summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorreyk <>2014-04-14 09:36:26 +0000
committerreyk <>2014-04-14 09:36:26 +0000
commit10e4816996f9482d6205b7b6ff1e51e7a313e92b (patch)
tree6bc2631d25ee7ca72133bc5fee3867f226a423d7
parent11446f8c78568cc1e63325f8674e405ede0f5259 (diff)
downloadopenbsd-10e4816996f9482d6205b7b6ff1e51e7a313e92b.tar.gz
openbsd-10e4816996f9482d6205b7b6ff1e51e7a313e92b.tar.bz2
openbsd-10e4816996f9482d6205b7b6ff1e51e7a313e92b.zip
Remove the nCipher CHIL engine. It is not standalone and depends on
external libraries that aren't covered by the same license.
Diffstat
-rw-r--r--src/lib/libcrypto/doc/engine.pod3
-rw-r--r--src/lib/libcrypto/engine/eng_all.c3
-rw-r--r--src/lib/libcrypto/engine/engine.h17
-rw-r--r--src/lib/libcrypto/ts/ts_conf.c3
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_all.c3
-rw-r--r--src/lib/libssl/src/crypto/engine/engine.h17
-rw-r--r--src/lib/libssl/src/crypto/ts/ts_conf.c3
-rw-r--r--src/lib/libssl/src/doc/crypto/engine.pod3
-rw-r--r--src/lib/libssl/src/engines/Makefile20
-rw-r--r--src/lib/libssl/src/engines/e_chil.c1356
-rw-r--r--src/lib/libssl/src/engines/e_chil.ec1
-rw-r--r--src/lib/libssl/src/engines/e_chil_err.c160
-rw-r--r--src/lib/libssl/src/engines/e_chil_err.h104
-rw-r--r--src/lib/libssl/src/engines/vendor_defns/hwcryptohook.h486
14 files changed, 0 insertions, 2179 deletions
diff --git a/src/lib/libcrypto/doc/engine.pod b/src/lib/libcrypto/doc/engine.pod
index 1985924319..4b4d76f3e4 100644
--- a/src/lib/libcrypto/doc/engine.pod
+++ b/src/lib/libcrypto/doc/engine.pod
@@ -24,7 +24,6 @@ engine - ENGINE cryptographic module support
24 void ENGINE_load_openssl(void); 24 void ENGINE_load_openssl(void);
25 void ENGINE_load_dynamic(void); 25 void ENGINE_load_dynamic(void);
26 #ifndef OPENSSL_NO_STATIC_ENGINE 26 #ifndef OPENSSL_NO_STATIC_ENGINE
27 void ENGINE_load_chil(void);
28 void ENGINE_load_gmp(void); 27 void ENGINE_load_gmp(void);
29 void ENGINE_load_nuron(void); 28 void ENGINE_load_nuron(void);
30 #endif 29 #endif
@@ -316,8 +315,6 @@ functions, eg.
316 315
317 /* Make the "dynamic" ENGINE available */ 316 /* Make the "dynamic" ENGINE available */
318 void ENGINE_load_dynamic(void); 317 void ENGINE_load_dynamic(void);
319 /* Make support for nCipher's "CHIL" hardware available */
320 void ENGINE_load_chil(void);
321 ... 318 ...
322 /* Make ALL ENGINE implementations bundled with OpenSSL available */ 319 /* Make ALL ENGINE implementations bundled with OpenSSL available */
323 void ENGINE_load_builtin_engines(void); 320 void ENGINE_load_builtin_engines(void);
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c
index 6402afb6cb..c9210fb514 100644
--- a/src/lib/libcrypto/engine/eng_all.c
+++ b/src/lib/libcrypto/engine/eng_all.c
@@ -82,9 +82,6 @@ void ENGINE_load_builtin_engines(void)
82 ENGINE_load_dynamic(); 82 ENGINE_load_dynamic();
83#ifndef OPENSSL_NO_STATIC_ENGINE 83#ifndef OPENSSL_NO_STATIC_ENGINE
84#ifndef OPENSSL_NO_HW 84#ifndef OPENSSL_NO_HW
85#ifndef OPENSSL_NO_HW_NCIPHER
86 ENGINE_load_chil();
87#endif
88#ifndef OPENSSL_NO_HW_NURON 85#ifndef OPENSSL_NO_HW_NURON
89 ENGINE_load_nuron(); 86 ENGINE_load_nuron();
90#endif 87#endif
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
index e9478dd12f..a2b7e83a66 100644
--- a/src/lib/libcrypto/engine/engine.h
+++ b/src/lib/libcrypto/engine/engine.h
@@ -246,22 +246,6 @@ extern "C" {
246 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ 246 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
247#define ENGINE_CMD_BASE 200 247#define ENGINE_CMD_BASE 200
248 248
249/* NB: These 2 nCipher "chil" control commands are deprecated, and their
250 * functionality is now available through ENGINE-specific control commands
251 * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
252 * commands should be migrated to the more general command handling before these
253 * are removed. */
254
255/* Flags specific to the nCipher "chil" engine */
256#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
257 /* Depending on the value of the (long)i argument, this sets or
258 * unsets the SimpleForkCheck flag in the CHIL API to enable or
259 * disable checking and workarounds for applications that fork().
260 */
261#define ENGINE_CTRL_CHIL_NO_LOCKING 101
262 /* This prevents the initialisation function from providing mutex
263 * callbacks to the nCipher library. */
264
265/* If an ENGINE supports its own specific control commands and wishes the 249/* If an ENGINE supports its own specific control commands and wishes the
266 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its 250 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
267 * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries 251 * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
@@ -332,7 +316,6 @@ ENGINE *ENGINE_by_id(const char *id);
332void ENGINE_load_openssl(void); 316void ENGINE_load_openssl(void);
333void ENGINE_load_dynamic(void); 317void ENGINE_load_dynamic(void);
334#ifndef OPENSSL_NO_STATIC_ENGINE 318#ifndef OPENSSL_NO_STATIC_ENGINE
335void ENGINE_load_chil(void);
336void ENGINE_load_nuron(void); 319void ENGINE_load_nuron(void);
337void ENGINE_load_padlock(void); 320void ENGINE_load_padlock(void);
338void ENGINE_load_capi(void); 321void ENGINE_load_capi(void);
diff --git a/src/lib/libcrypto/ts/ts_conf.c b/src/lib/libcrypto/ts/ts_conf.c
index c39be76f28..212f8bf702 100644
--- a/src/lib/libcrypto/ts/ts_conf.c
+++ b/src/lib/libcrypto/ts/ts_conf.c
@@ -217,9 +217,6 @@ int TS_CONF_set_default_engine(const char *name)
217 if (strcmp(name, "builtin") == 0) return 1; 217 if (strcmp(name, "builtin") == 0) return 1;
218 218
219 if (!(e = ENGINE_by_id(name))) goto err; 219 if (!(e = ENGINE_by_id(name))) goto err;
220 /* Enable the use of the NCipher HSM for forked children. */
221 if (strcmp(name, "chil") == 0)
222 ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
223 /* All the operations are going to be carried out by the engine. */ 220 /* All the operations are going to be carried out by the engine. */
224 if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) goto err; 221 if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) goto err;
225 ret = 1; 222 ret = 1;
diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c
index 6402afb6cb..c9210fb514 100644
--- a/src/lib/libssl/src/crypto/engine/eng_all.c
+++ b/src/lib/libssl/src/crypto/engine/eng_all.c
@@ -82,9 +82,6 @@ void ENGINE_load_builtin_engines(void)
82 ENGINE_load_dynamic(); 82 ENGINE_load_dynamic();
83#ifndef OPENSSL_NO_STATIC_ENGINE 83#ifndef OPENSSL_NO_STATIC_ENGINE
84#ifndef OPENSSL_NO_HW 84#ifndef OPENSSL_NO_HW
85#ifndef OPENSSL_NO_HW_NCIPHER
86 ENGINE_load_chil();
87#endif
88#ifndef OPENSSL_NO_HW_NURON 85#ifndef OPENSSL_NO_HW_NURON
89 ENGINE_load_nuron(); 86 ENGINE_load_nuron();
90#endif 87#endif
diff --git a/src/lib/libssl/src/crypto/engine/engine.h b/src/lib/libssl/src/crypto/engine/engine.h
index e9478dd12f..a2b7e83a66 100644
--- a/src/lib/libssl/src/crypto/engine/engine.h
+++ b/src/lib/libssl/src/crypto/engine/engine.h
@@ -246,22 +246,6 @@ extern "C" {
246 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ 246 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
247#define ENGINE_CMD_BASE 200 247#define ENGINE_CMD_BASE 200
248 248
249/* NB: These 2 nCipher "chil" control commands are deprecated, and their
250 * functionality is now available through ENGINE-specific control commands
251 * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
252 * commands should be migrated to the more general command handling before these
253 * are removed. */
254
255/* Flags specific to the nCipher "chil" engine */
256#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
257 /* Depending on the value of the (long)i argument, this sets or
258 * unsets the SimpleForkCheck flag in the CHIL API to enable or
259 * disable checking and workarounds for applications that fork().
