                 } | ||||||
|  | #endif | ||||||
| } | } | ||||||
|  |  | ||||||
| /* Mutex calls: since the HWCryptoHook model closely follows the POSIX model | /* Mutex calls: since the HWCryptoHook model closely follows the POSIX model | ||||||
|   | |||||||
| @@ -164,11 +164,14 @@ static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p, | |||||||
| 	return pfnModExp(r,a,p,m); | 	return pfnModExp(r,a,p,m); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||||||
| 	{ | 	{ | ||||||
| 	return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL); | 	return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* This code was liberated and adapted from the commented-out code in | /* This code was liberated and adapted from the commented-out code in | ||||||
|  * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration |  * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration | ||||||
|  * (it doesn't have a CRT form for RSA), this function means that an |  * (it doesn't have a CRT form for RSA), this function means that an | ||||||
| @@ -206,6 +209,7 @@ static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | |||||||
| 	{ | 	{ | ||||||
| 	return nuron_mod_exp(r, a, p, m, ctx); | 	return nuron_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* This function is aliased to mod_exp (with the mont stuff dropped). */ | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||||||
| static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -214,6 +218,7 @@ static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 	return nuron_mod_exp(r, a, p, m, ctx); | 	return nuron_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* This function is aliased to mod_exp (with the dh and mont dropped). */ | /* This function is aliased to mod_exp (with the dh and mont dropped). */ | ||||||
| static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, | static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, | ||||||
| 		const BIGNUM *a, const BIGNUM *p, | 		const BIGNUM *a, const BIGNUM *p, | ||||||
| @@ -221,7 +226,9 @@ static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, | |||||||
| 	{ | 	{ | ||||||
| 	return nuron_mod_exp(r, a, p, m, ctx); | 	return nuron_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static RSA_METHOD nuron_rsa = | static RSA_METHOD nuron_rsa = | ||||||
| 	{ | 	{ | ||||||
| 	"Nuron RSA method", | 	"Nuron RSA method", | ||||||
| @@ -238,7 +245,9 @@ static RSA_METHOD nuron_rsa = | |||||||
| 	NULL, | 	NULL, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static DSA_METHOD nuron_dsa = | static DSA_METHOD nuron_dsa = | ||||||
| 	{ | 	{ | ||||||
| 	"Nuron DSA method", | 	"Nuron DSA method", | ||||||
| @@ -252,7 +261,9 @@ static DSA_METHOD nuron_dsa = | |||||||
| 	0, /* flags */ | 	0, /* flags */ | ||||||
| 	NULL /* app_data */ | 	NULL /* app_data */ | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| static DH_METHOD nuron_dh = | static DH_METHOD nuron_dh = | ||||||
| 	{ | 	{ | ||||||
| 	"Nuron DH method", | 	"Nuron DH method", | ||||||
| @@ -264,6 +275,7 @@ static DH_METHOD nuron_dh = | |||||||
| 	0, | 	0, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* Constants used when creating the ENGINE */ | /* Constants used when creating the ENGINE */ | ||||||
| static const char *engine_nuron_id = "nuron"; | static const char *engine_nuron_id = "nuron"; | ||||||
| @@ -273,17 +285,29 @@ static const char *engine_nuron_name = "Nuron hardware engine support"; | |||||||
|  * (indeed - the lock will already be held by our caller!!!) */ |  * (indeed - the lock will already be held by our caller!!!) */ | ||||||
| ENGINE *ENGINE_nuron() | ENGINE *ENGINE_nuron() | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	const RSA_METHOD *meth1; | 	const RSA_METHOD *meth1; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	const DSA_METHOD *meth2; | 	const DSA_METHOD *meth2; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	const DH_METHOD *meth3; | 	const DH_METHOD *meth3; | ||||||
