diff options
| -rw-r--r-- | src/lib/libcrypto/doc/engine.pod | 1 | ||||
| -rw-r--r-- | src/lib/libcrypto/engine/eng_all.c | 3 | ||||
| -rw-r--r-- | src/lib/libcrypto/engine/engine.h | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/config | 12 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/engine/eng_all.c | 3 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/engine/engine.h | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/crypto/engine.pod | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/engines/Makefile | 21 | ||||
| -rw-r--r-- | src/lib/libssl/src/engines/e_atalla.c | 607 | ||||
| -rw-r--r-- | src/lib/libssl/src/engines/e_atalla.ec | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/engines/e_atalla_err.c | 149 | ||||
| -rw-r--r-- | src/lib/libssl/src/engines/e_atalla_err.h | 93 | ||||
| -rw-r--r-- | src/lib/libssl/src/engines/vendor_defns/atalla.h | 48 | 
13 files changed, 1 insertions, 940 deletions
| diff --git a/src/lib/libcrypto/doc/engine.pod b/src/lib/libcrypto/doc/engine.pod index ba36974c45..b0cea78cd3 100644 --- a/src/lib/libcrypto/doc/engine.pod +++ b/src/lib/libcrypto/doc/engine.pod | |||
| @@ -25,7 +25,6 @@ engine - ENGINE cryptographic module support | |||
| 25 | void ENGINE_load_dynamic(void); | 25 | void ENGINE_load_dynamic(void); | 
| 26 | #ifndef OPENSSL_NO_STATIC_ENGINE | 26 | #ifndef OPENSSL_NO_STATIC_ENGINE | 
| 27 | void ENGINE_load_aep(void); | 27 | void ENGINE_load_aep(void); | 
| 28 | void ENGINE_load_atalla(void); | ||
| 29 | void ENGINE_load_chil(void); | 28 | void ENGINE_load_chil(void); | 
| 30 | void ENGINE_load_gmp(void); | 29 | void ENGINE_load_gmp(void); | 
| 31 | void ENGINE_load_nuron(void); | 30 | void ENGINE_load_nuron(void); | 
| diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c index f38a73773c..43fb3caf7d 100644 --- a/src/lib/libcrypto/engine/eng_all.c +++ b/src/lib/libcrypto/engine/eng_all.c | |||
| @@ -85,9 +85,6 @@ void ENGINE_load_builtin_engines(void) | |||
| 85 | #ifndef OPENSSL_NO_HW_AEP | 85 | #ifndef OPENSSL_NO_HW_AEP | 
| 86 | ENGINE_load_aep(); | 86 | ENGINE_load_aep(); | 
| 87 | #endif | 87 | #endif | 
| 88 | #ifndef OPENSSL_NO_HW_ATALLA | ||
| 89 | ENGINE_load_atalla(); | ||
| 90 | #endif | ||
| 91 | #ifndef OPENSSL_NO_HW_NCIPHER | 88 | #ifndef OPENSSL_NO_HW_NCIPHER | 
| 92 | ENGINE_load_chil(); | 89 | ENGINE_load_chil(); | 
| 93 | #endif | 90 | #endif | 
| diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h index 289ac5cdac..948b5a18ff 100644 --- a/src/lib/libcrypto/engine/engine.h +++ b/src/lib/libcrypto/engine/engine.h | |||
| @@ -334,7 +334,6 @@ void ENGINE_load_openssl(void); | |||
| 334 | void ENGINE_load_dynamic(void); | 334 | void ENGINE_load_dynamic(void); | 
| 335 | #ifndef OPENSSL_NO_STATIC_ENGINE | 335 | #ifndef OPENSSL_NO_STATIC_ENGINE | 
| 336 | void ENGINE_load_aep(void); | 336 | void ENGINE_load_aep(void); | 
| 337 | void ENGINE_load_atalla(void); | ||
| 338 | void ENGINE_load_chil(void); | 337 | void ENGINE_load_chil(void); | 
| 339 | void ENGINE_load_nuron(void); | 338 | void ENGINE_load_nuron(void); | 
| 340 | void ENGINE_load_padlock(void); | 339 | void ENGINE_load_padlock(void); | 
| diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config index 88b9bc69da..ed8db0219c 100644 --- a/src/lib/libssl/src/config +++ b/src/lib/libssl/src/config | |||
| @@ -845,18 +845,6 @@ case "$GUESSOS" in | |||
| 845 | *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; | 845 | *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; | 
| 846 | esac | 846 | esac | 
| 847 | 847 | ||
| 848 | # NB: This atalla support has been superceded by the ENGINE support | ||
| 849 | # That contains its own header and definitions anyway. Support can | ||
| 850 | # be enabled or disabled on any supported platform without external | ||
| 851 | # headers, eg. by adding the "hw-atalla" switch to ./config or | ||
| 852 | # perl Configure | ||
| 853 | # | ||
| 854 | # See whether we can compile Atalla support | ||
| 855 | #if [ -f /usr/include/atasi.h ] | ||
| 856 | #then | ||
| 857 | # options="$options -DATALLA" | ||
| 858 | #fi | ||
| 859 | |||
| 860 | if expr "$options" : '.*no\-asm' > /dev/null; then :; else | 848 | if expr "$options" : '.*no\-asm' > /dev/null; then :; else | 
| 861 | sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \ | 849 | sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \ | 
| 862 | grep \\--noexecstack >/dev/null && \ | 850 | grep \\--noexecstack >/dev/null && \ | 
| diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c index f38a73773c..43fb3caf7d 100644 --- a/src/lib/libssl/src/crypto/engine/eng_all.c +++ b/src/lib/libssl/src/crypto/engine/eng_all.c | |||
| @@ -85,9 +85,6 @@ void ENGINE_load_builtin_engines(void) | |||
| 85 | #ifndef OPENSSL_NO_HW_AEP | 85 | #ifndef OPENSSL_NO_HW_AEP | 
| 86 | ENGINE_load_aep(); | 86 | ENGINE_load_aep(); | 
| 87 | #endif | 87 | #endif | 
| 88 | #ifndef OPENSSL_NO_HW_ATALLA | ||
| 89 | ENGINE_load_atalla(); | ||
| 90 | #endif | ||
| 91 | #ifndef OPENSSL_NO_HW_NCIPHER | 88 | #ifndef OPENSSL_NO_HW_NCIPHER | 
| 92 | ENGINE_load_chil(); | 89 | ENGINE_load_chil(); | 
| 93 | #endif | 90 | #endif | 
| diff --git a/src/lib/libssl/src/crypto/engine/engine.h b/src/lib/libssl/src/crypto/engine/engine.h index 289ac5cdac..948b5a18ff 100644 --- a/src/lib/libssl/src/crypto/engine/engine.h +++ b/src/lib/libssl/src/crypto/engine/engine.h | |||