260 */
261#define ENGINE_CTRL_CHIL_NO_LOCKING 101
262 /* This prevents the initialisation function from providing mutex
263 * callbacks to the nCipher library. */
264
265/* If an ENGINE supports its own specific control commands and wishes the 249/* If an ENGINE supports its own specific control commands and wishes the
266 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its 250 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
267 * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries 251 * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
@@ -332,7 +316,6 @@ ENGINE *ENGINE_by_id(const char *id);
332void ENGINE_load_openssl(void); 316void ENGINE_load_openssl(void);
333void ENGINE_load_dynamic(void); 317void ENGINE_load_dynamic(void);
334#ifndef OPENSSL_NO_STATIC_ENGINE 318#ifndef OPENSSL_NO_STATIC_ENGINE
335void ENGINE_load_chil(void);
336void ENGINE_load_nuron(void); 319void ENGINE_load_nuron(void);
337void ENGINE_load_padlock(void); 320void ENGINE_load_padlock(void);
338void ENGINE_load_capi(void); 321void ENGINE_load_capi(void);
diff --git a/src/lib/libssl/src/crypto/ts/ts_conf.c b/src/lib/libssl/src/crypto/ts/ts_conf.c
index c39be76f28..212f8bf702 100644
--- a/src/lib/libssl/src/crypto/ts/ts_conf.c
+++ b/src/lib/libssl/src/crypto/ts/ts_conf.c
@@ -217,9 +217,6 @@ int TS_CONF_set_default_engine(const char *name)
217 if (strcmp(name, "builtin") == 0) return 1; 217 if (strcmp(name, "builtin") == 0) return 1;
218 218
219 if (!(e = ENGINE_by_id(name))) goto err; 219 if (!(e = ENGINE_by_id(name))) goto err;
220 /* Enable the use of the NCipher HSM for forked children. */
221 if (strcmp(name, "chil") == 0)
222 ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
223 /* All the operations are going to be carried out by the engine. */ 220 /* All the operations are going to be carried out by the engine. */
224 if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) goto err; 221 if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) goto err;
225 ret = 1; 222 ret = 1;
diff --git a/src/lib/libssl/src/doc/crypto/engine.pod b/src/lib/libssl/src/doc/crypto/engine.pod
index 1985924319..4b4d76f3e4 100644
--- a/src/lib/libssl/src/doc/crypto/engine.pod
+++ b/src/lib/libssl/src/doc/crypto/engine.pod
@@ -24,7 +24,6 @@ engine - ENGINE cryptographic module support
24 void ENGINE_load_openssl(void); 24 void ENGINE_load_openssl(void);
25 void ENGINE_load_dynamic(void); 25 void ENGINE_load_dynamic(void);
26 #ifndef OPENSSL_NO_STATIC_ENGINE 26 #ifndef OPENSSL_NO_STATIC_ENGINE
27 void ENGINE_load_chil(void);
28 void ENGINE_load_gmp(void); 27 void ENGINE_load_gmp(void);
29 void ENGINE_load_nuron(void); 28 void ENGINE_load_nuron(void);
30 #endif 29 #endif
@@ -316,8 +315,6 @@ functions, eg.
316 315
317 /* Make the "dynamic" ENGINE available */ 316 /* Make the "dynamic" ENGINE available */
318 void ENGINE_load_dynamic(void); 317 void ENGINE_load_dynamic(void);
319 /* Make support for nCipher's "CHIL" hardware available */
320 void ENGINE_load_chil(void);
321 ... 318 ...
322 /* Make ALL ENGINE implementations bundled with OpenSSL available */ 319 /* Make ALL ENGINE implementations bundled with OpenSSL available */
323 void ENGINE_load_builtin_engines(void); 320 void ENGINE_load_builtin_engines(void);
diff --git a/src/lib/libssl/src/engines/Makefile b/src/lib/libssl/src/engines/Makefile
index 9fcc5c662e..d1e0a41db0 100644
--- a/src/lib/libssl/src/engines/Makefile
+++ b/src/lib/libssl/src/engines/Makefile
@@ -29,12 +29,10 @@ LIB=$(TOP)/libcrypto.a
29LIBNAMES= gmp chil nuron padlock capi 29LIBNAMES= gmp chil nuron padlock capi
30 30
31LIBSRC= e_gmp.c \ 31LIBSRC= e_gmp.c \
32 e_chil.c \
33 e_nuron.c \ 32 e_nuron.c \
34 e_padlock.c \ 33 e_padlock.c \
35 e_capi.c 34 e_capi.c
36LIBOBJ= e_gmp.o \ 35LIBOBJ= e_gmp.o \
37 e_chil.o \
38 e_nuron.o \ 36 e_nuron.o \
39 e_padlock.o \ 37 e_padlock.o \
40 e_capi.o 38 e_capi.o
@@ -43,7 +41,6 @@ SRC= $(LIBSRC)
43 41
44EXHEADER= 42EXHEADER=
45HEADER= e_gmp_err.c e_gmp_err.h \ 43HEADER= e_gmp_err.c e_gmp_err.h \
46 e_chil_err.c e_chil_err.h \
47 e_nuron_err.c e_nuron_err.h \ 44 e_nuron_err.c e_nuron_err.h \
48 e_capi_err.c e_capi_err.h 45 e_capi_err.c e_capi_err.h
49 46
@@ -158,23 +155,6 @@ e_capi.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
158e_capi.o: ../include/openssl/safestack.h ../include/openssl/sha.h 155e_capi.o: ../include/openssl/safestack.h ../include/openssl/sha.h
159e_capi.o: ../include/openssl/stack.h ../include/openssl/symhacks.h 156e_capi.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
160e_capi.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_capi.c 157e_capi.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_capi.c
161e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
162e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
163e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
164e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h
165e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
166e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
167e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h
168e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
169e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
170e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
171e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h
172e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
173e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
174e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h
175e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
176e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c
177e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h
178e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h 158e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h
179e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h 159e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
180e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h 160e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
diff --git a/src/lib/libssl/src/engines/e_chil.c b/src/lib/libssl/src/engines/e_chil.c
deleted file mode 100644
index fdc2100e3d..0000000000
--- a/src/lib/libssl/src/engines/e_chil.c
+++ /dev/null
@@ -1,1356 +0,0 @@
1/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
3 * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org)
4 * for the OpenSSL project 2000.
5 */
6/* ====================================================================
7 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60#include <stdio.h>
61#include <string.h>
62#include <openssl/crypto.h>
63#include <openssl/pem.h>
64#include <openssl/dso.h>
65#include <openssl/engine.h>
66#include <openssl/ui.h>
67#include <openssl/rand.h>
68#ifndef OPENSSL_NO_RSA
69#include <openssl/rsa.h>
70#endif
71#ifndef OPENSSL_NO_DH
72#include <openssl/dh.h>
73#endif
74#include <openssl/bn.h>
75
76#ifndef OPENSSL_NO_HW
77#ifndef OPENSSL_NO_HW_CHIL
78
79/* Attribution notice: nCipher have said several times that it's OK for
80 * us to implement a general interface to their boxes, and recently declared
81 * their HWCryptoHook to be public, and therefore available for us to use.
82 * Thanks, nCipher.
83 *
84 * The hwcryptohook.h included here is from May 2000.
85 * [Richard Levitte]
86 */
87#ifdef FLAT_INC
88#include "hwcryptohook.h"
89#else
90#include "vendor_defns/hwcryptohook.h"
91#endif
92
93#define HWCRHK_LIB_NAME "CHIL engine"
94#include "e_chil_err.c"
95
96static int hwcrhk_destroy(ENGINE *e);
97static int hwcrhk_init(ENGINE *e);
98static int hwcrhk_finish(ENGINE *e);
99static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
100
101/* Functions to handle mutexes */
102static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*);
103static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*);
104static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*);
105static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*);
106
107/* BIGNUM stuff */
108static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
109 const BIGNUM *m, BN_CTX *ctx);
110
111#ifndef OPENSSL_NO_RSA
112/* RSA stuff */
113static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
114/* This function is aliased to mod_exp (with the mont stuff dropped). */
115static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
116 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
117static int hwcrhk_rsa_finish(RSA *rsa);
118#endif
119
120#ifndef OPENSSL_NO_DH
121/* DH stuff */
122/* This function is alised to mod_exp (with the DH and mont dropped). */
123static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
124 const BIGNUM *a, const BIGNUM *p,
125 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
126#endif
127
128/* RAND stuff */
129static int hwcrhk_rand_bytes(unsigned char *buf, int num);
130static int hwcrhk_rand_status(void);
131
132/* KM stuff */
133static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
134 UI_METHOD *ui_method, void *callback_data);
135static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
136 UI_METHOD *ui_method, void *callback_data);
137
138/* Interaction stuff */
139static int hwcrhk_insert_card(const char *prompt_info,
140 const char *wrong_info,
141 HWCryptoHook_PassphraseContext *ppctx,
142 HWCryptoHook_CallerContext *cactx);
143static int hwcrhk_get_pass(const char *prompt_info,
144 int *len_io, char *buf,
145 HWCryptoHook_PassphraseContext *ppctx,
146 HWCryptoHook_CallerContext *cactx);
147static void hwcrhk_log_message(void *logstr, const char *message);
148
149/* The definitions for control commands specific to this engine */
150#define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE
151#define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1)
152#define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2)
153#define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3)
154#define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4)
155static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
156 {HWCRHK_CMD_SO_PATH,
157 "SO_PATH",
158 "Specifies the path to the 'hwcrhk' shared library",
159 ENGINE_CMD_FLAG_STRING},
160 {HWCRHK_CMD_FORK_CHECK,
161 "FORK_CHECK",
162 "Turns fork() checking on (non-zero) or off (zero)",
163 ENGINE_CMD_FLAG_NUMERIC},
164 {HWCRHK_CMD_THREAD_LOCKING,
165 "THREAD_LOCKING",
166 "Turns thread-safe locking on (zero) or off (non-zero)",
167 ENGINE_CMD_FLAG_NUMERIC},
168 {HWCRHK_CMD_SET_USER_INTERFACE,
169 "SET_USER_INTERFACE",
170 "Set the global user interface (internal)",
171 ENGINE_CMD_FLAG_INTERNAL},
172 {HWCRHK_CMD_SET_CALLBACK_DATA,
173 "SET_CALLBACK_DATA",
174 "Set the global user interface extra data (internal)",
175 ENGINE_CMD_FLAG_INTERNAL},
176 {0, NULL, NULL, 0}
177 };
178
179#ifndef OPENSSL_NO_RSA
180/* Our internal RSA_METHOD that we provide pointers to */
181static RSA_METHOD hwcrhk_rsa =
182 {
183 "CHIL RSA method",
184 NULL,
185 NULL,
186 NULL,
187 NULL,
188 hwcrhk_rsa_mod_exp,
189 hwcrhk_mod_exp_mont,
190 NULL,
191 hwcrhk_rsa_finish,
192 0,
193 NULL,
194 NULL,
195 NULL,
196 NULL
197 };
198#endif
199
200#ifndef OPENSSL_NO_DH
201/* Our internal DH_METHOD that we provide pointers to */
202static DH_METHOD hwcrhk_dh =
203 {
204 "CHIL DH method",
205 NULL,
206 NULL,
207 hwcrhk_mod_exp_dh,
208 NULL,
209 NULL,
210 0,
211 NULL,
212 NULL
213 };
214#endif
215
216static RAND_METHOD hwcrhk_rand =
217 {
218 /* "CHIL RAND method", */
219 NULL,
220 hwcrhk_rand_bytes,
221 NULL,
222 NULL,
223 hwcrhk_rand_bytes,
224 hwcrhk_rand_status,
225 };
226
227/* Constants used when creating the ENGINE */
228static const char *engine_hwcrhk_id = "chil";
229static const char *engine_hwcrhk_name = "CHIL hardware engine support";
230#ifndef OPENSSL_NO_DYNAMIC_ENGINE
231/* Compatibility hack, the dynamic library uses this form in the path */
232static const char *engine_hwcrhk_id_alt = "ncipher";
233#endif
234
235/* Internal stuff for HWCryptoHook */
236
237/* Some structures needed for proper use of thread locks */
238/* hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
239 into HWCryptoHook_Mutex */
240struct HWCryptoHook_MutexValue
241 {
242 int lockid;
243 };
244
245/* hwcryptohook.h has some typedefs that turn
246 struct HWCryptoHook_PassphraseContextValue
247 into HWCryptoHook_PassphraseContext */
248struct HWCryptoHook_PassphraseContextValue
249 {
250 UI_METHOD *ui_method;
251 void *callback_data;
252 };
253
254/* hwcryptohook.h has some typedefs that turn
255 struct HWCryptoHook_CallerContextValue
256 into HWCryptoHook_CallerContext */
257struct HWCryptoHook_CallerContextValue
258 {
259 pem_password_cb *password_callback; /* Deprecated! Only present for
260 backward compatibility! */
261 UI_METHOD *ui_method;
262 void *callback_data;
263 };
264
265/* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
266 BIGNUM's, so lets define a couple of conversion macros */
267#define BN2MPI(mp, bn) \
268 {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
269#define MPI2BN(bn, mp) \
270 {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
271
272static BIO *logstream = NULL;
273static int disable_mutex_callbacks = 0;
274
275/* One might wonder why these are needed, since one can pass down at least
276 a UI_METHOD and a pointer to callback data to the key-loading functions.