|  | #endif | ||||||
| 	ENGINE *ret = ENGINE_new(); | 	ENGINE *ret = ENGINE_new(); | ||||||
| 	if(!ret) | 	if(!ret) | ||||||
| 		return NULL; | 		return NULL; | ||||||
| 	if(!ENGINE_set_id(ret, engine_nuron_id) || | 	if(!ENGINE_set_id(ret, engine_nuron_id) || | ||||||
| 			!ENGINE_set_name(ret, engine_nuron_name) || | 			!ENGINE_set_name(ret, engine_nuron_name) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			!ENGINE_set_RSA(ret, &nuron_rsa) || | 			!ENGINE_set_RSA(ret, &nuron_rsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 			!ENGINE_set_DSA(ret, &nuron_dsa) || | 			!ENGINE_set_DSA(ret, &nuron_dsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 			!ENGINE_set_DH(ret, &nuron_dh) || | 			!ENGINE_set_DH(ret, &nuron_dh) || | ||||||
|  | #endif | ||||||
| 			!ENGINE_set_BN_mod_exp(ret, nuron_mod_exp) || | 			!ENGINE_set_BN_mod_exp(ret, nuron_mod_exp) || | ||||||
| 			!ENGINE_set_init_function(ret, nuron_init) || | 			!ENGINE_set_init_function(ret, nuron_init) || | ||||||
| 			!ENGINE_set_finish_function(ret, nuron_finish) || | 			!ENGINE_set_finish_function(ret, nuron_finish) || | ||||||
| @@ -294,6 +318,7 @@ ENGINE *ENGINE_nuron() | |||||||
| 		return NULL; | 		return NULL; | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	/* We know that the "PKCS1_SSLeay()" functions hook properly | 	/* We know that the "PKCS1_SSLeay()" functions hook properly | ||||||
| 	 * to the nuron-specific mod_exp and mod_exp_crt so we use | 	 * to the nuron-specific mod_exp and mod_exp_crt so we use | ||||||
| 	 * those functions. NB: We don't use ENGINE_openssl() or | 	 * those functions. NB: We don't use ENGINE_openssl() or | ||||||
| @@ -306,18 +331,23 @@ ENGINE *ENGINE_nuron() | |||||||
| 	nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec; | 	nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec; | ||||||
| 	nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc; | 	nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc; | ||||||
| 	nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec; | 	nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish | 	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish | ||||||
| 	 * bits. */ | 	 * bits. */ | ||||||
| 	meth2=DSA_OpenSSL(); | 	meth2=DSA_OpenSSL(); | ||||||
| 	nuron_dsa.dsa_do_sign=meth2->dsa_do_sign; | 	nuron_dsa.dsa_do_sign=meth2->dsa_do_sign; | ||||||
| 	nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup; | 	nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup; | ||||||
| 	nuron_dsa.dsa_do_verify=meth2->dsa_do_verify; | 	nuron_dsa.dsa_do_verify=meth2->dsa_do_verify; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	/* Much the same for Diffie-Hellman */ | 	/* Much the same for Diffie-Hellman */ | ||||||
| 	meth3=DH_OpenSSL(); | 	meth3=DH_OpenSSL(); | ||||||
| 	nuron_dh.generate_key=meth3->generate_key; | 	nuron_dh.generate_key=meth3->generate_key; | ||||||
| 	nuron_dh.compute_key=meth3->compute_key; | 	nuron_dh.compute_key=meth3->compute_key; | ||||||
|  | #endif | ||||||
| 	return ret; | 	return ret; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|   | |||||||
| @@ -81,9 +81,12 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 			const BIGNUM *q, const BIGNUM *dp, | 			const BIGNUM *q, const BIGNUM *dp, | ||||||
| 			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); | 			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); | static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); | ||||||
|  | #endif | ||||||
| static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| #if NOT_USED | #if NOT_USED | ||||||
| static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | ||||||
| 		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | 		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | ||||||
| @@ -95,11 +98,14 @@ static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | |||||||
| static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | ||||||
