diff options
Diffstat (limited to 'engines')
83 files changed, 4985 insertions, 20861 deletions
diff --git a/engines/Makefile b/engines/Makefile deleted file mode 100644 index 2058ff405afe..000000000000 --- a/engines/Makefile +++ /dev/null @@ -1,338 +0,0 @@ -# -# OpenSSL/engines/Makefile -# - -DIR= engines -TOP= .. -CC= cc -INCLUDES= -I../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r -ENGDIRS= ccgost - -RECURSIVE_MAKE= [ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \ - (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ - $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \ - done; - -PEX_LIBS= -EX_LIBS= - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile engines.com install.com engine_vector.mar -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi - -LIBSRC= e_4758cca.c \ - e_aep.c \ - e_atalla.c \ - e_cswift.c \ - e_gmp.c \ - e_chil.c \ - e_nuron.c \ - e_sureware.c \ - e_ubsec.c \ - e_padlock.c \ - e_capi.c -LIBOBJ= e_4758cca.o \ - e_aep.o \ - e_atalla.o \ - e_cswift.o \ - e_gmp.o \ - e_chil.o \ - e_nuron.o \ - e_sureware.o \ - e_ubsec.o \ - e_padlock.o \ - e_capi.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= e_4758cca_err.c e_4758cca_err.h \ - e_aep_err.c e_aep_err.h \ - e_atalla_err.c e_atalla_err.h \ - e_cswift_err.c e_cswift_err.h \ - e_gmp_err.c e_gmp_err.h \ - e_chil_err.c e_chil_err.h \ - e_nuron_err.c e_nuron_err.h \ - e_sureware_err.c e_sureware_err.h \ - e_ubsec_err.c e_ubsec_err.h \ - e_capi_err.c e_capi_err.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ..; $(MAKE) DIRS=$(DIR) all) - -all: lib subdirs - -lib: $(LIBOBJ) - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - for l in $(LIBNAMES); do \ - $(MAKE) -f ../Makefile.shared -e \ - LIBNAME=$$l LIBEXTRAS=e_$$l.o \ - LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \ - link_o.$(SHLIB_TARGET); \ - done; \ - else \ - $(AR) $(LIB) $(LIBOBJ); \ - $(RANLIB) $(LIB) || echo Never mind.; \ - fi; \ - touch lib - -subdirs: - echo $(EDIRS) - @target=all; $(RECURSIVE_MAKE) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @target=files; $(RECURSIVE_MAKE) - -links: - @target=links; $(RECURSIVE_MAKE) - -# XXXXX This currently only works on systems that use .so as suffix -# for shared libraries as well as for Cygwin which uses the -# dlfcn_name_converter and therefore stores the engines with .so suffix, too. -# XXXXX This was extended to HP-UX dl targets, which use .sl suffix. -# XXXXX This was extended to mingw targets, which use eay32.dll suffix without lib as prefix. -install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \ - for l in $(LIBNAMES); do \ - ( echo installing $$l; \ - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ - cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_BEOS*) sfx=".so";; \ - *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \ - *DSO_DL*) sfx=".sl";; \ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ - cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ - fi; \ - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ - done; \ - fi - @target=install; $(RECURSIVE_MAKE) - -tags: - ctags $(SRC) - -errors: - set -e; for l in $(LIBNAMES); do \ - $(PERL) ../util/mkerr.pl -conf e_$$l.ec \ - -nostatic -staticloader -write e_$$l.c; \ - done - (cd ccgost; $(MAKE) PERL=$(PERL) errors) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - @target=lint; $(RECURSIVE_MAKE) - -update: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) ) - -depend: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) -local_depend: - @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - @target=dclean; $(RECURSIVE_MAKE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @target=clean; $(RECURSIVE_MAKE) - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h -e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h -e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h -e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h -e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h -e_4758cca.o: vendor_defns/hw_4758_cca.h -e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_aep.o: ../include/openssl/dsa.h ../include/openssl/dso.h -e_aep.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_aep.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_aep.o: ../include/openssl/engine.h ../include/openssl/err.h -e_aep.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_aep.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_aep.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h -e_aep.o: vendor_defns/aep.h -e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h -e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h -e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c -e_atalla.o: e_atalla_err.h vendor_defns/atalla.h -e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h -e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_capi.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_capi.o: ../include/openssl/engine.h ../include/openssl/evp.h -e_capi.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -e_capi.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -e_capi.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h -e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_capi.o: ../include/openssl/x509_vfy.h e_capi.c -e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h -e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h -e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h -e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h -e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c -e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h -e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_cswift.o: ../include/openssl/dsa.h ../include/openssl/dso.h -e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_cswift.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_cswift.o: ../include/openssl/engine.h ../include/openssl/err.h -e_cswift.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_cswift.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_cswift.o: ../include/openssl/rand.h ../include/openssl/rsa.h -e_cswift.o: ../include/openssl/safestack.h ../include/openssl/sha.h -e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -e_cswift.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_cswift.c -e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h -e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h -e_gmp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -e_gmp.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -e_gmp.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_gmp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_gmp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_gmp.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_gmp.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_gmp.o: ../include/openssl/x509_vfy.h e_gmp.c -e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_nuron.o: ../include/openssl/dsa.h ../include/openssl/dso.h -e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_nuron.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_nuron.o: ../include/openssl/engine.h ../include/openssl/err.h -e_nuron.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_nuron.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_nuron.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_nuron.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_nuron.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_nuron.o: ../include/openssl/x509_vfy.h e_nuron.c e_nuron_err.c e_nuron_err.h -e_padlock.o: ../include/openssl/aes.h ../include/openssl/asn1.h -e_padlock.o: ../include/openssl/bio.h ../include/openssl/buffer.h -e_padlock.o: ../include/openssl/crypto.h ../include/openssl/dso.h -e_padlock.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_padlock.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_padlock.o: ../include/openssl/engine.h ../include/openssl/err.h -e_padlock.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_padlock.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_padlock.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_padlock.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_padlock.o: ../include/openssl/rand.h ../include/openssl/safestack.h -e_padlock.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_padlock.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_padlock.o: ../include/openssl/x509_vfy.h e_padlock.c -e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_sureware.o: ../include/openssl/dsa.h ../include/openssl/dso.h -e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h -e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h -e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h -e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h -e_sureware.o: vendor_defns/sureware.h -e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h -e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h -e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h -e_ubsec.o: ../include/openssl/dsa.h ../include/openssl/dso.h -e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -e_ubsec.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -e_ubsec.o: ../include/openssl/engine.h ../include/openssl/err.h -e_ubsec.o: ../include/openssl/evp.h ../include/openssl/lhash.h -e_ubsec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -e_ubsec.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -e_ubsec.o: ../include/openssl/sha.h ../include/openssl/stack.h -e_ubsec.o: ../include/openssl/symhacks.h ../include/openssl/x509.h -e_ubsec.o: ../include/openssl/x509_vfy.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h -e_ubsec.o: vendor_defns/hw_ubsec.h diff --git a/engines/asm/e_padlock-x86.pl b/engines/asm/e_padlock-x86.pl new file mode 100755 index 000000000000..5b097ce3ef9b --- /dev/null +++ b/engines/asm/e_padlock-x86.pl @@ -0,0 +1,627 @@ +#! /usr/bin/env perl +# Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +# ==================================================================== +# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# September 2011 +# +# Assembler helpers for Padlock engine. Compared to original engine +# version relying on inline assembler and compiled with gcc 3.4.6 it +# was measured to provide ~100% improvement on misaligned data in ECB +# mode and ~75% in CBC mode. For aligned data improvement can be +# observed for short inputs only, e.g. 45% for 64-byte messages in +# ECB mode, 20% in CBC. Difference in performance for aligned vs. +# misaligned data depends on misalignment and is either ~1.8x or 2.9x. +# These are approximately same factors as for hardware support, so +# there is little reason to rely on the latter. On the contrary, it +# might actually hurt performance in mixture of aligned and misaligned +# buffers, because a) if you choose to flip 'align' flag in control +# word on per-buffer basis, then you'd have to reload key context, +# which incurs penalty; b) if you choose to set 'align' flag +# permanently, it limits performance even for aligned data to ~1/2. +# All above mentioned results were collected on 1.5GHz C7. Nano on the +# other hand handles unaligned data more gracefully. Depending on +# algorithm and how unaligned data is, hardware can be up to 70% more +# efficient than below software alignment procedures, nor does 'align' +# flag have affect on aligned performance [if has any meaning at all]. +# Therefore suggestion is to unconditionally set 'align' flag on Nano +# for optimal performance. + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +push(@INC,"${dir}","${dir}../../crypto/perlasm"); +require "x86asm.pl"; + +$output=pop; +open STDOUT,">$output"; + +&asm_init($ARGV[0]); + +%PADLOCK_PREFETCH=(ecb=>128, cbc=>64); # prefetch errata +$PADLOCK_CHUNK=512; # Must be a power of 2 larger than 16 + +$ctx="edx"; +$out="edi"; +$inp="esi"; +$len="ecx"; +$chunk="ebx"; + +&function_begin_B("padlock_capability"); + &push ("ebx"); + &pushf (); + &pop ("eax"); + &mov ("ecx","eax"); + &xor ("eax",1<<21); + &push ("eax"); + &popf (); + &pushf (); + &pop ("eax"); + &xor ("ecx","eax"); + &xor ("eax","eax"); + &bt ("ecx",21); + &jnc (&label("noluck")); + &cpuid (); + &xor ("eax","eax"); + &cmp ("ebx","0x".unpack("H*",'tneC')); + &jne (&label("zhaoxin")); + &cmp ("edx","0x".unpack("H*",'Hrua')); + &jne (&label("noluck")); + &cmp ("ecx","0x".unpack("H*",'slua')); + &jne (&label("noluck")); + &jmp (&label("zhaoxinEnd")); +&set_label("zhaoxin"); + &cmp ("ebx","0x".unpack("H*",'hS ')); + &jne (&label("noluck")); + &cmp ("edx","0x".unpack("H*",'hgna')); + &jne (&label("noluck")); + &cmp ("ecx","0x".unpack("H*",' ia')); + &jne (&label("noluck")); +&set_label("zhaoxinEnd"); + &mov ("eax",0xC0000000); + &cpuid (); + &mov ("edx","eax"); + &xor ("eax","eax"); + &cmp ("edx",0xC0000001); + &jb (&label("noluck")); + &mov ("eax",1); + &cpuid (); + &or ("eax",0x0f); + &xor ("ebx","ebx"); + &and ("eax",0x0fff); + &cmp ("eax",0x06ff); # check for Nano + &sete ("bl"); + &mov ("eax",0xC0000001); + &push ("ebx"); + &cpuid (); + &pop ("ebx"); + &mov ("eax","edx"); + &shl ("ebx",4); # bit#4 denotes Nano + &and ("eax",0xffffffef); + &or ("eax","ebx") +&set_label("noluck"); + &pop ("ebx"); + &ret (); +&function_end_B("padlock_capability") + +&function_begin_B("padlock_key_bswap"); + &mov ("edx",&wparam(0)); + &mov ("ecx",&DWP(240,"edx")); +&set_label("bswap_loop"); + &mov ("eax",&DWP(0,"edx")); + &bswap ("eax"); + &mov (&DWP(0,"edx"),"eax"); + &lea ("edx",&DWP(4,"edx")); + &sub ("ecx",1); + &jnz (&label("bswap_loop")); + &ret (); +&function_end_B("padlock_key_bswap"); + +# This is heuristic key context tracing. At first one +# believes that one should use atomic swap instructions, +# but it's not actually necessary. Point is that if +# padlock_saved_context was changed by another thread +# after we've read it and before we compare it with ctx, +# our key *shall* be reloaded upon thread context switch +# and we are therefore set in either case... +&static_label("padlock_saved_context"); + +&function_begin_B("padlock_verify_context"); + &mov ($ctx,&wparam(0)); + &lea ("eax",($::win32 or $::coff) ? &DWP(&label("padlock_saved_context")) : + &DWP(&label("padlock_saved_context")."-".&label("verify_pic_point"))); + &pushf (); + &call ("_padlock_verify_ctx"); +&set_label("verify_pic_point"); + &lea ("esp",&DWP(4,"esp")); + &ret (); +&function_end_B("padlock_verify_context"); + +&function_begin_B("_padlock_verify_ctx"); + &add ("eax",&DWP(0,"esp")) if(!($::win32 or $::coff));# &padlock_saved_context + &bt (&DWP(4,"esp"),30); # eflags + &jnc (&label("verified")); + &cmp ($ctx,&DWP(0,"eax")); + &je (&label("verified")); + &pushf (); + &popf (); +&set_label("verified"); + &mov (&DWP(0,"eax"),$ctx); + &ret (); +&function_end_B("_padlock_verify_ctx"); + +&function_begin_B("padlock_reload_key"); + &pushf (); + &popf (); + &ret (); +&function_end_B("padlock_reload_key"); + +&function_begin_B("padlock_aes_block"); + &push ("edi"); + &push ("esi"); + &push ("ebx"); + &mov ($out,&wparam(0)); # must be 16-byte aligned + &mov ($inp,&wparam(1)); # must be 16-byte aligned + &mov ($ctx,&wparam(2)); + &mov ($len,1); + &lea ("ebx",&DWP(32,$ctx)); # key + &lea ($ctx,&DWP(16,$ctx)); # control word + &data_byte(0xf3,0x0f,0xa7,0xc8); # rep xcryptecb + &pop ("ebx"); + &pop ("esi"); + &pop ("edi"); + &ret (); +&function_end_B("padlock_aes_block"); + +sub generate_mode { +my ($mode,$opcode) = @_; +# int padlock_$mode_encrypt(void *out, const void *inp, +# struct padlock_cipher_data *ctx, size_t len); +&function_begin("padlock_${mode}_encrypt"); + &mov ($out,&wparam(0)); + &mov ($inp,&wparam(1)); + &mov ($ctx,&wparam(2)); + &mov ($len,&wparam(3)); + &test ($ctx,15); + &jnz (&label("${mode}_abort")); + &test ($len,15); + &jnz (&label("${mode}_abort")); + &lea ("eax",($::win32 or $::coff) ? &DWP(&label("padlock_saved_context")) : + &DWP(&label("padlock_saved_context")."-".&label("${mode}_pic_point"))); + &pushf (); + &cld (); + &call ("_padlock_verify_ctx"); +&set_label("${mode}_pic_point"); + &lea ($ctx,&DWP(16,$ctx)); # control word + &xor ("eax","eax"); + if ($mode eq "ctr32") { + &movq ("mm0",&QWP(-16,$ctx)); # load [upper part of] counter + } else { + &xor ("ebx","ebx"); + &test (&DWP(0,$ctx),1<<5); # align bit in control word + &jnz (&label("${mode}_aligned")); + &test ($out,0x0f); + &setz ("al"); # !out_misaligned + &test ($inp,0x0f); + &setz ("bl"); # !inp_misaligned + &test ("eax","ebx"); + &jnz (&label("${mode}_aligned")); + &neg ("eax"); + } + &mov ($chunk,$PADLOCK_CHUNK); + ¬ ("eax"); # out_misaligned?-1:0 + &lea ("ebp",&DWP(-24,"esp")); + &cmp ($len,$chunk); + &cmovc ($chunk,$len); # chunk=len>PADLOCK_CHUNK?PADLOCK_CHUNK:len + &and ("eax",$chunk); # out_misaligned?chunk:0 + &mov ($chunk,$len); + &neg ("eax"); + &and ($chunk,$PADLOCK_CHUNK-1); # chunk=len%PADLOCK_CHUNK + &lea ("esp",&DWP(0,"eax","ebp")); # alloca + &mov ("eax",$PADLOCK_CHUNK); + &cmovz ($chunk,"eax"); # chunk=chunk?:PADLOCK_CHUNK + &mov ("eax","ebp"); + &and ("ebp",-16); + &and ("esp",-16); + &mov (&DWP(16,"ebp"),"eax"); + if ($PADLOCK_PREFETCH{$mode}) { + &cmp ($len,$chunk); + &ja (&label("${mode}_loop")); + &mov ("eax",$inp); # check if prefetch crosses page + &cmp ("ebp","esp"); + &cmove ("eax",$out); + &add ("eax",$len); + &neg ("eax"); + &and ("eax",0xfff); # distance to page boundary + &cmp ("eax",$PADLOCK_PREFETCH{$mode}); + &mov ("eax",-$PADLOCK_PREFETCH{$mode}); + &cmovae ("eax",$chunk); # mask=distance<prefetch?-prefetch:-1 + &and ($chunk,"eax"); + &jz (&label("${mode}_unaligned_tail")); + } + &jmp (&label("${mode}_loop")); + +&set_label("${mode}_loop",16); + &mov (&DWP(0,"ebp"),$out); # save parameters + &mov (&DWP(4,"ebp"),$inp); + &mov (&DWP(8,"ebp"),$len); + &mov ($len,$chunk); + &mov (&DWP(12,"ebp"),$chunk); # chunk + if ($mode eq "ctr32") { + &mov ("ecx",&DWP(-4,$ctx)); + &xor ($out,$out); + &mov ("eax",&DWP(-8,$ctx)); # borrow $len +&set_label("${mode}_prepare"); + &mov (&DWP(12,"esp",$out),"ecx"); + &bswap ("ecx"); + &movq (&QWP(0,"esp",$out),"mm0"); + &inc ("ecx"); + &mov (&DWP(8,"esp",$out),"eax"); + &bswap ("ecx"); + &lea ($out,&DWP(16,$out)); + &cmp ($out,$chunk); + &jb (&label("${mode}_prepare")); + + &mov (&DWP(-4,$ctx),"ecx"); + &lea ($inp,&DWP(0,"esp")); + &lea ($out,&DWP(0,"esp")); + &mov ($len,$chunk); + } else { + &test ($out,0x0f); # out_misaligned + &cmovnz ($out,"esp"); + &test ($inp,0x0f); # inp_misaligned + &jz (&label("${mode}_inp_aligned")); + &shr ($len,2); + &data_byte(0xf3,0xa5); # rep movsl + &sub ($out,$chunk); + &mov ($len,$chunk); + &mov ($inp,$out); +&set_label("${mode}_inp_aligned"); + } + &lea ("eax",&DWP(-16,$ctx)); # ivp + &lea ("ebx",&DWP(16,$ctx)); # key + &shr ($len,4); # len/=AES_BLOCK_SIZE + &data_byte(0xf3,0x0f,0xa7,$opcode); # rep xcrypt* + if ($mode !~ /ecb|ctr/) { + &movaps ("xmm0",&QWP(0,"eax")); + &movaps (&QWP(-16,$ctx),"xmm0"); # copy [or refresh] iv + } + &mov ($out,&DWP(0,"ebp")); # restore parameters + &mov ($chunk,&DWP(12,"ebp")); + if ($mode eq "ctr32") { + &mov ($inp,&DWP(4,"ebp")); + &xor ($len,$len); +&set_label("${mode}_xor"); + &movups ("xmm1",&QWP(0,$inp,$len)); + &lea ($len,&DWP(16,$len)); + &pxor ("xmm1",&QWP(-16,"esp",$len)); + &movups (&QWP(-16,$out,$len),"xmm1"); + &cmp ($len,$chunk); + &jb (&label("${mode}_xor")); + } else { + &test ($out,0x0f); + &jz (&label("${mode}_out_aligned")); + &mov ($len,$chunk); + &lea ($inp,&DWP(0,"esp")); + &shr ($len,2); + &data_byte(0xf3,0xa5); # rep movsl + &sub ($out,$chunk); +&set_label("${mode}_out_aligned"); + &mov ($inp,&DWP(4,"ebp")); + } + &mov ($len,&DWP(8,"ebp")); + &add ($out,$chunk); + &add ($inp,$chunk); + &sub ($len,$chunk); + &mov ($chunk,$PADLOCK_CHUNK); + if (!$PADLOCK_PREFETCH{$mode}) { + &jnz (&label("${mode}_loop")); + } else { + &jz (&label("${mode}_break")); + &cmp ($len,$chunk); + &jae (&label("${mode}_loop")); + +&set_label("${mode}_unaligned_tail"); + &xor ("eax","eax"); + &cmp ("esp","ebp"); + &cmove ("eax",$len); + &sub ("esp","eax"); # alloca + &mov ("eax", $out); # save parameters + &mov ($chunk,$len); + &shr ($len,2); + &lea ($out,&DWP(0,"esp")); + &data_byte(0xf3,0xa5); # rep movsl + &mov ($inp,"esp"); + &mov ($out,"eax"); # restore parameters + &mov ($len,$chunk); + &jmp (&label("${mode}_loop")); + +&set_label("${mode}_break",16); + } + if ($mode ne "ctr32") { + &cmp ("esp","ebp"); + &je (&label("${mode}_done")); + } + &pxor ("xmm0","xmm0"); + &lea ("eax",&DWP(0,"esp")); +&set_label("${mode}_bzero"); + &movaps (&QWP(0,"eax"),"xmm0"); + &lea ("eax",&DWP(16,"eax")); + &cmp ("ebp","eax"); + &ja (&label("${mode}_bzero")); + +&set_label("${mode}_done"); + &mov ("ebp",&DWP(16,"ebp")); + &lea ("esp",&DWP(24,"ebp")); + if ($mode ne "ctr32") { + &jmp (&label("${mode}_exit")); + +&set_label("${mode}_aligned",16); + if ($PADLOCK_PREFETCH{$mode}) { + &lea ("ebp",&DWP(0,$inp,$len)); + &neg ("ebp"); + &and ("ebp",0xfff); # distance to page boundary + &xor ("eax","eax"); + &cmp ("ebp",$PADLOCK_PREFETCH{$mode}); + &mov ("ebp",$PADLOCK_PREFETCH{$mode}-1); + &cmovae ("ebp","eax"); + &and ("ebp",$len); # remainder + &sub ($len,"ebp"); + &jz (&label("${mode}_aligned_tail")); + } + &lea ("eax",&DWP(-16,$ctx)); # ivp + &lea ("ebx",&DWP(16,$ctx)); # key + &shr ($len,4); # len/=AES_BLOCK_SIZE + &data_byte(0xf3,0x0f,0xa7,$opcode); # rep xcrypt* + if ($mode ne "ecb") { + &movaps ("xmm0",&QWP(0,"eax")); + &movaps (&QWP(-16,$ctx),"xmm0"); # copy [or refresh] iv + } + if ($PADLOCK_PREFETCH{$mode}) { + &test ("ebp","ebp"); + &jz (&label("${mode}_exit")); + +&set_label("${mode}_aligned_tail"); + &mov ($len,"ebp"); + &lea ("ebp",&DWP(-24,"esp")); + &mov ("esp","ebp"); + &mov ("eax","ebp"); + &sub ("esp",$len); + &and ("ebp",-16); + &and ("esp",-16); + &mov (&DWP(16,"ebp"),"eax"); + &mov ("eax", $out); # save parameters + &mov ($chunk,$len); + &shr ($len,2); + &lea ($out,&DWP(0,"esp")); + &data_byte(0xf3,0xa5); # rep movsl + &mov ($inp,"esp"); + &mov ($out,"eax"); # restore parameters + &mov ($len,$chunk); + &jmp (&label("${mode}_loop")); + } +&set_label("${mode}_exit"); } + &mov ("eax",1); + &lea ("esp",&DWP(4,"esp")); # popf + &emms () if ($mode eq "ctr32"); +&set_label("${mode}_abort"); +&function_end("padlock_${mode}_encrypt"); +} + +&generate_mode("ecb",0xc8); +&generate_mode("cbc",0xd0); +&generate_mode("cfb",0xe0); +&generate_mode("ofb",0xe8); +&generate_mode("ctr32",0xc8); # yes, it implements own CTR with ECB opcode, + # because hardware CTR was introduced later + # and even has errata on certain C7 stepping. + # own implementation *always* works, though + # ~15% slower than dedicated hardware... + +&function_begin_B("padlock_xstore"); + &push ("edi"); + &mov ("edi",&wparam(0)); + &mov ("edx",&wparam(1)); + &data_byte(0x0f,0xa7,0xc0); # xstore + &pop ("edi"); + &ret (); +&function_end_B("padlock_xstore"); + +&function_begin_B("_win32_segv_handler"); + &mov ("eax",1); # ExceptionContinueSearch + &mov ("edx",&wparam(0)); # *ExceptionRecord + &mov ("ecx",&wparam(2)); # *ContextRecord + &cmp (&DWP(0,"edx"),0xC0000005) # ExceptionRecord->ExceptionCode == STATUS_ACCESS_VIOLATION + &jne (&label("ret")); + &add (&DWP(184,"ecx"),4); # skip over rep sha* + &mov ("eax",0); # ExceptionContinueExecution +&set_label("ret"); + &ret (); +&function_end_B("_win32_segv_handler"); +&safeseh("_win32_segv_handler") if ($::win32); + +&function_begin_B("padlock_sha1_oneshot"); + &push ("edi"); + &push ("esi"); + &xor ("eax","eax"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("ecx",&wparam(2)); + if ($::win32 or $::coff) { + &push (&::islabel("_win32_segv_handler")); + &data_byte(0x64,0xff,0x30); # push %fs:(%eax) + &data_byte(0x64,0x89,0x20); # mov %esp,%fs:(%eax) + } + &mov ("edx","esp"); # put aside %esp + &add ("esp",-128); # 32 is enough but spec says 128 + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &mov ("eax",&DWP(16,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &mov (&DWP(16,"esp"),"eax"); + &xor ("eax","eax"); + &data_byte(0xf3,0x0f,0xa6,0xc8); # rep xsha1 + &movaps ("xmm0",&QWP(0,"esp")); + &mov ("eax",&DWP(16,"esp")); + &mov ("esp","edx"); # restore %esp + if ($::win32 or $::coff) { + &data_byte(0x64,0x8f,0x05,0,0,0,0); # pop %fs:0 + &lea ("esp",&DWP(4,"esp")); + } + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &mov (&DWP(16,"edi"),"eax"); + &pop ("esi"); + &pop ("edi"); + &ret (); +&function_end_B("padlock_sha1_oneshot"); + +&function_begin_B("padlock_sha1_blocks"); + &push ("edi"); + &push ("esi"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("edx","esp"); # put aside %esp + &mov ("ecx",&wparam(2)); + &add ("esp",-128); + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &mov ("eax",&DWP(16,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &mov (&DWP(16,"esp"),"eax"); + &mov ("eax",-1); + &data_byte(0xf3,0x0f,0xa6,0xc8); # rep xsha1 + &movaps ("xmm0",&QWP(0,"esp")); + &mov ("eax",&DWP(16,"esp")); + &mov ("esp","edx"); # restore %esp + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &mov (&DWP(16,"edi"),"eax"); + &pop ("esi"); + &pop ("edi"); + &ret (); +&function_end_B("padlock_sha1_blocks"); + +&function_begin_B("padlock_sha256_oneshot"); + &push ("edi"); + &push ("esi"); + &xor ("eax","eax"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("ecx",&wparam(2)); + if ($::win32 or $::coff) { + &push (&::islabel("_win32_segv_handler")); + &data_byte(0x64,0xff,0x30); # push %fs:(%eax) + &data_byte(0x64,0x89,0x20); # mov %esp,%fs:(%eax) + } + &mov ("edx","esp"); # put aside %esp + &add ("esp",-128); + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &movups ("xmm1",&QWP(16,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &movaps (&QWP(16,"esp"),"xmm1"); + &xor ("eax","eax"); + &data_byte(0xf3,0x0f,0xa6,0xd0); # rep xsha256 + &movaps ("xmm0",&QWP(0,"esp")); + &movaps ("xmm1",&QWP(16,"esp")); + &mov ("esp","edx"); # restore %esp + if ($::win32 or $::coff) { + &data_byte(0x64,0x8f,0x05,0,0,0,0); # pop %fs:0 + &lea ("esp",&DWP(4,"esp")); + } + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &movups (&QWP(16,"edi"),"xmm1"); + &pop ("esi"); + &pop ("edi"); + &ret (); +&function_end_B("padlock_sha256_oneshot"); + +&function_begin_B("padlock_sha256_blocks"); + &push ("edi"); + &push ("esi"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("ecx",&wparam(2)); + &mov ("edx","esp"); # put aside %esp + &add ("esp",-128); + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &movups ("xmm1",&QWP(16,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &movaps (&QWP(16,"esp"),"xmm1"); + &mov ("eax",-1); + &data_byte(0xf3,0x0f,0xa6,0xd0); # rep xsha256 + &movaps ("xmm0",&QWP(0,"esp")); + &movaps ("xmm1",&QWP(16,"esp")); + &mov ("esp","edx"); # restore %esp + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &movups (&QWP(16,"edi"),"xmm1"); + &pop ("esi"); + &pop ("edi"); + &ret (); +&function_end_B("padlock_sha256_blocks"); + +&function_begin_B("padlock_sha512_blocks"); + &push ("edi"); + &push ("esi"); + &mov ("edi",&wparam(0)); + &mov ("esi",&wparam(1)); + &mov ("ecx",&wparam(2)); + &mov ("edx","esp"); # put aside %esp + &add ("esp",-128); + &movups ("xmm0",&QWP(0,"edi")); # copy-in context + &and ("esp",-16); + &movups ("xmm1",&QWP(16,"edi")); + &movups ("xmm2",&QWP(32,"edi")); + &movups ("xmm3",&QWP(48,"edi")); + &movaps (&QWP(0,"esp"),"xmm0"); + &mov ("edi","esp"); + &movaps (&QWP(16,"esp"),"xmm1"); + &movaps (&QWP(32,"esp"),"xmm2"); + &movaps (&QWP(48,"esp"),"xmm3"); + &data_byte(0xf3,0x0f,0xa6,0xe0); # rep xsha512 + &movaps ("xmm0",&QWP(0,"esp")); + &movaps ("xmm1",&QWP(16,"esp")); + &movaps ("xmm2",&QWP(32,"esp")); + &movaps ("xmm3",&QWP(48,"esp")); + &mov ("esp","edx"); # restore %esp + &mov ("edi",&wparam(0)); + &movups (&QWP(0,"edi"),"xmm0"); # copy-out context + &movups (&QWP(16,"edi"),"xmm1"); + &movups (&QWP(32,"edi"),"xmm2"); + &movups (&QWP(48,"edi"),"xmm3"); + &pop ("esi"); + &pop ("edi"); + &ret (); +&function_end_B("padlock_sha512_blocks"); + +&asciz ("VIA Padlock x86 module, CRYPTOGAMS by <appro\@openssl.org>"); +&align (16); + +&dataseg(); +# Essentially this variable belongs in thread local storage. +# Having this variable global on the other hand can only cause +# few bogus key reloads [if any at all on signle-CPU system], +# so we accept the penalty... +&set_label("padlock_saved_context",4); +&data_word(0); + +&asm_finish(); + +close STDOUT; diff --git a/engines/asm/e_padlock-x86_64.pl b/engines/asm/e_padlock-x86_64.pl new file mode 100755 index 000000000000..09b0aaa48dfe --- /dev/null +++ b/engines/asm/e_padlock-x86_64.pl @@ -0,0 +1,583 @@ +#! /usr/bin/env perl +# Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +# ==================================================================== +# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL +# project. The module is, however, dual licensed under OpenSSL and +# CRYPTOGAMS licenses depending on where you obtain it. For further +# details see http://www.openssl.org/~appro/cryptogams/. +# ==================================================================== + +# September 2011 +# +# Assembler helpers for Padlock engine. See even e_padlock-x86.pl for +# details. + +$flavour = shift; +$output = shift; +if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } + +$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); + +$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; +( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or +( $xlate="${dir}../../crypto/perlasm/x86_64-xlate.pl" and -f $xlate) or +die "can't locate x86_64-xlate.pl"; + +open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\""; +*STDOUT=*OUT; + +$code=".text\n"; + +%PADLOCK_PREFETCH=(ecb=>128, cbc=>64, ctr32=>32); # prefetch errata +$PADLOCK_CHUNK=512; # Must be a power of 2 between 32 and 2^20 + +$ctx="%rdx"; +$out="%rdi"; +$inp="%rsi"; +$len="%rcx"; +$chunk="%rbx"; + +($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order + ("%rdi","%rsi","%rdx","%rcx"); # Unix order + +$code.=<<___; +.globl padlock_capability +.type padlock_capability,\@abi-omnipotent +.align 16 +padlock_capability: + mov %rbx,%r8 + xor %eax,%eax + cpuid + xor %eax,%eax + cmp \$`"0x".unpack("H*",'tneC')`,%ebx + jne .Lzhaoxin + cmp \$`"0x".unpack("H*",'Hrua')`,%edx + jne .Lnoluck + cmp \$`"0x".unpack("H*",'slua')`,%ecx + jne .Lnoluck + jmp .LzhaoxinEnd +.Lzhaoxin: + cmp \$`"0x".unpack("H*",'hS ')`,%ebx + jne .Lnoluck + cmp \$`"0x".unpack("H*",'hgna')`,%edx + jne .Lnoluck + cmp \$`"0x".unpack("H*",' ia')`,%ecx + jne .Lnoluck +.LzhaoxinEnd: + mov \$0xC0000000,%eax + cpuid + mov %eax,%edx + xor %eax,%eax + cmp \$0xC0000001,%edx + jb .Lnoluck + mov \$0xC0000001,%eax + cpuid + mov %edx,%eax + and \$0xffffffef,%eax + or \$0x10,%eax # set Nano bit#4 +.Lnoluck: + mov %r8,%rbx + ret +.size padlock_capability,.-padlock_capability + +.globl padlock_key_bswap +.type padlock_key_bswap,\@abi-omnipotent,0 +.align 16 +padlock_key_bswap: + mov 240($arg1),%edx +.Lbswap_loop: + mov ($arg1),%eax + bswap %eax + mov %eax,($arg1) + lea 4($arg1),$arg1 + sub \$1,%edx + jnz .Lbswap_loop + ret +.size padlock_key_bswap,.-padlock_key_bswap + +.globl padlock_verify_context +.type padlock_verify_context,\@abi-omnipotent +.align 16 +padlock_verify_context: + mov $arg1,$ctx + pushf + lea .Lpadlock_saved_context(%rip),%rax + call _padlock_verify_ctx + lea 8(%rsp),%rsp + ret +.size padlock_verify_context,.-padlock_verify_context + +.type _padlock_verify_ctx,\@abi-omnipotent +.align 16 +_padlock_verify_ctx: + mov 8(%rsp),%r8 + bt \$30,%r8 + jnc .Lverified + cmp (%rax),$ctx + je .Lverified + pushf + popf +.Lverified: + mov $ctx,(%rax) + ret +.size _padlock_verify_ctx,.-_padlock_verify_ctx + +.globl padlock_reload_key +.type padlock_reload_key,\@abi-omnipotent +.align 16 +padlock_reload_key: + pushf + popf + ret +.size padlock_reload_key,.-padlock_reload_key + +.globl padlock_aes_block +.type padlock_aes_block,\@function,3 +.align 16 +padlock_aes_block: + mov %rbx,%r8 + mov \$1,$len + lea 32($ctx),%rbx # key + lea 16($ctx),$ctx # control word + .byte 0xf3,0x0f,0xa7,0xc8 # rep xcryptecb + mov %r8,%rbx + ret +.size padlock_aes_block,.-padlock_aes_block + +.globl padlock_xstore +.type padlock_xstore,\@function,2 +.align 16 +padlock_xstore: + mov %esi,%edx + .byte 0x0f,0xa7,0xc0 # xstore + ret +.size padlock_xstore,.-padlock_xstore + +.globl padlock_sha1_oneshot +.type padlock_sha1_oneshot,\@function,3 +.align 16 +padlock_sha1_oneshot: + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + mov 16(%rdi),%eax + movaps %xmm0,(%rsp) + mov %rsp,%rdi + mov %eax,16(%rsp) + xor %rax,%rax + .byte 0xf3,0x0f,0xa6,0xc8 # rep xsha1 + movaps (%rsp),%xmm0 + mov 16(%rsp),%eax + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + mov %eax,16(%rdx) + ret +.size padlock_sha1_oneshot,.-padlock_sha1_oneshot + +.globl padlock_sha1_blocks +.type padlock_sha1_blocks,\@function,3 +.align 16 +padlock_sha1_blocks: + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + mov 16(%rdi),%eax + movaps %xmm0,(%rsp) + mov %rsp,%rdi + mov %eax,16(%rsp) + mov \$-1,%rax + .byte 0xf3,0x0f,0xa6,0xc8 # rep xsha1 + movaps (%rsp),%xmm0 + mov 16(%rsp),%eax + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + mov %eax,16(%rdx) + ret +.size padlock_sha1_blocks,.-padlock_sha1_blocks + +.globl padlock_sha256_oneshot +.type padlock_sha256_oneshot,\@function,3 +.align 16 +padlock_sha256_oneshot: + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + movups 16(%rdi),%xmm1 + movaps %xmm0,(%rsp) + mov %rsp,%rdi + movaps %xmm1,16(%rsp) + xor %rax,%rax + .byte 0xf3,0x0f,0xa6,0xd0 # rep xsha256 + movaps (%rsp),%xmm0 + movaps 16(%rsp),%xmm1 + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + movups %xmm1,16(%rdx) + ret +.size padlock_sha256_oneshot,.-padlock_sha256_oneshot + +.globl padlock_sha256_blocks +.type padlock_sha256_blocks,\@function,3 +.align 16 +padlock_sha256_blocks: + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + movups 16(%rdi),%xmm1 + movaps %xmm0,(%rsp) + mov %rsp,%rdi + movaps %xmm1,16(%rsp) + mov \$-1,%rax + .byte 0xf3,0x0f,0xa6,0xd0 # rep xsha256 + movaps (%rsp),%xmm0 + movaps 16(%rsp),%xmm1 + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + movups %xmm1,16(%rdx) + ret +.size padlock_sha256_blocks,.-padlock_sha256_blocks + +.globl padlock_sha512_blocks +.type padlock_sha512_blocks,\@function,3 +.align 16 +padlock_sha512_blocks: + mov %rdx,%rcx + mov %rdi,%rdx # put aside %rdi + movups (%rdi),%xmm0 # copy-in context + sub \$128+8,%rsp + movups 16(%rdi),%xmm1 + movups 32(%rdi),%xmm2 + movups 48(%rdi),%xmm3 + movaps %xmm0,(%rsp) + mov %rsp,%rdi + movaps %xmm1,16(%rsp) + movaps %xmm2,32(%rsp) + movaps %xmm3,48(%rsp) + .byte 0xf3,0x0f,0xa6,0xe0 # rep xha512 + movaps (%rsp),%xmm0 + movaps 16(%rsp),%xmm1 + movaps 32(%rsp),%xmm2 + movaps 48(%rsp),%xmm3 + add \$128+8,%rsp + movups %xmm0,(%rdx) # copy-out context + movups %xmm1,16(%rdx) + movups %xmm2,32(%rdx) + movups %xmm3,48(%rdx) + ret +.size padlock_sha512_blocks,.-padlock_sha512_blocks +___ + +sub generate_mode { +my ($mode,$opcode) = @_; +# int padlock_$mode_encrypt(void *out, const void *inp, +# struct padlock_cipher_data *ctx, size_t len); +$code.=<<___; +.globl padlock_${mode}_encrypt +.type padlock_${mode}_encrypt,\@function,4 +.align 16 +padlock_${mode}_encrypt: + push %rbp + push %rbx + + xor %eax,%eax + test \$15,$ctx + jnz .L${mode}_abort + test \$15,$len + jnz .L${mode}_abort + lea .Lpadlock_saved_context(%rip),%rax + pushf + cld + call _padlock_verify_ctx + lea 16($ctx),$ctx # control word + xor %eax,%eax + xor %ebx,%ebx + testl \$`1<<5`,($ctx) # align bit in control word + jnz .L${mode}_aligned + test \$0x0f,$out + setz %al # !out_misaligned + test \$0x0f,$inp + setz %bl # !inp_misaligned + test %ebx,%eax + jnz .L${mode}_aligned + neg %rax + mov \$$PADLOCK_CHUNK,$chunk + not %rax # out_misaligned?-1:0 + lea (%rsp),%rbp + cmp $chunk,$len + cmovc $len,$chunk # chunk=len>PADLOCK_CHUNK?PADLOCK_CHUNK:len + and $chunk,%rax # out_misaligned?chunk:0 + mov $len,$chunk + neg %rax + and \$$PADLOCK_CHUNK-1,$chunk # chunk%=PADLOCK_CHUNK + lea (%rax,%rbp),%rsp + mov \$$PADLOCK_CHUNK,%rax + cmovz %rax,$chunk # chunk=chunk?:PADLOCK_CHUNK +___ +$code.=<<___ if ($mode eq "ctr32"); +.L${mode}_reenter: + mov -4($ctx),%eax # pull 32-bit counter + bswap %eax + neg %eax + and \$`$PADLOCK_CHUNK/16-1`,%eax + mov \$$PADLOCK_CHUNK,$chunk + shl \$4,%eax + cmovz $chunk,%rax + cmp %rax,$len + cmova %rax,$chunk # don't let counter cross PADLOCK_CHUNK + cmovbe $len,$chunk +___ +$code.=<<___ if ($PADLOCK_PREFETCH{$mode}); + cmp $chunk,$len + ja .L${mode}_loop + mov $inp,%rax # check if prefetch crosses page + cmp %rsp,%rbp + cmove $out,%rax + add $len,%rax + neg %rax + and \$0xfff,%rax # distance to page boundary + cmp \$$PADLOCK_PREFETCH{$mode},%rax + mov \$-$PADLOCK_PREFETCH{$mode},%rax + cmovae $chunk,%rax # mask=distance<prefetch?-prefetch:-1 + and %rax,$chunk + jz .L${mode}_unaligned_tail +___ +$code.=<<___; + jmp .L${mode}_loop +.align 16 +.L${mode}_loop: + cmp $len,$chunk # ctr32 artefact + cmova $len,$chunk # ctr32 artefact + mov $out,%r8 # save parameters + mov $inp,%r9 + mov $len,%r10 + mov $chunk,$len + mov $chunk,%r11 + test \$0x0f,$out # out_misaligned + cmovnz %rsp,$out + test \$0x0f,$inp # inp_misaligned + jz .L${mode}_inp_aligned + shr \$3,$len + .byte 0xf3,0x48,0xa5 # rep movsq + sub $chunk,$out + mov $chunk,$len + mov $out,$inp +.L${mode}_inp_aligned: + lea -16($ctx),%rax # ivp + lea 16($ctx),%rbx # key + shr \$4,$len + .byte 0xf3,0x0f,0xa7,$opcode # rep xcrypt* +___ +$code.=<<___ if ($mode !~ /ecb|ctr/); + movdqa (%rax),%xmm0 + movdqa %xmm0,-16($ctx) # copy [or refresh] iv +___ +$code.=<<___ if ($mode eq "ctr32"); + mov -4($ctx),%eax # pull 32-bit counter + test \$0xffff0000,%eax + jnz .L${mode}_no_carry + bswap %eax + add \$0x10000,%eax + bswap %eax + mov %eax,-4($ctx) +.L${mode}_no_carry: +___ +$code.=<<___; + mov %r8,$out # restore parameters + mov %r11,$chunk + test \$0x0f,$out + jz .L${mode}_out_aligned + mov $chunk,$len + lea (%rsp),$inp + shr \$3,$len + .byte 0xf3,0x48,0xa5 # rep movsq + sub $chunk,$out +.L${mode}_out_aligned: + mov %r9,$inp + mov %r10,$len + add $chunk,$out + add $chunk,$inp + sub $chunk,$len + mov \$$PADLOCK_CHUNK,$chunk +___ + if (!$PADLOCK_PREFETCH{$mode}) { +$code.=<<___; + jnz .L${mode}_loop +___ + } else { +$code.=<<___; + jz .L${mode}_break + cmp $chunk,$len + jae .L${mode}_loop +___ +$code.=<<___ if ($mode eq "ctr32"); + mov $len,$chunk + mov $inp,%rax # check if prefetch crosses page + cmp %rsp,%rbp + cmove $out,%rax + add $len,%rax + neg %rax + and \$0xfff,%rax # distance to page boundary + cmp \$$PADLOCK_PREFETCH{$mode},%rax + mov \$-$PADLOCK_PREFETCH{$mode},%rax + cmovae $chunk,%rax + and %rax,$chunk + jnz .L${mode}_loop +___ +$code.=<<___; +.L${mode}_unaligned_tail: + xor %eax,%eax + cmp %rsp,%rbp + cmove $len,%rax + mov $out,%r8 # save parameters + mov $len,$chunk + sub %rax,%rsp # alloca + shr \$3,$len + lea (%rsp),$out + .byte 0xf3,0x48,0xa5 # rep movsq + mov %rsp,$inp + mov %r8, $out # restore parameters + mov $chunk,$len + jmp .L${mode}_loop +.align 16 +.L${mode}_break: +___ + } +$code.=<<___; + cmp %rbp,%rsp + je .L${mode}_done + + pxor %xmm0,%xmm0 + lea (%rsp),%rax +.L${mode}_bzero: + movaps %xmm0,(%rax) + lea 16(%rax),%rax + cmp %rax,%rbp + ja .L${mode}_bzero + +.L${mode}_done: + lea (%rbp),%rsp + jmp .L${mode}_exit + +.align 16 +.L${mode}_aligned: +___ +$code.=<<___ if ($mode eq "ctr32"); + mov -4($ctx),%eax # pull 32-bit counter + bswap %eax + neg %eax + and \$0xffff,%eax + mov \$`16*0x10000`,$chunk + shl \$4,%eax + cmovz $chunk,%rax + cmp %rax,$len + cmova %rax,$chunk # don't let counter cross 2^16 + cmovbe $len,$chunk + jbe .L${mode}_aligned_skip + +.L${mode}_aligned_loop: + mov $len,%r10 # save parameters + mov $chunk,$len + mov $chunk,%r11 + + lea -16($ctx),%rax # ivp + lea 16($ctx),%rbx # key + shr \$4,$len # len/=AES_BLOCK_SIZE + .byte 0xf3,0x0f,0xa7,$opcode # rep xcrypt* + + mov -4($ctx),%eax # pull 32-bit counter + bswap %eax + add \$0x10000,%eax + bswap %eax + mov %eax,-4($ctx) + + mov %r10,$len # restore parameters + sub %r11,$len + mov \$`16*0x10000`,$chunk + jz .L${mode}_exit + cmp $chunk,$len + jae .L${mode}_aligned_loop + +.L${mode}_aligned_skip: +___ +$code.=<<___ if ($PADLOCK_PREFETCH{$mode}); + lea ($inp,$len),%rbp + neg %rbp + and \$0xfff,%rbp # distance to page boundary + xor %eax,%eax + cmp \$$PADLOCK_PREFETCH{$mode},%rbp + mov \$$PADLOCK_PREFETCH{$mode}-1,%rbp + cmovae %rax,%rbp + and $len,%rbp # remainder + sub %rbp,$len + jz .L${mode}_aligned_tail +___ +$code.=<<___; + lea -16($ctx),%rax # ivp + lea 16($ctx),%rbx # key + shr \$4,$len # len/=AES_BLOCK_SIZE + .byte 0xf3,0x0f,0xa7,$opcode # rep xcrypt* +___ +$code.=<<___ if ($mode !~ /ecb|ctr/); + movdqa (%rax),%xmm0 + movdqa %xmm0,-16($ctx) # copy [or refresh] iv +___ +$code.=<<___ if ($PADLOCK_PREFETCH{$mode}); + test %rbp,%rbp # check remainder + jz .L${mode}_exit + +.L${mode}_aligned_tail: + mov $out,%r8 + mov %rbp,$chunk + mov %rbp,$len + lea (%rsp),%rbp + sub $len,%rsp + shr \$3,$len + lea (%rsp),$out + .byte 0xf3,0x48,0xa5 # rep movsq + lea (%r8),$out + lea (%rsp),$inp + mov $chunk,$len + jmp .L${mode}_loop +___ +$code.=<<___; +.L${mode}_exit: + mov \$1,%eax + lea 8(%rsp),%rsp +.L${mode}_abort: + pop %rbx + pop %rbp + ret +.size padlock_${mode}_encrypt,.-padlock_${mode}_encrypt +___ +} + +&generate_mode("ecb",0xc8); +&generate_mode("cbc",0xd0); +&generate_mode("cfb",0xe0); +&generate_mode("ofb",0xe8); +&generate_mode("ctr32",0xd8); # all 64-bit CPUs have working CTR... + +$code.=<<___; +.asciz "VIA Padlock x86_64 module, CRYPTOGAMS by <appro\@openssl.org>" +.align 16 +.data +.align 8 +.Lpadlock_saved_context: + .quad 0 +___ +$code =~ s/\`([^\`]*)\`/eval($1)/gem; + +print $code; + +close STDOUT; diff --git a/engines/build.info b/engines/build.info new file mode 100644 index 000000000000..df173ea69d91 --- /dev/null +++ b/engines/build.info @@ -0,0 +1,43 @@ +IF[{- !$disabled{"engine"} -}] + + IF[{- $disabled{"dynamic-engine"} -}] + LIBS=../libcrypto + SOURCE[../libcrypto]=\ + e_padlock.c {- $target{padlock_asm_src} -} + IF[{- !$disabled{capieng} -}] + SOURCE[../libcrypto]=e_capi.c + ENDIF + IF[{- !$disabled{afalgeng} -}] + SOURCE[../libcrypto]=e_afalg.c + ENDIF + ELSE + ENGINES=padlock + SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -} + DEPEND[padlock]=../libcrypto + INCLUDE[padlock]=../include + IF[{- !$disabled{capieng} -}] + ENGINES=capi + SOURCE[capi]=e_capi.c + DEPEND[capi]=../libcrypto + INCLUDE[capi]=../include + ENDIF + IF[{- !$disabled{afalgeng} -}] + ENGINES=afalg + SOURCE[afalg]=e_afalg.c + DEPEND[afalg]=../libcrypto + INCLUDE[afalg]= ../include + ENDIF + + ENGINES_NO_INST=ossltest dasync + SOURCE[dasync]=e_dasync.c + DEPEND[dasync]=../libcrypto + INCLUDE[dasync]=../include + SOURCE[ossltest]=e_ossltest.c + DEPEND[ossltest]=../libcrypto + INCLUDE[ossltest]=../include + ENDIF + + GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl \ + $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR) + GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME) +ENDIF diff --git a/engines/ccgost/Makefile b/engines/ccgost/Makefile deleted file mode 100644 index f378530c8642..000000000000 --- a/engines/ccgost/Makefile +++ /dev/null @@ -1,276 +0,0 @@ -DIR=ccgost -TOP=../.. -CC=cc -INCLUDES= -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r -CFLAGS= $(INCLUDES) $(CFLAG) -LIB=$(TOP)/libcrypto.a - -LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c - -LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost94_keyx.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_params.o gost_pmeth.o gost_sign.o - -SRC=$(LIBSRC) - -LIBNAME=gost - -top: - (cd $(TOP); $(MAKE) DIRS=engines EDIRS=$(DIR) sub_all) - -all: lib - -tags: - ctags $(SRC) - -errors: - $(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC) - -lib: $(LIBOBJ) - if [ -n "$(SHARED_LIBS)" ]; then \ - $(MAKE) -f $(TOP)/Makefile.shared -e \ - LIBNAME=$(LIBNAME) \ - LIBEXTRAS='$(LIBOBJ)' \ - LIBDEPS='-L$(TOP) -lcrypto $(EX_LIBS)' \ - link_o.$(SHLIB_TARGET); \ - else \ - $(AR) $(LIB) $(LIBOBJ); \ - fi - @touch lib - -install: - [ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - if [ -n "$(SHARED_LIBS)" ]; then \ - set -e; \ - echo installing $(LIBNAME); \ - pfx=lib; \ - if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \ - sfx=".so"; \ - cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - else \ - case "$(CFLAGS)" in \ - *DSO_BEOS*) sfx=".so";; \ - *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \ - *DSO_DL*) sfx=".sl";; \ - *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ - *) sfx=".bad";; \ - esac; \ - cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - fi; \ - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ - fi - -links: - -tests: - -update: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi - -depend: local_depend - @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi -local_depend: - @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -gost2001.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost2001.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost2001.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost2001.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost2001.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost2001.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost2001.o: ../../include/openssl/err.h ../../include/openssl/evp.h -gost2001.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -gost2001.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -gost2001.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost2001.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -gost2001.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -gost2001.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -gost2001.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -gost2001.o: e_gost_err.h gost2001.c gost89.h gost_lcl.h gost_params.h -gost2001.o: gosthash.h -gost2001_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost2001_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost2001_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost2001_keyx.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost2001_keyx.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost2001_keyx.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost2001_keyx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -gost2001_keyx.o: ../../include/openssl/obj_mac.h -gost2001_keyx.o: ../../include/openssl/objects.h -gost2001_keyx.o: ../../include/openssl/opensslconf.h -gost2001_keyx.o: ../../include/openssl/opensslv.h -gost2001_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -gost2001_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -gost2001_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost2001_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost2001_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost2001_keyx.c -gost2001_keyx.o: gost2001_keyx.h gost89.h gost_keywrap.h gost_lcl.h gosthash.h -gost89.o: gost89.c gost89.h -gost94_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost94_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost94_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost94_keyx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -gost94_keyx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -gost94_keyx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -gost94_keyx.o: ../../include/openssl/engine.h ../../include/openssl/evp.h -gost94_keyx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -gost94_keyx.o: ../../include/openssl/objects.h -gost94_keyx.o: ../../include/openssl/opensslconf.h -gost94_keyx.o: ../../include/openssl/opensslv.h -gost94_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -gost94_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -gost94_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost94_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h -gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h -gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h -gost_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -gost_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -gost_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -gost_ameth.o: ../../include/openssl/engine.h ../../include/openssl/err.h -gost_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -gost_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -gost_ameth.o: ../../include/openssl/opensslconf.h -gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -gost_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost_ameth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h -gost_ameth.o: gost_ameth.c gost_lcl.h gost_params.h gosthash.h -gost_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -gost_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -gost_asn1.o: ../../include/openssl/opensslconf.h -gost_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -gost_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost_asn1.o: ../../include/openssl/x509_vfy.h gost89.h gost_asn1.c gost_lcl.h -gost_asn1.o: gosthash.h -gost_crypt.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_crypt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_crypt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost_crypt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost_crypt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost_crypt.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost_crypt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -gost_crypt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -gost_crypt.o: ../../include/openssl/opensslconf.h -gost_crypt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_crypt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -gost_crypt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -gost_crypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -gost_crypt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -gost_crypt.o: e_gost_err.h gost89.h gost_crypt.c gost_lcl.h gosthash.h -gost_ctl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_ctl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_ctl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost_ctl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost_ctl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost_ctl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost_ctl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -gost_ctl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -gost_ctl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -gost_ctl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_ctl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -gost_ctl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost_ctl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost_ctl.o: ../../include/openssl/x509_vfy.h gost89.h gost_ctl.c gost_lcl.h -gost_ctl.o: gosthash.h -gost_eng.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost_eng.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h -gost_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -gost_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -gost_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -gost_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost_eng.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_eng.c -gost_eng.o: gost_lcl.h gosthash.h -gost_keywrap.o: gost89.h gost_keywrap.c gost_keywrap.h -gost_md.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_md.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost_md.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost_md.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost_md.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -gost_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -gost_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -gost_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -gost_md.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -gost_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -gost_md.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -gost_md.o: e_gost_err.h gost89.h gost_lcl.h gost_md.c gosthash.h -gost_params.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -gost_params.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -gost_params.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -gost_params.o: ../../include/openssl/opensslconf.h -gost_params.o: ../../include/openssl/opensslv.h -gost_params.o: ../../include/openssl/ossl_typ.h -gost_params.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -gost_params.o: ../../include/openssl/symhacks.h gost_params.c gost_params.h -gost_pmeth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -gost_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -gost_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -gost_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -gost_pmeth.o: ../../include/openssl/engine.h ../../include/openssl/evp.h -gost_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -gost_pmeth.o: ../../include/openssl/objects.h -gost_pmeth.o: ../../include/openssl/opensslconf.h -gost_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -gost_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -gost_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -gost_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -gost_pmeth.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_pmeth.c -gost_pmeth.o: gosthash.h -gost_sign.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -gost_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -gost_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -gost_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -gost_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -gost_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -gost_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -gost_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -gost_sign.o: ../../include/openssl/objects.h -gost_sign.o: ../../include/openssl/opensslconf.h -gost_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -gost_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -gost_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -gost_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -gost_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -gost_sign.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_sign.c -gost_sign.o: gosthash.h -gosthash.o: gost89.h gosthash.c gosthash.h diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost deleted file mode 100644 index 80f7900d0987..000000000000 --- a/engines/ccgost/README.gost +++ /dev/null @@ -1,299 +0,0 @@ -GOST ENGINE - -This engine provides implementation of Russian cryptography standard. -This is also an example of adding new cryptoalgorithms into OpenSSL -without changing its core. If OpenSSL is compiled with dynamic engine -support, new algorithms can be added even without recompilation of -OpenSSL and applications which use it. - -ALGORITHMS SUPPORTED - -GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms. - Also support key exchange based on public keys. See RFC 4357 for - details of VKO key exchange algorithm. These algorithms use - 256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for - 2001 (which is elliptic-curve based). Key exchange algorithms - (VKO R 34.10) are supported on these keys too. - -GOST R 34.11-94 Message digest algorithm. 256-bit hash value - -GOST 28147-89 - Symmetric cipher with 256-bit key. Various modes are - defined in the standard, but only CFB and CNT modes are implemented - in the engine. To make statistical analysis more difficult, key - meshing is supported (see RFC 4357). - -GOST 28147-89 MAC mode. Message authentication code. While most MAC - algorithms out there are based on hash functions using HMAC - algorithm, this algoritm is based on symmetric cipher. - It has 256-bit symmetric key and only 32 bits of MAC value - (while HMAC has same key size and value size). - - It is implemented as combination of EVP_PKEY type and EVP_MD type. - -USAGE OF THESE ALGORITHMS - -This engine is designed to allow usage of this algorithms in the -high-level openssl functions, such as PKI, S/MIME and TLS. - -See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI. -TLS support is implemented according IETF -draft-chudov-cryptopro-cptls-03.txt and is compatible with -CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP. -GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported -because they use ciphersuite numbers used now by AES ciphersuites. - -To use the engine you have to load it via openssl configuration -file. Applications should read openssl configuration file or provide -their own means to load engines. Also, applications which operate with -private keys, should use generic EVP_PKEY API instead of using RSA or -other algorithm-specific API. - -CONFIGURATION FILE - -Configuration file should include following statement in the global -section, i.e. before first bracketed section header (see config(5) for details) - - openssl_conf = openssl_def - -where openssl_def is name of the section in configuration file which -describes global defaults. - -This section should contain following statement: - - [openssl_def] - engines = engine_section - -which points to the section which describes list of the engines to be -loaded. This section should contain: - - [engine_section] - gost = gost_section - -And section which describes configuration of the engine should contain - - [gost_section] - engine_id = gost - dynamic_path = /usr/lib/ssl/engines/libgost.so - default_algorithms = ALL - CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet - -Where engine_id parameter specifies name of engine (should be "gost"). -dynamic_path is a location of the loadable shared library implementing the -engine. If the engine is compiled statically or is located in the OpenSSL -engines directory, this line can be omitted. -default_algorithms parameter specifies that all algorithms, provided by -engine, should be used. - -The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose -between different parameter sets of symmetric cipher algorithm. RFC 4357 -specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL -doesn't provide user interface to choose one when encrypting. So use engine -configuration parameter instead. - -Value of this parameter can be either short name, defined in OpenSSL -obj_dat.h header file or numeric representation of OID, defined in RFC -4357. - -USAGE WITH COMMAND LINE openssl UTILITY - -1. Generation of private key - - openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem - - Use -algorithm option to specify algorithm. - Use -pkeyopt option to pass paramset to algorithm. The following paramsets - are supported by - gost94: 0,A,B,C,D,XA,XB,XC - gost2001: 0,A,B,C,XA,XB - You can also use numeric representation of OID as to destinate - paramset. - - Paramsets starting with X are intended to use for key exchange keys. - Paramsets without X are for digital signature keys. - - Paramset for both algorithms 0 is the test paramset which should be used - only for test purposes. - -There are no algorithm-specific things with generation of certificate -request once you have a private key. - -2. Generation of certificate request along with private/public keypar - - openssl req -newkey gost2001 -pkeyopt paramset:A - - Syntax of -pkeyopt parameter is identical with genpkey command. - - You can also use oldstyle syntax -newkey gost2001:paramfile, but in - this case you should create parameter file first. - - It can be created with - - openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\ - -out paramfile. - -3. S/MIME operations - -If you want to send encrypted mail using GOST algorithms, don't forget -to specify -gost89 as encryption algorithm for OpenSSL smime command. -While OpenSSL is clever enough to find out that GOST R 34.11-94 digest -must be used for digital signing with GOST private key, it have no way -to derive symmetric encryption algorithm from key exchange keys. - -4. TLS operations - -OpenSSL supports all four ciphersuites defined in the IETF draft. -Once you've loaded GOST key and certificate into your TLS server, -ciphersuites which use GOST 28147-89 encryption are enabled. - -Ciphersuites with NULL encryption should be enabled explicitely if -needed. - -GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange - GOST 28147-89 for encryption and GOST 28147-89 MAC -GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 -GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange, - no encryption and HMAC, based on GOST R 34.11-94 - -Gost 94 and gost 2001 keys can be used simultaneously in the TLS server. -RSA, DSA and EC keys can be used simultaneously with GOST keys, if -server implementation supports loading more than two private -key/certificate pairs. In this case ciphersuites which use any of loaded -keys would be supported and clients can negotiate ones they wish. - -This allows creation of TLS servers which use GOST ciphersuites for -Russian clients and RSA/DSA ciphersuites for foreign clients. - -5. Calculation of digests and symmetric encryption - OpenSSL provides specific commands (like sha1, aes etc) for calculation - of digests and symmetric encryption. Since such commands cannot be - added dynamically, no such commands are provided for GOST algorithms. - Use generic commands 'dgst' and 'enc'. - - Calculation of GOST R 34.11-94 message digest - - openssl dgst -md_gost94 datafile - - Note that GOST R 34.11-94 specifies that digest value should be - interpreted as little-endian number, but OpenSSL outputs just hex dump - of digest value. - - So, to obtain correct digest value, such as produced by gostsum utility - included in the engine distribution, bytes of output should be - reversed. - - Calculation of HMAC based on GOST R 34.11-94 - - openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile - - (or use hexkey if key contain NUL bytes) - Calculation of GOST 28147 MAC - - openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile - - Note absence of an option that specifies digest algorithm. gost-mac - algorithm supports only one digest (which is actually part of - implementation of this mac) and OpenSSL is clever enough to find out - this. - - Encryption with GOST 28147 CFB mode - openssl enc -gost89 -out encrypted-file -in plain-text-file -k <passphrase> - Encryption with GOST 28147 CNT mode - openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k <passphrase> - - -6. Encrypting private keys and PKCS12 - -To produce PKCS12 files compatible with MagPro CSP, you need to use -GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94 -hash to derive key from password. - -openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\ - -certpbe gost89 -macalg md_gost94 - -7. Testing speed of symmetric ciphers. - -To test performance of GOST symmetric ciphers you should use -evp switch -of the openssl speed command. Engine-provided ciphers can be accessed only via -generic evp interface and not by cipher-specific functions. - - openssl speed -evp gost89 - openssl speed -evp gost89-cnt - - -PROGRAMMING INTERFACES DETAILS - -Applications should never access engine directly. They should only use provided -EVP_PKEY API. But there are some details, which should be taken into -account. - -EVP provides two kinds of API for key exchange: - -1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with - RSA-like public key encryption algorithms - -2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key -computing algorithms. - -Although VKO R 34.10 algorithms, described in the RFC 4357 are -definitely second case, engine provides BOTH API for GOST R 34.10 keys. - -EVP_PKEY_derive just invokes appropriate VKO algorithm and computes -256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key -material (UKM). This UKM should be transmitted to other party, so it is -not generated inside derive function. - -It should be set by EVP_PKEY_CTX_ctrl function using -EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but -before EVP_PKEY_derive. - unsigned char ukm[8]; - RAND_bytes(ukm,8); - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm) - -EVP_PKEY_encrypt encrypts provided session key with VKO shared key and -packs it into GOST key transport structure, described in the RFC 4490. - -It typically uses ephemeral key pair to compute shared key and packs its -public part along with encrypted key. So, for most cases use of -EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with -RSA. - -However, if peerkey field in the EVP_PKEY_CTX structure is set (using -EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private -key and uses same parameters as the public key from which this EVP_PKEY_CTX is -created, EVP_PKEY_encrypt will use this private key to compute shared key and -set ephemeral key in the GOST_key_transport structure to NULL. In this case -pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down. - -If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL -public key field, it tries to use peerkey field from the context to -compute shared key. In this case peerkey field should really contain -peer public key. - -Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well. -It can be used when some specific restriction on UKM are imposed by -higher level protocol. For instance, description of GOST ciphersuites -requires UKM to be derived from shared secret. - -If UKM is not set by this control command, encrypt operation would -generate random UKM. - - -These sources include implementation of GOST 28147-89 and GOST R 34.11-94 -which are completely independent from OpenSSL and can be used separately -(files gost89.c, gost89.h, gosthash.c, gosthash.h). Utility gostsum (file -gostsum.c) is provided as an example of such separate usage. This program is -similar to md5sum and sha1sum utilities, but calculates GOST R 34.11-94 hash. - -Makefile doesn't include rule for compiling gostsum. -Use command - -$(CC) -o gostsum gostsum.c gost89.c gosthash.c -where $(CC) is name of your C compiler. - -Implementations of GOST R 34.10-xx, including VKO algorithms heavily -depends on OpenSSL BIGNUM and Elliptic Curve libraries. - - diff --git a/engines/ccgost/e_gost_err.c b/engines/ccgost/e_gost_err.c deleted file mode 100644 index 80ef58f8ca3c..000000000000 --- a/engines/ccgost/e_gost_err.c +++ /dev/null @@ -1,221 +0,0 @@ -/* e_gost_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_gost_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA GOST_str_functs[] = { - {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"}, - {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"}, - {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"}, - {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"}, - {ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"}, - {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), - "GOST89_GET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), - "GOST89_SET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST94_COMPUTE_PUBLIC), "GOST94_COMPUTE_PUBLIC"}, - {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"}, - {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"}, - {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"}, - {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"}, - {ERR_FUNC(GOST_F_GOST_SIGN_KEYGEN), "GOST_SIGN_KEYGEN"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST94"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT), "PKEY_GOST01CP_DECRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "PKEY_GOST01CP_ENCRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST01CP_KEYGEN), "PKEY_GOST01CP_KEYGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE), "PKEY_GOST2001_DERIVE"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "PKEY_GOST94CP_DECRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "PKEY_GOST94CP_ENCRYPT"}, - {ERR_FUNC(GOST_F_PKEY_GOST94CP_KEYGEN), "PKEY_GOST94CP_KEYGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST94_PARAMGEN), "PKEY_GOST94_PARAMGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CTRL94_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_MAC_CTRL_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"}, - {ERR_FUNC(GOST_F_PRINT_GOST_01), "PRINT_GOST_01"}, - {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"}, - {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"}, - {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"}, - {0, NULL} -}; - -static ERR_STRING_DATA GOST_str_reasons[] = { - {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT), - "bad key parameters format"}, - {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT), - "bad pkey parameters format"}, - {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY), - "cannot pack ephemeral key"}, - {ERR_REASON(GOST_R_CTRL_CALL_FAILED), "ctrl call failed"}, - {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY), - "error computing shared key"}, - {ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO), - "error packing key transport info"}, - {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO), - "error parsing key transport info"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"}, - {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"}, - {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID), "invalid cipher param oid"}, - {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"}, - {ERR_REASON(GOST_R_INVALID_GOST94_PARMSET), "invalid gost94 parmset"}, - {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"}, - {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"}, - {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED), "key is not initalized"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"}, - {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"}, - {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"}, - {ERR_REASON(GOST_R_MALLOC_FAILURE), "malloc failure"}, - {ERR_REASON(GOST_R_NO_MEMORY), "no memory"}, - {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"}, - {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR), - "no private part of non ephemeral keypair"}, - {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"}, - {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED), - "random number generator failed"}, - {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"}, - {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q), - "signature parts greater than q"}, - {ERR_REASON(GOST_R_UKM_NOT_SET), "ukm not set"}, - {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND), - "unsupported cipher ctl command"}, - {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET), - "unsupported parameter set"}, - {0, NULL} -}; - -#endif - -#ifdef GOST_LIB_NAME -static ERR_STRING_DATA GOST_lib_name[] = { - {0, GOST_LIB_NAME}, - {0, NULL} -}; -#endif - -static int GOST_lib_error_code = 0; -static int GOST_error_init = 1; - -void ERR_load_GOST_strings(void) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - - if (GOST_error_init) { - GOST_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(GOST_lib_error_code, GOST_str_functs); - ERR_load_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - GOST_lib_name->error = ERR_PACK(GOST_lib_error_code, 0, 0); - ERR_load_strings(0, GOST_lib_name); -#endif - } -} - -void ERR_unload_GOST_strings(void) -{ - if (GOST_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(GOST_lib_error_code, GOST_str_functs); - ERR_unload_strings(GOST_lib_error_code, GOST_str_reasons); -#endif - -#ifdef GOST_LIB_NAME - ERR_unload_strings(0, GOST_lib_name); -#endif - GOST_error_init = 1; - } -} - -void ERR_GOST_error(int function, int reason, char *file, int line) -{ - if (GOST_lib_error_code == 0) - GOST_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(GOST_lib_error_code, function, reason, file, line); -} diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h deleted file mode 100644 index a2018ec4de9d..000000000000 --- a/engines/ccgost/e_gost_err.h +++ /dev/null @@ -1,158 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GOST_ERR_H -# define HEADER_GOST_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_GOST_strings(void); -void ERR_unload_GOST_strings(void); -void ERR_GOST_error(int function, int reason, char *file, int line); -# define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the GOST functions. */ - -/* Function codes. */ -# define GOST_F_DECODE_GOST_ALGOR_PARAMS 99 -# define GOST_F_ENCODE_GOST_ALGOR_PARAMS 100 -# define GOST_F_FILL_GOST2001_PARAMS 101 -# define GOST_F_FILL_GOST94_PARAMS 102 -# define GOST_F_GET_ENCRYPTION_PARAMS 103 -# define GOST_F_GOST2001_COMPUTE_PUBLIC 104 -# define GOST_F_GOST2001_DO_SIGN 105 -# define GOST_F_GOST2001_DO_VERIFY 106 -# define GOST_F_GOST2001_KEYGEN 107 -# define GOST_F_GOST89_GET_ASN1_PARAMETERS 108 -# define GOST_F_GOST89_SET_ASN1_PARAMETERS 109 -# define GOST_F_GOST94_COMPUTE_PUBLIC 110 -# define GOST_F_GOST_CIPHER_CTL 111 -# define GOST_F_GOST_DO_SIGN 112 -# define GOST_F_GOST_DO_VERIFY 113 -# define GOST_F_GOST_IMIT_CTRL 114 -# define GOST_F_GOST_IMIT_FINAL 140 -# define GOST_F_GOST_IMIT_UPDATE 115 -# define GOST_F_GOST_SIGN_KEYGEN 142 -# define GOST_F_PARAM_COPY_GOST01 116 -# define GOST_F_PARAM_COPY_GOST94 117 -# define GOST_F_PKEY_GOST01CP_DECRYPT 118 -# define GOST_F_PKEY_GOST01CP_ENCRYPT 119 -# define GOST_F_PKEY_GOST01CP_KEYGEN 120 -# define GOST_F_PKEY_GOST01_PARAMGEN 138 -# define GOST_F_PKEY_GOST2001_DERIVE 121 -# define GOST_F_PKEY_GOST94CP_DECRYPT 122 -# define GOST_F_PKEY_GOST94CP_ENCRYPT 123 -# define GOST_F_PKEY_GOST94CP_KEYGEN 124 -# define GOST_F_PKEY_GOST94_PARAMGEN 139 -# define GOST_F_PKEY_GOST_CTRL 125 -# define GOST_F_PKEY_GOST_CTRL01_STR 126 -# define GOST_F_PKEY_GOST_CTRL94_STR 127 -# define GOST_F_PKEY_GOST_MAC_CTRL 128 -# define GOST_F_PKEY_GOST_MAC_CTRL_STR 129 -# define GOST_F_PKEY_GOST_MAC_KEYGEN 130 -# define GOST_F_PRINT_GOST_01 131 -# define GOST_F_PRIV_DECODE_GOST 132 -# define GOST_F_PUB_DECODE_GOST01 133 -# define GOST_F_PUB_DECODE_GOST94 134 -# define GOST_F_PUB_ENCODE_GOST01 135 -# define GOST_F_UNPACK_CC_SIGNATURE 136 -# define GOST_F_UNPACK_CP_SIGNATURE 137 - -/* Reason codes. */ -# define GOST_R_BAD_KEY_PARAMETERS_FORMAT 99 -# define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 100 -# define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 101 -# define GOST_R_CTRL_CALL_FAILED 132 -# define GOST_R_ERROR_COMPUTING_SHARED_KEY 102 -# define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 103 -# define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 104 -# define GOST_R_INCOMPATIBLE_ALGORITHMS 105 -# define GOST_R_INCOMPATIBLE_PEER_KEY 131 -# define GOST_R_INVALID_CIPHER_PARAMS 106 -# define GOST_R_INVALID_CIPHER_PARAM_OID 107 -# define GOST_R_INVALID_DIGEST_TYPE 108 -# define GOST_R_INVALID_GOST94_PARMSET 109 -# define GOST_R_INVALID_IV_LENGTH 110 -# define GOST_R_INVALID_MAC_KEY_LENGTH 111 -# define GOST_R_INVALID_PARAMSET 112 -# define GOST_R_KEY_IS_NOT_INITALIZED 113 -# define GOST_R_KEY_IS_NOT_INITIALIZED 114 -# define GOST_R_KEY_PARAMETERS_MISSING 115 -# define GOST_R_MAC_KEY_NOT_SET 116 -# define GOST_R_MALLOC_FAILURE 117 -# define GOST_R_NO_MEMORY 118 -# define GOST_R_NO_PARAMETERS_SET 119 -# define GOST_R_NO_PEER_KEY 120 -# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 121 -# define GOST_R_PUBLIC_KEY_UNDEFINED 122 -# define GOST_R_RANDOM_GENERATOR_ERROR 123 -# define GOST_R_RANDOM_GENERATOR_FAILURE 124 -# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 125 -# define GOST_R_SIGNATURE_MISMATCH 126 -# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 127 -# define GOST_R_UKM_NOT_SET 128 -# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 129 -# define GOST_R_UNSUPPORTED_PARAMETER_SET 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c deleted file mode 100644 index 881d0d3c9097..000000000000 --- a/engines/ccgost/gost2001.c +++ /dev/null @@ -1,474 +0,0 @@ -/********************************************************************** - * gost2001.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.10-2001 * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include "gost_lcl.h" -#include "gost_params.h" -#include <string.h> -#include <openssl/rand.h> -#include <openssl/ecdsa.h> -#include <openssl/err.h> -#include "e_gost_err.h" -#ifdef DEBUG_SIGN -extern -void dump_signature(const char *message, const unsigned char *buffer, - size_t len); -void dump_dsa_sig(const char *message, DSA_SIG *sig); -#else - -# define dump_signature(a,b,c) -# define dump_dsa_sig(a,b) -#endif - -/* - * Fills EC_KEY structure hidden in the app_data field of DSA structure - * with parameter information, extracted from parameter array in - * params.c file. - * - * Also fils DSA->q field with copy of EC_GROUP order field to make - * DSA_size function work - */ -int fill_GOST2001_params(EC_KEY *eckey, int nid) -{ - R3410_2001_params *params = R3410_2001_paramset; - EC_GROUP *grp = NULL; - BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; - EC_POINT *P = NULL; - BN_CTX *ctx = BN_CTX_new(); - int ok = 0; - - if(!ctx) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - p = BN_CTX_get(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - q = BN_CTX_get(ctx); - if(!p || !a || !b || !x || !y || !q) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - while (params->nid != NID_undef && params->nid != nid) - params++; - if (params->nid == NID_undef) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - GOST_R_UNSUPPORTED_PARAMETER_SET); - goto err; - } - if(!BN_hex2bn(&p, params->p) - || !BN_hex2bn(&a, params->a) - || !BN_hex2bn(&b, params->b)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, - ERR_R_INTERNAL_ERROR); - goto err; - } - - grp = EC_GROUP_new_curve_GFp(p, a, b, ctx); - if(!grp) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - P = EC_POINT_new(grp); - if(!P) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE); - goto err; - } - - if(!BN_hex2bn(&x, params->x) - || !BN_hex2bn(&y, params->y) - || !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx) - || !BN_hex2bn(&q, params->q)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_KEYS - fprintf(stderr, "Set params index %d oid %s\nq=", - (params - R3410_2001_paramset), OBJ_nid2sn(params->nid)); - BN_print_fp(stderr, q); - fprintf(stderr, "\n"); -#endif - - if(!EC_GROUP_set_generator(grp, P, q, NULL)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - EC_GROUP_set_curve_name(grp, params->nid); - if(!EC_KEY_set_group(eckey, grp)) { - GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR); - goto err; - } - ok = 1; - err: - if (P) EC_POINT_free(P); - if (grp) EC_GROUP_free(grp); - if (ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; -} - -/* - * Computes gost2001 signature as DSA_SIG structure - * - * - */ -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) -{ - DSA_SIG *newsig = NULL, *ret = NULL; - BIGNUM *md = hashsum2bn(dgst); - BIGNUM *order = NULL; - const EC_GROUP *group; - const BIGNUM *priv_key; - BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k = - NULL, *e = NULL; - EC_POINT *C = NULL; - BN_CTX *ctx = BN_CTX_new(); - if(!ctx || !md) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - OPENSSL_assert(dlen == 32); - newsig = DSA_SIG_new(); - if (!newsig) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, GOST_R_NO_MEMORY); - goto err; - } - group = EC_KEY_get0_group(eckey); - if(!group) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - order = BN_CTX_get(ctx); - if(!order || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - priv_key = EC_KEY_get0_private_key(eckey); - if(!priv_key) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - e = BN_CTX_get(ctx); - if(!e || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum="); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q="); - BN_print_fp(stderr, e); - fprintf(stderr, "\n"); -#endif - if (BN_is_zero(e)) { - BN_one(e); - } - k = BN_CTX_get(ctx); - C = EC_POINT_new(group); - if(!k || !C) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - do { - do { - if (!BN_rand_range(k, order)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - goto err; - } - if (!EC_POINT_mul(group, C, k, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - if (!X) - X = BN_CTX_get(ctx); - if (!r) - r = BN_CTX_get(ctx); - if (!X || !r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB); - goto err; - } - - if(!BN_nnmod(r, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(r)); - /* s = (r*priv_key+k*e) mod order */ - if (!tmp) - tmp = BN_CTX_get(ctx); - if (!tmp2) - tmp2 = BN_CTX_get(ctx); - if (!s) - s = BN_CTX_get(ctx); - if (!tmp || !tmp2 || !s) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - if(!BN_mod_mul(tmp, priv_key, r, order, ctx) - || !BN_mod_mul(tmp2, k, e, order, ctx) - || !BN_mod_add(s, tmp, tmp2, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR); - goto err; - } - } - while (BN_is_zero(s)); - - newsig->s = BN_dup(s); - newsig->r = BN_dup(r); - if(!newsig->s || !newsig->r) { - GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - - ret = newsig; - err: - if(ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (C) EC_POINT_free(C); - if (md) BN_free(md); - if (!ret && newsig) { - DSA_SIG_free(newsig); - } - return ret; -} - -/* - * Verifies gost 2001 signature - * - */ -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec) -{ - BN_CTX *ctx = BN_CTX_new(); - const EC_GROUP *group = EC_KEY_get0_group(ec); - BIGNUM *order; - BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = - NULL; - BIGNUM *X = NULL, *tmp = NULL; - EC_POINT *C = NULL; - const EC_POINT *pub_key = NULL; - int ok = 0; - - if(!ctx || !group) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - BN_CTX_start(ctx); - order = BN_CTX_get(ctx); - e = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - z2 = BN_CTX_get(ctx); - tmp = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - R = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - if(!order || !e || !z1 || !z2 || !tmp || !X || !R || !v) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - - pub_key = EC_KEY_get0_public_key(ec); - if(!pub_key || !EC_GROUP_get_order(group, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - - if (BN_is_zero(sig->s) || BN_is_zero(sig->r) || - (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, - GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); - goto err; - - } - md = hashsum2bn(dgst); - - if(!md || !BN_mod(e, md, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "digest as bignum: "); - BN_print_fp(stderr, md); - fprintf(stderr, "\ndigest mod q: "); - BN_print_fp(stderr, e); -#endif - if (BN_is_zero(e) && !BN_one(e)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } - v = BN_mod_inverse(v, e, order, ctx); - if(!v - || !BN_mod_mul(z1, sig->s, v, order, ctx) - || !BN_sub(tmp, order, sig->r) - || !BN_mod_mul(z2, tmp, v, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nInverted digest value: "); - BN_print_fp(stderr, v); - fprintf(stderr, "\nz1: "); - BN_print_fp(stderr, z1); - fprintf(stderr, "\nz2: "); - BN_print_fp(stderr, z2); -#endif - C = EC_POINT_new(group); - if (!C) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, C, z1, pub_key, z2, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB); - goto err; - } - if(!BN_mod(R, X, order, ctx)) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR); - goto err; - } -#ifdef DEBUG_SIGN - fprintf(stderr, "\nX="); - BN_print_fp(stderr, X); - fprintf(stderr, "\nX mod q="); - BN_print_fp(stderr, R); - fprintf(stderr, "\n"); -#endif - if (BN_cmp(R, sig->r) != 0) { - GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); - } else { - ok = 1; - } - err: - if (C) EC_POINT_free(C); - if (ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (md) BN_free(md); - return ok; -} - -/* - * Computes GOST R 34.10-2001 public key - * - * - */ -int gost2001_compute_public(EC_KEY *ec) -{ - const EC_GROUP *group = EC_KEY_get0_group(ec); - EC_POINT *pub_key = NULL; - const BIGNUM *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if (!group) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, - GOST_R_KEY_IS_NOT_INITIALIZED); - return 0; - } - ctx = BN_CTX_new(); - if(!ctx) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - if (!