277 The thing is that the ModExp and RSAImmed functions can load keys as well,
278 if the data they get is in a special, nCipher-defined format (hint: if you
279 look at the private exponent of the RSA data as a string, you'll see this
280 string: "nCipher KM tool key id", followed by some bytes, followed a key
281 identity string, followed by more bytes. This happens when you use "embed"
282 keys instead of "hwcrhk" keys). Unfortunately, those functions do not take
283 any passphrase or caller context, and our functions can't really take any
284 callback data either. Still, the "insert_card" and "get_passphrase"
285 callbacks may be called down the line, and will need to know what user
286 interface callbacks to call, and having callback data from the application
287 may be a nice thing as well, so we need to keep track of that globally. */
288static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
289
290/* Stuff to pass to the HWCryptoHook library */
291static HWCryptoHook_InitInfo hwcrhk_globals = {
292 HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
293 &logstream, /* logstream */
294 sizeof(BN_ULONG), /* limbsize */
295 0, /* mslimb first: false for BNs */
296 -1, /* msbyte first: use native */
297 0, /* Max mutexes, 0 = no small limit */
298 0, /* Max simultaneous, 0 = default */
299
300 /* The next few are mutex stuff: we write wrapper functions
301 around the OS mutex functions. We initialise them to 0
302 here, and change that to actual function pointers in hwcrhk_init()
303 if dynamic locks are supported (that is, if the application
304 programmer has made sure of setting up callbacks bafore starting
305 this engine) *and* if disable_mutex_callbacks hasn't been set by
306 a call to ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). */
307 sizeof(HWCryptoHook_Mutex),
308 0,
309 0,
310 0,
311 0,
312
313 /* The next few are condvar stuff: we write wrapper functions
314 round the OS functions. Currently not implemented and not
315 and absolute necessity even in threaded programs, therefore
316 0'ed. Will hopefully be implemented some day, since it
317 enhances the efficiency of HWCryptoHook. */
318 0, /* sizeof(HWCryptoHook_CondVar), */
319 0, /* hwcrhk_cv_init, */
320 0, /* hwcrhk_cv_wait, */
321 0, /* hwcrhk_cv_signal, */
322 0, /* hwcrhk_cv_broadcast, */
323 0, /* hwcrhk_cv_destroy, */
324
325 hwcrhk_get_pass, /* pass phrase */
326 hwcrhk_insert_card, /* insert a card */
327 hwcrhk_log_message /* Log message */
328};
329
330
331/* Now, to our own code */
332
333/* This internal function is used by ENGINE_chil() and possibly by the
334 * "dynamic" ENGINE support too */
335static int bind_helper(ENGINE *e)
336 {
337#ifndef OPENSSL_NO_RSA
338 const RSA_METHOD *meth1;
339#endif
340#ifndef OPENSSL_NO_DH
341 const DH_METHOD *meth2;
342#endif
343 if(!ENGINE_set_id(e, engine_hwcrhk_id) ||
344 !ENGINE_set_name(e, engine_hwcrhk_name) ||
345#ifndef OPENSSL_NO_RSA
346 !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
347#endif
348#ifndef OPENSSL_NO_DH
349 !ENGINE_set_DH(e, &hwcrhk_dh) ||
350#endif
351 !ENGINE_set_RAND(e, &hwcrhk_rand) ||
352 !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
353 !ENGINE_set_init_function(e, hwcrhk_init) ||
354 !ENGINE_set_finish_function(e, hwcrhk_finish) ||
355 !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
356 !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
357 !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
358 !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
359 return 0;
360
361#ifndef OPENSSL_NO_RSA
362 /* We know that the "PKCS1_SSLeay()" functions hook properly
363 * to the cswift-specific mod_exp and mod_exp_crt so we use
364 * those functions. NB: We don't use ENGINE_openssl() or
365 * anything "more generic" because something like the RSAref
366 * code may not hook properly, and if you own one of these
367 * cards then you have the right to do RSA operations on it
368 * anyway! */
369 meth1 = RSA_PKCS1_SSLeay();
370 hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
371 hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
372 hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
373 hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
374#endif
375
376#ifndef OPENSSL_NO_DH
377 /* Much the same for Diffie-Hellman */
378 meth2 = DH_OpenSSL();
379 hwcrhk_dh.generate_key = meth2->generate_key;
380 hwcrhk_dh.compute_key = meth2->compute_key;
381#endif
382
383 /* Ensure the hwcrhk error handling is set up */
384 ERR_load_HWCRHK_strings();
385 return 1;
386 }
387
388#ifdef OPENSSL_NO_DYNAMIC_ENGINE
389static ENGINE *engine_chil(void)
390 {
391 ENGINE *ret = ENGINE_new();
392 if(!ret)
393 return NULL;
394 if(!bind_helper(ret))
395 {
396 ENGINE_free(ret);
397 return NULL;
398 }
399 return ret;
400 }
401
402void ENGINE_load_chil(void)
403 {
404 /* Copied from eng_[openssl|dyn].c */
405 ENGINE *toadd = engine_chil();
406 if(!toadd) return;
407 ENGINE_add(toadd);
408 ENGINE_free(toadd);
409 ERR_clear_error();
410 }
411#endif
412
413/* This is a process-global DSO handle used for loading and unloading
414 * the HWCryptoHook library. NB: This is only set (or unset) during an
415 * init() or finish() call (reference counts permitting) and they're
416 * operating with global locks, so this should be thread-safe
417 * implicitly. */
418static DSO *hwcrhk_dso = NULL;
419static HWCryptoHook_ContextHandle hwcrhk_context = 0;
420#ifndef OPENSSL_NO_RSA
421static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */
422#endif
423
424/* These are the function pointers that are (un)set when the library has
425 * successfully (un)loaded. */
426static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
427static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
428static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
429#ifndef OPENSSL_NO_RSA
430static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
431#endif
432static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
433#ifndef OPENSSL_NO_RSA
434static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
435static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
436static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
437#endif
438static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
439
440/* Used in the DSO operations. */
441static const char *HWCRHK_LIBNAME = NULL;
442static void free_HWCRHK_LIBNAME(void)
443 {
444 if(HWCRHK_LIBNAME)
445 OPENSSL_free((void*)HWCRHK_LIBNAME);
446 HWCRHK_LIBNAME = NULL;
447 }
448static const char *get_HWCRHK_LIBNAME(void)
449 {
450 if(HWCRHK_LIBNAME)
451 return HWCRHK_LIBNAME;
452 return "nfhwcrhk";
453 }
454static long set_HWCRHK_LIBNAME(const char *name)
455 {
456 free_HWCRHK_LIBNAME();
457 return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
458 }
459static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
460static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
461static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
462#ifndef OPENSSL_NO_RSA
463static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
464#endif
465static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
466#ifndef OPENSSL_NO_RSA
467static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
468static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
469static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
470#endif
471static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
472
473/* HWCryptoHook library functions and mechanics - these are used by the
474 * higher-level functions further down. NB: As and where there's no
475 * error checking, take a look lower down where these functions are
476 * called, the checking and error handling is probably down there. */
477
478/* utility function to obtain a context */
479static int get_context(HWCryptoHook_ContextHandle *hac,
480 HWCryptoHook_CallerContext *cac)
481 {
482 char tempbuf[1024];
483 HWCryptoHook_ErrMsgBuf rmsg;
484
485 rmsg.buf = tempbuf;
486 rmsg.size = sizeof(tempbuf);
487
488 *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg,
489 cac);
490 if (!*hac)
491 return 0;
492 return 1;
493 }
494
495/* similarly to release one. */
496static void release_context(HWCryptoHook_ContextHandle hac)
497 {
498 p_hwcrhk_Finish(hac);
499 }
500
501/* Destructor (complements the "ENGINE_chil()" constructor) */
502static int hwcrhk_destroy(ENGINE *e)
503 {
504 free_HWCRHK_LIBNAME();
505 ERR_unload_HWCRHK_strings();
506 return 1;
507 }
508
509/* (de)initialisation functions. */
510static int hwcrhk_init(ENGINE *e)
511 {
512 HWCryptoHook_Init_t *p1;
513 HWCryptoHook_Finish_t *p2;
514 HWCryptoHook_ModExp_t *p3;
515#ifndef OPENSSL_NO_RSA
516 HWCryptoHook_RSA_t *p4;
517 HWCryptoHook_RSALoadKey_t *p5;
518 HWCryptoHook_RSAGetPublicKey_t *p6;
519 HWCryptoHook_RSAUnloadKey_t *p7;
520#endif
521 HWCryptoHook_RandomBytes_t *p8;
522 HWCryptoHook_ModExpCRT_t *p9;
523
524 if(hwcrhk_dso != NULL)
525 {
526 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED);
527 goto err;
528 }
529 /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
530 hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
531 if(hwcrhk_dso == NULL)