| static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, | static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, | ||||||
|                                 DSA_SIG *sig, DSA *dsa); |                                 DSA_SIG *sig, DSA *dsa); | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||||||
| 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||||||
| 		BN_MONT_CTX *m_ctx); | 		BN_MONT_CTX *m_ctx); | ||||||
| static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); | static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); | ||||||
| static int ubsec_dh_generate_key(DH *dh); | static int ubsec_dh_generate_key(DH *dh); | ||||||
|  | #endif | ||||||
|  |  | ||||||
| #if NOT_USED | #if NOT_USED | ||||||
| static int ubsec_rand_bytes(unsigned char *buf, int num); | static int ubsec_rand_bytes(unsigned char *buf, int num); | ||||||
| @@ -115,8 +121,8 @@ static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = { | |||||||
| 	{0, NULL, NULL, 0} | 	{0, NULL, NULL, 0} | ||||||
| 	}; | 	}; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| /* Our internal RSA_METHOD that we provide pointers to */ | /* Our internal RSA_METHOD that we provide pointers to */ | ||||||
|  |  | ||||||
| static RSA_METHOD ubsec_rsa = | static RSA_METHOD ubsec_rsa = | ||||||
| 	{ | 	{ | ||||||
| 	"UBSEC RSA method", | 	"UBSEC RSA method", | ||||||
| @@ -133,7 +139,9 @@ static RSA_METHOD ubsec_rsa = | |||||||
| 	NULL, | 	NULL, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| /* Our internal DSA_METHOD that we provide pointers to */ | /* Our internal DSA_METHOD that we provide pointers to */ | ||||||
| static DSA_METHOD ubsec_dsa = | static DSA_METHOD ubsec_dsa = | ||||||
| 	{ | 	{ | ||||||
| @@ -148,7 +156,9 @@ static DSA_METHOD ubsec_dsa = | |||||||
| 	0, /* flags */ | 	0, /* flags */ | ||||||
| 	NULL /* app_data */ | 	NULL /* app_data */ | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* Our internal DH_METHOD that we provide pointers to */ | /* Our internal DH_METHOD that we provide pointers to */ | ||||||
| static DH_METHOD ubsec_dh = | static DH_METHOD ubsec_dh = | ||||||
| 	{ | 	{ | ||||||
| @@ -161,6 +171,7 @@ static DH_METHOD ubsec_dh = | |||||||
| 	0, | 	0, | ||||||
| 	NULL | 	NULL | ||||||
| 	}; | 	}; | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* Constants used when creating the ENGINE */ | /* Constants used when creating the ENGINE */ | ||||||
| static const char *engine_ubsec_id = "ubsec"; | static const char *engine_ubsec_id = "ubsec"; | ||||||
| @@ -170,18 +181,28 @@ static const char *engine_ubsec_name = "UBSEC hardware engine support"; | |||||||
|  * (indeed - the lock will already be held by our caller!!!) */ |  * (indeed - the lock will already be held by our caller!!!) */ | ||||||
| ENGINE *ENGINE_ubsec() | ENGINE *ENGINE_ubsec() | ||||||
| 	{ | 	{ | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	const RSA_METHOD *meth1; | 	const RSA_METHOD *meth1; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| #ifndef HAVE_UBSEC_DH | #ifndef HAVE_UBSEC_DH | ||||||
| 	const DH_METHOD *meth3; | 	const DH_METHOD *meth3; | ||||||
| #endif /* HAVE_UBSEC_DH */ | #endif /* HAVE_UBSEC_DH */ | ||||||
|  | #endif | ||||||
| 	ENGINE *ret = ENGINE_new(); | 	ENGINE *ret = ENGINE_new(); | ||||||
| 	if(!ret) | 	if(!ret) | ||||||
| 		return NULL; | 		return NULL; | ||||||
| 	if(!ENGINE_set_id(ret, engine_ubsec_id) || | 	if(!ENGINE_set_id(ret, engine_ubsec_id) || | ||||||
| 			!ENGINE_set_name(ret, engine_ubsec_name) || | 			!ENGINE_set_name(ret, engine_ubsec_name) || | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 			!ENGINE_set_RSA(ret, &ubsec_rsa) || | 			!ENGINE_set_RSA(ret, &ubsec_rsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 			!ENGINE_set_DSA(ret, &ubsec_dsa) || | 			!ENGINE_set_DSA(ret, &ubsec_dsa) || | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 			!ENGINE_set_DH(ret, &ubsec_dh) || | 			!ENGINE_set_DH(ret, &ubsec_dh) || | ||||||
|  | #endif | ||||||
