aboutsummaryrefslogtreecommitdiff
path: root/engines
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2018-09-13 19:18:07 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-09-13 19:18:07 +0000
commita43ce912fc025d11e1395506111f75fc194d7ba5 (patch)
tree9794cf7720d75938ed0ea4f499c0dcd4b6eacdda /engines
parent02be298e504b8554caca6dc85af450e1ea44d19d (diff)
downloadsrc-a43ce912fc025d11e1395506111f75fc194d7ba5.tar.gz
src-a43ce912fc025d11e1395506111f75fc194d7ba5.zip
Import OpenSSL 1.1.1.vendor/openssl/1.1.1
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=338658 svn path=/vendor-crypto/openssl/1.1.1/; revision=338659; tag=vendor/openssl/1.1.1
Diffstat (limited to 'engines')
-rw-r--r--engines/Makefile338
-rwxr-xr-xengines/asm/e_padlock-x86.pl627
-rwxr-xr-xengines/asm/e_padlock-x86_64.pl583
-rw-r--r--engines/build.info43
-rw-r--r--engines/ccgost/Makefile276
-rw-r--r--engines/ccgost/README.gost299
-rw-r--r--engines/ccgost/e_gost_err.c221
-rw-r--r--engines/ccgost/e_gost_err.h158
-rw-r--r--engines/ccgost/gost2001.c474
-rw-r--r--engines/ccgost/gost2001_keyx.c294
-rw-r--r--engines/ccgost/gost2001_keyx.h10
-rw-r--r--engines/ccgost/gost89.c576
-rw-r--r--engines/ccgost/gost89.h98
-rw-r--r--engines/ccgost/gost94_keyx.c282
-rw-r--r--engines/ccgost/gost_ameth.c957
-rw-r--r--engines/ccgost/gost_asn1.c56
-rw-r--r--engines/ccgost/gost_crypt.c623
-rw-r--r--engines/ccgost/gost_ctl.c93
-rw-r--r--engines/ccgost/gost_eng.c280
-rw-r--r--engines/ccgost/gost_keywrap.c106
-rw-r--r--engines/ccgost/gost_keywrap.h56
-rw-r--r--engines/ccgost/gost_lcl.h229
-rw-r--r--engines/ccgost/gost_md.c76
-rw-r--r--engines/ccgost/gost_params.c207
-rw-r--r--engines/ccgost/gost_params.h34
-rw-r--r--engines/ccgost/gost_pmeth.c625
-rw-r--r--engines/ccgost/gost_sign.c373
-rw-r--r--engines/ccgost/gosthash.c268
-rw-r--r--engines/ccgost/gosthash.h52
-rw-r--r--engines/ccgost/gostsum.c187
-rw-r--r--engines/e_4758cca.c960
-rw-r--r--engines/e_4758cca_err.c153
-rw-r--r--engines/e_4758cca_err.h98
-rw-r--r--engines/e_aep.c1167
-rw-r--r--engines/e_aep_err.c159
-rw-r--r--engines/e_aep_err.h106
-rw-r--r--engines/e_afalg.c870
-rw-r--r--engines/e_afalg.h95
-rw-r--r--engines/e_afalg.txt30
-rw-r--r--engines/e_afalg_err.c83
-rw-r--r--engines/e_afalg_err.h43
-rw-r--r--engines/e_atalla.c626
-rw-r--r--engines/e_atalla_err.c145
-rw-r--r--engines/e_atalla_err.h94
-rw-r--r--engines/e_capi.c757
-rw-r--r--engines/e_capi.txt62
-rw-r--r--engines/e_capi_err.c234
-rw-r--r--engines/e_capi_err.h146
-rw-r--r--engines/e_chil.c1366
-rw-r--r--engines/e_chil_err.c157
-rw-r--r--engines/e_chil_err.h105
-rw-r--r--engines/e_cswift.c1103
-rw-r--r--engines/e_cswift_err.c150
-rw-r--r--engines/e_cswift_err.h99
-rw-r--r--engines/e_dasync.c770
-rw-r--r--engines/e_dasync.txt22
-rw-r--r--engines/e_dasync_err.c73
-rw-r--r--engines/e_dasync_err.h37
-rw-r--r--engines/e_gmp.c492
-rw-r--r--engines/e_gmp_err.c137
-rw-r--r--engines/e_gmp_err.h86
-rw-r--r--engines/e_nuron.c436
-rw-r--r--engines/e_nuron_err.c142
-rw-r--r--engines/e_nuron_err.h91
-rw-r--r--engines/e_ossltest.c696
-rw-r--r--engines/e_ossltest.txt13
-rw-r--r--engines/e_ossltest_err.c63
-rw-r--r--engines/e_ossltest_err.h28
-rw-r--r--engines/e_padlock.c1187
-rw-r--r--engines/e_sureware.c1101
-rw-r--r--engines/e_sureware_err.c154
-rw-r--r--engines/e_sureware_err.h104
-rw-r--r--engines/e_ubsec.c1085
-rw-r--r--engines/e_ubsec_err.c154
-rw-r--r--engines/e_ubsec_err.h102
-rw-r--r--engines/engine_vector.mar24
-rw-r--r--engines/vendor_defns/aep.h235
-rw-r--r--engines/vendor_defns/atalla.h44
-rw-r--r--engines/vendor_defns/cswift.h235
-rw-r--r--engines/vendor_defns/hw_4758_cca.h150
-rw-r--r--engines/vendor_defns/hw_ubsec.h124
-rw-r--r--engines/vendor_defns/hwcryptohook.h502
-rw-r--r--engines/vendor_defns/sureware.h250
83 files changed, 4985 insertions, 20861 deletions
diff --git a/engines/Makefile b/engines/Makefile
deleted file mode 100644
index 2058ff405afe..000000000000
--- a/engines/Makefile
+++ /dev/null
@@ -1,338 +0,0 @@
-#
-# OpenSSL/engines/Makefile
-#
-
-DIR= engines
-TOP= ..
-CC= cc
-INCLUDES= -I../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-ENGDIRS= ccgost
-
-RECURSIVE_MAKE= [ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \
- (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
- $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \
- done;
-
-PEX_LIBS=
-EX_LIBS=
-
-CFLAGS= $(INCLUDES) $(CFLAG)
-
-GENERAL=Makefile engines.com install.com engine_vector.mar
-TEST=
-APPS=
-
-LIB=$(TOP)/libcrypto.a
-LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
-
-LIBSRC= e_4758cca.c \
- e_aep.c \
- e_atalla.c \
- e_cswift.c \
- e_gmp.c \
- e_chil.c \
- e_nuron.c \
- e_sureware.c \
- e_ubsec.c \
- e_padlock.c \
- e_capi.c
-LIBOBJ= e_4758cca.o \
- e_aep.o \
- e_atalla.o \
- e_cswift.o \
- e_gmp.o \
- e_chil.o \
- e_nuron.o \
- e_sureware.o \
- e_ubsec.o \
- e_padlock.o \
- e_capi.o
-
-SRC= $(LIBSRC)
-
-EXHEADER=
-HEADER= e_4758cca_err.c e_4758cca_err.h \
- e_aep_err.c e_aep_err.h \
- e_atalla_err.c e_atalla_err.h \
- e_cswift_err.c e_cswift_err.h \
- e_gmp_err.c e_gmp_err.h \
- e_chil_err.c e_chil_err.h \
- e_nuron_err.c e_nuron_err.h \
- e_sureware_err.c e_sureware_err.h \
- e_ubsec_err.c e_ubsec_err.h \
- e_capi_err.c e_capi_err.h
-
-ALL= $(GENERAL) $(SRC) $(HEADER)
-
-top:
- (cd ..; $(MAKE) DIRS=$(DIR) all)
-
-all: lib subdirs
-
-lib: $(LIBOBJ)
- @if [ -n "$(SHARED_LIBS)" ]; then \
- set -e; \
- for l in $(LIBNAMES); do \
- $(MAKE) -f ../Makefile.shared -e \
- LIBNAME=$$l LIBEXTRAS=e_$$l.o \
- LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
- link_o.$(SHLIB_TARGET); \
- done; \
- else \
- $(AR) $(LIB) $(LIBOBJ); \
- $(RANLIB) $(LIB) || echo Never mind.; \
- fi; \
- touch lib
-
-subdirs:
- echo $(EDIRS)
- @target=all; $(RECURSIVE_MAKE)
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
- @target=files; $(RECURSIVE_MAKE)
-
-links:
- @target=links; $(RECURSIVE_MAKE)
-
-# XXXXX This currently only works on systems that use .so as suffix
-# for shared libraries as well as for Cygwin which uses the
-# dlfcn_name_converter and therefore stores the engines with .so suffix, too.
-# XXXXX This was extended to HP-UX dl targets, which use .sl suffix.
-# XXXXX This was extended to mingw targets, which use eay32.dll suffix without lib as prefix.
-install:
- @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- @if [ -n "$(SHARED_LIBS)" ]; then \
- set -e; \
- $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
- for l in $(LIBNAMES); do \
- ( echo installing $$l; \
- pfx=lib; \
- if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
- sfx=".so"; \
- cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
- else \
- case "$(CFLAGS)" in \
- *DSO_BEOS*) sfx=".so";; \
- *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \
- *DSO_DL*) sfx=".sl";; \
- *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
- *) sfx=".bad";; \
- esac; \
- cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
- fi; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
- done; \
- fi
- @target=install; $(RECURSIVE_MAKE)
-
-tags:
- ctags $(SRC)
-
-errors:
- set -e; for l in $(LIBNAMES); do \
- $(PERL) ../util/mkerr.pl -conf e_$$l.ec \
- -nostatic -staticloader -write e_$$l.c; \
- done
- (cd ccgost; $(MAKE) PERL=$(PERL) errors)
-
-tests:
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
- @target=lint; $(RECURSIVE_MAKE)
-
-update: local_depend
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
- @[ -z "$(THIS)" ] || (set -e; target=update; $(RECURSIVE_MAKE) )
-
-depend: local_depend
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
- @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
-local_depend:
- @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
- @target=dclean; $(RECURSIVE_MAKE)
-
-clean:
- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
- @target=clean; $(RECURSIVE_MAKE)
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h
-e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
-e_4758cca.o: vendor_defns/hw_4758_cca.h
-e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_aep.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_aep.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_aep.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_aep.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_aep.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_aep.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_aep.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h
-e_aep.o: vendor_defns/aep.h
-e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c
-e_atalla.o: e_atalla_err.h vendor_defns/atalla.h
-e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_capi.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_capi.o: ../include/openssl/engine.h ../include/openssl/evp.h
-e_capi.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_capi.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_capi.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
-e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_capi.o: ../include/openssl/x509_vfy.h e_capi.c
-e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h
-e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h
-e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c
-e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h
-e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_cswift.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_cswift.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_cswift.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_cswift.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_cswift.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_cswift.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_cswift.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_cswift.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_cswift.c
-e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h
-e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
-e_gmp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-e_gmp.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-e_gmp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_gmp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_gmp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_gmp.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_gmp.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_gmp.o: ../include/openssl/x509_vfy.h e_gmp.c
-e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_nuron.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_nuron.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_nuron.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_nuron.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_nuron.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_nuron.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_nuron.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_nuron.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_nuron.o: ../include/openssl/x509_vfy.h e_nuron.c e_nuron_err.c e_nuron_err.h
-e_padlock.o: ../include/openssl/aes.h ../include/openssl/asn1.h
-e_padlock.o: ../include/openssl/bio.h ../include/openssl/buffer.h
-e_padlock.o: ../include/openssl/crypto.h ../include/openssl/dso.h
-e_padlock.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_padlock.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_padlock.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_padlock.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_padlock.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_padlock.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_padlock.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_padlock.o: ../include/openssl/rand.h ../include/openssl/safestack.h
-e_padlock.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_padlock.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_padlock.o: ../include/openssl/x509_vfy.h e_padlock.c
-e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_sureware.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h
-e_sureware.o: vendor_defns/sureware.h
-e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_ubsec.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_ubsec.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_ubsec.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_ubsec.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_ubsec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_ubsec.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_ubsec.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_ubsec.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_ubsec.o: ../include/openssl/x509_vfy.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h
-e_ubsec.o: vendor_defns/hw_ubsec.h
diff --git a/engines/asm/e_padlock-x86.pl b/engines/asm/e_padlock-x86.pl
new file mode 100755
index 000000000000..5b097ce3ef9b
--- /dev/null
+++ b/engines/asm/e_padlock-x86.pl
@@ -0,0 +1,627 @@
+#! /usr/bin/env perl
+# Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# September 2011
+#
+# Assembler helpers for Padlock engine. Compared to original engine
+# version relying on inline assembler and compiled with gcc 3.4.6 it
+# was measured to provide ~100% improvement on misaligned data in ECB
+# mode and ~75% in CBC mode. For aligned data improvement can be
+# observed for short inputs only, e.g. 45% for 64-byte messages in
+# ECB mode, 20% in CBC. Difference in performance for aligned vs.
+# misaligned data depends on misalignment and is either ~1.8x or 2.9x.
+# These are approximately same factors as for hardware support, so
+# there is little reason to rely on the latter. On the contrary, it
+# might actually hurt performance in mixture of aligned and misaligned
+# buffers, because a) if you choose to flip 'align' flag in control
+# word on per-buffer basis, then you'd have to reload key context,
+# which incurs penalty; b) if you choose to set 'align' flag
+# permanently, it limits performance even for aligned data to ~1/2.
+# All above mentioned results were collected on 1.5GHz C7. Nano on the
+# other hand handles unaligned data more gracefully. Depending on
+# algorithm and how unaligned data is, hardware can be up to 70% more
+# efficient than below software alignment procedures, nor does 'align'
+# flag have affect on aligned performance [if has any meaning at all].
+# Therefore suggestion is to unconditionally set 'align' flag on Nano
+# for optimal performance.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../crypto/perlasm");
+require "x86asm.pl";
+
+$output=pop;
+open STDOUT,">$output";
+
+&asm_init($ARGV[0]);
+
+%PADLOCK_PREFETCH=(ecb=>128, cbc=>64); # prefetch errata
+$PADLOCK_CHUNK=512; # Must be a power of 2 larger than 16
+
+$ctx="edx";
+$out="edi";
+$inp="esi";
+$len="ecx";
+$chunk="ebx";
+
+&function_begin_B("padlock_capability");
+ &push ("ebx");
+ &pushf ();
+ &pop ("eax");
+ &mov ("ecx","eax");
+ &xor ("eax",1<<21);
+ &push ("eax");
+ &popf ();
+ &pushf ();
+ &pop ("eax");
+ &xor ("ecx","eax");
+ &xor ("eax","eax");
+ &bt ("ecx",21);
+ &jnc (&label("noluck"));
+ &cpuid ();
+ &xor ("eax","eax");
+ &cmp ("ebx","0x".unpack("H*",'tneC'));
+ &jne (&label("zhaoxin"));
+ &cmp ("edx","0x".unpack("H*",'Hrua'));
+ &jne (&label("noluck"));
+ &cmp ("ecx","0x".unpack("H*",'slua'));
+ &jne (&label("noluck"));
+ &jmp (&label("zhaoxinEnd"));
+&set_label("zhaoxin");
+ &cmp ("ebx","0x".unpack("H*",'hS '));
+ &jne (&label("noluck"));
+ &cmp ("edx","0x".unpack("H*",'hgna'));
+ &jne (&label("noluck"));
+ &cmp ("ecx","0x".unpack("H*",' ia'));
+ &jne (&label("noluck"));
+&set_label("zhaoxinEnd");
+ &mov ("eax",0xC0000000);
+ &cpuid ();
+ &mov ("edx","eax");
+ &xor ("eax","eax");
+ &cmp ("edx",0xC0000001);
+ &jb (&label("noluck"));
+ &mov ("eax",1);
+ &cpuid ();
+ &or ("eax",0x0f);
+ &xor ("ebx","ebx");
+ &and ("eax",0x0fff);
+ &cmp ("eax",0x06ff); # check for Nano
+ &sete ("bl");
+ &mov ("eax",0xC0000001);
+ &push ("ebx");
+ &cpuid ();
+ &pop ("ebx");
+ &mov ("eax","edx");
+ &shl ("ebx",4); # bit#4 denotes Nano
+ &and ("eax",0xffffffef);
+ &or ("eax","ebx")
+&set_label("noluck");
+ &pop ("ebx");
+ &ret ();
+&function_end_B("padlock_capability")
+
+&function_begin_B("padlock_key_bswap");
+ &mov ("edx",&wparam(0));
+ &mov ("ecx",&DWP(240,"edx"));
+&set_label("bswap_loop");
+ &mov ("eax",&DWP(0,"edx"));
+ &bswap ("eax");
+ &mov (&DWP(0,"edx"),"eax");
+ &lea ("edx",&DWP(4,"edx"));
+ &sub ("ecx",1);
+ &jnz (&label("bswap_loop"));
+ &ret ();
+&function_end_B("padlock_key_bswap");
+
+# This is heuristic key context tracing. At first one
+# believes that one should use atomic swap instructions,
+# but it's not actually necessary. Point is that if
+# padlock_saved_context was changed by another thread
+# after we've read it and before we compare it with ctx,
+# our key *shall* be reloaded upon thread context switch
+# and we are therefore set in either case...
+&static_label("padlock_saved_context");
+
+&function_begin_B("padlock_verify_context");
+ &mov ($ctx,&wparam(0));
+ &lea ("eax",($::win32 or $::coff) ? &DWP(&label("padlock_saved_context")) :
+ &DWP(&label("padlock_saved_context")."-".&label("verify_pic_point")));
+ &pushf ();
+ &call ("_padlock_verify_ctx");
+&set_label("verify_pic_point");
+ &lea ("esp",&DWP(4,"esp"));
+ &ret ();
+&function_end_B("padlock_verify_context");
+
+&function_begin_B("_padlock_verify_ctx");
+ &add ("eax",&DWP(0,"esp")) if(!($::win32 or $::coff));# &padlock_saved_context
+ &bt (&DWP(4,"esp"),30); # eflags
+ &jnc (&label("verified"));
+ &cmp ($ctx,&DWP(0,"eax"));
+ &je (&label("verified"));
+ &pushf ();
+ &popf ();
+&set_label("verified");
+ &mov (&DWP(0,"eax"),$ctx);
+ &ret ();
+&function_end_B("_padlock_verify_ctx");
+
+&function_begin_B("padlock_reload_key");
+ &pushf ();
+ &popf ();
+ &ret ();
+&function_end_B("padlock_reload_key");
+
+&function_begin_B("padlock_aes_block");
+ &push ("edi");
+ &push ("esi");
+ &push ("ebx");
+ &mov ($out,&wparam(0)); # must be 16-byte aligned
+ &mov ($inp,&wparam(1)); # must be 16-byte aligned
+ &mov ($ctx,&wparam(2));
+ &mov ($len,1);
+ &lea ("ebx",&DWP(32,$ctx)); # key
+ &lea ($ctx,&DWP(16,$ctx)); # control word
+ &data_byte(0xf3,0x0f,0xa7,0xc8); # rep xcryptecb
+ &pop ("ebx");
+ &pop ("esi");
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_aes_block");
+
+sub generate_mode {
+my ($mode,$opcode) = @_;
+# int padlock_$mode_encrypt(void *out, const void *inp,
+# struct padlock_cipher_data *ctx, size_t len);
+&function_begin("padlock_${mode}_encrypt");
+ &mov ($out,&wparam(0));
+ &mov ($inp,&wparam(1));
+ &mov ($ctx,&wparam(2));
+ &mov ($len,&wparam(3));
+ &test ($ctx,15);
+ &jnz (&label("${mode}_abort"));
+ &test ($len,15);
+ &jnz (&label("${mode}_abort"));
+ &lea ("eax",($::win32 or $::coff) ? &DWP(&label("padlock_saved_context")) :
+ &DWP(&label("padlock_saved_context")."-".&label("${mode}_pic_point")));
+ &pushf ();
+ &cld ();
+ &call ("_padlock_verify_ctx");
+&set_label("${mode}_pic_point");
+ &lea ($ctx,&DWP(16,$ctx)); # control word
+ &xor ("eax","eax");
+ if ($mode eq "ctr32") {
+ &movq ("mm0",&QWP(-16,$ctx)); # load [upper part of] counter
+ } else {
+ &xor ("ebx","ebx");
+ &test (&DWP(0,$ctx),1<<5); # align bit in control word
+ &jnz (&label("${mode}_aligned"));
+ &test ($out,0x0f);
+ &setz ("al"); # !out_misaligned
+ &test ($inp,0x0f);
+ &setz ("bl"); # !inp_misaligned
+ &test ("eax","ebx");
+ &jnz (&label("${mode}_aligned"));
+ &neg ("eax");
+ }
+ &mov ($chunk,$PADLOCK_CHUNK);
+ &not ("eax"); # out_misaligned?-1:0
+ &lea ("ebp",&DWP(-24,"esp"));
+ &cmp ($len,$chunk);
+ &cmovc ($chunk,$len); # chunk=len>PADLOCK_CHUNK?PADLOCK_CHUNK:len
+ &and ("eax",$chunk); # out_misaligned?chunk:0
+ &mov ($chunk,$len);
+ &neg ("eax");
+ &and ($chunk,$PADLOCK_CHUNK-1); # chunk=len%PADLOCK_CHUNK
+ &lea ("esp",&DWP(0,"eax","ebp")); # alloca
+ &mov ("eax",$PADLOCK_CHUNK);
+ &cmovz ($chunk,"eax"); # chunk=chunk?:PADLOCK_CHUNK
+ &mov ("eax","ebp");
+ &and ("ebp",-16);
+ &and ("esp",-16);
+ &mov (&DWP(16,"ebp"),"eax");
+ if ($PADLOCK_PREFETCH{$mode}) {
+ &cmp ($len,$chunk);
+ &ja (&label("${mode}_loop"));
+ &mov ("eax",$inp); # check if prefetch crosses page
+ &cmp ("ebp","esp");
+ &cmove ("eax",$out);
+ &add ("eax",$len);
+ &neg ("eax");
+ &and ("eax",0xfff); # distance to page boundary
+ &cmp ("eax",$PADLOCK_PREFETCH{$mode});
+ &mov ("eax",-$PADLOCK_PREFETCH{$mode});
+ &cmovae ("eax",$chunk); # mask=distance<prefetch?-prefetch:-1
+ &and ($chunk,"eax");
+ &jz (&label("${mode}_unaligned_tail"));
+ }
+ &jmp (&label("${mode}_loop"));
+
+&set_label("${mode}_loop",16);
+ &mov (&DWP(0,"ebp"),$out); # save parameters
+ &mov (&DWP(4,"ebp"),$inp);
+ &mov (&DWP(8,"ebp"),$len);
+ &mov ($len,$chunk);
+ &mov (&DWP(12,"ebp"),$chunk); # chunk
+ if ($mode eq "ctr32") {
+ &mov ("ecx",&DWP(-4,$ctx));
+ &xor ($out,$out);
+ &mov ("eax",&DWP(-8,$ctx)); # borrow $len
+&set_label("${mode}_prepare");
+ &mov (&DWP(12,"esp",$out),"ecx");
+ &bswap ("ecx");
+ &movq (&QWP(0,"esp",$out),"mm0");
+ &inc ("ecx");
+ &mov (&DWP(8,"esp",$out),"eax");
+ &bswap ("ecx");
+ &lea ($out,&DWP(16,$out));
+ &cmp ($out,$chunk);
+ &jb (&label("${mode}_prepare"));
+
+ &mov (&DWP(-4,$ctx),"ecx");
+ &lea ($inp,&DWP(0,"esp"));
+ &lea ($out,&DWP(0,"esp"));
+ &mov ($len,$chunk);
+ } else {
+ &test ($out,0x0f); # out_misaligned
+ &cmovnz ($out,"esp");
+ &test ($inp,0x0f); # inp_misaligned
+ &jz (&label("${mode}_inp_aligned"));
+ &shr ($len,2);
+ &data_byte(0xf3,0xa5); # rep movsl
+ &sub ($out,$chunk);
+ &mov ($len,$chunk);
+ &mov ($inp,$out);
+&set_label("${mode}_inp_aligned");
+ }
+ &lea ("eax",&DWP(-16,$ctx)); # ivp
+ &lea ("ebx",&DWP(16,$ctx)); # key
+ &shr ($len,4); # len/=AES_BLOCK_SIZE
+ &data_byte(0xf3,0x0f,0xa7,$opcode); # rep xcrypt*
+ if ($mode !~ /ecb|ctr/) {
+ &movaps ("xmm0",&QWP(0,"eax"));
+ &movaps (&QWP(-16,$ctx),"xmm0"); # copy [or refresh] iv
+ }
+ &mov ($out,&DWP(0,"ebp")); # restore parameters
+ &mov ($chunk,&DWP(12,"ebp"));
+ if ($mode eq "ctr32") {
+ &mov ($inp,&DWP(4,"ebp"));
+ &xor ($len,$len);
+&set_label("${mode}_xor");
+ &movups ("xmm1",&QWP(0,$inp,$len));
+ &lea ($len,&DWP(16,$len));
+ &pxor ("xmm1",&QWP(-16,"esp",$len));
+ &movups (&QWP(-16,$out,$len),"xmm1");
+ &cmp ($len,$chunk);
+ &jb (&label("${mode}_xor"));
+ } else {
+ &test ($out,0x0f);
+ &jz (&label("${mode}_out_aligned"));
+ &mov ($len,$chunk);
+ &lea ($inp,&DWP(0,"esp"));
+ &shr ($len,2);
+ &data_byte(0xf3,0xa5); # rep movsl
+ &sub ($out,$chunk);
+&set_label("${mode}_out_aligned");
+ &mov ($inp,&DWP(4,"ebp"));
+ }
+ &mov ($len,&DWP(8,"ebp"));
+ &add ($out,$chunk);
+ &add ($inp,$chunk);
+ &sub ($len,$chunk);
+ &mov ($chunk,$PADLOCK_CHUNK);
+ if (!$PADLOCK_PREFETCH{$mode}) {
+ &jnz (&label("${mode}_loop"));
+ } else {
+ &jz (&label("${mode}_break"));
+ &cmp ($len,$chunk);
+ &jae (&label("${mode}_loop"));
+
+&set_label("${mode}_unaligned_tail");
+ &xor ("eax","eax");
+ &cmp ("esp","ebp");
+ &cmove ("eax",$len);
+ &sub ("esp","eax"); # alloca
+ &mov ("eax", $out); # save parameters
+ &mov ($chunk,$len);
+ &shr ($len,2);
+ &lea ($out,&DWP(0,"esp"));
+ &data_byte(0xf3,0xa5); # rep movsl
+ &mov ($inp,"esp");
+ &mov ($out,"eax"); # restore parameters
+ &mov ($len,$chunk);
+ &jmp (&label("${mode}_loop"));
+
+&set_label("${mode}_break",16);
+ }
+ if ($mode ne "ctr32") {
+ &cmp ("esp","ebp");
+ &je (&label("${mode}_done"));
+ }
+ &pxor ("xmm0","xmm0");
+ &lea ("eax",&DWP(0,"esp"));
+&set_label("${mode}_bzero");
+ &movaps (&QWP(0,"eax"),"xmm0");
+ &lea ("eax",&DWP(16,"eax"));
+ &cmp ("ebp","eax");
+ &ja (&label("${mode}_bzero"));
+
+&set_label("${mode}_done");
+ &mov ("ebp",&DWP(16,"ebp"));
+ &lea ("esp",&DWP(24,"ebp"));
+ if ($mode ne "ctr32") {
+ &jmp (&label("${mode}_exit"));
+
+&set_label("${mode}_aligned",16);
+ if ($PADLOCK_PREFETCH{$mode}) {
+ &lea ("ebp",&DWP(0,$inp,$len));
+ &neg ("ebp");
+ &and ("ebp",0xfff); # distance to page boundary
+ &xor ("eax","eax");
+ &cmp ("ebp",$PADLOCK_PREFETCH{$mode});
+ &mov ("ebp",$PADLOCK_PREFETCH{$mode}-1);
+ &cmovae ("ebp","eax");
+ &and ("ebp",$len); # remainder
+ &sub ($len,"ebp");
+ &jz (&label("${mode}_aligned_tail"));
+ }
+ &lea ("eax",&DWP(-16,$ctx)); # ivp
+ &lea ("ebx",&DWP(16,$ctx)); # key
+ &shr ($len,4); # len/=AES_BLOCK_SIZE
+ &data_byte(0xf3,0x0f,0xa7,$opcode); # rep xcrypt*
+ if ($mode ne "ecb") {
+ &movaps ("xmm0",&QWP(0,"eax"));
+ &movaps (&QWP(-16,$ctx),"xmm0"); # copy [or refresh] iv
+ }
+ if ($PADLOCK_PREFETCH{$mode}) {
+ &test ("ebp","ebp");
+ &jz (&label("${mode}_exit"));
+
+&set_label("${mode}_aligned_tail");
+ &mov ($len,"ebp");
+ &lea ("ebp",&DWP(-24,"esp"));
+ &mov ("esp","ebp");
+ &mov ("eax","ebp");
+ &sub ("esp",$len);
+ &and ("ebp",-16);
+ &and ("esp",-16);
+ &mov (&DWP(16,"ebp"),"eax");
+ &mov ("eax", $out); # save parameters
+ &mov ($chunk,$len);
+ &shr ($len,2);
+ &lea ($out,&DWP(0,"esp"));
+ &data_byte(0xf3,0xa5); # rep movsl
+ &mov ($inp,"esp");
+ &mov ($out,"eax"); # restore parameters
+ &mov ($len,$chunk);
+ &jmp (&label("${mode}_loop"));
+ }
+&set_label("${mode}_exit"); }
+ &mov ("eax",1);
+ &lea ("esp",&DWP(4,"esp")); # popf
+ &emms () if ($mode eq "ctr32");
+&set_label("${mode}_abort");
+&function_end("padlock_${mode}_encrypt");
+}
+
+&generate_mode("ecb",0xc8);
+&generate_mode("cbc",0xd0);
+&generate_mode("cfb",0xe0);
+&generate_mode("ofb",0xe8);
+&generate_mode("ctr32",0xc8); # yes, it implements own CTR with ECB opcode,
+ # because hardware CTR was introduced later
+ # and even has errata on certain C7 stepping.
+ # own implementation *always* works, though
+ # ~15% slower than dedicated hardware...
+
+&function_begin_B("padlock_xstore");
+ &push ("edi");
+ &mov ("edi",&wparam(0));
+ &mov ("edx",&wparam(1));
+ &data_byte(0x0f,0xa7,0xc0); # xstore
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_xstore");
+
+&function_begin_B("_win32_segv_handler");
+ &mov ("eax",1); # ExceptionContinueSearch
+ &mov ("edx",&wparam(0)); # *ExceptionRecord
+ &mov ("ecx",&wparam(2)); # *ContextRecord
+ &cmp (&DWP(0,"edx"),0xC0000005) # ExceptionRecord->ExceptionCode == STATUS_ACCESS_VIOLATION
+ &jne (&label("ret"));
+ &add (&DWP(184,"ecx"),4); # skip over rep sha*
+ &mov ("eax",0); # ExceptionContinueExecution
+&set_label("ret");
+ &ret ();
+&function_end_B("_win32_segv_handler");
+&safeseh("_win32_segv_handler") if ($::win32);
+
+&function_begin_B("padlock_sha1_oneshot");
+ &push ("edi");
+ &push ("esi");
+ &xor ("eax","eax");
+ &mov ("edi",&wparam(0));
+ &mov ("esi",&wparam(1));
+ &mov ("ecx",&wparam(2));
+ if ($::win32 or $::coff) {
+ &push (&::islabel("_win32_segv_handler"));
+ &data_byte(0x64,0xff,0x30); # push %fs:(%eax)
+ &data_byte(0x64,0x89,0x20); # mov %esp,%fs:(%eax)
+ }
+ &mov ("edx","esp"); # put aside %esp
+ &add ("esp",-128); # 32 is enough but spec says 128
+ &movups ("xmm0",&QWP(0,"edi")); # copy-in context
+ &and ("esp",-16);
+ &mov ("eax",&DWP(16,"edi"));
+ &movaps (&QWP(0,"esp"),"xmm0");
+ &mov ("edi","esp");
+ &mov (&DWP(16,"esp"),"eax");
+ &xor ("eax","eax");
+ &data_byte(0xf3,0x0f,0xa6,0xc8); # rep xsha1
+ &movaps ("xmm0",&QWP(0,"esp"));
+ &mov ("eax",&DWP(16,"esp"));
+ &mov ("esp","edx"); # restore %esp
+ if ($::win32 or $::coff) {
+ &data_byte(0x64,0x8f,0x05,0,0,0,0); # pop %fs:0
+ &lea ("esp",&DWP(4,"esp"));
+ }
+ &mov ("edi",&wparam(0));
+ &movups (&QWP(0,"edi"),"xmm0"); # copy-out context
+ &mov (&DWP(16,"edi"),"eax");
+ &pop ("esi");
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_sha1_oneshot");
+
+&function_begin_B("padlock_sha1_blocks");
+ &push ("edi");
+ &push ("esi");
+ &mov ("edi",&wparam(0));
+ &mov ("esi",&wparam(1));
+ &mov ("edx","esp"); # put aside %esp
+ &mov ("ecx",&wparam(2));
+ &add ("esp",-128);
+ &movups ("xmm0",&QWP(0,"edi")); # copy-in context
+ &and ("esp",-16);
+ &mov ("eax",&DWP(16,"edi"));
+ &movaps (&QWP(0,"esp"),"xmm0");
+ &mov ("edi","esp");
+ &mov (&DWP(16,"esp"),"eax");
+ &mov ("eax",-1);
+ &data_byte(0xf3,0x0f,0xa6,0xc8); # rep xsha1
+ &movaps ("xmm0",&QWP(0,"esp"));
+ &mov ("eax",&DWP(16,"esp"));
+ &mov ("esp","edx"); # restore %esp
+ &mov ("edi",&wparam(0));
+ &movups (&QWP(0,"edi"),"xmm0"); # copy-out context
+ &mov (&DWP(16,"edi"),"eax");
+ &pop ("esi");
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_sha1_blocks");
+
+&function_begin_B("padlock_sha256_oneshot");
+ &push ("edi");
+ &push ("esi");
+ &xor ("eax","eax");
+ &mov ("edi",&wparam(0));
+ &mov ("esi",&wparam(1));
+ &mov ("ecx",&wparam(2));
+ if ($::win32 or $::coff) {
+ &push (&::islabel("_win32_segv_handler"));
+ &data_byte(0x64,0xff,0x30); # push %fs:(%eax)
+ &data_byte(0x64,0x89,0x20); # mov %esp,%fs:(%eax)
+ }
+ &mov ("edx","esp"); # put aside %esp
+ &add ("esp",-128);
+ &movups ("xmm0",&QWP(0,"edi")); # copy-in context
+ &and ("esp",-16);
+ &movups ("xmm1",&QWP(16,"edi"));
+ &movaps (&QWP(0,"esp"),"xmm0");
+ &mov ("edi","esp");
+ &movaps (&QWP(16,"esp"),"xmm1");
+ &xor ("eax","eax");
+ &data_byte(0xf3,0x0f,0xa6,0xd0); # rep xsha256
+ &movaps ("xmm0",&QWP(0,"esp"));
+ &movaps ("xmm1",&QWP(16,"esp"));
+ &mov ("esp","edx"); # restore %esp
+ if ($::win32 or $::coff) {
+ &data_byte(0x64,0x8f,0x05,0,0,0,0); # pop %fs:0
+ &lea ("esp",&DWP(4,"esp"));
+ }
+ &mov ("edi",&wparam(0));
+ &movups (&QWP(0,"edi"),"xmm0"); # copy-out context
+ &movups (&QWP(16,"edi"),"xmm1");
+ &pop ("esi");
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_sha256_oneshot");
+
+&function_begin_B("padlock_sha256_blocks");
+ &push ("edi");
+ &push ("esi");
+ &mov ("edi",&wparam(0));
+ &mov ("esi",&wparam(1));
+ &mov ("ecx",&wparam(2));
+ &mov ("edx","esp"); # put aside %esp
+ &add ("esp",-128);
+ &movups ("xmm0",&QWP(0,"edi")); # copy-in context
+ &and ("esp",-16);
+ &movups ("xmm1",&QWP(16,"edi"));
+ &movaps (&QWP(0,"esp"),"xmm0");
+ &mov ("edi","esp");
+ &movaps (&QWP(16,"esp"),"xmm1");
+ &mov ("eax",-1);
+ &data_byte(0xf3,0x0f,0xa6,0xd0); # rep xsha256
+ &movaps ("xmm0",&QWP(0,"esp"));
+ &movaps ("xmm1",&QWP(16,"esp"));
+ &mov ("esp","edx"); # restore %esp
+ &mov ("edi",&wparam(0));
+ &movups (&QWP(0,"edi"),"xmm0"); # copy-out context
+ &movups (&QWP(16,"edi"),"xmm1");
+ &pop ("esi");
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_sha256_blocks");
+
+&function_begin_B("padlock_sha512_blocks");
+ &push ("edi");
+ &push ("esi");
+ &mov ("edi",&wparam(0));
+ &mov ("esi",&wparam(1));
+ &mov ("ecx",&wparam(2));
+ &mov ("edx","esp"); # put aside %esp
+ &add ("esp",-128);
+ &movups ("xmm0",&QWP(0,"edi")); # copy-in context
+ &and ("esp",-16);
+ &movups ("xmm1",&QWP(16,"edi"));
+ &movups ("xmm2",&QWP(32,"edi"));
+ &movups ("xmm3",&QWP(48,"edi"));
+ &movaps (&QWP(0,"esp"),"xmm0");
+ &mov ("edi","esp");
+ &movaps (&QWP(16,"esp"),"xmm1");
+ &movaps (&QWP(32,"esp"),"xmm2");
+ &movaps (&QWP(48,"esp"),"xmm3");
+ &data_byte(0xf3,0x0f,0xa6,0xe0); # rep xsha512
+ &movaps ("xmm0",&QWP(0,"esp"));
+ &movaps ("xmm1",&QWP(16,"esp"));
+ &movaps ("xmm2",&QWP(32,"esp"));
+ &movaps ("xmm3",&QWP(48,"esp"));
+ &mov ("esp","edx"); # restore %esp
+ &mov ("edi",&wparam(0));
+ &movups (&QWP(0,"edi"),"xmm0"); # copy-out context
+ &movups (&QWP(16,"edi"),"xmm1");
+ &movups (&QWP(32,"edi"),"xmm2");
+ &movups (&QWP(48,"edi"),"xmm3");
+ &pop ("esi");
+ &pop ("edi");
+ &ret ();
+&function_end_B("padlock_sha512_blocks");
+
+&asciz ("VIA Padlock x86 module, CRYPTOGAMS by <appro\@openssl.org>");
+&align (16);
+
+&dataseg();
+# Essentially this variable belongs in thread local storage.
+# Having this variable global on the other hand can only cause
+# few bogus key reloads [if any at all on signle-CPU system],
+# so we accept the penalty...
+&set_label("padlock_saved_context",4);
+&data_word(0);
+
+&asm_finish();
+
+close STDOUT;
diff --git a/engines/asm/e_padlock-x86_64.pl b/engines/asm/e_padlock-x86_64.pl
new file mode 100755
index 000000000000..09b0aaa48dfe
--- /dev/null
+++ b/engines/asm/e_padlock-x86_64.pl
@@ -0,0 +1,583 @@
+#! /usr/bin/env perl
+# Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# September 2011
+#
+# Assembler helpers for Padlock engine. See even e_padlock-x86.pl for
+# details.
+
+$flavour = shift;
+$output = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../crypto/perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
+*STDOUT=*OUT;
+
+$code=".text\n";
+
+%PADLOCK_PREFETCH=(ecb=>128, cbc=>64, ctr32=>32); # prefetch errata
+$PADLOCK_CHUNK=512; # Must be a power of 2 between 32 and 2^20
+
+$ctx="%rdx";
+$out="%rdi";
+$inp="%rsi";
+$len="%rcx";
+$chunk="%rbx";
+
+($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
+ ("%rdi","%rsi","%rdx","%rcx"); # Unix order
+
+$code.=<<___;
+.globl padlock_capability
+.type padlock_capability,\@abi-omnipotent
+.align 16
+padlock_capability:
+ mov %rbx,%r8
+ xor %eax,%eax
+ cpuid
+ xor %eax,%eax
+ cmp \$`"0x".unpack("H*",'tneC')`,%ebx
+ jne .Lzhaoxin
+ cmp \$`"0x".unpack("H*",'Hrua')`,%edx
+ jne .Lnoluck
+ cmp \$`"0x".unpack("H*",'slua')`,%ecx
+ jne .Lnoluck
+ jmp .LzhaoxinEnd
+.Lzhaoxin:
+ cmp \$`"0x".unpack("H*",'hS ')`,%ebx
+ jne .Lnoluck
+ cmp \$`"0x".unpack("H*",'hgna')`,%edx
+ jne .Lnoluck
+ cmp \$`"0x".unpack("H*",' ia')`,%ecx
+ jne .Lnoluck
+.LzhaoxinEnd:
+ mov \$0xC0000000,%eax
+ cpuid
+ mov %eax,%edx
+ xor %eax,%eax
+ cmp \$0xC0000001,%edx
+ jb .Lnoluck
+ mov \$0xC0000001,%eax
+ cpuid
+ mov %edx,%eax
+ and \$0xffffffef,%eax
+ or \$0x10,%eax # set Nano bit#4
+.Lnoluck:
+ mov %r8,%rbx
+ ret
+.size padlock_capability,.-padlock_capability
+
+.globl padlock_key_bswap
+.type padlock_key_bswap,\@abi-omnipotent,0
+.align 16
+padlock_key_bswap:
+ mov 240($arg1),%edx
+.Lbswap_loop:
+ mov ($arg1),%eax
+ bswap %eax
+ mov %eax,($arg1)
+ lea 4($arg1),$arg1
+ sub \$1,%edx
+ jnz .Lbswap_loop
+ ret
+.size padlock_key_bswap,.-padlock_key_bswap
+
+.globl padlock_verify_context
+.type padlock_verify_context,\@abi-omnipotent
+.align 16
+padlock_verify_context:
+ mov $arg1,$ctx
+ pushf
+ lea .Lpadlock_saved_context(%rip),%rax
+ call _padlock_verify_ctx
+ lea 8(%rsp),%rsp
+ ret
+.size padlock_verify_context,.-padlock_verify_context
+
+.type _padlock_verify_ctx,\@abi-omnipotent
+.align 16
+_padlock_verify_ctx:
+ mov 8(%rsp),%r8
+ bt \$30,%r8
+ jnc .Lverified
+ cmp (%rax),$ctx
+ je .Lverified
+ pushf
+ popf
+.Lverified:
+ mov $ctx,(%rax)
+ ret
+.size _padlock_verify_ctx,.-_padlock_verify_ctx
+
+.globl padlock_reload_key
+.type padlock_reload_key,\@abi-omnipotent
+.align 16
+padlock_reload_key:
+ pushf
+ popf
+ ret
+.size padlock_reload_key,.-padlock_reload_key
+
+.globl padlock_aes_block
+.type padlock_aes_block,\@function,3
+.align 16
+padlock_aes_block:
+ mov %rbx,%r8
+ mov \$1,$len
+ lea 32($ctx),%rbx # key
+ lea 16($ctx),$ctx # control word
+ .byte 0xf3,0x0f,0xa7,0xc8 # rep xcryptecb
+ mov %r8,%rbx
+ ret
+.size padlock_aes_block,.-padlock_aes_block
+
+.globl padlock_xstore
+.type padlock_xstore,\@function,2
+.align 16
+padlock_xstore:
+ mov %esi,%edx
+ .byte 0x0f,0xa7,0xc0 # xstore
+ ret
+.size padlock_xstore,.-padlock_xstore
+
+.globl padlock_sha1_oneshot
+.type padlock_sha1_oneshot,\@function,3
+.align 16
+padlock_sha1_oneshot:
+ mov %rdx,%rcx
+ mov %rdi,%rdx # put aside %rdi
+ movups (%rdi),%xmm0 # copy-in context
+ sub \$128+8,%rsp
+ mov 16(%rdi),%eax
+ movaps %xmm0,(%rsp)
+ mov %rsp,%rdi
+ mov %eax,16(%rsp)
+ xor %rax,%rax
+ .byte 0xf3,0x0f,0xa6,0xc8 # rep xsha1
+ movaps (%rsp),%xmm0
+ mov 16(%rsp),%eax
+ add \$128+8,%rsp
+ movups %xmm0,(%rdx) # copy-out context
+ mov %eax,16(%rdx)
+ ret
+.size padlock_sha1_oneshot,.-padlock_sha1_oneshot
+
+.globl padlock_sha1_blocks
+.type padlock_sha1_blocks,\@function,3
+.align 16
+padlock_sha1_blocks:
+ mov %rdx,%rcx
+ mov %rdi,%rdx # put aside %rdi
+ movups (%rdi),%xmm0 # copy-in context
+ sub \$128+8,%rsp
+ mov 16(%rdi),%eax
+ movaps %xmm0,(%rsp)
+ mov %rsp,%rdi
+ mov %eax,16(%rsp)
+ mov \$-1,%rax
+ .byte 0xf3,0x0f,0xa6,0xc8 # rep xsha1
+ movaps (%rsp),%xmm0
+ mov 16(%rsp),%eax
+ add \$128+8,%rsp
+ movups %xmm0,(%rdx) # copy-out context
+ mov %eax,16(%rdx)
+ ret
+.size padlock_sha1_blocks,.-padlock_sha1_blocks
+
+.globl padlock_sha256_oneshot
+.type padlock_sha256_oneshot,\@function,3
+.align 16
+padlock_sha256_oneshot:
+ mov %rdx,%rcx
+ mov %rdi,%rdx # put aside %rdi
+ movups (%rdi),%xmm0 # copy-in context
+ sub \$128+8,%rsp
+ movups 16(%rdi),%xmm1
+ movaps %xmm0,(%rsp)
+ mov %rsp,%rdi
+ movaps %xmm1,16(%rsp)
+ xor %rax,%rax
+ .byte 0xf3,0x0f,0xa6,0xd0 # rep xsha256
+ movaps (%rsp),%xmm0
+ movaps 16(%rsp),%xmm1
+ add \$128+8,%rsp
+ movups %xmm0,(%rdx) # copy-out context
+ movups %xmm1,16(%rdx)
+ ret
+.size padlock_sha256_oneshot,.-padlock_sha256_oneshot
+
+.globl padlock_sha256_blocks
+.type padlock_sha256_blocks,\@function,3
+.align 16
+padlock_sha256_blocks:
+ mov %rdx,%rcx
+ mov %rdi,%rdx # put aside %rdi
+ movups (%rdi),%xmm0 # copy-in context
+ sub \$128+8,%rsp
+ movups 16(%rdi),%xmm1
+ movaps %xmm0,(%rsp)
+ mov %rsp,%rdi
+ movaps %xmm1,16(%rsp)
+ mov \$-1,%rax
+ .byte 0xf3,0x0f,0xa6,0xd0 # rep xsha256
+ movaps (%rsp),%xmm0
+ movaps 16(%rsp),%xmm1
+ add \$128+8,%rsp
+ movups %xmm0,(%rdx) # copy-out context
+ movups %xmm1,16(%rdx)
+ ret
+.size padlock_sha256_blocks,.-padlock_sha256_blocks
+
+.globl padlock_sha512_blocks
+.type padlock_sha512_blocks,\@function,3
+.align 16
+padlock_sha512_blocks:
+ mov %rdx,%rcx
+ mov %rdi,%rdx # put aside %rdi
+ movups (%rdi),%xmm0 # copy-in context
+ sub \$128+8,%rsp
+ movups 16(%rdi),%xmm1
+ movups 32(%rdi),%xmm2
+ movups 48(%rdi),%xmm3
+ movaps %xmm0,(%rsp)
+ mov %rsp,%rdi
+ movaps %xmm1,16(%rsp)
+ movaps %xmm2,32(%rsp)
+ movaps %xmm3,48(%rsp)
+ .byte 0xf3,0x0f,0xa6,0xe0 # rep xha512
+ movaps (%rsp),%xmm0
+ movaps 16(%rsp),%xmm1
+ movaps 32(%rsp),%xmm2
+ movaps 48(%rsp),%xmm3
+ add \$128+8,%rsp
+ movups %xmm0,(%rdx) # copy-out context
+ movups %xmm1,16(%rdx)
+ movups %xmm2,32(%rdx)
+ movups %xmm3,48(%rdx)
+ ret
+.size padlock_sha512_blocks,.-padlock_sha512_blocks
+___
+
+sub generate_mode {
+my ($mode,$opcode) = @_;
+# int padlock_$mode_encrypt(void *out, const void *inp,
+# struct padlock_cipher_data *ctx, size_t len);
+$code.=<<___;
+.globl padlock_${mode}_encrypt
+.type padlock_${mode}_encrypt,\@function,4
+.align 16
+padlock_${mode}_encrypt:
+ push %rbp
+ push %rbx
+
+ xor %eax,%eax
+ test \$15,$ctx
+ jnz .L${mode}_abort
+ test \$15,$len
+ jnz .L${mode}_abort
+ lea .Lpadlock_saved_context(%rip),%rax
+ pushf
+ cld
+ call _padlock_verify_ctx
+ lea 16($ctx),$ctx # control word
+ xor %eax,%eax
+ xor %ebx,%ebx
+ testl \$`1<<5`,($ctx) # align bit in control word
+ jnz .L${mode}_aligned
+ test \$0x0f,$out
+ setz %al # !out_misaligned
+ test \$0x0f,$inp
+ setz %bl # !inp_misaligned
+ test %ebx,%eax
+ jnz .L${mode}_aligned
+ neg %rax
+ mov \$$PADLOCK_CHUNK,$chunk
+ not %rax # out_misaligned?-1:0
+ lea (%rsp),%rbp
+ cmp $chunk,$len
+ cmovc $len,$chunk # chunk=len>PADLOCK_CHUNK?PADLOCK_CHUNK:len
+ and $chunk,%rax # out_misaligned?chunk:0
+ mov $len,$chunk
+ neg %rax
+ and \$$PADLOCK_CHUNK-1,$chunk # chunk%=PADLOCK_CHUNK
+ lea (%rax,%rbp),%rsp
+ mov \$$PADLOCK_CHUNK,%rax
+ cmovz %rax,$chunk # chunk=chunk?:PADLOCK_CHUNK
+___
+$code.=<<___ if ($mode eq "ctr32");
+.L${mode}_reenter:
+ mov -4($ctx),%eax # pull 32-bit counter
+ bswap %eax
+ neg %eax
+ and \$`$PADLOCK_CHUNK/16-1`,%eax
+ mov \$$PADLOCK_CHUNK,$chunk
+ shl \$4,%eax
+ cmovz $chunk,%rax
+ cmp %rax,$len
+ cmova %rax,$chunk # don't let counter cross PADLOCK_CHUNK
+ cmovbe $len,$chunk
+___
+$code.=<<___ if ($PADLOCK_PREFETCH{$mode});
+ cmp $chunk,$len
+ ja .L${mode}_loop
+ mov $inp,%rax # check if prefetch crosses page
+ cmp %rsp,%rbp
+ cmove $out,%rax
+ add $len,%rax
+ neg %rax
+ and \$0xfff,%rax # distance to page boundary
+ cmp \$$PADLOCK_PREFETCH{$mode},%rax
+ mov \$-$PADLOCK_PREFETCH{$mode},%rax
+ cmovae $chunk,%rax # mask=distance<prefetch?-prefetch:-1
+ and %rax,$chunk
+ jz .L${mode}_unaligned_tail
+___
+$code.=<<___;
+ jmp .L${mode}_loop
+.align 16
+.L${mode}_loop:
+ cmp $len,$chunk # ctr32 artefact
+ cmova $len,$chunk # ctr32 artefact
+ mov $out,%r8 # save parameters
+ mov $inp,%r9
+ mov $len,%r10
+ mov $chunk,$len
+ mov $chunk,%r11
+ test \$0x0f,$out # out_misaligned
+ cmovnz %rsp,$out
+ test \$0x0f,$inp # inp_misaligned
+ jz .L${mode}_inp_aligned
+ shr \$3,$len
+ .byte 0xf3,0x48,0xa5 # rep movsq
+ sub $chunk,$out
+ mov $chunk,$len
+ mov $out,$inp
+.L${mode}_inp_aligned:
+ lea -16($ctx),%rax # ivp
+ lea 16($ctx),%rbx # key
+ shr \$4,$len
+ .byte 0xf3,0x0f,0xa7,$opcode # rep xcrypt*
+___
+$code.=<<___ if ($mode !~ /ecb|ctr/);
+ movdqa (%rax),%xmm0
+ movdqa %xmm0,-16($ctx) # copy [or refresh] iv
+___
+$code.=<<___ if ($mode eq "ctr32");
+ mov -4($ctx),%eax # pull 32-bit counter
+ test \$0xffff0000,%eax
+ jnz .L${mode}_no_carry
+ bswap %eax
+ add \$0x10000,%eax
+ bswap %eax
+ mov %eax,-4($ctx)
+.L${mode}_no_carry:
+___
+$code.=<<___;
+ mov %r8,$out # restore parameters
+ mov %r11,$chunk
+ test \$0x0f,$out
+ jz .L${mode}_out_aligned
+ mov $chunk,$len
+ lea (%rsp),$inp
+ shr \$3,$len
+ .byte 0xf3,0x48,0xa5 # rep movsq
+ sub $chunk,$out
+.L${mode}_out_aligned:
+ mov %r9,$inp
+ mov %r10,$len
+ add $chunk,$out
+ add $chunk,$inp
+ sub $chunk,$len
+ mov \$$PADLOCK_CHUNK,$chunk
+___
+ if (!$PADLOCK_PREFETCH{$mode}) {
+$code.=<<___;
+ jnz .L${mode}_loop
+___
+ } else {
+$code.=<<___;
+ jz .L${mode}_break
+ cmp $chunk,$len
+ jae .L${mode}_loop
+___
+$code.=<<___ if ($mode eq "ctr32");
+ mov $len,$chunk
+ mov $inp,%rax # check if prefetch crosses page
+ cmp %rsp,%rbp
+ cmove $out,%rax
+ add $len,%rax
+ neg %rax
+ and \$0xfff,%rax # distance to page boundary
+ cmp \$$PADLOCK_PREFETCH{$mode},%rax
+ mov \$-$PADLOCK_PREFETCH{$mode},%rax
+ cmovae $chunk,%rax
+ and %rax,$chunk
+ jnz .L${mode}_loop
+___
+$code.=<<___;
+.L${mode}_unaligned_tail:
+ xor %eax,%eax
+ cmp %rsp,%rbp
+ cmove $len,%rax
+ mov $out,%r8 # save parameters
+ mov $len,$chunk
+ sub %rax,%rsp # alloca
+ shr \$3,$len
+ lea (%rsp),$out
+ .byte 0xf3,0x48,0xa5 # rep movsq
+ mov %rsp,$inp
+ mov %r8, $out # restore parameters
+ mov $chunk,$len
+ jmp .L${mode}_loop
+.align 16
+.L${mode}_break:
+___
+ }
+$code.=<<___;
+ cmp %rbp,%rsp
+ je .L${mode}_done
+
+ pxor %xmm0,%xmm0
+ lea (%rsp),%rax
+.L${mode}_bzero:
+ movaps %xmm0,(%rax)
+ lea 16(%rax),%rax
+ cmp %rax,%rbp
+ ja .L${mode}_bzero
+
+.L${mode}_done:
+ lea (%rbp),%rsp
+ jmp .L${mode}_exit
+
+.align 16
+.L${mode}_aligned:
+___
+$code.=<<___ if ($mode eq "ctr32");
+ mov -4($ctx),%eax # pull 32-bit counter
+ bswap %eax
+ neg %eax
+ and \$0xffff,%eax
+ mov \$`16*0x10000`,$chunk
+ shl \$4,%eax
+ cmovz $chunk,%rax
+ cmp %rax,$len
+ cmova %rax,$chunk # don't let counter cross 2^16
+ cmovbe $len,$chunk
+ jbe .L${mode}_aligned_skip
+
+.L${mode}_aligned_loop:
+ mov $len,%r10 # save parameters
+ mov $chunk,$len
+ mov $chunk,%r11
+
+ lea -16($ctx),%rax # ivp
+ lea 16($ctx),%rbx # key
+ shr \$4,$len # len/=AES_BLOCK_SIZE
+ .byte 0xf3,0x0f,0xa7,$opcode # rep xcrypt*
+
+ mov -4($ctx),%eax # pull 32-bit counter
+ bswap %eax
+ add \$0x10000,%eax
+ bswap %eax
+ mov %eax,-4($ctx)
+
+ mov %r10,$len # restore parameters
+ sub %r11,$len
+ mov \$`16*0x10000`,$chunk
+ jz .L${mode}_exit
+ cmp $chunk,$len
+ jae .L${mode}_aligned_loop
+
+.L${mode}_aligned_skip:
+___
+$code.=<<___ if ($PADLOCK_PREFETCH{$mode});
+ lea ($inp,$len),%rbp
+ neg %rbp
+ and \$0xfff,%rbp # distance to page boundary
+ xor %eax,%eax
+ cmp \$$PADLOCK_PREFETCH{$mode},%rbp
+ mov \$$PADLOCK_PREFETCH{$mode}-1,%rbp
+ cmovae %rax,%rbp
+ and $len,%rbp # remainder
+ sub %rbp,$len
+ jz .L${mode}_aligned_tail
+___
+$code.=<<___;
+ lea -16($ctx),%rax # ivp
+ lea 16($ctx),%rbx # key
+ shr \$4,$len # len/=AES_BLOCK_SIZE
+ .byte 0xf3,0x0f,0xa7,$opcode # rep xcrypt*
+___
+$code.=<<___ if ($mode !~ /ecb|ctr/);
+ movdqa (%rax),%xmm0
+ movdqa %xmm0,-16($ctx) # copy [or refresh] iv
+___
+$code.=<<___ if ($PADLOCK_PREFETCH{$mode});
+ test %rbp,%rbp # check remainder
+ jz .L${mode}_exit
+
+.L${mode}_aligned_tail:
+ mov $out,%r8
+ mov %rbp,$chunk
+ mov %rbp,$len
+ lea (%rsp),%rbp
+ sub $len,%rsp
+ shr \$3,$len
+ lea (%rsp),$out
+ .byte 0xf3,0x48,0xa5 # rep movsq
+ lea (%r8),$out
+ lea (%rsp),$inp
+ mov $chunk,$len
+ jmp .L${mode}_loop
+___
+$code.=<<___;
+.L${mode}_exit:
+ mov \$1,%eax
+ lea 8(%rsp),%rsp
+.L${mode}_abort:
+ pop %rbx
+ pop %rbp
+ ret
+.size padlock_${mode}_encrypt,.-padlock_${mode}_encrypt
+___
+}
+
+&generate_mode("ecb",0xc8);
+&generate_mode("cbc",0xd0);
+&generate_mode("cfb",0xe0);
+&generate_mode("ofb",0xe8);
+&generate_mode("ctr32",0xd8); # all 64-bit CPUs have working CTR...
+
+$code.=<<___;
+.asciz "VIA Padlock x86_64 module, CRYPTOGAMS by <appro\@openssl.org>"
+.align 16
+.data
+.align 8
+.Lpadlock_saved_context:
+ .quad 0
+___
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/engines/build.info b/engines/build.info
new file mode 100644
index 000000000000..df173ea69d91
--- /dev/null
+++ b/engines/build.info
@@ -0,0 +1,43 @@
+IF[{- !$disabled{"engine"} -}]
+
+ IF[{- $disabled{"dynamic-engine"} -}]
+ LIBS=../libcrypto
+ SOURCE[../libcrypto]=\
+ e_padlock.c {- $target{padlock_asm_src} -}
+ IF[{- !$disabled{capieng} -}]
+ SOURCE[../libcrypto]=e_capi.c
+ ENDIF
+ IF[{- !$disabled{afalgeng} -}]
+ SOURCE[../libcrypto]=e_afalg.c
+ ENDIF
+ ELSE
+ ENGINES=padlock
+ SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -}
+ DEPEND[padlock]=../libcrypto
+ INCLUDE[padlock]=../include
+ IF[{- !$disabled{capieng} -}]
+ ENGINES=capi
+ SOURCE[capi]=e_capi.c
+ DEPEND[capi]=../libcrypto
+ INCLUDE[capi]=../include
+ ENDIF
+ IF[{- !$disabled{afalgeng} -}]
+ ENGINES=afalg
+ SOURCE[afalg]=e_afalg.c
+ DEPEND[afalg]=../libcrypto
+ INCLUDE[afalg]= ../include
+ ENDIF
+
+ ENGINES_NO_INST=ossltest dasync
+ SOURCE[dasync]=e_dasync.c
+ DEPEND[dasync]=../libcrypto
+ INCLUDE[dasync]=../include
+ SOURCE[ossltest]=e_ossltest.c
+ DEPEND[ossltest]=../libcrypto
+ INCLUDE[ossltest]=../include
+ ENDIF
+
+ GENERATE[e_padlock-x86.s]=asm/e_padlock-x86.pl \
+ $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR)
+ GENERATE[e_padlock-x86_64.s]=asm/e_padlock-x86_64.pl $(PERLASM_SCHEME)
+ENDIF
diff --git a/engines/ccgost/Makefile b/engines/ccgost/Makefile
deleted file mode 100644
index f378530c8642..000000000000
--- a/engines/ccgost/Makefile
+++ /dev/null
@@ -1,276 +0,0 @@
-DIR=ccgost
-TOP=../..
-CC=cc
-INCLUDES= -I../../include
-CFLAG=-g
-MAKEFILE= Makefile
-AR= ar r
-CFLAGS= $(INCLUDES) $(CFLAG)
-LIB=$(TOP)/libcrypto.a
-
-LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
-
-LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost94_keyx.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_params.o gost_pmeth.o gost_sign.o
-
-SRC=$(LIBSRC)
-
-LIBNAME=gost
-
-top:
- (cd $(TOP); $(MAKE) DIRS=engines EDIRS=$(DIR) sub_all)
-
-all: lib
-
-tags:
- ctags $(SRC)
-
-errors:
- $(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC)
-
-lib: $(LIBOBJ)
- if [ -n "$(SHARED_LIBS)" ]; then \
- $(MAKE) -f $(TOP)/Makefile.shared -e \
- LIBNAME=$(LIBNAME) \
- LIBEXTRAS='$(LIBOBJ)' \
- LIBDEPS='-L$(TOP) -lcrypto $(EX_LIBS)' \
- link_o.$(SHLIB_TARGET); \
- else \
- $(AR) $(LIB) $(LIBOBJ); \
- fi
- @touch lib
-
-install:
- [ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
- if [ -n "$(SHARED_LIBS)" ]; then \
- set -e; \
- echo installing $(LIBNAME); \
- pfx=lib; \
- if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
- sfx=".so"; \
- cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- else \
- case "$(CFLAGS)" in \
- *DSO_BEOS*) sfx=".so";; \
- *DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \
- *DSO_DL*) sfx=".sl";; \
- *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
- *) sfx=".bad";; \
- esac; \
- cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- fi; \
- chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
- mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
- fi
-
-links:
-
-tests:
-
-update: local_depend
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
-
-depend: local_depend
- @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
-local_depend:
- @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
-
-files:
- $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
-
-lint:
- lint -DLINT $(INCLUDES) $(SRC)>fluff
-
-dclean:
- $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
- mv -f Makefile.new $(MAKEFILE)
-
-clean:
- rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll
-
-# DO NOT DELETE THIS LINE -- make depend depends on it.
-
-gost2001.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost2001.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost2001.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost2001.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost2001.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost2001.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost2001.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-gost2001.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost2001.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-gost2001.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost2001.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-gost2001.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-gost2001.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-gost2001.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-gost2001.o: e_gost_err.h gost2001.c gost89.h gost_lcl.h gost_params.h
-gost2001.o: gosthash.h
-gost2001_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost2001_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost2001_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost2001_keyx.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost2001_keyx.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost2001_keyx.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost2001_keyx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-gost2001_keyx.o: ../../include/openssl/obj_mac.h
-gost2001_keyx.o: ../../include/openssl/objects.h
-gost2001_keyx.o: ../../include/openssl/opensslconf.h
-gost2001_keyx.o: ../../include/openssl/opensslv.h
-gost2001_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-gost2001_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-gost2001_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost2001_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost2001_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost2001_keyx.c
-gost2001_keyx.o: gost2001_keyx.h gost89.h gost_keywrap.h gost_lcl.h gosthash.h
-gost89.o: gost89.c gost89.h
-gost94_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost94_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost94_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost94_keyx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-gost94_keyx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-gost94_keyx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-gost94_keyx.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-gost94_keyx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost94_keyx.o: ../../include/openssl/objects.h
-gost94_keyx.o: ../../include/openssl/opensslconf.h
-gost94_keyx.o: ../../include/openssl/opensslv.h
-gost94_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-gost94_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
-gost94_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost94_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
-gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h
-gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
-gost_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-gost_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-gost_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-gost_ameth.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-gost_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-gost_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-gost_ameth.o: ../../include/openssl/opensslconf.h
-gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-gost_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost_ameth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
-gost_ameth.o: gost_ameth.c gost_lcl.h gost_params.h gosthash.h
-gost_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-gost_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-gost_asn1.o: ../../include/openssl/opensslconf.h
-gost_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-gost_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost_asn1.o: ../../include/openssl/x509_vfy.h gost89.h gost_asn1.c gost_lcl.h
-gost_asn1.o: gosthash.h
-gost_crypt.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_crypt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_crypt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_crypt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_crypt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_crypt.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_crypt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-gost_crypt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-gost_crypt.o: ../../include/openssl/opensslconf.h
-gost_crypt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_crypt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-gost_crypt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-gost_crypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-gost_crypt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-gost_crypt.o: e_gost_err.h gost89.h gost_crypt.c gost_lcl.h gosthash.h
-gost_ctl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_ctl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_ctl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_ctl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_ctl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_ctl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_ctl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-gost_ctl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost_ctl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-gost_ctl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_ctl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-gost_ctl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost_ctl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost_ctl.o: ../../include/openssl/x509_vfy.h gost89.h gost_ctl.c gost_lcl.h
-gost_ctl.o: gosthash.h
-gost_eng.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_eng.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-gost_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-gost_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-gost_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost_eng.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_eng.c
-gost_eng.o: gost_lcl.h gosthash.h
-gost_keywrap.o: gost89.h gost_keywrap.c gost_keywrap.h
-gost_md.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_md.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_md.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_md.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_md.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-gost_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-gost_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-gost_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-gost_md.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-gost_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-gost_md.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-gost_md.o: e_gost_err.h gost89.h gost_lcl.h gost_md.c gosthash.h
-gost_params.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-gost_params.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-gost_params.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-gost_params.o: ../../include/openssl/opensslconf.h
-gost_params.o: ../../include/openssl/opensslv.h
-gost_params.o: ../../include/openssl/ossl_typ.h
-gost_params.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-gost_params.o: ../../include/openssl/symhacks.h gost_params.c gost_params.h
-gost_pmeth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-gost_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
-gost_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-gost_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-gost_pmeth.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
-gost_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost_pmeth.o: ../../include/openssl/objects.h
-gost_pmeth.o: ../../include/openssl/opensslconf.h
-gost_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-gost_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-gost_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-gost_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-gost_pmeth.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_pmeth.c
-gost_pmeth.o: gosthash.h
-gost_sign.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
-gost_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-gost_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-gost_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-gost_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
-gost_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
-gost_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-gost_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-gost_sign.o: ../../include/openssl/objects.h
-gost_sign.o: ../../include/openssl/opensslconf.h
-gost_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-gost_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
-gost_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-gost_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-gost_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-gost_sign.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_sign.c
-gost_sign.o: gosthash.h
-gosthash.o: gost89.h gosthash.c gosthash.h
diff --git a/engines/ccgost/README.gost b/engines/ccgost/README.gost
deleted file mode 100644
index 80f7900d0987..000000000000
--- a/engines/ccgost/README.gost
+++ /dev/null
@@ -1,299 +0,0 @@
-GOST ENGINE
-
-This engine provides implementation of Russian cryptography standard.
-This is also an example of adding new cryptoalgorithms into OpenSSL
-without changing its core. If OpenSSL is compiled with dynamic engine
-support, new algorithms can be added even without recompilation of
-OpenSSL and applications which use it.
-
-ALGORITHMS SUPPORTED
-
-GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms.
- Also support key exchange based on public keys. See RFC 4357 for
- details of VKO key exchange algorithm. These algorithms use
- 256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for
- 2001 (which is elliptic-curve based). Key exchange algorithms
- (VKO R 34.10) are supported on these keys too.
-
-GOST R 34.11-94 Message digest algorithm. 256-bit hash value
-
-GOST 28147-89 - Symmetric cipher with 256-bit key. Various modes are
- defined in the standard, but only CFB and CNT modes are implemented
- in the engine. To make statistical analysis more difficult, key
- meshing is supported (see RFC 4357).
-
-GOST 28147-89 MAC mode. Message authentication code. While most MAC
- algorithms out there are based on hash functions using HMAC
- algorithm, this algoritm is based on symmetric cipher.
- It has 256-bit symmetric key and only 32 bits of MAC value
- (while HMAC has same key size and value size).
-
- It is implemented as combination of EVP_PKEY type and EVP_MD type.
-
-USAGE OF THESE ALGORITHMS
-
-This engine is designed to allow usage of this algorithms in the
-high-level openssl functions, such as PKI, S/MIME and TLS.
-
-See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI.
-TLS support is implemented according IETF
-draft-chudov-cryptopro-cptls-03.txt and is compatible with
-CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP.
-GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported
-because they use ciphersuite numbers used now by AES ciphersuites.
-
-To use the engine you have to load it via openssl configuration
-file. Applications should read openssl configuration file or provide
-their own means to load engines. Also, applications which operate with
-private keys, should use generic EVP_PKEY API instead of using RSA or
-other algorithm-specific API.
-
-CONFIGURATION FILE
-
-Configuration file should include following statement in the global
-section, i.e. before first bracketed section header (see config(5) for details)
-
- openssl_conf = openssl_def
-
-where openssl_def is name of the section in configuration file which
-describes global defaults.
-
-This section should contain following statement:
-
- [openssl_def]
- engines = engine_section
-
-which points to the section which describes list of the engines to be
-loaded. This section should contain:
-
- [engine_section]
- gost = gost_section
-
-And section which describes configuration of the engine should contain
-
- [gost_section]
- engine_id = gost
- dynamic_path = /usr/lib/ssl/engines/libgost.so
- default_algorithms = ALL
- CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
-
-Where engine_id parameter specifies name of engine (should be "gost").
-dynamic_path is a location of the loadable shared library implementing the
-engine. If the engine is compiled statically or is located in the OpenSSL
-engines directory, this line can be omitted.
-default_algorithms parameter specifies that all algorithms, provided by
-engine, should be used.
-
-The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose
-between different parameter sets of symmetric cipher algorithm. RFC 4357
-specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL
-doesn't provide user interface to choose one when encrypting. So use engine
-configuration parameter instead.
-
-Value of this parameter can be either short name, defined in OpenSSL
-obj_dat.h header file or numeric representation of OID, defined in RFC
-4357.
-
-USAGE WITH COMMAND LINE openssl UTILITY
-
-1. Generation of private key
-
- openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem
-
- Use -algorithm option to specify algorithm.
- Use -pkeyopt option to pass paramset to algorithm. The following paramsets
- are supported by
- gost94: 0,A,B,C,D,XA,XB,XC
- gost2001: 0,A,B,C,XA,XB
- You can also use numeric representation of OID as to destinate
- paramset.
-
- Paramsets starting with X are intended to use for key exchange keys.
- Paramsets without X are for digital signature keys.
-
- Paramset for both algorithms 0 is the test paramset which should be used
- only for test purposes.
-
-There are no algorithm-specific things with generation of certificate
-request once you have a private key.
-
-2. Generation of certificate request along with private/public keypar
-
- openssl req -newkey gost2001 -pkeyopt paramset:A
-
- Syntax of -pkeyopt parameter is identical with genpkey command.
-
- You can also use oldstyle syntax -newkey gost2001:paramfile, but in
- this case you should create parameter file first.
-
- It can be created with
-
- openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\
- -out paramfile.
-
-3. S/MIME operations
-
-If you want to send encrypted mail using GOST algorithms, don't forget
-to specify -gost89 as encryption algorithm for OpenSSL smime command.
-While OpenSSL is clever enough to find out that GOST R 34.11-94 digest
-must be used for digital signing with GOST private key, it have no way
-to derive symmetric encryption algorithm from key exchange keys.
-
-4. TLS operations
-
-OpenSSL supports all four ciphersuites defined in the IETF draft.
-Once you've loaded GOST key and certificate into your TLS server,
-ciphersuites which use GOST 28147-89 encryption are enabled.
-
-Ciphersuites with NULL encryption should be enabled explicitely if
-needed.
-
-GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange
- GOST 28147-89 for encryption and GOST 28147-89 MAC
-GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange
- GOST 28147-89 for encryption and GOST 28147-89 MAC
-GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange,
- no encryption and HMAC, based on GOST R 34.11-94
-GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange,
- no encryption and HMAC, based on GOST R 34.11-94
-
-Gost 94 and gost 2001 keys can be used simultaneously in the TLS server.
-RSA, DSA and EC keys can be used simultaneously with GOST keys, if
-server implementation supports loading more than two private
-key/certificate pairs. In this case ciphersuites which use any of loaded
-keys would be supported and clients can negotiate ones they wish.
-
-This allows creation of TLS servers which use GOST ciphersuites for
-Russian clients and RSA/DSA ciphersuites for foreign clients.
-
-5. Calculation of digests and symmetric encryption
- OpenSSL provides specific commands (like sha1, aes etc) for calculation
- of digests and symmetric encryption. Since such commands cannot be
- added dynamically, no such commands are provided for GOST algorithms.
- Use generic commands 'dgst' and 'enc'.
-
- Calculation of GOST R 34.11-94 message digest
-
- openssl dgst -md_gost94 datafile
-
- Note that GOST R 34.11-94 specifies that digest value should be
- interpreted as little-endian number, but OpenSSL outputs just hex dump
- of digest value.
-
- So, to obtain correct digest value, such as produced by gostsum utility
- included in the engine distribution, bytes of output should be
- reversed.
-
- Calculation of HMAC based on GOST R 34.11-94
-
- openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile
-
- (or use hexkey if key contain NUL bytes)
- Calculation of GOST 28147 MAC
-
- openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile
-
- Note absence of an option that specifies digest algorithm. gost-mac
- algorithm supports only one digest (which is actually part of
- implementation of this mac) and OpenSSL is clever enough to find out
- this.
-
- Encryption with GOST 28147 CFB mode
- openssl enc -gost89 -out encrypted-file -in plain-text-file -k <passphrase>
- Encryption with GOST 28147 CNT mode
- openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k <passphrase>
-
-
-6. Encrypting private keys and PKCS12
-
-To produce PKCS12 files compatible with MagPro CSP, you need to use
-GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94
-hash to derive key from password.
-
-openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\
- -certpbe gost89 -macalg md_gost94
-
-7. Testing speed of symmetric ciphers.
-
-To test performance of GOST symmetric ciphers you should use -evp switch
-of the openssl speed command. Engine-provided ciphers can be accessed only via
-generic evp interface and not by cipher-specific functions.
-
- openssl speed -evp gost89
- openssl speed -evp gost89-cnt
-
-
-PROGRAMMING INTERFACES DETAILS
-
-Applications should never access engine directly. They should only use provided
-EVP_PKEY API. But there are some details, which should be taken into
-account.
-
-EVP provides two kinds of API for key exchange:
-
-1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with
- RSA-like public key encryption algorithms
-
-2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key
-computing algorithms.
-
-Although VKO R 34.10 algorithms, described in the RFC 4357 are
-definitely second case, engine provides BOTH API for GOST R 34.10 keys.
-
-EVP_PKEY_derive just invokes appropriate VKO algorithm and computes
-256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key
-material (UKM). This UKM should be transmitted to other party, so it is
-not generated inside derive function.
-
-It should be set by EVP_PKEY_CTX_ctrl function using
-EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but
-before EVP_PKEY_derive.
- unsigned char ukm[8];
- RAND_bytes(ukm,8);
- EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm)
-
-EVP_PKEY_encrypt encrypts provided session key with VKO shared key and
-packs it into GOST key transport structure, described in the RFC 4490.
-
-It typically uses ephemeral key pair to compute shared key and packs its
-public part along with encrypted key. So, for most cases use of
-EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with
-RSA.
-
-However, if peerkey field in the EVP_PKEY_CTX structure is set (using
-EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private
-key and uses same parameters as the public key from which this EVP_PKEY_CTX is
-created, EVP_PKEY_encrypt will use this private key to compute shared key and
-set ephemeral key in the GOST_key_transport structure to NULL. In this case
-pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down.
-
-If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL
-public key field, it tries to use peerkey field from the context to
-compute shared key. In this case peerkey field should really contain
-peer public key.
-
-Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well.
-It can be used when some specific restriction on UKM are imposed by
-higher level protocol. For instance, description of GOST ciphersuites
-requires UKM to be derived from shared secret.
-
-If UKM is not set by this control command, encrypt operation would
-generate random UKM.
-
-
-These sources include implementation of GOST 28147-89 and GOST R 34.11-94
-which are completely independent from OpenSSL and can be used separately
-(files gost89.c, gost89.h, gosthash.c, gosthash.h). Utility gostsum (file
-gostsum.c) is provided as an example of such separate usage. This program is
-similar to md5sum and sha1sum utilities, but calculates GOST R 34.11-94 hash.
-
-Makefile doesn't include rule for compiling gostsum.
-Use command
-
-$(CC) -o gostsum gostsum.c gost89.c gosthash.c
-where $(CC) is name of your C compiler.
-
-Implementations of GOST R 34.10-xx, including VKO algorithms heavily
-depends on OpenSSL BIGNUM and Elliptic Curve libraries.
-
-
diff --git a/engines/ccgost/e_gost_err.c b/engines/ccgost/e_gost_err.c
deleted file mode 100644
index 80ef58f8ca3c..000000000000
--- a/engines/ccgost/e_gost_err.c
+++ /dev/null
@@ -1,221 +0,0 @@
-/* e_gost_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_gost_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA GOST_str_functs[] = {
- {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"},
- {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"},
- {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"},
- {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"},
- {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"},
- {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"},
- {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"},
- {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"},
- {ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"},
- {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS),
- "GOST89_GET_ASN1_PARAMETERS"},
- {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS),
- "GOST89_SET_ASN1_PARAMETERS"},
- {ERR_FUNC(GOST_F_GOST94_COMPUTE_PUBLIC), "GOST94_COMPUTE_PUBLIC"},
- {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"},
- {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"},
- {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"},
- {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"},
- {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"},
- {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"},
- {ERR_FUNC(GOST_F_GOST_SIGN_KEYGEN), "GOST_SIGN_KEYGEN"},
- {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"},
- {ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST94"},
- {ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT), "PKEY_GOST01CP_DECRYPT"},
- {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "PKEY_GOST01CP_ENCRYPT"},
- {ERR_FUNC(GOST_F_PKEY_GOST01CP_KEYGEN), "PKEY_GOST01CP_KEYGEN"},
- {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"},
- {ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE), "PKEY_GOST2001_DERIVE"},
- {ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "PKEY_GOST94CP_DECRYPT"},
- {ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "PKEY_GOST94CP_ENCRYPT"},
- {ERR_FUNC(GOST_F_PKEY_GOST94CP_KEYGEN), "PKEY_GOST94CP_KEYGEN"},
- {ERR_FUNC(GOST_F_PKEY_GOST94_PARAMGEN), "PKEY_GOST94_PARAMGEN"},
- {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"},
- {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"},
- {ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CTRL94_STR"},
- {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"},
- {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_MAC_CTRL_STR"},
- {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"},
- {ERR_FUNC(GOST_F_PRINT_GOST_01), "PRINT_GOST_01"},
- {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"},
- {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"},
- {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"},
- {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"},
- {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"},
- {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA GOST_str_reasons[] = {
- {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),
- "bad key parameters format"},
- {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),
- "bad pkey parameters format"},
- {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),
- "cannot pack ephemeral key"},
- {ERR_REASON(GOST_R_CTRL_CALL_FAILED), "ctrl call failed"},
- {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),
- "error computing shared key"},
- {ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO),
- "error packing key transport info"},
- {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),
- "error parsing key transport info"},
- {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"},
- {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"},
- {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"},
- {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID), "invalid cipher param oid"},
- {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"},
- {ERR_REASON(GOST_R_INVALID_GOST94_PARMSET), "invalid gost94 parmset"},
- {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"},
- {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"},
- {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"},
- {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED), "key is not initalized"},
- {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"},
- {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"},
- {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"},
- {ERR_REASON(GOST_R_MALLOC_FAILURE), "malloc failure"},
- {ERR_REASON(GOST_R_NO_MEMORY), "no memory"},
- {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"},
- {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"},
- {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR),
- "no private part of non ephemeral keypair"},
- {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"},
- {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"},
- {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"},
- {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),
- "random number generator failed"},
- {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"},
- {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),
- "signature parts greater than q"},
- {ERR_REASON(GOST_R_UKM_NOT_SET), "ukm not set"},
- {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),
- "unsupported cipher ctl command"},
- {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),
- "unsupported parameter set"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef GOST_LIB_NAME
-static ERR_STRING_DATA GOST_lib_name[] = {
- {0, GOST_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int GOST_lib_error_code = 0;
-static int GOST_error_init = 1;
-
-void ERR_load_GOST_strings(void)
-{
- if (GOST_lib_error_code == 0)
- GOST_lib_error_code = ERR_get_next_error_library();
-
- if (GOST_error_init) {
- GOST_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(GOST_lib_error_code, GOST_str_functs);
- ERR_load_strings(GOST_lib_error_code, GOST_str_reasons);
-#endif
-
-#ifdef GOST_LIB_NAME
- GOST_lib_name->error = ERR_PACK(GOST_lib_error_code, 0, 0);
- ERR_load_strings(0, GOST_lib_name);
-#endif
- }
-}
-
-void ERR_unload_GOST_strings(void)
-{
- if (GOST_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(GOST_lib_error_code, GOST_str_functs);
- ERR_unload_strings(GOST_lib_error_code, GOST_str_reasons);
-#endif
-
-#ifdef GOST_LIB_NAME
- ERR_unload_strings(0, GOST_lib_name);
-#endif
- GOST_error_init = 1;
- }
-}
-
-void ERR_GOST_error(int function, int reason, char *file, int line)
-{
- if (GOST_lib_error_code == 0)
- GOST_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(GOST_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/ccgost/e_gost_err.h b/engines/ccgost/e_gost_err.h
deleted file mode 100644
index a2018ec4de9d..000000000000
--- a/engines/ccgost/e_gost_err.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_GOST_ERR_H
-# define HEADER_GOST_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_GOST_strings(void);
-void ERR_unload_GOST_strings(void);
-void ERR_GOST_error(int function, int reason, char *file, int line);
-# define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the GOST functions. */
-
-/* Function codes. */
-# define GOST_F_DECODE_GOST_ALGOR_PARAMS 99
-# define GOST_F_ENCODE_GOST_ALGOR_PARAMS 100
-# define GOST_F_FILL_GOST2001_PARAMS 101
-# define GOST_F_FILL_GOST94_PARAMS 102
-# define GOST_F_GET_ENCRYPTION_PARAMS 103
-# define GOST_F_GOST2001_COMPUTE_PUBLIC 104
-# define GOST_F_GOST2001_DO_SIGN 105
-# define GOST_F_GOST2001_DO_VERIFY 106
-# define GOST_F_GOST2001_KEYGEN 107
-# define GOST_F_GOST89_GET_ASN1_PARAMETERS 108
-# define GOST_F_GOST89_SET_ASN1_PARAMETERS 109
-# define GOST_F_GOST94_COMPUTE_PUBLIC 110
-# define GOST_F_GOST_CIPHER_CTL 111
-# define GOST_F_GOST_DO_SIGN 112
-# define GOST_F_GOST_DO_VERIFY 113
-# define GOST_F_GOST_IMIT_CTRL 114
-# define GOST_F_GOST_IMIT_FINAL 140
-# define GOST_F_GOST_IMIT_UPDATE 115
-# define GOST_F_GOST_SIGN_KEYGEN 142
-# define GOST_F_PARAM_COPY_GOST01 116
-# define GOST_F_PARAM_COPY_GOST94 117
-# define GOST_F_PKEY_GOST01CP_DECRYPT 118
-# define GOST_F_PKEY_GOST01CP_ENCRYPT 119
-# define GOST_F_PKEY_GOST01CP_KEYGEN 120
-# define GOST_F_PKEY_GOST01_PARAMGEN 138
-# define GOST_F_PKEY_GOST2001_DERIVE 121
-# define GOST_F_PKEY_GOST94CP_DECRYPT 122
-# define GOST_F_PKEY_GOST94CP_ENCRYPT 123
-# define GOST_F_PKEY_GOST94CP_KEYGEN 124
-# define GOST_F_PKEY_GOST94_PARAMGEN 139
-# define GOST_F_PKEY_GOST_CTRL 125
-# define GOST_F_PKEY_GOST_CTRL01_STR 126
-# define GOST_F_PKEY_GOST_CTRL94_STR 127
-# define GOST_F_PKEY_GOST_MAC_CTRL 128
-# define GOST_F_PKEY_GOST_MAC_CTRL_STR 129
-# define GOST_F_PKEY_GOST_MAC_KEYGEN 130
-# define GOST_F_PRINT_GOST_01 131
-# define GOST_F_PRIV_DECODE_GOST 132
-# define GOST_F_PUB_DECODE_GOST01 133
-# define GOST_F_PUB_DECODE_GOST94 134
-# define GOST_F_PUB_ENCODE_GOST01 135
-# define GOST_F_UNPACK_CC_SIGNATURE 136
-# define GOST_F_UNPACK_CP_SIGNATURE 137
-
-/* Reason codes. */
-# define GOST_R_BAD_KEY_PARAMETERS_FORMAT 99
-# define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 100
-# define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 101
-# define GOST_R_CTRL_CALL_FAILED 132
-# define GOST_R_ERROR_COMPUTING_SHARED_KEY 102
-# define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO 103
-# define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 104
-# define GOST_R_INCOMPATIBLE_ALGORITHMS 105
-# define GOST_R_INCOMPATIBLE_PEER_KEY 131
-# define GOST_R_INVALID_CIPHER_PARAMS 106
-# define GOST_R_INVALID_CIPHER_PARAM_OID 107
-# define GOST_R_INVALID_DIGEST_TYPE 108
-# define GOST_R_INVALID_GOST94_PARMSET 109
-# define GOST_R_INVALID_IV_LENGTH 110
-# define GOST_R_INVALID_MAC_KEY_LENGTH 111
-# define GOST_R_INVALID_PARAMSET 112
-# define GOST_R_KEY_IS_NOT_INITALIZED 113
-# define GOST_R_KEY_IS_NOT_INITIALIZED 114
-# define GOST_R_KEY_PARAMETERS_MISSING 115
-# define GOST_R_MAC_KEY_NOT_SET 116
-# define GOST_R_MALLOC_FAILURE 117
-# define GOST_R_NO_MEMORY 118
-# define GOST_R_NO_PARAMETERS_SET 119
-# define GOST_R_NO_PEER_KEY 120
-# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 121
-# define GOST_R_PUBLIC_KEY_UNDEFINED 122
-# define GOST_R_RANDOM_GENERATOR_ERROR 123
-# define GOST_R_RANDOM_GENERATOR_FAILURE 124
-# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 125
-# define GOST_R_SIGNATURE_MISMATCH 126
-# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 127
-# define GOST_R_UKM_NOT_SET 128
-# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 129
-# define GOST_R_UNSUPPORTED_PARAMETER_SET 130
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c
deleted file mode 100644
index 881d0d3c9097..000000000000
--- a/engines/ccgost/gost2001.c
+++ /dev/null
@@ -1,474 +0,0 @@
-/**********************************************************************
- * gost2001.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of GOST R 34.10-2001 *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include "gost_lcl.h"
-#include "gost_params.h"
-#include <string.h>
-#include <openssl/rand.h>
-#include <openssl/ecdsa.h>
-#include <openssl/err.h>
-#include "e_gost_err.h"
-#ifdef DEBUG_SIGN
-extern
-void dump_signature(const char *message, const unsigned char *buffer,
- size_t len);
-void dump_dsa_sig(const char *message, DSA_SIG *sig);
-#else
-
-# define dump_signature(a,b,c)
-# define dump_dsa_sig(a,b)
-#endif
-
-/*
- * Fills EC_KEY structure hidden in the app_data field of DSA structure
- * with parameter information, extracted from parameter array in
- * params.c file.