| @@ -334,7 +334,6 @@ void ENGINE_load_openssl(void); | |||
| 334 | void ENGINE_load_dynamic(void); | 334 | void ENGINE_load_dynamic(void); | 
| 335 | #ifndef OPENSSL_NO_STATIC_ENGINE | 335 | #ifndef OPENSSL_NO_STATIC_ENGINE | 
| 336 | void ENGINE_load_aep(void); | 336 | void ENGINE_load_aep(void); | 
| 337 | void ENGINE_load_atalla(void); | ||
| 338 | void ENGINE_load_chil(void); | 337 | void ENGINE_load_chil(void); | 
| 339 | void ENGINE_load_nuron(void); | 338 | void ENGINE_load_nuron(void); | 
| 340 | void ENGINE_load_padlock(void); | 339 | void ENGINE_load_padlock(void); | 
| diff --git a/src/lib/libssl/src/doc/crypto/engine.pod b/src/lib/libssl/src/doc/crypto/engine.pod index ba36974c45..b0cea78cd3 100644 --- a/src/lib/libssl/src/doc/crypto/engine.pod +++ b/src/lib/libssl/src/doc/crypto/engine.pod | |||
| @@ -25,7 +25,6 @@ engine - ENGINE cryptographic module support | |||
| 25 | void ENGINE_load_dynamic(void); | 25 | void ENGINE_load_dynamic(void); | 
| 26 | #ifndef OPENSSL_NO_STATIC_ENGINE | 26 | #ifndef OPENSSL_NO_STATIC_ENGINE | 
| 27 | void ENGINE_load_aep(void); | 27 | void ENGINE_load_aep(void); | 
| 28 | void ENGINE_load_atalla(void); | ||
| 29 | void ENGINE_load_chil(void); | 28 | void ENGINE_load_chil(void); | 
| 30 | void ENGINE_load_gmp(void); | 29 | void ENGINE_load_gmp(void); | 
| 31 | void ENGINE_load_nuron(void); | 30 | void ENGINE_load_nuron(void); | 
| diff --git a/src/lib/libssl/src/engines/Makefile b/src/lib/libssl/src/engines/Makefile index 571d63a66e..7a4b0da8e3 100644 --- a/src/lib/libssl/src/engines/Makefile +++ b/src/lib/libssl/src/engines/Makefile | |||
| @@ -26,17 +26,15 @@ TEST= | |||
| 26 | APPS= | 26 | APPS= | 
| 27 | 27 | ||
| 28 | LIB=$(TOP)/libcrypto.a | 28 | LIB=$(TOP)/libcrypto.a | 
| 29 | LIBNAMES= aep atalla gmp chil nuron padlock capi | 29 | LIBNAMES= aep gmp chil nuron padlock capi | 
| 30 | 30 | ||
| 31 | LIBSRC= e_aep.c \ | 31 | LIBSRC= e_aep.c \ | 
| 32 | e_atalla.c \ | ||
| 33 | e_gmp.c \ | 32 | e_gmp.c \ | 
| 34 | e_chil.c \ | 33 | e_chil.c \ | 
| 35 | e_nuron.c \ | 34 | e_nuron.c \ | 
| 36 | e_padlock.c \ | 35 | e_padlock.c \ | 
| 37 | e_capi.c | 36 | e_capi.c | 
| 38 | LIBOBJ= e_aep.o \ | 37 | LIBOBJ= e_aep.o \ | 
| 39 | e_atalla.o \ | ||
| 40 | e_gmp.o \ | 38 | e_gmp.o \ | 
| 41 | e_chil.o \ | 39 | e_chil.o \ | 
| 42 | e_nuron.o \ | 40 | e_nuron.o \ | 
| @@ -47,7 +45,6 @@ SRC= $(LIBSRC) | |||
| 47 | 45 | ||
| 48 | EXHEADER= | 46 | EXHEADER= | 
| 49 | HEADER= e_aep_err.c e_aep_err.h \ | 47 | HEADER= e_aep_err.c e_aep_err.h \ | 
| 50 | e_atalla_err.c e_atalla_err.h \ | ||
| 51 | e_gmp_err.c e_gmp_err.h \ | 48 | e_gmp_err.c e_gmp_err.h \ | 
| 52 | e_chil_err.c e_chil_err.h \ | 49 | e_chil_err.c e_chil_err.h \ | 
| 53 | e_nuron_err.c e_nuron_err.h \ | 50 | e_nuron_err.c e_nuron_err.h \ | 
| @@ -168,22 +165,6 @@ e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h | |||
| 168 | e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | 165 | e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | 
| 169 | e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h | 166 | e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h | 
| 170 | e_aep.o: vendor_defns/aep.h | 167 | e_aep.o: vendor_defns/aep.h | 
| 171 | e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h | ||
| 172 | e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h | ||
| 173 | e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h | ||
| 174 | e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h | ||
| 175 | e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | ||
| 176 | e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | ||
| 177 | e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h | ||
| 178 | e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h | ||
| 179 | e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 180 | e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 181 | e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 182 | e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | ||
| 183 | e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h | ||
| 184 | e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | ||
| 185 | e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c | ||
| 186 | e_atalla.o: e_atalla_err.h vendor_defns/atalla.h | ||
| 187 | e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 168 | e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 
| 188 | e_capi.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 169 | e_capi.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 
| 189 | e_capi.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 170 | e_capi.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 
| diff --git a/src/lib/libssl/src/engines/e_atalla.c b/src/lib/libssl/src/engines/e_atalla.c deleted file mode 100644 index fabaa86a52..0000000000 --- a/src/lib/libssl/src/engines/e_atalla.c +++ /dev/null | |||
| @@ -1,607 +0,0 @@ | |||
| 1 | /* crypto/engine/hw_atalla.c */ | ||
| 2 | /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL | ||
| 3 | * project 2000. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <string.h> | ||
| 61 | #include <openssl/crypto.h> | ||
| 62 | #include <openssl/buffer.h> | ||
| 63 | #include <openssl/dso.h> | ||
| 64 | #include <openssl/engine.h> | ||
| 65 | #ifndef OPENSSL_NO_RSA | ||