532 {
533 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
534 goto err;
535 }
536 if(!(p1 = (HWCryptoHook_Init_t *)
537 DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
538 !(p2 = (HWCryptoHook_Finish_t *)
539 DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
540 !(p3 = (HWCryptoHook_ModExp_t *)
541 DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
542#ifndef OPENSSL_NO_RSA
543 !(p4 = (HWCryptoHook_RSA_t *)
544 DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
545 !(p5 = (HWCryptoHook_RSALoadKey_t *)
546 DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
547 !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
548 DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
549 !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
550 DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
551#endif
552 !(p8 = (HWCryptoHook_RandomBytes_t *)
553 DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
554 !(p9 = (HWCryptoHook_ModExpCRT_t *)
555 DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT)))
556 {
557 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
558 goto err;
559 }
560 /* Copy the pointers */
561 p_hwcrhk_Init = p1;
562 p_hwcrhk_Finish = p2;
563 p_hwcrhk_ModExp = p3;
564#ifndef OPENSSL_NO_RSA
565 p_hwcrhk_RSA = p4;
566 p_hwcrhk_RSALoadKey = p5;
567 p_hwcrhk_RSAGetPublicKey = p6;
568 p_hwcrhk_RSAUnloadKey = p7;
569#endif
570 p_hwcrhk_RandomBytes = p8;
571 p_hwcrhk_ModExpCRT = p9;
572
573 /* Check if the application decided to support dynamic locks,
574 and if it does, use them. */
575 if (disable_mutex_callbacks == 0)
576 {
577 if (CRYPTO_get_dynlock_create_callback() != NULL &&
578 CRYPTO_get_dynlock_lock_callback() != NULL &&
579 CRYPTO_get_dynlock_destroy_callback() != NULL)
580 {
581 hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
582 hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
583 hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
584 hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
585 }
586 }
587
588 /* Try and get a context - if not, we may have a DSO but no
589 * accelerator! */
590 if(!get_context(&hwcrhk_context, &password_context))
591 {
592 HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE);
593 goto err;
594 }
595 /* Everything's fine. */
596#ifndef OPENSSL_NO_RSA
597 if (hndidx_rsa == -1)
598 hndidx_rsa = RSA_get_ex_new_index(0,
599 "nFast HWCryptoHook RSA key handle",
600 NULL, NULL, NULL);
601#endif
602 return 1;
603err:
604 if(hwcrhk_dso)
605 DSO_free(hwcrhk_dso);
606 hwcrhk_dso = NULL;
607 p_hwcrhk_Init = NULL;
608 p_hwcrhk_Finish = NULL;
609 p_hwcrhk_ModExp = NULL;
610#ifndef OPENSSL_NO_RSA
611 p_hwcrhk_RSA = NULL;
612 p_hwcrhk_RSALoadKey = NULL;
613 p_hwcrhk_RSAGetPublicKey = NULL;
614 p_hwcrhk_RSAUnloadKey = NULL;
615#endif
616 p_hwcrhk_ModExpCRT = NULL;
617 p_hwcrhk_RandomBytes = NULL;
618 return 0;
619 }
620
621static int hwcrhk_finish(ENGINE *e)
622 {
623 int to_return = 1;
624 free_HWCRHK_LIBNAME();
625 if(hwcrhk_dso == NULL)
626 {
627 HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
628 to_return = 0;
629 goto err;
630 }
631 release_context(hwcrhk_context);
632 if(!DSO_free(hwcrhk_dso))
633 {
634 HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE);
635 to_return = 0;
636 goto err;
637 }
638 err:
639 if (logstream)
640 BIO_free(logstream);
641 hwcrhk_dso = NULL;
642 p_hwcrhk_Init = NULL;
643 p_hwcrhk_Finish = NULL;
644 p_hwcrhk_ModExp = NULL;
645#ifndef OPENSSL_NO_RSA
646 p_hwcrhk_RSA = NULL;
647 p_hwcrhk_RSALoadKey = NULL;
648 p_hwcrhk_RSAGetPublicKey = NULL;
649 p_hwcrhk_RSAUnloadKey = NULL;
650#endif
651 p_hwcrhk_ModExpCRT = NULL;
652 p_hwcrhk_RandomBytes = NULL;
653 return to_return;
654 }
655
656static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
657 {
658 int to_return = 1;
659
660 switch(cmd)
661 {
662 case HWCRHK_CMD_SO_PATH:
663 if(hwcrhk_dso)
664 {
665 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED);
666 return 0;
667 }
668 if(p == NULL)
669 {
670 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
671 return 0;
672 }
673 return set_HWCRHK_LIBNAME((const char *)p);
674 case ENGINE_CTRL_SET_LOGSTREAM:
675 {
676 BIO *bio = (BIO *)p;
677
678 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
679 if (logstream)
680 {
681 BIO_free(logstream);
682 logstream = NULL;
683 }
684 if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
685 logstream = bio;
686 else
687 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED);
688 }
689 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
690 break;
691 case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
692 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
693 password_context.password_callback = (pem_password_cb *)f;
694 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
695 break;
696 case ENGINE_CTRL_SET_USER_INTERFACE:
697 case HWCRHK_CMD_SET_USER_INTERFACE:
698 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
699 password_context.ui_method = (UI_METHOD *)p;
700 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
701 break;
702 case ENGINE_CTRL_SET_CALLBACK_DATA:
703 case HWCRHK_CMD_SET_CALLBACK_DATA:
704 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
705 password_context.callback_data = p;
706 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
707 break;
708 /* this enables or disables the "SimpleForkCheck" flag used in the
709 * initialisation structure. */
710 case ENGINE_CTRL_CHIL_SET_FORKCHECK:
711 case HWCRHK_CMD_FORK_CHECK:
712 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
713 if(i)
714 hwcrhk_globals.flags |=
715 HWCryptoHook_InitFlags_SimpleForkCheck;
716 else
717 hwcrhk_globals.flags &=
718 ~HWCryptoHook_InitFlags_SimpleForkCheck;
719 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
720 break;
721 /* This will prevent the initialisation function from "installing"
722 * the mutex-handling callbacks, even if they are available from
723 * within the library (or were provided to the library from the
724 * calling application). This is to remove any baggage for
725 * applications not using multithreading. */
726 case ENGINE_CTRL_CHIL_NO_LOCKING:
727 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
728 disable_mutex_callbacks = 1;
729 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
730 break;
731 case HWCRHK_CMD_THREAD_LOCKING:
732 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
733 disable_mutex_callbacks = ((i == 0) ? 0 : 1);
734 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
735 break;
736
737 /* The command isn't understood by this engine */
738 default:
739 HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
740 HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
741 to_return = 0;
742 break;
743 }
744
745 return to_return;
746 }
747
748static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
749 UI_METHOD *ui_method, void *callback_data)
750 {
751#ifndef OPENSSL_NO_RSA
752 RSA *rtmp = NULL;
753#endif
754 EVP_PKEY *res = NULL;
755#ifndef OPENSSL_NO_RSA
756 HWCryptoHook_MPI e, n;
757 HWCryptoHook_RSAKeyHandle *hptr;
758#endif
759#if !defined(OPENSSL_NO_RSA)
760 char tempbuf[1024];
761 HWCryptoHook_ErrMsgBuf rmsg;
762 HWCryptoHook_PassphraseContext ppctx;
763#endif
764
765#if !defined(OPENSSL_NO_RSA)
766 rmsg.buf = tempbuf;
767 rmsg.size = sizeof(tempbuf);
768#endif
769
770 if(!hwcrhk_context)
771 {
772 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
773 HWCRHK_R_NOT_INITIALISED);
774 goto err;
775 }
776#ifndef OPENSSL_NO_RSA
777 hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
778 if (!hptr)
779 {
780 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
781 ERR_R_MALLOC_FAILURE);
782 goto err;
783 }
784 ppctx.ui_method = ui_method;
785 ppctx.callback_data = callback_data;
786 if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr,
787 &rmsg, &ppctx))
788 {
789 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
790 HWCRHK_R_CHIL_ERROR);
791 ERR_add_error_data(1,rmsg.buf);
792 goto err;
793 }
794 if (!*hptr)
795 {
796 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
797 HWCRHK_R_NO_KEY);
798 goto err;
799 }
800#endif
801#ifndef OPENSSL_NO_RSA
802 rtmp = RSA_new_method(eng);
803 RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
804 rtmp->e = BN_new();
805 rtmp->n = BN_new();
806 rtmp->flags |= RSA_FLAG_EXT_PKEY;
807 MPI2BN(rtmp->e, e);
808 MPI2BN(rtmp->n, n);
809 if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
810 != HWCRYPTOHOOK_ERROR_MPISIZE)
811 {
812 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,HWCRHK_R_CHIL_ERROR);
813 ERR_add_error_data(1,rmsg.buf);
814 goto err;
815 }
816
817 bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG));
818 bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG));
819 MPI2BN(rtmp->e, e);
820 MPI2BN(rtmp->n, n);
821
822 if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
823 {
824 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
825 HWCRHK_R_CHIL_ERROR);
826 ERR_add_error_data(1,rmsg.buf);
827 goto err;
828 }
829 rtmp->e->top = e.size / sizeof(BN_ULONG);
830 bn_fix_top(rtmp->e);
831 rtmp->n->top = n.size / sizeof(BN_ULONG);
832 bn_fix_top(rtmp->n);
833
834 res = EVP_PKEY_new();
