summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/engine/hw_cswift.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/engine/hw_cswift.c')
-rw-r--r--src/lib/libcrypto/engine/hw_cswift.c322
1 files changed, 211 insertions, 111 deletions
diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c
index 77608b8983..d8b380550f 100644
--- a/src/lib/libcrypto/engine/hw_cswift.c
+++ b/src/lib/libcrypto/engine/hw_cswift.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -60,11 +60,10 @@
60#include <openssl/crypto.h> 60#include <openssl/crypto.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/dso.h> 62#include <openssl/dso.h>
63#include "engine_int.h"
64#include <openssl/engine.h> 63#include <openssl/engine.h>
65 64
66#ifndef NO_HW 65#ifndef OPENSSL_NO_HW
67#ifndef NO_HW_CSWIFT 66#ifndef OPENSSL_NO_HW_CSWIFT
68 67
69/* Attribution notice: Rainbow have generously allowed me to reproduce 68/* Attribution notice: Rainbow have generously allowed me to reproduce
70 * the necessary definitions here from their API. This means the support 69 * the necessary definitions here from their API. This means the support
@@ -84,33 +83,55 @@
84#include "vendor_defns/cswift.h" 83#include "vendor_defns/cswift.h"
85#endif 84#endif
86 85
87static int cswift_init(void); 86#define CSWIFT_LIB_NAME "cswift engine"
88static int cswift_finish(void); 87#include "hw_cswift_err.c"
88
89static int cswift_destroy(ENGINE *e);
90static int cswift_init(ENGINE *e);
91static int cswift_finish(ENGINE *e);
92static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
89 93
90/* BIGNUM stuff */ 94/* BIGNUM stuff */
91static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 95static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
92 const BIGNUM *m, BN_CTX *ctx); 96 const BIGNUM *m, BN_CTX *ctx);
93static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 97static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
94 const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, 98 const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
95 const BIGNUM *iqmp, BN_CTX *ctx); 99 const BIGNUM *iqmp, BN_CTX *ctx);
96 100
101#ifndef OPENSSL_NO_RSA
97/* RSA stuff */ 102/* RSA stuff */
98static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); 103static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
104#endif
99/* This function is aliased to mod_exp (with the mont stuff dropped). */ 105/* This function is aliased to mod_exp (with the mont stuff dropped). */
100static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 106static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
101 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 107 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
102 108
109#ifndef OPENSSL_NO_DSA
103/* DSA stuff */ 110/* DSA stuff */
104static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa); 111static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
105static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, 112static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
106 DSA_SIG *sig, DSA *dsa); 113 DSA_SIG *sig, DSA *dsa);
114#endif
107 115
116#ifndef OPENSSL_NO_DH
108/* DH stuff */ 117/* DH stuff */
109/* This function is alised to mod_exp (with the DH and mont dropped). */ 118/* This function is alised to mod_exp (with the DH and mont dropped). */
110static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 119static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
120 const BIGNUM *a, const BIGNUM *p,
111 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); 121 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
122#endif
112 123
124/* The definitions for control commands specific to this engine */
125#define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE
126static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