| 66 | #include <openssl/rsa.h> | ||
| 67 | #endif | ||
| 68 | #ifndef OPENSSL_NO_DSA | ||
| 69 | #include <openssl/dsa.h> | ||
| 70 | #endif | ||
| 71 | #ifndef OPENSSL_NO_DH | ||
| 72 | #include <openssl/dh.h> | ||
| 73 | #endif | ||
| 74 | #include <openssl/bn.h> | ||
| 75 | |||
| 76 | #ifndef OPENSSL_NO_HW | ||
| 77 | #ifndef OPENSSL_NO_HW_ATALLA | ||
| 78 | |||
| 79 | #ifdef FLAT_INC | ||
| 80 | #include "atalla.h" | ||
| 81 | #else | ||
| 82 | #include "vendor_defns/atalla.h" | ||
| 83 | #endif | ||
| 84 | |||
| 85 | #define ATALLA_LIB_NAME "atalla engine" | ||
| 86 | #include "e_atalla_err.c" | ||
| 87 | |||
| 88 | static int atalla_destroy(ENGINE *e); | ||
| 89 | static int atalla_init(ENGINE *e); | ||
| 90 | static int atalla_finish(ENGINE *e); | ||
| 91 | static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); | ||
| 92 | |||
| 93 | /* BIGNUM stuff */ | ||
| 94 | static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 95 | const BIGNUM *m, BN_CTX *ctx); | ||
| 96 | |||
| 97 | #ifndef OPENSSL_NO_RSA | ||
| 98 | /* RSA stuff */ | ||
| 99 | static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); | ||
| 100 | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||
| 101 | static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 102 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||
| 103 | #endif | ||
| 104 | |||
| 105 | #ifndef OPENSSL_NO_DSA | ||
| 106 | /* DSA stuff */ | ||
| 107 | static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | ||
| 108 | BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | ||
| 109 | BN_CTX *ctx, BN_MONT_CTX *in_mont); | ||
| 110 | static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | ||
| 111 | const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
| 112 | BN_MONT_CTX *m_ctx); | ||
| 113 | #endif | ||
| 114 | |||
| 115 | #ifndef OPENSSL_NO_DH | ||
| 116 | /* DH stuff */ | ||
| 117 | /* This function is alised to mod_exp (with the DH and mont dropped). */ | ||
| 118 | static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | ||
| 119 | const BIGNUM *a, const BIGNUM *p, | ||
| 120 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | ||
| 121 | #endif | ||
| 122 | |||
| 123 | /* The definitions for control commands specific to this engine */ | ||
| 124 | #define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE | ||
| 125 | static const ENGINE_CMD_DEFN atalla_cmd_defns[] = { | ||
| 126 | {ATALLA_CMD_SO_PATH, | ||
| 127 | "SO_PATH", | ||
| 128 | "Specifies the path to the 'atasi' shared library", | ||
| 129 | ENGINE_CMD_FLAG_STRING}, | ||
| 130 | {0, NULL, NULL, 0} | ||
| 131 | }; | ||
| 132 | |||
| 133 | #ifndef OPENSSL_NO_RSA | ||
| 134 | /* Our internal RSA_METHOD that we provide pointers to */ | ||
| 135 | static RSA_METHOD atalla_rsa = | ||
| 136 | { | ||
| 137 | "Atalla RSA method", | ||
| 138 | NULL, | ||
| 139 | NULL, | ||
| 140 | NULL, | ||
| 141 | NULL, | ||
| 142 | atalla_rsa_mod_exp, | ||
| 143 | atalla_mod_exp_mont, | ||
| 144 | NULL, | ||
| 145 | NULL, | ||
| 146 | 0, | ||
| 147 | NULL, | ||
| 148 | NULL, | ||
| 149 | NULL, | ||
| 150 | NULL | ||
| 151 | }; | ||
| 152 | #endif | ||
| 153 | |||
| 154 | #ifndef OPENSSL_NO_DSA | ||
| 155 | /* Our internal DSA_METHOD that we provide pointers to */ | ||
| 156 | static DSA_METHOD atalla_dsa = | ||
| 157 | { | ||
| 158 | "Atalla DSA method", | ||
| 159 | NULL, /* dsa_do_sign */ | ||
| 160 | NULL, /* dsa_sign_setup */ | ||
| 161 | NULL, /* dsa_do_verify */ | ||
| 162 | atalla_dsa_mod_exp, /* dsa_mod_exp */ | ||
| 163 | atalla_mod_exp_dsa, /* bn_mod_exp */ | ||
| 164 | NULL, /* init */ | ||
| 165 | NULL, /* finish */ | ||
| 166 | 0, /* flags */ | ||
| 167 | NULL, /* app_data */ | ||
| 168 | NULL, /* dsa_paramgen */ | ||
| 169 | NULL /* dsa_keygen */ | ||
| 170 | }; | ||
| 171 | #endif | ||
| 172 | |||
| 173 | #ifndef OPENSSL_NO_DH | ||
| 174 | /* Our internal DH_METHOD that we provide pointers to */ | ||
| 175 | static DH_METHOD atalla_dh = | ||
| 176 | { | ||
| 177 | "Atalla DH method", | ||
| 178 | NULL, | ||
| 179 | NULL, | ||
| 180 | atalla_mod_exp_dh, | ||
| 181 | NULL, | ||
| 182 | NULL, | ||
| 183 | 0, | ||
| 184 | NULL, | ||
| 185 | NULL | ||
| 186 | }; | ||
| 187 | #endif | ||
| 188 | |||
| 189 | /* Constants used when creating the ENGINE */ | ||
| 190 | static const char *engine_atalla_id = "atalla"; | ||
| 191 | static const char *engine_atalla_name = "Atalla hardware engine support"; | ||
| 192 | |||
| 193 | /* This internal function is used by ENGINE_atalla() and possibly by the | ||
| 194 | * "dynamic" ENGINE support too */ | ||
| 195 | static int bind_helper(ENGINE *e) | ||
| 196 | { | ||
| 197 | #ifndef OPENSSL_NO_RSA | ||
| 198 | const RSA_METHOD *meth1; | ||
| 199 | #endif | ||
| 200 | #ifndef OPENSSL_NO_DSA | ||
| 201 | const DSA_METHOD *meth2; | ||
| 202 | #endif | ||
| 203 | #ifndef OPENSSL_NO_DH | ||
| 204 | const DH_METHOD *meth3; | ||
| 205 | #endif | ||
| 206 | if(!ENGINE_set_id(e, engine_atalla_id) || | ||
| 207 | !ENGINE_set_name(e, engine_atalla_name) || | ||
| 208 | #ifndef OPENSSL_NO_RSA | ||
| 209 | !ENGINE_set_RSA(e, &atalla_rsa) || | ||
| 210 | #endif | ||
| 211 | #ifndef OPENSSL_NO_DSA | ||
| 212 | !ENGINE_set_DSA(e, &atalla_dsa) || | ||
| 213 | #endif | ||
| 214 | #ifndef OPENSSL_NO_DH | ||
| 215 | !ENGINE_set_DH(e, &atalla_dh) || | ||
| 216 | #endif | ||