(priv_key = EC_KEY_get0_private_key(ec))) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - - pub_key = EC_POINT_new(group); - if(!pub_key) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - if (!EC_KEY_set_public_key(ec, pub_key)) { - GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB); - goto err; - } - ok = 256; - err: - if (pub_key) EC_POINT_free(pub_key); - if (ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; -} - -/* - * - * Generates GOST R 34.10-2001 keypair - * - * - */ -int gost2001_keygen(EC_KEY *ec) -{ - BIGNUM *order = BN_new(), *d = BN_new(); - const EC_GROUP *group = NULL; - - if (order == NULL || d == NULL) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_MALLOC_FAILURE); - BN_free(d); - BN_free(order); - return 0; - } - - group = EC_KEY_get0_group(ec); - if(!group || !EC_GROUP_get_order(group, order, NULL)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - - do { - if (!BN_rand_range(d, order)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); - BN_free(d); - BN_free(order); - return 0; - } - } - while (BN_is_zero(d)); - - if(!EC_KEY_set_private_key(ec, d)) { - GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR); - BN_free(d); - BN_free(order); - return 0; - } - BN_free(d); - BN_free(order); - return gost2001_compute_public(ec); -} diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c deleted file mode 100644 index ac7862eab550..000000000000 --- a/engines/ccgost/gost2001_keyx.c +++ /dev/null @@ -1,294 +0,0 @@ -/********************************************************************** - * gost_keyx.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * VK0 34.10-2001 key exchange and GOST R 34.10-2001 * - * based PKCS7/SMIME support * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <openssl/evp.h> -#include <openssl/rand.h> -#include <string.h> -#include <openssl/objects.h> -#include "gost89.h" -#include "gosthash.h" -#include "e_gost_err.h" -#include "gost_keywrap.h" -#include "gost_lcl.h" -#include "gost2001_keyx.h" - -/* Implementation of CryptoPro VKO 34.10-2001 algorithm */ -static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, - const EC_POINT *pub_key, EC_KEY *priv_key, - const unsigned char *ukm) -{ - unsigned char ukm_be[8], databuf[64], hashbuf[64]; - BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL; - const BIGNUM *key = EC_KEY_get0_private_key(priv_key); - EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key)); - int i; - gost_hash_ctx hash_ctx; - BN_CTX *ctx = BN_CTX_new(); - - for (i = 0; i < 8; i++) { - ukm_be[7 - i] = ukm[i]; - } - BN_CTX_start(ctx); - UKM = getbnfrombuf(ukm_be, 8); - p = BN_CTX_get(ctx); - order = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx); - BN_mod_mul(p, key, UKM, order, ctx); - EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx); - EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key), - pnt, X, Y, ctx); - /* - * Serialize elliptic curve point same way as we do it when saving key - */ - store_bignum(Y, databuf, 32); - store_bignum(X, databuf + 32, 32); - /* And reverse byte order of whole buffer */ - for (i = 0; i < 64; i++) { - hashbuf[63 - i] = databuf[i]; - } - init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet); - start_hash(&hash_ctx); - hash_block(&hash_ctx, hashbuf, 64); - finish_hash(&hash_ctx, shared_key); - done_gost_hash_ctx(&hash_ctx); - BN_free(UKM); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(pnt); - return 32; -} - -/* - * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001 - * algorithm - */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen) -{ - /* - * Public key of peer in the ctx field peerkey Our private key in the ctx - * pkey ukm is in the algorithm specific context data - */ - EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx); - EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - - if (!data->shared_ukm) { - GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET); - return 0; - } - - if (key == NULL) { - *keylen = 32; - return 32; - } - - *keylen = - VKO_compute_key(key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)), - (EC_KEY *)EVP_PKEY_get0(my_key), data->shared_ukm); - return 1; -} - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptocom variation - */ -/* - * Generates ephemeral key based on pubk algorithm computes shared key using - * VKO and returns filled up GOST_KEY_TRANSPORT structure - */ - -/* - * EVP_PKEY_METHOD callback encrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ - -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, - size_t *out_len, const unsigned char *key, - size_t key_len) -{ - GOST_KEY_TRANSPORT *gkt = NULL; - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx); - const struct gost_cipher_info *param = get_encryption_params(NULL); - unsigned char ukm[8], shared_key[32], crypted_key[44]; - int ret = 0; - int key_is_ephemeral = 1; - gost_ctx cctx; - EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx); - if (data->shared_ukm) { - memcpy(ukm, data->shared_ukm, 8); - } else if (out) { - - if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); - return 0; - } - } - /* Check for private key in the peer_key of context */ - if (sec_key) { - key_is_ephemeral = 0; - if (!gost_get0_priv_key(sec_key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR); - goto err; - } - } else { - key_is_ephemeral = 1; - if (out) { - sec_key = EVP_PKEY_new(); - if (sec_key == NULL) - goto err; - EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new()); - EVP_PKEY_copy_parameters(sec_key, pubk); - if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) { - goto err; - } - } - } - if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) - && param == gost_cipher_list) { - param = gost_cipher_list + 1; - } - if (out) { - VKO_compute_key(shared_key, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)), - EVP_PKEY_get0(sec_key), ukm); - gost_init(&cctx, param->sblock); - keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key); - } - gkt = GOST_KEY_TRANSPORT_new(); - if (!gkt) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) { - goto err; - } - if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) { - goto err; - } - if (!ASN1_OCTET_STRING_set - (gkt->key_info->encrypted_key, crypted_key + 8, 32)) { - goto err; - } - if (key_is_ephemeral) { - if (!X509_PUBKEY_set - (&gkt->key_agreement_info->ephem_key, out ? sec_key : pubk)) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, - GOST_R_CANNOT_PACK_EPHEMERAL_KEY); - goto err; - } - } - ASN1_OBJECT_free(gkt->key_agreement_info->cipher); - gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid); - if (key_is_ephemeral && sec_key) - EVP_PKEY_free(sec_key); - if (!key_is_ephemeral) { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0) - ret = 1; - GOST_KEY_TRANSPORT_free(gkt); - return ret; - err: - if (key_is_ephemeral && sec_key) - EVP_PKEY_free(sec_key); - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} - -/* - * EVP_PKEY_METHOD callback decrypt - * Implementation of GOST2001 key transport, cryptopo variation - */ -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, - size_t *key_len, const unsigned char *in, - size_t in_len) -{ - const unsigned char *p = in; - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx); - GOST_KEY_TRANSPORT *gkt = NULL; - int ret = 0; - unsigned char wrappedKey[44]; - unsigned char sharedKey[32]; - gost_ctx ctx; - const struct gost_cipher_info *param = NULL; - EVP_PKEY *eph_key = NULL, *peerkey = NULL; - - if (!key) { - *key_len = 32; - return 1; - } - gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); - if (!gkt) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO); - return -1; - } - - /* If key transport structure contains public key, use it */ - eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); - if (eph_key) { - if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_INCOMPATIBLE_PEER_KEY); - goto err; - } - } else { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) - <= 0) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - peerkey = EVP_PKEY_CTX_get0_peerkey(pctx); - if (!peerkey) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_NO_PEER_KEY); - goto err; - } - - param = get_encryption_params(gkt->key_agreement_info->cipher); - if (!param) { - goto err; - } - - gost_init(&ctx, param->sblock); - OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); - memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); - OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); - memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); - OPENSSL_assert(gkt->key_info->imit->length == 4); - memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); - VKO_compute_key(sharedKey, 32, - EC_KEY_get0_public_key(EVP_PKEY_get0(peerkey)), - EVP_PKEY_get0(priv), wrappedKey); - if (!keyUnwrapCryptoPro(&ctx, sharedKey, wrappedKey, key)) { - GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, - GOST_R_ERROR_COMPUTING_SHARED_KEY); - goto err; - } - - ret = 1; - err: - if (eph_key) - EVP_PKEY_free(eph_key); - if (gkt) - GOST_KEY_TRANSPORT_free(gkt); - return ret; -} diff --git a/engines/ccgost/gost2001_keyx.h b/engines/ccgost/gost2001_keyx.h deleted file mode 100644 index 2d29113a3ae8..000000000000 --- a/engines/ccgost/gost2001_keyx.h +++ /dev/null @@ -1,10 +0,0 @@ -GOST_KEY_TRANSPORT *make_rfc4490_keytransport_2001(EVP_PKEY *pubk, - BIGNUM *eph_key, - const unsigned char *key, - size_t keylen, - unsigned char *ukm, - size_t ukm_len); - -int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv, - GOST_KEY_TRANSPORT * gkt, - unsigned char *key_buf, int key_buf_len); diff --git a/engines/ccgost/gost89.c b/engines/ccgost/gost89.c deleted file mode 100644 index 4ff4ddd7a565..000000000000 --- a/engines/ccgost/gost89.c +++ /dev/null @@ -1,576 +0,0 @@ -/********************************************************************** - * gost89.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST 28147-89 encryption algorithm * - * No OpenSSL libraries required to compile and use * - * this code * - **********************************************************************/ -#include <string.h> -#include "gost89.h" -/*- - Substitution blocks from RFC 4357 - - Note: our implementation of gost 28147-89 algorithm - uses S-box matrix rotated 90 degrees counterclockwise, relative to - examples given in RFC. - - -*/ - -/* Substitution blocks from test examples for GOST R 34.11-94*/ -gost_subst_block GostR3411_94_TestParamSet = { - {0X1, 0XF, 0XD, 0X0, 0X5, 0X7, 0XA, 0X4, 0X9, 0X2, 0X3, 0XE, 0X6, 0XB, - 0X8, 0XC} - , - {0XD, 0XB, 0X4, 0X1, 0X3, 0XF, 0X5, 0X9, 0X0, 0XA, 0XE, 0X7, 0X6, 0X8, - 0X2, 0XC} - , - {0X4, 0XB, 0XA, 0X0, 0X7, 0X2, 0X1, 0XD, 0X3, 0X6, 0X8, 0X5, 0X9, 0XC, - 0XF, 0XE} - , - {0X6, 0XC, 0X7, 0X1, 0X5, 0XF, 0XD, 0X8, 0X4, 0XA, 0X9, 0XE, 0X0, 0X3, - 0XB, 0X2} - , - {0X7, 0XD, 0XA, 0X1, 0X0, 0X8, 0X9, 0XF, 0XE, 0X4, 0X6, 0XC, 0XB, 0X2, - 0X5, 0X3} - , - {0X5, 0X8, 0X1, 0XD, 0XA, 0X3, 0X4, 0X2, 0XE, 0XF, 0XC, 0X7, 0X6, 0X0, - 0X9, 0XB} - , - {0XE, 0XB, 0X4, 0XC, 0X6, 0XD, 0XF, 0XA, 0X2, 0X3, 0X8, 0X1, 0X0, 0X7, - 0X5, 0X9} - , - {0X4, 0XA, 0X9, 0X2, 0XD, 0X8, 0X0, 0XE, 0X6, 0XB, 0X1, 0XC, 0X7, 0XF, - 0X5, 0X3} -}; - -/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */ -gost_subst_block GostR3411_94_CryptoProParamSet = { - {0x1, 0x3, 0xA, 0x9, 0x5, 0xB, 0x4, 0xF, 0x8, 0x6, 0x7, 0xE, 0xD, 0x0, - 0x2, 0xC} - , - {0xD, 0xE, 0x4, 0x1, 0x7, 0x0, 0x5, 0xA, 0x3, 0xC, 0x8, 0xF, 0x6, 0x2, - 0x9, 0xB} - , - {0x7, 0x6, 0x2, 0x4, 0xD, 0x9, 0xF, 0x0, 0xA, 0x1, 0x5, 0xB, 0x8, 0xE, - 0xC, 0x3} - , - {0x7, 0x6, 0x4, 0xB, 0x9, 0xC, 0x2, 0xA, 0x1, 0x8, 0x0, 0xE, 0xF, 0xD, - 0x3, 0x5} - , - {0x4, 0xA, 0x7, 0xC, 0x0, 0xF, 0x2, 0x8, 0xE, 0x1, 0x6, 0x5, 0xD, 0xB, - 0x9, 0x3} - , - {0x7, 0xF, 0xC, 0xE, 0x9, 0x4, 0x1, 0x0, 0x3, 0xB, 0x5, 0x2, 0x6, 0xA, - 0x8, 0xD} - , - {0x5, 0xF, 0x4, 0x0, 0x2, 0xD, 0xB, 0x9, 0x1, 0x7, 0x6, 0x3, 0xC, 0xE, - 0xA, 0x8} - , - {0xA, 0x4, 0x5, 0x6, 0x8, 0x1, 0x3, 0x7, 0xD, 0xC, 0xE, 0x0, 0x9, 0x2, - 0xB, 0xF} -}; - -/* Test paramset from GOST 28147 */ -gost_subst_block Gost28147_TestParamSet = { - {0xC, 0x6, 0x5, 0x2, 0xB, 0x0, 0x9, 0xD, 0x3, 0xE, 0x7, 0xA, 0xF, 0x4, - 0x1, 0x8} - , - {0x9, 0xB, 0xC, 0x0, 0x3, 0x6, 0x7, 0x5, 0x4, 0x8, 0xE, 0xF, 0x1, 0xA, - 0x2, 0xD} - , - {0x8, 0xF, 0x6, 0xB, 0x1, 0x9, 0xC, 0x5, 0xD, 0x3, 0x7, 0xA, 0x0, 0xE, - 0x2, 0x4} - , - {0x3, 0xE, 0x5, 0x9, 0x6, 0x8, 0x0, 0xD, 0xA, 0xB, 0x7, 0xC, 0x2, 0x1, - 0xF, 0x4} - , - {0xE, 0x9, 0xB, 0x2, 0x5, 0xF, 0x7, 0x1, 0x0, 0xD, 0xC, 0x6, 0xA, 0x4, - 0x3, 0x8} - , - {0xD, 0x8, 0xE, 0xC, 0x7, 0x3, 0x9, 0xA, 0x1, 0x5, 0x2, 0x4, 0x6, 0xF, - 0x0, 0xB} - , - {0xC, 0x9, 0xF, 0xE, 0x8, 0x1, 0x3, 0xA, 0x2, 0x7, 0x4, 0xD, 0x6, 0x0, - 0xB, 0x5} - , - {0x4, 0x2, 0xF, 0x5, 0x9, 0x1, 0x0, 0x8, 0xE, 0x3, 0xB, 0xC, 0xD, 0x7, - 0xA, 0x6} -}; - -/* 1.2.643.2.2.31.1 */ -gost_subst_block Gost28147_CryptoProParamSetA = { - {0xB, 0xA, 0xF, 0x5, 0x0, 0xC, 0xE, 0x8, 0x6, 0x2, 0x3, 0x9, 0x1, 0x7, - 0xD, 0x4} - , - {0x1, 0xD, 0x2, 0x9, 0x7, 0xA, 0x6, 0x0, 0x8, 0xC, 0x4, 0x5, 0xF, 0x3, - 0xB, 0xE} - , - {0x3, 0xA, 0xD, 0xC, 0x1, 0x2, 0x0, 0xB, 0x7, 0x5, 0x9, 0x4, 0x8, 0xF, - 0xE, 0x6} - , - {0xB, 0x5, 0x1, 0x9, 0x8, 0xD, 0xF, 0x0, 0xE, 0x4, 0x2, 0x3, 0xC, 0x7, - 0xA, 0x6} - , - {0xE, 0x7, 0xA, 0xC, 0xD, 0x1, 0x3, 0x9, 0x0, 0x2, 0xB, 0x4, 0xF, 0x8, - 0x5, 0x6} - , - {0xE, 0x4, 0x6, 0x2, 0xB, 0x3, 0xD, 0x8, 0xC, 0xF, 0x5, 0xA, 0x0, 0x7, - 0x1, 0x9} - , - {0x3, 0x7, 0xE, 0x9, 0x8, 0xA, 0xF, 0x0, 0x5, 0x2, 0x6, 0xC, 0xB, 0x4, - 0xD, 0x1} - , - {0x9, 0x6, 0x3, 0x2, 0x8, 0xB, 0x1, 0x7, 0xA, 0x4, 0xE, 0xF, 0xC, 0x0, - 0xD, 0x5} -}; - -/* 1.2.643.2.2.31.2 */ -gost_subst_block Gost28147_CryptoProParamSetB = { - {0x0, 0x4, 0xB, 0xE, 0x8, 0x3, 0x7, 0x1, 0xA, 0x2, 0x9, 0x6, 0xF, 0xD, - 0x5, 0xC} - , - {0x5, 0x2, 0xA, 0xB, 0x9, 0x1, 0xC, 0x3, 0x7, 0x4, 0xD, 0x0, 0x6, 0xF, - 0x8, 0xE} - , - {0x8, 0x3, 0x2, 0x6, 0x4, 0xD, 0xE, 0xB, 0xC, 0x1, 0x7, 0xF, 0xA, 0x0, - 0x9, 0x5} - , - {0x2, 0x7, 0xC, 0xF, 0x9, 0x5, 0xA, 0xB, 0x1, 0x4, 0x0, 0xD, 0x6, 0x8, - 0xE, 0x3} - , - {0x7, 0x5, 0x0, 0xD, 0xB, 0x6, 0x1, 0x2, 0x3, 0xA, 0xC, 0xF, 0x4, 0xE, - 0x9, 0x8} - , - {0xE, 0xC, 0x0, 0xA, 0x9, 0x2, 0xD, 0xB, 0x7, 0x5, 0x8, 0xF, 0x3, 0x6, - 0x1, 0x4} - , - {0x0, 0x1, 0x2, 0xA, 0x4, 0xD, 0x5, 0xC, 0x9, 0x7, 0x3, 0xF, 0xB, 0x8, - 0x6, 0xE} - , - {0x8, 0x4, 0xB, 0x1, 0x3, 0x5, 0x0, 0x9, 0x2, 0xE, 0xA, 0xC, 0xD, 0x6, - 0x7, 0xF} -}; - -/* 1.2.643.2.2.31.3 */ -gost_subst_block Gost28147_CryptoProParamSetC = { - {0x7, 0x4, 0x0, 0x5, 0xA, 0x2, 0xF, 0xE, 0xC, 0x6, 0x1, 0xB, 0xD, 0x9, - 0x3, 0x8} - , - {0xA, 0x9, 0x6, 0x8, 0xD, 0xE, 0x2, 0x0, 0xF, 0x3, 0x5, 0xB, 0x4, 0x1, - 0xC, 0x7} - , - {0xC, 0x9, 0xB, 0x1, 0x8, 0xE, 0x2, 0x4, 0x7, 0x3, 0x6, 0x5, 0xA, 0x0, - 0xF, 0xD} - , - {0x8, 0xD, 0xB, 0x0, 0x4, 0x5, 0x1, 0x2, 0x9, 0x3, 0xC, 0xE, 0x6, 0xF, - 0xA, 0x7} - , - {0x3, 0x6, 0x0, 0x1, 0x5, 0xD, 0xA, 0x8, 0xB, 0x2, 0x9, 0x7, 0xE, 0xF, - 0xC, 0x4} - , - {0x8, 0x2, 0x5, 0x0, 0x4, 0x9, 0xF, 0xA, 0x3, 0x7, 0xC, 0xD, 0x6, 0xE, - 0x1, 0xB} - , - {0x0, 0x1, 0x7, 0xD, 0xB, 0x4, 0x5, 0x2, 0x8, 0xE, 0xF, 0xC, 0x9, 0xA, - 0x6, 0x3} - , - {0x1, 0xB, 0xC, 0x2, 0x9, 0xD, 0x0, 0xF, 0x4, 0x5, 0x8, 0xE, 0xA, 0x7, - 0x6, 0x3} -}; - -/* 1.2.643.2.2.31.4 */ -gost_subst_block Gost28147_CryptoProParamSetD = { - {0x1, 0xA, 0x6, 0x8, 0xF, 0xB, 0x0, 0x4, 0xC, 0x3, 0x5, 0x9, 0x7, 0xD, - 0x2, 0xE} - , - {0x3, 0x0, 0x6, 0xF, 0x1, 0xE, 0x9, 0x2, 0xD, 0x8, 0xC, 0x4, 0xB, 0xA, - 0x5, 0x7} - , - {0x8, 0x0, 0xF, 0x3, 0x2, 0x5, 0xE, 0xB, 0x1, 0xA, 0x4, 0x7, 0xC, 0x9, - 0xD, 0x6} - , - {0x0, 0xC, 0x8, 0x9, 0xD, 0x2, 0xA, 0xB, 0x7, 0x3, 0x6, 0x5, 0x4, 0xE, - 0xF, 0x1} - , - {0x1, 0x5, 0xE, 0xC, 0xA, 0x7, 0x0, 0xD, 0x6, 0x2, 0xB, 0x4, 0x9, 0x3, - 0xF, 0x8} - , - {0x1, 0xC, 0xB, 0x0, 0xF, 0xE, 0x6, 0x5, 0xA, 0xD, 0x4, 0x8, 0x9, 0x3, - 0x7, 0x2} - , - {0xB, 0x6, 0x3, 0x4, 0xC, 0xF, 0xE, 0x2, 0x7, 0xD, 0x8, 0x0, 0x5, 0xA, - 0x9, 0x1} - , - {0xF, 0xC, 0x2, 0xA, 0x6, 0x4, 0x5, 0x0, 0x7, 0x9, 0xE, 0xD, 0x1, 0xB, - 0x8, 0x3} -}; - -const byte CryptoProKeyMeshingKey[] = { - 0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23, - 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4, - 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12, - 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B -}; - -/* Initialization of gost_ctx subst blocks*/ -static void kboxinit(gost_ctx * c, const gost_subst_block * b) -{ - int i; - - for (i = 0; i < 256; i++) { - c->k87[i] = (word32) (b->k8[i >> 4] << 4 | b->k7[i & 15]) << 24; - c->k65[i] = (b->k6[i >> 4] << 4 | b->k5[i & 15]) << 16; - c->k43[i] = (b->k4[i >> 4] << 4 | b->k3[i & 15]) << 8; - c->k21[i] = b->k2[i >> 4] << 4 | b->k1[i & 15]; - - } -} - -/* Part of GOST 28147 algorithm moved into separate function */ -static word32 f(gost_ctx * c, word32 x) -{ - x = c->k87[x >> 24 & 255] | c->k65[x >> 16 & 255] | - c->k43[x >> 8 & 255] | c->k21[x & 255]; - /* Rotate left 11 bits */ - return x << 11 | x >> (32 - 11); -} - -/* Low-level encryption routine - encrypts one 64 bit block*/ -void gostcrypt(gost_ctx * c, const byte * in, byte * out) -{ - register word32 n1, n2; /* As named in the GOST */ - n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24); - n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24); - /* Instead of swapping halves, swap names each round */ - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - out[0] = (byte) (n2 & 0xff); - out[1] = (byte) ((n2 >> 8) & 0xff); - out[2] = (byte) ((n2 >> 16) & 0xff); - out[3] = (byte) (n2 >> 24); - out[4] = (byte) (n1 & 0xff); - out[5] = (byte) ((n1 >> 8) & 0xff); - out[6] = (byte) ((n1 >> 16) & 0xff); - out[7] = (byte) (n1 >> 24); -} - -/* Low-level decryption routine. Decrypts one 64-bit block */ -void gostdecrypt(gost_ctx * c, const byte * in, byte * out) -{ - register word32 n1, n2; /* As named in the GOST */ - n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24); - n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - n2 ^= f(c, n1 + c->k[7]); - n1 ^= f(c, n2 + c->k[6]); - n2 ^= f(c, n1 + c->k[5]); - n1 ^= f(c, n2 + c->k[4]); - n2 ^= f(c, n1 + c->k[3]); - n1 ^= f(c, n2 + c->k[2]); - n2 ^= f(c, n1 + c->k[1]); - n1 ^= f(c, n2 + c->k[0]); - - out[0] = (byte) (n2 & 0xff); - out[1] = (byte) ((n2 >> 8) & 0xff); - out[2] = (byte) ((n2 >> 16) & 0xff); - out[3] = (byte) (n2 >> 24); - out[4] = (byte) (n1 & 0xff); - out[5] = (byte) ((n1 >> 8) & 0xff); - out[6] = (byte) ((n1 >> 16) & 0xff); - out[7] = (byte) (n1 >> 24); -} - -/* Encrypts several blocks in ECB mode */ -void gost_enc(gost_ctx * c, const byte * clear, byte * cipher, int blocks) -{ - int i; - for (i = 0; i < blocks; i++) { - gostcrypt(c, clear, cipher); - clear += 8; - cipher += 8; - } -} - -/* Decrypts several blocks in ECB mode */ -void gost_dec(gost_ctx * c, const byte * cipher, byte * clear, int blocks) -{ - int i; - for (i = 0; i < blocks; i++) { - gostdecrypt(c, cipher, clear); - clear += 8; - cipher += 8; - } -} - -/* Encrypts several full blocks in CFB mode using 8byte IV */ -void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear, - byte * cipher, int blocks) -{ - byte cur_iv[8]; - byte gamma[8]; - int i, j; - const byte *in; - byte *out; - memcpy(cur_iv, iv, 8); - for (i = 0, in = clear, out = cipher; i < blocks; i++, in += 8, out += 8) { - gostcrypt(ctx, cur_iv, gamma); - for (j = 0; j < 8; j++) { - cur_iv[j] = out[j] = in[j] ^ gamma[j]; - } - } -} - -/* Decrypts several full blocks in CFB mode using 8byte IV */ -void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher, - byte * clear, int blocks) -{ - byte cur_iv[8]; - byte gamma[8]; - int i, j; - const byte *in; - byte *out; - memcpy(cur_iv, iv, 8); - for (i = 0, in = cipher, out = clear; i < blocks; i++, in += 8, out += 8) { - gostcrypt(ctx, cur_iv, gamma); - for (j = 0; j < 8; j++) { - out[j] = (cur_iv[j] = in[j]) ^ gamma[j]; - } - } -} - -/* Encrypts one block using specified key */ -void gost_enc_with_key(gost_ctx * c, byte * key, byte * inblock, - byte * outblock) -{ - gost_key(c, key); - gostcrypt(c, inblock, outblock); -} - -/* Set 256 bit key into context */ -void gost_key(gost_ctx * c, const byte * k) -{ - int i, j; - for (i = 0, j = 0; i < 8; i++, j += 4) { - c->k[i] = - k[j] | (k[j + 1] << 8) | (k[j + 2] << 16) | ((word32) k[j + 3] << - 24); - } -} - -/* Retrieve 256-bit key from context */ -void gost_get_key(gost_ctx * c, byte * k) -{ - int i, j; - for (i = 0, j = 0; i < 8; i++, j += 4) { - k[j] = (byte) (c->k[i] & 0xFF); - k[j + 1] = (byte) ((c->k[i] >> 8) & 0xFF); - k[j + 2] = (byte) ((c->k[i] >> 16) & 0xFF); - k[j + 3] = (byte) ((c->k[i] >> 24) & 0xFF); - } -} - -/* Initalize context. Provides default value for subst_block */ -void gost_init(gost_ctx * c, const gost_subst_block * b) -{ - if (!b) { - b = &GostR3411_94_TestParamSet; - } - kboxinit(c, b); -} - -/* Cleans up key from context */ -void gost_destroy(gost_ctx * c) -{ - int i; - for (i = 0; i < 8; i++) - c->k[i] = 0; -} - -/* - * Compute GOST 28147 mac block Parameters gost_ctx *c - context initalized - * with substitution blocks and key buffer - 8-byte mac state buffer block - * 8-byte block to process. - */ -void mac_block(gost_ctx * c, byte * buffer, const byte * block) -{ - register word32 n1, n2; /* As named in the GOST */ - int i; - for (i = 0; i < 8; i++) { - buffer[i] ^= block[i]; - } - n1 = buffer[0] | (buffer[1] << 8) | (buffer[2] << 16) | ((word32) - buffer[3] << 24); - n2 = buffer[4] | (buffer[5] << 8) | (buffer[6] << 16) | ((word32) - buffer[7] << 24); - /* Instead of swapping halves, swap names each round */ - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - n2 ^= f(c, n1 + c->k[0]); - n1 ^= f(c, n2 + c->k[1]); - n2 ^= f(c, n1 + c->k[2]); - n1 ^= f(c, n2 + c->k[3]); - n2 ^= f(c, n1 + c->k[4]); - n1 ^= f(c, n2 + c->k[5]); - n2 ^= f(c, n1 + c->k[6]); - n1 ^= f(c, n2 + c->k[7]); - - buffer[0] = (byte) (n1 & 0xff); - buffer[1] = (byte) ((n1 >> 8) & 0xff); - buffer[2] = (byte) ((n1 >> 16) & 0xff); - buffer[3] = (byte) (n1 >> 24); - buffer[4] = (byte) (n2 & 0xff); - buffer[5] = (byte) ((n2 >> 8) & 0xff); - buffer[6] = (byte) ((n2 >> 16) & 0xff); - buffer[7] = (byte) (n2 >> 24); -} - -/* Get mac with specified number of bits from MAC state buffer */ -void get_mac(byte * buffer, int nbits, byte * out) -{ - int nbytes = nbits >> 3; - int rembits = nbits & 7; - int mask = rembits ? ((1 < rembits) - 1) : 0; - int i; - for (i = 0; i < nbytes; i++) - out[i] = buffer[i]; - if (rembits) - out[i] = buffer[i] & mask; -} - -/* - * Compute mac of specified length (in bits) from data. Context should be - * initialized with key and subst blocks - */ -int gost_mac(gost_ctx * ctx, int mac_len, const unsigned char *data, - unsigned int data_len, unsigned char *mac) -{ - byte buffer[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; - byte buf2[8]; - unsigned int i; - for (i = 0; i + 8 <= data_len; i += 8) - mac_block(ctx, buffer, data + i); - if (i < data_len) { - memset(buf2, 0, 8); - memcpy(buf2, data + i, data_len - i); - mac_block(ctx, buffer, buf2); - i += 8; - } - if (i == 8) { - memset(buf2, 0, 8); - mac_block(ctx, buffer, buf2); - } - get_mac(buffer, mac_len, mac); - return 1; -} - -/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */ -int gost_mac_iv(gost_ctx * ctx, int mac_len, const unsigned char *iv, - const unsigned char *data, unsigned int data_len, - unsigned char *mac) -{ - byte buffer[8]; - byte buf2[8]; - unsigned int i; - memcpy(buffer, iv, 8); - for (i = 0; i + 8 <= data_len; i += 8) - mac_block(ctx, buffer, data + i); - if (i < data_len) { - memset(buf2, 0, 8); - memcpy(buf2, data + i, data_len - i); - mac_block(ctx, buffer, buf2); - i += 8; - } - if (i == 8) { - memset(buf2, 0, 8); - mac_block(ctx, buffer, buf2); - } - get_mac(buffer, mac_len, mac); - return 1; -} - -/* Implements key meshing algorithm by modifing ctx and IV in place */ -void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv) -{ - unsigned char newkey[32], newiv[8]; - /* Set static keymeshing key */ - /* "Decrypt" key with keymeshing key */ - gost_dec(ctx, CryptoProKeyMeshingKey, newkey, 4); - /* set new key */ - gost_key(ctx, newkey); - /* Encrypt iv with new key */ - gostcrypt(ctx, iv, newiv); - memcpy(iv, newiv, 8); -} diff --git a/engines/ccgost/gost89.h b/engines/ccgost/gost89.h deleted file mode 100644 index e5b877f4482d..000000000000 --- a/engines/ccgost/gost89.h +++ /dev/null @@ -1,98 +0,0 @@ -/********************************************************************** - * gost89.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declarations for GOST 28147-89 encryption algorithm * - * No OpenSSL libraries required to compile and use * - * this code * - **********************************************************************/ -#ifndef GOST89_H -# define GOST89_H - -/* Typedef for unsigned 32-bit integer */ -# if __LONG_MAX__ > 2147483647L -typedef unsigned int u4; -# else -typedef unsigned long u4; -# endif -/* Typedef for unsigned 8-bit integer */ -typedef unsigned char byte; - -/* Internal representation of GOST substitution blocks */ -typedef struct { - byte k8[16]; - byte k7[16]; - byte k6[16]; - byte k5[16]; - byte k4[16]; - byte k3[16]; - byte k2[16]; - byte k1[16]; -} gost_subst_block; - -/* Cipher context includes key and preprocessed substitution block */ -typedef struct { - u4 k[8]; - /* Constant s-boxes -- set up in gost_init(). */ - u4 k87[256], k65[256], k43[256], k21[256]; -} gost_ctx; -/* - * Note: encrypt and decrypt expect full blocks--padding blocks is caller's - * responsibility. All bulk encryption is done in ECB mode by these calls. - * Other modes may be added easily enough. - */ -/* Encrypt several full blocks in ECB mode */ -void gost_enc(gost_ctx * ctx, const byte * clear, byte * cipher, int blocks); -/* Decrypt several full blocks in ECB mode */ -void gost_dec(gost_ctx * ctx, const byte * cipher, byte * clear, int blocks); -/* Encrypts several full blocks in CFB mode using 8byte IV */ -void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear, - byte * cipher, int blocks); -/* Decrypts several full blocks in CFB mode using 8byte IV */ -void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher, - byte * clear, int blocks); - -/* Encrypt one block */ -void gostcrypt(gost_ctx * c, const byte * in, byte * out); -/* Decrypt one block */ -void gostdecrypt(gost_ctx * c, const byte * in, byte * out); -/* Set key into context */ -void gost_key(gost_ctx * ctx, const byte * key); -/* Get key from context */ -void gost_get_key(gost_ctx * ctx, byte * key); -/* Set S-blocks into context */ -void gost_init(gost_ctx * ctx, const gost_subst_block * subst_block); -/* Clean up context */ -void gost_destroy(gost_ctx * ctx); -/* Intermediate function used for calculate hash */ -void gost_enc_with_key(gost_ctx *, byte * key, byte * inblock, - byte * outblock); -/* Compute MAC of given length in bits from data */ -int gost_mac(gost_ctx * ctx, int hmac_len, const unsigned char *data, - unsigned int data_len, unsigned char *hmac); -/* - * Compute MAC of given length in bits from data, using non-zero 8-byte IV - * (non-standard, for use in CryptoPro key transport only - */ -int gost_mac_iv(gost_ctx * ctx, int hmac_len, const unsigned char *iv, - const unsigned char *data, unsigned int data_len, - unsigned char *hmac); -/* Perform one step of MAC calculation like gostcrypt */ -void mac_block(gost_ctx * c, byte * buffer, const byte * block); -/* Extracts MAC value from mac state buffer */ -void get_mac(byte * buffer, int nbits, byte * out); -/* Implements cryptopro key meshing algorithm. Expect IV to be 8-byte size*/ -void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv); -/* Parameter sets specified in RFC 4357 */ -extern gost_subst_block GostR3411_94_TestParamSet; -extern gost_subst_block GostR3411_94_CryptoProParamSet; -extern gost_subst_block Gost28147_TestParamSet; -extern gost_subst_block Gost28147_CryptoProParamSetA; -extern gost_subst_block Gost28147_CryptoProParamSetB; -extern gost_subst_block Gost28147_CryptoProParamSetC; -extern gost_subst_block Gost28147_CryptoProParamSetD; -extern const byte CryptoProKeyMeshingKey[]; -typedef unsigned int word32; - -#endif diff --git a/engines/ccgost/gost94_keyx.c b/engines/ccgost/gost94_keyx.c deleted file mode 100644 index 3532bfff3e96..000000000000 --- a/engines/ccgost/gost94_keyx.c +++ /dev/null @@ -1,282 +0,0 @@ -/********************************************************************** - * gost94_keyx.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implements generation and parsing of GOST_KEY_TRANSPORT for * - * GOST R 34.10-94 algorithms * - * * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include <openssl/dh.h> -#include <openssl/rand.h> -#include <openssl/evp.h> -#include <openssl/objects.h> - -#include "gost89.h" -#include "gosthash.h" -#include "e_gost_err.h" -#include "gost_keywrap.h" -#include "gost_lcl.h" -/* Common functions for both 94 and 2001 key exchange schemes */ -/* - * Implementation of the Diffi-Hellman key agreement scheme based on GOST-94 - * keys - */ - -/* - * Computes Diffie-Hellman key and stores it into buffer in little-endian - * byte order as expected by both versions of GOST 94 algorithm - */ -static int compute_pair_key_le(unsigned char *pair_key, BIGNUM *pub_key, - DH *dh) -{ - unsigned char be_key[128]; - int i, key_size; - key_size = DH_compute_key(be_key, pub_key, dh); - if (!key_size) - return 0; - memset(pair_key, 0, 128); - for (i = 0; i < key_size; i++) { - pair_key[i] = be_key[key_size - 1 - i]; - } - return key_size; -} - -/* - * Computes 256 bit Key exchange key as specified in RFC 4357 - */ -static int make_cp_exchange_key(BIGNUM *priv_key, EVP_PKEY *pubk, - unsigned char *shared_key) -{ - unsigned char dh_key[128]; - int ret; - gost_hash_ctx hash_ctx; - DH *dh = DH_new(); - - if (!dh) - return 0; - memset(dh_key, 0, 128); - dh->g = BN_dup(pubk->pkey.dsa->g); - dh->p = BN_dup(pubk->pkey.dsa->p); - dh->priv_key = BN_dup(priv_key); - ret = - compute_pair_key_le(dh_key, ((DSA *)(EVP_PKEY_get0(pubk)))->pub_key, - dh); - DH_free(dh); - if (!ret) - return 0; - init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet); - start_hash(&hash_ctx); - hash_block(&hash_ctx, dh_key, 128); - finish_hash(&hash_ctx, shared_key); - done_gost_hash_ctx(&hash_ctx); - return 1; -} - -/* EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-94 */ - -int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) -{ - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_peerkey(ctx); - EVP_PKEY *mykey = EVP_PKEY_CTX_get0_pkey(ctx); - *keylen = 32; - if (key == NULL) - return 1; - - return make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, key); -} - -/* - * EVP_PKEY_METHOD callback encrypt for GOST R 34.10-94 cryptopro - * modification - */ - -int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *key, - size_t key_len) -{ - GOST_KEY_TRANSPORT *gkt = NULL; - unsigned char shared_key[32], ukm[8], crypted_key[44]; - const struct gost_cipher_info *param = get_encryption_params(NULL); - EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(ctx); - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - gost_ctx cctx; - int key_is_ephemeral = 1; - int tmp_outlen; - EVP_PKEY *mykey = EVP_PKEY_CTX_get0_peerkey(ctx); - - /* Do not use vizir cipher parameters with cryptopro */ - if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS) - && param == gost_cipher_list) { - param = gost_cipher_list + 1; - } - - if (mykey) { - /* If key already set, it is not ephemeral */ - key_is_ephemeral = 0; - if (!gost_get0_priv_key(mykey)) { - GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, - GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR); - goto err; - } - } else { - /* Otherwise generate ephemeral key */ - key_is_ephemeral = 1; - if (out) { - mykey = EVP_PKEY_new(); - if (!mykey) - goto memerr; - EVP_PKEY_assign(mykey, EVP_PKEY_base_id(pubk), DSA_new()); - EVP_PKEY_copy_parameters(mykey, pubk); - if (!gost_sign_keygen(EVP_PKEY_get0(mykey))) { - goto err; - } - } - } - if (out) - make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, shared_key); - if (data->shared_ukm) { - memcpy(ukm, data->shared_ukm, 8); - } else if (out) { - if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); - goto err; - } - } - - if (out) { - gost_init(&cctx, param->sblock); - keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key); - } - gkt = GOST_KEY_TRANSPORT_new(); - if (!gkt) { - goto memerr; - } - if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) { - goto memerr; - } - if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) { - goto memerr; - } - if (!ASN1_OCTET_STRING_set - (gkt->key_info->encrypted_key, crypted_key + 8, 32)) { - goto memerr; - } - if (key_is_ephemeral) { - if (!X509_PUBKEY_set - (&gkt->key_agreement_info->ephem_key, out ? mykey : pubk)) { - GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, - GOST_R_CANNOT_PACK_EPHEMERAL_KEY); - goto err; - } - if (out) - EVP_PKEY_free(mykey); - } - ASN1_OBJECT_free(gkt->key_agreement_info->cipher); - gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid); - tmp_outlen = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL); - if (tmp_outlen <= 0) { - GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, - GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO); - goto err; - } - *outlen = tmp_outlen; - if (!key_is_ephemeral) { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= - 0) { - GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - GOST_KEY_TRANSPORT_free(gkt); - return 1; - memerr: - if (key_is_ephemeral) { - EVP_PKEY_free(mykey); - } - GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, GOST_R_MALLOC_FAILURE); - err: - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} - -/* - * EVP_PLEY_METHOD callback decrypt for GOST R 34.10-94 cryptopro - * modification - */ -int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *key_len, const unsigned char *in, - size_t in_len) -{ - const unsigned char *p = in; - GOST_KEY_TRANSPORT *gkt = NULL; - unsigned char wrappedKey[44]; - unsigned char sharedKey[32]; - gost_ctx cctx; - const struct gost_cipher_info *param = NULL; - EVP_PKEY *eph_key = NULL, *peerkey = NULL; - EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(ctx); - - if (!key) { - *key_len = 32; - return 1; - } - - gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len); - if (!gkt) { - GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, - GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO); - return 0; - } - eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key); - if (eph_key) { - if (EVP_PKEY_derive_set_peer(ctx, eph_key) <= 0) { - GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, - GOST_R_INCOMPATIBLE_PEER_KEY); - goto err; - } - } else { - /* Set control "public key from client certificate used" */ - if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <= - 0) { - GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, GOST_R_CTRL_CALL_FAILED); - goto err; - } - } - peerkey = EVP_PKEY_CTX_get0_peerkey(ctx); - if (!peerkey) { - GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, GOST_R_NO_PEER_KEY); - goto err; - } - - param = get_encryption_params(gkt->key_agreement_info->cipher); - if (!param) { - goto err; - } - - gost_init(&cctx, param->sblock); - OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8); - memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8); - OPENSSL_assert(gkt->key_info->encrypted_key->length == 32); - memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32); - OPENSSL_assert(gkt->key_info->imit->length == 4); - memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4); - make_cp_exchange_key(gost_get0_priv_key(priv), peerkey, sharedKey); - if (!keyUnwrapCryptoPro(&cctx, sharedKey, wrappedKey, key)) { - GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, - GOST_R_ERROR_COMPUTING_SHARED_KEY); - goto err; - } - - EVP_PKEY_free(eph_key); - GOST_KEY_TRANSPORT_free(gkt); - return 1; - err: - EVP_PKEY_free(eph_key); - GOST_KEY_TRANSPORT_free(gkt); - return -1; -} diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c deleted file mode 100644 index 8283f192f4aa..000000000000 --- a/engines/ccgost/gost_ameth.c +++ /dev/null @@ -1,957 +0,0 @@ -/********************************************************************** - * gost_ameth.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of RFC 4490/4491 ASN1 method * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/engine.h> -#include <openssl/evp.h> -#include <openssl/asn1.h> -#ifndef OPENSSL_NO_CMS -# include <openssl/cms.h> -#endif -#include "gost_params.h" -#include "gost_lcl.h" -#include "e_gost_err.h" - -int gost94_nid_by_params(DSA *p) -{ - R3410_params *gost_params; - BIGNUM *q = BN_new(); - for (gost_params = R3410_paramset; gost_params->q != NULL; gost_params++) { - BN_dec2bn(&q, gost_params->q); - if (!BN_cmp(q, p->q)) { - BN_free(q); - return gost_params->nid; - } - } - BN_free(q); - return NID_undef; -} - -static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key) -{ - ASN1_STRING *params = ASN1_STRING_new(); - GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new(); - int pkey_param_nid = NID_undef; - - if (!params || !gkp) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - switch (EVP_PKEY_base_id(key)) { - case NID_id_GostR3410_2001: - pkey_param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)key))); - break; - case NID_id_GostR3410_94: - pkey_param_nid = - (int)gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key)); - if (pkey_param_nid == NID_undef) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, - GOST_R_INVALID_GOST94_PARMSET); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - break; - } - gkp->key_params = OBJ_nid2obj(pkey_param_nid); - gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet); - /* - * gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); - */ - params->length = i2d_GOST_KEY_PARAMS(gkp, ¶ms->data); - if (params->length <= 0) { - GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(params); - params = NULL; - goto err; - } - params->type = V_ASN1_SEQUENCE; - err: - GOST_KEY_PARAMS_free(gkp); - return params; -} - -/* - * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting - * NID and parameters - */ -static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg) -{ - ASN1_OBJECT *palg_obj = NULL; - int ptype = V_ASN1_UNDEF; - int pkey_nid = NID_undef, param_nid = NID_undef; - void *_pval; - ASN1_STRING *pval = NULL; - const unsigned char *p; - GOST_KEY_PARAMS *gkp = NULL; - - X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg); - pval = _pval; - if (ptype != V_ASN1_SEQUENCE) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, - GOST_R_BAD_KEY_PARAMETERS_FORMAT); - return 0; - } - p = pval->data; - pkey_nid = OBJ_obj2nid(palg_obj); - - gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length); - if (!gkp) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, - GOST_R_BAD_PKEY_PARAMETERS_FORMAT); - return 0; - } - param_nid = OBJ_obj2nid(gkp->key_params); - GOST_KEY_PARAMS_free(gkp); - if(!EVP_PKEY_set_type(pkey, pkey_nid)) { - GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR); - return 0; - } - switch (pkey_nid) { - case NID_id_GostR3410_94: - { - DSA *dsa = EVP_PKEY_get0(pkey); - if (!dsa) { - dsa = DSA_new(); - if (!EVP_PKEY_assign(pkey, pkey_nid, dsa)) - return 0; - } - if (!fill_GOST94_params(dsa, param_nid)) - return 0; - break; - } - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (!ec) { - ec = EC_KEY_new(); - if (!EVP_PKEY_assign(pkey, pkey_nid, ec)) - return 0; - } - if (!fill_GOST2001_params(ec, param_nid)) - return 0; - } - } - - return 1; -} - -static int gost_set_priv_key(EVP_PKEY *pkey, BIGNUM *priv) -{ - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_94: - { - DSA *dsa = EVP_PKEY_get0(pkey); - if (!dsa) { - dsa = DSA_new(); - EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), dsa); - } - dsa->priv_key = BN_dup(priv); - if (!EVP_PKEY_missing_parameters(pkey)) - gost94_compute_public(dsa); - break; - } - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (!ec) { - ec = EC_KEY_new(); - EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), ec); - } - if (!EC_KEY_set_private_key(ec, priv)) - return 0; - if (!EVP_PKEY_missing_parameters(pkey)) - gost2001_compute_public(ec); - break; - } - } - return 1; -} - -BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey) -{ - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_94: - { - DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey); - if (!dsa) { - return NULL; - } - if (!dsa->priv_key) - return NULL; - return dsa->priv_key; - break; - } - case NID_id_GostR3410_2001: - { - EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey); - const BIGNUM *priv; - if (!ec) { - return NULL; - } - if (!(priv = EC_KEY_get0_private_key(ec))) - return NULL; - return (BIGNUM *)priv; - break; - } - } - return NULL; -} - -static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1 = NULL, *alg2 = NULL; - int nid = EVP_PKEY_base_id(pkey); - PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO *)arg2, - NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), - V_ASN1_NULL, 0); - if (nid == NID_undef) { - return (-1); - } - X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); - } - return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1 = NULL, *alg2 = NULL; - int nid = EVP_PKEY_base_id(pkey); - CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2, - NULL, NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94), - V_ASN1_NULL, 0); - if (nid == NID_undef) { - return (-1); - } - X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0); - } - return 1; -#endif - case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: - if (arg1 == 0) { - X509_ALGOR *alg; - ASN1_STRING *params = encode_gost_algor_params(pkey); - if (!params) { - return -1; - } - PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), - V_ASN1_SEQUENCE, params); - } - return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (arg1 == 0) { - X509_ALGOR *alg = NULL; - ASN1_STRING *params = encode_gost_algor_params(pkey); - if (!params) { - return -1; - } - CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL, - NULL, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), V_ASN1_SEQUENCE, - params); - } - return 1; -#endif - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_GostR3411_94; - return 2; - } - - return -2; -} - -/* --------------------- free functions * ------------------------------*/ -static void pkey_free_gost94(EVP_PKEY *key) -{ - if (key->pkey.dsa) { - DSA_free(key->pkey.dsa); - } -} - -static void pkey_free_gost01(EVP_PKEY *key) -{ - if (key->pkey.ec) { - EC_KEY_free(key->pkey.ec); - } -} - -/* ------------------ private key functions -----------------------------*/ -static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf) -{ - const unsigned char *pkey_buf = NULL, *p = NULL; - int priv_len = 0; - BIGNUM *pk_num = NULL; - int ret = 0; - X509_ALGOR *palg = NULL; - ASN1_OBJECT *palg_obj = NULL; - ASN1_INTEGER *priv_key = NULL; - - if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf)) - return 0; - p = pkey_buf; - if (!decode_gost_algor_params(pk, palg)) { - return 0; - } - if (V_ASN1_OCTET_STRING == *p) { - /* New format - Little endian octet string */ - unsigned char rev_buf[32]; - int i; - ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len); - if (!s || s->length != 32) { - GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR); - return 0; - } - for (i = 0; i < 32; i++) { - rev_buf[31 - i] = s->data[i]; - } - ASN1_STRING_free(s); - pk_num = getbnfrombuf(rev_buf, 32); - } else { - priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len); - if (!priv_key) - return 0; - ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL); - ASN1_INTEGER_free(priv_key); - if (!ret) { - GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR); - return 0; - } - } - - ret = gost_set_priv_key(pk, pk_num); - BN_free(pk_num); - return ret; -} - -/* ----------------------------------------------------------------------*/ -static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - ASN1_STRING *params = encode_gost_algor_params(pk); - unsigned char *priv_buf = NULL; - int priv_len; - - ASN1_INTEGER *asn1key = NULL; - if (!params) { - return 0; - } - asn1key = BN_to_ASN1_INTEGER(gost_get0_priv_key(pk), NULL); - priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf); - ASN1_INTEGER_free(asn1key); - return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, - priv_buf, priv_len); -} - -/* --------- printing keys --------------------------------*/ -static int print_gost_94(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx, int type) -{ - int param_nid = NID_undef; - - if (type == 2) { - BIGNUM *key; - - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Private key: "); - key = gost_get0_priv_key(pkey); - if (!key) - BIO_printf(out, "<undefined>"); - else - BN_print(out, key); - BIO_printf(out, "\n"); - } - if (type >= 1) { - BIGNUM *pubkey; - - pubkey = ((DSA *)EVP_PKEY_get0((EVP_PKEY *)pkey))->pub_key; - BIO_indent(out, indent, 128); - BIO_printf(out, "Public key: "); - BN_print(out, pubkey); - BIO_printf(out, "\n"); - } - - param_nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey)); - BIO_indent(out, indent, 128); - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - return 1; -} - -static int param_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_94(out, pkey, indent, pctx, 0); -} - -static int pub_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_94(out, pkey, indent, pctx, 1); -} - -static int priv_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_94(out, pkey, indent, pctx, 2); -} - -static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx, int type) -{ - int param_nid = NID_undef; - if (type == 2) { - BIGNUM *key; - - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Private key: "); - key = gost_get0_priv_key(pkey); - if (!key) - BIO_printf(out, "<undefined)"); - else - BN_print(out, key); - BIO_printf(out, "\n"); - } - if (type >= 1) { - BN_CTX *ctx = BN_CTX_new(); - BIGNUM *X, *Y; - const EC_POINT *pubkey; - const EC_GROUP *group; - - if (!ctx) { - GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_MALLOC_FAILURE); - return 0; - } - BN_CTX_start(ctx); - X = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - pubkey = - EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); - group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey)); - if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) { - GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_EC_LIB); - BN_CTX_free(ctx); - return 0; - } - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Public key:\n"); - if (!BIO_indent(out, indent + 3, 128)) - return 0; - BIO_printf(out, "X:"); - BN_print(out, X); - BIO_printf(out, "\n"); - BIO_indent(out, indent + 3, 128); - BIO_printf(out, "Y:"); - BN_print(out, Y); - BIO_printf(out, "\n"); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - - param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid)); - return 1; -} - -static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 0); -} - -static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 1); -} - -static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - return print_gost_01(out, pkey, indent, pctx, 2); -} - -/* ---------------------------------------------------------------------*/ -static int param_missing_gost94(const EVP_PKEY *pk) -{ - const DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk); - if (!dsa) - return 1; - if (!dsa->q) - return 1; - return 0; -} - -static int param_missing_gost01(const EVP_PKEY *pk) -{ - const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); - if (!ec) - return 1; - if (!EC_KEY_get0_group(ec)) - return 1; - return 0; -} - -static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from) -{ - const DSA *dfrom = EVP_PKEY_get0((EVP_PKEY *)from); - DSA *dto = EVP_PKEY_get0(to); - if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) { - GOSTerr(GOST_F_PARAM_COPY_GOST94, GOST_R_INCOMPATIBLE_ALGORITHMS); - return 0; - } - if (!dfrom) { - GOSTerr(GOST_F_PARAM_COPY_GOST94, GOST_R_KEY_PARAMETERS_MISSING); - return 0; - } - if (!dto) { - dto = DSA_new(); - EVP_PKEY_assign(to, EVP_PKEY_base_id(from), dto); - } -#define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x); - COPYBIGNUM(dto, dfrom, p) - COPYBIGNUM(dto, dfrom, q) - COPYBIGNUM(dto, dfrom, g) - - if (dto->priv_key) - gost94_compute_public(dto); - return 1; -} - -static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from) -{ - EC_KEY *eto = EVP_PKEY_get0(to); - const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from); - if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_INCOMPATIBLE_ALGORITHMS); - return 0; - } - if (!efrom) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_KEY_PARAMETERS_MISSING); - return 0; - } - if (!eto) { - eto = EC_KEY_new(); - if(!eto) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - if(!EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto)) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR); - return 0; - } - } - if(!EC_KEY_set_group(eto, EC_KEY_get0_group(efrom))) { - GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR); - return 0; - } - if (EC_KEY_get0_private_key(eto)) { - gost2001_compute_public(eto); - } - return 1; -} - -static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a); - const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b); - if (!BN_cmp(da->q, db->q)) - return 1; - return 0; -} - -static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (EC_GROUP_get_curve_name - (EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a))) == - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)b)))) { - return 1; - } - return 0; - -} - -/* ---------- Public key functions * --------------------------------------*/ -static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub) -{ - X509_ALGOR *palg = NULL; - const unsigned char *pubkey_buf = NULL; - unsigned char *databuf; - ASN1_OBJECT *palgobj = NULL; - int pub_len, i, j; - DSA *dsa; - ASN1_OCTET_STRING *octet = NULL; - - if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)) - return 0; - EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL); - if (!decode_gost_algor_params(pk, palg)) - return 0; - octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); - if (!octet) { - GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE); - return 0; - } - databuf = OPENSSL_malloc(octet->length); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE); - return 0; - } - for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { - databuf[j] = octet->data[i]; - } - dsa = EVP_PKEY_get0(pk); - dsa->pub_key = BN_bin2bn(databuf, octet->length, NULL); - ASN1_OCTET_STRING_free(octet); - OPENSSL_free(databuf); - return 1; - -} - -static int pub_encode_gost94(X509_PUBKEY *pub, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = NULL; - ASN1_OCTET_STRING *octet = NULL; - void *pval = NULL; - unsigned char *buf = NULL, *databuf, *sptr; - int i, j, data_len, ret = 0; - - int ptype = V_ASN1_UNDEF; - DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk); - algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - if (pk->save_parameters) { - ASN1_STRING *params = encode_gost_algor_params(pk); - pval = params; - ptype = V_ASN1_SEQUENCE; - } - data_len = BN_num_bytes(dsa->pub_key); - databuf = OPENSSL_malloc(data_len); - if (databuf == NULL) - return 0; - BN_bn2bin(dsa->pub_key, databuf); - octet = ASN1_OCTET_STRING_new(); - ASN1_STRING_set(octet, NULL, data_len); - sptr = ASN1_STRING_data(octet); - for (i = 0, j = data_len - 1; i < data_len; i++, j--) { - sptr[i] = databuf[j]; - } - OPENSSL_free(databuf); - ret = i2d_ASN1_OCTET_STRING(octet, &buf); - ASN1_BIT_STRING_free(octet); - if (ret < 0) - return 0; - return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret); -} - -static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) -{ - X509_ALGOR *palg = NULL; - const unsigned char *pubkey_buf = NULL; - unsigned char *databuf; - ASN1_OBJECT *palgobj = NULL; - int pub_len, i, j; - EC_POINT *pub_key; - BIGNUM *X, *Y; - ASN1_OCTET_STRING *octet = NULL; - int len; - const EC_GROUP *group; - - if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)) - return 0; - EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL); - if (!decode_gost_algor_params(pk, palg)) - return 0; - group = EC_KEY_get0_group(EVP_PKEY_get0(pk)); - octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); - if (!octet) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - databuf = OPENSSL_malloc(octet->length); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) { - databuf[j] = octet->data[i]; - } - len = octet->length / 2; - ASN1_OCTET_STRING_free(octet); - - Y = getbnfrombuf(databuf, len); - X = getbnfrombuf(databuf + len, len); - OPENSSL_free(databuf); - pub_key = EC_POINT_new(group); - if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); - EC_POINT_free(pub_key); - BN_free(X); - BN_free(Y); - return 0; - } - BN_free(X); - BN_free(Y); - if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) { - GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); - EC_POINT_free(pub_key); - return 0; - } - EC_POINT_free(pub_key); - return 1; - -} - -static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk) -{ - ASN1_OBJECT *algobj = NULL; - ASN1_OCTET_STRING *octet = NULL; - void *pval = NULL; - unsigned char *buf = NULL, *databuf, *sptr; - int i, j, data_len, ret = 0; - const EC_POINT *pub_key; - BIGNUM *X, *Y, *order; - const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk); - int ptype = V_ASN1_UNDEF; - - algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - if (pk->save_parameters) { - ASN1_STRING *params = encode_gost_algor_params(pk); - pval = params; - ptype = V_ASN1_SEQUENCE; - } - order = BN_new(); - EC_GROUP_get_order(EC_KEY_get0_group(ec), order, NULL); - pub_key = EC_KEY_get0_public_key(ec); - if (!pub_key) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED); - return 0; - } - X = BN_new(); - Y = BN_new(); - if(!X || !Y) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - if(X) BN_free(X); - if(Y) BN_free(Y); - BN_free(order); - return 0; - } - if(!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec), - pub_key, X, Y, NULL)) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_INTERNAL_ERROR); - BN_free(X); - BN_free(Y); - BN_free(order); - return 0; - } - data_len = 2 * BN_num_bytes(order); - BN_free(order); - databuf = OPENSSL_malloc(data_len); - if (databuf == NULL) { - GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - return 0; - } - memset(databuf, 0, data_len); - - store_bignum(X, databuf + data_len / 2, data_len / 2); - store_bignum(Y, databuf, data_len / 2); - - BN_free(X); - BN_free(Y); - octet = ASN1_OCTET_STRING_new(); - ASN1_STRING_set(octet, NULL, data_len); - sptr = ASN1_STRING_data(octet); - for (i = 0, j = data_len - 1; i < data_len; i++, j--) { - sptr[i] = databuf[j]; - } - OPENSSL_free(databuf); - ret = i2d_ASN1_OCTET_STRING(octet, &buf); - ASN1_BIT_STRING_free(octet); - if (ret < 0) - return 0; - return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret); -} - -static int pub_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a); - const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b); - if (da && db && da->pub_key && db->pub_key - && !BN_cmp(da->pub_key, db->pub_key)) { - return 1; - } - return 0; -} - -static int pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a); - const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b); - const EC_POINT *ka, *kb; - int ret = 0; - if (!ea || !eb) - return 0; - ka = EC_KEY_get0_public_key(ea); - kb = EC_KEY_get0_public_key(eb); - if (!ka || !kb) - return 0; - ret = (0 == EC_POINT_cmp(EC_KEY_get0_group(ea), ka, kb, NULL)); - return ret; -} - -static int pkey_size_gost(const EVP_PKEY *pk) -{ - return 64; -} - -static int pkey_bits_gost(const EVP_PKEY *pk) -{ - return 256; -} - -/* ---------------------- ASN1 METHOD for GOST MAC -------------------*/ -static void mackey_free_gost(EVP_PKEY *pk) -{ - if (pk->pkey.ptr) { - OPENSSL_free(pk->pkey.ptr); - } -} - -static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_id_Gost28147_89_MAC; - return 2; - } - return -2; -} - -static int gost94_param_encode(const EVP_PKEY *pkey, unsigned char **pder) -{ - int nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey)); - return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder); -} - -static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder) -{ - int nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder); -} - -static int gost94_param_decode(EVP_PKEY *pkey, const unsigned char **pder, - int derlen) -{ - ASN1_OBJECT *obj = NULL; - DSA *dsa = EVP_PKEY_get0(pkey); - int nid; - if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) { - return 0; - } - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - if (!dsa) { - dsa = DSA_new(); - if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa)) - return 0; - } - if (!fill_GOST94_params(dsa, nid)) - return 0; - return 1; -} - -static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder, - int derlen) -{ - ASN1_OBJECT *obj = NULL; - int nid; - EC_KEY *ec = EVP_PKEY_get0(pkey); - if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) { - return 0; - } - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - if (!ec) { - ec = EC_KEY_new(); - if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec)) - return 0; - } - if (!fill_GOST2001_params(ec, nid)) - return 0; - return 1; -} - -/* ----------------------------------------------------------------------*/ -int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, - const char *pemstr, const char *info) -{ - *ameth = EVP_PKEY_asn1_new(nid, ASN1_PKEY_SIGPARAM_NULL, pemstr, info); - if (!*ameth) - return 0; - switch (nid) { - case NID_id_GostR3410_94: - EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost94); - EVP_PKEY_asn1_set_private(*ameth, - priv_decode_gost, priv_encode_gost, - priv_print_gost94); - - EVP_PKEY_asn1_set_param(*ameth, - gost94_param_decode, gost94_param_encode, - param_missing_gost94, param_copy_gost94, - param_cmp_gost94, param_print_gost94); - EVP_PKEY_asn1_set_public(*ameth, - pub_decode_gost94, pub_encode_gost94, - pub_cmp_gost94, pub_print_gost94, - pkey_size_gost, pkey_bits_gost); - - EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost); - break; - case NID_id_GostR3410_2001: - EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost01); - EVP_PKEY_asn1_set_private(*ameth, - priv_decode_gost, priv_encode_gost, - priv_print_gost01); - - EVP_PKEY_asn1_set_param(*ameth, - gost2001_param_decode, gost2001_param_encode, - param_missing_gost01, param_copy_gost01, - param_cmp_gost01, param_print_gost01); - EVP_PKEY_asn1_set_public(*ameth, - pub_decode_gost01, pub_encode_gost01, - pub_cmp_gost01, pub_print_gost01, - pkey_size_gost, pkey_bits_gost); - - EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost); - break; - case NID_id_Gost28147_89_MAC: - EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost); - EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost); - break; - } - return 1; -} diff --git a/engines/ccgost/gost_asn1.c b/engines/ccgost/gost_asn1.c deleted file mode 100644 index 11686339b7a5..000000000000 --- a/engines/ccgost/gost_asn1.c +++ /dev/null @@ -1,56 +0,0 @@ -/********************************************************************** - * gost_keytrans.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * ASN1 structure definition for GOST key transport * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <stdio.h> -#include <openssl/asn1t.h> -#include <openssl/x509.h> -#include "gost_lcl.h" - -ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = { - ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO), - ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) - -ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = { - ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO) - -ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = { - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT), - ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0), - ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING) -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - -ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = { - ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT), - ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT), - ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS) - -ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = { - ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING), - ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT), -} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS) - -IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) - -ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */ - ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT) -} - -ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c deleted file mode 100644 index 2bbdc6ccd67a..000000000000 --- a/engines/ccgost/gost_crypt.c +++ /dev/null @@ -1,623 +0,0 @@ -/********************************************************************** - * gost_crypt.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * OpenSSL interface to GOST 28147-89 cipher functions * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include "gost89.h" -#include <openssl/rand.h> -#include "e_gost_err.h" -#include "gost_lcl.h" - -#if !defined(CCGOST_DEBUG) && !defined(DEBUG) -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include <assert.h> - -static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -/* Handles block of data in CFB mode */ -static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -/* Handles block of data in CNT mode */ -static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -/* Cleanup function */ -static int gost_cipher_cleanup(EVP_CIPHER_CTX *); -/* set/get cipher parameters */ -static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params); -static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params); -/* Control function */ -static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); - -EVP_CIPHER cipher_gost = { - NID_id_Gost28147_89, - 1, /* block_size */ - 32, /* key_size */ - 8, /* iv_len */ - EVP_CIPH_CFB_MODE | EVP_CIPH_NO_PADDING | - EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT, - gost_cipher_init, - gost_cipher_do_cfb, - gost_cipher_cleanup, - sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */ - gost89_set_asn1_parameters, - gost89_get_asn1_parameters, - gost_cipher_ctl, - NULL, -}; - -EVP_CIPHER cipher_gost_cpacnt = { - NID_gost89_cnt, - 1, /* block_size */ - 32, /* key_size */ - 8, /* iv_len */ - EVP_CIPH_OFB_MODE | EVP_CIPH_NO_PADDING | - EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT, - gost_cipher_init_cpa, - gost_cipher_do_cnt, - gost_cipher_cleanup, - sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */ - gost89_set_asn1_parameters, - gost89_get_asn1_parameters, - gost_cipher_ctl, - NULL, -}; - -/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */ -/* Init functions which set specific parameters */ -static int gost_imit_init_cpa(EVP_MD_CTX *ctx); -/* process block of data */ -static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count); -/* Return computed value */ -static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md); -/* Copies context */ -static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_imit_cleanup(EVP_MD_CTX *ctx); -/* Control function, knows how to set MAC key.*/ -static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr); - -EVP_MD imit_gost_cpa = { - NID_id_Gost28147_89_MAC, - NID_undef, - 4, - 0, - gost_imit_init_cpa, - gost_imit_update, - gost_imit_final, - gost_imit_copy, - gost_imit_cleanup, - NULL, - NULL, - {0, 0, 0, 0, 0}, - 8, - sizeof(struct ossl_gost_imit_ctx), - gost_imit_ctrl -}; - -/* - * Correspondence between gost parameter OIDs and substitution blocks - * NID field is filed by register_gost_NID function in engine.c - * upon engine initialization - */ - -struct gost_cipher_info gost_cipher_list[] = { - /*- NID *//* - * Subst block - *//* - * Key meshing - */ - /* - * {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0}, - */ - {NID_id_Gost28147_89_cc, &GostR3411_94_CryptoProParamSet, 0}, - {NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA, - 1}, - {NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB, - 1}, - {NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC, - 1}, - {NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD, - 1}, - {NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1}, - {NID_undef, NULL, 0} -}; - -/* - * get encryption parameters from crypto network settings FIXME For now we - * use environment var CRYPT_PARAMS as place to store these settings. - * Actually, it is better to use engine control command, read from - * configuration file to set them - */ -const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj) -{ - int nid; - struct gost_cipher_info *param; - if (!obj) { - const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS); - if (!params || !strlen(params)) - return &gost_cipher_list[1]; - - nid = OBJ_txt2nid(params); - if (nid == NID_undef) { - GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, - GOST_R_INVALID_CIPHER_PARAM_OID); - return NULL; - } - } else { - nid = OBJ_obj2nid(obj); - } - for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid; - param++) ; - if (!param->sblock) { - GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS); - return NULL; - } - return param; -} - -/* Sets cipher param from paramset NID. */ -static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid) -{ - const struct gost_cipher_info *param; - param = - get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid))); - if (!param) - return 0; - - c->paramNID = param->nid; - c->key_meshing = param->key_meshing; - c->count = 0; - gost_init(&(c->cctx), param->sblock); - return 1; -} - -/* Initializes EVP_CIPHER_CTX by paramset NID */ -static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx, - const unsigned char *key, - const unsigned char *iv, int enc, - int paramNID, int mode) -{ - struct ossl_gost_cipher_ctx *c = ctx->cipher_data; - if (ctx->app_data == NULL) { - if (!gost_cipher_set_param(c, paramNID)) - return 0; - ctx->app_data = ctx->cipher_data; - } - if (key) - gost_key(&(c->cctx), key); - if (iv) - memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); - return 1; -} - -static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - struct ossl_gost_cipher_ctx *c = ctx->cipher_data; - gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA); - c->key_meshing = 1; - c->count = 0; - if (key) - gost_key(&(c->cctx), key); - if (iv) - memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); - return 1; -} - -/* Initializes EVP_CIPHER_CTX with default values */ -int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - return gost_cipher_init_param(ctx, key, iv, enc, NID_undef, - EVP_CIPH_CFB_MODE); -} - -/* - * Wrapper around gostcrypt function from gost89.c which perform key meshing - * when nesseccary - */ -static void gost_crypt_mesh(void *ctx, unsigned char *iv, unsigned char *buf) -{ - struct ossl_gost_cipher_ctx *c = ctx; - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), iv); - } - gostcrypt(&(c->cctx), iv, buf); - c->count = c->count % 1024 + 8; -} - -static void gost_cnt_next(void *ctx, unsigned char *iv, unsigned char *buf) -{ - struct ossl_gost_cipher_ctx *c = ctx; - word32 g, go; - unsigned char buf1[8]; - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), iv); - } - if (c->count == 0) { - gostcrypt(&(c->cctx), iv, buf1); - } else { - memcpy(buf1, iv, 8); - } - g = buf1[0] | (buf1[1] << 8) | (buf1[2] << 16) | ((word32) buf1[3] << 24); - g += 0x01010101; - buf1[0] = (unsigned char)(g & 0xff); - buf1[1] = (unsigned char)((g >> 8) & 0xff); - buf1[2] = (unsigned char)((g >> 16) & 0xff); - buf1[3] = (unsigned char)((g >> 24) & 0xff); - g = buf1[4] | (buf1[5] << 8) | (buf1[6] << 16) | ((word32) buf1[7] << 24); - go = g; - g += 0x01010104; - if (go > g) /* overflow */ - g++; - buf1[4] = (unsigned char)(g & 0xff); - buf1[5] = (unsigned char)((g >> 8) & 0xff); - buf1[6] = (unsigned char)((g >> 16) & 0xff); - buf1[7] = (unsigned char)((g >> 24) & 0xff); - memcpy(iv, buf1, 8); - gostcrypt(&(c->cctx), buf1, buf); - c->count = c->count % 1024 + 8; -} - -/* GOST encryption in CFB mode */ -int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - const unsigned char *in_ptr = in; - unsigned char *out_ptr = out; - size_t i = 0; - size_t j = 0; -/* process partial block if any */ - if (ctx->num) { - for (j = ctx->num, i = 0; j < 8 && i < inl; - j++, i++, in_ptr++, out_ptr++) { - if (!ctx->encrypt) - ctx->buf[j + 8] = *in_ptr; - *out_ptr = ctx->buf[j] ^ (*in_ptr); - if (ctx->encrypt) - ctx->buf[j + 8] = *out_ptr; - } - if (j == 8) { - memcpy(ctx->iv, ctx->buf + 8, 8); - ctx->num = 0; - } else { - ctx->num = j; - return 1; - } - } - - for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) { - /* - * block cipher current iv - */ - gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf); - /* - * xor next block of input text with it and output it - */ - /* - * output this block - */ - if (!ctx->encrypt) - memcpy(ctx->iv, in_ptr, 8); - for (j = 0; j < 8; j++) { - out_ptr[j] = ctx->buf[j] ^ in_ptr[j]; - } - /* Encrypt */ - /* Next iv is next block of cipher text */ - if (ctx->encrypt) - memcpy(ctx->iv, out_ptr, 8); - } -/* Process rest of buffer */ - if (i < inl) { - gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf); - if (!ctx->encrypt) - memcpy(ctx->buf + 8, in_ptr, inl - i); - for (j = 0; i < inl; j++, i++) { - out_ptr[j] = ctx->buf[j] ^ in_ptr[j]; - } - ctx->num = j; - if (ctx->encrypt) - memcpy(ctx->buf + 8, out_ptr, j); - } else { - ctx->num = 0; - } - return 1; -} - -static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - const unsigned char *in_ptr = in; - unsigned char *out_ptr = out; - size_t i = 0; - size_t j; -/* process partial block if any */ - if (ctx->num) { - for (j = ctx->num, i = 0; j < 8 && i < inl; - j++, i++, in_ptr++, out_ptr++) { - *out_ptr = ctx->buf[j] ^ (*in_ptr); - } - if (j == 8) { - ctx->num = 0; - } else { - ctx->num = j; - return 1; - } - } - - for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) { - /* - * block cipher current iv - */ - /* Encrypt */ - gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf); - /* - * xor next block of input text with it and output it - */ - /* - * output this block - */ - for (j = 0; j < 8; j++) { - out_ptr[j] = ctx->buf[j] ^ in_ptr[j]; - } - } -/* Process rest of buffer */ - if (i < inl) { - gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf); - for (j = 0; i < inl; j++, i++) { - out_ptr[j] = ctx->buf[j] ^ in_ptr[j]; - } - ctx->num = j; - } else { - ctx->num = 0; - } - return 1; -} - -/* Cleaning up of EVP_CIPHER_CTX */ -int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx) -{ - gost_destroy(&((struct ossl_gost_cipher_ctx *)ctx->cipher_data)->cctx); - ctx->app_data = NULL; - return 1; -} - -/* Control function for gost cipher */ -int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_CTRL_RAND_KEY: - { - if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) { - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_RANDOM_GENERATOR_ERROR); - return -1; - } - break; - } - case EVP_CTRL_PBE_PRF_NID: - if (ptr) { - *((int *)ptr) = NID_id_HMACGostR3411_94; - return 1; - } else { - return 0; - } - - default: - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND); - return -1; - } - return 1; -} - -/* Set cipher parameters from ASN1 structure */ -int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int len = 0; - unsigned char *buf = NULL; - unsigned char *p = NULL; - struct ossl_gost_cipher_ctx *c = ctx->cipher_data; - GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); - ASN1_OCTET_STRING *os = NULL; - if (!gcp) { - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY); - return 0; - } - if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY); - return 0; - } - ASN1_OBJECT_free(gcp->enc_param_set); - gcp->enc_param_set = OBJ_nid2obj(c->paramNID); - - len = i2d_GOST_CIPHER_PARAMS(gcp, NULL); - p = buf = (unsigned char *)OPENSSL_malloc(len); - if (!buf) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY); - return 0; - } - i2d_GOST_CIPHER_PARAMS(gcp, &p); - GOST_CIPHER_PARAMS_free(gcp); - - os = ASN1_OCTET_STRING_new(); - - if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) { - OPENSSL_free(buf); - GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY); - return 0; - } - OPENSSL_free(buf); - - ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); - return 1; -} - -/* Store parameters into ASN1 structure */ -int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) -{ - int ret = -1; - int len; - GOST_CIPHER_PARAMS *gcp = NULL; - unsigned char *p; - struct ossl_gost_cipher_ctx *c = ctx->cipher_data; - if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) { - return ret; - } - - p = params->value.sequence->data; - - gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p, - params->value.sequence->length); - - len = gcp->iv->length; - if (len != ctx->cipher->iv_len) { - GOST_CIPHER_PARAMS_free(gcp); - GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH); - return -1; - } - if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) { - GOST_CIPHER_PARAMS_free(gcp); - return -1; - } - memcpy(ctx->oiv, gcp->iv->data, len); - - GOST_CIPHER_PARAMS_free(gcp); - - return 1; -} - -int gost_imit_init_cpa(EVP_MD_CTX *ctx) -{ - struct ossl_gost_imit_ctx *c = ctx->md_data; - memset(c->buffer, 0, sizeof(c->buffer)); - memset(c->partial_block, 0, sizeof(c->partial_block)); - c->count = 0; - c->bytes_left = 0; - c->key_meshing = 1; - gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA); - return 1; -} - -static void mac_block_mesh(struct ossl_gost_imit_ctx *c, - const unsigned char *data) -{ - unsigned char buffer[8]; - /* - * We are using local buffer for iv because CryptoPro doesn't interpret - * internal state of MAC algorithm as iv during keymeshing (but does - * initialize internal state from iv in key transport - */ - assert(c->count % 8 == 0 && c->count <= 1024); - if (c->key_meshing && c->count == 1024) { - cryptopro_key_meshing(&(c->cctx), buffer); - } - mac_block(&(c->cctx), c->buffer, data); - c->count = c->count % 1024 + 8; -} - -int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - struct ossl_gost_imit_ctx *c = ctx->md_data; - const unsigned char *p = data; - size_t bytes = count, i; - if (!(c->key_set)) { - GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - if (c->bytes_left) { - for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) { - c->partial_block[i] = *p; - } - if (i == 8) { - mac_block_mesh(c, c->partial_block); - } else { - c->bytes_left = i; - return 1; - } - } - while (bytes > 8) { - mac_block_mesh(c, p); - p += 8; - bytes -= 8; - } - if (bytes > 0) { - memcpy(c->partial_block, p, bytes); - } - c->bytes_left = bytes; - return 1; -} - -int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - struct ossl_gost_imit_ctx *c = ctx->md_data; - if (!c->key_set) { - GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - if (c->count == 0 && c->bytes_left) { - unsigned char buffer[8]; - memset(buffer, 0, 8); - gost_imit_update(ctx, buffer, 8); - } - if (c->bytes_left) { - int i; - for (i = c->bytes_left; i < 8; i++) { - c->partial_block[i] = 0; - } - mac_block_mesh(c, c->partial_block); - } - get_mac(c->buffer, 32, md); - return 1; -} - -int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_MD_CTRL_KEY_LEN: - *((unsigned int *)(ptr)) = 32; - return 1; - case EVP_MD_CTRL_SET_KEY: - { - if (arg != 32) { - GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx), - ptr); - ((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1; - return 1; - - } - default: - return 0; - } -} - -int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) -{ - memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx)); - return 1; -} - -/* Clean up imit ctx */ -int gost_imit_cleanup(EVP_MD_CTX *ctx) -{ - memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx)); - return 1; -} diff --git a/engines/ccgost/gost_ctl.c b/engines/ccgost/gost_ctl.c deleted file mode 100644 index 6c93c4584d6d..000000000000 --- a/engines/ccgost/gost_ctl.c +++ /dev/null @@ -1,93 +0,0 @@ -/********************************************************************** - * gost_ctl.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of control commands for GOST engine * - * OpenSSL 0.9.9 libraries required * - **********************************************************************/ -#include <stdlib.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/engine.h> -#include <openssl/buffer.h> -#include "gost_lcl.h" - -static char *gost_params[GOST_PARAM_MAX + 1] = { NULL }; -static const char *gost_envnames[] = { "CRYPT_PARAMS" }; - -const ENGINE_CMD_DEFN gost_cmds[] = { -/*- { GOST_CTRL_RNG, - "RNG", - "Type of random number generator to use", - ENGINE_CMD_FLAG_STRING - }, - { GOST_CTRL_RNG_PARAMS, - "RNG_PARAMS", - "Parameter for random number generator", - ENGINE_CMD_FLAG_STRING - }, -*/ {GOST_CTRL_CRYPT_PARAMS, - "CRYPT_PARAMS", - "OID of default GOST 28147-89 parameters", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -void gost_param_free() -{ - int i; - for (i = 0; i <= GOST_PARAM_MAX; i++) - if (gost_params[i] != NULL) { - OPENSSL_free(gost_params[i]); - gost_params[i] = NULL; - } - -} - -int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int param = cmd - ENGINE_CMD_BASE; - int ret = 0; - if (param < 0 || param > GOST_PARAM_MAX) - return -1; - ret = gost_set_default_param(param, p); - return ret; -} - -const char *get_gost_engine_param(int param) -{ - char *tmp; - if (param < 0 || param > GOST_PARAM_MAX) - return NULL; - if (gost_params[param] != NULL) { - return gost_params[param]; - } - tmp = getenv(gost_envnames[param]); - if (tmp) { - if (gost_params[param]) - OPENSSL_free(gost_params[param]); - gost_params[param] = BUF_strdup(tmp); - return gost_params[param]; - } - return NULL; -} - -int gost_set_default_param(int param, const char *value) -{ - const char *tmp; - if (param < 0 || param > GOST_PARAM_MAX) - return 0; - tmp = getenv(gost_envnames[param]); - /* - * if there is value in the environment, use it, else -passed string * - */ - if (!tmp) - tmp = value; - if (gost_params[param]) - OPENSSL_free(gost_params[param]); - gost_params[param] = BUF_strdup(tmp); - - return 1; -} diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c deleted file mode 100644 index ea52c4dbe9db..000000000000 --- a/engines/ccgost/gost_eng.c +++ /dev/null @@ -1,280 +0,0 @@ -/********************************************************************** - * gost_eng.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Main file of GOST engine * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/engine.h> -#include <openssl/obj_mac.h> -#include "e_gost_err.h" -#include "gost_lcl.h" -static const char *engine_gost_id = "gost"; -static const char *engine_gost_name = - "Reference implementation of GOST engine"; - -/* Symmetric cipher and digest function registrar */ - -static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); - -static int gost_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int ind); - -static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid); - -static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, - const int **nids, int nid); - -static int gost_cipher_nids[] = { NID_id_Gost28147_89, NID_gost89_cnt, 0 }; - -static int gost_digest_nids[] = - { NID_id_GostR3411_94, NID_id_Gost28147_89_MAC, 0 }; - -static int gost_pkey_meth_nids[] = { NID_id_GostR3410_94, - NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0 -}; - -static EVP_PKEY_METHOD *pmeth_GostR3410_94 = NULL, - *pmeth_GostR3410_2001 = NULL, *pmeth_Gost28147_MAC = NULL; - -static EVP_PKEY_ASN1_METHOD *ameth_GostR3410_94 = NULL, - *ameth_GostR3410_2001 = NULL, *ameth_Gost28147_MAC = NULL; - -static int gost_engine_init(ENGINE *e) -{ - return 1; -} - -static int gost_engine_finish(ENGINE *e) -{ - return 1; -} - -static int gost_engine_destroy(ENGINE *e) -{ - gost_param_free(); - - pmeth_GostR3410_94 = NULL; - pmeth_GostR3410_2001 = NULL; - pmeth_Gost28147_MAC = NULL; - ameth_GostR3410_94 = NULL; - ameth_GostR3410_2001 = NULL; - ameth_Gost28147_MAC = NULL; - return 1; -} - -static int bind_gost(ENGINE *e, const char *id) -{ - int ret = 0; - if (id && strcmp(id, engine_gost_id)) - return 0; - if (ameth_GostR3410_94) { - printf("GOST engine already loaded\n"); - goto end; - } - - if (!ENGINE_set_id(e, engine_gost_id)) { - printf("ENGINE_set_id failed\n"); - goto end; - } - if (!ENGINE_set_name(e, engine_gost_name)) { - printf("ENGINE_set_name failed\n"); - goto end; - } - if (!ENGINE_set_digests(e, gost_digests)) { - printf("ENGINE_set_digests failed\n"); - goto end; - } - if (!ENGINE_set_ciphers(e, gost_ciphers)) { - printf("ENGINE_set_ciphers failed\n"); - goto end; - } - if (!ENGINE_set_pkey_meths(e, gost_pkey_meths)) { - printf("ENGINE_set_pkey_meths failed\n"); - goto end; - } - if (!ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) { - printf("ENGINE_set_pkey_asn1_meths failed\n"); - goto end; - } - /* Control function and commands */ - if (!ENGINE_set_cmd_defns(e, gost_cmds)) { - fprintf(stderr, "ENGINE_set_cmd_defns failed\n"); - goto end; - } - if (!ENGINE_set_ctrl_function(e, gost_control_func)) { - fprintf(stderr, "ENGINE_set_ctrl_func failed\n"); - goto end; - } - if (!ENGINE_set_destroy_function(e, gost_engine_destroy) - || !ENGINE_set_init_function(e, gost_engine_init) - || !ENGINE_set_finish_function(e, gost_engine_finish)) { - goto end; - } - - if (!register_ameth_gost - (NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94", - "GOST R 34.10-94")) - goto end; - if (!register_ameth_gost - (NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001", - "GOST R 34.10-2001")) - goto end; - if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC, - "GOST-MAC", "GOST 28147-89 MAC")) - goto end; - - if (!register_pmeth_gost(NID_id_GostR3410_94, &pmeth_GostR3410_94, 0)) - goto end; - if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0)) - goto end; - if (!register_pmeth_gost - (NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0)) - goto end; - if (!ENGINE_register_ciphers(e) - || !ENGINE_register_digests(e) - || !ENGINE_register_pkey_meths(e) - /* These two actually should go in LIST_ADD command */ - || !EVP_add_cipher(&cipher_gost) - || !EVP_add_cipher(&cipher_gost_cpacnt) - || !EVP_add_digest(&digest_gost) - || !EVP_add_digest(&imit_gost_cpa) - ) { - goto end; - } - - ERR_load_GOST_strings(); - ret = 1; - end: - return ret; -} - -static int gost_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int nid) -{ - int ok = 1; - if (!digest) { - *nids = gost_digest_nids; - return 2; - } - /* - * printf("Digest no %d requested\n",nid); - */ - if (nid == NID_id_GostR3411_94) { - *digest = &digest_gost; - } else if (nid == NID_id_Gost28147_89_MAC) { - *digest = &imit_gost_cpa; - } else { - ok = 0; - *digest = NULL; - } - return ok; -} - -static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid) -{ - int ok = 1; - if (!cipher) { - *nids = gost_cipher_nids; - return 2; /* two ciphers are supported */ - } - - if (nid == NID_id_Gost28147_89) { - *cipher = &cipher_gost; - } else if (nid == NID_gost89_cnt) { - *cipher = &cipher_gost_cpacnt; - } else { - ok = 0; - *cipher = NULL; - } - return ok; -} - -static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth, - const int **nids, int nid) -{ - if (!pmeth) { - *nids = gost_pkey_meth_nids; - return 3; - } - - switch (nid) { - case NID_id_GostR3410_94: - *pmeth = pmeth_GostR3410_94; - return 1; - case NID_id_GostR3410_2001: - *pmeth = pmeth_GostR3410_2001; - return 1; - case NID_id_Gost28147_89_MAC: - *pmeth = pmeth_Gost28147_MAC; - return 1; - default:; - } - - *pmeth = NULL; - return 0; -} - -static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth, - const int **nids, int nid) -{ - if (!ameth) { - *nids = gost_pkey_meth_nids; - return 3; - } - switch (nid) { - case NID_id_GostR3410_94: - *ameth = ameth_GostR3410_94; - return 1; - case NID_id_GostR3410_2001: - *ameth = ameth_GostR3410_2001; - return 1; - case NID_id_Gost28147_89_MAC: - *ameth = ameth_Gost28147_MAC; - return 1; - - default:; - } - - *ameth = NULL; - return 0; -} - -#ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_gost(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_gost(ret, engine_gost_id)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_gost(void) -{ - ENGINE *toadd; - if (pmeth_GostR3410_94) - return; - toadd = engine_gost(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -#else -IMPLEMENT_DYNAMIC_BIND_FN(bind_gost) -IMPLEMENT_DYNAMIC_CHECK_FN() -#endif diff --git a/engines/ccgost/gost_keywrap.c b/engines/ccgost/gost_keywrap.c deleted file mode 100644 index 502a83c62d53..000000000000 --- a/engines/ccgost/gost_keywrap.c +++ /dev/null @@ -1,106 +0,0 @@ -/********************************************************************** - * keywrap.