- *
- * Also fils DSA->q field with copy of EC_GROUP order field to make
- * DSA_size function work
- */
-int fill_GOST2001_params(EC_KEY *eckey, int nid)
-{
- R3410_2001_params *params = R3410_2001_paramset;
- EC_GROUP *grp = NULL;
- BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL;
- EC_POINT *P = NULL;
- BN_CTX *ctx = BN_CTX_new();
- int ok = 0;
-
- if(!ctx) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- BN_CTX_start(ctx);
- p = BN_CTX_get(ctx);
- a = BN_CTX_get(ctx);
- b = BN_CTX_get(ctx);
- x = BN_CTX_get(ctx);
- y = BN_CTX_get(ctx);
- q = BN_CTX_get(ctx);
- if(!p || !a || !b || !x || !y || !q) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- while (params->nid != NID_undef && params->nid != nid)
- params++;
- if (params->nid == NID_undef) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS,
- GOST_R_UNSUPPORTED_PARAMETER_SET);
- goto err;
- }
- if(!BN_hex2bn(&p, params->p)
- || !BN_hex2bn(&a, params->a)
- || !BN_hex2bn(&b, params->b)) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS,
- ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- grp = EC_GROUP_new_curve_GFp(p, a, b, ctx);
- if(!grp) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- P = EC_POINT_new(grp);
- if(!P) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if(!BN_hex2bn(&x, params->x)
- || !BN_hex2bn(&y, params->y)
- || !EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx)
- || !BN_hex2bn(&q, params->q)) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifdef DEBUG_KEYS
- fprintf(stderr, "Set params index %d oid %s\nq=",
- (params - R3410_2001_paramset), OBJ_nid2sn(params->nid));
- BN_print_fp(stderr, q);
- fprintf(stderr, "\n");
-#endif
-
- if(!EC_GROUP_set_generator(grp, P, q, NULL)) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- EC_GROUP_set_curve_name(grp, params->nid);
- if(!EC_KEY_set_group(eckey, grp)) {
- GOSTerr(GOST_F_FILL_GOST2001_PARAMS, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- ok = 1;
- err:
- if (P) EC_POINT_free(P);
- if (grp) EC_GROUP_free(grp);
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return ok;
-}
-
-/*
- * Computes gost2001 signature as DSA_SIG structure
- *
- *
- */
-DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
-{
- DSA_SIG *newsig = NULL, *ret = NULL;
- BIGNUM *md = hashsum2bn(dgst);
- BIGNUM *order = NULL;
- const EC_GROUP *group;
- const BIGNUM *priv_key;
- BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k =
- NULL, *e = NULL;
- EC_POINT *C = NULL;
- BN_CTX *ctx = BN_CTX_new();
- if(!ctx || !md) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN_CTX_start(ctx);
- OPENSSL_assert(dlen == 32);
- newsig = DSA_SIG_new();
- if (!newsig) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, GOST_R_NO_MEMORY);
- goto err;
- }
- group = EC_KEY_get0_group(eckey);
- if(!group) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- order = BN_CTX_get(ctx);
- if(!order || !EC_GROUP_get_order(group, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- priv_key = EC_KEY_get0_private_key(eckey);
- if(!priv_key) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- e = BN_CTX_get(ctx);
- if(!e || !BN_mod(e, md, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifdef DEBUG_SIGN
- fprintf(stderr, "digest as bignum=");
- BN_print_fp(stderr, md);
- fprintf(stderr, "\ndigest mod q=");
- BN_print_fp(stderr, e);
- fprintf(stderr, "\n");
-#endif
- if (BN_is_zero(e)) {
- BN_one(e);
- }
- k = BN_CTX_get(ctx);
- C = EC_POINT_new(group);
- if(!k || !C) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- do {
- do {
- if (!BN_rand_range(k, order)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN,
- GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
- goto err;
- }
- if (!EC_POINT_mul(group, C, k, NULL, NULL, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB);
- goto err;
- }
- if (!X)
- X = BN_CTX_get(ctx);
- if (!r)
- r = BN_CTX_get(ctx);
- if (!X || !r) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB);
- goto err;
- }
-
- if(!BN_nnmod(r, X, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
- while (BN_is_zero(r));
- /* s = (r*priv_key+k*e) mod order */
- if (!tmp)
- tmp = BN_CTX_get(ctx);
- if (!tmp2)
- tmp2 = BN_CTX_get(ctx);
- if (!s)
- s = BN_CTX_get(ctx);
- if (!tmp || !tmp2 || !s) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if(!BN_mod_mul(tmp, priv_key, r, order, ctx)
- || !BN_mod_mul(tmp2, k, e, order, ctx)
- || !BN_mod_add(s, tmp, tmp2, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
- while (BN_is_zero(s));
-
- newsig->s = BN_dup(s);
- newsig->r = BN_dup(r);
- if(!newsig->s || !newsig->r) {
- GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- ret = newsig;
- err:
- if(ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- if (C) EC_POINT_free(C);
- if (md) BN_free(md);
- if (!ret && newsig) {
- DSA_SIG_free(newsig);
- }
- return ret;
-}
-
-/*
- * Verifies gost 2001 signature
- *
- */
-int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, EC_KEY *ec)
-{
- BN_CTX *ctx = BN_CTX_new();
- const EC_GROUP *group = EC_KEY_get0_group(ec);
- BIGNUM *order;
- BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 =
- NULL;
- BIGNUM *X = NULL, *tmp = NULL;
- EC_POINT *C = NULL;
- const EC_POINT *pub_key = NULL;
- int ok = 0;
-
- if(!ctx || !group) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- BN_CTX_start(ctx);
- order = BN_CTX_get(ctx);
- e = BN_CTX_get(ctx);
- z1 = BN_CTX_get(ctx);
- z2 = BN_CTX_get(ctx);
- tmp = BN_CTX_get(ctx);
- X = BN_CTX_get(ctx);
- R = BN_CTX_get(ctx);
- v = BN_CTX_get(ctx);
- if(!order || !e || !z1 || !z2 || !tmp || !X || !R || !v) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- pub_key = EC_KEY_get0_public_key(ec);
- if(!pub_key || !EC_GROUP_get_order(group, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
- (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY,
- GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
- goto err;
-
- }
- md = hashsum2bn(dgst);
-
- if(!md || !BN_mod(e, md, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifdef DEBUG_SIGN
- fprintf(stderr, "digest as bignum: ");
- BN_print_fp(stderr, md);
- fprintf(stderr, "\ndigest mod q: ");
- BN_print_fp(stderr, e);
-#endif
- if (BN_is_zero(e) && !BN_one(e)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- v = BN_mod_inverse(v, e, order, ctx);
- if(!v
- || !BN_mod_mul(z1, sig->s, v, order, ctx)
- || !BN_sub(tmp, order, sig->r)
- || !BN_mod_mul(z2, tmp, v, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifdef DEBUG_SIGN
- fprintf(stderr, "\nInverted digest value: ");
- BN_print_fp(stderr, v);
- fprintf(stderr, "\nz1: ");
- BN_print_fp(stderr, z1);
- fprintf(stderr, "\nz2: ");
- BN_print_fp(stderr, z2);
-#endif
- C = EC_POINT_new(group);
- if (!C) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!EC_POINT_mul(group, C, z1, pub_key, z2, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB);
- goto err;
- }
- if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB);
- goto err;
- }
- if(!BN_mod(R, X, order, ctx)) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-#ifdef DEBUG_SIGN
- fprintf(stderr, "\nX=");
- BN_print_fp(stderr, X);
- fprintf(stderr, "\nX mod q=");
- BN_print_fp(stderr, R);
- fprintf(stderr, "\n");
-#endif
- if (BN_cmp(R, sig->r) != 0) {
- GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH);
- } else {
- ok = 1;
- }
- err:
- if (C) EC_POINT_free(C);
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- if (md) BN_free(md);
- return ok;
-}
-
-/*
- * Computes GOST R 34.10-2001 public key
- *
- *
- */
-int gost2001_compute_public(EC_KEY *ec)
-{
- const EC_GROUP *group = EC_KEY_get0_group(ec);
- EC_POINT *pub_key = NULL;
- const BIGNUM *priv_key = NULL;
- BN_CTX *ctx = NULL;
- int ok = 0;
-
- if (!group) {
- GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,
- GOST_R_KEY_IS_NOT_INITIALIZED);
- return 0;
- }
- ctx = BN_CTX_new();
- if(!ctx) {
- GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN_CTX_start(ctx);
- if (!(priv_key = EC_KEY_get0_private_key(ec))) {
- GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
- goto err;
- }
-
- pub_key = EC_POINT_new(group);
- if(!pub_key) {
- GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) {
- GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
- goto err;
- }
- if (!EC_KEY_set_public_key(ec, pub_key)) {
- GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
- goto err;
- }
- ok = 256;
- err:
- if (pub_key) EC_POINT_free(pub_key);
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return ok;
-}
-
-/*
- *
- * Generates GOST R 34.10-2001 keypair
- *
- *
- */
-int gost2001_keygen(EC_KEY *ec)
-{
- BIGNUM *order = BN_new(), *d = BN_new();
- const EC_GROUP *group = NULL;
-
- if (order == NULL || d == NULL) {
- GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_MALLOC_FAILURE);
- BN_free(d);
- BN_free(order);
- return 0;
- }
-
- group = EC_KEY_get0_group(ec);
- if(!group || !EC_GROUP_get_order(group, order, NULL)) {
- GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR);
- BN_free(d);
- BN_free(order);
- return 0;
- }
-
- do {
- if (!BN_rand_range(d, order)) {
- GOSTerr(GOST_F_GOST2001_KEYGEN,
- GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
- BN_free(d);
- BN_free(order);
- return 0;
- }
- }
- while (BN_is_zero(d));
-
- if(!EC_KEY_set_private_key(ec, d)) {
- GOSTerr(GOST_F_GOST2001_KEYGEN, ERR_R_INTERNAL_ERROR);
- BN_free(d);
- BN_free(order);
- return 0;
- }
- BN_free(d);
- BN_free(order);
- return gost2001_compute_public(ec);
-}
diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c
deleted file mode 100644
index ac7862eab550..000000000000
--- a/engines/ccgost/gost2001_keyx.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/**********************************************************************
- * gost_keyx.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * VK0 34.10-2001 key exchange and GOST R 34.10-2001 *
- * based PKCS7/SMIME support *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include "gost89.h"
-#include "gosthash.h"
-#include "e_gost_err.h"
-#include "gost_keywrap.h"
-#include "gost_lcl.h"
-#include "gost2001_keyx.h"
-
-/* Implementation of CryptoPro VKO 34.10-2001 algorithm */
-static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
- const EC_POINT *pub_key, EC_KEY *priv_key,
- const unsigned char *ukm)
-{
- unsigned char ukm_be[8], databuf[64], hashbuf[64];
- BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL;
- const BIGNUM *key = EC_KEY_get0_private_key(priv_key);
- EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key));
- int i;
- gost_hash_ctx hash_ctx;
- BN_CTX *ctx = BN_CTX_new();
-
- for (i = 0; i < 8; i++) {
- ukm_be[7 - i] = ukm[i];
- }
- BN_CTX_start(ctx);
- UKM = getbnfrombuf(ukm_be, 8);
- p = BN_CTX_get(ctx);
- order = BN_CTX_get(ctx);
- X = BN_CTX_get(ctx);
- Y = BN_CTX_get(ctx);
- EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx);
- BN_mod_mul(p, key, UKM, order, ctx);
- EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx);
- EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key),
- pnt, X, Y, ctx);
- /*
- * Serialize elliptic curve point same way as we do it when saving key
- */
- store_bignum(Y, databuf, 32);
- store_bignum(X, databuf + 32, 32);
- /* And reverse byte order of whole buffer */
- for (i = 0; i < 64; i++) {
- hashbuf[63 - i] = databuf[i];
- }
- init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet);
- start_hash(&hash_ctx);
- hash_block(&hash_ctx, hashbuf, 64);
- finish_hash(&hash_ctx, shared_key);
- done_gost_hash_ctx(&hash_ctx);
- BN_free(UKM);
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- EC_POINT_free(pnt);
- return 32;
-}
-
-/*
- * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001
- * algorithm
- */
-int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
- size_t *keylen)
-{
- /*
- * Public key of peer in the ctx field peerkey Our private key in the ctx
- * pkey ukm is in the algorithm specific context data
- */
- EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx);
- EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx);
- struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-
- if (!data->shared_ukm) {
- GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET);
- return 0;
- }
-
- if (key == NULL) {
- *keylen = 32;
- return 32;
- }
-
- *keylen =
- VKO_compute_key(key, 32,
- EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)),
- (EC_KEY *)EVP_PKEY_get0(my_key), data->shared_ukm);
- return 1;
-}
-
-/*
- * EVP_PKEY_METHOD callback encrypt
- * Implementation of GOST2001 key transport, cryptocom variation
- */
-/*
- * Generates ephemeral key based on pubk algorithm computes shared key using
- * VKO and returns filled up GOST_KEY_TRANSPORT structure
- */
-
-/*
- * EVP_PKEY_METHOD callback encrypt
- * Implementation of GOST2001 key transport, cryptopo variation
- */
-
-int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
- size_t *out_len, const unsigned char *key,
- size_t key_len)
-{
- GOST_KEY_TRANSPORT *gkt = NULL;
- EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
- struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
- const struct gost_cipher_info *param = get_encryption_params(NULL);
- unsigned char ukm[8], shared_key[32], crypted_key[44];
- int ret = 0;
- int key_is_ephemeral = 1;
- gost_ctx cctx;
- EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx);
- if (data->shared_ukm) {
- memcpy(ukm, data->shared_ukm, 8);
- } else if (out) {
-
- if (RAND_bytes(ukm, 8) <= 0) {
- GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
- GOST_R_RANDOM_GENERATOR_FAILURE);
- return 0;
- }
- }
- /* Check for private key in the peer_key of context */
- if (sec_key) {
- key_is_ephemeral = 0;
- if (!gost_get0_priv_key(sec_key)) {
- GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
- GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
- goto err;
- }
- } else {
- key_is_ephemeral = 1;
- if (out) {
- sec_key = EVP_PKEY_new();
- if (sec_key == NULL)
- goto err;
- EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new());
- EVP_PKEY_copy_parameters(sec_key, pubk);
- if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) {
- goto err;
- }
- }
- }
- if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS)
- && param == gost_cipher_list) {
- param = gost_cipher_list + 1;
- }
- if (out) {
- VKO_compute_key(shared_key, 32,
- EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)),
- EVP_PKEY_get0(sec_key), ukm);
- gost_init(&cctx, param->sblock);
- keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key);
- }
- gkt = GOST_KEY_TRANSPORT_new();
- if (!gkt) {
- goto err;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) {
- goto err;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) {
- goto err;
- }
- if (!ASN1_OCTET_STRING_set
- (gkt->key_info->encrypted_key, crypted_key + 8, 32)) {
- goto err;
- }
- if (key_is_ephemeral) {
- if (!X509_PUBKEY_set
- (&gkt->key_agreement_info->ephem_key, out ? sec_key : pubk)) {
- GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
- GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
- goto err;
- }
- }
- ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
- gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
- if (key_is_ephemeral && sec_key)
- EVP_PKEY_free(sec_key);
- if (!key_is_ephemeral) {
- /* Set control "public key from client certificate used" */
- if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL)
- <= 0) {
- GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED);
- goto err;
- }
- }
- if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0)
- ret = 1;
- GOST_KEY_TRANSPORT_free(gkt);
- return ret;
- err:
- if (key_is_ephemeral && sec_key)
- EVP_PKEY_free(sec_key);
- GOST_KEY_TRANSPORT_free(gkt);
- return -1;
-}
-
-/*
- * EVP_PKEY_METHOD callback decrypt
- * Implementation of GOST2001 key transport, cryptopo variation
- */
-int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
- size_t *key_len, const unsigned char *in,
- size_t in_len)
-{
- const unsigned char *p = in;
- EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
- GOST_KEY_TRANSPORT *gkt = NULL;
- int ret = 0;
- unsigned char wrappedKey[44];
- unsigned char sharedKey[32];
- gost_ctx ctx;
- const struct gost_cipher_info *param = NULL;
- EVP_PKEY *eph_key = NULL, *peerkey = NULL;
-
- if (!key) {
- *key_len = 32;
- return 1;
- }
- gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
- if (!gkt) {
- GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
- GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
- return -1;
- }
-
- /* If key transport structure contains public key, use it */
- eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
- if (eph_key) {
- if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) {
- GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
- GOST_R_INCOMPATIBLE_PEER_KEY);
- goto err;
- }
- } else {
- /* Set control "public key from client certificate used" */
- if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL)
- <= 0) {
- GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_CTRL_CALL_FAILED);
- goto err;
- }
- }
- peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
- if (!peerkey) {
- GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_NO_PEER_KEY);
- goto err;
- }
-
- param = get_encryption_params(gkt->key_agreement_info->cipher);
- if (!param) {
- goto err;
- }
-
- gost_init(&ctx, param->sblock);
- OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8);
- memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
- OPENSSL_assert(gkt->key_info->encrypted_key->length == 32);
- memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
- OPENSSL_assert(gkt->key_info->imit->length == 4);
- memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
- VKO_compute_key(sharedKey, 32,
- EC_KEY_get0_public_key(EVP_PKEY_get0(peerkey)),
- EVP_PKEY_get0(priv), wrappedKey);
- if (!keyUnwrapCryptoPro(&ctx, sharedKey, wrappedKey, key)) {
- GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
- GOST_R_ERROR_COMPUTING_SHARED_KEY);
- goto err;
- }
-
- ret = 1;
- err:
- if (eph_key)
- EVP_PKEY_free(eph_key);
- if (gkt)
- GOST_KEY_TRANSPORT_free(gkt);
- return ret;
-}
diff --git a/engines/ccgost/gost2001_keyx.h b/engines/ccgost/gost2001_keyx.h
deleted file mode 100644
index 2d29113a3ae8..000000000000
--- a/engines/ccgost/gost2001_keyx.h
+++ /dev/null
@@ -1,10 +0,0 @@
-GOST_KEY_TRANSPORT *make_rfc4490_keytransport_2001(EVP_PKEY *pubk,
- BIGNUM *eph_key,
- const unsigned char *key,
- size_t keylen,
- unsigned char *ukm,
- size_t ukm_len);
-
-int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv,
- GOST_KEY_TRANSPORT * gkt,
- unsigned char *key_buf, int key_buf_len);
diff --git a/engines/ccgost/gost89.c b/engines/ccgost/gost89.c
deleted file mode 100644
index 4ff4ddd7a565..000000000000
--- a/engines/ccgost/gost89.c
+++ /dev/null
@@ -1,576 +0,0 @@
-/**********************************************************************
- * gost89.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of GOST 28147-89 encryption algorithm *
- * No OpenSSL libraries required to compile and use *
- * this code *
- **********************************************************************/
-#include <string.h>
-#include "gost89.h"
-/*-
- Substitution blocks from RFC 4357
-
- Note: our implementation of gost 28147-89 algorithm
- uses S-box matrix rotated 90 degrees counterclockwise, relative to
- examples given in RFC.
-
-
-*/
-
-/* Substitution blocks from test examples for GOST R 34.11-94*/
-gost_subst_block GostR3411_94_TestParamSet = {
- {0X1, 0XF, 0XD, 0X0, 0X5, 0X7, 0XA, 0X4, 0X9, 0X2, 0X3, 0XE, 0X6, 0XB,
- 0X8, 0XC}
- ,
- {0XD, 0XB, 0X4, 0X1, 0X3, 0XF, 0X5, 0X9, 0X0, 0XA, 0XE, 0X7, 0X6, 0X8,
- 0X2, 0XC}
- ,
- {0X4, 0XB, 0XA, 0X0, 0X7, 0X2, 0X1, 0XD, 0X3, 0X6, 0X8, 0X5, 0X9, 0XC,
- 0XF, 0XE}
- ,
- {0X6, 0XC, 0X7, 0X1, 0X5, 0XF, 0XD, 0X8, 0X4, 0XA, 0X9, 0XE, 0X0, 0X3,
- 0XB, 0X2}
- ,
- {0X7, 0XD, 0XA, 0X1, 0X0, 0X8, 0X9, 0XF, 0XE, 0X4, 0X6, 0XC, 0XB, 0X2,
- 0X5, 0X3}
- ,
- {0X5, 0X8, 0X1, 0XD, 0XA, 0X3, 0X4, 0X2, 0XE, 0XF, 0XC, 0X7, 0X6, 0X0,
- 0X9, 0XB}
- ,
- {0XE, 0XB, 0X4, 0XC, 0X6, 0XD, 0XF, 0XA, 0X2, 0X3, 0X8, 0X1, 0X0, 0X7,
- 0X5, 0X9}
- ,
- {0X4, 0XA, 0X9, 0X2, 0XD, 0X8, 0X0, 0XE, 0X6, 0XB, 0X1, 0XC, 0X7, 0XF,
- 0X5, 0X3}
-};
-
-/* Substitution blocks for hash function 1.2.643.2.9.1.6.1 */
-gost_subst_block GostR3411_94_CryptoProParamSet = {
- {0x1, 0x3, 0xA, 0x9, 0x5, 0xB, 0x4, 0xF, 0x8, 0x6, 0x7, 0xE, 0xD, 0x0,
- 0x2, 0xC}
- ,
- {0xD, 0xE, 0x4, 0x1, 0x7, 0x0, 0x5, 0xA, 0x3, 0xC, 0x8, 0xF, 0x6, 0x2,
- 0x9, 0xB}
- ,
- {0x7, 0x6, 0x2, 0x4, 0xD, 0x9, 0xF, 0x0, 0xA, 0x1, 0x5, 0xB, 0x8, 0xE,
- 0xC, 0x3}
- ,
- {0x7, 0x6, 0x4, 0xB, 0x9, 0xC, 0x2, 0xA, 0x1, 0x8, 0x0, 0xE, 0xF, 0xD,
- 0x3, 0x5}
- ,
- {0x4, 0xA, 0x7, 0xC, 0x0, 0xF, 0x2, 0x8, 0xE, 0x1, 0x6, 0x5, 0xD, 0xB,
- 0x9, 0x3}
- ,
- {0x7, 0xF, 0xC, 0xE, 0x9, 0x4, 0x1, 0x0, 0x3, 0xB, 0x5, 0x2, 0x6, 0xA,
- 0x8, 0xD}
- ,
- {0x5, 0xF, 0x4, 0x0, 0x2, 0xD, 0xB, 0x9, 0x1, 0x7, 0x6, 0x3, 0xC, 0xE,
- 0xA, 0x8}
- ,
- {0xA, 0x4, 0x5, 0x6, 0x8, 0x1, 0x3, 0x7, 0xD, 0xC, 0xE, 0x0, 0x9, 0x2,
- 0xB, 0xF}
-};
-
-/* Test paramset from GOST 28147 */
-gost_subst_block Gost28147_TestParamSet = {
- {0xC, 0x6, 0x5, 0x2, 0xB, 0x0, 0x9, 0xD, 0x3, 0xE, 0x7, 0xA, 0xF, 0x4,
- 0x1, 0x8}
- ,
- {0x9, 0xB, 0xC, 0x0, 0x3, 0x6, 0x7, 0x5, 0x4, 0x8, 0xE, 0xF, 0x1, 0xA,
- 0x2, 0xD}
- ,
- {0x8, 0xF, 0x6, 0xB, 0x1, 0x9, 0xC, 0x5, 0xD, 0x3, 0x7, 0xA, 0x0, 0xE,
- 0x2, 0x4}
- ,
- {0x3, 0xE, 0x5, 0x9, 0x6, 0x8, 0x0, 0xD, 0xA, 0xB, 0x7, 0xC, 0x2, 0x1,
- 0xF, 0x4}
- ,
- {0xE, 0x9, 0xB, 0x2, 0x5, 0xF, 0x7, 0x1, 0x0, 0xD, 0xC, 0x6, 0xA, 0x4,
- 0x3, 0x8}
- ,
- {0xD, 0x8, 0xE, 0xC, 0x7, 0x3, 0x9, 0xA, 0x1, 0x5, 0x2, 0x4, 0x6, 0xF,
- 0x0, 0xB}
- ,
- {0xC, 0x9, 0xF, 0xE, 0x8, 0x1, 0x3, 0xA, 0x2, 0x7, 0x4, 0xD, 0x6, 0x0,
- 0xB, 0x5}
- ,
- {0x4, 0x2, 0xF, 0x5, 0x9, 0x1, 0x0, 0x8, 0xE, 0x3, 0xB, 0xC, 0xD, 0x7,
- 0xA, 0x6}
-};
-
-/* 1.2.643.2.2.31.1 */
-gost_subst_block Gost28147_CryptoProParamSetA = {
- {0xB, 0xA, 0xF, 0x5, 0x0, 0xC, 0xE, 0x8, 0x6, 0x2, 0x3, 0x9, 0x1, 0x7,
- 0xD, 0x4}
- ,
- {0x1, 0xD, 0x2, 0x9, 0x7, 0xA, 0x6, 0x0, 0x8, 0xC, 0x4, 0x5, 0xF, 0x3,
- 0xB, 0xE}
- ,
- {0x3, 0xA, 0xD, 0xC, 0x1, 0x2, 0x0, 0xB, 0x7, 0x5, 0x9, 0x4, 0x8, 0xF,
- 0xE, 0x6}
- ,
- {0xB, 0x5, 0x1, 0x9, 0x8, 0xD, 0xF, 0x0, 0xE, 0x4, 0x2, 0x3, 0xC, 0x7,
- 0xA, 0x6}
- ,
- {0xE, 0x7, 0xA, 0xC, 0xD, 0x1, 0x3, 0x9, 0x0, 0x2, 0xB, 0x4, 0xF, 0x8,
- 0x5, 0x6}
- ,
- {0xE, 0x4, 0x6, 0x2, 0xB, 0x3, 0xD, 0x8, 0xC, 0xF, 0x5, 0xA, 0x0, 0x7,
- 0x1, 0x9}
- ,
- {0x3, 0x7, 0xE, 0x9, 0x8, 0xA, 0xF, 0x0, 0x5, 0x2, 0x6, 0xC, 0xB, 0x4,
- 0xD, 0x1}
- ,
- {0x9, 0x6, 0x3, 0x2, 0x8, 0xB, 0x1, 0x7, 0xA, 0x4, 0xE, 0xF, 0xC, 0x0,
- 0xD, 0x5}
-};
-
-/* 1.2.643.2.2.31.2 */
-gost_subst_block Gost28147_CryptoProParamSetB = {
- {0x0, 0x4, 0xB, 0xE, 0x8, 0x3, 0x7, 0x1, 0xA, 0x2, 0x9, 0x6, 0xF, 0xD,
- 0x5, 0xC}
- ,
- {0x5, 0x2, 0xA, 0xB, 0x9, 0x1, 0xC, 0x3, 0x7, 0x4, 0xD, 0x0, 0x6, 0xF,
- 0x8, 0xE}
- ,
- {0x8, 0x3, 0x2, 0x6, 0x4, 0xD, 0xE, 0xB, 0xC, 0x1, 0x7, 0xF, 0xA, 0x0,
- 0x9, 0x5}
- ,
- {0x2, 0x7, 0xC, 0xF, 0x9, 0x5, 0xA, 0xB, 0x1, 0x4, 0x0, 0xD, 0x6, 0x8,
- 0xE, 0x3}
- ,
- {0x7, 0x5, 0x0, 0xD, 0xB, 0x6, 0x1, 0x2, 0x3, 0xA, 0xC, 0xF, 0x4, 0xE,
- 0x9, 0x8}
- ,
- {0xE, 0xC, 0x0, 0xA, 0x9, 0x2, 0xD, 0xB, 0x7, 0x5, 0x8, 0xF, 0x3, 0x6,
- 0x1, 0x4}
- ,
- {0x0, 0x1, 0x2, 0xA, 0x4, 0xD, 0x5, 0xC, 0x9, 0x7, 0x3, 0xF, 0xB, 0x8,
- 0x6, 0xE}
- ,
- {0x8, 0x4, 0xB, 0x1, 0x3, 0x5, 0x0, 0x9, 0x2, 0xE, 0xA, 0xC, 0xD, 0x6,
- 0x7, 0xF}
-};
-
-/* 1.2.643.2.2.31.3 */
-gost_subst_block Gost28147_CryptoProParamSetC = {
- {0x7, 0x4, 0x0, 0x5, 0xA, 0x2, 0xF, 0xE, 0xC, 0x6, 0x1, 0xB, 0xD, 0x9,
- 0x3, 0x8}
- ,
- {0xA, 0x9, 0x6, 0x8, 0xD, 0xE, 0x2, 0x0, 0xF, 0x3, 0x5, 0xB, 0x4, 0x1,
- 0xC, 0x7}
- ,
- {0xC, 0x9, 0xB, 0x1, 0x8, 0xE, 0x2, 0x4, 0x7, 0x3, 0x6, 0x5, 0xA, 0x0,
- 0xF, 0xD}
- ,
- {0x8, 0xD, 0xB, 0x0, 0x4, 0x5, 0x1, 0x2, 0x9, 0x3, 0xC, 0xE, 0x6, 0xF,
- 0xA, 0x7}
- ,
- {0x3, 0x6, 0x0, 0x1, 0x5, 0xD, 0xA, 0x8, 0xB, 0x2, 0x9, 0x7, 0xE, 0xF,
- 0xC, 0x4}
- ,
- {0x8, 0x2, 0x5, 0x0, 0x4, 0x9, 0xF, 0xA, 0x3, 0x7, 0xC, 0xD, 0x6, 0xE,
- 0x1, 0xB}
- ,
- {0x0, 0x1, 0x7, 0xD, 0xB, 0x4, 0x5, 0x2, 0x8, 0xE, 0xF, 0xC, 0x9, 0xA,
- 0x6, 0x3}
- ,
- {0x1, 0xB, 0xC, 0x2, 0x9, 0xD, 0x0, 0xF, 0x4, 0x5, 0x8, 0xE, 0xA, 0x7,
- 0x6, 0x3}
-};
-
-/* 1.2.643.2.2.31.4 */
-gost_subst_block Gost28147_CryptoProParamSetD = {
- {0x1, 0xA, 0x6, 0x8, 0xF, 0xB, 0x0, 0x4, 0xC, 0x3, 0x5, 0x9, 0x7, 0xD,
- 0x2, 0xE}
- ,
- {0x3, 0x0, 0x6, 0xF, 0x1, 0xE, 0x9, 0x2, 0xD, 0x8, 0xC, 0x4, 0xB, 0xA,
- 0x5, 0x7}
- ,
- {0x8, 0x0, 0xF, 0x3, 0x2, 0x5, 0xE, 0xB, 0x1, 0xA, 0x4, 0x7, 0xC, 0x9,
- 0xD, 0x6}
- ,
- {0x0, 0xC, 0x8, 0x9, 0xD, 0x2, 0xA, 0xB, 0x7, 0x3, 0x6, 0x5, 0x4, 0xE,
- 0xF, 0x1}
- ,
- {0x1, 0x5, 0xE, 0xC, 0xA, 0x7, 0x0, 0xD, 0x6, 0x2, 0xB, 0x4, 0x9, 0x3,
- 0xF, 0x8}
- ,
- {0x1, 0xC, 0xB, 0x0, 0xF, 0xE, 0x6, 0x5, 0xA, 0xD, 0x4, 0x8, 0x9, 0x3,
- 0x7, 0x2}
- ,
- {0xB, 0x6, 0x3, 0x4, 0xC, 0xF, 0xE, 0x2, 0x7, 0xD, 0x8, 0x0, 0x5, 0xA,
- 0x9, 0x1}
- ,
- {0xF, 0xC, 0x2, 0xA, 0x6, 0x4, 0x5, 0x0, 0x7, 0x9, 0xE, 0xD, 0x1, 0xB,
- 0x8, 0x3}
-};
-
-const byte CryptoProKeyMeshingKey[] = {
- 0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23,
- 0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
- 0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
- 0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B
-};
-
-/* Initialization of gost_ctx subst blocks*/
-static void kboxinit(gost_ctx * c, const gost_subst_block * b)
-{
- int i;
-
- for (i = 0; i < 256; i++) {
- c->k87[i] = (word32) (b->k8[i >> 4] << 4 | b->k7[i & 15]) << 24;
- c->k65[i] = (b->k6[i >> 4] << 4 | b->k5[i & 15]) << 16;
- c->k43[i] = (b->k4[i >> 4] << 4 | b->k3[i & 15]) << 8;
- c->k21[i] = b->k2[i >> 4] << 4 | b->k1[i & 15];
-
- }
-}
-
-/* Part of GOST 28147 algorithm moved into separate function */
-static word32 f(gost_ctx * c, word32 x)
-{
- x = c->k87[x >> 24 & 255] | c->k65[x >> 16 & 255] |
- c->k43[x >> 8 & 255] | c->k21[x & 255];
- /* Rotate left 11 bits */
- return x << 11 | x >> (32 - 11);
-}
-
-/* Low-level encryption routine - encrypts one 64 bit block*/
-void gostcrypt(gost_ctx * c, const byte * in, byte * out)
-{
- register word32 n1, n2; /* As named in the GOST */
- n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24);
- n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24);
- /* Instead of swapping halves, swap names each round */
-
- n2 ^= f(c, n1 + c->k[0]);
- n1 ^= f(c, n2 + c->k[1]);
- n2 ^= f(c, n1 + c->k[2]);
- n1 ^= f(c, n2 + c->k[3]);
- n2 ^= f(c, n1 + c->k[4]);
- n1 ^= f(c, n2 + c->k[5]);
- n2 ^= f(c, n1 + c->k[6]);
- n1 ^= f(c, n2 + c->k[7]);
-
- n2 ^= f(c, n1 + c->k[0]);
- n1 ^= f(c, n2 + c->k[1]);
- n2 ^= f(c, n1 + c->k[2]);
- n1 ^= f(c, n2 + c->k[3]);
- n2 ^= f(c, n1 + c->k[4]);
- n1 ^= f(c, n2 + c->k[5]);
- n2 ^= f(c, n1 + c->k[6]);
- n1 ^= f(c, n2 + c->k[7]);
-
- n2 ^= f(c, n1 + c->k[0]);
- n1 ^= f(c, n2 + c->k[1]);
- n2 ^= f(c, n1 + c->k[2]);
- n1 ^= f(c, n2 + c->k[3]);
- n2 ^= f(c, n1 + c->k[4]);
- n1 ^= f(c, n2 + c->k[5]);
- n2 ^= f(c, n1 + c->k[6]);
- n1 ^= f(c, n2 + c->k[7]);
-
- n2 ^= f(c, n1 + c->k[7]);
- n1 ^= f(c, n2 + c->k[6]);
- n2 ^= f(c, n1 + c->k[5]);
- n1 ^= f(c, n2 + c->k[4]);
- n2 ^= f(c, n1 + c->k[3]);
- n1 ^= f(c, n2 + c->k[2]);
- n2 ^= f(c, n1 + c->k[1]);
- n1 ^= f(c, n2 + c->k[0]);
-
- out[0] = (byte) (n2 & 0xff);
- out[1] = (byte) ((n2 >> 8) & 0xff);
- out[2] = (byte) ((n2 >> 16) & 0xff);
- out[3] = (byte) (n2 >> 24);
- out[4] = (byte) (n1 & 0xff);
- out[5] = (byte) ((n1 >> 8) & 0xff);
- out[6] = (byte) ((n1 >> 16) & 0xff);
- out[7] = (byte) (n1 >> 24);
-}
-
-/* Low-level decryption routine. Decrypts one 64-bit block */
-void gostdecrypt(gost_ctx * c, const byte * in, byte * out)
-{
- register word32 n1, n2; /* As named in the GOST */
- n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24);
- n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24);
-
- n2 ^= f(c, n1 + c->k[0]);
- n1 ^= f(c, n2 + c->k[1]);
- n2 ^= f(c, n1 + c->k[2]);
- n1 ^= f(c, n2 + c->k[3]);
- n2 ^= f(c, n1 + c->k[4]);
- n1 ^= f(c, n2 + c->k[5]);
- n2 ^= f(c, n1 + c->k[6]);
- n1 ^= f(c, n2 + c->k[7]);
-
- n2 ^= f(c, n1 + c->k[7]);
- n1 ^= f(c, n2 + c->k[6]);
- n2 ^= f(c, n1 + c->k[5]);
- n1 ^= f(c, n2 + c->k[4]);
- n2 ^= f(c, n1 + c->k[3]);
- n1 ^= f(c, n2 + c->k[2]);
- n2 ^= f(c, n1 + c->k[1]);
- n1 ^= f(c, n2 + c->k[0]);
-
- n2 ^= f(c, n1 + c->k[7]);
- n1 ^= f(c, n2 + c->k[6]);
- n2 ^= f(c, n1 + c->k[5]);
- n1 ^= f(c, n2 + c->k[4]);
- n2 ^= f(c, n1 + c->k[3]);
- n1 ^= f(c, n2 + c->k[2]);
- n2 ^= f(c, n1 + c->k[1]);
- n1 ^= f(c, n2 + c->k[0]);
-
- n2 ^= f(c, n1 + c->k[7]);
- n1 ^= f(c, n2 + c->k[6]);
- n2 ^= f(c, n1 + c->k[5]);
- n1 ^= f(c, n2 + c->k[4]);
- n2 ^= f(c, n1 + c->k[3]);
- n1 ^= f(c, n2 + c->k[2]);
- n2 ^= f(c, n1 + c->k[1]);
- n1 ^= f(c, n2 + c->k[0]);
-
- out[0] = (byte) (n2 & 0xff);
- out[1] = (byte) ((n2 >> 8) & 0xff);
- out[2] = (byte) ((n2 >> 16) & 0xff);
- out[3] = (byte) (n2 >> 24);
- out[4] = (byte) (n1 & 0xff);
- out[5] = (byte) ((n1 >> 8) & 0xff);
- out[6] = (byte) ((n1 >> 16) & 0xff);
- out[7] = (byte) (n1 >> 24);
-}
-
-/* Encrypts several blocks in ECB mode */
-void gost_enc(gost_ctx * c, const byte * clear, byte * cipher, int blocks)
-{
- int i;
- for (i = 0; i < blocks; i++) {
- gostcrypt(c, clear, cipher);
- clear += 8;
- cipher += 8;
- }
-}
-
-/* Decrypts several blocks in ECB mode */
-void gost_dec(gost_ctx * c, const byte * cipher, byte * clear, int blocks)
-{
- int i;
- for (i = 0; i < blocks; i++) {
- gostdecrypt(c, cipher, clear);
- clear += 8;
- cipher += 8;
- }
-}
-
-/* Encrypts several full blocks in CFB mode using 8byte IV */
-void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear,
- byte * cipher, int blocks)
-{
- byte cur_iv[8];
- byte gamma[8];
- int i, j;
- const byte *in;
- byte *out;
- memcpy(cur_iv, iv, 8);
- for (i = 0, in = clear, out = cipher; i < blocks; i++, in += 8, out += 8) {
- gostcrypt(ctx, cur_iv, gamma);
- for (j = 0; j < 8; j++) {
- cur_iv[j] = out[j] = in[j] ^ gamma[j];
- }
- }
-}
-
-/* Decrypts several full blocks in CFB mode using 8byte IV */
-void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher,
- byte * clear, int blocks)
-{
- byte cur_iv[8];
- byte gamma[8];
- int i, j;
- const byte *in;
- byte *out;
- memcpy(cur_iv, iv, 8);
- for (i = 0, in = cipher, out = clear; i < blocks; i++, in += 8, out += 8) {
- gostcrypt(ctx, cur_iv, gamma);
- for (j = 0; j < 8; j++) {
- out[j] = (cur_iv[j] = in[j]) ^ gamma[j];
- }
- }
-}
-
-/* Encrypts one block using specified key */
-void gost_enc_with_key(gost_ctx * c, byte * key, byte * inblock,
- byte * outblock)
-{
- gost_key(c, key);
- gostcrypt(c, inblock, outblock);
-}
-
-/* Set 256 bit key into context */
-void gost_key(gost_ctx * c, const byte * k)
-{
- int i, j;
- for (i = 0, j = 0; i < 8; i++, j += 4) {
- c->k[i] =
- k[j] | (k[j + 1] << 8) | (k[j + 2] << 16) | ((word32) k[j + 3] <<
- 24);
- }
-}
-
-/* Retrieve 256-bit key from context */
-void gost_get_key(gost_ctx * c, byte * k)
-{
- int i, j;
- for (i = 0, j = 0; i < 8; i++, j += 4) {
- k[j] = (byte) (c->k[i] & 0xFF);
- k[j + 1] = (byte) ((c->k[i] >> 8) & 0xFF);
- k[j + 2] = (byte) ((c->k[i] >> 16) & 0xFF);
- k[j + 3] = (byte) ((c->k[i] >> 24) & 0xFF);
- }
-}
-
-/* Initalize context. Provides default value for subst_block */
-void gost_init(gost_ctx * c, const gost_subst_block * b)
-{
- if (!b) {
- b = &GostR3411_94_TestParamSet;
- }
- kboxinit(c, b);
-}
-
-/* Cleans up key from context */
-void gost_destroy(gost_ctx * c)
-{
- int i;
- for (i = 0; i < 8; i++)
- c->k[i] = 0;
-}
-
-/*
- * Compute GOST 28147 mac block Parameters gost_ctx *c - context initalized
- * with substitution blocks and key buffer - 8-byte mac state buffer block
- * 8-byte block to process.
- */
-void mac_block(gost_ctx * c, byte * buffer, const byte * block)
-{
- register word32 n1, n2; /* As named in the GOST */
- int i;
- for (i = 0; i < 8; i++) {
- buffer[i] ^= block[i];
- }
- n1 = buffer[0] | (buffer[1] << 8) | (buffer[2] << 16) | ((word32)
- buffer[3] << 24);
- n2 = buffer[4] | (buffer[5] << 8) | (buffer[6] << 16) | ((word32)
- buffer[7] << 24);
- /* Instead of swapping halves, swap names each round */
-
- n2 ^= f(c, n1 + c->k[0]);
- n1 ^= f(c, n2 + c->k[1]);
- n2 ^= f(c, n1 + c->k[2]);
- n1 ^= f(c, n2 + c->k[3]);
- n2 ^= f(c, n1 + c->k[4]);
- n1 ^= f(c, n2 + c->k[5]);
- n2 ^= f(c, n1 + c->k[6]);
- n1 ^= f(c, n2 + c->k[7]);
-
- n2 ^= f(c, n1 + c->k[0]);
- n1 ^= f(c, n2 + c->k[1]);
- n2 ^= f(c, n1 + c->k[2]);
- n1 ^= f(c, n2 + c->k[3]);
- n2 ^= f(c, n1 + c->k[4]);
- n1 ^= f(c, n2 + c->k[5]);
- n2 ^= f(c, n1 + c->k[6]);
- n1 ^= f(c, n2 + c->k[7]);
-
- buffer[0] = (byte) (n1 & 0xff);
- buffer[1] = (byte) ((n1 >> 8) & 0xff);
- buffer[2] = (byte) ((n1 >> 16) & 0xff);
- buffer[3] = (byte) (n1 >> 24);
- buffer[4] = (byte) (n2 & 0xff);
- buffer[5] = (byte) ((n2 >> 8) & 0xff);
- buffer[6] = (byte) ((n2 >> 16) & 0xff);
- buffer[7] = (byte) (n2 >> 24);
-}
-
-/* Get mac with specified number of bits from MAC state buffer */
-void get_mac(byte * buffer, int nbits, byte * out)
-{
- int nbytes = nbits >> 3;
- int rembits = nbits & 7;
- int mask = rembits ? ((1 < rembits) - 1) : 0;
- int i;
- for (i = 0; i < nbytes; i++)
- out[i] = buffer[i];
- if (rembits)
- out[i] = buffer[i] & mask;
-}
-
-/*
- * Compute mac of specified length (in bits) from data. Context should be
- * initialized with key and subst blocks
- */
-int gost_mac(gost_ctx * ctx, int mac_len, const unsigned char *data,
- unsigned int data_len, unsigned char *mac)
-{
- byte buffer[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
- byte buf2[8];
- unsigned int i;
- for (i = 0; i + 8 <= data_len; i += 8)
- mac_block(ctx, buffer, data + i);
- if (i < data_len) {
- memset(buf2, 0, 8);
- memcpy(buf2, data + i, data_len - i);
- mac_block(ctx, buffer, buf2);
- i += 8;
- }
- if (i == 8) {
- memset(buf2, 0, 8);
- mac_block(ctx, buffer, buf2);
- }
- get_mac(buffer, mac_len, mac);
- return 1;
-}
-
-/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */
-int gost_mac_iv(gost_ctx * ctx, int mac_len, const unsigned char *iv,
- const unsigned char *data, unsigned int data_len,
- unsigned char *mac)
-{
- byte buffer[8];
- byte buf2[8];
- unsigned int i;
- memcpy(buffer, iv, 8);
- for (i = 0; i + 8 <= data_len; i += 8)
- mac_block(ctx, buffer, data + i);
- if (i < data_len) {
- memset(buf2, 0, 8);
- memcpy(buf2, data + i, data_len - i);
- mac_block(ctx, buffer, buf2);
- i += 8;
- }
- if (i == 8) {
- memset(buf2, 0, 8);
- mac_block(ctx, buffer, buf2);
- }
- get_mac(buffer, mac_len, mac);
- return 1;
-}
-
-/* Implements key meshing algorithm by modifing ctx and IV in place */
-void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv)
-{
- unsigned char newkey[32], newiv[8];
- /* Set static keymeshing key */
- /* "Decrypt" key with keymeshing key */
- gost_dec(ctx, CryptoProKeyMeshingKey, newkey, 4);
- /* set new key */
- gost_key(ctx, newkey);
- /* Encrypt iv with new key */
- gostcrypt(ctx, iv, newiv);
- memcpy(iv, newiv, 8);
-}
diff --git a/engines/ccgost/gost89.h b/engines/ccgost/gost89.h
deleted file mode 100644
index e5b877f4482d..000000000000
--- a/engines/ccgost/gost89.h
+++ /dev/null
@@ -1,98 +0,0 @@
-/**********************************************************************
- * gost89.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declarations for GOST 28147-89 encryption algorithm *
- * No OpenSSL libraries required to compile and use *
- * this code *
- **********************************************************************/
-#ifndef GOST89_H
-# define GOST89_H
-
-/* Typedef for unsigned 32-bit integer */
-# if __LONG_MAX__ > 2147483647L
-typedef unsigned int u4;
-# else
-typedef unsigned long u4;
-# endif
-/* Typedef for unsigned 8-bit integer */
-typedef unsigned char byte;
-
-/* Internal representation of GOST substitution blocks */
-typedef struct {
- byte k8[16];
- byte k7[16];
- byte k6[16];
- byte k5[16];
- byte k4[16];
- byte k3[16];
- byte k2[16];
- byte k1[16];
-} gost_subst_block;
-
-/* Cipher context includes key and preprocessed substitution block */
-typedef struct {
- u4 k[8];
- /* Constant s-boxes -- set up in gost_init(). */
- u4 k87[256], k65[256], k43[256], k21[256];
-} gost_ctx;
-/*
- * Note: encrypt and decrypt expect full blocks--padding blocks is caller's
- * responsibility. All bulk encryption is done in ECB mode by these calls.
- * Other modes may be added easily enough.
- */
-/* Encrypt several full blocks in ECB mode */
-void gost_enc(gost_ctx * ctx, const byte * clear, byte * cipher, int blocks);
-/* Decrypt several full blocks in ECB mode */
-void gost_dec(gost_ctx * ctx, const byte * cipher, byte * clear, int blocks);
-/* Encrypts several full blocks in CFB mode using 8byte IV */
-void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear,
- byte * cipher, int blocks);
-/* Decrypts several full blocks in CFB mode using 8byte IV */
-void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher,
- byte * clear, int blocks);
-
-/* Encrypt one block */
-void gostcrypt(gost_ctx * c, const byte * in, byte * out);
-/* Decrypt one block */
-void gostdecrypt(gost_ctx * c, const byte * in, byte * out);
-/* Set key into context */
-void gost_key(gost_ctx * ctx, const byte * key);
-/* Get key from context */
-void gost_get_key(gost_ctx * ctx, byte * key);
-/* Set S-blocks into context */
-void gost_init(gost_ctx * ctx, const gost_subst_block * subst_block);
-/* Clean up context */
-void gost_destroy(gost_ctx * ctx);
-/* Intermediate function used for calculate hash */
-void gost_enc_with_key(gost_ctx *, byte * key, byte * inblock,
- byte * outblock);
-/* Compute MAC of given length in bits from data */
-int gost_mac(gost_ctx * ctx, int hmac_len, const unsigned char *data,
- unsigned int data_len, unsigned char *hmac);
-/*
- * Compute MAC of given length in bits from data, using non-zero 8-byte IV
- * (non-standard, for use in CryptoPro key transport only
- */
-int gost_mac_iv(gost_ctx * ctx, int hmac_len, const unsigned char *iv,
- const unsigned char *data, unsigned int data_len,
- unsigned char *hmac);
-/* Perform one step of MAC calculation like gostcrypt */
-void mac_block(gost_ctx * c, byte * buffer, const byte * block);
-/* Extracts MAC value from mac state buffer */
-void get_mac(byte * buffer, int nbits, byte * out);
-/* Implements cryptopro key meshing algorithm. Expect IV to be 8-byte size*/
-void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv);
-/* Parameter sets specified in RFC 4357 */
-extern gost_subst_block GostR3411_94_TestParamSet;
-extern gost_subst_block GostR3411_94_CryptoProParamSet;
-extern gost_subst_block Gost28147_TestParamSet;
-extern gost_subst_block Gost28147_CryptoProParamSetA;
-extern gost_subst_block Gost28147_CryptoProParamSetB;
-extern gost_subst_block Gost28147_CryptoProParamSetC;
-extern gost_subst_block Gost28147_CryptoProParamSetD;
-extern const byte CryptoProKeyMeshingKey[];
-typedef unsigned int word32;
-
-#endif
diff --git a/engines/ccgost/gost94_keyx.c b/engines/ccgost/gost94_keyx.c
deleted file mode 100644
index 3532bfff3e96..000000000000
--- a/engines/ccgost/gost94_keyx.c
+++ /dev/null
@@ -1,282 +0,0 @@
-/**********************************************************************
- * gost94_keyx.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implements generation and parsing of GOST_KEY_TRANSPORT for *
- * GOST R 34.10-94 algorithms *
- * *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <string.h>
-#include <openssl/dh.h>
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "gost89.h"
-#include "gosthash.h"
-#include "e_gost_err.h"
-#include "gost_keywrap.h"
-#include "gost_lcl.h"
-/* Common functions for both 94 and 2001 key exchange schemes */
-/*
- * Implementation of the Diffi-Hellman key agreement scheme based on GOST-94
- * keys
- */
-
-/*
- * Computes Diffie-Hellman key and stores it into buffer in little-endian
- * byte order as expected by both versions of GOST 94 algorithm
- */
-static int compute_pair_key_le(unsigned char *pair_key, BIGNUM *pub_key,
- DH *dh)
-{
- unsigned char be_key[128];
- int i, key_size;
- key_size = DH_compute_key(be_key, pub_key, dh);
- if (!key_size)
- return 0;
- memset(pair_key, 0, 128);
- for (i = 0; i < key_size; i++) {
- pair_key[i] = be_key[key_size - 1 - i];
- }
- return key_size;
-}
-
-/*
- * Computes 256 bit Key exchange key as specified in RFC 4357
- */
-static int make_cp_exchange_key(BIGNUM *priv_key, EVP_PKEY *pubk,
- unsigned char *shared_key)
-{
- unsigned char dh_key[128];
- int ret;
- gost_hash_ctx hash_ctx;
- DH *dh = DH_new();
-
- if (!dh)
- return 0;
- memset(dh_key, 0, 128);
- dh->g = BN_dup(pubk->pkey.dsa->g);
- dh->p = BN_dup(pubk->pkey.dsa->p);
- dh->priv_key = BN_dup(priv_key);
- ret =
- compute_pair_key_le(dh_key, ((DSA *)(EVP_PKEY_get0(pubk)))->pub_key,
- dh);
- DH_free(dh);
- if (!ret)
- return 0;
- init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet);
- start_hash(&hash_ctx);
- hash_block(&hash_ctx, dh_key, 128);
- finish_hash(&hash_ctx, shared_key);
- done_gost_hash_ctx(&hash_ctx);
- return 1;
-}
-
-/* EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-94 */
-
-int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
-{
- EVP_PKEY *pubk = EVP_PKEY_CTX_get0_peerkey(ctx);
- EVP_PKEY *mykey = EVP_PKEY_CTX_get0_pkey(ctx);
- *keylen = 32;
- if (key == NULL)
- return 1;
-
- return make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, key);
-}
-
-/*
- * EVP_PKEY_METHOD callback encrypt for GOST R 34.10-94 cryptopro
- * modification
- */
-
-int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
- size_t *outlen, const unsigned char *key,
- size_t key_len)
-{
- GOST_KEY_TRANSPORT *gkt = NULL;
- unsigned char shared_key[32], ukm[8], crypted_key[44];
- const struct gost_cipher_info *param = get_encryption_params(NULL);
- EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(ctx);
- struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
- gost_ctx cctx;
- int key_is_ephemeral = 1;
- int tmp_outlen;
- EVP_PKEY *mykey = EVP_PKEY_CTX_get0_peerkey(ctx);
-
- /* Do not use vizir cipher parameters with cryptopro */
- if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS)
- && param == gost_cipher_list) {
- param = gost_cipher_list + 1;
- }
-
- if (mykey) {
- /* If key already set, it is not ephemeral */
- key_is_ephemeral = 0;
- if (!gost_get0_priv_key(mykey)) {
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
- goto err;
- }
- } else {
- /* Otherwise generate ephemeral key */
- key_is_ephemeral = 1;
- if (out) {
- mykey = EVP_PKEY_new();
- if (!mykey)
- goto memerr;
- EVP_PKEY_assign(mykey, EVP_PKEY_base_id(pubk), DSA_new());
- EVP_PKEY_copy_parameters(mykey, pubk);
- if (!gost_sign_keygen(EVP_PKEY_get0(mykey))) {
- goto err;
- }
- }
- }
- if (out)
- make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, shared_key);
- if (data->shared_ukm) {
- memcpy(ukm, data->shared_ukm, 8);
- } else if (out) {
- if (RAND_bytes(ukm, 8) <= 0) {
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_RANDOM_GENERATOR_FAILURE);
- goto err;
- }
- }
-
- if (out) {
- gost_init(&cctx, param->sblock);
- keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key);
- }
- gkt = GOST_KEY_TRANSPORT_new();
- if (!gkt) {
- goto memerr;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) {
- goto memerr;
- }
- if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) {
- goto memerr;
- }
- if (!ASN1_OCTET_STRING_set
- (gkt->key_info->encrypted_key, crypted_key + 8, 32)) {
- goto memerr;
- }
- if (key_is_ephemeral) {
- if (!X509_PUBKEY_set
- (&gkt->key_agreement_info->ephem_key, out ? mykey : pubk)) {
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
- goto err;
- }
- if (out)
- EVP_PKEY_free(mykey);
- }
- ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
- gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
- tmp_outlen = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL);
- if (tmp_outlen <= 0) {
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
- GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO);
- goto err;
- }
- *outlen = tmp_outlen;
- if (!key_is_ephemeral) {
- /* Set control "public key from client certificate used" */
- if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <=
- 0) {
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED);
- goto err;
- }
- }
- GOST_KEY_TRANSPORT_free(gkt);
- return 1;
- memerr:
- if (key_is_ephemeral) {
- EVP_PKEY_free(mykey);
- }
- GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, GOST_R_MALLOC_FAILURE);
- err:
- GOST_KEY_TRANSPORT_free(gkt);
- return -1;
-}
-
-/*
- * EVP_PLEY_METHOD callback decrypt for GOST R 34.10-94 cryptopro
- * modification
- */
-int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key,
- size_t *key_len, const unsigned char *in,
- size_t in_len)
-{
- const unsigned char *p = in;
- GOST_KEY_TRANSPORT *gkt = NULL;
- unsigned char wrappedKey[44];
- unsigned char sharedKey[32];
- gost_ctx cctx;
- const struct gost_cipher_info *param = NULL;
- EVP_PKEY *eph_key = NULL, *peerkey = NULL;
- EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(ctx);
-
- if (!key) {
- *key_len = 32;
- return 1;
- }
-
- gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
- if (!gkt) {
- GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
- GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
- return 0;
- }
- eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
- if (eph_key) {
- if (EVP_PKEY_derive_set_peer(ctx, eph_key) <= 0) {
- GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
- GOST_R_INCOMPATIBLE_PEER_KEY);
- goto err;
- }
- } else {
- /* Set control "public key from client certificate used" */
- if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <=
- 0) {
- GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, GOST_R_CTRL_CALL_FAILED);
- goto err;
- }
- }
- peerkey = EVP_PKEY_CTX_get0_peerkey(ctx);
- if (!peerkey) {
- GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, GOST_R_NO_PEER_KEY);
- goto err;
- }
-
- param = get_encryption_params(gkt->key_agreement_info->cipher);
- if (!param) {
- goto err;
- }
-
- gost_init(&cctx, param->sblock);
- OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8);
- memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
- OPENSSL_assert(gkt->key_info->encrypted_key->length == 32);
- memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
- OPENSSL_assert(gkt->key_info->imit->length == 4);
- memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
- make_cp_exchange_key(gost_get0_priv_key(priv), peerkey, sharedKey);
- if (!keyUnwrapCryptoPro(&cctx, sharedKey, wrappedKey, key)) {
- GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
- GOST_R_ERROR_COMPUTING_SHARED_KEY);
- goto err;
- }
-
- EVP_PKEY_free(eph_key);
- GOST_KEY_TRANSPORT_free(gkt);
- return 1;
- err:
- EVP_PKEY_free(eph_key);
- GOST_KEY_TRANSPORT_free(gkt);
- return -1;
-}
diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c
deleted file mode 100644
index 8283f192f4aa..000000000000
--- a/engines/ccgost/gost_ameth.c
+++ /dev/null
@@ -1,957 +0,0 @@
-/**********************************************************************
- * gost_ameth.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of RFC 4490/4491 ASN1 method *
- * for OpenSSL *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#include "gost_params.h"
-#include "gost_lcl.h"
-#include "e_gost_err.h"
-
-int gost94_nid_by_params(DSA *p)
-{
- R3410_params *gost_params;
- BIGNUM *q = BN_new();
- for (gost_params = R3410_paramset; gost_params->q != NULL; gost_params++) {
- BN_dec2bn(&q, gost_params->q);
- if (!BN_cmp(q, p->q)) {
- BN_free(q);
- return gost_params->nid;
- }
- }
- BN_free(q);
- return NID_undef;
-}
-
-static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
-{
- ASN1_STRING *params = ASN1_STRING_new();
- GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
- int pkey_param_nid = NID_undef;
-
- if (!params || !gkp) {
- GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE);
- ASN1_STRING_free(params);
- params = NULL;
- goto err;
- }
- switch (EVP_PKEY_base_id(key)) {
- case NID_id_GostR3410_2001:
- pkey_param_nid =
- EC_GROUP_get_curve_name(EC_KEY_get0_group
- (EVP_PKEY_get0((EVP_PKEY *)key)));
- break;
- case NID_id_GostR3410_94:
- pkey_param_nid =
- (int)gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
- if (pkey_param_nid == NID_undef) {
- GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
- GOST_R_INVALID_GOST94_PARMSET);
- ASN1_STRING_free(params);
- params = NULL;
- goto err;
- }
- break;
- }
- gkp->key_params = OBJ_nid2obj(pkey_param_nid);
- gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet);
- /*
- * gkp->cipher_params = OBJ_nid2obj(cipher_param_nid);
- */
- params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
- if (params->length <= 0) {
- GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE);
- ASN1_STRING_free(params);
- params = NULL;
- goto err;
- }
- params->type = V_ASN1_SEQUENCE;
- err:
- GOST_KEY_PARAMS_free(gkp);
- return params;
-}
-
-/*
- * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting
- * NID and parameters
- */
-static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg)
-{
- ASN1_OBJECT *palg_obj = NULL;
- int ptype = V_ASN1_UNDEF;
- int pkey_nid = NID_undef, param_nid = NID_undef;
- void *_pval;
- ASN1_STRING *pval = NULL;
- const unsigned char *p;
- GOST_KEY_PARAMS *gkp = NULL;
-
- X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg);
- pval = _pval;
- if (ptype != V_ASN1_SEQUENCE) {
- GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
- GOST_R_BAD_KEY_PARAMETERS_FORMAT);
- return 0;
- }
- p = pval->data;
- pkey_nid = OBJ_obj2nid(palg_obj);
-
- gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length);
- if (!gkp) {
- GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
- GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
- return 0;
- }
- param_nid = OBJ_obj2nid(gkp->key_params);
- GOST_KEY_PARAMS_free(gkp);
- if(!EVP_PKEY_set_type(pkey, pkey_nid)) {
- GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- switch (pkey_nid) {
- case NID_id_GostR3410_94:
- {
- DSA *dsa = EVP_PKEY_get0(pkey);
- if (!dsa) {
- dsa = DSA_new();
- if (!EVP_PKEY_assign(pkey, pkey_nid, dsa))
- return 0;
- }
- if (!fill_GOST94_params(dsa, param_nid))
- return 0;
- break;
- }
- case NID_id_GostR3410_2001:
- {
- EC_KEY *ec = EVP_PKEY_get0(pkey);
- if (!ec) {
- ec = EC_KEY_new();
- if (!EVP_PKEY_assign(pkey, pkey_nid, ec))
- return 0;
- }
- if (!fill_GOST2001_params(ec, param_nid))
- return 0;
- }
- }
-
- return 1;
-}
-
-static int gost_set_priv_key(EVP_PKEY *pkey, BIGNUM *priv)
-{
- switch (EVP_PKEY_base_id(pkey)) {
- case NID_id_GostR3410_94:
- {
- DSA *dsa = EVP_PKEY_get0(pkey);
- if (!dsa) {
- dsa = DSA_new();
- EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), dsa);
- }
- dsa->priv_key = BN_dup(priv);
- if (!EVP_PKEY_missing_parameters(pkey))
- gost94_compute_public(dsa);
- break;
- }
- case NID_id_GostR3410_2001:
- {
- EC_KEY *ec = EVP_PKEY_get0(pkey);
- if (!ec) {
- ec = EC_KEY_new();
- EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), ec);
- }
- if (!EC_KEY_set_private_key(ec, priv))
- return 0;
- if (!EVP_PKEY_missing_parameters(pkey))
- gost2001_compute_public(ec);
- break;
- }
- }
- return 1;
-}
-
-BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey)
-{
- switch (EVP_PKEY_base_id(pkey)) {
- case NID_id_GostR3410_94:
- {
- DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
- if (!dsa) {
- return NULL;
- }
- if (!dsa->priv_key)
- return NULL;
- return dsa->priv_key;
- break;
- }
- case NID_id_GostR3410_2001:
- {
- EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
- const BIGNUM *priv;
- if (!ec) {
- return NULL;
- }
- if (!(priv = EC_KEY_get0_private_key(ec)))
- return NULL;
- return (BIGNUM *)priv;
- break;
- }
- }
- return NULL;
-}
-
-static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
- switch (op) {
- case ASN1_PKEY_CTRL_PKCS7_SIGN:
- if (arg1 == 0) {
- X509_ALGOR *alg1 = NULL, *alg2 = NULL;
- int nid = EVP_PKEY_base_id(pkey);
- PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO *)arg2,
- NULL, &alg1, &alg2);
- X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
- V_ASN1_NULL, 0);
- if (nid == NID_undef) {
- return (-1);
- }
- X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
- }
- return 1;
-#ifndef OPENSSL_NO_CMS
- case ASN1_PKEY_CTRL_CMS_SIGN:
- if (arg1 == 0) {
- X509_ALGOR *alg1 = NULL, *alg2 = NULL;
- int nid = EVP_PKEY_base_id(pkey);
- CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2,
- NULL, NULL, &alg1, &alg2);
- X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
- V_ASN1_NULL, 0);
- if (nid == NID_undef) {
- return (-1);
- }
- X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
- }
- return 1;
-#endif
- case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
- if (arg1 == 0) {
- X509_ALGOR *alg;
- ASN1_STRING *params = encode_gost_algor_params(pkey);
- if (!params) {
- return -1;
- }
- PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg);
- X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
- V_ASN1_SEQUENCE, params);
- }
- return 1;
-#ifndef OPENSSL_NO_CMS
- case ASN1_PKEY_CTRL_CMS_ENVELOPE:
- if (arg1 == 0) {
- X509_ALGOR *alg = NULL;
- ASN1_STRING *params = encode_gost_algor_params(pkey);
- if (!params) {
- return -1;
- }
- CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL,
- NULL, &alg);
- X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), V_ASN1_SEQUENCE,
- params);
- }
- return 1;
-#endif
- case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
- *(int *)arg2 = NID_id_GostR3411_94;
- return 2;
- }
-
- return -2;
-}
-
-/* --------------------- free functions * ------------------------------*/
-static void pkey_free_gost94(EVP_PKEY *key)
-{
- if (key->pkey.dsa) {
- DSA_free(key->pkey.dsa);
- }
-}
-
-static void pkey_free_gost01(EVP_PKEY *key)
-{
- if (key->pkey.ec) {
- EC_KEY_free(key->pkey.ec);
- }
-}
-
-/* ------------------ private key functions -----------------------------*/
-static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
-{
- const unsigned char *pkey_buf = NULL, *p = NULL;
- int priv_len = 0;
- BIGNUM *pk_num = NULL;
- int ret = 0;
- X509_ALGOR *palg = NULL;
- ASN1_OBJECT *palg_obj = NULL;
- ASN1_INTEGER *priv_key = NULL;
-
- if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf))
- return 0;
- p = pkey_buf;
- if (!decode_gost_algor_params(pk, palg)) {
- return 0;
- }
- if (V_ASN1_OCTET_STRING == *p) {
- /* New format - Little endian octet string */
- unsigned char rev_buf[32];
- int i;
- ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
- if (!s || s->length != 32) {
- GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
- return 0;
- }
- for (i = 0; i < 32; i++) {
- rev_buf[31 - i] = s->data[i];
- }
- ASN1_STRING_free(s);
- pk_num = getbnfrombuf(rev_buf, 32);
- } else {
- priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len);
- if (!priv_key)
- return 0;
- ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL);
- ASN1_INTEGER_free(priv_key);
- if (!ret) {
- GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
- return 0;
- }
- }
-
- ret = gost_set_priv_key(pk, pk_num);
- BN_free(pk_num);
- return ret;
-}
-
-/* ----------------------------------------------------------------------*/
-static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
-{
- ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
- ASN1_STRING *params = encode_gost_algor_params(pk);
- unsigned char *priv_buf = NULL;
- int priv_len;
-
- ASN1_INTEGER *asn1key = NULL;
- if (!params) {
- return 0;
- }
- asn1key = BN_to_ASN1_INTEGER(gost_get0_priv_key(pk), NULL);
- priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf);
- ASN1_INTEGER_free(asn1key);
- return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params,
- priv_buf, priv_len);
-}
-
-/* --------- printing keys --------------------------------*/
-static int print_gost_94(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx, int type)
-{
- int param_nid = NID_undef;
-
- if (type == 2) {
- BIGNUM *key;
-
- if (!BIO_indent(out, indent, 128))
- return 0;
- BIO_printf(out, "Private key: ");
- key = gost_get0_priv_key(pkey);
- if (!key)
- BIO_printf(out, "<undefined>");
- else
- BN_print(out, key);
- BIO_printf(out, "\n");
- }
- if (type >= 1) {
- BIGNUM *pubkey;
-
- pubkey = ((DSA *)EVP_PKEY_get0((EVP_PKEY *)pkey))->pub_key;
- BIO_indent(out, indent, 128);
- BIO_printf(out, "Public key: ");
- BN_print(out, pubkey);
- BIO_printf(out, "\n");
- }
-
- param_nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
- BIO_indent(out, indent, 128);
- BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
- return 1;
-}
-
-static int param_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
- return print_gost_94(out, pkey, indent, pctx, 0);
-}
-
-static int pub_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
- return print_gost_94(out, pkey, indent, pctx, 1);
-}
-
-static int priv_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
- return print_gost_94(out, pkey, indent, pctx, 2);
-}
-
-static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx, int type)
-{
- int param_nid = NID_undef;
- if (type == 2) {
- BIGNUM *key;
-
- if (!BIO_indent(out, indent, 128))
- return 0;
- BIO_printf(out, "Private key: ");
- key = gost_get0_priv_key(pkey);
- if (!key)
- BIO_printf(out, "<undefined)");
- else
- BN_print(out, key);
- BIO_printf(out, "\n");
- }
- if (type >= 1) {
- BN_CTX *ctx = BN_CTX_new();
- BIGNUM *X, *Y;
- const EC_POINT *pubkey;
- const EC_GROUP *group;
-
- if (!ctx) {
- GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- BN_CTX_start(ctx);
- X = BN_CTX_get(ctx);
- Y = BN_CTX_get(ctx);
- pubkey =
- EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
- group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
- if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) {
- GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_EC_LIB);
- BN_CTX_free(ctx);
- return 0;
- }
- if (!BIO_indent(out, indent, 128))
- return 0;
- BIO_printf(out, "Public key:\n");
- if (!BIO_indent(out, indent + 3, 128))
- return 0;
- BIO_printf(out, "X:");
- BN_print(out, X);
- BIO_printf(out, "\n");
- BIO_indent(out, indent + 3, 128);
- BIO_printf(out, "Y:");
- BN_print(out, Y);
- BIO_printf(out, "\n");
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
-
- param_nid =
- EC_GROUP_get_curve_name(EC_KEY_get0_group
- (EVP_PKEY_get0((EVP_PKEY *)pkey)));
- if (!BIO_indent(out, indent, 128))
- return 0;
- BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
- return 1;
-}
-
-static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
- return print_gost_01(out, pkey, indent, pctx, 0);
-}
-
-static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
- return print_gost_01(out, pkey, indent, pctx, 1);
-}
-
-static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx)
-{
- return print_gost_01(out, pkey, indent, pctx, 2);
-}
-
-/* ---------------------------------------------------------------------*/
-static int param_missing_gost94(const EVP_PKEY *pk)
-{
- const DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
- if (!dsa)
- return 1;
- if (!dsa->q)
- return 1;
- return 0;
-}
-
-static int param_missing_gost01(const EVP_PKEY *pk)
-{
- const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
- if (!ec)
- return 1;
- if (!EC_KEY_get0_group(ec))
- return 1;
- return 0;
-}
-
-static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from)
-{
- const DSA *dfrom = EVP_PKEY_get0((EVP_PKEY *)from);
- DSA *dto = EVP_PKEY_get0(to);
- if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
- GOSTerr(GOST_F_PARAM_COPY_GOST94, GOST_R_INCOMPATIBLE_ALGORITHMS);
- return 0;
- }
- if (!dfrom) {
- GOSTerr(GOST_F_PARAM_COPY_GOST94, GOST_R_KEY_PARAMETERS_MISSING);
- return 0;
- }
- if (!dto) {
- dto = DSA_new();
- EVP_PKEY_assign(to, EVP_PKEY_base_id(from), dto);
- }
-#define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x);
- COPYBIGNUM(dto, dfrom, p)
- COPYBIGNUM(dto, dfrom, q)
- COPYBIGNUM(dto, dfrom, g)
-
- if (dto->priv_key)
- gost94_compute_public(dto);
- return 1;
-}
-
-static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
-{
- EC_KEY *eto = EVP_PKEY_get0(to);
- const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
- if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
- GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_INCOMPATIBLE_ALGORITHMS);
- return 0;
- }
- if (!efrom) {
- GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_KEY_PARAMETERS_MISSING);
- return 0;
- }
- if (!eto) {
- eto = EC_KEY_new();
- if(!eto) {
- GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if(!EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto)) {
- GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- }
- if(!EC_KEY_set_group(eto, EC_KEY_get0_group(efrom))) {
- GOSTerr(GOST_F_PARAM_COPY_GOST01, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- if (EC_KEY_get0_private_key(eto)) {
- gost2001_compute_public(eto);
- }
- return 1;
-}
-
-static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
-{
- const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
- const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
- if (!BN_cmp(da->q, db->q))
- return 1;
- return 0;
-}
-
-static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
-{
- if (EC_GROUP_get_curve_name
- (EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a))) ==
- EC_GROUP_get_curve_name(EC_KEY_get0_group
- (EVP_PKEY_get0((EVP_PKEY *)b)))) {
- return 1;
- }
- return 0;
-
-}
-
-/* ---------- Public key functions * --------------------------------------*/
-static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub)
-{
- X509_ALGOR *palg = NULL;
- const unsigned char *pubkey_buf = NULL;
- unsigned char *databuf;
- ASN1_OBJECT *palgobj = NULL;
- int pub_len, i, j;
- DSA *dsa;
- ASN1_OCTET_STRING *octet = NULL;
-
- if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub))
- return 0;
- EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL);
- if (!decode_gost_algor_params(pk, palg))
- return 0;
- octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
- if (!octet) {
- GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- databuf = OPENSSL_malloc(octet->length);
- if (databuf == NULL) {
- GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) {
- databuf[j] = octet->data[i];
- }
- dsa = EVP_PKEY_get0(pk);
- dsa->pub_key = BN_bin2bn(databuf, octet->length, NULL);
- ASN1_OCTET_STRING_free(octet);
- OPENSSL_free(databuf);
- return 1;
-
-}
-
-static int pub_encode_gost94(X509_PUBKEY *pub, const EVP_PKEY *pk)
-{
- ASN1_OBJECT *algobj = NULL;
- ASN1_OCTET_STRING *octet = NULL;
- void *pval = NULL;
- unsigned char *buf = NULL, *databuf, *sptr;
- int i, j, data_len, ret = 0;
-
- int ptype = V_ASN1_UNDEF;
- DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
- algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
- if (pk->save_parameters) {
- ASN1_STRING *params = encode_gost_algor_params(pk);
- pval = params;
- ptype = V_ASN1_SEQUENCE;
- }
- data_len = BN_num_bytes(dsa->pub_key);
- databuf = OPENSSL_malloc(data_len);
- if (databuf == NULL)
- return 0;
- BN_bn2bin(dsa->pub_key, databuf);
- octet = ASN1_OCTET_STRING_new();
- ASN1_STRING_set(octet, NULL, data_len);
- sptr = ASN1_STRING_data(octet);
- for (i = 0, j = data_len - 1; i < data_len; i++, j--) {
- sptr[i] = databuf[j];
- }
- OPENSSL_free(databuf);
- ret = i2d_ASN1_OCTET_STRING(octet, &buf);
- ASN1_BIT_STRING_free(octet);
- if (ret < 0)
- return 0;
- return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
-}
-
-static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
-{
- X509_ALGOR *palg = NULL;
- const unsigned char *pubkey_buf = NULL;
- unsigned char *databuf;
- ASN1_OBJECT *palgobj = NULL;
- int pub_len, i, j;
- EC_POINT *pub_key;
- BIGNUM *X, *Y;
- ASN1_OCTET_STRING *octet = NULL;
- int len;
- const EC_GROUP *group;
-
- if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub))
- return 0;
- EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL);
- if (!decode_gost_algor_params(pk, palg))
- return 0;
- group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
- octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
- if (!octet) {
- GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- databuf = OPENSSL_malloc(octet->length);
- if (databuf == NULL) {
- GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) {
- databuf[j] = octet->data[i];
- }
- len = octet->length / 2;
- ASN1_OCTET_STRING_free(octet);
-
- Y = getbnfrombuf(databuf, len);
- X = getbnfrombuf(databuf + len, len);
- OPENSSL_free(databuf);
- pub_key = EC_POINT_new(group);
- if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) {
- GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB);
- EC_POINT_free(pub_key);
- BN_free(X);
- BN_free(Y);
- return 0;
- }
- BN_free(X);
- BN_free(Y);
- if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) {
- GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB);
- EC_POINT_free(pub_key);
- return 0;
- }
- EC_POINT_free(pub_key);
- return 1;
-
-}
-
-static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk)
-{
- ASN1_OBJECT *algobj = NULL;
- ASN1_OCTET_STRING *octet = NULL;
- void *pval = NULL;
- unsigned char *buf = NULL, *databuf, *sptr;
- int i, j, data_len, ret = 0;
- const EC_POINT *pub_key;
- BIGNUM *X, *Y, *order;
- const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
- int ptype = V_ASN1_UNDEF;
-
- algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
- if (pk->save_parameters) {
- ASN1_STRING *params = encode_gost_algor_params(pk);
- pval = params;
- ptype = V_ASN1_SEQUENCE;
- }
- order = BN_new();
- EC_GROUP_get_order(EC_KEY_get0_group(ec), order, NULL);
- pub_key = EC_KEY_get0_public_key(ec);
- if (!pub_key) {
- GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED);
- return 0;
- }
- X = BN_new();
- Y = BN_new();
- if(!X || !Y) {
- GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE);
- if(X) BN_free(X);
- if(Y) BN_free(Y);
- BN_free(order);
- return 0;
- }
- if(!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec),
- pub_key, X, Y, NULL)) {
- GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_INTERNAL_ERROR);
- BN_free(X);
- BN_free(Y);
- BN_free(order);
- return 0;
- }
- data_len = 2 * BN_num_bytes(order);
- BN_free(order);
- databuf = OPENSSL_malloc(data_len);
- if (databuf == NULL) {
- GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- memset(databuf, 0, data_len);
-
- store_bignum(X, databuf + data_len / 2, data_len / 2);
- store_bignum(Y, databuf, data_len / 2);
-
- BN_free(X);
- BN_free(Y);
- octet = ASN1_OCTET_STRING_new();
- ASN1_STRING_set(octet, NULL, data_len);
- sptr = ASN1_STRING_data(octet);
- for (i = 0, j = data_len - 1; i < data_len; i++, j--) {
- sptr[i] = databuf[j];
- }
- OPENSSL_free(databuf);
- ret = i2d_ASN1_OCTET_STRING(octet, &buf);
- ASN1_BIT_STRING_free(octet);
- if (ret < 0)
- return 0;
- return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
-}
-
-static int pub_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
-{
- const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
- const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
- if (da && db && da->pub_key && db->pub_key
- && !BN_cmp(da->pub_key, db->pub_key)) {
- return 1;
- }
- return 0;
-}
-
-static int pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
-{
- const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a);
- const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b);
- const EC_POINT *ka, *kb;
- int ret = 0;
- if (!ea || !eb)
- return 0;
- ka = EC_KEY_get0_public_key(ea);
- kb = EC_KEY_get0_public_key(eb);
- if (!ka || !kb)
- return 0;
- ret = (0 == EC_POINT_cmp(EC_KEY_get0_group(ea), ka, kb, NULL));
- return ret;
-}
-
-static int pkey_size_gost(const EVP_PKEY *pk)
-{
- return 64;
-}
-
-static int pkey_bits_gost(const EVP_PKEY *pk)
-{
- return 256;
-}
-
-/* ---------------------- ASN1 METHOD for GOST MAC -------------------*/
-static void mackey_free_gost(EVP_PKEY *pk)
-{
- if (pk->pkey.ptr) {
- OPENSSL_free(pk->pkey.ptr);
- }
-}
-
-static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
- switch (op) {
- case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
- *(int *)arg2 = NID_id_Gost28147_89_MAC;
- return 2;
- }
- return -2;
-}
-
-static int gost94_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
- int nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
- return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder);
-}
-
-static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
- int nid =
- EC_GROUP_get_curve_name(EC_KEY_get0_group
- (EVP_PKEY_get0((EVP_PKEY *)pkey)));
- return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder);
-}
-
-static int gost94_param_decode(EVP_PKEY *pkey, const unsigned char **pder,
- int derlen)
-{
- ASN1_OBJECT *obj = NULL;
- DSA *dsa = EVP_PKEY_get0(pkey);
- int nid;
- if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
- return 0;
- }
- nid = OBJ_obj2nid(obj);
- ASN1_OBJECT_free(obj);
- if (!dsa) {
- dsa = DSA_new();
- if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa))
- return 0;
- }
- if (!fill_GOST94_params(dsa, nid))
- return 0;
- return 1;
-}
-
-static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder,
- int derlen)
-{
- ASN1_OBJECT *obj = NULL;
- int nid;
- EC_KEY *ec = EVP_PKEY_get0(pkey);
- if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
- return 0;
- }
- nid = OBJ_obj2nid(obj);
- ASN1_OBJECT_free(obj);
- if (!ec) {
- ec = EC_KEY_new();
- if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec))
- return 0;
- }
- if (!fill_GOST2001_params(ec, nid))
- return 0;
- return 1;
-}
-
-/* ----------------------------------------------------------------------*/
-int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
- const char *pemstr, const char *info)
-{
- *ameth = EVP_PKEY_asn1_new(nid, ASN1_PKEY_SIGPARAM_NULL, pemstr, info);
- if (!*ameth)
- return 0;
- switch (nid) {
- case NID_id_GostR3410_94:
- EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost94);
- EVP_PKEY_asn1_set_private(*ameth,
- priv_decode_gost, priv_encode_gost,
- priv_print_gost94);
-
- EVP_PKEY_asn1_set_param(*ameth,
- gost94_param_decode, gost94_param_encode,
- param_missing_gost94, param_copy_gost94,
- param_cmp_gost94, param_print_gost94);
- EVP_PKEY_asn1_set_public(*ameth,
- pub_decode_gost94, pub_encode_gost94,
- pub_cmp_gost94, pub_print_gost94,
- pkey_size_gost, pkey_bits_gost);
-
- EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost);
- break;
- case NID_id_GostR3410_2001:
- EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost01);
- EVP_PKEY_asn1_set_private(*ameth,
- priv_decode_gost, priv_encode_gost,
- priv_print_gost01);
-
- EVP_PKEY_asn1_set_param(*ameth,
- gost2001_param_decode, gost2001_param_encode,
- param_missing_gost01, param_copy_gost01,
- param_cmp_gost01, param_print_gost01);
- EVP_PKEY_asn1_set_public(*ameth,
- pub_decode_gost01, pub_encode_gost01,
- pub_cmp_gost01, pub_print_gost01,
- pkey_size_gost, pkey_bits_gost);
-
- EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost);
- break;
- case NID_id_Gost28147_89_MAC:
- EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
- EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost);
- break;
- }
- return 1;
-}
diff --git a/engines/ccgost/gost_asn1.c b/engines/ccgost/gost_asn1.c
deleted file mode 100644
index 11686339b7a5..000000000000
--- a/engines/ccgost/gost_asn1.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/**********************************************************************
- * gost_keytrans.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * ASN1 structure definition for GOST key transport *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <stdio.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include "gost_lcl.h"
-
-ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = {
- ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO),
- ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0)
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT)
-
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
-
-ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = {
- ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING),
- ASN1_SIMPLE(GOST_KEY_INFO, imit, ASN1_OCTET_STRING)
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO)
-
-ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = {
- ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT),
- ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0),
- ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING)
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
-
-ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = {
- ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT),
- ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT),
- ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT),
-} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS)
-
-IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
-
-ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = {
- ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING),
- ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT),
-} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS)
-
-IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
-
-ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */
- ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT)
-}
-
-ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
-IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
diff --git a/engines/ccgost/gost_crypt.c b/engines/ccgost/gost_crypt.c
deleted file mode 100644
index 2bbdc6ccd67a..000000000000
--- a/engines/ccgost/gost_crypt.c
+++ /dev/null
@@ -1,623 +0,0 @@
-/**********************************************************************
- * gost_crypt.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * OpenSSL interface to GOST 28147-89 cipher functions *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <string.h>
-#include "gost89.h"
-#include <openssl/rand.h>
-#include "e_gost_err.h"
-#include "gost_lcl.h"
-
-#if !defined(CCGOST_DEBUG) && !defined(DEBUG)
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-/* Handles block of data in CFB mode */
-static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);
-/* Handles block of data in CNT mode */
-static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);
-/* Cleanup function */
-static int gost_cipher_cleanup(EVP_CIPHER_CTX *);
-/* set/get cipher parameters */
-static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
-static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
-/* Control function */
-static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-
-EVP_CIPHER cipher_gost = {
- NID_id_Gost28147_89,
- 1, /* block_size */
- 32, /* key_size */
- 8, /* iv_len */
- EVP_CIPH_CFB_MODE | EVP_CIPH_NO_PADDING |
- EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
- gost_cipher_init,
- gost_cipher_do_cfb,
- gost_cipher_cleanup,
- sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
- gost89_set_asn1_parameters,
- gost89_get_asn1_parameters,
- gost_cipher_ctl,
- NULL,
-};
-
-EVP_CIPHER cipher_gost_cpacnt = {
- NID_gost89_cnt,
- 1, /* block_size */
- 32, /* key_size */
- 8, /* iv_len */
- EVP_CIPH_OFB_MODE | EVP_CIPH_NO_PADDING |
- EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
- gost_cipher_init_cpa,
- gost_cipher_do_cnt,
- gost_cipher_cleanup,
- sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
- gost89_set_asn1_parameters,
- gost89_get_asn1_parameters,
- gost_cipher_ctl,
- NULL,
-};
-
-/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
-/* Init functions which set specific parameters */
-static int gost_imit_init_cpa(EVP_MD_CTX *ctx);
-/* process block of data */
-static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count);
-/* Return computed value */
-static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md);
-/* Copies context */
-static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
-static int gost_imit_cleanup(EVP_MD_CTX *ctx);
-/* Control function, knows how to set MAC key.*/
-static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
-
-EVP_MD imit_gost_cpa = {
- NID_id_Gost28147_89_MAC,
- NID_undef,
- 4,
- 0,
- gost_imit_init_cpa,
- gost_imit_update,
- gost_imit_final,
- gost_imit_copy,
- gost_imit_cleanup,
- NULL,
- NULL,
- {0, 0, 0, 0, 0},
- 8,
- sizeof(struct ossl_gost_imit_ctx),
- gost_imit_ctrl
-};
-
-/*
- * Correspondence between gost parameter OIDs and substitution blocks
- * NID field is filed by register_gost_NID function in engine.c
- * upon engine initialization
- */
-
-struct gost_cipher_info gost_cipher_list[] = {
- /*- NID *//*
- * Subst block
- *//*
- * Key meshing
- */
- /*
- * {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},
- */
- {NID_id_Gost28147_89_cc, &GostR3411_94_CryptoProParamSet, 0},
- {NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA,
- 1},
- {NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB,
- 1},
- {NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC,
- 1},
- {NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD,
- 1},
- {NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1},
- {NID_undef, NULL, 0}
-};
-
-/*
- * get encryption parameters from crypto network settings FIXME For now we
- * use environment var CRYPT_PARAMS as place to store these settings.