| 217 | !ENGINE_set_destroy_function(e, atalla_destroy) || | ||
| 218 | !ENGINE_set_init_function(e, atalla_init) || | ||
| 219 | !ENGINE_set_finish_function(e, atalla_finish) || | ||
| 220 | !ENGINE_set_ctrl_function(e, atalla_ctrl) || | ||
| 221 | !ENGINE_set_cmd_defns(e, atalla_cmd_defns)) | ||
| 222 | return 0; | ||
| 223 | |||
| 224 | #ifndef OPENSSL_NO_RSA | ||
| 225 | /* We know that the "PKCS1_SSLeay()" functions hook properly | ||
| 226 | * to the atalla-specific mod_exp and mod_exp_crt so we use | ||
| 227 | * those functions. NB: We don't use ENGINE_openssl() or | ||
| 228 | * anything "more generic" because something like the RSAref | ||
| 229 | * code may not hook properly, and if you own one of these | ||
| 230 | * cards then you have the right to do RSA operations on it | ||
| 231 | * anyway! */ | ||
| 232 | meth1 = RSA_PKCS1_SSLeay(); | ||
| 233 | atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc; | ||
| 234 | atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | ||
| 235 | atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; | ||
| 236 | atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; | ||
| 237 | #endif | ||
| 238 | |||
| 239 | #ifndef OPENSSL_NO_DSA | ||
| 240 | /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish | ||
| 241 | * bits. */ | ||
| 242 | meth2 = DSA_OpenSSL(); | ||
| 243 | atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; | ||
| 244 | atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; | ||
| 245 | atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; | ||
| 246 | #endif | ||
| 247 | |||
| 248 | #ifndef OPENSSL_NO_DH | ||
| 249 | /* Much the same for Diffie-Hellman */ | ||
| 250 | meth3 = DH_OpenSSL(); | ||
| 251 | atalla_dh.generate_key = meth3->generate_key; | ||
| 252 | atalla_dh.compute_key = meth3->compute_key; | ||
| 253 | #endif | ||
| 254 | |||
| 255 | /* Ensure the atalla error handling is set up */ | ||
| 256 | ERR_load_ATALLA_strings(); | ||
| 257 | return 1; | ||
| 258 | } | ||
| 259 | |||
| 260 | #ifdef OPENSSL_NO_DYNAMIC_ENGINE | ||
| 261 | static ENGINE *engine_atalla(void) | ||
| 262 | { | ||
| 263 | ENGINE *ret = ENGINE_new(); | ||
| 264 | if(!ret) | ||
| 265 | return NULL; | ||
| 266 | if(!bind_helper(ret)) | ||
| 267 | { | ||
| 268 | ENGINE_free(ret); | ||
| 269 | return NULL; | ||
| 270 | } | ||
| 271 | return ret; | ||
| 272 | } | ||
| 273 | |||
| 274 | void ENGINE_load_atalla(void) | ||
| 275 | { | ||
| 276 | /* Copied from eng_[openssl|dyn].c */ | ||
| 277 | ENGINE *toadd = engine_atalla(); | ||
| 278 | if(!toadd) return; | ||
| 279 | ENGINE_add(toadd); | ||
| 280 | ENGINE_free(toadd); | ||
| 281 | ERR_clear_error(); | ||
| 282 | } | ||
| 283 | #endif | ||
| 284 | |||
| 285 | /* This is a process-global DSO handle used for loading and unloading | ||
| 286 | * the Atalla library. NB: This is only set (or unset) during an | ||
| 287 | * init() or finish() call (reference counts permitting) and they're | ||
| 288 | * operating with global locks, so this should be thread-safe | ||
| 289 | * implicitly. */ | ||
| 290 | static DSO *atalla_dso = NULL; | ||
| 291 | |||
| 292 | /* These are the function pointers that are (un)set when the library has | ||
| 293 | * successfully (un)loaded. */ | ||
| 294 | static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL; | ||
| 295 | static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL; | ||
| 296 | static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL; | ||
| 297 | |||
| 298 | /* These are the static string constants for the DSO file name and the function | ||
| 299 | * symbol names to bind to. Regrettably, the DSO name on *nix appears to be | ||
| 300 | * "atasi.so" rather than something more consistent like "libatasi.so". At the | ||
| 301 | * time of writing, I'm not sure what the file name on win32 is but clearly | ||
| 302 | * native name translation is not possible (eg libatasi.so on *nix, and | ||
| 303 | * atasi.dll on win32). For the purposes of testing, I have created a symbollic | ||
| 304 | * link called "libatasi.so" so that we can use native name-translation - a | ||
| 305 | * better solution will be needed. */ | ||
| 306 | static const char *ATALLA_LIBNAME = NULL; | ||
| 307 | static const char *get_ATALLA_LIBNAME(void) | ||
| 308 | { | ||
| 309 | if(ATALLA_LIBNAME) | ||
| 310 | return ATALLA_LIBNAME; | ||
| 311 | return "atasi"; | ||
| 312 | } | ||
| 313 | static void free_ATALLA_LIBNAME(void) | ||
| 314 | { | ||
| 315 | if(ATALLA_LIBNAME) | ||
| 316 | OPENSSL_free((void*)ATALLA_LIBNAME); | ||
| 317 | ATALLA_LIBNAME = NULL; | ||
| 318 | } | ||
| 319 | static long set_ATALLA_LIBNAME(const char *name) | ||
| 320 | { | ||
| 321 | free_ATALLA_LIBNAME(); | ||
| 322 | return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); | ||
| 323 | } | ||
| 324 | static const char *ATALLA_F1 = "ASI_GetHardwareConfig"; | ||
| 325 | static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn"; | ||
| 326 | static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics"; | ||
| 327 | |||
| 328 | /* Destructor (complements the "ENGINE_atalla()" constructor) */ | ||
| 329 | static int atalla_destroy(ENGINE *e) | ||
| 330 | { | ||
| 331 | free_ATALLA_LIBNAME(); | ||
| 332 | /* Unload the atalla error strings so any error state including our | ||
| 333 | * functs or reasons won't lead to a segfault (they simply get displayed | ||