835 EVP_PKEY_assign_RSA(res, rtmp);
836#endif
837
838 if (!res)
839 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
840 HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
841
842 return res;
843 err:
844#ifndef OPENSSL_NO_RSA
845 if (rtmp)
846 RSA_free(rtmp);
847#endif
848 return NULL;
849 }
850
851static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
852 UI_METHOD *ui_method, void *callback_data)
853 {
854 EVP_PKEY *res = NULL;
855
856#ifndef OPENSSL_NO_RSA
857 res = hwcrhk_load_privkey(eng, key_id,
858 ui_method, callback_data);
859#endif
860
861 if (res)
862 switch(res->type)
863 {
864#ifndef OPENSSL_NO_RSA
865 case EVP_PKEY_RSA:
866 {
867 RSA *rsa = NULL;
868
869 CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
870 rsa = res->pkey.rsa;
871 res->pkey.rsa = RSA_new();
872 res->pkey.rsa->n = rsa->n;
873 res->pkey.rsa->e = rsa->e;
874 rsa->n = NULL;
875 rsa->e = NULL;
876 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
877 RSA_free(rsa);
878 }
879 break;
880#endif
881 default:
882 HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
883 HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
884 goto err;
885 }
886
887 return res;
888 err:
889 if (res)
890 EVP_PKEY_free(res);
891 return NULL;
892 }
893
894/* A little mod_exp */
895static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
896 const BIGNUM *m, BN_CTX *ctx)
897 {
898 char tempbuf[1024];
899 HWCryptoHook_ErrMsgBuf rmsg;
900 /* Since HWCryptoHook_MPI is pretty compatible with BIGNUM's,
901 we use them directly, plus a little macro magic. We only
902 thing we need to make sure of is that enough space is allocated. */
903 HWCryptoHook_MPI m_a, m_p, m_n, m_r;
904 int to_return, ret;
905
906 to_return = 0; /* expect failure */
907 rmsg.buf = tempbuf;
908 rmsg.size = sizeof(tempbuf);
909
910 if(!hwcrhk_context)
911 {
912 HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
913 goto err;
914 }
915 /* Prepare the params */
916 bn_expand2(r, m->top); /* Check for error !! */
917 BN2MPI(m_a, a);
918 BN2MPI(m_p, p);
919 BN2MPI(m_n, m);
920 MPI2BN(r, m_r);
921
922 /* Perform the operation */
923 ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
924
925 /* Convert the response */
926 r->top = m_r.size / sizeof(BN_ULONG);
927 bn_fix_top(r);
928
929 if (ret < 0)
930 {
931 /* FIXME: When this error is returned, HWCryptoHook is
932 telling us that falling back to software computation
933 might be a good thing. */
934 if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
935 {
936 HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK);
937 }
938 else
939 {
940 HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED);
941 }
942 ERR_add_error_data(1,rmsg.buf);
943 goto err;
944 }
945
946 to_return = 1;
947err:
948 return to_return;
949 }
950
951#ifndef OPENSSL_NO_RSA
952static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
953 {
954 char tempbuf[1024];
955 HWCryptoHook_ErrMsgBuf rmsg;
956 HWCryptoHook_RSAKeyHandle *hptr;
957 int to_return = 0, ret;
958
959 rmsg.buf = tempbuf;
960 rmsg.size = sizeof(tempbuf);
961
962 if(!hwcrhk_context)
963 {
964 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
965 goto err;
966 }
967
968 /* This provides support for nForce keys. Since that's opaque data
969 all we do is provide a handle to the proper key and let HWCryptoHook
970 take care of the rest. */
971 if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
972 != NULL)
973 {
974 HWCryptoHook_MPI m_a, m_r;
975
976 if(!rsa->n)
977 {
978 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
979 HWCRHK_R_MISSING_KEY_COMPONENTS);
980 goto err;
981 }
982
983 /* Prepare the params */
984 bn_expand2(r, rsa->n->top); /* Check for error !! */
985 BN2MPI(m_a, I);
986 MPI2BN(r, m_r);
987
988 /* Perform the operation */
989 ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
990
991 /* Convert the response */
992 r->top = m_r.size / sizeof(BN_ULONG);
993 bn_fix_top(r);
994
995 if (ret < 0)
996 {
997 /* FIXME: When this error is returned, HWCryptoHook is
998 telling us that falling back to software computation
999 might be a good thing. */
1000 if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
1001 {
1002 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
1003 HWCRHK_R_REQUEST_FALLBACK);
1004 }
1005 else
1006 {
1007 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
1008 HWCRHK_R_REQUEST_FAILED);
1009 }
1010 ERR_add_error_data(1,rmsg.buf);
1011 goto err;
1012 }
1013 }
1014 else
1015 {
1016 HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
1017
1018 if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
1019 {
1020 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
1021 HWCRHK_R_MISSING_KEY_COMPONENTS);
1022 goto err;
1023 }
1024
1025 /* Prepare the params */
1026 bn_expand2(r, rsa->n->top); /* Check for error !! */
1027 BN2MPI(m_a, I);
1028 BN2MPI(m_p, rsa->p);
1029 BN2MPI(m_q, rsa->q);
1030 BN2MPI(m_dmp1, rsa->dmp1);
1031 BN2MPI(m_dmq1, rsa->dmq1);
1032 BN2MPI(m_iqmp, rsa->iqmp);
1033 MPI2BN(r, m_r);
1034
1035 /* Perform the operation */
1036 ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
1037 m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
1038
1039 /* Convert the response */
1040 r->top = m_r.size / sizeof(BN_ULONG);
1041 bn_fix_top(r);
1042
1043 if (ret < 0)
1044 {
1045 /* FIXME: When this error is returned, HWCryptoHook is
1046 telling us that falling back to software computation
1047 might be a good thing. */
1048 if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
1049 {
1050 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
1051 HWCRHK_R_REQUEST_FALLBACK);
1052 }
1053 else
1054 {
1055 HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
1056 HWCRHK_R_REQUEST_FAILED);
1057 }
1058 ERR_add_error_data(1,rmsg.buf);
1059 goto err;
1060 }
1061 }
1062 /* If we're here, we must be here with some semblance of success :-) */
1063 to_return = 1;
1064err:
1065 return to_return;
1066 }
1067#endif
1068
1069#ifndef OPENSSL_NO_RSA
1070/* This function is aliased to mod_exp (with the mont stuff dropped). */
1071static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
1072 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
1073 {
1074 return hwcrhk_mod_exp(r, a, p, m, ctx);
1075 }
1076
1077static int hwcrhk_rsa_finish(RSA *rsa)
1078 {
1079 HWCryptoHook_RSAKeyHandle *hptr;
1080
1081 hptr = RSA_get_ex_data(rsa, hndidx_rsa);
1082 if (hptr)
1083 {
1084 p_hwcrhk_RSAUnloadKey(*hptr, NULL);
1085 OPENSSL_free(hptr);
1086 RSA_set_ex_data(rsa, hndidx_rsa, NULL);
1087 }
1088 return 1;
1089 }
1090
1091#endif
1092
1093#ifndef OPENSSL_NO_DH
1094/* This function is aliased to mod_exp (with the dh and mont dropped). */
1095static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
1096 const BIGNUM *a, const BIGNUM *p,
1097 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
1098 {
1099 return hwcrhk_mod_exp(r, a, p, m, ctx);
1100 }
1101#endif
1102
1103/* Random bytes are good */
1104static int hwcrhk_rand_bytes(unsigned char *buf, int num)
1105 {
1106 char tempbuf[1024];
1107 HWCryptoHook_ErrMsgBuf rmsg;
1108 int to_return = 0; /* assume failure */
1109 int ret;
1110
1111 rmsg.buf = tempbuf;
1112 rmsg.size = sizeof(tempbuf);
1113
1114 if(!hwcrhk_context)
1115 {
1116 HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED);
1117 goto err;
1118 }
1119
1120 ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
1121 if (ret < 0)
1122 {
1123 /* FIXME: When this error is returned, HWCryptoHook is
1124 telling us that falling back to software computation
1125 might be a good thing. */
1126 if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
1127 {
1128 HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
1129 HWCRHK_R_REQUEST_FALLBACK);
1130 }
1131 else
1132 {
1133 HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
1134 HWCRHK_R_REQUEST_FAILED);
1135 }
1136 ERR_add_error_data(1,rmsg.buf);
1137 goto err;
1138 }
1139 to_return = 1;
1140 err:
1141 return to_return;
1142 }
1143
1144static int hwcrhk_rand_status(void)
1145 {
1146 return 1;
1147 }
1148
1149/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
1150 * these just wrap the POSIX functions and add some logging.
1151 */
1152
1153static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt,
1154 HWCryptoHook_CallerContext *cactx)
1155 {
1156 mt->lockid = CRYPTO_get_new_dynlockid();
1157 if (mt->lockid == 0)
1158 return 1; /* failure */
1159 return 0; /* success */
1160 }
1161
1162static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt)
1163 {
1164 CRYPTO_w_lock(mt->lockid);
1165 return 0;
1166 }
1167
1168static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
1169 {
1170 CRYPTO_w_unlock(mt->lockid);
1171 }
1172
1173static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt)
1174 {
1175 CRYPTO_destroy_dynlockid(mt->lockid);
1176 }
1177
1178static int hwcrhk_get_pass(const char *prompt_info,
1179 int *len_io, char *buf,
1180 HWCryptoHook_PassphraseContext *ppctx,
1181 HWCryptoHook_CallerContext *cactx)
1182 {
1183 pem_password_cb *callback = NULL;
1184 void *callback_data = NULL;
1185 UI_METHOD *ui_method = NULL;
1186 /* Despite what the documentation says prompt_info can be
1187 * an empty string.