| 			!ENGINE_set_BN_mod_exp(ret, ubsec_mod_exp) || | 			!ENGINE_set_BN_mod_exp(ret, ubsec_mod_exp) || | ||||||
| 			!ENGINE_set_BN_mod_exp_crt(ret, ubsec_mod_exp_crt) || | 			!ENGINE_set_BN_mod_exp_crt(ret, ubsec_mod_exp_crt) || | ||||||
| 			!ENGINE_set_init_function(ret, ubsec_init) || | 			!ENGINE_set_init_function(ret, ubsec_init) || | ||||||
| @@ -193,6 +214,7 @@ ENGINE *ENGINE_ubsec() | |||||||
| 		return NULL; | 		return NULL; | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	/* We know that the "PKCS1_SSLeay()" functions hook properly | 	/* We know that the "PKCS1_SSLeay()" functions hook properly | ||||||
| 	 * to the Broadcom-specific mod_exp and mod_exp_crt so we use | 	 * to the Broadcom-specific mod_exp and mod_exp_crt so we use | ||||||
| 	 * those functions. NB: We don't use ENGINE_openssl() or | 	 * those functions. NB: We don't use ENGINE_openssl() or | ||||||
| @@ -205,13 +227,16 @@ ENGINE *ENGINE_ubsec() | |||||||
| 	ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | 	ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | ||||||
| 	ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | 	ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | ||||||
| 	ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | 	ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| #ifndef HAVE_UBSEC_DH | #ifndef HAVE_UBSEC_DH | ||||||
| 	/* Much the same for Diffie-Hellman */ | 	/* Much the same for Diffie-Hellman */ | ||||||
| 	meth3 = DH_OpenSSL(); | 	meth3 = DH_OpenSSL(); | ||||||
| 	ubsec_dh.generate_key = meth3->generate_key; | 	ubsec_dh.generate_key = meth3->generate_key; | ||||||
| 	ubsec_dh.compute_key = meth3->compute_key; | 	ubsec_dh.compute_key = meth3->compute_key; | ||||||
| #endif /* HAVE_UBSEC_DH */ | #endif /* HAVE_UBSEC_DH */ | ||||||
|  | #endif | ||||||
|  |  | ||||||
| 	return ret; | 	return ret; | ||||||
| 	} | 	} | ||||||
| @@ -231,13 +256,19 @@ static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL; | |||||||
| static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL; | static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL; | ||||||
| static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL; | static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL; | ||||||
| static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL; | static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL; | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| static t_UBSEC_diffie_hellman_generate_ioctl  | static t_UBSEC_diffie_hellman_generate_ioctl  | ||||||
| 	*p_UBSEC_diffie_hellman_generate_ioctl = NULL; | 	*p_UBSEC_diffie_hellman_generate_ioctl = NULL; | ||||||
| static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL; | static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL; | ||||||
|  | #endif | ||||||
|  | /* #ifndef OPENSSL_NO_RSA */ | ||||||
| static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; | static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; | ||||||
| static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | ||||||
|  | /* #endif */ | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; | static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; | ||||||
| static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; | static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; | ||||||
|  | #endif | ||||||
| static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL; | static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL; | ||||||
| static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL; | static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL; | ||||||
|  |  | ||||||
| @@ -251,12 +282,18 @@ static const char *UBSEC_F1 = "ubsec_bytes_to_bits"; | |||||||
| static const char *UBSEC_F2 = "ubsec_bits_to_bytes"; | static const char *UBSEC_F2 = "ubsec_bits_to_bytes"; | ||||||
| static const char *UBSEC_F3 = "ubsec_open"; | static const char *UBSEC_F3 = "ubsec_open"; | ||||||