| 334 | * without corresponding string data because none will be found). */ | ||
| 335 | ERR_unload_ATALLA_strings(); | ||
| 336 | return 1; | ||
| 337 | } | ||
| 338 | |||
| 339 | /* (de)initialisation functions. */ | ||
| 340 | static int atalla_init(ENGINE *e) | ||
| 341 | { | ||
| 342 | tfnASI_GetHardwareConfig *p1; | ||
| 343 | tfnASI_RSAPrivateKeyOpFn *p2; | ||
| 344 | tfnASI_GetPerformanceStatistics *p3; | ||
| 345 | /* Not sure of the origin of this magic value, but Ben's code had it | ||
| 346 | * and it seemed to have been working for a few people. :-) */ | ||
| 347 | unsigned int config_buf[1024]; | ||
| 348 | |||
| 349 | if(atalla_dso != NULL) | ||
| 350 | { | ||
| 351 | ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED); | ||
| 352 | goto err; | ||
| 353 | } | ||
| 354 | /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be | ||
| 355 | * changed unfortunately because the Atalla drivers don't have | ||
| 356 | * standard library names that can be platform-translated well. */ | ||
| 357 | /* TODO: Work out how to actually map to the names the Atalla | ||
| 358 | * drivers really use - for now a symbollic link needs to be | ||
| 359 | * created on the host system from libatasi.so to atasi.so on | ||
| 360 | * unix variants. */ | ||
| 361 | atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0); | ||
| 362 | if(atalla_dso == NULL) | ||
| 363 | { | ||
| 364 | ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); | ||
| 365 | goto err; | ||
| 366 | } | ||
| 367 | if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func( | ||
| 368 | atalla_dso, ATALLA_F1)) || | ||
| 369 | !(p2 = (tfnASI_RSAPrivateKeyOpFn *)DSO_bind_func( | ||
| 370 | atalla_dso, ATALLA_F2)) || | ||
| 371 | !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func( | ||
| 372 | atalla_dso, ATALLA_F3))) | ||
| 373 | { | ||
| 374 | ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); | ||
| 375 | goto err; | ||
| 376 | } | ||
| 377 | /* Copy the pointers */ | ||
| 378 | p_Atalla_GetHardwareConfig = p1; | ||
| 379 | p_Atalla_RSAPrivateKeyOpFn = p2; | ||
| 380 | p_Atalla_GetPerformanceStatistics = p3; | ||
| 381 | /* Perform a basic test to see if there's actually any unit | ||
| 382 | * running. */ | ||
| 383 | if(p1(0L, config_buf) != 0) | ||
| 384 | { | ||
| 385 | ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE); | ||
| 386 | goto err; | ||
| 387 | } | ||
| 388 | /* Everything's fine. */ | ||
| 389 | return 1; | ||
| 390 | err: | ||
| 391 | if(atalla_dso) | ||
| 392 | DSO_free(atalla_dso); | ||
| 393 | atalla_dso = NULL; | ||
| 394 | p_Atalla_GetHardwareConfig = NULL; | ||
| 395 | p_Atalla_RSAPrivateKeyOpFn = NULL; | ||
| 396 | p_Atalla_GetPerformanceStatistics = NULL; | ||
| 397 | return 0; | ||
| 398 | } | ||
| 399 | |||
| 400 | static int atalla_finish(ENGINE *e) | ||
| 401 | { | ||
| 402 | free_ATALLA_LIBNAME(); | ||
| 403 | if(atalla_dso == NULL) | ||
| 404 | { | ||
| 405 | ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED); | ||
| 406 | return 0; | ||
| 407 | } | ||
| 408 | if(!DSO_free(atalla_dso)) | ||
| 409 | { | ||
| 410 | ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE); | ||
| 411 | return 0; | ||
| 412 | } | ||
| 413 | atalla_dso = NULL; | ||
| 414 | p_Atalla_GetHardwareConfig = NULL; | ||
| 415 | p_Atalla_RSAPrivateKeyOpFn = NULL; | ||
| 416 | p_Atalla_GetPerformanceStatistics = NULL; | ||
| 417 | return 1; | ||
| 418 | } | ||
| 419 | |||
| 420 | static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) | ||
| 421 | { | ||
| 422 | int initialised = ((atalla_dso == NULL) ? 0 : 1); | ||
| 423 | switch(cmd) | ||
| 424 | { | ||
| 425 | case ATALLA_CMD_SO_PATH: | ||
| 426 | if(p == NULL) | ||
| 427 | { | ||
| 428 | ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER); | ||
| 429 | return 0; | ||
| 430 | } | ||
| 431 | if(initialised) | ||
| 432 | { | ||
| 433 | ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED); | ||
| 434 | return 0; | ||
| 435 | } | ||
| 436 | return set_ATALLA_LIBNAME((const char *)p); | ||
| 437 | default: | ||
| 438 | break; | ||
| 439 | } | ||
| 440 | ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED); | ||
| 441 | return 0; | ||
| 442 | } | ||
| 443 | |||
| 444 | static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 445 | const BIGNUM *m, BN_CTX *ctx) | ||
| 446 | { | ||
| 447 | /* I need somewhere to store temporary serialised values for | ||
| 448 | * use with the Atalla API calls. A neat cheat - I'll use | ||
| 449 | * BIGNUMs from the BN_CTX but access their arrays directly as | ||
| 450 | * byte arrays <grin>. This way I don't have to clean anything | ||
| 451 | * up. */ | ||
| 452 | BIGNUM *modulus; | ||
| 453 | BIGNUM *exponent; | ||
| 454 | BIGNUM *argument; | ||
| 455 | BIGNUM *result; | ||
| 456 | RSAPrivateKey keydata; | ||
| 457 | int to_return, numbytes; | ||
| 458 | |||
| 459 | modulus = exponent = argument = result = NULL; | ||
| 460 | to_return = 0; /* expect failure */ | ||
| 461 | |||
| 462 | if(!atalla_dso) | ||
| 463 | { | ||
| 464 | ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED); | ||
| 465 | goto err; | ||
| 466 | } | ||
| 467 | /* Prepare the params */ | ||
| 468 | BN_CTX_start(ctx); | ||
| 469 | modulus = BN_CTX_get(ctx); | ||
| 470 | exponent = BN_CTX_get(ctx); | ||
| 471 | argument = BN_CTX_get(ctx); | ||