1188 */
1189 if (prompt_info && !*prompt_info)
1190 prompt_info = NULL;
1191
1192 if (cactx)
1193 {
1194 if (cactx->ui_method)
1195 ui_method = cactx->ui_method;
1196 if (cactx->password_callback)
1197 callback = cactx->password_callback;
1198 if (cactx->callback_data)
1199 callback_data = cactx->callback_data;
1200 }
1201 if (ppctx)
1202 {
1203 if (ppctx->ui_method)
1204 {
1205 ui_method = ppctx->ui_method;
1206 callback = NULL;
1207 }
1208 if (ppctx->callback_data)
1209 callback_data = ppctx->callback_data;
1210 }
1211 if (callback == NULL && ui_method == NULL)
1212 {
1213 HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK);
1214 return -1;
1215 }
1216
1217 if (ui_method)
1218 {
1219 UI *ui = UI_new_method(ui_method);
1220 if (ui)
1221 {
1222 int ok;
1223 char *prompt = UI_construct_prompt(ui,
1224 "pass phrase", prompt_info);
1225
1226 ok = UI_add_input_string(ui,prompt,
1227 UI_INPUT_FLAG_DEFAULT_PWD,
1228 buf,0,(*len_io) - 1);
1229 UI_add_user_data(ui, callback_data);
1230 UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
1231
1232 if (ok >= 0)
1233 do
1234 {
1235 ok=UI_process(ui);
1236 }
1237 while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
1238
1239 if (ok >= 0)
1240 *len_io = strlen(buf);
1241
1242 UI_free(ui);
1243 OPENSSL_free(prompt);
1244 }
1245 }
1246 else
1247 {
1248 *len_io = callback(buf, *len_io, 0, callback_data);
1249 }
1250 if(!*len_io)
1251 return -1;
1252 return 0;
1253 }
1254
1255static int hwcrhk_insert_card(const char *prompt_info,
1256 const char *wrong_info,
1257 HWCryptoHook_PassphraseContext *ppctx,
1258 HWCryptoHook_CallerContext *cactx)
1259 {
1260 int ok = -1;
1261 UI *ui;
1262 void *callback_data = NULL;
1263 UI_METHOD *ui_method = NULL;
1264
1265 if (cactx)
1266 {
1267 if (cactx->ui_method)
1268 ui_method = cactx->ui_method;
1269 if (cactx->callback_data)
1270 callback_data = cactx->callback_data;
1271 }
1272 if (ppctx)
1273 {
1274 if (ppctx->ui_method)
1275 ui_method = ppctx->ui_method;
1276 if (ppctx->callback_data)
1277 callback_data = ppctx->callback_data;
1278 }
1279 if (ui_method == NULL)
1280 {
1281 HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD,
1282 HWCRHK_R_NO_CALLBACK);
1283 return -1;
1284 }
1285
1286 ui = UI_new_method(ui_method);
1287
1288 if (ui)
1289 {
1290 char answer;
1291 char buf[BUFSIZ];
1292 /* Despite what the documentation says wrong_info can be
1293 * an empty string.
1294 */
1295 if (wrong_info && *wrong_info)
1296 BIO_snprintf(buf, sizeof(buf)-1,
1297 "Current card: \"%s\"\n", wrong_info);
1298 else
1299 buf[0] = 0;
1300 ok = UI_dup_info_string(ui, buf);
1301 if (ok >= 0 && prompt_info)
1302 {
1303 BIO_snprintf(buf, sizeof(buf)-1,
1304 "Insert card \"%s\"", prompt_info);
1305 ok = UI_dup_input_boolean(ui, buf,
1306 "\n then hit <enter> or C<enter> to cancel\n",
1307 "\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer);
1308 }
1309 UI_add_user_data(ui, callback_data);
1310
1311 if (ok >= 0)
1312 ok = UI_process(ui);
1313 UI_free(ui);
1314
1315 if (ok == -2 || (ok >= 0 && answer == 'C'))
1316 ok = 1;
1317 else if (ok < 0)
1318 ok = -1;
1319 else
1320 ok = 0;
1321 }
1322 return ok;
1323 }
1324
1325static void hwcrhk_log_message(void *logstr, const char *message)
1326 {
1327 BIO *lstream = NULL;
1328
1329 CRYPTO_w_lock(CRYPTO_LOCK_BIO);
1330 if (logstr)
1331 lstream=*(BIO **)logstr;
1332 if (lstream)
1333 {
1334 BIO_printf(lstream, "%s\n", message);
1335 }
1336 CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
1337 }
1338
1339/* This stuff is needed if this ENGINE is being compiled into a self-contained
1340 * shared-library. */
1341#ifndef OPENSSL_NO_DYNAMIC_ENGINE
1342static int bind_fn(ENGINE *e, const char *id)
1343 {
1344 if(id && (strcmp(id, engine_hwcrhk_id) != 0) &&
1345 (strcmp(id, engine_hwcrhk_id_alt) != 0))
1346 return 0;
1347 if(!bind_helper(e))
1348 return 0;
1349 return 1;
1350 }
1351IMPLEMENT_DYNAMIC_CHECK_FN()
1352IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
1353#endif /* OPENSSL_NO_DYNAMIC_ENGINE */
1354
1355#endif /* !OPENSSL_NO_HW_CHIL */
1356#endif /* !OPENSSL_NO_HW */
diff --git a/src/lib/libssl/src/engines/e_chil.ec b/src/lib/libssl/src/engines/e_chil.ec
deleted file mode 100644
index b5a76e17df..0000000000
--- a/src/lib/libssl/src/engines/e_chil.ec
+++ /dev/null
@@ -1 +0,0 @@
1L HWCRHK e_chil_err.h e_chil_err.c
diff --git a/src/lib/libssl/src/engines/e_chil_err.c b/src/lib/libssl/src/engines/e_chil_err.c
deleted file mode 100644
index c5983b2fd5..0000000000
--- a/src/lib/libssl/src/engines/e_chil_err.c
+++ /dev/null
@@ -1,160 +0,0 @@
1/* e_chil_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include "e_chil_err.h"
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(0,func,0)
69#define ERR_REASON(reason) ERR_PACK(0,0,reason)
70
71static ERR_STRING_DATA HWCRHK_str_functs[]=
72 {
73{ERR_FUNC(HWCRHK_F_HWCRHK_CTRL), "HWCRHK_CTRL"},
74{ERR_FUNC(HWCRHK_F_HWCRHK_FINISH), "HWCRHK_FINISH"},
75{ERR_FUNC(HWCRHK_F_HWCRHK_GET_PASS), "HWCRHK_GET_PASS"},
76{ERR_FUNC(HWCRHK_F_HWCRHK_INIT), "HWCRHK_INIT"},
77{ERR_FUNC(HWCRHK_F_HWCRHK_INSERT_CARD), "HWCRHK_INSERT_CARD"},
78{ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PRIVKEY), "HWCRHK_LOAD_PRIVKEY"},
79{ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PUBKEY), "HWCRHK_LOAD_PUBKEY"},
80{ERR_FUNC(HWCRHK_F_HWCRHK_MOD_EXP), "HWCRHK_MOD_EXP"},
81{ERR_FUNC(HWCRHK_F_HWCRHK_RAND_BYTES), "HWCRHK_RAND_BYTES"},
82{ERR_FUNC(HWCRHK_F_HWCRHK_RSA_MOD_EXP), "HWCRHK_RSA_MOD_EXP"},
83{0,NULL}
84 };
85
86static ERR_STRING_DATA HWCRHK_str_reasons[]=
87 {
88{ERR_REASON(HWCRHK_R_ALREADY_LOADED) ,"already loaded"},
89{ERR_REASON(HWCRHK_R_BIO_WAS_FREED) ,"bio was freed"},
90{ERR_REASON(HWCRHK_R_CHIL_ERROR) ,"chil error"},
91{ERR_REASON(HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"},
92{ERR_REASON(HWCRHK_R_DSO_FAILURE) ,"dso failure"},
93{ERR_REASON(HWCRHK_R_MISSING_KEY_COMPONENTS),"missing key components"},
94{ERR_REASON(HWCRHK_R_NOT_INITIALISED) ,"not initialised"},
95{ERR_REASON(HWCRHK_R_NOT_LOADED) ,"not loaded"},
96{ERR_REASON(HWCRHK_R_NO_CALLBACK) ,"no callback"},
97{ERR_REASON(HWCRHK_R_NO_KEY) ,"no key"},
98{ERR_REASON(HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED),"private key algorithms disabled"},
99{ERR_REASON(HWCRHK_R_REQUEST_FAILED) ,"request failed"},
100{ERR_REASON(HWCRHK_R_REQUEST_FALLBACK) ,"request fallback"},
101{ERR_REASON(HWCRHK_R_UNIT_FAILURE) ,"unit failure"},
102{0,NULL}
103 };
104
105#endif
106
107#ifdef HWCRHK_LIB_NAME
108static ERR_STRING_DATA HWCRHK_lib_name[]=
109 {
110{0 ,HWCRHK_LIB_NAME},
111{0,NULL}
112 };
113#endif
114
115
116static int HWCRHK_lib_error_code=0;
117static int HWCRHK_error_init=1;
118
119static void ERR_load_HWCRHK_strings(void)
120 {
121 if (HWCRHK_lib_error_code == 0)
122 HWCRHK_lib_error_code=ERR_get_next_error_library();
123
124 if (HWCRHK_error_init)
125 {
126 HWCRHK_error_init=0;
127#ifndef OPENSSL_NO_ERR
128 ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
129 ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
130#endif
131
132#ifdef HWCRHK_LIB_NAME
133 HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code,0,0);
134 ERR_load_strings(0,HWCRHK_lib_name);
135#endif
136 }
137 }
138
139static void ERR_unload_HWCRHK_strings(void)
140 {
141 if (HWCRHK_error_init == 0)
142 {
143#ifndef OPENSSL_NO_ERR
144 ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
145 ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
146#endif
147
148#ifdef HWCRHK_LIB_NAME
149 ERR_unload_strings(0,HWCRHK_lib_name);
150#endif
151 HWCRHK_error_init=1;
152 }
153 }
154
155static void ERR_HWCRHK_error(int function, int reason, char *file, int line)
156 {
157 if (HWCRHK_lib_error_code == 0)
158 HWCRHK_lib_error_code=ERR_get_next_error_library();
159 ERR_PUT_error(HWCRHK_lib_error_code,function,reason,file,line);
160 }
diff --git a/src/lib/libssl/src/engines/e_chil_err.h b/src/lib/libssl/src/engines/e_chil_err.h
deleted file mode 100644
index 3c42a02393..0000000000
--- a/src/lib/libssl/src/engines/e_chil_err.h
+++ /dev/null
@@ -1,104 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * openssl-core@openssl.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#ifndef HEADER_HWCRHK_ERR_H
56#define HEADER_HWCRHK_ERR_H
57
58#ifdef __cplusplus
59extern "C" {
60#endif
61
62/* BEGIN ERROR CODES */
63/* The following lines are auto generated by the script mkerr.pl. Any changes
64 * made after this point may be overwritten when the script is next run.