- * Actually, it is better to use engine control command, read from
- * configuration file to set them
- */
-const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj)
-{
- int nid;
- struct gost_cipher_info *param;
- if (!obj) {
- const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS);
- if (!params || !strlen(params))
- return &gost_cipher_list[1];
-
- nid = OBJ_txt2nid(params);
- if (nid == NID_undef) {
- GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
- GOST_R_INVALID_CIPHER_PARAM_OID);
- return NULL;
- }
- } else {
- nid = OBJ_obj2nid(obj);
- }
- for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid;
- param++) ;
- if (!param->sblock) {
- GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
- return NULL;
- }
- return param;
-}
-
-/* Sets cipher param from paramset NID. */
-static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid)
-{
- const struct gost_cipher_info *param;
- param =
- get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid)));
- if (!param)
- return 0;
-
- c->paramNID = param->nid;
- c->key_meshing = param->key_meshing;
- c->count = 0;
- gost_init(&(c->cctx), param->sblock);
- return 1;
-}
-
-/* Initializes EVP_CIPHER_CTX by paramset NID */
-static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx,
- const unsigned char *key,
- const unsigned char *iv, int enc,
- int paramNID, int mode)
-{
- struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
- if (ctx->app_data == NULL) {
- if (!gost_cipher_set_param(c, paramNID))
- return 0;
- ctx->app_data = ctx->cipher_data;
- }
- if (key)
- gost_key(&(c->cctx), key);
- if (iv)
- memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
- return 1;
-}
-
-static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
- gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
- c->key_meshing = 1;
- c->count = 0;
- if (key)
- gost_key(&(c->cctx), key);
- if (iv)
- memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
- return 1;
-}
-
-/* Initializes EVP_CIPHER_CTX with default values */
-int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
- EVP_CIPH_CFB_MODE);
-}
-
-/*
- * Wrapper around gostcrypt function from gost89.c which perform key meshing
- * when nesseccary
- */
-static void gost_crypt_mesh(void *ctx, unsigned char *iv, unsigned char *buf)
-{
- struct ossl_gost_cipher_ctx *c = ctx;
- assert(c->count % 8 == 0 && c->count <= 1024);
- if (c->key_meshing && c->count == 1024) {
- cryptopro_key_meshing(&(c->cctx), iv);
- }
- gostcrypt(&(c->cctx), iv, buf);
- c->count = c->count % 1024 + 8;
-}
-
-static void gost_cnt_next(void *ctx, unsigned char *iv, unsigned char *buf)
-{
- struct ossl_gost_cipher_ctx *c = ctx;
- word32 g, go;
- unsigned char buf1[8];
- assert(c->count % 8 == 0 && c->count <= 1024);
- if (c->key_meshing && c->count == 1024) {
- cryptopro_key_meshing(&(c->cctx), iv);
- }
- if (c->count == 0) {
- gostcrypt(&(c->cctx), iv, buf1);
- } else {
- memcpy(buf1, iv, 8);
- }
- g = buf1[0] | (buf1[1] << 8) | (buf1[2] << 16) | ((word32) buf1[3] << 24);
- g += 0x01010101;
- buf1[0] = (unsigned char)(g & 0xff);
- buf1[1] = (unsigned char)((g >> 8) & 0xff);
- buf1[2] = (unsigned char)((g >> 16) & 0xff);
- buf1[3] = (unsigned char)((g >> 24) & 0xff);
- g = buf1[4] | (buf1[5] << 8) | (buf1[6] << 16) | ((word32) buf1[7] << 24);
- go = g;
- g += 0x01010104;
- if (go > g) /* overflow */
- g++;
- buf1[4] = (unsigned char)(g & 0xff);
- buf1[5] = (unsigned char)((g >> 8) & 0xff);
- buf1[6] = (unsigned char)((g >> 16) & 0xff);
- buf1[7] = (unsigned char)((g >> 24) & 0xff);
- memcpy(iv, buf1, 8);
- gostcrypt(&(c->cctx), buf1, buf);
- c->count = c->count % 1024 + 8;
-}
-
-/* GOST encryption in CFB mode */
-int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
-{
- const unsigned char *in_ptr = in;
- unsigned char *out_ptr = out;
- size_t i = 0;
- size_t j = 0;
-/* process partial block if any */
- if (ctx->num) {
- for (j = ctx->num, i = 0; j < 8 && i < inl;
- j++, i++, in_ptr++, out_ptr++) {
- if (!ctx->encrypt)
- ctx->buf[j + 8] = *in_ptr;
- *out_ptr = ctx->buf[j] ^ (*in_ptr);
- if (ctx->encrypt)
- ctx->buf[j + 8] = *out_ptr;
- }
- if (j == 8) {
- memcpy(ctx->iv, ctx->buf + 8, 8);
- ctx->num = 0;
- } else {
- ctx->num = j;
- return 1;
- }
- }
-
- for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
- /*
- * block cipher current iv
- */
- gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
- /*
- * xor next block of input text with it and output it
- */
- /*
- * output this block
- */
- if (!ctx->encrypt)
- memcpy(ctx->iv, in_ptr, 8);
- for (j = 0; j < 8; j++) {
- out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
- }
- /* Encrypt */
- /* Next iv is next block of cipher text */
- if (ctx->encrypt)
- memcpy(ctx->iv, out_ptr, 8);
- }
-/* Process rest of buffer */
- if (i < inl) {
- gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
- if (!ctx->encrypt)
- memcpy(ctx->buf + 8, in_ptr, inl - i);
- for (j = 0; i < inl; j++, i++) {
- out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
- }
- ctx->num = j;
- if (ctx->encrypt)
- memcpy(ctx->buf + 8, out_ptr, j);
- } else {
- ctx->num = 0;
- }
- return 1;
-}
-
-static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
-{
- const unsigned char *in_ptr = in;
- unsigned char *out_ptr = out;
- size_t i = 0;
- size_t j;
-/* process partial block if any */
- if (ctx->num) {
- for (j = ctx->num, i = 0; j < 8 && i < inl;
- j++, i++, in_ptr++, out_ptr++) {
- *out_ptr = ctx->buf[j] ^ (*in_ptr);
- }
- if (j == 8) {
- ctx->num = 0;
- } else {
- ctx->num = j;
- return 1;
- }
- }
-
- for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
- /*
- * block cipher current iv
- */
- /* Encrypt */
- gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
- /*
- * xor next block of input text with it and output it
- */
- /*
- * output this block
- */
- for (j = 0; j < 8; j++) {
- out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
- }
- }
-/* Process rest of buffer */
- if (i < inl) {
- gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
- for (j = 0; i < inl; j++, i++) {
- out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
- }
- ctx->num = j;
- } else {
- ctx->num = 0;
- }
- return 1;
-}
-
-/* Cleaning up of EVP_CIPHER_CTX */
-int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
-{
- gost_destroy(&((struct ossl_gost_cipher_ctx *)ctx->cipher_data)->cctx);
- ctx->app_data = NULL;
- return 1;
-}
-
-/* Control function for gost cipher */
-int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
- switch (type) {
- case EVP_CTRL_RAND_KEY:
- {
- if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) {
- GOSTerr(GOST_F_GOST_CIPHER_CTL,
- GOST_R_RANDOM_GENERATOR_ERROR);
- return -1;
- }
- break;
- }
- case EVP_CTRL_PBE_PRF_NID:
- if (ptr) {
- *((int *)ptr) = NID_id_HMACGostR3411_94;
- return 1;
- } else {
- return 0;
- }
-
- default:
- GOSTerr(GOST_F_GOST_CIPHER_CTL,
- GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
- return -1;
- }
- return 1;
-}
-
-/* Set cipher parameters from ASN1 structure */
-int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
-{
- int len = 0;
- unsigned char *buf = NULL;
- unsigned char *p = NULL;
- struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
- GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
- ASN1_OCTET_STRING *os = NULL;
- if (!gcp) {
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
- }
- if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
- GOST_CIPHER_PARAMS_free(gcp);
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
- }
- ASN1_OBJECT_free(gcp->enc_param_set);
- gcp->enc_param_set = OBJ_nid2obj(c->paramNID);
-
- len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
- p = buf = (unsigned char *)OPENSSL_malloc(len);
- if (!buf) {
- GOST_CIPHER_PARAMS_free(gcp);
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
- }
- i2d_GOST_CIPHER_PARAMS(gcp, &p);
- GOST_CIPHER_PARAMS_free(gcp);
-
- os = ASN1_OCTET_STRING_new();
-
- if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) {
- OPENSSL_free(buf);
- GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
- return 0;
- }
- OPENSSL_free(buf);
-
- ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
- return 1;
-}
-
-/* Store parameters into ASN1 structure */
-int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
-{
- int ret = -1;
- int len;
- GOST_CIPHER_PARAMS *gcp = NULL;
- unsigned char *p;
- struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
- if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
- return ret;
- }
-
- p = params->value.sequence->data;
-
- gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
- params->value.sequence->length);
-
- len = gcp->iv->length;
- if (len != ctx->cipher->iv_len) {
- GOST_CIPHER_PARAMS_free(gcp);
- GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH);
- return -1;
- }
- if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) {
- GOST_CIPHER_PARAMS_free(gcp);
- return -1;
- }
- memcpy(ctx->oiv, gcp->iv->data, len);
-
- GOST_CIPHER_PARAMS_free(gcp);
-
- return 1;
-}
-
-int gost_imit_init_cpa(EVP_MD_CTX *ctx)
-{
- struct ossl_gost_imit_ctx *c = ctx->md_data;
- memset(c->buffer, 0, sizeof(c->buffer));
- memset(c->partial_block, 0, sizeof(c->partial_block));
- c->count = 0;
- c->bytes_left = 0;
- c->key_meshing = 1;
- gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
- return 1;
-}
-
-static void mac_block_mesh(struct ossl_gost_imit_ctx *c,
- const unsigned char *data)
-{
- unsigned char buffer[8];
- /*
- * We are using local buffer for iv because CryptoPro doesn't interpret
- * internal state of MAC algorithm as iv during keymeshing (but does
- * initialize internal state from iv in key transport
- */
- assert(c->count % 8 == 0 && c->count <= 1024);
- if (c->key_meshing && c->count == 1024) {
- cryptopro_key_meshing(&(c->cctx), buffer);
- }
- mac_block(&(c->cctx), c->buffer, data);
- c->count = c->count % 1024 + 8;
-}
-
-int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- struct ossl_gost_imit_ctx *c = ctx->md_data;
- const unsigned char *p = data;
- size_t bytes = count, i;
- if (!(c->key_set)) {
- GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
- return 0;
- }
- if (c->bytes_left) {
- for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) {
- c->partial_block[i] = *p;
- }
- if (i == 8) {
- mac_block_mesh(c, c->partial_block);
- } else {
- c->bytes_left = i;
- return 1;
- }
- }
- while (bytes > 8) {
- mac_block_mesh(c, p);
- p += 8;
- bytes -= 8;
- }
- if (bytes > 0) {
- memcpy(c->partial_block, p, bytes);
- }
- c->bytes_left = bytes;
- return 1;
-}
-
-int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- struct ossl_gost_imit_ctx *c = ctx->md_data;
- if (!c->key_set) {
- GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
- return 0;
- }
- if (c->count == 0 && c->bytes_left) {
- unsigned char buffer[8];
- memset(buffer, 0, 8);
- gost_imit_update(ctx, buffer, 8);
- }
- if (c->bytes_left) {
- int i;
- for (i = c->bytes_left; i < 8; i++) {
- c->partial_block[i] = 0;
- }
- mac_block_mesh(c, c->partial_block);
- }
- get_mac(c->buffer, 32, md);
- return 1;
-}
-
-int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
-{
- switch (type) {
- case EVP_MD_CTRL_KEY_LEN:
- *((unsigned int *)(ptr)) = 32;
- return 1;
- case EVP_MD_CTRL_SET_KEY:
- {
- if (arg != 32) {
- GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
- return 0;
- }
-
- gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
- ptr);
- ((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
- return 1;
-
- }
- default:
- return 0;
- }
-}
-
-int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
-{
- memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx));
- return 1;
-}
-
-/* Clean up imit ctx */
-int gost_imit_cleanup(EVP_MD_CTX *ctx)
-{
- memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx));
- return 1;
-}
diff --git a/engines/ccgost/gost_ctl.c b/engines/ccgost/gost_ctl.c
deleted file mode 100644
index 6c93c4584d6d..000000000000
--- a/engines/ccgost/gost_ctl.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/**********************************************************************
- * gost_ctl.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of control commands for GOST engine *
- * OpenSSL 0.9.9 libraries required *
- **********************************************************************/
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/engine.h>
-#include <openssl/buffer.h>
-#include "gost_lcl.h"
-
-static char *gost_params[GOST_PARAM_MAX + 1] = { NULL };
-static const char *gost_envnames[] = { "CRYPT_PARAMS" };
-
-const ENGINE_CMD_DEFN gost_cmds[] = {
-/*- { GOST_CTRL_RNG,
- "RNG",
- "Type of random number generator to use",
- ENGINE_CMD_FLAG_STRING
- },
- { GOST_CTRL_RNG_PARAMS,
- "RNG_PARAMS",
- "Parameter for random number generator",
- ENGINE_CMD_FLAG_STRING
- },
-*/ {GOST_CTRL_CRYPT_PARAMS,
- "CRYPT_PARAMS",
- "OID of default GOST 28147-89 parameters",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-void gost_param_free()
-{
- int i;
- for (i = 0; i <= GOST_PARAM_MAX; i++)
- if (gost_params[i] != NULL) {
- OPENSSL_free(gost_params[i]);
- gost_params[i] = NULL;
- }
-
-}
-
-int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int param = cmd - ENGINE_CMD_BASE;
- int ret = 0;
- if (param < 0 || param > GOST_PARAM_MAX)
- return -1;
- ret = gost_set_default_param(param, p);
- return ret;
-}
-
-const char *get_gost_engine_param(int param)
-{
- char *tmp;
- if (param < 0 || param > GOST_PARAM_MAX)
- return NULL;
- if (gost_params[param] != NULL) {
- return gost_params[param];
- }
- tmp = getenv(gost_envnames[param]);
- if (tmp) {
- if (gost_params[param])
- OPENSSL_free(gost_params[param]);
- gost_params[param] = BUF_strdup(tmp);
- return gost_params[param];
- }
- return NULL;
-}
-
-int gost_set_default_param(int param, const char *value)
-{
- const char *tmp;
- if (param < 0 || param > GOST_PARAM_MAX)
- return 0;
- tmp = getenv(gost_envnames[param]);
- /*
- * if there is value in the environment, use it, else -passed string *
- */
- if (!tmp)
- tmp = value;
- if (gost_params[param])
- OPENSSL_free(gost_params[param]);
- gost_params[param] = BUF_strdup(tmp);
-
- return 1;
-}
diff --git a/engines/ccgost/gost_eng.c b/engines/ccgost/gost_eng.c
deleted file mode 100644
index ea52c4dbe9db..000000000000
--- a/engines/ccgost/gost_eng.c
+++ /dev/null
@@ -1,280 +0,0 @@
-/**********************************************************************
- * gost_eng.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Main file of GOST engine *
- * for OpenSSL *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/engine.h>
-#include <openssl/obj_mac.h>
-#include "e_gost_err.h"
-#include "gost_lcl.h"
-static const char *engine_gost_id = "gost";
-static const char *engine_gost_name =
- "Reference implementation of GOST engine";
-
-/* Symmetric cipher and digest function registrar */
-
-static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
-
-static int gost_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int ind);
-
-static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
- const int **nids, int nid);
-
-static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
- const int **nids, int nid);
-
-static int gost_cipher_nids[] = { NID_id_Gost28147_89, NID_gost89_cnt, 0 };
-
-static int gost_digest_nids[] =
- { NID_id_GostR3411_94, NID_id_Gost28147_89_MAC, 0 };
-
-static int gost_pkey_meth_nids[] = { NID_id_GostR3410_94,
- NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0
-};
-
-static EVP_PKEY_METHOD *pmeth_GostR3410_94 = NULL,
- *pmeth_GostR3410_2001 = NULL, *pmeth_Gost28147_MAC = NULL;
-
-static EVP_PKEY_ASN1_METHOD *ameth_GostR3410_94 = NULL,
- *ameth_GostR3410_2001 = NULL, *ameth_Gost28147_MAC = NULL;
-
-static int gost_engine_init(ENGINE *e)
-{
- return 1;
-}
-
-static int gost_engine_finish(ENGINE *e)
-{
- return 1;
-}
-
-static int gost_engine_destroy(ENGINE *e)
-{
- gost_param_free();
-
- pmeth_GostR3410_94 = NULL;
- pmeth_GostR3410_2001 = NULL;
- pmeth_Gost28147_MAC = NULL;
- ameth_GostR3410_94 = NULL;
- ameth_GostR3410_2001 = NULL;
- ameth_Gost28147_MAC = NULL;
- return 1;
-}
-
-static int bind_gost(ENGINE *e, const char *id)
-{
- int ret = 0;
- if (id && strcmp(id, engine_gost_id))
- return 0;
- if (ameth_GostR3410_94) {
- printf("GOST engine already loaded\n");
- goto end;
- }
-
- if (!ENGINE_set_id(e, engine_gost_id)) {
- printf("ENGINE_set_id failed\n");
- goto end;
- }
- if (!ENGINE_set_name(e, engine_gost_name)) {
- printf("ENGINE_set_name failed\n");
- goto end;
- }
- if (!ENGINE_set_digests(e, gost_digests)) {
- printf("ENGINE_set_digests failed\n");
- goto end;
- }
- if (!ENGINE_set_ciphers(e, gost_ciphers)) {
- printf("ENGINE_set_ciphers failed\n");
- goto end;
- }
- if (!ENGINE_set_pkey_meths(e, gost_pkey_meths)) {
- printf("ENGINE_set_pkey_meths failed\n");
- goto end;
- }
- if (!ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) {
- printf("ENGINE_set_pkey_asn1_meths failed\n");
- goto end;
- }
- /* Control function and commands */
- if (!ENGINE_set_cmd_defns(e, gost_cmds)) {
- fprintf(stderr, "ENGINE_set_cmd_defns failed\n");
- goto end;
- }
- if (!ENGINE_set_ctrl_function(e, gost_control_func)) {
- fprintf(stderr, "ENGINE_set_ctrl_func failed\n");
- goto end;
- }
- if (!ENGINE_set_destroy_function(e, gost_engine_destroy)
- || !ENGINE_set_init_function(e, gost_engine_init)
- || !ENGINE_set_finish_function(e, gost_engine_finish)) {
- goto end;
- }
-
- if (!register_ameth_gost
- (NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94",
- "GOST R 34.10-94"))
- goto end;
- if (!register_ameth_gost
- (NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001",
- "GOST R 34.10-2001"))
- goto end;
- if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC,
- "GOST-MAC", "GOST 28147-89 MAC"))
- goto end;
-
- if (!register_pmeth_gost(NID_id_GostR3410_94, &pmeth_GostR3410_94, 0))
- goto end;
- if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0))
- goto end;
- if (!register_pmeth_gost
- (NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0))
- goto end;
- if (!ENGINE_register_ciphers(e)
- || !ENGINE_register_digests(e)
- || !ENGINE_register_pkey_meths(e)
- /* These two actually should go in LIST_ADD command */
- || !EVP_add_cipher(&cipher_gost)
- || !EVP_add_cipher(&cipher_gost_cpacnt)
- || !EVP_add_digest(&digest_gost)
- || !EVP_add_digest(&imit_gost_cpa)
- ) {
- goto end;
- }
-
- ERR_load_GOST_strings();
- ret = 1;
- end:
- return ret;
-}
-
-static int gost_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid)
-{
- int ok = 1;
- if (!digest) {
- *nids = gost_digest_nids;
- return 2;
- }
- /*
- * printf("Digest no %d requested\n",nid);
- */
- if (nid == NID_id_GostR3411_94) {
- *digest = &digest_gost;
- } else if (nid == NID_id_Gost28147_89_MAC) {
- *digest = &imit_gost_cpa;
- } else {
- ok = 0;
- *digest = NULL;
- }
- return ok;
-}
-
-static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid)
-{
- int ok = 1;
- if (!cipher) {
- *nids = gost_cipher_nids;
- return 2; /* two ciphers are supported */
- }
-
- if (nid == NID_id_Gost28147_89) {
- *cipher = &cipher_gost;
- } else if (nid == NID_gost89_cnt) {
- *cipher = &cipher_gost_cpacnt;
- } else {
- ok = 0;
- *cipher = NULL;
- }
- return ok;
-}
-
-static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
- const int **nids, int nid)
-{
- if (!pmeth) {
- *nids = gost_pkey_meth_nids;
- return 3;
- }
-
- switch (nid) {
- case NID_id_GostR3410_94:
- *pmeth = pmeth_GostR3410_94;
- return 1;
- case NID_id_GostR3410_2001:
- *pmeth = pmeth_GostR3410_2001;
- return 1;
- case NID_id_Gost28147_89_MAC:
- *pmeth = pmeth_Gost28147_MAC;
- return 1;
- default:;
- }
-
- *pmeth = NULL;
- return 0;
-}
-
-static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
- const int **nids, int nid)
-{
- if (!ameth) {
- *nids = gost_pkey_meth_nids;
- return 3;
- }
- switch (nid) {
- case NID_id_GostR3410_94:
- *ameth = ameth_GostR3410_94;
- return 1;
- case NID_id_GostR3410_2001:
- *ameth = ameth_GostR3410_2001;
- return 1;
- case NID_id_Gost28147_89_MAC:
- *ameth = ameth_Gost28147_MAC;
- return 1;
-
- default:;
- }
-
- *ameth = NULL;
- return 0;
-}
-
-#ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_gost(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_gost(ret, engine_gost_id)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_gost(void)
-{
- ENGINE *toadd;
- if (pmeth_GostR3410_94)
- return;
- toadd = engine_gost();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-#else
-IMPLEMENT_DYNAMIC_BIND_FN(bind_gost)
-IMPLEMENT_DYNAMIC_CHECK_FN()
-#endif
diff --git a/engines/ccgost/gost_keywrap.c b/engines/ccgost/gost_keywrap.c
deleted file mode 100644
index 502a83c62d53..000000000000
--- a/engines/ccgost/gost_keywrap.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/**********************************************************************
- * keywrap.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of CryptoPro key wrap algorithm, as defined in *
- * RFC 4357 p 6.3 and 6.4 *
- * Doesn't need OpenSSL *
- **********************************************************************/
-#include <string.h>
-#include "gost89.h"
-#include "gost_keywrap.h"
-
-/*-
- * Diversifies key using random UserKey Material
- * Implements RFC 4357 p 6.5 key diversification algorithm
- *
- * inputKey - 32byte key to be diversified
- * ukm - 8byte user key material
- * outputKey - 32byte buffer to store diversified key
- *
- */
-void keyDiversifyCryptoPro(gost_ctx * ctx, const unsigned char *inputKey,
- const unsigned char *ukm, unsigned char *outputKey)
-{
-
- u4 k, s1, s2;
- int i, j, mask;
- unsigned char S[8];
- memcpy(outputKey, inputKey, 32);
- for (i = 0; i < 8; i++) {
- /* Make array of integers from key */
- /* Compute IV S */
- s1 = 0, s2 = 0;
- for (j = 0, mask = 1; j < 8; j++, mask <<= 1) {
- k = ((u4) outputKey[4 * j]) | (outputKey[4 * j + 1] << 8) |
- (outputKey[4 * j + 2] << 16) | (outputKey[4 * j + 3] << 24);
- if (mask & ukm[i]) {
- s1 += k;
- } else {
- s2 += k;
- }
- }
- S[0] = (unsigned char)(s1 & 0xff);
- S[1] = (unsigned char)((s1 >> 8) & 0xff);
- S[2] = (unsigned char)((s1 >> 16) & 0xff);
- S[3] = (unsigned char)((s1 >> 24) & 0xff);
- S[4] = (unsigned char)(s2 & 0xff);
- S[5] = (unsigned char)((s2 >> 8) & 0xff);
- S[6] = (unsigned char)((s2 >> 16) & 0xff);
- S[7] = (unsigned char)((s2 >> 24) & 0xff);
- gost_key(ctx, outputKey);
- gost_enc_cfb(ctx, S, outputKey, outputKey, 4);
- }
-}
-
-/*-
- * Wraps key using RFC 4357 6.3
- * ctx - gost encryption context, initialized with some S-boxes
- * keyExchangeKey (KEK) 32-byte (256-bit) shared key
- * ukm - 8 byte (64 bit) user key material,
- * sessionKey - 32-byte (256-bit) key to be wrapped
- * wrappedKey - 44-byte buffer to store wrapped key
- */
-
-int keyWrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey,
- const unsigned char *ukm,
- const unsigned char *sessionKey,
- unsigned char *wrappedKey)
-{
- unsigned char kek_ukm[32];
- keyDiversifyCryptoPro(ctx, keyExchangeKey, ukm, kek_ukm);
- gost_key(ctx, kek_ukm);
- memcpy(wrappedKey, ukm, 8);
- gost_enc(ctx, sessionKey, wrappedKey + 8, 4);
- gost_mac_iv(ctx, 32, ukm, sessionKey, 32, wrappedKey + 40);
- return 1;
-}
-
-/*-
- * Unwraps key using RFC 4357 6.4
- * ctx - gost encryption context, initialized with some S-boxes
- * keyExchangeKey 32-byte shared key
- * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM,
- * 32 byte encrypted key and 4 byte MAC
- *
- * sessionKEy - 32byte buffer to store sessionKey in
- * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
- */
-
-int keyUnwrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey,
- const unsigned char *wrappedKey,
- unsigned char *sessionKey)
-{
- unsigned char kek_ukm[32], cek_mac[4];
- keyDiversifyCryptoPro(ctx, keyExchangeKey, wrappedKey
- /* First 8 bytes of wrapped Key is ukm */
- , kek_ukm);
- gost_key(ctx, kek_ukm);
- gost_dec(ctx, wrappedKey + 8, sessionKey, 4);
- gost_mac_iv(ctx, 32, wrappedKey, sessionKey, 32, cek_mac);
- if (memcmp(cek_mac, wrappedKey + 40, 4)) {
- return 0;
- }
- return 1;
-}
diff --git a/engines/ccgost/gost_keywrap.h b/engines/ccgost/gost_keywrap.h
deleted file mode 100644
index 7def4c9fe8c7..000000000000
--- a/engines/ccgost/gost_keywrap.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/**********************************************************************
- * gost_keywrap.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of CryptoPro key wrap algorithm, as defined in *
- * RFC 4357 p 6.3 and 6.4 *
- * Doesn't need OpenSSL *
- **********************************************************************/
-#ifndef GOST_KEYWRAP_H
-# define GOST_KEYWRAP_H
-# include <string.h>
-# include "gost89.h"
-/*-
- * Diversifies key using random UserKey Material
- * Implements RFC 4357 p 6.5 key diversification algorithm
- *
- * inputKey - 32byte key to be diversified
- * ukm - 8byte user key material
- * outputKey - 32byte buffer to store diversified key
- *
- */
-void keyDiversifyCryptoPro(gost_ctx * ctx,
- const unsigned char *inputKey,
- const unsigned char *ukm,
- unsigned char *outputKey);
-/*-
- * Wraps key using RFC 4357 6.3
- * ctx - gost encryption context, initialized with some S-boxes
- * keyExchangeKey (KEK) 32-byte (256-bit) shared key
- * ukm - 8 byte (64 bit) user key material,
- * sessionKey - 32-byte (256-bit) key to be wrapped
- * wrappedKey - 44-byte buffer to store wrapped key
- */
-
-int keyWrapCryptoPro(gost_ctx * ctx,
- const unsigned char *keyExchangeKey,
- const unsigned char *ukm,
- const unsigned char *sessionKey,
- unsigned char *wrappedKey);
-/*-
- * Unwraps key using RFC 4357 6.4
- * ctx - gost encryption context, initialized with some S-boxes
- * keyExchangeKey 32-byte shared key
- * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM,
- * 32 byte encrypted key and 4 byte MAC
- *
- * sessionKEy - 32byte buffer to store sessionKey in
- * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
- */
-
-int keyUnwrapCryptoPro(gost_ctx * ctx,
- const unsigned char *keyExchangeKey,
- const unsigned char *wrappedKey,
- unsigned char *sessionKey);
-#endif
diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h
deleted file mode 100644
index 3a2c7d570147..000000000000
--- a/engines/ccgost/gost_lcl.h
+++ /dev/null
@@ -1,229 +0,0 @@
-#ifndef GOST_TOOLS_H
-# define GOST_TOOLS_H
-/**********************************************************************
- * gost_lcl.h *
- * Copyright (c) 2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Internal declarations used in GOST engine *
- * OpenSSL 0.9.9 libraries required to compile and use *
- * this code *
- **********************************************************************/
-# include <openssl/bn.h>
-# include <openssl/evp.h>
-# include <openssl/dsa.h>
-# include <openssl/asn1t.h>
-# include <openssl/x509.h>
-# include <openssl/engine.h>
-# include <openssl/ec.h>
-# include "gost89.h"
-# include "gosthash.h"
-/* Control commands */
-# define GOST_PARAM_CRYPT_PARAMS 0
-# define GOST_PARAM_MAX 0
-# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
-
-extern const ENGINE_CMD_DEFN gost_cmds[];
-int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-const char *get_gost_engine_param(int param);
-int gost_set_default_param(int param, const char *value);
-void gost_param_free(void);
-
-/* method registration */
-
-int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
- const char *pemstr, const char *info);
-int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags);
-
-/* Gost-specific pmeth control-function parameters */
-/* For GOST R34.10 parameters */
-# define param_ctrl_string "paramset"
-# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
-/* For GOST 28147 MAC */
-# define key_ctrl_string "key"
-# define hexkey_ctrl_string "hexkey"
-# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
-/* Pmeth internal representation */
-struct gost_pmeth_data {
- int sign_param_nid; /* Should be set whenever parameters are
- * filled */
- EVP_MD *md;
- unsigned char *shared_ukm;
- int peer_key_used;
-};
-
-struct gost_mac_pmeth_data {
- int key_set;
- EVP_MD *md;
- unsigned char key[32];
-};
-/* GOST-specific ASN1 structures */
-
-typedef struct {
- ASN1_OCTET_STRING *encrypted_key;
- ASN1_OCTET_STRING *imit;
-} GOST_KEY_INFO;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
-
-typedef struct {
- ASN1_OBJECT *cipher;
- X509_PUBKEY *ephem_key;
- ASN1_OCTET_STRING *eph_iv;
-} GOST_KEY_AGREEMENT_INFO;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
-
-typedef struct {
- GOST_KEY_INFO *key_info;
- GOST_KEY_AGREEMENT_INFO *key_agreement_info;
-} GOST_KEY_TRANSPORT;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
-
-typedef struct { /* FIXME incomplete */
- GOST_KEY_TRANSPORT *gkt;
-} GOST_CLIENT_KEY_EXCHANGE_PARAMS;
-
-/*
- * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics
- * what's done in symhacks.h, but since this is a very local header file, I
- * prefered to put this hack directly here. -- Richard Levitte
- */
-# ifdef OPENSSL_SYS_VMS
-# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it
-# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it GOST_CLIENT_KEY_EXC_PARAMS_it
-# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new
-# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new GOST_CLIENT_KEY_EXC_PARAMS_new
-# undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free
-# define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free GOST_CLIENT_KEY_EXC_PARAMS_free
-# undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS
-# define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS d2i_GOST_CLIENT_KEY_EXC_PARAMS
-# undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS
-# define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS i2d_GOST_CLIENT_KEY_EXC_PARAMS
-# endif /* End of hack */
-DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
-typedef struct {
- ASN1_OBJECT *key_params;
- ASN1_OBJECT *hash_params;
- ASN1_OBJECT *cipher_params;
-} GOST_KEY_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
-
-typedef struct {
- ASN1_OCTET_STRING *iv;
- ASN1_OBJECT *enc_param_set;
-} GOST_CIPHER_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
-/*============== Message digest and cipher related structures ==========*/
- /*
- * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
- * in the md-data pointers to dynamically allocated memory. I
- * cannot invent better way to avoid memory leaks, because openssl
- * insist on invoking Init on Final-ed digests, and there is no
- * reliable way to find out whether pointer in the passed md_data is
- * valid or not.
- */
-struct ossl_gost_digest_ctx {
- gost_hash_ctx dctx;
- gost_ctx cctx;
-};
-/* EVP_MD structure for GOST R 34.11 */
-extern EVP_MD digest_gost;
-/* EVP_MD structure for GOST 28147 in MAC mode */
-extern EVP_MD imit_gost_cpa;
-/* Cipher context used for EVP_CIPHER operation */
-struct ossl_gost_cipher_ctx {
- int paramNID;
- unsigned int count;
- int key_meshing;
- gost_ctx cctx;
-};
-/* Structure to map parameter NID to S-block */
-struct gost_cipher_info {
- int nid;
- gost_subst_block *sblock;
- int key_meshing;
-};
-/* Context for MAC */
-struct ossl_gost_imit_ctx {
- gost_ctx cctx;
- unsigned char buffer[8];
- unsigned char partial_block[8];
- unsigned int count;
- int key_meshing;
- int bytes_left;
- int key_set;
-};
-/* Table which maps parameter NID to S-blocks */
-extern struct gost_cipher_info gost_cipher_list[];
-/* Find encryption params from ASN1_OBJECT */
-const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
-/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
-extern EVP_CIPHER cipher_gost;
-extern EVP_CIPHER cipher_gost_cpacnt;
-# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
-# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
-/* EVP_PKEY_METHOD key encryption callbacks */
-/* From gost94_keyx.c */
-int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
- size_t *outlen, const unsigned char *key,
- size_t key_len);
-
-int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
- size_t *outlen, const unsigned char *in,
- size_t in_len);
-/* From gost2001_keyx.c */
-int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
- size_t *outlen, const unsigned char *key,
- size_t key_len);
-
-int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
- size_t *outlen, const unsigned char *in,
- size_t in_len);
-/* derive functions */
-/* From gost2001_keyx.c */
-int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
- size_t *keylen);
-/* From gost94_keyx.c */
-int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-/* Internal functions for signature algorithms */
-int fill_GOST94_params(DSA *dsa, int nid);
-int fill_GOST2001_params(EC_KEY *eckey, int nid);
-int gost_sign_keygen(DSA *dsa);
-int gost2001_keygen(EC_KEY *ec);
-
-DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey);
-
-int gost_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, EC_KEY *ec);
-int gost2001_compute_public(EC_KEY *ec);
-int gost94_compute_public(DSA *dsa);
-/*============== miscellaneous functions============================= */
-/* from gost_sign.c */
-/* Convert GOST R 34.11 hash sum to bignum according to standard */
-BIGNUM *hashsum2bn(const unsigned char *dgst);
-/*
- * Store bignum in byte array of given length, prepending by zeros if
- * nesseccary
- */
-int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
-/* Read bignum, which can have few MSB all-zeros from buffer*/
-BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
-/* Pack GOST R 34.10 signature according to CryptoPro rules */
-int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
-/* Unpack GOST R 34.10 signature according to CryptoPro rules */
-DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen);
-/* from ameth.c */
-/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001 keys*/
-/* Returns pointer into EVP_PKEY structure */
-BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey);
-/* Find NID by GOST 94 parameters */
-int gost94_nid_by_params(DSA *p);
-
-#endif
diff --git a/engines/ccgost/gost_md.c b/engines/ccgost/gost_md.c
deleted file mode 100644
index 1ccc6be0e944..000000000000
--- a/engines/ccgost/gost_md.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/**********************************************************************
- * md_gost.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * OpenSSL interface to GOST R 34.11-94 hash functions *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <string.h>
-#include "gost_lcl.h"
-#include "gosthash.h"
-#include "e_gost_err.h"
-
-/* implementation of GOST 34.11 hash function See gost_md.c*/
-static int gost_digest_init(EVP_MD_CTX *ctx);
-static int gost_digest_update(EVP_MD_CTX *ctx, const void *data,
- size_t count);
-static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md);
-static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
-static int gost_digest_cleanup(EVP_MD_CTX *ctx);
-
-EVP_MD digest_gost = {
- NID_id_GostR3411_94,
- NID_undef,
- 32,
- EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
- gost_digest_init,
- gost_digest_update,
- gost_digest_final,
- gost_digest_copy,
- gost_digest_cleanup,
- NULL,
- NULL,
- {NID_undef, NID_undef, 0, 0, 0},
- 32,
- sizeof(struct ossl_gost_digest_ctx),
- NULL
-};
-
-int gost_digest_init(EVP_MD_CTX *ctx)
-{
- struct ossl_gost_digest_ctx *c = ctx->md_data;
- memset(&(c->dctx), 0, sizeof(gost_hash_ctx));
- gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet);
- c->dctx.cipher_ctx = &(c->cctx);
- return 1;
-}
-
-int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
- return hash_block((gost_hash_ctx *) ctx->md_data, data, count);
-}
-
-int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
- return finish_hash((gost_hash_ctx *) ctx->md_data, md);
-
-}
-
-int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
-{
- struct ossl_gost_digest_ctx *md_ctx = to->md_data;
- if (to->md_data && from->md_data) {
- memcpy(to->md_data, from->md_data,
- sizeof(struct ossl_gost_digest_ctx));
- md_ctx->dctx.cipher_ctx = &(md_ctx->cctx);
- }
- return 1;
-}
-
-int gost_digest_cleanup(EVP_MD_CTX *ctx)
-{
- if (ctx->md_data)
- memset(ctx->md_data, 0, sizeof(struct ossl_gost_digest_ctx));
- return 1;
-}
diff --git a/engines/ccgost/gost_params.c b/engines/ccgost/gost_params.c
deleted file mode 100644
index 0411534b71a1..000000000000
--- a/engines/ccgost/gost_params.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/**********************************************************************
- * params.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Definitions of GOST R 34.10 parameter sets, defined in RFC 4357 *
- * OpenSSL 0.9.9 libraries required to compile and use *
- * this code *
- **********************************************************************/
-#include "gost_params.h"
-#include <openssl/objects.h>
-/* Parameters of GOST 34.10 */
-
-R3410_params R3410_paramset[] = {
-/* Paramset A */
- {NID_id_GostR3410_94_CryptoPro_A_ParamSet,
- "100997906755055304772081815535925224869"
- "8410825720534578748235158755771479905292727772441528526992987964833"
- "5669968284202797289605274717317548059048560713474685214192868091256"
- "1502802222185647539190902656116367847270145019066794290930185446216"
- "3997308722217328898303231940973554032134009725883228768509467406639"
- "62",
- "127021248288932417465907042777176443525"
- "7876535089165358128175072657050312609850984974231883334834011809259"
- "9999512098893413065920561499672425412104927434935707492031276956145"
- "1689224110579311248812610229678534638401693520013288995000362260684"
- "2227508135323070045173416336850045410625869714168836867788425378203"
- "83",
- "683631961449557007844441656118272528951"
- "02170888761442055095051287550314083023"}
- ,
- {NID_id_GostR3410_94_CryptoPro_B_ParamSet,
- "429418261486158041438734477379555023926"
- "7234596860714306679811299408947123142002706038521669956384871995765"
- "7284814898909770759462613437669456364882730370838934791080835932647"
- "9767786019153434744009610342313166725786869204821949328786333602033"
- "8479709268434224762105576023501613261478065276102850944540333865234"
- "1",
- "139454871199115825601409655107690713107"
- "0417070599280317977580014543757653577229840941243685222882398330391"
- "1468164807668823692122073732267216074074777170091113455043205380464"
- "7694904686120113087816240740184800477047157336662926249423571248823"
- "9685422217536601433914856808405203368594584948031873412885804895251"
- "63",
- "79885141663410976897627118935756323747307951916507639758300472692338873533959"}
- ,
- {NID_id_GostR3410_94_CryptoPro_C_ParamSet,
- "816552717970881016017893191415300348226"
- "2544051353358162468249467681876621283478212884286545844013955142622"
- "2087723485023722868022275009502224827866201744494021697716482008353"
- "6398202298024892620480898699335508064332313529725332208819456895108"
- "5155178100221003459370588291073071186553005962149936840737128710832"
- "3",
- "110624679233511963040518952417017040248"
- "5862954819831383774196396298584395948970608956170224210628525560327"
- "8638246716655439297654402921844747893079518669992827880792192992701"
- "1428546551433875806377110443534293554066712653034996277099320715774"
- "3542287621283671843703709141350171945045805050291770503634517804938"
- "01",
- "113468861199819350564868233378875198043"
- "267947776488510997961231672532899549103"}
- ,
- {NID_id_GostR3410_94_CryptoPro_D_ParamSet,
- "756976611021707301782128757801610628085"
- "5283803109571158829574281419208532589041660017017859858216341400371"
- "4687551412794400562878935266630754392677014598582103365983119173924"
- "4732511225464712252386803315902707727668715343476086350472025298282"
- "7271461690125050616858238384366331089777463541013033926723743254833"
- "7",
- "905457649621929965904290958774625315611"
- "3056083907389766971404812524422262512556054474620855996091570786713"
- "5849550236741915584185990627801066465809510095784713989819413820871"
- "5964648914493053407920737078890520482730623038837767710173664838239"
- "8574828787891286471201460474326612697849693665518073864436497893214"
- "9",
- "108988435796353506912374591498972192620"
- "190487557619582334771735390599299211593"}
- ,
-
- {NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,
- "1335318132727206734338595199483190012179423759678474868994823595993"
- "6964252873471246159040332773182141032801252925387191478859899310331"
- "0567744136196364803064721377826656898686468463277710150809401182608"
- "7702016153249904683329312949209127762411378780302243557466062839716"
- "59376426832674269780880061631528163475887",
- "14201174159756348119636828602231808974327613839524373876287257344192"
- "74593935127189736311660784676003608489466235676257952827747192122419"
- "29071046134208380636394084512691828894000571524625445295769349356752"
- "72895683154177544176313938445719175509684710784659566254794231229333"
- "8483924514339614727760681880609734239",
- "91771529896554605945588149018382750217296858393520724172743325725474"
- "374979801"}
- ,
- {NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,
- "8890864727828423151699995801875757891031463338652579140051973659"
- "3048131440685857067369829407947744496306656291505503608252399443"
- "7900272386749145996230867832228661977543992816745254823298629859"
- "8753575466286051738837854736167685769017780335804511440773337196"
- "2538423532919394477873664752824509986617878992443177",
- "1028946126624994859676552074360530315217970499989304888248413244"
- "8474923022758470167998871003604670704877377286176171227694098633"
- "1539089568784129110109512690503345393869871295783467257264868341"
- "7200196629860561193666752429682367397084815179752036423595736533"
- "68957392061769855284593965042530895046088067160269433",
- "9109671391802626916582318050603555673628769498182593088388796888"
- "5281641595199"}
- ,
- {NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,
- "4430618464297584182473135030809859326863990650118941756995270074"
- "8609973181426950235239623239110557450826919295792878938752101867"
- "7047181623251027516953100431855964837602657827828194249605561893"
- "6965865325513137194483136247773653468410118796740709840825496997"
- "9375560722345106704721086025979309968763193072908334",
- "1246996366993477513607147265794064436203408861395055989217248455"
- "7299870737698999651480662364723992859320868822848751165438350943"
- "3276647222625940615560580450040947211826027729977563540237169063"
- "0448079715771649447778447000597419032457722226253269698374446528"
- "35352729304393746106576383349151001715930924115499549",
- "6787876137336591234380295020065682527118129468050147943114675429"
- "4748422492761"}
- ,
-
- {NID_undef, NULL, NULL, NULL}
-};
-
-R3410_2001_params R3410_2001_paramset[] = {
- /* default_cc_sign01_param 1.2.643.2.9.1.8.1 */
- {NID_id_GostR3410_2001_ParamSet_cc,
- /* A */
- "C0000000000000000000000000000000000000000000000000000000000003c4",
- /* B */
- "2d06B4265ebc749ff7d0f1f1f88232e81632e9088fd44b7787d5e407e955080c",
- /* P */
- "C0000000000000000000000000000000000000000000000000000000000003C7",
- /* Q */
- "5fffffffffffffffffffffffffffffff606117a2f4bde428b7458a54b6e87b85",
- /* X */
- "2",
- /* Y */
- "a20e034bf8813ef5c18d01105e726a17eb248b264ae9706f440bedc8ccb6b22c"}
- ,
- /* 1.2.643.2.2.35.0 */
- {NID_id_GostR3410_2001_TestParamSet,
- "7",
- "5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E",
- "8000000000000000000000000000000000000000000000000000000000000431",
- "8000000000000000000000000000000150FE8A1892976154C59CFC193ACCF5B3",
- "2",
- "08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"}
- ,
- /*
- * 1.2.643.2.2.35.1
- */
- {NID_id_GostR3410_2001_CryptoPro_A_ParamSet,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
- "a6",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
- "1",
- "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"}
- ,
- /*
- * 1.2.643.2.2.35.2
- */
- {NID_id_GostR3410_2001_CryptoPro_B_ParamSet,
- "8000000000000000000000000000000000000000000000000000000000000C96",
- "3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B",
- "8000000000000000000000000000000000000000000000000000000000000C99",
- "800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F",
- "1",
- "3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"}
- ,
- /*
- * 1.2.643.2.2.35.3
- */
- {NID_id_GostR3410_2001_CryptoPro_C_ParamSet,
- "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",
- "805a",
- "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",
- "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",
- "0",
- "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"}
- ,
- /*
- * 1.2.643.2.2.36.0
- */
- {NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
- "a6",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
- "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
- "1",
- "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"}
- ,
- /*
- * 1.2.643.2.2.36.1
- */
- {NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,
- "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",
- "805a",
- "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",
- "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",
- "0",
- "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"}
- ,
- {0, NULL, NULL, NULL, NULL, NULL, NULL}
-};
diff --git a/engines/ccgost/gost_params.h b/engines/ccgost/gost_params.h
deleted file mode 100644
index 0773cbfa58a6..000000000000
--- a/engines/ccgost/gost_params.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/**********************************************************************
- * gost_params.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of structures used to represent GOST R 34.10 *
- * parameter sets, defined in RFC 4357 *
- * OpenSSL 0.9.9 libraries required to compile and use *
- * this code *
- **********************************************************************/
-#ifndef GOST_PARAMSET_H
-# define GOST_PARAMSET_H
-typedef struct R3410 {
- int nid;
- char *a;
- char *p;
- char *q;
-} R3410_params;
-
-extern R3410_params R3410_paramset[];
-
-typedef struct R3410_2001 {
- int nid;
- char *a;
- char *b;
- char *p;
- char *q;
- char *x;
- char *y;
-} R3410_2001_params;
-
-extern R3410_2001_params R3410_2001_paramset[];
-
-#endif
diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c
deleted file mode 100644
index 696829253b62..000000000000
--- a/engines/ccgost/gost_pmeth.c
+++ /dev/null
@@ -1,625 +0,0 @@
-/**********************************************************************
- * gost_pmeth.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of RFC 4357 (GOST R 34.10) Publick key method *
- * for OpenSSL *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/ec.h>
-#include <openssl/x509v3.h> /* For string_to_hex */
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include "gost_params.h"
-#include "gost_lcl.h"
-#include "e_gost_err.h"
-/* -----init, cleanup, copy - uniform for all algs ---------------*/
-/* Allocates new gost_pmeth_data structure and assigns it as data */
-static int pkey_gost_init(EVP_PKEY_CTX *ctx)
-{
- struct gost_pmeth_data *data;
- EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
- data = OPENSSL_malloc(sizeof(struct gost_pmeth_data));
- if (!data)
- return 0;
- memset(data, 0, sizeof(struct gost_pmeth_data));
- if (pkey && EVP_PKEY_get0(pkey)) {
- switch (EVP_PKEY_base_id(pkey)) {
- case NID_id_GostR3410_94:
- data->sign_param_nid = gost94_nid_by_params(EVP_PKEY_get0(pkey));
- break;
- case NID_id_GostR3410_2001:
- data->sign_param_nid =
- EC_GROUP_get_curve_name(EC_KEY_get0_group
- (EVP_PKEY_get0((EVP_PKEY *)pkey)));
- break;
- default:
- return 0;
- }
- }
- EVP_PKEY_CTX_set_data(ctx, data);
- return 1;
-}
-
-/* Copies contents of gost_pmeth_data structure */
-static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
- struct gost_pmeth_data *dst_data, *src_data;
- if (!pkey_gost_init(dst)) {
- return 0;
- }
- src_data = EVP_PKEY_CTX_get_data(src);
- dst_data = EVP_PKEY_CTX_get_data(dst);
- *dst_data = *src_data;
- if (src_data->shared_ukm) {
- dst_data->shared_ukm = NULL;
- }
- return 1;
-}
-
-/* Frees up gost_pmeth_data structure */
-static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx)
-{
- struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
- if (data->shared_ukm)
- OPENSSL_free(data->shared_ukm);
- OPENSSL_free(data);
-}
-
-/* --------------------- control functions ------------------------------*/
-static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
- struct gost_pmeth_data *pctx =
- (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
- switch (type) {
- case EVP_PKEY_CTRL_MD:
- {
- if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) {
- GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
- return 0;
- }
- pctx->md = (EVP_MD *)p2;
- return 1;
- }
- break;
-
- case EVP_PKEY_CTRL_GET_MD:
- *(const EVP_MD **)p2 = pctx->md;
- return 1;
-
- case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
- case EVP_PKEY_CTRL_PKCS7_DECRYPT:
- case EVP_PKEY_CTRL_PKCS7_SIGN:
- case EVP_PKEY_CTRL_DIGESTINIT:
-#ifndef OPENSSL_NO_CMS
- case EVP_PKEY_CTRL_CMS_ENCRYPT:
- case EVP_PKEY_CTRL_CMS_DECRYPT:
- case EVP_PKEY_CTRL_CMS_SIGN:
-#endif
- return 1;
-
- case EVP_PKEY_CTRL_GOST_PARAMSET:
- pctx->sign_param_nid = (int)p1;
- return 1;
- case EVP_PKEY_CTRL_SET_IV:
- pctx->shared_ukm = OPENSSL_malloc((int)p1);
- if (pctx->shared_ukm == NULL)
- return 0;
- memcpy(pctx->shared_ukm, p2, (int)p1);
- return 1;
- case EVP_PKEY_CTRL_PEER_KEY:
- if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */
- return 1;
- if (p1 == 2) /* TLS: peer key used? */
- return pctx->peer_key_used;
- if (p1 == 3) /* TLS: peer key used! */
- return (pctx->peer_key_used = 1);
- return -2;
- }
- return -2;
-}
-
-static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
- int param_nid = 0;
- if (!strcmp(type, param_ctrl_string)) {
- if (!value) {
- return 0;
- }
- if (strlen(value) == 1) {
- switch (toupper((unsigned char)value[0])) {
- case 'A':
- param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
- break;
- case 'B':
- param_nid = NID_id_GostR3410_94_CryptoPro_B_ParamSet;
- break;
- case 'C':
- param_nid = NID_id_GostR3410_94_CryptoPro_C_ParamSet;
- break;
- case 'D':
- param_nid = NID_id_GostR3410_94_CryptoPro_D_ParamSet;
- break;
- default:
- return 0;
- break;
- }
- } else if ((strlen(value) == 2)
- && (toupper((unsigned char)value[0]) == 'X')) {
- switch (toupper((unsigned char)value[1])) {
- case 'A':
- param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
- break;
- case 'B':
- param_nid = NID_id_GostR3410_94_CryptoPro_XchB_ParamSet;
- break;
- case 'C':
- param_nid = NID_id_GostR3410_94_CryptoPro_XchC_ParamSet;
- break;
- default:
- return 0;
- break;
- }
- } else {
- R3410_params *p = R3410_paramset;
- param_nid = OBJ_txt2nid(value);
- if (param_nid == NID_undef) {
- return 0;
- }
- for (; p->nid != NID_undef; p++) {
- if (p->nid == param_nid)
- break;
- }
- if (p->nid == NID_undef) {
- GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR, GOST_R_INVALID_PARAMSET);
- return 0;
- }
- }
-
- return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- param_nid, NULL);
- }
- return -2;
-}
-
-static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
- int param_nid = 0;
- if (!strcmp(type, param_ctrl_string)) {
- if (!value) {
- return 0;
- }
- if (strlen(value) == 1) {
- switch (toupper((unsigned char)value[0])) {
- case 'A':
- param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
- break;
- case 'B':
- param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
- break;
- case 'C':
- param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
- break;
- case '0':
- param_nid = NID_id_GostR3410_2001_TestParamSet;
- break;
- default:
- return 0;
- break;
- }
- } else if ((strlen(value) == 2)
- && (toupper((unsigned char)value[0]) == 'X')) {
- switch (toupper((unsigned char)value[1])) {
- case 'A':
- param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
- break;
- case 'B':
- param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet;
- break;
- default:
- return 0;
- break;
- }
- } else {
- R3410_2001_params *p = R3410_2001_paramset;
- param_nid = OBJ_txt2nid(value);
- if (param_nid == NID_undef) {
- return 0;
- }
- for (; p->nid != NID_undef; p++) {
- if (p->nid == param_nid)
- break;
- }
- if (p->nid == NID_undef) {
- GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET);
- return 0;
- }
- }
-
- return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
- param_nid, NULL);
- }
- return -2;
-}
-
-/* --------------------- key generation --------------------------------*/
-
-static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx)
-{
- return 1;
-}
-
-static int pkey_gost94_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
- struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
- DSA *dsa = NULL;
- if (data->sign_param_nid == NID_undef) {
- GOSTerr(GOST_F_PKEY_GOST94_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
- return 0;
- }
- dsa = DSA_new();
- if (!fill_GOST94_params(dsa, data->sign_param_nid)) {
- DSA_free(dsa);
- return 0;
- }
- EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa);
- return 1;
-}
-
-static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
- struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
- EC_KEY *ec = NULL;
-
- if (data->sign_param_nid == NID_undef) {
- GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
- return 0;
- }
- if (!ec)
- ec = EC_KEY_new();
- if (!fill_GOST2001_params(ec, data->sign_param_nid)) {
- EC_KEY_free(ec);
- return 0;
- }
- EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec);
- return 1;
-}
-
-/* Generates Gost_R3410_94_cp key */
-static int pkey_gost94cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
- DSA *dsa;
- if (!pkey_gost94_paramgen(ctx, pkey))
- return 0;
- dsa = EVP_PKEY_get0(pkey);
- gost_sign_keygen(dsa);
- return 1;
-}
-
-/* Generates GOST_R3410 2001 key and assigns it using specified type */
-static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
- EC_KEY *ec;
- if (!pkey_gost01_paramgen(ctx, pkey))
- return 0;
- ec = EVP_PKEY_get0(pkey);
- gost2001_keygen(ec);
- return 1;
-}
-
-/* ----------- sign callbacks --------------------------------------*/
-
-static int pkey_gost94_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbs_len)
-{
- DSA_SIG *unpacked_sig = NULL;
- EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
- if (!siglen)
- return 0;
- if (!sig) {
- *siglen = 64; /* better to check size of pkey->pkey.dsa-q */
- return 1;
- }
- unpacked_sig = gost_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
- if (!unpacked_sig) {
- return 0;
- }
- return pack_sign_cp(unpacked_sig, 32, sig, siglen);
-}
-
-static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbs_len)
-{
- DSA_SIG *unpacked_sig = NULL;
- EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
- if (!siglen)
- return 0;
- if (!sig) {
- *siglen = 64; /* better to check size of curve order */
- return 1;
- }
- unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
- if (!unpacked_sig) {
- return 0;
- }
- return pack_sign_cp(unpacked_sig, 32, sig, siglen);
-}
-
-/* ------------------- verify callbacks ---------------------------*/
-
-static int pkey_gost94_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbs_len)
-{
- int ok = 0;
- EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
- DSA_SIG *s = unpack_cp_signature(sig, siglen);
- if (!s)
- return 0;
- if (pub_key)
- ok = gost_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
- DSA_SIG_free(s);
- return ok;
-}
-
-static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbs_len)
-{
- int ok = 0;
- EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
- DSA_SIG *s = unpack_cp_signature(sig, siglen);
- if (!s)
- return 0;
-#ifdef DEBUG_SIGN
- fprintf(stderr, "R=");
- BN_print_fp(stderr, s->r);
- fprintf(stderr, "\nS=");
- BN_print_fp(stderr, s->s);
- fprintf(stderr, "\n");
-#endif
- if (pub_key)
- ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
- DSA_SIG_free(s);
- return ok;
-}
-
-/* ------------- encrypt init -------------------------------------*/
-/* Generates ephermeral key */
-static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
-{
- return 1;
-}
-
-/* --------------- Derive init ------------------------------------*/
-static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx)
-{
- return 1;
-}
-
-/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/
-static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
-{
- struct gost_mac_pmeth_data *data;
- data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data));
- if (!data)
- return 0;
- memset(data, 0, sizeof(struct gost_mac_pmeth_data));
- EVP_PKEY_CTX_set_data(ctx, data);
- return 1;
-}
-
-static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
-{
- struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
- OPENSSL_free(data);
-}
-
-static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
- struct gost_mac_pmeth_data *dst_data, *src_data;
- if (!pkey_gost_mac_init(dst)) {
- return 0;
- }
- src_data = EVP_PKEY_CTX_get_data(src);
- dst_data = EVP_PKEY_CTX_get_data(dst);
- *dst_data = *src_data;
- return 1;
-}
-
-static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
- struct gost_mac_pmeth_data *data =
- (struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
-
- switch (type) {
- case EVP_PKEY_CTRL_MD:
- {
- if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
- GOST_R_INVALID_DIGEST_TYPE);
- return 0;
- }
- data->md = (EVP_MD *)p2;
- return 1;
- }
- break;
-
- case EVP_PKEY_CTRL_GET_MD:
- *(const EVP_MD **)p2 = data->md;
- return 1;
-
- case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
- case EVP_PKEY_CTRL_PKCS7_DECRYPT:
- case EVP_PKEY_CTRL_PKCS7_SIGN:
- return 1;
- case EVP_PKEY_CTRL_SET_MAC_KEY:
- if (p1 != 32) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
- return 0;
- }
-
- memcpy(data->key, p2, 32);
- data->key_set = 1;
- return 1;
- case EVP_PKEY_CTRL_DIGESTINIT:
- {
- EVP_MD_CTX *mctx = p2;
- void *key;
- if (!data->key_set) {
- EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
- if (!pkey) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
- GOST_R_MAC_KEY_NOT_SET);
- return 0;
- }
- key = EVP_PKEY_get0(pkey);
- if (!key) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
- GOST_R_MAC_KEY_NOT_SET);
- return 0;
- }
- } else {
- key = &(data->key);
- }
- return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
- }
- }
- return -2;
-}
-
-static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
- const char *type, const char *value)
-{
- if (!strcmp(type, key_ctrl_string)) {
- if (strlen(value) != 32) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
- GOST_R_INVALID_MAC_KEY_LENGTH);
- return 0;
- }
- return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
- 32, (char *)value);
- }
- if (!strcmp(type, hexkey_ctrl_string)) {
- long keylen;
- int ret;
- unsigned char *keybuf = string_to_hex(value, &keylen);
- if (!keybuf || keylen != 32) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
- GOST_R_INVALID_MAC_KEY_LENGTH);
- OPENSSL_free(keybuf);
- return 0;
- }
- ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf);
- OPENSSL_free(keybuf);
- return ret;
-
- }
- return -2;
-}
-
-static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
- struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
- unsigned char *keydata;
- if (!data->key_set) {
- GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET);
- return 0;
- }
- keydata = OPENSSL_malloc(32);
- if (keydata == NULL)
- return 0;
- memcpy(keydata, data->key, 32);
- EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata);
- return 1;
-}
-
-static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
- return 1;
-}
-
-static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig,
- size_t *siglen, EVP_MD_CTX *mctx)
-{
- unsigned int tmpsiglen = *siglen; /* for platforms where
- * sizeof(int)!=sizeof(size_t) */
- int ret;
- if (!sig) {
- *siglen = 4;
- return 1;
- }
- ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen);
- *siglen = tmpsiglen;
- return ret;
-}
-
-/* ----------------------------------------------------------------*/
-int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
-{
- *pmeth = EVP_PKEY_meth_new(id, flags);
- if (!*pmeth)
- return 0;
-
- switch (id) {
- case NID_id_GostR3410_94:
- EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl94_str);
- EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost94cp_keygen);
- EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign);
- EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify);
- EVP_PKEY_meth_set_encrypt(*pmeth,
- pkey_gost_encrypt_init,
- pkey_GOST94cp_encrypt);
- EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
- EVP_PKEY_meth_set_derive(*pmeth,
- pkey_gost_derive_init, pkey_gost94_derive);
- EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
- pkey_gost94_paramgen);
- break;
- case NID_id_GostR3410_2001:
- EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str);
- EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign);
- EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify);
-
- EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen);
-
- EVP_PKEY_meth_set_encrypt(*pmeth,
- pkey_gost_encrypt_init,
- pkey_GOST01cp_encrypt);
- EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
- EVP_PKEY_meth_set_derive(*pmeth,
- pkey_gost_derive_init, pkey_gost2001_derive);
- EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
- pkey_gost01_paramgen);
- break;
- case NID_id_Gost28147_89_MAC:
- EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl,
- pkey_gost_mac_ctrl_str);
- EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init,
- pkey_gost_mac_signctx);
- EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen);
- EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init);
- EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup);
- EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy);
- return 1;
- default: /* Unsupported method */
- return 0;
- }
- EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init);
- EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup);
-
- EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy);
- /*
- * FIXME derive etc...
- */
-
- return 1;
-}
diff --git a/engines/ccgost/gost_sign.c b/engines/ccgost/gost_sign.c
deleted file mode 100644
index 07ad921ab530..000000000000
--- a/engines/ccgost/gost_sign.c
+++ /dev/null
@@ -1,373 +0,0 @@
-/**********************************************************************
- * gost_sign.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of GOST R 34.10-94 signature algorithm *
- * for OpenSSL *
- * Requires OpenSSL 0.9.9 for compilation *
- **********************************************************************/
-#include <string.h>
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-
-#include "gost_params.h"
-#include "gost_lcl.h"
-#include "e_gost_err.h"
-
-#ifdef DEBUG_SIGN
-void dump_signature(const char *message, const unsigned char *buffer,
- size_t len)
-{
- size_t i;
- fprintf(stderr, "signature %s Length=%d", message, len);
- for (i = 0; i < len; i++) {
- if (i % 16 == 0)
- fputc('\n', stderr);
- fprintf(stderr, " %02x", buffer[i]);
- }
- fprintf(stderr, "\nEnd of signature\n");
-}
-
-void dump_dsa_sig(const char *message, DSA_SIG *sig)
-{
- fprintf(stderr, "%s\nR=", message);
- BN_print_fp(stderr, sig->r);
- fprintf(stderr, "\nS=");
- BN_print_fp(stderr, sig->s);
- fprintf(stderr, "\n");
-}
-
-#else
-
-# define dump_signature(a,b,c)
-# define dump_dsa_sig(a,b)
-#endif
-
-/*
- * Computes signature and returns it as DSA_SIG structure
- */
-DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
- BIGNUM *k = NULL, *tmp = NULL, *tmp2 = NULL;
- DSA_SIG *newsig = NULL, *ret = NULL;
- BIGNUM *md = hashsum2bn(dgst);
- /* check if H(M) mod q is zero */
- BN_CTX *ctx = BN_CTX_new();
- if(!ctx) {
- GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN_CTX_start(ctx);
- newsig = DSA_SIG_new();
- if (!newsig) {
- GOSTerr(GOST_F_GOST_DO_SIGN, GOST_R_NO_MEMORY);
- goto err;
- }
- tmp = BN_CTX_get(ctx);
- k = BN_CTX_get(ctx);
- tmp2 = BN_CTX_get(ctx);
- if(!tmp || !k || !tmp2) {
- GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN_mod(tmp, md, dsa->q, ctx);
- if (BN_is_zero(tmp)) {
- BN_one(md);
- }
- do {
- do {
- /*
- * Generate random number k less than q
- */
- BN_rand_range(k, dsa->q);
- /* generate r = (a^x mod p) mod q */
- BN_mod_exp(tmp, dsa->g, k, dsa->p, ctx);
- if (!(newsig->r)) {
- newsig->r = BN_new();
- if(!newsig->r) {
- GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- BN_mod(newsig->r, tmp, dsa->q, ctx);
- }
- while (BN_is_zero(newsig->r));
- /* generate s = (xr + k(Hm)) mod q */
- BN_mod_mul(tmp, dsa->priv_key, newsig->r, dsa->q, ctx);
- BN_mod_mul(tmp2, k, md, dsa->q, ctx);
- if (!newsig->s) {
- newsig->s = BN_new();
- if(!newsig->s) {
- GOSTerr(GOST_F_GOST_DO_SIGN, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- BN_mod_add(newsig->s, tmp, tmp2, dsa->q, ctx);
- }
- while (BN_is_zero(newsig->s));
-
- ret = newsig;
- err:
- BN_free(md);
- if(ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- if(!ret && newsig) {
- DSA_SIG_free(newsig);
- }
- return ret;
-}
-
-/*
- * Packs signature according to Cryptocom rules
- * and frees up DSA_SIG structure
- */
-/*-
-int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen)
- {
- *siglen = 2*order;
- memset(sig,0,*siglen);
- store_bignum(s->r, sig,order);
- store_bignum(s->s, sig + order,order);
- dump_signature("serialized",sig,*siglen);
- DSA_SIG_free(s);
- return 1;
- }
-*/
-/*
- * Packs signature according to Cryptopro rules
- * and frees up DSA_SIG structure
- */
-int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
-{
- *siglen = 2 * order;
- memset(sig, 0, *siglen);
- store_bignum(s->s, sig, order);
- store_bignum(s->r, sig + order, order);
- dump_signature("serialized", sig, *siglen);
- DSA_SIG_free(s);
- return 1;
-}
-
-/*
- * Verifies signature passed as DSA_SIG structure
- *
- */
-
-int gost_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
-{
- BIGNUM *md = NULL, *tmp = NULL;
- BIGNUM *q2 = NULL;
- BIGNUM *u = NULL, *v = NULL, *z1 = NULL, *z2 = NULL;
- BIGNUM *tmp2 = NULL, *tmp3 = NULL;
- int ok = 0;
- BN_CTX *ctx = BN_CTX_new();
- if(!ctx) {
- GOSTerr(GOST_F_GOST_DO_VERIFY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- BN_CTX_start(ctx);
- if (BN_cmp(sig->s, dsa->q) >= 1 || BN_cmp(sig->r, dsa->q) >= 1) {
- GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
- goto err;
- }
- md = hashsum2bn(dgst);
-
- tmp = BN_CTX_get(ctx);
- v = BN_CTX_get(ctx);
- q2 = BN_CTX_get(ctx);
- z1 = BN_CTX_get(ctx);
- z2 = BN_CTX_get(ctx);
- tmp2 = BN_CTX_get(ctx);
- tmp3 = BN_CTX_get(ctx);
- u = BN_CTX_get(ctx);
- if(!tmp || !v || !q2 || !z1 || !z2 || !tmp2 || !tmp3 || !u) {
- GOSTerr(GOST_F_GOST_DO_VERIFY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- BN_mod(tmp, md, dsa->q, ctx);
- if (BN_is_zero(tmp)) {
- BN_one(md);
- }
- BN_copy(q2, dsa->q);
- BN_sub_word(q2, 2);
- BN_mod_exp(v, md, q2, dsa->q, ctx);
- BN_mod_mul(z1, sig->s, v, dsa->q, ctx);
- BN_sub(tmp, dsa->q, sig->r);
- BN_mod_mul(z2, tmp, v, dsa->p, ctx);
- BN_mod_exp(tmp, dsa->g, z1, dsa->p, ctx);
- BN_mod_exp(tmp2, dsa->pub_key, z2, dsa->p, ctx);
- BN_mod_mul(tmp3, tmp, tmp2, dsa->p, ctx);
- BN_mod(u, tmp3, dsa->q, ctx);
- ok = (BN_cmp(u, sig->r) == 0);
-
- if (!ok) {
- GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH);
- }
-err:
- if(md) BN_free(md);
- if(ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return ok;
-}
-
-/*
- * Computes public keys for GOST R 34.10-94 algorithm
- *
- */
-int gost94_compute_public(DSA *dsa)
-{
- /* Now fill algorithm parameters with correct values */
- BN_CTX *ctx;
- if (!dsa->g) {
- GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, GOST_R_KEY_IS_NOT_INITALIZED);
- return 0;
- }
- ctx = BN_CTX_new();
- if(!ctx) {
- GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- dsa->pub_key = BN_new();
- if(!dsa->pub_key) {
- GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);
- BN_CTX_free(ctx);
- return 0;
- }
- /* Compute public key y = a^x mod p */
- BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx);
- BN_CTX_free(ctx);
- return 1;
-}
-
-/*
- * Fill GOST 94 params, searching them in R3410_paramset array
- * by nid of paramset
- *
- */
-int fill_GOST94_params(DSA *dsa, int nid)
-{
- R3410_params *params = R3410_paramset;
- while (params->nid != NID_undef && params->nid != nid)
- params++;
- if (params->nid == NID_undef) {
- GOSTerr(GOST_F_FILL_GOST94_PARAMS, GOST_R_UNSUPPORTED_PARAMETER_SET);
- return 0;
- }
-#define dump_signature(a,b,c)
- if (dsa->p) {
- BN_free(dsa->p);
- }
- dsa->p = NULL;
- BN_dec2bn(&(dsa->p), params->p);
- if (dsa->q) {
- BN_free(dsa->q);
- }
- dsa->q = NULL;
- BN_dec2bn(&(dsa->q), params->q);
- if (dsa->g) {
- BN_free(dsa->g);
- }
- dsa->g = NULL;
- BN_dec2bn(&(dsa->g), params->a);
- return 1;
-}
-
-/*
- * Generate GOST R 34.10-94 keypair
- *
- *
- */
-int gost_sign_keygen(DSA *dsa)
-{
- dsa->priv_key = BN_new();
- if(!dsa->priv_key) {
- GOSTerr(GOST_F_GOST_SIGN_KEYGEN, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- BN_rand_range(dsa->priv_key, dsa->q);
- return gost94_compute_public(dsa);
-}
-
-/* Unpack signature according to cryptocom rules */
-/*-
-DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen)
- {
- DSA_SIG *s;
- s = DSA_SIG_new();
- if (s == NULL)
- {
- GOSTerr(GOST_F_UNPACK_CC_SIGNATURE,GOST_R_NO_MEMORY);
- return(NULL);
- }
- s->r = getbnfrombuf(sig, siglen/2);
- s->s = getbnfrombuf(sig + siglen/2, siglen/2);
- return s;
- }
-*/
-/* Unpack signature according to cryptopro rules */
-DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen)
-{
- DSA_SIG *s;
-
- s = DSA_SIG_new();
- if (s == NULL) {
- GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, GOST_R_NO_MEMORY);
- return NULL;
- }
- s->s = getbnfrombuf(sig, siglen / 2);
- s->r = getbnfrombuf(sig + siglen / 2, siglen / 2);
- return s;
-}
-
-/* Convert little-endian byte array into bignum */
-BIGNUM *hashsum2bn(const unsigned char *dgst)
-{
- unsigned char buf[32];
- int i;
- for (i = 0; i < 32; i++) {
- buf[31 - i] = dgst[i];
- }
- return getbnfrombuf(buf, 32);
-}
-
-/* Convert byte buffer to bignum, skipping leading zeros*/
-BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len)
-{
- while (*buf == 0 && len > 0) {
- buf++;
- len--;
- }
- if (len) {
- return BN_bin2bn(buf, len, NULL);
- } else {
- BIGNUM *b = BN_new();
- BN_zero(b);
- return b;
- }
-}
-
-/*
- * Pack bignum into byte buffer of given size, filling all leading bytes by
- * zeros
- */
-int store_bignum(BIGNUM *bn, unsigned char *buf, int len)
-{
- int bytes = BN_num_bytes(bn);
- if (bytes > len)
- return 0;
- memset(buf, 0, len);
- BN_bn2bin(bn, buf + len - bytes);
- return 1;
-}
diff --git a/engines/ccgost/gosthash.c b/engines/ccgost/gosthash.c
deleted file mode 100644
index 72faa24ed560..000000000000
--- a/engines/ccgost/gosthash.c
+++ /dev/null
@@ -1,268 +0,0 @@
-/**********************************************************************
- * gosthash.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Implementation of GOST R 34.11-94 hash function *
- * uses on gost89.c and gost89.h Doesn't need OpenSSL *
- **********************************************************************/
-#include <string.h>
-
-#include "gost89.h"
-#include "gosthash.h"
-
-/*
- * Use OPENSSL_malloc for memory allocation if compiled with
- * -DOPENSSL_BUILD, and libc malloc otherwise
- */
-#ifndef MYALLOC
-# ifdef OPENSSL_BUILD
-# include <openssl/crypto.h>
-# define MYALLOC(size) OPENSSL_malloc(size)
-# define MYFREE(ptr) OPENSSL_free(ptr)
-# else
-# define MYALLOC(size) malloc(size)
-# define MYFREE(ptr) free(ptr)
-# endif
-#endif
-/*
- * Following functions are various bit meshing routines used in GOST R
- * 34.11-94 algorithms
- */
-static void swap_bytes(byte * w, byte * k)
-{
- int i, j;
- for (i = 0; i < 4; i++)
- for (j = 0; j < 8; j++)
- k[i + 4 * j] = w[8 * i + j];
-
-}
-
-/* was A_A */
-static void circle_xor8(const byte * w, byte * k)
-{
- byte buf[8];
- int i;
- memcpy(buf, w, 8);
- memmove(k, w + 8, 24);
- for (i = 0; i < 8; i++)
- k[i + 24] = buf[i] ^ k[i];
-}
-
-/* was R_R */
-static void transform_3(byte * data)
-{
- unsigned short int acc;
- acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) |
- ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8);
- memmove(data, data + 2, 30);
- data[30] = acc & 0xff;
- data[31] = acc >> 8;
-}
-
-/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
-static int add_blocks(int n, byte * left, const byte * right)
-{
- int i;
- int carry = 0;
- int sum;
- for (i = 0; i < n; i++) {
- sum = (int)left[i] + (int)right[i] + carry;
- left[i] = sum & 0xff;
- carry = sum >> 8;
- }
- return carry;
-}
-
-/* Xor two sequences of bytes */
-static void xor_blocks(byte * result, const byte * a, const byte * b,
- size_t len)
-{
- size_t i;
- for (i = 0; i < len; i++)
- result[i] = a[i] ^ b[i];
-}
-
-/*
- * Calculate H(i+1) = Hash(Hi,Mi)
- * Where H and M are 32 bytes long
- */
-static int hash_step(gost_ctx * c, byte * H, const byte * M)
-{
- byte U[32], W[32], V[32], S[32], Key[32];
- int i;
- /* Compute first key */
- xor_blocks(W, H, M, 32);
- swap_bytes(W, Key);
- /* Encrypt first 8 bytes of H with first key */
- gost_enc_with_key(c, Key, H, S);
- /* Compute second key */
- circle_xor8(H, U);
- circle_xor8(M, V);
- circle_xor8(V, V);
- xor_blocks(W, U, V, 32);
- swap_bytes(W, Key);
- /* encrypt second 8 bytes of H with second key */
- gost_enc_with_key(c, Key, H + 8, S + 8);
- /* compute third key */
- circle_xor8(U, U);
- U[31] = ~U[31];
- U[29] = ~U[29];
- U[28] = ~U[28];
- U[24] = ~U[24];
- U[23] = ~U[23];
- U[20] = ~U[20];
- U[18] = ~U[18];
- U[17] = ~U[17];
- U[14] = ~U[14];
- U[12] = ~U[12];
- U[10] = ~U[10];
- U[8] = ~U[8];
- U[7] = ~U[7];
- U[5] = ~U[5];
- U[3] = ~U[3];
- U[1] = ~U[1];
- circle_xor8(V, V);
- circle_xor8(V, V);
- xor_blocks(W, U, V, 32);
- swap_bytes(W, Key);
- /* encrypt third 8 bytes of H with third key */
- gost_enc_with_key(c, Key, H + 16, S + 16);
- /* Compute fourth key */
- circle_xor8(U, U);
- circle_xor8(V, V);
- circle_xor8(V, V);
- xor_blocks(W, U, V, 32);
- swap_bytes(W, Key);
- /* Encrypt last 8 bytes with fourth key */
- gost_enc_with_key(c, Key, H + 24, S + 24);
- for (i = 0; i < 12; i++)
- transform_3(S);
- xor_blocks(S, S, M, 32);
- transform_3(S);
- xor_blocks(S, S, H, 32);
- for (i = 0; i < 61; i++)
- transform_3(S);
- memcpy(H, S, 32);
- return 1;
-}
-
-/*
- * Initialize gost_hash ctx - cleans up temporary structures and set up
- * substitution blocks
- */
-int init_gost_hash_ctx(gost_hash_ctx * ctx,
- const gost_subst_block * subst_block)
-{
- memset(ctx, 0, sizeof(gost_hash_ctx));
- ctx->cipher_ctx = (gost_ctx *) MYALLOC(sizeof(gost_ctx));
- if (!ctx->cipher_ctx) {
- return 0;
- }
- gost_init(ctx->cipher_ctx, subst_block);
- return 1;
-}
-
-/*
- * Free cipher CTX if it is dynamically allocated. Do not use
- * if cipher ctx is statically allocated as in OpenSSL implementation of
- * GOST hash algroritm
- *
- */
-void done_gost_hash_ctx(gost_hash_ctx * ctx)
-{
- /*
- * No need to use gost_destroy, because cipher keys are not really secret
- * when hashing
- */
- MYFREE(ctx->cipher_ctx);
-}
-
-/*
- * reset state of hash context to begin hashing new message
- */
-int start_hash(gost_hash_ctx * ctx)
-{
- if (!ctx->cipher_ctx)
- return 0;
- memset(&(ctx->H), 0, 32);
- memset(&(ctx->S), 0, 32);
- ctx->len = 0L;
- ctx->left = 0;
- return 1;
-}
-
-/*
- * Hash block of arbitrary length
- *
- *
- */
-int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length)
-{
- if (ctx->left) {
- /*
- * There are some bytes from previous step
- */
- unsigned int add_bytes = 32 - ctx->left;
- if (add_bytes > length) {
- add_bytes = length;
- }
- memcpy(&(ctx->remainder[ctx->left]), block, add_bytes);
- ctx->left += add_bytes;
- if (ctx->left < 32) {
- return 1;
- }
- block += add_bytes;
- length -= add_bytes;
- hash_step(ctx->cipher_ctx, ctx->H, ctx->remainder);
- add_blocks(32, ctx->S, ctx->remainder);
- ctx->len += 32;
- ctx->left = 0;
- }
- while (length >= 32) {
- hash_step(ctx->cipher_ctx, ctx->H, block);
-
- add_blocks(32, ctx->S, block);
- ctx->len += 32;
- block += 32;
- length -= 32;
- }
- if (length) {
- memcpy(ctx->remainder, block, ctx->left = length);
- }
- return 1;
-}
-
-/*
- * Compute hash value from current state of ctx
- * state of hash ctx becomes invalid and cannot be used for further
- * hashing.
- */
-int finish_hash(gost_hash_ctx * ctx, byte * hashval)
-{
- byte buf[32];
- byte H[32];
- byte S[32];
- ghosthash_len fin_len = ctx->len;
- byte *bptr;
- memcpy(H, ctx->H, 32);
- memcpy(S, ctx->S, 32);
- if (ctx->left) {
- memset(buf, 0, 32);
- memcpy(buf, ctx->remainder, ctx->left);
- hash_step(ctx->cipher_ctx, H, buf);
- add_blocks(32, S, buf);
- fin_len += ctx->left;
- }
- memset(buf, 0, 32);
- bptr = buf;
- fin_len <<= 3; /* Hash length in BITS!! */
- while (fin_len > 0) {
- *(bptr++) = (byte) (fin_len & 0xFF);
- fin_len >>= 8;
- };
- hash_step(ctx->cipher_ctx, H, buf);
- hash_step(ctx->cipher_ctx, H, S);
- memcpy(hashval, H, 32);
- return 1;
-}
diff --git a/engines/ccgost/gosthash.h b/engines/ccgost/gosthash.h
deleted file mode 100644
index 003e668e0b15..000000000000
--- a/engines/ccgost/gosthash.h
+++ /dev/null
@@ -1,52 +0,0 @@
-/**********************************************************************
- * gosthash.h *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Declaration of GOST R 34.11-94 hash functions *
- * uses and gost89.h Doesn't need OpenSSL *
- **********************************************************************/
-#ifndef GOSTHASH_H
-# define GOSTHASH_H
-# include "gost89.h"
-# include <stdlib.h>
-
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-typedef __int64 ghosthash_len;
-# elif defined(__arch64__)
-typedef long ghosthash_len;
-# else
-typedef long long ghosthash_len;
-# endif
-
-typedef struct gost_hash_ctx {
- ghosthash_len len;
- gost_ctx *cipher_ctx;
- int left;
- byte H[32];
- byte S[32];
- byte remainder[32];
-} gost_hash_ctx;
-
-/* Initalizes gost hash ctx, including creation of gost cipher ctx */
-
-int init_gost_hash_ctx(gost_hash_ctx * ctx,
- const gost_subst_block * subst_block);
-void done_gost_hash_ctx(gost_hash_ctx * ctx);
-
-/*
- * Cleans up all fields, except cipher ctx preparing ctx for computing of new
- * hash value
- */
-int start_hash(gost_hash_ctx * ctx);
-
-/* Hashes block of data */
-int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length);
-
-/*
- * Finalizes computation of hash and fills buffer (which should be at least
- * 32 bytes long) with value of computed hash.