| 472 | result = BN_CTX_get(ctx); | ||
| 473 | if (!result) | ||
| 474 | { | ||
| 475 | ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL); | ||
| 476 | goto err; | ||
| 477 | } | ||
| 478 | if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) || | ||
| 479 | !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) | ||
| 480 | { | ||
| 481 | ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL); | ||
| 482 | goto err; | ||
| 483 | } | ||
| 484 | /* Prepare the key-data */ | ||
| 485 | memset(&keydata, 0,sizeof keydata); | ||
| 486 | numbytes = BN_num_bytes(m); | ||
| 487 | memset(exponent->d, 0, numbytes); | ||
| 488 | memset(modulus->d, 0, numbytes); | ||
| 489 | BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p)); | ||
| 490 | BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m)); | ||
| 491 | keydata.privateExponent.data = (unsigned char *)exponent->d; | ||
| 492 | keydata.privateExponent.len = numbytes; | ||
| 493 | keydata.modulus.data = (unsigned char *)modulus->d; | ||
| 494 | keydata.modulus.len = numbytes; | ||
| 495 | /* Prepare the argument */ | ||
| 496 | memset(argument->d, 0, numbytes); | ||
| 497 | memset(result->d, 0, numbytes); | ||
| 498 | BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a)); | ||
| 499 | /* Perform the operation */ | ||
| 500 | if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d, | ||
| 501 | (unsigned char *)argument->d, | ||
| 502 | keydata.modulus.len) != 0) | ||
| 503 | { | ||
| 504 | ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED); | ||
| 505 | goto err; | ||
| 506 | } | ||
| 507 | /* Convert the response */ | ||
| 508 | BN_bin2bn((unsigned char *)result->d, numbytes, r); | ||
| 509 | to_return = 1; | ||
| 510 | err: | ||
| 511 | BN_CTX_end(ctx); | ||
| 512 | return to_return; | ||
| 513 | } | ||
| 514 | |||
| 515 | #ifndef OPENSSL_NO_RSA | ||
| 516 | static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | ||
| 517 | { | ||
| 518 | int to_return = 0; | ||
| 519 | |||
| 520 | if(!atalla_dso) | ||
| 521 | { | ||
| 522 | ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED); | ||
| 523 | goto err; | ||
| 524 | } | ||
| 525 | if(!rsa->d || !rsa->n) | ||
| 526 | { | ||
| 527 | ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS); | ||
| 528 | goto err; | ||
| 529 | } | ||
| 530 | to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); | ||
| 531 | err: | ||
| 532 | return to_return; | ||
| 533 | } | ||
| 534 | #endif | ||
| 535 | |||
| 536 | #ifndef OPENSSL_NO_DSA | ||
| 537 | /* This code was liberated and adapted from the commented-out code in | ||
| 538 | * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration | ||
| 539 | * (it doesn't have a CRT form for RSA), this function means that an | ||
| 540 | * Atalla system running with a DSA server certificate can handshake | ||
| 541 | * around 5 or 6 times faster/more than an equivalent system running with | ||
| 542 | * RSA. Just check out the "signs" statistics from the RSA and DSA parts | ||
| 543 | * of "openssl speed -engine atalla dsa1024 rsa1024". */ | ||
| 544 | static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | ||
| 545 | BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | ||
| 546 | BN_CTX *ctx, BN_MONT_CTX *in_mont) | ||
| 547 | { | ||
| 548 | BIGNUM t; | ||
| 549 | int to_return = 0; | ||
| 550 | |||
| 551 | BN_init(&t); | ||
| 552 | /* let rr = a1 ^ p1 mod m */ | ||
| 553 | if (!atalla_mod_exp(rr,a1,p1,m,ctx)) goto end; | ||
| 554 | /* let t = a2 ^ p2 mod m */ | ||
| 555 | if (!atalla_mod_exp(&t,a2,p2,m,ctx)) goto end; | ||
| 556 | /* let rr = rr * t mod m */ | ||
| 557 | if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end; | ||
| 558 | to_return = 1; | ||
| 559 | end: | ||
| 560 | BN_free(&t); | ||
| 561 | return to_return; | ||
| 562 | } | ||
| 563 | |||
| 564 | static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | ||
| 565 | const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | ||
| 566 | BN_MONT_CTX *m_ctx) | ||
| 567 | { | ||
| 568 | return atalla_mod_exp(r, a, p, m, ctx); | ||
| 569 | } | ||
| 570 | #endif | ||
| 571 | |||
| 572 | #ifndef OPENSSL_NO_RSA | ||
| 573 | /* This function is aliased to mod_exp (with the mont stuff dropped). */ | ||
| 574 | static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 575 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | ||
| 576 | { | ||
| 577 | return atalla_mod_exp(r, a, p, m, ctx); | ||
| 578 | } | ||
| 579 | #endif | ||
| 580 | |||
| 581 | #ifndef OPENSSL_NO_DH | ||
| 582 | /* This function is aliased to mod_exp (with the dh and mont dropped). */ | ||
| 583 | static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, | ||
| 584 | const BIGNUM *a, const BIGNUM *p, | ||
| 585 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | ||
| 586 | { | ||
| 587 | return atalla_mod_exp(r, a, p, m, ctx); | ||
| 588 | } | ||
| 589 | #endif | ||
| 590 | |||
| 591 | /* This stuff is needed if this ENGINE is being compiled into a self-contained | ||
| 592 | * shared-library. */ | ||
| 593 | #ifndef OPENSSL_NO_DYNAMIC_ENGINE | ||
| 594 | static int bind_fn(ENGINE *e, const char *id) | ||
| 595 | { | ||
| 596 | if(id && (strcmp(id, engine_atalla_id) != 0)) | ||
| 597 | return 0; | ||
| 598 | if(!bind_helper(e)) | ||
| 599 | return 0; | ||
| 600 | return 1; | ||
| 601 | } | ||
| 602 | IMPLEMENT_DYNAMIC_CHECK_FN() | ||