| static const char *UBSEC_F4 = "ubsec_close"; | static const char *UBSEC_F4 = "ubsec_close"; | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl"; | static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl"; | ||||||
| static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl"; | static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl"; | ||||||
|  | #endif | ||||||
|  | /* #ifndef OPENSSL_NO_RSA */ | ||||||
| static const char *UBSEC_F7 = "rsa_mod_exp_ioctl"; | static const char *UBSEC_F7 = "rsa_mod_exp_ioctl"; | ||||||
| static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl"; | static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl"; | ||||||
|  | /* #endif */ | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static const char *UBSEC_F9 = "dsa_sign_ioctl"; | static const char *UBSEC_F9 = "dsa_sign_ioctl"; | ||||||
| static const char *UBSEC_F10 = "dsa_verify_ioctl"; | static const char *UBSEC_F10 = "dsa_verify_ioctl"; | ||||||
|  | #endif | ||||||
| static const char *UBSEC_F11 = "math_accelerate_ioctl"; | static const char *UBSEC_F11 = "math_accelerate_ioctl"; | ||||||
| static const char *UBSEC_F12 = "rng_ioctl"; | static const char *UBSEC_F12 = "rng_ioctl"; | ||||||
|  |  | ||||||
| @@ -267,12 +304,18 @@ static int ubsec_init(ENGINE *e) | |||||||
| 	t_UBSEC_ubsec_bits_to_bytes *p2; | 	t_UBSEC_ubsec_bits_to_bytes *p2; | ||||||
| 	t_UBSEC_ubsec_open *p3; | 	t_UBSEC_ubsec_open *p3; | ||||||
| 	t_UBSEC_ubsec_close *p4; | 	t_UBSEC_ubsec_close *p4; | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	t_UBSEC_diffie_hellman_generate_ioctl *p5; | 	t_UBSEC_diffie_hellman_generate_ioctl *p5; | ||||||
| 	t_UBSEC_diffie_hellman_agree_ioctl *p6; | 	t_UBSEC_diffie_hellman_agree_ioctl *p6; | ||||||
|  | #endif | ||||||
|  | /* #ifndef OPENSSL_NO_RSA */ | ||||||
| 	t_UBSEC_rsa_mod_exp_ioctl *p7; | 	t_UBSEC_rsa_mod_exp_ioctl *p7; | ||||||
| 	t_UBSEC_rsa_mod_exp_crt_ioctl *p8; | 	t_UBSEC_rsa_mod_exp_crt_ioctl *p8; | ||||||
|  | /* #endif */ | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	t_UBSEC_dsa_sign_ioctl *p9; | 	t_UBSEC_dsa_sign_ioctl *p9; | ||||||
| 	t_UBSEC_dsa_verify_ioctl *p10; | 	t_UBSEC_dsa_verify_ioctl *p10; | ||||||
|  | #endif | ||||||
| 	t_UBSEC_math_accelerate_ioctl *p11; | 	t_UBSEC_math_accelerate_ioctl *p11; | ||||||
| 	t_UBSEC_rng_ioctl *p12; | 	t_UBSEC_rng_ioctl *p12; | ||||||
| 	int fd = 0; | 	int fd = 0; | ||||||
| @@ -297,14 +340,20 @@ static int ubsec_init(ENGINE *e) | |||||||
| 	!(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) || | 	!(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) || | ||||||
| 	!(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) || | 	!(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) || | ||||||
| 	!(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) || | 	!(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) || | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	!(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *)  | 	!(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *)  | ||||||
| 				DSO_bind_func(ubsec_dso, UBSEC_F5)) || | 				DSO_bind_func(ubsec_dso, UBSEC_F5)) || | ||||||
| 	!(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *)  | 	!(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *)  | ||||||
| 				DSO_bind_func(ubsec_dso, UBSEC_F6)) || | 				DSO_bind_func(ubsec_dso, UBSEC_F6)) || | ||||||
|  | #endif | ||||||
|  | /* #ifndef OPENSSL_NO_RSA */ | ||||||
| 	!(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) || | 	!(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) || | ||||||
| 	!(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) || | 	!(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) || | ||||||
|  | /* #endif */ | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	!(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) || | 	!(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) || | ||||||