65 */
66static void ERR_load_HWCRHK_strings(void);
67static void ERR_unload_HWCRHK_strings(void);
68static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
69#define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__)
70
71/* Error codes for the HWCRHK functions. */
72
73/* Function codes. */
74#define HWCRHK_F_HWCRHK_CTRL 100
75#define HWCRHK_F_HWCRHK_FINISH 101
76#define HWCRHK_F_HWCRHK_GET_PASS 102
77#define HWCRHK_F_HWCRHK_INIT 103
78#define HWCRHK_F_HWCRHK_INSERT_CARD 104
79#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 105
80#define HWCRHK_F_HWCRHK_LOAD_PUBKEY 106
81#define HWCRHK_F_HWCRHK_MOD_EXP 107
82#define HWCRHK_F_HWCRHK_RAND_BYTES 108
83#define HWCRHK_F_HWCRHK_RSA_MOD_EXP 109
84
85/* Reason codes. */
86#define HWCRHK_R_ALREADY_LOADED 100
87#define HWCRHK_R_BIO_WAS_FREED 101
88#define HWCRHK_R_CHIL_ERROR 102
89#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
90#define HWCRHK_R_DSO_FAILURE 104
91#define HWCRHK_R_MISSING_KEY_COMPONENTS 105
92#define HWCRHK_R_NOT_INITIALISED 106
93#define HWCRHK_R_NOT_LOADED 107
94#define HWCRHK_R_NO_CALLBACK 108
95#define HWCRHK_R_NO_KEY 109
96#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 110
97#define HWCRHK_R_REQUEST_FAILED 111
98#define HWCRHK_R_REQUEST_FALLBACK 112
99#define HWCRHK_R_UNIT_FAILURE 113
100
101#ifdef __cplusplus
102}
103#endif
104#endif
diff --git a/src/lib/libssl/src/engines/vendor_defns/hwcryptohook.h b/src/lib/libssl/src/engines/vendor_defns/hwcryptohook.h
deleted file mode 100644
index 3e8dc7e2eb..0000000000
--- a/src/lib/libssl/src/engines/vendor_defns/hwcryptohook.h
+++ /dev/null
@@ -1,486 +0,0 @@
1/*
2 * ModExp / RSA (with/without KM) plugin API
3 *
4 * The application will load a dynamic library which
5 * exports entrypoint(s) defined in this file.
6 *
7 * This set of entrypoints provides only a multithreaded,
8 * synchronous-within-each-thread, facility.
9 *
10 *
11 * This file is Copyright 1998-2000 nCipher Corporation Limited.
12 *
13 * Redistribution and use in source and binary forms, with opr without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 *
17 * 1. Redistributions of source code must retain the copyright notice,
18 * this list of conditions, and the following disclaimer.
19 *
20 * 2. Redistributions in binary form must reproduce the above
21 * copyright notice, this list of conditions, and the following
22 * disclaimer, in the documentation and/or other materials provided
23 * with the distribution
24 *
25 * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
26 * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
27 * damages arising directly or indirectly from this file, its use or
28 * this licence. Without prejudice to the generality of the
29 * foregoing: all liability shall be excluded for direct, indirect,
30 * special, incidental, consequential or other damages or any loss of
31 * profits, business, revenue goodwill or anticipated savings;
32 * liability shall be excluded even if nCipher or anyone else has been
33 * advised of the possibility of damage. In any event, if the
34 * exclusion of liability is not effective, the liability of nCipher
35 * or any author or distributor shall be limited to the lesser of the
36 * price paid and 1,000 pounds sterling. This licence only fails to
37 * exclude or limit liability for death or personal injury arising out
38 * of negligence, and only to the extent that such an exclusion or
39 * limitation is not effective.
40 *
41 * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
42 * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
43 * limited to, any implied warranties of merchantability, fitness for
44 * a particular purpose, satisfactory quality, and/or non-infringement
45 * of any third party rights.
46 *
47 * US Government use: This software and documentation is Commercial
48 * Computer Software and Computer Software Documentation, as defined in
49 * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
50 * Noncommercial Computer Software and Noncommercial Computer Software
51 * Documentation." Use, duplication or disclosure by the Government is
52 * subject to the terms and conditions specified here.
53 *
54 * By using or distributing this file you will be accepting these
55 * terms and conditions, including the limitation of liability and
56 * lack of warranty. If you do not wish to accept these terms and
57 * conditions, DO NOT USE THE FILE.
58 *
59 *
60 * The actual dynamically loadable plugin, and the library files for
61 * static linking, which are also provided in some distributions, are
62 * not covered by the licence described above. You should have
63 * received a separate licence with terms and conditions for these
64 * library files; if you received the library files without a licence,
65 * please contact nCipher.
66 *
67 *
68 * $Id: hwcryptohook.h,v 1.3 2014/04/13 15:25:34 miod Exp $
69 */
70
71#ifndef HWCRYPTOHOOK_H
72#define HWCRYPTOHOOK_H
73
74#include <sys/types.h>
75#include <stdio.h>
76
77#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
78#define HWCRYPTOHOOK_DECLARE_APPTYPES 1
79#endif
80
81#define HWCRYPTOHOOK_ERROR_FAILED -1
82#define HWCRYPTOHOOK_ERROR_FALLBACK -2
83#define HWCRYPTOHOOK_ERROR_MPISIZE -3
84
85#if HWCRYPTOHOOK_DECLARE_APPTYPES
86
87/* These structs are defined by the application and opaque to the
88 * crypto plugin. The application may define these as it sees fit.
89 * Default declarations are provided here, but the application may
90 * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
91 * to prevent these declarations, and instead provide its own
92 * declarations of these types. (Pointers to them must still be
93 * ordinary pointers to structs or unions, or the resulting combined
94 * program will have a type inconsistency.)
95 */
96typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
97typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
98typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext;
99typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
100
101#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */
102
103/* These next two structs are opaque to the application. The crypto
104 * plugin will return pointers to them; the caller simply manipulates
105 * the pointers.
106 */
107typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
108typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
109
110typedef struct {
111 char *buf;
112 size_t size;
113} HWCryptoHook_ErrMsgBuf;
114/* Used for error reporting. When a HWCryptoHook function fails it
115 * will return a sentinel value (0 for pointer-valued functions, or a
116 * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
117 * integer-valued ones). It will, if an ErrMsgBuf is passed, also put
118 * an error message there.
119 *
120 * size is the size of the buffer, and will not be modified. If you
121 * pass 0 for size you must pass 0 for buf, and nothing will be
122 * recorded (just as if you passed 0 for the struct pointer).
123 * Messages written to the buffer will always be null-terminated, even
124 * when truncated to fit within size bytes.
125 *
126 * The contents of the buffer are not defined if there is no error.
127 */
128
129typedef struct HWCryptoHook_MPIStruct {
130 unsigned char *buf;
131 size_t size;
132} HWCryptoHook_MPI;
133/* When one of these is returned, a pointer is passed to the function.
134 * At call, size is the space available. Afterwards it is updated to
135 * be set to the actual length (which may be more than the space available,
136 * if there was not enough room and the result was truncated).
137 * buf (the pointer) is not updated.
138 *
139 * size is in bytes and may be zero at call or return, but must be a
140 * multiple of the limb size. Zero limbs at the MS end are not
141 * permitted.
142 */
143
144#define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL
145#define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL
146/* Enable requesting fallback to software in case of problems with the
147 * hardware support. This indicates to the crypto provider that the
148 * application is prepared to fall back to software operation if the
149 * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
150 * Without this flag those calls will never return
151 * HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto
152 * provider to avoid repeatedly attempting to contact dead hardware
153 * within a short interval, if appropriate.
154 */
155
156#define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL
157/* Without _SimpleForkCheck the library is allowed to assume that the
158 * application will not fork and call the library in the child(ren).
159 *
160 * When it is specified, this is allowed. However, after a fork
161 * neither parent nor child may unload any loaded keys or call
162 * _Finish. Instead, they should call exit (or die with a signal)
163 * without calling _Finish. After all the children have died the
164 * parent may unload keys or call _Finish.
165 *
166 * This flag only has any effect on UN*X platforms.
167 */
168
169typedef struct {
170 unsigned long flags;
171 void *logstream; /* usually a FILE*. See below. */
172
173 size_t limbsize; /* bignum format - size of radix type, must be power of 2 */
174 int mslimbfirst; /* 0 or 1 */
175 int msbytefirst; /* 0 or 1; -1 = native */
176
177 /* All the callback functions should return 0 on success, or a
178 * nonzero integer (whose value will be visible in the error message
179 * put in the buffer passed to the call).
180 *
181 * If a callback is not available pass a null function pointer.
182 *
183 * The callbacks may not call down again into the crypto plugin.
184 */
185
186 /* For thread-safety. Set everything to 0 if you promise only to be
187 * singlethreaded. maxsimultaneous is the number of calls to
188 * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
189 * put there then say 0 and the hook library will use a default.
190 *
191 * maxmutexes is a small limit on the number of simultaneous mutexes
192 * which will be requested by the library. If there is no small
193 * limit, set it to 0. If the crypto plugin cannot create the
194 * advertised number of mutexes the calls to its functions may fail.
195 * If a low number of mutexes is advertised the plugin will try to
196 * do the best it can. Making larger numbers of mutexes available
197 * may improve performance and parallelism by reducing contention
198 * over critical sections. Unavailability of any mutexes, implying
199 * single-threaded operation, should be indicated by the setting
200 * mutex_init et al to 0.
201 */
202 int maxmutexes;
203 int maxsimultaneous;
204 size_t mutexsize;
205 int (*mutex_init)(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext *cactx);
206 int (*mutex_acquire)(HWCryptoHook_Mutex*);
207 void (*mutex_release)(HWCryptoHook_Mutex*);
208 void (*mutex_destroy)(HWCryptoHook_Mutex*);
209
210 /* For greater efficiency, can use condition vars internally for
211 * synchronisation. In this case maxsimultaneous is ignored, but
212 * the other mutex stuff must be available. In singlethreaded
213 * programs, set everything to 0.
214 */
215 size_t condvarsize;
216 int (*condvar_init)(HWCryptoHook_CondVar*, HWCryptoHook_CallerContext *cactx);
217 int (*condvar_wait)(HWCryptoHook_CondVar*, HWCryptoHook_Mutex*);
218 void (*condvar_signal)(HWCryptoHook_CondVar*);
219 void (*condvar_broadcast)(HWCryptoHook_CondVar*);
220 void (*condvar_destroy)(HWCryptoHook_CondVar*);
221
222 /* The semantics of acquiring and releasing mutexes and broadcasting
223 * and waiting on condition variables are expected to be those from
224 * POSIX threads (pthreads). The mutexes may be (in pthread-speak)
225 * fast mutexes, recursive mutexes, or nonrecursive ones.