| 603 | IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) | ||
| 604 | #endif /* OPENSSL_NO_DYNAMIC_ENGINE */ | ||
| 605 | |||
| 606 | #endif /* !OPENSSL_NO_HW_ATALLA */ | ||
| 607 | #endif /* !OPENSSL_NO_HW */ | ||
| diff --git a/src/lib/libssl/src/engines/e_atalla.ec b/src/lib/libssl/src/engines/e_atalla.ec deleted file mode 100644 index 1d735e1b20..0000000000 --- a/src/lib/libssl/src/engines/e_atalla.ec +++ /dev/null | |||
| @@ -1 +0,0 @@ | |||
| 1 | L ATALLA e_atalla_err.h e_atalla_err.c | ||
| diff --git a/src/lib/libssl/src/engines/e_atalla_err.c b/src/lib/libssl/src/engines/e_atalla_err.c deleted file mode 100644 index fd3e0049ce..0000000000 --- a/src/lib/libssl/src/engines/e_atalla_err.c +++ /dev/null | |||
| @@ -1,149 +0,0 @@ | |||
| 1 | /* e_atalla_err.c */ | ||
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@OpenSSL.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 55 | |||
| 56 | /* NOTE: this file was auto generated by the mkerr.pl script: any changes | ||
| 57 | * made to it will be overwritten when the script next updates this file, | ||
| 58 | * only reason strings will be preserved. | ||
| 59 | */ | ||
| 60 | |||
| 61 | #include <stdio.h> | ||
| 62 | #include <openssl/err.h> | ||
| 63 | #include "e_atalla_err.h" | ||
| 64 | |||
| 65 | /* BEGIN ERROR CODES */ | ||
| 66 | #ifndef OPENSSL_NO_ERR | ||
| 67 | |||
| 68 | #define ERR_FUNC(func) ERR_PACK(0,func,0) | ||
| 69 | #define ERR_REASON(reason) ERR_PACK(0,0,reason) | ||
| 70 | |||
| 71 | static ERR_STRING_DATA ATALLA_str_functs[]= | ||
| 72 | { | ||
| 73 | {ERR_FUNC(ATALLA_F_ATALLA_CTRL), "ATALLA_CTRL"}, | ||
| 74 | {ERR_FUNC(ATALLA_F_ATALLA_FINISH), "ATALLA_FINISH"}, | ||
| 75 | {ERR_FUNC(ATALLA_F_ATALLA_INIT), "ATALLA_INIT"}, | ||
| 76 | {ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP), "ATALLA_MOD_EXP"}, | ||
| 77 | {ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP), "ATALLA_RSA_MOD_EXP"}, | ||
| 78 | {0,NULL} | ||
| 79 | }; | ||
| 80 | |||
| 81 | static ERR_STRING_DATA ATALLA_str_reasons[]= | ||
| 82 | { | ||
| 83 | {ERR_REASON(ATALLA_R_ALREADY_LOADED) ,"already loaded"}, | ||
| 84 | {ERR_REASON(ATALLA_R_BN_CTX_FULL) ,"bn ctx full"}, | ||
| 85 | {ERR_REASON(ATALLA_R_BN_EXPAND_FAIL) ,"bn expand fail"}, | ||
| 86 | {ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED),"ctrl command not implemented"}, | ||
| 87 | {ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS),"missing key components"}, | ||
| 88 | {ERR_REASON(ATALLA_R_NOT_LOADED) ,"not loaded"}, | ||
| 89 | {ERR_REASON(ATALLA_R_REQUEST_FAILED) ,"request failed"}, | ||
| 90 | {ERR_REASON(ATALLA_R_UNIT_FAILURE) ,"unit failure"}, | ||
| 91 | {0,NULL} | ||
| 92 | }; | ||
| 93 | |||
| 94 | #endif | ||
| 95 | |||
| 96 | #ifdef ATALLA_LIB_NAME | ||
| 97 | static ERR_STRING_DATA ATALLA_lib_name[]= | ||
| 98 | { | ||
| 99 | {0 ,ATALLA_LIB_NAME}, | ||
| 100 | {0,NULL} | ||
| 101 | }; | ||
| 102 | #endif | ||
| 103 | |||
| 104 | |||
| 105 | static int ATALLA_lib_error_code=0; | ||
| 106 | static int ATALLA_error_init=1; | ||
| 107 | |||
| 108 | static void ERR_load_ATALLA_strings(void) | ||
| 109 | { | ||
| 110 | if (ATALLA_lib_error_code == 0) | ||
| 111 | ATALLA_lib_error_code=ERR_get_next_error_library(); | ||
| 112 | |||
| 113 | if (ATALLA_error_init) | ||
| 114 | { | ||
| 115 | ATALLA_error_init=0; | ||
| 116 | #ifndef OPENSSL_NO_ERR | ||
| 117 | ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_functs); | ||
| 118 | ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_reasons); | ||
| 119 | #endif | ||
| 120 | |||
| 121 | #ifdef ATALLA_LIB_NAME | ||
| 122 | ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code,0,0); | ||
| 123 | ERR_load_strings(0,ATALLA_lib_name); | ||
| 124 | #endif | ||
| 125 | } | ||
| 126 | } | ||
| 127 | |||
| 128 | static void ERR_unload_ATALLA_strings(void) | ||
| 129 | { | ||
| 130 | if (ATALLA_error_init == 0) | ||
| 131 | { | ||
| 132 | #ifndef OPENSSL_NO_ERR | ||
| 133 | ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_functs); | ||
| 134 | ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_reasons); | ||
| 135 | #endif | ||
| 136 | |||
| 137 | #ifdef ATALLA_LIB_NAME | ||
| 138 | ERR_unload_strings(0,ATALLA_lib_name); | ||
| 139 | #endif | ||
| 140 | ATALLA_error_init=1; | ||
| 141 | } | ||
| 142 | } | ||
| 143 | |||
| 144 | static void ERR_ATALLA_error(int function, int reason, char *file, int line) | ||
| 145 | { | ||
| 146 | if (ATALLA_lib_error_code == 0) | ||
| 147 | ATALLA_lib_error_code=ERR_get_next_error_library(); | ||
| 148 | ERR_PUT_error(ATALLA_lib_error_code,function,reason,file,line); | ||
| 149 | } | ||
| diff --git a/src/lib/libssl/src/engines/e_atalla_err.h b/src/lib/libssl/src/engines/e_atalla_err.h deleted file mode 100644 index 36e09bf42f..0000000000 --- a/src/lib/libssl/src/engines/e_atalla_err.h +++ /dev/null | |||
| @@ -1,93 +0,0 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2001 The OpenSSL Project. All rights reserved. | ||
| 3 | * | ||
| 4 | * Redistribution and use in source and binary forms, with or without | ||
| 5 | * modification, are permitted provided that the following conditions | ||
| 6 | * are met: | ||
| 7 | * | ||
| 8 | * 1. Redistributions of source code must retain the above copyright | ||
| 9 | * notice, this list of conditions and the following disclaimer. | ||
| 10 | * | ||