- */
-int finish_hash(gost_hash_ctx * ctx, byte * hashval);
-
-#endif
diff --git a/engines/ccgost/gostsum.c b/engines/ccgost/gostsum.c
deleted file mode 100644
index 1021848ef72c..000000000000
--- a/engines/ccgost/gostsum.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/**********************************************************************
- * gostsum.c *
- * Copyright (c) 2005-2006 Cryptocom LTD *
- * This file is distributed under the same license as OpenSSL *
- * *
- * Almost drop-in replacement for md5sum and sha1sum *
- * which computes GOST R 34.11-94 hashsum instead *
- * *
- **********************************************************************/
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <limits.h>
-#include <fcntl.h>
-#include <string.h>
-#include "gosthash.h"
-#define BUF_SIZE 262144
-int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode);
-int hash_stream(gost_hash_ctx * ctx, int fd, char *sum);
-int get_line(FILE *f, char *hash, char *filename);
-void help()
-{
- fprintf(stderr, "gostsum [-bvt] [-c [file]]| [files]\n"
- "\t-c check message digests (default is generate)\n"
- "\t-v verbose, print file names when checking\n"
- "\t-b read files in binary mode\n"
- "\t-t use test GOST paramset (default is CryptoPro paramset)\n"
- "The input for -c should be the list of message digests and file names\n"
- "that is printed on stdout by this program when it generates digests.\n");
- exit(3);
-}
-
-#ifndef O_BINARY
-# define O_BINARY 0
-#endif
-
-int main(int argc, char **argv)
-{
- int c, i;
- int verbose = 0;
- int errors = 0;
- int open_mode = O_RDONLY;
- gost_subst_block *b = &GostR3411_94_CryptoProParamSet;
- FILE *check_file = NULL;
- gost_hash_ctx ctx;
-
- while ((c = getopt(argc, argv, "bc::tv")) != -1) {
- switch (c) {
- case 'v':
- verbose = 1;
- break;
- case 't':
- b = &GostR3411_94_TestParamSet;
- break;
- case 'b':
- open_mode |= O_BINARY;
- break;
- case 'c':
- if (optarg) {
- check_file = fopen(optarg, "r");
- if (!check_file) {
- perror(optarg);
- exit(2);
- }
- } else {
- check_file = stdin;
- }
- break;
- default:
- fprintf(stderr, "invalid option %c", optopt);
- help();
- }
- }
- init_gost_hash_ctx(&ctx, b);
- if (check_file) {
- char inhash[65], calcsum[65], filename[PATH_MAX];
- int failcount = 0, count = 0;;
- if (check_file == stdin && optind < argc) {
- check_file = fopen(argv[optind], "r");
- if (!check_file) {
- perror(argv[optind]);
- exit(2);
- }
- }
- while (get_line(check_file, inhash, filename)) {
- if (!hash_file(&ctx, filename, calcsum, open_mode)) {
- exit(2);
- }
- count++;
- if (!strncmp(calcsum, inhash, 65)) {
- if (verbose) {
- fprintf(stderr, "%s\tOK\n", filename);
- }
- } else {
- if (verbose) {
- fprintf(stderr, "%s\tFAILED\n", filename);
- } else {
- fprintf(stderr,
- "%s: GOST hash sum check failed for '%s'\n",
- argv[0], filename);
- }
- failcount++;
- }
- }
- if (verbose && failcount) {
- fprintf(stderr,
- "%s: %d of %d file(f) failed GOST hash sum check\n",
- argv[0], failcount, count);
- }
- exit(failcount ? 1 : 0);
- }
- if (optind == argc) {
- char sum[65];
- if (!hash_stream(&ctx, fileno(stdin), sum)) {
- perror("stdin");
- exit(1);
- }
- printf("%s -\n", sum);
- exit(0);
- }
- for (i = optind; i < argc; i++) {
- char sum[65];
- if (!hash_file(&ctx, argv[i], sum, open_mode)) {
- errors++;
- } else {
- printf("%s %s\n", sum, argv[i]);
- }
- }
- exit(errors ? 1 : 0);
-}
-
-int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode)
-{
- int fd;
- if ((fd = open(filename, mode)) < 0) {
- perror(filename);
- return 0;
- }
- if (!hash_stream(ctx, fd, sum)) {
- perror(filename);
- return 0;
- }
- close(fd);
- return 1;
-}
-
-int hash_stream(gost_hash_ctx * ctx, int fd, char *sum)
-{
- unsigned char buffer[BUF_SIZE];
- ssize_t bytes;
- int i;
- start_hash(ctx);
- while ((bytes = read(fd, buffer, BUF_SIZE)) > 0) {
- hash_block(ctx, buffer, bytes);
- }
- if (bytes < 0) {
- return 0;
- }
- finish_hash(ctx, buffer);
- for (i = 0; i < 32; i++) {
- sprintf(sum + 2 * i, "%02x", buffer[31 - i]);
- }
- return 1;
-}
-
-int get_line(FILE *f, char *hash, char *filename)
-{
- int i;
- if (fread(hash, 1, 64, f) < 64)
- return 0;
- hash[64] = 0;
- for (i = 0; i < 64; i++) {
- if (hash[i] < '0' || (hash[i] > '9' && hash[i] < 'A')
- || (hash[i] > 'F' && hash[i] < 'a') || hash[i] > 'f') {
- fprintf(stderr, "Not a hash value '%s'\n", hash);
- return 0;
- }
- }
- if (fgetc(f) != ' ') {
- fprintf(stderr, "Malformed input line\n");
- return 0;
- }
- i = strlen(fgets(filename, PATH_MAX, f));
- while (filename[--i] == '\n' || filename[i] == '\r')
- filename[i] = 0;
- return 1;
-}
diff --git a/engines/e_4758cca.c b/engines/e_4758cca.c
deleted file mode 100644
index 60ba4abcdfaf..000000000000
--- a/engines/e_4758cca.c
+++ /dev/null
@@ -1,960 +0,0 @@
-/* Author: Maurice Gittens <maurice@gittens.nl> */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_4758_CCA
-
-# ifdef FLAT_INC
-# include "hw_4758_cca.h"
-# else
-# include "vendor_defns/hw_4758_cca.h"
-# endif
-
-# include "e_4758cca_err.c"
-
-static int ibm_4758_cca_destroy(ENGINE *e);
-static int ibm_4758_cca_init(ENGINE *e);
-static int ibm_4758_cca_finish(ENGINE *e);
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f) (void));
-
-/* rsa functions */
-/* -------------*/
-# ifndef OPENSSL_NO_RSA
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen,
- const RSA *rsa);
-static int cca_rsa_verify(int dtype, const unsigned char *m,
- unsigned int m_len, const unsigned char *sigbuf,
- unsigned int siglen, const RSA *rsa);
-
-/* utility functions */
-/* ---------------------*/
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE *, const char *,
- UI_METHOD *ui_method,
- void *callback_data);
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *, const char *,
- UI_METHOD *ui_method,
- void *callback_data);
-
-static int getModulusAndExponent(const unsigned char *token,
- long *exponentLength,
- unsigned char *exponent, long *modulusLength,
- long *modulusFieldLength,
- unsigned char *modulus);
-# endif
-
-/* RAND number functions */
-/* ---------------------*/
-static int cca_get_random_bytes(unsigned char *, int);
-static int cca_random_status(void);
-
-# ifndef OPENSSL_NO_RSA
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-# endif
-
-/* Function pointers for CCA verbs */
-/* -------------------------------*/
-# ifndef OPENSSL_NO_RSA
-static F_KEYRECORDREAD keyRecordRead;
-static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
-static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
-static F_PUBLICKEYEXTRACT publicKeyExtract;
-static F_PKAENCRYPT pkaEncrypt;
-static F_PKADECRYPT pkaDecrypt;
-# endif
-static F_RANDOMNUMBERGENERATE randomNumberGenerate;
-
-/* static variables */
-/* ----------------*/
-static const char *CCA4758_LIB_NAME = NULL;
-static const char *get_CCA4758_LIB_NAME(void)
-{
- if (CCA4758_LIB_NAME)
- return CCA4758_LIB_NAME;
- return CCA_LIB_NAME;
-}
-
-static void free_CCA4758_LIB_NAME(void)
-{
- if (CCA4758_LIB_NAME)
- OPENSSL_free((void *)CCA4758_LIB_NAME);
- CCA4758_LIB_NAME = NULL;
-}
-
-static long set_CCA4758_LIB_NAME(const char *name)
-{
- free_CCA4758_LIB_NAME();
- return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-# ifndef OPENSSL_NO_RSA
-static const char *n_keyRecordRead = CSNDKRR;
-static const char *n_digitalSignatureGenerate = CSNDDSG;
-static const char *n_digitalSignatureVerify = CSNDDSV;
-static const char *n_publicKeyExtract = CSNDPKX;
-static const char *n_pkaEncrypt = CSNDPKE;
-static const char *n_pkaDecrypt = CSNDPKD;
-# endif
-static const char *n_randomNumberGenerate = CSNBRNG;
-
-# ifndef OPENSSL_NO_RSA
-static int hndidx = -1;
-# endif
-static DSO *dso = NULL;
-
-/* openssl engine initialization structures */
-/* ----------------------------------------*/
-
-# define CCA4758_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = {
- {CCA4758_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the '4758cca' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-static RSA_METHOD ibm_4758_cca_rsa = {
- "IBM 4758 CCA RSA method",
- cca_rsa_pub_enc,
- NULL,
- NULL,
- cca_rsa_priv_dec,
- NULL, /* rsa_mod_exp, */
- NULL, /* mod_exp_mont, */
- NULL, /* init */
- NULL, /* finish */
- RSA_FLAG_SIGN_VER, /* flags */
- NULL, /* app_data */
- cca_rsa_sign, /* rsa_sign */
- cca_rsa_verify, /* rsa_verify */
- NULL /* rsa_keygen */
-};
-# endif
-
-static RAND_METHOD ibm_4758_cca_rand = {
- /* "IBM 4758 RAND method", */
- NULL, /* seed */
- cca_get_random_bytes, /* get random bytes from the card */
- NULL, /* cleanup */
- NULL, /* add */
- cca_get_random_bytes, /* pseudo rand */
- cca_random_status, /* status */
-};
-
-static const char *engine_4758_cca_id = "4758cca";
-static const char *engine_4758_cca_name =
- "IBM 4758 CCA hardware engine support";
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-/* Compatibility hack, the dynamic library uses this form in the path */
-static const char *engine_4758_cca_id_alt = "4758_cca";
-# endif
-
-/* engine implementation */
-/* ---------------------*/
-static int bind_helper(ENGINE *e)
-{
- if (!ENGINE_set_id(e, engine_4758_cca_id) ||
- !ENGINE_set_name(e, engine_4758_cca_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
-# endif
- !ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
- !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
- !ENGINE_set_init_function(e, ibm_4758_cca_init) ||
- !ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
- !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
-# endif
- !ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
- return 0;
- /* Ensure the error handling is set up */
- ERR_load_CCA4758_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_4758_cca(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_4758cca(void)
-{
- ENGINE *e_4758 = engine_4758_cca();
- if (!e_4758)
- return;
- ENGINE_add(e_4758);
- ENGINE_free(e_4758);
- ERR_clear_error();
-}
-# endif
-
-static int ibm_4758_cca_destroy(ENGINE *e)
-{
- ERR_unload_CCA4758_strings();
- free_CCA4758_LIB_NAME();
- return 1;
-}
-
-static int ibm_4758_cca_init(ENGINE *e)
-{
- if (dso) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_ALREADY_LOADED);
- goto err;
- }
-
- dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
- if (!dso) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
- goto err;
- }
-# ifndef OPENSSL_NO_RSA
- if (!(keyRecordRead = (F_KEYRECORDREAD)
- DSO_bind_func(dso, n_keyRecordRead)) ||
- !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
- DSO_bind_func(dso, n_randomNumberGenerate)) ||
- !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)
- DSO_bind_func(dso, n_digitalSignatureGenerate)) ||
- !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)
- DSO_bind_func(dso, n_digitalSignatureVerify)) ||
- !(publicKeyExtract = (F_PUBLICKEYEXTRACT)
- DSO_bind_func(dso, n_publicKeyExtract)) ||
- !(pkaEncrypt = (F_PKAENCRYPT)
- DSO_bind_func(dso, n_pkaEncrypt)) || !(pkaDecrypt = (F_PKADECRYPT)
- DSO_bind_func(dso,
- n_pkaDecrypt)))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
- goto err;
- }
-# else
- if (!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
- DSO_bind_func(dso, n_randomNumberGenerate))) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
- goto err;
- }
-# endif
-
-# ifndef OPENSSL_NO_RSA
- hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
- NULL, NULL, cca_ex_free);
-# endif
-
- return 1;
- err:
- if (dso)
- DSO_free(dso);
- dso = NULL;
-
-# ifndef OPENSSL_NO_RSA
- keyRecordRead = (F_KEYRECORDREAD) 0;
- digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
- digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
- publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
- pkaEncrypt = (F_PKAENCRYPT) 0;
- pkaDecrypt = (F_PKADECRYPT) 0;
-# endif
- randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
- return 0;
-}
-
-static int ibm_4758_cca_finish(ENGINE *e)
-{
- free_CCA4758_LIB_NAME();
- if (!dso) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_NOT_LOADED);
- return 0;
- }
- if (!DSO_free(dso)) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_UNIT_FAILURE);
- return 0;
- }
- dso = NULL;
-# ifndef OPENSSL_NO_RSA
- keyRecordRead = (F_KEYRECORDREAD) 0;
- randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
- digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
- digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
- publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
- pkaEncrypt = (F_PKAENCRYPT) 0;
- pkaDecrypt = (F_PKADECRYPT) 0;
-# endif
- randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
- return 1;
-}
-
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f) (void))
-{
- int initialised = ((dso == NULL) ? 0 : 1);
- switch (cmd) {
- case CCA4758_CMD_SO_PATH:
- if (p == NULL) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (initialised) {
- CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, CCA4758_R_ALREADY_LOADED);
- return 0;
- }
- return set_CCA4758_LIB_NAME((const char *)p);
- default:
- break;
- }
- CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
- CCA4758_R_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-# ifndef OPENSSL_NO_RSA
-
-# define MAX_CCA_PKA_TOKEN_SIZE 2500
-
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data)
-{
- RSA *rtmp = NULL;
- EVP_PKEY *res = NULL;
- unsigned char *keyToken = NULL;
- unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
- long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
- long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
- long returnCode;
- long reasonCode;
- long exitDataLength = 0;
- long ruleArrayLength = 0;
- unsigned char exitData[8];
- unsigned char ruleArray[8];
- unsigned char keyLabel[64];
- unsigned long keyLabelLength = strlen(key_id);
- unsigned char modulus[256];
- long modulusFieldLength = sizeof(modulus);
- long modulusLength = 0;
- unsigned char exponent[256];
- long exponentLength = sizeof(exponent);
-
- if (keyLabelLength > sizeof(keyLabel)) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return NULL;
- }
-
- memset(keyLabel, ' ', sizeof(keyLabel));
- memcpy(keyLabel, key_id, keyLabelLength);
-
- keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
- if (!keyToken) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray, keyLabel,
- &keyTokenLength, keyToken + sizeof(long));
-
- if (returnCode) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
-
- publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
- keyToken + sizeof(long), &pubKeyTokenLength,
- pubKeyToken);
-
- if (returnCode) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
-
- if (!getModulusAndExponent(pubKeyToken, &exponentLength,
- exponent, &modulusLength, &modulusFieldLength,
- modulus)) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
-
- (*(long *)keyToken) = keyTokenLength;
- rtmp = RSA_new_method(e);
- if (rtmp == NULL) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
-
- rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
- rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
-
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rtmp);
-
- return res;
- err:
- if (keyToken)
- OPENSSL_free(keyToken);
- return NULL;
-}
-
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data)
-{
- RSA *rtmp = NULL;
- EVP_PKEY *res = NULL;
- unsigned char *keyToken = NULL;
- long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
- long returnCode;
- long reasonCode;
- long exitDataLength = 0;
- long ruleArrayLength = 0;
- unsigned char exitData[8];
- unsigned char ruleArray[8];
- unsigned char keyLabel[64];
- unsigned long keyLabelLength = strlen(key_id);
- unsigned char modulus[512];
- long modulusFieldLength = sizeof(modulus);
- long modulusLength = 0;
- unsigned char exponent[512];
- long exponentLength = sizeof(exponent);
-
- if (keyLabelLength > sizeof(keyLabel)) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return NULL;
- }
-
- memset(keyLabel, ' ', sizeof(keyLabel));
- memcpy(keyLabel, key_id, keyLabelLength);
-
- keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
- if (!keyToken) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
- &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
- keyToken + sizeof(long));
-
- if (returnCode) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!getModulusAndExponent(keyToken + sizeof(long), &exponentLength,
- exponent, &modulusLength, &modulusFieldLength,
- modulus)) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
- CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
- goto err;
- }
-
- (*(long *)keyToken) = keyTokenLength;
- rtmp = RSA_new_method(e);
- if (rtmp == NULL) {
- CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
- rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
- rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rtmp);
-
- return res;
- err:
- if (keyToken)
- OPENSSL_free(keyToken);
- return NULL;
-}
-
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
-{
- long returnCode;
- long reasonCode;
- long lflen = flen;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.2";
- long dataStructureLength = 0;
- unsigned char dataStructure[8];
- long outputLength = RSA_size(rsa);
- long keyTokenLength;
- unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
-
- keyTokenLength = *(long *)keyToken;
- keyToken += sizeof(long);
-
- pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
- &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
- &dataStructureLength, dataStructure, &keyTokenLength,
- keyToken, &outputLength, to);
-
- if (returnCode || reasonCode)
- return -(returnCode << 16 | reasonCode);
- return outputLength;
-}
-
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
-{
- long returnCode;
- long reasonCode;
- long lflen = flen;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.2";
- long dataStructureLength = 0;
- unsigned char dataStructure[8];
- long outputLength = RSA_size(rsa);
- long keyTokenLength;
- unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
-
- keyTokenLength = *(long *)keyToken;
- keyToken += sizeof(long);
-
- pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
- &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
- &dataStructureLength, dataStructure, &keyTokenLength,
- keyToken, &outputLength, to);
-
- return (returnCode | reasonCode) ? 0 : 1;
-}
-
-# define SSL_SIG_LEN 36
-
-static int cca_rsa_verify(int type, const unsigned char *m,
- unsigned int m_len, const unsigned char *sigbuf,
- unsigned int siglen, const RSA *rsa)
-{
- long returnCode;
- long reasonCode;
- long lsiglen = siglen;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.1";
- long keyTokenLength;
- unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
- long length = SSL_SIG_LEN;
- long keyLength;
- unsigned char *hashBuffer = NULL;
- X509_SIG sig;
- ASN1_TYPE parameter;
- X509_ALGOR algorithm;
- ASN1_OCTET_STRING digest;
-
- keyTokenLength = *(long *)keyToken;
- keyToken += sizeof(long);
-
- if (type == NID_md5 || type == NID_sha1) {
- sig.algor = &algorithm;
- algorithm.algorithm = OBJ_nid2obj(type);
-
- if (!algorithm.algorithm) {
- CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
- CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
- return 0;
- }
-
- if (!algorithm.algorithm->length) {
- CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
- CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
- return 0;
- }
-
- parameter.type = V_ASN1_NULL;
- parameter.value.ptr = NULL;
- algorithm.parameter = &parameter;
-
- sig.digest = &digest;
- sig.digest->data = (unsigned char *)m;
- sig.digest->length = m_len;
-
- length = i2d_X509_SIG(&sig, NULL);
- }
-
- keyLength = RSA_size(rsa);
-
- if (length - RSA_PKCS1_PADDING > keyLength) {
- CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
-
- switch (type) {
- case NID_md5_sha1:
- if (m_len != SSL_SIG_LEN) {
- CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
-
- hashBuffer = (unsigned char *)m;
- length = m_len;
- break;
- case NID_md5:
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
- if (!hashBuffer) {
- CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- case NID_sha1:
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
- if (!hashBuffer) {
- CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- default:
- return 0;
- }
-
- digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray,
- &keyTokenLength, keyToken, &length, hashBuffer,
- &lsiglen, (unsigned char *)sigbuf);
-
- if (type == NID_sha1 || type == NID_md5) {
- OPENSSL_cleanse(hashBuffer, keyLength + 1);
- OPENSSL_free(hashBuffer);
- }
-
- return ((returnCode || reasonCode) ? 0 : 1);
-}
-
-# define SSL_SIG_LEN 36
-
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen,
- const RSA *rsa)
-{
- long returnCode;
- long reasonCode;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.1";
- long outputLength = 256;
- long outputBitLength;
- long keyTokenLength;
- unsigned char *hashBuffer = NULL;
- unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
- long length = SSL_SIG_LEN;
- long keyLength;
- X509_SIG sig;
- ASN1_TYPE parameter;
- X509_ALGOR algorithm;
- ASN1_OCTET_STRING digest;
-
- keyTokenLength = *(long *)keyToken;
- keyToken += sizeof(long);
-
- if (type == NID_md5 || type == NID_sha1) {
- sig.algor = &algorithm;
- algorithm.algorithm = OBJ_nid2obj(type);
-
- if (!algorithm.algorithm) {
- CCA4758err(CCA4758_F_CCA_RSA_SIGN,
- CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
- return 0;
- }
-
- if (!algorithm.algorithm->length) {
- CCA4758err(CCA4758_F_CCA_RSA_SIGN,
- CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
- return 0;
- }
-
- parameter.type = V_ASN1_NULL;
- parameter.value.ptr = NULL;
- algorithm.parameter = &parameter;
-
- sig.digest = &digest;
- sig.digest->data = (unsigned char *)m;
- sig.digest->length = m_len;
-
- length = i2d_X509_SIG(&sig, NULL);
- }
-
- keyLength = RSA_size(rsa);
-
- if (length - RSA_PKCS1_PADDING > keyLength) {
- CCA4758err(CCA4758_F_CCA_RSA_SIGN,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
-
- switch (type) {
- case NID_md5_sha1:
- if (m_len != SSL_SIG_LEN) {
- CCA4758err(CCA4758_F_CCA_RSA_SIGN,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
- hashBuffer = (unsigned char *)m;
- length = m_len;
- break;
- case NID_md5:
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
- if (!hashBuffer) {
- CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- case NID_sha1:
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
- if (!hashBuffer) {
- CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- default:
- return 0;
- }
-
- digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray,
- &keyTokenLength, keyToken, &length, hashBuffer,
- &outputLength, &outputBitLength, sigret);
-
- if (type == NID_sha1 || type == NID_md5) {
- OPENSSL_cleanse(hashBuffer, keyLength + 1);
- OPENSSL_free(hashBuffer);
- }
-
- *siglen = outputLength;
-
- return ((returnCode || reasonCode) ? 0 : 1);
-}
-
-static int getModulusAndExponent(const unsigned char *token,
- long *exponentLength,
- unsigned char *exponent, long *modulusLength,
- long *modulusFieldLength,
- unsigned char *modulus)
-{
- unsigned long len;
-
- if (*token++ != (char)0x1E) /* internal PKA token? */
- return 0;
-
- if (*token++) /* token version must be zero */
- return 0;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- token += 4; /* skip reserved bytes */
-
- if (*token++ == (char)0x04) {
- if (*token++) /* token version must be zero */
- return 0;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- token += 2; /* skip reserved section */
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- *exponentLength = len;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- *modulusLength = len;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- *modulusFieldLength = len;
-
- memcpy(exponent, token, *exponentLength);
- token += *exponentLength;
-
- memcpy(modulus, token, *modulusFieldLength);
- return 1;
- }
- return 0;
-}
-
-# endif /* OPENSSL_NO_RSA */
-
-static int cca_random_status(void)
-{
- return 1;
-}
-
-static int cca_get_random_bytes(unsigned char *buf, int num)
-{
- long ret_code;
- long reason_code;
- long exit_data_length;
- unsigned char exit_data[4];
- unsigned char form[] = "RANDOM ";
- unsigned char rand_buf[8];
-
- while (num >= (int)sizeof(rand_buf)) {
- randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
- exit_data, form, rand_buf);
- if (ret_code)
- return 0;
- num -= sizeof(rand_buf);
- memcpy(buf, rand_buf, sizeof(rand_buf));
- buf += sizeof(rand_buf);
- }
-
- if (num) {
- randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
- form, rand_buf);
- if (ret_code)
- return 0;
- memcpy(buf, rand_buf, num);
- }
-
- return 1;
-}
-
-# ifndef OPENSSL_NO_RSA
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
- long argl, void *argp)
-{
- if (item)
- OPENSSL_free(item);
-}
-# endif
-
-/* Goo to handle building as a dynamic engine */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_4758_cca_id) != 0) &&
- (strcmp(id, engine_4758_cca_id_alt) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_4758_CCA */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_4758cca_err.c b/engines/e_4758cca_err.c
deleted file mode 100644
index aed7199759fd..000000000000
--- a/engines/e_4758cca_err.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* e_4758cca_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_4758cca_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA CCA4758_str_functs[] = {
- {ERR_FUNC(CCA4758_F_CCA_RSA_SIGN), "CCA_RSA_SIGN"},
- {ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY), "CCA_RSA_VERIFY"},
- {ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL), "IBM_4758_CCA_CTRL"},
- {ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH), "IBM_4758_CCA_FINISH"},
- {ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT), "IBM_4758_CCA_INIT"},
- {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY), "IBM_4758_LOAD_PRIVKEY"},
- {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY), "IBM_4758_LOAD_PUBKEY"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA CCA4758_str_reasons[] = {
- {ERR_REASON(CCA4758_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD),
- "asn1 oid unknown for md"},
- {ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED),
- "command not implemented"},
- {ERR_REASON(CCA4758_R_DSO_FAILURE), "dso failure"},
- {ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY),
- "failed loading private key"},
- {ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY),
- "failed loading public key"},
- {ERR_REASON(CCA4758_R_NOT_LOADED), "not loaded"},
- {ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
- "size too large or too small"},
- {ERR_REASON(CCA4758_R_UNIT_FAILURE), "unit failure"},
- {ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef CCA4758_LIB_NAME
-static ERR_STRING_DATA CCA4758_lib_name[] = {
- {0, CCA4758_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int CCA4758_lib_error_code = 0;
-static int CCA4758_error_init = 1;
-
-static void ERR_load_CCA4758_strings(void)
-{
- if (CCA4758_lib_error_code == 0)
- CCA4758_lib_error_code = ERR_get_next_error_library();
-
- if (CCA4758_error_init) {
- CCA4758_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_functs);
- ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
- CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code, 0, 0);
- ERR_load_strings(0, CCA4758_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_CCA4758_strings(void)
-{
- if (CCA4758_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_functs);
- ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
- ERR_unload_strings(0, CCA4758_lib_name);
-#endif
- CCA4758_error_init = 1;
- }
-}
-
-static void ERR_CCA4758_error(int function, int reason, char *file, int line)
-{
- if (CCA4758_lib_error_code == 0)
- CCA4758_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(CCA4758_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_4758cca_err.h b/engines/e_4758cca_err.h
deleted file mode 100644
index 2f29d96fb7e2..000000000000
--- a/engines/e_4758cca_err.h
+++ /dev/null
@@ -1,98 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CCA4758_ERR_H
-# define HEADER_CCA4758_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CCA4758_strings(void);
-static void ERR_unload_CCA4758_strings(void);
-static void ERR_CCA4758_error(int function, int reason, char *file, int line);
-# define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CCA4758 functions. */
-
-/* Function codes. */
-# define CCA4758_F_CCA_RSA_SIGN 105
-# define CCA4758_F_CCA_RSA_VERIFY 106
-# define CCA4758_F_IBM_4758_CCA_CTRL 100
-# define CCA4758_F_IBM_4758_CCA_FINISH 101
-# define CCA4758_F_IBM_4758_CCA_INIT 102
-# define CCA4758_F_IBM_4758_LOAD_PRIVKEY 103
-# define CCA4758_F_IBM_4758_LOAD_PUBKEY 104
-
-/* Reason codes. */
-# define CCA4758_R_ALREADY_LOADED 100
-# define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD 101
-# define CCA4758_R_COMMAND_NOT_IMPLEMENTED 102
-# define CCA4758_R_DSO_FAILURE 103
-# define CCA4758_R_FAILED_LOADING_PRIVATE_KEY 104
-# define CCA4758_R_FAILED_LOADING_PUBLIC_KEY 105
-# define CCA4758_R_NOT_LOADED 106
-# define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107
-# define CCA4758_R_UNIT_FAILURE 108
-# define CCA4758_R_UNKNOWN_ALGORITHM_TYPE 109
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_aep.c b/engines/e_aep.c
deleted file mode 100644
index 4e97d29497e7..000000000000
--- a/engines/e_aep.c
+++ /dev/null
@@ -1,1167 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <string.h>
-
-#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) || defined(__MINGW32__)
-# include <sys/types.h>
-# include <unistd.h>
-#else
-# include <process.h>
-typedef int pid_t;
-#endif
-
-#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
-# define getpid GetThreadID
-extern int GetThreadID(void);
-#elif defined(_WIN32) && !defined(__WATCOMC__)
-# define getpid _getpid
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/buffer.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_AEP
-# ifdef FLAT_INC
-# include "aep.h"
-# else
-# include "vendor_defns/aep.h"
-# endif
-
-# define AEP_LIB_NAME "aep engine"
-# define FAIL_TO_SW 0x10101010
-
-# include "e_aep_err.c"
-
-static int aep_init(ENGINE *e);
-static int aep_finish(ENGINE *e);
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-static int aep_destroy(ENGINE *e);
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection);
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
-
-/* BIGNUM stuff */
-# ifndef OPENSSL_NO_RSA
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,
- const BIGNUM *dmq1, const BIGNUM *iqmp,
- BN_CTX *ctx);
-# endif
-
-/* RSA stuff */
-# ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-# endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-# ifndef OPENSSL_NO_RSA
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-# endif
-
-/* DSA stuff */
-# ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-/* DH stuff */
-/* This function is aliased to mod_exp (with the DH and mont dropped). */
-# ifndef OPENSSL_NO_DH
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-/* rand stuff */
-# ifdef AEPRAND
-static int aep_rand(unsigned char *buf, int num);
-static int aep_rand_status(void);
-# endif
-
-/* Bignum conversion stuff */
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize);
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
- unsigned char *AEP_BigNum);
-static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize,
- unsigned char *AEP_BigNum);
-
-/* The definitions for control commands specific to this engine */
-# define AEP_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN aep_cmd_defns[] = {
- {AEP_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'aep' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD aep_rsa = {
- "Aep RSA method",
- NULL, /* rsa_pub_encrypt */
- NULL, /* rsa_pub_decrypt */
- NULL, /* rsa_priv_encrypt */
- NULL, /* rsa_priv_encrypt */
- aep_rsa_mod_exp, /* rsa_mod_exp */
- aep_mod_exp_mont, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* rsa_sign */
- NULL, /* rsa_verify */
- NULL /* rsa_keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD aep_dsa = {
- "Aep DSA method",
- NULL, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- NULL, /* dsa_do_verify */
- aep_dsa_mod_exp, /* dsa_mod_exp */
- aep_mod_exp_dsa, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* dsa_paramgen */
- NULL /* dsa_keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD aep_dh = {
- "Aep DH method",
- NULL,
- NULL,
- aep_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-# ifdef AEPRAND
-/* our internal RAND_method that we provide pointers to */
-static RAND_METHOD aep_random = {
- /*
- * "AEP RAND method",
- */
- NULL,
- aep_rand,
- NULL,
- NULL,
- aep_rand,
- aep_rand_status,
-};
-# endif
-
-/*
- * Define an array of structures to hold connections
- */
-static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS];
-
-/*
- * Used to determine if this is a new process
- */
-static pid_t recorded_pid = 0;
-
-# ifdef AEPRAND
-static AEP_U8 rand_block[RAND_BLK_SIZE];
-static AEP_U32 rand_block_bytes = 0;
-# endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_aep_id = "aep";
-static const char *engine_aep_name = "Aep hardware engine support";
-
-static int max_key_len = 2176;
-
-/*
- * This internal function is used by ENGINE_aep() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_aep(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-# endif
-
- if (!ENGINE_set_id(e, engine_aep_id) ||
- !ENGINE_set_name(e, engine_aep_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &aep_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &aep_dsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &aep_dh) ||
-# endif
-# ifdef AEPRAND
- !ENGINE_set_RAND(e, &aep_random) ||
-# endif
- !ENGINE_set_init_function(e, aep_init) ||
- !ENGINE_set_destroy_function(e, aep_destroy) ||
- !ENGINE_set_finish_function(e, aep_finish) ||
- !ENGINE_set_ctrl_function(e, aep_ctrl) ||
- !ENGINE_set_cmd_defns(e, aep_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * aep-specific mod_exp and mod_exp_crt so we use those functions. NB: We
- * don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DSA
- /*
- * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
- */
- meth2 = DSA_OpenSSL();
- aep_dsa.dsa_do_sign = meth2->dsa_do_sign;
- aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
- aep_dsa.dsa_do_verify = meth2->dsa_do_verify;
-
- aep_dsa = *DSA_get_default_method();
- aep_dsa.dsa_mod_exp = aep_dsa_mod_exp;
- aep_dsa.bn_mod_exp = aep_mod_exp_dsa;
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- aep_dh.generate_key = meth3->generate_key;
- aep_dh.compute_key = meth3->compute_key;
- aep_dh.bn_mod_exp = meth3->bn_mod_exp;
-# endif
-
- /* Ensure the aep error handling is set up */
- ERR_load_AEPHK_strings();
-
- return 1;
-}
-
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_helper(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_aep_id) != 0))
- return 0;
- if (!bind_aep(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-# else
-static ENGINE *engine_aep(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_aep(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_aep(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_aep();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the Aep
- * library. NB: This is only set (or unset) during an init() or finish() call
- * (reference counts permitting) and they're operating with global locks, so
- * this should be thread-safe implicitly.
- */
-static DSO *aep_dso = NULL;
-
-/*
- * These are the static string constants for the DSO file name and the
- * function symbol names to bind to.
- */
-static const char *AEP_LIBNAME = NULL;
-static const char *get_AEP_LIBNAME(void)
-{
- if (AEP_LIBNAME)
- return AEP_LIBNAME;
- return "aep";
-}
-
-static void free_AEP_LIBNAME(void)
-{
- if (AEP_LIBNAME)
- OPENSSL_free((void *)AEP_LIBNAME);
- AEP_LIBNAME = NULL;
-}
-
-static long set_AEP_LIBNAME(const char *name)
-{
- free_AEP_LIBNAME();
- return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
-}
-
-static const char *AEP_F1 = "AEP_ModExp";
-static const char *AEP_F2 = "AEP_ModExpCrt";
-# ifdef AEPRAND
-static const char *AEP_F3 = "AEP_GenRandom";
-# endif
-static const char *AEP_F4 = "AEP_Finalize";
-static const char *AEP_F5 = "AEP_Initialize";
-static const char *AEP_F6 = "AEP_OpenConnection";
-static const char *AEP_F7 = "AEP_SetBNCallBacks";
-static const char *AEP_F8 = "AEP_CloseConnection";
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static t_AEP_OpenConnection *p_AEP_OpenConnection = NULL;
-static t_AEP_CloseConnection *p_AEP_CloseConnection = NULL;
-static t_AEP_ModExp *p_AEP_ModExp = NULL;
-static t_AEP_ModExpCrt *p_AEP_ModExpCrt = NULL;
-# ifdef AEPRAND
-static t_AEP_GenRandom *p_AEP_GenRandom = NULL;
-# endif
-static t_AEP_Initialize *p_AEP_Initialize = NULL;
-static t_AEP_Finalize *p_AEP_Finalize = NULL;
-static t_AEP_SetBNCallBacks *p_AEP_SetBNCallBacks = NULL;
-
-/* (de)initialisation functions. */
-static int aep_init(ENGINE *e)
-{
- t_AEP_ModExp *p1;
- t_AEP_ModExpCrt *p2;
-# ifdef AEPRAND
- t_AEP_GenRandom *p3;
-# endif
- t_AEP_Finalize *p4;
- t_AEP_Initialize *p5;
- t_AEP_OpenConnection *p6;
- t_AEP_SetBNCallBacks *p7;
- t_AEP_CloseConnection *p8;
-
- int to_return = 0;
-
- if (aep_dso != NULL) {
- AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libaep.so. */
-
- aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
-
- if (aep_dso == NULL) {
- AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- if (!(p1 = (t_AEP_ModExp *) DSO_bind_func(aep_dso, AEP_F1)) ||
- !(p2 = (t_AEP_ModExpCrt *) DSO_bind_func(aep_dso, AEP_F2)) ||
-# ifdef AEPRAND
- !(p3 = (t_AEP_GenRandom *) DSO_bind_func(aep_dso, AEP_F3)) ||
-# endif
- !(p4 = (t_AEP_Finalize *) DSO_bind_func(aep_dso, AEP_F4)) ||
- !(p5 = (t_AEP_Initialize *) DSO_bind_func(aep_dso, AEP_F5)) ||
- !(p6 = (t_AEP_OpenConnection *) DSO_bind_func(aep_dso, AEP_F6)) ||
- !(p7 = (t_AEP_SetBNCallBacks *) DSO_bind_func(aep_dso, AEP_F7)) ||
- !(p8 = (t_AEP_CloseConnection *) DSO_bind_func(aep_dso, AEP_F8))) {
- AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- /* Copy the pointers */
-
- p_AEP_ModExp = p1;
- p_AEP_ModExpCrt = p2;
-# ifdef AEPRAND
- p_AEP_GenRandom = p3;
-# endif
- p_AEP_Finalize = p4;
- p_AEP_Initialize = p5;
- p_AEP_OpenConnection = p6;
- p_AEP_SetBNCallBacks = p7;
- p_AEP_CloseConnection = p8;
-
- to_return = 1;
-
- return to_return;
-
- err:
-
- if (aep_dso)
- DSO_free(aep_dso);
- aep_dso = NULL;
-
- p_AEP_OpenConnection = NULL;
- p_AEP_ModExp = NULL;
- p_AEP_ModExpCrt = NULL;
-# ifdef AEPRAND
- p_AEP_GenRandom = NULL;
-# endif
- p_AEP_Initialize = NULL;
- p_AEP_Finalize = NULL;
- p_AEP_SetBNCallBacks = NULL;
- p_AEP_CloseConnection = NULL;
-
- return to_return;
-}
-
-/* Destructor (complements the "ENGINE_aep()" constructor) */
-static int aep_destroy(ENGINE *e)
-{
- free_AEP_LIBNAME();
- ERR_unload_AEPHK_strings();
- return 1;
-}
-
-static int aep_finish(ENGINE *e)
-{
- int to_return = 0, in_use;
- AEP_RV rv;
-
- if (aep_dso == NULL) {
- AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- rv = aep_close_all_connections(0, &in_use);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CLOSE_HANDLES_FAILED);
- goto err;
- }
- if (in_use) {
- AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CONNECTIONS_IN_USE);
- goto err;
- }
-
- rv = p_AEP_Finalize();
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_FINALIZE_FAILED);
- goto err;
- }
-
- if (!DSO_free(aep_dso)) {
- AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_UNIT_FAILURE);
- goto err;
- }
-
- aep_dso = NULL;
- p_AEP_CloseConnection = NULL;
- p_AEP_OpenConnection = NULL;
- p_AEP_ModExp = NULL;
- p_AEP_ModExpCrt = NULL;
-# ifdef AEPRAND
- p_AEP_GenRandom = NULL;
-# endif
- p_AEP_Initialize = NULL;
- p_AEP_Finalize = NULL;
- p_AEP_SetBNCallBacks = NULL;
-
- to_return = 1;
- err:
- return to_return;
-}
-
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int initialised = ((aep_dso == NULL) ? 0 : 1);
- switch (cmd) {
- case AEP_CMD_SO_PATH:
- if (p == NULL) {
- AEPHKerr(AEPHK_F_AEP_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (initialised) {
- AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_ALREADY_LOADED);
- return 0;
- }
- return set_AEP_LIBNAME((const char *)p);
- default:
- break;
- }
- AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- int to_return = 0;
- int r_len = 0;
- AEP_CONNECTION_HNDL hConnection;
- AEP_RV rv;
-
- r_len = BN_num_bits(m);
-
- /* Perform in software if modulus is too large for hardware. */
-
- if (r_len > max_key_len) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- /*
- * Grab a connection from the pool
- */
- rv = aep_get_connection(&hConnection);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_GET_HANDLE_FAILED);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- /*
- * To the card with the mod exp
- */
- rv = p_AEP_ModExp(hConnection, (void *)a, (void *)p, (void *)m, (void *)r,
- NULL);
-
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_MOD_EXP_FAILED);
- rv = aep_close_connection(hConnection);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- /*
- * Return the connection to the pool
- */
- rv = aep_return_connection(hConnection);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_RETURN_CONNECTION_FAILED);
- goto err;
- }
-
- to_return = 1;
- err:
- return to_return;
-}
-
-# ifndef OPENSSL_NO_RSA
-static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,
- const BIGNUM *dmq1, const BIGNUM *iqmp,
- BN_CTX *ctx)
-{
- AEP_RV rv = AEP_R_OK;
- AEP_CONNECTION_HNDL hConnection;
-
- /*
- * Grab a connection from the pool
- */
- rv = aep_get_connection(&hConnection);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_GET_HANDLE_FAILED);
- return FAIL_TO_SW;
- }
-
- /*
- * To the card with the mod exp
- */
- rv = p_AEP_ModExpCrt(hConnection, (void *)a, (void *)p, (void *)q,
- (void *)dmp1, (void *)dmq1, (void *)iqmp, (void *)r,
- NULL);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_MOD_EXP_CRT_FAILED);
- rv = aep_close_connection(hConnection);
- return FAIL_TO_SW;
- }
-
- /*
- * Return the connection to the pool
- */
- rv = aep_return_connection(hConnection);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_RETURN_CONNECTION_FAILED);
- goto err;
- }
-
- err:
- return rv;
-}
-# endif
-
-# ifdef AEPRAND
-static int aep_rand(unsigned char *buf, int len)
-{
- AEP_RV rv = AEP_R_OK;
- AEP_CONNECTION_HNDL hConnection;
-
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
- /*
- * Can the request be serviced with what's already in the buffer?
- */
- if (len <= rand_block_bytes) {
- memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
- rand_block_bytes -= len;
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- } else
- /*
- * If not the get another block of random bytes
- */
- {
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
- rv = aep_get_connection(&hConnection);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_HANDLE_FAILED);
- goto err_nounlock;
- }
-
- if (len > RAND_BLK_SIZE) {
- rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED);
- goto err_nounlock;
- }
- } else {
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
- rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2,
- &rand_block[0], NULL);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED);
-
- goto err;
- }
-
- rand_block_bytes = RAND_BLK_SIZE;
-
- memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
- rand_block_bytes -= len;
-
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- }
-
- rv = aep_return_connection(hConnection);
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_RETURN_CONNECTION_FAILED);
-
- goto err_nounlock;
- }
- }
-
- return 1;
- err:
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- err_nounlock:
- return 0;
-}
-
-static int aep_rand_status(void)
-{
- return 1;
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
- int to_return = 0;
- AEP_RV rv = AEP_R_OK;
-
- if (!aep_dso) {
- AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- /*
- * See if we have all the necessary bits for a crt
- */
- if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
- rv = aep_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1,
- rsa->iqmp, ctx);
-
- if (rv == FAIL_TO_SW) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
- goto err;
- } else if (rv != AEP_R_OK)
- goto err;
- } else {
- if (!rsa->d || !rsa->n) {
- AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- rv = aep_mod_exp(r0, I, rsa->d, rsa->n, ctx);
- if (rv != AEP_R_OK)
- goto err;
-
- }
-
- to_return = 1;
-
- err:
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- BIGNUM t;
- int to_return = 0;
- BN_init(&t);
-
- /* let rr = a1 ^ p1 mod m */
- if (!aep_mod_exp(rr, a1, p1, m, ctx))
- goto end;
- /* let t = a2 ^ p2 mod m */
- if (!aep_mod_exp(&t, a2, p2, m, ctx))
- goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr, rr, &t, m, ctx))
- goto end;
- to_return = 1;
- end:
- BN_free(&t);
- return to_return;
-}
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return aep_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return aep_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return aep_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
-{
- int count;
- AEP_RV rv = AEP_R_OK;
-
- /*
- * Get the current process id
- */
- pid_t curr_pid;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
- curr_pid = getpid();
-
- /*
- * Check if this is the first time this is being called from the current
- * process
- */
- if (recorded_pid != curr_pid) {
- /*
- * Remember our pid so we can check if we're in a new process
- */
- recorded_pid = curr_pid;
-
- /*
- * Call Finalize to make sure we have not inherited some data from a
- * parent process
- */
- p_AEP_Finalize();
-
- /*
- * Initialise the AEP API
- */
- rv = p_AEP_Initialize(NULL);
-
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_INIT_FAILURE);
- recorded_pid = 0;
- goto end;
- }
-
- /*
- * Set the AEP big num call back functions
- */
- rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum,
- &ConvertAEPBigNum);
-
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,
- AEPHK_R_SETBNCALLBACK_FAILURE);
- recorded_pid = 0;
- goto end;
- }
-# ifdef AEPRAND
- /*
- * Reset the rand byte count
- */
- rand_block_bytes = 0;
-# endif
-
- /*
- * Init the structures
- */
- for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
- aep_app_conn_table[count].conn_state = NotConnected;
- aep_app_conn_table[count].conn_hndl = 0;
- }
-
- /*
- * Open a connection
- */
- rv = p_AEP_OpenConnection(phConnection);
-
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE);
- recorded_pid = 0;
- goto end;
- }
-
- aep_app_conn_table[0].conn_state = InUse;
- aep_app_conn_table[0].conn_hndl = *phConnection;
- goto end;
- }
- /*
- * Check the existing connections to see if we can find a free one
- */
- for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
- if (aep_app_conn_table[count].conn_state == Connected) {
- aep_app_conn_table[count].conn_state = InUse;
- *phConnection = aep_app_conn_table[count].conn_hndl;
- goto end;
- }
- }
- /*
- * If no connections available, we're going to have to try to open a new
- * one
- */
- for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
- if (aep_app_conn_table[count].conn_state == NotConnected) {
- /*
- * Open a connection
- */
- rv = p_AEP_OpenConnection(phConnection);
-
- if (rv != AEP_R_OK) {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE);
- goto end;
- }
-
- aep_app_conn_table[count].conn_state = InUse;
- aep_app_conn_table[count].conn_hndl = *phConnection;
- goto end;
- }
- }
- rv = AEP_R_GENERAL_ERROR;
- end:
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return rv;
-}
-
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection)
-{
- int count;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
- /*
- * Find the connection item that matches this connection handle
- */
- for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
- if (aep_app_conn_table[count].conn_hndl == hConnection) {
- aep_app_conn_table[count].conn_state = Connected;
- break;
- }
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-
- return AEP_R_OK;
-}
-
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection)
-{
- int count;
- AEP_RV rv = AEP_R_OK;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
- /*
- * Find the connection item that matches this connection handle
- */
- for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
- if (aep_app_conn_table[count].conn_hndl == hConnection) {
- rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
- if (rv != AEP_R_OK)
- goto end;
- aep_app_conn_table[count].conn_state = NotConnected;
- aep_app_conn_table[count].conn_hndl = 0;
- break;
- }
- }
-
- end:
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return rv;
-}
-
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use)
-{
- int count;
- AEP_RV rv = AEP_R_OK;
-
- *in_use = 0;
- if (use_engine_lock)
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
- switch (aep_app_conn_table[count].conn_state) {
- case Connected:
- rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
- if (rv != AEP_R_OK)
- goto end;
- aep_app_conn_table[count].conn_state = NotConnected;
- aep_app_conn_table[count].conn_hndl = 0;
- break;
- case InUse:
- (*in_use)++;
- break;
- case NotConnected:
- break;
- }
- }
- end:
- if (use_engine_lock)
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return rv;
-}
-
-/*
- * BigNum call back functions, used to convert OpenSSL bignums into AEP
- * bignums. Note only 32bit Openssl build support
- */
-
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize)
-{
- BIGNUM *bn;
-
- /*
- * Cast the ArbBigNum pointer to our BIGNUM struct
- */
- bn = (BIGNUM *)ArbBigNum;
-
-# ifdef SIXTY_FOUR_BIT_LONG
- *BigNumSize = bn->top << 3;
-# else
- /*
- * Size of the bignum in bytes is equal to the bn->top (no of 32 bit
- * words) multiplies by 4
- */
- *BigNumSize = bn->top << 2;
-# endif
-
- return AEP_R_OK;
-}
-
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
- unsigned char *AEP_BigNum)
-{
- BIGNUM *bn;
-
-# ifndef SIXTY_FOUR_BIT_LONG
- unsigned char *buf;
- int i;
-# endif
-
- /*
- * Cast the ArbBigNum pointer to our BIGNUM struct
- */
- bn = (BIGNUM *)ArbBigNum;
-
-# ifdef SIXTY_FOUR_BIT_LONG
- memcpy(AEP_BigNum, bn->d, BigNumSize);
-# else
- /*
- * Must copy data into a (monotone) least significant byte first format
- * performing endian conversion if necessary
- */
- for (i = 0; i < bn->top; i++) {
- buf = (unsigned char *)&bn->d[i];
-
- *((AEP_U32 *)AEP_BigNum) = (AEP_U32)
- ((unsigned)buf[1] << 8 | buf[0]) |
- ((unsigned)buf[3] << 8 | buf[2]) << 16;
-
- AEP_BigNum += 4;
- }
-# endif
-
- return AEP_R_OK;
-}
-
-/*
- * Turn an AEP Big Num back to a user big num
- */
-static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize,
- unsigned char *AEP_BigNum)
-{
- BIGNUM *bn;
-# ifndef SIXTY_FOUR_BIT_LONG
- int i;
-# endif
-
- bn = (BIGNUM *)ArbBigNum;
-
- /*
- * Expand the result bn so that it can hold our big num. Size is in bits
- */
- if (bn_expand(bn, (int)(BigNumSize << 3)) == NULL)
- return AEP_R_HOST_MEMORY;
-
-# ifdef SIXTY_FOUR_BIT_LONG
- bn->top = BigNumSize >> 3;
-
- if ((BigNumSize & 7) != 0)
- bn->top++;
-
- memset(bn->d, 0, bn->top << 3);
-
- memcpy(bn->d, AEP_BigNum, BigNumSize);
-# else
- bn->top = BigNumSize >> 2;
-
- for (i = 0; i < bn->top; i++) {
- bn->d[i] = (AEP_U32)
- ((unsigned)AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 |
- ((unsigned)AEP_BigNum[1] << 8 | AEP_BigNum[0]);
- AEP_BigNum += 4;
- }
-# endif
-
- return AEP_R_OK;
-}
-
-# endif /* !OPENSSL_NO_HW_AEP */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_aep_err.c b/engines/e_aep_err.c
deleted file mode 100644
index 718db3796480..000000000000
--- a/engines/e_aep_err.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/* e_aep_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_aep_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA AEPHK_str_functs[] = {
- {ERR_FUNC(AEPHK_F_AEP_CTRL), "AEP_CTRL"},
- {ERR_FUNC(AEPHK_F_AEP_FINISH), "AEP_FINISH"},
- {ERR_FUNC(AEPHK_F_AEP_GET_CONNECTION), "AEP_GET_CONNECTION"},
- {ERR_FUNC(AEPHK_F_AEP_INIT), "AEP_INIT"},
- {ERR_FUNC(AEPHK_F_AEP_MOD_EXP), "AEP_MOD_EXP"},
- {ERR_FUNC(AEPHK_F_AEP_MOD_EXP_CRT), "AEP_MOD_EXP_CRT"},
- {ERR_FUNC(AEPHK_F_AEP_RAND), "AEP_RAND"},
- {ERR_FUNC(AEPHK_F_AEP_RSA_MOD_EXP), "AEP_RSA_MOD_EXP"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA AEPHK_str_reasons[] = {
- {ERR_REASON(AEPHK_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(AEPHK_R_CLOSE_HANDLES_FAILED), "close handles failed"},
- {ERR_REASON(AEPHK_R_CONNECTIONS_IN_USE), "connections in use"},
- {ERR_REASON(AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(AEPHK_R_FINALIZE_FAILED), "finalize failed"},
- {ERR_REASON(AEPHK_R_GET_HANDLE_FAILED), "get handle failed"},
- {ERR_REASON(AEPHK_R_GET_RANDOM_FAILED), "get random failed"},
- {ERR_REASON(AEPHK_R_INIT_FAILURE), "init failure"},
- {ERR_REASON(AEPHK_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {ERR_REASON(AEPHK_R_MOD_EXP_CRT_FAILED), "mod exp crt failed"},
- {ERR_REASON(AEPHK_R_MOD_EXP_FAILED), "mod exp failed"},
- {ERR_REASON(AEPHK_R_NOT_LOADED), "not loaded"},
- {ERR_REASON(AEPHK_R_OK), "ok"},
- {ERR_REASON(AEPHK_R_RETURN_CONNECTION_FAILED),
- "return connection failed"},
- {ERR_REASON(AEPHK_R_SETBNCALLBACK_FAILURE), "setbncallback failure"},
- {ERR_REASON(AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
- "size too large or too small"},
- {ERR_REASON(AEPHK_R_UNIT_FAILURE), "unit failure"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef AEPHK_LIB_NAME
-static ERR_STRING_DATA AEPHK_lib_name[] = {
- {0, AEPHK_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int AEPHK_lib_error_code = 0;
-static int AEPHK_error_init = 1;
-
-static void ERR_load_AEPHK_strings(void)
-{
- if (AEPHK_lib_error_code == 0)
- AEPHK_lib_error_code = ERR_get_next_error_library();
-
- if (AEPHK_error_init) {
- AEPHK_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_functs);
- ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
- AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code, 0, 0);
- ERR_load_strings(0, AEPHK_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_AEPHK_strings(void)
-{
- if (AEPHK_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_functs);
- ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
- ERR_unload_strings(0, AEPHK_lib_name);
-#endif
- AEPHK_error_init = 1;
- }
-}
-
-static void ERR_AEPHK_error(int function, int reason, char *file, int line)
-{
- if (AEPHK_lib_error_code == 0)
- AEPHK_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(AEPHK_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_aep_err.h b/engines/e_aep_err.h
deleted file mode 100644
index 2ed01147c2f1..000000000000
--- a/engines/e_aep_err.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_AEPHK_ERR_H
-# define HEADER_AEPHK_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_AEPHK_strings(void);
-static void ERR_unload_AEPHK_strings(void);
-static void ERR_AEPHK_error(int function, int reason, char *file, int line);
-# define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the AEPHK functions. */
-
-/* Function codes. */
-# define AEPHK_F_AEP_CTRL 100
-# define AEPHK_F_AEP_FINISH 101
-# define AEPHK_F_AEP_GET_CONNECTION 102
-# define AEPHK_F_AEP_INIT 103
-# define AEPHK_F_AEP_MOD_EXP 104
-# define AEPHK_F_AEP_MOD_EXP_CRT 105
-# define AEPHK_F_AEP_RAND 106
-# define AEPHK_F_AEP_RSA_MOD_EXP 107
-
-/* Reason codes. */
-# define AEPHK_R_ALREADY_LOADED 100
-# define AEPHK_R_CLOSE_HANDLES_FAILED 101
-# define AEPHK_R_CONNECTIONS_IN_USE 102
-# define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-# define AEPHK_R_FINALIZE_FAILED 104
-# define AEPHK_R_GET_HANDLE_FAILED 105
-# define AEPHK_R_GET_RANDOM_FAILED 106
-# define AEPHK_R_INIT_FAILURE 107
-# define AEPHK_R_MISSING_KEY_COMPONENTS 108
-# define AEPHK_R_MOD_EXP_CRT_FAILED 109
-# define AEPHK_R_MOD_EXP_FAILED 110
-# define AEPHK_R_NOT_LOADED 111
-# define AEPHK_R_OK 112
-# define AEPHK_R_RETURN_CONNECTION_FAILED 113
-# define AEPHK_R_SETBNCALLBACK_FAILURE 114
-# define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL 116
-# define AEPHK_R_UNIT_FAILURE 115
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_afalg.c b/engines/e_afalg.c
new file mode 100644
index 000000000000..f09c396ed923
--- /dev/null
+++ b/engines/e_afalg.c
@@ -0,0 +1,870 @@
+/*
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Required for vmsplice */
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE
+#endif
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <openssl/engine.h>
+#include <openssl/async.h>
+#include <openssl/err.h>
+#include "internal/nelem.h"
+
+#include <sys/socket.h>
+#include <linux/version.h>
+#define K_MAJ 4
+#define K_MIN1 1
+#define K_MIN2 0
+#if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2) || \
+ !defined(AF_ALG)
+# ifndef PEDANTIC
+# warning "AFALG ENGINE requires Kernel Headers >= 4.1.0"
+# warning "Skipping Compilation of AFALG engine"
+# endif
+void engine_load_afalg_int(void);
+void engine_load_afalg_int(void)
+{
+}
+#else
+
+# include <linux/if_alg.h>
+# include <fcntl.h>
+# include <sys/utsname.h>
+
+# include <linux/aio_abi.h>
+# include <sys/syscall.h>
+# include <errno.h>
+
+# include "e_afalg.h"
+# include "e_afalg_err.c"
+
+# ifndef SOL_ALG
+# define SOL_ALG 279
+# endif
+
+# ifdef ALG_ZERO_COPY
+# ifndef SPLICE_F_GIFT
+# define SPLICE_F_GIFT (0x08)
+# endif
+# endif
+
+# define ALG_AES_IV_LEN 16
+# define ALG_IV_LEN(len) (sizeof(struct af_alg_iv) + (len))
+# define ALG_OP_TYPE unsigned int
+# define ALG_OP_LEN (sizeof(ALG_OP_TYPE))
+
+#define ALG_MAX_SALG_NAME 64
+#define ALG_MAX_SALG_TYPE 14
+
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+void engine_load_afalg_int(void);
+# endif
+
+/* Local Linkage Functions */
+static int afalg_init_aio(afalg_aio *aio);
+static int afalg_fin_cipher_aio(afalg_aio *ptr, int sfd,
+ unsigned char *buf, size_t len);
+static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
+ const char *ciphername);
+static int afalg_destroy(ENGINE *e);
+static int afalg_init(ENGINE *e);
+static int afalg_finish(ENGINE *e);
+static const EVP_CIPHER *afalg_aes_cbc(int nid);
+static cbc_handles *get_cipher_handle(int nid);
+static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+ const int **nids, int nid);
+static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);
+static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx);
+static int afalg_chk_platform(void);
+
+/* Engine Id and Name */
+static const char *engine_afalg_id = "afalg";
+static const char *engine_afalg_name = "AFALG engine support";
+
+static int afalg_cipher_nids[] = {
+ NID_aes_128_cbc,
+ NID_aes_192_cbc,
+ NID_aes_256_cbc,
+};
+
+static cbc_handles cbc_handle[] = {{AES_KEY_SIZE_128, NULL},
+ {AES_KEY_SIZE_192, NULL},
+ {AES_KEY_SIZE_256, NULL}};
+
+static ossl_inline int io_setup(unsigned n, aio_context_t *ctx)
+{
+ return syscall(__NR_io_setup, n, ctx);
+}
+
+static ossl_inline int eventfd(int n)
+{
+ return syscall(__NR_eventfd2, n, 0);
+}
+
+static ossl_inline int io_destroy(aio_context_t ctx)
+{
+ return syscall(__NR_io_destroy, ctx);
+}
+
+static ossl_inline int io_read(aio_context_t ctx, long n, struct iocb **iocb)
+{
+ return syscall(__NR_io_submit, ctx, n, iocb);
+}
+
+static ossl_inline int io_getevents(aio_context_t ctx, long min, long max,
+ struct io_event *events,
+ struct timespec *timeout)
+{
+ return syscall(__NR_io_getevents, ctx, min, max, events, timeout);
+}
+
+static void afalg_waitfd_cleanup(ASYNC_WAIT_CTX *ctx, const void *key,
+ OSSL_ASYNC_FD waitfd, void *custom)
+{
+ close(waitfd);
+}
+
+static int afalg_setup_async_event_notification(afalg_aio *aio)
+{
+ ASYNC_JOB *job;
+ ASYNC_WAIT_CTX *waitctx;
+ void *custom = NULL;
+ int ret;
+
+ if ((job = ASYNC_get_current_job()) != NULL) {
+ /* Async mode */
+ waitctx = ASYNC_get_wait_ctx(job);
+ if (waitctx == NULL) {
+ ALG_WARN("%s(%d): ASYNC_get_wait_ctx error", __FILE__, __LINE__);
+ return 0;
+ }
+ /* Get waitfd from ASYNC_WAIT_CTX if it is already set */
+ ret = ASYNC_WAIT_CTX_get_fd(waitctx, engine_afalg_id,
+ &aio->efd, &custom);
+ if (ret == 0) {
+ /*
+ * waitfd is not set in ASYNC_WAIT_CTX, create a new one
+ * and set it. efd will be signaled when AIO operation completes
+ */
+ aio->efd = eventfd(0);
+ if (aio->efd == -1) {
+ ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__,
+ __LINE__);
+ AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION,
+ AFALG_R_EVENTFD_FAILED);
+ return 0;
+ }
+ ret = ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_afalg_id,
+ aio->efd, custom,
+ afalg_waitfd_cleanup);
+ if (ret == 0) {
+ ALG_WARN("%s(%d): Failed to set wait fd", __FILE__, __LINE__);
+ close(aio->efd);
+ return 0;
+ }
+ /* make fd non-blocking in async mode */
+ if (fcntl(aio->efd, F_SETFL, O_NONBLOCK) != 0) {
+ ALG_WARN("%s(%d): Failed to set event fd as NONBLOCKING",
+ __FILE__, __LINE__);
+ }
+ }
+ aio->mode = MODE_ASYNC;
+ } else {
+ /* Sync mode */
+ aio->efd = eventfd(0);
+ if (aio->efd == -1) {
+ ALG_PERR("%s(%d): Failed to get eventfd : ", __FILE__, __LINE__);
+ AFALGerr(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION,
+ AFALG_R_EVENTFD_FAILED);
+ return 0;
+ }
+ aio->mode = MODE_SYNC;
+ }
+ return 1;
+}
+
+static int afalg_init_aio(afalg_aio *aio)
+{
+ int r = -1;
+
+ /* Initialise for AIO */
+ aio->aio_ctx = 0;
+ r = io_setup(MAX_INFLIGHTS, &aio->aio_ctx);
+ if (r < 0) {
+ ALG_PERR("%s(%d): io_setup error : ", __FILE__, __LINE__);
+ AFALGerr(AFALG_F_AFALG_INIT_AIO, AFALG_R_IO_SETUP_FAILED);
+ return 0;
+ }
+
+ memset(aio->cbt, 0, sizeof(aio->cbt));
+ aio->efd = -1;
+ aio->mode = MODE_UNINIT;
+
+ return 1;
+}
+
+static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
+ size_t len)
+{
+ int r;
+ int retry = 0;
+ unsigned int done = 0;
+ struct iocb *cb;
+ struct timespec timeout;
+ struct io_event events[MAX_INFLIGHTS];
+ u_int64_t eval = 0;
+
+ timeout.tv_sec = 0;
+ timeout.tv_nsec = 0;
+
+ /* if efd has not been initialised yet do it here */
+ if (aio->mode == MODE_UNINIT) {
+ r = afalg_setup_async_event_notification(aio);
+ if (r == 0)
+ return 0;
+ }
+
+ cb = &(aio->cbt[0 % MAX_INFLIGHTS]);
+ memset(cb, '\0', sizeof(*cb));
+ cb->aio_fildes = sfd;
+ cb->aio_lio_opcode = IOCB_CMD_PREAD;
+ /*
+ * The pointer has to be converted to unsigned value first to avoid
+ * sign extension on cast to 64 bit value in 32-bit builds
+ */
+ cb->aio_buf = (size_t)buf;
+ cb->aio_offset = 0;
+ cb->aio_data = 0;
+ cb->aio_nbytes = len;
+ cb->aio_flags = IOCB_FLAG_RESFD;
+ cb->aio_resfd = aio->efd;
+
+ /*
+ * Perform AIO read on AFALG socket, this in turn performs an async
+ * crypto operation in kernel space
+ */
+ r = io_read(aio->aio_ctx, 1, &cb);
+ if (r < 0) {
+ ALG_PWARN("%s(%d): io_read failed : ", __FILE__, __LINE__);
+ return 0;
+ }
+
+ do {
+ /* While AIO read is being performed pause job */
+ ASYNC_pause_job();
+
+ /* Check for completion of AIO read */
+ r = read(aio->efd, &eval, sizeof(eval));
+ if (r < 0) {
+ if (errno == EAGAIN || errno == EWOULDBLOCK)
+ continue;
+ ALG_PERR("%s(%d): read failed for event fd : ", __FILE__, __LINE__);
+ return 0;
+ } else if (r == 0 || eval <= 0) {
+ ALG_WARN("%s(%d): eventfd read %d bytes, eval = %lu\n", __FILE__,
+ __LINE__, r, eval);
+ }
+ if (eval > 0) {
+
+ /* Get results of AIO read */
+ r = io_getevents(aio->aio_ctx, 1, MAX_INFLIGHTS,
+ events, &timeout);
+ if (r > 0) {
+ /*
+ * events.res indicates the actual status of the operation.
+ * Handle the error condition first.
+ */
+ if (events[0].res < 0) {
+ /*
+ * Underlying operation cannot be completed at the time
+ * of previous submission. Resubmit for the operation.
+ */
+ if (events[0].res == -EBUSY && retry++ < 3) {
+ r = io_read(aio->aio_ctx, 1, &cb);
+ if (r < 0) {
+ ALG_PERR("%s(%d): retry %d for io_read failed : ",
+ __FILE__, __LINE__, retry);
+ return 0;
+ }
+ continue;
+ } else {
+ /*
+ * Retries exceed for -EBUSY or unrecoverable error
+ * condition for this instance of operation.
+ */
+ ALG_WARN
+ ("%s(%d): Crypto Operation failed with code %lld\n",
+ __FILE__, __LINE__, events[0].res);
+ return 0;
+ }
+ }
+ /* Operation successful. */
+ done = 1;
+ } else if (r < 0) {
+ ALG_PERR("%s(%d): io_getevents failed : ", __FILE__, __LINE__);
+ return 0;
+ } else {
+ ALG_WARN("%s(%d): io_geteventd read 0 bytes\n", __FILE__,
+ __LINE__);
+ }
+ }
+ } while (!done);
+
+ return 1;
+}
+
+static ossl_inline void afalg_set_op_sk(struct cmsghdr *cmsg,
+ const ALG_OP_TYPE op)
+{
+ cmsg->cmsg_level = SOL_ALG;
+ cmsg->cmsg_type = ALG_SET_OP;
+ cmsg->cmsg_len = CMSG_LEN(ALG_OP_LEN);
+ memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN);
+}
+
+static void afalg_set_iv_sk(struct cmsghdr *cmsg, const unsigned char *iv,
+ const unsigned int len)
+{
+ struct af_alg_iv *aiv;
+
+ cmsg->cmsg_level = SOL_ALG;
+ cmsg->cmsg_type = ALG_SET_IV;
+ cmsg->cmsg_len = CMSG_LEN(ALG_IV_LEN(len));
+ aiv = (struct af_alg_iv *)CMSG_DATA(cmsg);
+ aiv->ivlen = len;
+ memcpy(aiv->iv, iv, len);
+}
+
+static ossl_inline int afalg_set_key(afalg_ctx *actx, const unsigned char *key,
+ const int klen)
+{
+ int ret;
+ ret = setsockopt(actx->bfd, SOL_ALG, ALG_SET_KEY, key, klen);
+ if (ret < 0) {
+ ALG_PERR("%s(%d): Failed to set socket option : ", __FILE__, __LINE__);
+ AFALGerr(AFALG_F_AFALG_SET_KEY, AFALG_R_SOCKET_SET_KEY_FAILED);
+ return 0;
+ }
+ return 1;
+}
+
+static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
+ const char *ciphername)
+{
+ struct sockaddr_alg sa;
+ int r = -1;
+
+ actx->bfd = actx->sfd = -1;
+
+ memset(&sa, 0, sizeof(sa));
+ sa.salg_family = AF_ALG;
+ strncpy((char *) sa.salg_type, ciphertype, ALG_MAX_SALG_TYPE);
+ sa.salg_type[ALG_MAX_SALG_TYPE-1] = '\0';
+ strncpy((char *) sa.salg_name, ciphername, ALG_MAX_SALG_NAME);
+ sa.salg_name[ALG_MAX_SALG_NAME-1] = '\0';
+
+ actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
+ if (actx->bfd == -1) {
+ ALG_PERR("%s(%d): Failed to open socket : ", __FILE__, __LINE__);
+ AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_CREATE_FAILED);
+ goto err;
+ }
+
+ r = bind(actx->bfd, (struct sockaddr *)&sa, sizeof(sa));
+ if (r < 0) {
+ ALG_PERR("%s(%d): Failed to bind socket : ", __FILE__, __LINE__);
+ AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_BIND_FAILED);
+ goto err;
+ }
+
+ actx->sfd = accept(actx->bfd, NULL, 0);
+ if (actx->sfd < 0) {
+ ALG_PERR("%s(%d): Socket Accept Failed : ", __FILE__, __LINE__);
+ AFALGerr(AFALG_F_AFALG_CREATE_SK, AFALG_R_SOCKET_ACCEPT_FAILED);
+ goto err;
+ }
+
+ return 1;
+
+ err:
+ if (actx->bfd >= 0)
+ close(actx->bfd);
+ if (actx->sfd >= 0)
+ close(actx->sfd);
+ actx->bfd = actx->sfd = -1;
+ return 0;
+}
+
+static int afalg_start_cipher_sk(afalg_ctx *actx, const unsigned char *in,
+ size_t inl, const unsigned char *iv,
+ unsigned int enc)
+{
+ struct msghdr msg = { 0 };
+ struct cmsghdr *cmsg;
+ struct iovec iov;
+ ssize_t sbytes;
+# ifdef ALG_ZERO_COPY
+ int ret;
+# endif
+ char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)];
+
+ memset(cbuf, 0, sizeof(cbuf));
+ msg.msg_control = cbuf;
+ msg.msg_controllen = sizeof(cbuf);
+
+ /*
+ * cipher direction (i.e. encrypt or decrypt) and iv are sent to the
+ * kernel as part of sendmsg()'s ancillary data
+ */
+ cmsg = CMSG_FIRSTHDR(&msg);
+ afalg_set_op_sk(cmsg, enc);
+ cmsg = CMSG_NXTHDR(&msg, cmsg);
+ afalg_set_iv_sk(cmsg, iv, ALG_AES_IV_LEN);
+
+ /* iov that describes input data */
+ iov.iov_base = (unsigned char *)in;
+ iov.iov_len = inl;
+
+ msg.msg_flags = MSG_MORE;
+
+# ifdef ALG_ZERO_COPY
+ /*
+ * ZERO_COPY mode
+ * Works best when buffer is 4k aligned
+ * OPENS: out of place processing (i.e. out != in)
+ */
+
+ /* Input data is not sent as part of call to sendmsg() */
+ msg.msg_iovlen = 0;
+ msg.msg_iov = NULL;
+
+ /* Sendmsg() sends iv and cipher direction to the kernel */
+ sbytes = sendmsg(actx->sfd, &msg, 0);
+ if (sbytes < 0) {
+ ALG_PERR("%s(%d): sendmsg failed for zero copy cipher operation : ",
+ __FILE__, __LINE__);
+ return 0;
+ }
+
+ /*
+ * vmsplice and splice are used to pin the user space input buffer for
+ * kernel space processing avoiding copys from user to kernel space
+ */
+ ret = vmsplice(actx->zc_pipe[1], &iov, 1, SPLICE_F_GIFT);
+ if (ret < 0) {
+ ALG_PERR("%s(%d): vmsplice failed : ", __FILE__, __LINE__);
+ return 0;
+ }
+
+ ret = splice(actx->zc_pipe[0], NULL, actx->sfd, NULL, inl, 0);
+ if (ret < 0) {
+ ALG_PERR("%s(%d): splice failed : ", __FILE__, __LINE__);
+ return 0;
+ }
+# else
+ msg.msg_iovlen = 1;
+ msg.msg_iov = &iov;
+
+ /* Sendmsg() sends iv, cipher direction and input data to the kernel */
+ sbytes = sendmsg(actx->sfd, &msg, 0);
+ if (sbytes < 0) {
+ ALG_PERR("%s(%d): sendmsg failed for cipher operation : ", __FILE__,
+ __LINE__);
+ return 0;
+ }
+
+ if (sbytes != (ssize_t) inl) {
+ ALG_WARN("Cipher operation send bytes %zd != inlen %zd\n", sbytes,
+ inl);
+ return 0;
+ }
+# endif
+
+ return 1;
+}
+
+static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ int ciphertype;
+ int ret;
+ afalg_ctx *actx;
+ char ciphername[ALG_MAX_SALG_NAME];
+
+ if (ctx == NULL || key == NULL) {
+ ALG_WARN("%s(%d): Null Parameter\n", __FILE__, __LINE__);
+ return 0;
+ }
+
+ if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
+ ALG_WARN("%s(%d): Cipher object NULL\n", __FILE__, __LINE__);
+ return 0;
+ }
+
+ actx = EVP_CIPHER_CTX_get_cipher_data(ctx);
+ if (actx == NULL) {
+ ALG_WARN("%s(%d): Cipher data NULL\n", __FILE__, __LINE__);
+ return 0;
+ }
+
+ ciphertype = EVP_CIPHER_CTX_nid(ctx);
+ switch (ciphertype) {
+ case NID_aes_128_cbc:
+ case NID_aes_192_cbc:
+ case NID_aes_256_cbc:
+ strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME);
+ break;
+ default:
+ ALG_WARN("%s(%d): Unsupported Cipher type %d\n", __FILE__, __LINE__,
+ ciphertype);
+ return 0;
+ }
+ ciphername[ALG_MAX_SALG_NAME-1]='\0';
+
+ if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) {
+ ALG_WARN("%s(%d): Unsupported IV length :%d\n", __FILE__, __LINE__,
+ EVP_CIPHER_CTX_iv_length(ctx));
+ return 0;
+ }
+
+ /* Setup AFALG socket for crypto processing */
+ ret = afalg_create_sk(actx, "skcipher", ciphername);
+ if (ret < 1)
+ return 0;
+
+
+ ret = afalg_set_key(actx, key, EVP_CIPHER_CTX_key_length(ctx));
+ if (ret < 1)
+ goto err;
+
+ /* Setup AIO ctx to allow async AFALG crypto processing */
+ if (afalg_init_aio(&actx->aio) == 0)
+ goto err;
+
+# ifdef ALG_ZERO_COPY
+ pipe(actx->zc_pipe);
+# endif
+
+ actx->init_done = MAGIC_INIT_NUM;
+
+ return 1;
+
+err:
+ close(actx->sfd);
+ close(actx->bfd);
+ return 0;
+}
+
+static int afalg_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+{
+ afalg_ctx *actx;
+ int ret;
+ char nxtiv[ALG_AES_IV_LEN] = { 0 };
+
+ if (ctx == NULL || out == NULL || in == NULL) {
+ ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__,
+ __LINE__);
+ return 0;
+ }
+
+ actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
+ if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) {
+ ALG_WARN("%s afalg ctx passed\n",
+ ctx == NULL ? "NULL" : "Uninitialised");
+ return 0;
+ }
+
+ /*
+ * set iv now for decrypt operation as the input buffer can be
+ * overwritten for inplace operation where in = out.
+ */
+ if (EVP_CIPHER_CTX_encrypting(ctx) == 0) {
+ memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN);
+ }
+
+ /* Send input data to kernel space */
+ ret = afalg_start_cipher_sk(actx, (unsigned char *)in, inl,
+ EVP_CIPHER_CTX_iv(ctx),
+ EVP_CIPHER_CTX_encrypting(ctx));
+ if (ret < 1) {
+ return 0;
+ }
+
+ /* Perform async crypto operation in kernel space */
+ ret = afalg_fin_cipher_aio(&actx->aio, actx->sfd, out, inl);
+ if (ret < 1)
+ return 0;
+
+ if (EVP_CIPHER_CTX_encrypting(ctx)) {
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN),
+ ALG_AES_IV_LEN);
+ } else {
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN);
+ }
+
+ return 1;
+}
+
+static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx)
+{
+ afalg_ctx *actx;
+
+ if (ctx == NULL) {
+ ALG_WARN("NULL parameter passed to function %s(%d)\n", __FILE__,
+ __LINE__);
+ return 0;
+ }
+
+ actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
+ if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) {
+ ALG_WARN("%s afalg ctx passed\n",
+ ctx == NULL ? "NULL" : "Uninitialised");
+ return 0;
+ }
+
+ close(actx->sfd);
+ close(actx->bfd);
+# ifdef ALG_ZERO_COPY
+ close(actx->zc_pipe[0]);
+ close(actx->zc_pipe[1]);
+# endif
+ /* close efd in sync mode, async mode is closed in afalg_waitfd_cleanup() */
+ if (actx->aio.mode == MODE_SYNC)
+ close(actx->aio.efd);
+ io_destroy(actx->aio.aio_ctx);
+
+ return 1;
+}
+
+static cbc_handles *get_cipher_handle(int nid)
+{
+ switch (nid) {
+ case NID_aes_128_cbc:
+ return &cbc_handle[AES_CBC_128];
+ case NID_aes_192_cbc:
+ return &cbc_handle[AES_CBC_192];
+ case NID_aes_256_cbc:
+ return &cbc_handle[AES_CBC_256];
+ default:
+ return NULL;
+ }
+}
+
+static const EVP_CIPHER *afalg_aes_cbc(int nid)
+{
+ cbc_handles *cipher_handle = get_cipher_handle(nid);
+ if (cipher_handle->_hidden == NULL
+ && ((cipher_handle->_hidden =
+ EVP_CIPHER_meth_new(nid,
+ AES_BLOCK_SIZE,
+ cipher_handle->key_size)) == NULL
+ || !EVP_CIPHER_meth_set_iv_length(cipher_handle->_hidden,
+ AES_IV_LEN)
+ || !EVP_CIPHER_meth_set_flags(cipher_handle->_hidden,
+ EVP_CIPH_CBC_MODE |
+ EVP_CIPH_FLAG_DEFAULT_ASN1)
+ || !EVP_CIPHER_meth_set_init(cipher_handle->_hidden,
+ afalg_cipher_init)
+ || !EVP_CIPHER_meth_set_do_cipher(cipher_handle->_hidden,
+ afalg_do_cipher)
+ || !EVP_CIPHER_meth_set_cleanup(cipher_handle->_hidden,
+ afalg_cipher_cleanup)
+ || !EVP_CIPHER_meth_set_impl_ctx_size(cipher_handle->_hidden,
+ sizeof(afalg_ctx)))) {
+ EVP_CIPHER_meth_free(cipher_handle->_hidden);
+ cipher_handle->_hidden= NULL;
+ }
+ return cipher_handle->_hidden;
+}
+
+static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+ const int **nids, int nid)
+{
+ int r = 1;
+
+ if (cipher == NULL) {
+ *nids = afalg_cipher_nids;
+ return (sizeof(afalg_cipher_nids) / sizeof(afalg_cipher_nids[0]));
+ }
+
+ switch (nid) {
+ case NID_aes_128_cbc:
+ case NID_aes_192_cbc:
+ case NID_aes_256_cbc:
+ *cipher = afalg_aes_cbc(nid);
+ break;
+ default:
+ *cipher = NULL;
+ r = 0;
+ }
+ return r;
+}
+
+static int bind_afalg(ENGINE *e)
+{
+ /* Ensure the afalg error handling is set up */
+ unsigned short i;
+ ERR_load_AFALG_strings();
+
+ if (!ENGINE_set_id(e, engine_afalg_id)
+ || !ENGINE_set_name(e, engine_afalg_name)
+ || !ENGINE_set_destroy_function(e, afalg_destroy)
+ || !ENGINE_set_init_function(e, afalg_init)
+ || !ENGINE_set_finish_function(e, afalg_finish)) {
+ AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
+ return 0;
+ }
+
+ /*
+ * Create _hidden_aes_xxx_cbc by calling afalg_aes_xxx_cbc
+ * now, as bind_aflag can only be called by one thread at a
+ * time.
+ */
+ for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) {
+ if (afalg_aes_cbc(afalg_cipher_nids[i]) == NULL) {
+ AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
+ return 0;
+ }
+ }
+
+ if (!ENGINE_set_ciphers(e, afalg_ciphers)) {
+ AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
+ return 0;
+ }
+
+ return 1;
+}
+
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+ if (id && (strcmp(id, engine_afalg_id) != 0))
+ return 0;
+
+ if (!afalg_chk_platform())
+ return 0;
+
+ if (!bind_afalg(e))
+ return 0;
+ return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+ IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+# endif
+
+static int afalg_chk_platform(void)
+{
+ int ret;
+ int i;
+ int kver[3] = { -1, -1, -1 };
+ int sock;
+ char *str;
+ struct utsname ut;
+
+ ret = uname(&ut);
+ if (ret != 0) {
+ AFALGerr(AFALG_F_AFALG_CHK_PLATFORM,
+ AFALG_R_FAILED_TO_GET_PLATFORM_INFO);
+ return 0;
+ }
+
+ str = strtok(ut.release, ".");
+ for (i = 0; i < 3 && str != NULL; i++) {
+ kver[i] = atoi(str);
+ str = strtok(NULL, ".");
+ }
+
+ if (KERNEL_VERSION(kver[0], kver[1], kver[2])
+ < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)) {
+ ALG_ERR("ASYNC AFALG not supported this kernel(%d.%d.%d)\n",
+ kver[0], kver[1], kver[2]);
+ ALG_ERR("ASYNC AFALG requires kernel version %d.%d.%d or later\n",
+ K_MAJ, K_MIN1, K_MIN2);
+ AFALGerr(AFALG_F_AFALG_CHK_PLATFORM,
+ AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG);
+ return 0;
+ }
+
+ /* Test if we can actually create an AF_ALG socket */
+ sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
+ if (sock == -1) {
+ AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED);
+ return 0;
+ }
+ close(sock);
+
+ return 1;
+}
+
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_afalg(void)
+{
+ ENGINE *ret = ENGINE_new();
+ if (ret == NULL)
+ return NULL;
+ if (!bind_afalg(ret)) {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+void engine_load_afalg_int(void)
+{
+ ENGINE *toadd;
+
+ if (!afalg_chk_platform())
+ return;
+
+ toadd = engine_afalg();
+ if (toadd == NULL)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+}
+# endif
+
+static int afalg_init(ENGINE *e)
+{
+ return 1;
+}
+
+static int afalg_finish(ENGINE *e)
+{
+ return 1;
+}
+
+static int free_cbc(void)
+{
+ short unsigned int i;
+ for(i = 0; i < OSSL_NELEM(afalg_cipher_nids); i++) {
+ EVP_CIPHER_meth_free(cbc_handle[i]._hidden);
+ cbc_handle[i]._hidden = NULL;
+ }
+ return 1;
+}
+
+static int afalg_destroy(ENGINE *e)
+{
+ ERR_unload_AFALG_strings();
+ free_cbc();
+ return 1;
+}
+
+#endif /* KERNEL VERSION */
diff --git a/engines/e_afalg.h b/engines/e_afalg.h
new file mode 100644
index 000000000000..2c03c448d684
--- /dev/null
+++ b/engines/e_afalg.h
@@ -0,0 +1,95 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_AFALG_H
+# define HEADER_AFALG_H
+
+# if defined(__GNUC__) && __GNUC__ >= 4 && \
+ (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L)
+# pragma GCC diagnostic ignored "-Wvariadic-macros"
+# endif
+
+# ifdef ALG_DEBUG
+# define ALG_DGB(x, ...) fprintf(stderr, "ALG_DBG: " x, __VA_ARGS__)
+# define ALG_INFO(x, ...) fprintf(stderr, "ALG_INFO: " x, __VA_ARGS__)
+# define ALG_WARN(x, ...) fprintf(stderr, "ALG_WARN: " x, __VA_ARGS__)
+# else
+# define ALG_DGB(x, ...)
+# define ALG_INFO(x, ...)
+# define ALG_WARN(x, ...)
+# endif
+
+# define ALG_ERR(x, ...) fprintf(stderr, "ALG_ERR: " x, __VA_ARGS__)
+# define ALG_PERR(x, ...) \
+ do { \
+ fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \
+ perror(NULL); \
+ } while(0)
+# define ALG_PWARN(x, ...) \
+ do { \
+ fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \
+ perror(NULL); \
+ } while(0)
+
+# ifndef AES_BLOCK_SIZE
+# define AES_BLOCK_SIZE 16
+# endif
+# define AES_KEY_SIZE_128 16
+# define AES_KEY_SIZE_192 24
+# define AES_KEY_SIZE_256 32
+# define AES_IV_LEN 16
+
+# define MAX_INFLIGHTS 1
+
+typedef enum {
+ MODE_UNINIT = 0,
+ MODE_SYNC,
+ MODE_ASYNC
+} op_mode;
+
+enum {
+ AES_CBC_128 = 0,
+ AES_CBC_192,
+ AES_CBC_256
+};
+
+struct cbc_cipher_handles {
+ int key_size;
+ EVP_CIPHER *_hidden;
+};
+
+typedef struct cbc_cipher_handles cbc_handles;
+
+struct afalg_aio_st {
+ int efd;
+ op_mode mode;
+ aio_context_t aio_ctx;
+ struct io_event events[MAX_INFLIGHTS];
+ struct iocb cbt[MAX_INFLIGHTS];
+};
+typedef struct afalg_aio_st afalg_aio;
+
+/*
+ * MAGIC Number to identify correct initialisation
+ * of afalg_ctx.
+ */
+# define MAGIC_INIT_NUM 0x1890671
+
+struct afalg_ctx_st {
+ int init_done;
+ int sfd;
+ int bfd;
+# ifdef ALG_ZERO_COPY
+ int zc_pipe[2];
+# endif
+ afalg_aio aio;
+};
+
+typedef struct afalg_ctx_st afalg_ctx;
+#endif
diff --git a/engines/e_afalg.txt b/engines/e_afalg.txt
new file mode 100644
index 000000000000..3b79305acf9b
--- /dev/null
+++ b/engines/e_afalg.txt
@@ -0,0 +1,30 @@
+# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Function codes
+AFALG_F_AFALG_CHK_PLATFORM:100:afalg_chk_platform
+AFALG_F_AFALG_CREATE_SK:101:afalg_create_sk
+AFALG_F_AFALG_INIT_AIO:102:afalg_init_aio
+AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION:103:\
+ afalg_setup_async_event_notification
+AFALG_F_AFALG_SET_KEY:104:afalg_set_key
+AFALG_F_BIND_AFALG:105:bind_afalg
+
+#Reason codes
+AFALG_R_EVENTFD_FAILED:108:eventfd failed
+AFALG_R_FAILED_TO_GET_PLATFORM_INFO:111:failed to get platform info
+AFALG_R_INIT_FAILED:100:init failed
+AFALG_R_IO_SETUP_FAILED:105:io setup failed
+AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG:101:kernel does not support afalg
+AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG:107:\
+ kernel does not support async afalg
+AFALG_R_MEM_ALLOC_FAILED:102:mem alloc failed
+AFALG_R_SOCKET_ACCEPT_FAILED:110:socket accept failed
+AFALG_R_SOCKET_BIND_FAILED:103:socket bind failed
+AFALG_R_SOCKET_CREATE_FAILED:109:socket create failed
+AFALG_R_SOCKET_OPERATION_FAILED:104:socket operation failed
+AFALG_R_SOCKET_SET_KEY_FAILED:106:socket set key failed
diff --git a/engines/e_afalg_err.c b/engines/e_afalg_err.c
new file mode 100644
index 000000000000..18fe9c34e0e2
--- /dev/null
+++ b/engines/e_afalg_err.c
@@ -0,0 +1,83 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/err.h>
+#include "e_afalg_err.h"
+
+#ifndef OPENSSL_NO_ERR
+
+static ERR_STRING_DATA AFALG_str_functs[] = {
+ {ERR_PACK(0, AFALG_F_AFALG_CHK_PLATFORM, 0), "afalg_chk_platform"},
+ {ERR_PACK(0, AFALG_F_AFALG_CREATE_SK, 0), "afalg_create_sk"},
+ {ERR_PACK(0, AFALG_F_AFALG_INIT_AIO, 0), "afalg_init_aio"},
+ {ERR_PACK(0, AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, 0),
+ "afalg_setup_async_event_notification"},
+ {ERR_PACK(0, AFALG_F_AFALG_SET_KEY, 0), "afalg_set_key"},
+ {ERR_PACK(0, AFALG_F_BIND_AFALG, 0), "bind_afalg"},
+ {0, NULL}
+};
+
+static ERR_STRING_DATA AFALG_str_reasons[] = {
+ {ERR_PACK(0, 0, AFALG_R_EVENTFD_FAILED), "eventfd failed"},
+ {ERR_PACK(0, 0, AFALG_R_FAILED_TO_GET_PLATFORM_INFO),
+ "failed to get platform info"},
+ {ERR_PACK(0, 0, AFALG_R_INIT_FAILED), "init failed"},
+ {ERR_PACK(0, 0, AFALG_R_IO_SETUP_FAILED), "io setup failed"},
+ {ERR_PACK(0, 0, AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG),
+ "kernel does not support afalg"},
+ {ERR_PACK(0, 0, AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG),
+ "kernel does not support async afalg"},
+ {ERR_PACK(0, 0, AFALG_R_MEM_ALLOC_FAILED), "mem alloc failed"},
+ {ERR_PACK(0, 0, AFALG_R_SOCKET_ACCEPT_FAILED), "socket accept failed"},
+ {ERR_PACK(0, 0, AFALG_R_SOCKET_BIND_FAILED), "socket bind failed"},
+ {ERR_PACK(0, 0, AFALG_R_SOCKET_CREATE_FAILED), "socket create failed"},
+ {ERR_PACK(0, 0, AFALG_R_SOCKET_OPERATION_FAILED),
+ "socket operation failed"},
+ {ERR_PACK(0, 0, AFALG_R_SOCKET_SET_KEY_FAILED), "socket set key failed"},
+ {0, NULL}
+};
+
+#endif
+
+static int lib_code = 0;
+static int error_loaded = 0;
+
+static int ERR_load_AFALG_strings(void)
+{
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+
+ if (!error_loaded) {
+#ifndef OPENSSL_NO_ERR
+ ERR_load_strings(lib_code, AFALG_str_functs);
+ ERR_load_strings(lib_code, AFALG_str_reasons);
+#endif
+ error_loaded = 1;
+ }
+ return 1;
+}
+
+static void ERR_unload_AFALG_strings(void)
+{
+ if (error_loaded) {
+#ifndef OPENSSL_NO_ERR
+ ERR_unload_strings(lib_code, AFALG_str_functs);
+ ERR_unload_strings(lib_code, AFALG_str_reasons);
+#endif
+ error_loaded = 0;
+ }
+}
+
+static void ERR_AFALG_error(int function, int reason, char *file, int line)
+{
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+ ERR_PUT_error(lib_code, function, reason, file, line);
+}
diff --git a/engines/e_afalg_err.h b/engines/e_afalg_err.h
new file mode 100644
index 000000000000..3eb1332bbfe4
--- /dev/null
+++ b/engines/e_afalg_err.h
@@ -0,0 +1,43 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_AFALGERR_H
+# define HEADER_AFALGERR_H
+
+# define AFALGerr(f, r) ERR_AFALG_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
+
+
+/*
+ * AFALG function codes.
+ */
+# define AFALG_F_AFALG_CHK_PLATFORM 100
+# define AFALG_F_AFALG_CREATE_SK 101
+# define AFALG_F_AFALG_INIT_AIO 102
+# define AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION 103
+# define AFALG_F_AFALG_SET_KEY 104
+# define AFALG_F_BIND_AFALG 105
+
+/*
+ * AFALG reason codes.
+ */
+# define AFALG_R_EVENTFD_FAILED 108
+# define AFALG_R_FAILED_TO_GET_PLATFORM_INFO 111
+# define AFALG_R_INIT_FAILED 100
+# define AFALG_R_IO_SETUP_FAILED 105
+# define AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG 101
+# define AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG 107
+# define AFALG_R_MEM_ALLOC_FAILED 102
+# define AFALG_R_SOCKET_ACCEPT_FAILED 110
+# define AFALG_R_SOCKET_BIND_FAILED 103
+# define AFALG_R_SOCKET_CREATE_FAILED 109
+# define AFALG_R_SOCKET_OPERATION_FAILED 104
+# define AFALG_R_SOCKET_SET_KEY_FAILED 106
+
+#endif
diff --git a/engines/e_atalla.c b/engines/e_atalla.c
deleted file mode 100644
index 7d136fff0736..000000000000
--- a/engines/e_atalla.c
+++ /dev/null
@@ -1,626 +0,0 @@
-/* crypto/engine/hw_atalla.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_ATALLA
-
-# ifdef FLAT_INC
-# include "atalla.h"
-# else
-# include "vendor_defns/atalla.h"
-# endif
-
-# define ATALLA_LIB_NAME "atalla engine"
-# include "e_atalla_err.c"
-
-static int atalla_destroy(ENGINE *e);
-static int atalla_init(ENGINE *e);
-static int atalla_finish(ENGINE *e);
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-/* BIGNUM stuff */
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-/* The definitions for control commands specific to this engine */
-# define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN atalla_cmd_defns[] = {
- {ATALLA_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'atasi' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD atalla_rsa = {
- "Atalla RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- atalla_rsa_mod_exp,
- atalla_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD atalla_dsa = {
- "Atalla DSA method",
- NULL, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- NULL, /* dsa_do_verify */
- atalla_dsa_mod_exp, /* dsa_mod_exp */
- atalla_mod_exp_dsa, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* dsa_paramgen */
- NULL /* dsa_keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD atalla_dh = {
- "Atalla DH method",
- NULL,
- NULL,
- atalla_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_atalla_id = "atalla";
-static const char *engine_atalla_name = "Atalla hardware engine support";
-
-/*
- * This internal function is used by ENGINE_atalla() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-# endif
- if (!ENGINE_set_id(e, engine_atalla_id) ||
- !ENGINE_set_name(e, engine_atalla_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &atalla_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &atalla_dsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &atalla_dh) ||
-# endif
- !ENGINE_set_destroy_function(e, atalla_destroy) ||
- !ENGINE_set_init_function(e, atalla_init) ||
- !ENGINE_set_finish_function(e, atalla_finish) ||
- !ENGINE_set_ctrl_function(e, atalla_ctrl) ||
- !ENGINE_set_cmd_defns(e, atalla_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * atalla-specific mod_exp and mod_exp_crt so we use those functions. NB:
- * We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DSA
- /*
- * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
- */
- meth2 = DSA_OpenSSL();
- atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
- atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
- atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- atalla_dh.generate_key = meth3->generate_key;
- atalla_dh.compute_key = meth3->compute_key;
-# endif
-
- /* Ensure the atalla error handling is set up */
- ERR_load_ATALLA_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_atalla(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_atalla(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_atalla();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * Atalla library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *atalla_dso = NULL;
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
-static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
-static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics =
- NULL;
-
-/*
- * These are the static string constants for the DSO file name and the
- * function symbol names to bind to. Regrettably, the DSO name on *nix
- * appears to be "atasi.so" rather than something more consistent like
- * "libatasi.so". At the time of writing, I'm not sure what the file name on
- * win32 is but clearly native name translation is not possible (eg
- * libatasi.so on *nix, and atasi.dll on win32). For the purposes of testing,
- * I have created a symbollic link called "libatasi.so" so that we can use
- * native name-translation - a better solution will be needed.
- */
-static const char *ATALLA_LIBNAME = NULL;
-static const char *get_ATALLA_LIBNAME(void)
-{
- if (ATALLA_LIBNAME)
- return ATALLA_LIBNAME;
- return "atasi";
-}
-
-static void free_ATALLA_LIBNAME(void)
-{
- if (ATALLA_LIBNAME)
- OPENSSL_free((void *)ATALLA_LIBNAME);
- ATALLA_LIBNAME = NULL;
-}
-
-static long set_ATALLA_LIBNAME(const char *name)
-{
- free_ATALLA_LIBNAME();
- return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
-static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
-static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
-
-/* Destructor (complements the "ENGINE_atalla()" constructor) */
-static int atalla_destroy(ENGINE *e)
-{
- free_ATALLA_LIBNAME();
- /*
- * Unload the atalla error strings so any error state including our
- * functs or reasons won't lead to a segfault (they simply get displayed
- * without corresponding string data because none will be found).
- */
- ERR_unload_ATALLA_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int atalla_init(ENGINE *e)
-{
- tfnASI_GetHardwareConfig *p1;
- tfnASI_RSAPrivateKeyOpFn *p2;
- tfnASI_GetPerformanceStatistics *p3;
- /*
- * Not sure of the origin of this magic value, but Ben's code had it and
- * it seemed to have been working for a few people. :-)
- */
- unsigned int config_buf[1024];
-
- if (atalla_dso != NULL) {
- ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_ALREADY_LOADED);
- goto err;
- }
- /*
- * Attempt to load libatasi.so/atasi.dll/whatever. Needs to be changed
- * unfortunately because the Atalla drivers don't have standard library
- * names that can be platform-translated well.