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of CryptoPro key wrap algorithm, as defined in * - * RFC 4357 p 6.3 and 6.4 * - * Doesn't need OpenSSL * - **********************************************************************/ -#include <string.h> -#include "gost89.h" -#include "gost_keywrap.h" - -/*- - * Diversifies key using random UserKey Material - * Implements RFC 4357 p 6.5 key diversification algorithm - * - * inputKey - 32byte key to be diversified - * ukm - 8byte user key material - * outputKey - 32byte buffer to store diversified key - * - */ -void keyDiversifyCryptoPro(gost_ctx * ctx, const unsigned char *inputKey, - const unsigned char *ukm, unsigned char *outputKey) -{ - - u4 k, s1, s2; - int i, j, mask; - unsigned char S[8]; - memcpy(outputKey, inputKey, 32); - for (i = 0; i < 8; i++) { - /* Make array of integers from key */ - /* Compute IV S */ - s1 = 0, s2 = 0; - for (j = 0, mask = 1; j < 8; j++, mask <<= 1) { - k = ((u4) outputKey[4 * j]) | (outputKey[4 * j + 1] << 8) | - (outputKey[4 * j + 2] << 16) | (outputKey[4 * j + 3] << 24); - if (mask & ukm[i]) { - s1 += k; - } else { - s2 += k; - } - } - S[0] = (unsigned char)(s1 & 0xff); - S[1] = (unsigned char)((s1 >> 8) & 0xff); - S[2] = (unsigned char)((s1 >> 16) & 0xff); - S[3] = (unsigned char)((s1 >> 24) & 0xff); - S[4] = (unsigned char)(s2 & 0xff); - S[5] = (unsigned char)((s2 >> 8) & 0xff); - S[6] = (unsigned char)((s2 >> 16) & 0xff); - S[7] = (unsigned char)((s2 >> 24) & 0xff); - gost_key(ctx, outputKey); - gost_enc_cfb(ctx, S, outputKey, outputKey, 4); - } -} - -/*- - * Wraps key using RFC 4357 6.3 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey (KEK) 32-byte (256-bit) shared key - * ukm - 8 byte (64 bit) user key material, - * sessionKey - 32-byte (256-bit) key to be wrapped - * wrappedKey - 44-byte buffer to store wrapped key - */ - -int keyWrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey, - const unsigned char *ukm, - const unsigned char *sessionKey, - unsigned char *wrappedKey) -{ - unsigned char kek_ukm[32]; - keyDiversifyCryptoPro(ctx, keyExchangeKey, ukm, kek_ukm); - gost_key(ctx, kek_ukm); - memcpy(wrappedKey, ukm, 8); - gost_enc(ctx, sessionKey, wrappedKey + 8, 4); - gost_mac_iv(ctx, 32, ukm, sessionKey, 32, wrappedKey + 40); - return 1; -} - -/*- - * Unwraps key using RFC 4357 6.4 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey 32-byte shared key - * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, - * 32 byte encrypted key and 4 byte MAC - * - * sessionKEy - 32byte buffer to store sessionKey in - * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match - */ - -int keyUnwrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, - unsigned char *sessionKey) -{ - unsigned char kek_ukm[32], cek_mac[4]; - keyDiversifyCryptoPro(ctx, keyExchangeKey, wrappedKey - /* First 8 bytes of wrapped Key is ukm */ - , kek_ukm); - gost_key(ctx, kek_ukm); - gost_dec(ctx, wrappedKey + 8, sessionKey, 4); - gost_mac_iv(ctx, 32, wrappedKey, sessionKey, 32, cek_mac); - if (memcmp(cek_mac, wrappedKey + 40, 4)) { - return 0; - } - return 1; -} diff --git a/engines/ccgost/gost_keywrap.h b/engines/ccgost/gost_keywrap.h deleted file mode 100644 index 7def4c9fe8c7..000000000000 --- a/engines/ccgost/gost_keywrap.h +++ /dev/null @@ -1,56 +0,0 @@ -/********************************************************************** - * gost_keywrap.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of CryptoPro key wrap algorithm, as defined in * - * RFC 4357 p 6.3 and 6.4 * - * Doesn't need OpenSSL * - **********************************************************************/ -#ifndef GOST_KEYWRAP_H -# define GOST_KEYWRAP_H -# include <string.h> -# include "gost89.h" -/*- - * Diversifies key using random UserKey Material - * Implements RFC 4357 p 6.5 key diversification algorithm - * - * inputKey - 32byte key to be diversified - * ukm - 8byte user key material - * outputKey - 32byte buffer to store diversified key - * - */ -void keyDiversifyCryptoPro(gost_ctx * ctx, - const unsigned char *inputKey, - const unsigned char *ukm, - unsigned char *outputKey); -/*- - * Wraps key using RFC 4357 6.3 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey (KEK) 32-byte (256-bit) shared key - * ukm - 8 byte (64 bit) user key material, - * sessionKey - 32-byte (256-bit) key to be wrapped - * wrappedKey - 44-byte buffer to store wrapped key - */ - -int keyWrapCryptoPro(gost_ctx * ctx, - const unsigned char *keyExchangeKey, - const unsigned char *ukm, - const unsigned char *sessionKey, - unsigned char *wrappedKey); -/*- - * Unwraps key using RFC 4357 6.4 - * ctx - gost encryption context, initialized with some S-boxes - * keyExchangeKey 32-byte shared key - * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, - * 32 byte encrypted key and 4 byte MAC - * - * sessionKEy - 32byte buffer to store sessionKey in - * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match - */ - -int keyUnwrapCryptoPro(gost_ctx * ctx, - const unsigned char *keyExchangeKey, - const unsigned char *wrappedKey, - unsigned char *sessionKey); -#endif diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h deleted file mode 100644 index 3a2c7d570147..000000000000 --- a/engines/ccgost/gost_lcl.h +++ /dev/null @@ -1,229 +0,0 @@ -#ifndef GOST_TOOLS_H -# define GOST_TOOLS_H -/********************************************************************** - * gost_lcl.h * - * Copyright (c) 2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Internal declarations used in GOST engine * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -# include <openssl/bn.h> -# include <openssl/evp.h> -# include <openssl/dsa.h> -# include <openssl/asn1t.h> -# include <openssl/x509.h> -# include <openssl/engine.h> -# include <openssl/ec.h> -# include "gost89.h" -# include "gosthash.h" -/* Control commands */ -# define GOST_PARAM_CRYPT_PARAMS 0 -# define GOST_PARAM_MAX 0 -# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS) - -extern const ENGINE_CMD_DEFN gost_cmds[]; -int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); -const char *get_gost_engine_param(int param); -int gost_set_default_param(int param, const char *value); -void gost_param_free(void); - -/* method registration */ - -int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth, - const char *pemstr, const char *info); -int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags); - -/* Gost-specific pmeth control-function parameters */ -/* For GOST R34.10 parameters */ -# define param_ctrl_string "paramset" -# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) -/* For GOST 28147 MAC */ -# define key_ctrl_string "key" -# define hexkey_ctrl_string "hexkey" -# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3) -/* Pmeth internal representation */ -struct gost_pmeth_data { - int sign_param_nid; /* Should be set whenever parameters are - * filled */ - EVP_MD *md; - unsigned char *shared_ukm; - int peer_key_used; -}; - -struct gost_mac_pmeth_data { - int key_set; - EVP_MD *md; - unsigned char key[32]; -}; -/* GOST-specific ASN1 structures */ - -typedef struct { - ASN1_OCTET_STRING *encrypted_key; - ASN1_OCTET_STRING *imit; -} GOST_KEY_INFO; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO) - -typedef struct { - ASN1_OBJECT *cipher; - X509_PUBKEY *ephem_key; - ASN1_OCTET_STRING *eph_iv; -} GOST_KEY_AGREEMENT_INFO; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO) - -typedef struct { - GOST_KEY_INFO *key_info; - GOST_KEY_AGREEMENT_INFO *key_agreement_info; -} GOST_KEY_TRANSPORT; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT) - -typedef struct { /* FIXME incomplete */ - GOST_KEY_TRANSPORT *gkt; -} GOST_CLIENT_KEY_EXCHANGE_PARAMS; - -/* - * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics - * what's done in symhacks.h, but since this is a very local header file, I - * prefered to put this hack directly here. -- Richard Levitte - */ -# ifdef OPENSSL_SYS_VMS -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new -# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free -# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free -# undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS -# define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS -# undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS -# define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS -# endif /* End of hack */ -DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS) -typedef struct { - ASN1_OBJECT *key_params; - ASN1_OBJECT *hash_params; - ASN1_OBJECT *cipher_params; -} GOST_KEY_PARAMS; - -DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS) - -typedef struct { - ASN1_OCTET_STRING *iv; - ASN1_OBJECT *enc_param_set; -} GOST_CIPHER_PARAMS; - -DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS) -/*============== Message digest and cipher related structures ==========*/ - /* - * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing - * in the md-data pointers to dynamically allocated memory. I - * cannot invent better way to avoid memory leaks, because openssl - * insist on invoking Init on Final-ed digests, and there is no - * reliable way to find out whether pointer in the passed md_data is - * valid or not. - */ -struct ossl_gost_digest_ctx { - gost_hash_ctx dctx; - gost_ctx cctx; -}; -/* EVP_MD structure for GOST R 34.11 */ -extern EVP_MD digest_gost; -/* EVP_MD structure for GOST 28147 in MAC mode */ -extern EVP_MD imit_gost_cpa; -/* Cipher context used for EVP_CIPHER operation */ -struct ossl_gost_cipher_ctx { - int paramNID; - unsigned int count; - int key_meshing; - gost_ctx cctx; -}; -/* Structure to map parameter NID to S-block */ -struct gost_cipher_info { - int nid; - gost_subst_block *sblock; - int key_meshing; -}; -/* Context for MAC */ -struct ossl_gost_imit_ctx { - gost_ctx cctx; - unsigned char buffer[8]; - unsigned char partial_block[8]; - unsigned int count; - int key_meshing; - int bytes_left; - int key_set; -}; -/* Table which maps parameter NID to S-blocks */ -extern struct gost_cipher_info gost_cipher_list[]; -/* Find encryption params from ASN1_OBJECT */ -const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj); -/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */ -extern EVP_CIPHER cipher_gost; -extern EVP_CIPHER cipher_gost_cpacnt; -# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3) -# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4) -/* EVP_PKEY_METHOD key encryption callbacks */ -/* From gost94_keyx.c */ -int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *key, - size_t key_len); - -int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *in, - size_t in_len); -/* From gost2001_keyx.c */ -int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *key, - size_t key_len); - -int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, - size_t *outlen, const unsigned char *in, - size_t in_len); -/* derive functions */ -/* From gost2001_keyx.c */ -int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen); -/* From gost94_keyx.c */ -int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); -/* Internal functions for signature algorithms */ -int fill_GOST94_params(DSA *dsa, int nid); -int fill_GOST2001_params(EC_KEY *eckey, int nid); -int gost_sign_keygen(DSA *dsa); -int gost2001_keygen(EC_KEY *ec); - -DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); -DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey); - -int gost_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -int gost2001_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, EC_KEY *ec); -int gost2001_compute_public(EC_KEY *ec); -int gost94_compute_public(DSA *dsa); -/*============== miscellaneous functions============================= */ -/* from gost_sign.c */ -/* Convert GOST R 34.11 hash sum to bignum according to standard */ -BIGNUM *hashsum2bn(const unsigned char *dgst); -/* - * Store bignum in byte array of given length, prepending by zeros if - * nesseccary - */ -int store_bignum(BIGNUM *bn, unsigned char *buf, int len); -/* Read bignum, which can have few MSB all-zeros from buffer*/ -BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len); -/* Pack GOST R 34.10 signature according to CryptoPro rules */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen); -/* Unpack GOST R 34.10 signature according to CryptoPro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen); -/* from ameth.c */ -/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001 keys*/ -/* Returns pointer into EVP_PKEY structure */ -BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey); -/* Find NID by GOST 94 parameters */ -int gost94_nid_by_params(DSA *p); - -#endif diff --git a/engines/ccgost/gost_md.c b/engines/ccgost/gost_md.c deleted file mode 100644 index 1ccc6be0e944..000000000000 --- a/engines/ccgost/gost_md.c +++ /dev/null @@ -1,76 +0,0 @@ -/********************************************************************** - * md_gost.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * OpenSSL interface to GOST R 34.11-94 hash functions * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include "gost_lcl.h" -#include "gosthash.h" -#include "e_gost_err.h" - -/* implementation of GOST 34.11 hash function See gost_md.c*/ -static int gost_digest_init(EVP_MD_CTX *ctx); -static int gost_digest_update(EVP_MD_CTX *ctx, const void *data, - size_t count); -static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md); -static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); -static int gost_digest_cleanup(EVP_MD_CTX *ctx); - -EVP_MD digest_gost = { - NID_id_GostR3411_94, - NID_undef, - 32, - EVP_MD_FLAG_PKEY_METHOD_SIGNATURE, - gost_digest_init, - gost_digest_update, - gost_digest_final, - gost_digest_copy, - gost_digest_cleanup, - NULL, - NULL, - {NID_undef, NID_undef, 0, 0, 0}, - 32, - sizeof(struct ossl_gost_digest_ctx), - NULL -}; - -int gost_digest_init(EVP_MD_CTX *ctx) -{ - struct ossl_gost_digest_ctx *c = ctx->md_data; - memset(&(c->dctx), 0, sizeof(gost_hash_ctx)); - gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet); - c->dctx.cipher_ctx = &(c->cctx); - return 1; -} - -int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return hash_block((gost_hash_ctx *) ctx->md_data, data, count); -} - -int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return finish_hash((gost_hash_ctx *) ctx->md_data, md); - -} - -int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) -{ - struct ossl_gost_digest_ctx *md_ctx = to->md_data; - if (to->md_data && from->md_data) { - memcpy(to->md_data, from->md_data, - sizeof(struct ossl_gost_digest_ctx)); - md_ctx->dctx.cipher_ctx = &(md_ctx->cctx); - } - return 1; -} - -int gost_digest_cleanup(EVP_MD_CTX *ctx) -{ - if (ctx->md_data) - memset(ctx->md_data, 0, sizeof(struct ossl_gost_digest_ctx)); - return 1; -} diff --git a/engines/ccgost/gost_params.c b/engines/ccgost/gost_params.c deleted file mode 100644 index 0411534b71a1..000000000000 --- a/engines/ccgost/gost_params.c +++ /dev/null @@ -1,207 +0,0 @@ -/********************************************************************** - * params.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Definitions of GOST R 34.10 parameter sets, defined in RFC 4357 * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -#include "gost_params.h" -#include <openssl/objects.h> -/* Parameters of GOST 34.10 */ - -R3410_params R3410_paramset[] = { -/* Paramset A */ - {NID_id_GostR3410_94_CryptoPro_A_ParamSet, - "100997906755055304772081815535925224869" - "8410825720534578748235158755771479905292727772441528526992987964833" - "5669968284202797289605274717317548059048560713474685214192868091256" - "1502802222185647539190902656116367847270145019066794290930185446216" - "3997308722217328898303231940973554032134009725883228768509467406639" - "62", - "127021248288932417465907042777176443525" - "7876535089165358128175072657050312609850984974231883334834011809259" - "9999512098893413065920561499672425412104927434935707492031276956145" - "1689224110579311248812610229678534638401693520013288995000362260684" - "2227508135323070045173416336850045410625869714168836867788425378203" - "83", - "683631961449557007844441656118272528951" - "02170888761442055095051287550314083023"} - , - {NID_id_GostR3410_94_CryptoPro_B_ParamSet, - "429418261486158041438734477379555023926" - "7234596860714306679811299408947123142002706038521669956384871995765" - "7284814898909770759462613437669456364882730370838934791080835932647" - "9767786019153434744009610342313166725786869204821949328786333602033" - "8479709268434224762105576023501613261478065276102850944540333865234" - "1", - "139454871199115825601409655107690713107" - "0417070599280317977580014543757653577229840941243685222882398330391" - "1468164807668823692122073732267216074074777170091113455043205380464" - "7694904686120113087816240740184800477047157336662926249423571248823" - "9685422217536601433914856808405203368594584948031873412885804895251" - "63", - "79885141663410976897627118935756323747307951916507639758300472692338873533959"} - , - {NID_id_GostR3410_94_CryptoPro_C_ParamSet, - "816552717970881016017893191415300348226" - "2544051353358162468249467681876621283478212884286545844013955142622" - "2087723485023722868022275009502224827866201744494021697716482008353" - "6398202298024892620480898699335508064332313529725332208819456895108" - "5155178100221003459370588291073071186553005962149936840737128710832" - "3", - "110624679233511963040518952417017040248" - "5862954819831383774196396298584395948970608956170224210628525560327" - "8638246716655439297654402921844747893079518669992827880792192992701" - "1428546551433875806377110443534293554066712653034996277099320715774" - "3542287621283671843703709141350171945045805050291770503634517804938" - "01", - "113468861199819350564868233378875198043" - "267947776488510997961231672532899549103"} - , - {NID_id_GostR3410_94_CryptoPro_D_ParamSet, - "756976611021707301782128757801610628085" - "5283803109571158829574281419208532589041660017017859858216341400371" - "4687551412794400562878935266630754392677014598582103365983119173924" - "4732511225464712252386803315902707727668715343476086350472025298282" - "7271461690125050616858238384366331089777463541013033926723743254833" - "7", - "905457649621929965904290958774625315611" - "3056083907389766971404812524422262512556054474620855996091570786713" - "5849550236741915584185990627801066465809510095784713989819413820871" - "5964648914493053407920737078890520482730623038837767710173664838239" - "8574828787891286471201460474326612697849693665518073864436497893214" - "9", - "108988435796353506912374591498972192620" - "190487557619582334771735390599299211593"} - , - - {NID_id_GostR3410_94_CryptoPro_XchA_ParamSet, - "1335318132727206734338595199483190012179423759678474868994823595993" - "6964252873471246159040332773182141032801252925387191478859899310331" - "0567744136196364803064721377826656898686468463277710150809401182608" - "7702016153249904683329312949209127762411378780302243557466062839716" - "59376426832674269780880061631528163475887", - "14201174159756348119636828602231808974327613839524373876287257344192" - "74593935127189736311660784676003608489466235676257952827747192122419" - "29071046134208380636394084512691828894000571524625445295769349356752" - "72895683154177544176313938445719175509684710784659566254794231229333" - "8483924514339614727760681880609734239", - "91771529896554605945588149018382750217296858393520724172743325725474" - "374979801"} - , - {NID_id_GostR3410_94_CryptoPro_XchB_ParamSet, - "8890864727828423151699995801875757891031463338652579140051973659" - "3048131440685857067369829407947744496306656291505503608252399443" - "7900272386749145996230867832228661977543992816745254823298629859" - "8753575466286051738837854736167685769017780335804511440773337196" - "2538423532919394477873664752824509986617878992443177", - "1028946126624994859676552074360530315217970499989304888248413244" - "8474923022758470167998871003604670704877377286176171227694098633" - "1539089568784129110109512690503345393869871295783467257264868341" - "7200196629860561193666752429682367397084815179752036423595736533" - "68957392061769855284593965042530895046088067160269433", - "9109671391802626916582318050603555673628769498182593088388796888" - "5281641595199"} - , - {NID_id_GostR3410_94_CryptoPro_XchC_ParamSet, - "4430618464297584182473135030809859326863990650118941756995270074" - "8609973181426950235239623239110557450826919295792878938752101867" - "7047181623251027516953100431855964837602657827828194249605561893" - "6965865325513137194483136247773653468410118796740709840825496997" - "9375560722345106704721086025979309968763193072908334", - "1246996366993477513607147265794064436203408861395055989217248455" - "7299870737698999651480662364723992859320868822848751165438350943" - "3276647222625940615560580450040947211826027729977563540237169063" - "0448079715771649447778447000597419032457722226253269698374446528" - "35352729304393746106576383349151001715930924115499549", - "6787876137336591234380295020065682527118129468050147943114675429" - "4748422492761"} - , - - {NID_undef, NULL, NULL, NULL} -}; - -R3410_2001_params R3410_2001_paramset[] = { - /* default_cc_sign01_param 1.2.643.2.9.1.8.1 */ - {NID_id_GostR3410_2001_ParamSet_cc, - /* A */ - "C0000000000000000000000000000000000000000000000000000000000003c4", - /* B */ - "2d06B4265ebc749ff7d0f1f1f88232e81632e9088fd44b7787d5e407e955080c", - /* P */ - "C0000000000000000000000000000000000000000000000000000000000003C7", - /* Q */ - "5fffffffffffffffffffffffffffffff606117a2f4bde428b7458a54b6e87b85", - /* X */ - "2", - /* Y */ - "a20e034bf8813ef5c18d01105e726a17eb248b264ae9706f440bedc8ccb6b22c"} - , - /* 1.2.643.2.2.35.0 */ - {NID_id_GostR3410_2001_TestParamSet, - "7", - "5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E", - "8000000000000000000000000000000000000000000000000000000000000431", - "8000000000000000000000000000000150FE8A1892976154C59CFC193ACCF5B3", - "2", - "08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"} - , - /* - * 1.2.643.2.2.35.1 - */ - {NID_id_GostR3410_2001_CryptoPro_A_ParamSet, - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94", - "a6", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", - "1", - "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"} - , - /* - * 1.2.643.2.2.35.2 - */ - {NID_id_GostR3410_2001_CryptoPro_B_ParamSet, - "8000000000000000000000000000000000000000000000000000000000000C96", - "3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B", - "8000000000000000000000000000000000000000000000000000000000000C99", - "800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F", - "1", - "3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"} - , - /* - * 1.2.643.2.2.35.3 - */ - {NID_id_GostR3410_2001_CryptoPro_C_ParamSet, - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598", - "805a", - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B", - "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9", - "0", - "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"} - , - /* - * 1.2.643.2.2.36.0 - */ - {NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94", - "a6", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893", - "1", - "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"} - , - /* - * 1.2.643.2.2.36.1 - */ - {NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598", - "805a", - "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B", - "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9", - "0", - "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"} - , - {0, NULL, NULL, NULL, NULL, NULL, NULL} -}; diff --git a/engines/ccgost/gost_params.h b/engines/ccgost/gost_params.h deleted file mode 100644 index 0773cbfa58a6..000000000000 --- a/engines/ccgost/gost_params.h +++ /dev/null @@ -1,34 +0,0 @@ -/********************************************************************** - * gost_params.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declaration of structures used to represent GOST R 34.10 * - * parameter sets, defined in RFC 4357 * - * OpenSSL 0.9.9 libraries required to compile and use * - * this code * - **********************************************************************/ -#ifndef GOST_PARAMSET_H -# define GOST_PARAMSET_H -typedef struct R3410 { - int nid; - char *a; - char *p; - char *q; -} R3410_params; - -extern R3410_params R3410_paramset[]; - -typedef struct R3410_2001 { - int nid; - char *a; - char *b; - char *p; - char *q; - char *x; - char *y; -} R3410_2001_params; - -extern R3410_2001_params R3410_2001_paramset[]; - -#endif diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c deleted file mode 100644 index 696829253b62..000000000000 --- a/engines/ccgost/gost_pmeth.c +++ /dev/null @@ -1,625 +0,0 @@ -/********************************************************************** - * gost_pmeth.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of RFC 4357 (GOST R 34.10) Publick key method * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <openssl/evp.h> -#include <openssl/objects.h> -#include <openssl/ec.h> -#include <openssl/x509v3.h> /* For string_to_hex */ -#include <stdlib.h> -#include <string.h> -#include <ctype.h> -#include "gost_params.h" -#include "gost_lcl.h" -#include "e_gost_err.h" -/* -----init, cleanup, copy - uniform for all algs ---------------*/ -/* Allocates new gost_pmeth_data structure and assigns it as data */ -static int pkey_gost_init(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - data = OPENSSL_malloc(sizeof(struct gost_pmeth_data)); - if (!data) - return 0; - memset(data, 0, sizeof(struct gost_pmeth_data)); - if (pkey && EVP_PKEY_get0(pkey)) { - switch (EVP_PKEY_base_id(pkey)) { - case NID_id_GostR3410_94: - data->sign_param_nid = gost94_nid_by_params(EVP_PKEY_get0(pkey)); - break; - case NID_id_GostR3410_2001: - data->sign_param_nid = - EC_GROUP_get_curve_name(EC_KEY_get0_group - (EVP_PKEY_get0((EVP_PKEY *)pkey))); - break; - default: - return 0; - } - } - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -/* Copies contents of gost_pmeth_data structure */ -static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_pmeth_data *dst_data, *src_data; - if (!pkey_gost_init(dst)) { - return 0; - } - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - if (src_data->shared_ukm) { - dst_data->shared_ukm = NULL; - } - return 1; -} - -/* Frees up gost_pmeth_data structure */ -static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - if (data->shared_ukm) - OPENSSL_free(data->shared_ukm); - OPENSSL_free(data); -} - -/* --------------------- control functions ------------------------------*/ -static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_pmeth_data *pctx = - (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); - switch (type) { - case EVP_PKEY_CTRL_MD: - { - if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) { - GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - pctx->md = (EVP_MD *)p2; - return 1; - } - break; - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = pctx->md; - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_DIGESTINIT: -#ifndef OPENSSL_NO_CMS - case EVP_PKEY_CTRL_CMS_ENCRYPT: - case EVP_PKEY_CTRL_CMS_DECRYPT: - case EVP_PKEY_CTRL_CMS_SIGN: -#endif - return 1; - - case EVP_PKEY_CTRL_GOST_PARAMSET: - pctx->sign_param_nid = (int)p1; - return 1; - case EVP_PKEY_CTRL_SET_IV: - pctx->shared_ukm = OPENSSL_malloc((int)p1); - if (pctx->shared_ukm == NULL) - return 0; - memcpy(pctx->shared_ukm, p2, (int)p1); - return 1; - case EVP_PKEY_CTRL_PEER_KEY: - if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */ - return 1; - if (p1 == 2) /* TLS: peer key used? */ - return pctx->peer_key_used; - if (p1 == 3) /* TLS: peer key used! */ - return (pctx->peer_key_used = 1); - return -2; - } - return -2; -} - -static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - int param_nid = 0; - if (!strcmp(type, param_ctrl_string)) { - if (!value) { - return 0; - } - if (strlen(value) == 1) { - switch (toupper((unsigned char)value[0])) { - case 'A': - param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_94_CryptoPro_B_ParamSet; - break; - case 'C': - param_nid = NID_id_GostR3410_94_CryptoPro_C_ParamSet; - break; - case 'D': - param_nid = NID_id_GostR3410_94_CryptoPro_D_ParamSet; - break; - default: - return 0; - break; - } - } else if ((strlen(value) == 2) - && (toupper((unsigned char)value[0]) == 'X')) { - switch (toupper((unsigned char)value[1])) { - case 'A': - param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_94_CryptoPro_XchB_ParamSet; - break; - case 'C': - param_nid = NID_id_GostR3410_94_CryptoPro_XchC_ParamSet; - break; - default: - return 0; - break; - } - } else { - R3410_params *p = R3410_paramset; - param_nid = OBJ_txt2nid(value); - if (param_nid == NID_undef) { - return 0; - } - for (; p->nid != NID_undef; p++) { - if (p->nid == param_nid) - break; - } - if (p->nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR, GOST_R_INVALID_PARAMSET); - return 0; - } - } - - return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - param_nid, NULL); - } - return -2; -} - -static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - int param_nid = 0; - if (!strcmp(type, param_ctrl_string)) { - if (!value) { - return 0; - } - if (strlen(value) == 1) { - switch (toupper((unsigned char)value[0])) { - case 'A': - param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet; - break; - case 'C': - param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet; - break; - case '0': - param_nid = NID_id_GostR3410_2001_TestParamSet; - break; - default: - return 0; - break; - } - } else if ((strlen(value) == 2) - && (toupper((unsigned char)value[0]) == 'X')) { - switch (toupper((unsigned char)value[1])) { - case 'A': - param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet; - break; - case 'B': - param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet; - break; - default: - return 0; - break; - } - } else { - R3410_2001_params *p = R3410_2001_paramset; - param_nid = OBJ_txt2nid(value); - if (param_nid == NID_undef) { - return 0; - } - for (; p->nid != NID_undef; p++) { - if (p->nid == param_nid) - break; - } - if (p->nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET); - return 0; - } - } - - return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET, - param_nid, NULL); - } - return -2; -} - -/* --------------------- key generation --------------------------------*/ - -static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -static int pkey_gost94_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - DSA *dsa = NULL; - if (data->sign_param_nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST94_PARAMGEN, GOST_R_NO_PARAMETERS_SET); - return 0; - } - dsa = DSA_new(); - if (!fill_GOST94_params(dsa, data->sign_param_nid)) { - DSA_free(dsa); - return 0; - } - EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa); - return 1; -} - -static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - EC_KEY *ec = NULL; - - if (data->sign_param_nid == NID_undef) { - GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET); - return 0; - } - if (!ec) - ec = EC_KEY_new(); - if (!fill_GOST2001_params(ec, data->sign_param_nid)) { - EC_KEY_free(ec); - return 0; - } - EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec); - return 1; -} - -/* Generates Gost_R3410_94_cp key */ -static int pkey_gost94cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DSA *dsa; - if (!pkey_gost94_paramgen(ctx, pkey)) - return 0; - dsa = EVP_PKEY_get0(pkey); - gost_sign_keygen(dsa); - return 1; -} - -/* Generates GOST_R3410 2001 key and assigns it using specified type */ -static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - EC_KEY *ec; - if (!pkey_gost01_paramgen(ctx, pkey)) - return 0; - ec = EVP_PKEY_get0(pkey); - gost2001_keygen(ec); - return 1; -} - -/* ----------- sign callbacks --------------------------------------*/ - -static int pkey_gost94_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbs_len) -{ - DSA_SIG *unpacked_sig = NULL; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!siglen) - return 0; - if (!sig) { - *siglen = 64; /* better to check size of pkey->pkey.dsa-q */ - return 1; - } - unpacked_sig = gost_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey)); - if (!unpacked_sig) { - return 0; - } - return pack_sign_cp(unpacked_sig, 32, sig, siglen); -} - -static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, - size_t tbs_len) -{ - DSA_SIG *unpacked_sig = NULL; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!siglen) - return 0; - if (!sig) { - *siglen = 64; /* better to check size of curve order */ - return 1; - } - unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey)); - if (!unpacked_sig) { - return 0; - } - return pack_sign_cp(unpacked_sig, 32, sig, siglen); -} - -/* ------------------- verify callbacks ---------------------------*/ - -static int pkey_gost94_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbs_len) -{ - int ok = 0; - EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx); - DSA_SIG *s = unpack_cp_signature(sig, siglen); - if (!s) - return 0; - if (pub_key) - ok = gost_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key)); - DSA_SIG_free(s); - return ok; -} - -static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbs_len) -{ - int ok = 0; - EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx); - DSA_SIG *s = unpack_cp_signature(sig, siglen); - if (!s) - return 0; -#ifdef DEBUG_SIGN - fprintf(stderr, "R="); - BN_print_fp(stderr, s->r); - fprintf(stderr, "\nS="); - BN_print_fp(stderr, s->s); - fprintf(stderr, "\n"); -#endif - if (pub_key) - ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key)); - DSA_SIG_free(s); - return ok; -} - -/* ------------- encrypt init -------------------------------------*/ -/* Generates ephermeral key */ -static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -/* --------------- Derive init ------------------------------------*/ -static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx) -{ - return 1; -} - -/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/ -static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data; - data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data)); - if (!data) - return 0; - memset(data, 0, sizeof(struct gost_mac_pmeth_data)); - EVP_PKEY_CTX_set_data(ctx, data); - return 1; -} - -static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - OPENSSL_free(data); -} - -static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - struct gost_mac_pmeth_data *dst_data, *src_data; - if (!pkey_gost_mac_init(dst)) { - return 0; - } - src_data = EVP_PKEY_CTX_get_data(src); - dst_data = EVP_PKEY_CTX_get_data(dst); - *dst_data = *src_data; - return 1; -} - -static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct gost_mac_pmeth_data *data = - (struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx); - - switch (type) { - case EVP_PKEY_CTRL_MD: - { - if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_INVALID_DIGEST_TYPE); - return 0; - } - data->md = (EVP_MD *)p2; - return 1; - } - break; - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = data->md; - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - return 1; - case EVP_PKEY_CTRL_SET_MAC_KEY: - if (p1 != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - - memcpy(data->key, p2, 32); - data->key_set = 1; - return 1; - case EVP_PKEY_CTRL_DIGESTINIT: - { - EVP_MD_CTX *mctx = p2; - void *key; - if (!data->key_set) { - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); - if (!pkey) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_MAC_KEY_NOT_SET); - return 0; - } - key = EVP_PKEY_get0(pkey); - if (!key) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, - GOST_R_MAC_KEY_NOT_SET); - return 0; - } - } else { - key = &(data->key); - } - return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key); - } - } - return -2; -} - -static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, - const char *type, const char *value) -{ - if (!strcmp(type, key_ctrl_string)) { - if (strlen(value) != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); - return 0; - } - return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, - 32, (char *)value); - } - if (!strcmp(type, hexkey_ctrl_string)) { - long keylen; - int ret; - unsigned char *keybuf = string_to_hex(value, &keylen); - if (!keybuf || keylen != 32) { - GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR, - GOST_R_INVALID_MAC_KEY_LENGTH); - OPENSSL_free(keybuf); - return 0; - } - ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf); - OPENSSL_free(keybuf); - return ret; - - } - return -2; -} - -static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx); - unsigned char *keydata; - if (!data->key_set) { - GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET); - return 0; - } - keydata = OPENSSL_malloc(32); - if (keydata == NULL) - return 0; - memcpy(keydata, data->key, 32); - EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata); - return 1; -} - -static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) -{ - return 1; -} - -static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, EVP_MD_CTX *mctx) -{ - unsigned int tmpsiglen = *siglen; /* for platforms where - * sizeof(int)!=sizeof(size_t) */ - int ret; - if (!sig) { - *siglen = 4; - return 1; - } - ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen); - *siglen = tmpsiglen; - return ret; -} - -/* ----------------------------------------------------------------*/ -int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags) -{ - *pmeth = EVP_PKEY_meth_new(id, flags); - if (!*pmeth) - return 0; - - switch (id) { - case NID_id_GostR3410_94: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl94_str); - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost94cp_keygen); - EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign); - EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify); - EVP_PKEY_meth_set_encrypt(*pmeth, - pkey_gost_encrypt_init, - pkey_GOST94cp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt); - EVP_PKEY_meth_set_derive(*pmeth, - pkey_gost_derive_init, pkey_gost94_derive); - EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, - pkey_gost94_paramgen); - break; - case NID_id_GostR3410_2001: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str); - EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign); - EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify); - - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen); - - EVP_PKEY_meth_set_encrypt(*pmeth, - pkey_gost_encrypt_init, - pkey_GOST01cp_encrypt); - EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt); - EVP_PKEY_meth_set_derive(*pmeth, - pkey_gost_derive_init, pkey_gost2001_derive); - EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init, - pkey_gost01_paramgen); - break; - case NID_id_Gost28147_89_MAC: - EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl, - pkey_gost_mac_ctrl_str); - EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init, - pkey_gost_mac_signctx); - EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen); - EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init); - EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup); - EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy); - return 1; - default: /* Unsupported method */ - return 0; - } - EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init); - EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup); - - EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy); - /* - * FIXME derive etc... - */ - - return 1; -} diff --git a/engines/ccgost/gost_sign.c b/engines/ccgost/gost_sign.c deleted file mode 100644 index 07ad921ab530..000000000000 --- a/engines/ccgost/gost_sign.c +++ /dev/null @@ -1,373 +0,0 @@ -/********************************************************************** - * gost_sign.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.10-94 signature algorithm * - * for OpenSSL * - * Requires OpenSSL 0.9.9 for compilation * - **********************************************************************/ -#include <string.h> -#include <openssl/rand.h> -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/evp.h> -#include <openssl/err.h> - -#include "gost_params.h" -#include "gost_lcl.h" -#include "e_gost_err.h" - -#ifdef DEBUG_SIGN -void dump_signature(const char *message, const unsigned char *buffer, - size_t len) -{ - size_t i; - fprintf(stderr, "signature %s Length=%d", message, len); - for (i = 0; i < len; i++) { - if (i % 16 == 0) - fputc('\n', stderr); - fprintf(stderr, " %02x", buffer[i]); - } - fprintf(stderr, "\nEnd of signature\n"); -} - -void dump_dsa_sig(const char *message, DSA_SIG *sig) -{ - fprintf(stderr, "%s\nR=", message); - BN_print_fp(stderr, sig->r); - fprintf(stderr, "\nS="); - BN_print_fp(stderr, sig->s); - fprintf(stderr, "\n"); -} - -#else - -# define dump_signature(a,b,c) -# define dump_dsa_sig(a,b) -#endif - -/* - * Computes signature and returns it as DSA_SIG structure - */ -DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) -{ - BIGNUM *k = NULL, *tmp = NULL, *tmp2 = NULL; - DSA_SIG *newsig = NULL, *ret = NULL; - BIGNUM *md = hashsum2bn(dgst); - /* check if H(M) mod q is zero */ - BN_CTX *ctx = BN_CTX_new(); - if(!ctx) { - GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - newsig = DSA_SIG_new(); - if (!newsig) { - GOSTerr(GOST_F_GOST_DO_SIGN, GOST_R_NO_MEMORY); - goto err; - } - tmp = BN_CTX_get(ctx); - k = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - if(!tmp || !k || !tmp2) { - GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - BN_mod(tmp, md, dsa->q, ctx); - if (BN_is_zero(tmp)) { - BN_one(md); - } - do { - do { - /* - * Generate random number k less than q - */ - BN_rand_range(k, dsa->q); - /* generate r = (a^x mod p) mod q */ - BN_mod_exp(tmp, dsa->g, k, dsa->p, ctx); - if (!(newsig->r)) { - newsig->r = BN_new(); - if(!newsig->r) { - GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - } - BN_mod(newsig->r, tmp, dsa->q, ctx); - } - while (BN_is_zero(newsig->r)); - /* generate s = (xr + k(Hm)) mod q */ - BN_mod_mul(tmp, dsa->priv_key, newsig->r, dsa->q, ctx); - BN_mod_mul(tmp2, k, md, dsa->q, ctx); - if (!newsig->s) { - newsig->s = BN_new(); - if(!newsig->s) { - GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE); - goto err; - } - } - BN_mod_add(newsig->s, tmp, tmp2, dsa->q, ctx); - } - while (BN_is_zero(newsig->s)); - - ret = newsig; - err: - BN_free(md); - if(ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if(!ret && newsig) { - DSA_SIG_free(newsig); - } - return ret; -} - -/* - * Packs signature according to Cryptocom rules - * and frees up DSA_SIG structure - */ -/*- -int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen) - { - *siglen = 2*order; - memset(sig,0,*siglen); - store_bignum(s->r, sig,order); - store_bignum(s->s, sig + order,order); - dump_signature("serialized",sig,*siglen); - DSA_SIG_free(s); - return 1; - } -*/ -/* - * Packs signature according to Cryptopro rules - * and frees up DSA_SIG structure - */ -int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen) -{ - *siglen = 2 * order; - memset(sig, 0, *siglen); - store_bignum(s->s, sig, order); - store_bignum(s->r, sig + order, order); - dump_signature("serialized", sig, *siglen); - DSA_SIG_free(s); - return 1; -} - -/* - * Verifies signature passed as DSA_SIG structure - * - */ - -int gost_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa) -{ - BIGNUM *md = NULL, *tmp = NULL; - BIGNUM *q2 = NULL; - BIGNUM *u = NULL, *v = NULL, *z1 = NULL, *z2 = NULL; - BIGNUM *tmp2 = NULL, *tmp3 = NULL; - int ok = 0; - BN_CTX *ctx = BN_CTX_new(); - if(!ctx) { - GOSTerr(GOST_F_GOST_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - if (BN_cmp(sig->s, dsa->q) >= 1 || BN_cmp(sig->r, dsa->q) >= 1) { - GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q); - goto err; - } - md = hashsum2bn(dgst); - - tmp = BN_CTX_get(ctx); - v = BN_CTX_get(ctx); - q2 = BN_CTX_get(ctx); - z1 = BN_CTX_get(ctx); - z2 = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - tmp3 = BN_CTX_get(ctx); - u = BN_CTX_get(ctx); - if(!tmp || !v || !q2 || !z1 || !z2 || !tmp2 || !tmp3 || !u) { - GOSTerr(GOST_F_GOST_DO_VERIFY, ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_mod(tmp, md, dsa->q, ctx); - if (BN_is_zero(tmp)) { - BN_one(md); - } - BN_copy(q2, dsa->q); - BN_sub_word(q2, 2); - BN_mod_exp(v, md, q2, dsa->q, ctx); - BN_mod_mul(z1, sig->s, v, dsa->q, ctx); - BN_sub(tmp, dsa->q, sig->r); - BN_mod_mul(z2, tmp, v, dsa->p, ctx); - BN_mod_exp(tmp, dsa->g, z1, dsa->p, ctx); - BN_mod_exp(tmp2, dsa->pub_key, z2, dsa->p, ctx); - BN_mod_mul(tmp3, tmp, tmp2, dsa->p, ctx); - BN_mod(u, tmp3, dsa->q, ctx); - ok = (BN_cmp(u, sig->r) == 0); - - if (!ok) { - GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); - } -err: - if(md) BN_free(md); - if(ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; -} - -/* - * Computes public keys for GOST R 34.10-94 algorithm - * - */ -int gost94_compute_public(DSA *dsa) -{ - /* Now fill algorithm parameters with correct values */ - BN_CTX *ctx; - if (!dsa->g) { - GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, GOST_R_KEY_IS_NOT_INITALIZED); - return 0; - } - ctx = BN_CTX_new(); - if(!ctx) { - GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - return 0; - } - - dsa->pub_key = BN_new(); - if(!dsa->pub_key) { - GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE); - BN_CTX_free(ctx); - return 0; - } - /* Compute public key y = a^x mod p */ - BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx); - BN_CTX_free(ctx); - return 1; -} - -/* - * Fill GOST 94 params, searching them in R3410_paramset array - * by nid of paramset - * - */ -int fill_GOST94_params(DSA *dsa, int nid) -{ - R3410_params *params = R3410_paramset; - while (params->nid != NID_undef && params->nid != nid) - params++; - if (params->nid == NID_undef) { - GOSTerr(GOST_F_FILL_GOST94_PARAMS, GOST_R_UNSUPPORTED_PARAMETER_SET); - return 0; - } -#define dump_signature(a,b,c) - if (dsa->p) { - BN_free(dsa->p); - } - dsa->p = NULL; - BN_dec2bn(&(dsa->p), params->p); - if (dsa->q) { - BN_free(dsa->q); - } - dsa->q = NULL; - BN_dec2bn(&(dsa->q), params->q); - if (dsa->g) { - BN_free(dsa->g); - } - dsa->g = NULL; - BN_dec2bn(&(dsa->g), params->a); - return 1; -} - -/* - * Generate GOST R 34.10-94 keypair - * - * - */ -int gost_sign_keygen(DSA *dsa) -{ - dsa->priv_key = BN_new(); - if(!dsa->priv_key) { - GOSTerr(GOST_F_GOST_SIGN_KEYGEN, ERR_R_MALLOC_FAILURE); - return 0; - } - BN_rand_range(dsa->priv_key, dsa->q); - return gost94_compute_public(dsa); -} - -/* Unpack signature according to cryptocom rules */ -/*- -DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen) - { - DSA_SIG *s; - s = DSA_SIG_new(); - if (s == NULL) - { - GOSTerr(GOST_F_UNPACK_CC_SIGNATURE,GOST_R_NO_MEMORY); - return(NULL); - } - s->r = getbnfrombuf(sig, siglen/2); - s->s = getbnfrombuf(sig + siglen/2, siglen/2); - return s; - } -*/ -/* Unpack signature according to cryptopro rules */ -DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen) -{ - DSA_SIG *s; - - s = DSA_SIG_new(); - if (s == NULL) { - GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, GOST_R_NO_MEMORY); - return NULL; - } - s->s = getbnfrombuf(sig, siglen / 2); - s->r = getbnfrombuf(sig + siglen / 2, siglen / 2); - return s; -} - -/* Convert little-endian byte array into bignum */ -BIGNUM *hashsum2bn(const unsigned char *dgst) -{ - unsigned char buf[32]; - int i; - for (i = 0; i < 32; i++) { - buf[31 - i] = dgst[i]; - } - return getbnfrombuf(buf, 32); -} - -/* Convert byte buffer to bignum, skipping leading zeros*/ -BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len) -{ - while (*buf == 0 && len > 0) { - buf++; - len--; - } - if (len) { - return BN_bin2bn(buf, len, NULL); - } else { - BIGNUM *b = BN_new(); - BN_zero(b); - return b; - } -} - -/* - * Pack bignum into byte buffer of given size, filling all leading bytes by - * zeros - */ -int store_bignum(BIGNUM *bn, unsigned char *buf, int len) -{ - int bytes = BN_num_bytes(bn); - if (bytes > len) - return 0; - memset(buf, 0, len); - BN_bn2bin(bn, buf + len - bytes); - return 1; -} diff --git a/engines/ccgost/gosthash.c b/engines/ccgost/gosthash.c deleted file mode 100644 index 72faa24ed560..000000000000 --- a/engines/ccgost/gosthash.c +++ /dev/null @@ -1,268 +0,0 @@ -/********************************************************************** - * gosthash.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Implementation of GOST R 34.11-94 hash function * - * uses on gost89.c and gost89.h Doesn't need OpenSSL * - **********************************************************************/ -#include <string.h> - -#include "gost89.h" -#include "gosthash.h" - -/* - * Use OPENSSL_malloc for memory allocation if compiled with - * -DOPENSSL_BUILD, and libc malloc otherwise - */ -#ifndef MYALLOC -# ifdef OPENSSL_BUILD -# include <openssl/crypto.h> -# define MYALLOC(size) OPENSSL_malloc(size) -# define MYFREE(ptr) OPENSSL_free(ptr) -# else -# define MYALLOC(size) malloc(size) -# define MYFREE(ptr) free(ptr) -# endif -#endif -/* - * Following functions are various bit meshing routines used in GOST R - * 34.11-94 algorithms - */ -static void swap_bytes(byte * w, byte * k) -{ - int i, j; - for (i = 0; i < 4; i++) - for (j = 0; j < 8; j++) - k[i + 4 * j] = w[8 * i + j]; - -} - -/* was A_A */ -static void circle_xor8(const byte * w, byte * k) -{ - byte buf[8]; - int i; - memcpy(buf, w, 8); - memmove(k, w + 8, 24); - for (i = 0; i < 8; i++) - k[i + 24] = buf[i] ^ k[i]; -} - -/* was R_R */ -static void transform_3(byte * data) -{ - unsigned short int acc; - acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) | - ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8); - memmove(data, data + 2, 30); - data[30] = acc & 0xff; - data[31] = acc >> 8; -} - -/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/ -static int add_blocks(int n, byte * left, const byte * right) -{ - int i; - int carry = 0; - int sum; - for (i = 0; i < n; i++) { - sum = (int)left[i] + (int)right[i] + carry; - left[i] = sum & 0xff; - carry = sum >> 8; - } - return carry; -} - -/* Xor two sequences of bytes */ -static void xor_blocks(byte * result, const byte * a, const byte * b, - size_t len) -{ - size_t i; - for (i = 0; i < len; i++) - result[i] = a[i] ^ b[i]; -} - -/* - * Calculate H(i+1) = Hash(Hi,Mi) - * Where H and M are 32 bytes long - */ -static int hash_step(gost_ctx * c, byte * H, const byte * M) -{ - byte U[32], W[32], V[32], S[32], Key[32]; - int i; - /* Compute first key */ - xor_blocks(W, H, M, 32); - swap_bytes(W, Key); - /* Encrypt first 8 bytes of H with first key */ - gost_enc_with_key(c, Key, H, S); - /* Compute second key */ - circle_xor8(H, U); - circle_xor8(M, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* encrypt second 8 bytes of H with second key */ - gost_enc_with_key(c, Key, H + 8, S + 8); - /* compute third key */ - circle_xor8(U, U); - U[31] = ~U[31]; - U[29] = ~U[29]; - U[28] = ~U[28]; - U[24] = ~U[24]; - U[23] = ~U[23]; - U[20] = ~U[20]; - U[18] = ~U[18]; - U[17] = ~U[17]; - U[14] = ~U[14]; - U[12] = ~U[12]; - U[10] = ~U[10]; - U[8] = ~U[8]; - U[7] = ~U[7]; - U[5] = ~U[5]; - U[3] = ~U[3]; - U[1] = ~U[1]; - circle_xor8(V, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* encrypt third 8 bytes of H with third key */ - gost_enc_with_key(c, Key, H + 16, S + 16); - /* Compute fourth key */ - circle_xor8(U, U); - circle_xor8(V, V); - circle_xor8(V, V); - xor_blocks(W, U, V, 32); - swap_bytes(W, Key); - /* Encrypt last 8 bytes with fourth key */ - gost_enc_with_key(c, Key, H + 24, S + 24); - for (i = 0; i < 12; i++) - transform_3(S); - xor_blocks(S, S, M, 32); - transform_3(S); - xor_blocks(S, S, H, 32); - for (i = 0; i < 61; i++) - transform_3(S); - memcpy(H, S, 32); - return 1; -} - -/* - * Initialize gost_hash ctx - cleans up temporary structures and set up - * substitution blocks - */ -int init_gost_hash_ctx(gost_hash_ctx * ctx, - const gost_subst_block * subst_block) -{ - memset(ctx, 0, sizeof(gost_hash_ctx)); - ctx->cipher_ctx = (gost_ctx *) MYALLOC(sizeof(gost_ctx)); - if (!ctx->cipher_ctx) { - return 0; - } - gost_init(ctx->cipher_ctx, subst_block); - return 1; -} - -/* - * Free cipher CTX if it is dynamically allocated. Do not use - * if cipher ctx is statically allocated as in OpenSSL implementation of - * GOST hash algroritm - * - */ -void done_gost_hash_ctx(gost_hash_ctx * ctx) -{ - /* - * No need to use gost_destroy, because cipher keys are not really secret - * when hashing - */ - MYFREE(ctx->cipher_ctx); -} - -/* - * reset state of hash context to begin hashing new message - */ -int start_hash(gost_hash_ctx * ctx) -{ - if (!ctx->cipher_ctx) - return 0; - memset(&(ctx->H), 0, 32); - memset(&(ctx->S), 0, 32); - ctx->len = 0L; - ctx->left = 0; - return 1; -} - -/* - * Hash block of arbitrary length - * - * - */ -int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length) -{ - if (ctx->left) { - /* - * There are some bytes from previous step - */ - unsigned int add_bytes = 32 - ctx->left; - if (add_bytes > length) { - add_bytes = length; - } - memcpy(&(ctx->remainder[ctx->left]), block, add_bytes); - ctx->left += add_bytes; - if (ctx->left < 32) { - return 1; - } - block += add_bytes; - length -= add_bytes; - hash_step(ctx->cipher_ctx, ctx->H, ctx->remainder); - add_blocks(32, ctx->S, ctx->remainder); - ctx->len += 32; - ctx->left = 0; - } - while (length >= 32) { - hash_step(ctx->cipher_ctx, ctx->H, block); - - add_blocks(32, ctx->S, block); - ctx->len += 32; - block += 32; - length -= 32; - } - if (length) { - memcpy(ctx->remainder, block, ctx->left = length); - } - return 1; -} - -/* - * Compute hash value from current state of ctx - * state of hash ctx becomes invalid and cannot be used for further - * hashing. - */ -int finish_hash(gost_hash_ctx * ctx, byte * hashval) -{ - byte buf[32]; - byte H[32]; - byte S[32]; - ghosthash_len fin_len = ctx->len; - byte *bptr; - memcpy(H, ctx->H, 32); - memcpy(S, ctx->S, 32); - if (ctx->left) { - memset(buf, 0, 32); - memcpy(buf, ctx->remainder, ctx->left); - hash_step(ctx->cipher_ctx, H, buf); - add_blocks(32, S, buf); - fin_len += ctx->left; - } - memset(buf, 0, 32); - bptr = buf; - fin_len <<= 3; /* Hash length in BITS!! */ - while (fin_len > 0) { - *(bptr++) = (byte) (fin_len & 0xFF); - fin_len >>= 8; - }; - hash_step(ctx->cipher_ctx, H, buf); - hash_step(ctx->cipher_ctx, H, S); - memcpy(hashval, H, 32); - return 1; -} diff --git a/engines/ccgost/gosthash.h b/engines/ccgost/gosthash.h deleted file mode 100644 index 003e668e0b15..000000000000 --- a/engines/ccgost/gosthash.h +++ /dev/null @@ -1,52 +0,0 @@ -/********************************************************************** - * gosthash.h * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Declaration of GOST R 34.11-94 hash functions * - * uses and gost89.h Doesn't need OpenSSL * - **********************************************************************/ -#ifndef GOSTHASH_H -# define GOSTHASH_H -# include "gost89.h" -# include <stdlib.h> - -# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) -typedef __int64 ghosthash_len; -# elif defined(__arch64__) -typedef long ghosthash_len; -# else -typedef long long ghosthash_len; -# endif - -typedef struct gost_hash_ctx { - ghosthash_len len; - gost_ctx *cipher_ctx; - int left; - byte H[32]; - byte S[32]; - byte remainder[32]; -} gost_hash_ctx; - -/* Initalizes gost hash ctx, including creation of gost cipher ctx */ - -int init_gost_hash_ctx(gost_hash_ctx * ctx, - const gost_subst_block * subst_block); -void done_gost_hash_ctx(gost_hash_ctx * ctx); - -/* - * Cleans up all fields, except cipher ctx preparing ctx for computing of new - * hash value - */ -int start_hash(gost_hash_ctx * ctx); - -/* Hashes block of data */ -int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length); - -/* - * Finalizes computation of hash and fills buffer (which should be at least - * 32 bytes long) with value of computed hash. - */ -int finish_hash(gost_hash_ctx * ctx, byte * hashval); - -#endif diff --git a/engines/ccgost/gostsum.c b/engines/ccgost/gostsum.c deleted file mode 100644 index 1021848ef72c..000000000000 --- a/engines/ccgost/gostsum.c +++ /dev/null @@ -1,187 +0,0 @@ -/********************************************************************** - * gostsum.c * - * Copyright (c) 2005-2006 Cryptocom LTD * - * This file is distributed under the same license as OpenSSL * - * * - * Almost drop-in replacement for md5sum and sha1sum * - * which computes GOST R 34.11-94 hashsum instead * - * * - **********************************************************************/ -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> -#include <limits.h> -#include <fcntl.h> -#include <string.h> -#include "gosthash.h" -#define BUF_SIZE 262144 -int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode); -int hash_stream(gost_hash_ctx * ctx, int fd, char *sum); -int get_line(FILE *f, char *hash, char *filename); -void help() -{ - fprintf(stderr, "gostsum [-bvt] [-c [file]]| [files]\n" - "\t-c check message digests (default is generate)\n" - "\t-v verbose, print file names when checking\n" - "\t-b read files in binary mode\n" - "\t-t use test GOST paramset (default is CryptoPro paramset)\n" - "The input for -c should be the list of message digests and file names\n" - "that is printed on stdout by this program when it generates digests.\n"); - exit(3); -} - -#ifndef O_BINARY -# define O_BINARY 0 -#endif - -int main(int argc, char **argv) -{ - int c, i; - int verbose = 0; - int errors = 0; - int open_mode = O_RDONLY; - gost_subst_block *b = &GostR3411_94_CryptoProParamSet; - FILE *check_file = NULL; - gost_hash_ctx ctx; - - while ((c = getopt(argc, argv, "bc::tv")) != -1) { - switch (c) { - case 'v': - verbose = 1; - break; - case 't': - b = &GostR3411_94_TestParamSet; - break; - case 'b': - open_mode |= O_BINARY; - break; - case 'c': - if (optarg) { - check_file = fopen(optarg, "r"); - if (!check_file) { - perror(optarg); - exit(2); - } - } else { - check_file = stdin; - } - break; - default: - fprintf(stderr, "invalid option %c", optopt); - help(); - } - } - init_gost_hash_ctx(&ctx, b); - if (check_file) { - char inhash[65], calcsum[65], filename[PATH_MAX]; - int failcount = 0, count = 0;; - if (check_file == stdin && optind < argc) { - check_file = fopen(argv[optind], "r"); - if (!check_file) { - perror(argv[optind]); - exit(2); - } - } - while (get_line(check_file, inhash, filename)) { - if (!hash_file(&ctx, filename, calcsum, open_mode)) { - exit(2); - } - count++; - if (!strncmp(calcsum, inhash, 65)) { - if (verbose) { - fprintf(stderr, "%s\tOK\n", filename); - } - } else { - if (verbose) { - fprintf(stderr, "%s\tFAILED\n", filename); - } else { - fprintf(stderr, - "%s: GOST hash sum check failed for '%s'\n", - argv[0], filename); - } - failcount++; - } - } - if (verbose && failcount) { - fprintf(stderr, - "%s: %d of %d file(f) failed GOST hash sum check\n", - argv[0], failcount, count); - } - exit(failcount ? 1 : 0); - } - if (optind == argc) { - char sum[65]; - if (!hash_stream(&ctx, fileno(stdin), sum)) { - perror("stdin"); - exit(1); - } - printf("%s -\n", sum); - exit(0); - } - for (i = optind; i < argc; i++) { - char sum[65]; - if (!hash_file(&ctx, argv[i], sum, open_mode)) { - errors++; - } else { - printf("%s %s\n", sum, argv[i]); - } - } - exit(errors ? 1 : 0); -} - -int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode) -{ - int fd; - if ((fd = open(filename, mode)) < 0) { - perror(filename); - return 0; - } - if (!hash_stream(ctx, fd, sum)) { - perror(filename); - return 0; - } - close(fd); - return 1; -} - -int hash_stream(gost_hash_ctx * ctx, int fd, char *sum) -{ - unsigned char buffer[BUF_SIZE]; - ssize_t bytes; - int i; - start_hash(ctx); - while ((bytes = read(fd, buffer, BUF_SIZE)) > 0) { - hash_block(ctx, buffer, bytes); - } - if (bytes < 0) { - return 0; - } - finish_hash(ctx, buffer); - for (i = 0; i < 32; i++) { - sprintf(sum + 2 * i, "%02x", buffer[31 - i]); - } - return 1; -} - -int get_line(FILE *f, char *hash, char *filename) -{ - int i; - if (fread(hash, 1, 64, f) < 64) - return 0; - hash[64] = 0; - for (i = 0; i < 64; i++) { - if (hash[i] < '0' || (hash[i] > '9' && hash[i] < 'A') - || (hash[i] > 'F' && hash[i] < 'a') || hash[i] > 'f') { - fprintf(stderr, "Not a hash value '%s'\n", hash); - return 0; - } - } - if (fgetc(f) != ' ') { - fprintf(stderr, "Malformed input line\n"); - return 0; - } - i = strlen(fgets(filename, PATH_MAX, f)); - while (filename[--i] == '\n' || filename[i] == '\r') - filename[i] = 0; - return 1; -} diff --git a/engines/e_4758cca.c b/engines/e_4758cca.c deleted file mode 100644 index 60ba4abcdfaf..000000000000 --- a/engines/e_4758cca.c +++ /dev/null @@ -1,960 +0,0 @@ -/* Author: Maurice Gittens <maurice@gittens.nl> */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/dso.h> -#include <openssl/x509.h> -#include <openssl/objects.h> -#include <openssl/engine.h> -#include <openssl/rand.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_4758_CCA - -# ifdef FLAT_INC -# include "hw_4758_cca.h" -# else -# include "vendor_defns/hw_4758_cca.h" -# endif - -# include "e_4758cca_err.c" - -static int ibm_4758_cca_destroy(ENGINE *e); -static int ibm_4758_cca_init(ENGINE *e); -static int ibm_4758_cca_finish(ENGINE *e); -static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, - void (*f) (void)); - -/* rsa functions */ -/* -------------*/ -# ifndef OPENSSL_NO_RSA -static int cca_rsa_pub_enc(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int cca_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, - const RSA *rsa); -static int cca_rsa_verify(int dtype, const unsigned char *m, - unsigned int m_len, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa); - -/* utility functions */ -/* ---------------------*/ -static EVP_PKEY *ibm_4758_load_privkey(ENGINE *, const char *, - UI_METHOD *ui_method, - void *callback_data); -static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *, const char *, - UI_METHOD *ui_method, - void *callback_data); - -static int getModulusAndExponent(const unsigned char *token, - long *exponentLength, - unsigned char *exponent, long *modulusLength, - long *modulusFieldLength, - unsigned char *modulus); -# endif - -/* RAND number functions */ -/* ---------------------*/ -static int cca_get_random_bytes(unsigned char *, int); -static int cca_random_status(void); - -# ifndef OPENSSL_NO_RSA -static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -# endif - -/* Function pointers for CCA verbs */ -/* -------------------------------*/ -# ifndef OPENSSL_NO_RSA -static F_KEYRECORDREAD keyRecordRead; -static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate; -static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify; -static F_PUBLICKEYEXTRACT publicKeyExtract; -static F_PKAENCRYPT pkaEncrypt; -static F_PKADECRYPT pkaDecrypt; -# endif -static F_RANDOMNUMBERGENERATE randomNumberGenerate; - -/* static variables */ -/* ----------------*/ -static const char *CCA4758_LIB_NAME = NULL; -static const char *get_CCA4758_LIB_NAME(void) -{ - if (CCA4758_LIB_NAME) - return CCA4758_LIB_NAME; - return CCA_LIB_NAME; -} - -static void free_CCA4758_LIB_NAME(void) -{ - if (CCA4758_LIB_NAME) - OPENSSL_free((void *)CCA4758_LIB_NAME); - CCA4758_LIB_NAME = NULL; -} - -static long set_CCA4758_LIB_NAME(const char *name) -{ - free_CCA4758_LIB_NAME(); - return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0); -} - -# ifndef OPENSSL_NO_RSA -static const char *n_keyRecordRead = CSNDKRR; -static const char *n_digitalSignatureGenerate = CSNDDSG; -static const char *n_digitalSignatureVerify = CSNDDSV; -static const char *n_publicKeyExtract = CSNDPKX; -static const char *n_pkaEncrypt = CSNDPKE; -static const char *n_pkaDecrypt = CSNDPKD; -# endif -static const char *n_randomNumberGenerate = CSNBRNG; - -# ifndef OPENSSL_NO_RSA -static int hndidx = -1; -# endif -static DSO *dso = NULL; - -/* openssl engine initialization structures */ -/* ----------------------------------------*/ - -# define CCA4758_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = { - {CCA4758_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the '4758cca' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -static RSA_METHOD ibm_4758_cca_rsa = { - "IBM 4758 CCA RSA method", - cca_rsa_pub_enc, - NULL, - NULL, - cca_rsa_priv_dec, - NULL, /* rsa_mod_exp, */ - NULL, /* mod_exp_mont, */ - NULL, /* init */ - NULL, /* finish */ - RSA_FLAG_SIGN_VER, /* flags */ - NULL, /* app_data */ - cca_rsa_sign, /* rsa_sign */ - cca_rsa_verify, /* rsa_verify */ - NULL /* rsa_keygen */ -}; -# endif - -static RAND_METHOD ibm_4758_cca_rand = { - /* "IBM 4758 RAND method", */ - NULL, /* seed */ - cca_get_random_bytes, /* get random bytes from the card */ - NULL, /* cleanup */ - NULL, /* add */ - cca_get_random_bytes, /* pseudo rand */ - cca_random_status, /* status */ -}; - -static const char *engine_4758_cca_id = "4758cca"; -static const char *engine_4758_cca_name = - "IBM 4758 CCA hardware engine support"; -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -/* Compatibility hack, the dynamic library uses this form in the path */ -static const char *engine_4758_cca_id_alt = "4758_cca"; -# endif - -/* engine implementation */ -/* ---------------------*/ -static int bind_helper(ENGINE *e) -{ - if (!ENGINE_set_id(e, engine_4758_cca_id) || - !ENGINE_set_name(e, engine_4758_cca_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) || -# endif - !ENGINE_set_RAND(e, &ibm_4758_cca_rand) || - !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) || - !ENGINE_set_init_function(e, ibm_4758_cca_init) || - !ENGINE_set_finish_function(e, ibm_4758_cca_finish) || - !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) || - !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) || -# endif - !ENGINE_set_cmd_defns(e, cca4758_cmd_defns)) - return 0; - /* Ensure the error handling is set up */ - ERR_load_CCA4758_strings(); - return 1; -} - -# ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_4758_cca(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_4758cca(void) -{ - ENGINE *e_4758 = engine_4758_cca(); - if (!e_4758) - return; - ENGINE_add(e_4758); - ENGINE_free(e_4758); - ERR_clear_error(); -} -# endif - -static int ibm_4758_cca_destroy(ENGINE *e) -{ - ERR_unload_CCA4758_strings(); - free_CCA4758_LIB_NAME(); - return 1; -} - -static int ibm_4758_cca_init(ENGINE *e) -{ - if (dso) { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_ALREADY_LOADED); - goto err; - } - - dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0); - if (!dso) { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE); - goto err; - } -# ifndef OPENSSL_NO_RSA - if (!(keyRecordRead = (F_KEYRECORDREAD) - DSO_bind_func(dso, n_keyRecordRead)) || - !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE) - DSO_bind_func(dso, n_randomNumberGenerate)) || - !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) - DSO_bind_func(dso, n_digitalSignatureGenerate)) || - !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY) - DSO_bind_func(dso, n_digitalSignatureVerify)) || - !(publicKeyExtract = (F_PUBLICKEYEXTRACT) - DSO_bind_func(dso, n_publicKeyExtract)) || - !(pkaEncrypt = (F_PKAENCRYPT) - DSO_bind_func(dso, n_pkaEncrypt)) || !(pkaDecrypt = (F_PKADECRYPT) - DSO_bind_func(dso, - n_pkaDecrypt))) - { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE); - goto err; - } -# else - if (!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE) - DSO_bind_func(dso, n_randomNumberGenerate))) { - CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE); - goto err; - } -# endif - -# ifndef OPENSSL_NO_RSA - hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle", - NULL, NULL, cca_ex_free); -# endif - - return 1; - err: - if (dso) - DSO_free(dso); - dso = NULL; - -# ifndef OPENSSL_NO_RSA - keyRecordRead = (F_KEYRECORDREAD) 0; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; - publicKeyExtract = (F_PUBLICKEYEXTRACT)0; - pkaEncrypt = (F_PKAENCRYPT) 0; - pkaDecrypt = (F_PKADECRYPT) 0; -# endif - randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0; - return 0; -} - -static int ibm_4758_cca_finish(ENGINE *e) -{ - free_CCA4758_LIB_NAME(); - if (!dso) { - CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_NOT_LOADED); - return 0; - } - if (!DSO_free(dso)) { - CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_UNIT_FAILURE); - return 0; - } - dso = NULL; -# ifndef OPENSSL_NO_RSA - keyRecordRead = (F_KEYRECORDREAD) 0; - randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0; - digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0; - digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0; - publicKeyExtract = (F_PUBLICKEYEXTRACT)0; - pkaEncrypt = (F_PKAENCRYPT) 0; - pkaDecrypt = (F_PKADECRYPT) 0; -# endif - randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0; - return 1; -} - -static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, - void (*f) (void)) -{ - int initialised = ((dso == NULL) ? 0 : 1); - switch (cmd) { - case CCA4758_CMD_SO_PATH: - if (p == NULL) { - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (initialised) { - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, CCA4758_R_ALREADY_LOADED); - return 0; - } - return set_CCA4758_LIB_NAME((const char *)p); - default: - break; - } - CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, - CCA4758_R_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -# ifndef OPENSSL_NO_RSA - -# define MAX_CCA_PKA_TOKEN_SIZE 2500 - -static EVP_PKEY *ibm_4758_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, - void *callback_data) -{ - RSA *rtmp = NULL; - EVP_PKEY *res = NULL; - unsigned char *keyToken = NULL; - unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE]; - long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long returnCode; - long reasonCode; - long exitDataLength = 0; - long ruleArrayLength = 0; - unsigned char exitData[8]; - unsigned char ruleArray[8]; - unsigned char keyLabel[64]; - unsigned long keyLabelLength = strlen(key_id); - unsigned char modulus[256]; - long modulusFieldLength = sizeof(modulus); - long modulusLength = 0; - unsigned char exponent[256]; - long exponentLength = sizeof(exponent); - - if (keyLabelLength > sizeof(keyLabel)) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return NULL; - } - - memset(keyLabel, ' ', sizeof(keyLabel)); - memcpy(keyLabel, key_id, keyLabelLength); - - keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long)); - if (!keyToken) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - - keyRecordRead(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, keyLabel, - &keyTokenLength, keyToken + sizeof(long)); - - if (returnCode) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - publicKeyExtract(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, &keyTokenLength, - keyToken + sizeof(long), &pubKeyTokenLength, - pubKeyToken); - - if (returnCode) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - if (!getModulusAndExponent(pubKeyToken, &exponentLength, - exponent, &modulusLength, &modulusFieldLength, - modulus)) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, - CCA4758_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - - (*(long *)keyToken) = keyTokenLength; - rtmp = RSA_new_method(e); - if (rtmp == NULL) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); - - rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); - rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); - - return res; - err: - if (keyToken) - OPENSSL_free(keyToken); - return NULL; -} - -static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, - void *callback_data) -{ - RSA *rtmp = NULL; - EVP_PKEY *res = NULL; - unsigned char *keyToken = NULL; - long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; - long returnCode; - long reasonCode; - long exitDataLength = 0; - long ruleArrayLength = 0; - unsigned char exitData[8]; - unsigned char ruleArray[8]; - unsigned char keyLabel[64]; - unsigned long keyLabelLength = strlen(key_id); - unsigned char modulus[512]; - long modulusFieldLength = sizeof(modulus); - long modulusLength = 0; - unsigned char exponent[512]; - long exponentLength = sizeof(exponent); - - if (keyLabelLength > sizeof(keyLabel)) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return NULL; - } - - memset(keyLabel, ' ', sizeof(keyLabel)); - memcpy(keyLabel, key_id, keyLabelLength); - - keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long)); - if (!keyToken) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - - keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength, - keyToken + sizeof(long)); - - if (returnCode) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!getModulusAndExponent(keyToken + sizeof(long), &exponentLength, - exponent, &modulusLength, &modulusFieldLength, - modulus)) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, - CCA4758_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - - (*(long *)keyToken) = keyTokenLength; - rtmp = RSA_new_method(e); - if (rtmp == NULL) { - CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - RSA_set_ex_data(rtmp, hndidx, (char *)keyToken); - rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); - rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); - rtmp->flags |= RSA_FLAG_EXT_PKEY; - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rtmp); - - return res; - err: - if (keyToken) - OPENSSL_free(keyToken); - return NULL; -} - -static int cca_rsa_pub_enc(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - long returnCode; - long reasonCode; - long lflen = flen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.2"; - long dataStructureLength = 0; - unsigned char dataStructure[8]; - long outputLength = RSA_size(rsa); - long keyTokenLength; - unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx); - - keyTokenLength = *(long *)keyToken; - keyToken += sizeof(long); - - pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from, - &dataStructureLength, dataStructure, &keyTokenLength, - keyToken, &outputLength, to); - - if (returnCode || reasonCode) - return -(returnCode << 16 | reasonCode); - return outputLength; -} - -static int cca_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - long returnCode; - long reasonCode; - long lflen = flen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.2"; - long dataStructureLength = 0; - unsigned char dataStructure[8]; - long outputLength = RSA_size(rsa); - long keyTokenLength; - unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx); - - keyTokenLength = *(long *)keyToken; - keyToken += sizeof(long); - - pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData, - &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from, - &dataStructureLength, dataStructure, &keyTokenLength, - keyToken, &outputLength, to); - - return (returnCode | reasonCode) ? 0 : 1; -} - -# define SSL_SIG_LEN 36 - -static int cca_rsa_verify(int type, const unsigned char *m, - unsigned int m_len, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa) -{ - long returnCode; - long reasonCode; - long lsiglen = siglen; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.1"; - long keyTokenLength; - unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx); - long length = SSL_SIG_LEN; - long keyLength; - unsigned char *hashBuffer = NULL; - X509_SIG sig; - ASN1_TYPE parameter; - X509_ALGOR algorithm; - ASN1_OCTET_STRING digest; - - keyTokenLength = *(long *)keyToken; - keyToken += sizeof(long); - - if (type == NID_md5 || type == NID_sha1) { - sig.algor = &algorithm; - algorithm.algorithm = OBJ_nid2obj(type); - - if (!algorithm.algorithm) { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - if (!algorithm.algorithm->length) { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD); - return 0; - } - - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - algorithm.parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char *)m; - sig.digest->length = m_len; - - length = i2d_X509_SIG(&sig, NULL); - } - - keyLength = RSA_size(rsa); - - if (length - RSA_PKCS1_PADDING > keyLength) { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - switch (type) { - case NID_md5_sha1: - if (m_len != SSL_SIG_LEN) { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - hashBuffer = (unsigned char *)m; - length = m_len; - break; - case NID_md5: - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1); - if (!hashBuffer) { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE); - return 0; - } - - i2d_X509_SIG(&sig, &ptr); - } - break; - case NID_sha1: - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1); - if (!hashBuffer) { - CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - default: - return 0; - } - - digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, - &keyTokenLength, keyToken, &length, hashBuffer, - &lsiglen, (unsigned char *)sigbuf); - - if (type == NID_sha1 || type == NID_md5) { - OPENSSL_cleanse(hashBuffer, keyLength + 1); - OPENSSL_free(hashBuffer); - } - - return ((returnCode || reasonCode) ? 0 : 1); -} - -# define SSL_SIG_LEN 36 - -static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, - const RSA *rsa) -{ - long returnCode; - long reasonCode; - long exitDataLength = 0; - unsigned char exitData[8]; - long ruleArrayLength = 1; - unsigned char ruleArray[8] = "PKCS-1.1"; - long outputLength = 256; - long outputBitLength; - long keyTokenLength; - unsigned char *hashBuffer = NULL; - unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx); - long length = SSL_SIG_LEN; - long keyLength; - X509_SIG sig; - ASN1_TYPE parameter; - X509_ALGOR algorithm; - ASN1_OCTET_STRING digest; - - keyTokenLength = *(long *)keyToken; - keyToken += sizeof(long); - - if (type == NID_md5 || type == NID_sha1) { - sig.algor = &algorithm; - algorithm.algorithm = OBJ_nid2obj(type); - - if (!algorithm.algorithm) { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - - if (!algorithm.algorithm->length) { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD); - return 0; - } - - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - algorithm.parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char *)m; - sig.digest->length = m_len; - - length = i2d_X509_SIG(&sig, NULL); - } - - keyLength = RSA_size(rsa); - - if (length - RSA_PKCS1_PADDING > keyLength) { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - - switch (type) { - case NID_md5_sha1: - if (m_len != SSL_SIG_LEN) { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, - CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return 0; - } - hashBuffer = (unsigned char *)m; - length = m_len; - break; - case NID_md5: - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1); - if (!hashBuffer) { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - case NID_sha1: - { - unsigned char *ptr; - ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1); - if (!hashBuffer) { - CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE); - return 0; - } - i2d_X509_SIG(&sig, &ptr); - } - break; - default: - return 0; - } - - digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength, - exitData, &ruleArrayLength, ruleArray, - &keyTokenLength, keyToken, &length, hashBuffer, - &outputLength, &outputBitLength, sigret); - - if (type == NID_sha1 || type == NID_md5) { - OPENSSL_cleanse(hashBuffer, keyLength + 1); - OPENSSL_free(hashBuffer); - } - - *siglen = outputLength; - - return ((returnCode || reasonCode) ? 