| 11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 12 | * notice, this list of conditions and the following disclaimer in | ||
| 13 | * the documentation and/or other materials provided with the | ||
| 14 | * distribution. | ||
| 15 | * | ||
| 16 | * 3. All advertising materials mentioning features or use of this | ||
| 17 | * software must display the following acknowledgment: | ||
| 18 | * "This product includes software developed by the OpenSSL Project | ||
| 19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 20 | * | ||
| 21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 22 | * endorse or promote products derived from this software without | ||
| 23 | * prior written permission. For written permission, please contact | ||
| 24 | * openssl-core@openssl.org. | ||
| 25 | * | ||
| 26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 27 | * nor may "OpenSSL" appear in their names without prior written | ||
| 28 | * permission of the OpenSSL Project. | ||
| 29 | * | ||
| 30 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 31 | * acknowledgment: | ||
| 32 | * "This product includes software developed by the OpenSSL Project | ||
| 33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 34 | * | ||
| 35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 47 | * ==================================================================== | ||
| 48 | * | ||
| 49 | * This product includes cryptographic software written by Eric Young | ||
| 50 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 51 | * Hudson (tjh@cryptsoft.com). | ||
| 52 | * | ||
| 53 | */ | ||
| 54 | |||
| 55 | #ifndef HEADER_ATALLA_ERR_H | ||
| 56 | #define HEADER_ATALLA_ERR_H | ||
| 57 | |||
| 58 | #ifdef __cplusplus | ||
| 59 | extern "C" { | ||
| 60 | #endif | ||
| 61 | |||
| 62 | /* BEGIN ERROR CODES */ | ||
| 63 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
| 64 | * made after this point may be overwritten when the script is next run. | ||
| 65 | */ | ||
| 66 | static void ERR_load_ATALLA_strings(void); | ||
| 67 | static void ERR_unload_ATALLA_strings(void); | ||
| 68 | static void ERR_ATALLA_error(int function, int reason, char *file, int line); | ||
| 69 | #define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__) | ||
| 70 | |||
| 71 | /* Error codes for the ATALLA functions. */ | ||
| 72 | |||
| 73 | /* Function codes. */ | ||
| 74 | #define ATALLA_F_ATALLA_CTRL 100 | ||
| 75 | #define ATALLA_F_ATALLA_FINISH 101 | ||
| 76 | #define ATALLA_F_ATALLA_INIT 102 | ||
| 77 | #define ATALLA_F_ATALLA_MOD_EXP 103 | ||
| 78 | #define ATALLA_F_ATALLA_RSA_MOD_EXP 104 | ||
| 79 | |||
| 80 | /* Reason codes. */ | ||
| 81 | #define ATALLA_R_ALREADY_LOADED 100 | ||
| 82 | #define ATALLA_R_BN_CTX_FULL 101 | ||
| 83 | #define ATALLA_R_BN_EXPAND_FAIL 102 | ||
| 84 | #define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 | ||
| 85 | #define ATALLA_R_MISSING_KEY_COMPONENTS 104 | ||
| 86 | #define ATALLA_R_NOT_LOADED 105 | ||
| 87 | #define ATALLA_R_REQUEST_FAILED 106 | ||
| 88 | #define ATALLA_R_UNIT_FAILURE 107 | ||
| 89 | |||
| 90 | #ifdef __cplusplus | ||
| 91 | } | ||
| 92 | #endif | ||
| 93 | #endif | ||
| diff --git a/src/lib/libssl/src/engines/vendor_defns/atalla.h b/src/lib/libssl/src/engines/vendor_defns/atalla.h deleted file mode 100644 index 149970d441..0000000000 --- a/src/lib/libssl/src/engines/vendor_defns/atalla.h +++ /dev/null | |||
| @@ -1,48 +0,0 @@ | |||
| 1 | /* This header declares the necessary definitions for using the exponentiation | ||
| 2 | * acceleration capabilities of Atalla cards. The only cryptographic operation | ||
| 3 | * is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that | ||
| 4 | * defines an "RSA private key". However, it is really only performing a | ||
| 5 | * regular mod_exp using the supplied modulus and exponent - no CRT form is | ||
| 6 | * being used. Hence, it is a generic mod_exp function in disguise, and we use | ||
| 7 | * it as such. | ||
| 8 | * | ||
| 9 | * Thanks to the people at Atalla for letting me know these definitions are | ||
| 10 | * fine and that they can be reproduced here. | ||
| 11 | * | ||
| 12 | * Geoff. | ||
| 13 | */ | ||
| 14 | |||
| 15 | typedef struct ItemStr | ||
| 16 | { | ||
| 17 | unsigned char *data; | ||
| 18 | int len; | ||
| 19 | } Item; | ||
| 20 | |||
| 21 | typedef struct RSAPrivateKeyStr | ||
| 22 | { | ||
| 23 | void *reserved; | ||
| 24 | Item version; | ||
| 25 | Item modulus; | ||
| 26 | Item publicExponent; | ||
| 27 | Item privateExponent; | ||
| 28 | Item prime[2]; | ||
| 29 | Item exponent[2]; | ||
| 30 | Item coefficient; | ||
| 31 | } RSAPrivateKey; | ||
| 32 | |||
| 33 | /* Predeclare the function pointer types that we dynamically load from the DSO. | ||
| 34 | * These use the same names and form that Ben's original support code had (in | ||
| 35 | * crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style | ||
| 36 | * somewhere along the way! | ||
| 37 | */ | ||
| 38 | |||
| 39 | typedef int tfnASI_GetPerformanceStatistics(int reset_flag, | ||
| 40 | unsigned int *ret_buf); | ||
| 41 | |||
| 42 | typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf); | ||
| 43 | |||
| 44 | typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey, | ||
| 45 | unsigned char *output, | ||
| 46 | unsigned char *input, | ||
| 47 | unsigned int modulus_len); | ||
| 48 | |||