- */
- /*
- * TODO: Work out how to actually map to the names the Atalla drivers
- * really use - for now a symbollic link needs to be created on the host
- * system from libatasi.so to atasi.so on unix variants.
- */
- atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
- if (atalla_dso == NULL) {
- ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
- goto err;
- }
- if (!
- (p1 =
- (tfnASI_GetHardwareConfig *) DSO_bind_func(atalla_dso, ATALLA_F1))
-|| !(p2 = (tfnASI_RSAPrivateKeyOpFn *) DSO_bind_func(atalla_dso, ATALLA_F2))
-|| !(p3 =
- (tfnASI_GetPerformanceStatistics *) DSO_bind_func(atalla_dso,
- ATALLA_F3))) {
- ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
- goto err;
- }
- /* Copy the pointers */
- p_Atalla_GetHardwareConfig = p1;
- p_Atalla_RSAPrivateKeyOpFn = p2;
- p_Atalla_GetPerformanceStatistics = p3;
- /*
- * Perform a basic test to see if there's actually any unit running.
- */
- if (p1(0L, config_buf) != 0) {
- ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_UNIT_FAILURE);
- goto err;
- }
- /* Everything's fine. */
- return 1;
- err:
- if (atalla_dso)
- DSO_free(atalla_dso);
- atalla_dso = NULL;
- p_Atalla_GetHardwareConfig = NULL;
- p_Atalla_RSAPrivateKeyOpFn = NULL;
- p_Atalla_GetPerformanceStatistics = NULL;
- return 0;
-}
-
-static int atalla_finish(ENGINE *e)
-{
- free_ATALLA_LIBNAME();
- if (atalla_dso == NULL) {
- ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_NOT_LOADED);
- return 0;
- }
- if (!DSO_free(atalla_dso)) {
- ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_UNIT_FAILURE);
- return 0;
- }
- atalla_dso = NULL;
- p_Atalla_GetHardwareConfig = NULL;
- p_Atalla_RSAPrivateKeyOpFn = NULL;
- p_Atalla_GetPerformanceStatistics = NULL;
- return 1;
-}
-
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int initialised = ((atalla_dso == NULL) ? 0 : 1);
- switch (cmd) {
- case ATALLA_CMD_SO_PATH:
- if (p == NULL) {
- ATALLAerr(ATALLA_F_ATALLA_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (initialised) {
- ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_ALREADY_LOADED);
- return 0;
- }
- return set_ATALLA_LIBNAME((const char *)p);
- default:
- break;
- }
- ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- /*
- * I need somewhere to store temporary serialised values for use with the
- * Atalla API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX but
- * access their arrays directly as byte arrays <grin>. This way I don't
- * have to clean anything up.
- */
- BIGNUM *modulus;
- BIGNUM *exponent;
- BIGNUM *argument;
- BIGNUM *result;
- RSAPrivateKey keydata;
- int to_return, numbytes;
-
- modulus = exponent = argument = result = NULL;
- to_return = 0; /* expect failure */
-
- if (!atalla_dso) {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_NOT_LOADED);
- goto err;
- }
- /* Prepare the params */
- BN_CTX_start(ctx);
- modulus = BN_CTX_get(ctx);
- exponent = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if (!result) {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_CTX_FULL);
- goto err;
- }
- if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
- !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_EXPAND_FAIL);
- goto err;
- }
- /* Prepare the key-data */
- memset(&keydata, 0, sizeof(keydata));
- numbytes = BN_num_bytes(m);
- memset(exponent->d, 0, numbytes);
- memset(modulus->d, 0, numbytes);
- BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
- BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
- keydata.privateExponent.data = (unsigned char *)exponent->d;
- keydata.privateExponent.len = numbytes;
- keydata.modulus.data = (unsigned char *)modulus->d;
- keydata.modulus.len = numbytes;
- /* Prepare the argument */
- memset(argument->d, 0, numbytes);
- memset(result->d, 0, numbytes);
- BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
- /* Perform the operation */
- if (p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
- (unsigned char *)argument->d,
- keydata.modulus.len) != 0) {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_REQUEST_FAILED);
- goto err;
- }
- /* Convert the response */
- BN_bin2bn((unsigned char *)result->d, numbytes, r);
- to_return = 1;
- err:
- BN_CTX_end(ctx);
- return to_return;
-}
-
-# ifndef OPENSSL_NO_RSA
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- int to_return = 0;
-
- if (!atalla_dso) {
- ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP, ATALLA_R_NOT_LOADED);
- goto err;
- }
- if (!rsa->d || !rsa->n) {
- ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,
- ATALLA_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
- to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
- err:
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/*
- * This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
- * doesn't have a CRT form for RSA), this function means that an Atalla
- * system running with a DSA server certificate can handshake around 5 or 6
- * times faster/more than an equivalent system running with RSA. Just check
- * out the "signs" statistics from the RSA and DSA parts of "openssl speed
- * -engine atalla dsa1024 rsa1024".
- */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- BIGNUM t;
- int to_return = 0;
-
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!atalla_mod_exp(rr, a1, p1, m, ctx))
- goto end;
- /* let t = a2 ^ p2 mod m */
- if (!atalla_mod_exp(&t, a2, p2, m, ctx))
- goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr, rr, &t, m, ctx))
- goto end;
- to_return = 1;
- end:
- BN_free(&t);
- return to_return;
-}
-
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return atalla_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return atalla_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return atalla_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_atalla_id) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_ATALLA */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_atalla_err.c b/engines/e_atalla_err.c
deleted file mode 100644
index ff47322389a6..000000000000
--- a/engines/e_atalla_err.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* e_atalla_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_atalla_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA ATALLA_str_functs[] = {
- {ERR_FUNC(ATALLA_F_ATALLA_CTRL), "ATALLA_CTRL"},
- {ERR_FUNC(ATALLA_F_ATALLA_FINISH), "ATALLA_FINISH"},
- {ERR_FUNC(ATALLA_F_ATALLA_INIT), "ATALLA_INIT"},
- {ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP), "ATALLA_MOD_EXP"},
- {ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP), "ATALLA_RSA_MOD_EXP"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA ATALLA_str_reasons[] = {
- {ERR_REASON(ATALLA_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(ATALLA_R_BN_CTX_FULL), "bn ctx full"},
- {ERR_REASON(ATALLA_R_BN_EXPAND_FAIL), "bn expand fail"},
- {ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {ERR_REASON(ATALLA_R_NOT_LOADED), "not loaded"},
- {ERR_REASON(ATALLA_R_REQUEST_FAILED), "request failed"},
- {ERR_REASON(ATALLA_R_UNIT_FAILURE), "unit failure"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef ATALLA_LIB_NAME
-static ERR_STRING_DATA ATALLA_lib_name[] = {
- {0, ATALLA_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int ATALLA_lib_error_code = 0;
-static int ATALLA_error_init = 1;
-
-static void ERR_load_ATALLA_strings(void)
-{
- if (ATALLA_lib_error_code == 0)
- ATALLA_lib_error_code = ERR_get_next_error_library();
-
- if (ATALLA_error_init) {
- ATALLA_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_functs);
- ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
- ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code, 0, 0);
- ERR_load_strings(0, ATALLA_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_ATALLA_strings(void)
-{
- if (ATALLA_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_functs);
- ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
- ERR_unload_strings(0, ATALLA_lib_name);
-#endif
- ATALLA_error_init = 1;
- }
-}
-
-static void ERR_ATALLA_error(int function, int reason, char *file, int line)
-{
- if (ATALLA_lib_error_code == 0)
- ATALLA_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(ATALLA_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_atalla_err.h b/engines/e_atalla_err.h
deleted file mode 100644
index 7b71eff407e2..000000000000
--- a/engines/e_atalla_err.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ATALLA_ERR_H
-# define HEADER_ATALLA_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_ATALLA_strings(void);
-static void ERR_unload_ATALLA_strings(void);
-static void ERR_ATALLA_error(int function, int reason, char *file, int line);
-# define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the ATALLA functions. */
-
-/* Function codes. */
-# define ATALLA_F_ATALLA_CTRL 100
-# define ATALLA_F_ATALLA_FINISH 101
-# define ATALLA_F_ATALLA_INIT 102
-# define ATALLA_F_ATALLA_MOD_EXP 103
-# define ATALLA_F_ATALLA_RSA_MOD_EXP 104
-
-/* Reason codes. */
-# define ATALLA_R_ALREADY_LOADED 100
-# define ATALLA_R_BN_CTX_FULL 101
-# define ATALLA_R_BN_EXPAND_FAIL 102
-# define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-# define ATALLA_R_MISSING_KEY_COMPONENTS 104
-# define ATALLA_R_NOT_LOADED 105
-# define ATALLA_R_REQUEST_FAILED 106
-# define ATALLA_R_UNIT_FAILURE 107
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_capi.c b/engines/e_capi.c
index 8c08872bfdf4..37202b81f398 100644
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -1,80 +1,35 @@
-/* engines/e_capi.c */
/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
+#ifdef _WIN32
+# ifndef _WIN32_WINNT
+# define _WIN32_WINNT 0x0400
+# endif
+# include <windows.h>
+# include <wincrypt.h>
+
+# include <stdio.h>
+# include <string.h>
+# include <stdlib.h>
+# include <malloc.h>
+# ifndef alloca
+# define alloca _alloca
+# endif
-#include <openssl/crypto.h>
+# include <openssl/crypto.h>
-#ifdef OPENSSL_SYS_WIN32
# ifndef OPENSSL_NO_CAPIENG
# include <openssl/buffer.h>
# include <openssl/bn.h>
# include <openssl/rsa.h>
-
-# ifndef _WIN32_WINNT
-# define _WIN32_WINNT 0x0400
-# endif
-
-# include <windows.h>
-# include <wincrypt.h>
-# include <malloc.h>
-# ifndef alloca
-# define alloca _alloca
-# endif
+# include <openssl/dsa.h>
/*
* This module uses several "new" interfaces, among which is
@@ -94,12 +49,11 @@
# define __COMPILE_CAPIENG
# endif /* CERT_KEY_PROV_INFO_PROP_ID */
# endif /* OPENSSL_NO_CAPIENG */
-#endif /* OPENSSL_SYS_WIN32 */
+#endif /* _WIN32 */
#ifdef __COMPILE_CAPIENG
# undef X509_EXTENSIONS
-# undef X509_CERT_PAIR
/* Definitions which may be missing from earlier version of headers */
# ifndef CERT_STORE_OPEN_EXISTING_FLAG
@@ -115,23 +69,27 @@
# endif
# ifndef ALG_SID_SHA_256
-# define ALG_SID_SHA_256 12
+# define ALG_SID_SHA_256 12
# endif
# ifndef ALG_SID_SHA_384
-# define ALG_SID_SHA_384 13
+# define ALG_SID_SHA_384 13
# endif
# ifndef ALG_SID_SHA_512
-# define ALG_SID_SHA_512 14
+# define ALG_SID_SHA_512 14
# endif
# ifndef CALG_SHA_256
-# define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
+# define CALG_SHA_256 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_256)
# endif
# ifndef CALG_SHA_384
-# define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384)
+# define CALG_SHA_384 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_384)
# endif
# ifndef CALG_SHA_512
-# define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
+# define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
+# endif
+
+# ifndef PROV_RSA_AES
+# define PROV_RSA_AES 24
# endif
# include <openssl/engine.h>
@@ -150,17 +108,17 @@ typedef struct CAPI_KEY_st CAPI_KEY;
static void capi_addlasterror(void);
static void capi_adderror(DWORD err);
-static void CAPI_trace(CAPI_CTX * ctx, char *format, ...);
+static void CAPI_trace(CAPI_CTX *ctx, char *format, ...);
-static int capi_list_providers(CAPI_CTX * ctx, BIO *out);
-static int capi_list_containers(CAPI_CTX * ctx, BIO *out);
-int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *storename);
-void capi_free_key(CAPI_KEY * key);
+static int capi_list_providers(CAPI_CTX *ctx, BIO *out);
+static int capi_list_containers(CAPI_CTX *ctx, BIO *out);
+int capi_list_certs(CAPI_CTX *ctx, BIO *out, char *storename);
+void capi_free_key(CAPI_KEY *key);
-static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id,
+static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id,
HCERTSTORE hstore);
-CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id);
+CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id);
static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
@@ -173,9 +131,11 @@ static int capi_rsa_priv_dec(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
static int capi_rsa_free(RSA *rsa);
+# ifndef OPENSSL_NO_DSA
static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
DSA *dsa);
static int capi_dsa_free(DSA *dsa);
+# endif
static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
@@ -188,9 +148,11 @@ static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
# endif
-typedef PCCERT_CONTEXT(WINAPI *CERTDLG) (HCERTSTORE, HWND, LPCWSTR,
- LPCWSTR, DWORD, DWORD, void *);
-typedef HWND(WINAPI *GETCONSWIN) (void);
+void engine_load_capi_int(void);
+
+typedef PCCERT_CONTEXT(WINAPI *CERTDLG)(HCERTSTORE, HWND, LPCWSTR,
+ LPCWSTR, DWORD, DWORD, void *);
+typedef HWND(WINAPI *GETCONSWIN)(void);
/*
* This structure contains CAPI ENGINE specific data: it contains various
@@ -213,37 +175,28 @@ struct CAPI_CTX_st {
/* System store flags */
DWORD store_flags;
/* Lookup string meanings in load_private_key */
-/* Substring of subject: uses "storename" */
-# define CAPI_LU_SUBSTR 1
-/* Friendly name: uses storename */
-# define CAPI_LU_FNAME 2
-/* Container name: uses cspname, keytype */
-# define CAPI_LU_CONTNAME 3
+# define CAPI_LU_SUBSTR 1 /* Substring of subject: uses "storename" */
+# define CAPI_LU_FNAME 2 /* Friendly name: uses storename */
+# define CAPI_LU_CONTNAME 3 /* Container name: uses cspname, keytype */
int lookup_method;
/* Info to dump with dumpcerts option */
-/* Issuer and serial name strings */
-# define CAPI_DMP_SUMMARY 0x1
-/* Friendly name */
-# define CAPI_DMP_FNAME 0x2
-/* Full X509_print dump */
-# define CAPI_DMP_FULL 0x4
-/* Dump PEM format certificate */
-# define CAPI_DMP_PEM 0x8
-/* Dump pseudo key (if possible) */
-# define CAPI_DMP_PSKEY 0x10
-/* Dump key info (if possible) */
-# define CAPI_DMP_PKEYINFO 0x20
+# define CAPI_DMP_SUMMARY 0x1 /* Issuer and serial name strings */
+# define CAPI_DMP_FNAME 0x2 /* Friendly name */
+# define CAPI_DMP_FULL 0x4 /* Full X509_print dump */
+# define CAPI_DMP_PEM 0x8 /* Dump PEM format certificate */
+# define CAPI_DMP_PSKEY 0x10 /* Dump pseudo key (if possible) */
+# define CAPI_DMP_PKEYINFO 0x20 /* Dump key info (if possible) */
DWORD dump_flags;
int (*client_cert_select) (ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
CERTDLG certselectdlg;
GETCONSWIN getconswindow;
};
-static CAPI_CTX *capi_ctx_new();
-static void capi_ctx_free(CAPI_CTX * ctx);
-static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
+static CAPI_CTX *capi_ctx_new(void);
+static void capi_ctx_free(CAPI_CTX *ctx);
+static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type,
int check);
-static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx);
+static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx);
# define CAPI_CMD_LIST_CERTS ENGINE_CMD_BASE
# define CAPI_CMD_LOOKUP_CERT (ENGINE_CMD_BASE + 1)
@@ -332,12 +285,17 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
int ret = 1;
CAPI_CTX *ctx;
BIO *out;
+ LPSTR tmpstr;
if (capi_idx == -1) {
CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_ENGINE_NOT_INITIALIZED);
return 0;
}
ctx = ENGINE_get_ex_data(e, capi_idx);
out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if (out == NULL) {
+ CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_FILE_OPEN_ERROR);
+ return 0;
+ }
switch (cmd) {
case CAPI_CMD_LIST_CSPS:
ret = capi_list_providers(ctx, out);
@@ -356,10 +314,15 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
break;
case CAPI_CMD_STORE_NAME:
- if (ctx->storename)
+ tmpstr = OPENSSL_strdup(p);
+ if (tmpstr != NULL) {
OPENSSL_free(ctx->storename);
- ctx->storename = BUF_strdup(p);
- CAPI_trace(ctx, "Setting store name to %s\n", p);
+ ctx->storename = tmpstr;
+ CAPI_trace(ctx, "Setting store name to %s\n", p);
+ } else {
+ CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE);
+ ret = 0;
+ }
break;
case CAPI_CMD_STORE_FLAGS:
@@ -379,8 +342,14 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
break;
case CAPI_CMD_DEBUG_FILE:
- ctx->debug_file = BUF_strdup(p);
- CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
+ tmpstr = OPENSSL_strdup(p);
+ if (tmpstr != NULL) {
+ ctx->debug_file = tmpstr;
+ CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
+ } else {
+ CAPIerr(CAPI_F_CAPI_CTRL, ERR_R_MALLOC_FAILURE);
+ ret = 0;
+ }
break;
case CAPI_CMD_KEYTYPE:
@@ -399,6 +368,7 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
case CAPI_CMD_LOOKUP_METHOD:
if (i < 1 || i > 3) {
CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_INVALID_LOOKUP_METHOD);
+ BIO_free(out);
return 0;
}
ctx->lookup_method = i;
@@ -422,42 +392,25 @@ static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
}
-static RSA_METHOD capi_rsa_method = {
- "CryptoAPI RSA method",
- 0, /* pub_enc */
- 0, /* pub_dec */
- capi_rsa_priv_enc, /* priv_enc */
- capi_rsa_priv_dec, /* priv_dec */
- 0, /* rsa_mod_exp */
- 0, /* bn_mod_exp */
- 0, /* init */
- capi_rsa_free, /* finish */
- RSA_FLAG_SIGN_VER, /* flags */
- NULL, /* app_data */
- capi_rsa_sign, /* rsa_sign */
- 0 /* rsa_verify */
-};
+static RSA_METHOD *capi_rsa_method = NULL;
+# ifndef OPENSSL_NO_DSA
+static DSA_METHOD *capi_dsa_method = NULL;
+# endif
-static DSA_METHOD capi_dsa_method = {
- "CryptoAPI DSA method",
- capi_dsa_do_sign, /* dsa_do_sign */
- 0, /* dsa_sign_setup */
- 0, /* dsa_do_verify */
- 0, /* dsa_mod_exp */
- 0, /* bn_mod_exp */
- 0, /* init */
- capi_dsa_free, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- 0, /* dsa_paramgen */
- 0 /* dsa_keygen */
-};
+static int use_aes_csp = 0;
+static const WCHAR rsa_aes_cspname[] =
+ L"Microsoft Enhanced RSA and AES Cryptographic Provider";
+static const WCHAR rsa_enh_cspname[] =
+ L"Microsoft Enhanced Cryptographic Provider v1.0";
static int capi_init(ENGINE *e)
{
CAPI_CTX *ctx;
const RSA_METHOD *ossl_rsa_meth;
+# ifndef OPENSSL_NO_DSA
const DSA_METHOD *ossl_dsa_meth;
+# endif
+ HCRYPTPROV hprov;
if (capi_idx < 0) {
capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
@@ -468,22 +421,41 @@ static int capi_init(ENGINE *e)
/* Setup RSA_METHOD */
rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
- ossl_rsa_meth = RSA_PKCS1_SSLeay();
- capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc;
- capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec;
- capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp;
- capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp;
+ ossl_rsa_meth = RSA_PKCS1_OpenSSL();
+ if ( !RSA_meth_set_pub_enc(capi_rsa_method,
+ RSA_meth_get_pub_enc(ossl_rsa_meth))
+ || !RSA_meth_set_pub_dec(capi_rsa_method,
+ RSA_meth_get_pub_dec(ossl_rsa_meth))
+ || !RSA_meth_set_priv_enc(capi_rsa_method, capi_rsa_priv_enc)
+ || !RSA_meth_set_priv_dec(capi_rsa_method, capi_rsa_priv_dec)
+ || !RSA_meth_set_mod_exp(capi_rsa_method,
+ RSA_meth_get_mod_exp(ossl_rsa_meth))
+ || !RSA_meth_set_bn_mod_exp(capi_rsa_method,
+ RSA_meth_get_bn_mod_exp(ossl_rsa_meth))
+ || !RSA_meth_set_finish(capi_rsa_method, capi_rsa_free)
+ || !RSA_meth_set_sign(capi_rsa_method, capi_rsa_sign)) {
+ goto memerr;
+ }
+# ifndef OPENSSL_NO_DSA
/* Setup DSA Method */
dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
ossl_dsa_meth = DSA_OpenSSL();
- capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify;
- capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp;
- capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp;
+ if ( !DSA_meth_set_sign(capi_dsa_method, capi_dsa_do_sign)
+ || !DSA_meth_set_verify(capi_dsa_method,
+ DSA_meth_get_verify(ossl_dsa_meth))
+ || !DSA_meth_set_finish(capi_dsa_method, capi_dsa_free)
+ || !DSA_meth_set_mod_exp(capi_dsa_method,
+ DSA_meth_get_mod_exp(ossl_dsa_meth))
+ || !DSA_meth_set_bn_mod_exp(capi_dsa_method,
+ DSA_meth_get_bn_mod_exp(ossl_dsa_meth))) {
+ goto memerr;
+ }
+# endif
}
ctx = capi_ctx_new();
- if (!ctx)
+ if (ctx == NULL)
goto memerr;
ENGINE_set_ex_data(e, capi_idx, ctx);
@@ -504,6 +476,13 @@ static int capi_init(ENGINE *e)
}
# endif
+ /* See if there is RSA+AES CSP */
+ if (CryptAcquireContextW(&hprov, NULL, rsa_aes_cspname, PROV_RSA_AES,
+ CRYPT_VERIFYCONTEXT)) {
+ use_aes_csp = 1;
+ CryptReleaseContext(hprov, 0);
+ }
+
return 1;
memerr:
@@ -515,6 +494,12 @@ static int capi_init(ENGINE *e)
static int capi_destroy(ENGINE *e)
{
+ RSA_meth_free(capi_rsa_method);
+ capi_rsa_method = NULL;
+# ifndef OPENSSL_NO_DSA
+ DSA_meth_free(capi_dsa_method);
+ capi_dsa_method = NULL;
+# endif
ERR_unload_CAPI_strings();
return 1;
}
@@ -544,24 +529,41 @@ struct CAPI_KEY_st {
static int bind_capi(ENGINE *e)
{
+ capi_rsa_method = RSA_meth_new("CryptoAPI RSA method", 0);
+ if (capi_rsa_method == NULL)
+ return 0;
+# ifndef OPENSSL_NO_DSA
+ capi_dsa_method = DSA_meth_new("CryptoAPI DSA method", 0);
+ if (capi_dsa_method == NULL)
+ goto memerr;
+# endif
if (!ENGINE_set_id(e, engine_capi_id)
|| !ENGINE_set_name(e, engine_capi_name)
|| !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
|| !ENGINE_set_init_function(e, capi_init)
|| !ENGINE_set_finish_function(e, capi_finish)
|| !ENGINE_set_destroy_function(e, capi_destroy)
- || !ENGINE_set_RSA(e, &capi_rsa_method)
- || !ENGINE_set_DSA(e, &capi_dsa_method)
+ || !ENGINE_set_RSA(e, capi_rsa_method)
+# ifndef OPENSSL_NO_DSA
+ || !ENGINE_set_DSA(e, capi_dsa_method)
+# endif
|| !ENGINE_set_load_privkey_function(e, capi_load_privkey)
|| !ENGINE_set_load_ssl_client_cert_function(e,
capi_load_ssl_client_cert)
|| !ENGINE_set_cmd_defns(e, capi_cmd_defns)
|| !ENGINE_set_ctrl_function(e, capi_ctrl))
- return 0;
+ goto memerr;
ERR_load_CAPI_strings();
return 1;
-
+ memerr:
+ RSA_meth_free(capi_rsa_method);
+ capi_rsa_method = NULL;
+# ifndef OPENSSL_NO_DSA
+ DSA_meth_free(capi_dsa_method);
+ capi_dsa_method = NULL;
+# endif
+ return 0;
}
# ifndef OPENSSL_NO_DYNAMIC_ENGINE
@@ -575,12 +577,12 @@ static int bind_helper(ENGINE *e, const char *id)
}
IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
# else
static ENGINE *engine_capi(void)
{
ENGINE *ret = ENGINE_new();
- if (!ret)
+ if (ret == NULL)
return NULL;
if (!bind_capi(ret)) {
ENGINE_free(ret);
@@ -589,7 +591,7 @@ static ENGINE *engine_capi(void)
return ret;
}
-void ENGINE_load_capi(void)
+void engine_load_capi_int(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_capi();
@@ -623,7 +625,7 @@ static int lend_tobn(BIGNUM *bn, unsigned char *bin, int binlen)
/* Given a CAPI_KEY get an EVP_PKEY structure */
-static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
+static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY *key)
{
unsigned char *pubkey = NULL;
DWORD len;
@@ -639,7 +641,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
pubkey = OPENSSL_malloc(len);
- if (!pubkey)
+ if (pubkey == NULL)
goto memerr;
if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, pubkey, &len)) {
@@ -656,6 +658,7 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
if (bh->aiKeyAlg == CALG_RSA_SIGN || bh->aiKeyAlg == CALG_RSA_KEYX) {
RSAPUBKEY *rp;
DWORD rsa_modlen;
+ BIGNUM *e = NULL, *n = NULL;
unsigned char *rsa_modulus;
rp = (RSAPUBKEY *) (bh + 1);
if (rp->magic != 0x31415352) {
@@ -671,31 +674,38 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
if (!rkey)
goto memerr;
- rkey->e = BN_new();
- rkey->n = BN_new();
+ e = BN_new();
+ n = BN_new();
- if (!rkey->e || !rkey->n)
+ if (e == NULL || n == NULL) {
+ BN_free(e);
+ BN_free(n);
goto memerr;
+ }
+
+ RSA_set0_key(rkey, n, e, NULL);
- if (!BN_set_word(rkey->e, rp->pubexp))
+ if (!BN_set_word(e, rp->pubexp))
goto memerr;
rsa_modlen = rp->bitlen / 8;
- if (!lend_tobn(rkey->n, rsa_modulus, rsa_modlen))
+ if (!lend_tobn(n, rsa_modulus, rsa_modlen))
goto memerr;
RSA_set_ex_data(rkey, rsa_capi_idx, key);
- if (!(ret = EVP_PKEY_new()))
+ if ((ret = EVP_PKEY_new()) == NULL)
goto memerr;
EVP_PKEY_assign_RSA(ret, rkey);
rkey = NULL;
+# ifndef OPENSSL_NO_DSA
} else if (bh->aiKeyAlg == CALG_DSS_SIGN) {
DSSPUBKEY *dp;
DWORD dsa_plen;
unsigned char *btmp;
+ BIGNUM *p, *q, *g, *pub_key;
dp = (DSSPUBKEY *) (bh + 1);
if (dp->magic != 0x31535344) {
char magstr[10];
@@ -710,35 +720,43 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
dkey = DSA_new_method(eng);
if (!dkey)
goto memerr;
- dkey->p = BN_new();
- dkey->q = BN_new();
- dkey->g = BN_new();
- dkey->pub_key = BN_new();
- if (!dkey->p || !dkey->q || !dkey->g || !dkey->pub_key)
+ p = BN_new();
+ q = BN_new();
+ g = BN_new();
+ pub_key = BN_new();
+ if (p == NULL || q == NULL || g == NULL || pub_key == NULL) {
+ BN_free(p);
+ BN_free(q);
+ BN_free(g);
+ BN_free(pub_key);
goto memerr;
- if (!lend_tobn(dkey->p, btmp, dsa_plen))
+ }
+ DSA_set0_pqg(dkey, p, q, g);
+ DSA_set0_key(dkey, pub_key, NULL);
+ if (!lend_tobn(p, btmp, dsa_plen))
goto memerr;
btmp += dsa_plen;
- if (!lend_tobn(dkey->q, btmp, 20))
+ if (!lend_tobn(q, btmp, 20))
goto memerr;
btmp += 20;
- if (!lend_tobn(dkey->g, btmp, dsa_plen))
+ if (!lend_tobn(g, btmp, dsa_plen))
goto memerr;
btmp += dsa_plen;
- if (!lend_tobn(dkey->pub_key, btmp, dsa_plen))
+ if (!lend_tobn(pub_key, btmp, dsa_plen))
goto memerr;
btmp += dsa_plen;
DSA_set_ex_data(dkey, dsa_capi_idx, key);
- if (!(ret = EVP_PKEY_new()))
+ if ((ret = EVP_PKEY_new()) == NULL)
goto memerr;
EVP_PKEY_assign_DSA(ret, dkey);
dkey = NULL;
+# endif
} else {
char algstr[10];
- BIO_snprintf(algstr, 10, "%lx", bh->aiKeyAlg);
+ BIO_snprintf(algstr, 10, "%ux", bh->aiKeyAlg);
CAPIerr(CAPI_F_CAPI_GET_PKEY,
CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM);
ERR_add_error_data(2, "aiKeyAlg=0x", algstr);
@@ -746,13 +764,12 @@ static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
}
err:
- if (pubkey)
- OPENSSL_free(pubkey);
+ OPENSSL_free(pubkey);
if (!ret) {
- if (rkey)
- RSA_free(rkey);
- if (dkey)
- DSA_free(dkey);
+ RSA_free(rkey);
+# ifndef OPENSSL_NO_DSA
+ DSA_free(dkey);
+# endif
}
return ret;
@@ -809,7 +826,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
CAPI_KEY *capi_key;
CAPI_CTX *ctx;
- ctx = ENGINE_get_ex_data(rsa->engine, capi_idx);
+ ctx = ENGINE_get_ex_data(RSA_get0_engine(rsa), capi_idx);
CAPI_trace(ctx, "Called CAPI_rsa_sign()\n");
@@ -818,7 +835,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_GET_KEY);
return -1;
}
-/* Convert the signature type to a CryptoAPI algorithm ID */
+ /* Convert the signature type to a CryptoAPI algorithm ID */
switch (dtype) {
case NID_sha256:
alg = CALG_SHA_256;
@@ -846,20 +863,20 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
default:
{
char algstr[10];
- BIO_snprintf(algstr, 10, "%lx", dtype);
+ BIO_snprintf(algstr, 10, "%x", dtype);
CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_UNSUPPORTED_ALGORITHM_NID);
ERR_add_error_data(2, "NID=0x", algstr);
return -1;
}
}
-/* Create the hash object */
+ /* Create the hash object */
if (!CryptCreateHash(capi_key->hprov, alg, 0, 0, &hash)) {
CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_CREATE_HASH_OBJECT);
capi_addlasterror();
return -1;
}
-/* Set the hash value to the value passed */
+ /* Set the hash value to the value passed */
if (!CryptSetHashParam(hash, HP_HASHVAL, (unsigned char *)m, 0)) {
CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_SET_HASH_VALUE);
@@ -867,7 +884,7 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
goto err;
}
-/* Finally sign it */
+ /* Finally sign it */
slen = RSA_size(rsa);
if (!CryptSignHash(hash, capi_key->keyspec, NULL, 0, sigret, &slen)) {
CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_ERROR_SIGNING_HASH);
@@ -900,7 +917,13 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from,
unsigned char *tmpbuf;
CAPI_KEY *capi_key;
CAPI_CTX *ctx;
- ctx = ENGINE_get_ex_data(rsa->engine, capi_idx);
+ DWORD flags = 0;
+ DWORD dlen;
+
+ if (flen <= 0)
+ return flen;
+
+ ctx = ENGINE_get_ex_data(RSA_get0_engine(rsa), capi_idx);
CAPI_trace(ctx, "Called capi_rsa_priv_dec()\n");
@@ -910,16 +933,27 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from,
return -1;
}
- if (padding != RSA_PKCS1_PADDING) {
- char errstr[10];
- BIO_snprintf(errstr, 10, "%d", padding);
- CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_UNSUPPORTED_PADDING);
- ERR_add_error_data(2, "padding=", errstr);
- return -1;
+ switch (padding) {
+ case RSA_PKCS1_PADDING:
+ /* Nothing to do */
+ break;
+#ifdef CRYPT_DECRYPT_RSA_NO_PADDING_CHECK
+ case RSA_NO_PADDING:
+ flags = CRYPT_DECRYPT_RSA_NO_PADDING_CHECK;
+ break;
+#endif
+ default:
+ {
+ char errstr[10];
+ BIO_snprintf(errstr, 10, "%d", padding);
+ CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_UNSUPPORTED_PADDING);
+ ERR_add_error_data(2, "padding=", errstr);
+ return -1;
+ }
}
/* Create temp reverse order version of input */
- if (!(tmpbuf = OPENSSL_malloc(flen))) {
+ if ((tmpbuf = OPENSSL_malloc(flen)) == NULL) {
CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, ERR_R_MALLOC_FAILURE);
return -1;
}
@@ -927,14 +961,17 @@ int capi_rsa_priv_dec(int flen, const unsigned char *from,
tmpbuf[flen - i - 1] = from[i];
/* Finally decrypt it */
- if (!CryptDecrypt(capi_key->key, 0, TRUE, 0, tmpbuf, &flen)) {
+ dlen = flen;
+ if (!CryptDecrypt(capi_key->key, 0, TRUE, flags, tmpbuf, &dlen)) {
CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_DECRYPT_ERROR);
capi_addlasterror();
+ OPENSSL_cleanse(tmpbuf, dlen);
OPENSSL_free(tmpbuf);
return -1;
- } else
- memcpy(to, tmpbuf, flen);
-
+ } else {
+ memcpy(to, tmpbuf, (flen = (int)dlen));
+ }
+ OPENSSL_cleanse(tmpbuf, flen);
OPENSSL_free(tmpbuf);
return flen;
@@ -949,6 +986,7 @@ static int capi_rsa_free(RSA *rsa)
return 1;
}
+# ifndef OPENSSL_NO_DSA
/* CryptoAPI DSA operations */
static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
@@ -961,7 +999,7 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
CAPI_CTX *ctx;
unsigned char csigbuf[40];
- ctx = ENGINE_get_ex_data(dsa->engine, capi_idx);
+ ctx = ENGINE_get_ex_data(DSA_get0_engine(dsa), capi_idx);
CAPI_trace(ctx, "Called CAPI_dsa_do_sign()\n");
@@ -998,19 +1036,17 @@ static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
capi_addlasterror();
goto err;
} else {
- ret = DSA_SIG_new();
- if (!ret)
- goto err;
- ret->r = BN_new();
- ret->s = BN_new();
- if (!ret->r || !ret->s)
- goto err;
- if (!lend_tobn(ret->r, csigbuf, 20)
- || !lend_tobn(ret->s, csigbuf + 20, 20)) {
- DSA_SIG_free(ret);
- ret = NULL;
+ BIGNUM *r = BN_new(), *s = BN_new();
+
+ if (r == NULL || s == NULL
+ || !lend_tobn(r, csigbuf, 20)
+ || !lend_tobn(s, csigbuf + 20, 20)
+ || (ret = DSA_SIG_new()) == NULL) {
+ BN_free(r); /* BN_free checks for BIGNUM * being NULL */
+ BN_free(s);
goto err;
}
+ DSA_SIG_set0(ret, r, s);
}
/* Now cleanup */
@@ -1029,8 +1065,9 @@ static int capi_dsa_free(DSA *dsa)
DSA_set_ex_data(dsa, dsa_capi_idx, 0);
return 1;
}
+# endif
-static void capi_vtrace(CAPI_CTX * ctx, int level, char *format,
+static void capi_vtrace(CAPI_CTX *ctx, int level, char *format,
va_list argptr)
{
BIO *out;
@@ -1038,11 +1075,15 @@ static void capi_vtrace(CAPI_CTX * ctx, int level, char *format,
if (!ctx || (ctx->debug_level < level) || (!ctx->debug_file))
return;
out = BIO_new_file(ctx->debug_file, "a+");
+ if (out == NULL) {
+ CAPIerr(CAPI_F_CAPI_VTRACE, CAPI_R_FILE_OPEN_ERROR);
+ return;
+ }
BIO_vprintf(out, format, argptr);
BIO_free(out);
}
-static void CAPI_trace(CAPI_CTX * ctx, char *format, ...)
+static void CAPI_trace(CAPI_CTX *ctx, char *format, ...)
{
va_list args;
va_start(args, format);
@@ -1076,7 +1117,7 @@ static char *wide_to_asc(LPCWSTR wstr)
return NULL;
}
str = OPENSSL_malloc(sz);
- if (!str) {
+ if (str == NULL) {
CAPIerr(CAPI_F_WIDE_TO_ASC, ERR_R_MALLOC_FAILURE);
return NULL;
}
@@ -1088,7 +1129,7 @@ static char *wide_to_asc(LPCWSTR wstr)
return str;
}
-static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype,
+static int capi_get_provname(CAPI_CTX *ctx, LPSTR *pname, DWORD *ptype,
DWORD idx)
{
DWORD len, err;
@@ -1102,33 +1143,35 @@ static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype,
capi_adderror(err);
return 0;
}
- if (sizeof(TCHAR) != sizeof(char))
- name = alloca(len);
- else
- name = OPENSSL_malloc(len);
+ name = OPENSSL_malloc(len);
if (name == NULL) {
CAPIerr(CAPI_F_CAPI_GET_PROVNAME, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len)) {
err = GetLastError();
+ OPENSSL_free(name);
if (err == ERROR_NO_MORE_ITEMS)
return 2;
CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR);
capi_adderror(err);
return 0;
}
- if (sizeof(TCHAR) != sizeof(char))
+ if (sizeof(TCHAR) != sizeof(char)) {
*pname = wide_to_asc((WCHAR *)name);
- else
+ OPENSSL_free(name);
+ if (*pname == NULL)
+ return 0;
+ } else {
*pname = (char *)name;
+ }
CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", *pname,
*ptype);
return 1;
}
-static int capi_list_providers(CAPI_CTX * ctx, BIO *out)
+static int capi_list_providers(CAPI_CTX *ctx, BIO *out)
{
DWORD idx, ptype;
int ret;
@@ -1141,45 +1184,44 @@ static int capi_list_providers(CAPI_CTX * ctx, BIO *out)
break;
if (ret == 0)
break;
- BIO_printf(out, "%d. %s, type %d\n", idx, provname, ptype);
+ BIO_printf(out, "%lu. %s, type %lu\n", idx, provname, ptype);
OPENSSL_free(provname);
}
return 1;
}
-static int capi_list_containers(CAPI_CTX * ctx, BIO *out)
+static int capi_list_containers(CAPI_CTX *ctx, BIO *out)
{
int ret = 1;
HCRYPTPROV hprov;
DWORD err, idx, flags, buflen = 0, clen;
LPSTR cname;
- LPTSTR cspname = NULL;
+ LPWSTR cspname = NULL;
CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname,
ctx->csptype);
- if (ctx->cspname && sizeof(TCHAR) != sizeof(char)) {
- if ((clen =
- MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0))) {
+ if (ctx->cspname != NULL) {
+ if ((clen = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
+ NULL, 0))) {
cspname = alloca(clen * sizeof(WCHAR));
MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname,
clen);
}
- if (!cspname) {
+ if (cspname == NULL) {
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE);
capi_addlasterror();
return 0;
}
- } else
- cspname = (TCHAR *)ctx->cspname;
- if (!CryptAcquireContext
- (&hprov, NULL, cspname, ctx->csptype, CRYPT_VERIFYCONTEXT)) {
+ }
+ if (!CryptAcquireContextW(&hprov, NULL, cspname, ctx->csptype,
+ CRYPT_VERIFYCONTEXT)) {
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS,
CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
capi_addlasterror();
return 0;
}
- if (!CryptGetProvParam
- (hprov, PP_ENUMCONTAINERS, NULL, &buflen, CRYPT_FIRST)) {
+ if (!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, NULL, &buflen,
+ CRYPT_FIRST)) {
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR);
capi_addlasterror();
CryptReleaseContext(hprov, 0);
@@ -1189,7 +1231,7 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out)
if (buflen == 0)
buflen = 1024;
cname = OPENSSL_malloc(buflen);
- if (!cname) {
+ if (cname == NULL) {
CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -1202,8 +1244,8 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out)
flags = CRYPT_FIRST;
else
flags = 0;
- if (!CryptGetProvParam
- (hprov, PP_ENUMCONTAINERS, (BYTE *) cname, &clen, flags)) {
+ if (!CryptGetProvParam(hprov, PP_ENUMCONTAINERS, (BYTE *)cname,
+ &clen, flags)) {
err = GetLastError();
if (err == ERROR_NO_MORE_ITEMS)
goto done;
@@ -1217,35 +1259,35 @@ static int capi_list_containers(CAPI_CTX * ctx, BIO *out)
CAPI_trace(ctx, "Enumerate bug: using workaround\n");
goto done;
}
- BIO_printf(out, "%d. %s\n", idx, cname);
+ BIO_printf(out, "%lu. %s\n", idx, cname);
}
err:
ret = 0;
done:
- if (cname)
- OPENSSL_free(cname);
+ OPENSSL_free(cname);
CryptReleaseContext(hprov, 0);
return ret;
}
-CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
+static CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX *ctx,
+ PCCERT_CONTEXT cert)
{
DWORD len;
CRYPT_KEY_PROV_INFO *pinfo;
- if (!CertGetCertificateContextProperty
- (cert, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len))
+ if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID,
+ NULL, &len))
return NULL;
pinfo = OPENSSL_malloc(len);
- if (!pinfo) {
+ if (pinfo == NULL) {
CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if (!CertGetCertificateContextProperty
- (cert, CERT_KEY_PROV_INFO_PROP_ID, pinfo, &len)) {
+ if (!CertGetCertificateContextProperty(cert, CERT_KEY_PROV_INFO_PROP_ID,
+ pinfo, &len)) {
CAPIerr(CAPI_F_CAPI_GET_PROV_INFO,
CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO);
capi_addlasterror();
@@ -1255,8 +1297,8 @@ CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
return pinfo;
}
-static void capi_dump_prov_info(CAPI_CTX * ctx, BIO *out,
- CRYPT_KEY_PROV_INFO * pinfo)
+static void capi_dump_prov_info(CAPI_CTX *ctx, BIO *out,
+ CRYPT_KEY_PROV_INFO *pinfo)
{
char *provname = NULL, *contname = NULL;
if (!pinfo) {
@@ -1269,33 +1311,29 @@ static void capi_dump_prov_info(CAPI_CTX * ctx, BIO *out,
goto err;
BIO_printf(out, " Private Key Info:\n");
- BIO_printf(out, " Provider Name: %s, Provider Type %d\n", provname,
+ BIO_printf(out, " Provider Name: %s, Provider Type %lu\n", provname,
pinfo->dwProvType);
- BIO_printf(out, " Container Name: %s, Key Type %d\n", contname,
+ BIO_printf(out, " Container Name: %s, Key Type %lu\n", contname,
pinfo->dwKeySpec);
err:
- if (provname)
- OPENSSL_free(provname);
- if (contname)
- OPENSSL_free(contname);
+ OPENSSL_free(provname);
+ OPENSSL_free(contname);
}
-char *capi_cert_get_fname(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
+static char *capi_cert_get_fname(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
{
LPWSTR wfname;
DWORD dlen;
CAPI_trace(ctx, "capi_cert_get_fname\n");
- if (!CertGetCertificateContextProperty
- (cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, &dlen))
+ if (!CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID,
+ NULL, &dlen))
return NULL;
wfname = OPENSSL_malloc(dlen);
- if (wfname == NULL) {
- CAPIerr(CAPI_F_CAPI_CERT_GET_FNAME, ERR_R_MALLOC_FAILURE);
+ if (wfname == NULL)
return NULL;
- }
- if (CertGetCertificateContextProperty
- (cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, &dlen)) {
+ if (CertGetCertificateContextProperty(cert, CERT_FRIENDLY_NAME_PROP_ID,
+ wfname, &dlen)) {
char *fname = wide_to_asc(wfname);
OPENSSL_free(wfname);
return fname;
@@ -1307,10 +1345,10 @@ char *capi_cert_get_fname(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
return NULL;
}
-void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert)
+static void capi_dump_cert(CAPI_CTX *ctx, BIO *out, PCCERT_CONTEXT cert)
{
X509 *x;
- unsigned char *p;
+ const unsigned char *p;
unsigned long flags = ctx->dump_flags;
if (flags & CAPI_DMP_FNAME) {
char *fname;
@@ -1318,8 +1356,9 @@ void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert)
if (fname) {
BIO_printf(out, " Friendly Name \"%s\"\n", fname);
OPENSSL_free(fname);
- } else
+ } else {
BIO_printf(out, " <No Friendly Name>\n");
+ }
}
p = cert->pbCertEncoded;
@@ -1340,8 +1379,7 @@ void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert)
CRYPT_KEY_PROV_INFO *pinfo;
pinfo = capi_get_prov_info(ctx, cert);
capi_dump_prov_info(ctx, out, pinfo);
- if (pinfo)
- OPENSSL_free(pinfo);
+ OPENSSL_free(pinfo);
}
if (flags & CAPI_DMP_PEM)
@@ -1349,7 +1387,7 @@ void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert)
X509_free(x);
}
-HCERTSTORE capi_open_store(CAPI_CTX * ctx, char *storename)
+static HCERTSTORE capi_open_store(CAPI_CTX *ctx, char *storename)
{
HCERTSTORE hstore;
@@ -1368,7 +1406,7 @@ HCERTSTORE capi_open_store(CAPI_CTX * ctx, char *storename)
return hstore;
}
-int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id)
+int capi_list_certs(CAPI_CTX *ctx, BIO *out, char *id)
{
char *storename;
int idx;
@@ -1406,7 +1444,7 @@ int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id)
return ret;
}
-static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id,
+static PCCERT_CONTEXT capi_find_cert(CAPI_CTX *ctx, const char *id,
HCERTSTORE hstore)
{
PCCERT_CONTEXT cert = NULL;
@@ -1414,8 +1452,7 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id,
int match;
switch (ctx->lookup_method) {
case CAPI_LU_SUBSTR:
- return CertFindCertificateInStore(hstore,
- X509_ASN_ENCODING, 0,
+ return CertFindCertificateInStore(hstore, X509_ASN_ENCODING, 0,
CERT_FIND_SUBJECT_STR_A, id, NULL);
case CAPI_LU_FNAME:
for (;;) {
@@ -1438,35 +1475,38 @@ static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id,
}
}
-static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname,
- TCHAR *provname, DWORD ptype, DWORD keyspec)
+static CAPI_KEY *capi_get_key(CAPI_CTX *ctx, const WCHAR *contname,
+ const WCHAR *provname, DWORD ptype,
+ DWORD keyspec)
{
- CAPI_KEY *key;
DWORD dwFlags = 0;
- key = OPENSSL_malloc(sizeof(CAPI_KEY));
- if (key == NULL) {
- CAPIerr(CAPI_F_CAPI_GET_KEY, ERR_R_MALLOC_FAILURE);
- capi_addlasterror();
- goto err;
+ CAPI_KEY *key = OPENSSL_malloc(sizeof(*key));
+
+ if (key == NULL)
+ return NULL;
+ /* If PROV_RSA_AES supported use it instead */
+ if (ptype == PROV_RSA_FULL && use_aes_csp &&
+ wcscmp(provname, rsa_enh_cspname) == 0) {
+ provname = rsa_aes_cspname;
+ ptype = PROV_RSA_AES;
}
- if (sizeof(TCHAR) == sizeof(char))
- CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
- contname, provname, ptype);
- else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) {
- /* above 'if' is optimization to minimize malloc-ations */
- char *_contname = wide_to_asc((WCHAR *)contname);
- char *_provname = wide_to_asc((WCHAR *)provname);
+ if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) {
+ /*
+ * above 'if' is [complementary] copy from CAPI_trace and serves
+ * as optimization to minimize [below] malloc-ations
+ */
+ char *_contname = wide_to_asc(contname);
+ char *_provname = wide_to_asc(provname);
CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
_contname, _provname, ptype);
- if (_provname)
- OPENSSL_free(_provname);
- if (_contname)
- OPENSSL_free(_contname);
+ OPENSSL_free(_provname);
+ OPENSSL_free(_contname);
}
if (ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE)
dwFlags = CRYPT_MACHINE_KEYSET;
- if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, dwFlags)) {
+ if (!CryptAcquireContextW(&key->hprov, contname, provname, ptype,
+ dwFlags)) {
CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
capi_addlasterror();
goto err;
@@ -1486,42 +1526,27 @@ static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname,
return NULL;
}
-static CAPI_KEY *capi_get_cert_key(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
+static CAPI_KEY *capi_get_cert_key(CAPI_CTX *ctx, PCCERT_CONTEXT cert)
{
CAPI_KEY *key = NULL;
CRYPT_KEY_PROV_INFO *pinfo = NULL;
- char *provname = NULL, *contname = NULL;
+
pinfo = capi_get_prov_info(ctx, cert);
- if (!pinfo)
- goto err;
- if (sizeof(TCHAR) != sizeof(char))
- key = capi_get_key(ctx, (TCHAR *)pinfo->pwszContainerName,
- (TCHAR *)pinfo->pwszProvName,
- pinfo->dwProvType, pinfo->dwKeySpec);
- else {
- provname = wide_to_asc(pinfo->pwszProvName);
- contname = wide_to_asc(pinfo->pwszContainerName);
- if (!provname || !contname)
- goto err;
- key = capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname,
+
+ if (pinfo != NULL)
+ key = capi_get_key(ctx, pinfo->pwszContainerName, pinfo->pwszProvName,
pinfo->dwProvType, pinfo->dwKeySpec);
- }
- err:
- if (pinfo)
- OPENSSL_free(pinfo);
- if (provname)
- OPENSSL_free(provname);
- if (contname)
- OPENSSL_free(contname);
+ OPENSSL_free(pinfo);
return key;
}
-CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id)
+CAPI_KEY *capi_find_key(CAPI_CTX *ctx, const char *id)
{
PCCERT_CONTEXT cert;
HCERTSTORE hstore;
CAPI_KEY *key = NULL;
+
switch (ctx->lookup_method) {
case CAPI_LU_SUBSTR:
case CAPI_LU_FNAME:
@@ -1537,36 +1562,28 @@ CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id)
break;
case CAPI_LU_CONTNAME:
- if (sizeof(TCHAR) != sizeof(char)) {
+ {
WCHAR *contname, *provname;
DWORD len;
if ((len = MultiByteToWideChar(CP_ACP, 0, id, -1, NULL, 0)) &&
(contname = alloca(len * sizeof(WCHAR)),
MultiByteToWideChar(CP_ACP, 0, id, -1, contname, len)) &&
- (len =
- MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0))
- && (provname =
- alloca(len * sizeof(WCHAR)), MultiByteToWideChar(CP_ACP,
- 0,
- ctx->cspname,
- -1,
- provname,
- len)))
- key =
- capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname,
- ctx->csptype, ctx->keytype);
- } else
- key = capi_get_key(ctx, (TCHAR *)id,
- (TCHAR *)ctx->cspname,
- ctx->csptype, ctx->keytype);
+ (len = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
+ NULL, 0)) &&
+ (provname = alloca(len * sizeof(WCHAR)),
+ MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
+ provname, len)))
+ key = capi_get_key(ctx, contname, provname,
+ ctx->csptype, ctx->keytype);
+ }
break;
}
return key;
}
-void capi_free_key(CAPI_KEY * key)
+void capi_free_key(CAPI_KEY *key)
{
if (!key)
return;
@@ -1579,64 +1596,53 @@ void capi_free_key(CAPI_KEY * key)
/* Initialize a CAPI_CTX structure */
-static CAPI_CTX *capi_ctx_new()
+static CAPI_CTX *capi_ctx_new(void)
{
- CAPI_CTX *ctx;
- ctx = OPENSSL_malloc(sizeof(CAPI_CTX));
- if (!ctx) {
+ CAPI_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+ if (ctx == NULL) {
CAPIerr(CAPI_F_CAPI_CTX_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
- ctx->cspname = NULL;
ctx->csptype = PROV_RSA_FULL;
ctx->dump_flags = CAPI_DMP_SUMMARY | CAPI_DMP_FNAME;
ctx->keytype = AT_KEYEXCHANGE;
- ctx->storename = NULL;
- ctx->ssl_client_store = NULL;
ctx->store_flags = CERT_STORE_OPEN_EXISTING_FLAG |
CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_CURRENT_USER;
ctx->lookup_method = CAPI_LU_SUBSTR;
- ctx->debug_level = 0;
- ctx->debug_file = NULL;
ctx->client_cert_select = cert_select_simple;
return ctx;
}
-static void capi_ctx_free(CAPI_CTX * ctx)
+static void capi_ctx_free(CAPI_CTX *ctx)
{
CAPI_trace(ctx, "Calling capi_ctx_free with %lx\n", ctx);
if (!ctx)
return;
- if (ctx->cspname)
- OPENSSL_free(ctx->cspname);
- if (ctx->debug_file)
- OPENSSL_free(ctx->debug_file);
- if (ctx->storename)
- OPENSSL_free(ctx->storename);
- if (ctx->ssl_client_store)
- OPENSSL_free(ctx->ssl_client_store);
+ OPENSSL_free(ctx->cspname);
+ OPENSSL_free(ctx->debug_file);
+ OPENSSL_free(ctx->storename);
+ OPENSSL_free(ctx->ssl_client_store);
OPENSSL_free(ctx);
}
-static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
+static int capi_ctx_set_provname(CAPI_CTX *ctx, LPSTR pname, DWORD type,
int check)
{
+ LPSTR tmpcspname;
+
CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type);
if (check) {
HCRYPTPROV hprov;
- LPTSTR name = NULL;
+ LPWSTR name = NULL;
+ DWORD len;
- if (sizeof(TCHAR) != sizeof(char)) {
- DWORD len;
- if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) {
- name = alloca(len * sizeof(WCHAR));
- MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len);
- }
- } else
- name = (TCHAR *)pname;
-
- if (!name || !CryptAcquireContext(&hprov, NULL, name, type,
- CRYPT_VERIFYCONTEXT)) {
+ if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) {
+ name = alloca(len * sizeof(WCHAR));
+ MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len);
+ }
+ if (name == NULL || !CryptAcquireContextW(&hprov, NULL, name, type,
+ CRYPT_VERIFYCONTEXT)) {
CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME,
CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
capi_addlasterror();
@@ -1644,14 +1650,18 @@ static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
}
CryptReleaseContext(hprov, 0);
}
- if (ctx->cspname)
- OPENSSL_free(ctx->cspname);
- ctx->cspname = BUF_strdup(pname);
+ tmpcspname = OPENSSL_strdup(pname);
+ if (tmpcspname == NULL) {
+ CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ OPENSSL_free(ctx->cspname);
+ ctx->cspname = tmpcspname;
ctx->csptype = type;
return 1;
}
-static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx)
+static int capi_ctx_set_provname_idx(CAPI_CTX *ctx, int idx)
{
LPSTR pname;
DWORD type;
@@ -1687,7 +1697,7 @@ static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
STACK_OF(X509) *certs = NULL;
X509 *x;
char *storename;
- const char *p;
+ const unsigned char *p;
int i, client_cert_idx;
HCERTSTORE hstore;
PCCERT_CONTEXT cert = NULL, excert = NULL;
@@ -1735,9 +1745,9 @@ static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
certs = sk_X509_new_null();
sk_X509_push(certs, x);
- } else
+ } else {
X509_free(x);
-
+ }
}
if (cert)
@@ -1886,7 +1896,8 @@ OPENSSL_EXPORT
IMPLEMENT_DYNAMIC_CHECK_FN()
# else
-void ENGINE_load_capi(void)
+void engine_load_capi_int(void);
+void engine_load_capi_int(void)
{
}
# endif
diff --git a/engines/e_capi.txt b/engines/e_capi.txt
new file mode 100644
index 000000000000..3f34cdf6b7e9
--- /dev/null
+++ b/engines/e_capi.txt
@@ -0,0 +1,62 @@
+# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Function codes
+CAPI_F_CAPI_CERT_GET_FNAME:99:capi_cert_get_fname
+CAPI_F_CAPI_CTRL:100:capi_ctrl
+CAPI_F_CAPI_CTX_NEW:101:capi_ctx_new
+CAPI_F_CAPI_CTX_SET_PROVNAME:102:capi_ctx_set_provname
+CAPI_F_CAPI_DSA_DO_SIGN:114:capi_dsa_do_sign
+CAPI_F_CAPI_GET_KEY:103:capi_get_key
+CAPI_F_CAPI_GET_PKEY:115:capi_get_pkey
+CAPI_F_CAPI_GET_PROVNAME:104:capi_get_provname
+CAPI_F_CAPI_GET_PROV_INFO:105:capi_get_prov_info
+CAPI_F_CAPI_INIT:106:capi_init
+CAPI_F_CAPI_LIST_CONTAINERS:107:capi_list_containers
+CAPI_F_CAPI_LOAD_PRIVKEY:108:capi_load_privkey
+CAPI_F_CAPI_OPEN_STORE:109:capi_open_store
+CAPI_F_CAPI_RSA_PRIV_DEC:110:capi_rsa_priv_dec
+CAPI_F_CAPI_RSA_PRIV_ENC:111:capi_rsa_priv_enc
+CAPI_F_CAPI_RSA_SIGN:112:capi_rsa_sign
+CAPI_F_CAPI_VTRACE:118:capi_vtrace
+CAPI_F_CERT_SELECT_DIALOG:117:cert_select_dialog
+CAPI_F_CLIENT_CERT_SELECT:116:*
+CAPI_F_WIDE_TO_ASC:113:wide_to_asc
+
+#Reason codes
+CAPI_R_CANT_CREATE_HASH_OBJECT:100:cant create hash object
+CAPI_R_CANT_FIND_CAPI_CONTEXT:101:cant find capi context
+CAPI_R_CANT_GET_KEY:102:cant get key
+CAPI_R_CANT_SET_HASH_VALUE:103:cant set hash value
+CAPI_R_CRYPTACQUIRECONTEXT_ERROR:104:cryptacquirecontext error
+CAPI_R_CRYPTENUMPROVIDERS_ERROR:105:cryptenumproviders error
+CAPI_R_DECRYPT_ERROR:106:decrypt error
+CAPI_R_ENGINE_NOT_INITIALIZED:107:engine not initialized
+CAPI_R_ENUMCONTAINERS_ERROR:108:enumcontainers error
+CAPI_R_ERROR_ADDING_CERT:109:error adding cert
+CAPI_R_ERROR_CREATING_STORE:110:error creating store
+CAPI_R_ERROR_GETTING_FRIENDLY_NAME:111:error getting friendly name
+CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO:112:error getting key provider info
+CAPI_R_ERROR_OPENING_STORE:113:error opening store
+CAPI_R_ERROR_SIGNING_HASH:114:error signing hash
+CAPI_R_FILE_OPEN_ERROR:115:file open error
+CAPI_R_FUNCTION_NOT_SUPPORTED:116:function not supported
+CAPI_R_GETUSERKEY_ERROR:117:getuserkey error
+CAPI_R_INVALID_DIGEST_LENGTH:118:invalid digest length
+CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER:119:\
+ invalid dsa public key blob magic number
+CAPI_R_INVALID_LOOKUP_METHOD:120:invalid lookup method
+CAPI_R_INVALID_PUBLIC_KEY_BLOB:121:invalid public key blob
+CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER:122:\
+ invalid rsa public key blob magic number
+CAPI_R_PUBKEY_EXPORT_ERROR:123:pubkey export error
+CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR:124:pubkey export length error
+CAPI_R_UNKNOWN_COMMAND:125:unknown command
+CAPI_R_UNSUPPORTED_ALGORITHM_NID:126:unsupported algorithm nid
+CAPI_R_UNSUPPORTED_PADDING:127:unsupported padding
+CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM:128:unsupported public key algorithm
+CAPI_R_WIN32_ERROR:129:win32 error
diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c
index a266138519e1..b72bc51a874e 100644
--- a/engines/e_capi_err.c
+++ b/engines/e_capi_err.c
@@ -1,187 +1,119 @@
-/* e_capi_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#include <stdio.h>
#include <openssl/err.h>
#include "e_capi_err.h"
-/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
static ERR_STRING_DATA CAPI_str_functs[] = {
- {ERR_FUNC(CAPI_F_CAPI_CERT_GET_FNAME), "CAPI_CERT_GET_FNAME"},
- {ERR_FUNC(CAPI_F_CAPI_CTRL), "CAPI_CTRL"},
- {ERR_FUNC(CAPI_F_CAPI_CTX_NEW), "CAPI_CTX_NEW"},
- {ERR_FUNC(CAPI_F_CAPI_CTX_SET_PROVNAME), "CAPI_CTX_SET_PROVNAME"},
- {ERR_FUNC(CAPI_F_CAPI_DSA_DO_SIGN), "CAPI_DSA_DO_SIGN"},
- {ERR_FUNC(CAPI_F_CAPI_GET_KEY), "CAPI_GET_KEY"},
- {ERR_FUNC(CAPI_F_CAPI_GET_PKEY), "CAPI_GET_PKEY"},
- {ERR_FUNC(CAPI_F_CAPI_GET_PROVNAME), "CAPI_GET_PROVNAME"},
- {ERR_FUNC(CAPI_F_CAPI_GET_PROV_INFO), "CAPI_GET_PROV_INFO"},
- {ERR_FUNC(CAPI_F_CAPI_INIT), "CAPI_INIT"},
- {ERR_FUNC(CAPI_F_CAPI_LIST_CONTAINERS), "CAPI_LIST_CONTAINERS"},
- {ERR_FUNC(CAPI_F_CAPI_LOAD_PRIVKEY), "CAPI_LOAD_PRIVKEY"},
- {ERR_FUNC(CAPI_F_CAPI_OPEN_STORE), "CAPI_OPEN_STORE"},
- {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_DEC), "CAPI_RSA_PRIV_DEC"},
- {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_ENC), "CAPI_RSA_PRIV_ENC"},
- {ERR_FUNC(CAPI_F_CAPI_RSA_SIGN), "CAPI_RSA_SIGN"},
- {ERR_FUNC(CAPI_F_CERT_SELECT_DIALOG), "CERT_SELECT_DIALOG"},
- {ERR_FUNC(CAPI_F_CLIENT_CERT_SELECT), "CLIENT_CERT_SELECT"},
- {ERR_FUNC(CAPI_F_WIDE_TO_ASC), "WIDE_TO_ASC"},
+ {ERR_PACK(0, CAPI_F_CAPI_CERT_GET_FNAME, 0), "capi_cert_get_fname"},
+ {ERR_PACK(0, CAPI_F_CAPI_CTRL, 0), "capi_ctrl"},
+ {ERR_PACK(0, CAPI_F_CAPI_CTX_NEW, 0), "capi_ctx_new"},
+ {ERR_PACK(0, CAPI_F_CAPI_CTX_SET_PROVNAME, 0), "capi_ctx_set_provname"},
+ {ERR_PACK(0, CAPI_F_CAPI_DSA_DO_SIGN, 0), "capi_dsa_do_sign"},
+ {ERR_PACK(0, CAPI_F_CAPI_GET_KEY, 0), "capi_get_key"},
+ {ERR_PACK(0, CAPI_F_CAPI_GET_PKEY, 0), "capi_get_pkey"},
+ {ERR_PACK(0, CAPI_F_CAPI_GET_PROVNAME, 0), "capi_get_provname"},
+ {ERR_PACK(0, CAPI_F_CAPI_GET_PROV_INFO, 0), "capi_get_prov_info"},
+ {ERR_PACK(0, CAPI_F_CAPI_INIT, 0), "capi_init"},
+ {ERR_PACK(0, CAPI_F_CAPI_LIST_CONTAINERS, 0), "capi_list_containers"},
+ {ERR_PACK(0, CAPI_F_CAPI_LOAD_PRIVKEY, 0), "capi_load_privkey"},
+ {ERR_PACK(0, CAPI_F_CAPI_OPEN_STORE, 0), "capi_open_store"},
+ {ERR_PACK(0, CAPI_F_CAPI_RSA_PRIV_DEC, 0), "capi_rsa_priv_dec"},
+ {ERR_PACK(0, CAPI_F_CAPI_RSA_PRIV_ENC, 0), "capi_rsa_priv_enc"},
+ {ERR_PACK(0, CAPI_F_CAPI_RSA_SIGN, 0), "capi_rsa_sign"},
+ {ERR_PACK(0, CAPI_F_CAPI_VTRACE, 0), "capi_vtrace"},
+ {ERR_PACK(0, CAPI_F_CERT_SELECT_DIALOG, 0), "cert_select_dialog"},
+ {ERR_PACK(0, CAPI_F_CLIENT_CERT_SELECT, 0), ""},
+ {ERR_PACK(0, CAPI_F_WIDE_TO_ASC, 0), "wide_to_asc"},
{0, NULL}
};
static ERR_STRING_DATA CAPI_str_reasons[] = {
- {ERR_REASON(CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"},
- {ERR_REASON(CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"},
- {ERR_REASON(CAPI_R_CANT_GET_KEY), "cant get key"},
- {ERR_REASON(CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"},
- {ERR_REASON(CAPI_R_CRYPTACQUIRECONTEXT_ERROR),
- "cryptacquirecontext error"},
- {ERR_REASON(CAPI_R_CRYPTENUMPROVIDERS_ERROR), "cryptenumproviders error"},
- {ERR_REASON(CAPI_R_DECRYPT_ERROR), "decrypt error"},
- {ERR_REASON(CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"},
- {ERR_REASON(CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"},
- {ERR_REASON(CAPI_R_ERROR_ADDING_CERT), "error adding cert"},
- {ERR_REASON(CAPI_R_ERROR_CREATING_STORE), "error creating store"},
- {ERR_REASON(CAPI_R_ERROR_GETTING_FRIENDLY_NAME),
- "error getting friendly name"},
- {ERR_REASON(CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),
- "error getting key provider info"},
- {ERR_REASON(CAPI_R_ERROR_OPENING_STORE), "error opening store"},
- {ERR_REASON(CAPI_R_ERROR_SIGNING_HASH), "error signing hash"},
- {ERR_REASON(CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"},
- {ERR_REASON(CAPI_R_GETUSERKEY_ERROR), "getuserkey error"},
- {ERR_REASON(CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
- {ERR_REASON(CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
- "invalid dsa public key blob magic number"},
- {ERR_REASON(CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"},
- {ERR_REASON(CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"},
- {ERR_REASON(CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
- "invalid rsa public key blob magic number"},
- {ERR_REASON(CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"},
- {ERR_REASON(CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR),
- "pubkey export length error"},
- {ERR_REASON(CAPI_R_UNKNOWN_COMMAND), "unknown command"},
- {ERR_REASON(CAPI_R_UNSUPPORTED_ALGORITHM_NID),
- "unsupported algorithm nid"},
- {ERR_REASON(CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"},
- {ERR_REASON(CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),
- "unsupported public key algorithm"},
- {ERR_REASON(CAPI_R_WIN32_ERROR), "win32 error"},
+ {ERR_PACK(0, 0, CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"},
+ {ERR_PACK(0, 0, CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"},
+ {ERR_PACK(0, 0, CAPI_R_CANT_GET_KEY), "cant get key"},
+ {ERR_PACK(0, 0, CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"},
+ {ERR_PACK(0, 0, CAPI_R_CRYPTACQUIRECONTEXT_ERROR),
+ "cryptacquirecontext error"},
+ {ERR_PACK(0, 0, CAPI_R_CRYPTENUMPROVIDERS_ERROR),
+ "cryptenumproviders error"},
+ {ERR_PACK(0, 0, CAPI_R_DECRYPT_ERROR), "decrypt error"},
+ {ERR_PACK(0, 0, CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"},
+ {ERR_PACK(0, 0, CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"},
+ {ERR_PACK(0, 0, CAPI_R_ERROR_ADDING_CERT), "error adding cert"},
+ {ERR_PACK(0, 0, CAPI_R_ERROR_CREATING_STORE), "error creating store"},
+ {ERR_PACK(0, 0, CAPI_R_ERROR_GETTING_FRIENDLY_NAME),
+ "error getting friendly name"},
+ {ERR_PACK(0, 0, CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),
+ "error getting key provider info"},
+ {ERR_PACK(0, 0, CAPI_R_ERROR_OPENING_STORE), "error opening store"},
+ {ERR_PACK(0, 0, CAPI_R_ERROR_SIGNING_HASH), "error signing hash"},
+ {ERR_PACK(0, 0, CAPI_R_FILE_OPEN_ERROR), "file open error"},
+ {ERR_PACK(0, 0, CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"},
+ {ERR_PACK(0, 0, CAPI_R_GETUSERKEY_ERROR), "getuserkey error"},
+ {ERR_PACK(0, 0, CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
+ {ERR_PACK(0, 0, CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
+ "invalid dsa public key blob magic number"},
+ {ERR_PACK(0, 0, CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"},
+ {ERR_PACK(0, 0, CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"},
+ {ERR_PACK(0, 0, CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
+ "invalid rsa public key blob magic number"},
+ {ERR_PACK(0, 0, CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"},
+ {ERR_PACK(0, 0, CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR),
+ "pubkey export length error"},
+ {ERR_PACK(0, 0, CAPI_R_UNKNOWN_COMMAND), "unknown command"},
+ {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_ALGORITHM_NID),
+ "unsupported algorithm nid"},
+ {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"},
+ {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),
+ "unsupported public key algorithm"},
+ {ERR_PACK(0, 0, CAPI_R_WIN32_ERROR), "win32 error"},
{0, NULL}
};
#endif
-#ifdef CAPI_LIB_NAME
-static ERR_STRING_DATA CAPI_lib_name[] = {
- {0, CAPI_LIB_NAME},
- {0, NULL}
-};
-#endif
+static int lib_code = 0;
+static int error_loaded = 0;
-static int CAPI_lib_error_code = 0;
-static int CAPI_error_init = 1;
-
-static void ERR_load_CAPI_strings(void)
+static int ERR_load_CAPI_strings(void)
{
- if (CAPI_lib_error_code == 0)
- CAPI_lib_error_code = ERR_get_next_error_library();
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
- if (CAPI_error_init) {
- CAPI_error_init = 0;
+ if (!error_loaded) {
#ifndef OPENSSL_NO_ERR
- ERR_load_strings(CAPI_lib_error_code, CAPI_str_functs);
- ERR_load_strings(CAPI_lib_error_code, CAPI_str_reasons);
-#endif
-
-#ifdef CAPI_LIB_NAME
- CAPI_lib_name->error = ERR_PACK(CAPI_lib_error_code, 0, 0);
- ERR_load_strings(0, CAPI_lib_name);
+ ERR_load_strings(lib_code, CAPI_str_functs);
+ ERR_load_strings(lib_code, CAPI_str_reasons);
#endif
+ error_loaded = 1;
}
+ return 1;
}
static void ERR_unload_CAPI_strings(void)
{
- if (CAPI_error_init == 0) {
+ if (error_loaded) {
#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(CAPI_lib_error_code, CAPI_str_functs);
- ERR_unload_strings(CAPI_lib_error_code, CAPI_str_reasons);
-#endif
-
-#ifdef CAPI_LIB_NAME
- ERR_unload_strings(0, CAPI_lib_name);
+ ERR_unload_strings(lib_code, CAPI_str_functs);
+ ERR_unload_strings(lib_code, CAPI_str_reasons);
#endif
- CAPI_error_init = 1;
+ error_loaded = 0;
}
}
static void ERR_CAPI_error(int function, int reason, char *file, int line)
{
- if (CAPI_lib_error_code == 0)
- CAPI_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(CAPI_lib_error_code, function, reason, file, line);
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+ ERR_PUT_error(lib_code, function, reason, file, line);
}
diff --git a/engines/e_capi_err.h b/engines/e_capi_err.h
index b5d06dce200a..e034c98cae84 100644
--- a/engines/e_capi_err.h
+++ b/engines/e_capi_err.h
@@ -1,77 +1,22 @@
-/* ====================================================================
- * Copyright (c) 2001-2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_CAPI_ERR_H
-# define HEADER_CAPI_ERR_H
+#ifndef HEADER_CAPIERR_H
+# define HEADER_CAPIERR_H
+
+# define CAPIerr(f, r) ERR_CAPI_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
-#ifdef __cplusplus
-extern "C" {
-#endif
-/* BEGIN ERROR CODES */
/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
+ * CAPI function codes.
*/
-static void ERR_load_CAPI_strings(void);
-static void ERR_unload_CAPI_strings(void);
-static void ERR_CAPI_error(int function, int reason, char *file, int line);
-# define CAPIerr(f,r) ERR_CAPI_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CAPI functions. */
-
-/* Function codes. */
# define CAPI_F_CAPI_CERT_GET_FNAME 99
# define CAPI_F_CAPI_CTRL 100
# define CAPI_F_CAPI_CTX_NEW 101
@@ -88,42 +33,43 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line);
# define CAPI_F_CAPI_RSA_PRIV_DEC 110
# define CAPI_F_CAPI_RSA_PRIV_ENC 111
# define CAPI_F_CAPI_RSA_SIGN 112
+# define CAPI_F_CAPI_VTRACE 118
# define CAPI_F_CERT_SELECT_DIALOG 117
# define CAPI_F_CLIENT_CERT_SELECT 116
# define CAPI_F_WIDE_TO_ASC 113
-/* Reason codes. */
-# define CAPI_R_CANT_CREATE_HASH_OBJECT 99
-# define CAPI_R_CANT_FIND_CAPI_CONTEXT 100
-# define CAPI_R_CANT_GET_KEY 101
-# define CAPI_R_CANT_SET_HASH_VALUE 102
-# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR 103
-# define CAPI_R_CRYPTENUMPROVIDERS_ERROR 104
-# define CAPI_R_DECRYPT_ERROR 105
-# define CAPI_R_ENGINE_NOT_INITIALIZED 106
-# define CAPI_R_ENUMCONTAINERS_ERROR 107
-# define CAPI_R_ERROR_ADDING_CERT 125
-# define CAPI_R_ERROR_CREATING_STORE 126
-# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME 108
-# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO 109
-# define CAPI_R_ERROR_OPENING_STORE 110
-# define CAPI_R_ERROR_SIGNING_HASH 111
-# define CAPI_R_FUNCTION_NOT_SUPPORTED 112
-# define CAPI_R_GETUSERKEY_ERROR 113
-# define CAPI_R_INVALID_DIGEST_LENGTH 124
-# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 122
-# define CAPI_R_INVALID_LOOKUP_METHOD 114
-# define CAPI_R_INVALID_PUBLIC_KEY_BLOB 115
-# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 123
-# define CAPI_R_PUBKEY_EXPORT_ERROR 116
-# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR 117
-# define CAPI_R_UNKNOWN_COMMAND 118
-# define CAPI_R_UNSUPPORTED_ALGORITHM_NID 119
-# define CAPI_R_UNSUPPORTED_PADDING 120
-# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM 121
-# define CAPI_R_WIN32_ERROR 127
+/*
+ * CAPI reason codes.
+ */
+# define CAPI_R_CANT_CREATE_HASH_OBJECT 100
+# define CAPI_R_CANT_FIND_CAPI_CONTEXT 101
+# define CAPI_R_CANT_GET_KEY 102
+# define CAPI_R_CANT_SET_HASH_VALUE 103
+# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR 104
+# define CAPI_R_CRYPTENUMPROVIDERS_ERROR 105
+# define CAPI_R_DECRYPT_ERROR 106
+# define CAPI_R_ENGINE_NOT_INITIALIZED 107
+# define CAPI_R_ENUMCONTAINERS_ERROR 108
+# define CAPI_R_ERROR_ADDING_CERT 109
+# define CAPI_R_ERROR_CREATING_STORE 110
+# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME 111
+# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO 112
+# define CAPI_R_ERROR_OPENING_STORE 113
+# define CAPI_R_ERROR_SIGNING_HASH 114
+# define CAPI_R_FILE_OPEN_ERROR 115
+# define CAPI_R_FUNCTION_NOT_SUPPORTED 116
+# define CAPI_R_GETUSERKEY_ERROR 117
+# define CAPI_R_INVALID_DIGEST_LENGTH 118
+# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 119
+# define CAPI_R_INVALID_LOOKUP_METHOD 120
+# define CAPI_R_INVALID_PUBLIC_KEY_BLOB 121
+# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 122
+# define CAPI_R_PUBKEY_EXPORT_ERROR 123
+# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR 124
+# define CAPI_R_UNKNOWN_COMMAND 125
+# define CAPI_R_UNSUPPORTED_ALGORITHM_NID 126
+# define CAPI_R_UNSUPPORTED_PADDING 127
+# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM 128
+# define CAPI_R_WIN32_ERROR 129
-#ifdef __cplusplus
-}
-#endif
#endif
diff --git a/engines/e_chil.c b/engines/e_chil.c
deleted file mode 100644
index d5e4cb67c440..000000000000
--- a/engines/e_chil.c
+++ /dev/null
@@ -1,1366 +0,0 @@
-/* crypto/engine/e_chil.c */
-/*
- * Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
- * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for
- * the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/ui.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_CHIL
-
-/*-
- * Attribution notice: nCipher have said several times that it's OK for
- * us to implement a general interface to their boxes, and recently declared
- * their HWCryptoHook to be public, and therefore available for us to use.
- * Thanks, nCipher.
- *
- * The hwcryptohook.h included here is from May 2000.
- * [Richard Levitte]
- */
-# ifdef FLAT_INC
-# include "hwcryptohook.h"
-# else
-# include "vendor_defns/hwcryptohook.h"
-# endif
-
-# define HWCRHK_LIB_NAME "CHIL engine"
-# include "e_chil_err.c"
-
-static int hwcrhk_destroy(ENGINE *e);
-static int hwcrhk_init(ENGINE *e);
-static int hwcrhk_finish(ENGINE *e);
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-/* Functions to handle mutexes */
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex *,
- HWCryptoHook_CallerContext *);
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *);
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex *);
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *);
-
-/* BIGNUM stuff */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int hwcrhk_rsa_finish(RSA *rsa);
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-/* RAND stuff */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num);
-static int hwcrhk_rand_status(void);
-
-/* KM stuff */
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data);
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data);
-
-/* Interaction stuff */
-static int hwcrhk_insert_card(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx);
-static int hwcrhk_get_pass(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx);
-static void hwcrhk_log_message(void *logstr, const char *message);
-
-/* The definitions for control commands specific to this engine */
-# define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE
-# define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1)
-# define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2)
-# define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3)
-# define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4)
-static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
- {HWCRHK_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'hwcrhk' shared library",
- ENGINE_CMD_FLAG_STRING},
- {HWCRHK_CMD_FORK_CHECK,
- "FORK_CHECK",
- "Turns fork() checking on (non-zero) or off (zero)",
- ENGINE_CMD_FLAG_NUMERIC},
- {HWCRHK_CMD_THREAD_LOCKING,
- "THREAD_LOCKING",
- "Turns thread-safe locking on (zero) or off (non-zero)",
- ENGINE_CMD_FLAG_NUMERIC},
- {HWCRHK_CMD_SET_USER_INTERFACE,
- "SET_USER_INTERFACE",
- "Set the global user interface (internal)",
- ENGINE_CMD_FLAG_INTERNAL},
- {HWCRHK_CMD_SET_CALLBACK_DATA,
- "SET_CALLBACK_DATA",
- "Set the global user interface extra data (internal)",
- ENGINE_CMD_FLAG_INTERNAL},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD hwcrhk_rsa = {
- "CHIL RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- hwcrhk_rsa_mod_exp,
- hwcrhk_mod_exp_mont,
- NULL,
- hwcrhk_rsa_finish,
- 0,
- NULL,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD hwcrhk_dh = {
- "CHIL DH method",
- NULL,
- NULL,
- hwcrhk_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-static RAND_METHOD hwcrhk_rand = {
- /* "CHIL RAND method", */
- NULL,
- hwcrhk_rand_bytes,
- NULL,
- NULL,
- hwcrhk_rand_bytes,
- hwcrhk_rand_status,
-};
-
-/* Constants used when creating the ENGINE */
-static const char *engine_hwcrhk_id = "chil";
-static const char *engine_hwcrhk_name = "CHIL hardware engine support";
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-/* Compatibility hack, the dynamic library uses this form in the path */
-static const char *engine_hwcrhk_id_alt = "ncipher";
-# endif
-
-/* Internal stuff for HWCryptoHook */
-
-/* Some structures needed for proper use of thread locks */
-/*
- * hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
- * into HWCryptoHook_Mutex
- */
-struct HWCryptoHook_MutexValue {
- int lockid;
-};
-
-/*
- * hwcryptohook.h has some typedefs that turn struct
- * HWCryptoHook_PassphraseContextValue into HWCryptoHook_PassphraseContext
- */
-struct HWCryptoHook_PassphraseContextValue {
- UI_METHOD *ui_method;
- void *callback_data;
-};
-
-/*
- * hwcryptohook.h has some typedefs that turn struct
- * HWCryptoHook_CallerContextValue into HWCryptoHook_CallerContext
- */
-struct HWCryptoHook_CallerContextValue {
- pem_password_cb *password_callback; /* Deprecated! Only present for
- * backward compatibility! */
- UI_METHOD *ui_method;
- void *callback_data;
-};
-
-/*
- * The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
- * BIGNUM's, so lets define a couple of conversion macros
- */
-# define BN2MPI(mp, bn) \
- {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-# define MPI2BN(bn, mp) \
- {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-
-static BIO *logstream = NULL;
-static int disable_mutex_callbacks = 0;
-
-/*
- * One might wonder why these are needed, since one can pass down at least a
- * UI_METHOD and a pointer to callback data to the key-loading functions. The
- * thing is that the ModExp and RSAImmed functions can load keys as well, if
- * the data they get is in a special, nCipher-defined format (hint: if you
- * look at the private exponent of the RSA data as a string, you'll see this
- * string: "nCipher KM tool key id", followed by some bytes, followed a key
- * identity string, followed by more bytes. This happens when you use
- * "embed" keys instead of "hwcrhk" keys). Unfortunately, those functions do
- * not take any passphrase or caller context, and our functions can't really
- * take any callback data either. Still, the "insert_card" and
- * "get_passphrase" callbacks may be called down the line, and will need to
- * know what user interface callbacks to call, and having callback data from
- * the application may be a nice thing as well, so we need to keep track of
- * that globally.
- */
-static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
-
-/* Stuff to pass to the HWCryptoHook library */
-static HWCryptoHook_InitInfo hwcrhk_globals = {
- HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
- &logstream, /* logstream */
- sizeof(BN_ULONG), /* limbsize */
- 0, /* mslimb first: false for BNs */
- -1, /* msbyte first: use native */
- 0, /* Max mutexes, 0 = no small limit */
- 0, /* Max simultaneous, 0 = default */
-
- /*
- * The next few are mutex stuff: we write wrapper functions around the OS
- * mutex functions. We initialise them to 0 here, and change that to
- * actual function pointers in hwcrhk_init() if dynamic locks are
- * supported (that is, if the application programmer has made sure of
- * setting up callbacks bafore starting this engine) *and* if
- * disable_mutex_callbacks hasn't been set by a call to
- * ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING).
- */
- sizeof(HWCryptoHook_Mutex),
- 0,
- 0,
- 0,
- 0,
-
- /*
- * The next few are condvar stuff: we write wrapper functions round the
- * OS functions. Currently not implemented and not and absolute
- * necessity even in threaded programs, therefore 0'ed. Will hopefully
- * be implemented some day, since it enhances the efficiency of
- * HWCryptoHook.
- */
- 0, /* sizeof(HWCryptoHook_CondVar), */
- 0, /* hwcrhk_cv_init, */
- 0, /* hwcrhk_cv_wait, */
- 0, /* hwcrhk_cv_signal, */
- 0, /* hwcrhk_cv_broadcast, */
- 0, /* hwcrhk_cv_destroy, */
-
- hwcrhk_get_pass, /* pass phrase */
- hwcrhk_insert_card, /* insert a card */
- hwcrhk_log_message /* Log message */
-};
-
-/* Now, to our own code */
-
-/*
- * This internal function is used by ENGINE_chil() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth2;
-# endif
- if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
- !ENGINE_set_name(e, engine_hwcrhk_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &hwcrhk_dh) ||
-# endif
- !ENGINE_set_RAND(e, &hwcrhk_rand) ||
- !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
- !ENGINE_set_init_function(e, hwcrhk_init) ||
- !ENGINE_set_finish_function(e, hwcrhk_finish) ||
- !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
- !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
- !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
- * We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth2 = DH_OpenSSL();
- hwcrhk_dh.generate_key = meth2->generate_key;
- hwcrhk_dh.compute_key = meth2->compute_key;
-# endif
-
- /* Ensure the hwcrhk error handling is set up */
- ERR_load_HWCRHK_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_chil(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_chil(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_chil();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * HWCryptoHook library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *hwcrhk_dso = NULL;
-static HWCryptoHook_ContextHandle hwcrhk_context = 0;
-# ifndef OPENSSL_NO_RSA
-/* Index for KM handle. Not really used yet. */
-static int hndidx_rsa = -1;
-# endif
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
-static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
-static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
-# ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
-# endif
-static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
-# ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
-static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
-static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
-# endif
-static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
-
-/* Used in the DSO operations. */
-static const char *HWCRHK_LIBNAME = NULL;
-static void free_HWCRHK_LIBNAME(void)
-{
- if (HWCRHK_LIBNAME)
- OPENSSL_free((void *)HWCRHK_LIBNAME);
- HWCRHK_LIBNAME = NULL;
-}
-
-static const char *get_HWCRHK_LIBNAME(void)
-{
- if (HWCRHK_LIBNAME)
- return HWCRHK_LIBNAME;
- return "nfhwcrhk";
-}
-
-static long set_HWCRHK_LIBNAME(const char *name)
-{
- free_HWCRHK_LIBNAME();
- return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
-static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
-static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
-# ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
-# endif
-static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
-# ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
-static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
-static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
-# endif
-static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
-
-/*
- * HWCryptoHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no error
- * checking, take a look lower down where these functions are called, the
- * checking and error handling is probably down there.
- */
-
-/* utility function to obtain a context */
-static int get_context(HWCryptoHook_ContextHandle * hac,
- HWCryptoHook_CallerContext * cac)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, cac);
- if (!*hac)
- return 0;
- return 1;
-}
-
-/* similarly to release one. */
-static void release_context(HWCryptoHook_ContextHandle hac)
-{
- p_hwcrhk_Finish(hac);
-}
-
-/* Destructor (complements the "ENGINE_chil()" constructor) */
-static int hwcrhk_destroy(ENGINE *e)
-{
- free_HWCRHK_LIBNAME();
- ERR_unload_HWCRHK_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int hwcrhk_init(ENGINE *e)
-{
- HWCryptoHook_Init_t *p1;
- HWCryptoHook_Finish_t *p2;
- HWCryptoHook_ModExp_t *p3;
-# ifndef OPENSSL_NO_RSA
- HWCryptoHook_RSA_t *p4;
- HWCryptoHook_RSALoadKey_t *p5;
- HWCryptoHook_RSAGetPublicKey_t *p6;
- HWCryptoHook_RSAUnloadKey_t *p7;
-# endif
- HWCryptoHook_RandomBytes_t *p8;
- HWCryptoHook_ModExpCRT_t *p9;
-
- if (hwcrhk_dso != NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
- hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
- if (hwcrhk_dso == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
- goto err;
- }
- if (!(p1 = (HWCryptoHook_Init_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
- !(p2 = (HWCryptoHook_Finish_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
- !(p3 = (HWCryptoHook_ModExp_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
-# ifndef OPENSSL_NO_RSA
- !(p4 = (HWCryptoHook_RSA_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
- !(p5 = (HWCryptoHook_RSALoadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
- !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
- !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
-# endif
- !(p8 = (HWCryptoHook_RandomBytes_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
- !(p9 = (HWCryptoHook_ModExpCRT_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
- goto err;
- }
- /* Copy the pointers */
- p_hwcrhk_Init = p1;
- p_hwcrhk_Finish = p2;
- p_hwcrhk_ModExp = p3;
-# ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = p4;
- p_hwcrhk_RSALoadKey = p5;
- p_hwcrhk_RSAGetPublicKey = p6;
- p_hwcrhk_RSAUnloadKey = p7;
-# endif
- p_hwcrhk_RandomBytes = p8;
- p_hwcrhk_ModExpCRT = p9;
-
- /*
- * Check if the application decided to support dynamic locks, and if it
- * does, use them.
- */
- if (disable_mutex_callbacks == 0) {
- if (CRYPTO_get_dynlock_create_callback() != NULL &&
- CRYPTO_get_dynlock_lock_callback() != NULL &&
- CRYPTO_get_dynlock_destroy_callback() != NULL) {
- hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
- hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
- hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
- hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
- }
- }
-
- /*
- * Try and get a context - if not, we may have a DSO but no accelerator!