226 *
227 * The _release/_signal/_broadcast and _destroy functions must
228 * always succeed when given a valid argument; if they are given an
229 * invalid argument then the program (crypto plugin + application)
230 * has an internal error, and they should abort the program.
231 */
232
233 int (*getpassphrase)(const char *prompt_info,
234 int *len_io, char *buf,
235 HWCryptoHook_PassphraseContext *ppctx,
236 HWCryptoHook_CallerContext *cactx);
237 /* Passphrases and the prompt_info, if they contain high-bit-set
238 * characters, are UTF-8. The prompt_info may be a null pointer if
239 * no prompt information is available (it should not be an empty
240 * string). It will not contain text like `enter passphrase';
241 * instead it might say something like `Operator Card for John
242 * Smith' or `SmartCard in nFast Module #1, Slot #1'.
243 *
244 * buf points to a buffer in which to return the passphrase; on
245 * entry *len_io is the length of the buffer. It should be updated
246 * by the callback. The returned passphrase should not be
247 * null-terminated by the callback.
248 */
249
250 int (*getphystoken)(const char *prompt_info,
251 const char *wrong_info,
252 HWCryptoHook_PassphraseContext *ppctx,
253 HWCryptoHook_CallerContext *cactx);
254 /* Requests that the human user physically insert a different
255 * smartcard, DataKey, etc. The plugin should check whether the
256 * currently inserted token(s) are appropriate, and if they are it
257 * should not make this call.
258 *
259 * prompt_info is as before. wrong_info is a description of the
260 * currently inserted token(s) so that the user is told what
261 * something is. wrong_info, like prompt_info, may be null, but
262 * should not be an empty string. Its contents should be
263 * syntactically similar to that of prompt_info.
264 */
265
266 /* Note that a single LoadKey operation might cause several calls to
267 * getpassphrase and/or requestphystoken. If requestphystoken is
268 * not provided (ie, a null pointer is passed) then the plugin may
269 * not support loading keys for which authorisation by several cards
270 * is required. If getpassphrase is not provided then cards with
271 * passphrases may not be supported.
272 *
273 * getpassphrase and getphystoken do not need to check that the
274 * passphrase has been entered correctly or the correct token
275 * inserted; the crypto plugin will do that. If this is not the
276 * case then the crypto plugin is responsible for calling these
277 * routines again as appropriate until the correct token(s) and
278 * passphrase(s) are supplied as required, or until any retry limits
279 * implemented by the crypto plugin are reached.
280 *
281 * In either case, the application must allow the user to say `no'
282 * or `cancel' to indicate that they do not know the passphrase or
283 * have the appropriate token; this should cause the callback to
284 * return nonzero indicating error.
285 */
286
287 void (*logmessage)(void *logstream, const char *message);
288 /* A log message will be generated at least every time something goes
289 * wrong and an ErrMsgBuf is filled in (or would be if one was
290 * provided). Other diagnostic information may be written there too,
291 * including more detailed reasons for errors which are reported in an
292 * ErrMsgBuf.
293 *
294 * When a log message is generated, this callback is called. It
295 * should write a message to the relevant logging arrangements.
296 *
297 * The message string passed will be null-terminated and may be of arbitrary
298 * length. It will not be prefixed by the time and date, nor by the
299 * name of the library that is generating it - if this is required,
300 * the logmessage callback must do it. The message will not have a
301 * trailing newline (though it may contain internal newlines).
302 *
303 * If a null pointer is passed for logmessage a default function is
304 * used. The default function treats logstream as a FILE* which has
305 * been converted to a void*. If logstream is 0 it does nothing.
306 * Otherwise it prepends the date and time and library name and
307 * writes the message to logstream. Each line will be prefixed by a
308 * descriptive string containing the date, time and identity of the
309 * crypto plugin. Errors on the logstream are not reported
310 * anywhere, and the default function doesn't flush the stream, so
311 * the application must set the buffering how it wants it.
312 *
313 * The crypto plugin may also provide a facility to have copies of
314 * log messages sent elsewhere, and or for adjusting the verbosity
315 * of the log messages; any such facilities will be configured by
316 * external means.
317 */
318
319} HWCryptoHook_InitInfo;
320
321typedef
322HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *initinfo,
323 size_t initinfosize,
324 const HWCryptoHook_ErrMsgBuf *errors,
325 HWCryptoHook_CallerContext *cactx);
326extern HWCryptoHook_Init_t HWCryptoHook_Init;
327
328/* Caller should set initinfosize to the size of the HWCryptoHook struct,
329 * so it can be extended later.
330 *
331 * On success, a message for display or logging by the server,
332 * including the name and version number of the plugin, will be filled
333 * in into *errors; on failure *errors is used for error handling, as
334 * usual.
335 */
336
337/* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
338 * on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
339 * the output MPI buffer(s) was too small; the sizes of all have been
340 * set to the desired size (and for those where the buffer was large
341 * enough, the value may have been copied in), and no error message
342 * has been recorded.
343 *
344 * You may pass 0 for the errors struct. In any case, unless you set
345 * _NoStderr at init time then messages may be reported to stderr.
346 */
347
348/* The RSAImmed* functions (and key managed RSA) only work with
349 * modules which have an RSA patent licence - currently that means KM
350 * units; the ModExp* ones work with all modules, so you need a patent
351 * licence in the software in the US. They are otherwise identical.
352 */
353
354typedef
355void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
356extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
357/* You must not have any calls going or keys loaded when you call this. */
358
359typedef
360int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
361 unsigned char *buf, size_t len,
362 const HWCryptoHook_ErrMsgBuf *errors);
363extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
364
365typedef
366int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
367 HWCryptoHook_MPI a,
368 HWCryptoHook_MPI p,
369 HWCryptoHook_MPI n,
370 HWCryptoHook_MPI *r,
371 const HWCryptoHook_ErrMsgBuf *errors);
372extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
373
374typedef
375int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
376 HWCryptoHook_MPI m,
377 HWCryptoHook_MPI e,
378 HWCryptoHook_MPI n,
379 HWCryptoHook_MPI *r,
380 const HWCryptoHook_ErrMsgBuf *errors);
381extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
382
383typedef
384int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
385 HWCryptoHook_MPI a,
386 HWCryptoHook_MPI p,
387 HWCryptoHook_MPI q,
388 HWCryptoHook_MPI dmp1,
389 HWCryptoHook_MPI dmq1,
390 HWCryptoHook_MPI iqmp,
391 HWCryptoHook_MPI *r,
392 const HWCryptoHook_ErrMsgBuf *errors);
393extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
394
395typedef
396int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
397 HWCryptoHook_MPI m,
398 HWCryptoHook_MPI p,
399 HWCryptoHook_MPI q,
400 HWCryptoHook_MPI dmp1,
401 HWCryptoHook_MPI dmq1,
402 HWCryptoHook_MPI iqmp,
403 HWCryptoHook_MPI *r,
404 const HWCryptoHook_ErrMsgBuf *errors);
405extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
406
407/* The RSAImmed* and ModExp* functions may return E_FAILED or
408 * E_FALLBACK for failure.
409 *
410 * E_FAILED means the failure is permanent and definite and there
411 * should be no attempt to fall back to software. (Eg, for some
412 * applications, which support only the acceleration-only
413 * functions, the `key material' may actually be an encoded key
414 * identifier, and doing the operation in software would give wrong
415 * answers.)
416 *
417 * E_FALLBACK means that doing the computation in software would seem
418 * reasonable. If an application pays attention to this and is
419 * able to fall back, it should also set the Fallback init flags.
420 */
421
422typedef
423int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
424 const char *key_ident,
425 HWCryptoHook_RSAKeyHandle *keyhandle_r,
426 const HWCryptoHook_ErrMsgBuf *errors,
427 HWCryptoHook_PassphraseContext *ppctx);
428extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
429/* The key_ident is a null-terminated string configured by the
430 * user via the application's usual configuration mechanisms.
431 * It is provided to the user by the crypto provider's key management
432 * system. The user must be able to enter at least any string of between
433 * 1 and 1023 characters inclusive, consisting of printable 7-bit
434 * ASCII characters. The provider should avoid using
435 * any characters except alphanumerics and the punctuation
436 * characters _ - + . / @ ~ (the user is expected to be able
437 * to enter these without quoting). The string may be case-sensitive.
438 * The application may allow the user to enter other NULL-terminated strings,
439 * and the provider must cope (returning an error if the string is not
440 * valid).
441 *
442 * If the key does not exist, no error is recorded and 0 is returned;
443 * keyhandle_r will be set to 0 instead of to a key handle.
444 */
445
446typedef
447int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
448 HWCryptoHook_MPI *n,
449 HWCryptoHook_MPI *e,
450 const HWCryptoHook_ErrMsgBuf *errors);
451extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
452/* The crypto plugin will not store certificates.
453 *
454 * Although this function for acquiring the public key value is
455 * provided, it is not the purpose of this API to deal fully with the
456 * handling of the public key.
457 *
458 * It is expected that the crypto supplier's key generation program
459 * will provide general facilities for producing X.509
460 * self-certificates and certificate requests in PEM format. These
461 * will be given to the user so that they can configure them in the
462 * application, send them to CAs, or whatever.
463 *
464 * In case this kind of certificate handling is not appropriate, the
465 * crypto supplier's key generation program should be able to be
466 * configured not to generate such a self-certificate or certificate
467 * request. Then the application will need to do all of this, and
468 * will need to store and handle the public key and certificates
469 * itself.
470 */
471
472typedef
473int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
474 const HWCryptoHook_ErrMsgBuf *errors);
475extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
476/* Might fail due to locking problems, or other serious internal problems. */
477
478typedef
479int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
480 HWCryptoHook_RSAKeyHandle k,
481 HWCryptoHook_MPI *r,
482 const HWCryptoHook_ErrMsgBuf *errors);
483extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
484/* RSA private key operation (sign or decrypt) - raw, unpadded. */
485
486#endif /*HWCRYPTOHOOK_H*/
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 20:48:27 +0000