0 : 1); -} - -static int getModulusAndExponent(const unsigned char *token, - long *exponentLength, - unsigned char *exponent, long *modulusLength, - long *modulusFieldLength, - unsigned char *modulus) -{ - unsigned long len; - - if (*token++ != (char)0x1E) /* internal PKA token? */ - return 0; - - if (*token++) /* token version must be zero */ - return 0; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - token += 4; /* skip reserved bytes */ - - if (*token++ == (char)0x04) { - if (*token++) /* token version must be zero */ - return 0; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - token += 2; /* skip reserved section */ - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *exponentLength = len; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *modulusLength = len; - - len = *token++; - len = len << 8; - len |= (unsigned char)*token++; - - *modulusFieldLength = len; - - memcpy(exponent, token, *exponentLength); - token += *exponentLength; - - memcpy(modulus, token, *modulusFieldLength); - return 1; - } - return 0; -} - -# endif /* OPENSSL_NO_RSA */ - -static int cca_random_status(void) -{ - return 1; -} - -static int cca_get_random_bytes(unsigned char *buf, int num) -{ - long ret_code; - long reason_code; - long exit_data_length; - unsigned char exit_data[4]; - unsigned char form[] = "RANDOM "; - unsigned char rand_buf[8]; - - while (num >= (int)sizeof(rand_buf)) { - randomNumberGenerate(&ret_code, &reason_code, &exit_data_length, - exit_data, form, rand_buf); - if (ret_code) - return 0; - num -= sizeof(rand_buf); - memcpy(buf, rand_buf, sizeof(rand_buf)); - buf += sizeof(rand_buf); - } - - if (num) { - randomNumberGenerate(&ret_code, &reason_code, NULL, NULL, - form, rand_buf); - if (ret_code) - return 0; - memcpy(buf, rand_buf, num); - } - - return 1; -} - -# ifndef OPENSSL_NO_RSA -static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx, - long argl, void *argp) -{ - if (item) - OPENSSL_free(item); -} -# endif - -/* Goo to handle building as a dynamic engine */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_4758_cca_id) != 0) && - (strcmp(id, engine_4758_cca_id_alt) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -# endif /* !OPENSSL_NO_HW_4758_CCA */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_4758cca_err.c b/engines/e_4758cca_err.c deleted file mode 100644 index aed7199759fd..000000000000 --- a/engines/e_4758cca_err.c +++ /dev/null @@ -1,153 +0,0 @@ -/* e_4758cca_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_4758cca_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA CCA4758_str_functs[] = { - {ERR_FUNC(CCA4758_F_CCA_RSA_SIGN), "CCA_RSA_SIGN"}, - {ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY), "CCA_RSA_VERIFY"}, - {ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL), "IBM_4758_CCA_CTRL"}, - {ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH), "IBM_4758_CCA_FINISH"}, - {ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT), "IBM_4758_CCA_INIT"}, - {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY), "IBM_4758_LOAD_PRIVKEY"}, - {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY), "IBM_4758_LOAD_PUBKEY"}, - {0, NULL} -}; - -static ERR_STRING_DATA CCA4758_str_reasons[] = { - {ERR_REASON(CCA4758_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD), - "asn1 oid unknown for md"}, - {ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED), - "command not implemented"}, - {ERR_REASON(CCA4758_R_DSO_FAILURE), "dso failure"}, - {ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY), - "failed loading private key"}, - {ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY), - "failed loading public key"}, - {ERR_REASON(CCA4758_R_NOT_LOADED), "not loaded"}, - {ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL), - "size too large or too small"}, - {ERR_REASON(CCA4758_R_UNIT_FAILURE), "unit failure"}, - {ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"}, - {0, NULL} -}; - -#endif - -#ifdef CCA4758_LIB_NAME -static ERR_STRING_DATA CCA4758_lib_name[] = { - {0, CCA4758_LIB_NAME}, - {0, NULL} -}; -#endif - -static int CCA4758_lib_error_code = 0; -static int CCA4758_error_init = 1; - -static void ERR_load_CCA4758_strings(void) -{ - if (CCA4758_lib_error_code == 0) - CCA4758_lib_error_code = ERR_get_next_error_library(); - - if (CCA4758_error_init) { - CCA4758_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_functs); - ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_reasons); -#endif - -#ifdef CCA4758_LIB_NAME - CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code, 0, 0); - ERR_load_strings(0, CCA4758_lib_name); -#endif - } -} - -static void ERR_unload_CCA4758_strings(void) -{ - if (CCA4758_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_functs); - ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_reasons); -#endif - -#ifdef CCA4758_LIB_NAME - ERR_unload_strings(0, CCA4758_lib_name); -#endif - CCA4758_error_init = 1; - } -} - -static void ERR_CCA4758_error(int function, int reason, char *file, int line) -{ - if (CCA4758_lib_error_code == 0) - CCA4758_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(CCA4758_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_4758cca_err.h b/engines/e_4758cca_err.h deleted file mode 100644 index 2f29d96fb7e2..000000000000 --- a/engines/e_4758cca_err.h +++ /dev/null @@ -1,98 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_CCA4758_ERR_H -# define HEADER_CCA4758_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_CCA4758_strings(void); -static void ERR_unload_CCA4758_strings(void); -static void ERR_CCA4758_error(int function, int reason, char *file, int line); -# define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the CCA4758 functions. */ - -/* Function codes. */ -# define CCA4758_F_CCA_RSA_SIGN 105 -# define CCA4758_F_CCA_RSA_VERIFY 106 -# define CCA4758_F_IBM_4758_CCA_CTRL 100 -# define CCA4758_F_IBM_4758_CCA_FINISH 101 -# define CCA4758_F_IBM_4758_CCA_INIT 102 -# define CCA4758_F_IBM_4758_LOAD_PRIVKEY 103 -# define CCA4758_F_IBM_4758_LOAD_PUBKEY 104 - -/* Reason codes. */ -# define CCA4758_R_ALREADY_LOADED 100 -# define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD 101 -# define CCA4758_R_COMMAND_NOT_IMPLEMENTED 102 -# define CCA4758_R_DSO_FAILURE 103 -# define CCA4758_R_FAILED_LOADING_PRIVATE_KEY 104 -# define CCA4758_R_FAILED_LOADING_PUBLIC_KEY 105 -# define CCA4758_R_NOT_LOADED 106 -# define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107 -# define CCA4758_R_UNIT_FAILURE 108 -# define CCA4758_R_UNKNOWN_ALGORITHM_TYPE 109 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_aep.c b/engines/e_aep.c deleted file mode 100644 index 4e97d29497e7..000000000000 --- a/engines/e_aep.c +++ /dev/null @@ -1,1167 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <openssl/bn.h> -#include <string.h> - -#include <openssl/e_os2.h> -#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) || defined(__MINGW32__) -# include <sys/types.h> -# include <unistd.h> -#else -# include <process.h> -typedef int pid_t; -#endif - -#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB) -# define getpid GetThreadID -extern int GetThreadID(void); -#elif defined(_WIN32) && !defined(__WATCOMC__) -# define getpid _getpid -#endif - -#include <openssl/crypto.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#include <openssl/buffer.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_AEP -# ifdef FLAT_INC -# include "aep.h" -# else -# include "vendor_defns/aep.h" -# endif - -# define AEP_LIB_NAME "aep engine" -# define FAIL_TO_SW 0x10101010 - -# include "e_aep_err.c" - -static int aep_init(ENGINE *e); -static int aep_finish(ENGINE *e); -static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); -static int aep_destroy(ENGINE *e); - -static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection); -static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection); -static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection); -static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use); - -/* BIGNUM stuff */ -# ifndef OPENSSL_NO_RSA -static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, - const BIGNUM *dmq1, const BIGNUM *iqmp, - BN_CTX *ctx); -# endif - -/* RSA stuff */ -# ifndef OPENSSL_NO_RSA -static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); -# endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -# ifndef OPENSSL_NO_RSA -static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -# endif - -/* DSA stuff */ -# ifndef OPENSSL_NO_DSA -static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); - -static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -/* DH stuff */ -/* This function is aliased to mod_exp (with the DH and mont dropped). */ -# ifndef OPENSSL_NO_DH -static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -/* rand stuff */ -# ifdef AEPRAND -static int aep_rand(unsigned char *buf, int num); -static int aep_rand_status(void); -# endif - -/* Bignum conversion stuff */ -static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize); -static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize, - unsigned char *AEP_BigNum); -static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize, - unsigned char *AEP_BigNum); - -/* The definitions for control commands specific to this engine */ -# define AEP_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN aep_cmd_defns[] = { - {AEP_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'aep' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD aep_rsa = { - "Aep RSA method", - NULL, /* rsa_pub_encrypt */ - NULL, /* rsa_pub_decrypt */ - NULL, /* rsa_priv_encrypt */ - NULL, /* rsa_priv_encrypt */ - aep_rsa_mod_exp, /* rsa_mod_exp */ - aep_mod_exp_mont, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - NULL, /* rsa_sign */ - NULL, /* rsa_verify */ - NULL /* rsa_keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD aep_dsa = { - "Aep DSA method", - NULL, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - NULL, /* dsa_do_verify */ - aep_dsa_mod_exp, /* dsa_mod_exp */ - aep_mod_exp_dsa, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - NULL, /* dsa_paramgen */ - NULL /* dsa_keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD aep_dh = { - "Aep DH method", - NULL, - NULL, - aep_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL -}; -# endif - -# ifdef AEPRAND -/* our internal RAND_method that we provide pointers to */ -static RAND_METHOD aep_random = { - /* - * "AEP RAND method", - */ - NULL, - aep_rand, - NULL, - NULL, - aep_rand, - aep_rand_status, -}; -# endif - -/* - * Define an array of structures to hold connections - */ -static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS]; - -/* - * Used to determine if this is a new process - */ -static pid_t recorded_pid = 0; - -# ifdef AEPRAND -static AEP_U8 rand_block[RAND_BLK_SIZE]; -static AEP_U32 rand_block_bytes = 0; -# endif - -/* Constants used when creating the ENGINE */ -static const char *engine_aep_id = "aep"; -static const char *engine_aep_name = "Aep hardware engine support"; - -static int max_key_len = 2176; - -/* - * This internal function is used by ENGINE_aep() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_aep(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -# endif -# ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -# endif - - if (!ENGINE_set_id(e, engine_aep_id) || - !ENGINE_set_name(e, engine_aep_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &aep_rsa) || -# endif -# ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &aep_dsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &aep_dh) || -# endif -# ifdef AEPRAND - !ENGINE_set_RAND(e, &aep_random) || -# endif - !ENGINE_set_init_function(e, aep_init) || - !ENGINE_set_destroy_function(e, aep_destroy) || - !ENGINE_set_finish_function(e, aep_finish) || - !ENGINE_set_ctrl_function(e, aep_ctrl) || - !ENGINE_set_cmd_defns(e, aep_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * aep-specific mod_exp and mod_exp_crt so we use those functions. NB: We - * don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -# endif - -# ifndef OPENSSL_NO_DSA - /* - * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits. - */ - meth2 = DSA_OpenSSL(); - aep_dsa.dsa_do_sign = meth2->dsa_do_sign; - aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup; - aep_dsa.dsa_do_verify = meth2->dsa_do_verify; - - aep_dsa = *DSA_get_default_method(); - aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; - aep_dsa.bn_mod_exp = aep_mod_exp_dsa; -# endif - -# ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - aep_dh.generate_key = meth3->generate_key; - aep_dh.compute_key = meth3->compute_key; - aep_dh.bn_mod_exp = meth3->bn_mod_exp; -# endif - - /* Ensure the aep error handling is set up */ - ERR_load_AEPHK_strings(); - - return 1; -} - -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_helper(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_aep_id) != 0)) - return 0; - if (!bind_aep(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) -# else -static ENGINE *engine_aep(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_aep(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_aep(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_aep(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This is a process-global DSO handle used for loading and unloading the Aep - * library. NB: This is only set (or unset) during an init() or finish() call - * (reference counts permitting) and they're operating with global locks, so - * this should be thread-safe implicitly. - */ -static DSO *aep_dso = NULL; - -/* - * These are the static string constants for the DSO file name and the - * function symbol names to bind to. - */ -static const char *AEP_LIBNAME = NULL; -static const char *get_AEP_LIBNAME(void) -{ - if (AEP_LIBNAME) - return AEP_LIBNAME; - return "aep"; -} - -static void free_AEP_LIBNAME(void) -{ - if (AEP_LIBNAME) - OPENSSL_free((void *)AEP_LIBNAME); - AEP_LIBNAME = NULL; -} - -static long set_AEP_LIBNAME(const char *name) -{ - free_AEP_LIBNAME(); - return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0); -} - -static const char *AEP_F1 = "AEP_ModExp"; -static const char *AEP_F2 = "AEP_ModExpCrt"; -# ifdef AEPRAND -static const char *AEP_F3 = "AEP_GenRandom"; -# endif -static const char *AEP_F4 = "AEP_Finalize"; -static const char *AEP_F5 = "AEP_Initialize"; -static const char *AEP_F6 = "AEP_OpenConnection"; -static const char *AEP_F7 = "AEP_SetBNCallBacks"; -static const char *AEP_F8 = "AEP_CloseConnection"; - -/* - * These are the function pointers that are (un)set when the library has - * successfully (un)loaded. - */ -static t_AEP_OpenConnection *p_AEP_OpenConnection = NULL; -static t_AEP_CloseConnection *p_AEP_CloseConnection = NULL; -static t_AEP_ModExp *p_AEP_ModExp = NULL; -static t_AEP_ModExpCrt *p_AEP_ModExpCrt = NULL; -# ifdef AEPRAND -static t_AEP_GenRandom *p_AEP_GenRandom = NULL; -# endif -static t_AEP_Initialize *p_AEP_Initialize = NULL; -static t_AEP_Finalize *p_AEP_Finalize = NULL; -static t_AEP_SetBNCallBacks *p_AEP_SetBNCallBacks = NULL; - -/* (de)initialisation functions. */ -static int aep_init(ENGINE *e) -{ - t_AEP_ModExp *p1; - t_AEP_ModExpCrt *p2; -# ifdef AEPRAND - t_AEP_GenRandom *p3; -# endif - t_AEP_Finalize *p4; - t_AEP_Initialize *p5; - t_AEP_OpenConnection *p6; - t_AEP_SetBNCallBacks *p7; - t_AEP_CloseConnection *p8; - - int to_return = 0; - - if (aep_dso != NULL) { - AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libaep.so. */ - - aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0); - - if (aep_dso == NULL) { - AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED); - goto err; - } - - if (!(p1 = (t_AEP_ModExp *) DSO_bind_func(aep_dso, AEP_F1)) || - !(p2 = (t_AEP_ModExpCrt *) DSO_bind_func(aep_dso, AEP_F2)) || -# ifdef AEPRAND - !(p3 = (t_AEP_GenRandom *) DSO_bind_func(aep_dso, AEP_F3)) || -# endif - !(p4 = (t_AEP_Finalize *) DSO_bind_func(aep_dso, AEP_F4)) || - !(p5 = (t_AEP_Initialize *) DSO_bind_func(aep_dso, AEP_F5)) || - !(p6 = (t_AEP_OpenConnection *) DSO_bind_func(aep_dso, AEP_F6)) || - !(p7 = (t_AEP_SetBNCallBacks *) DSO_bind_func(aep_dso, AEP_F7)) || - !(p8 = (t_AEP_CloseConnection *) DSO_bind_func(aep_dso, AEP_F8))) { - AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED); - goto err; - } - - /* Copy the pointers */ - - p_AEP_ModExp = p1; - p_AEP_ModExpCrt = p2; -# ifdef AEPRAND - p_AEP_GenRandom = p3; -# endif - p_AEP_Finalize = p4; - p_AEP_Initialize = p5; - p_AEP_OpenConnection = p6; - p_AEP_SetBNCallBacks = p7; - p_AEP_CloseConnection = p8; - - to_return = 1; - - return to_return; - - err: - - if (aep_dso) - DSO_free(aep_dso); - aep_dso = NULL; - - p_AEP_OpenConnection = NULL; - p_AEP_ModExp = NULL; - p_AEP_ModExpCrt = NULL; -# ifdef AEPRAND - p_AEP_GenRandom = NULL; -# endif - p_AEP_Initialize = NULL; - p_AEP_Finalize = NULL; - p_AEP_SetBNCallBacks = NULL; - p_AEP_CloseConnection = NULL; - - return to_return; -} - -/* Destructor (complements the "ENGINE_aep()" constructor) */ -static int aep_destroy(ENGINE *e) -{ - free_AEP_LIBNAME(); - ERR_unload_AEPHK_strings(); - return 1; -} - -static int aep_finish(ENGINE *e) -{ - int to_return = 0, in_use; - AEP_RV rv; - - if (aep_dso == NULL) { - AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_NOT_LOADED); - goto err; - } - - rv = aep_close_all_connections(0, &in_use); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CLOSE_HANDLES_FAILED); - goto err; - } - if (in_use) { - AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CONNECTIONS_IN_USE); - goto err; - } - - rv = p_AEP_Finalize(); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_FINALIZE_FAILED); - goto err; - } - - if (!DSO_free(aep_dso)) { - AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_UNIT_FAILURE); - goto err; - } - - aep_dso = NULL; - p_AEP_CloseConnection = NULL; - p_AEP_OpenConnection = NULL; - p_AEP_ModExp = NULL; - p_AEP_ModExpCrt = NULL; -# ifdef AEPRAND - p_AEP_GenRandom = NULL; -# endif - p_AEP_Initialize = NULL; - p_AEP_Finalize = NULL; - p_AEP_SetBNCallBacks = NULL; - - to_return = 1; - err: - return to_return; -} - -static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int initialised = ((aep_dso == NULL) ? 0 : 1); - switch (cmd) { - case AEP_CMD_SO_PATH: - if (p == NULL) { - AEPHKerr(AEPHK_F_AEP_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (initialised) { - AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_ALREADY_LOADED); - return 0; - } - return set_AEP_LIBNAME((const char *)p); - default: - break; - } - AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - int to_return = 0; - int r_len = 0; - AEP_CONNECTION_HNDL hConnection; - AEP_RV rv; - - r_len = BN_num_bits(m); - - /* Perform in software if modulus is too large for hardware. */ - - if (r_len > max_key_len) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return BN_mod_exp(r, a, p, m, ctx); - } - - /* - * Grab a connection from the pool - */ - rv = aep_get_connection(&hConnection); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_GET_HANDLE_FAILED); - return BN_mod_exp(r, a, p, m, ctx); - } - - /* - * To the card with the mod exp - */ - rv = p_AEP_ModExp(hConnection, (void *)a, (void *)p, (void *)m, (void *)r, - NULL); - - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_MOD_EXP_FAILED); - rv = aep_close_connection(hConnection); - return BN_mod_exp(r, a, p, m, ctx); - } - - /* - * Return the connection to the pool - */ - rv = aep_return_connection(hConnection); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_RETURN_CONNECTION_FAILED); - goto err; - } - - to_return = 1; - err: - return to_return; -} - -# ifndef OPENSSL_NO_RSA -static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, - const BIGNUM *dmq1, const BIGNUM *iqmp, - BN_CTX *ctx) -{ - AEP_RV rv = AEP_R_OK; - AEP_CONNECTION_HNDL hConnection; - - /* - * Grab a connection from the pool - */ - rv = aep_get_connection(&hConnection); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_GET_HANDLE_FAILED); - return FAIL_TO_SW; - } - - /* - * To the card with the mod exp - */ - rv = p_AEP_ModExpCrt(hConnection, (void *)a, (void *)p, (void *)q, - (void *)dmp1, (void *)dmq1, (void *)iqmp, (void *)r, - NULL); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_MOD_EXP_CRT_FAILED); - rv = aep_close_connection(hConnection); - return FAIL_TO_SW; - } - - /* - * Return the connection to the pool - */ - rv = aep_return_connection(hConnection); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_RETURN_CONNECTION_FAILED); - goto err; - } - - err: - return rv; -} -# endif - -# ifdef AEPRAND -static int aep_rand(unsigned char *buf, int len) -{ - AEP_RV rv = AEP_R_OK; - AEP_CONNECTION_HNDL hConnection; - - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - - /* - * Can the request be serviced with what's already in the buffer? - */ - if (len <= rand_block_bytes) { - memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len); - rand_block_bytes -= len; - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } else - /* - * If not the get another block of random bytes - */ - { - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - - rv = aep_get_connection(&hConnection); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_HANDLE_FAILED); - goto err_nounlock; - } - - if (len > RAND_BLK_SIZE) { - rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED); - goto err_nounlock; - } - } else { - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - - rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2, - &rand_block[0], NULL); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED); - - goto err; - } - - rand_block_bytes = RAND_BLK_SIZE; - - memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len); - rand_block_bytes -= len; - - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } - - rv = aep_return_connection(hConnection); - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_RETURN_CONNECTION_FAILED); - - goto err_nounlock; - } - } - - return 1; - err: - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - err_nounlock: - return 0; -} - -static int aep_rand_status(void) -{ - return 1; -} -# endif - -# ifndef OPENSSL_NO_RSA -static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) -{ - int to_return = 0; - AEP_RV rv = AEP_R_OK; - - if (!aep_dso) { - AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_NOT_LOADED); - goto err; - } - - /* - * See if we have all the necessary bits for a crt - */ - if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) { - rv = aep_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1, - rsa->iqmp, ctx); - - if (rv == FAIL_TO_SW) { - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx); - goto err; - } else if (rv != AEP_R_OK) - goto err; - } else { - if (!rsa->d || !rsa->n) { - AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - rv = aep_mod_exp(r0, I, rsa->d, rsa->n, ctx); - if (rv != AEP_R_OK) - goto err; - - } - - to_return = 1; - - err: - return to_return; -} -# endif - -# ifndef OPENSSL_NO_DSA -static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - BN_init(&t); - - /* let rr = a1 ^ p1 mod m */ - if (!aep_mod_exp(rr, a1, p1, m, ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!aep_mod_exp(&t, a2, p2, m, ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr, rr, &t, m, ctx)) - goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; -} - -static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return aep_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_RSA -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return aep_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return aep_mod_exp(r, a, p, m, ctx); -} -# endif - -static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection) -{ - int count; - AEP_RV rv = AEP_R_OK; - - /* - * Get the current process id - */ - pid_t curr_pid; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - - curr_pid = getpid(); - - /* - * Check if this is the first time this is being called from the current - * process - */ - if (recorded_pid != curr_pid) { - /* - * Remember our pid so we can check if we're in a new process - */ - recorded_pid = curr_pid; - - /* - * Call Finalize to make sure we have not inherited some data from a - * parent process - */ - p_AEP_Finalize(); - - /* - * Initialise the AEP API - */ - rv = p_AEP_Initialize(NULL); - - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_INIT_FAILURE); - recorded_pid = 0; - goto end; - } - - /* - * Set the AEP big num call back functions - */ - rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum, - &ConvertAEPBigNum); - - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, - AEPHK_R_SETBNCALLBACK_FAILURE); - recorded_pid = 0; - goto end; - } -# ifdef AEPRAND - /* - * Reset the rand byte count - */ - rand_block_bytes = 0; -# endif - - /* - * Init the structures - */ - for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) { - aep_app_conn_table[count].conn_state = NotConnected; - aep_app_conn_table[count].conn_hndl = 0; - } - - /* - * Open a connection - */ - rv = p_AEP_OpenConnection(phConnection); - - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE); - recorded_pid = 0; - goto end; - } - - aep_app_conn_table[0].conn_state = InUse; - aep_app_conn_table[0].conn_hndl = *phConnection; - goto end; - } - /* - * Check the existing connections to see if we can find a free one - */ - for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) { - if (aep_app_conn_table[count].conn_state == Connected) { - aep_app_conn_table[count].conn_state = InUse; - *phConnection = aep_app_conn_table[count].conn_hndl; - goto end; - } - } - /* - * If no connections available, we're going to have to try to open a new - * one - */ - for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) { - if (aep_app_conn_table[count].conn_state == NotConnected) { - /* - * Open a connection - */ - rv = p_AEP_OpenConnection(phConnection); - - if (rv != AEP_R_OK) { - AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE); - goto end; - } - - aep_app_conn_table[count].conn_state = InUse; - aep_app_conn_table[count].conn_hndl = *phConnection; - goto end; - } - } - rv = AEP_R_GENERAL_ERROR; - end: - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return rv; -} - -static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection) -{ - int count; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - - /* - * Find the connection item that matches this connection handle - */ - for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) { - if (aep_app_conn_table[count].conn_hndl == hConnection) { - aep_app_conn_table[count].conn_state = Connected; - break; - } - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - - return AEP_R_OK; -} - -static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection) -{ - int count; - AEP_RV rv = AEP_R_OK; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - - /* - * Find the connection item that matches this connection handle - */ - for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) { - if (aep_app_conn_table[count].conn_hndl == hConnection) { - rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl); - if (rv != AEP_R_OK) - goto end; - aep_app_conn_table[count].conn_state = NotConnected; - aep_app_conn_table[count].conn_hndl = 0; - break; - } - } - - end: - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return rv; -} - -static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use) -{ - int count; - AEP_RV rv = AEP_R_OK; - - *in_use = 0; - if (use_engine_lock) - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) { - switch (aep_app_conn_table[count].conn_state) { - case Connected: - rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl); - if (rv != AEP_R_OK) - goto end; - aep_app_conn_table[count].conn_state = NotConnected; - aep_app_conn_table[count].conn_hndl = 0; - break; - case InUse: - (*in_use)++; - break; - case NotConnected: - break; - } - } - end: - if (use_engine_lock) - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return rv; -} - -/* - * BigNum call back functions, used to convert OpenSSL bignums into AEP - * bignums. Note only 32bit Openssl build support - */ - -static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize) -{ - BIGNUM *bn; - - /* - * Cast the ArbBigNum pointer to our BIGNUM struct - */ - bn = (BIGNUM *)ArbBigNum; - -# ifdef SIXTY_FOUR_BIT_LONG - *BigNumSize = bn->top << 3; -# else - /* - * Size of the bignum in bytes is equal to the bn->top (no of 32 bit - * words) multiplies by 4 - */ - *BigNumSize = bn->top << 2; -# endif - - return AEP_R_OK; -} - -static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize, - unsigned char *AEP_BigNum) -{ - BIGNUM *bn; - -# ifndef SIXTY_FOUR_BIT_LONG - unsigned char *buf; - int i; -# endif - - /* - * Cast the ArbBigNum pointer to our BIGNUM struct - */ - bn = (BIGNUM *)ArbBigNum; - -# ifdef SIXTY_FOUR_BIT_LONG - memcpy(AEP_BigNum, bn->d, BigNumSize); -# else - /* - * Must copy data into a (monotone) least significant byte first format - * performing endian conversion if necessary - */ - for (i = 0; i < bn->top; i++) { - buf = (unsigned char *)&bn->d[i]; - - *((AEP_U32 *)AEP_BigNum) = (AEP_U32) - ((unsigned)buf[1] << 8 | buf[0]) | - ((unsigned)buf[3] << 8 | buf[2]) << 16; - - AEP_BigNum += 4; - } -# endif - - return AEP_R_OK; -} - -/* - * Turn an AEP Big Num back to a user big num - */ -static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize, - unsigned char *AEP_BigNum) -{ - BIGNUM *bn; -# ifndef SIXTY_FOUR_BIT_LONG - int i; -# endif - - bn = (BIGNUM *)ArbBigNum; - - /* - * Expand the result bn so that it can hold our big num. Size is in bits - */ - if (bn_expand(bn, (int)(BigNumSize << 3)) == NULL) - return AEP_R_HOST_MEMORY; - -# ifdef SIXTY_FOUR_BIT_LONG - bn->top = BigNumSize >> 3; - - if ((BigNumSize & 7) != 0) - bn->top++; - - memset(bn->d, 0, bn->top << 3); - - memcpy(bn->d, AEP_BigNum, BigNumSize); -# else - bn->top = BigNumSize >> 2; - - for (i = 0; i < bn->top; i++) { - bn->d[i] = (AEP_U32) - ((unsigned)AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 | - ((unsigned)AEP_BigNum[1] << 8 | AEP_BigNum[0]); - AEP_BigNum += 4; - } -# endif - - return AEP_R_OK; -} - -# endif /* !OPENSSL_NO_HW_AEP */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_aep_err.c b/engines/e_aep_err.c deleted file mode 100644 index 718db3796480..000000000000 --- a/engines/e_aep_err.c +++ /dev/null @@ -1,159 +0,0 @@ -/* e_aep_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_aep_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA AEPHK_str_functs[] = { - {ERR_FUNC(AEPHK_F_AEP_CTRL), "AEP_CTRL"}, - {ERR_FUNC(AEPHK_F_AEP_FINISH), "AEP_FINISH"}, - {ERR_FUNC(AEPHK_F_AEP_GET_CONNECTION), "AEP_GET_CONNECTION"}, - {ERR_FUNC(AEPHK_F_AEP_INIT), "AEP_INIT"}, - {ERR_FUNC(AEPHK_F_AEP_MOD_EXP), "AEP_MOD_EXP"}, - {ERR_FUNC(AEPHK_F_AEP_MOD_EXP_CRT), "AEP_MOD_EXP_CRT"}, - {ERR_FUNC(AEPHK_F_AEP_RAND), "AEP_RAND"}, - {ERR_FUNC(AEPHK_F_AEP_RSA_MOD_EXP), "AEP_RSA_MOD_EXP"}, - {0, NULL} -}; - -static ERR_STRING_DATA AEPHK_str_reasons[] = { - {ERR_REASON(AEPHK_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(AEPHK_R_CLOSE_HANDLES_FAILED), "close handles failed"}, - {ERR_REASON(AEPHK_R_CONNECTIONS_IN_USE), "connections in use"}, - {ERR_REASON(AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(AEPHK_R_FINALIZE_FAILED), "finalize failed"}, - {ERR_REASON(AEPHK_R_GET_HANDLE_FAILED), "get handle failed"}, - {ERR_REASON(AEPHK_R_GET_RANDOM_FAILED), "get random failed"}, - {ERR_REASON(AEPHK_R_INIT_FAILURE), "init failure"}, - {ERR_REASON(AEPHK_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {ERR_REASON(AEPHK_R_MOD_EXP_CRT_FAILED), "mod exp crt failed"}, - {ERR_REASON(AEPHK_R_MOD_EXP_FAILED), "mod exp failed"}, - {ERR_REASON(AEPHK_R_NOT_LOADED), "not loaded"}, - {ERR_REASON(AEPHK_R_OK), "ok"}, - {ERR_REASON(AEPHK_R_RETURN_CONNECTION_FAILED), - "return connection failed"}, - {ERR_REASON(AEPHK_R_SETBNCALLBACK_FAILURE), "setbncallback failure"}, - {ERR_REASON(AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL), - "size too large or too small"}, - {ERR_REASON(AEPHK_R_UNIT_FAILURE), "unit failure"}, - {0, NULL} -}; - -#endif - -#ifdef AEPHK_LIB_NAME -static ERR_STRING_DATA AEPHK_lib_name[] = { - {0, AEPHK_LIB_NAME}, - {0, NULL} -}; -#endif - -static int AEPHK_lib_error_code = 0; -static int AEPHK_error_init = 1; - -static void ERR_load_AEPHK_strings(void) -{ - if (AEPHK_lib_error_code == 0) - AEPHK_lib_error_code = ERR_get_next_error_library(); - - if (AEPHK_error_init) { - AEPHK_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_functs); - ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_reasons); -#endif - -#ifdef AEPHK_LIB_NAME - AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code, 0, 0); - ERR_load_strings(0, AEPHK_lib_name); -#endif - } -} - -static void ERR_unload_AEPHK_strings(void) -{ - if (AEPHK_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_functs); - ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_reasons); -#endif - -#ifdef AEPHK_LIB_NAME - ERR_unload_strings(0, AEPHK_lib_name); -#endif - AEPHK_error_init = 1; - } -} - -static void ERR_AEPHK_error(int function, int reason, char *file, int line) -{ - if (AEPHK_lib_error_code == 0) - AEPHK_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(AEPHK_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_aep_err.h b/engines/e_aep_err.h deleted file mode 100644 index 2ed01147c2f1..000000000000 --- a/engines/e_aep_err.h +++ /dev/null @@ -1,106 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_AEPHK_ERR_H -# define HEADER_AEPHK_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_AEPHK_strings(void); -static void ERR_unload_AEPHK_strings(void); -static void ERR_AEPHK_error(int function, int reason, char *file, int line); -# define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the AEPHK functions. */ - -/* Function codes. */ -# define AEPHK_F_AEP_CTRL 100 -# define AEPHK_F_AEP_FINISH 101 -# define AEPHK_F_AEP_GET_CONNECTION 102 -# define AEPHK_F_AEP_INIT 103 -# define AEPHK_F_AEP_MOD_EXP 104 -# define AEPHK_F_AEP_MOD_EXP_CRT 105 -# define AEPHK_F_AEP_RAND 106 -# define AEPHK_F_AEP_RSA_MOD_EXP 107 - -/* Reason codes. */ -# define AEPHK_R_ALREADY_LOADED 100 -# define AEPHK_R_CLOSE_HANDLES_FAILED 101 -# define AEPHK_R_CONNECTIONS_IN_USE 102 -# define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -# define AEPHK_R_FINALIZE_FAILED 104 -# define AEPHK_R_GET_HANDLE_FAILED 105 -# define AEPHK_R_GET_RANDOM_FAILED 106 -# define AEPHK_R_INIT_FAILURE 107 -# define AEPHK_R_MISSING_KEY_COMPONENTS 108 -# define AEPHK_R_MOD_EXP_CRT_FAILED 109 -# define AEPHK_R_MOD_EXP_FAILED 110 -# define AEPHK_R_NOT_LOADED 111 -# define AEPHK_R_OK 112 -# define AEPHK_R_RETURN_CONNECTION_FAILED 113 -# define AEPHK_R_SETBNCALLBACK_FAILURE 114 -# define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL 116 -# define AEPHK_R_UNIT_FAILURE 115 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_afalg.c b/engines/e_afalg.c new file mode 100644 index 000000000000..f09c396ed923 --- /dev/null +++ b/engines/e_afalg.c @@ -0,0 +1,870 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Required for vmsplice */ +#ifndef _GNU_SOURCE +# define _GNU_SOURCE +#endif +#include <stdio.h> +#include <string.h> +#include <unistd.h> + +#include <openssl/engine.h> +#include <openssl/async.h> +#include <openssl/err.h> +#include "internal/nelem.h" + +#include <sys/socket.h> +#include <linux/version.h> +#define K_MAJ 4 +#define K_MIN1 1 +#define K_MIN2 0 +#if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \ + !defined(AF_ALG) +# ifndef PEDANTIC +# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0" +# warning "Skipping Compilation of AFALG engine" +# endif +void engine_load_afalg_int(void); +void engine_load_afalg_int(void) +{ +} +#else + +# include <linux/if_alg.h> +# include <fcntl.h> +# include <sys/utsname.h> + +# include <linux/aio_abi.h> +# include <sys/syscall.h> +# include <errno.h> + +# include "e_afalg.h" +# include "e_afalg_err.c" + +# ifndef SOL_ALG +# define SOL_ALG 279 +# endif + +# ifdef ALG_ZERO_COPY +# ifndef SPLICE_F_GIFT +# define SPLICE_F_GIFT (0x08) +# endif +# endif + +# define ALG_AES_IV_LEN 16 +# define ALG_IV_LEN(len) (sizeof(struct af_alg_iv) + (len)) +# define ALG_OP_TYPE unsigned int +# define ALG_OP_LEN (sizeof(ALG_OP_TYPE)) + +#define ALG_MAX_SALG_NAME 64 +#define ALG_MAX_SALG_TYPE 14 + +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +void engine_load_afalg_int(void); +# endif + +/* Local Linkage Functions */ +static int afalg_init_aio(afalg_aio *aio); +static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd, + unsigned char *buf, size_t len); +static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, + const char *ciphername); +static int afalg_destroy(ENGINE *e); +static int afalg_init(ENGINE *e); +static int afalg_finish(ENGINE *e); +static const EVP_CIPHER *afalg_aes_cbc(int nid); +static cbc_handles *get_cipher_handle(int nid); +static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); +static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx); +static int afalg_chk_platform(void); + +/* Engine Id and Name */ +static const char *engine_afalg_id = "afalg"; +static const char *engine_afalg_name = "AFALG engine support"; + +static int afalg_cipher_nids[] = { + NID_aes_128_cbc, + NID_aes_192_cbc, + NID_aes_256_cbc, +}; + +static cbc_handles cbc_handle[] = {{AES_KEY_SIZE_128, NULL}, + {AES_KEY_SIZE_192, NULL}, + {AES_KEY_SIZE_256, NULL}}; + +static ossl_inline int io_setup(unsigned n, aio_context_t *ctx) +{ + return syscall(__NR_io_setup, n, ctx); +} + +static ossl_inline int eventfd(int n) +{ + return syscall(__NR_eventfd2, n, 0); +} + +static ossl_inline int io_destroy(aio_context_t ctx) +{ + return syscall(__NR_io_destroy, ctx); +} + +static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb) +{ + return syscall(__NR_io_submit, ctx, n, iocb); +} + +static ossl_inline int io_getevents(aio_context_t ctx, long min, long max, + struct io_event *events, + struct timespec *timeout) +{ + return syscall(__NR_io_getevents, ctx, min, max, events, timeout); +} + +static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, + OSSL_ASYNC_FD waitfd, void *custom) +{ + close(waitfd); +} + +static int afalg_setup_async_event_notification(afalg_aio *aio) +{ + ASYNC_JOB *job; + ASYNC_WAIT_CTX *waitctx; + void *custom = NULL; + int ret; + + if ((job = ASYNC_get_current_job()) != NULL) { + /* Async mode */ + waitctx = ASYNC_get_wait_ctx(job); + if (waitctx == NULL) { + ALG_WARN("%s(%d): ASYNC_get_wait_ctx error", __FILE__, __LINE__); + return 0; + } + /* Get waitfd from ASYNC_WAIT_CTX if it is already set */ + ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id, + &aio->efd, &custom); + if (ret == 0) { + /* + * waitfd is not set in ASYNC_WAIT_CTX, create a new one + * and set it. efd will be signaled when AIO operation completes + */ + aio->efd = eventfd(0); + if (aio->efd == -1) { + ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, + __LINE__); + AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, + AFALG_R_EVENTFD_FAILED); + return 0; + } + ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id, + aio->efd, custom, + afalg_waitfd_cleanup); + if (ret == 0) { + ALG_WARN("%s(%d): Failed to set wait fd", __FILE__, __LINE__); + close(aio->efd); + return 0; + } + /* make fd non-blocking in async mode */ + if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) { + ALG_WARN("%s(%d): Failed to set event fd as NONBLOCKING", + __FILE__, __LINE__); + } + } + aio->mode = MODE_ASYNC; + } else { + /* Sync mode */ + aio->efd = eventfd(0); + if (aio->efd == -1) { + ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, __LINE__); + AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, + AFALG_R_EVENTFD_FAILED); + return 0; + } + aio->mode = MODE_SYNC; + } + return 1; +} + +static int afalg_init_aio(afalg_aio *aio) +{ + int r = -1; + + /* Initialise for AIO */ + aio->aio_ctx = 0; + r = io_setup(MAX_INFLIGHTS, &aio->aio_ctx); + if (r < 0) { + ALG_PERR("%s(%d): io_setup error : ", __FILE__, __LINE__); + AFALGerr(AFALG_F_AFALG_INIT_AIO, AFALG_R_IO_SETUP_FAILED); + return 0; + } + + memset(aio->cbt, 0, sizeof(aio->cbt)); + aio->efd = -1; + aio->mode = MODE_UNINIT; + + return 1; +} + +static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf, + size_t len) +{ + int r; + int retry = 0; + unsigned int done = 0; + struct iocb *cb; + struct timespec timeout; + struct io_event events[MAX_INFLIGHTS]; + u_int64_t eval = 0; + + timeout.tv_sec = 0; + timeout.tv_nsec = 0; + + /* if efd has not been initialised yet do it here */ + if (aio->mode == MODE_UNINIT) { + r = afalg_setup_async_event_notification(aio); + if (r == 0) + return 0; + } + + cb = &(aio->cbt[0 % MAX_INFLIGHTS]); + memset(cb, '\0', sizeof(*cb)); + cb->aio_fildes = sfd; + cb->aio_lio_opcode = IOCB_CMD_PREAD; + /* + * The pointer has to be converted to unsigned value first to avoid + * sign extension on cast to 64 bit value in 32-bit builds + */ + cb->aio_buf = (size_t)buf; + cb->aio_offset = 0; + cb->aio_data = 0; + cb->aio_nbytes = len; + cb->aio_flags = IOCB_FLAG_RESFD; + cb->aio_resfd = aio->efd; + + /* + * Perform AIO read on AFALG socket, this in turn performs an async + * crypto operation in kernel space + */ + r = io_read(aio->aio_ctx, 1, &cb); + if (r < 0) { + ALG_PWARN("%s(%d): io_read failed : ", __FILE__, __LINE__); + return 0; + } + + do { + /* While AIO read is being performed pause job */ + ASYNC_pause_job(); + + /* Check for completion of AIO read */ + r = read(aio->efd, &eval, sizeof(eval)); + if (r < 0) { + if (errno == EAGAIN || errno == EWOULDBLOCK) + continue; + ALG_PERR("%s(%d): read failed for event fd : ", __FILE__, __LINE__); + return 0; + } else if (r == 0 || eval <= 0) { + ALG_WARN("%s(%d): eventfd read %d bytes, eval = %lu\n", __FILE__, + __LINE__, r, eval); + } + if (eval > 0) { + + /* Get results of AIO read */ + r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS, + events, &timeout); + if (r > 0) { + /* + * events.res indicates the actual status of the operation. + * Handle the error condition first. + */ + if (events[0].res < 0) { + /* + * Underlying operation cannot be completed at the time + * of previous submission. Resubmit for the operation. + */ + if (events[0].res == -EBUSY && retry++ < 3) { + r = io_read(aio->aio_ctx, 1, &cb); + if (r < 0) { + ALG_PERR("%s(%d): retry %d for io_read failed : ", + __FILE__, __LINE__, retry); + return 0; + } + continue; + } else { + /* + * Retries exceed for -EBUSY or unrecoverable error + * condition for this instance of operation. + */ + ALG_WARN + ("%s(%d): Crypto Operation failed with code %lld\n", + __FILE__, __LINE__, events[0].res); + return 0; + } + } + /* Operation successful. */ + done = 1; + } else if (r < 0) { + ALG_PERR("%s(%d): io_getevents failed : ", __FILE__, __LINE__); + return 0; + } else { + ALG_WARN("%s(%d): io_geteventd read 0 bytes\n", __FILE__, + __LINE__); + } + } + } while (!done); + + return 1; +} + +static ossl_inline void afalg_set_op_sk(struct cmsghdr *cmsg, + const ALG_OP_TYPE op) +{ + cmsg->cmsg_level = SOL_ALG; + cmsg->cmsg_type = ALG_SET_OP; + cmsg->cmsg_len = CMSG_LEN(ALG_OP_LEN); + memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN); +} + +static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv, + const unsigned int len) +{ + struct af_alg_iv *aiv; + + cmsg->cmsg_level = SOL_ALG; + cmsg->cmsg_type = ALG_SET_IV; + cmsg->cmsg_len = CMSG_LEN(ALG_IV_LEN(len)); + aiv = (struct af_alg_iv *)CMSG_DATA(cmsg); + aiv->ivlen = len; + memcpy(aiv->iv, iv, len); +} + +static ossl_inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key, + const int klen) +{ + int ret; + ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen); + if (ret < 0) { + ALG_PERR("%s(%d): Failed to set socket option : ", __FILE__, __LINE__); + AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED); + return 0; + } + return 1; +} + +static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype, + const char *ciphername) +{ + struct sockaddr_alg sa; + int r = -1; + + actx->bfd = actx->sfd = -1; + + memset(&sa, 0, sizeof(sa)); + sa.salg_family = AF_ALG; + strncpy((char *) sa.salg_type, ciphertype, ALG_MAX_SALG_TYPE); + sa.salg_type[ALG_MAX_SALG_TYPE-1] = '\0'; + strncpy((char *) sa.salg_name, ciphername, ALG_MAX_SALG_NAME); + sa.salg_name[ALG_MAX_SALG_NAME-1] = '\0'; + + actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0); + if (actx->bfd == -1) { + ALG_PERR("%s(%d): Failed to open socket : ", __FILE__, __LINE__); + AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED); + goto err; + } + + r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa)); + if (r < 0) { + ALG_PERR("%s(%d): Failed to bind socket : ", __FILE__, __LINE__); + AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED); + goto err; + } + + actx->sfd = accept(actx->bfd, NULL, 0); + if (actx->sfd < 0) { + ALG_PERR("%s(%d): Socket Accept Failed : ", __FILE__, __LINE__); + AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED); + goto err; + } + + return 1; + + err: + if (actx->bfd >= 0) + close(actx->bfd); + if (actx->sfd >= 0) + close(actx->sfd); + actx->bfd = actx->sfd = -1; + return 0; +} + +static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in, + size_t inl, const unsigned char *iv, + unsigned int enc) +{ + struct msghdr msg = { 0 }; + struct cmsghdr *cmsg; + struct iovec iov; + ssize_t sbytes; +# ifdef ALG_ZERO_COPY + int ret; +# endif + char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)]; + + memset(cbuf, 0, sizeof(cbuf)); + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + /* + * cipher direction (i.e. encrypt or decrypt) and iv are sent to the + * kernel as part of sendmsg()'s ancillary data + */ + cmsg = CMSG_FIRSTHDR(&msg); + afalg_set_op_sk(cmsg, enc); + cmsg = CMSG_NXTHDR(&msg, cmsg); + afalg_set_iv_sk(cmsg, iv, ALG_AES_IV_LEN); + + /* iov that describes input data */ + iov.iov_base = (unsigned char *)in; + iov.iov_len = inl; + + msg.msg_flags = MSG_MORE; + +# ifdef ALG_ZERO_COPY + /* + * ZERO_COPY mode + * Works best when buffer is 4k aligned + * OPENS: out of place processing (i.e. out != in) + */ + + /* Input data is not sent as part of call to sendmsg() */ + msg.msg_iovlen = 0; + msg.msg_iov = NULL; + + /* Sendmsg() sends iv and cipher direction to the kernel */ + sbytes = sendmsg(actx->sfd, &msg, 0); + if (sbytes < 0) { + ALG_PERR("%s(%d): sendmsg failed for zero copy cipher operation : ", + __FILE__, __LINE__); + return 0; + } + + /* + * vmsplice and splice are used to pin the user space input buffer for + * kernel space processing avoiding copys from user to kernel space + */ + ret = vmsplice(actx->zc_pipe[1], &iov, 1, SPLICE_F_GIFT); + if (ret < 0) { + ALG_PERR("%s(%d): vmsplice failed : ", __FILE__, __LINE__); + return 0; + } + + ret = splice(actx->zc_pipe[0], NULL, actx->sfd, NULL, inl, 0); + if (ret < 0) { + ALG_PERR("%s(%d): splice failed : ", __FILE__, __LINE__); + return 0; + } +# else + msg.msg_iovlen = 1; + msg.msg_iov = &iov; + + /* Sendmsg() sends iv, cipher direction and input data to the kernel */ + sbytes = sendmsg(actx->sfd, &msg, 0); + if (sbytes < 0) { + ALG_PERR("%s(%d): sendmsg failed for cipher operation : ", __FILE__, + __LINE__); + return 0; + } + + if (sbytes != (ssize_t) inl) { + ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes, + inl); + return 0; + } +# endif + + return 1; +} + +static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + int ciphertype; + int ret; + afalg_ctx *actx; + char ciphername[ALG_MAX_SALG_NAME]; + + if (ctx == NULL || key == NULL) { + ALG_WARN("%s(%d): Null Parameter\n", __FILE__, __LINE__); + return 0; + } + + if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { + ALG_WARN("%s(%d): Cipher object NULL\n", __FILE__, __LINE__); + return 0; + } + + actx = EVP_CIPHER_CTX_get_cipher_data(ctx); + if (actx == NULL) { + ALG_WARN("%s(%d): Cipher data NULL\n", __FILE__, __LINE__); + return 0; + } + + ciphertype = EVP_CIPHER_CTX_nid(ctx); + switch (ciphertype) { + case NID_aes_128_cbc: + case NID_aes_192_cbc: + case NID_aes_256_cbc: + strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME); + break; + default: + ALG_WARN("%s(%d): Unsupported Cipher type %d\n", __FILE__, __LINE__, + ciphertype); + return 0; + } + ciphername[ALG_MAX_SALG_NAME-1]='\0'; + + if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) { + ALG_WARN("%s(%d): Unsupported IV length :%d\n", __FILE__, __LINE__, + EVP_CIPHER_CTX_iv_length(ctx)); + return 0; + } + + /* Setup AFALG socket for crypto processing */ + ret = afalg_create_sk(actx, "skcipher", ciphername); + if (ret < 1) + return 0; + + + ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx)); + if (ret < 1) + goto err; + + /* Setup AIO ctx to allow async AFALG crypto processing */ + if (afalg_init_aio(&actx->aio) == 0) + goto err; + +# ifdef ALG_ZERO_COPY + pipe(actx->zc_pipe); +# endif + + actx->init_done = MAGIC_INIT_NUM; + + return 1; + +err: + close(actx->sfd); + close(actx->bfd); + return 0; +} + +static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + afalg_ctx *actx; + int ret; + char nxtiv[ALG_AES_IV_LEN] = { 0 }; + + if (ctx == NULL || out == NULL || in == NULL) { + ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, + __LINE__); + return 0; + } + + actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); + if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { + ALG_WARN("%s afalg ctx passed\n", + ctx == NULL ? "NULL" : "Uninitialised"); + return 0; + } + + /* + * set iv now for decrypt operation as the input buffer can be + * overwritten for inplace operation where in = out. + */ + if (EVP_CIPHER_CTX_encrypting(ctx) == 0) { + memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN); + } + + /* Send input data to kernel space */ + ret = afalg_start_cipher_sk(actx, (unsigned char *)in, inl, + EVP_CIPHER_CTX_iv(ctx), + EVP_CIPHER_CTX_encrypting(ctx)); + if (ret < 1) { + return 0; + } + + /* Perform async crypto operation in kernel space */ + ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl); + if (ret < 1) + return 0; + + if (EVP_CIPHER_CTX_encrypting(ctx)) { + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN), + ALG_AES_IV_LEN); + } else { + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN); + } + + return 1; +} + +static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx) +{ + afalg_ctx *actx; + + if (ctx == NULL) { + ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__, + __LINE__); + return 0; + } + + actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx); + if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) { + ALG_WARN("%s afalg ctx passed\n", + ctx == NULL ? "NULL" : "Uninitialised"); + return 0; + } + + close(actx->sfd); + close(actx->bfd); +# ifdef ALG_ZERO_COPY + close(actx->zc_pipe[0]); + close(actx->zc_pipe[1]); +# endif + /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */ + if (actx->aio.mode == MODE_SYNC) + close(actx->aio.efd); + io_destroy(actx->aio.aio_ctx); + + return 1; +} + +static cbc_handles *get_cipher_handle(int nid) +{ + switch (nid) { + case NID_aes_128_cbc: + return &cbc_handle[AES_CBC_128]; + case NID_aes_192_cbc: + return &cbc_handle[AES_CBC_192]; + case NID_aes_256_cbc: + return &cbc_handle[AES_CBC_256]; + default: + return NULL; + } +} + +static const EVP_CIPHER *afalg_aes_cbc(int nid) +{ + cbc_handles *cipher_handle = get_cipher_handle(nid); + if (cipher_handle->_hidden == NULL + && ((cipher_handle->_hidden = + EVP_CIPHER_meth_new(nid, + AES_BLOCK_SIZE, + cipher_handle->key_size)) == NULL + || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden, + AES_IV_LEN) + || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden, + EVP_CIPH_CBC_MODE | + EVP_CIPH_FLAG_DEFAULT_ASN1) + || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden, + afalg_cipher_init) + || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden, + afalg_do_cipher) + || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden, + afalg_cipher_cleanup) + || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden, + sizeof(afalg_ctx)))) { + EVP_CIPHER_meth_free(cipher_handle->_hidden); + cipher_handle->_hidden= NULL; + } + return cipher_handle->_hidden; +} + +static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid) +{ + int r = 1; + + if (cipher == NULL) { + *nids = afalg_cipher_nids; + return (sizeof(afalg_cipher_nids) / sizeof(afalg_cipher_nids[0])); + } + + switch (nid) { + case NID_aes_128_cbc: + case NID_aes_192_cbc: + case NID_aes_256_cbc: + *cipher = afalg_aes_cbc(nid); + break; + default: + *cipher = NULL; + r = 0; + } + return r; +} + +static int bind_afalg(ENGINE *e) +{ + /* Ensure the afalg error handling is set up */ + unsigned short i; + ERR_load_AFALG_strings(); + + if (!ENGINE_set_id(e, engine_afalg_id) + || !ENGINE_set_name(e, engine_afalg_name) + || !ENGINE_set_destroy_function(e, afalg_destroy) + || !ENGINE_set_init_function(e, afalg_init) + || !ENGINE_set_finish_function(e, afalg_finish)) { + AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); + return 0; + } + + /* + * Create _hidden_aes_xxx_cbc by calling afalg_aes_xxx_cbc + * now, as bind_aflag can only be called by one thread at a + * time. + */ + for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { + if (afalg_aes_cbc(afalg_cipher_nids[i]) == NULL) { + AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); + return 0; + } + } + + if (!ENGINE_set_ciphers(e, afalg_ciphers)) { + AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED); + return 0; + } + + return 1; +} + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +static int bind_helper(ENGINE *e, const char *id) +{ + if (id && (strcmp(id, engine_afalg_id) != 0)) + return 0; + + if (!afalg_chk_platform()) + return 0; + + if (!bind_afalg(e)) + return 0; + return 1; +} + +IMPLEMENT_DYNAMIC_CHECK_FN() + IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) +# endif + +static int afalg_chk_platform(void) +{ + int ret; + int i; + int kver[3] = { -1, -1, -1 }; + int sock; + char *str; + struct utsname ut; + + ret = uname(&ut); + if (ret != 0) { + AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, + AFALG_R_FAILED_TO_GET_PLATFORM_INFO); + return 0; + } + + str = strtok(ut.release, "."); + for (i = 0; i < 3 && str != NULL; i++) { + kver[i] = atoi(str); + str = strtok(NULL, "."); + } + + if (KERNEL_VERSION(kver[0], kver[1], kver[2]) + < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) { + ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n", + kver[0], kver[1], kver[2]); + ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n", + K_MAJ, K_MIN1, K_MIN2); + AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, + AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG); + return 0; + } + + /* Test if we can actually create an AF_ALG socket */ + sock = socket(AF_ALG, SOCK_SEQPACKET, 0); + if (sock == -1) { + AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED); + return 0; + } + close(sock); + + return 1; +} + +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +static ENGINE *engine_afalg(void) +{ + ENGINE *ret = ENGINE_new(); + if (ret == NULL) + return NULL; + if (!bind_afalg(ret)) { + ENGINE_free(ret); + return NULL; + } + return ret; +} + +void engine_load_afalg_int(void) +{ + ENGINE *toadd; + + if (!afalg_chk_platform()) + return; + + toadd = engine_afalg(); + if (toadd == NULL) + return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); +} +# endif + +static int afalg_init(ENGINE *e) +{ + return 1; +} + +static int afalg_finish(ENGINE *e) +{ + return 1; +} + +static int free_cbc(void) +{ + short unsigned int i; + for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) { + EVP_CIPHER_meth_free(cbc_handle[i]._hidden); + cbc_handle[i]._hidden = NULL; + } + return 1; +} + +static int afalg_destroy(ENGINE *e) +{ + ERR_unload_AFALG_strings(); + free_cbc(); + return 1; +} + +#endif /* KERNEL VERSION */ diff --git a/engines/e_afalg.h b/engines/e_afalg.h new file mode 100644 index 000000000000..2c03c448d684 --- /dev/null +++ b/engines/e_afalg.h @@ -0,0 +1,95 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_AFALG_H +# define HEADER_AFALG_H + +# if defined(__GNUC__) && __GNUC__ >= 4 && \ + (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L) +# pragma GCC diagnostic ignored "-Wvariadic-macros" +# endif + +# ifdef ALG_DEBUG +# define ALG_DGB(x, ...) fprintf(stderr, "ALG_DBG: " x, __VA_ARGS__) +# define ALG_INFO(x, ...) fprintf(stderr, "ALG_INFO: " x, __VA_ARGS__) +# define ALG_WARN(x, ...) fprintf(stderr, "ALG_WARN: " x, __VA_ARGS__) +# else +# define ALG_DGB(x, ...) +# define ALG_INFO(x, ...) +# define ALG_WARN(x, ...) +# endif + +# define ALG_ERR(x, ...) fprintf(stderr, "ALG_ERR: " x, __VA_ARGS__) +# define ALG_PERR(x, ...) \ + do { \ + fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \ + perror(NULL); \ + } while(0) +# define ALG_PWARN(x, ...) \ + do { \ + fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \ + perror(NULL); \ + } while(0) + +# ifndef AES_BLOCK_SIZE +# define AES_BLOCK_SIZE 16 +# endif +# define AES_KEY_SIZE_128 16 +# define AES_KEY_SIZE_192 24 +# define AES_KEY_SIZE_256 32 +# define AES_IV_LEN 16 + +# define MAX_INFLIGHTS 1 + +typedef enum { + MODE_UNINIT = 0, + MODE_SYNC, + MODE_ASYNC +} op_mode; + +enum { + AES_CBC_128 = 0, + AES_CBC_192, + AES_CBC_256 +}; + +struct cbc_cipher_handles { + int key_size; + EVP_CIPHER *_hidden; +}; + +typedef struct cbc_cipher_handles cbc_handles; + +struct afalg_aio_st { + int efd; + op_mode mode; + aio_context_t aio_ctx; + struct io_event events[MAX_INFLIGHTS]; + struct iocb cbt[MAX_INFLIGHTS]; +}; +typedef struct afalg_aio_st afalg_aio; + +/* + * MAGIC Number to identify correct initialisation + * of afalg_ctx. + */ +# define MAGIC_INIT_NUM 0x1890671 + +struct afalg_ctx_st { + int init_done; + int sfd; + int bfd; +# ifdef ALG_ZERO_COPY + int zc_pipe[2]; +# endif + afalg_aio aio; +}; + +typedef struct afalg_ctx_st afalg_ctx; +#endif diff --git a/engines/e_afalg.txt b/engines/e_afalg.txt new file mode 100644 index 000000000000..3b79305acf9b --- /dev/null +++ b/engines/e_afalg.txt @@ -0,0 +1,30 @@ +# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Function codes +AFALG_F_AFALG_CHK_PLATFORM:100:afalg_chk_platform +AFALG_F_AFALG_CREATE_SK:101:afalg_create_sk +AFALG_F_AFALG_INIT_AIO:102:afalg_init_aio +AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION:103:\ + afalg_setup_async_event_notification +AFALG_F_AFALG_SET_KEY:104:afalg_set_key +AFALG_F_BIND_AFALG:105:bind_afalg + +#Reason codes +AFALG_R_EVENTFD_FAILED:108:eventfd failed +AFALG_R_FAILED_TO_GET_PLATFORM_INFO:111:failed to get platform info +AFALG_R_INIT_FAILED:100:init failed +AFALG_R_IO_SETUP_FAILED:105:io setup failed +AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG:101:kernel does not support afalg +AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG:107:\ + kernel does not support async afalg +AFALG_R_MEM_ALLOC_FAILED:102:mem alloc failed +AFALG_R_SOCKET_ACCEPT_FAILED:110:socket accept failed +AFALG_R_SOCKET_BIND_FAILED:103:socket bind failed +AFALG_R_SOCKET_CREATE_FAILED:109:socket create failed +AFALG_R_SOCKET_OPERATION_FAILED:104:socket operation failed +AFALG_R_SOCKET_SET_KEY_FAILED:106:socket set key failed diff --git a/engines/e_afalg_err.c b/engines/e_afalg_err.c new file mode 100644 index 000000000000..18fe9c34e0e2 --- /dev/null +++ b/engines/e_afalg_err.c @@ -0,0 +1,83 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/err.h> +#include "e_afalg_err.h" + +#ifndef OPENSSL_NO_ERR + +static ERR_STRING_DATA AFALG_str_functs[] = { + {ERR_PACK(0, AFALG_F_AFALG_CHK_PLATFORM, 0), "afalg_chk_platform"}, + {ERR_PACK(0, AFALG_F_AFALG_CREATE_SK, 0), "afalg_create_sk"}, + {ERR_PACK(0, AFALG_F_AFALG_INIT_AIO, 0), "afalg_init_aio"}, + {ERR_PACK(0, AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, 0), + "afalg_setup_async_event_notification"}, + {ERR_PACK(0, AFALG_F_AFALG_SET_KEY, 0), "afalg_set_key"}, + {ERR_PACK(0, AFALG_F_BIND_AFALG, 0), "bind_afalg"}, + {0, NULL} +}; + +static ERR_STRING_DATA AFALG_str_reasons[] = { + {ERR_PACK(0, 0, AFALG_R_EVENTFD_FAILED), "eventfd failed"}, + {ERR_PACK(0, 0, AFALG_R_FAILED_TO_GET_PLATFORM_INFO), + "failed to get platform info"}, + {ERR_PACK(0, 0, AFALG_R_INIT_FAILED), "init failed"}, + {ERR_PACK(0, 0, AFALG_R_IO_SETUP_FAILED), "io setup failed"}, + {ERR_PACK(0, 0, AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG), + "kernel does not support afalg"}, + {ERR_PACK(0, 0, AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG), + "kernel does not support async afalg"}, + {ERR_PACK(0, 0, AFALG_R_MEM_ALLOC_FAILED), "mem alloc failed"}, + {ERR_PACK(0, 0, AFALG_R_SOCKET_ACCEPT_FAILED), "socket accept failed"}, + {ERR_PACK(0, 0, AFALG_R_SOCKET_BIND_FAILED), "socket bind failed"}, + {ERR_PACK(0, 0, AFALG_R_SOCKET_CREATE_FAILED), "socket create failed"}, + {ERR_PACK(0, 0, AFALG_R_SOCKET_OPERATION_FAILED), + "socket operation failed"}, + {ERR_PACK(0, 0, AFALG_R_SOCKET_SET_KEY_FAILED), "socket set key failed"}, + {0, NULL} +}; + +#endif + +static int lib_code = 0; +static int error_loaded = 0; + +static int ERR_load_AFALG_strings(void) +{ + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + + if (!error_loaded) { +#ifndef OPENSSL_NO_ERR + ERR_load_strings(lib_code, AFALG_str_functs); + ERR_load_strings(lib_code, AFALG_str_reasons); +#endif + error_loaded = 1; + } + return 1; +} + +static void ERR_unload_AFALG_strings(void) +{ + if (error_loaded) { +#ifndef OPENSSL_NO_ERR + ERR_unload_strings(lib_code, AFALG_str_functs); + ERR_unload_strings(lib_code, AFALG_str_reasons); +#endif + error_loaded = 0; + } +} + +static void ERR_AFALG_error(int function, int reason, char *file, int line) +{ + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + ERR_PUT_error(lib_code, function, reason, file, line); +} diff --git a/engines/e_afalg_err.h b/engines/e_afalg_err.h new file mode 100644 index 000000000000..3eb1332bbfe4 --- /dev/null +++ b/engines/e_afalg_err.h @@ -0,0 +1,43 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_AFALGERR_H +# define HEADER_AFALGERR_H + +# define AFALGerr(f, r) ERR_AFALG_error((f), (r), OPENSSL_FILE, OPENSSL_LINE) + + +/* + * AFALG function codes. + */ +# define AFALG_F_AFALG_CHK_PLATFORM 100 +# define AFALG_F_AFALG_CREATE_SK 101 +# define AFALG_F_AFALG_INIT_AIO 102 +# define AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION 103 +# define AFALG_F_AFALG_SET_KEY 104 +# define AFALG_F_BIND_AFALG 105 + +/* + * AFALG reason codes. + */ +# define AFALG_R_EVENTFD_FAILED 108 +# define AFALG_R_FAILED_TO_GET_PLATFORM_INFO 111 +# define AFALG_R_INIT_FAILED 100 +# define AFALG_R_IO_SETUP_FAILED 105 +# define AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG 101 +# define AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG 107 +# define AFALG_R_MEM_ALLOC_FAILED 102 +# define AFALG_R_SOCKET_ACCEPT_FAILED 110 +# define AFALG_R_SOCKET_BIND_FAILED 103 +# define AFALG_R_SOCKET_CREATE_FAILED 109 +# define AFALG_R_SOCKET_OPERATION_FAILED 104 +# define AFALG_R_SOCKET_SET_KEY_FAILED 106 + +#endif diff --git a/engines/e_atalla.c b/engines/e_atalla.c deleted file mode 100644 index 7d136fff0736..000000000000 --- a/engines/e_atalla.c +++ /dev/null @@ -1,626 +0,0 @@ -/* crypto/engine/hw_atalla.c */ -/* - * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project - * 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/buffer.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_ATALLA - -# ifdef FLAT_INC -# include "atalla.h" -# else -# include "vendor_defns/atalla.h" -# endif - -# define ATALLA_LIB_NAME "atalla engine" -# include "e_atalla_err.c" - -static int atalla_destroy(ENGINE *e); -static int atalla_init(ENGINE *e); -static int atalla_finish(ENGINE *e); -static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); - -/* BIGNUM stuff */ -static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -# ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -# ifndef OPENSSL_NO_DSA -/* DSA stuff */ -static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); -static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -# ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -/* The definitions for control commands specific to this engine */ -# define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN atalla_cmd_defns[] = { - {ATALLA_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'atasi' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD atalla_rsa = { - "Atalla RSA method", - NULL, - NULL, - NULL, - NULL, - atalla_rsa_mod_exp, - atalla_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL, - NULL -}; -# endif - -# ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD atalla_dsa = { - "Atalla DSA method", - NULL, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - NULL, /* dsa_do_verify */ - atalla_dsa_mod_exp, /* dsa_mod_exp */ - atalla_mod_exp_dsa, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - NULL, /* dsa_paramgen */ - NULL /* dsa_keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD atalla_dh = { - "Atalla DH method", - NULL, - NULL, - atalla_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL -}; -# endif - -/* Constants used when creating the ENGINE */ -static const char *engine_atalla_id = "atalla"; -static const char *engine_atalla_name = "Atalla hardware engine support"; - -/* - * This internal function is used by ENGINE_atalla() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_helper(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -# endif -# ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -# endif - if (!ENGINE_set_id(e, engine_atalla_id) || - !ENGINE_set_name(e, engine_atalla_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &atalla_rsa) || -# endif -# ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &atalla_dsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &atalla_dh) || -# endif - !ENGINE_set_destroy_function(e, atalla_destroy) || - !ENGINE_set_init_function(e, atalla_init) || - !ENGINE_set_finish_function(e, atalla_finish) || - !ENGINE_set_ctrl_function(e, atalla_ctrl) || - !ENGINE_set_cmd_defns(e, atalla_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * atalla-specific mod_exp and mod_exp_crt so we use those functions. NB: - * We don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -# endif - -# ifndef OPENSSL_NO_DSA - /* - * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits. - */ - meth2 = DSA_OpenSSL(); - atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; - atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; - atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; -# endif - -# ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - atalla_dh.generate_key = meth3->generate_key; - atalla_dh.compute_key = meth3->compute_key; -# endif - - /* Ensure the atalla error handling is set up */ - ERR_load_ATALLA_strings(); - return 1; -} - -# ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_atalla(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_atalla(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_atalla(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This is a process-global DSO handle used for loading and unloading the - * Atalla library. NB: This is only set (or unset) during an init() or - * finish() call (reference counts permitting) and they're operating with - * global locks, so this should be thread-safe implicitly. - */ -static DSO *atalla_dso = NULL; - -/* - * These are the function pointers that are (un)set when the library has - * successfully (un)loaded. - */ -static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL; -static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL; -static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = - NULL; - -/* - * These are the static string constants for the DSO file name and the - * function symbol names to bind to. Regrettably, the DSO name on *nix - * appears to be "atasi.so" rather than something more consistent like - * "libatasi.so". At the time of writing, I'm not sure what the file name on - * win32 is but clearly native name translation is not possible (eg - * libatasi.so on *nix, and atasi.dll on win32). For the purposes of testing, - * I have created a symbollic link called "libatasi.so" so that we can use - * native name-translation - a better solution will be needed. - */ -static const char *ATALLA_LIBNAME = NULL; -static const char *get_ATALLA_LIBNAME(void) -{ - if (ATALLA_LIBNAME) - return ATALLA_LIBNAME; - return "atasi"; -} - -static void free_ATALLA_LIBNAME(void) -{ - if (ATALLA_LIBNAME) - OPENSSL_free((void *)ATALLA_LIBNAME); - ATALLA_LIBNAME = NULL; -} - -static long set_ATALLA_LIBNAME(const char *name) -{ - free_ATALLA_LIBNAME(); - return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); -} - -static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; -static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; -static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; - -/* Destructor (complements the "ENGINE_atalla()" constructor) */ -static int atalla_destroy(ENGINE *e) -{ - free_ATALLA_LIBNAME(); - /* - * Unload the atalla error strings so any error state including our - * functs or reasons won't lead to a segfault (they simply get displayed - * without corresponding string data because none will be found). - */ - ERR_unload_ATALLA_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int atalla_init(ENGINE *e) -{ - tfnASI_GetHardwareConfig *p1; - tfnASI_RSAPrivateKeyOpFn *p2; - tfnASI_GetPerformanceStatistics *p3; - /* - * Not sure of the origin of this magic value, but Ben's code had it and - * it seemed to have been working for a few people. :-) - */ - unsigned int config_buf[1024]; - - if (atalla_dso != NULL) { - ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_ALREADY_LOADED); - goto err; - } - /* - * Attempt to load libatasi.so/atasi.dll/whatever. Needs to be changed - * unfortunately because the Atalla drivers don't have standard library - * names that can be platform-translated well. - */ - /* - * TODO: Work out how to actually map to the names the Atalla drivers - * really use - for now a symbollic link needs to be created on the host - * system from libatasi.so to atasi.so on unix variants. - */ - atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0); - if (atalla_dso == NULL) { - ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED); - goto err; - } - if (! - (p1 = - (tfnASI_GetHardwareConfig *) DSO_bind_func(atalla_dso, ATALLA_F1)) -|| !(p2 = (tfnASI_RSAPrivateKeyOpFn *) DSO_bind_func(atalla_dso, ATALLA_F2)) -|| !(p3 = - (tfnASI_GetPerformanceStatistics *) DSO_bind_func(atalla_dso, - ATALLA_F3))) { - ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED); - goto err; - } - /* Copy the pointers */ - p_Atalla_GetHardwareConfig = p1; - p_Atalla_RSAPrivateKeyOpFn = p2; - p_Atalla_GetPerformanceStatistics = p3; - /* - * Perform a basic test to see if there's actually any unit running. - */ - if (p1(0L, config_buf) != 0) { - ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_UNIT_FAILURE); - goto err; - } - /* Everything's fine. */ - return 1; - err: - if (atalla_dso) - DSO_free(atalla_dso); - atalla_dso = NULL; - p_Atalla_GetHardwareConfig = NULL; - p_Atalla_RSAPrivateKeyOpFn = NULL; - p_Atalla_GetPerformanceStatistics = NULL; - return 0; -} - -static int atalla_finish(ENGINE *e) -{ - free_ATALLA_LIBNAME(); - if (atalla_dso == NULL) { - ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_NOT_LOADED); - return 0; - } - if (!DSO_free(atalla_dso)) { - ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_UNIT_FAILURE); - return 0; - } - atalla_dso = NULL; - p_Atalla_GetHardwareConfig = NULL; - p_Atalla_RSAPrivateKeyOpFn = NULL; - p_Atalla_GetPerformanceStatistics = NULL; - return 1; -} - -static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int initialised = ((atalla_dso == NULL) ? 0 : 1); - switch (cmd) { - case ATALLA_CMD_SO_PATH: - if (p == NULL) { - ATALLAerr(ATALLA_F_ATALLA_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (initialised) { - ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_ALREADY_LOADED); - return 0; - } - return set_ATALLA_LIBNAME((const char *)p); - default: - break; - } - ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - /* - * I need somewhere to store temporary serialised values for use with the - * Atalla API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX but - * access their arrays directly as byte arrays <grin>. This way I don't - * have to clean anything up. - */ - BIGNUM *modulus; - BIGNUM *exponent; - BIGNUM *argument; - BIGNUM *result; - RSAPrivateKey keydata; - int to_return, numbytes; - - modulus = exponent = argument = result = NULL; - to_return = 0; /* expect failure */ - - if (!atalla_dso) { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_NOT_LOADED); - goto err; - } - /* Prepare the params */ - BN_CTX_start(ctx); - modulus = BN_CTX_get(ctx); - exponent = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if (!result) { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_CTX_FULL); - goto err; - } - if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) || - !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_EXPAND_FAIL); - goto err; - } - /* Prepare the key-data */ - memset(&keydata, 0, sizeof(keydata)); - numbytes = BN_num_bytes(m); - memset(exponent->d, 0, numbytes); - memset(modulus->d, 0, numbytes); - BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p)); - BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m)); - keydata.privateExponent.data = (unsigned char *)exponent->d; - keydata.privateExponent.len = numbytes; - keydata.modulus.data = (unsigned char *)modulus->d; - keydata.modulus.len = numbytes; - /* Prepare the argument */ - memset(argument->d, 0, numbytes); - memset(result->d, 0, numbytes); - BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a)); - /* Perform the operation */ - if (p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d, - (unsigned char *)argument->d, - keydata.modulus.len) != 0) { - ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_REQUEST_FAILED); - goto err; - } - /* Convert the response */ - BN_bin2bn((unsigned char *)result->d, numbytes, r); - to_return = 1; - err: - BN_CTX_end(ctx); - return to_return; -} - -# ifndef OPENSSL_NO_RSA -static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx) -{ - int to_return = 0; - - if (!atalla_dso) { - ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP, ATALLA_R_NOT_LOADED); - goto err; - } - if (!rsa->d || !rsa->n) { - ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP, - ATALLA_R_MISSING_KEY_COMPONENTS); - goto err; - } - to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); - err: - return to_return; -} -# endif - -# ifndef OPENSSL_NO_DSA -/* - * This code was liberated and adapted from the commented-out code in - * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it - * doesn't have a CRT form for RSA), this function means that an Atalla - * system running with a DSA server certificate can handshake around 5 or 6 - * times faster/more than an equivalent system running with RSA. Just check - * out the "signs" statistics from the RSA and DSA parts of "openssl speed - * -engine atalla dsa1024 rsa1024". - */ -static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!atalla_mod_exp(rr, a1, p1, m, ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!atalla_mod_exp(&t, a2, p2, m, ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr, rr, &t, m, ctx)) - goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; -} - -static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return atalla_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_RSA -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return atalla_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return atalla_mod_exp(r, a, p, m, ctx); -} -# endif - -/* - * This stuff is needed if this ENGINE is being compiled into a - * self-contained shared-library. - */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_atalla_id) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -# endif /* !OPENSSL_NO_HW_ATALLA */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_atalla_err.c b/engines/e_atalla_err.c deleted file mode 100644 index ff47322389a6..000000000000 --- a/engines/e_atalla_err.c +++ /dev/null @@ -1,145 +0,0 @@ -/* e_atalla_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_atalla_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA ATALLA_str_functs[] = { - {ERR_FUNC(ATALLA_F_ATALLA_CTRL), "ATALLA_CTRL"}, - {ERR_FUNC(ATALLA_F_ATALLA_FINISH), "ATALLA_FINISH"}, - {ERR_FUNC(ATALLA_F_ATALLA_INIT), "ATALLA_INIT"}, - {ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP), "ATALLA_MOD_EXP"}, - {ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP), "ATALLA_RSA_MOD_EXP"}, - {0, NULL} -}; - -static ERR_STRING_DATA ATALLA_str_reasons[] = { - {ERR_REASON(ATALLA_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(ATALLA_R_BN_CTX_FULL), "bn ctx full"}, - {ERR_REASON(ATALLA_R_BN_EXPAND_FAIL), "bn expand fail"}, - {ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {ERR_REASON(ATALLA_R_NOT_LOADED), "not loaded"}, - {ERR_REASON(ATALLA_R_REQUEST_FAILED), "request failed"}, - {ERR_REASON(ATALLA_R_UNIT_FAILURE), "unit failure"}, - {0, NULL} -}; - -#endif - -#ifdef ATALLA_LIB_NAME -static ERR_STRING_DATA ATALLA_lib_name[] = { - {0, ATALLA_LIB_NAME}, - {0, NULL} -}; -#endif - -static int ATALLA_lib_error_code = 0; -static int ATALLA_error_init = 1; - -static void ERR_load_ATALLA_strings(void) -{ - if (ATALLA_lib_error_code == 0) - ATALLA_lib_error_code = ERR_get_next_error_library(); - - if (ATALLA_error_init) { - ATALLA_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_functs); - ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_reasons); -#endif - -#ifdef ATALLA_LIB_NAME - ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code, 0, 0); - ERR_load_strings(0, ATALLA_lib_name); -#endif - } -} - -static void ERR_unload_ATALLA_strings(void) -{ - if (ATALLA_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_functs); - ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_reasons); -#endif - -#ifdef ATALLA_LIB_NAME - ERR_unload_strings(0, ATALLA_lib_name); -#endif - ATALLA_error_init = 1; - } -} - -static void ERR_ATALLA_error(int function, int reason, char *file, int line) -{ - if (ATALLA_lib_error_code == 0) - ATALLA_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(ATALLA_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_atalla_err.h b/engines/e_atalla_err.h deleted file mode 100644 index 7b71eff407e2..000000000000 --- a/engines/e_atalla_err.h +++ /dev/null @@ -1,94 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_ATALLA_ERR_H -# define HEADER_ATALLA_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_ATALLA_strings(void); -static void ERR_unload_ATALLA_strings(void); -static void ERR_ATALLA_error(int function, int reason, char *file, int line); -# define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the ATALLA functions. */ - -/* Function codes. */ -# define ATALLA_F_ATALLA_CTRL 100 -# define ATALLA_F_ATALLA_FINISH 101 -# define ATALLA_F_ATALLA_INIT 102 -# define ATALLA_F_ATALLA_MOD_EXP 103 -# define ATALLA_F_ATALLA_RSA_MOD_EXP 104 - -/* Reason codes. */ -# define ATALLA_R_ALREADY_LOADED 100 -# define ATALLA_R_BN_CTX_FULL 101 -# define ATALLA_R_BN_EXPAND_FAIL 102 -# define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -# define ATALLA_R_MISSING_KEY_COMPONENTS 104 -# define ATALLA_R_NOT_LOADED 105 -# define ATALLA_R_REQUEST_FAILED 106 -# define ATALLA_R_UNIT_FAILURE 107 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_capi.c b/engines/e_capi.c index 8c08872bfdf4..37202b81f398 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -1,80 +1,35 @@ -/* engines/e_capi.