- */
- if (!get_context(&hwcrhk_context, &password_context)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_UNIT_FAILURE);
- goto err;
- }
- /* Everything's fine. */
-# ifndef OPENSSL_NO_RSA
- if (hndidx_rsa == -1)
- hndidx_rsa = RSA_get_ex_new_index(0,
- "nFast HWCryptoHook RSA key handle",
- NULL, NULL, NULL);
-# endif
- return 1;
- err:
- if (hwcrhk_dso)
- DSO_free(hwcrhk_dso);
- hwcrhk_dso = NULL;
- p_hwcrhk_Init = NULL;
- p_hwcrhk_Finish = NULL;
- p_hwcrhk_ModExp = NULL;
-# ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = NULL;
- p_hwcrhk_RSALoadKey = NULL;
- p_hwcrhk_RSAGetPublicKey = NULL;
- p_hwcrhk_RSAUnloadKey = NULL;
-# endif
- p_hwcrhk_ModExpCRT = NULL;
- p_hwcrhk_RandomBytes = NULL;
- return 0;
-}
-
-static int hwcrhk_finish(ENGINE *e)
-{
- int to_return = 1;
- free_HWCRHK_LIBNAME();
- if (hwcrhk_dso == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_NOT_LOADED);
- to_return = 0;
- goto err;
- }
- release_context(hwcrhk_context);
- if (!DSO_free(hwcrhk_dso)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_DSO_FAILURE);
- to_return = 0;
- goto err;
- }
- err:
- if (logstream)
- BIO_free(logstream);
- hwcrhk_dso = NULL;
- p_hwcrhk_Init = NULL;
- p_hwcrhk_Finish = NULL;
- p_hwcrhk_ModExp = NULL;
-# ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = NULL;
- p_hwcrhk_RSALoadKey = NULL;
- p_hwcrhk_RSAGetPublicKey = NULL;
- p_hwcrhk_RSAUnloadKey = NULL;
-# endif
- p_hwcrhk_ModExpCRT = NULL;
- p_hwcrhk_RandomBytes = NULL;
- return to_return;
-}
-
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int to_return = 1;
-
- switch (cmd) {
- case HWCRHK_CMD_SO_PATH:
- if (hwcrhk_dso) {
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_ALREADY_LOADED);
- return 0;
- }
- if (p == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return set_HWCRHK_LIBNAME((const char *)p);
- case ENGINE_CTRL_SET_LOGSTREAM:
- {
- BIO *bio = (BIO *)p;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (logstream) {
- BIO_free(logstream);
- logstream = NULL;
- }
- if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
- logstream = bio;
- else
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.password_callback = (pem_password_cb *)f;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_USER_INTERFACE:
- case HWCRHK_CMD_SET_USER_INTERFACE:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.ui_method = (UI_METHOD *)p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_CALLBACK_DATA:
- case HWCRHK_CMD_SET_CALLBACK_DATA:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.callback_data = p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /*
- * this enables or disables the "SimpleForkCheck" flag used in the
- * initialisation structure.
- */
- case ENGINE_CTRL_CHIL_SET_FORKCHECK:
- case HWCRHK_CMD_FORK_CHECK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (i)
- hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck;
- else
- hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /*
- * This will prevent the initialisation function from "installing"
- * the mutex-handling callbacks, even if they are available from
- * within the library (or were provided to the library from the
- * calling application). This is to remove any baggage for
- * applications not using multithreading.
- */
- case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- disable_mutex_callbacks = 1;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case HWCRHK_CMD_THREAD_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- disable_mutex_callbacks = ((i == 0) ? 0 : 1);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
-
- /* The command isn't understood by this engine */
- default:
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
- HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- to_return = 0;
- break;
- }
-
- return to_return;
-}
-
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data)
-{
-# ifndef OPENSSL_NO_RSA
- RSA *rtmp = NULL;
-# endif
- EVP_PKEY *res = NULL;
-# ifndef OPENSSL_NO_RSA
- HWCryptoHook_MPI e, n;
- HWCryptoHook_RSAKeyHandle *hptr;
-# endif
-# if !defined(OPENSSL_NO_RSA)
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- HWCryptoHook_PassphraseContext ppctx;
-# endif
-
-# if !defined(OPENSSL_NO_RSA)
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-# endif
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-# ifndef OPENSSL_NO_RSA
- hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
- if (!hptr) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ppctx.ui_method = ui_method;
- ppctx.callback_data = callback_data;
- if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, &rmsg, &ppctx)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- if (!*hptr) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NO_KEY);
- goto err;
- }
-# endif
-# ifndef OPENSSL_NO_RSA
- rtmp = RSA_new_method(eng);
- if (rtmp == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
- rtmp->e = BN_new();
- rtmp->n = BN_new();
- if (rtmp->e == NULL || rtmp->n == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
- MPI2BN(rtmp->e, e);
- MPI2BN(rtmp->n, n);
- if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
- != HWCRYPTOHOOK_ERROR_MPISIZE) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
-
- if (bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG)) == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG)) == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- MPI2BN(rtmp->e, e);
- MPI2BN(rtmp->n, n);
-
- if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- rtmp->e->top = e.size / sizeof(BN_ULONG);
- bn_fix_top(rtmp->e);
- rtmp->n->top = n.size / sizeof(BN_ULONG);
- bn_fix_top(rtmp->n);
-
- res = EVP_PKEY_new();
- if (res == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
- goto err;
- }
- EVP_PKEY_assign_RSA(res, rtmp);
-# endif
-
- if (!res)
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
- HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
-
- return res;
- err:
-# ifndef OPENSSL_NO_RSA
- if (rtmp)
- RSA_free(rtmp);
-# endif
- return NULL;
-}
-
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
-{
- EVP_PKEY *res = NULL;
-
-# ifndef OPENSSL_NO_RSA
- res = hwcrhk_load_privkey(eng, key_id, ui_method, callback_data);
-# endif
-
- if (res)
- switch (res->type) {
-# ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- {
- RSA *rsa = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
- rsa = res->pkey.rsa;
- res->pkey.rsa = RSA_new();
- res->pkey.rsa->n = rsa->n;
- res->pkey.rsa->e = rsa->e;
- rsa->n = NULL;
- rsa->e = NULL;
- CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
- RSA_free(rsa);
- }
- break;
-# endif
- default:
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
- HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- goto err;
- }
-
- return res;
- err:
- if (res)
- EVP_PKEY_free(res);
- return NULL;
-}
-
-/* A little mod_exp */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- /*
- * Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, we use them
- * directly, plus a little macro magic. We only thing we need to make
- * sure of is that enough space is allocated.
- */
- HWCryptoHook_MPI m_a, m_p, m_n, m_r;
- int to_return, ret;
-
- to_return = 0; /* expect failure */
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
- /* Prepare the params */
- if (bn_expand2(r, m->top) == NULL) { /* Check for error !! */
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN2MPI(m_a, a);
- BN2MPI(m_p, p);
- BN2MPI(m_n, m);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
-
- to_return = 1;
- err:
- return to_return;
-}
-
-# ifndef OPENSSL_NO_RSA
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- HWCryptoHook_RSAKeyHandle *hptr;
- int to_return = 0, ret;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-
- /*
- * This provides support for nForce keys. Since that's opaque data all
- * we do is provide a handle to the proper key and let HWCryptoHook take
- * care of the rest.
- */
- if ((hptr =
- (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
- != NULL) {
- HWCryptoHook_MPI m_a, m_r;
-
- if (!rsa->n) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Prepare the params */
- if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN2MPI(m_a, I);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good
- * thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- } else {
- HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
-
- if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Prepare the params */
- if (bn_expand2(r, rsa->n->top) == NULL) { /* Check for error !! */
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BN2MPI(m_a, I);
- BN2MPI(m_p, rsa->p);
- BN2MPI(m_q, rsa->q);
- BN2MPI(m_dmp1, rsa->dmp1);
- BN2MPI(m_dmq1, rsa->dmq1);
- BN2MPI(m_iqmp, rsa->iqmp);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
- m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good
- * thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- }
- /*
- * If we're here, we must be here with some semblance of success :-)
- */
- to_return = 1;
- err:
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return hwcrhk_mod_exp(r, a, p, m, ctx);
-}
-
-static int hwcrhk_rsa_finish(RSA *rsa)
-{
- HWCryptoHook_RSAKeyHandle *hptr;
-
- hptr = RSA_get_ex_data(rsa, hndidx_rsa);
- if (hptr) {
- p_hwcrhk_RSAUnloadKey(*hptr, NULL);
- OPENSSL_free(hptr);
- RSA_set_ex_data(rsa, hndidx_rsa, NULL);
- }
- return 1;
-}
-
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return hwcrhk_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-/* Random bytes are good */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- int to_return = 0; /* assume failure */
- int ret;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if (!hwcrhk_context) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-
- ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
- if (ret < 0) {
- /*
- * FIXME: When this error is returned, HWCryptoHook is telling us
- * that falling back to software computation might be a good thing.
- */
- if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FALLBACK);
- } else {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1, rmsg.buf);
- goto err;
- }
- to_return = 1;
- err:
- return to_return;
-}
-
-static int hwcrhk_rand_status(void)
-{
- return 1;
-}
-
-/*
- * Mutex calls: since the HWCryptoHook model closely follows the POSIX model
- * these just wrap the POSIX functions and add some logging.
- */
-
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt,
- HWCryptoHook_CallerContext * cactx)
-{
- mt->lockid = CRYPTO_get_new_dynlockid();
- if (mt->lockid == 0)
- return 1; /* failure */
- return 0; /* success */
-}
-
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt)
-{
- CRYPTO_w_lock(mt->lockid);
- return 0;
-}
-
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
-{
- CRYPTO_w_unlock(mt->lockid);
-}
-
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt)
-{
- CRYPTO_destroy_dynlockid(mt->lockid);
-}
-
-static int hwcrhk_get_pass(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx)
-{
- pem_password_cb *callback = NULL;
- void *callback_data = NULL;
- UI_METHOD *ui_method = NULL;
- /*
- * Despite what the documentation says prompt_info can be an empty
- * string.
- */
- if (prompt_info && !*prompt_info)
- prompt_info = NULL;
-
- if (cactx) {
- if (cactx->ui_method)
- ui_method = cactx->ui_method;
- if (cactx->password_callback)
- callback = cactx->password_callback;
- if (cactx->callback_data)
- callback_data = cactx->callback_data;
- }
- if (ppctx) {
- if (ppctx->ui_method) {
- ui_method = ppctx->ui_method;
- callback = NULL;
- }
- if (ppctx->callback_data)
- callback_data = ppctx->callback_data;
- }
- if (callback == NULL && ui_method == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS, HWCRHK_R_NO_CALLBACK);
- return -1;
- }
-
- if (ui_method) {
- UI *ui = UI_new_method(ui_method);
- if (ui) {
- int ok;
- char *prompt = UI_construct_prompt(ui,
- "pass phrase", prompt_info);
-
- ok = UI_add_input_string(ui, prompt,
- UI_INPUT_FLAG_DEFAULT_PWD,
- buf, 0, (*len_io) - 1);
- UI_add_user_data(ui, callback_data);
- UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
- if (ok >= 0)
- do {
- ok = UI_process(ui);
- }
- while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
- if (ok >= 0)
- *len_io = strlen(buf);
-
- UI_free(ui);
- OPENSSL_free(prompt);
- }
- } else {
- *len_io = callback(buf, *len_io, 0, callback_data);
- }
- if (!*len_io)
- return -1;
- return 0;
-}
-
-static int hwcrhk_insert_card(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx)
-{
- int ok = -1;
- UI *ui;
- void *callback_data = NULL;
- UI_METHOD *ui_method = NULL;
-
- if (cactx) {
- if (cactx->ui_method)
- ui_method = cactx->ui_method;
- if (cactx->callback_data)
- callback_data = cactx->callback_data;
- }
- if (ppctx) {
- if (ppctx->ui_method)
- ui_method = ppctx->ui_method;
- if (ppctx->callback_data)
- callback_data = ppctx->callback_data;
- }
- if (ui_method == NULL) {
- HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, HWCRHK_R_NO_CALLBACK);
- return -1;
- }
-
- ui = UI_new_method(ui_method);
-
- if (ui) {
- char answer = '\0';
- char buf[BUFSIZ];
- /*
- * Despite what the documentation says wrong_info can be an empty
- * string.
- */
- if (wrong_info && *wrong_info)
- BIO_snprintf(buf, sizeof(buf) - 1,
- "Current card: \"%s\"\n", wrong_info);
- else
- buf[0] = 0;
- ok = UI_dup_info_string(ui, buf);
- if (ok >= 0 && prompt_info) {
- BIO_snprintf(buf, sizeof(buf) - 1,
- "Insert card \"%s\"", prompt_info);
- ok = UI_dup_input_boolean(ui, buf,
- "\n then hit <enter> or C<enter> to cancel\n",
- "\r\n", "Cc", UI_INPUT_FLAG_ECHO,
- &answer);
- }
- UI_add_user_data(ui, callback_data);
-
- if (ok >= 0)
- ok = UI_process(ui);
- UI_free(ui);
-
- if (ok == -2 || (ok >= 0 && answer == 'C'))
- ok = 1;
- else if (ok < 0)
- ok = -1;
- else
- ok = 0;
- }
- return ok;
-}
-
-static void hwcrhk_log_message(void *logstr, const char *message)
-{
- BIO *lstream = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
- if (logstr)
- lstream = *(BIO **)logstr;
- if (lstream) {
- BIO_printf(lstream, "%s\n", message);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
-}
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_hwcrhk_id) != 0) &&
- (strcmp(id, engine_hwcrhk_id_alt) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_CHIL */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_chil_err.c b/engines/e_chil_err.c
deleted file mode 100644
index 00fbf8cd574c..000000000000
--- a/engines/e_chil_err.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* e_chil_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_chil_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA HWCRHK_str_functs[] = {
- {ERR_FUNC(HWCRHK_F_HWCRHK_CTRL), "HWCRHK_CTRL"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_FINISH), "HWCRHK_FINISH"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_GET_PASS), "HWCRHK_GET_PASS"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_INIT), "HWCRHK_INIT"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_INSERT_CARD), "HWCRHK_INSERT_CARD"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PRIVKEY), "HWCRHK_LOAD_PRIVKEY"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PUBKEY), "HWCRHK_LOAD_PUBKEY"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_MOD_EXP), "HWCRHK_MOD_EXP"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_RAND_BYTES), "HWCRHK_RAND_BYTES"},
- {ERR_FUNC(HWCRHK_F_HWCRHK_RSA_MOD_EXP), "HWCRHK_RSA_MOD_EXP"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA HWCRHK_str_reasons[] = {
- {ERR_REASON(HWCRHK_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(HWCRHK_R_BIO_WAS_FREED), "bio was freed"},
- {ERR_REASON(HWCRHK_R_CHIL_ERROR), "chil error"},
- {ERR_REASON(HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(HWCRHK_R_DSO_FAILURE), "dso failure"},
- {ERR_REASON(HWCRHK_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {ERR_REASON(HWCRHK_R_NOT_INITIALISED), "not initialised"},
- {ERR_REASON(HWCRHK_R_NOT_LOADED), "not loaded"},
- {ERR_REASON(HWCRHK_R_NO_CALLBACK), "no callback"},
- {ERR_REASON(HWCRHK_R_NO_KEY), "no key"},
- {ERR_REASON(HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED),
- "private key algorithms disabled"},
- {ERR_REASON(HWCRHK_R_REQUEST_FAILED), "request failed"},
- {ERR_REASON(HWCRHK_R_REQUEST_FALLBACK), "request fallback"},
- {ERR_REASON(HWCRHK_R_UNIT_FAILURE), "unit failure"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef HWCRHK_LIB_NAME
-static ERR_STRING_DATA HWCRHK_lib_name[] = {
- {0, HWCRHK_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int HWCRHK_lib_error_code = 0;
-static int HWCRHK_error_init = 1;
-
-static void ERR_load_HWCRHK_strings(void)
-{
- if (HWCRHK_lib_error_code == 0)
- HWCRHK_lib_error_code = ERR_get_next_error_library();
-
- if (HWCRHK_error_init) {
- HWCRHK_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(HWCRHK_lib_error_code, HWCRHK_str_functs);
- ERR_load_strings(HWCRHK_lib_error_code, HWCRHK_str_reasons);
-#endif
-
-#ifdef HWCRHK_LIB_NAME
- HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code, 0, 0);
- ERR_load_strings(0, HWCRHK_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_HWCRHK_strings(void)
-{
- if (HWCRHK_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(HWCRHK_lib_error_code, HWCRHK_str_functs);
- ERR_unload_strings(HWCRHK_lib_error_code, HWCRHK_str_reasons);
-#endif
-
-#ifdef HWCRHK_LIB_NAME
- ERR_unload_strings(0, HWCRHK_lib_name);
-#endif
- HWCRHK_error_init = 1;
- }
-}
-
-static void ERR_HWCRHK_error(int function, int reason, char *file, int line)
-{
- if (HWCRHK_lib_error_code == 0)
- HWCRHK_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(HWCRHK_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_chil_err.h b/engines/e_chil_err.h
deleted file mode 100644
index d86a4ce9aec5..000000000000
--- a/engines/e_chil_err.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_HWCRHK_ERR_H
-# define HEADER_HWCRHK_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_HWCRHK_strings(void);
-static void ERR_unload_HWCRHK_strings(void);
-static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
-# define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the HWCRHK functions. */
-
-/* Function codes. */
-# define HWCRHK_F_HWCRHK_CTRL 100
-# define HWCRHK_F_HWCRHK_FINISH 101
-# define HWCRHK_F_HWCRHK_GET_PASS 102
-# define HWCRHK_F_HWCRHK_INIT 103
-# define HWCRHK_F_HWCRHK_INSERT_CARD 104
-# define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 105
-# define HWCRHK_F_HWCRHK_LOAD_PUBKEY 106
-# define HWCRHK_F_HWCRHK_MOD_EXP 107
-# define HWCRHK_F_HWCRHK_RAND_BYTES 108
-# define HWCRHK_F_HWCRHK_RSA_MOD_EXP 109
-
-/* Reason codes. */
-# define HWCRHK_R_ALREADY_LOADED 100
-# define HWCRHK_R_BIO_WAS_FREED 101
-# define HWCRHK_R_CHIL_ERROR 102
-# define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-# define HWCRHK_R_DSO_FAILURE 104
-# define HWCRHK_R_MISSING_KEY_COMPONENTS 105
-# define HWCRHK_R_NOT_INITIALISED 106
-# define HWCRHK_R_NOT_LOADED 107
-# define HWCRHK_R_NO_CALLBACK 108
-# define HWCRHK_R_NO_KEY 109
-# define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 110
-# define HWCRHK_R_REQUEST_FAILED 111
-# define HWCRHK_R_REQUEST_FALLBACK 112
-# define HWCRHK_R_UNIT_FAILURE 113
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_cswift.c b/engines/e_cswift.c
deleted file mode 100644
index c429802d5f9b..000000000000
--- a/engines/e_cswift.c
+++ /dev/null
@@ -1,1103 +0,0 @@
-/* crypto/engine/hw_cswift.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_CSWIFT
-
-/*
- * Attribution notice: Rainbow have generously allowed me to reproduce the
- * necessary definitions here from their API. This means the support can
- * build independently of whether application builders have the API or
- * hardware. This will allow developers to easily produce software that has
- * latent hardware support for any users that have accelerators installed,
- * without the developers themselves needing anything extra. I have only
- * clipped the parts from the CryptoSwift header files that are (or seem)
- * relevant to the CryptoSwift support code. This is simply to keep the file
- * sizes reasonable. [Geoff]
- */
-# ifdef FLAT_INC
-# include "cswift.h"
-# else
-# include "vendor_defns/cswift.h"
-# endif
-
-# define CSWIFT_LIB_NAME "cswift engine"
-# include "e_cswift_err.c"
-
-# define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
-
-static int cswift_destroy(ENGINE *e);
-static int cswift_init(ENGINE *e);
-static int cswift_finish(ENGINE *e);
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-# ifndef OPENSSL_NO_RSA
-static int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in);
-# endif
-
-/* BIGNUM stuff */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-# ifndef OPENSSL_NO_RSA
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,
- const BIGNUM *dmq1, const BIGNUM *iqmp,
- BN_CTX *ctx);
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen,
- DSA *dsa);
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-
-/* RAND stuff */
-static int cswift_rand_bytes(unsigned char *buf, int num);
-static int cswift_rand_status(void);
-
-/* The definitions for control commands specific to this engine */
-# define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
- {CSWIFT_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'cswift' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD cswift_rsa = {
- "CryptoSwift RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- cswift_rsa_mod_exp,
- cswift_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD cswift_dsa = {
- "CryptoSwift DSA method",
- cswift_dsa_sign,
- NULL, /* dsa_sign_setup */
- cswift_dsa_verify,
- NULL, /* dsa_mod_exp */
- NULL, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* dsa_paramgen */
- NULL /* dsa_keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD cswift_dh = {
- "CryptoSwift DH method",
- NULL,
- NULL,
- cswift_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-static RAND_METHOD cswift_random = {
- /* "CryptoSwift RAND method", */
- NULL,
- cswift_rand_bytes,
- NULL,
- NULL,
- cswift_rand_bytes,
- cswift_rand_status,
-};
-
-/* Constants used when creating the ENGINE */
-static const char *engine_cswift_id = "cswift";
-static const char *engine_cswift_name = "CryptoSwift hardware engine support";
-
-/*
- * This internal function is used by ENGINE_cswift() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth2;
-# endif
- if (!ENGINE_set_id(e, engine_cswift_id) ||
- !ENGINE_set_name(e, engine_cswift_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &cswift_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &cswift_dsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &cswift_dh) ||
-# endif
- !ENGINE_set_RAND(e, &cswift_random) ||
- !ENGINE_set_destroy_function(e, cswift_destroy) ||
- !ENGINE_set_init_function(e, cswift_init) ||
- !ENGINE_set_finish_function(e, cswift_finish) ||
- !ENGINE_set_ctrl_function(e, cswift_ctrl) ||
- !ENGINE_set_cmd_defns(e, cswift_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
- * We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth2 = DH_OpenSSL();
- cswift_dh.generate_key = meth2->generate_key;
- cswift_dh.compute_key = meth2->compute_key;
-# endif
-
- /* Ensure the cswift error handling is set up */
- ERR_load_CSWIFT_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_cswift(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_cswift(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_cswift();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * CryptoSwift library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *cswift_dso = NULL;
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL;
-t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL;
-t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
-t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
-
-/* Used in the DSO operations. */
-static const char *CSWIFT_LIBNAME = NULL;
-static const char *get_CSWIFT_LIBNAME(void)
-{
- if (CSWIFT_LIBNAME)
- return CSWIFT_LIBNAME;
- return "swift";
-}
-
-static void free_CSWIFT_LIBNAME(void)
-{
- if (CSWIFT_LIBNAME)
- OPENSSL_free((void *)CSWIFT_LIBNAME);
- CSWIFT_LIBNAME = NULL;
-}
-
-static long set_CSWIFT_LIBNAME(const char *name)
-{
- free_CSWIFT_LIBNAME();
- return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *CSWIFT_F1 = "swAcquireAccContext";
-static const char *CSWIFT_F2 = "swAttachKeyParam";
-static const char *CSWIFT_F3 = "swSimpleRequest";
-static const char *CSWIFT_F4 = "swReleaseAccContext";
-
-/*
- * CryptoSwift library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no error
- * checking, take a look lower down where these functions are called, the
- * checking and error handling is probably down there.
- */
-
-/* utility function to obtain a context */
-static int get_context(SW_CONTEXT_HANDLE *hac)
-{
- SW_STATUS status;
-
- status = p_CSwift_AcquireAccContext(hac);
- if (status != SW_OK)
- return 0;
- return 1;
-}
-
-/* similarly to release one. */
-static void release_context(SW_CONTEXT_HANDLE hac)
-{
- p_CSwift_ReleaseAccContext(hac);
-}
-
-/* Destructor (complements the "ENGINE_cswift()" constructor) */
-static int cswift_destroy(ENGINE *e)
-{
- free_CSWIFT_LIBNAME();
- ERR_unload_CSWIFT_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int cswift_init(ENGINE *e)
-{
- SW_CONTEXT_HANDLE hac;
- t_swAcquireAccContext *p1;
- t_swAttachKeyParam *p2;
- t_swSimpleRequest *p3;
- t_swReleaseAccContext *p4;
-
- if (cswift_dso != NULL) {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libswift.so/swift.dll/whatever. */
- cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
- if (cswift_dso == NULL) {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED);
- goto err;
- }
- if (!(p1 = (t_swAcquireAccContext *)
- DSO_bind_func(cswift_dso, CSWIFT_F1)) ||
- !(p2 = (t_swAttachKeyParam *)
- DSO_bind_func(cswift_dso, CSWIFT_F2)) ||
- !(p3 = (t_swSimpleRequest *)
- DSO_bind_func(cswift_dso, CSWIFT_F3)) ||
- !(p4 = (t_swReleaseAccContext *)
- DSO_bind_func(cswift_dso, CSWIFT_F4))) {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED);
- goto err;
- }
- /* Copy the pointers */
- p_CSwift_AcquireAccContext = p1;
- p_CSwift_AttachKeyParam = p2;
- p_CSwift_SimpleRequest = p3;
- p_CSwift_ReleaseAccContext = p4;
- /*
- * Try and get a context - if not, we may have a DSO but no accelerator!
- */
- if (!get_context(&hac)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- release_context(hac);
- /* Everything's fine. */
- return 1;
- err:
- if (cswift_dso) {
- DSO_free(cswift_dso);
- cswift_dso = NULL;
- }
- p_CSwift_AcquireAccContext = NULL;
- p_CSwift_AttachKeyParam = NULL;
- p_CSwift_SimpleRequest = NULL;
- p_CSwift_ReleaseAccContext = NULL;
- return 0;
-}
-
-static int cswift_finish(ENGINE *e)
-{
- free_CSWIFT_LIBNAME();
- if (cswift_dso == NULL) {
- CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_NOT_LOADED);
- return 0;
- }
- if (!DSO_free(cswift_dso)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_UNIT_FAILURE);
- return 0;
- }
- cswift_dso = NULL;
- p_CSwift_AcquireAccContext = NULL;
- p_CSwift_AttachKeyParam = NULL;
- p_CSwift_SimpleRequest = NULL;
- p_CSwift_ReleaseAccContext = NULL;
- return 1;
-}
-
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int initialised = ((cswift_dso == NULL) ? 0 : 1);
- switch (cmd) {
- case CSWIFT_CMD_SO_PATH:
- if (p == NULL) {
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (initialised) {
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_ALREADY_LOADED);
- return 0;
- }
- return set_CSWIFT_LIBNAME((const char *)p);
- default:
- break;
- }
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-/* Un petit mod_exp */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- /*
- * I need somewhere to store temporary serialised values for use with the
- * CryptoSwift API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX
- * but access their arrays directly as byte arrays <grin>. This way I
- * don't have to clean anything up.
- */
- BIGNUM *modulus;
- BIGNUM *exponent;
- BIGNUM *argument;
- BIGNUM *result;
- SW_STATUS sw_status;
- SW_LARGENUMBER arg, res;
- SW_PARAM sw_param;
- SW_CONTEXT_HANDLE hac;
- int to_return, acquired;
-
- modulus = exponent = argument = result = NULL;
- to_return = 0; /* expect failure */
- acquired = 0;
-
- if (!get_context(&hac)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- modulus = BN_CTX_get(ctx);
- exponent = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if (!result) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
- !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_EXP;
- sw_param.up.exp.modulus.nbytes = BN_bn2bin(m,
- (unsigned char *)modulus->d);
- sw_param.up.exp.modulus.value = (unsigned char *)modulus->d;
- sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
- (unsigned char *)exponent->d);
- sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch (sw_status) {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
- arg.value = (unsigned char *)argument->d;
- res.nbytes = BN_num_bytes(m);
- memset(result->d, 0, res.nbytes);
- res.value = (unsigned char *)result->d;
- /* Perform the operation */
- if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
- &res, 1)) != SW_OK) {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
- /* Convert the response */
- BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
- to_return = 1;
- err:
- if (acquired)
- release_context(hac);
- BN_CTX_end(ctx);
- return to_return;
-}
-
-# ifndef OPENSSL_NO_RSA
-int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in)
-{
- int mod;
- int numbytes = BN_num_bytes(in);
-
- mod = 0;
- while (((out->nbytes = (numbytes + mod)) % 32)) {
- mod++;
- }
- out->value = (unsigned char *)OPENSSL_malloc(out->nbytes);
- if (!out->value) {
- return 0;
- }
- BN_bn2bin(in, &out->value[mod]);
- if (mod)
- memset(out->value, 0, mod);
-
- return 1;
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* Un petit mod_exp chinois */
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,
- const BIGNUM *dmq1, const BIGNUM *iqmp,
- BN_CTX *ctx)
-{
- SW_STATUS sw_status;
- SW_LARGENUMBER arg, res;
- SW_PARAM sw_param;
- SW_CONTEXT_HANDLE hac;
- BIGNUM *result = NULL;
- BIGNUM *argument = NULL;
- int to_return = 0; /* expect failure */
- int acquired = 0;
-
- sw_param.up.crt.p.value = NULL;
- sw_param.up.crt.q.value = NULL;
- sw_param.up.crt.dmp1.value = NULL;
- sw_param.up.crt.dmq1.value = NULL;
- sw_param.up.crt.iqmp.value = NULL;
-
- if (!get_context(&hac)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
-
- /* Prepare the params */
- argument = BN_new();
- result = BN_new();
- if (!result || !argument) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
-
- sw_param.type = SW_ALG_CRT;
- /************************************************************************/
- /*
- * 04/02/2003
- */
- /*
- * Modified by Frederic Giudicelli (deny-all.com) to overcome the
- */
- /*
- * limitation of cswift with values not a multiple of 32
- */
- /************************************************************************/
- if (!cswift_bn_32copy(&sw_param.up.crt.p, p)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- if (!cswift_bn_32copy(&sw_param.up.crt.q, q)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- if (!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- if (!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- if (!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- if (!bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch (sw_status) {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
- arg.value = (unsigned char *)argument->d;
- res.nbytes = 2 * BN_num_bytes(p);
- memset(result->d, 0, res.nbytes);
- res.value = (unsigned char *)result->d;
- /* Perform the operation */
- if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
- &res, 1)) != SW_OK) {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
- /* Convert the response */
- BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
- to_return = 1;
- err:
- if (sw_param.up.crt.p.value)
- OPENSSL_free(sw_param.up.crt.p.value);
- if (sw_param.up.crt.q.value)
- OPENSSL_free(sw_param.up.crt.q.value);
- if (sw_param.up.crt.dmp1.value)
- OPENSSL_free(sw_param.up.crt.dmp1.value);
- if (sw_param.up.crt.dmq1.value)
- OPENSSL_free(sw_param.up.crt.dmq1.value);
- if (sw_param.up.crt.iqmp.value)
- OPENSSL_free(sw_param.up.crt.iqmp.value);
- if (result)
- BN_free(result);
- if (argument)
- BN_free(argument);
- if (acquired)
- release_context(hac);
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- int to_return = 0;
- const RSA_METHOD *def_rsa_method;
-
- if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
- CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,
- CSWIFT_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Try the limits of RSA (2048 bits) */
- if (BN_num_bytes(rsa->p) > 128 ||
- BN_num_bytes(rsa->q) > 128 ||
- BN_num_bytes(rsa->dmp1) > 128 ||
- BN_num_bytes(rsa->dmq1) > 128 || BN_num_bytes(rsa->iqmp) > 128) {
-# ifdef RSA_NULL
- def_rsa_method = RSA_null_method();
-# else
-# if 0
- def_rsa_method = RSA_PKCS1_RSAref();
-# else
- def_rsa_method = RSA_PKCS1_SSLeay();
-# endif
-# endif
- if (def_rsa_method)
- return def_rsa_method->rsa_mod_exp(r0, I, rsa, ctx);
- }
-
- to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
- rsa->dmq1, rsa->iqmp, ctx);
- err:
- return to_return;
-}
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- const RSA_METHOD *def_rsa_method;
-
- /* Try the limits of RSA (2048 bits) */
- if (BN_num_bytes(r) > 256 ||
- BN_num_bytes(a) > 256 || BN_num_bytes(m) > 256) {
-# ifdef RSA_NULL
- def_rsa_method = RSA_null_method();
-# else
-# if 0
- def_rsa_method = RSA_PKCS1_RSAref();
-# else
- def_rsa_method = RSA_PKCS1_SSLeay();
-# endif
-# endif
- if (def_rsa_method)
- return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
- }
-
- return cswift_mod_exp(r, a, p, m, ctx);
-}
-# endif /* OPENSSL_NO_RSA */
-
-# ifndef OPENSSL_NO_DSA
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
- SW_CONTEXT_HANDLE hac;
- SW_PARAM sw_param;
- SW_STATUS sw_status;
- SW_LARGENUMBER arg, res;
- BN_CTX *ctx;
- BIGNUM *dsa_p = NULL;
- BIGNUM *dsa_q = NULL;
- BIGNUM *dsa_g = NULL;
- BIGNUM *dsa_key = NULL;
- BIGNUM *result = NULL;
- DSA_SIG *to_return = NULL;
- int acquired = 0;
-
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
- if (!get_context(&hac)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- dsa_p = BN_CTX_get(ctx);
- dsa_q = BN_CTX_get(ctx);
- dsa_g = BN_CTX_get(ctx);
- dsa_key = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if (!result) {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if (!bn_wexpand(dsa_p, dsa->p->top) ||
- !bn_wexpand(dsa_q, dsa->q->top) ||
- !bn_wexpand(dsa_g, dsa->g->top) ||
- !bn_wexpand(dsa_key, dsa->priv_key->top) ||
- !bn_wexpand(result, dsa->p->top)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_DSA;
- sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d);
- sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
- sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d);
- sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
- sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d);
- sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
- sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
- (unsigned char *)dsa_key->d);
- sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch (sw_status) {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg.nbytes = dlen;
- arg.value = (unsigned char *)dgst;
- res.nbytes = BN_num_bytes(dsa->p);
- memset(result->d, 0, res.nbytes);
- res.value = (unsigned char *)result->d;
- /* Perform the operation */
- sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
- &res, 1);
- if (sw_status != SW_OK) {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
- /* Convert the response */
- if ((to_return = DSA_SIG_new()) == NULL)
- goto err;
- to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
- to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL);
-
- err:
- if (acquired)
- release_context(hac);
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return to_return;
-}
-
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
-{
- SW_CONTEXT_HANDLE hac;
- SW_PARAM sw_param;
- SW_STATUS sw_status;
- SW_LARGENUMBER arg[2], res;
- unsigned long sig_result;
- BN_CTX *ctx;
- BIGNUM *dsa_p = NULL;
- BIGNUM *dsa_q = NULL;
- BIGNUM *dsa_g = NULL;
- BIGNUM *dsa_key = NULL;
- BIGNUM *argument = NULL;
- int to_return = -1;
- int acquired = 0;
-
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
- if (!get_context(&hac)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- dsa_p = BN_CTX_get(ctx);
- dsa_q = BN_CTX_get(ctx);
- dsa_g = BN_CTX_get(ctx);
- dsa_key = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- if (!argument) {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if (!bn_wexpand(dsa_p, dsa->p->top) ||
- !bn_wexpand(dsa_q, dsa->q->top) ||
- !bn_wexpand(dsa_g, dsa->g->top) ||
- !bn_wexpand(dsa_key, dsa->pub_key->top) ||
- !bn_wexpand(argument, 40)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_DSA;
- sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d);
- sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
- sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d);
- sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
- sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d);
- sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
- sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
- (unsigned char *)dsa_key->d);
- sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch (sw_status) {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg[0].nbytes = dgst_len;
- arg[0].value = (unsigned char *)dgst;
- arg[1].nbytes = 40;
- arg[1].value = (unsigned char *)argument->d;
- memset(arg[1].value, 0, 40);
- BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r));
- BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
- res.nbytes = 4; /* unsigned long */
- res.value = (unsigned char *)(&sig_result);
- /* Perform the operation */
- sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
- &res, 1);
- if (sw_status != SW_OK) {
- char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
- /* Convert the response */
- to_return = ((sig_result == 0) ? 0 : 1);
-
- err:
- if (acquired)
- release_context(hac);
- if (ctx) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return cswift_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-/* Random bytes are good */
-static int cswift_rand_bytes(unsigned char *buf, int num)
-{
- SW_CONTEXT_HANDLE hac;
- SW_STATUS swrc;
- SW_LARGENUMBER largenum;
- int acquired = 0;
- int to_return = 0; /* assume failure */
- unsigned char buf32[1024];
-
- if (!get_context(&hac)) {
- CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
-
- /************************************************************************/
- /*
- * 04/02/2003
- */
- /*
- * Modified by Frederic Giudicelli (deny-all.com) to overcome the
- */
- /*
- * limitation of cswift with values not a multiple of 32
- */
- /************************************************************************/
-
- while (num >= (int)sizeof(buf32)) {
- largenum.value = buf;
- largenum.nbytes = sizeof(buf32);
- /*-
- * tell CryptoSwift how many bytes we want and where we want it.
- * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
- * - CryptoSwift can only do multiple of 32-bits.
- */
- swrc =
- p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
- if (swrc != SW_OK) {
- char tmpbuf[20];
- CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", swrc);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
- buf += sizeof(buf32);
- num -= sizeof(buf32);
- }
- if (num) {
- largenum.nbytes = sizeof(buf32);
- largenum.value = buf32;
- swrc =
- p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
- if (swrc != SW_OK) {
- char tmpbuf[20];
- CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", swrc);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
- memcpy(buf, largenum.value, num);
- }
-
- to_return = 1; /* success */
- err:
- if (acquired)
- release_context(hac);
-
- return to_return;
-}
-
-static int cswift_rand_status(void)
-{
- return 1;
-}
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_cswift_id) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_CSWIFT */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_cswift_err.c b/engines/e_cswift_err.c
deleted file mode 100644
index f8a2cbb5ebf0..000000000000
--- a/engines/e_cswift_err.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* e_cswift_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_cswift_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA CSWIFT_str_functs[] = {
- {ERR_FUNC(CSWIFT_F_CSWIFT_CTRL), "CSWIFT_CTRL"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_SIGN), "CSWIFT_DSA_SIGN"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_VERIFY), "CSWIFT_DSA_VERIFY"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_FINISH), "CSWIFT_FINISH"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_INIT), "CSWIFT_INIT"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP), "CSWIFT_MOD_EXP"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP_CRT), "CSWIFT_MOD_EXP_CRT"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_RAND_BYTES), "CSWIFT_RAND_BYTES"},
- {ERR_FUNC(CSWIFT_F_CSWIFT_RSA_MOD_EXP), "CSWIFT_RSA_MOD_EXP"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA CSWIFT_str_reasons[] = {
- {ERR_REASON(CSWIFT_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(CSWIFT_R_BAD_KEY_SIZE), "bad key size"},
- {ERR_REASON(CSWIFT_R_BN_CTX_FULL), "bn ctx full"},
- {ERR_REASON(CSWIFT_R_BN_EXPAND_FAIL), "bn expand fail"},
- {ERR_REASON(CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(CSWIFT_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {ERR_REASON(CSWIFT_R_NOT_LOADED), "not loaded"},
- {ERR_REASON(CSWIFT_R_REQUEST_FAILED), "request failed"},
- {ERR_REASON(CSWIFT_R_UNIT_FAILURE), "unit failure"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-static ERR_STRING_DATA CSWIFT_lib_name[] = {
- {0, CSWIFT_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int CSWIFT_lib_error_code = 0;
-static int CSWIFT_error_init = 1;
-
-static void ERR_load_CSWIFT_strings(void)
-{
- if (CSWIFT_lib_error_code == 0)
- CSWIFT_lib_error_code = ERR_get_next_error_library();
-
- if (CSWIFT_error_init) {
- CSWIFT_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
- ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
- CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code, 0, 0);
- ERR_load_strings(0, CSWIFT_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_CSWIFT_strings(void)
-{
- if (CSWIFT_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
- ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
- ERR_unload_strings(0, CSWIFT_lib_name);
-#endif
- CSWIFT_error_init = 1;
- }
-}
-
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
-{
- if (CSWIFT_lib_error_code == 0)
- CSWIFT_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(CSWIFT_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_cswift_err.h b/engines/e_cswift_err.h
deleted file mode 100644
index fde3a8277cb1..000000000000
--- a/engines/e_cswift_err.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CSWIFT_ERR_H
-# define HEADER_CSWIFT_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CSWIFT_strings(void);
-static void ERR_unload_CSWIFT_strings(void);
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
-# define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CSWIFT functions. */
-
-/* Function codes. */
-# define CSWIFT_F_CSWIFT_CTRL 100
-# define CSWIFT_F_CSWIFT_DSA_SIGN 101
-# define CSWIFT_F_CSWIFT_DSA_VERIFY 102
-# define CSWIFT_F_CSWIFT_FINISH 103
-# define CSWIFT_F_CSWIFT_INIT 104
-# define CSWIFT_F_CSWIFT_MOD_EXP 105
-# define CSWIFT_F_CSWIFT_MOD_EXP_CRT 106
-# define CSWIFT_F_CSWIFT_RAND_BYTES 108
-# define CSWIFT_F_CSWIFT_RSA_MOD_EXP 107
-
-/* Reason codes. */
-# define CSWIFT_R_ALREADY_LOADED 100
-# define CSWIFT_R_BAD_KEY_SIZE 101
-# define CSWIFT_R_BN_CTX_FULL 102
-# define CSWIFT_R_BN_EXPAND_FAIL 103
-# define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED 104
-# define CSWIFT_R_MISSING_KEY_COMPONENTS 105
-# define CSWIFT_R_NOT_LOADED 106
-# define CSWIFT_R_REQUEST_FAILED 107
-# define CSWIFT_R_UNIT_FAILURE 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_dasync.c b/engines/e_dasync.c
new file mode 100644
index 000000000000..b005f421a660
--- /dev/null
+++ b/engines/e_dasync.c
@@ -0,0 +1,770 @@
+/*
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#if defined(_WIN32)
+# include <windows.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/engine.h>
+#include <openssl/sha.h>
+#include <openssl/aes.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/async.h>
+#include <openssl/bn.h>
+#include <openssl/crypto.h>
+#include <openssl/ssl.h>
+#include <openssl/modes.h>
+
+#if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS)
+# undef ASYNC_POSIX
+# define ASYNC_POSIX
+# include <unistd.h>
+#elif defined(_WIN32)
+# undef ASYNC_WIN
+# define ASYNC_WIN
+#endif
+
+#include "e_dasync_err.c"
+
+/* Engine Id and Name */
+static const char *engine_dasync_id = "dasync";
+static const char *engine_dasync_name = "Dummy Async engine support";
+
+
+/* Engine Lifetime functions */
+static int dasync_destroy(ENGINE *e);
+static int dasync_init(ENGINE *e);
+static int dasync_finish(ENGINE *e);
+void engine_load_dasync_int(void);
+
+
+/* Set up digests. Just SHA1 for now */
+static int dasync_digests(ENGINE *e, const EVP_MD **digest,
+ const int **nids, int nid);
+
+static void dummy_pause_job(void);
+
+/* SHA1 */
+static int dasync_sha1_init(EVP_MD_CTX *ctx);
+static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count);
+static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+/*
+ * Holds the EVP_MD object for sha1 in this engine. Set up once only during
+ * engine bind and can then be reused many times.
+ */
+static EVP_MD *_hidden_sha1_md = NULL;
+static const EVP_MD *dasync_sha1(void)
+{
+ return _hidden_sha1_md;
+}
+static void destroy_digests(void)
+{
+ EVP_MD_meth_free(_hidden_sha1_md);
+ _hidden_sha1_md = NULL;
+}
+
+static int dasync_digest_nids(const int **nids)
+{
+ static int digest_nids[2] = { 0, 0 };
+ static int pos = 0;
+ static int init = 0;
+
+ if (!init) {
+ const EVP_MD *md;
+ if ((md = dasync_sha1()) != NULL)
+ digest_nids[pos++] = EVP_MD_type(md);
+ digest_nids[pos] = 0;
+ init = 1;
+ }
+ *nids = digest_nids;
+ return pos;
+}
+
+/* RSA */
+
+static int dasync_pub_enc(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+static int dasync_pub_dec(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+static int dasync_rsa_priv_enc(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+static int dasync_rsa_priv_dec(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+ BN_CTX *ctx);
+
+static int dasync_rsa_init(RSA *rsa);
+static int dasync_rsa_finish(RSA *rsa);
+
+static RSA_METHOD *dasync_rsa_method = NULL;
+
+/* AES */
+
+static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr);
+static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);
+static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx);
+
+static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type,
+ int arg, void *ptr);
+static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv,
+ int enc);
+static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl);
+static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx);
+
+struct dasync_pipeline_ctx {
+ void *inner_cipher_data;
+ unsigned int numpipes;
+ unsigned char **inbufs;
+ unsigned char **outbufs;
+ size_t *lens;
+ int enc;
+ unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN];
+ unsigned int aadctr;
+};
+
+/*
+ * Holds the EVP_CIPHER object for aes_128_cbc in this engine. Set up once only
+ * during engine bind and can then be reused many times.
+ */
+static EVP_CIPHER *_hidden_aes_128_cbc = NULL;
+static const EVP_CIPHER *dasync_aes_128_cbc(void)
+{
+ return _hidden_aes_128_cbc;
+}
+
+/*
+ * Holds the EVP_CIPHER object for aes_128_cbc_hmac_sha1 in this engine. Set up
+ * once only during engine bind and can then be reused many times.
+ */
+static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL;
+static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void)
+{
+ return _hidden_aes_128_cbc_hmac_sha1;
+}
+
+static void destroy_ciphers(void)
+{
+ EVP_CIPHER_meth_free(_hidden_aes_128_cbc);
+ EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1);
+ _hidden_aes_128_cbc = NULL;
+ _hidden_aes_128_cbc_hmac_sha1 = NULL;
+}
+
+static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+ const int **nids, int nid);
+
+static int dasync_cipher_nids[] = {
+ NID_aes_128_cbc,
+ NID_aes_128_cbc_hmac_sha1,
+ 0
+};
+
+static int bind_dasync(ENGINE *e)
+{
+ /* Setup RSA_METHOD */
+ if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) == NULL
+ || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0
+ || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0
+ || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0
+ || RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) == 0
+ || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0
+ || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0
+ || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0
+ || RSA_meth_set_finish(dasync_rsa_method, dasync_rsa_finish) == 0) {
+ DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED);
+ return 0;
+ }
+
+ /* Ensure the dasync error handling is set up */
+ ERR_load_DASYNC_strings();
+
+ if (!ENGINE_set_id(e, engine_dasync_id)
+ || !ENGINE_set_name(e, engine_dasync_name)
+ || !ENGINE_set_RSA(e, dasync_rsa_method)
+ || !ENGINE_set_digests(e, dasync_digests)
+ || !ENGINE_set_ciphers(e, dasync_ciphers)
+ || !ENGINE_set_destroy_function(e, dasync_destroy)
+ || !ENGINE_set_init_function(e, dasync_init)
+ || !ENGINE_set_finish_function(e, dasync_finish)) {
+ DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED);
+ return 0;
+ }
+
+ /*
+ * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests
+ * supplied by this engine
+ */
+ _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption);
+ if (_hidden_sha1_md == NULL
+ || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH)
+ || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK)
+ || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md,
+ sizeof(EVP_MD *) + sizeof(SHA_CTX))
+ || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT)
+ || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init)
+ || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update)
+ || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) {
+ EVP_MD_meth_free(_hidden_sha1_md);
+ _hidden_sha1_md = NULL;
+ }
+
+ _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc,
+ 16 /* block size */,
+ 16 /* key len */);
+ if (_hidden_aes_128_cbc == NULL
+ || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16)
+ || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc,
+ EVP_CIPH_FLAG_DEFAULT_ASN1
+ | EVP_CIPH_CBC_MODE
+ | EVP_CIPH_FLAG_PIPELINE)
+ || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc,
+ dasync_aes128_init_key)
+ || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc,
+ dasync_aes128_cbc_cipher)
+ || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc,
+ dasync_aes128_cbc_cleanup)
+ || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc,
+ dasync_aes128_cbc_ctrl)
+ || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc,
+ sizeof(struct dasync_pipeline_ctx))) {
+ EVP_CIPHER_meth_free(_hidden_aes_128_cbc);
+ _hidden_aes_128_cbc = NULL;
+ }
+
+ _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new(
+ NID_aes_128_cbc_hmac_sha1,
+ 16 /* block size */,
+ 16 /* key len */);
+ if (_hidden_aes_128_cbc_hmac_sha1 == NULL
+ || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16)
+ || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1,
+ EVP_CIPH_CBC_MODE
+ | EVP_CIPH_FLAG_DEFAULT_ASN1
+ | EVP_CIPH_FLAG_AEAD_CIPHER
+ | EVP_CIPH_FLAG_PIPELINE)
+ || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1,
+ dasync_aes128_cbc_hmac_sha1_init_key)
+ || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1,
+ dasync_aes128_cbc_hmac_sha1_cipher)
+ || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc_hmac_sha1,
+ dasync_aes128_cbc_hmac_sha1_cleanup)
+ || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1,
+ dasync_aes128_cbc_hmac_sha1_ctrl)
+ || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1,
+ sizeof(struct dasync_pipeline_ctx))) {
+ EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1);
+ _hidden_aes_128_cbc_hmac_sha1 = NULL;
+ }
+
+ return 1;
+}
+
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+ if (id && (strcmp(id, engine_dasync_id) != 0))
+ return 0;
+ if (!bind_dasync(e))
+ return 0;
+ return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+ IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+# endif
+
+static ENGINE *engine_dasync(void)
+{
+ ENGINE *ret = ENGINE_new();
+ if (!ret)
+ return NULL;
+ if (!bind_dasync(ret)) {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+void engine_load_dasync_int(void)
+{
+ ENGINE *toadd = engine_dasync();
+ if (!toadd)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+}
+
+static int dasync_init(ENGINE *e)
+{
+ return 1;
+}
+
+
+static int dasync_finish(ENGINE *e)
+{
+ return 1;
+}
+
+
+static int dasync_destroy(ENGINE *e)
+{
+ destroy_digests();
+ destroy_ciphers();
+ RSA_meth_free(dasync_rsa_method);
+ ERR_unload_DASYNC_strings();
+ return 1;
+}
+
+static int dasync_digests(ENGINE *e, const EVP_MD **digest,
+ const int **nids, int nid)
+{
+ int ok = 1;
+ if (!digest) {
+ /* We are returning a list of supported nids */
+ return dasync_digest_nids(nids);
+ }
+ /* We are being asked for a specific digest */
+ switch (nid) {
+ case NID_sha1:
+ *digest = dasync_sha1();
+ break;
+ default:
+ ok = 0;
+ *digest = NULL;
+ break;
+ }
+ return ok;
+}
+
+static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+ const int **nids, int nid)
+{
+ int ok = 1;
+ if (cipher == NULL) {
+ /* We are returning a list of supported nids */
+ *nids = dasync_cipher_nids;
+ return (sizeof(dasync_cipher_nids) -
+ 1) / sizeof(dasync_cipher_nids[0]);
+ }
+ /* We are being asked for a specific cipher */
+ switch (nid) {
+ case NID_aes_128_cbc:
+ *cipher = dasync_aes_128_cbc();
+ break;
+ case NID_aes_128_cbc_hmac_sha1:
+ *cipher = dasync_aes_128_cbc_hmac_sha1();
+ break;
+ default:
+ ok = 0;
+ *cipher = NULL;
+ break;
+ }
+ return ok;
+}
+
+static void wait_cleanup(ASYNC_WAIT_CTX *ctx, const void *key,
+ OSSL_ASYNC_FD readfd, void *pvwritefd)
+{
+ OSSL_ASYNC_FD *pwritefd = (OSSL_ASYNC_FD *)pvwritefd;
+#if defined(ASYNC_WIN)
+ CloseHandle(readfd);
+ CloseHandle(*pwritefd);
+#elif defined(ASYNC_POSIX)
+ close(readfd);
+ close(*pwritefd);
+#endif
+ OPENSSL_free(pwritefd);
+}
+
+#define DUMMY_CHAR 'X'
+
+static void dummy_pause_job(void) {
+ ASYNC_JOB *job;
+ ASYNC_WAIT_CTX *waitctx;
+ OSSL_ASYNC_FD pipefds[2] = {0, 0};
+ OSSL_ASYNC_FD *writefd;
+#if defined(ASYNC_WIN)
+ DWORD numwritten, numread;
+ char buf = DUMMY_CHAR;
+#elif defined(ASYNC_POSIX)
+ char buf = DUMMY_CHAR;
+#endif
+
+ if ((job = ASYNC_get_current_job()) == NULL)
+ return;
+
+ waitctx = ASYNC_get_wait_ctx(job);
+
+ if (ASYNC_WAIT_CTX_get_fd(waitctx, engine_dasync_id, &pipefds[0],
+ (void **)&writefd)) {
+ pipefds[1] = *writefd;
+ } else {
+ writefd = OPENSSL_malloc(sizeof(*writefd));
+ if (writefd == NULL)
+ return;
+#if defined(ASYNC_WIN)
+ if (CreatePipe(&pipefds[0], &pipefds[1], NULL, 256) == 0) {
+ OPENSSL_free(writefd);
+ return;
+ }
+#elif defined(ASYNC_POSIX)
+ if (pipe(pipefds) != 0) {
+ OPENSSL_free(writefd);
+ return;
+ }
+#endif
+ *writefd = pipefds[1];
+
+ if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_dasync_id, pipefds[0],
+ writefd, wait_cleanup)) {
+ wait_cleanup(waitctx, engine_dasync_id, pipefds[0], writefd);
+ return;
+ }
+ }
+ /*
+ * In the Dummy async engine we are cheating. We signal that the job
+ * is complete by waking it before the call to ASYNC_pause_job(). A real
+ * async engine would only wake when the job was actually complete
+ */
+#if defined(ASYNC_WIN)
+ WriteFile(pipefds[1], &buf, 1, &numwritten, NULL);
+#elif defined(ASYNC_POSIX)
+ if (write(pipefds[1], &buf, 1) < 0)
+ return;
+#endif
+
+ /* Ignore errors - we carry on anyway */
+ ASYNC_pause_job();
+
+ /* Clear the wake signal */
+#if defined(ASYNC_WIN)
+ ReadFile(pipefds[0], &buf, 1, &numread, NULL);
+#elif defined(ASYNC_POSIX)
+ if (read(pipefds[0], &buf, 1) < 0)
+ return;
+#endif
+}
+
+/*
+ * SHA1 implementation. At the moment we just defer to the standard
+ * implementation
+ */
+#undef data
+#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
+static int dasync_sha1_init(EVP_MD_CTX *ctx)
+{
+ dummy_pause_job();
+
+ return SHA1_Init(data(ctx));
+}
+
+static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ dummy_pause_job();
+
+ return SHA1_Update(data(ctx), data, (size_t)count);
+}
+
+static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ dummy_pause_job();
+
+ return SHA1_Final(md, data(ctx));
+}
+
+/*
+ * RSA implementation
+ */
+
+static int dasync_pub_enc(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding) {
+ /* Ignore errors - we carry on anyway */
+ dummy_pause_job();
+ return RSA_meth_get_pub_enc(RSA_PKCS1_OpenSSL())
+ (flen, from, to, rsa, padding);
+}
+
+static int dasync_pub_dec(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding) {
+ /* Ignore errors - we carry on anyway */
+ dummy_pause_job();
+ return RSA_meth_get_pub_dec(RSA_PKCS1_OpenSSL())
+ (flen, from, to, rsa, padding);
+}
+
+static int dasync_rsa_priv_enc(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding)
+{
+ /* Ignore errors - we carry on anyway */
+ dummy_pause_job();
+ return RSA_meth_get_priv_enc(RSA_PKCS1_OpenSSL())
+ (flen, from, to, rsa, padding);
+}
+
+static int dasync_rsa_priv_dec(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding)
+{
+ /* Ignore errors - we carry on anyway */
+ dummy_pause_job();
+ return RSA_meth_get_priv_dec(RSA_PKCS1_OpenSSL())
+ (flen, from, to, rsa, padding);
+}
+
+static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
+{
+ /* Ignore errors - we carry on anyway */
+ dummy_pause_job();
+ return RSA_meth_get_mod_exp(RSA_PKCS1_OpenSSL())(r0, I, rsa, ctx);
+}
+
+static int dasync_rsa_init(RSA *rsa)
+{
+ return RSA_meth_get_init(RSA_PKCS1_OpenSSL())(rsa);
+}
+static int dasync_rsa_finish(RSA *rsa)
+{
+ return RSA_meth_get_finish(RSA_PKCS1_OpenSSL())(rsa);
+}
+
+/* Cipher helper functions */
+
+static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr, int aeadcapable)
+{
+ int ret;
+ struct dasync_pipeline_ctx *pipe_ctx =
+ (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
+
+ if (pipe_ctx == NULL)
+ return 0;
+
+ switch (type) {
+ case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS:
+ pipe_ctx->numpipes = arg;
+ pipe_ctx->outbufs = (unsigned char **)ptr;
+ break;
+
+ case EVP_CTRL_SET_PIPELINE_INPUT_BUFS:
+ pipe_ctx->numpipes = arg;
+ pipe_ctx->inbufs = (unsigned char **)ptr;
+ break;
+
+ case EVP_CTRL_SET_PIPELINE_INPUT_LENS:
+ pipe_ctx->numpipes = arg;
+ pipe_ctx->lens = (size_t *)ptr;
+ break;
+
+ case EVP_CTRL_AEAD_SET_MAC_KEY:
+ if (!aeadcapable)
+ return -1;
+ EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data);
+ ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1())
+ (ctx, type, arg, ptr);
+ EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx);
+ return ret;
+
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ {
+ unsigned char *p = ptr;
+ unsigned int len;
+
+ if (!aeadcapable || arg != EVP_AEAD_TLS1_AAD_LEN)
+ return -1;
+
+ if (pipe_ctx->aadctr >= SSL_MAX_PIPELINES)
+ return -1;
+
+ memcpy(pipe_ctx->tlsaad[pipe_ctx->aadctr], ptr,
+ EVP_AEAD_TLS1_AAD_LEN);
+ pipe_ctx->aadctr++;
+
+ len = p[arg - 2] << 8 | p[arg - 1];
+
+ if (pipe_ctx->enc) {
+ if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+ if (len < AES_BLOCK_SIZE)
+ return 0;
+ len -= AES_BLOCK_SIZE;
+ }
+
+ return ((len + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE)
+ & -AES_BLOCK_SIZE) - len;
+ } else {
+ return SHA_DIGEST_LENGTH;
+ }
+ }
+
+ default:
+ return 0;
+ }
+
+ return 1;
+}
+
+static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv, int enc,
+ const EVP_CIPHER *cipher)
+{
+ int ret;
+ struct dasync_pipeline_ctx *pipe_ctx =
+ (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
+
+ if (pipe_ctx->inner_cipher_data == NULL
+ && EVP_CIPHER_impl_ctx_size(cipher) != 0) {
+ pipe_ctx->inner_cipher_data = OPENSSL_zalloc(
+ EVP_CIPHER_impl_ctx_size(cipher));
+ if (pipe_ctx->inner_cipher_data == NULL) {
+ DASYNCerr(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER,
+ ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+
+ pipe_ctx->numpipes = 0;
+ pipe_ctx->aadctr = 0;
+
+ EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data);
+ ret = EVP_CIPHER_meth_get_init(cipher)(ctx, key, iv, enc);
+ EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx);
+
+ return ret;
+}
+
+static int dasync_cipher_helper(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl,
+ const EVP_CIPHER *cipher)
+{
+ int ret = 1;
+ unsigned int i, pipes;
+ struct dasync_pipeline_ctx *pipe_ctx =
+ (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
+
+ pipes = pipe_ctx->numpipes;
+ EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data);
+ if (pipes == 0) {
+ if (pipe_ctx->aadctr != 0) {
+ if (pipe_ctx->aadctr != 1)
+ return -1;
+ EVP_CIPHER_meth_get_ctrl(cipher)
+ (ctx, EVP_CTRL_AEAD_TLS1_AAD,
+ EVP_AEAD_TLS1_AAD_LEN,
+ pipe_ctx->tlsaad[0]);
+ }
+ ret = EVP_CIPHER_meth_get_do_cipher(cipher)
+ (ctx, out, in, inl);
+ } else {
+ if (pipe_ctx->aadctr > 0 && pipe_ctx->aadctr != pipes)
+ return -1;
+ for (i = 0; i < pipes; i++) {
+ if (pipe_ctx->aadctr > 0) {
+ EVP_CIPHER_meth_get_ctrl(cipher)
+ (ctx, EVP_CTRL_AEAD_TLS1_AAD,
+ EVP_AEAD_TLS1_AAD_LEN,
+ pipe_ctx->tlsaad[i]);
+ }
+ ret = ret && EVP_CIPHER_meth_get_do_cipher(cipher)
+ (ctx, pipe_ctx->outbufs[i], pipe_ctx->inbufs[i],
+ pipe_ctx->lens[i]);
+ }
+ pipe_ctx->numpipes = 0;
+ }
+ pipe_ctx->aadctr = 0;
+ EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx);
+ return ret;
+}
+
+static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher)
+{
+ struct dasync_pipeline_ctx *pipe_ctx =
+ (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx);
+
+ OPENSSL_clear_free(pipe_ctx->inner_cipher_data,
+ EVP_CIPHER_impl_ctx_size(cipher));
+
+ return 1;
+}
+
+/*
+ * AES128 CBC Implementation
+ */
+
+static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr)
+{
+ return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0);
+}
+
+static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ return dasync_cipher_init_key_helper(ctx, key, iv, enc, EVP_aes_128_cbc());
+}
+
+static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+{
+ return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc());
+}
+
+static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx)
+{
+ return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc());
+}
+
+
+/*
+ * AES128 CBC HMAC SHA1 Implementation
+ */
+
+static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type,
+ int arg, void *ptr)
+{
+ return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1);
+}
+
+static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv,
+ int enc)
+{
+ return dasync_cipher_init_key_helper(ctx, key, iv, enc,
+ EVP_aes_128_cbc_hmac_sha1());
+}
+
+static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl)
+{
+ return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc_hmac_sha1());
+}
+
+static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx)
+{
+ return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1());
+}
diff --git a/engines/e_dasync.txt b/engines/e_dasync.txt
new file mode 100644
index 000000000000..bff64bcf2f54
--- /dev/null
+++ b/engines/e_dasync.txt
@@ -0,0 +1,22 @@
+# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Function codes
+DASYNC_F_BIND_DASYNC:107:bind_dasync
+DASYNC_F_CIPHER_AES_128_CBC_CODE:100:*
+DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY:109:*
+DASYNC_F_DASYNC_AES128_INIT_KEY:108:*
+DASYNC_F_DASYNC_BN_MOD_EXP:101:*
+DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER:110:dasync_cipher_init_key_helper
+DASYNC_F_DASYNC_MOD_EXP:102:*
+DASYNC_F_DASYNC_PRIVATE_DECRYPT:103:*
+DASYNC_F_DASYNC_PRIVATE_ENCRYPT:104:*
+DASYNC_F_DASYNC_PUBLIC_DECRYPT:105:*
+DASYNC_F_DASYNC_PUBLIC_ENCRYPT:106:*
+
+#Reason codes
+DASYNC_R_INIT_FAILED:100:init failed
diff --git a/engines/e_dasync_err.c b/engines/e_dasync_err.c
new file mode 100644
index 000000000000..794fb710cf6e
--- /dev/null
+++ b/engines/e_dasync_err.c
@@ -0,0 +1,73 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/err.h>
+#include "e_dasync_err.h"
+
+#ifndef OPENSSL_NO_ERR
+
+static ERR_STRING_DATA DASYNC_str_functs[] = {
+ {ERR_PACK(0, DASYNC_F_BIND_DASYNC, 0), "bind_dasync"},
+ {ERR_PACK(0, DASYNC_F_CIPHER_AES_128_CBC_CODE, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_AES128_INIT_KEY, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_BN_MOD_EXP, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, 0),
+ "dasync_cipher_init_key_helper"},
+ {ERR_PACK(0, DASYNC_F_DASYNC_MOD_EXP, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_PRIVATE_DECRYPT, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_PRIVATE_ENCRYPT, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_PUBLIC_DECRYPT, 0), ""},
+ {ERR_PACK(0, DASYNC_F_DASYNC_PUBLIC_ENCRYPT, 0), ""},
+ {0, NULL}
+};
+
+static ERR_STRING_DATA DASYNC_str_reasons[] = {
+ {ERR_PACK(0, 0, DASYNC_R_INIT_FAILED), "init failed"},
+ {0, NULL}
+};
+
+#endif
+
+static int lib_code = 0;
+static int error_loaded = 0;
+
+static int ERR_load_DASYNC_strings(void)
+{
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+
+ if (!error_loaded) {
+#ifndef OPENSSL_NO_ERR
+ ERR_load_strings(lib_code, DASYNC_str_functs);
+ ERR_load_strings(lib_code, DASYNC_str_reasons);
+#endif
+ error_loaded = 1;
+ }
+ return 1;
+}
+
+static void ERR_unload_DASYNC_strings(void)
+{
+ if (error_loaded) {
+#ifndef OPENSSL_NO_ERR
+ ERR_unload_strings(lib_code, DASYNC_str_functs);
+ ERR_unload_strings(lib_code, DASYNC_str_reasons);
+#endif
+ error_loaded = 0;
+ }
+}
+
+static void ERR_DASYNC_error(int function, int reason, char *file, int line)
+{
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+ ERR_PUT_error(lib_code, function, reason, file, line);
+}
diff --git a/engines/e_dasync_err.h b/engines/e_dasync_err.h
new file mode 100644
index 000000000000..7c2c0278790b
--- /dev/null
+++ b/engines/e_dasync_err.h
@@ -0,0 +1,37 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_DASYNCERR_H
+# define HEADER_DASYNCERR_H
+
+# define DASYNCerr(f, r) ERR_DASYNC_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
+
+
+/*
+ * DASYNC function codes.
+ */
+# define DASYNC_F_BIND_DASYNC 107
+# define DASYNC_F_CIPHER_AES_128_CBC_CODE 100
+# define DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY 109
+# define DASYNC_F_DASYNC_AES128_INIT_KEY 108
+# define DASYNC_F_DASYNC_BN_MOD_EXP 101
+# define DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER 110
+# define DASYNC_F_DASYNC_MOD_EXP 102
+# define DASYNC_F_DASYNC_PRIVATE_DECRYPT 103
+# define DASYNC_F_DASYNC_PRIVATE_ENCRYPT 104
+# define DASYNC_F_DASYNC_PUBLIC_DECRYPT 105
+# define DASYNC_F_DASYNC_PUBLIC_ENCRYPT 106
+
+/*
+ * DASYNC reason codes.
+ */
+# define DASYNC_R_INIT_FAILED 100
+
+#endif
diff --git a/engines/e_gmp.c b/engines/e_gmp.c
deleted file mode 100644
index de5f9c0d3c88..000000000000
--- a/engines/e_gmp.c
+++ /dev/null
@@ -1,492 +0,0 @@
-/* crypto/engine/e_gmp.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This engine is not (currently) compiled in by default. Do enable it,
- * reconfigure OpenSSL with "enable-gmp -lgmp". The GMP libraries and headers
- * must reside in one of the paths searched by the compiler/linker, otherwise
- * paths must be specified - eg. try configuring with "enable-gmp
- * -I<includepath> -L<libpath> -lgmp". YMMV.
- */
-
-/*-
- * As for what this does - it's a largely unoptimised implementation of an
- * ENGINE that uses the GMP library to perform RSA private key operations. To
- * obtain more information about what "unoptimised" means, see my original mail
- * on the subject (though ignore the build instructions which have since
- * changed);
- *
- * http://www.mail-archive.com/openssl-dev@openssl.org/msg12227.html
- *
- * On my athlon system at least, it appears the builtin OpenSSL code is now
- * slightly faster, which is to say that the RSA-related MPI performance
- * between OpenSSL's BIGNUM and GMP's mpz implementations is probably pretty
- * balanced for this chip, and so the performance degradation in this ENGINE by
- * having to convert to/from GMP formats (and not being able to cache
- * montgomery forms) is probably the difference. However, if some unconfirmed
- * reports from users is anything to go by, the situation on some other
- * chipsets might be a good deal more favourable to the GMP version (eg. PPC).
- * Feedback welcome. */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_GMP
-
-# include <gmp.h>
-
-# define E_GMP_LIB_NAME "gmp engine"
-# include "e_gmp_err.c"
-
-static int e_gmp_destroy(ENGINE *e);
-static int e_gmp_init(ENGINE *e);
-static int e_gmp_finish(ENGINE *e);
-static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-# ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-static int e_gmp_rsa_finish(RSA *r);
-# endif
-
-/* The definitions for control commands specific to this engine */
-/* #define E_GMP_CMD_SO_PATH ENGINE_CMD_BASE */
-static const ENGINE_CMD_DEFN e_gmp_cmd_defns[] = {
-# if 0
- {E_GMP_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'e_gmp' shared library",
- ENGINE_CMD_FLAG_STRING},
-# endif
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD e_gmp_rsa = {
- "GMP RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- e_gmp_rsa_mod_exp,
- NULL,
- NULL,
- e_gmp_rsa_finish,
- /*
- * These flags initialise montgomery crud that GMP ignores, however it
- * makes sure the public key ops (which are done in openssl) don't seem
- * *slower* than usual :-)
- */
- RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_e_gmp_id = "gmp";
-static const char *engine_e_gmp_name = "GMP engine support";
-
-/*
- * This internal function is used by ENGINE_gmp() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
- if (!ENGINE_set_id(e, engine_e_gmp_id) ||
- !ENGINE_set_name(e, engine_e_gmp_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &e_gmp_rsa) ||
-# endif
- !ENGINE_set_destroy_function(e, e_gmp_destroy) ||
- !ENGINE_set_init_function(e, e_gmp_init) ||
- !ENGINE_set_finish_function(e, e_gmp_finish) ||
- !ENGINE_set_ctrl_function(e, e_gmp_ctrl) ||
- !ENGINE_set_cmd_defns(e, e_gmp_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- meth1 = RSA_PKCS1_SSLeay();
- e_gmp_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- e_gmp_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- e_gmp_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- e_gmp_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
- e_gmp_rsa.bn_mod_exp = meth1->bn_mod_exp;
-# endif
-
- /* Ensure the e_gmp error handling is set up */
- ERR_load_GMP_strings();
- return 1;
-}
-
-static ENGINE *engine_gmp(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_gmp(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_gmp();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-
-# ifndef OPENSSL_NO_RSA
-/* Used to attach our own key-data to an RSA structure */
-static int hndidx_rsa = -1;
-# endif
-
-static int e_gmp_destroy(ENGINE *e)
-{
- ERR_unload_GMP_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int e_gmp_init(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- if (hndidx_rsa == -1)
- hndidx_rsa = RSA_get_ex_new_index(0,
- "GMP-based RSA key handle",
- NULL, NULL, NULL);
-# endif
- if (hndidx_rsa == -1)
- return 0;
- return 1;
-}
-
-static int e_gmp_finish(ENGINE *e)
-{
- return 1;
-}
-
-static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int to_return = 1;
-
- switch (cmd) {
-# if 0
- case E_GMP_CMD_SO_PATH:
- /* ... */
-# endif
- /* The command isn't understood by this engine */
- default:
- GMPerr(GMP_F_E_GMP_CTRL, GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- to_return = 0;
- break;
- }
-
- return to_return;
-}
-
-/*
- * Most often limb sizes will be the same. If not, we use hex conversion
- * which is neat, but extremely inefficient.
- */
-static int bn2gmp(const BIGNUM *bn, mpz_t g)
-{
- bn_check_top(bn);
- if (((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
- (BN_BITS2 == GMP_NUMB_BITS)) {
- /* The common case */
- if (!_mpz_realloc(g, bn->top))
- return 0;
- memcpy(&g->_mp_d[0], &bn->d[0], bn->top * sizeof(bn->d[0]));
- g->_mp_size = bn->top;
- if (bn->neg)
- g->_mp_size = -g->_mp_size;
- return 1;
- } else {
- int toret;
- char *tmpchar = BN_bn2hex(bn);
- if (!tmpchar)
- return 0;
- toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0);
- OPENSSL_free(tmpchar);
- return toret;
- }
-}
-
-static int gmp2bn(mpz_t g, BIGNUM *bn)
-{
- if (((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
- (BN_BITS2 == GMP_NUMB_BITS)) {
- /* The common case */
- int s = (g->_mp_size >= 0) ? g->_mp_size : -g->_mp_size;
- BN_zero(bn);
- if (bn_expand2(bn, s) == NULL)
- return 0;
- bn->top = s;
- memcpy(&bn->d[0], &g->_mp_d[0], s * sizeof(bn->d[0]));
- bn_correct_top(bn);
- bn->neg = g->_mp_size >= 0 ? 0 : 1;
- return 1;
- } else {
- int toret;
- char *tmpchar = OPENSSL_malloc(mpz_sizeinbase(g, 16) + 10);
- if (!tmpchar)
- return 0;
- mpz_get_str(tmpchar, 16, g);
- toret = BN_hex2bn(&bn, tmpchar);
- OPENSSL_free(tmpchar);
- return toret;
- }
-}
-
-# ifndef OPENSSL_NO_RSA
-typedef struct st_e_gmp_rsa_ctx {
- int public_only;
- mpz_t n;
- mpz_t d;
- mpz_t e;
- mpz_t p;
- mpz_t q;
- mpz_t dmp1;
- mpz_t dmq1;
- mpz_t iqmp;
- mpz_t r0, r1, I0, m1;
-} E_GMP_RSA_CTX;
-
-static E_GMP_RSA_CTX *e_gmp_get_rsa(RSA *rsa)
-{
- E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa);
- if (hptr)
- return hptr;
- hptr = OPENSSL_malloc(sizeof(E_GMP_RSA_CTX));
- if (!hptr)
- return NULL;
- /*
- * These inits could probably be replaced by more intelligent mpz_init2()
- * versions, to reduce malloc-thrashing.
- */
- mpz_init(hptr->n);
- mpz_init(hptr->d);
- mpz_init(hptr->e);
- mpz_init(hptr->p);
- mpz_init(hptr->q);
- mpz_init(hptr->dmp1);
- mpz_init(hptr->dmq1);
- mpz_init(hptr->iqmp);
- mpz_init(hptr->r0);
- mpz_init(hptr->r1);
- mpz_init(hptr->I0);
- mpz_init(hptr->m1);
- if (!bn2gmp(rsa->n, hptr->n) || !bn2gmp(rsa->e, hptr->e))
- goto err;
- if (!rsa->p || !rsa->q || !rsa->d || !rsa->dmp1 || !rsa->dmq1
- || !rsa->iqmp) {
- hptr->public_only = 1;
- return hptr;
- }
- if (!bn2gmp(rsa->d, hptr->d) || !bn2gmp(rsa->p, hptr->p) ||
- !bn2gmp(rsa->q, hptr->q) || !bn2gmp(rsa->dmp1, hptr->dmp1) ||
- !bn2gmp(rsa->dmq1, hptr->dmq1) || !bn2gmp(rsa->iqmp, hptr->iqmp))
- goto err;
- hptr->public_only = 0;
- RSA_set_ex_data(rsa, hndidx_rsa, hptr);
- return hptr;
- err:
- mpz_clear(hptr->n);
- mpz_clear(hptr->d);
- mpz_clear(hptr->e);
- mpz_clear(hptr->p);
- mpz_clear(hptr->q);
- mpz_clear(hptr->dmp1);
- mpz_clear(hptr->dmq1);
- mpz_clear(hptr->iqmp);
- mpz_clear(hptr->r0);
- mpz_clear(hptr->r1);
- mpz_clear(hptr->I0);
- mpz_clear(hptr->m1);
- OPENSSL_free(hptr);
- return NULL;
-}
-
-static int e_gmp_rsa_finish(RSA *rsa)
-{
- E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa);
- if (!hptr)
- return 0;
- mpz_clear(hptr->n);
- mpz_clear(hptr->d);
- mpz_clear(hptr->e);
- mpz_clear(hptr->p);
- mpz_clear(hptr->q);
- mpz_clear(hptr->dmp1);
- mpz_clear(hptr->dmq1);
- mpz_clear(hptr->iqmp);
- mpz_clear(hptr->r0);
- mpz_clear(hptr->r1);
- mpz_clear(hptr->I0);
- mpz_clear(hptr->m1);
- OPENSSL_free(hptr);
- RSA_set_ex_data(rsa, hndidx_rsa, NULL);
- return 1;
-}
-
-static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- E_GMP_RSA_CTX *hptr;
- int to_return = 0;
-
- hptr = e_gmp_get_rsa(rsa);
- if (!hptr) {
- GMPerr(GMP_F_E_GMP_RSA_MOD_EXP, GMP_R_KEY_CONTEXT_ERROR);
- return 0;
- }
- if (hptr->public_only) {
- GMPerr(GMP_F_E_GMP_RSA_MOD_EXP, GMP_R_MISSING_KEY_COMPONENTS);
- return 0;
- }
-
- /* ugh!!! */
- if (!bn2gmp(I, hptr->I0))
- return 0;
-
- /*
- * This is basically the CRT logic in crypto/rsa/rsa_eay.c reworded into
- * GMP-speak. It may be that GMP's API facilitates cleaner formulations
- * of this stuff, eg. better handling of negatives, or functions that
- * combine operations.
- */
-
- mpz_mod(hptr->r1, hptr->I0, hptr->q);
- mpz_powm(hptr->m1, hptr->r1, hptr->dmq1, hptr->q);
-
- mpz_mod(hptr->r1, hptr->I0, hptr->p);
- mpz_powm(hptr->r0, hptr->r1, hptr->dmp1, hptr->p);
-
- mpz_sub(hptr->r0, hptr->r0, hptr->m1);
-
- if (mpz_sgn(hptr->r0) < 0)
- mpz_add(hptr->r0, hptr->r0, hptr->p);
- mpz_mul(hptr->r1, hptr->r0, hptr->iqmp);
- mpz_mod(hptr->r0, hptr->r1, hptr->p);
-
- if (mpz_sgn(hptr->r0) < 0)
- mpz_add(hptr->r0, hptr->r0, hptr->p);
- mpz_mul(hptr->r1, hptr->r0, hptr->q);
- mpz_add(hptr->r0, hptr->r1, hptr->m1);
-
- /* ugh!!! */
- if (gmp2bn(hptr->r0, r))
- to_return = 1;
-
- return 1;
-}
-# endif
-
-# endif /* !OPENSSL_NO_GMP */
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-IMPLEMENT_DYNAMIC_CHECK_FN()
-# ifndef OPENSSL_NO_GMP
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_e_gmp_id) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# else
-OPENSSL_EXPORT
- int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
-OPENSSL_EXPORT
- int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
-{
- return 0;
-}
-# endif
-# endif /* !OPENSSL_NO_DYNAMIC_ENGINE */
-
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_gmp_err.c b/engines/e_gmp_err.c
deleted file mode 100644
index 002a3abe121e..000000000000
--- a/engines/e_gmp_err.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* e_gmp_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_gmp_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA GMP_str_functs[] = {
- {ERR_FUNC(GMP_F_E_GMP_CTRL), "E_GMP_CTRL"},
- {ERR_FUNC(GMP_F_E_GMP_RSA_MOD_EXP), "E_GMP_RSA_MOD_EXP"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA GMP_str_reasons[] = {
- {ERR_REASON(GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(GMP_R_KEY_CONTEXT_ERROR), "key context error"},
- {ERR_REASON(GMP_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef GMP_LIB_NAME
-static ERR_STRING_DATA GMP_lib_name[] = {
- {0, GMP_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int GMP_lib_error_code = 0;
-static int GMP_error_init = 1;
-
-static void ERR_load_GMP_strings(void)
-{
- if (GMP_lib_error_code == 0)
- GMP_lib_error_code = ERR_get_next_error_library();
-
- if (GMP_error_init) {
- GMP_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(GMP_lib_error_code, GMP_str_functs);
- ERR_load_strings(GMP_lib_error_code, GMP_str_reasons);
-#endif
-
-#ifdef GMP_LIB_NAME
- GMP_lib_name->error = ERR_PACK(GMP_lib_error_code, 0, 0);
- ERR_load_strings(0, GMP_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_GMP_strings(void)
-{
- if (GMP_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(GMP_lib_error_code, GMP_str_functs);
- ERR_unload_strings(GMP_lib_error_code, GMP_str_reasons);
-#endif
-
-#ifdef GMP_LIB_NAME
- ERR_unload_strings(0, GMP_lib_name);
-#endif
- GMP_error_init = 1;
- }
-}
-
-static void ERR_GMP_error(int function, int reason, char *file, int line)
-{
- if (GMP_lib_error_code == 0)
- GMP_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(GMP_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_gmp_err.h b/engines/e_gmp_err.h
deleted file mode 100644
index 637abbc9a005..000000000000
--- a/engines/e_gmp_err.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_GMP_ERR_H
-# define HEADER_GMP_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_GMP_strings(void);
-static void ERR_unload_GMP_strings(void);
-static void ERR_GMP_error(int function, int reason, char *file, int line);
-# define GMPerr(f,r) ERR_GMP_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the GMP functions. */
-
-/* Function codes. */
-# define GMP_F_E_GMP_CTRL 100
-# define GMP_F_E_GMP_RSA_MOD_EXP 101
-
-/* Reason codes. */
-# define GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED 100
-# define GMP_R_KEY_CONTEXT_ERROR 101
-# define GMP_R_MISSING_KEY_COMPONENTS 102
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_nuron.c b/engines/e_nuron.c
deleted file mode 100644
index 3437f3604f68..000000000000
--- a/engines/e_nuron.c
+++ /dev/null
@@ -1,436 +0,0 @@
-/* crypto/engine/hw_nuron.c */
-/*
- * Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
- * Thorpe's Atalla implementation.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_NURON
-
-# define NURON_LIB_NAME "nuron engine"
-# include "e_nuron_err.c"
-
-static const char *NURON_LIBNAME = NULL;
-static const char *get_NURON_LIBNAME(void)
-{
- if (NURON_LIBNAME)
- return NURON_LIBNAME;
- return "nuronssl";
-}
-
-static void free_NURON_LIBNAME(void)
-{
- if (NURON_LIBNAME)
- OPENSSL_free((void *)NURON_LIBNAME);
- NURON_LIBNAME = NULL;
-}
-
-static long set_NURON_LIBNAME(const char *name)
-{
- free_NURON_LIBNAME();
- return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *NURON_F1 = "nuron_mod_exp";
-
-/* The definitions for control commands specific to this engine */
-# define NURON_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
- {NURON_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'nuronssl' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-typedef int tfnModExp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m);
-static tfnModExp *pfnModExp = NULL;
-
-static DSO *pvDSOHandle = NULL;
-
-static int nuron_destroy(ENGINE *e)
-{
- free_NURON_LIBNAME();
- ERR_unload_NURON_strings();
- return 1;
-}
-
-static int nuron_init(ENGINE *e)
-{
- if (pvDSOHandle != NULL) {
- NURONerr(NURON_F_NURON_INIT, NURON_R_ALREADY_LOADED);
- return 0;
- }
-
- pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
- DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
- if (!pvDSOHandle) {
- NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_NOT_FOUND);
- return 0;
- }
-
- pfnModExp = (tfnModExp *) DSO_bind_func(pvDSOHandle, NURON_F1);
- if (!pfnModExp) {
- NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_FUNCTION_NOT_FOUND);
- return 0;
- }
-
- return 1;
-}
-
-static int nuron_finish(ENGINE *e)
-{
- free_NURON_LIBNAME();
- if (pvDSOHandle == NULL) {
- NURONerr(NURON_F_NURON_FINISH, NURON_R_NOT_LOADED);
- return 0;
- }
- if (!DSO_free(pvDSOHandle)) {
- NURONerr(NURON_F_NURON_FINISH, NURON_R_DSO_FAILURE);
- return 0;
- }
- pvDSOHandle = NULL;
- pfnModExp = NULL;
- return 1;
-}
-
-static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
- switch (cmd) {
- case NURON_CMD_SO_PATH:
- if (p == NULL) {
- NURONerr(NURON_F_NURON_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (initialised) {
- NURONerr(NURON_F_NURON_CTRL, NURON_R_ALREADY_LOADED);
- return 0;
- }
- return set_NURON_LIBNAME((const char *)p);
- default:
- break;
- }
- NURONerr(NURON_F_NURON_CTRL, NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int nuron_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- if (!pvDSOHandle) {
- NURONerr(NURON_F_NURON_MOD_EXP, NURON_R_NOT_LOADED);
- return 0;
- }
- return pfnModExp(r, a, p, m);
-}
-
-# ifndef OPENSSL_NO_RSA
-static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- return nuron_mod_exp(r0, I, rsa->d, rsa->n, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/*
- * This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
- * doesn't have a CRT form for RSA), this function means that an Atalla
- * system running with a DSA server certificate can handshake around 5 or 6
- * times faster/more than an equivalent system running with RSA. Just check
- * out the "signs" statistics from the RSA and DSA parts of "openssl speed
- * -engine atalla dsa1024 rsa1024".