| 	!(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) || | 	!(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) || | ||||||
|  | #endif | ||||||
| 	!(p11 = (t_UBSEC_math_accelerate_ioctl *)  | 	!(p11 = (t_UBSEC_math_accelerate_ioctl *)  | ||||||
| 				DSO_bind_func(ubsec_dso, UBSEC_F11)) || | 				DSO_bind_func(ubsec_dso, UBSEC_F11)) || | ||||||
| 	!(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12))) | 	!(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12))) | ||||||
| @@ -318,12 +367,18 @@ static int ubsec_init(ENGINE *e) | |||||||
| 	p_UBSEC_ubsec_bits_to_bytes = p2; | 	p_UBSEC_ubsec_bits_to_bytes = p2; | ||||||
| 	p_UBSEC_ubsec_open = p3; | 	p_UBSEC_ubsec_open = p3; | ||||||
| 	p_UBSEC_ubsec_close = p4; | 	p_UBSEC_ubsec_close = p4; | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	p_UBSEC_diffie_hellman_generate_ioctl = p5; | 	p_UBSEC_diffie_hellman_generate_ioctl = p5; | ||||||
| 	p_UBSEC_diffie_hellman_agree_ioctl = p6; | 	p_UBSEC_diffie_hellman_agree_ioctl = p6; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	p_UBSEC_rsa_mod_exp_ioctl = p7; | 	p_UBSEC_rsa_mod_exp_ioctl = p7; | ||||||
| 	p_UBSEC_rsa_mod_exp_crt_ioctl = p8; | 	p_UBSEC_rsa_mod_exp_crt_ioctl = p8; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	p_UBSEC_dsa_sign_ioctl = p9; | 	p_UBSEC_dsa_sign_ioctl = p9; | ||||||
| 	p_UBSEC_dsa_verify_ioctl = p10; | 	p_UBSEC_dsa_verify_ioctl = p10; | ||||||
|  | #endif | ||||||
| 	p_UBSEC_math_accelerate_ioctl = p11; | 	p_UBSEC_math_accelerate_ioctl = p11; | ||||||
| 	p_UBSEC_rng_ioctl = p12; | 	p_UBSEC_rng_ioctl = p12; | ||||||
|  |  | ||||||
| @@ -345,12 +400,18 @@ err: | |||||||
| 	p_UBSEC_ubsec_bits_to_bytes = NULL; | 	p_UBSEC_ubsec_bits_to_bytes = NULL; | ||||||
| 	p_UBSEC_ubsec_open = NULL; | 	p_UBSEC_ubsec_open = NULL; | ||||||
| 	p_UBSEC_ubsec_close = NULL; | 	p_UBSEC_ubsec_close = NULL; | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	p_UBSEC_diffie_hellman_generate_ioctl = NULL; | 	p_UBSEC_diffie_hellman_generate_ioctl = NULL; | ||||||
| 	p_UBSEC_diffie_hellman_agree_ioctl = NULL; | 	p_UBSEC_diffie_hellman_agree_ioctl = NULL; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	p_UBSEC_rsa_mod_exp_ioctl = NULL; | 	p_UBSEC_rsa_mod_exp_ioctl = NULL; | ||||||
| 	p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | 	p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	p_UBSEC_dsa_sign_ioctl = NULL; | 	p_UBSEC_dsa_sign_ioctl = NULL; | ||||||
| 	p_UBSEC_dsa_verify_ioctl = NULL; | 	p_UBSEC_dsa_verify_ioctl = NULL; | ||||||
|  | #endif | ||||||
| 	p_UBSEC_math_accelerate_ioctl = NULL; | 	p_UBSEC_math_accelerate_ioctl = NULL; | ||||||
| 	p_UBSEC_rng_ioctl = NULL; | 	p_UBSEC_rng_ioctl = NULL; | ||||||
|  |  | ||||||
| @@ -374,12 +435,18 @@ static int ubsec_finish(ENGINE *e) | |||||||
| 	p_UBSEC_ubsec_bits_to_bytes = NULL; | 	p_UBSEC_ubsec_bits_to_bytes = NULL; | ||||||
| 	p_UBSEC_ubsec_open = NULL; | 	p_UBSEC_ubsec_open = NULL; | ||||||
| 	p_UBSEC_ubsec_close = NULL; | 	p_UBSEC_ubsec_close = NULL; | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| 	p_UBSEC_diffie_hellman_generate_ioctl = NULL; | 	p_UBSEC_diffie_hellman_generate_ioctl = NULL; | ||||||
| 	p_UBSEC_diffie_hellman_agree_ioctl = NULL; | 	p_UBSEC_diffie_hellman_agree_ioctl = NULL; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| 	p_UBSEC_rsa_mod_exp_ioctl = NULL; | 	p_UBSEC_rsa_mod_exp_ioctl = NULL; | ||||||
| 	p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | 	p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | ||||||
|  | #endif | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| 	p_UBSEC_dsa_sign_ioctl = NULL; | 	p_UBSEC_dsa_sign_ioctl = NULL; | ||||||
| 	p_UBSEC_dsa_verify_ioctl = NULL; | 	p_UBSEC_dsa_verify_ioctl = NULL; | ||||||
|  | #endif | ||||||
| 	p_UBSEC_math_accelerate_ioctl = NULL; | 	p_UBSEC_math_accelerate_ioctl = NULL; | ||||||
| 	p_UBSEC_rng_ioctl = NULL; | 	p_UBSEC_rng_ioctl = NULL; | ||||||
| 	return 1; | 	return 1; | ||||||
| @@ -456,6 +523,7 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 	return 1; | 	return 1; | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