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved. * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include <stdio.h> -#include <string.h> -#include <stdlib.h> +#ifdef _WIN32 +# ifndef _WIN32_WINNT +# define _WIN32_WINNT 0x0400 +# endif +# include <windows.h> +# include <wincrypt.h> + +# include <stdio.h> +# include <string.h> +# include <stdlib.h> +# include <malloc.h> +# ifndef alloca +# define alloca _alloca +# endif -#include <openssl/crypto.h> +# include <openssl/crypto.h> -#ifdef OPENSSL_SYS_WIN32 # ifndef OPENSSL_NO_CAPIENG # include <openssl/buffer.h> # include <openssl/bn.h> # include <openssl/rsa.h> - -# ifndef _WIN32_WINNT -# define _WIN32_WINNT 0x0400 -# endif - -# include <windows.h> -# include <wincrypt.h> -# include <malloc.h> -# ifndef alloca -# define alloca _alloca -# endif +# include <openssl/dsa.h> /* * This module uses several "new" interfaces, among which is @@ -94,12 +49,11 @@ # define __COMPILE_CAPIENG # endif /* CERT_KEY_PROV_INFO_PROP_ID */ # endif /* OPENSSL_NO_CAPIENG */ -#endif /* OPENSSL_SYS_WIN32 */ +#endif /* _WIN32 */ #ifdef __COMPILE_CAPIENG # undef X509_EXTENSIONS -# undef X509_CERT_PAIR /* Definitions which may be missing from earlier version of headers */ # ifndef CERT_STORE_OPEN_EXISTING_FLAG @@ -115,23 +69,27 @@ # endif # ifndef ALG_SID_SHA_256 -# define ALG_SID_SHA_256 12 +# define ALG_SID_SHA_256 12 # endif # ifndef ALG_SID_SHA_384 -# define ALG_SID_SHA_384 13 +# define ALG_SID_SHA_384 13 # endif # ifndef ALG_SID_SHA_512 -# define ALG_SID_SHA_512 14 +# define ALG_SID_SHA_512 14 # endif # ifndef CALG_SHA_256 -# define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256) +# define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256) # endif # ifndef CALG_SHA_384 -# define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384) +# define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384) # endif # ifndef CALG_SHA_512 -# define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512) +# define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512) +# endif + +# ifndef PROV_RSA_AES +# define PROV_RSA_AES 24 # endif # include <openssl/engine.h> @@ -150,17 +108,17 @@ typedef struct CAPI_KEY_st CAPI_KEY; static void capi_addlasterror(void); static void capi_adderror(DWORD err); -static void CAPI_trace(CAPI_CTX * ctx, char *format, ...); +static void CAPI_trace(CAPI_CTX *ctx, char *format, ...); -static int capi_list_providers(CAPI_CTX * ctx, BIO *out); -static int capi_list_containers(CAPI_CTX * ctx, BIO *out); -int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *storename); -void capi_free_key(CAPI_KEY * key); +static int capi_list_providers(CAPI_CTX *ctx, BIO *out); +static int capi_list_containers(CAPI_CTX *ctx, BIO *out); +int capi_list_certs(CAPI_CTX *ctx, BIO *out, char *storename); +void capi_free_key(CAPI_KEY *key); -static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id, +static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id, HCERTSTORE hstore); -CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id); +CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id); static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method, void *callback_data); @@ -173,9 +131,11 @@ static int capi_rsa_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); static int capi_rsa_free(RSA *rsa); +# ifndef OPENSSL_NO_DSA static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen, DSA *dsa); static int capi_dsa_free(DSA *dsa); +# endif static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl, STACK_OF(X509_NAME) *ca_dn, X509 **pcert, @@ -188,9 +148,11 @@ static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs); static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs); # endif -typedef PCCERT_CONTEXT(WINAPI *CERTDLG) (HCERTSTORE, HWND, LPCWSTR, - LPCWSTR, DWORD, DWORD, void *); -typedef HWND(WINAPI *GETCONSWIN) (void); +void engine_load_capi_int(void); + +typedef PCCERT_CONTEXT(WINAPI *CERTDLG)(HCERTSTORE, HWND, LPCWSTR, + LPCWSTR, DWORD, DWORD, void *); +typedef HWND(WINAPI *GETCONSWIN)(void); /* * This structure contains CAPI ENGINE specific data: it contains various @@ -213,37 +175,28 @@ struct CAPI_CTX_st { /* System store flags */ DWORD store_flags; /* Lookup string meanings in load_private_key */ -/* Substring of subject: uses "storename" */ -# define CAPI_LU_SUBSTR 1 -/* Friendly name: uses storename */ -# define CAPI_LU_FNAME 2 -/* Container name: uses cspname, keytype */ -# define CAPI_LU_CONTNAME 3 +# define CAPI_LU_SUBSTR 1 /* Substring of subject: uses "storename" */ +# define CAPI_LU_FNAME 2 /* Friendly name: uses storename */ +# define CAPI_LU_CONTNAME 3 /* Container name: uses cspname, keytype */ int lookup_method; /* Info to dump with dumpcerts option */ -/* Issuer and serial name strings */ -# define CAPI_DMP_SUMMARY 0x1 -/* Friendly name */ -# define CAPI_DMP_FNAME 0x2 -/* Full X509_print dump */ -# define CAPI_DMP_FULL 0x4 -/* Dump PEM format certificate */ -# define CAPI_DMP_PEM 0x8 -/* Dump pseudo key (if possible) */ -# define CAPI_DMP_PSKEY 0x10 -/* Dump key info (if possible) */ -# define CAPI_DMP_PKEYINFO 0x20 +# define CAPI_DMP_SUMMARY 0x1 /* Issuer and serial name strings */ +# define CAPI_DMP_FNAME 0x2 /* Friendly name */ +# define CAPI_DMP_FULL 0x4 /* Full X509_print dump */ +# define CAPI_DMP_PEM 0x8 /* Dump PEM format certificate */ +# define CAPI_DMP_PSKEY 0x10 /* Dump pseudo key (if possible) */ +# define CAPI_DMP_PKEYINFO 0x20 /* Dump key info (if possible) */ DWORD dump_flags; int (*client_cert_select) (ENGINE *e, SSL *ssl, STACK_OF(X509) *certs); CERTDLG certselectdlg; GETCONSWIN getconswindow; }; -static CAPI_CTX *capi_ctx_new(); -static void capi_ctx_free(CAPI_CTX * ctx); -static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type, +static CAPI_CTX *capi_ctx_new(void); +static void capi_ctx_free(CAPI_CTX *ctx); +static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, int check); -static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx); +static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx); # define CAPI_CMD_LIST_CERTS ENGINE_CMD_BASE # define CAPI_CMD_LOOKUP_CERT (ENGINE_CMD_BASE + 1) @@ -332,12 +285,17 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) int ret = 1; CAPI_CTX *ctx; BIO *out; + LPSTR tmpstr; if (capi_idx == -1) { CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_ENGINE_NOT_INITIALIZED); return 0; } ctx = ENGINE_get_ex_data(e, capi_idx); out = BIO_new_fp(stdout, BIO_NOCLOSE); + if (out == NULL) { + CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_FILE_OPEN_ERROR); + return 0; + } switch (cmd) { case CAPI_CMD_LIST_CSPS: ret = capi_list_providers(ctx, out); @@ -356,10 +314,15 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) break; case CAPI_CMD_STORE_NAME: - if (ctx->storename) + tmpstr = OPENSSL_strdup(p); + if (tmpstr != NULL) { OPENSSL_free(ctx->storename); - ctx->storename = BUF_strdup(p); - CAPI_trace(ctx, "Setting store name to %s\n", p); + ctx->storename = tmpstr; + CAPI_trace(ctx, "Setting store name to %s\n", p); + } else { + CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE); + ret = 0; + } break; case CAPI_CMD_STORE_FLAGS: @@ -379,8 +342,14 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) break; case CAPI_CMD_DEBUG_FILE: - ctx->debug_file = BUF_strdup(p); - CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file); + tmpstr = OPENSSL_strdup(p); + if (tmpstr != NULL) { + ctx->debug_file = tmpstr; + CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file); + } else { + CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE); + ret = 0; + } break; case CAPI_CMD_KEYTYPE: @@ -399,6 +368,7 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) case CAPI_CMD_LOOKUP_METHOD: if (i < 1 || i > 3) { CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_INVALID_LOOKUP_METHOD); + BIO_free(out); return 0; } ctx->lookup_method = i; @@ -422,42 +392,25 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) } -static RSA_METHOD capi_rsa_method = { - "CryptoAPI RSA method", - 0, /* pub_enc */ - 0, /* pub_dec */ - capi_rsa_priv_enc, /* priv_enc */ - capi_rsa_priv_dec, /* priv_dec */ - 0, /* rsa_mod_exp */ - 0, /* bn_mod_exp */ - 0, /* init */ - capi_rsa_free, /* finish */ - RSA_FLAG_SIGN_VER, /* flags */ - NULL, /* app_data */ - capi_rsa_sign, /* rsa_sign */ - 0 /* rsa_verify */ -}; +static RSA_METHOD *capi_rsa_method = NULL; +# ifndef OPENSSL_NO_DSA +static DSA_METHOD *capi_dsa_method = NULL; +# endif -static DSA_METHOD capi_dsa_method = { - "CryptoAPI DSA method", - capi_dsa_do_sign, /* dsa_do_sign */ - 0, /* dsa_sign_setup */ - 0, /* dsa_do_verify */ - 0, /* dsa_mod_exp */ - 0, /* bn_mod_exp */ - 0, /* init */ - capi_dsa_free, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - 0, /* dsa_paramgen */ - 0 /* dsa_keygen */ -}; +static int use_aes_csp = 0; +static const WCHAR rsa_aes_cspname[] = + L"Microsoft Enhanced RSA and AES Cryptographic Provider"; +static const WCHAR rsa_enh_cspname[] = + L"Microsoft Enhanced Cryptographic Provider v1.0"; static int capi_init(ENGINE *e) { CAPI_CTX *ctx; const RSA_METHOD *ossl_rsa_meth; +# ifndef OPENSSL_NO_DSA const DSA_METHOD *ossl_dsa_meth; +# endif + HCRYPTPROV hprov; if (capi_idx < 0) { capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); @@ -468,22 +421,41 @@ static int capi_init(ENGINE *e) /* Setup RSA_METHOD */ rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0); - ossl_rsa_meth = RSA_PKCS1_SSLeay(); - capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc; - capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec; - capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp; - capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp; + ossl_rsa_meth = RSA_PKCS1_OpenSSL(); + if ( !RSA_meth_set_pub_enc(capi_rsa_method, + RSA_meth_get_pub_enc(ossl_rsa_meth)) + || !RSA_meth_set_pub_dec(capi_rsa_method, + RSA_meth_get_pub_dec(ossl_rsa_meth)) + || !RSA_meth_set_priv_enc(capi_rsa_method, capi_rsa_priv_enc) + || !RSA_meth_set_priv_dec(capi_rsa_method, capi_rsa_priv_dec) + || !RSA_meth_set_mod_exp(capi_rsa_method, + RSA_meth_get_mod_exp(ossl_rsa_meth)) + || !RSA_meth_set_bn_mod_exp(capi_rsa_method, + RSA_meth_get_bn_mod_exp(ossl_rsa_meth)) + || !RSA_meth_set_finish(capi_rsa_method, capi_rsa_free) + || !RSA_meth_set_sign(capi_rsa_method, capi_rsa_sign)) { + goto memerr; + } +# ifndef OPENSSL_NO_DSA /* Setup DSA Method */ dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0); ossl_dsa_meth = DSA_OpenSSL(); - capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify; - capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp; - capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp; + if ( !DSA_meth_set_sign(capi_dsa_method, capi_dsa_do_sign) + || !DSA_meth_set_verify(capi_dsa_method, + DSA_meth_get_verify(ossl_dsa_meth)) + || !DSA_meth_set_finish(capi_dsa_method, capi_dsa_free) + || !DSA_meth_set_mod_exp(capi_dsa_method, + DSA_meth_get_mod_exp(ossl_dsa_meth)) + || !DSA_meth_set_bn_mod_exp(capi_dsa_method, + DSA_meth_get_bn_mod_exp(ossl_dsa_meth))) { + goto memerr; + } +# endif } ctx = capi_ctx_new(); - if (!ctx) + if (ctx == NULL) goto memerr; ENGINE_set_ex_data(e, capi_idx, ctx); @@ -504,6 +476,13 @@ static int capi_init(ENGINE *e) } # endif + /* See if there is RSA+AES CSP */ + if (CryptAcquireContextW(&hprov, NULL, rsa_aes_cspname, PROV_RSA_AES, + CRYPT_VERIFYCONTEXT)) { + use_aes_csp = 1; + CryptReleaseContext(hprov, 0); + } + return 1; memerr: @@ -515,6 +494,12 @@ static int capi_init(ENGINE *e) static int capi_destroy(ENGINE *e) { + RSA_meth_free(capi_rsa_method); + capi_rsa_method = NULL; +# ifndef OPENSSL_NO_DSA + DSA_meth_free(capi_dsa_method); + capi_dsa_method = NULL; +# endif ERR_unload_CAPI_strings(); return 1; } @@ -544,24 +529,41 @@ struct CAPI_KEY_st { static int bind_capi(ENGINE *e) { + capi_rsa_method = RSA_meth_new("CryptoAPI RSA method", 0); + if (capi_rsa_method == NULL) + return 0; +# ifndef OPENSSL_NO_DSA + capi_dsa_method = DSA_meth_new("CryptoAPI DSA method", 0); + if (capi_dsa_method == NULL) + goto memerr; +# endif if (!ENGINE_set_id(e, engine_capi_id) || !ENGINE_set_name(e, engine_capi_name) || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) || !ENGINE_set_init_function(e, capi_init) || !ENGINE_set_finish_function(e, capi_finish) || !ENGINE_set_destroy_function(e, capi_destroy) - || !ENGINE_set_RSA(e, &capi_rsa_method) - || !ENGINE_set_DSA(e, &capi_dsa_method) + || !ENGINE_set_RSA(e, capi_rsa_method) +# ifndef OPENSSL_NO_DSA + || !ENGINE_set_DSA(e, capi_dsa_method) +# endif || !ENGINE_set_load_privkey_function(e, capi_load_privkey) || !ENGINE_set_load_ssl_client_cert_function(e, capi_load_ssl_client_cert) || !ENGINE_set_cmd_defns(e, capi_cmd_defns) || !ENGINE_set_ctrl_function(e, capi_ctrl)) - return 0; + goto memerr; ERR_load_CAPI_strings(); return 1; - + memerr: + RSA_meth_free(capi_rsa_method); + capi_rsa_method = NULL; +# ifndef OPENSSL_NO_DSA + DSA_meth_free(capi_dsa_method); + capi_dsa_method = NULL; +# endif + return 0; } # ifndef OPENSSL_NO_DYNAMIC_ENGINE @@ -575,12 +577,12 @@ static int bind_helper(ENGINE *e, const char *id) } IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) +IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) # else static ENGINE *engine_capi(void) { ENGINE *ret = ENGINE_new(); - if (!ret) + if (ret == NULL) return NULL; if (!bind_capi(ret)) { ENGINE_free(ret); @@ -589,7 +591,7 @@ static ENGINE *engine_capi(void) return ret; } -void ENGINE_load_capi(void) +void engine_load_capi_int(void) { /* Copied from eng_[openssl|dyn].c */ ENGINE *toadd = engine_capi(); @@ -623,7 +625,7 @@ static int lend_tobn(BIGNUM *bn, unsigned char *bin, int binlen) /* Given a CAPI_KEY get an EVP_PKEY structure */ -static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key) +static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key) { unsigned char *pubkey = NULL; DWORD len; @@ -639,7 +641,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key) pubkey = OPENSSL_malloc(len); - if (!pubkey) + if (pubkey == NULL) goto memerr; if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, pubkey, &len)) { @@ -656,6 +658,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key) if (bh->aiKeyAlg == CALG_RSA_SIGN || bh->aiKeyAlg == CALG_RSA_KEYX) { RSAPUBKEY *rp; DWORD rsa_modlen; + BIGNUM *e = NULL, *n = NULL; unsigned char *rsa_modulus; rp = (RSAPUBKEY *) (bh + 1); if (rp->magic != 0x31415352) { @@ -671,31 +674,38 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key) if (!rkey) goto memerr; - rkey->e = BN_new(); - rkey->n = BN_new(); + e = BN_new(); + n = BN_new(); - if (!rkey->e || !rkey->n) + if (e == NULL || n == NULL) { + BN_free(e); + BN_free(n); goto memerr; + } + + RSA_set0_key(rkey, n, e, NULL); - if (!BN_set_word(rkey->e, rp->pubexp)) + if (!BN_set_word(e, rp->pubexp)) goto memerr; rsa_modlen = rp->bitlen / 8; - if (!lend_tobn(rkey->n, rsa_modulus, rsa_modlen)) + if (!lend_tobn(n, rsa_modulus, rsa_modlen)) goto memerr; RSA_set_ex_data(rkey, rsa_capi_idx, key); - if (!(ret = EVP_PKEY_new())) + if ((ret = EVP_PKEY_new()) == NULL) goto memerr; EVP_PKEY_assign_RSA(ret, rkey); rkey = NULL; +# ifndef OPENSSL_NO_DSA } else if (bh->aiKeyAlg == CALG_DSS_SIGN) { DSSPUBKEY *dp; DWORD dsa_plen; unsigned char *btmp; + BIGNUM *p, *q, *g, *pub_key; dp = (DSSPUBKEY *) (bh + 1); if (dp->magic != 0x31535344) { char magstr[10]; @@ -710,35 +720,43 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key) dkey = DSA_new_method(eng); if (!dkey) goto memerr; - dkey->p = BN_new(); - dkey->q = BN_new(); - dkey->g = BN_new(); - dkey->pub_key = BN_new(); - if (!dkey->p || !dkey->q || !dkey->g || !dkey->pub_key) + p = BN_new(); + q = BN_new(); + g = BN_new(); + pub_key = BN_new(); + if (p == NULL || q == NULL || g == NULL || pub_key == NULL) { + BN_free(p); + BN_free(q); + BN_free(g); + BN_free(pub_key); goto memerr; - if (!lend_tobn(dkey->p, btmp, dsa_plen)) + } + DSA_set0_pqg(dkey, p, q, g); + DSA_set0_key(dkey, pub_key, NULL); + if (!lend_tobn(p, btmp, dsa_plen)) goto memerr; btmp += dsa_plen; - if (!lend_tobn(dkey->q, btmp, 20)) + if (!lend_tobn(q, btmp, 20)) goto memerr; btmp += 20; - if (!lend_tobn(dkey->g, btmp, dsa_plen)) + if (!lend_tobn(g, btmp, dsa_plen)) goto memerr; btmp += dsa_plen; - if (!lend_tobn(dkey->pub_key, btmp, dsa_plen)) + if (!lend_tobn(pub_key, btmp, dsa_plen)) goto memerr; btmp += dsa_plen; DSA_set_ex_data(dkey, dsa_capi_idx, key); - if (!(ret = EVP_PKEY_new())) + if ((ret = EVP_PKEY_new()) == NULL) goto memerr; EVP_PKEY_assign_DSA(ret, dkey); dkey = NULL; +# endif } else { char algstr[10]; - BIO_snprintf(algstr, 10, "%lx", bh->aiKeyAlg); + BIO_snprintf(algstr, 10, "%ux", bh->aiKeyAlg); CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM); ERR_add_error_data(2, "aiKeyAlg=0x", algstr); @@ -746,13 +764,12 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key) } err: - if (pubkey) - OPENSSL_free(pubkey); + OPENSSL_free(pubkey); if (!ret) { - if (rkey) - RSA_free(rkey); - if (dkey) - DSA_free(dkey); + RSA_free(rkey); +# ifndef OPENSSL_NO_DSA + DSA_free(dkey); +# endif } return ret; @@ -809,7 +826,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len, CAPI_KEY *capi_key; CAPI_CTX *ctx; - ctx = ENGINE_get_ex_data(rsa->engine, capi_idx); + ctx = ENGINE_get_ex_data(RSA_get0_engine(rsa), capi_idx); CAPI_trace(ctx, "Called CAPI_rsa_sign()\n"); @@ -818,7 +835,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len, CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_GET_KEY); return -1; } -/* Convert the signature type to a CryptoAPI algorithm ID */ + /* Convert the signature type to a CryptoAPI algorithm ID */ switch (dtype) { case NID_sha256: alg = CALG_SHA_256; @@ -846,20 +863,20 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len, default: { char algstr[10]; - BIO_snprintf(algstr, 10, "%lx", dtype); + BIO_snprintf(algstr, 10, "%x", dtype); CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_UNSUPPORTED_ALGORITHM_NID); ERR_add_error_data(2, "NID=0x", algstr); return -1; } } -/* Create the hash object */ + /* Create the hash object */ if (!CryptCreateHash(capi_key->hprov, alg, 0, 0, &hash)) { CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_CREATE_HASH_OBJECT); capi_addlasterror(); return -1; } -/* Set the hash value to the value passed */ + /* Set the hash value to the value passed */ if (!CryptSetHashParam(hash, HP_HASHVAL, (unsigned char *)m, 0)) { CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_SET_HASH_VALUE); @@ -867,7 +884,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len, goto err; } -/* Finally sign it */ + /* Finally sign it */ slen = RSA_size(rsa); if (!CryptSignHash(hash, capi_key->keyspec, NULL, 0, sigret, &slen)) { CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_ERROR_SIGNING_HASH); @@ -900,7 +917,13 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from, unsigned char *tmpbuf; CAPI_KEY *capi_key; CAPI_CTX *ctx; - ctx = ENGINE_get_ex_data(rsa->engine, capi_idx); + DWORD flags = 0; + DWORD dlen; + + if (flen <= 0) + return flen; + + ctx = ENGINE_get_ex_data(RSA_get0_engine(rsa), capi_idx); CAPI_trace(ctx, "Called capi_rsa_priv_dec()\n"); @@ -910,16 +933,27 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from, return -1; } - if (padding != RSA_PKCS1_PADDING) { - char errstr[10]; - BIO_snprintf(errstr, 10, "%d", padding); - CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_UNSUPPORTED_PADDING); - ERR_add_error_data(2, "padding=", errstr); - return -1; + switch (padding) { + case RSA_PKCS1_PADDING: + /* Nothing to do */ + break; +#ifdef CRYPT_DECRYPT_RSA_NO_PADDING_CHECK + case RSA_NO_PADDING: + flags = CRYPT_DECRYPT_RSA_NO_PADDING_CHECK; + break; +#endif + default: + { + char errstr[10]; + BIO_snprintf(errstr, 10, "%d", padding); + CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_UNSUPPORTED_PADDING); + ERR_add_error_data(2, "padding=", errstr); + return -1; + } } /* Create temp reverse order version of input */ - if (!(tmpbuf = OPENSSL_malloc(flen))) { + if ((tmpbuf = OPENSSL_malloc(flen)) == NULL) { CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, ERR_R_MALLOC_FAILURE); return -1; } @@ -927,14 +961,17 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from, tmpbuf[flen - i - 1] = from[i]; /* Finally decrypt it */ - if (!CryptDecrypt(capi_key->key, 0, TRUE, 0, tmpbuf, &flen)) { + dlen = flen; + if (!CryptDecrypt(capi_key->key, 0, TRUE, flags, tmpbuf, &dlen)) { CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_DECRYPT_ERROR); capi_addlasterror(); + OPENSSL_cleanse(tmpbuf, dlen); OPENSSL_free(tmpbuf); return -1; - } else - memcpy(to, tmpbuf, flen); - + } else { + memcpy(to, tmpbuf, (flen = (int)dlen)); + } + OPENSSL_cleanse(tmpbuf, flen); OPENSSL_free(tmpbuf); return flen; @@ -949,6 +986,7 @@ static int capi_rsa_free(RSA *rsa) return 1; } +# ifndef OPENSSL_NO_DSA /* CryptoAPI DSA operations */ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen, @@ -961,7 +999,7 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen, CAPI_CTX *ctx; unsigned char csigbuf[40]; - ctx = ENGINE_get_ex_data(dsa->engine, capi_idx); + ctx = ENGINE_get_ex_data(DSA_get0_engine(dsa), capi_idx); CAPI_trace(ctx, "Called CAPI_dsa_do_sign()\n"); @@ -998,19 +1036,17 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen, capi_addlasterror(); goto err; } else { - ret = DSA_SIG_new(); - if (!ret) - goto err; - ret->r = BN_new(); - ret->s = BN_new(); - if (!ret->r || !ret->s) - goto err; - if (!lend_tobn(ret->r, csigbuf, 20) - || !lend_tobn(ret->s, csigbuf + 20, 20)) { - DSA_SIG_free(ret); - ret = NULL; + BIGNUM *r = BN_new(), *s = BN_new(); + + if (r == NULL || s == NULL + || !lend_tobn(r, csigbuf, 20) + || !lend_tobn(s, csigbuf + 20, 20) + || (ret = DSA_SIG_new()) == NULL) { + BN_free(r); /* BN_free checks for BIGNUM * being NULL */ + BN_free(s); goto err; } + DSA_SIG_set0(ret, r, s); } /* Now cleanup */ @@ -1029,8 +1065,9 @@ static int capi_dsa_free(DSA *dsa) DSA_set_ex_data(dsa, dsa_capi_idx, 0); return 1; } +# endif -static void capi_vtrace(CAPI_CTX * ctx, int level, char *format, +static void capi_vtrace(CAPI_CTX *ctx, int level, char *format, va_list argptr) { BIO *out; @@ -1038,11 +1075,15 @@ static void capi_vtrace(CAPI_CTX * ctx, int level, char *format, if (!ctx || (ctx->debug_level < level) || (!ctx->debug_file)) return; out = BIO_new_file(ctx->debug_file, "a+"); + if (out == NULL) { + CAPIerr(CAPI_F_CAPI_VTRACE, CAPI_R_FILE_OPEN_ERROR); + return; + } BIO_vprintf(out, format, argptr); BIO_free(out); } -static void CAPI_trace(CAPI_CTX * ctx, char *format, ...) +static void CAPI_trace(CAPI_CTX *ctx, char *format, ...) { va_list args; va_start(args, format); @@ -1076,7 +1117,7 @@ static char *wide_to_asc(LPCWSTR wstr) return NULL; } str = OPENSSL_malloc(sz); - if (!str) { + if (str == NULL) { CAPIerr(CAPI_F_WIDE_TO_ASC, ERR_R_MALLOC_FAILURE); return NULL; } @@ -1088,7 +1129,7 @@ static char *wide_to_asc(LPCWSTR wstr) return str; } -static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype, +static int capi_get_provname(CAPI_CTX *ctx, LPSTR *pname, DWORD *ptype, DWORD idx) { DWORD len, err; @@ -1102,33 +1143,35 @@ static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype, capi_adderror(err); return 0; } - if (sizeof(TCHAR) != sizeof(char)) - name = alloca(len); - else - name = OPENSSL_malloc(len); + name = OPENSSL_malloc(len); if (name == NULL) { CAPIerr(CAPI_F_CAPI_GET_PROVNAME, ERR_R_MALLOC_FAILURE); return 0; } if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len)) { err = GetLastError(); + OPENSSL_free(name); if (err == ERROR_NO_MORE_ITEMS) return 2; CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR); capi_adderror(err); return 0; } - if (sizeof(TCHAR) != sizeof(char)) + if (sizeof(TCHAR) != sizeof(char)) { *pname = wide_to_asc((WCHAR *)name); - else + OPENSSL_free(name); + if (*pname == NULL) + return 0; + } else { *pname = (char *)name; + } CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", *pname, *ptype); return 1; } -static int capi_list_providers(CAPI_CTX * ctx, BIO *out) +static int capi_list_providers(CAPI_CTX *ctx, BIO *out) { DWORD idx, ptype; int ret; @@ -1141,45 +1184,44 @@ static int capi_list_providers(CAPI_CTX * ctx, BIO *out) break; if (ret == 0) break; - BIO_printf(out, "%d. %s, type %d\n", idx, provname, ptype); + BIO_printf(out, "%lu. %s, type %lu\n", idx, provname, ptype); OPENSSL_free(provname); } return 1; } -static int capi_list_containers(CAPI_CTX * ctx, BIO *out) +static int capi_list_containers(CAPI_CTX *ctx, BIO *out) { int ret = 1; HCRYPTPROV hprov; DWORD err, idx, flags, buflen = 0, clen; LPSTR cname; - LPTSTR cspname = NULL; + LPWSTR cspname = NULL; CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname, ctx->csptype); - if (ctx->cspname && sizeof(TCHAR) != sizeof(char)) { - if ((clen = - MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0))) { + if (ctx->cspname != NULL) { + if ((clen = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, + NULL, 0))) { cspname = alloca(clen * sizeof(WCHAR)); MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname, clen); } - if (!cspname) { + if (cspname == NULL) { CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE); capi_addlasterror(); return 0; } - } else - cspname = (TCHAR *)ctx->cspname; - if (!CryptAcquireContext - (&hprov, NULL, cspname, ctx->csptype, CRYPT_VERIFYCONTEXT)) { + } + if (!CryptAcquireContextW(&hprov, NULL, cspname, ctx->csptype, + CRYPT_VERIFYCONTEXT)) { CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); capi_addlasterror(); return 0; } - if (!CryptGetProvParam - (hprov, PP_ENUMCONTAINERS, NULL, &buflen, CRYPT_FIRST)) { + if (!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, NULL, &buflen, + CRYPT_FIRST)) { CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR); capi_addlasterror(); CryptReleaseContext(hprov, 0); @@ -1189,7 +1231,7 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out) if (buflen == 0) buflen = 1024; cname = OPENSSL_malloc(buflen); - if (!cname) { + if (cname == NULL) { CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE); goto err; } @@ -1202,8 +1244,8 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out) flags = CRYPT_FIRST; else flags = 0; - if (!CryptGetProvParam - (hprov, PP_ENUMCONTAINERS, (BYTE *) cname, &clen, flags)) { + if (!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, (BYTE *)cname, + &clen, flags)) { err = GetLastError(); if (err == ERROR_NO_MORE_ITEMS) goto done; @@ -1217,35 +1259,35 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out) CAPI_trace(ctx, "Enumerate bug: using workaround\n"); goto done; } - BIO_printf(out, "%d. %s\n", idx, cname); + BIO_printf(out, "%lu. %s\n", idx, cname); } err: ret = 0; done: - if (cname) - OPENSSL_free(cname); + OPENSSL_free(cname); CryptReleaseContext(hprov, 0); return ret; } -CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX * ctx, PCCERT_CONTEXT cert) +static CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX *ctx, + PCCERT_CONTEXT cert) { DWORD len; CRYPT_KEY_PROV_INFO *pinfo; - if (!CertGetCertificateContextProperty - (cert, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len)) + if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID, + NULL, &len)) return NULL; pinfo = OPENSSL_malloc(len); - if (!pinfo) { + if (pinfo == NULL) { CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, ERR_R_MALLOC_FAILURE); return NULL; } - if (!CertGetCertificateContextProperty - (cert, CERT_KEY_PROV_INFO_PROP_ID, pinfo, &len)) { + if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID, + pinfo, &len)) { CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO); capi_addlasterror(); @@ -1255,8 +1297,8 @@ CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX * ctx, PCCERT_CONTEXT cert) return pinfo; } -static void capi_dump_prov_info(CAPI_CTX * ctx, BIO *out, - CRYPT_KEY_PROV_INFO * pinfo) +static void capi_dump_prov_info(CAPI_CTX *ctx, BIO *out, + CRYPT_KEY_PROV_INFO *pinfo) { char *provname = NULL, *contname = NULL; if (!pinfo) { @@ -1269,33 +1311,29 @@ static void capi_dump_prov_info(CAPI_CTX * ctx, BIO *out, goto err; BIO_printf(out, " Private Key Info:\n"); - BIO_printf(out, " Provider Name: %s, Provider Type %d\n", provname, + BIO_printf(out, " Provider Name: %s, Provider Type %lu\n", provname, pinfo->dwProvType); - BIO_printf(out, " Container Name: %s, Key Type %d\n", contname, + BIO_printf(out, " Container Name: %s, Key Type %lu\n", contname, pinfo->dwKeySpec); err: - if (provname) - OPENSSL_free(provname); - if (contname) - OPENSSL_free(contname); + OPENSSL_free(provname); + OPENSSL_free(contname); } -char *capi_cert_get_fname(CAPI_CTX * ctx, PCCERT_CONTEXT cert) +static char *capi_cert_get_fname(CAPI_CTX *ctx, PCCERT_CONTEXT cert) { LPWSTR wfname; DWORD dlen; CAPI_trace(ctx, "capi_cert_get_fname\n"); - if (!CertGetCertificateContextProperty - (cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, &dlen)) + if (!CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, + NULL, &dlen)) return NULL; wfname = OPENSSL_malloc(dlen); - if (wfname == NULL) { - CAPIerr(CAPI_F_CAPI_CERT_GET_FNAME, ERR_R_MALLOC_FAILURE); + if (wfname == NULL) return NULL; - } - if (CertGetCertificateContextProperty - (cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, &dlen)) { + if (CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID, + wfname, &dlen)) { char *fname = wide_to_asc(wfname); OPENSSL_free(wfname); return fname; @@ -1307,10 +1345,10 @@ char *capi_cert_get_fname(CAPI_CTX * ctx, PCCERT_CONTEXT cert) return NULL; } -void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert) +static void capi_dump_cert(CAPI_CTX *ctx, BIO *out, PCCERT_CONTEXT cert) { X509 *x; - unsigned char *p; + const unsigned char *p; unsigned long flags = ctx->dump_flags; if (flags & CAPI_DMP_FNAME) { char *fname; @@ -1318,8 +1356,9 @@ void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert) if (fname) { BIO_printf(out, " Friendly Name \"%s\"\n", fname); OPENSSL_free(fname); - } else + } else { BIO_printf(out, " <No Friendly Name>\n"); + } } p = cert->pbCertEncoded; @@ -1340,8 +1379,7 @@ void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert) CRYPT_KEY_PROV_INFO *pinfo; pinfo = capi_get_prov_info(ctx, cert); capi_dump_prov_info(ctx, out, pinfo); - if (pinfo) - OPENSSL_free(pinfo); + OPENSSL_free(pinfo); } if (flags & CAPI_DMP_PEM) @@ -1349,7 +1387,7 @@ void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert) X509_free(x); } -HCERTSTORE capi_open_store(CAPI_CTX * ctx, char *storename) +static HCERTSTORE capi_open_store(CAPI_CTX *ctx, char *storename) { HCERTSTORE hstore; @@ -1368,7 +1406,7 @@ HCERTSTORE capi_open_store(CAPI_CTX * ctx, char *storename) return hstore; } -int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id) +int capi_list_certs(CAPI_CTX *ctx, BIO *out, char *id) { char *storename; int idx; @@ -1406,7 +1444,7 @@ int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id) return ret; } -static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id, +static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id, HCERTSTORE hstore) { PCCERT_CONTEXT cert = NULL; @@ -1414,8 +1452,7 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id, int match; switch (ctx->lookup_method) { case CAPI_LU_SUBSTR: - return CertFindCertificateInStore(hstore, - X509_ASN_ENCODING, 0, + return CertFindCertificateInStore(hstore, X509_ASN_ENCODING, 0, CERT_FIND_SUBJECT_STR_A, id, NULL); case CAPI_LU_FNAME: for (;;) { @@ -1438,35 +1475,38 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id, } } -static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname, - TCHAR *provname, DWORD ptype, DWORD keyspec) +static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const WCHAR *contname, + const WCHAR *provname, DWORD ptype, + DWORD keyspec) { - CAPI_KEY *key; DWORD dwFlags = 0; - key = OPENSSL_malloc(sizeof(CAPI_KEY)); - if (key == NULL) { - CAPIerr(CAPI_F_CAPI_GET_KEY, ERR_R_MALLOC_FAILURE); - capi_addlasterror(); - goto err; + CAPI_KEY *key = OPENSSL_malloc(sizeof(*key)); + + if (key == NULL) + return NULL; + /* If PROV_RSA_AES supported use it instead */ + if (ptype == PROV_RSA_FULL && use_aes_csp && + wcscmp(provname, rsa_enh_cspname) == 0) { + provname = rsa_aes_cspname; + ptype = PROV_RSA_AES; } - if (sizeof(TCHAR) == sizeof(char)) - CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", - contname, provname, ptype); - else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) { - /* above 'if' is optimization to minimize malloc-ations */ - char *_contname = wide_to_asc((WCHAR *)contname); - char *_provname = wide_to_asc((WCHAR *)provname); + if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) { + /* + * above 'if' is [complementary] copy from CAPI_trace and serves + * as optimization to minimize [below] malloc-ations + */ + char *_contname = wide_to_asc(contname); + char *_provname = wide_to_asc(provname); CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n", _contname, _provname, ptype); - if (_provname) - OPENSSL_free(_provname); - if (_contname) - OPENSSL_free(_contname); + OPENSSL_free(_provname); + OPENSSL_free(_contname); } if (ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE) dwFlags = CRYPT_MACHINE_KEYSET; - if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, dwFlags)) { + if (!CryptAcquireContextW(&key->hprov, contname, provname, ptype, + dwFlags)) { CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); capi_addlasterror(); goto err; @@ -1486,42 +1526,27 @@ static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname, return NULL; } -static CAPI_KEY *capi_get_cert_key(CAPI_CTX * ctx, PCCERT_CONTEXT cert) +static CAPI_KEY *capi_get_cert_key(CAPI_CTX *ctx, PCCERT_CONTEXT cert) { CAPI_KEY *key = NULL; CRYPT_KEY_PROV_INFO *pinfo = NULL; - char *provname = NULL, *contname = NULL; + pinfo = capi_get_prov_info(ctx, cert); - if (!pinfo) - goto err; - if (sizeof(TCHAR) != sizeof(char)) - key = capi_get_key(ctx, (TCHAR *)pinfo->pwszContainerName, - (TCHAR *)pinfo->pwszProvName, - pinfo->dwProvType, pinfo->dwKeySpec); - else { - provname = wide_to_asc(pinfo->pwszProvName); - contname = wide_to_asc(pinfo->pwszContainerName); - if (!provname || !contname) - goto err; - key = capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname, + + if (pinfo != NULL) + key = capi_get_key(ctx, pinfo->pwszContainerName, pinfo->pwszProvName, pinfo->dwProvType, pinfo->dwKeySpec); - } - err: - if (pinfo) - OPENSSL_free(pinfo); - if (provname) - OPENSSL_free(provname); - if (contname) - OPENSSL_free(contname); + OPENSSL_free(pinfo); return key; } -CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id) +CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id) { PCCERT_CONTEXT cert; HCERTSTORE hstore; CAPI_KEY *key = NULL; + switch (ctx->lookup_method) { case CAPI_LU_SUBSTR: case CAPI_LU_FNAME: @@ -1537,36 +1562,28 @@ CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id) break; case CAPI_LU_CONTNAME: - if (sizeof(TCHAR) != sizeof(char)) { + { WCHAR *contname, *provname; DWORD len; if ((len = MultiByteToWideChar(CP_ACP, 0, id, -1, NULL, 0)) && (contname = alloca(len * sizeof(WCHAR)), MultiByteToWideChar(CP_ACP, 0, id, -1, contname, len)) && - (len = - MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0)) - && (provname = - alloca(len * sizeof(WCHAR)), MultiByteToWideChar(CP_ACP, - 0, - ctx->cspname, - -1, - provname, - len))) - key = - capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname, - ctx->csptype, ctx->keytype); - } else - key = capi_get_key(ctx, (TCHAR *)id, - (TCHAR *)ctx->cspname, - ctx->csptype, ctx->keytype); + (len = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, + NULL, 0)) && + (provname = alloca(len * sizeof(WCHAR)), + MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, + provname, len))) + key = capi_get_key(ctx, contname, provname, + ctx->csptype, ctx->keytype); + } break; } return key; } -void capi_free_key(CAPI_KEY * key) +void capi_free_key(CAPI_KEY *key) { if (!key) return; @@ -1579,64 +1596,53 @@ void capi_free_key(CAPI_KEY * key) /* Initialize a CAPI_CTX structure */ -static CAPI_CTX *capi_ctx_new() +static CAPI_CTX *capi_ctx_new(void) { - CAPI_CTX *ctx; - ctx = OPENSSL_malloc(sizeof(CAPI_CTX)); - if (!ctx) { + CAPI_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + if (ctx == NULL) { CAPIerr(CAPI_F_CAPI_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; } - ctx->cspname = NULL; ctx->csptype = PROV_RSA_FULL; ctx->dump_flags = CAPI_DMP_SUMMARY | CAPI_DMP_FNAME; ctx->keytype = AT_KEYEXCHANGE; - ctx->storename = NULL; - ctx->ssl_client_store = NULL; ctx->store_flags = CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_CURRENT_USER; ctx->lookup_method = CAPI_LU_SUBSTR; - ctx->debug_level = 0; - ctx->debug_file = NULL; ctx->client_cert_select = cert_select_simple; return ctx; } -static void capi_ctx_free(CAPI_CTX * ctx) +static void capi_ctx_free(CAPI_CTX *ctx) { CAPI_trace(ctx, "Calling capi_ctx_free with %lx\n", ctx); if (!ctx) return; - if (ctx->cspname) - OPENSSL_free(ctx->cspname); - if (ctx->debug_file) - OPENSSL_free(ctx->debug_file); - if (ctx->storename) - OPENSSL_free(ctx->storename); - if (ctx->ssl_client_store) - OPENSSL_free(ctx->ssl_client_store); + OPENSSL_free(ctx->cspname); + OPENSSL_free(ctx->debug_file); + OPENSSL_free(ctx->storename); + OPENSSL_free(ctx->ssl_client_store); OPENSSL_free(ctx); } -static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type, +static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type, int check) { + LPSTR tmpcspname; + CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type); if (check) { HCRYPTPROV hprov; - LPTSTR name = NULL; + LPWSTR name = NULL; + DWORD len; - if (sizeof(TCHAR) != sizeof(char)) { - DWORD len; - if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) { - name = alloca(len * sizeof(WCHAR)); - MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len); - } - } else - name = (TCHAR *)pname; - - if (!name || !CryptAcquireContext(&hprov, NULL, name, type, - CRYPT_VERIFYCONTEXT)) { + if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) { + name = alloca(len * sizeof(WCHAR)); + MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len); + } + if (name == NULL || !CryptAcquireContextW(&hprov, NULL, name, type, + CRYPT_VERIFYCONTEXT)) { CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, CAPI_R_CRYPTACQUIRECONTEXT_ERROR); capi_addlasterror(); @@ -1644,14 +1650,18 @@ static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type, } CryptReleaseContext(hprov, 0); } - if (ctx->cspname) - OPENSSL_free(ctx->cspname); - ctx->cspname = BUF_strdup(pname); + tmpcspname = OPENSSL_strdup(pname); + if (tmpcspname == NULL) { + CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, ERR_R_MALLOC_FAILURE); + return 0; + } + OPENSSL_free(ctx->cspname); + ctx->cspname = tmpcspname; ctx->csptype = type; return 1; } -static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx) +static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx) { LPSTR pname; DWORD type; @@ -1687,7 +1697,7 @@ static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs = NULL; X509 *x; char *storename; - const char *p; + const unsigned char *p; int i, client_cert_idx; HCERTSTORE hstore; PCCERT_CONTEXT cert = NULL, excert = NULL; @@ -1735,9 +1745,9 @@ static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl, certs = sk_X509_new_null(); sk_X509_push(certs, x); - } else + } else { X509_free(x); - + } } if (cert) @@ -1886,7 +1896,8 @@ OPENSSL_EXPORT IMPLEMENT_DYNAMIC_CHECK_FN() # else -void ENGINE_load_capi(void) +void engine_load_capi_int(void); +void engine_load_capi_int(void) { } # endif diff --git a/engines/e_capi.txt b/engines/e_capi.txt new file mode 100644 index 000000000000..3f34cdf6b7e9 --- /dev/null +++ b/engines/e_capi.txt @@ -0,0 +1,62 @@ +# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Function codes +CAPI_F_CAPI_CERT_GET_FNAME:99:capi_cert_get_fname +CAPI_F_CAPI_CTRL:100:capi_ctrl +CAPI_F_CAPI_CTX_NEW:101:capi_ctx_new +CAPI_F_CAPI_CTX_SET_PROVNAME:102:capi_ctx_set_provname +CAPI_F_CAPI_DSA_DO_SIGN:114:capi_dsa_do_sign +CAPI_F_CAPI_GET_KEY:103:capi_get_key +CAPI_F_CAPI_GET_PKEY:115:capi_get_pkey +CAPI_F_CAPI_GET_PROVNAME:104:capi_get_provname +CAPI_F_CAPI_GET_PROV_INFO:105:capi_get_prov_info +CAPI_F_CAPI_INIT:106:capi_init +CAPI_F_CAPI_LIST_CONTAINERS:107:capi_list_containers +CAPI_F_CAPI_LOAD_PRIVKEY:108:capi_load_privkey +CAPI_F_CAPI_OPEN_STORE:109:capi_open_store +CAPI_F_CAPI_RSA_PRIV_DEC:110:capi_rsa_priv_dec +CAPI_F_CAPI_RSA_PRIV_ENC:111:capi_rsa_priv_enc +CAPI_F_CAPI_RSA_SIGN:112:capi_rsa_sign +CAPI_F_CAPI_VTRACE:118:capi_vtrace +CAPI_F_CERT_SELECT_DIALOG:117:cert_select_dialog +CAPI_F_CLIENT_CERT_SELECT:116:* +CAPI_F_WIDE_TO_ASC:113:wide_to_asc + +#Reason codes +CAPI_R_CANT_CREATE_HASH_OBJECT:100:cant create hash object +CAPI_R_CANT_FIND_CAPI_CONTEXT:101:cant find capi context +CAPI_R_CANT_GET_KEY:102:cant get key +CAPI_R_CANT_SET_HASH_VALUE:103:cant set hash value +CAPI_R_CRYPTACQUIRECONTEXT_ERROR:104:cryptacquirecontext error +CAPI_R_CRYPTENUMPROVIDERS_ERROR:105:cryptenumproviders error +CAPI_R_DECRYPT_ERROR:106:decrypt error +CAPI_R_ENGINE_NOT_INITIALIZED:107:engine not initialized +CAPI_R_ENUMCONTAINERS_ERROR:108:enumcontainers error +CAPI_R_ERROR_ADDING_CERT:109:error adding cert +CAPI_R_ERROR_CREATING_STORE:110:error creating store +CAPI_R_ERROR_GETTING_FRIENDLY_NAME:111:error getting friendly name +CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO:112:error getting key provider info +CAPI_R_ERROR_OPENING_STORE:113:error opening store +CAPI_R_ERROR_SIGNING_HASH:114:error signing hash +CAPI_R_FILE_OPEN_ERROR:115:file open error +CAPI_R_FUNCTION_NOT_SUPPORTED:116:function not supported +CAPI_R_GETUSERKEY_ERROR:117:getuserkey error +CAPI_R_INVALID_DIGEST_LENGTH:118:invalid digest length +CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER:119:\ + invalid dsa public key blob magic number +CAPI_R_INVALID_LOOKUP_METHOD:120:invalid lookup method +CAPI_R_INVALID_PUBLIC_KEY_BLOB:121:invalid public key blob +CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER:122:\ + invalid rsa public key blob magic number +CAPI_R_PUBKEY_EXPORT_ERROR:123:pubkey export error +CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR:124:pubkey export length error +CAPI_R_UNKNOWN_COMMAND:125:unknown command +CAPI_R_UNSUPPORTED_ALGORITHM_NID:126:unsupported algorithm nid +CAPI_R_UNSUPPORTED_PADDING:127:unsupported padding +CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM:128:unsupported public key algorithm +CAPI_R_WIN32_ERROR:129:win32 error diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c index a266138519e1..b72bc51a874e 100644 --- a/engines/e_capi_err.c +++ b/engines/e_capi_err.c @@ -1,187 +1,119 @@ -/* e_capi_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - /* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <openssl/err.h> #include "e_capi_err.h" -/* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - static ERR_STRING_DATA CAPI_str_functs[] = { - {ERR_FUNC(CAPI_F_CAPI_CERT_GET_FNAME), "CAPI_CERT_GET_FNAME"}, - {ERR_FUNC(CAPI_F_CAPI_CTRL), "CAPI_CTRL"}, - {ERR_FUNC(CAPI_F_CAPI_CTX_NEW), "CAPI_CTX_NEW"}, - {ERR_FUNC(CAPI_F_CAPI_CTX_SET_PROVNAME), "CAPI_CTX_SET_PROVNAME"}, - {ERR_FUNC(CAPI_F_CAPI_DSA_DO_SIGN), "CAPI_DSA_DO_SIGN"}, - {ERR_FUNC(CAPI_F_CAPI_GET_KEY), "CAPI_GET_KEY"}, - {ERR_FUNC(CAPI_F_CAPI_GET_PKEY), "CAPI_GET_PKEY"}, - {ERR_FUNC(CAPI_F_CAPI_GET_PROVNAME), "CAPI_GET_PROVNAME"}, - {ERR_FUNC(CAPI_F_CAPI_GET_PROV_INFO), "CAPI_GET_PROV_INFO"}, - {ERR_FUNC(CAPI_F_CAPI_INIT), "CAPI_INIT"}, - {ERR_FUNC(CAPI_F_CAPI_LIST_CONTAINERS), "CAPI_LIST_CONTAINERS"}, - {ERR_FUNC(CAPI_F_CAPI_LOAD_PRIVKEY), "CAPI_LOAD_PRIVKEY"}, - {ERR_FUNC(CAPI_F_CAPI_OPEN_STORE), "CAPI_OPEN_STORE"}, - {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_DEC), "CAPI_RSA_PRIV_DEC"}, - {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_ENC), "CAPI_RSA_PRIV_ENC"}, - {ERR_FUNC(CAPI_F_CAPI_RSA_SIGN), "CAPI_RSA_SIGN"}, - {ERR_FUNC(CAPI_F_CERT_SELECT_DIALOG), "CERT_SELECT_DIALOG"}, - {ERR_FUNC(CAPI_F_CLIENT_CERT_SELECT), "CLIENT_CERT_SELECT"}, - {ERR_FUNC(CAPI_F_WIDE_TO_ASC), "WIDE_TO_ASC"}, + {ERR_PACK(0, CAPI_F_CAPI_CERT_GET_FNAME, 0), "capi_cert_get_fname"}, + {ERR_PACK(0, CAPI_F_CAPI_CTRL, 0), "capi_ctrl"}, + {ERR_PACK(0, CAPI_F_CAPI_CTX_NEW, 0), "capi_ctx_new"}, + {ERR_PACK(0, CAPI_F_CAPI_CTX_SET_PROVNAME, 0), "capi_ctx_set_provname"}, + {ERR_PACK(0, CAPI_F_CAPI_DSA_DO_SIGN, 0), "capi_dsa_do_sign"}, + {ERR_PACK(0, CAPI_F_CAPI_GET_KEY, 0), "capi_get_key"}, + {ERR_PACK(0, CAPI_F_CAPI_GET_PKEY, 0), "capi_get_pkey"}, + {ERR_PACK(0, CAPI_F_CAPI_GET_PROVNAME, 0), "capi_get_provname"}, + {ERR_PACK(0, CAPI_F_CAPI_GET_PROV_INFO, 0), "capi_get_prov_info"}, + {ERR_PACK(0, CAPI_F_CAPI_INIT, 0), "capi_init"}, + {ERR_PACK(0, CAPI_F_CAPI_LIST_CONTAINERS, 0), "capi_list_containers"}, + {ERR_PACK(0, CAPI_F_CAPI_LOAD_PRIVKEY, 0), "capi_load_privkey"}, + {ERR_PACK(0, CAPI_F_CAPI_OPEN_STORE, 0), "capi_open_store"}, + {ERR_PACK(0, CAPI_F_CAPI_RSA_PRIV_DEC, 0), "capi_rsa_priv_dec"}, + {ERR_PACK(0, CAPI_F_CAPI_RSA_PRIV_ENC, 0), "capi_rsa_priv_enc"}, + {ERR_PACK(0, CAPI_F_CAPI_RSA_SIGN, 0), "capi_rsa_sign"}, + {ERR_PACK(0, CAPI_F_CAPI_VTRACE, 0), "capi_vtrace"}, + {ERR_PACK(0, CAPI_F_CERT_SELECT_DIALOG, 0), "cert_select_dialog"}, + {ERR_PACK(0, CAPI_F_CLIENT_CERT_SELECT, 0), ""}, + {ERR_PACK(0, CAPI_F_WIDE_TO_ASC, 0), "wide_to_asc"}, {0, NULL} }; static ERR_STRING_DATA CAPI_str_reasons[] = { - {ERR_REASON(CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"}, - {ERR_REASON(CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"}, - {ERR_REASON(CAPI_R_CANT_GET_KEY), "cant get key"}, - {ERR_REASON(CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"}, - {ERR_REASON(CAPI_R_CRYPTACQUIRECONTEXT_ERROR), - "cryptacquirecontext error"}, - {ERR_REASON(CAPI_R_CRYPTENUMPROVIDERS_ERROR), "cryptenumproviders error"}, - {ERR_REASON(CAPI_R_DECRYPT_ERROR), "decrypt error"}, - {ERR_REASON(CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"}, - {ERR_REASON(CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"}, - {ERR_REASON(CAPI_R_ERROR_ADDING_CERT), "error adding cert"}, - {ERR_REASON(CAPI_R_ERROR_CREATING_STORE), "error creating store"}, - {ERR_REASON(CAPI_R_ERROR_GETTING_FRIENDLY_NAME), - "error getting friendly name"}, - {ERR_REASON(CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO), - "error getting key provider info"}, - {ERR_REASON(CAPI_R_ERROR_OPENING_STORE), "error opening store"}, - {ERR_REASON(CAPI_R_ERROR_SIGNING_HASH), "error signing hash"}, - {ERR_REASON(CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"}, - {ERR_REASON(CAPI_R_GETUSERKEY_ERROR), "getuserkey error"}, - {ERR_REASON(CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"}, - {ERR_REASON(CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER), - "invalid dsa public key blob magic number"}, - {ERR_REASON(CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"}, - {ERR_REASON(CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"}, - {ERR_REASON(CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER), - "invalid rsa public key blob magic number"}, - {ERR_REASON(CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"}, - {ERR_REASON(CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR), - "pubkey export length error"}, - {ERR_REASON(CAPI_R_UNKNOWN_COMMAND), "unknown command"}, - {ERR_REASON(CAPI_R_UNSUPPORTED_ALGORITHM_NID), - "unsupported algorithm nid"}, - {ERR_REASON(CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"}, - {ERR_REASON(CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM), - "unsupported public key algorithm"}, - {ERR_REASON(CAPI_R_WIN32_ERROR), "win32 error"}, + {ERR_PACK(0, 0, CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"}, + {ERR_PACK(0, 0, CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"}, + {ERR_PACK(0, 0, CAPI_R_CANT_GET_KEY), "cant get key"}, + {ERR_PACK(0, 0, CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"}, + {ERR_PACK(0, 0, CAPI_R_CRYPTACQUIRECONTEXT_ERROR), + "cryptacquirecontext error"}, + {ERR_PACK(0, 0, CAPI_R_CRYPTENUMPROVIDERS_ERROR), + "cryptenumproviders error"}, + {ERR_PACK(0, 0, CAPI_R_DECRYPT_ERROR), "decrypt error"}, + {ERR_PACK(0, 0, CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"}, + {ERR_PACK(0, 0, CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"}, + {ERR_PACK(0, 0, CAPI_R_ERROR_ADDING_CERT), "error adding cert"}, + {ERR_PACK(0, 0, CAPI_R_ERROR_CREATING_STORE), "error creating store"}, + {ERR_PACK(0, 0, CAPI_R_ERROR_GETTING_FRIENDLY_NAME), + "error getting friendly name"}, + {ERR_PACK(0, 0, CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO), + "error getting key provider info"}, + {ERR_PACK(0, 0, CAPI_R_ERROR_OPENING_STORE), "error opening store"}, + {ERR_PACK(0, 0, CAPI_R_ERROR_SIGNING_HASH), "error signing hash"}, + {ERR_PACK(0, 0, CAPI_R_FILE_OPEN_ERROR), "file open error"}, + {ERR_PACK(0, 0, CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"}, + {ERR_PACK(0, 0, CAPI_R_GETUSERKEY_ERROR), "getuserkey error"}, + {ERR_PACK(0, 0, CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"}, + {ERR_PACK(0, 0, CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER), + "invalid dsa public key blob magic number"}, + {ERR_PACK(0, 0, CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"}, + {ERR_PACK(0, 0, CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"}, + {ERR_PACK(0, 0, CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER), + "invalid rsa public key blob magic number"}, + {ERR_PACK(0, 0, CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"}, + {ERR_PACK(0, 0, CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR), + "pubkey export length error"}, + {ERR_PACK(0, 0, CAPI_R_UNKNOWN_COMMAND), "unknown command"}, + {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_ALGORITHM_NID), + "unsupported algorithm nid"}, + {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"}, + {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM), + "unsupported public key algorithm"}, + {ERR_PACK(0, 0, CAPI_R_WIN32_ERROR), "win32 error"}, {0, NULL} }; #endif -#ifdef CAPI_LIB_NAME -static ERR_STRING_DATA CAPI_lib_name[] = { - {0, CAPI_LIB_NAME}, - {0, NULL} -}; -#endif +static int lib_code = 0; +static int error_loaded = 0; -static int CAPI_lib_error_code = 0; -static int CAPI_error_init = 1; - -static void ERR_load_CAPI_strings(void) +static int ERR_load_CAPI_strings(void) { - if (CAPI_lib_error_code == 0) - CAPI_lib_error_code = ERR_get_next_error_library(); + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); - if (CAPI_error_init) { - CAPI_error_init = 0; + if (!error_loaded) { #ifndef OPENSSL_NO_ERR - ERR_load_strings(CAPI_lib_error_code, CAPI_str_functs); - ERR_load_strings(CAPI_lib_error_code, CAPI_str_reasons); -#endif - -#ifdef CAPI_LIB_NAME - CAPI_lib_name->error = ERR_PACK(CAPI_lib_error_code, 0, 0); - ERR_load_strings(0, CAPI_lib_name); + ERR_load_strings(lib_code, CAPI_str_functs); + ERR_load_strings(lib_code, CAPI_str_reasons); #endif + error_loaded = 1; } + return 1; } static void ERR_unload_CAPI_strings(void) { - if (CAPI_error_init == 0) { + if (error_loaded) { #ifndef OPENSSL_NO_ERR - ERR_unload_strings(CAPI_lib_error_code, CAPI_str_functs); - ERR_unload_strings(CAPI_lib_error_code, CAPI_str_reasons); -#endif - -#ifdef CAPI_LIB_NAME - ERR_unload_strings(0, CAPI_lib_name); + ERR_unload_strings(lib_code, CAPI_str_functs); + ERR_unload_strings(lib_code, CAPI_str_reasons); #endif - CAPI_error_init = 1; + error_loaded = 0; } } static void ERR_CAPI_error(int function, int reason, char *file, int line) { - if (CAPI_lib_error_code == 0) - CAPI_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(CAPI_lib_error_code, function, reason, file, line); + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + ERR_PUT_error(lib_code, function, reason, file, line); } diff --git a/engines/e_capi_err.h b/engines/e_capi_err.h index b5d06dce200a..e034c98cae84 100644 --- a/engines/e_capi_err.h +++ b/engines/e_capi_err.h @@ -1,77 +1,22 @@ -/* ==================================================================== - * Copyright (c) 2001-2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#ifndef HEADER_CAPI_ERR_H -# define HEADER_CAPI_ERR_H +#ifndef HEADER_CAPIERR_H +# define HEADER_CAPIERR_H + +# define CAPIerr(f, r) ERR_CAPI_error((f), (r), OPENSSL_FILE, OPENSSL_LINE) -#ifdef __cplusplus -extern "C" { -#endif -/* BEGIN ERROR CODES */ /* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. + * CAPI function codes. */ -static void ERR_load_CAPI_strings(void); -static void ERR_unload_CAPI_strings(void); -static void ERR_CAPI_error(int function, int reason, char *file, int line); -# define CAPIerr(f,r) ERR_CAPI_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the CAPI functions. */ - -/* Function codes. */ # define CAPI_F_CAPI_CERT_GET_FNAME 99 # define CAPI_F_CAPI_CTRL 100 # define CAPI_F_CAPI_CTX_NEW 101 @@ -88,42 +33,43 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line); # define CAPI_F_CAPI_RSA_PRIV_DEC 110 # define CAPI_F_CAPI_RSA_PRIV_ENC 111 # define CAPI_F_CAPI_RSA_SIGN 112 +# define CAPI_F_CAPI_VTRACE 118 # define CAPI_F_CERT_SELECT_DIALOG 117 # define CAPI_F_CLIENT_CERT_SELECT 116 # define CAPI_F_WIDE_TO_ASC 113 -/* Reason codes. */ -# define CAPI_R_CANT_CREATE_HASH_OBJECT 99 -# define CAPI_R_CANT_FIND_CAPI_CONTEXT 100 -# define CAPI_R_CANT_GET_KEY 101 -# define CAPI_R_CANT_SET_HASH_VALUE 102 -# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR 103 -# define CAPI_R_CRYPTENUMPROVIDERS_ERROR 104 -# define CAPI_R_DECRYPT_ERROR 105 -# define CAPI_R_ENGINE_NOT_INITIALIZED 106 -# define CAPI_R_ENUMCONTAINERS_ERROR 107 -# define CAPI_R_ERROR_ADDING_CERT 125 -# define CAPI_R_ERROR_CREATING_STORE 126 -# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME 108 -# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO 109 -# define CAPI_R_ERROR_OPENING_STORE 110 -# define CAPI_R_ERROR_SIGNING_HASH 111 -# define CAPI_R_FUNCTION_NOT_SUPPORTED 112 -# define CAPI_R_GETUSERKEY_ERROR 113 -# define CAPI_R_INVALID_DIGEST_LENGTH 124 -# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 122 -# define CAPI_R_INVALID_LOOKUP_METHOD 114 -# define CAPI_R_INVALID_PUBLIC_KEY_BLOB 115 -# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 123 -# define CAPI_R_PUBKEY_EXPORT_ERROR 116 -# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR 117 -# define CAPI_R_UNKNOWN_COMMAND 118 -# define CAPI_R_UNSUPPORTED_ALGORITHM_NID 119 -# define CAPI_R_UNSUPPORTED_PADDING 120 -# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM 121 -# define CAPI_R_WIN32_ERROR 127 +/* + * CAPI reason codes. + */ +# define CAPI_R_CANT_CREATE_HASH_OBJECT 100 +# define CAPI_R_CANT_FIND_CAPI_CONTEXT 101 +# define CAPI_R_CANT_GET_KEY 102 +# define CAPI_R_CANT_SET_HASH_VALUE 103 +# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR 104 +# define CAPI_R_CRYPTENUMPROVIDERS_ERROR 105 +# define CAPI_R_DECRYPT_ERROR 106 +# define CAPI_R_ENGINE_NOT_INITIALIZED 107 +# define CAPI_R_ENUMCONTAINERS_ERROR 108 +# define CAPI_R_ERROR_ADDING_CERT 109 +# define CAPI_R_ERROR_CREATING_STORE 110 +# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME 111 +# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO 112 +# define CAPI_R_ERROR_OPENING_STORE 113 +# define CAPI_R_ERROR_SIGNING_HASH 114 +# define CAPI_R_FILE_OPEN_ERROR 115 +# define CAPI_R_FUNCTION_NOT_SUPPORTED 116 +# define CAPI_R_GETUSERKEY_ERROR 117 +# define CAPI_R_INVALID_DIGEST_LENGTH 118 +# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 119 +# define CAPI_R_INVALID_LOOKUP_METHOD 120 +# define CAPI_R_INVALID_PUBLIC_KEY_BLOB 121 +# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 122 +# define CAPI_R_PUBKEY_EXPORT_ERROR 123 +# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR 124 +# define CAPI_R_UNKNOWN_COMMAND 125 +# define CAPI_R_UNSUPPORTED_ALGORITHM_NID 126 +# define CAPI_R_UNSUPPORTED_PADDING 127 +# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM 128 +# define CAPI_R_WIN32_ERROR 129 -#ifdef __cplusplus -} -#endif #endif diff --git a/engines/e_chil.c b/engines/e_chil.c deleted file mode 100644 index d5e4cb67c440..000000000000 --- a/engines/e_chil.c +++ /dev/null @@ -1,1366 +0,0 @@ -/* crypto/engine/e_chil.c */ -/* - * Written by Richard Levitte (richard@levitte.org), Geoff Thorpe - * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for - * the OpenSSL project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/pem.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#include <openssl/ui.h> -#include <openssl/rand.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_CHIL - -/*- - * Attribution notice: nCipher have said several times that it's OK for - * us to implement a general interface to their boxes, and recently declared - * their HWCryptoHook to be public, and therefore available for us to use. - * Thanks, nCipher. - * - * The hwcryptohook.h included here is from May 2000. - * [Richard Levitte] - */ -# ifdef FLAT_INC -# include "hwcryptohook.h" -# else -# include "vendor_defns/hwcryptohook.h" -# endif - -# define HWCRHK_LIB_NAME "CHIL engine" -# include "e_chil_err.c" - -static int hwcrhk_destroy(ENGINE *e); -static int hwcrhk_init(ENGINE *e); -static int hwcrhk_finish(ENGINE *e); -static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); - -/* Functions to handle mutexes */ -static int hwcrhk_mutex_init(HWCryptoHook_Mutex *, - HWCryptoHook_CallerContext *); -static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *); -static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex *); -static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *); - -/* BIGNUM stuff */ -static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -# ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -static int hwcrhk_rsa_finish(RSA *rsa); -# endif - -# ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -/* RAND stuff */ -static int hwcrhk_rand_bytes(unsigned char *buf, int num); -static int hwcrhk_rand_status(void); - -/* KM stuff */ -static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, - void *callback_data); -static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, - void *callback_data); - -/* Interaction stuff */ -static int hwcrhk_insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext * ppctx, - HWCryptoHook_CallerContext * cactx); -static int hwcrhk_get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext * ppctx, - HWCryptoHook_CallerContext * cactx); -static void hwcrhk_log_message(void *logstr, const char *message); - -/* The definitions for control commands specific to this engine */ -# define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE -# define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1) -# define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2) -# define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3) -# define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4) -static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = { - {HWCRHK_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'hwcrhk' shared library", - ENGINE_CMD_FLAG_STRING}, - {HWCRHK_CMD_FORK_CHECK, - "FORK_CHECK", - "Turns fork() checking on (non-zero) or off (zero)", - ENGINE_CMD_FLAG_NUMERIC}, - {HWCRHK_CMD_THREAD_LOCKING, - "THREAD_LOCKING", - "Turns thread-safe locking on (zero) or off (non-zero)", - ENGINE_CMD_FLAG_NUMERIC}, - {HWCRHK_CMD_SET_USER_INTERFACE, - "SET_USER_INTERFACE", - "Set the global user interface (internal)", - ENGINE_CMD_FLAG_INTERNAL}, - {HWCRHK_CMD_SET_CALLBACK_DATA, - "SET_CALLBACK_DATA", - "Set the global user interface extra data (internal)", - ENGINE_CMD_FLAG_INTERNAL}, - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD hwcrhk_rsa = { - "CHIL RSA method", - NULL, - NULL, - NULL, - NULL, - hwcrhk_rsa_mod_exp, - hwcrhk_mod_exp_mont, - NULL, - hwcrhk_rsa_finish, - 0, - NULL, - NULL, - NULL, - NULL -}; -# endif - -# ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD hwcrhk_dh = { - "CHIL DH method", - NULL, - NULL, - hwcrhk_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL -}; -# endif - -static RAND_METHOD hwcrhk_rand = { - /* "CHIL RAND method", */ - NULL, - hwcrhk_rand_bytes, - NULL, - NULL, - hwcrhk_rand_bytes, - hwcrhk_rand_status, -}; - -/* Constants used when creating the ENGINE */ -static const char *engine_hwcrhk_id = "chil"; -static const char *engine_hwcrhk_name = "CHIL hardware engine support"; -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -/* Compatibility hack, the dynamic library uses this form in the path */ -static const char *engine_hwcrhk_id_alt = "ncipher"; -# endif - -/* Internal stuff for HWCryptoHook */ - -/* Some structures needed for proper use of thread locks */ -/* - * hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue - * into HWCryptoHook_Mutex - */ -struct HWCryptoHook_MutexValue { - int lockid; -}; - -/* - * hwcryptohook.h has some typedefs that turn struct - * HWCryptoHook_PassphraseContextValue into HWCryptoHook_PassphraseContext - */ -struct HWCryptoHook_PassphraseContextValue { - UI_METHOD *ui_method; - void *callback_data; -}; - -/* - * hwcryptohook.h has some typedefs that turn struct - * HWCryptoHook_CallerContextValue into HWCryptoHook_CallerContext - */ -struct HWCryptoHook_CallerContextValue { - pem_password_cb *password_callback; /* Deprecated! Only present for - * backward compatibility! */ - UI_METHOD *ui_method; - void *callback_data; -}; - -/* - * The MPI structure in HWCryptoHook is pretty compatible with OpenSSL - * BIGNUM's, so lets define a couple of conversion macros - */ -# define BN2MPI(mp, bn) \ - {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} -# define MPI2BN(bn, mp) \ - {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;} - -static BIO *logstream = NULL; -static int disable_mutex_callbacks = 0; - -/* - * One might wonder why these are needed, since one can pass down at least a - * UI_METHOD and a pointer to callback data to the key-loading functions. The - * thing is that the ModExp and RSAImmed functions can load keys as well, if - * the data they get is in a special, nCipher-defined format (hint: if you - * look at the private exponent of the RSA data as a string, you'll see this - * string: "nCipher KM tool key id", followed by some bytes, followed a key - * identity string, followed by more bytes. This happens when you use - * "embed" keys instead of "hwcrhk" keys). Unfortunately, those functions do - * not take any passphrase or caller context, and our functions can't really - * take any callback data either. Still, the "insert_card" and - * "get_passphrase" callbacks may be called down the line, and will need to - * know what user interface callbacks to call, and having callback data from - * the application may be a nice thing as well, so we need to keep track of - * that globally. - */ -static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL }; - -/* Stuff to pass to the HWCryptoHook library */ -static HWCryptoHook_InitInfo hwcrhk_globals = { - HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */ - &logstream, /* logstream */ - sizeof(BN_ULONG), /* limbsize */ - 0, /* mslimb first: false for BNs */ - -1, /* msbyte first: use native */ - 0, /* Max mutexes, 0 = no small limit */ - 0, /* Max simultaneous, 0 = default */ - - /* - * The next few are mutex stuff: we write wrapper functions around the OS - * mutex functions. We initialise them to 0 here, and change that to - * actual function pointers in hwcrhk_init() if dynamic locks are - * supported (that is, if the application programmer has made sure of - * setting up callbacks bafore starting this engine) *and* if - * disable_mutex_callbacks hasn't been set by a call to - * ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). - */ - sizeof(HWCryptoHook_Mutex), - 0, - 0, - 0, - 0, - - /* - * The next few are condvar stuff: we write wrapper functions round the - * OS functions. Currently not implemented and not and absolute - * necessity even in threaded programs, therefore 0'ed. Will hopefully - * be implemented some day, since it enhances the efficiency of - * HWCryptoHook. - */ - 0, /* sizeof(HWCryptoHook_CondVar), */ - 0, /* hwcrhk_cv_init, */ - 0, /* hwcrhk_cv_wait, */ - 0, /* hwcrhk_cv_signal, */ - 0, /* hwcrhk_cv_broadcast, */ - 0, /* hwcrhk_cv_destroy, */ - - hwcrhk_get_pass, /* pass phrase */ - hwcrhk_insert_card, /* insert a card */ - hwcrhk_log_message /* Log message */ -}; - -/* Now, to our own code */ - -/* - * This internal function is used by ENGINE_chil() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_helper(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DH - const DH_METHOD *meth2; -# endif - if (!ENGINE_set_id(e, engine_hwcrhk_id) || - !ENGINE_set_name(e, engine_hwcrhk_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &hwcrhk_rsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &hwcrhk_dh) || -# endif - !ENGINE_set_RAND(e, &hwcrhk_rand) || - !ENGINE_set_destroy_function(e, hwcrhk_destroy) || - !ENGINE_set_init_function(e, hwcrhk_init) || - !ENGINE_set_finish_function(e, hwcrhk_finish) || - !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) || - !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) || - !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) || - !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB: - * We don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -# endif - -# ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth2 = DH_OpenSSL(); - hwcrhk_dh.generate_key = meth2->generate_key; - hwcrhk_dh.compute_key = meth2->compute_key; -# endif - - /* Ensure the hwcrhk error handling is set up */ - ERR_load_HWCRHK_strings(); - return 1; -} - -# ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_chil(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_chil(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_chil(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This is a process-global DSO handle used for loading and unloading the - * HWCryptoHook library. NB: This is only set (or unset) during an init() or - * finish() call (reference counts permitting) and they're operating with - * global locks, so this should be thread-safe implicitly. - */ -static DSO *hwcrhk_dso = NULL; -static HWCryptoHook_ContextHandle hwcrhk_context = 0; -# ifndef OPENSSL_NO_RSA -/* Index for KM handle. Not really used yet. */ -static int hndidx_rsa = -1; -# endif - -/* - * These are the function pointers that are (un)set when the library has - * successfully (un)loaded. - */ -static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL; -static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL; -static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL; -# ifndef OPENSSL_NO_RSA -static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL; -# endif -static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL; -# ifndef OPENSSL_NO_RSA -static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL; -static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL; -static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; -# endif -static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; - -/* Used in the DSO operations. */ -static const char *HWCRHK_LIBNAME = NULL; -static void free_HWCRHK_LIBNAME(void) -{ - if (HWCRHK_LIBNAME) - OPENSSL_free((void *)HWCRHK_LIBNAME); - HWCRHK_LIBNAME = NULL; -} - -static const char *get_HWCRHK_LIBNAME(void) -{ - if (HWCRHK_LIBNAME) - return HWCRHK_LIBNAME; - return "nfhwcrhk"; -} - -static long set_HWCRHK_LIBNAME(const char *name) -{ - free_HWCRHK_LIBNAME(); - return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); -} - -static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; -static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; -static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; -# ifndef OPENSSL_NO_RSA -static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA"; -# endif -static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes"; -# ifndef OPENSSL_NO_RSA -static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey"; -static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey"; -static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey"; -# endif -static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT"; - -/* - * HWCryptoHook library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no error - * checking, take a look lower down where these functions are called, the - * checking and error handling is probably down there. - */ - -/* utility function to obtain a context */ -static int get_context(HWCryptoHook_ContextHandle * hac, - HWCryptoHook_CallerContext * cac) -{ - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, cac); - if (!*hac) - return 0; - return 1; -} - -/* similarly to release one. */ -static void release_context(HWCryptoHook_ContextHandle hac) -{ - p_hwcrhk_Finish(hac); -} - -/* Destructor (complements the "ENGINE_chil()" constructor) */ -static int hwcrhk_destroy(ENGINE *e) -{ - free_HWCRHK_LIBNAME(); - ERR_unload_HWCRHK_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int hwcrhk_init(ENGINE *e) -{ - HWCryptoHook_Init_t *p1; - HWCryptoHook_Finish_t *p2; - HWCryptoHook_ModExp_t *p3; -# ifndef OPENSSL_NO_RSA - HWCryptoHook_RSA_t *p4; - HWCryptoHook_RSALoadKey_t *p5; - HWCryptoHook_RSAGetPublicKey_t *p6; - HWCryptoHook_RSAUnloadKey_t *p7; -# endif - HWCryptoHook_RandomBytes_t *p8; - HWCryptoHook_ModExpCRT_t *p9; - - if (hwcrhk_dso != NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ - hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0); - if (hwcrhk_dso == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE); - goto err; - } - if (!(p1 = (HWCryptoHook_Init_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) || - !(p2 = (HWCryptoHook_Finish_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || - !(p3 = (HWCryptoHook_ModExp_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || -# ifndef OPENSSL_NO_RSA - !(p4 = (HWCryptoHook_RSA_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || - !(p5 = (HWCryptoHook_RSALoadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) || - !(p6 = (HWCryptoHook_RSAGetPublicKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || - !(p7 = (HWCryptoHook_RSAUnloadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || -# endif - !(p8 = (HWCryptoHook_RandomBytes_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || - !(p9 = (HWCryptoHook_ModExpCRT_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE); - goto err; - } - /* Copy the pointers */ - p_hwcrhk_Init = p1; - p_hwcrhk_Finish = p2; - p_hwcrhk_ModExp = p3; -# ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = p4; - p_hwcrhk_RSALoadKey = p5; - p_hwcrhk_RSAGetPublicKey = p6; - p_hwcrhk_RSAUnloadKey = p7; -# endif - p_hwcrhk_RandomBytes = p8; - p_hwcrhk_ModExpCRT = p9; - - /* - * Check if the application decided to support dynamic locks, and if it - * does, use them. - */ - if (disable_mutex_callbacks == 0) { - if (CRYPTO_get_dynlock_create_callback() != NULL && - CRYPTO_get_dynlock_lock_callback() != NULL && - CRYPTO_get_dynlock_destroy_callback() != NULL) { - hwcrhk_globals.mutex_init = hwcrhk_mutex_init; - hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; - hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; - hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; - } - } - - /* - * Try and get a context - if not, we may have a DSO but no accelerator! - */ - if (!get_context(&hwcrhk_context, &password_context)) { - HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_UNIT_FAILURE); - goto err; - } - /* Everything's fine. */ -# ifndef OPENSSL_NO_RSA - if (hndidx_rsa == -1) - hndidx_rsa = RSA_get_ex_new_index(0, - "nFast HWCryptoHook RSA key handle", - NULL, NULL, NULL); -# endif - return 1; - err: - if (hwcrhk_dso) - DSO_free(hwcrhk_dso); - hwcrhk_dso = NULL; - p_hwcrhk_Init = NULL; - p_hwcrhk_Finish = NULL; - p_hwcrhk_ModExp = NULL; -# ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = NULL; - p_hwcrhk_RSALoadKey = NULL; - p_hwcrhk_RSAGetPublicKey = NULL; - p_hwcrhk_RSAUnloadKey = NULL; -# endif - p_hwcrhk_ModExpCRT = NULL; - p_hwcrhk_RandomBytes = NULL; - return 0; -} - -static int hwcrhk_finish(ENGINE *e) -{ - int to_return = 1; - free_HWCRHK_LIBNAME(); - if (hwcrhk_dso == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_NOT_LOADED); - to_return = 0; - goto err; - } - release_context(hwcrhk_context); - if (!DSO_free(hwcrhk_dso)) { - HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_DSO_FAILURE); - to_return = 0; - goto err; - } - err: - if (logstream) - BIO_free(logstream); - hwcrhk_dso = NULL; - p_hwcrhk_Init = NULL; - p_hwcrhk_Finish = NULL; - p_hwcrhk_ModExp = NULL; -# ifndef OPENSSL_NO_RSA - p_hwcrhk_RSA = NULL; - p_hwcrhk_RSALoadKey = NULL; - p_hwcrhk_RSAGetPublicKey = NULL; - p_hwcrhk_RSAUnloadKey = NULL; -# endif - p_hwcrhk_ModExpCRT = NULL; - p_hwcrhk_RandomBytes = NULL; - return to_return; -} - -static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int to_return = 1; - - switch (cmd) { - case HWCRHK_CMD_SO_PATH: - if (hwcrhk_dso) { - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_ALREADY_LOADED); - return 0; - } - if (p == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - return set_HWCRHK_LIBNAME((const char *)p); - case ENGINE_CTRL_SET_LOGSTREAM: - { - BIO *bio = (BIO *)p; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (logstream) { - BIO_free(logstream); - logstream = NULL; - } - if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1) - logstream = bio; - else - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED); - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_PASSWORD_CALLBACK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.password_callback = (pem_password_cb *)f; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_USER_INTERFACE: - case HWCRHK_CMD_SET_USER_INTERFACE: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.ui_method = (UI_METHOD *)p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case ENGINE_CTRL_SET_CALLBACK_DATA: - case HWCRHK_CMD_SET_CALLBACK_DATA: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - password_context.callback_data = p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* - * this enables or disables the "SimpleForkCheck" flag used in the - * initialisation structure. - */ - case ENGINE_CTRL_CHIL_SET_FORKCHECK: - case HWCRHK_CMD_FORK_CHECK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (i) - hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck; - else - hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* - * This will prevent the initialisation function from "installing" - * the mutex-handling callbacks, even if they are available from - * within the library (or were provided to the library from the - * calling application). This is to remove any baggage for - * applications not using multithreading. - */ - case ENGINE_CTRL_CHIL_NO_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - disable_mutex_callbacks = 1; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - case HWCRHK_CMD_THREAD_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - disable_mutex_callbacks = ((i == 0) ? 0 : 1); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - - /* The command isn't understood by this engine */ - default: - HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, - HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - to_return = 0; - break; - } - - return to_return; -} - -static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, - void *callback_data) -{ -# ifndef OPENSSL_NO_RSA - RSA *rtmp = NULL; -# endif - EVP_PKEY *res = NULL; -# ifndef OPENSSL_NO_RSA - HWCryptoHook_MPI e, n; - HWCryptoHook_RSAKeyHandle *hptr; -# endif -# if !defined(OPENSSL_NO_RSA) - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - HWCryptoHook_PassphraseContext ppctx; -# endif - -# if !defined(OPENSSL_NO_RSA) - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); -# endif - - if (!hwcrhk_context) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NOT_INITIALISED); - goto err; - } -# ifndef OPENSSL_NO_RSA - hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); - if (!hptr) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - ppctx.ui_method = ui_method; - ppctx.callback_data = callback_data; - if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, &rmsg, &ppctx)) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1, rmsg.buf); - goto err; - } - if (!*hptr) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NO_KEY); - goto err; - } -# endif -# ifndef OPENSSL_NO_RSA - rtmp = RSA_new_method(eng); - if (rtmp == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr); - rtmp->e = BN_new(); - rtmp->n = BN_new(); - if (rtmp->e == NULL || rtmp->n == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - rtmp->flags |= RSA_FLAG_EXT_PKEY; - MPI2BN(rtmp->e, e); - MPI2BN(rtmp->n, n); - if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg) - != HWCRYPTOHOOK_ERROR_MPISIZE) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1, rmsg.buf); - goto err; - } - - if (bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)) == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - if (bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)) == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - MPI2BN(rtmp->e, e); - MPI2BN(rtmp->n, n); - - if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR); - ERR_add_error_data(1, rmsg.buf); - goto err; - } - rtmp->e->top = e.size / sizeof(BN_ULONG); - bn_fix_top(rtmp->e); - rtmp->n->top = n.size / sizeof(BN_ULONG); - bn_fix_top(rtmp->n); - - res = EVP_PKEY_new(); - if (res == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR); - goto err; - } - EVP_PKEY_assign_RSA(res, rtmp); -# endif - - if (!res) - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, - HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED); - - return res; - err: -# ifndef OPENSSL_NO_RSA - if (rtmp) - RSA_free(rtmp); -# endif - return NULL; -} - -static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - EVP_PKEY *res = NULL; - -# ifndef OPENSSL_NO_RSA - res = hwcrhk_load_privkey(eng, key_id, ui_method, callback_data); -# endif - - if (res) - switch (res->type) { -# ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - { - RSA *rsa = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); - rsa = res->pkey.rsa; - res->pkey.rsa = RSA_new(); - res->pkey.rsa->n = rsa->n; - res->pkey.rsa->e = rsa->e; - rsa->n = NULL; - rsa->e = NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - RSA_free(rsa); - } - break; -# endif - default: - HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, - HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED); - goto err; - } - - return res; - err: - if (res) - EVP_PKEY_free(res); - return NULL; -} - -/* A little mod_exp */ -static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - /* - * Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, we use them - * directly, plus a little macro magic. We only thing we need to make - * sure of is that enough space is allocated. - */ - HWCryptoHook_MPI m_a, m_p, m_n, m_r; - int to_return, ret; - - to_return = 0; /* expect failure */ - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if (!hwcrhk_context) { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_NOT_INITIALISED); - goto err; - } - /* Prepare the params */ - if (bn_expand2(r, m->top) == NULL) { /* Check for error !! */ - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE); - goto err; - } - BN2MPI(m_a, a); - BN2MPI(m_p, p); - BN2MPI(m_n, m); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) { - /* - * FIXME: When this error is returned, HWCryptoHook is telling us - * that falling back to software computation might be a good thing. - */ - if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FALLBACK); - } else { - HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1, rmsg.buf); - goto err; - } - - to_return = 1; - err: - return to_return; -} - -# ifndef OPENSSL_NO_RSA -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx) -{ - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - HWCryptoHook_RSAKeyHandle *hptr; - int to_return = 0, ret; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if (!hwcrhk_context) { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, HWCRHK_R_NOT_INITIALISED); - goto err; - } - - /* - * This provides support for nForce keys. Since that's opaque data all - * we do is provide a handle to the proper key and let HWCryptoHook take - * care of the rest. - */ - if ((hptr = - (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa)) - != NULL) { - HWCryptoHook_MPI m_a, m_r; - - if (!rsa->n) { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Prepare the params */ - if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */ - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE); - goto err; - } - BN2MPI(m_a, I); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) { - /* - * FIXME: When this error is returned, HWCryptoHook is telling us - * that falling back to software computation might be a good - * thing. - */ - if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FALLBACK); - } else { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1, rmsg.buf); - goto err; - } - } else { - HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r; - - if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Prepare the params */ - if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */ - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE); - goto err; - } - BN2MPI(m_a, I); - BN2MPI(m_p, rsa->p); - BN2MPI(m_q, rsa->q); - BN2MPI(m_dmp1, rsa->dmp1); - BN2MPI(m_dmq1, rsa->dmq1); - BN2MPI(m_iqmp, rsa->iqmp); - MPI2BN(r, m_r); - - /* Perform the operation */ - ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, - m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg); - - /* Convert the response */ - r->top = m_r.size / sizeof(BN_ULONG); - bn_fix_top(r); - - if (ret < 0) { - /* - * FIXME: When this error is returned, HWCryptoHook is telling us - * that falling back to software computation might be a good - * thing. - */ - if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FALLBACK); - } else { - HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, - HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1, rmsg.buf); - goto err; - } - } - /* - * If we're here, we must be here with some semblance of success :-) - */ - to_return = 1; - err: - return to_return; -} -# endif - -# ifndef OPENSSL_NO_RSA -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return hwcrhk_mod_exp(r, a, p, m, ctx); -} - -static int hwcrhk_rsa_finish(RSA *rsa) -{ - HWCryptoHook_RSAKeyHandle *hptr; - - hptr = RSA_get_ex_data(rsa, hndidx_rsa); - if (hptr) { - p_hwcrhk_RSAUnloadKey(*hptr, NULL); - OPENSSL_free(hptr); - RSA_set_ex_data(rsa, hndidx_rsa, NULL); - } - return 1; -} - -# endif - -# ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return hwcrhk_mod_exp(r, a, p, m, ctx); -} -# endif - -/* Random bytes are good */ -static int hwcrhk_rand_bytes(unsigned char *buf, int num) -{ - char tempbuf[1024]; - HWCryptoHook_ErrMsgBuf rmsg; - int to_return = 0; /* assume failure */ - int ret; - - rmsg.buf = tempbuf; - rmsg.size = sizeof(tempbuf); - - if (!hwcrhk_context) { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_NOT_INITIALISED); - goto err; - } - - ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg); - if (ret < 0) { - /* - * FIXME: When this error is returned, HWCryptoHook is telling us - * that falling back to software computation might be a good thing. - */ - if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FALLBACK); - } else { - HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FAILED); - } - ERR_add_error_data(1, rmsg.buf); - goto err; - } - to_return = 1; - err: - return to_return; -} - -static int hwcrhk_rand_status(void) -{ - return 1; -} - -/* - * Mutex calls: since the HWCryptoHook model closely follows the POSIX model - * these just wrap the POSIX functions and add some logging. - */ - -static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt, - HWCryptoHook_CallerContext * cactx) -{ - mt->lockid = CRYPTO_get_new_dynlockid(); - if (mt->lockid == 0) - return 1; /* failure */ - return 0; /* success */ -} - -static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt) -{ - CRYPTO_w_lock(mt->lockid); - return 0; -} - -static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) -{ - CRYPTO_w_unlock(mt->lockid); -} - -static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt) -{ - CRYPTO_destroy_dynlockid(mt->lockid); -} - -static int hwcrhk_get_pass(const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext * ppctx, - HWCryptoHook_CallerContext * cactx) -{ - pem_password_cb *callback = NULL; - void *callback_data = NULL; - UI_METHOD *ui_method = NULL; - /* - * Despite what the documentation says prompt_info can be an empty - * string. - */ - if (prompt_info && !*prompt_info) - prompt_info = NULL; - - if (cactx) { - if (cactx->ui_method) - ui_method = cactx->ui_method; - if (cactx->password_callback) - callback = cactx->password_callback; - if (cactx->callback_data) - callback_data = cactx->callback_data; - } - if (ppctx) { - if (ppctx->ui_method) { - ui_method = ppctx->ui_method; - callback = NULL; - } - if (ppctx->callback_data) - callback_data = ppctx->callback_data; - } - if (callback == NULL && ui_method == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS, HWCRHK_R_NO_CALLBACK); - return -1; - } - - if (ui_method) { - UI *ui = UI_new_method(ui_method); - if (ui) { - int ok; - char *prompt = UI_construct_prompt(ui, - "pass phrase", prompt_info); - - ok = UI_add_input_string(ui, prompt, - UI_INPUT_FLAG_DEFAULT_PWD, - buf, 0, (*len_io) - 1); - UI_add_user_data(ui, callback_data); - UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); - - if (ok >= 0) - do { - ok = UI_process(ui); - } - while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); - - if (ok >= 0) - *len_io = strlen(buf); - - UI_free(ui); - OPENSSL_free(prompt); - } - } else { - *len_io = callback(buf, *len_io, 0, callback_data); - } - if (!*len_io) - return -1; - return 0; -} - -static int hwcrhk_insert_card(const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext * ppctx, - HWCryptoHook_CallerContext * cactx) -{ - int ok = -1; - UI *ui; - void *callback_data = NULL; - UI_METHOD *ui_method = NULL; - - if (cactx) { - if (cactx->ui_method) - ui_method = cactx->ui_method; - if (cactx->callback_data) - callback_data = cactx->callback_data; - } - if (ppctx) { - if (ppctx->ui_method) - ui_method = ppctx->ui_method; - if (ppctx->callback_data) - callback_data = ppctx->callback_data; - } - if (ui_method == NULL) { - HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, HWCRHK_R_NO_CALLBACK); - return -1; - } - - ui = UI_new_method(ui_method); - - if (ui) { - char answer = '\0'; - char buf[BUFSIZ]; - /* - * Despite what the documentation says wrong_info can be an empty - * string. - */ - if (wrong_info && *wrong_info) - BIO_snprintf(buf, sizeof(buf) - 1, - "Current card: \"%s\"\n", wrong_info); - else - buf[0] = 0; - ok = UI_dup_info_string(ui, buf); - if (ok >= 0 && prompt_info) { - BIO_snprintf(buf, sizeof(buf) - 1, - "Insert card \"%s\"", prompt_info); - ok = UI_dup_input_boolean(ui, buf, - "\n then hit <enter> or C<enter> to cancel\n", - "\r\n", "Cc", UI_INPUT_FLAG_ECHO, - &answer); - } - UI_add_user_data(ui, callback_data); - - if (ok >= 0) - ok = UI_process(ui); - UI_free(ui); - - if (ok == -2 || (ok >= 0 && answer == 'C')) - ok = 1; - else if (ok < 0) - ok = -1; - else - ok = 0; - } - return ok; -} - -static void hwcrhk_log_message(void *logstr, const char *message) -{ - BIO *lstream = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_BIO); - if (logstr) - lstream = *(BIO **)logstr; - if (lstream) { - BIO_printf(lstream, "%s\n", message); - } - CRYPTO_w_unlock(CRYPTO_LOCK_BIO); -} - -/* - * This stuff is needed if this ENGINE is being compiled into a - * self-contained shared-library. - */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_hwcrhk_id) != 0) && - (strcmp(id, engine_hwcrhk_id_alt) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -# endif /* !OPENSSL_NO_HW_CHIL */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_chil_err.c b/engines/e_chil_err.c deleted file mode 100644 index 00fbf8cd574c..000000000000 --- a/engines/e_chil_err.c +++ /dev/null @@ -1,157 +0,0 @@ -/* e_chil_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_chil_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA HWCRHK_str_functs[] = { - {ERR_FUNC(HWCRHK_F_HWCRHK_CTRL), "HWCRHK_CTRL"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_FINISH), "HWCRHK_FINISH"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_GET_PASS), "HWCRHK_GET_PASS"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_INIT), "HWCRHK_INIT"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_INSERT_CARD), "HWCRHK_INSERT_CARD"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PRIVKEY), "HWCRHK_LOAD_PRIVKEY"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PUBKEY), "HWCRHK_LOAD_PUBKEY"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_MOD_EXP), "HWCRHK_MOD_EXP"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_RAND_BYTES), "HWCRHK_RAND_BYTES"}, - {ERR_FUNC(HWCRHK_F_HWCRHK_RSA_MOD_EXP), "HWCRHK_RSA_MOD_EXP"}, - {0, NULL} -}; - -static ERR_STRING_DATA HWCRHK_str_reasons[] = { - {ERR_REASON(HWCRHK_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(HWCRHK_R_BIO_WAS_FREED), "bio was freed"}, - {ERR_REASON(HWCRHK_R_CHIL_ERROR), "chil error"}, - {ERR_REASON(HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(HWCRHK_R_DSO_FAILURE), "dso failure"}, - {ERR_REASON(HWCRHK_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {ERR_REASON(HWCRHK_R_NOT_INITIALISED), "not initialised"}, - {ERR_REASON(HWCRHK_R_NOT_LOADED), "not loaded"}, - {ERR_REASON(HWCRHK_R_NO_CALLBACK), "no callback"}, - {ERR_REASON(HWCRHK_R_NO_KEY), "no key"}, - {ERR_REASON(HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED), - "private key algorithms disabled"}, - {ERR_REASON(HWCRHK_R_REQUEST_FAILED), "request failed"}, - {ERR_REASON(HWCRHK_R_REQUEST_FALLBACK), "request fallback"}, - {ERR_REASON(HWCRHK_R_UNIT_FAILURE), "unit failure"}, - {0, NULL} -}; - -#endif - -#ifdef HWCRHK_LIB_NAME -static ERR_STRING_DATA HWCRHK_lib_name[] = { - {0, HWCRHK_LIB_NAME}, - {0, NULL} -}; -#endif - -static int HWCRHK_lib_error_code = 0; -static int HWCRHK_error_init = 1; - -static void ERR_load_HWCRHK_strings(void) -{ - if (HWCRHK_lib_error_code == 0) - HWCRHK_lib_error_code = ERR_get_next_error_library(); - - if (HWCRHK_error_init) { - HWCRHK_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(HWCRHK_lib_error_code, HWCRHK_str_functs); - ERR_load_strings(HWCRHK_lib_error_code, HWCRHK_str_reasons); -#endif - -#ifdef HWCRHK_LIB_NAME - HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code, 0, 0); - ERR_load_strings(0, HWCRHK_lib_name); -#endif - } -} - -static void ERR_unload_HWCRHK_strings(void) -{ - if (HWCRHK_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(HWCRHK_lib_error_code, HWCRHK_str_functs); - ERR_unload_strings(HWCRHK_lib_error_code, HWCRHK_str_reasons); -#endif - -#ifdef HWCRHK_LIB_NAME - ERR_unload_strings(0, HWCRHK_lib_name); -#endif - HWCRHK_error_init = 1; - } -} - -static void ERR_HWCRHK_error(int function, int reason, char *file, int line) -{ - if (HWCRHK_lib_error_code == 0) - HWCRHK_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(HWCRHK_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_chil_err.h b/engines/e_chil_err.h deleted file mode 100644 index d86a4ce9aec5..000000000000 --- a/engines/e_chil_err.h +++ /dev/null @@ -1,105 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_HWCRHK_ERR_H -# define HEADER_HWCRHK_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_HWCRHK_strings(void); -static void ERR_unload_HWCRHK_strings(void); -static void ERR_HWCRHK_error(int function, int reason, char *file, int line); -# define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the HWCRHK functions. */ - -/* Function codes. */ -# define HWCRHK_F_HWCRHK_CTRL 100 -# define HWCRHK_F_HWCRHK_FINISH 101 -# define HWCRHK_F_HWCRHK_GET_PASS 102 -# define HWCRHK_F_HWCRHK_INIT 103 -# define HWCRHK_F_HWCRHK_INSERT_CARD 104 -# define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 105 -# define HWCRHK_F_HWCRHK_LOAD_PUBKEY 106 -# define HWCRHK_F_HWCRHK_MOD_EXP 107 -# define HWCRHK_F_HWCRHK_RAND_BYTES 108 -# define HWCRHK_F_HWCRHK_RSA_MOD_EXP 109 - -/* Reason codes. */ -# define HWCRHK_R_ALREADY_LOADED 100 -# define HWCRHK_R_BIO_WAS_FREED 101 -# define HWCRHK_R_CHIL_ERROR 102 -# define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 -# define HWCRHK_R_DSO_FAILURE 104 -# define HWCRHK_R_MISSING_KEY_COMPONENTS 105 -# define HWCRHK_R_NOT_INITIALISED 106 -# define HWCRHK_R_NOT_LOADED 107 -# define HWCRHK_R_NO_CALLBACK 108 -# define HWCRHK_R_NO_KEY 109 -# define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 110 -# define HWCRHK_R_REQUEST_FAILED 111 -# define HWCRHK_R_REQUEST_FALLBACK 112 -# define HWCRHK_R_UNIT_FAILURE 113 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_cswift.c b/engines/e_cswift.c deleted file mode 100644 index c429802d5f9b..000000000000 --- a/engines/e_cswift.c +++ /dev/null @@ -1,1103 +0,0 @@ -/* crypto/engine/hw_cswift.c */ -/* - * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project - * 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/buffer.