- */
-static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- BIGNUM t;
- int to_return = 0;
-
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!nuron_mod_exp(rr, a1, p1, m, ctx))
- goto end;
- /* let t = a2 ^ p2 mod m */
- if (!nuron_mod_exp(&t, a2, p2, m, ctx))
- goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr, rr, &t, m, ctx))
- goto end;
- to_return = 1;
- end:
- BN_free(&t);
- return to_return;
-}
-
-static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return nuron_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-# ifndef OPENSSL_NO_RSA
-static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return nuron_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return nuron_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_RSA
-static RSA_METHOD nuron_rsa = {
- "Nuron RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- nuron_rsa_mod_exp,
- nuron_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-# ifndef OPENSSL_NO_DSA
-static DSA_METHOD nuron_dsa = {
- "Nuron DSA method",
- NULL, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- NULL, /* dsa_do_verify */
- nuron_dsa_mod_exp, /* dsa_mod_exp */
- nuron_mod_exp_dsa, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* dsa_paramgen */
- NULL /* dsa_keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-static DH_METHOD nuron_dh = {
- "Nuron DH method",
- NULL,
- NULL,
- nuron_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_nuron_id = "nuron";
-static const char *engine_nuron_name = "Nuron hardware engine support";
-
-/*
- * This internal function is used by ENGINE_nuron() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-# endif
- if (!ENGINE_set_id(e, engine_nuron_id) ||
- !ENGINE_set_name(e, engine_nuron_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &nuron_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &nuron_dsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &nuron_dh) ||
-# endif
- !ENGINE_set_destroy_function(e, nuron_destroy) ||
- !ENGINE_set_init_function(e, nuron_init) ||
- !ENGINE_set_finish_function(e, nuron_finish) ||
- !ENGINE_set_ctrl_function(e, nuron_ctrl) ||
- !ENGINE_set_cmd_defns(e, nuron_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * nuron-specific mod_exp and mod_exp_crt so we use those functions. NB:
- * We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DSA
- /*
- * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
- */
- meth2 = DSA_OpenSSL();
- nuron_dsa.dsa_do_sign = meth2->dsa_do_sign;
- nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
- nuron_dsa.dsa_do_verify = meth2->dsa_do_verify;
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- nuron_dh.generate_key = meth3->generate_key;
- nuron_dh.compute_key = meth3->compute_key;
-# endif
-
- /* Ensure the nuron error handling is set up */
- ERR_load_NURON_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_nuron(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_nuron(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_nuron();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_nuron_id) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_NURON */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_nuron_err.c b/engines/e_nuron_err.c
deleted file mode 100644
index a02c4f0459f1..000000000000
--- a/engines/e_nuron_err.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* e_nuron_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_nuron_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA NURON_str_functs[] = {
- {ERR_FUNC(NURON_F_NURON_CTRL), "NURON_CTRL"},
- {ERR_FUNC(NURON_F_NURON_FINISH), "NURON_FINISH"},
- {ERR_FUNC(NURON_F_NURON_INIT), "NURON_INIT"},
- {ERR_FUNC(NURON_F_NURON_MOD_EXP), "NURON_MOD_EXP"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA NURON_str_reasons[] = {
- {ERR_REASON(NURON_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(NURON_R_DSO_FAILURE), "dso failure"},
- {ERR_REASON(NURON_R_DSO_FUNCTION_NOT_FOUND), "dso function not found"},
- {ERR_REASON(NURON_R_DSO_NOT_FOUND), "dso not found"},
- {ERR_REASON(NURON_R_NOT_LOADED), "not loaded"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef NURON_LIB_NAME
-static ERR_STRING_DATA NURON_lib_name[] = {
- {0, NURON_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int NURON_lib_error_code = 0;
-static int NURON_error_init = 1;
-
-static void ERR_load_NURON_strings(void)
-{
- if (NURON_lib_error_code == 0)
- NURON_lib_error_code = ERR_get_next_error_library();
-
- if (NURON_error_init) {
- NURON_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(NURON_lib_error_code, NURON_str_functs);
- ERR_load_strings(NURON_lib_error_code, NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
- NURON_lib_name->error = ERR_PACK(NURON_lib_error_code, 0, 0);
- ERR_load_strings(0, NURON_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_NURON_strings(void)
-{
- if (NURON_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(NURON_lib_error_code, NURON_str_functs);
- ERR_unload_strings(NURON_lib_error_code, NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
- ERR_unload_strings(0, NURON_lib_name);
-#endif
- NURON_error_init = 1;
- }
-}
-
-static void ERR_NURON_error(int function, int reason, char *file, int line)
-{
- if (NURON_lib_error_code == 0)
- NURON_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(NURON_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_nuron_err.h b/engines/e_nuron_err.h
deleted file mode 100644
index aa7849c6a916..000000000000
--- a/engines/e_nuron_err.h
+++ /dev/null
@@ -1,91 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_NURON_ERR_H
-# define HEADER_NURON_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_NURON_strings(void);
-static void ERR_unload_NURON_strings(void);
-static void ERR_NURON_error(int function, int reason, char *file, int line);
-# define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the NURON functions. */
-
-/* Function codes. */
-# define NURON_F_NURON_CTRL 100
-# define NURON_F_NURON_FINISH 101
-# define NURON_F_NURON_INIT 102
-# define NURON_F_NURON_MOD_EXP 103
-
-/* Reason codes. */
-# define NURON_R_ALREADY_LOADED 100
-# define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED 101
-# define NURON_R_DSO_FAILURE 102
-# define NURON_R_DSO_FUNCTION_NOT_FOUND 103
-# define NURON_R_DSO_NOT_FOUND 104
-# define NURON_R_NOT_LOADED 105
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
new file mode 100644
index 000000000000..64376247c3f0
--- /dev/null
+++ b/engines/e_ossltest.c
@@ -0,0 +1,696 @@
+/*
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This is the OSSLTEST engine. It provides deliberately crippled digest
+ * implementations for test purposes. It is highly insecure and must NOT be
+ * used for any purpose except testing
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/engine.h>
+#include <openssl/sha.h>
+#include <openssl/md5.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/modes.h>
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+#include <openssl/crypto.h>
+
+#include "e_ossltest_err.c"
+
+/* Engine Id and Name */
+static const char *engine_ossltest_id = "ossltest";
+static const char *engine_ossltest_name = "OpenSSL Test engine support";
+
+
+/* Engine Lifetime functions */
+static int ossltest_destroy(ENGINE *e);
+static int ossltest_init(ENGINE *e);
+static int ossltest_finish(ENGINE *e);
+void ENGINE_load_ossltest(void);
+
+
+/* Set up digests */
+static int ossltest_digests(ENGINE *e, const EVP_MD **digest,
+ const int **nids, int nid);
+static const RAND_METHOD *ossltest_rand_method(void);
+
+/* MD5 */
+static int digest_md5_init(EVP_MD_CTX *ctx);
+static int digest_md5_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count);
+static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+static EVP_MD *_hidden_md5_md = NULL;
+static const EVP_MD *digest_md5(void)
+{
+ if (_hidden_md5_md == NULL) {
+ EVP_MD *md;
+
+ if ((md = EVP_MD_meth_new(NID_md5, NID_md5WithRSAEncryption)) == NULL
+ || !EVP_MD_meth_set_result_size(md, MD5_DIGEST_LENGTH)
+ || !EVP_MD_meth_set_input_blocksize(md, MD5_CBLOCK)
+ || !EVP_MD_meth_set_app_datasize(md,
+ sizeof(EVP_MD *) + sizeof(MD5_CTX))
+ || !EVP_MD_meth_set_flags(md, 0)
+ || !EVP_MD_meth_set_init(md, digest_md5_init)
+ || !EVP_MD_meth_set_update(md, digest_md5_update)
+ || !EVP_MD_meth_set_final(md, digest_md5_final)) {
+ EVP_MD_meth_free(md);
+ md = NULL;
+ }
+ _hidden_md5_md = md;
+ }
+ return _hidden_md5_md;
+}
+
+/* SHA1 */
+static int digest_sha1_init(EVP_MD_CTX *ctx);
+static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count);
+static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+static EVP_MD *_hidden_sha1_md = NULL;
+static const EVP_MD *digest_sha1(void)
+{
+ if (_hidden_sha1_md == NULL) {
+ EVP_MD *md;
+
+ if ((md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption)) == NULL
+ || !EVP_MD_meth_set_result_size(md, SHA_DIGEST_LENGTH)
+ || !EVP_MD_meth_set_input_blocksize(md, SHA_CBLOCK)
+ || !EVP_MD_meth_set_app_datasize(md,
+ sizeof(EVP_MD *) + sizeof(SHA_CTX))
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT)
+ || !EVP_MD_meth_set_init(md, digest_sha1_init)
+ || !EVP_MD_meth_set_update(md, digest_sha1_update)
+ || !EVP_MD_meth_set_final(md, digest_sha1_final)) {
+ EVP_MD_meth_free(md);
+ md = NULL;
+ }
+ _hidden_sha1_md = md;
+ }
+ return _hidden_sha1_md;
+}
+
+/* SHA256 */
+static int digest_sha256_init(EVP_MD_CTX *ctx);
+static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count);
+static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+static EVP_MD *_hidden_sha256_md = NULL;
+static const EVP_MD *digest_sha256(void)
+{
+ if (_hidden_sha256_md == NULL) {
+ EVP_MD *md;
+
+ if ((md = EVP_MD_meth_new(NID_sha256, NID_sha256WithRSAEncryption)) == NULL
+ || !EVP_MD_meth_set_result_size(md, SHA256_DIGEST_LENGTH)
+ || !EVP_MD_meth_set_input_blocksize(md, SHA256_CBLOCK)
+ || !EVP_MD_meth_set_app_datasize(md,
+ sizeof(EVP_MD *) + sizeof(SHA256_CTX))
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT)
+ || !EVP_MD_meth_set_init(md, digest_sha256_init)
+ || !EVP_MD_meth_set_update(md, digest_sha256_update)
+ || !EVP_MD_meth_set_final(md, digest_sha256_final)) {
+ EVP_MD_meth_free(md);
+ md = NULL;
+ }
+ _hidden_sha256_md = md;
+ }
+ return _hidden_sha256_md;
+}
+
+/* SHA384/SHA512 */
+static int digest_sha384_init(EVP_MD_CTX *ctx);
+static int digest_sha512_init(EVP_MD_CTX *ctx);
+static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count);
+static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md);
+static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+static EVP_MD *_hidden_sha384_md = NULL;
+static const EVP_MD *digest_sha384(void)
+{
+ if (_hidden_sha384_md == NULL) {
+ EVP_MD *md;
+
+ if ((md = EVP_MD_meth_new(NID_sha384, NID_sha384WithRSAEncryption)) == NULL
+ || !EVP_MD_meth_set_result_size(md, SHA384_DIGEST_LENGTH)
+ || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK)
+ || !EVP_MD_meth_set_app_datasize(md,
+ sizeof(EVP_MD *) + sizeof(SHA512_CTX))
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT)
+ || !EVP_MD_meth_set_init(md, digest_sha384_init)
+ || !EVP_MD_meth_set_update(md, digest_sha512_update)
+ || !EVP_MD_meth_set_final(md, digest_sha384_final)) {
+ EVP_MD_meth_free(md);
+ md = NULL;
+ }
+ _hidden_sha384_md = md;
+ }
+ return _hidden_sha384_md;
+}
+static EVP_MD *_hidden_sha512_md = NULL;
+static const EVP_MD *digest_sha512(void)
+{
+ if (_hidden_sha512_md == NULL) {
+ EVP_MD *md;
+
+ if ((md = EVP_MD_meth_new(NID_sha512, NID_sha512WithRSAEncryption)) == NULL
+ || !EVP_MD_meth_set_result_size(md, SHA512_DIGEST_LENGTH)
+ || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK)
+ || !EVP_MD_meth_set_app_datasize(md,
+ sizeof(EVP_MD *) + sizeof(SHA512_CTX))
+ || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT)
+ || !EVP_MD_meth_set_init(md, digest_sha512_init)
+ || !EVP_MD_meth_set_update(md, digest_sha512_update)
+ || !EVP_MD_meth_set_final(md, digest_sha512_final)) {
+ EVP_MD_meth_free(md);
+ md = NULL;
+ }
+ _hidden_sha512_md = md;
+ }
+ return _hidden_sha512_md;
+}
+static void destroy_digests(void)
+{
+ EVP_MD_meth_free(_hidden_md5_md);
+ _hidden_md5_md = NULL;
+ EVP_MD_meth_free(_hidden_sha1_md);
+ _hidden_sha1_md = NULL;
+ EVP_MD_meth_free(_hidden_sha256_md);
+ _hidden_sha256_md = NULL;
+ EVP_MD_meth_free(_hidden_sha384_md);
+ _hidden_sha384_md = NULL;
+ EVP_MD_meth_free(_hidden_sha512_md);
+ _hidden_sha512_md = NULL;
+}
+static int ossltest_digest_nids(const int **nids)
+{
+ static int digest_nids[6] = { 0, 0, 0, 0, 0, 0 };
+ static int pos = 0;
+ static int init = 0;
+
+ if (!init) {
+ const EVP_MD *md;
+ if ((md = digest_md5()) != NULL)
+ digest_nids[pos++] = EVP_MD_type(md);
+ if ((md = digest_sha1()) != NULL)
+ digest_nids[pos++] = EVP_MD_type(md);
+ if ((md = digest_sha256()) != NULL)
+ digest_nids[pos++] = EVP_MD_type(md);
+ if ((md = digest_sha384()) != NULL)
+ digest_nids[pos++] = EVP_MD_type(md);
+ if ((md = digest_sha512()) != NULL)
+ digest_nids[pos++] = EVP_MD_type(md);
+ digest_nids[pos] = 0;
+ init = 1;
+ }
+ *nids = digest_nids;
+ return pos;
+}
+
+/* Setup ciphers */
+static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **,
+ const int **, int);
+
+static int ossltest_cipher_nids[] = {
+ NID_aes_128_cbc, NID_aes_128_gcm, 0
+};
+
+/* AES128 */
+
+int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);
+int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
+int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);
+static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr);
+
+static EVP_CIPHER *_hidden_aes_128_cbc = NULL;
+static const EVP_CIPHER *ossltest_aes_128_cbc(void)
+{
+ if (_hidden_aes_128_cbc == NULL
+ && ((_hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc,
+ 16 /* block size */,
+ 16 /* key len */)) == NULL
+ || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16)
+ || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc,
+ EVP_CIPH_FLAG_DEFAULT_ASN1
+ | EVP_CIPH_CBC_MODE)
+ || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc,
+ ossltest_aes128_init_key)
+ || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc,
+ ossltest_aes128_cbc_cipher)
+ || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc,
+ EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc())))) {
+ EVP_CIPHER_meth_free(_hidden_aes_128_cbc);
+ _hidden_aes_128_cbc = NULL;
+ }
+ return _hidden_aes_128_cbc;
+}
+static EVP_CIPHER *_hidden_aes_128_gcm = NULL;
+
+#define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \
+ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
+ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
+ | EVP_CIPH_CUSTOM_COPY |EVP_CIPH_FLAG_AEAD_CIPHER \
+ | EVP_CIPH_GCM_MODE)
+
+static const EVP_CIPHER *ossltest_aes_128_gcm(void)
+{
+ if (_hidden_aes_128_gcm == NULL
+ && ((_hidden_aes_128_gcm = EVP_CIPHER_meth_new(NID_aes_128_gcm,
+ 1 /* block size */,
+ 16 /* key len */)) == NULL
+ || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_gcm,12)
+ || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_gcm, AES_GCM_FLAGS)
+ || !EVP_CIPHER_meth_set_init(_hidden_aes_128_gcm,
+ ossltest_aes128_gcm_init_key)
+ || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_gcm,
+ ossltest_aes128_gcm_cipher)
+ || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_gcm,
+ ossltest_aes128_gcm_ctrl)
+ || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_gcm,
+ EVP_CIPHER_impl_ctx_size(EVP_aes_128_gcm())))) {
+ EVP_CIPHER_meth_free(_hidden_aes_128_gcm);
+ _hidden_aes_128_gcm = NULL;
+ }
+ return _hidden_aes_128_gcm;
+}
+
+static void destroy_ciphers(void)
+{
+ EVP_CIPHER_meth_free(_hidden_aes_128_cbc);
+ EVP_CIPHER_meth_free(_hidden_aes_128_gcm);
+ _hidden_aes_128_cbc = NULL;
+}
+
+static int bind_ossltest(ENGINE *e)
+{
+ /* Ensure the ossltest error handling is set up */
+ ERR_load_OSSLTEST_strings();
+
+ if (!ENGINE_set_id(e, engine_ossltest_id)
+ || !ENGINE_set_name(e, engine_ossltest_name)
+ || !ENGINE_set_digests(e, ossltest_digests)
+ || !ENGINE_set_ciphers(e, ossltest_ciphers)
+ || !ENGINE_set_RAND(e, ossltest_rand_method())
+ || !ENGINE_set_destroy_function(e, ossltest_destroy)
+ || !ENGINE_set_init_function(e, ossltest_init)
+ || !ENGINE_set_finish_function(e, ossltest_finish)) {
+ OSSLTESTerr(OSSLTEST_F_BIND_OSSLTEST, OSSLTEST_R_INIT_FAILED);
+ return 0;
+ }
+
+ return 1;
+}
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+ if (id && (strcmp(id, engine_ossltest_id) != 0))
+ return 0;
+ if (!bind_ossltest(e))
+ return 0;
+ return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+ IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+#endif
+
+static ENGINE *engine_ossltest(void)
+{
+ ENGINE *ret = ENGINE_new();
+ if (ret == NULL)
+ return NULL;
+ if (!bind_ossltest(ret)) {
+ ENGINE_free(ret);
+ return NULL;
+ }
+ return ret;
+}
+
+void ENGINE_load_ossltest(void)
+{
+ /* Copied from eng_[openssl|dyn].c */
+ ENGINE *toadd = engine_ossltest();
+ if (!toadd)
+ return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+}
+
+
+static int ossltest_init(ENGINE *e)
+{
+ return 1;
+}
+
+
+static int ossltest_finish(ENGINE *e)
+{
+ return 1;
+}
+
+
+static int ossltest_destroy(ENGINE *e)
+{
+ destroy_digests();
+ destroy_ciphers();
+ ERR_unload_OSSLTEST_strings();
+ return 1;
+}
+
+static int ossltest_digests(ENGINE *e, const EVP_MD **digest,
+ const int **nids, int nid)
+{
+ int ok = 1;
+ if (!digest) {
+ /* We are returning a list of supported nids */
+ return ossltest_digest_nids(nids);
+ }
+ /* We are being asked for a specific digest */
+ switch (nid) {
+ case NID_md5:
+ *digest = digest_md5();
+ break;
+ case NID_sha1:
+ *digest = digest_sha1();
+ break;
+ case NID_sha256:
+ *digest = digest_sha256();
+ break;
+ case NID_sha384:
+ *digest = digest_sha384();
+ break;
+ case NID_sha512:
+ *digest = digest_sha512();
+ break;
+ default:
+ ok = 0;
+ *digest = NULL;
+ break;
+ }
+ return ok;
+}
+
+static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+ const int **nids, int nid)
+{
+ int ok = 1;
+ if (!cipher) {
+ /* We are returning a list of supported nids */
+ *nids = ossltest_cipher_nids;
+ return (sizeof(ossltest_cipher_nids) - 1)
+ / sizeof(ossltest_cipher_nids[0]);
+ }
+ /* We are being asked for a specific cipher */
+ switch (nid) {
+ case NID_aes_128_cbc:
+ *cipher = ossltest_aes_128_cbc();
+ break;
+ case NID_aes_128_gcm:
+ *cipher = ossltest_aes_128_gcm();
+ break;
+ default:
+ ok = 0;
+ *cipher = NULL;
+ break;
+ }
+ return ok;
+}
+
+static void fill_known_data(unsigned char *md, unsigned int len)
+{
+ unsigned int i;
+
+ for (i=0; i<len; i++) {
+ md[i] = (unsigned char)(i & 0xff);
+ }
+}
+
+/*
+ * MD5 implementation. We go through the motions of doing MD5 by deferring to
+ * the standard implementation. Then we overwrite the result with a will defined
+ * value, so that all "MD5" digests using the test engine always end up with
+ * the same value.
+ */
+#undef data
+#define data(ctx) ((MD5_CTX *)EVP_MD_CTX_md_data(ctx))
+static int digest_md5_init(EVP_MD_CTX *ctx)
+{
+ return MD5_Init(data(ctx));
+}
+
+static int digest_md5_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ return MD5_Update(data(ctx), data, (size_t)count);
+}
+
+static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ int ret;
+ ret = MD5_Final(md, data(ctx));
+
+ if (ret > 0) {
+ fill_known_data(md, MD5_DIGEST_LENGTH);
+ }
+ return ret;
+}
+
+/*
+ * SHA1 implementation.
+ */
+#undef data
+#define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx))
+static int digest_sha1_init(EVP_MD_CTX *ctx)
+{
+ return SHA1_Init(data(ctx));
+}
+
+static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ return SHA1_Update(data(ctx), data, (size_t)count);
+}
+
+static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ int ret;
+ ret = SHA1_Final(md, data(ctx));
+
+ if (ret > 0) {
+ fill_known_data(md, SHA_DIGEST_LENGTH);
+ }
+ return ret;
+}
+
+/*
+ * SHA256 implementation.
+ */
+#undef data
+#define data(ctx) ((SHA256_CTX *)EVP_MD_CTX_md_data(ctx))
+static int digest_sha256_init(EVP_MD_CTX *ctx)
+{
+ return SHA256_Init(data(ctx));
+}
+
+static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ return SHA256_Update(data(ctx), data, (size_t)count);
+}
+
+static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ int ret;
+ ret = SHA256_Final(md, data(ctx));
+
+ if (ret > 0) {
+ fill_known_data(md, SHA256_DIGEST_LENGTH);
+ }
+ return ret;
+}
+
+/*
+ * SHA384/512 implementation.
+ */
+#undef data
+#define data(ctx) ((SHA512_CTX *)EVP_MD_CTX_md_data(ctx))
+static int digest_sha384_init(EVP_MD_CTX *ctx)
+{
+ return SHA384_Init(data(ctx));
+}
+
+static int digest_sha512_init(EVP_MD_CTX *ctx)
+{
+ return SHA512_Init(data(ctx));
+}
+
+static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data,
+ size_t count)
+{
+ return SHA512_Update(data(ctx), data, (size_t)count);
+}
+
+static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ int ret;
+ /* Actually uses SHA512_Final! */
+ ret = SHA512_Final(md, data(ctx));
+
+ if (ret > 0) {
+ fill_known_data(md, SHA384_DIGEST_LENGTH);
+ }
+ return ret;
+}
+
+static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+ int ret;
+ ret = SHA512_Final(md, data(ctx));
+
+ if (ret > 0) {
+ fill_known_data(md, SHA512_DIGEST_LENGTH);
+ }
+ return ret;
+}
+
+/*
+ * AES128 Implementation
+ */
+
+int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc);
+}
+
+int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+{
+ unsigned char *tmpbuf;
+ int ret;
+
+ tmpbuf = OPENSSL_malloc(inl);
+
+ /* OPENSSL_malloc will return NULL if inl == 0 */
+ if (tmpbuf == NULL && inl > 0)
+ return -1;
+
+ /* Remember what we were asked to encrypt */
+ if (tmpbuf != NULL)
+ memcpy(tmpbuf, in, inl);
+
+ /* Go through the motions of encrypting it */
+ ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc())(ctx, out, in, inl);
+
+ /* Throw it all away and just use the plaintext as the output */
+ if (tmpbuf != NULL)
+ memcpy(out, tmpbuf, inl);
+ OPENSSL_free(tmpbuf);
+
+ return ret;
+}
+
+int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc);
+}
+
+
+int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+{
+ unsigned char *tmpbuf = OPENSSL_malloc(inl);
+
+ /* OPENSSL_malloc will return NULL if inl == 0 */
+ if (tmpbuf == NULL && inl > 0)
+ return -1;
+
+ /* Remember what we were asked to encrypt */
+ if (tmpbuf != NULL)
+ memcpy(tmpbuf, in, inl);
+
+ /* Go through the motions of encrypting it */
+ EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_gcm())(ctx, out, in, inl);
+
+ /* Throw it all away and just use the plaintext as the output */
+ if (tmpbuf != NULL && out != NULL)
+ memcpy(out, tmpbuf, inl);
+ OPENSSL_free(tmpbuf);
+
+ return inl;
+}
+
+static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ void *ptr)
+{
+ /* Pass the ctrl down */
+ int ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_gcm())(ctx, type, arg, ptr);
+
+ if (ret <= 0)
+ return ret;
+
+ switch(type) {
+ case EVP_CTRL_AEAD_GET_TAG:
+ /* Always give the same tag */
+ memset(ptr, 0, EVP_GCM_TLS_TAG_LEN);
+ break;
+
+ default:
+ break;
+ }
+
+ return 1;
+}
+
+static int ossltest_rand_bytes(unsigned char *buf, int num)
+{
+ unsigned char val = 1;
+
+ while (--num >= 0)
+ *buf++ = val++;
+ return 1;
+}
+
+static int ossltest_rand_status(void)
+{
+ return 1;
+}
+
+static const RAND_METHOD *ossltest_rand_method(void)
+{
+
+ static RAND_METHOD osslt_rand_meth = {
+ NULL,
+ ossltest_rand_bytes,
+ NULL,
+ NULL,
+ ossltest_rand_bytes,
+ ossltest_rand_status
+ };
+
+ return &osslt_rand_meth;
+}
diff --git a/engines/e_ossltest.txt b/engines/e_ossltest.txt
new file mode 100644
index 000000000000..2b2e31a0756b
--- /dev/null
+++ b/engines/e_ossltest.txt
@@ -0,0 +1,13 @@
+# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Function codes
+OSSLTEST_F_BIND_OSSLTEST:100:bind_ossltest
+OSSLTEST_F_OSSLTEST_AES128_INIT_KEY:101:*
+
+#Reason codes
+OSSLTEST_R_INIT_FAILED:100:init failed
diff --git a/engines/e_ossltest_err.c b/engines/e_ossltest_err.c
new file mode 100644
index 000000000000..920a13a6922a
--- /dev/null
+++ b/engines/e_ossltest_err.c
@@ -0,0 +1,63 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/err.h>
+#include "e_ossltest_err.h"
+
+#ifndef OPENSSL_NO_ERR
+
+static ERR_STRING_DATA OSSLTEST_str_functs[] = {
+ {ERR_PACK(0, OSSLTEST_F_BIND_OSSLTEST, 0), "bind_ossltest"},
+ {ERR_PACK(0, OSSLTEST_F_OSSLTEST_AES128_INIT_KEY, 0), ""},
+ {0, NULL}
+};
+
+static ERR_STRING_DATA OSSLTEST_str_reasons[] = {
+ {ERR_PACK(0, 0, OSSLTEST_R_INIT_FAILED), "init failed"},
+ {0, NULL}
+};
+
+#endif
+
+static int lib_code = 0;
+static int error_loaded = 0;
+
+static int ERR_load_OSSLTEST_strings(void)
+{
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+
+ if (!error_loaded) {
+#ifndef OPENSSL_NO_ERR
+ ERR_load_strings(lib_code, OSSLTEST_str_functs);
+ ERR_load_strings(lib_code, OSSLTEST_str_reasons);
+#endif
+ error_loaded = 1;
+ }
+ return 1;
+}
+
+static void ERR_unload_OSSLTEST_strings(void)
+{
+ if (error_loaded) {
+#ifndef OPENSSL_NO_ERR
+ ERR_unload_strings(lib_code, OSSLTEST_str_functs);
+ ERR_unload_strings(lib_code, OSSLTEST_str_reasons);
+#endif
+ error_loaded = 0;
+ }
+}
+
+static void ERR_OSSLTEST_error(int function, int reason, char *file, int line)
+{
+ if (lib_code == 0)
+ lib_code = ERR_get_next_error_library();
+ ERR_PUT_error(lib_code, function, reason, file, line);
+}
diff --git a/engines/e_ossltest_err.h b/engines/e_ossltest_err.h
new file mode 100644
index 000000000000..e745c1a236d4
--- /dev/null
+++ b/engines/e_ossltest_err.h
@@ -0,0 +1,28 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_OSSLTESTERR_H
+# define HEADER_OSSLTESTERR_H
+
+# define OSSLTESTerr(f, r) ERR_OSSLTEST_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
+
+
+/*
+ * OSSLTEST function codes.
+ */
+# define OSSLTEST_F_BIND_OSSLTEST 100
+# define OSSLTEST_F_OSSLTEST_AES128_INIT_KEY 101
+
+/*
+ * OSSLTEST reason codes.
+ */
+# define OSSLTEST_R_INIT_FAILED 100
+
+#endif
diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 2898e4c71e71..f6b1f169810e 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -1,65 +1,10 @@
-/*-
- * Support for VIA PadLock Advanced Cryptography Engine (ACE)
- * Written by Michal Ludvig <michal@logix.cz>
- * http://www.logix.cz/michal
- *
- * Big thanks to Andy Polyakov for a help with optimization,
- * assembler fixes, port to MS Windows and a lot of other
- * valuable work on this engine!
- */
-
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+/*
+ * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
@@ -67,14 +12,12 @@
#include <openssl/opensslconf.h>
#include <openssl/crypto.h>
-#include <openssl/dso.h>
#include <openssl/engine.h>
#include <openssl/evp.h>
-#ifndef OPENSSL_NO_AES
-# include <openssl/aes.h>
-#endif
+#include <openssl/aes.h>
#include <openssl/rand.h>
#include <openssl/err.h>
+#include <openssl/modes.h>
#ifndef OPENSSL_NO_HW
# ifndef OPENSSL_NO_HW_PADLOCK
@@ -95,24 +38,19 @@
/*
* VIA PadLock AES is available *ONLY* on some x86 CPUs. Not only that it
* doesn't exist elsewhere, but it even can't be compiled on other platforms!
- *
- * In addition, because of the heavy use of inline assembler, compiler choice
- * is limited to GCC and Microsoft C.
*/
+
# undef COMPILE_HW_PADLOCK
-# if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
- (defined(_MSC_VER) && defined(_M_IX86))
-# define COMPILE_HW_PADLOCK
+# if !defined(I386_ONLY) && defined(PADLOCK_ASM)
+# define COMPILE_HW_PADLOCK
+# ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *ENGINE_padlock(void);
# endif
# endif
# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-# ifdef COMPILE_HW_PADLOCK
-static ENGINE *ENGINE_padlock(void);
-# endif
-
-void ENGINE_load_padlock(void)
+void engine_load_padlock_int(void);
+void engine_load_padlock_int(void)
{
/* On non-x86 CPUs it just returns. */
# ifdef COMPILE_HW_PADLOCK
@@ -128,21 +66,6 @@ void ENGINE_load_padlock(void)
# endif
# ifdef COMPILE_HW_PADLOCK
-/*
- * We do these includes here to avoid header problems on platforms that do
- * not have the VIA padlock anyway...
- */
-# include <stdlib.h>
-# ifdef _WIN32
-# include <malloc.h>
-# ifndef alloca
-# define alloca _alloca
-# endif
-# elif defined(__GNUC__)
-# ifndef alloca
-# define alloca(s) __builtin_alloca(s)
-# endif
-# endif
/* Function for ENGINE detection and control */
static int padlock_available(void);
@@ -152,10 +75,8 @@ static int padlock_init(ENGINE *e);
static RAND_METHOD padlock_rand;
/* Cipher Stuff */
-# ifndef OPENSSL_NO_AES
static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
const int **nids, int nid);
-# endif
/* Engine names */
static const char *padlock_id = "padlock";
@@ -164,9 +85,6 @@ static char padlock_name[100];
/* Available features */
static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
static int padlock_use_rng = 0; /* Random Number Generator */
-# ifndef OPENSSL_NO_AES
-static int padlock_aes_align_required = 1;
-# endif
/* ===== Engine "management" functions ===== */
@@ -176,10 +94,11 @@ static int padlock_bind_helper(ENGINE *e)
/* Check available features */
padlock_available();
-# if 1 /* disable RNG for now, see commentary in
- * vicinity of RNG code */
+ /*
+ * RNG is currently disabled for reasons discussed in commentary just
+ * before padlock_rand_bytes function.
+ */
padlock_use_rng = 0;
-# endif
/* Generate a nice engine name with available features */
BIO_snprintf(padlock_name, sizeof(padlock_name),
@@ -191,9 +110,7 @@ static int padlock_bind_helper(ENGINE *e)
if (!ENGINE_set_id(e, padlock_id) ||
!ENGINE_set_name(e, padlock_name) ||
!ENGINE_set_init_function(e, padlock_init) ||
-# ifndef OPENSSL_NO_AES
(padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
-# endif
(padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
return 0;
}
@@ -203,13 +120,12 @@ static int padlock_bind_helper(ENGINE *e)
}
# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-
/* Constructor */
static ENGINE *ENGINE_padlock(void)
{
ENGINE *eng = ENGINE_new();
- if (!eng) {
+ if (eng == NULL) {
return NULL;
}
@@ -220,7 +136,6 @@ static ENGINE *ENGINE_padlock(void)
return eng;
}
-
# endif
/* Check availability of the engine */
@@ -248,15 +163,15 @@ static int padlock_bind_fn(ENGINE *e, const char *id)
}
IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn)
+IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn)
# endif /* DYNAMIC_ENGINE */
/* ===== Here comes the "real" engine ===== */
-# ifndef OPENSSL_NO_AES
+
/* Some AES-related constants */
-# define AES_BLOCK_SIZE 16
-# define AES_KEY_SIZE_128 16
-# define AES_KEY_SIZE_192 24
-# define AES_KEY_SIZE_256 32
+# define AES_BLOCK_SIZE 16
+# define AES_KEY_SIZE_128 16
+# define AES_KEY_SIZE_192 24
+# define AES_KEY_SIZE_256 32
/*
* Here we store the status information relevant to the current context.
*/
@@ -283,94 +198,35 @@ struct padlock_cipher_data {
AES_KEY ks; /* Encryption key */
};
-/*
- * Essentially this variable belongs in thread local storage.
- * Having this variable global on the other hand can only cause
- * few bogus key reloads [if any at all on single-CPU system],
- * so we accept the penatly...
- */
-static volatile struct padlock_cipher_data *padlock_saved_context;
-# endif
-
-/*-
- * =======================================================
- * Inline assembler section(s).
- * =======================================================
- * Order of arguments is chosen to facilitate Windows port
- * using __fastcall calling convention. If you wish to add
- * more routines, keep in mind that first __fastcall
- * argument is passed in %ecx and second - in %edx.
- * =======================================================
- */
-# if defined(__GNUC__) && __GNUC__>=2
-/*
- * As for excessive "push %ebx"/"pop %ebx" found all over.
- * When generating position-independent code GCC won't let
- * us use "b" in assembler templates nor even respect "ebx"
- * in "clobber description." Therefore the trouble...
- */
-
-/*
- * Helper function - check if a CPUID instruction is available on this CPU
- */
-static int padlock_insn_cpuid_available(void)
-{
- int result = -1;
-
- /*
- * We're checking if the bit #21 of EFLAGS can be toggled. If yes =
- * CPUID is available.
- */
- asm volatile ("pushf\n"
- "popl %%eax\n"
- "xorl $0x200000, %%eax\n"
- "movl %%eax, %%ecx\n"
- "andl $0x200000, %%ecx\n"
- "pushl %%eax\n"
- "popf\n"
- "pushf\n"
- "popl %%eax\n"
- "andl $0x200000, %%eax\n"
- "xorl %%eax, %%ecx\n"
- "movl %%ecx, %0\n":"=r" (result)::"eax", "ecx");
-
- return (result == 0);
-}
+/* Interface to assembler module */
+unsigned int padlock_capability(void);
+void padlock_key_bswap(AES_KEY *key);
+void padlock_verify_context(struct padlock_cipher_data *ctx);
+void padlock_reload_key(void);
+void padlock_aes_block(void *out, const void *inp,
+ struct padlock_cipher_data *ctx);
+int padlock_ecb_encrypt(void *out, const void *inp,
+ struct padlock_cipher_data *ctx, size_t len);
+int padlock_cbc_encrypt(void *out, const void *inp,
+ struct padlock_cipher_data *ctx, size_t len);
+int padlock_cfb_encrypt(void *out, const void *inp,
+ struct padlock_cipher_data *ctx, size_t len);
+int padlock_ofb_encrypt(void *out, const void *inp,
+ struct padlock_cipher_data *ctx, size_t len);
+int padlock_ctr32_encrypt(void *out, const void *inp,
+ struct padlock_cipher_data *ctx, size_t len);
+int padlock_xstore(void *out, int edx);
+void padlock_sha1_oneshot(void *ctx, const void *inp, size_t len);
+void padlock_sha1(void *ctx, const void *inp, size_t len);
+void padlock_sha256_oneshot(void *ctx, const void *inp, size_t len);
+void padlock_sha256(void *ctx, const void *inp, size_t len);
/*
* Load supported features of the CPU to see if the PadLock is available.
*/
static int padlock_available(void)
{
- char vendor_string[16];
- unsigned int eax, edx;
-
- /* First check if the CPUID instruction is available at all... */
- if (!padlock_insn_cpuid_available())
- return 0;
-
- /* Are we running on the Centaur (VIA) CPU? */
- eax = 0x00000000;
- vendor_string[12] = 0;
- asm volatile ("pushl %%ebx\n"
- "cpuid\n"
- "movl %%ebx,(%%edi)\n"
- "movl %%edx,4(%%edi)\n"
- "movl %%ecx,8(%%edi)\n"
- "popl %%ebx":"+a" (eax):"D"(vendor_string):"ecx", "edx");
- if (strcmp(vendor_string, "CentaurHauls") != 0)
- return 0;
-
- /* Check for Centaur Extended Feature Flags presence */
- eax = 0xC0000000;
- asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax)::"ecx", "edx");
- if (eax < 0xC0000001)
- return 0;
-
- /* Read the Centaur Extended Feature Flags */
- eax = 0xC0000001;
- asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax),
- "=d"(edx)::"ecx");
+ unsigned int edx = padlock_capability();
/* Fill up some flags */
padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
@@ -379,349 +235,293 @@ static int padlock_available(void)
return padlock_use_ace + padlock_use_rng;
}
-# ifndef OPENSSL_NO_AES
-# ifndef AES_ASM
-/* Our own htonl()/ntohl() */
-static inline void padlock_bswapl(AES_KEY *ks)
-{
- size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
- unsigned int *key = ks->rd_key;
-
- while (i--) {
- asm volatile ("bswapl %0":"+r" (*key));
- key++;
- }
-}
-# endif
-# endif
+/* ===== AES encryption/decryption ===== */
-/*
- * Force key reload from memory to the CPU microcode. Loading EFLAGS from the
- * stack clears EFLAGS[30] which does the trick.
- */
-static inline void padlock_reload_key(void)
-{
- asm volatile ("pushfl; popfl");
-}
+# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
+# define NID_aes_128_cfb NID_aes_128_cfb128
+# endif
-# ifndef OPENSSL_NO_AES
-/*
- * This is heuristic key context tracing. At first one
- * believes that one should use atomic swap instructions,
- * but it's not actually necessary. Point is that if
- * padlock_saved_context was changed by another thread
- * after we've read it and before we compare it with cdata,
- * our key *shall* be reloaded upon thread context switch
- * and we are therefore set in either case...
- */
-static inline void padlock_verify_context(struct padlock_cipher_data *cdata)
-{
- asm volatile ("pushfl\n"
- " btl $30,(%%esp)\n"
- " jnc 1f\n"
- " cmpl %2,%1\n"
- " je 1f\n"
- " popfl\n"
- " subl $4,%%esp\n"
- "1: addl $4,%%esp\n"
- " movl %2,%0":"+m" (padlock_saved_context)
- :"r"(padlock_saved_context), "r"(cdata):"cc");
-}
+# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
+# define NID_aes_128_ofb NID_aes_128_ofb128
+# endif
-/* Template for padlock_xcrypt_* modes */
-/*
- * BIG FAT WARNING: The offsets used with 'leal' instructions describe items
- * of the 'padlock_cipher_data' structure.
- */
-# define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \
-static inline void *name(size_t cnt, \
- struct padlock_cipher_data *cdata, \
- void *out, const void *inp) \
-{ void *iv; \
- asm volatile ( "pushl %%ebx\n" \
- " leal 16(%0),%%edx\n" \
- " leal 32(%0),%%ebx\n" \
- rep_xcrypt "\n" \
- " popl %%ebx" \
- : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
- : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \
- : "edx", "cc", "memory"); \
- return iv; \
-}
+# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
+# define NID_aes_192_cfb NID_aes_192_cfb128
+# endif
-/* Generate all functions with appropriate opcodes */
-/* rep xcryptecb */
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")
-/* rep xcryptcbc */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")
-/* rep xcryptcfb */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")
-/* rep xcryptofb */
- PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")
-# endif
-/* The RNG call itself */
-static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in)
-{
- unsigned int eax_out;
+# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
+# define NID_aes_192_ofb NID_aes_192_ofb128
+# endif
- asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */
- :"=a" (eax_out), "=m"(*(unsigned *)addr)
- :"D"(addr), "d"(edx_in)
- );
+# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
+# define NID_aes_256_cfb NID_aes_256_cfb128
+# endif
- return eax_out;
-}
+# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
+# define NID_aes_256_ofb NID_aes_256_ofb128
+# endif
-/*
- * Why not inline 'rep movsd'? I failed to find information on what value in
- * Direction Flag one can expect and consequently have to apply
- * "better-safe-than-sorry" approach and assume "undefined." I could
- * explicitly clear it and restore the original value upon return from
- * padlock_aes_cipher, but it's presumably too much trouble for too little
- * gain... In case you wonder 'rep xcrypt*' instructions above are *not*
- * affected by the Direction Flag and pointers advance toward larger
- * addresses unconditionally.
- */
-static inline unsigned char *padlock_memcpy(void *dst, const void *src,
- size_t n)
-{
- long *d = dst;
- const long *s = src;
+/* List of supported ciphers. */
+static const int padlock_cipher_nids[] = {
+ NID_aes_128_ecb,
+ NID_aes_128_cbc,
+ NID_aes_128_cfb,
+ NID_aes_128_ofb,
+ NID_aes_128_ctr,
- n /= sizeof(*d);
- do {
- *d++ = *s++;
- } while (--n);
+ NID_aes_192_ecb,
+ NID_aes_192_cbc,
+ NID_aes_192_cfb,
+ NID_aes_192_ofb,
+ NID_aes_192_ctr,
- return dst;
-}
+ NID_aes_256_ecb,
+ NID_aes_256_cbc,
+ NID_aes_256_cfb,
+ NID_aes_256_ofb,
+ NID_aes_256_ctr
+};
-# elif defined(_MSC_VER)
-/*
- * Unlike GCC these are real functions. In order to minimize impact
- * on performance we adhere to __fastcall calling convention in
- * order to get two first arguments passed through %ecx and %edx.
- * Which kind of suits very well, as instructions in question use
- * both %ecx and %edx as input:-)
- */
-# define REP_XCRYPT(code) \
- _asm _emit 0xf3 \
- _asm _emit 0x0f _asm _emit 0xa7 \
- _asm _emit code
+static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) /
+ sizeof(padlock_cipher_nids[0]));
-/*
- * BIG FAT WARNING: The offsets used with 'lea' instructions describe items
- * of the 'padlock_cipher_data' structure.
- */
-# define PADLOCK_XCRYPT_ASM(name,code) \
-static void * __fastcall \
- name (size_t cnt, void *cdata, \
- void *outp, const void *inp) \
-{ _asm mov eax,edx \
- _asm lea edx,[eax+16] \
- _asm lea ebx,[eax+32] \
- _asm mov edi,outp \
- _asm mov esi,inp \
- REP_XCRYPT(code) \
-}
+/* Function prototypes ... */
+static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc);
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb,0xc8)
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc,0xd0)
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb,0xe0)
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb,0xe8)
+# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \
+ ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) )
+# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\
+ NEAREST_ALIGNED(EVP_CIPHER_CTX_get_cipher_data(ctx)))
-static int __fastcall padlock_xstore(void *outp, unsigned int code)
+static int
+padlock_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
{
- _asm mov edi,ecx
- _asm _emit 0x0f _asm _emit 0xa7 _asm _emit 0xc0
+ return padlock_ecb_encrypt(out_arg, in_arg,
+ ALIGNED_CIPHER_DATA(ctx), nbytes);
}
-static void __fastcall padlock_reload_key(void)
+static int
+padlock_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
{
- _asm pushfd
- _asm popfd
+ struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx);
+ int ret;
+
+ memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE);
+ if ((ret = padlock_cbc_encrypt(out_arg, in_arg, cdata, nbytes)))
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE);
+ return ret;
}
-static void __fastcall padlock_verify_context(void *cdata)
+static int
+padlock_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
{
- _asm {
- pushfd
- bt DWORD PTR[esp],30
- jnc skip
- cmp ecx,padlock_saved_context
- je skip
- popfd
- sub esp,4
- skip: add esp,4
- mov padlock_saved_context,ecx
+ struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx);
+ size_t chunk;
+
+ if ((chunk = EVP_CIPHER_CTX_num(ctx))) { /* borrow chunk variable */
+ unsigned char *ivp = EVP_CIPHER_CTX_iv_noconst(ctx);
+
+ if (chunk >= AES_BLOCK_SIZE)
+ return 0; /* bogus value */
+
+ if (EVP_CIPHER_CTX_encrypting(ctx))
+ while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+ ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+ chunk++, nbytes--;
+ } else
+ while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+ unsigned char c = *(in_arg++);
+ *(out_arg++) = c ^ ivp[chunk];
+ ivp[chunk++] = c, nbytes--;
+ }
+
+ EVP_CIPHER_CTX_set_num(ctx, chunk % AES_BLOCK_SIZE);
}
+
+ if (nbytes == 0)
+ return 1;
+
+ memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE);
+
+ if ((chunk = nbytes & ~(AES_BLOCK_SIZE - 1))) {
+ if (!padlock_cfb_encrypt(out_arg, in_arg, cdata, chunk))
+ return 0;
+ nbytes -= chunk;
+ }
+
+ if (nbytes) {
+ unsigned char *ivp = cdata->iv;
+
+ out_arg += chunk;
+ in_arg += chunk;
+ EVP_CIPHER_CTX_set_num(ctx, nbytes);
+ if (cdata->cword.b.encdec) {
+ cdata->cword.b.encdec = 0;
+ padlock_reload_key();
+ padlock_aes_block(ivp, ivp, cdata);
+ cdata->cword.b.encdec = 1;
+ padlock_reload_key();
+ while (nbytes) {
+ unsigned char c = *(in_arg++);
+ *(out_arg++) = c ^ *ivp;
+ *(ivp++) = c, nbytes--;
+ }
+ } else {
+ padlock_reload_key();
+ padlock_aes_block(ivp, ivp, cdata);
+ padlock_reload_key();
+ while (nbytes) {
+ *ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
+ ivp++, nbytes--;
+ }
+ }
+ }
+
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE);
+
+ return 1;
}
static int
-padlock_available(void)
+padlock_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
{
- _asm {
- pushfd
- pop eax
- mov ecx,eax
- xor eax,1<<21
- push eax
- popfd
- pushfd
- pop eax
- xor eax,ecx
- bt eax,21
- jnc noluck
- mov eax,0
- cpuid
- xor eax,eax
- cmp ebx,'tneC'
- jne noluck
- cmp edx,'Hrua'
- jne noluck
- cmp ecx,'slua'
- jne noluck
- mov eax,0xC0000000
- cpuid
- mov edx,eax
- xor eax,eax
- cmp edx,0xC0000001
- jb noluck
- mov eax,0xC0000001
- cpuid
- xor eax,eax
- bt edx,6
- jnc skip_a
- bt edx,7
- jnc skip_a
- mov padlock_use_ace,1
- inc eax
- skip_a: bt edx,2
- jnc skip_r
- bt edx,3
- jnc skip_r
- mov padlock_use_rng,1
- inc eax
- skip_r:
- noluck:
+ struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx);
+ size_t chunk;
+
+ /*
+ * ctx->num is maintained in byte-oriented modes, such as CFB and OFB...
+ */
+ if ((chunk = EVP_CIPHER_CTX_num(ctx))) { /* borrow chunk variable */
+ unsigned char *ivp = EVP_CIPHER_CTX_iv_noconst(ctx);
+
+ if (chunk >= AES_BLOCK_SIZE)
+ return 0; /* bogus value */
+
+ while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+ *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+ chunk++, nbytes--;
+ }
+
+ EVP_CIPHER_CTX_set_num(ctx, chunk % AES_BLOCK_SIZE);
}
-}
-static void __fastcall padlock_bswapl(void *key)
-{
- _asm {
- pushfd
- cld
- mov esi,ecx
- mov edi,ecx
- mov ecx,60
- up: lodsd
- bswap eax
- stosd
- loop up
- popfd
+ if (nbytes == 0)
+ return 1;
+
+ memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE);
+
+ if ((chunk = nbytes & ~(AES_BLOCK_SIZE - 1))) {
+ if (!padlock_ofb_encrypt(out_arg, in_arg, cdata, chunk))
+ return 0;
+ nbytes -= chunk;
}
-}
-/*
- * MS actually specifies status of Direction Flag and compiler even manages
- * to compile following as 'rep movsd' all by itself...
- */
-# define padlock_memcpy(o,i,n) ((unsigned char *)memcpy((o),(i),(n)&~3U))
-# endif
-/* ===== AES encryption/decryption ===== */
-# ifndef OPENSSL_NO_AES
-# if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
-# define NID_aes_128_cfb NID_aes_128_cfb128
-# endif
-# if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
-# define NID_aes_128_ofb NID_aes_128_ofb128
-# endif
-# if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
-# define NID_aes_192_cfb NID_aes_192_cfb128
-# endif
-# if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
-# define NID_aes_192_ofb NID_aes_192_ofb128
-# endif
-# if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
-# define NID_aes_256_cfb NID_aes_256_cfb128
-# endif
-# if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
-# define NID_aes_256_ofb NID_aes_256_ofb128
-# endif
-/*
- * List of supported ciphers.
- */ static int padlock_cipher_nids[] = {
- NID_aes_128_ecb,
- NID_aes_128_cbc,
- NID_aes_128_cfb,
- NID_aes_128_ofb,
+ if (nbytes) {
+ unsigned char *ivp = cdata->iv;
+
+ out_arg += chunk;
+ in_arg += chunk;
+ EVP_CIPHER_CTX_set_num(ctx, nbytes);
+ padlock_reload_key(); /* empirically found */
+ padlock_aes_block(ivp, ivp, cdata);
+ padlock_reload_key(); /* empirically found */
+ while (nbytes) {
+ *(out_arg++) = *(in_arg++) ^ *ivp;
+ ivp++, nbytes--;
+ }
+ }
- NID_aes_192_ecb,
- NID_aes_192_cbc,
- NID_aes_192_cfb,
- NID_aes_192_ofb,
+ memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE);
- NID_aes_256_ecb,
- NID_aes_256_cbc,
- NID_aes_256_cfb,
- NID_aes_256_ofb,
-};
+ return 1;
+}
-static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) /
- sizeof(padlock_cipher_nids[0]));
+static void padlock_ctr32_encrypt_glue(const unsigned char *in,
+ unsigned char *out, size_t blocks,
+ struct padlock_cipher_data *ctx,
+ const unsigned char *ivec)
+{
+ memcpy(ctx->iv, ivec, AES_BLOCK_SIZE);
+ padlock_ctr32_encrypt(out, in, ctx, AES_BLOCK_SIZE * blocks);
+}
-/* Function prototypes ... */
-static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t nbytes);
+static int
+padlock_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+ const unsigned char *in_arg, size_t nbytes)
+{
+ struct padlock_cipher_data *cdata = ALIGNED_CIPHER_DATA(ctx);
+ unsigned int num = EVP_CIPHER_CTX_num(ctx);
-# define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) + \
- ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F ) )
-# define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\
- NEAREST_ALIGNED(ctx->cipher_data))
+ CRYPTO_ctr128_encrypt_ctr32(in_arg, out_arg, nbytes,
+ cdata, EVP_CIPHER_CTX_iv_noconst(ctx),
+ EVP_CIPHER_CTX_buf_noconst(ctx), &num,
+ (ctr128_f) padlock_ctr32_encrypt_glue);
+
+ EVP_CIPHER_CTX_set_num(ctx, (size_t)num);
+ return 1;
+}
-# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE
-# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE
-# define EVP_CIPHER_block_size_OFB 1
-# define EVP_CIPHER_block_size_CFB 1
+# define EVP_CIPHER_block_size_ECB AES_BLOCK_SIZE
+# define EVP_CIPHER_block_size_CBC AES_BLOCK_SIZE
+# define EVP_CIPHER_block_size_OFB 1
+# define EVP_CIPHER_block_size_CFB 1
+# define EVP_CIPHER_block_size_CTR 1
/*
* Declaring so many ciphers by hand would be a pain. Instead introduce a bit
* of preprocessor magic :-)
*/
-# define DECLARE_AES_EVP(ksize,lmode,umode) \
-static const EVP_CIPHER padlock_aes_##ksize##_##lmode = { \
- NID_aes_##ksize##_##lmode, \
- EVP_CIPHER_block_size_##umode, \
- AES_KEY_SIZE_##ksize, \
- AES_BLOCK_SIZE, \
- 0 | EVP_CIPH_##umode##_MODE, \
- padlock_aes_init_key, \
- padlock_aes_cipher, \
- NULL, \
- sizeof(struct padlock_cipher_data) + 16, \
- EVP_CIPHER_set_asn1_iv, \
- EVP_CIPHER_get_asn1_iv, \
- NULL, \
- NULL \
+# define DECLARE_AES_EVP(ksize,lmode,umode) \
+static EVP_CIPHER *_hidden_aes_##ksize##_##lmode = NULL; \
+static const EVP_CIPHER *padlock_aes_##ksize##_##lmode(void) \
+{ \
+ if (_hidden_aes_##ksize##_##lmode == NULL \
+ && ((_hidden_aes_##ksize##_##lmode = \
+ EVP_CIPHER_meth_new(NID_aes_##ksize##_##lmode, \
+ EVP_CIPHER_block_size_##umode, \
+ AES_KEY_SIZE_##ksize)) == NULL \
+ || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_##ksize##_##lmode, \
+ AES_BLOCK_SIZE) \
+ || !EVP_CIPHER_meth_set_flags(_hidden_aes_##ksize##_##lmode, \
+ 0 | EVP_CIPH_##umode##_MODE) \
+ || !EVP_CIPHER_meth_set_init(_hidden_aes_##ksize##_##lmode, \
+ padlock_aes_init_key) \
+ || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_##ksize##_##lmode, \
+ padlock_##lmode##_cipher) \
+ || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_##ksize##_##lmode, \
+ sizeof(struct padlock_cipher_data) + 16) \
+ || !EVP_CIPHER_meth_set_set_asn1_params(_hidden_aes_##ksize##_##lmode, \
+ EVP_CIPHER_set_asn1_iv) \
+ || !EVP_CIPHER_meth_set_get_asn1_params(_hidden_aes_##ksize##_##lmode, \
+ EVP_CIPHER_get_asn1_iv))) { \
+ EVP_CIPHER_meth_free(_hidden_aes_##ksize##_##lmode); \
+ _hidden_aes_##ksize##_##lmode = NULL; \
+ } \
+ return _hidden_aes_##ksize##_##lmode; \
}
-DECLARE_AES_EVP(128, ecb, ECB);
-DECLARE_AES_EVP(128, cbc, CBC);
-DECLARE_AES_EVP(128, cfb, CFB);
-DECLARE_AES_EVP(128, ofb, OFB);
+DECLARE_AES_EVP(128, ecb, ECB)
+DECLARE_AES_EVP(128, cbc, CBC)
+DECLARE_AES_EVP(128, cfb, CFB)
+DECLARE_AES_EVP(128, ofb, OFB)
+DECLARE_AES_EVP(128, ctr, CTR)
-DECLARE_AES_EVP(192, ecb, ECB);
-DECLARE_AES_EVP(192, cbc, CBC);
-DECLARE_AES_EVP(192, cfb, CFB);
-DECLARE_AES_EVP(192, ofb, OFB);
+DECLARE_AES_EVP(192, ecb, ECB)
+DECLARE_AES_EVP(192, cbc, CBC)
+DECLARE_AES_EVP(192, cfb, CFB)
+DECLARE_AES_EVP(192, ofb, OFB)
+DECLARE_AES_EVP(192, ctr, CTR)
-DECLARE_AES_EVP(256, ecb, ECB);
-DECLARE_AES_EVP(256, cbc, CBC);
-DECLARE_AES_EVP(256, cfb, CFB);
-DECLARE_AES_EVP(256, ofb, OFB);
+DECLARE_AES_EVP(256, ecb, ECB)
+DECLARE_AES_EVP(256, cbc, CBC)
+DECLARE_AES_EVP(256, cfb, CFB)
+DECLARE_AES_EVP(256, ofb, OFB)
+DECLARE_AES_EVP(256, ctr, CTR)
static int
padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids,
@@ -736,42 +536,51 @@ padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids,
/* ... or the requested "cipher" otherwise */
switch (nid) {
case NID_aes_128_ecb:
- *cipher = &padlock_aes_128_ecb;
+ *cipher = padlock_aes_128_ecb();
break;
case NID_aes_128_cbc:
- *cipher = &padlock_aes_128_cbc;
+ *cipher = padlock_aes_128_cbc();
break;
case NID_aes_128_cfb:
- *cipher = &padlock_aes_128_cfb;
+ *cipher = padlock_aes_128_cfb();
break;
case NID_aes_128_ofb:
- *cipher = &padlock_aes_128_ofb;
+ *cipher = padlock_aes_128_ofb();
+ break;
+ case NID_aes_128_ctr:
+ *cipher = padlock_aes_128_ctr();
break;
case NID_aes_192_ecb:
- *cipher = &padlock_aes_192_ecb;
+ *cipher = padlock_aes_192_ecb();
break;
case NID_aes_192_cbc:
- *cipher = &padlock_aes_192_cbc;
+ *cipher = padlock_aes_192_cbc();
break;
case NID_aes_192_cfb:
- *cipher = &padlock_aes_192_cfb;
+ *cipher = padlock_aes_192_cfb();
break;
case NID_aes_192_ofb:
- *cipher = &padlock_aes_192_ofb;
+ *cipher = padlock_aes_192_ofb();
+ break;
+ case NID_aes_192_ctr:
+ *cipher = padlock_aes_192_ctr();
break;
case NID_aes_256_ecb:
- *cipher = &padlock_aes_256_ecb;
+ *cipher = padlock_aes_256_ecb();
break;
case NID_aes_256_cbc:
- *cipher = &padlock_aes_256_cbc;
+ *cipher = padlock_aes_256_cbc();
break;
case NID_aes_256_cfb:
- *cipher = &padlock_aes_256_cfb;
+ *cipher = padlock_aes_256_cfb();
break;
case NID_aes_256_ofb:
- *cipher = &padlock_aes_256_ofb;
+ *cipher = padlock_aes_256_ofb();
+ break;
+ case NID_aes_256_ctr:
+ *cipher = padlock_aes_256_ctr();
break;
default:
@@ -790,18 +599,19 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
{
struct padlock_cipher_data *cdata;
int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8;
+ unsigned long mode = EVP_CIPHER_CTX_mode(ctx);
if (key == NULL)
return 0; /* ERROR */
cdata = ALIGNED_CIPHER_DATA(ctx);
- memset(cdata, 0, sizeof(struct padlock_cipher_data));
+ memset(cdata, 0, sizeof(*cdata));
/* Prepare Control word. */
- if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
+ if (mode == EVP_CIPH_OFB_MODE || mode == EVP_CIPH_CTR_MODE)
cdata->cword.b.encdec = 0;
else
- cdata->cword.b.encdec = (ctx->encrypt == 0);
+ cdata->cword.b.encdec = (EVP_CIPHER_CTX_encrypting(ctx) == 0);
cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
cdata->cword.b.ksize = (key_len - 128) / 64;
@@ -824,17 +634,17 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
* hardware errata. They most likely will fix it at some point and
* then a check for stepping would be due here.
*/
- if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
- EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || enc)
- AES_set_encrypt_key(key, key_len, &cdata->ks);
- else
+ if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+ && !enc)
AES_set_decrypt_key(key, key_len, &cdata->ks);
-# ifndef AES_ASM
+ else
+ AES_set_encrypt_key(key, key_len, &cdata->ks);
+# ifndef AES_ASM
/*
* OpenSSL C functions use byte-swapped extended key.
*/
- padlock_bswapl(&cdata->ks);
-# endif
+ padlock_key_bswap(&cdata->ks);
+# endif
cdata->cword.b.keygen = 1;
break;
@@ -853,338 +663,6 @@ padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
return 1;
}
-/*-
- * Simplified version of padlock_aes_cipher() used when
- * 1) both input and output buffers are at aligned addresses.
- * or when
- * 2) running on a newer CPU that doesn't require aligned buffers.
- */
-static int
-padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
- const unsigned char *in_arg, size_t nbytes)
-{
- struct padlock_cipher_data *cdata;
- void *iv;
-
- cdata = ALIGNED_CIPHER_DATA(ctx);
- padlock_verify_context(cdata);
-
- switch (EVP_CIPHER_CTX_mode(ctx)) {
- case EVP_CIPH_ECB_MODE:
- padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg);
- break;
-
- case EVP_CIPH_CBC_MODE:
- memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
- iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata, out_arg,
- in_arg);
- memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
- break;
-
- case EVP_CIPH_CFB_MODE:
- memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
- iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata, out_arg,
- in_arg);
- memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
- break;
-
- case EVP_CIPH_OFB_MODE:
- memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
- padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg);
- memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
- break;
-
- default:
- return 0;
- }
-
- memset(cdata->iv, 0, AES_BLOCK_SIZE);
-
- return 1;
-}
-
-# ifndef PADLOCK_CHUNK
-# define PADLOCK_CHUNK 512 /* Must be a power of 2 larger than 16 */
-# endif
-# if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1)
-# error "insane PADLOCK_CHUNK..."
-# endif
-
-/*
- * Re-align the arguments to 16-Bytes boundaries and run the encryption
- * function itself. This function is not AES-specific.
- */
-static int
-padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
- const unsigned char *in_arg, size_t nbytes)
-{
- struct padlock_cipher_data *cdata;
- const void *inp;
- unsigned char *out;
- void *iv;
- int inp_misaligned, out_misaligned, realign_in_loop;
- size_t chunk, allocated = 0;
-
- /*
- * ctx->num is maintained in byte-oriented modes, such as CFB and OFB...
- */
- if ((chunk = ctx->num)) { /* borrow chunk variable */
- unsigned char *ivp = ctx->iv;
-
- switch (EVP_CIPHER_CTX_mode(ctx)) {
- case EVP_CIPH_CFB_MODE:
- if (chunk >= AES_BLOCK_SIZE)
- return 0; /* bogus value */
-
- if (ctx->encrypt)
- while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
- ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
- chunk++, nbytes--;
- } else
- while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
- unsigned char c = *(in_arg++);
- *(out_arg++) = c ^ ivp[chunk];
- ivp[chunk++] = c, nbytes--;
- }
-
- ctx->num = chunk % AES_BLOCK_SIZE;
- break;
- case EVP_CIPH_OFB_MODE:
- if (chunk >= AES_BLOCK_SIZE)
- return 0; /* bogus value */
-
- while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
- *(out_arg++) = *(in_arg++) ^ ivp[chunk];
- chunk++, nbytes--;
- }
-
- ctx->num = chunk % AES_BLOCK_SIZE;
- break;
- }
- }
-
- if (nbytes == 0)
- return 1;
-# if 0
- if (nbytes % AES_BLOCK_SIZE)
- return 0; /* are we expected to do tail processing? */
-# else
- /*
- * nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC modes and
- * arbitrary value in byte-oriented modes, such as CFB and OFB...
- */
-# endif
-
- /*
- * VIA promises CPUs that won't require alignment in the future. For now
- * padlock_aes_align_required is initialized to 1 and the condition is
- * never met...
- */
- /*
- * C7 core is capable to manage unaligned input in non-ECB[!] mode, but
- * performance penalties appear to be approximately same as for software
- * alignment below or ~3x. They promise to improve it in the future, but
- * for now we can just as well pretend that it can only handle aligned
- * input...
- */
- if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0)
- return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
-
- inp_misaligned = (((size_t)in_arg) & 0x0F);
- out_misaligned = (((size_t)out_arg) & 0x0F);
-
- /*
- * Note that even if output is aligned and input not, I still prefer to
- * loop instead of copy the whole input and then encrypt in one stroke.
- * This is done in order to improve L1 cache utilization...
- */
- realign_in_loop = out_misaligned | inp_misaligned;
-
- if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0)
- return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
-
- /* this takes one "if" out of the loops */
- chunk = nbytes;
- chunk %= PADLOCK_CHUNK;
- if (chunk == 0)
- chunk = PADLOCK_CHUNK;
-
- if (out_misaligned) {
- /* optmize for small input */
- allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
- out = alloca(0x10 + allocated);
- out = NEAREST_ALIGNED(out);
- } else
- out = out_arg;
-
- cdata = ALIGNED_CIPHER_DATA(ctx);
- padlock_verify_context(cdata);
-
- switch (EVP_CIPHER_CTX_mode(ctx)) {
- case EVP_CIPH_ECB_MODE:
- do {
- if (inp_misaligned)
- inp = padlock_memcpy(out, in_arg, chunk);
- else
- inp = in_arg;
- in_arg += chunk;
-
- padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
-
- if (out_misaligned)
- out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
- else
- out = out_arg += chunk;
-
- nbytes -= chunk;
- chunk = PADLOCK_CHUNK;
- } while (nbytes);
- break;
-
- case EVP_CIPH_CBC_MODE:
- memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
- goto cbc_shortcut;
- do {
- if (iv != cdata->iv)
- memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
- chunk = PADLOCK_CHUNK;
- cbc_shortcut: /* optimize for small input */
- if (inp_misaligned)
- inp = padlock_memcpy(out, in_arg, chunk);
- else
- inp = in_arg;
- in_arg += chunk;
-
- iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata, out, inp);
-
- if (out_misaligned)
- out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
- else
- out = out_arg += chunk;
-
- } while (nbytes -= chunk);
- memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
- break;
-
- case EVP_CIPH_CFB_MODE:
- memcpy(iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
- chunk &= ~(AES_BLOCK_SIZE - 1);
- if (chunk)
- goto cfb_shortcut;
- else
- goto cfb_skiploop;
- do {
- if (iv != cdata->iv)
- memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
- chunk = PADLOCK_CHUNK;
- cfb_shortcut: /* optimize for small input */
- if (inp_misaligned)
- inp = padlock_memcpy(out, in_arg, chunk);
- else
- inp = in_arg;
- in_arg += chunk;
-
- iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
-
- if (out_misaligned)
- out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
- else
- out = out_arg += chunk;
-
- nbytes -= chunk;
- } while (nbytes >= AES_BLOCK_SIZE);
-
- cfb_skiploop:
- if (nbytes) {
- unsigned char *ivp = cdata->iv;
-
- if (iv != ivp) {
- memcpy(ivp, iv, AES_BLOCK_SIZE);
- iv = ivp;
- }
- ctx->num = nbytes;
- if (cdata->cword.b.encdec) {
- cdata->cword.b.encdec = 0;
- padlock_reload_key();
- padlock_xcrypt_ecb(1, cdata, ivp, ivp);
- cdata->cword.b.encdec = 1;
- padlock_reload_key();
- while (nbytes) {
- unsigned char c = *(in_arg++);
- *(out_arg++) = c ^ *ivp;
- *(ivp++) = c, nbytes--;
- }
- } else {
- padlock_reload_key();
- padlock_xcrypt_ecb(1, cdata, ivp, ivp);
- padlock_reload_key();
- while (nbytes) {
- *ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
- ivp++, nbytes--;
- }
- }
- }
-
- memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
- break;
-
- case EVP_CIPH_OFB_MODE:
- memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
- chunk &= ~(AES_BLOCK_SIZE - 1);
- if (chunk)
- do {
- if (inp_misaligned)
- inp = padlock_memcpy(out, in_arg, chunk);
- else
- inp = in_arg;
- in_arg += chunk;
-
- padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
-
- if (out_misaligned)
- out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
- else
- out = out_arg += chunk;
-
- nbytes -= chunk;
- chunk = PADLOCK_CHUNK;
- } while (nbytes >= AES_BLOCK_SIZE);
-
- if (nbytes) {
- unsigned char *ivp = cdata->iv;
-
- ctx->num = nbytes;
- padlock_reload_key(); /* empirically found */
- padlock_xcrypt_ecb(1, cdata, ivp, ivp);
- padlock_reload_key(); /* empirically found */
- while (nbytes) {
- *(out_arg++) = *(in_arg++) ^ *ivp;
- ivp++, nbytes--;
- }
- }
-
- memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
- break;
-
- default:
- return 0;
- }
-
- /* Clean the realign buffer if it was used */
- if (out_misaligned) {
- volatile unsigned long *p = (void *)out;
- size_t n = allocated / sizeof(*p);
- while (n--)
- *p++ = 0;
- }
-
- memset(cdata->iv, 0, AES_BLOCK_SIZE);
-
- return 1;
-}
-
-# endif /* OPENSSL_NO_AES */
-
/* ===== Random Number Generator ===== */
/*
* This code is not engaged. The reason is that it does not comply
@@ -1228,7 +706,7 @@ static int padlock_rand_bytes(unsigned char *output, int count)
*output++ = (unsigned char)buf;
count--;
}
- *(volatile unsigned int *)&buf = 0;
+ OPENSSL_cleanse(&buf, sizeof(buf));
return 1;
}
@@ -1249,8 +727,13 @@ static RAND_METHOD padlock_rand = {
padlock_rand_status, /* rand status */
};
-# else /* !COMPILE_HW_PADLOCK */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# endif /* COMPILE_HW_PADLOCK */
+# endif /* !OPENSSL_NO_HW_PADLOCK */
+#endif /* !OPENSSL_NO_HW */
+
+#if defined(OPENSSL_NO_HW) || defined(OPENSSL_NO_HW_PADLOCK) \
+ || !defined(COMPILE_HW_PADLOCK)
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
OPENSSL_EXPORT
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
OPENSSL_EXPORT
@@ -1260,7 +743,5 @@ OPENSSL_EXPORT
}
IMPLEMENT_DYNAMIC_CHECK_FN()
-# endif
-# endif /* COMPILE_HW_PADLOCK */
-# endif /* !OPENSSL_NO_HW_PADLOCK */
-#endif /* !OPENSSL_NO_HW */
+# endif
+#endif
diff --git a/engines/e_sureware.c b/engines/e_sureware.c
deleted file mode 100644
index 8a23763f75d9..000000000000
--- a/engines/e_sureware.c
+++ /dev/null
@@ -1,1101 +0,0 @@
-/*-
-* Written by Corinne Dive-Reclus(cdive@baltimore.com)
-*
-*
-* Redistribution and use in source and binary forms, with or without
-* modification, are permitted provided that the following conditions
-* are met:
-*
-* 1. Redistributions of source code must retain the above copyright
-* notice, this list of conditions and the following disclaimer.
-*
-* 2. Redistributions in binary form must reproduce the above copyright
-* notice, this list of conditions and the following disclaimer in
-* the documentation and/or other materials provided with the
-* distribution.
-*
-* 3. All advertising materials mentioning features or use of this
-* software must display the following acknowledgment:
-* "This product includes software developed by the OpenSSL Project
-* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-*
-* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-* endorse or promote products derived from this software without
-* prior written permission. For written permission, please contact
-* licensing@OpenSSL.org.
-*
-* 5. Products derived from this software may not be called "OpenSSL"
-* nor may "OpenSSL" appear in their names without prior written
-* permission of the OpenSSL Project.
-*
-* 6. Redistributions of any form whatsoever must retain the following
-* acknowledgment:
-* "This product includes software developed by the OpenSSL Project
-* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-*
-* Written by Corinne Dive-Reclus(cdive@baltimore.com)
-*
-* Copyright@2001 Baltimore Technologies Ltd.
-* All right Reserved.
-* *
-* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND *
-* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE *
-* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE *
-* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE *
-* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL *
-* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS *
-* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) *
-* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT *
-* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY *
-* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF *
-* SUCH DAMAGE. *
-====================================================================*/
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_SUREWARE
-
-# ifdef FLAT_INC
-# include "sureware.h"
-# else
-# include "vendor_defns/sureware.h"
-# endif
-
-# define SUREWARE_LIB_NAME "sureware engine"
-# include "e_sureware_err.c"
-
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f) (void));
-static int surewarehk_destroy(ENGINE *e);
-static int surewarehk_init(ENGINE *e);
-static int surewarehk_finish(ENGINE *e);
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-/* RSA stuff */
-# ifndef OPENSSL_NO_RSA
-static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-static int surewarehk_rsa_sign(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
-# endif
-
-/* RAND stuff */
-static int surewarehk_rand_bytes(unsigned char *buf, int num);
-static void surewarehk_rand_seed(const void *buf, int num);
-static void surewarehk_rand_add(const void *buf, int num, double entropy);
-
-/* KM stuff */
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data);
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data);
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-# if 0
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
-# endif
-
-# ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD surewarehk_rsa = {
- "SureWare RSA method",
- NULL, /* pub_enc */
- NULL, /* pub_dec */
- surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc */
- surewarehk_rsa_priv_dec, /* priv_dec */
- NULL, /* mod_exp */
- surewarehk_mod_exp_mont, /* mod_exp_mongomery */
- NULL, /* init */
- NULL, /* finish */
- 0, /* RSA flag */
- NULL,
- NULL, /* OpenSSL sign */
- NULL, /* OpenSSL verify */
- NULL /* keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-static DH_METHOD surewarehk_dh = {
- "SureWare DH method",
- NULL, /* gen_key */
- NULL, /* agree, */
- surewarehk_modexp_dh, /* dh mod exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL,
- NULL
-};
-# endif
-
-static RAND_METHOD surewarehk_rand = {
- /* "SureWare RAND method", */
- surewarehk_rand_seed,
- surewarehk_rand_bytes,
- NULL, /* cleanup */
- surewarehk_rand_add,
- surewarehk_rand_bytes,
- NULL, /* rand_status */
-};
-
-# ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen,
- DSA *dsa);
-static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
- BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont)
-{
- BIGNUM t;
- int to_return = 0;
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!surewarehk_modexp(rr, a1, p1, m, ctx))
- goto end;
- /* let t = a2 ^ p2 mod m */
- if (!surewarehk_modexp(&t, a2, p2, m, ctx))
- goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr, rr, &t, m, ctx))
- goto end;
- to_return = 1;
- end:
- BN_free(&t);
- return to_return;
-}
-
-static DSA_METHOD surewarehk_dsa = {
- "SureWare DSA method",
- surewarehk_dsa_do_sign,
- NULL, /* sign setup */
- NULL, /* verify, */
- surewarehk_dsa_mod_exp, /* mod exp */
- NULL, /* bn mod exp */
- NULL, /* init */
- NULL, /* finish */
- 0,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-static const char *engine_sureware_id = "sureware";
-static const char *engine_sureware_name = "SureWare hardware engine support";
-
-/* Now, to our own code */
-
-/*
- * As this is only ever called once, there's no need for locking (indeed -
- * the lock will already be held by our caller!!!)
- */
-static int bind_sureware(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-# endif
-# ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-# endif
-
- if (!ENGINE_set_id(e, engine_sureware_id) ||
- !ENGINE_set_name(e, engine_sureware_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &surewarehk_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &surewarehk_dsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &surewarehk_dh) ||
-# endif
- !ENGINE_set_RAND(e, &surewarehk_rand) ||
- !ENGINE_set_destroy_function(e, surewarehk_destroy) ||
- !ENGINE_set_init_function(e, surewarehk_init) ||
- !ENGINE_set_finish_function(e, surewarehk_finish) ||
- !ENGINE_set_ctrl_function(e, surewarehk_ctrl) ||
- !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
- * We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- if (meth1) {
- surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- }
-# endif
-
-# ifndef OPENSSL_NO_DSA
- /*
- * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
- */
- meth2 = DSA_OpenSSL();
- if (meth2) {
- surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;
- }
-# endif
-
-# ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- if (meth3) {
- surewarehk_dh.generate_key = meth3->generate_key;
- surewarehk_dh.compute_key = meth3->compute_key;
- }
-# endif
-
- /* Ensure the sureware error handling is set up */
- ERR_load_SUREWARE_strings();
- return 1;
-}
-
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_helper(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_sureware_id) != 0))
- return 0;
- if (!bind_sureware(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-# else
-static ENGINE *engine_sureware(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_sureware(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_sureware(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_sureware();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * SureWareHook library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *surewarehk_dso = NULL;
-# ifndef OPENSSL_NO_RSA
-/* Index for KM handle. Not really used yet. */
-static int rsaHndidx = -1;
-# endif
-# ifndef OPENSSL_NO_DSA
-/* Index for KM handle. Not really used yet. */
-static int dsaHndidx = -1;
-# endif
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static SureWareHook_Init_t *p_surewarehk_Init = NULL;
-static SureWareHook_Finish_t *p_surewarehk_Finish = NULL;
-static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL;
-static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL;
-static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL;
-static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL;
-static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL;
-static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL;
-static SureWareHook_Free_t *p_surewarehk_Free = NULL;
-static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec = NULL;
-static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign = NULL;
-static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign = NULL;
-static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp = NULL;
-
-/* Used in the DSO operations. */
-static const char *surewarehk_LIBNAME = "SureWareHook";
-static const char *n_surewarehk_Init = "SureWareHook_Init";
-static const char *n_surewarehk_Finish = "SureWareHook_Finish";
-static const char *n_surewarehk_Rand_Bytes = "SureWareHook_Rand_Bytes";
-static const char *n_surewarehk_Rand_Seed = "SureWareHook_Rand_Seed";
-static const char *n_surewarehk_Load_Privkey = "SureWareHook_Load_Privkey";
-static const char *n_surewarehk_Info_Pubkey = "SureWareHook_Info_Pubkey";
-static const char *n_surewarehk_Load_Rsa_Pubkey =
- "SureWareHook_Load_Rsa_Pubkey";
-static const char *n_surewarehk_Load_Dsa_Pubkey =
- "SureWareHook_Load_Dsa_Pubkey";
-static const char *n_surewarehk_Free = "SureWareHook_Free";
-static const char *n_surewarehk_Rsa_Priv_Dec = "SureWareHook_Rsa_Priv_Dec";
-static const char *n_surewarehk_Rsa_Sign = "SureWareHook_Rsa_Sign";
-static const char *n_surewarehk_Dsa_Sign = "SureWareHook_Dsa_Sign";
-static const char *n_surewarehk_Mod_Exp = "SureWareHook_Mod_Exp";
-static BIO *logstream = NULL;
-
-/*
- * SureWareHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no error
- * checking, take a look lower down where these functions are called, the
- * checking and error handling is probably down there.
- */
-static int threadsafe = 1;
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f) (void))
-{
- int to_return = 1;
-
- switch (cmd) {
- case ENGINE_CTRL_SET_LOGSTREAM:
- {
- BIO *bio = (BIO *)p;
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (logstream) {
- BIO_free(logstream);
- logstream = NULL;
- }
- if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
- logstream = bio;
- else
- SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
- SUREWARE_R_BIO_WAS_FREED);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /*
- * This will prevent the initialisation function from "installing"
- * the mutex-handling callbacks, even if they are available from
- * within the library (or were provided to the library from the
- * calling application). This is to remove any baggage for
- * applications not using multithreading.
- */
- case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- threadsafe = 0;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
-
- /* The command isn't understood by this engine */
- default:
- SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
- ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- to_return = 0;
- break;
- }
-
- return to_return;
-}
-
-/* Destructor (complements the "ENGINE_surewarehk()" constructor) */
-static int surewarehk_destroy(ENGINE *e)
-{
- ERR_unload_SUREWARE_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int surewarehk_init(ENGINE *e)
-{
- char msg[64] = "ENGINE_init";
- SureWareHook_Init_t *p1 = NULL;
- SureWareHook_Finish_t *p2 = NULL;
- SureWareHook_Rand_Bytes_t *p3 = NULL;
- SureWareHook_Rand_Seed_t *p4 = NULL;
- SureWareHook_Load_Privkey_t *p5 = NULL;
- SureWareHook_Load_Rsa_Pubkey_t *p6 = NULL;
- SureWareHook_Free_t *p7 = NULL;
- SureWareHook_Rsa_Priv_Dec_t *p8 = NULL;
- SureWareHook_Rsa_Sign_t *p9 = NULL;
- SureWareHook_Dsa_Sign_t *p12 = NULL;
- SureWareHook_Info_Pubkey_t *p13 = NULL;
- SureWareHook_Load_Dsa_Pubkey_t *p14 = NULL;
- SureWareHook_Mod_Exp_t *p15 = NULL;
-
- if (surewarehk_dso != NULL) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */
- surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0);
- if (surewarehk_dso == NULL) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE);
- goto err;
- }
- if (!
- (p1 =
- (SureWareHook_Init_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Init))
-|| !(p2 =
- (SureWareHook_Finish_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Finish))
-|| !(p3 =
- (SureWareHook_Rand_Bytes_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Rand_Bytes))
-|| !(p4 =
- (SureWareHook_Rand_Seed_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Rand_Seed))
-|| !(p5 =
- (SureWareHook_Load_Privkey_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Load_Privkey))
-|| !(p6 =
- (SureWareHook_Load_Rsa_Pubkey_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Load_Rsa_Pubkey))
-|| !(p7 =
- (SureWareHook_Free_t *) DSO_bind_func(surewarehk_dso, n_surewarehk_Free))
-|| !(p8 =
- (SureWareHook_Rsa_Priv_Dec_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Rsa_Priv_Dec))
-|| !(p9 =
- (SureWareHook_Rsa_Sign_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Rsa_Sign))
-|| !(p12 =
- (SureWareHook_Dsa_Sign_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Dsa_Sign))
-|| !(p13 =
- (SureWareHook_Info_Pubkey_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Info_Pubkey))
-|| !(p14 =
- (SureWareHook_Load_Dsa_Pubkey_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Load_Dsa_Pubkey))
-|| !(p15 =
- (SureWareHook_Mod_Exp_t *) DSO_bind_func(surewarehk_dso,
- n_surewarehk_Mod_Exp))) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE);
- goto err;
- }
- /* Copy the pointers */
- p_surewarehk_Init = p1;
- p_surewarehk_Finish = p2;
- p_surewarehk_Rand_Bytes = p3;
- p_surewarehk_Rand_Seed = p4;
- p_surewarehk_Load_Privkey = p5;
- p_surewarehk_Load_Rsa_Pubkey = p6;
- p_surewarehk_Free = p7;
- p_surewarehk_Rsa_Priv_Dec = p8;
- p_surewarehk_Rsa_Sign = p9;
- p_surewarehk_Dsa_Sign = p12;
- p_surewarehk_Info_Pubkey = p13;
- p_surewarehk_Load_Dsa_Pubkey = p14;
- p_surewarehk_Mod_Exp = p15;
- /* Contact the hardware and initialises it. */
- if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE);
- goto err;
- }
- if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE);
- goto err;
- }
- /*
- * try to load the default private key, if failed does not return a
- * failure but wait for an explicit ENGINE_load_privakey
- */
- surewarehk_load_privkey(e, NULL, NULL, NULL);
-
- /* Everything's fine. */
-# ifndef OPENSSL_NO_RSA
- if (rsaHndidx == -1)
- rsaHndidx = RSA_get_ex_new_index(0,
- "SureWareHook RSA key handle",
- NULL, NULL, surewarehk_ex_free);
-# endif
-# ifndef OPENSSL_NO_DSA
- if (dsaHndidx == -1)
- dsaHndidx = DSA_get_ex_new_index(0,
- "SureWareHook DSA key handle",
- NULL, NULL, surewarehk_ex_free);
-# endif
-
- return 1;
- err:
- if (surewarehk_dso)
- DSO_free(surewarehk_dso);
- surewarehk_dso = NULL;
- p_surewarehk_Init = NULL;
- p_surewarehk_Finish = NULL;
- p_surewarehk_Rand_Bytes = NULL;
- p_surewarehk_Rand_Seed = NULL;
- p_surewarehk_Load_Privkey = NULL;
- p_surewarehk_Load_Rsa_Pubkey = NULL;
- p_surewarehk_Free = NULL;
- p_surewarehk_Rsa_Priv_Dec = NULL;
- p_surewarehk_Rsa_Sign = NULL;
- p_surewarehk_Dsa_Sign = NULL;
- p_surewarehk_Info_Pubkey = NULL;
- p_surewarehk_Load_Dsa_Pubkey = NULL;
- p_surewarehk_Mod_Exp = NULL;
- return 0;
-}
-
-static int surewarehk_finish(ENGINE *e)
-{
- int to_return = 1;
- if (surewarehk_dso == NULL) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_NOT_LOADED);
- to_return = 0;
- goto err;
- }
- p_surewarehk_Finish();
- if (!DSO_free(surewarehk_dso)) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_DSO_FAILURE);
- to_return = 0;
- goto err;
- }
- err:
- if (logstream)
- BIO_free(logstream);
- surewarehk_dso = NULL;
- p_surewarehk_Init = NULL;
- p_surewarehk_Finish = NULL;
- p_surewarehk_Rand_Bytes = NULL;
- p_surewarehk_Rand_Seed = NULL;
- p_surewarehk_Load_Privkey = NULL;
- p_surewarehk_Load_Rsa_Pubkey = NULL;
- p_surewarehk_Free = NULL;
- p_surewarehk_Rsa_Priv_Dec = NULL;
- p_surewarehk_Rsa_Sign = NULL;
- p_surewarehk_Dsa_Sign = NULL;
- p_surewarehk_Info_Pubkey = NULL;
- p_surewarehk_Load_Dsa_Pubkey = NULL;
- p_surewarehk_Mod_Exp = NULL;
- return to_return;
-}
-
-static void surewarehk_error_handling(char *const msg, int func, int ret)
-{
- switch (ret) {
- case SUREWAREHOOK_ERROR_UNIT_FAILURE:
- ENGINEerr(func, SUREWARE_R_UNIT_FAILURE);
- break;
- case SUREWAREHOOK_ERROR_FALLBACK:
- ENGINEerr(func, SUREWARE_R_REQUEST_FALLBACK);
- break;
- case SUREWAREHOOK_ERROR_DATA_SIZE:
- ENGINEerr(func, SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- break;
- case SUREWAREHOOK_ERROR_INVALID_PAD:
- ENGINEerr(func, SUREWARE_R_PADDING_CHECK_FAILED);
- break;
- default:
- ENGINEerr(func, SUREWARE_R_REQUEST_FAILED);
- break;
- case 1: /* nothing */
- msg[0] = '\0';
- }
- if (*msg) {
- ERR_add_error_data(1, msg);
- if (logstream) {
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
- BIO_write(logstream, msg, strlen(msg));
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
- }
- }
-}
-
-static int surewarehk_rand_bytes(unsigned char *buf, int num)
-{
- int ret = 0;
- char msg[64] = "ENGINE_rand_bytes";
- if (!p_surewarehk_Rand_Bytes) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,
- ENGINE_R_NOT_INITIALISED);
- } else {
- ret = p_surewarehk_Rand_Bytes(msg, buf, num);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_BYTES, ret);
- }
- return ret == 1 ? 1 : 0;
-}
-
-static void surewarehk_rand_seed(const void *buf, int num)
-{
- int ret = 0;
- char msg[64] = "ENGINE_rand_seed";
- if (!p_surewarehk_Rand_Seed) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,
- ENGINE_R_NOT_INITIALISED);
- } else {
- ret = p_surewarehk_Rand_Seed(msg, buf, num);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_SEED, ret);
- }
-}
-
-static void surewarehk_rand_add(const void *buf, int num, double entropy)
-{
- surewarehk_rand_seed(buf, num);
-}
-
-static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
- char *hptr, unsigned long el,
- char keytype)
-{
- EVP_PKEY *res = NULL;
-# ifndef OPENSSL_NO_RSA
- RSA *rsatmp = NULL;
-# endif
-# ifndef OPENSSL_NO_DSA
- DSA *dsatmp = NULL;
-# endif
- char msg[64] = "sureware_load_public";
- int ret = 0;
- if (!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) {
- SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
- ENGINE_R_NOT_INITIALISED);
- goto err;
- }
- switch (keytype) {
-# ifndef OPENSSL_NO_RSA
- case 1:
- /*RSA*/
- /* set private external reference */
- rsatmp = RSA_new_method(e);
- RSA_set_ex_data(rsatmp, rsaHndidx, hptr);
- rsatmp->flags |= RSA_FLAG_EXT_PKEY;
-
- /* set public big nums */
- rsatmp->e = BN_new();
- rsatmp->n = BN_new();
- if(!rsatmp->e || !rsatmp->n)
- goto err;
- bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
- bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
- if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
- rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
- goto err;
- ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
- (unsigned long *)rsatmp->n->d,
- (unsigned long *)rsatmp->e->d);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret);
- if (ret != 1) {
- SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
- ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- goto err;
- }
- /* normalise pub e and pub n */
- rsatmp->e->top = el / sizeof(BN_ULONG);
- bn_fix_top(rsatmp->e);
- rsatmp->n->top = el / sizeof(BN_ULONG);
- bn_fix_top(rsatmp->n);
- /* create an EVP object: engine + rsa key */
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rsatmp);
- break;
-# endif
-
-# ifndef OPENSSL_NO_DSA
- case 2:
- /*DSA*/
- /* set private/public external reference */
- dsatmp = DSA_new_method(e);
- DSA_set_ex_data(dsatmp, dsaHndidx, hptr);
- /*
- * dsatmp->flags |= DSA_FLAG_EXT_PKEY;
- */
-
- /* set public key */
- dsatmp->pub_key = BN_new();
- dsatmp->p = BN_new();
- dsatmp->q = BN_new();
- dsatmp->g = BN_new();
- if(!dsatmp->pub_key || !dsatmp->p || !dsatmp->q || !dsatmp->g)
- goto err;
- bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
- bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
- bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
- bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
- if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
- || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
- || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
- || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
- goto err;
-
- ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
- (unsigned long *)dsatmp->
- pub_key->d,
- (unsigned long *)dsatmp->p->d,
- (unsigned long *)dsatmp->q->d,
- (unsigned long *)dsatmp->g->d);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret);
- if (ret != 1) {
- SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
- ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- goto err;
- }
- /* set parameters */
- /* normalise pubkey and parameters in case of */
- dsatmp->pub_key->top = el / sizeof(BN_ULONG);
- bn_fix_top(dsatmp->pub_key);
- dsatmp->p->top = el / sizeof(BN_ULONG);
- bn_fix_top(dsatmp->p);
- dsatmp->q->top = 20 / sizeof(BN_ULONG);
- bn_fix_top(dsatmp->q);
- dsatmp->g->top = el / sizeof(BN_ULONG);
- bn_fix_top(dsatmp->g);
-
- /* create an EVP object: engine + rsa key */
- res = EVP_PKEY_new();
- EVP_PKEY_assign_DSA(res, dsatmp);
- break;
-# endif
-
- default:
- SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
- ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
- return res;
- err:
-# ifndef OPENSSL_NO_RSA
- if (rsatmp)
- RSA_free(rsatmp);
-# endif
-# ifndef OPENSSL_NO_DSA
- if (dsatmp)
- DSA_free(dsatmp);
-# endif
- return NULL;
-}
-
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data)
-{
- EVP_PKEY *res = NULL;
- int ret = 0;
- unsigned long el = 0;
- char *hptr = NULL;
- char keytype = 0;
- char msg[64] = "ENGINE_load_privkey";
-
- if (!p_surewarehk_Load_Privkey) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,
- ENGINE_R_NOT_INITIALISED);
- } else {
- ret = p_surewarehk_Load_Privkey(msg, key_id, &hptr, &el, &keytype);
- if (ret != 1) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,
- ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
- ERR_add_error_data(1, msg);
- } else
- res = sureware_load_public(e, key_id, hptr, el, keytype);
- }
- return res;
-}
-
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method,
- void *callback_data)
-{
- EVP_PKEY *res = NULL;
- int ret = 0;
- unsigned long el = 0;
- char *hptr = NULL;
- char keytype = 0;
- char msg[64] = "ENGINE_load_pubkey";
-
- if (!p_surewarehk_Info_Pubkey) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,
- ENGINE_R_NOT_INITIALISED);
- } else {
- /* call once to identify if DSA or RSA */
- ret = p_surewarehk_Info_Pubkey(msg, key_id, &el, &keytype);
- if (ret != 1) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,
- ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- ERR_add_error_data(1, msg);
- } else
- res = sureware_load_public(e, key_id, hptr, el, keytype);
- }
- return res;
-}
-
-/*
- * This cleans up an RSA/DSA KM key(do not destroy the key into the hardware)
- * , called when ex_data is freed
- */
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp)
-{
- if (!p_surewarehk_Free) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE, ENGINE_R_NOT_INITIALISED);
- } else
- p_surewarehk_Free((char *)item, 0);
-}
-
-# if 0
-/* not currently used (bug?) */
-/*
- * This cleans up an DH KM key (destroys the key into hardware), called when
- * ex_data is freed
- */
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp)
-{
- if (!p_surewarehk_Free) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE,
- ENGINE_R_NOT_INITIALISED);
- } else
- p_surewarehk_Free((char *)item, 1);
-}
-# endif
-
-/*
- * return number of decrypted bytes
- */
-# ifndef OPENSSL_NO_RSA
-static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
-{
- int ret = 0, tlen;
- char *buf = NULL, *hptr = NULL;
- char msg[64] = "ENGINE_rsa_priv_dec";
- if (!p_surewarehk_Rsa_Priv_Dec) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- ENGINE_R_NOT_INITIALISED);
- }
- /* extract ref to private key */
- else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- SUREWARE_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
- /* analyse what padding we can do into the hardware */
- if (padding == RSA_PKCS1_PADDING) {
- /* do it one shot */
- ret =
- p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen,
- to, hptr, SUREWARE_PKCS1_PAD);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- ret);
- if (ret != 1)
- goto err;
- ret = tlen;
- } else { /* do with no padding into hardware */
-
- ret =
- p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen,
- to, hptr, SUREWARE_NO_PAD);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- ret);
- if (ret != 1)
- goto err;
- /* intermediate buffer for padding */
- if ((buf = OPENSSL_malloc(tlen)) == NULL) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(buf, to, tlen); /* transfert to into buf */
- switch (padding) { /* check padding in software */
-# ifndef OPENSSL_NO_SHA
- case RSA_PKCS1_OAEP_PADDING:
- ret =
- RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf,
- tlen, tlen, NULL, 0);
- break;
-# endif
- case RSA_SSLV23_PADDING:
- ret =
- RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen,
- tlen);
- break;
- case RSA_NO_PADDING:
- ret =
- RSA_padding_check_none(to, tlen, (unsigned char *)buf, flen,
- tlen);
- break;
- default:
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- SUREWARE_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
- if (ret < 0)
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
- SUREWARE_R_PADDING_CHECK_FAILED);
- }
- err:
- if (buf) {
- OPENSSL_cleanse(buf, tlen);
- OPENSSL_free(buf);
- }
- return ret;
-}
-
-/*
- * Does what OpenSSL rsa_priv_enc does.