127 {CSWIFT_CMD_SO_PATH,
128 "SO_PATH",
129 "Specifies the path to the 'cswift' shared library",
130 ENGINE_CMD_FLAG_STRING},
131 {0, NULL, NULL, 0}
132 };
113 133
134#ifndef OPENSSL_NO_RSA
114/* Our internal RSA_METHOD that we provide pointers to */ 135/* Our internal RSA_METHOD that we provide pointers to */
115static RSA_METHOD cswift_rsa = 136static RSA_METHOD cswift_rsa =
116 { 137 {
@@ -128,7 +149,9 @@ static RSA_METHOD cswift_rsa =
128 NULL, 149 NULL,
129 NULL 150 NULL
130 }; 151 };
152#endif
131 153
154#ifndef OPENSSL_NO_DSA
132/* Our internal DSA_METHOD that we provide pointers to */ 155/* Our internal DSA_METHOD that we provide pointers to */
133static DSA_METHOD cswift_dsa = 156static DSA_METHOD cswift_dsa =
134 { 157 {
@@ -143,7 +166,9 @@ static DSA_METHOD cswift_dsa =
143 0, /* flags */ 166 0, /* flags */
144 NULL /* app_data */ 167 NULL /* app_data */
145 }; 168 };
169#endif
146 170
171#ifndef OPENSSL_NO_DH
147/* Our internal DH_METHOD that we provide pointers to */ 172/* Our internal DH_METHOD that we provide pointers to */
148static DH_METHOD cswift_dh = 173static DH_METHOD cswift_dh =
149 { 174 {
@@ -156,35 +181,41 @@ static DH_METHOD cswift_dh =
156 0, 181 0,
157 NULL 182 NULL
158 }; 183 };
184#endif
159 185
160/* Our ENGINE structure. */ 186/* Constants used when creating the ENGINE */
161static ENGINE engine_cswift = 187static const char *engine_cswift_id = "cswift";
162 { 188static const char *engine_cswift_name = "CryptoSwift hardware engine support";
163 "cswift", 189
164 "CryptoSwift hardware engine support", 190/* This internal function is used by ENGINE_cswift() and possibly by the
165 &cswift_rsa, 191 * "dynamic" ENGINE support too */
166 &cswift_dsa, 192static int bind_helper(ENGINE *e)
167 &cswift_dh,
168 NULL,
169 cswift_mod_exp,
170 cswift_mod_exp_crt,
171 cswift_init,
172 cswift_finish,
173 NULL, /* no ctrl() */
174 NULL, /* no load_privkey() */
175 NULL, /* no load_pubkey() */
176 0, /* no flags */
177 0, 0, /* no references */
178 NULL, NULL /* unlinked */
179 };
180
181/* As this is only ever called once, there's no need for locking
182 * (indeed - the lock will already be held by our caller!!!) */
183ENGINE *ENGINE_cswift()
184 { 193 {
185 RSA_METHOD *meth1; 194#ifndef OPENSSL_NO_RSA
186 DH_METHOD *meth2; 195 const RSA_METHOD *meth1;
196#endif
197#ifndef OPENSSL_NO_DH
198 const DH_METHOD *meth2;
199#endif
200 if(!ENGINE_set_id(e, engine_cswift_id) ||
201 !ENGINE_set_name(e, engine_cswift_name) ||
202#ifndef OPENSSL_NO_RSA
203 !ENGINE_set_RSA(e, &cswift_rsa) ||
204#endif
205#ifndef OPENSSL_NO_DSA
206 !ENGINE_set_DSA(e, &cswift_dsa) ||
207#endif
208#ifndef OPENSSL_NO_DH
209 !ENGINE_set_DH(e, &cswift_dh) ||
210#endif
211 !ENGINE_set_destroy_function(e, cswift_destroy) ||
212 !ENGINE_set_init_function(e, cswift_init) ||
213 !ENGINE_set_finish_function(e, cswift_finish) ||
214 !ENGINE_set_ctrl_function(e, cswift_ctrl) ||
215 !ENGINE_set_cmd_defns(e, cswift_cmd_defns))
216 return 0;
187 217
218#ifndef OPENSSL_NO_RSA
188 /* We know that the "PKCS1_SSLeay()" functions hook properly 219 /* We know that the "PKCS1_SSLeay()" functions hook properly
189 * to the cswift-specific mod_exp and mod_exp_crt so we use 220 * to the cswift-specific mod_exp and mod_exp_crt so we use
190 * those functions. NB: We don't use ENGINE_openssl() or 221 * those functions. NB: We don't use ENGINE_openssl() or
@@ -197,12 +228,41 @@ ENGINE *ENGINE_cswift()
197 cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; 228 cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
198 cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; 229 cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
199 cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; 230 cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
231#endif