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include <openssl/rand.h> -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_CSWIFT - -/* - * Attribution notice: Rainbow have generously allowed me to reproduce the - * necessary definitions here from their API. This means the support can - * build independently of whether application builders have the API or - * hardware. This will allow developers to easily produce software that has - * latent hardware support for any users that have accelerators installed, - * without the developers themselves needing anything extra. I have only - * clipped the parts from the CryptoSwift header files that are (or seem) - * relevant to the CryptoSwift support code. This is simply to keep the file - * sizes reasonable. [Geoff] - */ -# ifdef FLAT_INC -# include "cswift.h" -# else -# include "vendor_defns/cswift.h" -# endif - -# define CSWIFT_LIB_NAME "cswift engine" -# include "e_cswift_err.c" - -# define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) - -static int cswift_destroy(ENGINE *e); -static int cswift_init(ENGINE *e); -static int cswift_finish(ENGINE *e); -static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); -# ifndef OPENSSL_NO_RSA -static int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in); -# endif - -/* BIGNUM stuff */ -static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -# ifndef OPENSSL_NO_RSA -static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, - const BIGNUM *dmq1, const BIGNUM *iqmp, - BN_CTX *ctx); -# endif - -# ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -# ifndef OPENSSL_NO_DSA -/* DSA stuff */ -static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, - DSA *dsa); -static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -# endif - -# ifndef OPENSSL_NO_DH -/* DH stuff */ -/* This function is alised to mod_exp (with the DH and mont dropped). */ -static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif - -/* RAND stuff */ -static int cswift_rand_bytes(unsigned char *buf, int num); -static int cswift_rand_status(void); - -/* The definitions for control commands specific to this engine */ -# define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { - {CSWIFT_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'cswift' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD cswift_rsa = { - "CryptoSwift RSA method", - NULL, - NULL, - NULL, - NULL, - cswift_rsa_mod_exp, - cswift_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL, - NULL -}; -# endif - -# ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD cswift_dsa = { - "CryptoSwift DSA method", - cswift_dsa_sign, - NULL, /* dsa_sign_setup */ - cswift_dsa_verify, - NULL, /* dsa_mod_exp */ - NULL, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - NULL, /* dsa_paramgen */ - NULL /* dsa_keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD cswift_dh = { - "CryptoSwift DH method", - NULL, - NULL, - cswift_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL -}; -# endif - -static RAND_METHOD cswift_random = { - /* "CryptoSwift RAND method", */ - NULL, - cswift_rand_bytes, - NULL, - NULL, - cswift_rand_bytes, - cswift_rand_status, -}; - -/* Constants used when creating the ENGINE */ -static const char *engine_cswift_id = "cswift"; -static const char *engine_cswift_name = "CryptoSwift hardware engine support"; - -/* - * This internal function is used by ENGINE_cswift() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_helper(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DH - const DH_METHOD *meth2; -# endif - if (!ENGINE_set_id(e, engine_cswift_id) || - !ENGINE_set_name(e, engine_cswift_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &cswift_rsa) || -# endif -# ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &cswift_dsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &cswift_dh) || -# endif - !ENGINE_set_RAND(e, &cswift_random) || - !ENGINE_set_destroy_function(e, cswift_destroy) || - !ENGINE_set_init_function(e, cswift_init) || - !ENGINE_set_finish_function(e, cswift_finish) || - !ENGINE_set_ctrl_function(e, cswift_ctrl) || - !ENGINE_set_cmd_defns(e, cswift_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB: - * We don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -# endif - -# ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth2 = DH_OpenSSL(); - cswift_dh.generate_key = meth2->generate_key; - cswift_dh.compute_key = meth2->compute_key; -# endif - - /* Ensure the cswift error handling is set up */ - ERR_load_CSWIFT_strings(); - return 1; -} - -# ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_cswift(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_cswift(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_cswift(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This is a process-global DSO handle used for loading and unloading the - * CryptoSwift library. NB: This is only set (or unset) during an init() or - * finish() call (reference counts permitting) and they're operating with - * global locks, so this should be thread-safe implicitly. - */ -static DSO *cswift_dso = NULL; - -/* - * These are the function pointers that are (un)set when the library has - * successfully (un)loaded. - */ -t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL; -t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL; -t_swSimpleRequest *p_CSwift_SimpleRequest = NULL; -t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL; - -/* Used in the DSO operations. */ -static const char *CSWIFT_LIBNAME = NULL; -static const char *get_CSWIFT_LIBNAME(void) -{ - if (CSWIFT_LIBNAME) - return CSWIFT_LIBNAME; - return "swift"; -} - -static void free_CSWIFT_LIBNAME(void) -{ - if (CSWIFT_LIBNAME) - OPENSSL_free((void *)CSWIFT_LIBNAME); - CSWIFT_LIBNAME = NULL; -} - -static long set_CSWIFT_LIBNAME(const char *name) -{ - free_CSWIFT_LIBNAME(); - return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); -} - -static const char *CSWIFT_F1 = "swAcquireAccContext"; -static const char *CSWIFT_F2 = "swAttachKeyParam"; -static const char *CSWIFT_F3 = "swSimpleRequest"; -static const char *CSWIFT_F4 = "swReleaseAccContext"; - -/* - * CryptoSwift library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no error - * checking, take a look lower down where these functions are called, the - * checking and error handling is probably down there. - */ - -/* utility function to obtain a context */ -static int get_context(SW_CONTEXT_HANDLE *hac) -{ - SW_STATUS status; - - status = p_CSwift_AcquireAccContext(hac); - if (status != SW_OK) - return 0; - return 1; -} - -/* similarly to release one. */ -static void release_context(SW_CONTEXT_HANDLE hac) -{ - p_CSwift_ReleaseAccContext(hac); -} - -/* Destructor (complements the "ENGINE_cswift()" constructor) */ -static int cswift_destroy(ENGINE *e) -{ - free_CSWIFT_LIBNAME(); - ERR_unload_CSWIFT_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int cswift_init(ENGINE *e) -{ - SW_CONTEXT_HANDLE hac; - t_swAcquireAccContext *p1; - t_swAttachKeyParam *p2; - t_swSimpleRequest *p3; - t_swReleaseAccContext *p4; - - if (cswift_dso != NULL) { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libswift.so/swift.dll/whatever. */ - cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0); - if (cswift_dso == NULL) { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED); - goto err; - } - if (!(p1 = (t_swAcquireAccContext *) - DSO_bind_func(cswift_dso, CSWIFT_F1)) || - !(p2 = (t_swAttachKeyParam *) - DSO_bind_func(cswift_dso, CSWIFT_F2)) || - !(p3 = (t_swSimpleRequest *) - DSO_bind_func(cswift_dso, CSWIFT_F3)) || - !(p4 = (t_swReleaseAccContext *) - DSO_bind_func(cswift_dso, CSWIFT_F4))) { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED); - goto err; - } - /* Copy the pointers */ - p_CSwift_AcquireAccContext = p1; - p_CSwift_AttachKeyParam = p2; - p_CSwift_SimpleRequest = p3; - p_CSwift_ReleaseAccContext = p4; - /* - * Try and get a context - if not, we may have a DSO but no accelerator! - */ - if (!get_context(&hac)) { - CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_UNIT_FAILURE); - goto err; - } - release_context(hac); - /* Everything's fine. */ - return 1; - err: - if (cswift_dso) { - DSO_free(cswift_dso); - cswift_dso = NULL; - } - p_CSwift_AcquireAccContext = NULL; - p_CSwift_AttachKeyParam = NULL; - p_CSwift_SimpleRequest = NULL; - p_CSwift_ReleaseAccContext = NULL; - return 0; -} - -static int cswift_finish(ENGINE *e) -{ - free_CSWIFT_LIBNAME(); - if (cswift_dso == NULL) { - CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_NOT_LOADED); - return 0; - } - if (!DSO_free(cswift_dso)) { - CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_UNIT_FAILURE); - return 0; - } - cswift_dso = NULL; - p_CSwift_AcquireAccContext = NULL; - p_CSwift_AttachKeyParam = NULL; - p_CSwift_SimpleRequest = NULL; - p_CSwift_ReleaseAccContext = NULL; - return 1; -} - -static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int initialised = ((cswift_dso == NULL) ? 0 : 1); - switch (cmd) { - case CSWIFT_CMD_SO_PATH: - if (p == NULL) { - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (initialised) { - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_ALREADY_LOADED); - return 0; - } - return set_CSWIFT_LIBNAME((const char *)p); - default: - break; - } - CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -/* Un petit mod_exp */ -static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - /* - * I need somewhere to store temporary serialised values for use with the - * CryptoSwift API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX - * but access their arrays directly as byte arrays <grin>. This way I - * don't have to clean anything up. - */ - BIGNUM *modulus; - BIGNUM *exponent; - BIGNUM *argument; - BIGNUM *result; - SW_STATUS sw_status; - SW_LARGENUMBER arg, res; - SW_PARAM sw_param; - SW_CONTEXT_HANDLE hac; - int to_return, acquired; - - modulus = exponent = argument = result = NULL; - to_return = 0; /* expect failure */ - acquired = 0; - - if (!get_context(&hac)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - /* Prepare the params */ - BN_CTX_start(ctx); - modulus = BN_CTX_get(ctx); - exponent = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if (!result) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_CTX_FULL); - goto err; - } - if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) || - !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - sw_param.type = SW_ALG_EXP; - sw_param.up.exp.modulus.nbytes = BN_bn2bin(m, - (unsigned char *)modulus->d); - sw_param.up.exp.modulus.value = (unsigned char *)modulus->d; - sw_param.up.exp.exponent.nbytes = BN_bn2bin(p, - (unsigned char *)exponent->d); - sw_param.up.exp.exponent.value = (unsigned char *)exponent->d; - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch (sw_status) { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d); - arg.value = (unsigned char *)argument->d; - res.nbytes = BN_num_bytes(m); - memset(result->d, 0, res.nbytes); - res.value = (unsigned char *)result->d; - /* Perform the operation */ - if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, - &res, 1)) != SW_OK) { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - /* Convert the response */ - BN_bin2bn((unsigned char *)result->d, res.nbytes, r); - to_return = 1; - err: - if (acquired) - release_context(hac); - BN_CTX_end(ctx); - return to_return; -} - -# ifndef OPENSSL_NO_RSA -int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in) -{ - int mod; - int numbytes = BN_num_bytes(in); - - mod = 0; - while (((out->nbytes = (numbytes + mod)) % 32)) { - mod++; - } - out->value = (unsigned char *)OPENSSL_malloc(out->nbytes); - if (!out->value) { - return 0; - } - BN_bn2bin(in, &out->value[mod]); - if (mod) - memset(out->value, 0, mod); - - return 1; -} -# endif - -# ifndef OPENSSL_NO_RSA -/* Un petit mod_exp chinois */ -static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, - const BIGNUM *dmq1, const BIGNUM *iqmp, - BN_CTX *ctx) -{ - SW_STATUS sw_status; - SW_LARGENUMBER arg, res; - SW_PARAM sw_param; - SW_CONTEXT_HANDLE hac; - BIGNUM *result = NULL; - BIGNUM *argument = NULL; - int to_return = 0; /* expect failure */ - int acquired = 0; - - sw_param.up.crt.p.value = NULL; - sw_param.up.crt.q.value = NULL; - sw_param.up.crt.dmp1.value = NULL; - sw_param.up.crt.dmq1.value = NULL; - sw_param.up.crt.iqmp.value = NULL; - - if (!get_context(&hac)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - - /* Prepare the params */ - argument = BN_new(); - result = BN_new(); - if (!result || !argument) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_CTX_FULL); - goto err; - } - - sw_param.type = SW_ALG_CRT; - /************************************************************************/ - /* - * 04/02/2003 - */ - /* - * Modified by Frederic Giudicelli (deny-all.com) to overcome the - */ - /* - * limitation of cswift with values not a multiple of 32 - */ - /************************************************************************/ - if (!cswift_bn_32copy(&sw_param.up.crt.p, p)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if (!cswift_bn_32copy(&sw_param.up.crt.q, q)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if (!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if (!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if (!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - if (!bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) { - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch (sw_status) { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d); - arg.value = (unsigned char *)argument->d; - res.nbytes = 2 * BN_num_bytes(p); - memset(result->d, 0, res.nbytes); - res.value = (unsigned char *)result->d; - /* Perform the operation */ - if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, - &res, 1)) != SW_OK) { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - /* Convert the response */ - BN_bin2bn((unsigned char *)result->d, res.nbytes, r); - to_return = 1; - err: - if (sw_param.up.crt.p.value) - OPENSSL_free(sw_param.up.crt.p.value); - if (sw_param.up.crt.q.value) - OPENSSL_free(sw_param.up.crt.q.value); - if (sw_param.up.crt.dmp1.value) - OPENSSL_free(sw_param.up.crt.dmp1.value); - if (sw_param.up.crt.dmq1.value) - OPENSSL_free(sw_param.up.crt.dmq1.value); - if (sw_param.up.crt.iqmp.value) - OPENSSL_free(sw_param.up.crt.iqmp.value); - if (result) - BN_free(result); - if (argument) - BN_free(argument); - if (acquired) - release_context(hac); - return to_return; -} -# endif - -# ifndef OPENSSL_NO_RSA -static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx) -{ - int to_return = 0; - const RSA_METHOD *def_rsa_method; - - if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP, - CSWIFT_R_MISSING_KEY_COMPONENTS); - goto err; - } - - /* Try the limits of RSA (2048 bits) */ - if (BN_num_bytes(rsa->p) > 128 || - BN_num_bytes(rsa->q) > 128 || - BN_num_bytes(rsa->dmp1) > 128 || - BN_num_bytes(rsa->dmq1) > 128 || BN_num_bytes(rsa->iqmp) > 128) { -# ifdef RSA_NULL - def_rsa_method = RSA_null_method(); -# else -# if 0 - def_rsa_method = RSA_PKCS1_RSAref(); -# else - def_rsa_method = RSA_PKCS1_SSLeay(); -# endif -# endif - if (def_rsa_method) - return def_rsa_method->rsa_mod_exp(r0, I, rsa, ctx); - } - - to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, - rsa->dmq1, rsa->iqmp, ctx); - err: - return to_return; -} - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - const RSA_METHOD *def_rsa_method; - - /* Try the limits of RSA (2048 bits) */ - if (BN_num_bytes(r) > 256 || - BN_num_bytes(a) > 256 || BN_num_bytes(m) > 256) { -# ifdef RSA_NULL - def_rsa_method = RSA_null_method(); -# else -# if 0 - def_rsa_method = RSA_PKCS1_RSAref(); -# else - def_rsa_method = RSA_PKCS1_SSLeay(); -# endif -# endif - if (def_rsa_method) - return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx); - } - - return cswift_mod_exp(r, a, p, m, ctx); -} -# endif /* OPENSSL_NO_RSA */ - -# ifndef OPENSSL_NO_DSA -static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) -{ - SW_CONTEXT_HANDLE hac; - SW_PARAM sw_param; - SW_STATUS sw_status; - SW_LARGENUMBER arg, res; - BN_CTX *ctx; - BIGNUM *dsa_p = NULL; - BIGNUM *dsa_q = NULL; - BIGNUM *dsa_g = NULL; - BIGNUM *dsa_key = NULL; - BIGNUM *result = NULL; - DSA_SIG *to_return = NULL; - int acquired = 0; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - if (!get_context(&hac)) { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - /* Prepare the params */ - BN_CTX_start(ctx); - dsa_p = BN_CTX_get(ctx); - dsa_q = BN_CTX_get(ctx); - dsa_g = BN_CTX_get(ctx); - dsa_key = BN_CTX_get(ctx); - result = BN_CTX_get(ctx); - if (!result) { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_CTX_FULL); - goto err; - } - if (!bn_wexpand(dsa_p, dsa->p->top) || - !bn_wexpand(dsa_q, dsa->q->top) || - !bn_wexpand(dsa_g, dsa->g->top) || - !bn_wexpand(dsa_key, dsa->priv_key->top) || - !bn_wexpand(result, dsa->p->top)) { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - sw_param.type = SW_ALG_DSA; - sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d); - sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d; - sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d); - sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d; - sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d); - sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d; - sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key, - (unsigned char *)dsa_key->d); - sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d; - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch (sw_status) { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg.nbytes = dlen; - arg.value = (unsigned char *)dgst; - res.nbytes = BN_num_bytes(dsa->p); - memset(result->d, 0, res.nbytes); - res.value = (unsigned char *)result->d; - /* Perform the operation */ - sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1, - &res, 1); - if (sw_status != SW_OK) { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - /* Convert the response */ - if ((to_return = DSA_SIG_new()) == NULL) - goto err; - to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL); - to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL); - - err: - if (acquired) - release_context(hac); - if (ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return to_return; -} - -static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa) -{ - SW_CONTEXT_HANDLE hac; - SW_PARAM sw_param; - SW_STATUS sw_status; - SW_LARGENUMBER arg[2], res; - unsigned long sig_result; - BN_CTX *ctx; - BIGNUM *dsa_p = NULL; - BIGNUM *dsa_q = NULL; - BIGNUM *dsa_g = NULL; - BIGNUM *dsa_key = NULL; - BIGNUM *argument = NULL; - int to_return = -1; - int acquired = 0; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - if (!get_context(&hac)) { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - /* Prepare the params */ - BN_CTX_start(ctx); - dsa_p = BN_CTX_get(ctx); - dsa_q = BN_CTX_get(ctx); - dsa_g = BN_CTX_get(ctx); - dsa_key = BN_CTX_get(ctx); - argument = BN_CTX_get(ctx); - if (!argument) { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_CTX_FULL); - goto err; - } - if (!bn_wexpand(dsa_p, dsa->p->top) || - !bn_wexpand(dsa_q, dsa->q->top) || - !bn_wexpand(dsa_g, dsa->g->top) || - !bn_wexpand(dsa_key, dsa->pub_key->top) || - !bn_wexpand(argument, 40)) { - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_EXPAND_FAIL); - goto err; - } - sw_param.type = SW_ALG_DSA; - sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d); - sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d; - sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d); - sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d; - sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d); - sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d; - sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key, - (unsigned char *)dsa_key->d); - sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d; - /* Attach the key params */ - sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); - switch (sw_status) { - case SW_OK: - break; - case SW_ERR_INPUT_SIZE: - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BAD_KEY_SIZE); - goto err; - default: - { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - } - goto err; - } - /* Prepare the argument and response */ - arg[0].nbytes = dgst_len; - arg[0].value = (unsigned char *)dgst; - arg[1].nbytes = 40; - arg[1].value = (unsigned char *)argument->d; - memset(arg[1].value, 0, 40); - BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r)); - BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s)); - res.nbytes = 4; /* unsigned long */ - res.value = (unsigned char *)(&sig_result); - /* Perform the operation */ - sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2, - &res, 1); - if (sw_status != SW_OK) { - char tmpbuf[DECIMAL_SIZE(sw_status) + 1]; - CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", sw_status); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - /* Convert the response */ - to_return = ((sig_result == 0) ? 0 : 1); - - err: - if (acquired) - release_context(hac); - if (ctx) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return to_return; -} -# endif - -# ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return cswift_mod_exp(r, a, p, m, ctx); -} -# endif - -/* Random bytes are good */ -static int cswift_rand_bytes(unsigned char *buf, int num) -{ - SW_CONTEXT_HANDLE hac; - SW_STATUS swrc; - SW_LARGENUMBER largenum; - int acquired = 0; - int to_return = 0; /* assume failure */ - unsigned char buf32[1024]; - - if (!get_context(&hac)) { - CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_UNIT_FAILURE); - goto err; - } - acquired = 1; - - /************************************************************************/ - /* - * 04/02/2003 - */ - /* - * Modified by Frederic Giudicelli (deny-all.com) to overcome the - */ - /* - * limitation of cswift with values not a multiple of 32 - */ - /************************************************************************/ - - while (num >= (int)sizeof(buf32)) { - largenum.value = buf; - largenum.nbytes = sizeof(buf32); - /*- - * tell CryptoSwift how many bytes we want and where we want it. - * Note: - CryptoSwift cannot do more than 4096 bytes at a time. - * - CryptoSwift can only do multiple of 32-bits. - */ - swrc = - p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); - if (swrc != SW_OK) { - char tmpbuf[20]; - CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", swrc); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - buf += sizeof(buf32); - num -= sizeof(buf32); - } - if (num) { - largenum.nbytes = sizeof(buf32); - largenum.value = buf32; - swrc = - p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); - if (swrc != SW_OK) { - char tmpbuf[20]; - CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED); - sprintf(tmpbuf, "%ld", swrc); - ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); - goto err; - } - memcpy(buf, largenum.value, num); - } - - to_return = 1; /* success */ - err: - if (acquired) - release_context(hac); - - return to_return; -} - -static int cswift_rand_status(void) -{ - return 1; -} - -/* - * This stuff is needed if this ENGINE is being compiled into a - * self-contained shared-library. - */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_cswift_id) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -# endif /* !OPENSSL_NO_HW_CSWIFT */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_cswift_err.c b/engines/e_cswift_err.c deleted file mode 100644 index f8a2cbb5ebf0..000000000000 --- a/engines/e_cswift_err.c +++ /dev/null @@ -1,150 +0,0 @@ -/* e_cswift_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_cswift_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA CSWIFT_str_functs[] = { - {ERR_FUNC(CSWIFT_F_CSWIFT_CTRL), "CSWIFT_CTRL"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_SIGN), "CSWIFT_DSA_SIGN"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_VERIFY), "CSWIFT_DSA_VERIFY"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_FINISH), "CSWIFT_FINISH"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_INIT), "CSWIFT_INIT"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP), "CSWIFT_MOD_EXP"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP_CRT), "CSWIFT_MOD_EXP_CRT"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_RAND_BYTES), "CSWIFT_RAND_BYTES"}, - {ERR_FUNC(CSWIFT_F_CSWIFT_RSA_MOD_EXP), "CSWIFT_RSA_MOD_EXP"}, - {0, NULL} -}; - -static ERR_STRING_DATA CSWIFT_str_reasons[] = { - {ERR_REASON(CSWIFT_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(CSWIFT_R_BAD_KEY_SIZE), "bad key size"}, - {ERR_REASON(CSWIFT_R_BN_CTX_FULL), "bn ctx full"}, - {ERR_REASON(CSWIFT_R_BN_EXPAND_FAIL), "bn expand fail"}, - {ERR_REASON(CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(CSWIFT_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {ERR_REASON(CSWIFT_R_NOT_LOADED), "not loaded"}, - {ERR_REASON(CSWIFT_R_REQUEST_FAILED), "request failed"}, - {ERR_REASON(CSWIFT_R_UNIT_FAILURE), "unit failure"}, - {0, NULL} -}; - -#endif - -#ifdef CSWIFT_LIB_NAME -static ERR_STRING_DATA CSWIFT_lib_name[] = { - {0, CSWIFT_LIB_NAME}, - {0, NULL} -}; -#endif - -static int CSWIFT_lib_error_code = 0; -static int CSWIFT_error_init = 1; - -static void ERR_load_CSWIFT_strings(void) -{ - if (CSWIFT_lib_error_code == 0) - CSWIFT_lib_error_code = ERR_get_next_error_library(); - - if (CSWIFT_error_init) { - CSWIFT_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_functs); - ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons); -#endif - -#ifdef CSWIFT_LIB_NAME - CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code, 0, 0); - ERR_load_strings(0, CSWIFT_lib_name); -#endif - } -} - -static void ERR_unload_CSWIFT_strings(void) -{ - if (CSWIFT_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_functs); - ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons); -#endif - -#ifdef CSWIFT_LIB_NAME - ERR_unload_strings(0, CSWIFT_lib_name); -#endif - CSWIFT_error_init = 1; - } -} - -static void ERR_CSWIFT_error(int function, int reason, char *file, int line) -{ - if (CSWIFT_lib_error_code == 0) - CSWIFT_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(CSWIFT_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_cswift_err.h b/engines/e_cswift_err.h deleted file mode 100644 index fde3a8277cb1..000000000000 --- a/engines/e_cswift_err.h +++ /dev/null @@ -1,99 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_CSWIFT_ERR_H -# define HEADER_CSWIFT_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_CSWIFT_strings(void); -static void ERR_unload_CSWIFT_strings(void); -static void ERR_CSWIFT_error(int function, int reason, char *file, int line); -# define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the CSWIFT functions. */ - -/* Function codes. */ -# define CSWIFT_F_CSWIFT_CTRL 100 -# define CSWIFT_F_CSWIFT_DSA_SIGN 101 -# define CSWIFT_F_CSWIFT_DSA_VERIFY 102 -# define CSWIFT_F_CSWIFT_FINISH 103 -# define CSWIFT_F_CSWIFT_INIT 104 -# define CSWIFT_F_CSWIFT_MOD_EXP 105 -# define CSWIFT_F_CSWIFT_MOD_EXP_CRT 106 -# define CSWIFT_F_CSWIFT_RAND_BYTES 108 -# define CSWIFT_F_CSWIFT_RSA_MOD_EXP 107 - -/* Reason codes. */ -# define CSWIFT_R_ALREADY_LOADED 100 -# define CSWIFT_R_BAD_KEY_SIZE 101 -# define CSWIFT_R_BN_CTX_FULL 102 -# define CSWIFT_R_BN_EXPAND_FAIL 103 -# define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED 104 -# define CSWIFT_R_MISSING_KEY_COMPONENTS 105 -# define CSWIFT_R_NOT_LOADED 106 -# define CSWIFT_R_REQUEST_FAILED 107 -# define CSWIFT_R_UNIT_FAILURE 108 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_dasync.c b/engines/e_dasync.c new file mode 100644 index 000000000000..b005f421a660 --- /dev/null +++ b/engines/e_dasync.c @@ -0,0 +1,770 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#if defined(_WIN32) +# include <windows.h> +#endif + +#include <stdio.h> +#include <string.h> + +#include <openssl/engine.h> +#include <openssl/sha.h> +#include <openssl/aes.h> +#include <openssl/rsa.h> +#include <openssl/evp.h> +#include <openssl/async.h> +#include <openssl/bn.h> +#include <openssl/crypto.h> +#include <openssl/ssl.h> +#include <openssl/modes.h> + +#if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS) +# undef ASYNC_POSIX +# define ASYNC_POSIX +# include <unistd.h> +#elif defined(_WIN32) +# undef ASYNC_WIN +# define ASYNC_WIN +#endif + +#include "e_dasync_err.c" + +/* Engine Id and Name */ +static const char *engine_dasync_id = "dasync"; +static const char *engine_dasync_name = "Dummy Async engine support"; + + +/* Engine Lifetime functions */ +static int dasync_destroy(ENGINE *e); +static int dasync_init(ENGINE *e); +static int dasync_finish(ENGINE *e); +void engine_load_dasync_int(void); + + +/* Set up digests. Just SHA1 for now */ +static int dasync_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid); + +static void dummy_pause_job(void); + +/* SHA1 */ +static int dasync_sha1_init(EVP_MD_CTX *ctx); +static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, + size_t count); +static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); + +/* + * Holds the EVP_MD object for sha1 in this engine. Set up once only during + * engine bind and can then be reused many times. + */ +static EVP_MD *_hidden_sha1_md = NULL; +static const EVP_MD *dasync_sha1(void) +{ + return _hidden_sha1_md; +} +static void destroy_digests(void) +{ + EVP_MD_meth_free(_hidden_sha1_md); + _hidden_sha1_md = NULL; +} + +static int dasync_digest_nids(const int **nids) +{ + static int digest_nids[2] = { 0, 0 }; + static int pos = 0; + static int init = 0; + + if (!init) { + const EVP_MD *md; + if ((md = dasync_sha1()) != NULL) + digest_nids[pos++] = EVP_MD_type(md); + digest_nids[pos] = 0; + init = 1; + } + *nids = digest_nids; + return pos; +} + +/* RSA */ + +static int dasync_pub_enc(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding); +static int dasync_pub_dec(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding); +static int dasync_rsa_priv_enc(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding); +static int dasync_rsa_priv_dec(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding); +static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, + BN_CTX *ctx); + +static int dasync_rsa_init(RSA *rsa); +static int dasync_rsa_finish(RSA *rsa); + +static RSA_METHOD *dasync_rsa_method = NULL; + +/* AES */ + +static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr); +static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx); + +static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr); +static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc); +static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl); +static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx); + +struct dasync_pipeline_ctx { + void *inner_cipher_data; + unsigned int numpipes; + unsigned char **inbufs; + unsigned char **outbufs; + size_t *lens; + int enc; + unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN]; + unsigned int aadctr; +}; + +/* + * Holds the EVP_CIPHER object for aes_128_cbc in this engine. Set up once only + * during engine bind and can then be reused many times. + */ +static EVP_CIPHER *_hidden_aes_128_cbc = NULL; +static const EVP_CIPHER *dasync_aes_128_cbc(void) +{ + return _hidden_aes_128_cbc; +} + +/* + * Holds the EVP_CIPHER object for aes_128_cbc_hmac_sha1 in this engine. Set up + * once only during engine bind and can then be reused many times. + */ +static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; +static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) +{ + return _hidden_aes_128_cbc_hmac_sha1; +} + +static void destroy_ciphers(void) +{ + EVP_CIPHER_meth_free(_hidden_aes_128_cbc); + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); + _hidden_aes_128_cbc = NULL; + _hidden_aes_128_cbc_hmac_sha1 = NULL; +} + +static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); + +static int dasync_cipher_nids[] = { + NID_aes_128_cbc, + NID_aes_128_cbc_hmac_sha1, + 0 +}; + +static int bind_dasync(ENGINE *e) +{ + /* Setup RSA_METHOD */ + if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) == NULL + || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0 + || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0 + || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0 + || RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) == 0 + || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0 + || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0 + || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0 + || RSA_meth_set_finish(dasync_rsa_method, dasync_rsa_finish) == 0) { + DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); + return 0; + } + + /* Ensure the dasync error handling is set up */ + ERR_load_DASYNC_strings(); + + if (!ENGINE_set_id(e, engine_dasync_id) + || !ENGINE_set_name(e, engine_dasync_name) + || !ENGINE_set_RSA(e, dasync_rsa_method) + || !ENGINE_set_digests(e, dasync_digests) + || !ENGINE_set_ciphers(e, dasync_ciphers) + || !ENGINE_set_destroy_function(e, dasync_destroy) + || !ENGINE_set_init_function(e, dasync_init) + || !ENGINE_set_finish_function(e, dasync_finish)) { + DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); + return 0; + } + + /* + * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests + * supplied by this engine + */ + _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption); + if (_hidden_sha1_md == NULL + || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK) + || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md, + sizeof(EVP_MD *) + sizeof(SHA_CTX)) + || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT) + || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init) + || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update) + || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) { + EVP_MD_meth_free(_hidden_sha1_md); + _hidden_sha1_md = NULL; + } + + _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, + 16 /* block size */, + 16 /* key len */); + if (_hidden_aes_128_cbc == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, + EVP_CIPH_FLAG_DEFAULT_ASN1 + | EVP_CIPH_CBC_MODE + | EVP_CIPH_FLAG_PIPELINE) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, + dasync_aes128_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, + dasync_aes128_cbc_cipher) + || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc, + dasync_aes128_cbc_cleanup) + || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc, + dasync_aes128_cbc_ctrl) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, + sizeof(struct dasync_pipeline_ctx))) { + EVP_CIPHER_meth_free(_hidden_aes_128_cbc); + _hidden_aes_128_cbc = NULL; + } + + _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( + NID_aes_128_cbc_hmac_sha1, + 16 /* block size */, + 16 /* key len */); + if (_hidden_aes_128_cbc_hmac_sha1 == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, + EVP_CIPH_CBC_MODE + | EVP_CIPH_FLAG_DEFAULT_ASN1 + | EVP_CIPH_FLAG_AEAD_CIPHER + | EVP_CIPH_FLAG_PIPELINE) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, + dasync_aes128_cbc_hmac_sha1_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, + dasync_aes128_cbc_hmac_sha1_cipher) + || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc_hmac_sha1, + dasync_aes128_cbc_hmac_sha1_cleanup) + || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, + dasync_aes128_cbc_hmac_sha1_ctrl) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, + sizeof(struct dasync_pipeline_ctx))) { + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); + _hidden_aes_128_cbc_hmac_sha1 = NULL; + } + + return 1; +} + +# ifndef OPENSSL_NO_DYNAMIC_ENGINE +static int bind_helper(ENGINE *e, const char *id) +{ + if (id && (strcmp(id, engine_dasync_id) != 0)) + return 0; + if (!bind_dasync(e)) + return 0; + return 1; +} + +IMPLEMENT_DYNAMIC_CHECK_FN() + IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) +# endif + +static ENGINE *engine_dasync(void) +{ + ENGINE *ret = ENGINE_new(); + if (!ret) + return NULL; + if (!bind_dasync(ret)) { + ENGINE_free(ret); + return NULL; + } + return ret; +} + +void engine_load_dasync_int(void) +{ + ENGINE *toadd = engine_dasync(); + if (!toadd) + return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); +} + +static int dasync_init(ENGINE *e) +{ + return 1; +} + + +static int dasync_finish(ENGINE *e) +{ + return 1; +} + + +static int dasync_destroy(ENGINE *e) +{ + destroy_digests(); + destroy_ciphers(); + RSA_meth_free(dasync_rsa_method); + ERR_unload_DASYNC_strings(); + return 1; +} + +static int dasync_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid) +{ + int ok = 1; + if (!digest) { + /* We are returning a list of supported nids */ + return dasync_digest_nids(nids); + } + /* We are being asked for a specific digest */ + switch (nid) { + case NID_sha1: + *digest = dasync_sha1(); + break; + default: + ok = 0; + *digest = NULL; + break; + } + return ok; +} + +static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid) +{ + int ok = 1; + if (cipher == NULL) { + /* We are returning a list of supported nids */ + *nids = dasync_cipher_nids; + return (sizeof(dasync_cipher_nids) - + 1) / sizeof(dasync_cipher_nids[0]); + } + /* We are being asked for a specific cipher */ + switch (nid) { + case NID_aes_128_cbc: + *cipher = dasync_aes_128_cbc(); + break; + case NID_aes_128_cbc_hmac_sha1: + *cipher = dasync_aes_128_cbc_hmac_sha1(); + break; + default: + ok = 0; + *cipher = NULL; + break; + } + return ok; +} + +static void wait_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, + OSSL_ASYNC_FD readfd, void *pvwritefd) +{ + OSSL_ASYNC_FD *pwritefd = (OSSL_ASYNC_FD *)pvwritefd; +#if defined(ASYNC_WIN) + CloseHandle(readfd); + CloseHandle(*pwritefd); +#elif defined(ASYNC_POSIX) + close(readfd); + close(*pwritefd); +#endif + OPENSSL_free(pwritefd); +} + +#define DUMMY_CHAR 'X' + +static void dummy_pause_job(void) { + ASYNC_JOB *job; + ASYNC_WAIT_CTX *waitctx; + OSSL_ASYNC_FD pipefds[2] = {0, 0}; + OSSL_ASYNC_FD *writefd; +#if defined(ASYNC_WIN) + DWORD numwritten, numread; + char buf = DUMMY_CHAR; +#elif defined(ASYNC_POSIX) + char buf = DUMMY_CHAR; +#endif + + if ((job = ASYNC_get_current_job()) == NULL) + return; + + waitctx = ASYNC_get_wait_ctx(job); + + if (ASYNC_WAIT_CTX_get_fd(waitctx, engine_dasync_id, &pipefds[0], + (void **)&writefd)) { + pipefds[1] = *writefd; + } else { + writefd = OPENSSL_malloc(sizeof(*writefd)); + if (writefd == NULL) + return; +#if defined(ASYNC_WIN) + if (CreatePipe(&pipefds[0], &pipefds[1], NULL, 256) == 0) { + OPENSSL_free(writefd); + return; + } +#elif defined(ASYNC_POSIX) + if (pipe(pipefds) != 0) { + OPENSSL_free(writefd); + return; + } +#endif + *writefd = pipefds[1]; + + if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_dasync_id, pipefds[0], + writefd, wait_cleanup)) { + wait_cleanup(waitctx, engine_dasync_id, pipefds[0], writefd); + return; + } + } + /* + * In the Dummy async engine we are cheating. We signal that the job + * is complete by waking it before the call to ASYNC_pause_job(). A real + * async engine would only wake when the job was actually complete + */ +#if defined(ASYNC_WIN) + WriteFile(pipefds[1], &buf, 1, &numwritten, NULL); +#elif defined(ASYNC_POSIX) + if (write(pipefds[1], &buf, 1) < 0) + return; +#endif + + /* Ignore errors - we carry on anyway */ + ASYNC_pause_job(); + + /* Clear the wake signal */ +#if defined(ASYNC_WIN) + ReadFile(pipefds[0], &buf, 1, &numread, NULL); +#elif defined(ASYNC_POSIX) + if (read(pipefds[0], &buf, 1) < 0) + return; +#endif +} + +/* + * SHA1 implementation. At the moment we just defer to the standard + * implementation + */ +#undef data +#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx)) +static int dasync_sha1_init(EVP_MD_CTX *ctx) +{ + dummy_pause_job(); + + return SHA1_Init(data(ctx)); +} + +static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, + size_t count) +{ + dummy_pause_job(); + + return SHA1_Update(data(ctx), data, (size_t)count); +} + +static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + dummy_pause_job(); + + return SHA1_Final(md, data(ctx)); +} + +/* + * RSA implementation + */ + +static int dasync_pub_enc(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) { + /* Ignore errors - we carry on anyway */ + dummy_pause_job(); + return RSA_meth_get_pub_enc(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); +} + +static int dasync_pub_dec(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) { + /* Ignore errors - we carry on anyway */ + dummy_pause_job(); + return RSA_meth_get_pub_dec(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); +} + +static int dasync_rsa_priv_enc(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) +{ + /* Ignore errors - we carry on anyway */ + dummy_pause_job(); + return RSA_meth_get_priv_enc(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); +} + +static int dasync_rsa_priv_dec(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) +{ + /* Ignore errors - we carry on anyway */ + dummy_pause_job(); + return RSA_meth_get_priv_dec(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); +} + +static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) +{ + /* Ignore errors - we carry on anyway */ + dummy_pause_job(); + return RSA_meth_get_mod_exp(RSA_PKCS1_OpenSSL())(r0, I, rsa, ctx); +} + +static int dasync_rsa_init(RSA *rsa) +{ + return RSA_meth_get_init(RSA_PKCS1_OpenSSL())(rsa); +} +static int dasync_rsa_finish(RSA *rsa) +{ + return RSA_meth_get_finish(RSA_PKCS1_OpenSSL())(rsa); +} + +/* Cipher helper functions */ + +static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr, int aeadcapable) +{ + int ret; + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + + if (pipe_ctx == NULL) + return 0; + + switch (type) { + case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: + pipe_ctx->numpipes = arg; + pipe_ctx->outbufs = (unsigned char **)ptr; + break; + + case EVP_CTRL_SET_PIPELINE_INPUT_BUFS: + pipe_ctx->numpipes = arg; + pipe_ctx->inbufs = (unsigned char **)ptr; + break; + + case EVP_CTRL_SET_PIPELINE_INPUT_LENS: + pipe_ctx->numpipes = arg; + pipe_ctx->lens = (size_t *)ptr; + break; + + case EVP_CTRL_AEAD_SET_MAC_KEY: + if (!aeadcapable) + return -1; + EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); + ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) + (ctx, type, arg, ptr); + EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); + return ret; + + case EVP_CTRL_AEAD_TLS1_AAD: + { + unsigned char *p = ptr; + unsigned int len; + + if (!aeadcapable || arg != EVP_AEAD_TLS1_AAD_LEN) + return -1; + + if (pipe_ctx->aadctr >= SSL_MAX_PIPELINES) + return -1; + + memcpy(pipe_ctx->tlsaad[pipe_ctx->aadctr], ptr, + EVP_AEAD_TLS1_AAD_LEN); + pipe_ctx->aadctr++; + + len = p[arg - 2] << 8 | p[arg - 1]; + + if (pipe_ctx->enc) { + if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) { + if (len < AES_BLOCK_SIZE) + return 0; + len -= AES_BLOCK_SIZE; + } + + return ((len + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) + & -AES_BLOCK_SIZE) - len; + } else { + return SHA_DIGEST_LENGTH; + } + } + + default: + return 0; + } + + return 1; +} + +static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc, + const EVP_CIPHER *cipher) +{ + int ret; + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + + if (pipe_ctx->inner_cipher_data == NULL + && EVP_CIPHER_impl_ctx_size(cipher) != 0) { + pipe_ctx->inner_cipher_data = OPENSSL_zalloc( + EVP_CIPHER_impl_ctx_size(cipher)); + if (pipe_ctx->inner_cipher_data == NULL) { + DASYNCerr(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, + ERR_R_MALLOC_FAILURE); + return 0; + } + } + + pipe_ctx->numpipes = 0; + pipe_ctx->aadctr = 0; + + EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); + ret = EVP_CIPHER_meth_get_init(cipher)(ctx, key, iv, enc); + EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); + + return ret; +} + +static int dasync_cipher_helper(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl, + const EVP_CIPHER *cipher) +{ + int ret = 1; + unsigned int i, pipes; + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + + pipes = pipe_ctx->numpipes; + EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); + if (pipes == 0) { + if (pipe_ctx->aadctr != 0) { + if (pipe_ctx->aadctr != 1) + return -1; + EVP_CIPHER_meth_get_ctrl(cipher) + (ctx, EVP_CTRL_AEAD_TLS1_AAD, + EVP_AEAD_TLS1_AAD_LEN, + pipe_ctx->tlsaad[0]); + } + ret = EVP_CIPHER_meth_get_do_cipher(cipher) + (ctx, out, in, inl); + } else { + if (pipe_ctx->aadctr > 0 && pipe_ctx->aadctr != pipes) + return -1; + for (i = 0; i < pipes; i++) { + if (pipe_ctx->aadctr > 0) { + EVP_CIPHER_meth_get_ctrl(cipher) + (ctx, EVP_CTRL_AEAD_TLS1_AAD, + EVP_AEAD_TLS1_AAD_LEN, + pipe_ctx->tlsaad[i]); + } + ret = ret && EVP_CIPHER_meth_get_do_cipher(cipher) + (ctx, pipe_ctx->outbufs[i], pipe_ctx->inbufs[i], + pipe_ctx->lens[i]); + } + pipe_ctx->numpipes = 0; + } + pipe_ctx->aadctr = 0; + EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); + return ret; +} + +static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, + const EVP_CIPHER *cipher) +{ + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + + OPENSSL_clear_free(pipe_ctx->inner_cipher_data, + EVP_CIPHER_impl_ctx_size(cipher)); + + return 1; +} + +/* + * AES128 CBC Implementation + */ + +static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr) +{ + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); +} + +static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + return dasync_cipher_init_key_helper(ctx, key, iv, enc, EVP_aes_128_cbc()); +} + +static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc()); +} + +static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) +{ + return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc()); +} + + +/* + * AES128 CBC HMAC SHA1 Implementation + */ + +static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr) +{ + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); +} + +static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc) +{ + return dasync_cipher_init_key_helper(ctx, key, iv, enc, + EVP_aes_128_cbc_hmac_sha1()); +} + +static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl) +{ + return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc_hmac_sha1()); +} + +static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx) +{ + return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1()); +} diff --git a/engines/e_dasync.txt b/engines/e_dasync.txt new file mode 100644 index 000000000000..bff64bcf2f54 --- /dev/null +++ b/engines/e_dasync.txt @@ -0,0 +1,22 @@ +# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Function codes +DASYNC_F_BIND_DASYNC:107:bind_dasync +DASYNC_F_CIPHER_AES_128_CBC_CODE:100:* +DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY:109:* +DASYNC_F_DASYNC_AES128_INIT_KEY:108:* +DASYNC_F_DASYNC_BN_MOD_EXP:101:* +DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER:110:dasync_cipher_init_key_helper +DASYNC_F_DASYNC_MOD_EXP:102:* +DASYNC_F_DASYNC_PRIVATE_DECRYPT:103:* +DASYNC_F_DASYNC_PRIVATE_ENCRYPT:104:* +DASYNC_F_DASYNC_PUBLIC_DECRYPT:105:* +DASYNC_F_DASYNC_PUBLIC_ENCRYPT:106:* + +#Reason codes +DASYNC_R_INIT_FAILED:100:init failed diff --git a/engines/e_dasync_err.c b/engines/e_dasync_err.c new file mode 100644 index 000000000000..794fb710cf6e --- /dev/null +++ b/engines/e_dasync_err.c @@ -0,0 +1,73 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/err.h> +#include "e_dasync_err.h" + +#ifndef OPENSSL_NO_ERR + +static ERR_STRING_DATA DASYNC_str_functs[] = { + {ERR_PACK(0, DASYNC_F_BIND_DASYNC, 0), "bind_dasync"}, + {ERR_PACK(0, DASYNC_F_CIPHER_AES_128_CBC_CODE, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_AES128_INIT_KEY, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_BN_MOD_EXP, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, 0), + "dasync_cipher_init_key_helper"}, + {ERR_PACK(0, DASYNC_F_DASYNC_MOD_EXP, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_PRIVATE_DECRYPT, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_PRIVATE_ENCRYPT, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_PUBLIC_DECRYPT, 0), ""}, + {ERR_PACK(0, DASYNC_F_DASYNC_PUBLIC_ENCRYPT, 0), ""}, + {0, NULL} +}; + +static ERR_STRING_DATA DASYNC_str_reasons[] = { + {ERR_PACK(0, 0, DASYNC_R_INIT_FAILED), "init failed"}, + {0, NULL} +}; + +#endif + +static int lib_code = 0; +static int error_loaded = 0; + +static int ERR_load_DASYNC_strings(void) +{ + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + + if (!error_loaded) { +#ifndef OPENSSL_NO_ERR + ERR_load_strings(lib_code, DASYNC_str_functs); + ERR_load_strings(lib_code, DASYNC_str_reasons); +#endif + error_loaded = 1; + } + return 1; +} + +static void ERR_unload_DASYNC_strings(void) +{ + if (error_loaded) { +#ifndef OPENSSL_NO_ERR + ERR_unload_strings(lib_code, DASYNC_str_functs); + ERR_unload_strings(lib_code, DASYNC_str_reasons); +#endif + error_loaded = 0; + } +} + +static void ERR_DASYNC_error(int function, int reason, char *file, int line) +{ + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + ERR_PUT_error(lib_code, function, reason, file, line); +} diff --git a/engines/e_dasync_err.h b/engines/e_dasync_err.h new file mode 100644 index 000000000000..7c2c0278790b --- /dev/null +++ b/engines/e_dasync_err.h @@ -0,0 +1,37 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_DASYNCERR_H +# define HEADER_DASYNCERR_H + +# define DASYNCerr(f, r) ERR_DASYNC_error((f), (r), OPENSSL_FILE, OPENSSL_LINE) + + +/* + * DASYNC function codes. + */ +# define DASYNC_F_BIND_DASYNC 107 +# define DASYNC_F_CIPHER_AES_128_CBC_CODE 100 +# define DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY 109 +# define DASYNC_F_DASYNC_AES128_INIT_KEY 108 +# define DASYNC_F_DASYNC_BN_MOD_EXP 101 +# define DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER 110 +# define DASYNC_F_DASYNC_MOD_EXP 102 +# define DASYNC_F_DASYNC_PRIVATE_DECRYPT 103 +# define DASYNC_F_DASYNC_PRIVATE_ENCRYPT 104 +# define DASYNC_F_DASYNC_PUBLIC_DECRYPT 105 +# define DASYNC_F_DASYNC_PUBLIC_ENCRYPT 106 + +/* + * DASYNC reason codes. + */ +# define DASYNC_R_INIT_FAILED 100 + +#endif diff --git a/engines/e_gmp.c b/engines/e_gmp.c deleted file mode 100644 index de5f9c0d3c88..000000000000 --- a/engines/e_gmp.c +++ /dev/null @@ -1,492 +0,0 @@ -/* crypto/engine/e_gmp.c */ -/* - * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project - * 2003. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * This engine is not (currently) compiled in by default. Do enable it, - * reconfigure OpenSSL with "enable-gmp -lgmp". The GMP libraries and headers - * must reside in one of the paths searched by the compiler/linker, otherwise - * paths must be specified - eg. try configuring with "enable-gmp - * -I<includepath> -L<libpath> -lgmp". YMMV. - */ - -/*- - * As for what this does - it's a largely unoptimised implementation of an - * ENGINE that uses the GMP library to perform RSA private key operations. To - * obtain more information about what "unoptimised" means, see my original mail - * on the subject (though ignore the build instructions which have since - * changed); - * - * http://www.mail-archive.com/openssl-dev@openssl.org/msg12227.html - * - * On my athlon system at least, it appears the builtin OpenSSL code is now - * slightly faster, which is to say that the RSA-related MPI performance - * between OpenSSL's BIGNUM and GMP's mpz implementations is probably pretty - * balanced for this chip, and so the performance degradation in this ENGINE by - * having to convert to/from GMP formats (and not being able to cache - * montgomery forms) is probably the difference. However, if some unconfirmed - * reports from users is anything to go by, the situation on some other - * chipsets might be a good deal more favourable to the GMP version (eg. PPC). - * Feedback welcome. */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/buffer.h> -#include <openssl/engine.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_GMP - -# include <gmp.h> - -# define E_GMP_LIB_NAME "gmp engine" -# include "e_gmp_err.c" - -static int e_gmp_destroy(ENGINE *e); -static int e_gmp_init(ENGINE *e); -static int e_gmp_finish(ENGINE *e); -static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); - -# ifndef OPENSSL_NO_RSA -/* RSA stuff */ -static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); -static int e_gmp_rsa_finish(RSA *r); -# endif - -/* The definitions for control commands specific to this engine */ -/* #define E_GMP_CMD_SO_PATH ENGINE_CMD_BASE */ -static const ENGINE_CMD_DEFN e_gmp_cmd_defns[] = { -# if 0 - {E_GMP_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'e_gmp' shared library", - ENGINE_CMD_FLAG_STRING}, -# endif - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD e_gmp_rsa = { - "GMP RSA method", - NULL, - NULL, - NULL, - NULL, - e_gmp_rsa_mod_exp, - NULL, - NULL, - e_gmp_rsa_finish, - /* - * These flags initialise montgomery crud that GMP ignores, however it - * makes sure the public key ops (which are done in openssl) don't seem - * *slower* than usual :-) - */ - RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE, - NULL, - NULL, - NULL -}; -# endif - -/* Constants used when creating the ENGINE */ -static const char *engine_e_gmp_id = "gmp"; -static const char *engine_e_gmp_name = "GMP engine support"; - -/* - * This internal function is used by ENGINE_gmp() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_helper(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif - if (!ENGINE_set_id(e, engine_e_gmp_id) || - !ENGINE_set_name(e, engine_e_gmp_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &e_gmp_rsa) || -# endif - !ENGINE_set_destroy_function(e, e_gmp_destroy) || - !ENGINE_set_init_function(e, e_gmp_init) || - !ENGINE_set_finish_function(e, e_gmp_finish) || - !ENGINE_set_ctrl_function(e, e_gmp_ctrl) || - !ENGINE_set_cmd_defns(e, e_gmp_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - meth1 = RSA_PKCS1_SSLeay(); - e_gmp_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - e_gmp_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - e_gmp_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - e_gmp_rsa.rsa_priv_dec = meth1->rsa_priv_dec; - e_gmp_rsa.bn_mod_exp = meth1->bn_mod_exp; -# endif - - /* Ensure the e_gmp error handling is set up */ - ERR_load_GMP_strings(); - return 1; -} - -static ENGINE *engine_gmp(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_gmp(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_gmp(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} - -# ifndef OPENSSL_NO_RSA -/* Used to attach our own key-data to an RSA structure */ -static int hndidx_rsa = -1; -# endif - -static int e_gmp_destroy(ENGINE *e) -{ - ERR_unload_GMP_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int e_gmp_init(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - if (hndidx_rsa == -1) - hndidx_rsa = RSA_get_ex_new_index(0, - "GMP-based RSA key handle", - NULL, NULL, NULL); -# endif - if (hndidx_rsa == -1) - return 0; - return 1; -} - -static int e_gmp_finish(ENGINE *e) -{ - return 1; -} - -static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int to_return = 1; - - switch (cmd) { -# if 0 - case E_GMP_CMD_SO_PATH: - /* ... */ -# endif - /* The command isn't understood by this engine */ - default: - GMPerr(GMP_F_E_GMP_CTRL, GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED); - to_return = 0; - break; - } - - return to_return; -} - -/* - * Most often limb sizes will be the same. If not, we use hex conversion - * which is neat, but extremely inefficient. - */ -static int bn2gmp(const BIGNUM *bn, mpz_t g) -{ - bn_check_top(bn); - if (((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) && - (BN_BITS2 == GMP_NUMB_BITS)) { - /* The common case */ - if (!_mpz_realloc(g, bn->top)) - return 0; - memcpy(&g->_mp_d[0], &bn->d[0], bn->top * sizeof(bn->d[0])); - g->_mp_size = bn->top; - if (bn->neg) - g->_mp_size = -g->_mp_size; - return 1; - } else { - int toret; - char *tmpchar = BN_bn2hex(bn); - if (!tmpchar) - return 0; - toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0); - OPENSSL_free(tmpchar); - return toret; - } -} - -static int gmp2bn(mpz_t g, BIGNUM *bn) -{ - if (((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) && - (BN_BITS2 == GMP_NUMB_BITS)) { - /* The common case */ - int s = (g->_mp_size >= 0) ? g->_mp_size : -g->_mp_size; - BN_zero(bn); - if (bn_expand2(bn, s) == NULL) - return 0; - bn->top = s; - memcpy(&bn->d[0], &g->_mp_d[0], s * sizeof(bn->d[0])); - bn_correct_top(bn); - bn->neg = g->_mp_size >= 0 ? 0 : 1; - return 1; - } else { - int toret; - char *tmpchar = OPENSSL_malloc(mpz_sizeinbase(g, 16) + 10); - if (!tmpchar) - return 0; - mpz_get_str(tmpchar, 16, g); - toret = BN_hex2bn(&bn, tmpchar); - OPENSSL_free(tmpchar); - return toret; - } -} - -# ifndef OPENSSL_NO_RSA -typedef struct st_e_gmp_rsa_ctx { - int public_only; - mpz_t n; - mpz_t d; - mpz_t e; - mpz_t p; - mpz_t q; - mpz_t dmp1; - mpz_t dmq1; - mpz_t iqmp; - mpz_t r0, r1, I0, m1; -} E_GMP_RSA_CTX; - -static E_GMP_RSA_CTX *e_gmp_get_rsa(RSA *rsa) -{ - E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa); - if (hptr) - return hptr; - hptr = OPENSSL_malloc(sizeof(E_GMP_RSA_CTX)); - if (!hptr) - return NULL; - /* - * These inits could probably be replaced by more intelligent mpz_init2() - * versions, to reduce malloc-thrashing. - */ - mpz_init(hptr->n); - mpz_init(hptr->d); - mpz_init(hptr->e); - mpz_init(hptr->p); - mpz_init(hptr->q); - mpz_init(hptr->dmp1); - mpz_init(hptr->dmq1); - mpz_init(hptr->iqmp); - mpz_init(hptr->r0); - mpz_init(hptr->r1); - mpz_init(hptr->I0); - mpz_init(hptr->m1); - if (!bn2gmp(rsa->n, hptr->n) || !bn2gmp(rsa->e, hptr->e)) - goto err; - if (!rsa->p || !rsa->q || !rsa->d || !rsa->dmp1 || !rsa->dmq1 - || !rsa->iqmp) { - hptr->public_only = 1; - return hptr; - } - if (!bn2gmp(rsa->d, hptr->d) || !bn2gmp(rsa->p, hptr->p) || - !bn2gmp(rsa->q, hptr->q) || !bn2gmp(rsa->dmp1, hptr->dmp1) || - !bn2gmp(rsa->dmq1, hptr->dmq1) || !bn2gmp(rsa->iqmp, hptr->iqmp)) - goto err; - hptr->public_only = 0; - RSA_set_ex_data(rsa, hndidx_rsa, hptr); - return hptr; - err: - mpz_clear(hptr->n); - mpz_clear(hptr->d); - mpz_clear(hptr->e); - mpz_clear(hptr->p); - mpz_clear(hptr->q); - mpz_clear(hptr->dmp1); - mpz_clear(hptr->dmq1); - mpz_clear(hptr->iqmp); - mpz_clear(hptr->r0); - mpz_clear(hptr->r1); - mpz_clear(hptr->I0); - mpz_clear(hptr->m1); - OPENSSL_free(hptr); - return NULL; -} - -static int e_gmp_rsa_finish(RSA *rsa) -{ - E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa); - if (!hptr) - return 0; - mpz_clear(hptr->n); - mpz_clear(hptr->d); - mpz_clear(hptr->e); - mpz_clear(hptr->p); - mpz_clear(hptr->q); - mpz_clear(hptr->dmp1); - mpz_clear(hptr->dmq1); - mpz_clear(hptr->iqmp); - mpz_clear(hptr->r0); - mpz_clear(hptr->r1); - mpz_clear(hptr->I0); - mpz_clear(hptr->m1); - OPENSSL_free(hptr); - RSA_set_ex_data(rsa, hndidx_rsa, NULL); - return 1; -} - -static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx) -{ - E_GMP_RSA_CTX *hptr; - int to_return = 0; - - hptr = e_gmp_get_rsa(rsa); - if (!hptr) { - GMPerr(GMP_F_E_GMP_RSA_MOD_EXP, GMP_R_KEY_CONTEXT_ERROR); - return 0; - } - if (hptr->public_only) { - GMPerr(GMP_F_E_GMP_RSA_MOD_EXP, GMP_R_MISSING_KEY_COMPONENTS); - return 0; - } - - /* ugh!!! */ - if (!bn2gmp(I, hptr->I0)) - return 0; - - /* - * This is basically the CRT logic in crypto/rsa/rsa_eay.c reworded into - * GMP-speak. It may be that GMP's API facilitates cleaner formulations - * of this stuff, eg. better handling of negatives, or functions that - * combine operations. - */ - - mpz_mod(hptr->r1, hptr->I0, hptr->q); - mpz_powm(hptr->m1, hptr->r1, hptr->dmq1, hptr->q); - - mpz_mod(hptr->r1, hptr->I0, hptr->p); - mpz_powm(hptr->r0, hptr->r1, hptr->dmp1, hptr->p); - - mpz_sub(hptr->r0, hptr->r0, hptr->m1); - - if (mpz_sgn(hptr->r0) < 0) - mpz_add(hptr->r0, hptr->r0, hptr->p); - mpz_mul(hptr->r1, hptr->r0, hptr->iqmp); - mpz_mod(hptr->r0, hptr->r1, hptr->p); - - if (mpz_sgn(hptr->r0) < 0) - mpz_add(hptr->r0, hptr->r0, hptr->p); - mpz_mul(hptr->r1, hptr->r0, hptr->q); - mpz_add(hptr->r0, hptr->r1, hptr->m1); - - /* ugh!!! */ - if (gmp2bn(hptr->r0, r)) - to_return = 1; - - return 1; -} -# endif - -# endif /* !OPENSSL_NO_GMP */ - -/* - * This stuff is needed if this ENGINE is being compiled into a - * self-contained shared-library. - */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -IMPLEMENT_DYNAMIC_CHECK_FN() -# ifndef OPENSSL_NO_GMP -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_e_gmp_id) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# else -OPENSSL_EXPORT - int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); -OPENSSL_EXPORT - int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) -{ - return 0; -} -# endif -# endif /* !OPENSSL_NO_DYNAMIC_ENGINE */ - -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_gmp_err.c b/engines/e_gmp_err.c deleted file mode 100644 index 002a3abe121e..000000000000 --- a/engines/e_gmp_err.c +++ /dev/null @@ -1,137 +0,0 @@ -/* e_gmp_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_gmp_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA GMP_str_functs[] = { - {ERR_FUNC(GMP_F_E_GMP_CTRL), "E_GMP_CTRL"}, - {ERR_FUNC(GMP_F_E_GMP_RSA_MOD_EXP), "E_GMP_RSA_MOD_EXP"}, - {0, NULL} -}; - -static ERR_STRING_DATA GMP_str_reasons[] = { - {ERR_REASON(GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(GMP_R_KEY_CONTEXT_ERROR), "key context error"}, - {ERR_REASON(GMP_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {0, NULL} -}; - -#endif - -#ifdef GMP_LIB_NAME -static ERR_STRING_DATA GMP_lib_name[] = { - {0, GMP_LIB_NAME}, - {0, NULL} -}; -#endif - -static int GMP_lib_error_code = 0; -static int GMP_error_init = 1; - -static void ERR_load_GMP_strings(void) -{ - if (GMP_lib_error_code == 0) - GMP_lib_error_code = ERR_get_next_error_library(); - - if (GMP_error_init) { - GMP_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(GMP_lib_error_code, GMP_str_functs); - ERR_load_strings(GMP_lib_error_code, GMP_str_reasons); -#endif - -#ifdef GMP_LIB_NAME - GMP_lib_name->error = ERR_PACK(GMP_lib_error_code, 0, 0); - ERR_load_strings(0, GMP_lib_name); -#endif - } -} - -static void ERR_unload_GMP_strings(void) -{ - if (GMP_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(GMP_lib_error_code, GMP_str_functs); - ERR_unload_strings(GMP_lib_error_code, GMP_str_reasons); -#endif - -#ifdef GMP_LIB_NAME - ERR_unload_strings(0, GMP_lib_name); -#endif - GMP_error_init = 1; - } -} - -static void ERR_GMP_error(int function, int reason, char *file, int line) -{ - if (GMP_lib_error_code == 0) - GMP_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(GMP_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_gmp_err.h b/engines/e_gmp_err.h deleted file mode 100644 index 637abbc9a005..000000000000 --- a/engines/e_gmp_err.h +++ /dev/null @@ -1,86 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_GMP_ERR_H -# define HEADER_GMP_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_GMP_strings(void); -static void ERR_unload_GMP_strings(void); -static void ERR_GMP_error(int function, int reason, char *file, int line); -# define GMPerr(f,r) ERR_GMP_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the GMP functions. */ - -/* Function codes. */ -# define GMP_F_E_GMP_CTRL 100 -# define GMP_F_E_GMP_RSA_MOD_EXP 101 - -/* Reason codes. */ -# define GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED 100 -# define GMP_R_KEY_CONTEXT_ERROR 101 -# define GMP_R_MISSING_KEY_COMPONENTS 102 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_nuron.c b/engines/e_nuron.c deleted file mode 100644 index 3437f3604f68..000000000000 --- a/engines/e_nuron.c +++ /dev/null @@ -1,436 +0,0 @@ -/* crypto/engine/hw_nuron.c */ -/* - * Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff - * Thorpe's Atalla implementation. - */ -/* ==================================================================== - * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/buffer.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_NURON - -# define NURON_LIB_NAME "nuron engine" -# include "e_nuron_err.c" - -static const char *NURON_LIBNAME = NULL; -static const char *get_NURON_LIBNAME(void) -{ - if (NURON_LIBNAME) - return NURON_LIBNAME; - return "nuronssl"; -} - -static void free_NURON_LIBNAME(void) -{ - if (NURON_LIBNAME) - OPENSSL_free((void *)NURON_LIBNAME); - NURON_LIBNAME = NULL; -} - -static long set_NURON_LIBNAME(const char *name) -{ - free_NURON_LIBNAME(); - return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); -} - -static const char *NURON_F1 = "nuron_mod_exp"; - -/* The definitions for control commands specific to this engine */ -# define NURON_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN nuron_cmd_defns[] = { - {NURON_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'nuronssl' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -typedef int tfnModExp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m); -static tfnModExp *pfnModExp = NULL; - -static DSO *pvDSOHandle = NULL; - -static int nuron_destroy(ENGINE *e) -{ - free_NURON_LIBNAME(); - ERR_unload_NURON_strings(); - return 1; -} - -static int nuron_init(ENGINE *e) -{ - if (pvDSOHandle != NULL) { - NURONerr(NURON_F_NURON_INIT, NURON_R_ALREADY_LOADED); - return 0; - } - - pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL, - DSO_FLAG_NAME_TRANSLATION_EXT_ONLY); - if (!pvDSOHandle) { - NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_NOT_FOUND); - return 0; - } - - pfnModExp = (tfnModExp *) DSO_bind_func(pvDSOHandle, NURON_F1); - if (!pfnModExp) { - NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_FUNCTION_NOT_FOUND); - return 0; - } - - return 1; -} - -static int nuron_finish(ENGINE *e) -{ - free_NURON_LIBNAME(); - if (pvDSOHandle == NULL) { - NURONerr(NURON_F_NURON_FINISH, NURON_R_NOT_LOADED); - return 0; - } - if (!DSO_free(pvDSOHandle)) { - NURONerr(NURON_F_NURON_FINISH, NURON_R_DSO_FAILURE); - return 0; - } - pvDSOHandle = NULL; - pfnModExp = NULL; - return 1; -} - -static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int initialised = ((pvDSOHandle == NULL) ? 0 : 1); - switch (cmd) { - case NURON_CMD_SO_PATH: - if (p == NULL) { - NURONerr(NURON_F_NURON_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (initialised) { - NURONerr(NURON_F_NURON_CTRL, NURON_R_ALREADY_LOADED); - return 0; - } - return set_NURON_LIBNAME((const char *)p); - default: - break; - } - NURONerr(NURON_F_NURON_CTRL, NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -static int nuron_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - if (!pvDSOHandle) { - NURONerr(NURON_F_NURON_MOD_EXP, NURON_R_NOT_LOADED); - return 0; - } - return pfnModExp(r, a, p, m); -} - -# ifndef OPENSSL_NO_RSA -static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx) -{ - return nuron_mod_exp(r0, I, rsa->d, rsa->n, ctx); -} -# endif - -# ifndef OPENSSL_NO_DSA -/* - * This code was liberated and adapted from the commented-out code in - * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it - * doesn't have a CRT form for RSA), this function means that an Atalla - * system running with a DSA server certificate can handshake around 5 or 6 - * times faster/more than an equivalent system running with RSA. Just check - * out the "signs" statistics from the RSA and DSA parts of "openssl speed - * -engine atalla dsa1024 rsa1024". - */ -static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!nuron_mod_exp(rr, a1, p1, m, ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!nuron_mod_exp(&t, a2, p2, m, ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr, rr, &t, m, ctx)) - goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; -} - -static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return nuron_mod_exp(r, a, p, m, ctx); -} -# endif - -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -# ifndef OPENSSL_NO_RSA -static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return nuron_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return nuron_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_RSA -static RSA_METHOD nuron_rsa = { - "Nuron RSA method", - NULL, - NULL, - NULL, - NULL, - nuron_rsa_mod_exp, - nuron_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL, - NULL -}; -# endif - -# ifndef OPENSSL_NO_DSA -static DSA_METHOD nuron_dsa = { - "Nuron DSA method", - NULL, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - NULL, /* dsa_do_verify */ - nuron_dsa_mod_exp, /* dsa_mod_exp */ - nuron_mod_exp_dsa, /* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - NULL, /* dsa_paramgen */ - NULL /* dsa_keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DH -static DH_METHOD nuron_dh = { - "Nuron DH method", - NULL, - NULL, - nuron_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL -}; -# endif - -/* Constants used when creating the ENGINE */ -static const char *engine_nuron_id = "nuron"; -static const char *engine_nuron_name = "Nuron hardware engine support"; - -/* - * This internal function is used by ENGINE_nuron() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_helper(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -# endif -# ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -# endif - if (!ENGINE_set_id(e, engine_nuron_id) || - !ENGINE_set_name(e, engine_nuron_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &nuron_rsa) || -# endif -# ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &nuron_dsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &nuron_dh) || -# endif - !ENGINE_set_destroy_function(e, nuron_destroy) || - !ENGINE_set_init_function(e, nuron_init) || - !ENGINE_set_finish_function(e, nuron_finish) || - !ENGINE_set_ctrl_function(e, nuron_ctrl) || - !ENGINE_set_cmd_defns(e, nuron_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * nuron-specific mod_exp and mod_exp_crt so we use those functions. NB: - * We don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -# endif - -# ifndef OPENSSL_NO_DSA - /* - * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits. - */ - meth2 = DSA_OpenSSL(); - nuron_dsa.dsa_do_sign = meth2->dsa_do_sign; - nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup; - nuron_dsa.dsa_do_verify = meth2->dsa_do_verify; -# endif - -# ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - nuron_dh.generate_key = meth3->generate_key; - nuron_dh.compute_key = meth3->compute_key; -# endif - - /* Ensure the nuron error handling is set up */ - ERR_load_NURON_strings(); - return 1; -} - -# ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_nuron(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_nuron(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_nuron(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This stuff is needed if this ENGINE is being compiled into a - * self-contained shared-library. - */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_nuron_id) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -# endif /* !OPENSSL_NO_HW_NURON */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_nuron_err.c b/engines/e_nuron_err.c deleted file mode 100644 index a02c4f0459f1..000000000000 --- a/engines/e_nuron_err.c +++ /dev/null @@ -1,142 +0,0 @@ -/* e_nuron_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_nuron_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA NURON_str_functs[] = { - {ERR_FUNC(NURON_F_NURON_CTRL), "NURON_CTRL"}, - {ERR_FUNC(NURON_F_NURON_FINISH), "NURON_FINISH"}, - {ERR_FUNC(NURON_F_NURON_INIT), "NURON_INIT"}, - {ERR_FUNC(NURON_F_NURON_MOD_EXP), "NURON_MOD_EXP"}, - {0, NULL} -}; - -static ERR_STRING_DATA NURON_str_reasons[] = { - {ERR_REASON(NURON_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(NURON_R_DSO_FAILURE), "dso failure"}, - {ERR_REASON(NURON_R_DSO_FUNCTION_NOT_FOUND), "dso function not found"}, - {ERR_REASON(NURON_R_DSO_NOT_FOUND), "dso not found"}, - {ERR_REASON(NURON_R_NOT_LOADED), "not loaded"}, - {0, NULL} -}; - -#endif - -#ifdef NURON_LIB_NAME -static ERR_STRING_DATA NURON_lib_name[] = { - {0, NURON_LIB_NAME}, - {0, NULL} -}; -#endif - -static int NURON_lib_error_code = 0; -static int NURON_error_init = 1; - -static void ERR_load_NURON_strings(void) -{ - if (NURON_lib_error_code == 0) - NURON_lib_error_code = ERR_get_next_error_library(); - - if (NURON_error_init) { - NURON_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(NURON_lib_error_code, NURON_str_functs); - ERR_load_strings(NURON_lib_error_code, NURON_str_reasons); -#endif - -#ifdef NURON_LIB_NAME - NURON_lib_name->error = ERR_PACK(NURON_lib_error_code, 0, 0); - ERR_load_strings(0, NURON_lib_name); -#endif - } -} - -static void ERR_unload_NURON_strings(void) -{ - if (NURON_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(NURON_lib_error_code, NURON_str_functs); - ERR_unload_strings(NURON_lib_error_code, NURON_str_reasons); -#endif - -#ifdef NURON_LIB_NAME - ERR_unload_strings(0, NURON_lib_name); -#endif - NURON_error_init = 1; - } -} - -static void ERR_NURON_error(int function, int reason, char *file, int line) -{ - if (NURON_lib_error_code == 0) - NURON_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(NURON_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_nuron_err.h b/engines/e_nuron_err.h deleted file mode 100644 index aa7849c6a916..000000000000 --- a/engines/e_nuron_err.h +++ /dev/null @@ -1,91 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_NURON_ERR_H -# define HEADER_NURON_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_NURON_strings(void); -static void ERR_unload_NURON_strings(void); -static void ERR_NURON_error(int function, int reason, char *file, int line); -# define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the NURON functions. */ - -/* Function codes. */ -# define NURON_F_NURON_CTRL 100 -# define NURON_F_NURON_FINISH 101 -# define NURON_F_NURON_INIT 102 -# define NURON_F_NURON_MOD_EXP 103 - -/* Reason codes. */ -# define NURON_R_ALREADY_LOADED 100 -# define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED 101 -# define NURON_R_DSO_FAILURE 102 -# define NURON_R_DSO_FUNCTION_NOT_FOUND 103 -# define NURON_R_DSO_NOT_FOUND 104 -# define NURON_R_NOT_LOADED 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c new file mode 100644 index 000000000000..64376247c3f0 --- /dev/null +++ b/engines/e_ossltest.c @@ -0,0 +1,696 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This is the OSSLTEST engine. It provides deliberately crippled digest + * implementations for test purposes. It is highly insecure and must NOT be + * used for any purpose except testing + */ + +#include <stdio.h> +#include <string.h> + +#include <openssl/engine.h> +#include <openssl/sha.h> +#include <openssl/md5.h> +#include <openssl/rsa.h> +#include <openssl/evp.h> +#include <openssl/modes.h> +#include <openssl/aes.h> +#include <openssl/rand.h> +#include <openssl/crypto.h> + +#include "e_ossltest_err.c" + +/* Engine Id and Name */ +static const char *engine_ossltest_id = "ossltest"; +static const char *engine_ossltest_name = "OpenSSL Test engine support"; + + +/* Engine Lifetime functions */ +static int ossltest_destroy(ENGINE *e); +static int ossltest_init(ENGINE *e); +static int ossltest_finish(ENGINE *e); +void ENGINE_load_ossltest(void); + + +/* Set up digests */ +static int ossltest_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid); +static const RAND_METHOD *ossltest_rand_method(void); + +/* MD5 */ +static int digest_md5_init(EVP_MD_CTX *ctx); +static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, + size_t count); +static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md); + +static EVP_MD *_hidden_md5_md = NULL; +static const EVP_MD *digest_md5(void) +{ + if (_hidden_md5_md == NULL) { + EVP_MD *md; + + if ((md = EVP_MD_meth_new(NID_md5, NID_md5WithRSAEncryption)) == NULL + || !EVP_MD_meth_set_result_size(md, MD5_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(md, MD5_CBLOCK) + || !EVP_MD_meth_set_app_datasize(md, + sizeof(EVP_MD *) + sizeof(MD5_CTX)) + || !EVP_MD_meth_set_flags(md, 0) + || !EVP_MD_meth_set_init(md, digest_md5_init) + || !EVP_MD_meth_set_update(md, digest_md5_update) + || !EVP_MD_meth_set_final(md, digest_md5_final)) { + EVP_MD_meth_free(md); + md = NULL; + } + _hidden_md5_md = md; + } + return _hidden_md5_md; +} + +/* SHA1 */ +static int digest_sha1_init(EVP_MD_CTX *ctx); +static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data, + size_t count); +static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); + +static EVP_MD *_hidden_sha1_md = NULL; +static const EVP_MD *digest_sha1(void) +{ + if (_hidden_sha1_md == NULL) { + EVP_MD *md; + + if ((md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption)) == NULL + || !EVP_MD_meth_set_result_size(md, SHA_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(md, SHA_CBLOCK) + || !EVP_MD_meth_set_app_datasize(md, + sizeof(EVP_MD *) + sizeof(SHA_CTX)) + || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) + || !EVP_MD_meth_set_init(md, digest_sha1_init) + || !EVP_MD_meth_set_update(md, digest_sha1_update) + || !EVP_MD_meth_set_final(md, digest_sha1_final)) { + EVP_MD_meth_free(md); + md = NULL; + } + _hidden_sha1_md = md; + } + return _hidden_sha1_md; +} + +/* SHA256 */ +static int digest_sha256_init(EVP_MD_CTX *ctx); +static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data, + size_t count); +static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md); + +static EVP_MD *_hidden_sha256_md = NULL; +static const EVP_MD *digest_sha256(void) +{ + if (_hidden_sha256_md == NULL) { + EVP_MD *md; + + if ((md = EVP_MD_meth_new(NID_sha256, NID_sha256WithRSAEncryption)) == NULL + || !EVP_MD_meth_set_result_size(md, SHA256_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(md, SHA256_CBLOCK) + || !EVP_MD_meth_set_app_datasize(md, + sizeof(EVP_MD *) + sizeof(SHA256_CTX)) + || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) + || !EVP_MD_meth_set_init(md, digest_sha256_init) + || !EVP_MD_meth_set_update(md, digest_sha256_update) + || !EVP_MD_meth_set_final(md, digest_sha256_final)) { + EVP_MD_meth_free(md); + md = NULL; + } + _hidden_sha256_md = md; + } + return _hidden_sha256_md; +} + +/* SHA384/SHA512 */ +static int digest_sha384_init(EVP_MD_CTX *ctx); +static int digest_sha512_init(EVP_MD_CTX *ctx); +static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data, + size_t count); +static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md); +static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md); + +static EVP_MD *_hidden_sha384_md = NULL; +static const EVP_MD *digest_sha384(void) +{ + if (_hidden_sha384_md == NULL) { + EVP_MD *md; + + if ((md = EVP_MD_meth_new(NID_sha384, NID_sha384WithRSAEncryption)) == NULL + || !EVP_MD_meth_set_result_size(md, SHA384_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK) + || !EVP_MD_meth_set_app_datasize(md, + sizeof(EVP_MD *) + sizeof(SHA512_CTX)) + || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) + || !EVP_MD_meth_set_init(md, digest_sha384_init) + || !EVP_MD_meth_set_update(md, digest_sha512_update) + || !EVP_MD_meth_set_final(md, digest_sha384_final)) { + EVP_MD_meth_free(md); + md = NULL; + } + _hidden_sha384_md = md; + } + return _hidden_sha384_md; +} +static EVP_MD *_hidden_sha512_md = NULL; +static const EVP_MD *digest_sha512(void) +{ + if (_hidden_sha512_md == NULL) { + EVP_MD *md; + + if ((md = EVP_MD_meth_new(NID_sha512, NID_sha512WithRSAEncryption)) == NULL + || !EVP_MD_meth_set_result_size(md, SHA512_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK) + || !EVP_MD_meth_set_app_datasize(md, + sizeof(EVP_MD *) + sizeof(SHA512_CTX)) + || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) + || !EVP_MD_meth_set_init(md, digest_sha512_init) + || !EVP_MD_meth_set_update(md, digest_sha512_update) + || !EVP_MD_meth_set_final(md, digest_sha512_final)) { + EVP_MD_meth_free(md); + md = NULL; + } + _hidden_sha512_md = md; + } + return _hidden_sha512_md; +} +static void destroy_digests(void) +{ + EVP_MD_meth_free(_hidden_md5_md); + _hidden_md5_md = NULL; + EVP_MD_meth_free(_hidden_sha1_md); + _hidden_sha1_md = NULL; + EVP_MD_meth_free(_hidden_sha256_md); + _hidden_sha256_md = NULL; + EVP_MD_meth_free(_hidden_sha384_md); + _hidden_sha384_md = NULL; + EVP_MD_meth_free(_hidden_sha512_md); + _hidden_sha512_md = NULL; +} +static int ossltest_digest_nids(const int **nids) +{ + static int digest_nids[6] = { 0, 0, 0, 0, 0, 0 }; + static int pos = 0; + static int init = 0; + + if (!init) { + const EVP_MD *md; + if ((md = digest_md5()) != NULL) + digest_nids[pos++] = EVP_MD_type(md); + if ((md = digest_sha1()) != NULL) + digest_nids[pos++] = EVP_MD_type(md); + if ((md = digest_sha256()) != NULL) + digest_nids[pos++] = EVP_MD_type(md); + if ((md = digest_sha384()) != NULL) + digest_nids[pos++] = EVP_MD_type(md); + if ((md = digest_sha512()) != NULL) + digest_nids[pos++] = EVP_MD_type(md); + digest_nids[pos] = 