- */
-static int surewarehk_rsa_sign(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding)
-{
- int ret = 0, tlen;
- char *hptr = NULL;
- char msg[64] = "ENGINE_rsa_sign";
- if (!p_surewarehk_Rsa_Sign) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, ENGINE_R_NOT_INITIALISED);
- }
- /* extract ref to private key */
- else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
- SUREWARE_R_MISSING_KEY_COMPONENTS);
- } else {
- switch (padding) {
- case RSA_PKCS1_PADDING: /* do it in one shot */
- ret =
- p_surewarehk_Rsa_Sign(msg, flen, (unsigned char *)from, &tlen,
- to, hptr, SUREWARE_PKCS1_PAD);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_SIGN,
- ret);
- break;
- case RSA_NO_PADDING:
- default:
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
- SUREWARE_R_UNKNOWN_PADDING_TYPE);
- }
- }
- return ret == 1 ? tlen : ret;
-}
-
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* DSA sign and verify */
-static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen,
- DSA *dsa)
-{
- int ret = 0;
- char *hptr = NULL;
- DSA_SIG *psign = NULL;
- char msg[64] = "ENGINE_dsa_do_sign";
- if (!p_surewarehk_Dsa_Sign) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
- ENGINE_R_NOT_INITIALISED);
- goto err;
- }
- /* extract ref to private key */
- else if (!(hptr = DSA_get_ex_data(dsa, dsaHndidx))) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
- SUREWARE_R_MISSING_KEY_COMPONENTS);
- goto err;
- } else {
- if ((psign = DSA_SIG_new()) == NULL) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- psign->r = BN_new();
- psign->s = BN_new();
- if(!psign->r || !psign->s)
- goto err;
- bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
- bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
- if (psign->r->dmax != 20 / sizeof(BN_ULONG) ||
- psign->s->dmax != 20 / sizeof(BN_ULONG))
- goto err;
- ret = p_surewarehk_Dsa_Sign(msg, flen, from,
- (unsigned long *)psign->r->d,
- (unsigned long *)psign->s->d, hptr);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
- ret);
- }
- psign->r->top = 20 / sizeof(BN_ULONG);
- bn_fix_top(psign->r);
- psign->s->top = 20 / sizeof(BN_ULONG);
- bn_fix_top(psign->s);
-
- err:
- if (psign) {
- DSA_SIG_free(psign);
- psign = NULL;
- }
- return psign;
-}
-# endif
-
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- int ret = 0;
- char msg[64] = "ENGINE_modexp";
- if (!p_surewarehk_Mod_Exp) {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
- } else if (r) {
- bn_expand2(r, m->top);
- if (r->dmax == m->top) {
- /* do it */
- ret = p_surewarehk_Mod_Exp(msg,
- m->top * sizeof(BN_ULONG),
- (unsigned long *)m->d,
- p->top * sizeof(BN_ULONG),
- (unsigned long *)p->d,
- a->top * sizeof(BN_ULONG),
- (unsigned long *)a->d,
- (unsigned long *)r->d);
- surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_MODEXP, ret);
- if (ret == 1) {
- /* normalise result */
- r->top = m->top;
- bn_fix_top(r);
- }
- }
- }
- return ret;
-}
-# endif /* !OPENSSL_NO_HW_SureWare */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_sureware_err.c b/engines/e_sureware_err.c
deleted file mode 100644
index f6f7eff3ab47..000000000000
--- a/engines/e_sureware_err.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* e_sureware_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_sureware_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA SUREWARE_str_functs[] = {
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_CTRL), "SUREWAREHK_CTRL"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_DH_EX_FREE), "SUREWAREHK_DH_EX_FREE"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN), "SUREWAREHK_DSA_DO_SIGN"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_EX_FREE), "SUREWAREHK_EX_FREE"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_FINISH), "SUREWAREHK_FINISH"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_INIT), "SUREWAREHK_INIT"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY), "SUREWAREHK_LOAD_PRIVKEY"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY), "SUREWAREHK_LOAD_PUBKEY"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_MODEXP), "SUREWAREHK_MODEXP"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_BYTES), "SUREWAREHK_RAND_BYTES"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_SEED), "SUREWAREHK_RAND_SEED"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC), "SUREWAREHK_RSA_PRIV_DEC"},
- {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_SIGN), "SUREWAREHK_RSA_SIGN"},
- {ERR_FUNC(SUREWARE_F_SUREWARE_LOAD_PUBLIC), "SUREWARE_LOAD_PUBLIC"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA SUREWARE_str_reasons[] = {
- {ERR_REASON(SUREWARE_R_BIO_WAS_FREED), "bio was freed"},
- {ERR_REASON(SUREWARE_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {ERR_REASON(SUREWARE_R_PADDING_CHECK_FAILED), "padding check failed"},
- {ERR_REASON(SUREWARE_R_REQUEST_FAILED), "request failed"},
- {ERR_REASON(SUREWARE_R_REQUEST_FALLBACK), "request fallback"},
- {ERR_REASON(SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
- "size too large or too small"},
- {ERR_REASON(SUREWARE_R_UNIT_FAILURE), "unit failure"},
- {ERR_REASON(SUREWARE_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-static ERR_STRING_DATA SUREWARE_lib_name[] = {
- {0, SUREWARE_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int SUREWARE_lib_error_code = 0;
-static int SUREWARE_error_init = 1;
-
-static void ERR_load_SUREWARE_strings(void)
-{
- if (SUREWARE_lib_error_code == 0)
- SUREWARE_lib_error_code = ERR_get_next_error_library();
-
- if (SUREWARE_error_init) {
- SUREWARE_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
- ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
- SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code, 0, 0);
- ERR_load_strings(0, SUREWARE_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_SUREWARE_strings(void)
-{
- if (SUREWARE_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
- ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
- ERR_unload_strings(0, SUREWARE_lib_name);
-#endif
- SUREWARE_error_init = 1;
- }
-}
-
-static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
-{
- if (SUREWARE_lib_error_code == 0)
- SUREWARE_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(SUREWARE_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_sureware_err.h b/engines/e_sureware_err.h
deleted file mode 100644
index bef862392568..000000000000
--- a/engines/e_sureware_err.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SUREWARE_ERR_H
-# define HEADER_SUREWARE_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_SUREWARE_strings(void);
-static void ERR_unload_SUREWARE_strings(void);
-static void ERR_SUREWARE_error(int function, int reason, char *file,
- int line);
-# define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the SUREWARE functions. */
-
-/* Function codes. */
-# define SUREWARE_F_SUREWAREHK_CTRL 100
-# define SUREWARE_F_SUREWAREHK_DH_EX_FREE 112
-# define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN 101
-# define SUREWARE_F_SUREWAREHK_EX_FREE 102
-# define SUREWARE_F_SUREWAREHK_FINISH 103
-# define SUREWARE_F_SUREWAREHK_INIT 104
-# define SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY 105
-# define SUREWARE_F_SUREWAREHK_LOAD_PUBKEY 113
-# define SUREWARE_F_SUREWAREHK_MODEXP 107
-# define SUREWARE_F_SUREWAREHK_RAND_BYTES 108
-# define SUREWARE_F_SUREWAREHK_RAND_SEED 109
-# define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC 110
-# define SUREWARE_F_SUREWAREHK_RSA_SIGN 111
-# define SUREWARE_F_SUREWARE_LOAD_PUBLIC 106
-
-/* Reason codes. */
-# define SUREWARE_R_BIO_WAS_FREED 100
-# define SUREWARE_R_MISSING_KEY_COMPONENTS 105
-# define SUREWARE_R_PADDING_CHECK_FAILED 106
-# define SUREWARE_R_REQUEST_FAILED 101
-# define SUREWARE_R_REQUEST_FALLBACK 102
-# define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 103
-# define SUREWARE_R_UNIT_FAILURE 104
-# define SUREWARE_R_UNKNOWN_PADDING_TYPE 107
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c
deleted file mode 100644
index 6f09ffb965ca..000000000000
--- a/engines/e_ubsec.c
+++ /dev/null
@@ -1,1085 +0,0 @@
-/* crypto/engine/hw_ubsec.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000. Cloned shamelessly by Joe Tardo.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_UBSEC
-
-# ifdef FLAT_INC
-# include "hw_ubsec.h"
-# else
-# include "vendor_defns/hw_ubsec.h"
-# endif
-
-# define UBSEC_LIB_NAME "ubsec engine"
-# include "e_ubsec_err.c"
-
-# define FAIL_TO_SOFTWARE -15
-
-static int ubsec_destroy(ENGINE *e);
-static int ubsec_init(ENGINE *e);
-static int ubsec_finish(ENGINE *e);
-static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-# ifndef OPENSSL_NO_RSA
-static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dp,
- const BIGNUM *dq, const BIGNUM *qinv,
- BN_CTX *ctx);
-static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx);
-static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-# ifndef OPENSSL_NO_DSA
-# ifdef NOT_USED
-static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-# endif
-static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen,
- DSA *dsa);
-static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_DH
-static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int ubsec_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
- DH *dh);
-static int ubsec_dh_generate_key(DH *dh);
-# endif
-
-# ifdef NOT_USED
-static int ubsec_rand_bytes(unsigned char *buf, int num);
-static int ubsec_rand_status(void);
-# endif
-
-# define UBSEC_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = {
- {UBSEC_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'ubsec' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
-};
-
-# ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD ubsec_rsa = {
- "UBSEC RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- ubsec_rsa_mod_exp,
- ubsec_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL,
- NULL
-};
-# endif
-
-# ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD ubsec_dsa = {
- "UBSEC DSA method",
- ubsec_dsa_do_sign, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- ubsec_dsa_verify, /* dsa_do_verify */
- NULL, /* ubsec_dsa_mod_exp *//* dsa_mod_exp */
- NULL, /* ubsec_mod_exp_dsa *//* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* dsa_paramgen */
- NULL /* dsa_keygen */
-};
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD ubsec_dh = {
- "UBSEC DH method",
- ubsec_dh_generate_key,
- ubsec_dh_compute_key,
- ubsec_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL,
- NULL
-};
-# endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_ubsec_id = "ubsec";
-static const char *engine_ubsec_name = "UBSEC hardware engine support";
-
-/*
- * This internal function is used by ENGINE_ubsec() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-# ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-# endif
-# ifndef OPENSSL_NO_DH
-# ifndef HAVE_UBSEC_DH
- const DH_METHOD *meth3;
-# endif /* HAVE_UBSEC_DH */
-# endif
- if (!ENGINE_set_id(e, engine_ubsec_id) ||
- !ENGINE_set_name(e, engine_ubsec_name) ||
-# ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &ubsec_rsa) ||
-# endif
-# ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &ubsec_dsa) ||
-# endif
-# ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &ubsec_dh) ||
-# endif
- !ENGINE_set_destroy_function(e, ubsec_destroy) ||
- !ENGINE_set_init_function(e, ubsec_init) ||
- !ENGINE_set_finish_function(e, ubsec_finish) ||
- !ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
- !ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
- return 0;
-
-# ifndef OPENSSL_NO_RSA
- /*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
- * Broadcom-specific mod_exp and mod_exp_crt so we use those functions.
- * NB: We don't use ENGINE_openssl() or anything "more generic" because
- * something like the RSAref code may not hook properly, and if you own
- * one of these cards then you have the right to do RSA operations on it
- * anyway!
- */
- meth1 = RSA_PKCS1_SSLeay();
- ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-# endif
-
-# ifndef OPENSSL_NO_DH
-# ifndef HAVE_UBSEC_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- ubsec_dh.generate_key = meth3->generate_key;
- ubsec_dh.compute_key = meth3->compute_key;
-# endif /* HAVE_UBSEC_DH */
-# endif
-
- /* Ensure the ubsec error handling is set up */
- ERR_load_UBSEC_strings();
- return 1;
-}
-
-# ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_ubsec(void)
-{
- ENGINE *ret = ENGINE_new();
- if (!ret)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void ENGINE_load_ubsec(void)
-{
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_ubsec();
- if (!toadd)
- return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-# endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * UBSEC library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-
-static DSO *ubsec_dso = NULL;
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-
-static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL;
-static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL;
-static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL;
-static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL;
-# ifndef OPENSSL_NO_DH
-static t_UBSEC_diffie_hellman_generate_ioctl
- * p_UBSEC_diffie_hellman_generate_ioctl = NULL;
-static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl
- = NULL;
-# endif
-# ifndef OPENSSL_NO_RSA
-static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
-static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-# endif
-# ifndef OPENSSL_NO_DSA
-static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
-static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
-# endif
-static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL;
-static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL;
-static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL;
-
-static int max_key_len = 1024; /* ??? */
-
-/*
- * These are the static string constants for the DSO file name and the function
- * symbol names to bind to.
- */
-
-static const char *UBSEC_LIBNAME = NULL;
-static const char *get_UBSEC_LIBNAME(void)
-{
- if (UBSEC_LIBNAME)
- return UBSEC_LIBNAME;
- return "ubsec";
-}
-
-static void free_UBSEC_LIBNAME(void)
-{
- if (UBSEC_LIBNAME)
- OPENSSL_free((void *)UBSEC_LIBNAME);
- UBSEC_LIBNAME = NULL;
-}
-
-static long set_UBSEC_LIBNAME(const char *name)
-{
- free_UBSEC_LIBNAME();
- return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
-static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
-static const char *UBSEC_F3 = "ubsec_open";
-static const char *UBSEC_F4 = "ubsec_close";
-# ifndef OPENSSL_NO_DH
-static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl";
-static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl";
-# endif
-/* #ifndef OPENSSL_NO_RSA */
-static const char *UBSEC_F7 = "rsa_mod_exp_ioctl";
-static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl";
-/* #endif */
-# ifndef OPENSSL_NO_DSA
-static const char *UBSEC_F9 = "dsa_sign_ioctl";
-static const char *UBSEC_F10 = "dsa_verify_ioctl";
-# endif
-static const char *UBSEC_F11 = "math_accelerate_ioctl";
-static const char *UBSEC_F12 = "rng_ioctl";
-static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
-
-/* Destructor (complements the "ENGINE_ubsec()" constructor) */
-static int ubsec_destroy(ENGINE *e)
-{
- free_UBSEC_LIBNAME();
- ERR_unload_UBSEC_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int ubsec_init(ENGINE *e)
-{
- t_UBSEC_ubsec_bytes_to_bits *p1;
- t_UBSEC_ubsec_bits_to_bytes *p2;
- t_UBSEC_ubsec_open *p3;
- t_UBSEC_ubsec_close *p4;
-# ifndef OPENSSL_NO_DH
- t_UBSEC_diffie_hellman_generate_ioctl *p5;
- t_UBSEC_diffie_hellman_agree_ioctl *p6;
-# endif
-/* #ifndef OPENSSL_NO_RSA */
- t_UBSEC_rsa_mod_exp_ioctl *p7;
- t_UBSEC_rsa_mod_exp_crt_ioctl *p8;
-/* #endif */
-# ifndef OPENSSL_NO_DSA
- t_UBSEC_dsa_sign_ioctl *p9;
- t_UBSEC_dsa_verify_ioctl *p10;
-# endif
- t_UBSEC_math_accelerate_ioctl *p11;
- t_UBSEC_rng_ioctl *p12;
- t_UBSEC_max_key_len_ioctl *p13;
- int fd = 0;
-
- if (ubsec_dso != NULL) {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED);
- goto err;
- }
- /*
- * Attempt to load libubsec.so/ubsec.dll/whatever.
- */
- ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
- if (ubsec_dso == NULL) {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
- goto err;
- }
-
- if (!(p1 = (t_UBSEC_ubsec_bytes_to_bits *)
- DSO_bind_func(ubsec_dso, UBSEC_F1))
- || !(p2 = (t_UBSEC_ubsec_bits_to_bytes *)
- DSO_bind_func(ubsec_dso, UBSEC_F2))
- || !(p3 = (t_UBSEC_ubsec_open *)
- DSO_bind_func(ubsec_dso, UBSEC_F3))
- || !(p4 = (t_UBSEC_ubsec_close *)
- DSO_bind_func(ubsec_dso, UBSEC_F4))
-# ifndef OPENSSL_NO_DH
- || !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F5))
- || !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F6))
-# endif
-/* #ifndef OPENSSL_NO_RSA */
- || !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F7))
- || !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F8))
-/* #endif */
-# ifndef OPENSSL_NO_DSA
- || !(p9 = (t_UBSEC_dsa_sign_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F9))
- || !(p10 = (t_UBSEC_dsa_verify_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F10))
-# endif
- || !(p11 = (t_UBSEC_math_accelerate_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F11))
- || !(p12 = (t_UBSEC_rng_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F12))
- || !(p13 = (t_UBSEC_max_key_len_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F13))) {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
- goto err;
- }
-
- /* Copy the pointers */
- p_UBSEC_ubsec_bytes_to_bits = p1;
- p_UBSEC_ubsec_bits_to_bytes = p2;
- p_UBSEC_ubsec_open = p3;
- p_UBSEC_ubsec_close = p4;
-# ifndef OPENSSL_NO_DH
- p_UBSEC_diffie_hellman_generate_ioctl = p5;
- p_UBSEC_diffie_hellman_agree_ioctl = p6;
-# endif
-# ifndef OPENSSL_NO_RSA
- p_UBSEC_rsa_mod_exp_ioctl = p7;
- p_UBSEC_rsa_mod_exp_crt_ioctl = p8;
-# endif
-# ifndef OPENSSL_NO_DSA
- p_UBSEC_dsa_sign_ioctl = p9;
- p_UBSEC_dsa_verify_ioctl = p10;
-# endif
- p_UBSEC_math_accelerate_ioctl = p11;
- p_UBSEC_rng_ioctl = p12;
- p_UBSEC_max_key_len_ioctl = p13;
-
- /* Perform an open to see if there's actually any unit running. */
- if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0)
- && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0)) {
- p_UBSEC_ubsec_close(fd);
- return 1;
- } else {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- }
-
- err:
- if (ubsec_dso)
- DSO_free(ubsec_dso);
- ubsec_dso = NULL;
- p_UBSEC_ubsec_bytes_to_bits = NULL;
- p_UBSEC_ubsec_bits_to_bytes = NULL;
- p_UBSEC_ubsec_open = NULL;
- p_UBSEC_ubsec_close = NULL;
-# ifndef OPENSSL_NO_DH
- p_UBSEC_diffie_hellman_generate_ioctl = NULL;
- p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-# endif
-# ifndef OPENSSL_NO_RSA
- p_UBSEC_rsa_mod_exp_ioctl = NULL;
- p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-# endif
-# ifndef OPENSSL_NO_DSA
- p_UBSEC_dsa_sign_ioctl = NULL;
- p_UBSEC_dsa_verify_ioctl = NULL;
-# endif
- p_UBSEC_math_accelerate_ioctl = NULL;
- p_UBSEC_rng_ioctl = NULL;
- p_UBSEC_max_key_len_ioctl = NULL;
-
- return 0;
-}
-
-static int ubsec_finish(ENGINE *e)
-{
- free_UBSEC_LIBNAME();
- if (ubsec_dso == NULL) {
- UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
- return 0;
- }
- if (!DSO_free(ubsec_dso)) {
- UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE);
- return 0;
- }
- ubsec_dso = NULL;
- p_UBSEC_ubsec_bytes_to_bits = NULL;
- p_UBSEC_ubsec_bits_to_bytes = NULL;
- p_UBSEC_ubsec_open = NULL;
- p_UBSEC_ubsec_close = NULL;
-# ifndef OPENSSL_NO_DH
- p_UBSEC_diffie_hellman_generate_ioctl = NULL;
- p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-# endif
-# ifndef OPENSSL_NO_RSA
- p_UBSEC_rsa_mod_exp_ioctl = NULL;
- p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-# endif
-# ifndef OPENSSL_NO_DSA
- p_UBSEC_dsa_sign_ioctl = NULL;
- p_UBSEC_dsa_verify_ioctl = NULL;
-# endif
- p_UBSEC_math_accelerate_ioctl = NULL;
- p_UBSEC_rng_ioctl = NULL;
- p_UBSEC_max_key_len_ioctl = NULL;
- return 1;
-}
-
-static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
- int initialised = ((ubsec_dso == NULL) ? 0 : 1);
- switch (cmd) {
- case UBSEC_CMD_SO_PATH:
- if (p == NULL) {
- UBSECerr(UBSEC_F_UBSEC_CTRL, ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if (initialised) {
- UBSECerr(UBSEC_F_UBSEC_CTRL, UBSEC_R_ALREADY_LOADED);
- return 0;
- }
- return set_UBSEC_LIBNAME((const char *)p);
- default:
- break;
- }
- UBSECerr(UBSEC_F_UBSEC_CTRL, UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- int y_len = 0;
- int fd;
-
- if (ubsec_dso == NULL) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED);
- return 0;
- }
-
- /* Check if hardware can't handle this argument. */
- y_len = BN_num_bits(m);
- if (y_len > max_key_len) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- if (!bn_wexpand(r, m->top)) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
- return 0;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_UNIT_FAILURE);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a),
- (unsigned char *)m->d, BN_num_bits(m),
- (unsigned char *)p->d, BN_num_bits(p),
- (unsigned char *)r->d, &y_len) != 0) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- p_UBSEC_ubsec_close(fd);
-
- r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;
- return 1;
-}
-
-# ifndef OPENSSL_NO_RSA
-static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx)
-{
- int to_return = 0;
-
- if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
- UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
- rsa->dmq1, rsa->iqmp, ctx);
- if (to_return == FAIL_TO_SOFTWARE) {
- /*
- * Do in software as hardware failed.
- */
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
- }
- err:
- return to_return;
-}
-
-static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dp,
- const BIGNUM *dq, const BIGNUM *qinv,
- BN_CTX *ctx)
-{
- int y_len, fd;
-
- y_len = BN_num_bits(p) + BN_num_bits(q);
-
- /* Check if hardware can't handle this argument. */
- if (y_len > max_key_len) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT,
- UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return FAIL_TO_SOFTWARE;
- }
-
- if (!bn_wexpand(r, p->top + q->top + 1)) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
- return 0;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_UNIT_FAILURE);
- return FAIL_TO_SOFTWARE;
- }
-
- if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd,
- (unsigned char *)a->d, BN_num_bits(a),
- (unsigned char *)qinv->d,
- BN_num_bits(qinv),
- (unsigned char *)dp->d, BN_num_bits(dp),
- (unsigned char *)p->d, BN_num_bits(p),
- (unsigned char *)dq->d, BN_num_bits(dq),
- (unsigned char *)q->d, BN_num_bits(q),
- (unsigned char *)r->d, &y_len) != 0) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
- return FAIL_TO_SOFTWARE;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1) / BN_BITS2;
- return 1;
-}
-# endif
-
-# ifndef OPENSSL_NO_DSA
-# ifdef NOT_USED
-static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- BIGNUM t;
- int to_return = 0;
-
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!ubsec_mod_exp(rr, a1, p1, m, ctx))
- goto end;
- /* let t = a2 ^ p2 mod m */
- if (!ubsec_mod_exp(&t, a2, p2, m, ctx))
- goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr, rr, &t, m, ctx))
- goto end;
- to_return = 1;
- end:
- BN_free(&t);
- return to_return;
-}
-
-static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return ubsec_mod_exp(r, a, p, m, ctx);
-}
-# endif
-# endif
-
-# ifndef OPENSSL_NO_RSA
-
-/*
- * This function is aliased to mod_exp (with the mont stuff dropped).
- */
-static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- int ret = 0;
-
- /* Do in software if the key is too large for the hardware. */
- if (BN_num_bits(m) > max_key_len) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- ret = (*meth->bn_mod_exp) (r, a, p, m, ctx, m_ctx);
- } else {
- ret = ubsec_mod_exp(r, a, p, m, ctx);
- }
-
- return ret;
-}
-# endif
-
-# ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return ubsec_mod_exp(r, a, p, m, ctx);
-}
-# endif
-
-# ifndef OPENSSL_NO_DSA
-static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen,
- DSA *dsa)
-{
- DSA_SIG *to_return = NULL;
- int s_len = 160, r_len = 160, d_len, fd;
- BIGNUM m, *r = NULL, *s = NULL;
-
- BN_init(&m);
-
- s = BN_new();
- r = BN_new();
- if ((s == NULL) || (r == NULL))
- goto err;
-
- d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen);
-
- if (!bn_wexpand(r, (160 + BN_BITS2 - 1) / BN_BITS2) ||
- (!bn_wexpand(s, (160 + BN_BITS2 - 1) / BN_BITS2))) {
- UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- if (BN_bin2bn(dgst, dlen, &m) == NULL) {
- UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const DSA_METHOD *meth;
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_UNIT_FAILURE);
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_sign(dgst, dlen, dsa);
- goto err;
- }
-
- if (p_UBSEC_dsa_sign_ioctl(fd,
- /* compute hash before signing */
- 0, (unsigned char *)dgst, d_len, NULL,
- /* compute random value */
- 0,
- (unsigned char *)dsa->p->d,
- BN_num_bits(dsa->p),
- (unsigned char *)dsa->q->d,
- BN_num_bits(dsa->q),
- (unsigned char *)dsa->g->d,
- BN_num_bits(dsa->g),
- (unsigned char *)dsa->priv_key->d,
- BN_num_bits(dsa->priv_key),
- (unsigned char *)r->d, &r_len,
- (unsigned char *)s->d, &s_len) != 0) {
- const DSA_METHOD *meth;
-
- UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_sign(dgst, dlen, dsa);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- r->top = (160 + BN_BITS2 - 1) / BN_BITS2;
- s->top = (160 + BN_BITS2 - 1) / BN_BITS2;
-
- to_return = DSA_SIG_new();
- if (to_return == NULL) {
- UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- to_return->r = r;
- to_return->s = s;
-
- err:
- if (!to_return) {
- if (r)
- BN_free(r);
- if (s)
- BN_free(s);
- }
- BN_clear_free(&m);
- return to_return;
-}
-
-static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
-{
- int v_len, d_len;
- int to_return = 0;
- int fd;
- BIGNUM v, *pv = &v;
-
- BN_init(&v);
-
- if (!bn_wexpand(pv, dsa->p->top)) {
- UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- v_len = BN_num_bits(dsa->p);
-
- d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len);
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const DSA_METHOD *meth;
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_UNIT_FAILURE);
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
- goto err;
- }
-
- if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */
- (unsigned char *)dgst, d_len,
- (unsigned char *)dsa->p->d,
- BN_num_bits(dsa->p),
- (unsigned char *)dsa->q->d,
- BN_num_bits(dsa->q),
- (unsigned char *)dsa->g->d,
- BN_num_bits(dsa->g),
- (unsigned char *)dsa->pub_key->d,
- BN_num_bits(dsa->pub_key),
- (unsigned char *)sig->r->d,
- BN_num_bits(sig->r),
- (unsigned char *)sig->s->d,
- BN_num_bits(sig->s), (unsigned char *)v.d,
- &v_len) != 0) {
- const DSA_METHOD *meth;
- UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- to_return = 1;
- err:
- BN_clear_free(&v);
- return to_return;
-}
-# endif
-
-# ifndef OPENSSL_NO_DH
-static int ubsec_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
- DH *dh)
-{
- int ret = -1, k_len, fd;
-
- k_len = BN_num_bits(dh->p);
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const DH_METHOD *meth;
- UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_UNIT_FAILURE);
- meth = DH_OpenSSL();
- ret = meth->compute_key(key, pub_key, dh);
- goto err;
- }
-
- if (p_UBSEC_diffie_hellman_agree_ioctl(fd,
- (unsigned char *)dh->priv_key->d,
- BN_num_bits(dh->priv_key),
- (unsigned char *)pub_key->d,
- BN_num_bits(pub_key),
- (unsigned char *)dh->p->d,
- BN_num_bits(dh->p), key,
- &k_len) != 0) {
- /* Hardware's a no go, failover to software */
- const DH_METHOD *meth;
- UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- meth = DH_OpenSSL();
- ret = meth->compute_key(key, pub_key, dh);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- ret = p_UBSEC_ubsec_bits_to_bytes(k_len);
- err:
- return ret;
-}
-
-static int ubsec_dh_generate_key(DH *dh)
-{
- int ret = 0, random_bits = 0, pub_key_len = 0, priv_key_len = 0, fd;
- BIGNUM *pub_key = NULL;
- BIGNUM *priv_key = NULL;
-
- /*
- * How many bits should Random x be? dh_key.c
- * sets the range from 0 to num_bits(modulus) ???
- */
-
- if (dh->priv_key == NULL) {
- priv_key = BN_new();
- if (priv_key == NULL)
- goto err;
- priv_key_len = BN_num_bits(dh->p);
- if (bn_wexpand(priv_key, dh->p->top) == NULL)
- goto err;
- do
- if (!BN_rand_range(priv_key, dh->p))
- goto err;
- while (BN_is_zero(priv_key)) ;
- random_bits = BN_num_bits(priv_key);
- } else {
- priv_key = dh->priv_key;
- }
-
- if (dh->pub_key == NULL) {
- pub_key = BN_new();
- if (pub_key == NULL)
- goto err;
- pub_key_len = BN_num_bits(dh->p);
- if (bn_wexpand(pub_key, dh->p->top) == NULL)
- goto err;
- } else {
- pub_key = dh->pub_key;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const DH_METHOD *meth;
- UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_UNIT_FAILURE);
- meth = DH_OpenSSL();
- ret = meth->generate_key(dh);
- goto err;
- }
-
- if (p_UBSEC_diffie_hellman_generate_ioctl(fd,
- (unsigned char *)priv_key->d,
- &priv_key_len,
- (unsigned char *)pub_key->d,
- &pub_key_len,
- (unsigned char *)dh->g->d,
- BN_num_bits(dh->g),
- (unsigned char *)dh->p->d,
- BN_num_bits(dh->p), 0, 0,
- random_bits) != 0) {
- /* Hardware's a no go, failover to software */
- const DH_METHOD *meth;
-
- UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- meth = DH_OpenSSL();
- ret = meth->generate_key(dh);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- dh->pub_key = pub_key;
- dh->pub_key->top = (pub_key_len + BN_BITS2 - 1) / BN_BITS2;
- dh->priv_key = priv_key;
- dh->priv_key->top = (priv_key_len + BN_BITS2 - 1) / BN_BITS2;
-
- ret = 1;
- err:
- return ret;
-}
-# endif
-
-# ifdef NOT_USED
-static int ubsec_rand_bytes(unsigned char *buf, int num)
-{
- int ret = 0, fd;
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const RAND_METHOD *meth;
- UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_UNIT_FAILURE);
- num = p_UBSEC_ubsec_bits_to_bytes(num);
- meth = RAND_SSLeay();
- meth->seed(buf, num);
- ret = meth->bytes(buf, num);
- goto err;
- }
-
- num *= 8; /* bytes to bits */
-
- if (p_UBSEC_rng_ioctl(fd, UBSEC_RNG_DIRECT, buf, &num) != 0) {
- /* Hardware's a no go, failover to software */
- const RAND_METHOD *meth;
-
- UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- num = p_UBSEC_ubsec_bits_to_bytes(num);
- meth = RAND_SSLeay();
- meth->seed(buf, num);
- ret = meth->bytes(buf, num);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- ret = 1;
- err:
- return (ret);
-}
-
-static int ubsec_rand_status(void)
-{
- return 0;
-}
-# endif
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-# ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_ubsec_id) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-# endif /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif /* !OPENSSL_NO_HW_UBSEC */
-#endif /* !OPENSSL_NO_HW */
diff --git a/engines/e_ubsec_err.c b/engines/e_ubsec_err.c
deleted file mode 100644
index fefc5b0744d1..000000000000
--- a/engines/e_ubsec_err.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* e_ubsec_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_ubsec_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA UBSEC_str_functs[] = {
- {ERR_FUNC(UBSEC_F_UBSEC_CTRL), "UBSEC_CTRL"},
- {ERR_FUNC(UBSEC_F_UBSEC_DH_COMPUTE_KEY), "UBSEC_DH_COMPUTE_KEY"},
- {ERR_FUNC(UBSEC_F_UBSEC_DH_GENERATE_KEY), "UBSEC_DH_GENERATE_KEY"},
- {ERR_FUNC(UBSEC_F_UBSEC_DSA_DO_SIGN), "UBSEC_DSA_DO_SIGN"},
- {ERR_FUNC(UBSEC_F_UBSEC_DSA_VERIFY), "UBSEC_DSA_VERIFY"},
- {ERR_FUNC(UBSEC_F_UBSEC_FINISH), "UBSEC_FINISH"},
- {ERR_FUNC(UBSEC_F_UBSEC_INIT), "UBSEC_INIT"},
- {ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP), "UBSEC_MOD_EXP"},
- {ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP_CRT), "UBSEC_MOD_EXP_CRT"},
- {ERR_FUNC(UBSEC_F_UBSEC_RAND_BYTES), "UBSEC_RAND_BYTES"},
- {ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP), "UBSEC_RSA_MOD_EXP"},
- {ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT), "UBSEC_RSA_MOD_EXP_CRT"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA UBSEC_str_reasons[] = {
- {ERR_REASON(UBSEC_R_ALREADY_LOADED), "already loaded"},
- {ERR_REASON(UBSEC_R_BN_EXPAND_FAIL), "bn expand fail"},
- {ERR_REASON(UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED),
- "ctrl command not implemented"},
- {ERR_REASON(UBSEC_R_DSO_FAILURE), "dso failure"},
- {ERR_REASON(UBSEC_R_MISSING_KEY_COMPONENTS), "missing key components"},
- {ERR_REASON(UBSEC_R_NOT_LOADED), "not loaded"},
- {ERR_REASON(UBSEC_R_REQUEST_FAILED), "request failed"},
- {ERR_REASON(UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
- "size too large or too small"},
- {ERR_REASON(UBSEC_R_UNIT_FAILURE), "unit failure"},
- {0, NULL}
-};
-
-#endif
-
-#ifdef UBSEC_LIB_NAME
-static ERR_STRING_DATA UBSEC_lib_name[] = {
- {0, UBSEC_LIB_NAME},
- {0, NULL}
-};
-#endif
-
-static int UBSEC_lib_error_code = 0;
-static int UBSEC_error_init = 1;
-
-static void ERR_load_UBSEC_strings(void)
-{
- if (UBSEC_lib_error_code == 0)
- UBSEC_lib_error_code = ERR_get_next_error_library();
-
- if (UBSEC_error_init) {
- UBSEC_error_init = 0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(UBSEC_lib_error_code, UBSEC_str_functs);
- ERR_load_strings(UBSEC_lib_error_code, UBSEC_str_reasons);
-#endif
-
-#ifdef UBSEC_LIB_NAME
- UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code, 0, 0);
- ERR_load_strings(0, UBSEC_lib_name);
-#endif
- }
-}
-
-static void ERR_unload_UBSEC_strings(void)
-{
- if (UBSEC_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(UBSEC_lib_error_code, UBSEC_str_functs);
- ERR_unload_strings(UBSEC_lib_error_code, UBSEC_str_reasons);
-#endif
-
-#ifdef UBSEC_LIB_NAME
- ERR_unload_strings(0, UBSEC_lib_name);
-#endif
- UBSEC_error_init = 1;
- }
-}
-
-static void ERR_UBSEC_error(int function, int reason, char *file, int line)
-{
- if (UBSEC_lib_error_code == 0)
- UBSEC_lib_error_code = ERR_get_next_error_library();
- ERR_PUT_error(UBSEC_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_ubsec_err.h b/engines/e_ubsec_err.h
deleted file mode 100644
index c8aec7c32363..000000000000
--- a/engines/e_ubsec_err.h
+++ /dev/null
@@ -1,102 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UBSEC_ERR_H
-# define HEADER_UBSEC_ERR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_UBSEC_strings(void);
-static void ERR_unload_UBSEC_strings(void);
-static void ERR_UBSEC_error(int function, int reason, char *file, int line);
-# define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the UBSEC functions. */
-
-/* Function codes. */
-# define UBSEC_F_UBSEC_CTRL 100
-# define UBSEC_F_UBSEC_DH_COMPUTE_KEY 101
-# define UBSEC_F_UBSEC_DH_GENERATE_KEY 111
-# define UBSEC_F_UBSEC_DSA_DO_SIGN 102
-# define UBSEC_F_UBSEC_DSA_VERIFY 103
-# define UBSEC_F_UBSEC_FINISH 104
-# define UBSEC_F_UBSEC_INIT 105
-# define UBSEC_F_UBSEC_MOD_EXP 106
-# define UBSEC_F_UBSEC_MOD_EXP_CRT 110
-# define UBSEC_F_UBSEC_RAND_BYTES 107
-# define UBSEC_F_UBSEC_RSA_MOD_EXP 108
-# define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT 109
-
-/* Reason codes. */
-# define UBSEC_R_ALREADY_LOADED 100
-# define UBSEC_R_BN_EXPAND_FAIL 101
-# define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED 102
-# define UBSEC_R_DSO_FAILURE 103
-# define UBSEC_R_MISSING_KEY_COMPONENTS 104
-# define UBSEC_R_NOT_LOADED 105
-# define UBSEC_R_REQUEST_FAILED 106
-# define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107
-# define UBSEC_R_UNIT_FAILURE 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/engines/engine_vector.mar b/engines/engine_vector.mar
deleted file mode 100644
index 7d968e7b40ac..000000000000
--- a/engines/engine_vector.mar
+++ /dev/null
@@ -1,24 +0,0 @@
-;
-; Transfer vector for VAX shareable image
-;
- .TITLE ENGINE
- .IDENT /ENGINE/
-;
-; Define macro to assist in building transfer vector entries. Each entry
-; should take no more than 8 bytes.
-;
- .MACRO FTRANSFER_ENTRY routine
- .ALIGN QUAD
- .TRANSFER routine
- .MASK routine
- JMP routine+2
- .ENDM FTRANSFER_ENTRY
-;
-; Place entries in own program section.
-;
- .PSECT $$ENGINE,QUAD,PIC,USR,CON,REL,LCL,SHR,EXE,RD,NOWRT
-ENGINE_xfer:
- FTRANSFER_ENTRY bind_engine
- FTRANSFER_ENTRY v_check
- .BLKB 32768-<.-ENGINE_xfer> ; 64 pages total.
- .END
diff --git a/engines/vendor_defns/aep.h b/engines/vendor_defns/aep.h
deleted file mode 100644
index 04ab87eb9cb1..000000000000
--- a/engines/vendor_defns/aep.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * This header declares the necessary definitions for using the
- * exponentiation acceleration capabilities, and rnd number generation of the
- * AEP card.
- */
-
-/*
- *
- * Some AEP defines
- *
- */
-
-/*
- * Successful return value
- */
-#define AEP_R_OK 0x00000000
-
-/*
- * Miscelleanous unsuccessful return value
- */
-#define AEP_R_GENERAL_ERROR 0x10000001
-
-/*
- * Insufficient host memory
- */
-#define AEP_R_HOST_MEMORY 0x10000002
-
-#define AEP_R_FUNCTION_FAILED 0x10000006
-
-/*
- * Invalid arguments in function call
- */
-#define AEP_R_ARGUMENTS_BAD 0x10020000
-
-#define AEP_R_NO_TARGET_RESOURCES 0x10030000
-
-/*
- * Error occuring on socket operation
- */
-#define AEP_R_SOCKERROR 0x10000010
-
-/*
- * Socket has been closed from the other end
- */
-#define AEP_R_SOCKEOF 0x10000011
-
-/*
- * Invalid handles
- */
-#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3
-
-#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000
-
-/*
- * Transaction has not yet returned from accelerator
- */
-#define AEP_R_TRANSACTION_NOT_READY 0x00010000
-
-/*
- * There is already a thread waiting on this transaction
- */
-#define AEP_R_TRANSACTION_CLAIMED 0x10050000
-
-/*
- * The transaction timed out
- */
-#define AEP_R_TIMED_OUT 0x10060000
-
-#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000
-
-#define AEP_R_TARGET_ERROR 0x10080000
-
-/*
- * Error in the AEP daemon process
- */
-#define AEP_R_DAEMON_ERROR 0x10090000
-
-/*
- * Invalid ctx id
- */
-#define AEP_R_INVALID_CTX_ID 0x10009000
-
-#define AEP_R_NO_KEY_MANAGER 0x1000a000
-
-/*
- * Error obtaining a mutex
- */
-#define AEP_R_MUTEX_BAD 0x000001A0
-
-/*
- * Fxn call before AEP_Initialise ot after AEP_Finialise
- */
-#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190
-
-/*
- * AEP_Initialise has already been called
- */
-#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191
-
-/*
- * Maximum number of connections to daemon reached
- */
-#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200
-
-/*
- *
- * Some AEP Type definitions
- *
- */
-
-/* an unsigned 8-bit value */
-typedef unsigned char AEP_U8;
-
-/* an unsigned 8-bit character */
-typedef char AEP_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef AEP_U8 AEP_BBOOL;
-
-/*
- * Unsigned value, at least 16 bits long
- */
-typedef unsigned short AEP_U16;
-
-/* an unsigned value, at least 32 bits long */
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned int AEP_U32;
-#else
-typedef unsigned long AEP_U32;
-#endif
-
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned long AEP_U64;
-#else
-typedef struct {
- unsigned long l1, l2;
-} AEP_U64;
-#endif
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef AEP_U32 AEP_FLAGS;
-
-typedef AEP_U8 *AEP_U8_PTR;
-typedef AEP_CHAR *AEP_CHAR_PTR;
-typedef AEP_U32 *AEP_U32_PTR;
-typedef AEP_U64 *AEP_U64_PTR;
-typedef void *AEP_VOID_PTR;
-
-/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
-typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR;
-
-/*
- * Used to identify an AEP connection handle
- */
-typedef AEP_U32 AEP_CONNECTION_HNDL;
-
-/*
- * Pointer to an AEP connection handle
- */
-typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR;
-
-/*
- * Used by an application (in conjunction with the apps process id) to
- * identify an individual transaction
- */
-typedef AEP_U32 AEP_TRANSACTION_ID;
-
-/*
- * Pointer to an applications transaction identifier
- */
-typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR;
-
-/*
- * Return value type
- */
-typedef AEP_U32 AEP_RV;
-
-#define MAX_PROCESS_CONNECTIONS 256
-
-#define RAND_BLK_SIZE 1024
-
-typedef enum {
- NotConnected = 0,
- Connected = 1,
- InUse = 2
-} AEP_CONNECTION_STATE;
-
-typedef struct AEP_CONNECTION_ENTRY {
- AEP_CONNECTION_STATE conn_state;
- AEP_CONNECTION_HNDL conn_hndl;
-} AEP_CONNECTION_ENTRY;
-
-typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
-typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
-
-typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
- AEP_VOID_PTR pA, AEP_VOID_PTR pP,
- AEP_VOID_PTR pN,
- AEP_VOID_PTR pResult,
- AEP_TRANSACTION_ID *pidTransID);
-
-typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
- AEP_VOID_PTR pA, AEP_VOID_PTR pP,
- AEP_VOID_PTR pQ,
- AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
- AEP_VOID_PTR pIqmp,
- AEP_VOID_PTR pResult,
- AEP_TRANSACTION_ID *pidTransID);
-
-#ifdef AEPRAND
-typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
- AEP_U32 Len,
- AEP_U32 Type,
- AEP_VOID_PTR pResult,
- AEP_TRANSACTION_ID *pidTransID);
-#endif
-
-typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
-typedef AEP_RV t_AEP_Finalize(void);
-typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)
- (AEP_VOID_PTR ArbBigNum,
- AEP_U32 *BigNumSize),
- AEP_RV (*MakeAEPBigNumFunc) (AEP_VOID_PTR
- ArbBigNum,
- AEP_U32
- BigNumSize,
- unsigned char
- *AEP_BigNum),
- AEP_RV (*ConverAEPBigNumFunc) (void
- *ArbBigNum,
- AEP_U32
- BigNumSize,
- unsigned
- char
- *AEP_BigNum));
diff --git a/engines/vendor_defns/atalla.h b/engines/vendor_defns/atalla.h
deleted file mode 100644
index 60e7eda5f22d..000000000000
--- a/engines/vendor_defns/atalla.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * This header declares the necessary definitions for using the
- * exponentiation acceleration capabilities of Atalla cards. The only
- * cryptographic operation is performed by "ASI_RSAPrivateKeyOpFn" and this
- * takes a structure that defines an "RSA private key". However, it is really
- * only performing a regular mod_exp using the supplied modulus and exponent
- * - no CRT form is being used. Hence, it is a generic mod_exp function in
- * disguise, and we use it as such. Thanks to the people at Atalla for
- * letting me know these definitions are fine and that they can be reproduced
- * here. Geoff.
- */
-
-typedef struct ItemStr {
- unsigned char *data;
- int len;
-} Item;
-
-typedef struct RSAPrivateKeyStr {
- void *reserved;
- Item version;
- Item modulus;
- Item publicExponent;
- Item privateExponent;
- Item prime[2];
- Item exponent[2];
- Item coefficient;
-} RSAPrivateKey;
-
-/*
- * Predeclare the function pointer types that we dynamically load from the
- * DSO. These use the same names and form that Ben's original support code
- * had (in crypto/bn/bn_exp.c) unless of course I've inadvertently changed
- * the style somewhere along the way!
- */
-
-typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
- unsigned int *ret_buf);
-
-typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
-
-typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
- unsigned char *output,
- unsigned char *input,
- unsigned int modulus_len);
diff --git a/engines/vendor_defns/cswift.h b/engines/vendor_defns/cswift.h
deleted file mode 100644
index 6dcd5fed0aa7..000000000000
--- a/engines/vendor_defns/cswift.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * Attribution notice: Rainbow have generously allowed me to reproduce the
- * necessary definitions here from their API. This means the support can
- * build independently of whether application builders have the API or
- * hardware. This will allow developers to easily produce software that has
- * latent hardware support for any users that have accelertors installed,
- * without the developers themselves needing anything extra. I have only
- * clipped the parts from the CryptoSwift header files that are (or seem)
- * relevant to the CryptoSwift support code. This is simply to keep the file
- * sizes reasonable. [Geoff]
- */
-
-/*
- * NB: These type widths do *not* seem right in general, in particular
- * they're not terribly friendly to 64-bit architectures (unsigned long) will
- * be 64-bit on IA-64 for a start. I'm leaving these alone as they agree with
- * Rainbow's API and this will only be called into question on platforms with
- * Rainbow support anyway! ;-)
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
- typedef long SW_STATUS; /* status */
- typedef unsigned char SW_BYTE; /* 8 bit byte */
- typedef unsigned short SW_U16; /* 16 bit number */
-#if defined(_IRIX)
-# include <sgidefs.h>
- typedef __uint32_t SW_U32;
-#else
- typedef unsigned long SW_U32; /* 32 bit integer */
-#endif
-
-#if defined(OPENSSL_SYS_WIN32)
- typedef struct _SW_U64 {
- SW_U32 low32;
- SW_U32 high32;
- } SW_U64; /* 64 bit integer */
-#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
- typedef longlong SW_U64
-#else /* Unix variants */
- typedef struct _SW_U64 {
- SW_U32 low32;
- SW_U32 high32;
- } SW_U64; /* 64 bit integer */
-#endif
-
-/* status codes */
-#define SW_OK (0L)
-#define SW_ERR_BASE (-10000L)
-#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */
-#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */
- /* up yet */
-#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */
- /* time out */
-#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */
- /* execute the command */
-#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */
- /* NULL */
-#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */
- /* small, too large. */
-#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */
- /* handle */
-#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */
- /* standing at this */
- /* context handle */
-#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */
-#define SW_ERR_NO_PENDING (SW_ERR_BASE-10) /* No request is pending. */
-#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11) /* Not enough memory */
-#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12) /* Invalid algorithm type */
- /* in SW_PARAM structure */
-#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13) /* No key is associated with */
- /* context. */
- /* swAttachKeyParam() is */
- /* not called. */
-#define SW_ERR_KEY_CMD_MISMATCH \
- (SW_ERR_BASE-14) /* Cannot perform requested */
- /* SW_COMMAND_CODE since */
- /* key attached via */
- /* swAttachKeyParam() */
- /* cannot be used for this */
- /* SW_COMMAND_CODE. */
-#define SW_ERR_NOT_IMPLEMENTED \
- (SW_ERR_BASE-15) /* Not implemented */
-#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16) /* Bad command code */
-#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17) /* too small or too large in */
- /* the "initems" or */
- /* "outitems". */
-#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18) /* Bad accelerator number */
-#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19) /* At least one of the self */
- /* test fail, look at the */
- /* selfTestBitmap in */
- /* SW_ACCELERATOR_INFO for */
- /* details. */
-#define SW_ERR_MISALIGN (SW_ERR_BASE-20) /* Certain alogrithms require */
- /* key materials aligned */
- /* in certain order, e.g. */
- /* 128 bit for CRT */
-#define SW_ERR_OUTPUT_NULL_PTR \
- (SW_ERR_BASE-21) /* a required pointer is */
- /* NULL */
-#define SW_ERR_OUTPUT_SIZE \
- (SW_ERR_BASE-22) /* size is invalid, too */
- /* small, too large. */
-#define SW_ERR_FIRMWARE_CHECKSUM \
- (SW_ERR_BASE-23) /* firmware checksum mismatch */
- /* download failed. */
-#define SW_ERR_UNKNOWN_FIRMWARE \
- (SW_ERR_BASE-24) /* unknown firmware error */
-#define SW_ERR_INTERRUPT (SW_ERR_BASE-25) /* request is abort when */
- /* it's waiting to be */
- /* completed. */
-#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26) /* error in writing to Non- */
- /* volatile memory */
-#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27) /* out of range error in */
- /* writing to NV memory */
-#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28) /* Random Number Generation */
- /* failure */
-#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29) /* DSS Sign or Verify failure */
-#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30) /* Failure in various math */
- /* calculations */
-#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31) /* Error in accessing on - */
- /* board memory */
-#define SW_ERR_FIRMWARE_VERSION \
- (SW_ERR_BASE-32) /* Wrong version in firmware */
- /* update */
-#define SW_ERR_ZERO_WORKING_ACCELERATOR \
- (SW_ERR_BASE-44) /* All accelerators are bad */
-
- /* algorithm type */
-#define SW_ALG_CRT 1
-#define SW_ALG_EXP 2
-#define SW_ALG_DSA 3
-#define SW_ALG_NVDATA 4
-
- /* command code */
-#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */
- /* Chinese Remainder Theorem (CRT) */
-#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */
-#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */
-#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */
-#define SW_CMD_RAND 5 /* perform random number generation */
-#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */
-#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */
-
- typedef SW_U32 SW_ALGTYPE; /* alogrithm type */
- typedef SW_U32 SW_STATE; /* state */
- typedef SW_U32 SW_COMMAND_CODE; /* command code */
- typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */
-
- typedef struct _SW_LARGENUMBER {
- SW_U32 nbytes; /* number of bytes in the buffer "value" */
- SW_BYTE *value; /* the large integer as a string of */
- /* bytes in network (big endian) order */
- } SW_LARGENUMBER;
-
-#if defined(OPENSSL_SYS_WIN32)
-# include <windows.h>
- typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
-# define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE
-# define SW_CALLCONV _stdcall
-#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
- /* async callback mechanisms */
- /* swiftCallbackLevel */
-# define SW_MAC_CALLBACK_LEVEL_NO 0
-# define SW_MAC_CALLBACK_LEVEL_HARDWARE 1/* from the hardware ISR */
-# define SW_MAC_CALLBACK_LEVEL_SECONDARY 2/* as secondary ISR */
- typedef int SW_MAC_CALLBACK_LEVEL;
- typedef int SW_OSHANDLE;
-# define SW_OS_INVALID_HANDLE (-1)
-# define SW_CALLCONV
-#else /* Unix variants */
- typedef int SW_OSHANDLE; /* handle to driver */
-# define SW_OS_INVALID_HANDLE (-1)
-# define SW_CALLCONV
-#endif
-
- typedef struct _SW_CRT {
- SW_LARGENUMBER p; /* prime number p */
- SW_LARGENUMBER q; /* prime number q */
- SW_LARGENUMBER dmp1; /* exponent1 */
- SW_LARGENUMBER dmq1; /* exponent2 */
- SW_LARGENUMBER iqmp; /* CRT coefficient */
- } SW_CRT;
-
- typedef struct _SW_EXP {
- SW_LARGENUMBER modulus; /* modulus */
- SW_LARGENUMBER exponent; /* exponent */
- } SW_EXP;
-
- typedef struct _SW_DSA {
- SW_LARGENUMBER p; /* */
- SW_LARGENUMBER q; /* */
- SW_LARGENUMBER g; /* */
- SW_LARGENUMBER key; /* private/public key */
- } SW_DSA;
-
- typedef struct _SW_NVDATA {
- SW_U32 accnum; /* accelerator board number */
- SW_U32 offset; /* offset in byte */
- } SW_NVDATA;
-
- typedef struct _SW_PARAM {
- SW_ALGTYPE type; /* type of the alogrithm */
- union {
- SW_CRT crt;
- SW_EXP exp;
- SW_DSA dsa;
- SW_NVDATA nvdata;
- } up;
- } SW_PARAM;
-
- typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
-
- /*
- * Now the OpenSSL bits, these function types are the for the function
- * pointers that will bound into the Rainbow shared libraries.
- */
- typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE
- *hac);
- typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
- SW_PARAM *key_params);
- typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
- SW_COMMAND_CODE cmd,
- SW_LARGENUMBER pin[],
- SW_U32 pin_count,
- SW_LARGENUMBER pout[],
- SW_U32 pout_count);
- typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE
- hac);
-
-#ifdef __cplusplus
-}
-#endif /* __cplusplus */
diff --git a/engines/vendor_defns/hw_4758_cca.h b/engines/vendor_defns/hw_4758_cca.h
deleted file mode 100644
index 235543ad71e3..000000000000
--- a/engines/vendor_defns/hw_4758_cca.h
+++ /dev/null
@@ -1,150 +0,0 @@
-/**********************************************************************/
-/* */
-/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */
-/* */
-/* Maurice Gittens <maurice@gittens.nl> */
-/* */
-/**********************************************************************/
-
-#ifndef __HW_4758_CCA__
-# define __HW_4758_CCA__
-
-/*
- * Only WIN32 support for now
- */
-# if defined(WIN32)
-
-# define CCA_LIB_NAME "CSUNSAPI"
-
-# define CSNDPKX "CSNDPKX_32"
-# define CSNDKRR "CSNDKRR_32"
-# define CSNDPKE "CSNDPKE_32"
-# define CSNDPKD "CSNDPKD_32"
-# define CSNDDSV "CSNDDSV_32"
-# define CSNDDSG "CSNDDSG_32"
-# define CSNBRNG "CSNBRNG_32"
-
-# define SECURITYAPI __stdcall
-# else
- /*
- * Fixme!! Find out the values of these constants for other platforms.
- */
-# define CCA_LIB_NAME "CSUNSAPI"
-
-# define CSNDPKX "CSNDPKX"
-# define CSNDKRR "CSNDKRR"
-# define CSNDPKE "CSNDPKE"
-# define CSNDPKD "CSNDPKD"
-# define CSNDDSV "CSNDDSV"
-# define CSNDDSG "CSNDDSG"
-# define CSNBRNG "CSNBRNG"
-
-# define SECURITYAPI
-# endif
-
-/*
- * security API prototypes
- */
-
-/* PKA Key Record Read */
-typedef void (SECURITYAPI * F_KEYRECORDREAD)
- (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char *exit_data,
- long *rule_array_count,
- unsigned char *rule_array,
- unsigned char *key_label, long *key_token_length, unsigned char *key_token);
-
-/* Random Number Generate */
-typedef void (SECURITYAPI * F_RANDOMNUMBERGENERATE)
- (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char *exit_data,
- unsigned char *form, unsigned char *random_number);
-
-/* Digital Signature Generate */
-typedef void (SECURITYAPI * F_DIGITALSIGNATUREGENERATE)
- (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char *exit_data,
- long *rule_array_count,
- unsigned char *rule_array,
- long *PKA_private_key_id_length,
- unsigned char *PKA_private_key_id,
- long *hash_length,
- unsigned char *hash,
- long *signature_field_length,
- long *signature_bit_length, unsigned char *signature_field);
-
-/* Digital Signature Verify */
-typedef void (SECURITYAPI * F_DIGITALSIGNATUREVERIFY) (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char
- *exit_data,
- long *rule_array_count,
- unsigned char
- *rule_array,
- long
- *PKA_public_key_id_length,
- unsigned char
- *PKA_public_key_id,
- long *hash_length,
- unsigned char *hash,
- long
- *signature_field_length,
- unsigned char
- *signature_field);
-
-/* PKA Public Key Extract */
-typedef void (SECURITYAPI * F_PUBLICKEYEXTRACT) (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char *exit_data,
- long *rule_array_count,
- unsigned char *rule_array,
- long
- *source_key_identifier_length,
- unsigned char
- *source_key_identifier,
- long
- *target_key_token_length,
- unsigned char
- *target_key_token);
-
-/* PKA Encrypt */
-typedef void (SECURITYAPI * F_PKAENCRYPT)
- (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char *exit_data,
- long *rule_array_count,
- unsigned char *rule_array,
- long *key_value_length,
- unsigned char *key_value,
- long *data_struct_length,
- unsigned char *data_struct,
- long *RSA_public_key_length,
- unsigned char *RSA_public_key,
- long *RSA_encipher_length, unsigned char *RSA_encipher);
-
-/* PKA Decrypt */
-typedef void (SECURITYAPI * F_PKADECRYPT)
- (long *return_code,
- long *reason_code,
- long *exit_data_length,
- unsigned char *exit_data,
- long *rule_array_count,
- unsigned char *rule_array,
- long *enciphered_key_length,
- unsigned char *enciphered_key,
- long *data_struct_length,
- unsigned char *data_struct,
- long *RSA_private_key_length,
- unsigned char *RSA_private_key,
- long *key_value_length, unsigned char *key_value);
-
-#endif
diff --git a/engines/vendor_defns/hw_ubsec.h b/engines/vendor_defns/hw_ubsec.h
deleted file mode 100644
index a4e67fc53647..000000000000
--- a/engines/vendor_defns/hw_ubsec.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/******************************************************************************
- *
- * Copyright 2000
- * Broadcom Corporation
- * 16215 Alton Parkway
- * PO Box 57013
- * Irvine CA 92619-7013
- *
- *****************************************************************************/
-/*
- * Broadcom Corporation uBSec SDK
- */
-/*
- * Character device header file.
- */
-/*
- * Revision History:
- *
- * October 2000 JTT Created.
- */
-
-#define MAX_PUBLIC_KEY_BITS (1024)
-#define MAX_PUBLIC_KEY_BYTES (1024/8)
-#define SHA_BIT_SIZE (160)
-#define MAX_CRYPTO_KEY_LENGTH 24
-#define MAX_MAC_KEY_LENGTH 64
-#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt")
-#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey")
-
-/* Math command types. */
-#define UBSEC_MATH_MODADD 0x0001
-#define UBSEC_MATH_MODSUB 0x0002
-#define UBSEC_MATH_MODMUL 0x0004
-#define UBSEC_MATH_MODEXP 0x0008
-#define UBSEC_MATH_MODREM 0x0010
-#define UBSEC_MATH_MODINV 0x0020
-
-typedef long ubsec_MathCommand_t;
-typedef long ubsec_RNGCommand_t;
-
-typedef struct ubsec_crypto_context_s {
- unsigned int flags;
- unsigned char crypto[MAX_CRYPTO_KEY_LENGTH];
- unsigned char auth[MAX_MAC_KEY_LENGTH];
-} ubsec_crypto_context_t, *ubsec_crypto_context_p;
-
-/*
- * Predeclare the function pointer types that we dynamically load from the DSO.
- */
-
-typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes);
-
-typedef int t_UBSEC_ubsec_bits_to_bytes(int bits);
-
-typedef int t_UBSEC_ubsec_open(unsigned char *device);
-
-typedef int t_UBSEC_ubsec_close(int fd);
-
-typedef int t_UBSEC_diffie_hellman_generate_ioctl(int fd,
- unsigned char *x,
- int *x_len,
- unsigned char *y,
- int *y_len,
- unsigned char *g, int g_len,
- unsigned char *m, int m_len,
- unsigned char *userX,
- int userX_len,
- int random_bits);
-
-typedef int t_UBSEC_diffie_hellman_agree_ioctl(int fd,
- unsigned char *x, int x_len,
- unsigned char *y, int y_len,
- unsigned char *m, int m_len,
- unsigned char *k, int *k_len);
-
-typedef int t_UBSEC_rsa_mod_exp_ioctl(int fd,
- unsigned char *x, int x_len,
- unsigned char *m, int m_len,
- unsigned char *e, int e_len,
- unsigned char *y, int *y_len);
-
-typedef int t_UBSEC_rsa_mod_exp_crt_ioctl(int fd,
- unsigned char *x, int x_len,
- unsigned char *qinv, int qinv_len,
- unsigned char *edq, int edq_len,
- unsigned char *q, int q_len,
- unsigned char *edp, int edp_len,
- unsigned char *p, int p_len,
- unsigned char *y, int *y_len);
-
-typedef int t_UBSEC_dsa_sign_ioctl(int fd,
- int hash, unsigned char *data,
- int data_len, unsigned char *rndom,
- int random_len, unsigned char *p,
- int p_len, unsigned char *q, int q_len,
- unsigned char *g, int g_len,
- unsigned char *key, int key_len,
- unsigned char *r, int *r_len,
- unsigned char *s, int *s_len);
-
-typedef int t_UBSEC_dsa_verify_ioctl(int fd,
- int hash, unsigned char *data,
- int data_len, unsigned char *p,
- int p_len, unsigned char *q, int q_len,
- unsigned char *g, int g_len,
- unsigned char *key, int key_len,
- unsigned char *r, int r_len,
- unsigned char *s, int s_len,
- unsigned char *v, int *v_len);
-
-typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command,
- unsigned char *ModN, int *ModN_len,
- unsigned char *ExpE, int *ExpE_len,
- unsigned char *ParamA,
- int *ParamA_len,
- unsigned char *ParamB,
- int *ParamB_len,
- unsigned char *Result,
- int *Result_len);
-
-typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command,
- unsigned char *Result, int *Result_len);
-
-typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len);
diff --git a/engines/vendor_defns/hwcryptohook.h b/engines/vendor_defns/hwcryptohook.h
deleted file mode 100644
index fa06396a01a0..000000000000
--- a/engines/vendor_defns/hwcryptohook.h
+++ /dev/null
@@ -1,502 +0,0 @@
-/*-
- * ModExp / RSA (with/without KM) plugin API
- *
- * The application will load a dynamic library which
- * exports entrypoint(s) defined in this file.
- *
- * This set of entrypoints provides only a multithreaded,
- * synchronous-within-each-thread, facility.
- *
- *
- * This file is Copyright 1998-2000 nCipher Corporation Limited.
- *
- * Redistribution and use in source and binary forms, with opr without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the copyright notice,
- * this list of conditions, and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions, and the following
- * disclaimer, in the documentation and/or other materials provided
- * with the distribution
- *
- * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
- * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
- * damages arising directly or indirectly from this file, its use or
- * this licence. Without prejudice to the generality of the
- * foregoing: all liability shall be excluded for direct, indirect,
- * special, incidental, consequential or other damages or any loss of
- * profits, business, revenue goodwill or anticipated savings;
- * liability shall be excluded even if nCipher or anyone else has been
- * advised of the possibility of damage. In any event, if the
- * exclusion of liability is not effective, the liability of nCipher
- * or any author or distributor shall be limited to the lesser of the
- * price paid and 1,000 pounds sterling. This licence only fails to
- * exclude or limit liability for death or personal injury arising out
- * of negligence, and only to the extent that such an exclusion or
- * limitation is not effective.
- *
- * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
- * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
- * limited to, any implied warranties of merchantability, fitness for
- * a particular purpose, satisfactory quality, and/or non-infringement
- * of any third party rights.
- *
- * US Government use: This software and documentation is Commercial
- * Computer Software and Computer Software Documentation, as defined in
- * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
- * Noncommercial Computer Software and Noncommercial Computer Software
- * Documentation." Use, duplication or disclosure by the Government is
- * subject to the terms and conditions specified here.
- *
- * By using or distributing this file you will be accepting these
- * terms and conditions, including the limitation of liability and
- * lack of warranty. If you do not wish to accept these terms and
- * conditions, DO NOT USE THE FILE.
- *
- *
- * The actual dynamically loadable plugin, and the library files for
- * static linking, which are also provided in some distributions, are
- * not covered by the licence described above. You should have
- * received a separate licence with terms and conditions for these
- * library files; if you received the library files without a licence,
- * please contact nCipher.
- *
- *
- * $Id: hwcryptohook.h,v 1.1 2002/10/11 17:10:59 levitte Exp $
- */
-
-#ifndef HWCRYPTOHOOK_H
-# define HWCRYPTOHOOK_H
-
-# include <sys/types.h>
-# include <stdio.h>
-
-# ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
-# define HWCRYPTOHOOK_DECLARE_APPTYPES 1
-# endif
-
-# define HWCRYPTOHOOK_ERROR_FAILED -1
-# define HWCRYPTOHOOK_ERROR_FALLBACK -2
-# define HWCRYPTOHOOK_ERROR_MPISIZE -3
-
-# if HWCRYPTOHOOK_DECLARE_APPTYPES
-
-/*-
- * These structs are defined by the application and opaque to the
- * crypto plugin. The application may define these as it sees fit.
- * Default declarations are provided here, but the application may
- * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
- * to prevent these declarations, and instead provide its own
- * declarations of these types. (Pointers to them must still be
- * ordinary pointers to structs or unions, or the resulting combined
- * program will have a type inconsistency.)
- */
-typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
-typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
-typedef struct HWCryptoHook_PassphraseContextValue
- HWCryptoHook_PassphraseContext;
-typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
-
-# endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */
-
-/*-
- * These next two structs are opaque to the application. The crypto
- * plugin will return pointers to them; the caller simply manipulates
- * the pointers.
- */
-typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
-typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
-
-typedef struct {
- char *buf;
- size_t size;
-} HWCryptoHook_ErrMsgBuf;
-/*-
- * Used for error reporting. When a HWCryptoHook function fails it
- * will return a sentinel value (0 for pointer-valued functions, or a
- * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
- * integer-valued ones). It will, if an ErrMsgBuf is passed, also put
- * an error message there.
- *
- * size is the size of the buffer, and will not be modified. If you
- * pass 0 for size you must pass 0 for buf, and nothing will be
- * recorded (just as if you passed 0 for the struct pointer).
- * Messages written to the buffer will always be null-terminated, even
- * when truncated to fit within size bytes.
- *
- * The contents of the buffer are not defined if there is no error.
- */
-
-typedef struct HWCryptoHook_MPIStruct {
- unsigned char *buf;
- size_t size;
-} HWCryptoHook_MPI;
-/*-
- * When one of these is returned, a pointer is passed to the function.
- * At call, size is the space available. Afterwards it is updated to
- * be set to the actual length (which may be more than the space available,
- * if there was not enough room and the result was truncated).
- * buf (the pointer) is not updated.
- *
- * size is in bytes and may be zero at call or return, but must be a
- * multiple of the limb size. Zero limbs at the MS end are not
- * permitted.
- */
-
-# define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL
-# define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL
-/*-
- * Enable requesting fallback to software in case of problems with the
- * hardware support. This indicates to the crypto provider that the
- * application is prepared to fall back to software operation if the
- * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
- * Without this flag those calls will never return
- * HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto
- * provider to avoid repeatedly attempting to contact dead hardware
- * within a short interval, if appropriate.
- */
-
-# define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL
-/*-
- * Without _SimpleForkCheck the library is allowed to assume that the
- * application will not fork and call the library in the child(ren).
- *
- * When it is specified, this is allowed. However, after a fork
- * neither parent nor child may unload any loaded keys or call
- * _Finish. Instead, they should call exit (or die with a signal)
- * without calling _Finish. After all the children have died the
- * parent may unload keys or call _Finish.
- *
- * This flag only has any effect on UN*X platforms.
- */
-
-typedef struct {
- unsigned long flags;
- void *logstream; /* usually a FILE*. See below. */
- size_t limbsize; /* bignum format - size of radix type, must
- * be power of 2 */
- int mslimbfirst; /* 0 or 1 */
- int msbytefirst; /* 0 or 1; -1 = native */
- /*-
- * All the callback functions should return 0 on success, or a
- * nonzero integer (whose value will be visible in the error message
- * put in the buffer passed to the call).
- *
- * If a callback is not available pass a null function pointer.
- *
- * The callbacks may not call down again into the crypto plugin.
- */
- /*-
- * For thread-safety. Set everything to 0 if you promise only to be
- * singlethreaded. maxsimultaneous is the number of calls to
- * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
- * put there then say 0 and the hook library will use a default.
- *
- * maxmutexes is a small limit on the number of simultaneous mutexes
- * which will be requested by the library. If there is no small
- * limit, set it to 0. If the crypto plugin cannot create the
- * advertised number of mutexes the calls to its functions may fail.
- * If a low number of mutexes is advertised the plugin will try to
- * do the best it can. Making larger numbers of mutexes available
- * may improve performance and parallelism by reducing contention
- * over critical sections. Unavailability of any mutexes, implying
- * single-threaded operation, should be indicated by the setting
- * mutex_init et al to 0.
- */
- int maxmutexes;
- int maxsimultaneous;
- size_t mutexsize;
- int (*mutex_init) (HWCryptoHook_Mutex *,
- HWCryptoHook_CallerContext * cactx);
- int (*mutex_acquire) (HWCryptoHook_Mutex *);
- void (*mutex_release) (HWCryptoHook_Mutex *);
- void (*mutex_destroy) (HWCryptoHook_Mutex *);
- /*-
- * For greater efficiency, can use condition vars internally for
- * synchronisation. In this case maxsimultaneous is ignored, but
- * the other mutex stuff must be available. In singlethreaded
- * programs, set everything to 0.
- */
- size_t condvarsize;
- int (*condvar_init) (HWCryptoHook_CondVar *,
- HWCryptoHook_CallerContext * cactx);
- int (*condvar_wait) (HWCryptoHook_CondVar *, HWCryptoHook_Mutex *);
- void (*condvar_signal) (HWCryptoHook_CondVar *);
- void (*condvar_broadcast) (HWCryptoHook_CondVar *);
- void (*condvar_destroy) (HWCryptoHook_CondVar *);
- /*-
- * The semantics of acquiring and releasing mutexes and broadcasting
- * and waiting on condition variables are expected to be those from
- * POSIX threads (pthreads). The mutexes may be (in pthread-speak)
- * fast mutexes, recursive mutexes, or nonrecursive ones.
- *
- * The _release/_signal/_broadcast and _destroy functions must
- * always succeed when given a valid argument; if they are given an
- * invalid argument then the program (crypto plugin + application)
- * has an internal error, and they should abort the program.
- */
- int (*getpassphrase) (const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx);
- /*-
- * Passphrases and the prompt_info, if they contain high-bit-set
- * characters, are UTF-8. The prompt_info may be a null pointer if
- * no prompt information is available (it should not be an empty
- * string). It will not contain text like `enter passphrase';
- * instead it might say something like `Operator Card for John
- * Smith' or `SmartCard in nFast Module #1, Slot #1'.
- *
- * buf points to a buffer in which to return the passphrase; on
- * entry *len_io is the length of the buffer. It should be updated
- * by the callback. The returned passphrase should not be
- * null-terminated by the callback.
- */
- int (*getphystoken) (const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext * ppctx,
- HWCryptoHook_CallerContext * cactx);
- /*-
- * Requests that the human user physically insert a different
- * smartcard, DataKey, etc. The plugin should check whether the
- * currently inserted token(s) are appropriate, and if they are it
- * should not make this call.
- *
- * prompt_info is as before. wrong_info is a description of the
- * currently inserted token(s) so that the user is told what
- * something is. wrong_info, like prompt_info, may be null, but
- * should not be an empty string. Its contents should be
- * syntactically similar to that of prompt_info.
- */
- /*-
- * Note that a single LoadKey operation might cause several calls to
- * getpassphrase and/or requestphystoken. If requestphystoken is
- * not provided (ie, a null pointer is passed) then the plugin may
- * not support loading keys for which authorisation by several cards
- * is required. If getpassphrase is not provided then cards with
- * passphrases may not be supported.
- *
- * getpassphrase and getphystoken do not need to check that the
- * passphrase has been entered correctly or the correct token
- * inserted; the crypto plugin will do that. If this is not the
- * case then the crypto plugin is responsible for calling these
- * routines again as appropriate until the correct token(s) and
- * passphrase(s) are supplied as required, or until any retry limits
- * implemented by the crypto plugin are reached.
- *
- * In either case, the application must allow the user to say `no'
- * or `cancel' to indicate that they do not know the passphrase or
- * have the appropriate token; this should cause the callback to
- * return nonzero indicating error.
- */
- void (*logmessage) (void *logstream, const char *message);
- /*-
- * A log message will be generated at least every time something goes
- * wrong and an ErrMsgBuf is filled in (or would be if one was
- * provided). Other diagnostic information may be written there too,
- * including more detailed reasons for errors which are reported in an
- * ErrMsgBuf.
- *
- * When a log message is generated, this callback is called. It
- * should write a message to the relevant logging arrangements.
- *
- * The message string passed will be null-terminated and may be of arbitrary
- * length. It will not be prefixed by the time and date, nor by the
- * name of the library that is generating it - if this is required,
- * the logmessage callback must do it. The message will not have a
- * trailing newline (though it may contain internal newlines).
- *
- * If a null pointer is passed for logmessage a default function is
- * used. The default function treats logstream as a FILE* which has
- * been converted to a void*. If logstream is 0 it does nothing.
- * Otherwise it prepends the date and time and library name and
- * writes the message to logstream. Each line will be prefixed by a
- * descriptive string containing the date, time and identity of the
- * crypto plugin. Errors on the logstream are not reported
- * anywhere, and the default function doesn't flush the stream, so
- * the application must set the buffering how it wants it.
- *
- * The crypto plugin may also provide a facility to have copies of
- * log messages sent elsewhere, and or for adjusting the verbosity
- * of the log messages; any such facilities will be configured by
- * external means.
- */
-} HWCryptoHook_InitInfo;
-
-typedef
-HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *
- initinfo, size_t initinfosize,
- const HWCryptoHook_ErrMsgBuf *
- errors,
- HWCryptoHook_CallerContext *
- cactx);
-extern HWCryptoHook_Init_t HWCryptoHook_Init;
-
-/*-
- * Caller should set initinfosize to the size of the HWCryptoHook struct,
- * so it can be extended later.
- *
- * On success, a message for display or logging by the server,
- * including the name and version number of the plugin, will be filled
- * in into *errors; on failure *errors is used for error handling, as
- * usual.
- */
-
-/*-
- * All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
- * on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
- * the output MPI buffer(s) was too small; the sizes of all have been
- * set to the desired size (and for those where the buffer was large
- * enough, the value may have been copied in), and no error message
- * has been recorded.
- *
- * You may pass 0 for the errors struct. In any case, unless you set
- * _NoStderr at init time then messages may be reported to stderr.
- */
-
-/*-
- * The RSAImmed* functions (and key managed RSA) only work with
- * modules which have an RSA patent licence - currently that means KM
- * units; the ModExp* ones work with all modules, so you need a patent
- * licence in the software in the US. They are otherwise identical.
- */
-
-typedef
-void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
-extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
-/* You must not have any calls going or keys loaded when you call this. */
-
-typedef
-int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
- unsigned char *buf, size_t len,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
-
-typedef
-int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI a,
- HWCryptoHook_MPI p,
- HWCryptoHook_MPI n,
- HWCryptoHook_MPI * r,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
-
-typedef
-int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI m,
- HWCryptoHook_MPI e,
- HWCryptoHook_MPI n,
- HWCryptoHook_MPI * r,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
-
-typedef
-int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI a,
- HWCryptoHook_MPI p,
- HWCryptoHook_MPI q,
- HWCryptoHook_MPI dmp1,
- HWCryptoHook_MPI dmq1,
- HWCryptoHook_MPI iqmp,
- HWCryptoHook_MPI * r,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
-
-typedef
-int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI m,
- HWCryptoHook_MPI p,
- HWCryptoHook_MPI q,
- HWCryptoHook_MPI dmp1,
- HWCryptoHook_MPI dmq1,
- HWCryptoHook_MPI iqmp,
- HWCryptoHook_MPI * r,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
-
-/*-
- * The RSAImmed* and ModExp* functions may return E_FAILED or
- * E_FALLBACK for failure.
- *
- * E_FAILED means the failure is permanent and definite and there
- * should be no attempt to fall back to software. (Eg, for some
- * applications, which support only the acceleration-only
- * functions, the `key material' may actually be an encoded key
- * identifier, and doing the operation in software would give wrong
- * answers.)
- *
- * E_FALLBACK means that doing the computation in software would seem
- * reasonable. If an application pays attention to this and is
- * able to fall back, it should also set the Fallback init flags.
- */
-
-typedef
-int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
- const char *key_ident,
- HWCryptoHook_RSAKeyHandle * keyhandle_r,
- const HWCryptoHook_ErrMsgBuf * errors,
- HWCryptoHook_PassphraseContext * ppctx);
-extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
-/*-
- * The key_ident is a null-terminated string configured by the
- * user via the application's usual configuration mechanisms.
- * It is provided to the user by the crypto provider's key management
- * system. The user must be able to enter at least any string of between
- * 1 and 1023 characters inclusive, consisting of printable 7-bit
- * ASCII characters. The provider should avoid using
- * any characters except alphanumerics and the punctuation
- * characters _ - + . / @ ~ (the user is expected to be able
- * to enter these without quoting). The string may be case-sensitive.
- * The application may allow the user to enter other NULL-terminated strings,
- * and the provider must cope (returning an error if the string is not
- * valid).
- *
- * If the key does not exist, no error is recorded and 0 is returned;
- * keyhandle_r will be set to 0 instead of to a key handle.
- */
-
-typedef
-int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
- HWCryptoHook_MPI * n,
- HWCryptoHook_MPI * e,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
-/*-
- * The crypto plugin will not store certificates.
- *
- * Although this function for acquiring the public key value is
- * provided, it is not the purpose of this API to deal fully with the
- * handling of the public key.
- *
- * It is expected that the crypto supplier's key generation program
- * will provide general facilities for producing X.509
- * self-certificates and certificate requests in PEM format. These
- * will be given to the user so that they can configure them in the
- * application, send them to CAs, or whatever.
- *
- * In case this kind of certificate handling is not appropriate, the
- * crypto supplier's key generation program should be able to be
- * configured not to generate such a self-certificate or certificate
- * request. Then the application will need to do all of this, and
- * will need to store and handle the public key and certificates
- * itself.
- */
-
-typedef
-int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
-/* Might fail due to locking problems, or other serious internal problems. */
-
-typedef
-int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
- HWCryptoHook_RSAKeyHandle k,
- HWCryptoHook_MPI * r,
- const HWCryptoHook_ErrMsgBuf * errors);
-extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
-/* RSA private key operation (sign or decrypt) - raw, unpadded. */
-
-#endif /* HWCRYPTOHOOK_H */
diff --git a/engines/vendor_defns/sureware.h b/engines/vendor_defns/sureware.h
deleted file mode 100644
index b1423e19797d..000000000000
--- a/engines/vendor_defns/sureware.h
+++ /dev/null
@@ -1,250 +0,0 @@
-/*-
- * Written by Corinne Dive-Reclus(cdive@baltimore.com)
- *
- * Copyright@2001 Baltimore Technologies Ltd.
- *
- * THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef WIN32
-# define SW_EXPORT __declspec ( dllexport )
-#else
-# define SW_EXPORT
-#endif
-
-/*
- * List of exposed SureWare errors
- */
-#define SUREWAREHOOK_ERROR_FAILED -1
-#define SUREWAREHOOK_ERROR_FALLBACK -2
-#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
-#define SUREWAREHOOK_ERROR_DATA_SIZE -4
-#define SUREWAREHOOK_ERROR_INVALID_PAD -5
-/*-
-* -----------------WARNING-----------------------------------
-* In all the following functions:
-* msg is a string with at least 24 bytes free.
-* A 24 bytes string will be concatenated to the existing content of msg.
-*/
-/*-
-* SureWare Initialisation function
-* in param threadsafe, if !=0, thread safe enabled
-* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
-*/
-typedef int SureWareHook_Init_t(char *const msg, int threadsafe);
-extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
-/*-
-* SureWare Finish function
-*/
-typedef void SureWareHook_Finish_t(void);
-extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
-/*-
-* PRE_CONDITION:
-* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
-*/
-/*-
-* SureWare RAND Bytes function
-* In case of failure, the content of buf is unpredictable.
-* return 1 if success
-* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in/out param buf : a num bytes long buffer where random bytes will be put
-* in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Bytes_t(char *const msg, unsigned char *buf,
- int num);
-extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
-
-/*-
-* SureWare RAND Seed function
-* Adds some seed to the Hardware Random Number Generator
-* return 1 if success
-* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param buf : the seed to add into the HRNG
-* in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Seed_t(char *const msg, const void *buf,
- int num);
-extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
-
-/*-
-* SureWare Load Private Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the private protected key file without the extension
- ".sws"
-* out param hptr : a pointer to a buffer allocated by SureWare_Hook
-* out param num: the effective key length in bytes
-* out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Load_Privkey_t(char *const msg, const char *key_id,
- char **hptr, unsigned long *num,
- char *keytype);
-extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
-
-/*-
-* SureWare Info Public Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the private protected key file without the extension
- ".swp"
-* out param hptr : a pointer to a buffer allocated by SureWare_Hook
-* out param num: the effective key length in bytes
-* out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Info_Pubkey_t(char *const msg, const char *key_id,
- unsigned long *num, char *keytype);
-extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
-
-/*-
-* SureWare Load Public Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the public protected key file without the extension
- ".swp"
-* in param num : the bytes size of n and e
-* out param n: where to write modulus in bn format
-* out param e: where to write exponent in bn format
-*/
-typedef int SureWareHook_Load_Rsa_Pubkey_t(char *const msg,
- const char *key_id,
- unsigned long num,
- unsigned long *n,
- unsigned long *e);
-extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
-
-/*-
-* SureWare Load DSA Public Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the public protected key file without the extension
- ".swp"
-* in param num : the bytes size of n and e
-* out param pub: where to write pub key in bn format
-* out param p: where to write prime in bn format
-* out param q: where to write sunprime (length 20 bytes) in bn format
-* out param g: where to write base in bn format
-*/
-typedef int SureWareHook_Load_Dsa_Pubkey_t(char *const msg,
- const char *key_id,
- unsigned long num,
- unsigned long *pub,
- unsigned long *p, unsigned long *q,
- unsigned long *g);
-extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
-
-/*-
-* SureWare Free function
-* Destroy the key into the hardware if destroy==1
-*/
-typedef void SureWareHook_Free_t(char *p, int destroy);
-extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
-
-#define SUREWARE_PKCS1_PAD 1
-#define SUREWARE_ISO9796_PAD 2
-#define SUREWARE_NO_PAD 0
-/*-
-* SureWare RSA Private Decryption
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param flen : byte size of from and to
-* in param from : encrypted data buffer, should be a not-null valid pointer
-* out param tlen: byte size of decrypted data, if error, unexpected value
-* out param to : decrypted data buffer, should be a not-null valid pointer
-* in param prsa: a protected key pointer, should be a not-null valid pointer
-* int padding: padding id as follow
-* SUREWARE_PKCS1_PAD
-* SUREWARE_NO_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Priv_Dec_t(char *const msg, int flen,
- unsigned char *from, int *tlen,
- unsigned char *to, char *prsa,
- int padding);
-extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
-/*-
-* SureWare RSA Signature
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param flen : byte size of from and to
-* in param from : encrypted data buffer, should be a not-null valid pointer
-* out param tlen: byte size of decrypted data, if error, unexpected value
-* out param to : decrypted data buffer, should be a not-null valid pointer
-* in param prsa: a protected key pointer, should be a not-null valid pointer
-* int padding: padding id as follow
-* SUREWARE_PKCS1_PAD
-* SUREWARE_ISO9796_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Sign_t(char *const msg, int flen,
- unsigned char *from, int *tlen,
- unsigned char *to, char *prsa,
- int padding);
-extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
-/*-
-* SureWare DSA Signature
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param flen : byte size of from and to
-* in param from : encrypted data buffer, should be a not-null valid pointer
-* out param to : decrypted data buffer, should be a 40bytes valid pointer
-* in param pdsa: a protected key pointer, should be a not-null valid pointer
-*
-*/
-typedef int SureWareHook_Dsa_Sign_t(char *const msg, int flen,
- const unsigned char *from,
- unsigned long *r, unsigned long *s,
- char *pdsa);
-extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
-
-/*-
-* SureWare Mod Exp
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* mod and res are mlen bytes long.
-* exp is elen bytes long
-* data is dlen bytes long
-* mlen,elen and dlen are all multiple of sizeof(unsigned long)
-*/
-typedef int SureWareHook_Mod_Exp_t(char *const msg, int mlen,
- const unsigned long *mod, int elen,
- const unsigned long *exponent, int dlen,
- unsigned long *data, unsigned long *res);
-extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;