| static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||||||
| 	{ | 	{ | ||||||
| 	BN_CTX *ctx; | 	BN_CTX *ctx; | ||||||
| @@ -485,6 +553,7 @@ err: | |||||||
| 		BN_CTX_free(ctx); | 		BN_CTX_free(ctx); | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 			const BIGNUM *q, const BIGNUM *dp, | 			const BIGNUM *q, const BIGNUM *dp, | ||||||
| @@ -532,6 +601,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |||||||
| 	return 1; | 	return 1; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| #if NOT_USED | #if NOT_USED | ||||||
| static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | ||||||
| 		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | 		BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | ||||||
| @@ -560,26 +630,33 @@ static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | |||||||
| 	return ubsec_mod_exp(r, a, p, m, ctx); | 	return ubsec_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
| #endif | #endif | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* | /* | ||||||
|  * This function is aliased to mod_exp (with the mont stuff dropped). |  * This function is aliased to mod_exp (with the mont stuff dropped). | ||||||
|  */ |  */ | ||||||
| static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||||||
| 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | ||||||
| { |         { | ||||||
| 	int ret = 0; | 	int ret = 0; | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_RSA | ||||||
|  	/* Do in software if the key is too large for the hardware. */ |  	/* Do in software if the key is too large for the hardware. */ | ||||||
| 	if (BN_num_bits(m) > 1024) { | 	if (BN_num_bits(m) > 1024) | ||||||
|  |                 { | ||||||
| 		const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | 		const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | ||||||
| 		ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx); | 		ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx); | ||||||
| 	} else { |                 } | ||||||
|  |         else | ||||||
|  | #endif | ||||||
|  |                 { | ||||||
| 		ret = ubsec_mod_exp(r, a, p, m, ctx); | 		ret = ubsec_mod_exp(r, a, p, m, ctx); | ||||||
| 	} |                 } | ||||||
| 	 | 	 | ||||||
| 	return ret; | 	return ret; | ||||||
| } |         } | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DH | ||||||
| /* This function is aliased to mod_exp (with the dh and mont dropped). */ | /* This function is aliased to mod_exp (with the dh and mont dropped). */ | ||||||
| static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | ||||||
| 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 		const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||||||
| @@ -587,7 +664,9 @@ static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | |||||||
| 	{ | 	{ | ||||||
| 	return ubsec_mod_exp(r, a, p, m, ctx); | 	return ubsec_mod_exp(r, a, p, m, ctx); | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||||||
| 	{ | 	{ | ||||||
| 	DSA_SIG *to_return = NULL; | 	DSA_SIG *to_return = NULL; | ||||||
| @@ -701,7 +780,9 @@ err: | |||||||
| 	BN_clear_free(&v); | 	BN_clear_free(&v); | ||||||
| 	return to_return; | 	return to_return; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #ifndef OPENSSL_NO_DSA | ||||||
| static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh) | static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh) | ||||||
| 	{ | 	{ | ||||||
| 	return 0; | 	return 0; | ||||||
| @@ -711,6 +792,7 @@ static int ubsec_dh_generate_key (DH *dh) | |||||||
| 	{ | 	{ | ||||||
| 	return 0; | 	return 0; | ||||||
| 	} | 	} | ||||||
|  | #endif | ||||||
|  |  | ||||||
| #ifdef NOT_USED | #ifdef NOT_USED | ||||||
| static int ubsec_rand_bytes(unsigned char *buf, int num) | static int ubsec_rand_bytes(unsigned char *buf, int num) | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Richard Levitte
					Richard Levitte