0; + init = 1; + } + *nids = digest_nids; + return pos; +} + +/* Setup ciphers */ +static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **, + const int **, int); + +static int ossltest_cipher_nids[] = { + NID_aes_128_cbc, NID_aes_128_gcm, 0 +}; + +/* AES128 */ + +int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr); + +static EVP_CIPHER *_hidden_aes_128_cbc = NULL; +static const EVP_CIPHER *ossltest_aes_128_cbc(void) +{ + if (_hidden_aes_128_cbc == NULL + && ((_hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, + 16 /* block size */, + 16 /* key len */)) == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, + EVP_CIPH_FLAG_DEFAULT_ASN1 + | EVP_CIPH_CBC_MODE) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, + ossltest_aes128_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, + ossltest_aes128_cbc_cipher) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, + EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc())))) { + EVP_CIPHER_meth_free(_hidden_aes_128_cbc); + _hidden_aes_128_cbc = NULL; + } + return _hidden_aes_128_cbc; +} +static EVP_CIPHER *_hidden_aes_128_gcm = NULL; + +#define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ + | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ + | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY |EVP_CIPH_FLAG_AEAD_CIPHER \ + | EVP_CIPH_GCM_MODE) + +static const EVP_CIPHER *ossltest_aes_128_gcm(void) +{ + if (_hidden_aes_128_gcm == NULL + && ((_hidden_aes_128_gcm = EVP_CIPHER_meth_new(NID_aes_128_gcm, + 1 /* block size */, + 16 /* key len */)) == NULL + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_gcm,12) + || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_gcm, AES_GCM_FLAGS) + || !EVP_CIPHER_meth_set_init(_hidden_aes_128_gcm, + ossltest_aes128_gcm_init_key) + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_gcm, + ossltest_aes128_gcm_cipher) + || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_gcm, + ossltest_aes128_gcm_ctrl) + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_gcm, + EVP_CIPHER_impl_ctx_size(EVP_aes_128_gcm())))) { + EVP_CIPHER_meth_free(_hidden_aes_128_gcm); + _hidden_aes_128_gcm = NULL; + } + return _hidden_aes_128_gcm; +} + +static void destroy_ciphers(void) +{ + EVP_CIPHER_meth_free(_hidden_aes_128_cbc); + EVP_CIPHER_meth_free(_hidden_aes_128_gcm); + _hidden_aes_128_cbc = NULL; +} + +static int bind_ossltest(ENGINE *e) +{ + /* Ensure the ossltest error handling is set up */ + ERR_load_OSSLTEST_strings(); + + if (!ENGINE_set_id(e, engine_ossltest_id) + || !ENGINE_set_name(e, engine_ossltest_name) + || !ENGINE_set_digests(e, ossltest_digests) + || !ENGINE_set_ciphers(e, ossltest_ciphers) + || !ENGINE_set_RAND(e, ossltest_rand_method()) + || !ENGINE_set_destroy_function(e, ossltest_destroy) + || !ENGINE_set_init_function(e, ossltest_init) + || !ENGINE_set_finish_function(e, ossltest_finish)) { + OSSLTESTerr(OSSLTEST_F_BIND_OSSLTEST, OSSLTEST_R_INIT_FAILED); + return 0; + } + + return 1; +} + +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +static int bind_helper(ENGINE *e, const char *id) +{ + if (id && (strcmp(id, engine_ossltest_id) != 0)) + return 0; + if (!bind_ossltest(e)) + return 0; + return 1; +} + +IMPLEMENT_DYNAMIC_CHECK_FN() + IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) +#endif + +static ENGINE *engine_ossltest(void) +{ + ENGINE *ret = ENGINE_new(); + if (ret == NULL) + return NULL; + if (!bind_ossltest(ret)) { + ENGINE_free(ret); + return NULL; + } + return ret; +} + +void ENGINE_load_ossltest(void) +{ + /* Copied from eng_[openssl|dyn].c */ + ENGINE *toadd = engine_ossltest(); + if (!toadd) + return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); +} + + +static int ossltest_init(ENGINE *e) +{ + return 1; +} + + +static int ossltest_finish(ENGINE *e) +{ + return 1; +} + + +static int ossltest_destroy(ENGINE *e) +{ + destroy_digests(); + destroy_ciphers(); + ERR_unload_OSSLTEST_strings(); + return 1; +} + +static int ossltest_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid) +{ + int ok = 1; + if (!digest) { + /* We are returning a list of supported nids */ + return ossltest_digest_nids(nids); + } + /* We are being asked for a specific digest */ + switch (nid) { + case NID_md5: + *digest = digest_md5(); + break; + case NID_sha1: + *digest = digest_sha1(); + break; + case NID_sha256: + *digest = digest_sha256(); + break; + case NID_sha384: + *digest = digest_sha384(); + break; + case NID_sha512: + *digest = digest_sha512(); + break; + default: + ok = 0; + *digest = NULL; + break; + } + return ok; +} + +static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid) +{ + int ok = 1; + if (!cipher) { + /* We are returning a list of supported nids */ + *nids = ossltest_cipher_nids; + return (sizeof(ossltest_cipher_nids) - 1) + / sizeof(ossltest_cipher_nids[0]); + } + /* We are being asked for a specific cipher */ + switch (nid) { + case NID_aes_128_cbc: + *cipher = ossltest_aes_128_cbc(); + break; + case NID_aes_128_gcm: + *cipher = ossltest_aes_128_gcm(); + break; + default: + ok = 0; + *cipher = NULL; + break; + } + return ok; +} + +static void fill_known_data(unsigned char *md, unsigned int len) +{ + unsigned int i; + + for (i=0; i<len; i++) { + md[i] = (unsigned char)(i & 0xff); + } +} + +/* + * MD5 implementation. We go through the motions of doing MD5 by deferring to + * the standard implementation. Then we overwrite the result with a will defined + * value, so that all "MD5" digests using the test engine always end up with + * the same value. + */ +#undef data +#define data(ctx) ((MD5_CTX *)EVP_MD_CTX_md_data(ctx)) +static int digest_md5_init(EVP_MD_CTX *ctx) +{ + return MD5_Init(data(ctx)); +} + +static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, + size_t count) +{ + return MD5_Update(data(ctx), data, (size_t)count); +} + +static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + int ret; + ret = MD5_Final(md, data(ctx)); + + if (ret > 0) { + fill_known_data(md, MD5_DIGEST_LENGTH); + } + return ret; +} + +/* + * SHA1 implementation. + */ +#undef data +#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx)) +static int digest_sha1_init(EVP_MD_CTX *ctx) +{ + return SHA1_Init(data(ctx)); +} + +static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data, + size_t count) +{ + return SHA1_Update(data(ctx), data, (size_t)count); +} + +static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + int ret; + ret = SHA1_Final(md, data(ctx)); + + if (ret > 0) { + fill_known_data(md, SHA_DIGEST_LENGTH); + } + return ret; +} + +/* + * SHA256 implementation. + */ +#undef data +#define data(ctx) ((SHA256_CTX *)EVP_MD_CTX_md_data(ctx)) +static int digest_sha256_init(EVP_MD_CTX *ctx) +{ + return SHA256_Init(data(ctx)); +} + +static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data, + size_t count) +{ + return SHA256_Update(data(ctx), data, (size_t)count); +} + +static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + int ret; + ret = SHA256_Final(md, data(ctx)); + + if (ret > 0) { + fill_known_data(md, SHA256_DIGEST_LENGTH); + } + return ret; +} + +/* + * SHA384/512 implementation. + */ +#undef data +#define data(ctx) ((SHA512_CTX *)EVP_MD_CTX_md_data(ctx)) +static int digest_sha384_init(EVP_MD_CTX *ctx) +{ + return SHA384_Init(data(ctx)); +} + +static int digest_sha512_init(EVP_MD_CTX *ctx) +{ + return SHA512_Init(data(ctx)); +} + +static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data, + size_t count) +{ + return SHA512_Update(data(ctx), data, (size_t)count); +} + +static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + int ret; + /* Actually uses SHA512_Final! */ + ret = SHA512_Final(md, data(ctx)); + + if (ret > 0) { + fill_known_data(md, SHA384_DIGEST_LENGTH); + } + return ret; +} + +static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md) +{ + int ret; + ret = SHA512_Final(md, data(ctx)); + + if (ret > 0) { + fill_known_data(md, SHA512_DIGEST_LENGTH); + } + return ret; +} + +/* + * AES128 Implementation + */ + +int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc); +} + +int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + unsigned char *tmpbuf; + int ret; + + tmpbuf = OPENSSL_malloc(inl); + + /* OPENSSL_malloc will return NULL if inl == 0 */ + if (tmpbuf == NULL && inl > 0) + return -1; + + /* Remember what we were asked to encrypt */ + if (tmpbuf != NULL) + memcpy(tmpbuf, in, inl); + + /* Go through the motions of encrypting it */ + ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc())(ctx, out, in, inl); + + /* Throw it all away and just use the plaintext as the output */ + if (tmpbuf != NULL) + memcpy(out, tmpbuf, inl); + OPENSSL_free(tmpbuf); + + return ret; +} + +int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc); +} + + +int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + unsigned char *tmpbuf = OPENSSL_malloc(inl); + + /* OPENSSL_malloc will return NULL if inl == 0 */ + if (tmpbuf == NULL && inl > 0) + return -1; + + /* Remember what we were asked to encrypt */ + if (tmpbuf != NULL) + memcpy(tmpbuf, in, inl); + + /* Go through the motions of encrypting it */ + EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_gcm())(ctx, out, in, inl); + + /* Throw it all away and just use the plaintext as the output */ + if (tmpbuf != NULL && out != NULL) + memcpy(out, tmpbuf, inl); + OPENSSL_free(tmpbuf); + + return inl; +} + +static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr) +{ + /* Pass the ctrl down */ + int ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_gcm())(ctx, type, arg, ptr); + + if (ret <= 0) + return ret; + + switch(type) { + case EVP_CTRL_AEAD_GET_TAG: + /* Always give the same tag */ + memset(ptr, 0, EVP_GCM_TLS_TAG_LEN); + break; + + default: + break; + } + + return 1; +} + +static int ossltest_rand_bytes(unsigned char *buf, int num) +{ + unsigned char val = 1; + + while (--num >= 0) + *buf++ = val++; + return 1; +} + +static int ossltest_rand_status(void) +{ + return 1; +} + +static const RAND_METHOD *ossltest_rand_method(void) +{ + + static RAND_METHOD osslt_rand_meth = { + NULL, + ossltest_rand_bytes, + NULL, + NULL, + ossltest_rand_bytes, + ossltest_rand_status + }; + + return &osslt_rand_meth; +} diff --git a/engines/e_ossltest.txt b/engines/e_ossltest.txt new file mode 100644 index 000000000000..2b2e31a0756b --- /dev/null +++ b/engines/e_ossltest.txt @@ -0,0 +1,13 @@ +# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Function codes +OSSLTEST_F_BIND_OSSLTEST:100:bind_ossltest +OSSLTEST_F_OSSLTEST_AES128_INIT_KEY:101:* + +#Reason codes +OSSLTEST_R_INIT_FAILED:100:init failed diff --git a/engines/e_ossltest_err.c b/engines/e_ossltest_err.c new file mode 100644 index 000000000000..920a13a6922a --- /dev/null +++ b/engines/e_ossltest_err.c @@ -0,0 +1,63 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/err.h> +#include "e_ossltest_err.h" + +#ifndef OPENSSL_NO_ERR + +static ERR_STRING_DATA OSSLTEST_str_functs[] = { + {ERR_PACK(0, OSSLTEST_F_BIND_OSSLTEST, 0), "bind_ossltest"}, + {ERR_PACK(0, OSSLTEST_F_OSSLTEST_AES128_INIT_KEY, 0), ""}, + {0, NULL} +}; + +static ERR_STRING_DATA OSSLTEST_str_reasons[] = { + {ERR_PACK(0, 0, OSSLTEST_R_INIT_FAILED), "init failed"}, + {0, NULL} +}; + +#endif + +static int lib_code = 0; +static int error_loaded = 0; + +static int ERR_load_OSSLTEST_strings(void) +{ + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + + if (!error_loaded) { +#ifndef OPENSSL_NO_ERR + ERR_load_strings(lib_code, OSSLTEST_str_functs); + ERR_load_strings(lib_code, OSSLTEST_str_reasons); +#endif + error_loaded = 1; + } + return 1; +} + +static void ERR_unload_OSSLTEST_strings(void) +{ + if (error_loaded) { +#ifndef OPENSSL_NO_ERR + ERR_unload_strings(lib_code, OSSLTEST_str_functs); + ERR_unload_strings(lib_code, OSSLTEST_str_reasons); +#endif + error_loaded = 0; + } +} + +static void ERR_OSSLTEST_error(int function, int reason, char *file, int line) +{ + if (lib_code == 0) + lib_code = ERR_get_next_error_library(); + ERR_PUT_error(lib_code, function, reason, file, line); +} diff --git a/engines/e_ossltest_err.h b/engines/e_ossltest_err.h new file mode 100644 index 000000000000..e745c1a236d4 --- /dev/null +++ b/engines/e_ossltest_err.h @@ -0,0 +1,28 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_OSSLTESTERR_H +# define HEADER_OSSLTESTERR_H + +# define OSSLTESTerr(f, r) ERR_OSSLTEST_error((f), (r), OPENSSL_FILE, OPENSSL_LINE) + + +/* + * OSSLTEST function codes. + */ +# define OSSLTEST_F_BIND_OSSLTEST 100 +# define OSSLTEST_F_OSSLTEST_AES128_INIT_KEY 101 + +/* + * OSSLTEST reason codes. + */ +# define OSSLTEST_R_INIT_FAILED 100 + +#endif diff --git a/engines/e_padlock.c b/engines/e_padlock.c index 2898e4c71e71..f6b1f169810e 100644 --- a/engines/e_padlock.c +++ b/engines/e_padlock.c @@ -1,65 +1,10 @@ -/*- - * Support for VIA PadLock Advanced Cryptography Engine (ACE) - * Written by Michal Ludvig <michal@logix.cz> - * http://www.logix.cz/michal - * - * Big thanks to Andy Polyakov for a help with optimization, - * assembler fixes, port to MS Windows and a lot of other - * valuable work on this engine! - */ - -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> @@ -67,14 +12,12 @@ #include <openssl/opensslconf.h> #include <openssl/crypto.h> -#include <openssl/dso.h> #include <openssl/engine.h> #include <openssl/evp.h> -#ifndef OPENSSL_NO_AES -# include <openssl/aes.h> -#endif +#include <openssl/aes.h> #include <openssl/rand.h> #include <openssl/err.h> +#include <openssl/modes.h> #ifndef OPENSSL_NO_HW # ifndef OPENSSL_NO_HW_PADLOCK @@ -95,24 +38,19 @@ /* * VIA PadLock AES is available *ONLY* on some x86 CPUs. Not only that it * doesn't exist elsewhere, but it even can't be compiled on other platforms! - * - * In addition, because of the heavy use of inline assembler, compiler choice - * is limited to GCC and Microsoft C. */ + # undef COMPILE_HW_PADLOCK -# if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM) -# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \ - (defined(_MSC_VER) && defined(_M_IX86)) -# define COMPILE_HW_PADLOCK +# if !defined(I386_ONLY) && defined(PADLOCK_ASM) +# define COMPILE_HW_PADLOCK +# ifdef OPENSSL_NO_DYNAMIC_ENGINE +static ENGINE *ENGINE_padlock(void); # endif # endif # ifdef OPENSSL_NO_DYNAMIC_ENGINE -# ifdef COMPILE_HW_PADLOCK -static ENGINE *ENGINE_padlock(void); -# endif - -void ENGINE_load_padlock(void) +void engine_load_padlock_int(void); +void engine_load_padlock_int(void) { /* On non-x86 CPUs it just returns. */ # ifdef COMPILE_HW_PADLOCK @@ -128,21 +66,6 @@ void ENGINE_load_padlock(void) # endif # ifdef COMPILE_HW_PADLOCK -/* - * We do these includes here to avoid header problems on platforms that do - * not have the VIA padlock anyway... - */ -# include <stdlib.h> -# ifdef _WIN32 -# include <malloc.h> -# ifndef alloca -# define alloca _alloca -# endif -# elif defined(__GNUC__) -# ifndef alloca -# define alloca(s) __builtin_alloca(s) -# endif -# endif /* Function for ENGINE detection and control */ static int padlock_available(void); @@ -152,10 +75,8 @@ static int padlock_init(ENGINE *e); static RAND_METHOD padlock_rand; /* Cipher Stuff */ -# ifndef OPENSSL_NO_AES static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); -# endif /* Engine names */ static const char *padlock_id = "padlock"; @@ -164,9 +85,6 @@ static char padlock_name[100]; /* Available features */ static int padlock_use_ace = 0; /* Advanced Cryptography Engine */ static int padlock_use_rng = 0; /* Random Number Generator */ -# ifndef OPENSSL_NO_AES -static int padlock_aes_align_required = 1; -# endif /* ===== Engine "management" functions ===== */ @@ -176,10 +94,11 @@ static int padlock_bind_helper(ENGINE *e) /* Check available features */ padlock_available(); -# if 1 /* disable RNG for now, see commentary in - * vicinity of RNG code */ + /* + * RNG is currently disabled for reasons discussed in commentary just + * before padlock_rand_bytes function. + */ padlock_use_rng = 0; -# endif /* Generate a nice engine name with available features */ BIO_snprintf(padlock_name, sizeof(padlock_name), @@ -191,9 +110,7 @@ static int padlock_bind_helper(ENGINE *e) if (!ENGINE_set_id(e, padlock_id) || !ENGINE_set_name(e, padlock_name) || !ENGINE_set_init_function(e, padlock_init) || -# ifndef OPENSSL_NO_AES (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) || -# endif (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) { return 0; } @@ -203,13 +120,12 @@ static int padlock_bind_helper(ENGINE *e) } # ifdef OPENSSL_NO_DYNAMIC_ENGINE - /* Constructor */ static ENGINE *ENGINE_padlock(void) { ENGINE *eng = ENGINE_new(); - if (!eng) { + if (eng == NULL) { return NULL; } @@ -220,7 +136,6 @@ static ENGINE *ENGINE_padlock(void) return eng; } - # endif /* Check availability of the engine */ @@ -248,15 +163,15 @@ static int padlock_bind_fn(ENGINE *e, const char *id) } IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn) +IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn) # endif /* DYNAMIC_ENGINE */ /* ===== Here comes the "real" engine ===== */ -# ifndef OPENSSL_NO_AES + /* Some AES-related constants */ -# define AES_BLOCK_SIZE 16 -# define AES_KEY_SIZE_128 16 -# define AES_KEY_SIZE_192 24 -# define AES_KEY_SIZE_256 32 +# define AES_BLOCK_SIZE 16 +# define AES_KEY_SIZE_128 16 +# define AES_KEY_SIZE_192 24 +# define AES_KEY_SIZE_256 32 /* * Here we store the status information relevant to the current context. */ @@ -283,94 +198,35 @@ struct padlock_cipher_data { AES_KEY ks; /* Encryption key */ }; -/* - * Essentially this variable belongs in thread local storage. - * Having this variable global on the other hand can only cause - * few bogus key reloads [if any at all on single-CPU system], - * so we accept the penatly... - */ -static volatile struct padlock_cipher_data *padlock_saved_context; -# endif - -/*- - * ======================================================= - * Inline assembler section(s). - * ======================================================= - * Order of arguments is chosen to facilitate Windows port - * using __fastcall calling convention. If you wish to add - * more routines, keep in mind that first __fastcall - * argument is passed in %ecx and second - in %edx. - * ======================================================= - */ -# if defined(__GNUC__) && __GNUC__>=2 -/* - * As for excessive "push %ebx"/"pop %ebx" found all over. - * When generating position-independent code GCC won't let - * us use "b" in assembler templates nor even respect "ebx" - * in "clobber description." Therefore the trouble... - */ - -/* - * Helper function - check if a CPUID instruction is available on this CPU - */ -static int padlock_insn_cpuid_available(void) -{ - int result = -1; - - /* - * We're checking if the bit #21 of EFLAGS can be toggled. If yes = - * CPUID is available. - */ - asm volatile ("pushf\n" - "popl %%eax\n" - "xorl $0x200000, %%eax\n" - "movl %%eax, %%ecx\n" - "andl $0x200000, %%ecx\n" - "pushl %%eax\n" - "popf\n" - "pushf\n" - "popl %%eax\n" - "andl $0x200000, %%eax\n" - "xorl %%eax, %%ecx\n" - "movl %%ecx, %0\n":"=r" (result)::"eax", "ecx"); - - return (result == 0); -} +/* Interface to assembler module */ +unsigned int padlock_capability(void); +void padlock_key_bswap(AES_KEY *key); +void padlock_verify_context(struct padlock_cipher_data *ctx); +void padlock_reload_key(void); +void padlock_aes_block(void *out, const void *inp, + struct padlock_cipher_data *ctx); +int padlock_ecb_encrypt(void *out, const void *inp, + struct padlock_cipher_data *ctx, size_t len); +int padlock_cbc_encrypt(void *out, const void *inp, + struct padlock_cipher_data *ctx, size_t len); +int padlock_cfb_encrypt(void *out, const void *inp, + struct padlock_cipher_data *ctx, size_t len); +int padlock_ofb_encrypt(void *out, const void *inp, + struct padlock_cipher_data *ctx, size_t len); +int padlock_ctr32_encrypt(void *out, const void *inp, + struct padlock_cipher_data *ctx, size_t len); +int padlock_xstore(void *out, int edx); +void padlock_sha1_oneshot(void *ctx, const void *inp, size_t len); +void padlock_sha1(void *ctx, const void *inp, size_t len); +void padlock_sha256_oneshot(void *ctx, const void *inp, size_t len); +void padlock_sha256(void *ctx, const void *inp, size_t len); /* * Load supported features of the CPU to see if the PadLock is available. */ static int padlock_available(void) { - char vendor_string[16]; - unsigned int eax, edx; - - /* First check if the CPUID instruction is available at all... */ - if (!padlock_insn_cpuid_available()) - return 0; - - /* Are we running on the Centaur (VIA) CPU? */ - eax = 0x00000000; - vendor_string[12] = 0; - asm volatile ("pushl %%ebx\n" - "cpuid\n" - "movl %%ebx,(%%edi)\n" - "movl %%edx,4(%%edi)\n" - "movl %%ecx,8(%%edi)\n" - "popl %%ebx":"+a" (eax):"D"(vendor_string):"ecx", "edx"); - if (strcmp(vendor_string, "CentaurHauls") != 0) - return 0; - - /* Check for Centaur Extended Feature Flags presence */ - eax = 0xC0000000; - asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax)::"ecx", "edx"); - if (eax < 0xC0000001) - return 0; - - /* Read the Centaur Extended Feature Flags */ - eax = 0xC0000001; - asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax), - "=d"(edx)::"ecx"); + unsigned int edx = padlock_capability(); /* Fill up some flags */ padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6)); @@ -379,349 +235,293 @@ static int padlock_available(void) return padlock_use_ace + padlock_use_rng; } -# ifndef OPENSSL_NO_AES -# ifndef AES_ASM -/* Our own htonl()/ntohl() */ -static inline void padlock_bswapl(AES_KEY *ks) -{ - size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]); - unsigned int *key = ks->rd_key; - - while (i--) { - asm volatile ("bswapl %0":"+r" (*key)); - key++; - } -} -# endif -# endif +/* ===== AES encryption/decryption ===== */ -/* - * Force key reload from memory to the CPU microcode. Loading EFLAGS from the - * stack clears EFLAGS[30] which does the trick. - */ -static inline void padlock_reload_key(void) -{ - asm volatile ("pushfl; popfl"); -} +# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) +# define NID_aes_128_cfb NID_aes_128_cfb128 +# endif -# ifndef OPENSSL_NO_AES -/* - * This is heuristic key context tracing. At first one - * believes that one should use atomic swap instructions, - * but it's not actually necessary. Point is that if - * padlock_saved_context was changed by another thread - * after we've read it and before we compare it with cdata, - * our key *shall* be reloaded upon thread context switch - * and we are therefore set in either case... - */ -static inline void padlock_verify_context(struct padlock_cipher_data *cdata) -{ - asm volatile ("pushfl\n" - " btl $30,(%%esp)\n" - " jnc 1f\n" - " cmpl %2,%1\n" - " je 1f\n" - " popfl\n" - " subl $4,%%esp\n" - "1: addl $4,%%esp\n" - " movl %2,%0":"+m" (padlock_saved_context) - :"r"(padlock_saved_context), "r"(cdata):"cc"); -} +# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) +# define NID_aes_128_ofb NID_aes_128_ofb128 +# endif -/* Template for padlock_xcrypt_* modes */ -/* - * BIG FAT WARNING: The offsets used with 'leal' instructions describe items - * of the 'padlock_cipher_data' structure. - */ -# define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \ -static inline void *name(size_t cnt, \ - struct padlock_cipher_data *cdata, \ - void *out, const void *inp) \ -{ void *iv; \ - asm volatile ( "pushl %%ebx\n" \ - " leal 16(%0),%%edx\n" \ - " leal 32(%0),%%ebx\n" \ - rep_xcrypt "\n" \ - " popl %%ebx" \ - : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \ - : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \ - : "edx", "cc", "memory"); \ - return iv; \ -} +# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) +# define NID_aes_192_cfb NID_aes_192_cfb128 +# endif -/* Generate all functions with appropriate opcodes */ -/* rep xcryptecb */ -PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") -/* rep xcryptcbc */ - PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") -/* rep xcryptcfb */ - PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") -/* rep xcryptofb */ - PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") -# endif -/* The RNG call itself */ -static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in) -{ - unsigned int eax_out; +# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) +# define NID_aes_192_ofb NID_aes_192_ofb128 +# endif - asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */ - :"=a" (eax_out), "=m"(*(unsigned *)addr) - :"D"(addr), "d"(edx_in) - ); +# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) +# define NID_aes_256_cfb NID_aes_256_cfb128 +# endif - return eax_out; -} +# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) +# define NID_aes_256_ofb NID_aes_256_ofb128 +# endif -/* - * Why not inline 'rep movsd'? I failed to find information on what value in - * Direction Flag one can expect and consequently have to apply - * "better-safe-than-sorry" approach and assume "undefined." I could - * explicitly clear it and restore the original value upon return from - * padlock_aes_cipher, but it's presumably too much trouble for too little - * gain... In case you wonder 'rep xcrypt*' instructions above are *not* - * affected by the Direction Flag and pointers advance toward larger - * addresses unconditionally. - */ -static inline unsigned char *padlock_memcpy(void *dst, const void *src, - size_t n) -{ - long *d = dst; - const long *s = src; +/* List of supported ciphers. */ +static const int padlock_cipher_nids[] = { + NID_aes_128_ecb, + NID_aes_128_cbc, + NID_aes_128_cfb, + NID_aes_128_ofb, + NID_aes_128_ctr, - n /= sizeof(*d); - do { - *d++ = *s++; - } while (--n); + NID_aes_192_ecb, + NID_aes_192_cbc, + NID_aes_192_cfb, + NID_aes_192_ofb, + NID_aes_192_ctr, - return dst; -} + NID_aes_256_ecb, + NID_aes_256_cbc, + NID_aes_256_cfb, + NID_aes_256_ofb, + NID_aes_256_ctr +}; -# elif defined(_MSC_VER) -/* - * Unlike GCC these are real functions. In order to minimize impact - * on performance we adhere to __fastcall calling convention in - * order to get two first arguments passed through %ecx and %edx. - * Which kind of suits very well, as instructions in question use - * both %ecx and %edx as input:-) - */ -# define REP_XCRYPT(code) \ - _asm _emit 0xf3 \ - _asm _emit 0x0f _asm _emit 0xa7 \ - _asm _emit code +static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) / + sizeof(padlock_cipher_nids[0])); -/* - * BIG FAT WARNING: The offsets used with 'lea' instructions describe items - * of the 'padlock_cipher_data' structure. - */ -# define PADLOCK_XCRYPT_ASM(name,code) \ -static void * __fastcall \ - name (size_t cnt, void *cdata, \ - void *outp, const void *inp) \ -{ _asm mov eax,edx \ - _asm lea edx,[eax+16] \ - _asm lea ebx,[eax+32] \ - _asm mov edi,outp \ - _asm mov esi,inp \ - REP_XCRYPT(code) \ -} +/* Function prototypes ... */ +static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); -PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb,0xc8) -PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc,0xd0) -PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb,0xe0) -PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb,0xe8) +# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ + ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) +# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ + NEAREST_ALIGNED(EVP_CIPHER_CTX_get_cipher_data(ctx))) -static int __fastcall padlock_xstore(void *outp, unsigned int code) +static int +padlock_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) { - _asm mov edi,ecx - _asm _emit 0x0f _asm _emit 0xa7 _asm _emit 0xc0 + return padlock_ecb_encrypt(out_arg, in_arg, + ALIGNED_CIPHER_DATA(ctx), nbytes); } -static void __fastcall padlock_reload_key(void) +static int +padlock_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) { - _asm pushfd - _asm popfd + struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + int ret; + + memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE); + if ((ret = padlock_cbc_encrypt(out_arg, in_arg, cdata, nbytes))) + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE); + return ret; } -static void __fastcall padlock_verify_context(void *cdata) +static int +padlock_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) { - _asm { - pushfd - bt DWORD PTR[esp],30 - jnc skip - cmp ecx,padlock_saved_context - je skip - popfd - sub esp,4 - skip: add esp,4 - mov padlock_saved_context,ecx + struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + size_t chunk; + + if ((chunk = EVP_CIPHER_CTX_num(ctx))) { /* borrow chunk variable */ + unsigned char *ivp = EVP_CIPHER_CTX_iv_noconst(ctx); + + if (chunk >= AES_BLOCK_SIZE) + return 0; /* bogus value */ + + if (EVP_CIPHER_CTX_encrypting(ctx)) + while (chunk < AES_BLOCK_SIZE && nbytes != 0) { + ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk]; + chunk++, nbytes--; + } else + while (chunk < AES_BLOCK_SIZE && nbytes != 0) { + unsigned char c = *(in_arg++); + *(out_arg++) = c ^ ivp[chunk]; + ivp[chunk++] = c, nbytes--; + } + + EVP_CIPHER_CTX_set_num(ctx, chunk % AES_BLOCK_SIZE); } + + if (nbytes == 0) + return 1; + + memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE); + + if ((chunk = nbytes & ~(AES_BLOCK_SIZE - 1))) { + if (!padlock_cfb_encrypt(out_arg, in_arg, cdata, chunk)) + return 0; + nbytes -= chunk; + } + + if (nbytes) { + unsigned char *ivp = cdata->iv; + + out_arg += chunk; + in_arg += chunk; + EVP_CIPHER_CTX_set_num(ctx, nbytes); + if (cdata->cword.b.encdec) { + cdata->cword.b.encdec = 0; + padlock_reload_key(); + padlock_aes_block(ivp, ivp, cdata); + cdata->cword.b.encdec = 1; + padlock_reload_key(); + while (nbytes) { + unsigned char c = *(in_arg++); + *(out_arg++) = c ^ *ivp; + *(ivp++) = c, nbytes--; + } + } else { + padlock_reload_key(); + padlock_aes_block(ivp, ivp, cdata); + padlock_reload_key(); + while (nbytes) { + *ivp = *(out_arg++) = *(in_arg++) ^ *ivp; + ivp++, nbytes--; + } + } + } + + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE); + + return 1; } static int -padlock_available(void) +padlock_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) { - _asm { - pushfd - pop eax - mov ecx,eax - xor eax,1<<21 - push eax - popfd - pushfd - pop eax - xor eax,ecx - bt eax,21 - jnc noluck - mov eax,0 - cpuid - xor eax,eax - cmp ebx,'tneC' - jne noluck - cmp edx,'Hrua' - jne noluck - cmp ecx,'slua' - jne noluck - mov eax,0xC0000000 - cpuid - mov edx,eax - xor eax,eax - cmp edx,0xC0000001 - jb noluck - mov eax,0xC0000001 - cpuid - xor eax,eax - bt edx,6 - jnc skip_a - bt edx,7 - jnc skip_a - mov padlock_use_ace,1 - inc eax - skip_a: bt edx,2 - jnc skip_r - bt edx,3 - jnc skip_r - mov padlock_use_rng,1 - inc eax - skip_r: - noluck: + struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + size_t chunk; + + /* + * ctx->num is maintained in byte-oriented modes, such as CFB and OFB... + */ + if ((chunk = EVP_CIPHER_CTX_num(ctx))) { /* borrow chunk variable */ + unsigned char *ivp = EVP_CIPHER_CTX_iv_noconst(ctx); + + if (chunk >= AES_BLOCK_SIZE) + return 0; /* bogus value */ + + while (chunk < AES_BLOCK_SIZE && nbytes != 0) { + *(out_arg++) = *(in_arg++) ^ ivp[chunk]; + chunk++, nbytes--; + } + + EVP_CIPHER_CTX_set_num(ctx, chunk % AES_BLOCK_SIZE); } -} -static void __fastcall padlock_bswapl(void *key) -{ - _asm { - pushfd - cld - mov esi,ecx - mov edi,ecx - mov ecx,60 - up: lodsd - bswap eax - stosd - loop up - popfd + if (nbytes == 0) + return 1; + + memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE); + + if ((chunk = nbytes & ~(AES_BLOCK_SIZE - 1))) { + if (!padlock_ofb_encrypt(out_arg, in_arg, cdata, chunk)) + return 0; + nbytes -= chunk; } -} -/* - * MS actually specifies status of Direction Flag and compiler even manages - * to compile following as 'rep movsd' all by itself... - */ -# define padlock_memcpy(o,i,n) ((unsigned char *)memcpy((o),(i),(n)&~3U)) -# endif -/* ===== AES encryption/decryption ===== */ -# ifndef OPENSSL_NO_AES -# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb) -# define NID_aes_128_cfb NID_aes_128_cfb128 -# endif -# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb) -# define NID_aes_128_ofb NID_aes_128_ofb128 -# endif -# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb) -# define NID_aes_192_cfb NID_aes_192_cfb128 -# endif -# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb) -# define NID_aes_192_ofb NID_aes_192_ofb128 -# endif -# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb) -# define NID_aes_256_cfb NID_aes_256_cfb128 -# endif -# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb) -# define NID_aes_256_ofb NID_aes_256_ofb128 -# endif -/* - * List of supported ciphers. - */ static int padlock_cipher_nids[] = { - NID_aes_128_ecb, - NID_aes_128_cbc, - NID_aes_128_cfb, - NID_aes_128_ofb, + if (nbytes) { + unsigned char *ivp = cdata->iv; + + out_arg += chunk; + in_arg += chunk; + EVP_CIPHER_CTX_set_num(ctx, nbytes); + padlock_reload_key(); /* empirically found */ + padlock_aes_block(ivp, ivp, cdata); + padlock_reload_key(); /* empirically found */ + while (nbytes) { + *(out_arg++) = *(in_arg++) ^ *ivp; + ivp++, nbytes--; + } + } - NID_aes_192_ecb, - NID_aes_192_cbc, - NID_aes_192_cfb, - NID_aes_192_ofb, + memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE); - NID_aes_256_ecb, - NID_aes_256_cbc, - NID_aes_256_cfb, - NID_aes_256_ofb, -}; + return 1; +} -static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) / - sizeof(padlock_cipher_nids[0])); +static void padlock_ctr32_encrypt_glue(const unsigned char *in, + unsigned char *out, size_t blocks, + struct padlock_cipher_data *ctx, + const unsigned char *ivec) +{ + memcpy(ctx->iv, ivec, AES_BLOCK_SIZE); + padlock_ctr32_encrypt(out, in, ctx, AES_BLOCK_SIZE * blocks); +} -/* Function prototypes ... */ -static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t nbytes); +static int +padlock_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, + const unsigned char *in_arg, size_t nbytes) +{ + struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx); + unsigned int num = EVP_CIPHER_CTX_num(ctx); -# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \ - ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) ) -# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\ - NEAREST_ALIGNED(ctx->cipher_data)) + CRYPTO_ctr128_encrypt_ctr32(in_arg, out_arg, nbytes, + cdata, EVP_CIPHER_CTX_iv_noconst(ctx), + EVP_CIPHER_CTX_buf_noconst(ctx), &num, + (ctr128_f) padlock_ctr32_encrypt_glue); + + EVP_CIPHER_CTX_set_num(ctx, (size_t)num); + return 1; +} -# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE -# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE -# define EVP_CIPHER_block_size_OFB 1 -# define EVP_CIPHER_block_size_CFB 1 +# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE +# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE +# define EVP_CIPHER_block_size_OFB 1 +# define EVP_CIPHER_block_size_CFB 1 +# define EVP_CIPHER_block_size_CTR 1 /* * Declaring so many ciphers by hand would be a pain. Instead introduce a bit * of preprocessor magic :-) */ -# define DECLARE_AES_EVP(ksize,lmode,umode) \ -static const EVP_CIPHER padlock_aes_##ksize##_##lmode = { \ - NID_aes_##ksize##_##lmode, \ - EVP_CIPHER_block_size_##umode, \ - AES_KEY_SIZE_##ksize, \ - AES_BLOCK_SIZE, \ - 0 | EVP_CIPH_##umode##_MODE, \ - padlock_aes_init_key, \ - padlock_aes_cipher, \ - NULL, \ - sizeof(struct padlock_cipher_data) + 16, \ - EVP_CIPHER_set_asn1_iv, \ - EVP_CIPHER_get_asn1_iv, \ - NULL, \ - NULL \ +# define DECLARE_AES_EVP(ksize,lmode,umode) \ +static EVP_CIPHER *_hidden_aes_##ksize##_##lmode = NULL; \ +static const EVP_CIPHER *padlock_aes_##ksize##_##lmode(void) \ +{ \ + if (_hidden_aes_##ksize##_##lmode == NULL \ + && ((_hidden_aes_##ksize##_##lmode = \ + EVP_CIPHER_meth_new(NID_aes_##ksize##_##lmode, \ + EVP_CIPHER_block_size_##umode, \ + AES_KEY_SIZE_##ksize)) == NULL \ + || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_##ksize##_##lmode, \ + AES_BLOCK_SIZE) \ + || !EVP_CIPHER_meth_set_flags(_hidden_aes_##ksize##_##lmode, \ + 0 | EVP_CIPH_##umode##_MODE) \ + || !EVP_CIPHER_meth_set_init(_hidden_aes_##ksize##_##lmode, \ + padlock_aes_init_key) \ + || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_##ksize##_##lmode, \ + padlock_##lmode##_cipher) \ + || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_##ksize##_##lmode, \ + sizeof(struct padlock_cipher_data) + 16) \ + || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_aes_##ksize##_##lmode, \ + EVP_CIPHER_set_asn1_iv) \ + || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_aes_##ksize##_##lmode, \ + EVP_CIPHER_get_asn1_iv))) { \ + EVP_CIPHER_meth_free(_hidden_aes_##ksize##_##lmode); \ + _hidden_aes_##ksize##_##lmode = NULL; \ + } \ + return _hidden_aes_##ksize##_##lmode; \ } -DECLARE_AES_EVP(128, ecb, ECB); -DECLARE_AES_EVP(128, cbc, CBC); -DECLARE_AES_EVP(128, cfb, CFB); -DECLARE_AES_EVP(128, ofb, OFB); +DECLARE_AES_EVP(128, ecb, ECB) +DECLARE_AES_EVP(128, cbc, CBC) +DECLARE_AES_EVP(128, cfb, CFB) +DECLARE_AES_EVP(128, ofb, OFB) +DECLARE_AES_EVP(128, ctr, CTR) -DECLARE_AES_EVP(192, ecb, ECB); -DECLARE_AES_EVP(192, cbc, CBC); -DECLARE_AES_EVP(192, cfb, CFB); -DECLARE_AES_EVP(192, ofb, OFB); +DECLARE_AES_EVP(192, ecb, ECB) +DECLARE_AES_EVP(192, cbc, CBC) +DECLARE_AES_EVP(192, cfb, CFB) +DECLARE_AES_EVP(192, ofb, OFB) +DECLARE_AES_EVP(192, ctr, CTR) -DECLARE_AES_EVP(256, ecb, ECB); -DECLARE_AES_EVP(256, cbc, CBC); -DECLARE_AES_EVP(256, cfb, CFB); -DECLARE_AES_EVP(256, ofb, OFB); +DECLARE_AES_EVP(256, ecb, ECB) +DECLARE_AES_EVP(256, cbc, CBC) +DECLARE_AES_EVP(256, cfb, CFB) +DECLARE_AES_EVP(256, ofb, OFB) +DECLARE_AES_EVP(256, ctr, CTR) static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, @@ -736,42 +536,51 @@ padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, /* ... or the requested "cipher" otherwise */ switch (nid) { case NID_aes_128_ecb: - *cipher = &padlock_aes_128_ecb; + *cipher = padlock_aes_128_ecb(); break; case NID_aes_128_cbc: - *cipher = &padlock_aes_128_cbc; + *cipher = padlock_aes_128_cbc(); break; case NID_aes_128_cfb: - *cipher = &padlock_aes_128_cfb; + *cipher = padlock_aes_128_cfb(); break; case NID_aes_128_ofb: - *cipher = &padlock_aes_128_ofb; + *cipher = padlock_aes_128_ofb(); + break; + case NID_aes_128_ctr: + *cipher = padlock_aes_128_ctr(); break; case NID_aes_192_ecb: - *cipher = &padlock_aes_192_ecb; + *cipher = padlock_aes_192_ecb(); break; case NID_aes_192_cbc: - *cipher = &padlock_aes_192_cbc; + *cipher = padlock_aes_192_cbc(); break; case NID_aes_192_cfb: - *cipher = &padlock_aes_192_cfb; + *cipher = padlock_aes_192_cfb(); break; case NID_aes_192_ofb: - *cipher = &padlock_aes_192_ofb; + *cipher = padlock_aes_192_ofb(); + break; + case NID_aes_192_ctr: + *cipher = padlock_aes_192_ctr(); break; case NID_aes_256_ecb: - *cipher = &padlock_aes_256_ecb; + *cipher = padlock_aes_256_ecb(); break; case NID_aes_256_cbc: - *cipher = &padlock_aes_256_cbc; + *cipher = padlock_aes_256_cbc(); break; case NID_aes_256_cfb: - *cipher = &padlock_aes_256_cfb; + *cipher = padlock_aes_256_cfb(); break; case NID_aes_256_ofb: - *cipher = &padlock_aes_256_ofb; + *cipher = padlock_aes_256_ofb(); + break; + case NID_aes_256_ctr: + *cipher = padlock_aes_256_ctr(); break; default: @@ -790,18 +599,19 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, { struct padlock_cipher_data *cdata; int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8; + unsigned long mode = EVP_CIPHER_CTX_mode(ctx); if (key == NULL) return 0; /* ERROR */ cdata = ALIGNED_CIPHER_DATA(ctx); - memset(cdata, 0, sizeof(struct padlock_cipher_data)); + memset(cdata, 0, sizeof(*cdata)); /* Prepare Control word. */ - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) + if (mode == EVP_CIPH_OFB_MODE || mode == EVP_CIPH_CTR_MODE) cdata->cword.b.encdec = 0; else - cdata->cword.b.encdec = (ctx->encrypt == 0); + cdata->cword.b.encdec = (EVP_CIPHER_CTX_encrypting(ctx) == 0); cdata->cword.b.rounds = 10 + (key_len - 128) / 32; cdata->cword.b.ksize = (key_len - 128) / 64; @@ -824,17 +634,17 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, * hardware errata. They most likely will fix it at some point and * then a check for stepping would be due here. */ - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE || - EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || enc) - AES_set_encrypt_key(key, key_len, &cdata->ks); - else + if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) + && !enc) AES_set_decrypt_key(key, key_len, &cdata->ks); -# ifndef AES_ASM + else + AES_set_encrypt_key(key, key_len, &cdata->ks); +# ifndef AES_ASM /* * OpenSSL C functions use byte-swapped extended key. */ - padlock_bswapl(&cdata->ks); -# endif + padlock_key_bswap(&cdata->ks); +# endif cdata->cword.b.keygen = 1; break; @@ -853,338 +663,6 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -/*- - * Simplified version of padlock_aes_cipher() used when - * 1) both input and output buffers are at aligned addresses. - * or when - * 2) running on a newer CPU that doesn't require aligned buffers. - */ -static int -padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, - const unsigned char *in_arg, size_t nbytes) -{ - struct padlock_cipher_data *cdata; - void *iv; - - cdata = ALIGNED_CIPHER_DATA(ctx); - padlock_verify_context(cdata); - - switch (EVP_CIPHER_CTX_mode(ctx)) { - case EVP_CIPH_ECB_MODE: - padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg); - break; - - case EVP_CIPH_CBC_MODE: - memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); - iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata, out_arg, - in_arg); - memcpy(ctx->iv, iv, AES_BLOCK_SIZE); - break; - - case EVP_CIPH_CFB_MODE: - memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); - iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, - in_arg); - memcpy(ctx->iv, iv, AES_BLOCK_SIZE); - break; - - case EVP_CIPH_OFB_MODE: - memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); - padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg); - memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE); - break; - - default: - return 0; - } - - memset(cdata->iv, 0, AES_BLOCK_SIZE); - - return 1; -} - -# ifndef PADLOCK_CHUNK -# define PADLOCK_CHUNK 512 /* Must be a power of 2 larger than 16 */ -# endif -# if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1) -# error "insane PADLOCK_CHUNK..." -# endif - -/* - * Re-align the arguments to 16-Bytes boundaries and run the encryption - * function itself. This function is not AES-specific. - */ -static int -padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg, - const unsigned char *in_arg, size_t nbytes) -{ - struct padlock_cipher_data *cdata; - const void *inp; - unsigned char *out; - void *iv; - int inp_misaligned, out_misaligned, realign_in_loop; - size_t chunk, allocated = 0; - - /* - * ctx->num is maintained in byte-oriented modes, such as CFB and OFB... - */ - if ((chunk = ctx->num)) { /* borrow chunk variable */ - unsigned char *ivp = ctx->iv; - - switch (EVP_CIPHER_CTX_mode(ctx)) { - case EVP_CIPH_CFB_MODE: - if (chunk >= AES_BLOCK_SIZE) - return 0; /* bogus value */ - - if (ctx->encrypt) - while (chunk < AES_BLOCK_SIZE && nbytes != 0) { - ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk]; - chunk++, nbytes--; - } else - while (chunk < AES_BLOCK_SIZE && nbytes != 0) { - unsigned char c = *(in_arg++); - *(out_arg++) = c ^ ivp[chunk]; - ivp[chunk++] = c, nbytes--; - } - - ctx->num = chunk % AES_BLOCK_SIZE; - break; - case EVP_CIPH_OFB_MODE: - if (chunk >= AES_BLOCK_SIZE) - return 0; /* bogus value */ - - while (chunk < AES_BLOCK_SIZE && nbytes != 0) { - *(out_arg++) = *(in_arg++) ^ ivp[chunk]; - chunk++, nbytes--; - } - - ctx->num = chunk % AES_BLOCK_SIZE; - break; - } - } - - if (nbytes == 0) - return 1; -# if 0 - if (nbytes % AES_BLOCK_SIZE) - return 0; /* are we expected to do tail processing? */ -# else - /* - * nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC modes and - * arbitrary value in byte-oriented modes, such as CFB and OFB... - */ -# endif - - /* - * VIA promises CPUs that won't require alignment in the future. For now - * padlock_aes_align_required is initialized to 1 and the condition is - * never met... - */ - /* - * C7 core is capable to manage unaligned input in non-ECB[!] mode, but - * performance penalties appear to be approximately same as for software - * alignment below or ~3x. They promise to improve it in the future, but - * for now we can just as well pretend that it can only handle aligned - * input... - */ - if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0) - return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); - - inp_misaligned = (((size_t)in_arg) & 0x0F); - out_misaligned = (((size_t)out_arg) & 0x0F); - - /* - * Note that even if output is aligned and input not, I still prefer to - * loop instead of copy the whole input and then encrypt in one stroke. - * This is done in order to improve L1 cache utilization... - */ - realign_in_loop = out_misaligned | inp_misaligned; - - if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0) - return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes); - - /* this takes one "if" out of the loops */ - chunk = nbytes; - chunk %= PADLOCK_CHUNK; - if (chunk == 0) - chunk = PADLOCK_CHUNK; - - if (out_misaligned) { - /* optmize for small input */ - allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes); - out = alloca(0x10 + allocated); - out = NEAREST_ALIGNED(out); - } else - out = out_arg; - - cdata = ALIGNED_CIPHER_DATA(ctx); - padlock_verify_context(cdata); - - switch (EVP_CIPHER_CTX_mode(ctx)) { - case EVP_CIPH_ECB_MODE: - do { - if (inp_misaligned) - inp = padlock_memcpy(out, in_arg, chunk); - else - inp = in_arg; - in_arg += chunk; - - padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata, out, inp); - - if (out_misaligned) - out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; - else - out = out_arg += chunk; - - nbytes -= chunk; - chunk = PADLOCK_CHUNK; - } while (nbytes); - break; - - case EVP_CIPH_CBC_MODE: - memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); - goto cbc_shortcut; - do { - if (iv != cdata->iv) - memcpy(cdata->iv, iv, AES_BLOCK_SIZE); - chunk = PADLOCK_CHUNK; - cbc_shortcut: /* optimize for small input */ - if (inp_misaligned) - inp = padlock_memcpy(out, in_arg, chunk); - else - inp = in_arg; - in_arg += chunk; - - iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata, out, inp); - - if (out_misaligned) - out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; - else - out = out_arg += chunk; - - } while (nbytes -= chunk); - memcpy(ctx->iv, iv, AES_BLOCK_SIZE); - break; - - case EVP_CIPH_CFB_MODE: - memcpy(iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE); - chunk &= ~(AES_BLOCK_SIZE - 1); - if (chunk) - goto cfb_shortcut; - else - goto cfb_skiploop; - do { - if (iv != cdata->iv) - memcpy(cdata->iv, iv, AES_BLOCK_SIZE); - chunk = PADLOCK_CHUNK; - cfb_shortcut: /* optimize for small input */ - if (inp_misaligned) - inp = padlock_memcpy(out, in_arg, chunk); - else - inp = in_arg; - in_arg += chunk; - - iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata, out, inp); - - if (out_misaligned) - out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; - else - out = out_arg += chunk; - - nbytes -= chunk; - } while (nbytes >= AES_BLOCK_SIZE); - - cfb_skiploop: - if (nbytes) { - unsigned char *ivp = cdata->iv; - - if (iv != ivp) { - memcpy(ivp, iv, AES_BLOCK_SIZE); - iv = ivp; - } - ctx->num = nbytes; - if (cdata->cword.b.encdec) { - cdata->cword.b.encdec = 0; - padlock_reload_key(); - padlock_xcrypt_ecb(1, cdata, ivp, ivp); - cdata->cword.b.encdec = 1; - padlock_reload_key(); - while (nbytes) { - unsigned char c = *(in_arg++); - *(out_arg++) = c ^ *ivp; - *(ivp++) = c, nbytes--; - } - } else { - padlock_reload_key(); - padlock_xcrypt_ecb(1, cdata, ivp, ivp); - padlock_reload_key(); - while (nbytes) { - *ivp = *(out_arg++) = *(in_arg++) ^ *ivp; - ivp++, nbytes--; - } - } - } - - memcpy(ctx->iv, iv, AES_BLOCK_SIZE); - break; - - case EVP_CIPH_OFB_MODE: - memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE); - chunk &= ~(AES_BLOCK_SIZE - 1); - if (chunk) - do { - if (inp_misaligned) - inp = padlock_memcpy(out, in_arg, chunk); - else - inp = in_arg; - in_arg += chunk; - - padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata, out, inp); - - if (out_misaligned) - out_arg = padlock_memcpy(out_arg, out, chunk) + chunk; - else - out = out_arg += chunk; - - nbytes -= chunk; - chunk = PADLOCK_CHUNK; - } while (nbytes >= AES_BLOCK_SIZE); - - if (nbytes) { - unsigned char *ivp = cdata->iv; - - ctx->num = nbytes; - padlock_reload_key(); /* empirically found */ - padlock_xcrypt_ecb(1, cdata, ivp, ivp); - padlock_reload_key(); /* empirically found */ - while (nbytes) { - *(out_arg++) = *(in_arg++) ^ *ivp; - ivp++, nbytes--; - } - } - - memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE); - break; - - default: - return 0; - } - - /* Clean the realign buffer if it was used */ - if (out_misaligned) { - volatile unsigned long *p = (void *)out; - size_t n = allocated / sizeof(*p); - while (n--) - *p++ = 0; - } - - memset(cdata->iv, 0, AES_BLOCK_SIZE); - - return 1; -} - -# endif /* OPENSSL_NO_AES */ - /* ===== Random Number Generator ===== */ /* * This code is not engaged. The reason is that it does not comply @@ -1228,7 +706,7 @@ static int padlock_rand_bytes(unsigned char *output, int count) *output++ = (unsigned char)buf; count--; } - *(volatile unsigned int *)&buf = 0; + OPENSSL_cleanse(&buf, sizeof(buf)); return 1; } @@ -1249,8 +727,13 @@ static RAND_METHOD padlock_rand = { padlock_rand_status, /* rand status */ }; -# else /* !COMPILE_HW_PADLOCK */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE +# endif /* COMPILE_HW_PADLOCK */ +# endif /* !OPENSSL_NO_HW_PADLOCK */ +#endif /* !OPENSSL_NO_HW */ + +#if defined(OPENSSL_NO_HW) || defined(OPENSSL_NO_HW_PADLOCK) \ + || !defined(COMPILE_HW_PADLOCK) +# ifndef OPENSSL_NO_DYNAMIC_ENGINE OPENSSL_EXPORT int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); OPENSSL_EXPORT @@ -1260,7 +743,5 @@ OPENSSL_EXPORT } IMPLEMENT_DYNAMIC_CHECK_FN() -# endif -# endif /* COMPILE_HW_PADLOCK */ -# endif /* !OPENSSL_NO_HW_PADLOCK */ -#endif /* !OPENSSL_NO_HW */ +# endif +#endif diff --git a/engines/e_sureware.c b/engines/e_sureware.c deleted file mode 100644 index 8a23763f75d9..000000000000 --- a/engines/e_sureware.c +++ /dev/null @@ -1,1101 +0,0 @@ -/*- -* Written by Corinne Dive-Reclus(cdive@baltimore.com) -* -* -* Redistribution and use in source and binary forms, with or without -* modification, are permitted provided that the following conditions -* are met: -* -* 1. Redistributions of source code must retain the above copyright -* notice, this list of conditions and the following disclaimer. -* -* 2. Redistributions in binary form must reproduce the above copyright -* notice, this list of conditions and the following disclaimer in -* the documentation and/or other materials provided with the -* distribution. -* -* 3. All advertising materials mentioning features or use of this -* software must display the following acknowledgment: -* "This product includes software developed by the OpenSSL Project -* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -* -* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -* endorse or promote products derived from this software without -* prior written permission. For written permission, please contact -* licensing@OpenSSL.org. -* -* 5. Products derived from this software may not be called "OpenSSL" -* nor may "OpenSSL" appear in their names without prior written -* permission of the OpenSSL Project. -* -* 6. Redistributions of any form whatsoever must retain the following -* acknowledgment: -* "This product includes software developed by the OpenSSL Project -* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -* -* Written by Corinne Dive-Reclus(cdive@baltimore.com) -* -* Copyright@2001 Baltimore Technologies Ltd. -* All right Reserved. -* * -* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND * -* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * -* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * -* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE * -* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * -* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * -* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * -* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * -* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * -* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * -* SUCH DAMAGE. * -====================================================================*/ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/pem.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#include <openssl/rand.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_SUREWARE - -# ifdef FLAT_INC -# include "sureware.h" -# else -# include "vendor_defns/sureware.h" -# endif - -# define SUREWARE_LIB_NAME "sureware engine" -# include "e_sureware_err.c" - -static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, - void (*f) (void)); -static int surewarehk_destroy(ENGINE *e); -static int surewarehk_init(ENGINE *e); -static int surewarehk_finish(ENGINE *e); -static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -/* RSA stuff */ -# ifndef OPENSSL_NO_RSA -static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int surewarehk_rsa_sign(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -# endif - -/* RAND stuff */ -static int surewarehk_rand_bytes(unsigned char *buf, int num); -static void surewarehk_rand_seed(const void *buf, int num); -static void surewarehk_rand_add(const void *buf, int num, double entropy); - -/* KM stuff */ -static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, - void *callback_data); -static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, - void *callback_data); -static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -# if 0 -static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -# endif - -# ifndef OPENSSL_NO_RSA -/* This function is aliased to mod_exp (with the mont stuff dropped). */ -static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return surewarehk_modexp(r, a, p, m, ctx); -} - -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD surewarehk_rsa = { - "SureWare RSA method", - NULL, /* pub_enc */ - NULL, /* pub_dec */ - surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc */ - surewarehk_rsa_priv_dec, /* priv_dec */ - NULL, /* mod_exp */ - surewarehk_mod_exp_mont, /* mod_exp_mongomery */ - NULL, /* init */ - NULL, /* finish */ - 0, /* RSA flag */ - NULL, - NULL, /* OpenSSL sign */ - NULL, /* OpenSSL verify */ - NULL /* keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return surewarehk_modexp(r, a, p, m, ctx); -} - -static DH_METHOD surewarehk_dh = { - "SureWare DH method", - NULL, /* gen_key */ - NULL, /* agree, */ - surewarehk_modexp_dh, /* dh mod exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, - NULL -}; -# endif - -static RAND_METHOD surewarehk_rand = { - /* "SureWare RAND method", */ - surewarehk_rand_seed, - surewarehk_rand_bytes, - NULL, /* cleanup */ - surewarehk_rand_add, - surewarehk_rand_bytes, - NULL, /* rand_status */ -}; - -# ifndef OPENSSL_NO_DSA -/* DSA stuff */ -static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen, - DSA *dsa); -static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, - BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!surewarehk_modexp(rr, a1, p1, m, ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!surewarehk_modexp(&t, a2, p2, m, ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr, rr, &t, m, ctx)) - goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; -} - -static DSA_METHOD surewarehk_dsa = { - "SureWare DSA method", - surewarehk_dsa_do_sign, - NULL, /* sign setup */ - NULL, /* verify, */ - surewarehk_dsa_mod_exp, /* mod exp */ - NULL, /* bn mod exp */ - NULL, /* init */ - NULL, /* finish */ - 0, - NULL, - NULL, - NULL -}; -# endif - -static const char *engine_sureware_id = "sureware"; -static const char *engine_sureware_name = "SureWare hardware engine support"; - -/* Now, to our own code */ - -/* - * As this is only ever called once, there's no need for locking (indeed - - * the lock will already be held by our caller!!!) - */ -static int bind_sureware(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DSA - const DSA_METHOD *meth2; -# endif -# ifndef OPENSSL_NO_DH - const DH_METHOD *meth3; -# endif - - if (!ENGINE_set_id(e, engine_sureware_id) || - !ENGINE_set_name(e, engine_sureware_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &surewarehk_rsa) || -# endif -# ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &surewarehk_dsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &surewarehk_dh) || -# endif - !ENGINE_set_RAND(e, &surewarehk_rand) || - !ENGINE_set_destroy_function(e, surewarehk_destroy) || - !ENGINE_set_init_function(e, surewarehk_init) || - !ENGINE_set_finish_function(e, surewarehk_finish) || - !ENGINE_set_ctrl_function(e, surewarehk_ctrl) || - !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) || - !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB: - * We don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - if (meth1) { - surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - } -# endif - -# ifndef OPENSSL_NO_DSA - /* - * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits. - */ - meth2 = DSA_OpenSSL(); - if (meth2) { - surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify; - } -# endif - -# ifndef OPENSSL_NO_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - if (meth3) { - surewarehk_dh.generate_key = meth3->generate_key; - surewarehk_dh.compute_key = meth3->compute_key; - } -# endif - - /* Ensure the sureware error handling is set up */ - ERR_load_SUREWARE_strings(); - return 1; -} - -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_helper(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_sureware_id) != 0)) - return 0; - if (!bind_sureware(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) -# else -static ENGINE *engine_sureware(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_sureware(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_sureware(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_sureware(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This is a process-global DSO handle used for loading and unloading the - * SureWareHook library. NB: This is only set (or unset) during an init() or - * finish() call (reference counts permitting) and they're operating with - * global locks, so this should be thread-safe implicitly. - */ -static DSO *surewarehk_dso = NULL; -# ifndef OPENSSL_NO_RSA -/* Index for KM handle. Not really used yet. */ -static int rsaHndidx = -1; -# endif -# ifndef OPENSSL_NO_DSA -/* Index for KM handle. Not really used yet. */ -static int dsaHndidx = -1; -# endif - -/* - * These are the function pointers that are (un)set when the library has - * successfully (un)loaded. - */ -static SureWareHook_Init_t *p_surewarehk_Init = NULL; -static SureWareHook_Finish_t *p_surewarehk_Finish = NULL; -static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL; -static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL; -static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL; -static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL; -static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL; -static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL; -static SureWareHook_Free_t *p_surewarehk_Free = NULL; -static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec = NULL; -static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign = NULL; -static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign = NULL; -static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp = NULL; - -/* Used in the DSO operations. */ -static const char *surewarehk_LIBNAME = "SureWareHook"; -static const char *n_surewarehk_Init = "SureWareHook_Init"; -static const char *n_surewarehk_Finish = "SureWareHook_Finish"; -static const char *n_surewarehk_Rand_Bytes = "SureWareHook_Rand_Bytes"; -static const char *n_surewarehk_Rand_Seed = "SureWareHook_Rand_Seed"; -static const char *n_surewarehk_Load_Privkey = "SureWareHook_Load_Privkey"; -static const char *n_surewarehk_Info_Pubkey = "SureWareHook_Info_Pubkey"; -static const char *n_surewarehk_Load_Rsa_Pubkey = - "SureWareHook_Load_Rsa_Pubkey"; -static const char *n_surewarehk_Load_Dsa_Pubkey = - "SureWareHook_Load_Dsa_Pubkey"; -static const char *n_surewarehk_Free = "SureWareHook_Free"; -static const char *n_surewarehk_Rsa_Priv_Dec = "SureWareHook_Rsa_Priv_Dec"; -static const char *n_surewarehk_Rsa_Sign = "SureWareHook_Rsa_Sign"; -static const char *n_surewarehk_Dsa_Sign = "SureWareHook_Dsa_Sign"; -static const char *n_surewarehk_Mod_Exp = "SureWareHook_Mod_Exp"; -static BIO *logstream = NULL; - -/* - * SureWareHook library functions and mechanics - these are used by the - * higher-level functions further down. NB: As and where there's no error - * checking, take a look lower down where these functions are called, the - * checking and error handling is probably down there. - */ -static int threadsafe = 1; -static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, - void (*f) (void)) -{ - int to_return = 1; - - switch (cmd) { - case ENGINE_CTRL_SET_LOGSTREAM: - { - BIO *bio = (BIO *)p; - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (logstream) { - BIO_free(logstream); - logstream = NULL; - } - if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1) - logstream = bio; - else - SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL, - SUREWARE_R_BIO_WAS_FREED); - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - /* - * This will prevent the initialisation function from "installing" - * the mutex-handling callbacks, even if they are available from - * within the library (or were provided to the library from the - * calling application). This is to remove any baggage for - * applications not using multithreading. - */ - case ENGINE_CTRL_CHIL_NO_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - threadsafe = 0; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - break; - - /* The command isn't understood by this engine */ - default: - SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL, - ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); - to_return = 0; - break; - } - - return to_return; -} - -/* Destructor (complements the "ENGINE_surewarehk()" constructor) */ -static int surewarehk_destroy(ENGINE *e) -{ - ERR_unload_SUREWARE_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int surewarehk_init(ENGINE *e) -{ - char msg[64] = "ENGINE_init"; - SureWareHook_Init_t *p1 = NULL; - SureWareHook_Finish_t *p2 = NULL; - SureWareHook_Rand_Bytes_t *p3 = NULL; - SureWareHook_Rand_Seed_t *p4 = NULL; - SureWareHook_Load_Privkey_t *p5 = NULL; - SureWareHook_Load_Rsa_Pubkey_t *p6 = NULL; - SureWareHook_Free_t *p7 = NULL; - SureWareHook_Rsa_Priv_Dec_t *p8 = NULL; - SureWareHook_Rsa_Sign_t *p9 = NULL; - SureWareHook_Dsa_Sign_t *p12 = NULL; - SureWareHook_Info_Pubkey_t *p13 = NULL; - SureWareHook_Load_Dsa_Pubkey_t *p14 = NULL; - SureWareHook_Mod_Exp_t *p15 = NULL; - - if (surewarehk_dso != NULL) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_ALREADY_LOADED); - goto err; - } - /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */ - surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0); - if (surewarehk_dso == NULL) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE); - goto err; - } - if (! - (p1 = - (SureWareHook_Init_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Init)) -|| !(p2 = - (SureWareHook_Finish_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Finish)) -|| !(p3 = - (SureWareHook_Rand_Bytes_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Rand_Bytes)) -|| !(p4 = - (SureWareHook_Rand_Seed_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Rand_Seed)) -|| !(p5 = - (SureWareHook_Load_Privkey_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Load_Privkey)) -|| !(p6 = - (SureWareHook_Load_Rsa_Pubkey_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Load_Rsa_Pubkey)) -|| !(p7 = - (SureWareHook_Free_t *) DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) -|| !(p8 = - (SureWareHook_Rsa_Priv_Dec_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Rsa_Priv_Dec)) -|| !(p9 = - (SureWareHook_Rsa_Sign_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Rsa_Sign)) -|| !(p12 = - (SureWareHook_Dsa_Sign_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Dsa_Sign)) -|| !(p13 = - (SureWareHook_Info_Pubkey_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Info_Pubkey)) -|| !(p14 = - (SureWareHook_Load_Dsa_Pubkey_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Load_Dsa_Pubkey)) -|| !(p15 = - (SureWareHook_Mod_Exp_t *) DSO_bind_func(surewarehk_dso, - n_surewarehk_Mod_Exp))) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE); - goto err; - } - /* Copy the pointers */ - p_surewarehk_Init = p1; - p_surewarehk_Finish = p2; - p_surewarehk_Rand_Bytes = p3; - p_surewarehk_Rand_Seed = p4; - p_surewarehk_Load_Privkey = p5; - p_surewarehk_Load_Rsa_Pubkey = p6; - p_surewarehk_Free = p7; - p_surewarehk_Rsa_Priv_Dec = p8; - p_surewarehk_Rsa_Sign = p9; - p_surewarehk_Dsa_Sign = p12; - p_surewarehk_Info_Pubkey = p13; - p_surewarehk_Load_Dsa_Pubkey = p14; - p_surewarehk_Mod_Exp = p15; - /* Contact the hardware and initialises it. */ - if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE); - goto err; - } - if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE); - goto err; - } - /* - * try to load the default private key, if failed does not return a - * failure but wait for an explicit ENGINE_load_privakey - */ - surewarehk_load_privkey(e, NULL, NULL, NULL); - - /* Everything's fine. */ -# ifndef OPENSSL_NO_RSA - if (rsaHndidx == -1) - rsaHndidx = RSA_get_ex_new_index(0, - "SureWareHook RSA key handle", - NULL, NULL, surewarehk_ex_free); -# endif -# ifndef OPENSSL_NO_DSA - if (dsaHndidx == -1) - dsaHndidx = DSA_get_ex_new_index(0, - "SureWareHook DSA key handle", - NULL, NULL, surewarehk_ex_free); -# endif - - return 1; - err: - if (surewarehk_dso) - DSO_free(surewarehk_dso); - surewarehk_dso = NULL; - p_surewarehk_Init = NULL; - p_surewarehk_Finish = NULL; - p_surewarehk_Rand_Bytes = NULL; - p_surewarehk_Rand_Seed = NULL; - p_surewarehk_Load_Privkey = NULL; - p_surewarehk_Load_Rsa_Pubkey = NULL; - p_surewarehk_Free = NULL; - p_surewarehk_Rsa_Priv_Dec = NULL; - p_surewarehk_Rsa_Sign = NULL; - p_surewarehk_Dsa_Sign = NULL; - p_surewarehk_Info_Pubkey = NULL; - p_surewarehk_Load_Dsa_Pubkey = NULL; - p_surewarehk_Mod_Exp = NULL; - return 0; -} - -static int surewarehk_finish(ENGINE *e) -{ - int to_return = 1; - if (surewarehk_dso == NULL) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_NOT_LOADED); - to_return = 0; - goto err; - } - p_surewarehk_Finish(); - if (!DSO_free(surewarehk_dso)) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_DSO_FAILURE); - to_return = 0; - goto err; - } - err: - if (logstream) - BIO_free(logstream); - surewarehk_dso = NULL; - p_surewarehk_Init = NULL; - p_surewarehk_Finish = NULL; - p_surewarehk_Rand_Bytes = NULL; - p_surewarehk_Rand_Seed = NULL; - p_surewarehk_Load_Privkey = NULL; - p_surewarehk_Load_Rsa_Pubkey = NULL; - p_surewarehk_Free = NULL; - p_surewarehk_Rsa_Priv_Dec = NULL; - p_surewarehk_Rsa_Sign = NULL; - p_surewarehk_Dsa_Sign = NULL; - p_surewarehk_Info_Pubkey = NULL; - p_surewarehk_Load_Dsa_Pubkey = NULL; - p_surewarehk_Mod_Exp = NULL; - return to_return; -} - -static void surewarehk_error_handling(char *const msg, int func, int ret) -{ - switch (ret) { - case SUREWAREHOOK_ERROR_UNIT_FAILURE: - ENGINEerr(func, SUREWARE_R_UNIT_FAILURE); - break; - case SUREWAREHOOK_ERROR_FALLBACK: - ENGINEerr(func, SUREWARE_R_REQUEST_FALLBACK); - break; - case SUREWAREHOOK_ERROR_DATA_SIZE: - ENGINEerr(func, SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - break; - case SUREWAREHOOK_ERROR_INVALID_PAD: - ENGINEerr(func, SUREWARE_R_PADDING_CHECK_FAILED); - break; - default: - ENGINEerr(func, SUREWARE_R_REQUEST_FAILED); - break; - case 1: /* nothing */ - msg[0] = '\0'; - } - if (*msg) { - ERR_add_error_data(1, msg); - if (logstream) { - CRYPTO_w_lock(CRYPTO_LOCK_BIO); - BIO_write(logstream, msg, strlen(msg)); - CRYPTO_w_unlock(CRYPTO_LOCK_BIO); - } - } -} - -static int surewarehk_rand_bytes(unsigned char *buf, int num) -{ - int ret = 0; - char msg[64] = "ENGINE_rand_bytes"; - if (!p_surewarehk_Rand_Bytes) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES, - ENGINE_R_NOT_INITIALISED); - } else { - ret = p_surewarehk_Rand_Bytes(msg, buf, num); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_BYTES, ret); - } - return ret == 1 ? 1 : 0; -} - -static void surewarehk_rand_seed(const void *buf, int num) -{ - int ret = 0; - char msg[64] = "ENGINE_rand_seed"; - if (!p_surewarehk_Rand_Seed) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED, - ENGINE_R_NOT_INITIALISED); - } else { - ret = p_surewarehk_Rand_Seed(msg, buf, num); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_SEED, ret); - } -} - -static void surewarehk_rand_add(const void *buf, int num, double entropy) -{ - surewarehk_rand_seed(buf, num); -} - -static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id, - char *hptr, unsigned long el, - char keytype) -{ - EVP_PKEY *res = NULL; -# ifndef OPENSSL_NO_RSA - RSA *rsatmp = NULL; -# endif -# ifndef OPENSSL_NO_DSA - DSA *dsatmp = NULL; -# endif - char msg[64] = "sureware_load_public"; - int ret = 0; - if (!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) { - SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, - ENGINE_R_NOT_INITIALISED); - goto err; - } - switch (keytype) { -# ifndef OPENSSL_NO_RSA - case 1: - /*RSA*/ - /* set private external reference */ - rsatmp = RSA_new_method(e); - RSA_set_ex_data(rsatmp, rsaHndidx, hptr); - rsatmp->flags |= RSA_FLAG_EXT_PKEY; - - /* set public big nums */ - rsatmp->e = BN_new(); - rsatmp->n = BN_new(); - if(!rsatmp->e || !rsatmp->n) - goto err; - bn_expand2(rsatmp->e, el / sizeof(BN_ULONG)); - bn_expand2(rsatmp->n, el / sizeof(BN_ULONG)); - if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) || - rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG))) - goto err; - ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el, - (unsigned long *)rsatmp->n->d, - (unsigned long *)rsatmp->e->d); - surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret); - if (ret != 1) { - SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, - ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - /* normalise pub e and pub n */ - rsatmp->e->top = el / sizeof(BN_ULONG); - bn_fix_top(rsatmp->e); - rsatmp->n->top = el / sizeof(BN_ULONG); - bn_fix_top(rsatmp->n); - /* create an EVP object: engine + rsa key */ - res = EVP_PKEY_new(); - EVP_PKEY_assign_RSA(res, rsatmp); - break; -# endif - -# ifndef OPENSSL_NO_DSA - case 2: - /*DSA*/ - /* set private/public external reference */ - dsatmp = DSA_new_method(e); - DSA_set_ex_data(dsatmp, dsaHndidx, hptr); - /* - * dsatmp->flags |= DSA_FLAG_EXT_PKEY; - */ - - /* set public key */ - dsatmp->pub_key = BN_new(); - dsatmp->p = BN_new(); - dsatmp->q = BN_new(); - dsatmp->g = BN_new(); - if(!dsatmp->pub_key || !dsatmp->p || !dsatmp->q || !dsatmp->g) - goto err; - bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG)); - bn_expand2(dsatmp->p, el / sizeof(BN_ULONG)); - bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG)); - bn_expand2(dsatmp->g, el / sizeof(BN_ULONG)); - if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG)) - || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG)) - || dsatmp->q->dmax != 20 / sizeof(BN_ULONG) - || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG))) - goto err; - - ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el, - (unsigned long *)dsatmp-> - pub_key->d, - (unsigned long *)dsatmp->p->d, - (unsigned long *)dsatmp->q->d, - (unsigned long *)dsatmp->g->d); - surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret); - if (ret != 1) { - SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, - ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - goto err; - } - /* set parameters */ - /* normalise pubkey and parameters in case of */ - dsatmp->pub_key->top = el / sizeof(BN_ULONG); - bn_fix_top(dsatmp->pub_key); - dsatmp->p->top = el / sizeof(BN_ULONG); - bn_fix_top(dsatmp->p); - dsatmp->q->top = 20 / sizeof(BN_ULONG); - bn_fix_top(dsatmp->q); - dsatmp->g->top = el / sizeof(BN_ULONG); - bn_fix_top(dsatmp->g); - - /* create an EVP object: engine + rsa key */ - res = EVP_PKEY_new(); - EVP_PKEY_assign_DSA(res, dsatmp); - break; -# endif - - default: - SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, - ENGINE_R_FAILED_LOADING_PRIVATE_KEY); - goto err; - } - return res; - err: -# ifndef OPENSSL_NO_RSA - if (rsatmp) - RSA_free(rsatmp); -# endif -# ifndef OPENSSL_NO_DSA - if (dsatmp) - DSA_free(dsatmp); -# endif - return NULL; -} - -static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, - void *callback_data) -{ - EVP_PKEY *res = NULL; - int ret = 0; - unsigned long el = 0; - char *hptr = NULL; - char keytype = 0; - char msg[64] = "ENGINE_load_privkey"; - - if (!p_surewarehk_Load_Privkey) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY, - ENGINE_R_NOT_INITIALISED); - } else { - ret = p_surewarehk_Load_Privkey(msg, key_id, &hptr, &el, &keytype); - if (ret != 1) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY, - ENGINE_R_FAILED_LOADING_PRIVATE_KEY); - ERR_add_error_data(1, msg); - } else - res = sureware_load_public(e, key_id, hptr, el, keytype); - } - return res; -} - -static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, - void *callback_data) -{ - EVP_PKEY *res = NULL; - int ret = 0; - unsigned long el = 0; - char *hptr = NULL; - char keytype = 0; - char msg[64] = "ENGINE_load_pubkey"; - - if (!p_surewarehk_Info_Pubkey) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY, - ENGINE_R_NOT_INITIALISED); - } else { - /* call once to identify if DSA or RSA */ - ret = p_surewarehk_Info_Pubkey(msg, key_id, &el, &keytype); - if (ret != 1) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY, - ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - ERR_add_error_data(1, msg); - } else - res = sureware_load_public(e, key_id, hptr, el, keytype); - } - return res; -} - -/* - * This cleans up an RSA/DSA KM key(do not destroy the key into the hardware) - * , called when ex_data is freed - */ -static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp) -{ - if (!p_surewarehk_Free) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE, ENGINE_R_NOT_INITIALISED); - } else - p_surewarehk_Free((char *)item, 0); -} - -# if 0 -/* not currently used (bug?) */ -/* - * This cleans up an DH KM key (destroys the key into hardware), called when - * ex_data is freed - */ -static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp) -{ - if (!p_surewarehk_Free) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE, - ENGINE_R_NOT_INITIALISED); - } else - p_surewarehk_Free((char *)item, 1); -} -# endif - -/* - * return number of decrypted bytes - */ -# ifndef OPENSSL_NO_RSA -static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - int ret = 0, tlen; - char *buf = NULL, *hptr = NULL; - char msg[64] = "ENGINE_rsa_priv_dec"; - if (!p_surewarehk_Rsa_Priv_Dec) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - ENGINE_R_NOT_INITIALISED); - } - /* extract ref to private key */ - else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - SUREWARE_R_MISSING_KEY_COMPONENTS); - goto err; - } - /* analyse what padding we can do into the hardware */ - if (padding == RSA_PKCS1_PADDING) { - /* do it one shot */ - ret = - p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen, - to, hptr, SUREWARE_PKCS1_PAD); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - ret); - if (ret != 1) - goto err; - ret = tlen; - } else { /* do with no padding into hardware */ - - ret = - p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen, - to, hptr, SUREWARE_NO_PAD); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - ret); - if (ret != 1) - goto err; - /* intermediate buffer for padding */ - if ((buf = OPENSSL_malloc(tlen)) == NULL) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(buf, to, tlen); /* transfert to into buf */ - switch (padding) { /* check padding in software */ -# ifndef OPENSSL_NO_SHA - case RSA_PKCS1_OAEP_PADDING: - ret = - RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf, - tlen, tlen, NULL, 0); - break; -# endif - case RSA_SSLV23_PADDING: - ret = - RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen, - tlen); - break; - case RSA_NO_PADDING: - ret = - RSA_padding_check_none(to, tlen, (unsigned char *)buf, flen, - tlen); - break; - default: - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - SUREWARE_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (ret < 0) - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, - SUREWARE_R_PADDING_CHECK_FAILED); - } - err: - if (buf) { - OPENSSL_cleanse(buf, tlen); - OPENSSL_free(buf); - } - return ret; -} - -/* - * Does what OpenSSL rsa_priv_enc does. - */ -static int surewarehk_rsa_sign(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - int ret = 0, tlen; - char *hptr = NULL; - char msg[64] = "ENGINE_rsa_sign"; - if (!p_surewarehk_Rsa_Sign) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, ENGINE_R_NOT_INITIALISED); - } - /* extract ref to private key */ - else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, - SUREWARE_R_MISSING_KEY_COMPONENTS); - } else { - switch (padding) { - case RSA_PKCS1_PADDING: /* do it in one shot */ - ret = - p_surewarehk_Rsa_Sign(msg, flen, (unsigned char *)from, &tlen, - to, hptr, SUREWARE_PKCS1_PAD); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_SIGN, - ret); - break; - case RSA_NO_PADDING: - default: - SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, - SUREWARE_R_UNKNOWN_PADDING_TYPE); - } - } - return ret == 1 ? tlen : ret; -} - -# endif - -# ifndef OPENSSL_NO_DSA -/* DSA sign and verify */ -static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen, - DSA *dsa) -{ - int ret = 0; - char *hptr = NULL; - DSA_SIG *psign = NULL; - char msg[64] = "ENGINE_dsa_do_sign"; - if (!p_surewarehk_Dsa_Sign) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, - ENGINE_R_NOT_INITIALISED); - goto err; - } - /* extract ref to private key */ - else if (!(hptr = DSA_get_ex_data(dsa, dsaHndidx))) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, - SUREWARE_R_MISSING_KEY_COMPONENTS); - goto err; - } else { - if ((psign = DSA_SIG_new()) == NULL) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, - ERR_R_MALLOC_FAILURE); - goto err; - } - psign->r = BN_new(); - psign->s = BN_new(); - if(!psign->r || !psign->s) - goto err; - bn_expand2(psign->r, 20 / sizeof(BN_ULONG)); - bn_expand2(psign->s, 20 / sizeof(BN_ULONG)); - if (psign->r->dmax != 20 / sizeof(BN_ULONG) || - psign->s->dmax != 20 / sizeof(BN_ULONG)) - goto err; - ret = p_surewarehk_Dsa_Sign(msg, flen, from, - (unsigned long *)psign->r->d, - (unsigned long *)psign->s->d, hptr); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, - ret); - } - psign->r->top = 20 / sizeof(BN_ULONG); - bn_fix_top(psign->r); - psign->s->top = 20 / sizeof(BN_ULONG); - bn_fix_top(psign->s); - - err: - if (psign) { - DSA_SIG_free(psign); - psign = NULL; - } - return psign; -} -# endif - -static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - int ret = 0; - char msg[64] = "ENGINE_modexp"; - if (!p_surewarehk_Mod_Exp) { - SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED); - } else if (r) { - bn_expand2(r, m->top); - if (r->dmax == m->top) { - /* do it */ - ret = p_surewarehk_Mod_Exp(msg, - m->top * sizeof(BN_ULONG), - (unsigned long *)m->d, - p->top * sizeof(BN_ULONG), - (unsigned long *)p->d, - a->top * sizeof(BN_ULONG), - (unsigned long *)a->d, - (unsigned long *)r->d); - surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_MODEXP, ret); - if (ret == 1) { - /* normalise result */ - r->top = m->top; - bn_fix_top(r); - } - } - } - return ret; -} -# endif /* !OPENSSL_NO_HW_SureWare */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_sureware_err.c b/engines/e_sureware_err.c deleted file mode 100644 index f6f7eff3ab47..000000000000 --- a/engines/e_sureware_err.c +++ /dev/null @@ -1,154 +0,0 @@ -/* e_sureware_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_sureware_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA SUREWARE_str_functs[] = { - {ERR_FUNC(SUREWARE_F_SUREWAREHK_CTRL), "SUREWAREHK_CTRL"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_DH_EX_FREE), "SUREWAREHK_DH_EX_FREE"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN), "SUREWAREHK_DSA_DO_SIGN"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_EX_FREE), "SUREWAREHK_EX_FREE"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_FINISH), "SUREWAREHK_FINISH"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_INIT), "SUREWAREHK_INIT"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY), "SUREWAREHK_LOAD_PRIVKEY"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY), "SUREWAREHK_LOAD_PUBKEY"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_MODEXP), "SUREWAREHK_MODEXP"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_BYTES), "SUREWAREHK_RAND_BYTES"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_SEED), "SUREWAREHK_RAND_SEED"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC), "SUREWAREHK_RSA_PRIV_DEC"}, - {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_SIGN), "SUREWAREHK_RSA_SIGN"}, - {ERR_FUNC(SUREWARE_F_SUREWARE_LOAD_PUBLIC), "SUREWARE_LOAD_PUBLIC"}, - {0, NULL} -}; - -static ERR_STRING_DATA SUREWARE_str_reasons[] = { - {ERR_REASON(SUREWARE_R_BIO_WAS_FREED), "bio was freed"}, - {ERR_REASON(SUREWARE_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {ERR_REASON(SUREWARE_R_PADDING_CHECK_FAILED), "padding check failed"}, - {ERR_REASON(SUREWARE_R_REQUEST_FAILED), "request failed"}, - {ERR_REASON(SUREWARE_R_REQUEST_FALLBACK), "request fallback"}, - {ERR_REASON(SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL), - "size too large or too small"}, - {ERR_REASON(SUREWARE_R_UNIT_FAILURE), "unit failure"}, - {ERR_REASON(SUREWARE_R_UNKNOWN_PADDING_TYPE), "unknown padding type"}, - {0, NULL} -}; - -#endif - -#ifdef SUREWARE_LIB_NAME -static ERR_STRING_DATA SUREWARE_lib_name[] = { - {0, SUREWARE_LIB_NAME}, - {0, NULL} -}; -#endif - -static int SUREWARE_lib_error_code = 0; -static int SUREWARE_error_init = 1; - -static void ERR_load_SUREWARE_strings(void) -{ - if (SUREWARE_lib_error_code == 0) - SUREWARE_lib_error_code = ERR_get_next_error_library(); - - if (SUREWARE_error_init) { - SUREWARE_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_functs); - ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons); -#endif - -#ifdef SUREWARE_LIB_NAME - SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code, 0, 0); - ERR_load_strings(0, SUREWARE_lib_name); -#endif - } -} - -static void ERR_unload_SUREWARE_strings(void) -{ - if (SUREWARE_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_functs); - ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons); -#endif - -#ifdef SUREWARE_LIB_NAME - ERR_unload_strings(0, SUREWARE_lib_name); -#endif - SUREWARE_error_init = 1; - } -} - -static void ERR_SUREWARE_error(int function, int reason, char *file, int line) -{ - if (SUREWARE_lib_error_code == 0) - SUREWARE_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(SUREWARE_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_sureware_err.h b/engines/e_sureware_err.h deleted file mode 100644 index bef862392568..000000000000 --- a/engines/e_sureware_err.h +++ /dev/null @@ -1,104 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_SUREWARE_ERR_H -# define HEADER_SUREWARE_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_SUREWARE_strings(void); -static void ERR_unload_SUREWARE_strings(void); -static void ERR_SUREWARE_error(int function, int reason, char *file, - int line); -# define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the SUREWARE functions. */ - -/* Function codes. */ -# define SUREWARE_F_SUREWAREHK_CTRL 100 -# define SUREWARE_F_SUREWAREHK_DH_EX_FREE 112 -# define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN 101 -# define SUREWARE_F_SUREWAREHK_EX_FREE 102 -# define SUREWARE_F_SUREWAREHK_FINISH 103 -# define SUREWARE_F_SUREWAREHK_INIT 104 -# define SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY 105 -# define SUREWARE_F_SUREWAREHK_LOAD_PUBKEY 113 -# define SUREWARE_F_SUREWAREHK_MODEXP 107 -# define SUREWARE_F_SUREWAREHK_RAND_BYTES 108 -# define SUREWARE_F_SUREWAREHK_RAND_SEED 109 -# define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC 110 -# define SUREWARE_F_SUREWAREHK_RSA_SIGN 111 -# define SUREWARE_F_SUREWARE_LOAD_PUBLIC 106 - -/* Reason codes. */ -# define SUREWARE_R_BIO_WAS_FREED 100 -# define SUREWARE_R_MISSING_KEY_COMPONENTS 105 -# define SUREWARE_R_PADDING_CHECK_FAILED 106 -# define SUREWARE_R_REQUEST_FAILED 101 -# define SUREWARE_R_REQUEST_FALLBACK 102 -# define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 103 -# define SUREWARE_R_UNIT_FAILURE 104 -# define SUREWARE_R_UNKNOWN_PADDING_TYPE 107 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c deleted file mode 100644 index 6f09ffb965ca..000000000000 --- a/engines/e_ubsec.c +++ /dev/null @@ -1,1085 +0,0 @@ -/* crypto/engine/hw_ubsec.c */ -/* - * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project - * 2000. Cloned shamelessly by Joe Tardo. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <stdio.h> -#include <string.h> -#include <openssl/crypto.h> -#include <openssl/buffer.h> -#include <openssl/dso.h> -#include <openssl/engine.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#include <openssl/bn.h> - -#ifndef OPENSSL_NO_HW -# ifndef OPENSSL_NO_HW_UBSEC - -# ifdef FLAT_INC -# include "hw_ubsec.h" -# else -# include "vendor_defns/hw_ubsec.h" -# endif - -# define UBSEC_LIB_NAME "ubsec engine" -# include "e_ubsec_err.c" - -# define FAIL_TO_SOFTWARE -15 - -static int ubsec_destroy(ENGINE *e); -static int ubsec_init(ENGINE *e); -static int ubsec_finish(ENGINE *e); -static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); -static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -# ifndef OPENSSL_NO_RSA -static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dp, - const BIGNUM *dq, const BIGNUM *qinv, - BN_CTX *ctx); -static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); -static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif -# ifndef OPENSSL_NO_DSA -# ifdef NOT_USED -static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); -static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -# endif -static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, - DSA *dsa); -static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); -# endif -# ifndef OPENSSL_NO_DH -static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -static int ubsec_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, - DH *dh); -static int ubsec_dh_generate_key(DH *dh); -# endif - -# ifdef NOT_USED -static int ubsec_rand_bytes(unsigned char *buf, int num); -static int ubsec_rand_status(void); -# endif - -# define UBSEC_CMD_SO_PATH ENGINE_CMD_BASE -static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = { - {UBSEC_CMD_SO_PATH, - "SO_PATH", - "Specifies the path to the 'ubsec' shared library", - ENGINE_CMD_FLAG_STRING}, - {0, NULL, NULL, 0} -}; - -# ifndef OPENSSL_NO_RSA -/* Our internal RSA_METHOD that we provide pointers to */ -static RSA_METHOD ubsec_rsa = { - "UBSEC RSA method", - NULL, - NULL, - NULL, - NULL, - ubsec_rsa_mod_exp, - ubsec_mod_exp_mont, - NULL, - NULL, - 0, - NULL, - NULL, - NULL, - NULL -}; -# endif - -# ifndef OPENSSL_NO_DSA -/* Our internal DSA_METHOD that we provide pointers to */ -static DSA_METHOD ubsec_dsa = { - "UBSEC DSA method", - ubsec_dsa_do_sign, /* dsa_do_sign */ - NULL, /* dsa_sign_setup */ - ubsec_dsa_verify, /* dsa_do_verify */ - NULL, /* ubsec_dsa_mod_exp *//* dsa_mod_exp */ - NULL, /* ubsec_mod_exp_dsa *//* bn_mod_exp */ - NULL, /* init */ - NULL, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - NULL, /* dsa_paramgen */ - NULL /* dsa_keygen */ -}; -# endif - -# ifndef OPENSSL_NO_DH -/* Our internal DH_METHOD that we provide pointers to */ -static DH_METHOD ubsec_dh = { - "UBSEC DH method", - ubsec_dh_generate_key, - ubsec_dh_compute_key, - ubsec_mod_exp_dh, - NULL, - NULL, - 0, - NULL, - NULL -}; -# endif - -/* Constants used when creating the ENGINE */ -static const char *engine_ubsec_id = "ubsec"; -static const char *engine_ubsec_name = "UBSEC hardware engine support"; - -/* - * This internal function is used by ENGINE_ubsec() and possibly by the - * "dynamic" ENGINE support too - */ -static int bind_helper(ENGINE *e) -{ -# ifndef OPENSSL_NO_RSA - const RSA_METHOD *meth1; -# endif -# ifndef OPENSSL_NO_DH -# ifndef HAVE_UBSEC_DH - const DH_METHOD *meth3; -# endif /* HAVE_UBSEC_DH */ -# endif - if (!ENGINE_set_id(e, engine_ubsec_id) || - !ENGINE_set_name(e, engine_ubsec_name) || -# ifndef OPENSSL_NO_RSA - !ENGINE_set_RSA(e, &ubsec_rsa) || -# endif -# ifndef OPENSSL_NO_DSA - !ENGINE_set_DSA(e, &ubsec_dsa) || -# endif -# ifndef OPENSSL_NO_DH - !ENGINE_set_DH(e, &ubsec_dh) || -# endif - !ENGINE_set_destroy_function(e, ubsec_destroy) || - !ENGINE_set_init_function(e, ubsec_init) || - !ENGINE_set_finish_function(e, ubsec_finish) || - !ENGINE_set_ctrl_function(e, ubsec_ctrl) || - !ENGINE_set_cmd_defns(e, ubsec_cmd_defns)) - return 0; - -# ifndef OPENSSL_NO_RSA - /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the - * Broadcom-specific mod_exp and mod_exp_crt so we use those functions. - * NB: We don't use ENGINE_openssl() or anything "more generic" because - * something like the RSAref code may not hook properly, and if you own - * one of these cards then you have the right to do RSA operations on it - * anyway! - */ - meth1 = RSA_PKCS1_SSLeay(); - ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc; - ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec; - ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc; - ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec; -# endif - -# ifndef OPENSSL_NO_DH -# ifndef HAVE_UBSEC_DH - /* Much the same for Diffie-Hellman */ - meth3 = DH_OpenSSL(); - ubsec_dh.generate_key = meth3->generate_key; - ubsec_dh.compute_key = meth3->compute_key; -# endif /* HAVE_UBSEC_DH */ -# endif - - /* Ensure the ubsec error handling is set up */ - ERR_load_UBSEC_strings(); - return 1; -} - -# ifdef OPENSSL_NO_DYNAMIC_ENGINE -static ENGINE *engine_ubsec(void) -{ - ENGINE *ret = ENGINE_new(); - if (!ret) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void ENGINE_load_ubsec(void) -{ - /* Copied from eng_[openssl|dyn].c */ - ENGINE *toadd = engine_ubsec(); - if (!toadd) - return; - ENGINE_add(toadd); - ENGINE_free(toadd); - ERR_clear_error(); -} -# endif - -/* - * This is a process-global DSO handle used for loading and unloading the - * UBSEC library. NB: This is only set (or unset) during an init() or - * finish() call (reference counts permitting) and they're operating with - * global locks, so this should be thread-safe implicitly. - */ - -static DSO *ubsec_dso = NULL; - -/* - * These are the function pointers that are (un)set when the library has - * successfully (un)loaded. - */ - -static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL; -static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL; -static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL; -static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL; -# ifndef OPENSSL_NO_DH -static t_UBSEC_diffie_hellman_generate_ioctl - * p_UBSEC_diffie_hellman_generate_ioctl = NULL; -static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl - = NULL; -# endif -# ifndef OPENSSL_NO_RSA -static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; -static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -# endif -# ifndef OPENSSL_NO_DSA -static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; -static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; -# endif -static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL; -static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL; -static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL; - -static int max_key_len = 1024; /* ??? */ - -/* - * These are the static string constants for the DSO file name and the function - * symbol names to bind to. - */ - -static const char *UBSEC_LIBNAME = NULL; -static const char *get_UBSEC_LIBNAME(void) -{ - if (UBSEC_LIBNAME) - return UBSEC_LIBNAME; - return "ubsec"; -} - -static void free_UBSEC_LIBNAME(void) -{ - if (UBSEC_LIBNAME) - OPENSSL_free((void *)UBSEC_LIBNAME); - UBSEC_LIBNAME = NULL; -} - -static long set_UBSEC_LIBNAME(const char *name) -{ - free_UBSEC_LIBNAME(); - return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); -} - -static const char *UBSEC_F1 = "ubsec_bytes_to_bits"; -static const char *UBSEC_F2 = "ubsec_bits_to_bytes"; -static const char *UBSEC_F3 = "ubsec_open"; -static const char *UBSEC_F4 = "ubsec_close"; -# ifndef OPENSSL_NO_DH -static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl"; -static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl"; -# endif -/* #ifndef OPENSSL_NO_RSA */ -static const char *UBSEC_F7 = "rsa_mod_exp_ioctl"; -static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl"; -/* #endif */ -# ifndef OPENSSL_NO_DSA -static const char *UBSEC_F9 = "dsa_sign_ioctl"; -static const char *UBSEC_F10 = "dsa_verify_ioctl"; -# endif -static const char *UBSEC_F11 = "math_accelerate_ioctl"; -static const char *UBSEC_F12 = "rng_ioctl"; -static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl"; - -/* Destructor (complements the "ENGINE_ubsec()" constructor) */ -static int ubsec_destroy(ENGINE *e) -{ - free_UBSEC_LIBNAME(); - ERR_unload_UBSEC_strings(); - return 1; -} - -/* (de)initialisation functions. */ -static int ubsec_init(ENGINE *e) -{ - t_UBSEC_ubsec_bytes_to_bits *p1; - t_UBSEC_ubsec_bits_to_bytes *p2; - t_UBSEC_ubsec_open *p3; - t_UBSEC_ubsec_close *p4; -# ifndef OPENSSL_NO_DH - t_UBSEC_diffie_hellman_generate_ioctl *p5; - t_UBSEC_diffie_hellman_agree_ioctl *p6; -# endif -/* #ifndef OPENSSL_NO_RSA */ - t_UBSEC_rsa_mod_exp_ioctl *p7; - t_UBSEC_rsa_mod_exp_crt_ioctl *p8; -/* #endif */ -# ifndef OPENSSL_NO_DSA - t_UBSEC_dsa_sign_ioctl *p9; - t_UBSEC_dsa_verify_ioctl *p10; -# endif - t_UBSEC_math_accelerate_ioctl *p11; - t_UBSEC_rng_ioctl *p12; - t_UBSEC_max_key_len_ioctl *p13; - int fd = 0; - - if (ubsec_dso != NULL) { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED); - goto err; - } - /* - * Attempt to load libubsec.so/ubsec.dll/whatever. - */ - ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0); - if (ubsec_dso == NULL) { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE); - goto err; - } - - if (!(p1 = (t_UBSEC_ubsec_bytes_to_bits *) - DSO_bind_func(ubsec_dso, UBSEC_F1)) - || !(p2 = (t_UBSEC_ubsec_bits_to_bytes *) - DSO_bind_func(ubsec_dso, UBSEC_F2)) - || !(p3 = (t_UBSEC_ubsec_open *) - DSO_bind_func(ubsec_dso, UBSEC_F3)) - || !(p4 = (t_UBSEC_ubsec_close *) - DSO_bind_func(ubsec_dso, UBSEC_F4)) -# ifndef OPENSSL_NO_DH - || !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F5)) - || !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F6)) -# endif -/* #ifndef OPENSSL_NO_RSA */ - || !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F7)) - || !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F8)) -/* #endif */ -# ifndef OPENSSL_NO_DSA - || !(p9 = (t_UBSEC_dsa_sign_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F9)) - || !(p10 = (t_UBSEC_dsa_verify_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F10)) -# endif - || !(p11 = (t_UBSEC_math_accelerate_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F11)) - || !(p12 = (t_UBSEC_rng_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F12)) - || !(p13 = (t_UBSEC_max_key_len_ioctl *) - DSO_bind_func(ubsec_dso, UBSEC_F13))) { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE); - goto err; - } - - /* Copy the pointers */ - p_UBSEC_ubsec_bytes_to_bits = p1; - p_UBSEC_ubsec_bits_to_bytes = p2; - p_UBSEC_ubsec_open = p3; - p_UBSEC_ubsec_close = p4; -# ifndef OPENSSL_NO_DH - p_UBSEC_diffie_hellman_generate_ioctl = p5; - p_UBSEC_diffie_hellman_agree_ioctl = p6; -# endif -# ifndef OPENSSL_NO_RSA - p_UBSEC_rsa_mod_exp_ioctl = p7; - p_UBSEC_rsa_mod_exp_crt_ioctl = p8; -# endif -# ifndef OPENSSL_NO_DSA - p_UBSEC_dsa_sign_ioctl = p9; - p_UBSEC_dsa_verify_ioctl = p10; -# endif - p_UBSEC_math_accelerate_ioctl = p11; - p_UBSEC_rng_ioctl = p12; - p_UBSEC_max_key_len_ioctl = p13; - - /* Perform an open to see if there's actually any unit running. */ - if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0) - && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0)) { - p_UBSEC_ubsec_close(fd); - return 1; - } else { - UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE); - } - - err: - if (ubsec_dso) - DSO_free(ubsec_dso); - ubsec_dso = NULL; - p_UBSEC_ubsec_bytes_to_bits = NULL; - p_UBSEC_ubsec_bits_to_bytes = NULL; - p_UBSEC_ubsec_open = NULL; - p_UBSEC_ubsec_close = NULL; -# ifndef OPENSSL_NO_DH - p_UBSEC_diffie_hellman_generate_ioctl = NULL; - p_UBSEC_diffie_hellman_agree_ioctl = NULL; -# endif -# ifndef OPENSSL_NO_RSA - p_UBSEC_rsa_mod_exp_ioctl = NULL; - p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -# endif -# ifndef OPENSSL_NO_DSA - p_UBSEC_dsa_sign_ioctl = NULL; - p_UBSEC_dsa_verify_ioctl = NULL; -# endif - p_UBSEC_math_accelerate_ioctl = NULL; - p_UBSEC_rng_ioctl = NULL; - p_UBSEC_max_key_len_ioctl = NULL; - - return 0; -} - -static int ubsec_finish(ENGINE *e) -{ - free_UBSEC_LIBNAME(); - if (ubsec_dso == NULL) { - UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED); - return 0; - } - if (!DSO_free(ubsec_dso)) { - UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE); - return 0; - } - ubsec_dso = NULL; - p_UBSEC_ubsec_bytes_to_bits = NULL; - p_UBSEC_ubsec_bits_to_bytes = NULL; - p_UBSEC_ubsec_open = NULL; - p_UBSEC_ubsec_close = NULL; -# ifndef OPENSSL_NO_DH - p_UBSEC_diffie_hellman_generate_ioctl = NULL; - p_UBSEC_diffie_hellman_agree_ioctl = NULL; -# endif -# ifndef OPENSSL_NO_RSA - p_UBSEC_rsa_mod_exp_ioctl = NULL; - p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -# endif -# ifndef OPENSSL_NO_DSA - p_UBSEC_dsa_sign_ioctl = NULL; - p_UBSEC_dsa_verify_ioctl = NULL; -# endif - p_UBSEC_math_accelerate_ioctl = NULL; - p_UBSEC_rng_ioctl = NULL; - p_UBSEC_max_key_len_ioctl = NULL; - return 1; -} - -static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) -{ - int initialised = ((ubsec_dso == NULL) ? 0 : 1); - switch (cmd) { - case UBSEC_CMD_SO_PATH: - if (p == NULL) { - UBSECerr(UBSEC_F_UBSEC_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (initialised) { - UBSECerr(UBSEC_F_UBSEC_CTRL, UBSEC_R_ALREADY_LOADED); - return 0; - } - return set_UBSEC_LIBNAME((const char *)p); - default: - break; - } - UBSECerr(UBSEC_F_UBSEC_CTRL, UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; -} - -static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) -{ - int y_len = 0; - int fd; - - if (ubsec_dso == NULL) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED); - return 0; - } - - /* Check if hardware can't handle this argument. */ - y_len = BN_num_bits(m); - if (y_len > max_key_len) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return BN_mod_exp(r, a, p, m, ctx); - } - - if (!bn_wexpand(r, m->top)) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL); - return 0; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - fd = 0; - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_UNIT_FAILURE); - return BN_mod_exp(r, a, p, m, ctx); - } - - if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a), - (unsigned char *)m->d, BN_num_bits(m), - (unsigned char *)p->d, BN_num_bits(p), - (unsigned char *)r->d, &y_len) != 0) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - return BN_mod_exp(r, a, p, m, ctx); - } - - p_UBSEC_ubsec_close(fd); - - r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2; - return 1; -} - -# ifndef OPENSSL_NO_RSA -static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx) -{ - int to_return = 0; - - if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { - UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS); - goto err; - } - - to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, - rsa->dmq1, rsa->iqmp, ctx); - if (to_return == FAIL_TO_SOFTWARE) { - /* - * Do in software as hardware failed. - */ - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx); - } - err: - return to_return; -} - -static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dp, - const BIGNUM *dq, const BIGNUM *qinv, - BN_CTX *ctx) -{ - int y_len, fd; - - y_len = BN_num_bits(p) + BN_num_bits(q); - - /* Check if hardware can't handle this argument. */ - if (y_len > max_key_len) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, - UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL); - return FAIL_TO_SOFTWARE; - } - - if (!bn_wexpand(r, p->top + q->top + 1)) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL); - return 0; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - fd = 0; - UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_UNIT_FAILURE); - return FAIL_TO_SOFTWARE; - } - - if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd, - (unsigned char *)a->d, BN_num_bits(a), - (unsigned char *)qinv->d, - BN_num_bits(qinv), - (unsigned char *)dp->d, BN_num_bits(dp), - (unsigned char *)p->d, BN_num_bits(p), - (unsigned char *)dq->d, BN_num_bits(dq), - (unsigned char *)q->d, BN_num_bits(q), - (unsigned char *)r->d, &y_len) != 0) { - UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - return FAIL_TO_SOFTWARE; - } - - p_UBSEC_ubsec_close(fd); - - r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1) / BN_BITS2; - return 1; -} -# endif - -# ifndef OPENSSL_NO_DSA -# ifdef NOT_USED -static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!ubsec_mod_exp(rr, a1, p1, m, ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!ubsec_mod_exp(&t, a2, p2, m, ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr, rr, &t, m, ctx)) - goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; -} - -static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return ubsec_mod_exp(r, a, p, m, ctx); -} -# endif -# endif - -# ifndef OPENSSL_NO_RSA - -/* - * This function is aliased to mod_exp (with the mont stuff dropped). - */ -static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - int ret = 0; - - /* Do in software if the key is too large for the hardware. */ - if (BN_num_bits(m) > max_key_len) { - const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - ret = (*meth->bn_mod_exp) (r, a, p, m, ctx, m_ctx); - } else { - ret = ubsec_mod_exp(r, a, p, m, ctx); - } - - return ret; -} -# endif - -# ifndef OPENSSL_NO_DH -/* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return ubsec_mod_exp(r, a, p, m, ctx); -} -# endif - -# ifndef OPENSSL_NO_DSA -static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, - DSA *dsa) -{ - DSA_SIG *to_return = NULL; - int s_len = 160, r_len = 160, d_len, fd; - BIGNUM m, *r = NULL, *s = NULL; - - BN_init(&m); - - s = BN_new(); - r = BN_new(); - if ((s == NULL) || (r == NULL)) - goto err; - - d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen); - - if (!bn_wexpand(r, (160 + BN_BITS2 - 1) / BN_BITS2) || - (!bn_wexpand(s, (160 + BN_BITS2 - 1) / BN_BITS2))) { - UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - if (BN_bin2bn(dgst, dlen, &m) == NULL) { - UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const DSA_METHOD *meth; - fd = 0; - UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_UNIT_FAILURE); - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_sign(dgst, dlen, dsa); - goto err; - } - - if (p_UBSEC_dsa_sign_ioctl(fd, - /* compute hash before signing */ - 0, (unsigned char *)dgst, d_len, NULL, - /* compute random value */ - 0, - (unsigned char *)dsa->p->d, - BN_num_bits(dsa->p), - (unsigned char *)dsa->q->d, - BN_num_bits(dsa->q), - (unsigned char *)dsa->g->d, - BN_num_bits(dsa->g), - (unsigned char *)dsa->priv_key->d, - BN_num_bits(dsa->priv_key), - (unsigned char *)r->d, &r_len, - (unsigned char *)s->d, &s_len) != 0) { - const DSA_METHOD *meth; - - UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_sign(dgst, dlen, dsa); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - r->top = (160 + BN_BITS2 - 1) / BN_BITS2; - s->top = (160 + BN_BITS2 - 1) / BN_BITS2; - - to_return = DSA_SIG_new(); - if (to_return == NULL) { - UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - to_return->r = r; - to_return->s = s; - - err: - if (!to_return) { - if (r) - BN_free(r); - if (s) - BN_free(s); - } - BN_clear_free(&m); - return to_return; -} - -static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa) -{ - int v_len, d_len; - int to_return = 0; - int fd; - BIGNUM v, *pv = &v; - - BN_init(&v); - - if (!bn_wexpand(pv, dsa->p->top)) { - UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL); - goto err; - } - - v_len = BN_num_bits(dsa->p); - - d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len); - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const DSA_METHOD *meth; - fd = 0; - UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_UNIT_FAILURE); - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa); - goto err; - } - - if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */ - (unsigned char *)dgst, d_len, - (unsigned char *)dsa->p->d, - BN_num_bits(dsa->p), - (unsigned char *)dsa->q->d, - BN_num_bits(dsa->q), - (unsigned char *)dsa->g->d, - BN_num_bits(dsa->g), - (unsigned char *)dsa->pub_key->d, - BN_num_bits(dsa->pub_key), - (unsigned char *)sig->r->d, - BN_num_bits(sig->r), - (unsigned char *)sig->s->d, - BN_num_bits(sig->s), (unsigned char *)v.d, - &v_len) != 0) { - const DSA_METHOD *meth; - UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - meth = DSA_OpenSSL(); - to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - to_return = 1; - err: - BN_clear_free(&v); - return to_return; -} -# endif - -# ifndef OPENSSL_NO_DH -static int ubsec_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, - DH *dh) -{ - int ret = -1, k_len, fd; - - k_len = BN_num_bits(dh->p); - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const DH_METHOD *meth; - UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_UNIT_FAILURE); - meth = DH_OpenSSL(); - ret = meth->compute_key(key, pub_key, dh); - goto err; - } - - if (p_UBSEC_diffie_hellman_agree_ioctl(fd, - (unsigned char *)dh->priv_key->d, - BN_num_bits(dh->priv_key), - (unsigned char *)pub_key->d, - BN_num_bits(pub_key), - (unsigned char *)dh->p->d, - BN_num_bits(dh->p), key, - &k_len) != 0) { - /* Hardware's a no go, failover to software */ - const DH_METHOD *meth; - UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - meth = DH_OpenSSL(); - ret = meth->compute_key(key, pub_key, dh); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - ret = p_UBSEC_ubsec_bits_to_bytes(k_len); - err: - return ret; -} - -static int ubsec_dh_generate_key(DH *dh) -{ - int ret = 0, random_bits = 0, pub_key_len = 0, priv_key_len = 0, fd; - BIGNUM *pub_key = NULL; - BIGNUM *priv_key = NULL; - - /* - * How many bits should Random x be? dh_key.c - * sets the range from 0 to num_bits(modulus) ??? - */ - - if (dh->priv_key == NULL) { - priv_key = BN_new(); - if (priv_key == NULL) - goto err; - priv_key_len = BN_num_bits(dh->p); - if (bn_wexpand(priv_key, dh->p->top) == NULL) - goto err; - do - if (!BN_rand_range(priv_key, dh->p)) - goto err; - while (BN_is_zero(priv_key)) ; - random_bits = BN_num_bits(priv_key); - } else { - priv_key = dh->priv_key; - } - - if (dh->pub_key == NULL) { - pub_key = BN_new(); - if (pub_key == NULL) - goto err; - pub_key_len = BN_num_bits(dh->p); - if (bn_wexpand(pub_key, dh->p->top) == NULL) - goto err; - } else { - pub_key = dh->pub_key; - } - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const DH_METHOD *meth; - UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_UNIT_FAILURE); - meth = DH_OpenSSL(); - ret = meth->generate_key(dh); - goto err; - } - - if (p_UBSEC_diffie_hellman_generate_ioctl(fd, - (unsigned char *)priv_key->d, - &priv_key_len, - (unsigned char *)pub_key->d, - &pub_key_len, - (unsigned char *)dh->g->d, - BN_num_bits(dh->g), - (unsigned char *)dh->p->d, - BN_num_bits(dh->p), 0, 0, - random_bits) != 0) { - /* Hardware's a no go, failover to software */ - const DH_METHOD *meth; - - UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - meth = DH_OpenSSL(); - ret = meth->generate_key(dh); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - dh->pub_key = pub_key; - dh->pub_key->top = (pub_key_len + BN_BITS2 - 1) / BN_BITS2; - dh->priv_key = priv_key; - dh->priv_key->top = (priv_key_len + BN_BITS2 - 1) / BN_BITS2; - - ret = 1; - err: - return ret; -} -# endif - -# ifdef NOT_USED -static int ubsec_rand_bytes(unsigned char *buf, int num) -{ - int ret = 0, fd; - - if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { - const RAND_METHOD *meth; - UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_UNIT_FAILURE); - num = p_UBSEC_ubsec_bits_to_bytes(num); - meth = RAND_SSLeay(); - meth->seed(buf, num); - ret = meth->bytes(buf, num); - goto err; - } - - num *= 8; /* bytes to bits */ - - if (p_UBSEC_rng_ioctl(fd, UBSEC_RNG_DIRECT, buf, &num) != 0) { - /* Hardware's a no go, failover to software */ - const RAND_METHOD *meth; - - UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_REQUEST_FAILED); - p_UBSEC_ubsec_close(fd); - - num = p_UBSEC_ubsec_bits_to_bytes(num); - meth = RAND_SSLeay(); - meth->seed(buf, num); - ret = meth->bytes(buf, num); - - goto err; - } - - p_UBSEC_ubsec_close(fd); - - ret = 1; - err: - return (ret); -} - -static int ubsec_rand_status(void) -{ - return 0; -} -# endif - -/* - * This stuff is needed if this ENGINE is being compiled into a - * self-contained shared-library. - */ -# ifndef OPENSSL_NO_DYNAMIC_ENGINE -static int bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_ubsec_id) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} - -IMPLEMENT_DYNAMIC_CHECK_FN() - IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -# endif /* OPENSSL_NO_DYNAMIC_ENGINE */ -# endif /* !OPENSSL_NO_HW_UBSEC */ -#endif /* !OPENSSL_NO_HW */ diff --git a/engines/e_ubsec_err.c b/engines/e_ubsec_err.c deleted file mode 100644 index fefc5b0744d1..000000000000 --- a/engines/e_ubsec_err.c +++ /dev/null @@ -1,154 +0,0 @@ -/* e_ubsec_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include <stdio.h> -#include <openssl/err.h> -#include "e_ubsec_err.h" - -/* BEGIN ERROR CODES */ -#ifndef OPENSSL_NO_ERR - -# define ERR_FUNC(func) ERR_PACK(0,func,0) -# define ERR_REASON(reason) ERR_PACK(0,0,reason) - -static ERR_STRING_DATA UBSEC_str_functs[] = { - {ERR_FUNC(UBSEC_F_UBSEC_CTRL), "UBSEC_CTRL"}, - {ERR_FUNC(UBSEC_F_UBSEC_DH_COMPUTE_KEY), "UBSEC_DH_COMPUTE_KEY"}, - {ERR_FUNC(UBSEC_F_UBSEC_DH_GENERATE_KEY), "UBSEC_DH_GENERATE_KEY"}, - {ERR_FUNC(UBSEC_F_UBSEC_DSA_DO_SIGN), "UBSEC_DSA_DO_SIGN"}, - {ERR_FUNC(UBSEC_F_UBSEC_DSA_VERIFY), "UBSEC_DSA_VERIFY"}, - {ERR_FUNC(UBSEC_F_UBSEC_FINISH), "UBSEC_FINISH"}, - {ERR_FUNC(UBSEC_F_UBSEC_INIT), "UBSEC_INIT"}, - {ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP), "UBSEC_MOD_EXP"}, - {ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP_CRT), "UBSEC_MOD_EXP_CRT"}, - {ERR_FUNC(UBSEC_F_UBSEC_RAND_BYTES), "UBSEC_RAND_BYTES"}, - {ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP), "UBSEC_RSA_MOD_EXP"}, - {ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT), "UBSEC_RSA_MOD_EXP_CRT"}, - {0, NULL} -}; - -static ERR_STRING_DATA UBSEC_str_reasons[] = { - {ERR_REASON(UBSEC_R_ALREADY_LOADED), "already loaded"}, - {ERR_REASON(UBSEC_R_BN_EXPAND_FAIL), "bn expand fail"}, - {ERR_REASON(UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED), - "ctrl command not implemented"}, - {ERR_REASON(UBSEC_R_DSO_FAILURE), "dso failure"}, - {ERR_REASON(UBSEC_R_MISSING_KEY_COMPONENTS), "missing key components"}, - {ERR_REASON(UBSEC_R_NOT_LOADED), "not loaded"}, - {ERR_REASON(UBSEC_R_REQUEST_FAILED), "request failed"}, - {ERR_REASON(UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL), - "size too large or too small"}, - {ERR_REASON(UBSEC_R_UNIT_FAILURE), "unit failure"}, - {0, NULL} -}; - -#endif - -#ifdef UBSEC_LIB_NAME -static ERR_STRING_DATA UBSEC_lib_name[] = { - {0, UBSEC_LIB_NAME}, - {0, NULL} -}; -#endif - -static int UBSEC_lib_error_code = 0; -static int UBSEC_error_init = 1; - -static void ERR_load_UBSEC_strings(void) -{ - if (UBSEC_lib_error_code == 0) - UBSEC_lib_error_code = ERR_get_next_error_library(); - - if (UBSEC_error_init) { - UBSEC_error_init = 0; -#ifndef OPENSSL_NO_ERR - ERR_load_strings(UBSEC_lib_error_code, UBSEC_str_functs); - ERR_load_strings(UBSEC_lib_error_code, UBSEC_str_reasons); -#endif - -#ifdef UBSEC_LIB_NAME - UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code, 0, 0); - ERR_load_strings(0, UBSEC_lib_name); -#endif - } -} - -static void ERR_unload_UBSEC_strings(void) -{ - if (UBSEC_error_init == 0) { -#ifndef OPENSSL_NO_ERR - ERR_unload_strings(UBSEC_lib_error_code, UBSEC_str_functs); - ERR_unload_strings(UBSEC_lib_error_code, UBSEC_str_reasons); -#endif - -#ifdef UBSEC_LIB_NAME - ERR_unload_strings(0, UBSEC_lib_name); -#endif - UBSEC_error_init = 1; - } -} - -static void ERR_UBSEC_error(int function, int reason, char *file, int line) -{ - if (UBSEC_lib_error_code == 0) - UBSEC_lib_error_code = ERR_get_next_error_library(); - ERR_PUT_error(UBSEC_lib_error_code, function, reason, file, line); -} diff --git a/engines/e_ubsec_err.h b/engines/e_ubsec_err.h deleted file mode 100644 index c8aec7c32363..000000000000 --- a/engines/e_ubsec_err.h +++ /dev/null @@ -1,102 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_UBSEC_ERR_H -# define HEADER_UBSEC_ERR_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -static void ERR_load_UBSEC_strings(void); -static void ERR_unload_UBSEC_strings(void); -static void ERR_UBSEC_error(int function, int reason, char *file, int line); -# define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__) - -/* Error codes for the UBSEC functions. */ - -/* Function codes. */ -# define UBSEC_F_UBSEC_CTRL 100 -# define UBSEC_F_UBSEC_DH_COMPUTE_KEY 101 -# define UBSEC_F_UBSEC_DH_GENERATE_KEY 111 -# define UBSEC_F_UBSEC_DSA_DO_SIGN 102 -# define UBSEC_F_UBSEC_DSA_VERIFY 103 -# define UBSEC_F_UBSEC_FINISH 104 -# define UBSEC_F_UBSEC_INIT 105 -# define UBSEC_F_UBSEC_MOD_EXP 106 -# define UBSEC_F_UBSEC_MOD_EXP_CRT 110 -# define UBSEC_F_UBSEC_RAND_BYTES 107 -# define UBSEC_F_UBSEC_RSA_MOD_EXP 108 -# define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT 109 - -/* Reason codes. */ -# define UBSEC_R_ALREADY_LOADED 100 -# define UBSEC_R_BN_EXPAND_FAIL 101 -# define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED 102 -# define UBSEC_R_DSO_FAILURE 103 -# define UBSEC_R_MISSING_KEY_COMPONENTS 104 -# define UBSEC_R_NOT_LOADED 105 -# define UBSEC_R_REQUEST_FAILED 106 -# define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107 -# define UBSEC_R_UNIT_FAILURE 108 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/engines/engine_vector.mar b/engines/engine_vector.mar deleted file mode 100644 index 7d968e7b40ac..000000000000 --- a/engines/engine_vector.mar +++ /dev/null @@ -1,24 +0,0 @@ -; -; Transfer vector for VAX shareable image -; - .TITLE ENGINE - .IDENT /ENGINE/ -; -; Define macro to assist in building transfer vector entries. Each entry -; should take no more than 8 bytes. -; - .MACRO FTRANSFER_ENTRY routine - .ALIGN QUAD - .TRANSFER routine - .MASK routine - JMP routine+2 - .ENDM FTRANSFER_ENTRY -; -; Place entries in own program section. -; - .PSECT $$ENGINE,QUAD,PIC,USR,CON,REL,LCL,SHR,EXE,RD,NOWRT -ENGINE_xfer: - FTRANSFER_ENTRY bind_engine - FTRANSFER_ENTRY v_check - .BLKB 32768-<.-ENGINE_xfer> ; 64 pages total. - .END diff --git a/engines/vendor_defns/aep.h b/engines/vendor_defns/aep.h deleted file mode 100644 index 04ab87eb9cb1..000000000000 --- a/engines/vendor_defns/aep.h +++ /dev/null @@ -1,235 +0,0 @@ -/* - * This header declares the necessary definitions for using the - * exponentiation acceleration capabilities, and rnd number generation of the - * AEP card. - */ - -/* - * - * Some AEP defines - * - */ - -/* - * Successful return value - */ -#define AEP_R_OK 0x00000000 - -/* - * Miscelleanous unsuccessful return value - */ -#define AEP_R_GENERAL_ERROR 0x10000001 - -/* - * Insufficient host memory - */ -#define AEP_R_HOST_MEMORY 0x10000002 - -#define AEP_R_FUNCTION_FAILED 0x10000006 - -/* - * Invalid arguments in function call - */ -#define AEP_R_ARGUMENTS_BAD 0x10020000 - -#define AEP_R_NO_TARGET_RESOURCES 0x10030000 - -/* - * Error occuring on socket operation - */ -#define AEP_R_SOCKERROR 0x10000010 - -/* - * Socket has been closed from the other end - */ -#define AEP_R_SOCKEOF 0x10000011 - -/* - * Invalid handles - */ -#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3 - -#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000 - -/* - * Transaction has not yet returned from accelerator - */ -#define AEP_R_TRANSACTION_NOT_READY 0x00010000 - -/* - * There is already a thread waiting on this transaction - */ -#define AEP_R_TRANSACTION_CLAIMED 0x10050000 - -/* - * The transaction timed out - */ -#define AEP_R_TIMED_OUT 0x10060000 - -#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000 - -#define AEP_R_TARGET_ERROR 0x10080000 - -/* - * Error in the AEP daemon process - */ -#define AEP_R_DAEMON_ERROR 0x10090000 - -/* - * Invalid ctx id - */ -#define AEP_R_INVALID_CTX_ID 0x10009000 - -#define AEP_R_NO_KEY_MANAGER 0x1000a000 - -/* - * Error obtaining a mutex - */ -#define AEP_R_MUTEX_BAD 0x000001A0 - -/* - * Fxn call before AEP_Initialise ot after AEP_Finialise - */ -#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190 - -/* - * AEP_Initialise has already been called - */ -#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191 - -/* - * Maximum number of connections to daemon reached - */ -#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200 - -/* - * - * Some AEP Type definitions - * - */ - -/* an unsigned 8-bit value */ -typedef unsigned char AEP_U8; - -/* an unsigned 8-bit character */ -typedef char AEP_CHAR; - -/* a BYTE-sized Boolean flag */ -typedef AEP_U8 AEP_BBOOL; - -/* - * Unsigned value, at least 16 bits long - */ -typedef unsigned short AEP_U16; - -/* an unsigned value, at least 32 bits long */ -#ifdef SIXTY_FOUR_BIT_LONG -typedef unsigned int AEP_U32; -#else -typedef unsigned long AEP_U32; -#endif - -#ifdef SIXTY_FOUR_BIT_LONG -typedef unsigned long AEP_U64; -#else -typedef struct { - unsigned long l1, l2; -} AEP_U64; -#endif - -/* at least 32 bits; each bit is a Boolean flag */ -typedef AEP_U32 AEP_FLAGS; - -typedef AEP_U8 *AEP_U8_PTR; -typedef AEP_CHAR *AEP_CHAR_PTR; -typedef AEP_U32 *AEP_U32_PTR; -typedef AEP_U64 *AEP_U64_PTR; -typedef void *AEP_VOID_PTR; - -/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */ -typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR; - -/* - * Used to identify an AEP connection handle - */ -typedef AEP_U32 AEP_CONNECTION_HNDL; - -/* - * Pointer to an AEP connection handle - */ -typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR; - -/* - * Used by an application (in conjunction with the apps process id) to - * identify an individual transaction - */ -typedef AEP_U32 AEP_TRANSACTION_ID; - -/* - * Pointer to an applications transaction identifier - */ -typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR; - -/* - * Return value type - */ -typedef AEP_U32 AEP_RV; - -#define MAX_PROCESS_CONNECTIONS 256 - -#define RAND_BLK_SIZE 1024 - -typedef enum { - NotConnected = 0, - Connected = 1, - InUse = 2 -} AEP_CONNECTION_STATE; - -typedef struct AEP_CONNECTION_ENTRY { - AEP_CONNECTION_STATE conn_state; - AEP_CONNECTION_HNDL conn_hndl; -} AEP_CONNECTION_ENTRY; - -typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection); -typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection); - -typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection, - AEP_VOID_PTR pA, AEP_VOID_PTR pP, - AEP_VOID_PTR pN, - AEP_VOID_PTR pResult, - AEP_TRANSACTION_ID *pidTransID); - -typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection, - AEP_VOID_PTR pA, AEP_VOID_PTR pP, - AEP_VOID_PTR pQ, - AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1, - AEP_VOID_PTR pIqmp, - AEP_VOID_PTR pResult, - AEP_TRANSACTION_ID *pidTransID); - -#ifdef AEPRAND -typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection, - AEP_U32 Len, - AEP_U32 Type, - AEP_VOID_PTR pResult, - AEP_TRANSACTION_ID *pidTransID); -#endif - -typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs); -typedef AEP_RV t_AEP_Finalize(void); -typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc) - (AEP_VOID_PTR ArbBigNum, - AEP_U32 *BigNumSize), - AEP_RV (*MakeAEPBigNumFunc) (AEP_VOID_PTR - ArbBigNum, - AEP_U32 - BigNumSize, - unsigned char - *AEP_BigNum), - AEP_RV (*ConverAEPBigNumFunc) (void - *ArbBigNum, - AEP_U32 - BigNumSize, - unsigned - char - *AEP_BigNum)); diff --git a/engines/vendor_defns/atalla.h b/engines/vendor_defns/atalla.h deleted file mode 100644 index 60e7eda5f22d..000000000000 --- a/engines/vendor_defns/atalla.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * This header declares the necessary definitions for using the - * exponentiation acceleration capabilities of Atalla cards. The only - * cryptographic operation is performed by "ASI_RSAPrivateKeyOpFn" and this - * takes a structure that defines an "RSA private key". However, it is really - * only performing a regular mod_exp using the supplied modulus and exponent - * - no CRT form is being used. Hence, it is a generic mod_exp function in - * disguise, and we use it as such. Thanks to the people at Atalla for - * letting me know these definitions are fine and that they can be reproduced - * here. Geoff. - */ - -typedef struct ItemStr { - unsigned char *data; - int len; -} Item; - -typedef struct RSAPrivateKeyStr { - void *reserved; - Item version; - Item modulus; - Item publicExponent; - Item privateExponent; - Item prime[2]; - Item exponent[2]; - Item coefficient; -} RSAPrivateKey; - -/* - * Predeclare the function pointer types that we dynamically load from the - * DSO. These use the same names and form that Ben's original support code - * had (in crypto/bn/bn_exp.c) unless of course I've inadvertently changed - * the style somewhere along the way! - */ - -typedef int tfnASI_GetPerformanceStatistics(int reset_flag, - unsigned int *ret_buf); - -typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf); - -typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey, - unsigned char *output, - unsigned char *input, - unsigned int modulus_len); diff --git a/engines/vendor_defns/cswift.h b/engines/vendor_defns/cswift.h deleted file mode 100644 index 6dcd5fed0aa7..000000000000 --- a/engines/vendor_defns/cswift.h +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Attribution notice: Rainbow have generously allowed me to reproduce the - * necessary definitions here from their API. This means the support can - * build independently of whether application builders have the API or - * hardware. This will allow developers to easily produce software that has - * latent hardware support for any users that have accelertors installed, - * without the developers themselves needing anything extra. I have only - * clipped the parts from the CryptoSwift header files that are (or seem) - * relevant to the CryptoSwift support code. This is simply to keep the file - * sizes reasonable. [Geoff] - */ - -/* - * NB: These type widths do *not* seem right in general, in particular - * they're not terribly friendly to 64-bit architectures (unsigned long) will - * be 64-bit on IA-64 for a start. I'm leaving these alone as they agree with - * Rainbow's API and this will only be called into question on platforms with - * Rainbow support anyway! ;-) - */ - -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - - typedef long SW_STATUS; /* status */ - typedef unsigned char SW_BYTE; /* 8 bit byte */ - typedef unsigned short SW_U16; /* 16 bit number */ -#if defined(_IRIX) -# include <sgidefs.h> - typedef __uint32_t SW_U32; -#else - typedef unsigned long SW_U32; /* 32 bit integer */ -#endif - -#if defined(OPENSSL_SYS_WIN32) - typedef struct _SW_U64 { - SW_U32 low32; - SW_U32 high32; - } SW_U64; /* 64 bit integer */ -#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) - typedef longlong SW_U64 -#else /* Unix variants */ - typedef struct _SW_U64 { - SW_U32 low32; - SW_U32 high32; - } SW_U64; /* 64 bit integer */ -#endif - -/* status codes */ -#define SW_OK (0L) -#define SW_ERR_BASE (-10000L) -#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */ -#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */ - /* up yet */ -#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */ - /* time out */ -#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */ - /* execute the command */ -#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */ - /* NULL */ -#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */ - /* small, too large. */ -#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */ - /* handle */ -#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */ - /* standing at this */ - /* context handle */ -#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */ -#define SW_ERR_NO_PENDING (SW_ERR_BASE-10) /* No request is pending. */ -#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11) /* Not enough memory */ -#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12) /* Invalid algorithm type */ - /* in SW_PARAM structure */ -#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13) /* No key is associated with */ - /* context. */ - /* swAttachKeyParam() is */ - /* not called. */ -#define SW_ERR_KEY_CMD_MISMATCH \ - (SW_ERR_BASE-14) /* Cannot perform requested */ - /* SW_COMMAND_CODE since */ - /* key attached via */ - /* swAttachKeyParam() */ - /* cannot be used for this */ - /* SW_COMMAND_CODE. */ -#define SW_ERR_NOT_IMPLEMENTED \ - (SW_ERR_BASE-15) /* Not implemented */ -#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16) /* Bad command code */ -#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17) /* too small or too large in */ - /* the "initems" or */ - /* "outitems". */ -#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18) /* Bad accelerator number */ -#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19) /* At least one of the self */ - /* test fail, look at the */ - /* selfTestBitmap in */ - /* SW_ACCELERATOR_INFO for */ - /* details. */ -#define SW_ERR_MISALIGN (SW_ERR_BASE-20) /* Certain alogrithms require */ - /* key materials aligned */ - /* in certain order, e.g. */ - /* 128 bit for CRT */ -#define SW_ERR_OUTPUT_NULL_PTR \ - (SW_ERR_BASE-21) /* a required pointer is */ - /* NULL */ -#define SW_ERR_OUTPUT_SIZE \ - (SW_ERR_BASE-22) /* size is invalid, too */ - /* small, too large. */ -#define SW_ERR_FIRMWARE_CHECKSUM \ - (SW_ERR_BASE-23) /* firmware checksum mismatch */ - /* download failed. */ -#define SW_ERR_UNKNOWN_FIRMWARE \ - (SW_ERR_BASE-24) /* unknown firmware error */ -#define SW_ERR_INTERRUPT (SW_ERR_BASE-25) /* request is abort when */ - /* it's waiting to be */ - /* completed. */ -#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26) /* error in writing to Non- */ - /* volatile memory */ -#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27) /* out of range error in */ - /* writing to NV memory */ -#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28) /* Random Number Generation */ - /* failure */ -#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29) /* DSS Sign or Verify failure */ -#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30) /* Failure in various math */ - /* calculations */ -#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31) /* Error in accessing on - */ - /* board memory */ -#define SW_ERR_FIRMWARE_VERSION \ - (SW_ERR_BASE-32) /* Wrong version in firmware */ - /* update */ -#define SW_ERR_ZERO_WORKING_ACCELERATOR \ - (SW_ERR_BASE-44) /* All accelerators are bad */ - - /* algorithm type */ -#define SW_ALG_CRT 1 -#define SW_ALG_EXP 2 -#define SW_ALG_DSA 3 -#define SW_ALG_NVDATA 4 - - /* command code */ -#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */ - /* Chinese Remainder Theorem (CRT) */ -#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */ -#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */ -#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */ -#define SW_CMD_RAND 5 /* perform random number generation */ -#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */ -#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */ - - typedef SW_U32 SW_ALGTYPE; /* alogrithm type */ - typedef SW_U32 SW_STATE; /* state */ - typedef SW_U32 SW_COMMAND_CODE; /* command code */ - typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */ - - typedef struct _SW_LARGENUMBER { - SW_U32 nbytes; /* number of bytes in the buffer "value" */ - SW_BYTE *value; /* the large integer as a string of */ - /* bytes in network (big endian) order */ - } SW_LARGENUMBER; - -#if defined(OPENSSL_SYS_WIN32) -# include <windows.h> - typedef HANDLE SW_OSHANDLE; /* handle to kernel object */ -# define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE -# define SW_CALLCONV _stdcall -#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) - /* async callback mechanisms */ - /* swiftCallbackLevel */ -# define SW_MAC_CALLBACK_LEVEL_NO 0 -# define SW_MAC_CALLBACK_LEVEL_HARDWARE 1/* from the hardware ISR */ -# define SW_MAC_CALLBACK_LEVEL_SECONDARY 2/* as secondary ISR */ - typedef int SW_MAC_CALLBACK_LEVEL; - typedef int SW_OSHANDLE; -# define SW_OS_INVALID_HANDLE (-1) -# define SW_CALLCONV -#else /* Unix variants */ - typedef int SW_OSHANDLE; /* handle to driver */ -# define SW_OS_INVALID_HANDLE (-1) -# define SW_CALLCONV -#endif - - typedef struct _SW_CRT { - SW_LARGENUMBER p; /* prime number p */ - SW_LARGENUMBER q; /* prime number q */ - SW_LARGENUMBER dmp1; /* exponent1 */ - SW_LARGENUMBER dmq1; /* exponent2 */ - SW_LARGENUMBER iqmp; /* CRT coefficient */ - } SW_CRT; - - typedef struct _SW_EXP { - SW_LARGENUMBER modulus; /* modulus */ - SW_LARGENUMBER exponent; /* exponent */ - } SW_EXP; - - typedef struct _SW_DSA { - SW_LARGENUMBER p; /* */ - SW_LARGENUMBER q; /* */ - SW_LARGENUMBER g; /* */ - SW_LARGENUMBER key; /* private/public key */ - } SW_DSA; - - typedef struct _SW_NVDATA { - SW_U32 accnum; /* accelerator board number */ - SW_U32 offset; /* offset in byte */ - } SW_NVDATA; - - typedef struct _SW_PARAM { - SW_ALGTYPE type; /* type of the alogrithm */ - union { - SW_CRT crt; - SW_EXP exp; - SW_DSA dsa; - SW_NVDATA nvdata; - } up; - } SW_PARAM; - - typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */ - - /* - * Now the OpenSSL bits, these function types are the for the function - * pointers that will bound into the Rainbow shared libraries. - */ - typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE - *hac); - typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, - SW_PARAM *key_params); - typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac, - SW_COMMAND_CODE cmd, - SW_LARGENUMBER pin[], - SW_U32 pin_count, - SW_LARGENUMBER pout[], - SW_U32 pout_count); - typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE - hac); - -#ifdef __cplusplus -} -#endif /* __cplusplus */ diff --git a/engines/vendor_defns/hw_4758_cca.h b/engines/vendor_defns/hw_4758_cca.h deleted file mode 100644 index 235543ad71e3..000000000000 --- a/engines/vendor_defns/hw_4758_cca.h +++ /dev/null @@ -1,150 +0,0 @@ -/**********************************************************************/ -/* */ -/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */ -/* */ -/* Maurice Gittens <maurice@gittens.nl> */ -/* */ -/**********************************************************************/ - -#ifndef __HW_4758_CCA__ -# define __HW_4758_CCA__ - -/* - * Only WIN32 support for now - */ -# if defined(WIN32) - -# define CCA_LIB_NAME "CSUNSAPI" - -# define CSNDPKX "CSNDPKX_32" -# define CSNDKRR "CSNDKRR_32" -# define CSNDPKE "CSNDPKE_32" -# define CSNDPKD "CSNDPKD_32" -# define CSNDDSV "CSNDDSV_32" -# define CSNDDSG "CSNDDSG_32" -# define CSNBRNG "CSNBRNG_32" - -# define SECURITYAPI __stdcall -# else - /* - * Fixme!! Find out the values of these constants for other platforms. - */ -# define CCA_LIB_NAME "CSUNSAPI" - -# define CSNDPKX "CSNDPKX" -# define CSNDKRR "CSNDKRR" -# define CSNDPKE "CSNDPKE" -# define CSNDPKD "CSNDPKD" -# define CSNDDSV "CSNDDSV" -# define CSNDDSG "CSNDDSG" -# define CSNBRNG "CSNBRNG" - -# define SECURITYAPI -# endif - -/* - * security API prototypes - */ - -/* PKA Key Record Read */ -typedef void (SECURITYAPI * F_KEYRECORDREAD) - (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char *exit_data, - long *rule_array_count, - unsigned char *rule_array, - unsigned char *key_label, long *key_token_length, unsigned char *key_token); - -/* Random Number Generate */ -typedef void (SECURITYAPI * F_RANDOMNUMBERGENERATE) - (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char *exit_data, - unsigned char *form, unsigned char *random_number); - -/* Digital Signature Generate */ -typedef void (SECURITYAPI * F_DIGITALSIGNATUREGENERATE) - (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char *exit_data, - long *rule_array_count, - unsigned char *rule_array, - long *PKA_private_key_id_length, - unsigned char *PKA_private_key_id, - long *hash_length, - unsigned char *hash, - long *signature_field_length, - long *signature_bit_length, unsigned char *signature_field); - -/* Digital Signature Verify */ -typedef void (SECURITYAPI * F_DIGITALSIGNATUREVERIFY) (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char - *exit_data, - long *rule_array_count, - unsigned char - *rule_array, - long - *PKA_public_key_id_length, - unsigned char - *PKA_public_key_id, - long *hash_length, - unsigned char *hash, - long - *signature_field_length, - unsigned char - *signature_field); - -/* PKA Public Key Extract */ -typedef void (SECURITYAPI * F_PUBLICKEYEXTRACT) (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char *exit_data, - long *rule_array_count, - unsigned char *rule_array, - long - *source_key_identifier_length, - unsigned char - *source_key_identifier, - long - *target_key_token_length, - unsigned char - *target_key_token); - -/* PKA Encrypt */ -typedef void (SECURITYAPI * F_PKAENCRYPT) - (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char *exit_data, - long *rule_array_count, - unsigned char *rule_array, - long *key_value_length, - unsigned char *key_value, - long *data_struct_length, - unsigned char *data_struct, - long *RSA_public_key_length, - unsigned char *RSA_public_key, - long *RSA_encipher_length, unsigned char *RSA_encipher); - -/* PKA Decrypt */ -typedef void (SECURITYAPI * F_PKADECRYPT) - (long *return_code, - long *reason_code, - long *exit_data_length, - unsigned char *exit_data, - long *rule_array_count, - unsigned char *rule_array, - long *enciphered_key_length, - unsigned char *enciphered_key, - long *data_struct_length, - unsigned char *data_struct, - long *RSA_private_key_length, - unsigned char *RSA_private_key, - long *key_value_length, unsigned char *key_value); - -#endif diff --git a/engines/vendor_defns/hw_ubsec.h b/engines/vendor_defns/hw_ubsec.h deleted file mode 100644 index a4e67fc53647..000000000000 --- a/engines/vendor_defns/hw_ubsec.h +++ /dev/null @@ -1,124 +0,0 @@ -/****************************************************************************** - * - * Copyright 2000 - * Broadcom Corporation - * 16215 Alton Parkway - * PO Box 57013 - * Irvine CA 92619-7013 - * - *****************************************************************************/ -/* - * Broadcom Corporation uBSec SDK - */ -/* - * Character device header file. - */ -/* - * Revision History: - * - * October 2000 JTT Created. - */ - -#define MAX_PUBLIC_KEY_BITS (1024) -#define MAX_PUBLIC_KEY_BYTES (1024/8) -#define SHA_BIT_SIZE (160) -#define MAX_CRYPTO_KEY_LENGTH 24 -#define MAX_MAC_KEY_LENGTH 64 -#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt") -#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey") - -/* Math command types. */ -#define UBSEC_MATH_MODADD 0x0001 -#define UBSEC_MATH_MODSUB 0x0002 -#define UBSEC_MATH_MODMUL 0x0004 -#define UBSEC_MATH_MODEXP 0x0008 -#define UBSEC_MATH_MODREM 0x0010 -#define UBSEC_MATH_MODINV 0x0020 - -typedef long ubsec_MathCommand_t; -typedef long ubsec_RNGCommand_t; - -typedef struct ubsec_crypto_context_s { - unsigned int flags; - unsigned char crypto[MAX_CRYPTO_KEY_LENGTH]; - unsigned char auth[MAX_MAC_KEY_LENGTH]; -} ubsec_crypto_context_t, *ubsec_crypto_context_p; - -/* - * Predeclare the function pointer types that we dynamically load from the DSO. - */ - -typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes); - -typedef int t_UBSEC_ubsec_bits_to_bytes(int bits); - -typedef int t_UBSEC_ubsec_open(unsigned char *device); - -typedef int t_UBSEC_ubsec_close(int fd); - -typedef int t_UBSEC_diffie_hellman_generate_ioctl(int fd, - unsigned char *x, - int *x_len, - unsigned char *y, - int *y_len, - unsigned char *g, int g_len, - unsigned char *m, int m_len, - unsigned char *userX, - int userX_len, - int random_bits); - -typedef int t_UBSEC_diffie_hellman_agree_ioctl(int fd, - unsigned char *x, int x_len, - unsigned char *y, int y_len, - unsigned char *m, int m_len, - unsigned char *k, int *k_len); - -typedef int t_UBSEC_rsa_mod_exp_ioctl(int fd, - unsigned char *x, int x_len, - unsigned char *m, int m_len, - unsigned char *e, int e_len, - unsigned char *y, int *y_len); - -typedef int t_UBSEC_rsa_mod_exp_crt_ioctl(int fd, - unsigned char *x, int x_len, - unsigned char *qinv, int qinv_len, - unsigned char *edq, int edq_len, - unsigned char *q, int q_len, - unsigned char *edp, int edp_len, - unsigned char *p, int p_len, - unsigned char *y, int *y_len); - -typedef int t_UBSEC_dsa_sign_ioctl(int fd, - int hash, unsigned char *data, - int data_len, unsigned char *rndom, - int random_len, unsigned char *p, - int p_len, unsigned char *q, int q_len, - unsigned char *g, int g_len, - unsigned char *key, int key_len, - unsigned char *r, int *r_len, - unsigned char *s, int *s_len); - -typedef int t_UBSEC_dsa_verify_ioctl(int fd, - int hash, unsigned char *data, - int data_len, unsigned char *p, - int p_len, unsigned char *q, int q_len, - unsigned char *g, int g_len, - unsigned char *key, int key_len, - unsigned char *r, int r_len, - unsigned char *s, int s_len, - unsigned char *v, int *v_len); - -typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command, - unsigned char *ModN, int *ModN_len, - unsigned char *ExpE, int *ExpE_len, - unsigned char *ParamA, - int *ParamA_len, - unsigned char *ParamB, - int *ParamB_len, - unsigned char *Result, - int *Result_len); - -typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command, - unsigned char *Result, int *Result_len); - -typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len); diff --git a/engines/vendor_defns/hwcryptohook.h b/engines/vendor_defns/hwcryptohook.h deleted file mode 100644 index fa06396a01a0..000000000000 --- a/engines/vendor_defns/hwcryptohook.h +++ /dev/null @@ -1,502 +0,0 @@ -/*- - * ModExp / RSA (with/without KM) plugin API - * - * The application will load a dynamic library which - * exports entrypoint(s) defined in this file. - * - * This set of entrypoints provides only a multithreaded, - * synchronous-within-each-thread, facility. - * - * - * This file is Copyright 1998-2000 nCipher Corporation Limited. - * - * Redistribution and use in source and binary forms, with opr without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the copyright notice, - * this list of conditions, and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions, and the following - * disclaimer, in the documentation and/or other materials provided - * with the distribution - * - * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR - * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any - * damages arising directly or indirectly from this file, its use or - * this licence. Without prejudice to the generality of the - * foregoing: all liability shall be excluded for direct, indirect, - * special, incidental, consequential or other damages or any loss of - * profits, business, revenue goodwill or anticipated savings; - * liability shall be excluded even if nCipher or anyone else has been - * advised of the possibility of damage. In any event, if the - * exclusion of liability is not effective, the liability of nCipher - * or any author or distributor shall be limited to the lesser of the - * price paid and 1,000 pounds sterling. This licence only fails to - * exclude or limit liability for death or personal injury arising out - * of negligence, and only to the extent that such an exclusion or - * limitation is not effective. - * - * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL - * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not - * limited to, any implied warranties of merchantability, fitness for - * a particular purpose, satisfactory quality, and/or non-infringement - * of any third party rights. - * - * US Government use: This software and documentation is Commercial - * Computer Software and Computer Software Documentation, as defined in - * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in - * Noncommercial Computer Software and Noncommercial Computer Software - * Documentation." Use, duplication or disclosure by the Government is - * subject to the terms and conditions specified here. - * - * By using or distributing this file you will be accepting these - * terms and conditions, including the limitation of liability and - * lack of warranty. If you do not wish to accept these terms and - * conditions, DO NOT USE THE FILE. - * - * - * The actual dynamically loadable plugin, and the library files for - * static linking, which are also provided in some distributions, are - * not covered by the licence described above. You should have - * received a separate licence with terms and conditions for these - * library files; if you received the library files without a licence, - * please contact nCipher. - * - * - * $Id: hwcryptohook.h,v 1.1 2002/10/11 17:10:59 levitte Exp $ - */ - -#ifndef HWCRYPTOHOOK_H -# define HWCRYPTOHOOK_H - -# include <sys/types.h> -# include <stdio.h> - -# ifndef HWCRYPTOHOOK_DECLARE_APPTYPES -# define HWCRYPTOHOOK_DECLARE_APPTYPES 1 -# endif - -# define HWCRYPTOHOOK_ERROR_FAILED -1 -# define HWCRYPTOHOOK_ERROR_FALLBACK -2 -# define HWCRYPTOHOOK_ERROR_MPISIZE -3 - -# if HWCRYPTOHOOK_DECLARE_APPTYPES - -/*- - * These structs are defined by the application and opaque to the - * crypto plugin. The application may define these as it sees fit. - * Default declarations are provided here, but the application may - * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0 - * to prevent these declarations, and instead provide its own - * declarations of these types. (Pointers to them must still be - * ordinary pointers to structs or unions, or the resulting combined - * program will have a type inconsistency.) - */ -typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex; -typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar; -typedef struct HWCryptoHook_PassphraseContextValue - HWCryptoHook_PassphraseContext; -typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext; - -# endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */ - -/*- - * These next two structs are opaque to the application. The crypto - * plugin will return pointers to them; the caller simply manipulates - * the pointers. - */ -typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle; -typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle; - -typedef struct { - char *buf; - size_t size; -} HWCryptoHook_ErrMsgBuf; -/*- - * Used for error reporting. When a HWCryptoHook function fails it - * will return a sentinel value (0 for pointer-valued functions, or a - * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for - * integer-valued ones). It will, if an ErrMsgBuf is passed, also put - * an error message there. - * - * size is the size of the buffer, and will not be modified. If you - * pass 0 for size you must pass 0 for buf, and nothing will be - * recorded (just as if you passed 0 for the struct pointer). - * Messages written to the buffer will always be null-terminated, even - * when truncated to fit within size bytes. - * - * The contents of the buffer are not defined if there is no error. - */ - -typedef struct HWCryptoHook_MPIStruct { - unsigned char *buf; - size_t size; -} HWCryptoHook_MPI; -/*- - * When one of these is returned, a pointer is passed to the function. - * At call, size is the space available. Afterwards it is updated to - * be set to the actual length (which may be more than the space available, - * if there was not enough room and the result was truncated). - * buf (the pointer) is not updated. - * - * size is in bytes and may be zero at call or return, but must be a - * multiple of the limb size. Zero limbs at the MS end are not - * permitted. - */ - -# define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL -# define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL -/*- - * Enable requesting fallback to software in case of problems with the - * hardware support. This indicates to the crypto provider that the - * application is prepared to fall back to software operation if the - * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK. - * Without this flag those calls will never return - * HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto - * provider to avoid repeatedly attempting to contact dead hardware - * within a short interval, if appropriate. - */ - -# define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL -/*- - * Without _SimpleForkCheck the library is allowed to assume that the - * application will not fork and call the library in the child(ren). - * - * When it is specified, this is allowed. However, after a fork - * neither parent nor child may unload any loaded keys or call - * _Finish. Instead, they should call exit (or die with a signal) - * without calling _Finish. After all the children have died the - * parent may unload keys or call _Finish. - * - * This flag only has any effect on UN*X platforms. - */ - -typedef struct { - unsigned long flags; - void *logstream; /* usually a FILE*. See below. */ - size_t limbsize; /* bignum format - size of radix type, must - * be power of 2 */ - int mslimbfirst; /* 0 or 1 */ - int msbytefirst; /* 0 or 1; -1 = native */ - /*- - * All the callback functions should return 0 on success, or a - * nonzero integer (whose value will be visible in the error message - * put in the buffer passed to the call). - * - * If a callback is not available pass a null function pointer. - * - * The callbacks may not call down again into the crypto plugin. - */ - /*- - * For thread-safety. Set everything to 0 if you promise only to be - * singlethreaded. maxsimultaneous is the number of calls to - * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to - * put there then say 0 and the hook library will use a default. - * - * maxmutexes is a small limit on the number of simultaneous mutexes - * which will be requested by the library. If there is no small - * limit, set it to 0. If the crypto plugin cannot create the - * advertised number of mutexes the calls to its functions may fail. - * If a low number of mutexes is advertised the plugin will try to - * do the best it can. Making larger numbers of mutexes available - * may improve performance and parallelism by reducing contention - * over critical sections. Unavailability of any mutexes, implying - * single-threaded operation, should be indicated by the setting - * mutex_init et al to 0. - */ - int maxmutexes; - int maxsimultaneous; - size_t mutexsize; - int (*mutex_init) (HWCryptoHook_Mutex *, - HWCryptoHook_CallerContext * cactx); - int (*mutex_acquire) (HWCryptoHook_Mutex *); - void (*mutex_release) (HWCryptoHook_Mutex *); - void (*mutex_destroy) (HWCryptoHook_Mutex *); - /*- - * For greater efficiency, can use condition vars internally for - * synchronisation. In this case maxsimultaneous is ignored, but - * the other mutex stuff must be available. In singlethreaded - * programs, set everything to 0. - */ - size_t condvarsize; - int (*condvar_init) (HWCryptoHook_CondVar *, - HWCryptoHook_CallerContext * cactx); - int (*condvar_wait) (HWCryptoHook_CondVar *, HWCryptoHook_Mutex *); - void (*condvar_signal) (HWCryptoHook_CondVar *); - void (*condvar_broadcast) (HWCryptoHook_CondVar *); - void (*condvar_destroy) (HWCryptoHook_CondVar *); - /*- - * The semantics of acquiring and releasing mutexes and broadcasting - * and waiting on condition variables are expected to be those from - * POSIX threads (pthreads). The mutexes may be (in pthread-speak) - * fast mutexes, recursive mutexes, or nonrecursive ones. - * - * The _release/_signal/_broadcast and _destroy functions must - * always succeed when given a valid argument; if they are given an - * invalid argument then the program (crypto plugin + application) - * has an internal error, and they should abort the program. - */ - int (*getpassphrase) (const char *prompt_info, - int *len_io, char *buf, - HWCryptoHook_PassphraseContext * ppctx, - HWCryptoHook_CallerContext * cactx); - /*- - * Passphrases and the prompt_info, if they contain high-bit-set - * characters, are UTF-8. The prompt_info may be a null pointer if - * no prompt information is available (it should not be an empty - * string). It will not contain text like `enter passphrase'; - * instead it might say something like `Operator Card for John - * Smith' or `SmartCard in nFast Module #1, Slot #1'. - * - * buf points to a buffer in which to return the passphrase; on - * entry *len_io is the length of the buffer. It should be updated - * by the callback. The returned passphrase should not be - * null-terminated by the callback. - */ - int (*getphystoken) (const char *prompt_info, - const char *wrong_info, - HWCryptoHook_PassphraseContext * ppctx, - HWCryptoHook_CallerContext * cactx); - /*- - * Requests that the human user physically insert a different - * smartcard, DataKey, etc. The plugin should check whether the - * currently inserted token(s) are appropriate, and if they are it - * should not make this call. - * - * prompt_info is as before. wrong_info is a description of the - * currently inserted token(s) so that the user is told what - * something is. wrong_info, like prompt_info, may be null, but - * should not be an empty string. Its contents should be - * syntactically similar to that of prompt_info. - */ - /*- - * Note that a single LoadKey operation might cause several calls to - * getpassphrase and/or requestphystoken. If requestphystoken is - * not provided (ie, a null pointer is passed) then the plugin may - * not support loading keys for which authorisation by several cards - * is required. If getpassphrase is not provided then cards with - * passphrases may not be supported. - * - * getpassphrase and getphystoken do not need to check that the - * passphrase has been entered correctly or the correct token - * inserted; the crypto plugin will do that. If this is not the - * case then the crypto plugin is responsible for calling these - * routines again as appropriate until the correct token(s) and - * passphrase(s) are supplied as required, or until any retry limits - * implemented by the crypto plugin are reached. - * - * In either case, the application must allow the user to say `no' - * or `cancel' to indicate that they do not know the passphrase or - * have the appropriate token; this should cause the callback to - * return nonzero indicating error. - */ - void (*logmessage) (void *logstream, const char *message); - /*- - * A log message will be generated at least every time something goes - * wrong and an ErrMsgBuf is filled in (or would be if one was - * provided). Other diagnostic information may be written there too, - * including more detailed reasons for errors which are reported in an - * ErrMsgBuf. - * - * When a log message is generated, this callback is called. It - * should write a message to the relevant logging arrangements. - * - * The message string passed will be null-terminated and may be of arbitrary - * length. It will not be prefixed by the time and date, nor by the - * name of the library that is generating it - if this is required, - * the logmessage callback must do it. The message will not have a - * trailing newline (though it may contain internal newlines). - * - * If a null pointer is passed for logmessage a default function is - * used. The default function treats logstream as a FILE* which has - * been converted to a void*. If logstream is 0 it does nothing. - * Otherwise it prepends the date and time and library name and - * writes the message to logstream. Each line will be prefixed by a - * descriptive string containing the date, time and identity of the - * crypto plugin. Errors on the logstream are not reported - * anywhere, and the default function doesn't flush the stream, so - * the application must set the buffering how it wants it. - * - * The crypto plugin may also provide a facility to have copies of - * log messages sent elsewhere, and or for adjusting the verbosity - * of the log messages; any such facilities will be configured by - * external means. - */ -} HWCryptoHook_InitInfo; - -typedef -HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo * - initinfo, size_t initinfosize, - const HWCryptoHook_ErrMsgBuf * - errors, - HWCryptoHook_CallerContext * - cactx); -extern HWCryptoHook_Init_t HWCryptoHook_Init; - -/*- - * Caller should set initinfosize to the size of the HWCryptoHook struct, - * so it can be extended later. - * - * On success, a message for display or logging by the server, - * including the name and version number of the plugin, will be filled - * in into *errors; on failure *errors is used for error handling, as - * usual. - */ - -/*- - * All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED - * on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of - * the output MPI buffer(s) was too small; the sizes of all have been - * set to the desired size (and for those where the buffer was large - * enough, the value may have been copied in), and no error message - * has been recorded. - * - * You may pass 0 for the errors struct. In any case, unless you set - * _NoStderr at init time then messages may be reported to stderr. - */ - -/*- - * The RSAImmed* functions (and key managed RSA) only work with - * modules which have an RSA patent licence - currently that means KM - * units; the ModExp* ones work with all modules, so you need a patent - * licence in the software in the US. They are otherwise identical. - */ - -typedef -void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx); -extern HWCryptoHook_Finish_t HWCryptoHook_Finish; -/* You must not have any calls going or keys loaded when you call this. */ - -typedef -int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx, - unsigned char *buf, size_t len, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes; - -typedef -int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI a, - HWCryptoHook_MPI p, - HWCryptoHook_MPI n, - HWCryptoHook_MPI * r, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp; - -typedef -int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI m, - HWCryptoHook_MPI e, - HWCryptoHook_MPI n, - HWCryptoHook_MPI * r, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub; - -typedef -int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI a, - HWCryptoHook_MPI p, - HWCryptoHook_MPI q, - HWCryptoHook_MPI dmp1, - HWCryptoHook_MPI dmq1, - HWCryptoHook_MPI iqmp, - HWCryptoHook_MPI * r, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT; - -typedef -int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx, - HWCryptoHook_MPI m, - HWCryptoHook_MPI p, - HWCryptoHook_MPI q, - HWCryptoHook_MPI dmp1, - HWCryptoHook_MPI dmq1, - HWCryptoHook_MPI iqmp, - HWCryptoHook_MPI * r, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv; - -/*- - * The RSAImmed* and ModExp* functions may return E_FAILED or - * E_FALLBACK for failure. - * - * E_FAILED means the failure is permanent and definite and there - * should be no attempt to fall back to software. (Eg, for some - * applications, which support only the acceleration-only - * functions, the `key material' may actually be an encoded key - * identifier, and doing the operation in software would give wrong - * answers.) - * - * E_FALLBACK means that doing the computation in software would seem - * reasonable. If an application pays attention to this and is - * able to fall back, it should also set the Fallback init flags. - */ - -typedef -int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx, - const char *key_ident, - HWCryptoHook_RSAKeyHandle * keyhandle_r, - const HWCryptoHook_ErrMsgBuf * errors, - HWCryptoHook_PassphraseContext * ppctx); -extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey; -/*- - * The key_ident is a null-terminated string configured by the - * user via the application's usual configuration mechanisms. - * It is provided to the user by the crypto provider's key management - * system. The user must be able to enter at least any string of between - * 1 and 1023 characters inclusive, consisting of printable 7-bit - * ASCII characters. The provider should avoid using - * any characters except alphanumerics and the punctuation - * characters _ - + . / @ ~ (the user is expected to be able - * to enter these without quoting). The string may be case-sensitive. - * The application may allow the user to enter other NULL-terminated strings, - * and the provider must cope (returning an error if the string is not - * valid). - * - * If the key does not exist, no error is recorded and 0 is returned; - * keyhandle_r will be set to 0 instead of to a key handle. - */ - -typedef -int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k, - HWCryptoHook_MPI * n, - HWCryptoHook_MPI * e, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey; -/*- - * The crypto plugin will not store certificates. - * - * Although this function for acquiring the public key value is - * provided, it is not the purpose of this API to deal fully with the - * handling of the public key. - * - * It is expected that the crypto supplier's key generation program - * will provide general facilities for producing X.509 - * self-certificates and certificate requests in PEM format. These - * will be given to the user so that they can configure them in the - * application, send them to CAs, or whatever. - * - * In case this kind of certificate handling is not appropriate, the - * crypto supplier's key generation program should be able to be - * configured not to generate such a self-certificate or certificate - * request. Then the application will need to do all of this, and - * will need to store and handle the public key and certificates - * itself. - */ - -typedef -int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey; -/* Might fail due to locking problems, or other serious internal problems. */ - -typedef -int HWCryptoHook_RSA_t(HWCryptoHook_MPI m, - HWCryptoHook_RSAKeyHandle k, - HWCryptoHook_MPI * r, - const HWCryptoHook_ErrMsgBuf * errors); -extern HWCryptoHook_RSA_t HWCryptoHook_RSA; -/* RSA private key operation (sign or decrypt) - raw, unpadded. */ - -#endif /* HWCRYPTOHOOK_H */ diff --git a/engines/vendor_defns/sureware.h b/engines/vendor_defns/sureware.h deleted file mode 100644 index b1423e19797d..000000000000 --- a/engines/vendor_defns/sureware.h +++ /dev/null @@ -1,250 +0,0 @@ -/*- - * Written by Corinne Dive-Reclus(cdive@baltimore.com) - * - * Copyright@2001 Baltimore Technologies Ltd. - * - * THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef WIN32 -# define SW_EXPORT __declspec ( dllexport ) -#else -# define SW_EXPORT -#endif - -/* - * List of exposed SureWare errors - */ -#define SUREWAREHOOK_ERROR_FAILED -1 -#define SUREWAREHOOK_ERROR_FALLBACK -2 -#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3 -#define SUREWAREHOOK_ERROR_DATA_SIZE -4 -#define SUREWAREHOOK_ERROR_INVALID_PAD -5 -/*- -* -----------------WARNING----------------------------------- -* In all the following functions: -* msg is a string with at least 24 bytes free. -* A 24 bytes string will be concatenated to the existing content of msg. -*/ -/*- -* SureWare Initialisation function -* in param threadsafe, if !=0, thread safe enabled -* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success -*/ -typedef int SureWareHook_Init_t(char *const msg, int threadsafe); -extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init; -/*- -* SureWare Finish function -*/ -typedef void SureWareHook_Finish_t(void); -extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish; -/*- -* PRE_CONDITION: -* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE -*/ -/*- -* SureWare RAND Bytes function -* In case of failure, the content of buf is unpredictable. -* return 1 if success -* SureWareHOOK_ERROR_FALLBACK if function not available in hardware -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in/out param buf : a num bytes long buffer where random bytes will be put -* in param num : the number of bytes into buf -*/ -typedef int SureWareHook_Rand_Bytes_t(char *const msg, unsigned char *buf, - int num); -extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes; - -/*- -* SureWare RAND Seed function -* Adds some seed to the Hardware Random Number Generator -* return 1 if success -* SureWareHOOK_ERROR_FALLBACK if function not available in hardware -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param buf : the seed to add into the HRNG -* in param num : the number of bytes into buf -*/ -typedef int SureWareHook_Rand_Seed_t(char *const msg, const void *buf, - int num); -extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed; - -/*- -* SureWare Load Private Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the private protected key file without the extension - ".sws" -* out param hptr : a pointer to a buffer allocated by SureWare_Hook -* out param num: the effective key length in bytes -* out param keytype: 1 if RSA 2 if DSA -*/ -typedef int SureWareHook_Load_Privkey_t(char *const msg, const char *key_id, - char **hptr, unsigned long *num, - char *keytype); -extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey; - -/*- -* SureWare Info Public Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the private protected key file without the extension - ".swp" -* out param hptr : a pointer to a buffer allocated by SureWare_Hook -* out param num: the effective key length in bytes -* out param keytype: 1 if RSA 2 if DSA -*/ -typedef int SureWareHook_Info_Pubkey_t(char *const msg, const char *key_id, - unsigned long *num, char *keytype); -extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey; - -/*- -* SureWare Load Public Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the public protected key file without the extension - ".swp" -* in param num : the bytes size of n and e -* out param n: where to write modulus in bn format -* out param e: where to write exponent in bn format -*/ -typedef int SureWareHook_Load_Rsa_Pubkey_t(char *const msg, - const char *key_id, - unsigned long num, - unsigned long *n, - unsigned long *e); -extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey; - -/*- -* SureWare Load DSA Public Key function -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* No hardware is contact for this function. -* -* in param key_id :the name of the public protected key file without the extension - ".swp" -* in param num : the bytes size of n and e -* out param pub: where to write pub key in bn format -* out param p: where to write prime in bn format -* out param q: where to write sunprime (length 20 bytes) in bn format -* out param g: where to write base in bn format -*/ -typedef int SureWareHook_Load_Dsa_Pubkey_t(char *const msg, - const char *key_id, - unsigned long num, - unsigned long *pub, - unsigned long *p, unsigned long *q, - unsigned long *g); -extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey; - -/*- -* SureWare Free function -* Destroy the key into the hardware if destroy==1 -*/ -typedef void SureWareHook_Free_t(char *p, int destroy); -extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free; - -#define SUREWARE_PKCS1_PAD 1 -#define SUREWARE_ISO9796_PAD 2 -#define SUREWARE_NO_PAD 0 -/*- -* SureWare RSA Private Decryption -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param flen : byte size of from and to -* in param from : encrypted data buffer, should be a not-null valid pointer -* out param tlen: byte size of decrypted data, if error, unexpected value -* out param to : decrypted data buffer, should be a not-null valid pointer -* in param prsa: a protected key pointer, should be a not-null valid pointer -* int padding: padding id as follow -* SUREWARE_PKCS1_PAD -* SUREWARE_NO_PAD -* -*/ -typedef int SureWareHook_Rsa_Priv_Dec_t(char *const msg, int flen, - unsigned char *from, int *tlen, - unsigned char *to, char *prsa, - int padding); -extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec; -/*- -* SureWare RSA Signature -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param flen : byte size of from and to -* in param from : encrypted data buffer, should be a not-null valid pointer -* out param tlen: byte size of decrypted data, if error, unexpected value -* out param to : decrypted data buffer, should be a not-null valid pointer -* in param prsa: a protected key pointer, should be a not-null valid pointer -* int padding: padding id as follow -* SUREWARE_PKCS1_PAD -* SUREWARE_ISO9796_PAD -* -*/ -typedef int SureWareHook_Rsa_Sign_t(char *const msg, int flen, - unsigned char *from, int *tlen, - unsigned char *to, char *prsa, - int padding); -extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign; -/*- -* SureWare DSA Signature -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* in param flen : byte size of from and to -* in param from : encrypted data buffer, should be a not-null valid pointer -* out param to : decrypted data buffer, should be a 40bytes valid pointer -* in param pdsa: a protected key pointer, should be a not-null valid pointer -* -*/ -typedef int SureWareHook_Dsa_Sign_t(char *const msg, int flen, - const unsigned char *from, - unsigned long *r, unsigned long *s, - char *pdsa); -extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign; - -/*- -* SureWare Mod Exp -* return 1 if success -* SureWareHOOK_ERROR_FAILED if error while processing -* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure -* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf -* -* mod and res are mlen bytes long. -* exp is elen bytes long -* data is dlen bytes long -* mlen,elen and dlen are all multiple of sizeof(unsigned long) -*/ -typedef int SureWareHook_Mod_Exp_t(char *const msg, int mlen, - const unsigned long *mod, int elen, - const unsigned long *exponent, int dlen, - unsigned long *data, unsigned long *res); -extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp; |