200 232
233#ifndef OPENSSL_NO_DH
201 /* Much the same for Diffie-Hellman */ 234 /* Much the same for Diffie-Hellman */
202 meth2 = DH_OpenSSL(); 235 meth2 = DH_OpenSSL();
203 cswift_dh.generate_key = meth2->generate_key; 236 cswift_dh.generate_key = meth2->generate_key;
204 cswift_dh.compute_key = meth2->compute_key; 237 cswift_dh.compute_key = meth2->compute_key;
205 return &engine_cswift; 238#endif
239
240 /* Ensure the cswift error handling is set up */
241 ERR_load_CSWIFT_strings();
242 return 1;
243 }
244
245static ENGINE *engine_cswift(void)
246 {
247 ENGINE *ret = ENGINE_new();
248 if(!ret)
249 return NULL;
250 if(!bind_helper(ret))
251 {
252 ENGINE_free(ret);
253 return NULL;
254 }
255 return ret;
256 }
257
258void ENGINE_load_cswift(void)
259 {
260 /* Copied from eng_[openssl|dyn].c */
261 ENGINE *toadd = engine_cswift();
262 if(!toadd) return;
263 ENGINE_add(toadd);
264 ENGINE_free(toadd);
265 ERR_clear_error();
206 } 266 }
207 267
208/* This is a process-global DSO handle used for loading and unloading 268/* This is a process-global DSO handle used for loading and unloading
@@ -220,7 +280,8 @@ t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
220t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL; 280t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
221 281
222/* Used in the DSO operations. */ 282/* Used in the DSO operations. */
223static const char *CSWIFT_LIBNAME = "swift"; 283static const char def_CSWIFT_LIBNAME[] = "swift";
284static const char *CSWIFT_LIBNAME = def_CSWIFT_LIBNAME;
224static const char *CSWIFT_F1 = "swAcquireAccContext"; 285static const char *CSWIFT_F1 = "swAcquireAccContext";
225static const char *CSWIFT_F2 = "swAttachKeyParam"; 286static const char *CSWIFT_F2 = "swAttachKeyParam";
226static const char *CSWIFT_F3 = "swSimpleRequest"; 287static const char *CSWIFT_F3 = "swSimpleRequest";
@@ -249,8 +310,15 @@ static void release_context(SW_CONTEXT_HANDLE hac)
249 p_CSwift_ReleaseAccContext(hac); 310 p_CSwift_ReleaseAccContext(hac);
250 } 311 }
251 312
313/* Destructor (complements the "ENGINE_cswift()" constructor) */
314static int cswift_destroy(ENGINE *e)
315 {
316 ERR_unload_CSWIFT_strings();
317 return 1;
318 }
319
252/* (de)initialisation functions. */ 320/* (de)initialisation functions. */
253static int cswift_init() 321static int cswift_init(ENGINE *e)
254 { 322 {
255 SW_CONTEXT_HANDLE hac; 323 SW_CONTEXT_HANDLE hac;
256 t_swAcquireAccContext *p1; 324 t_swAcquireAccContext *p1;
@@ -260,15 +328,14 @@ static int cswift_init()
260 328
261 if(cswift_dso != NULL) 329 if(cswift_dso != NULL)
262 { 330 {
263 ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_ALREADY_LOADED); 331 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED);
264 goto err; 332 goto err;
265 } 333 }
266 /* Attempt to load libswift.so/swift.dll/whatever. */ 334 /* Attempt to load libswift.so/swift.dll/whatever. */
267 cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 335 cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0);
268 DSO_FLAG_NAME_TRANSLATION);
269 if(cswift_dso == NULL) 336 if(cswift_dso == NULL)
270 { 337 {
271 ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE); 338 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
272 goto err; 339 goto err;
273 } 340 }
274 if(!(p1 = (t_swAcquireAccContext *) 341 if(!(p1 = (t_swAcquireAccContext *)
@@ -280,7 +347,7 @@ static int cswift_init()
280 !(p4 = (t_swReleaseAccContext *) 347 !(p4 = (t_swReleaseAccContext *)
281 DSO_bind_func(cswift_dso, CSWIFT_F4))) 348 DSO_bind_func(cswift_dso, CSWIFT_F4)))
282 { 349 {
283 ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE); 350 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
284 goto err; 351 goto err;
285 } 352 }
286 /* Copy the pointers */ 353 /* Copy the pointers */
@@ -292,7 +359,7 @@ static int cswift_init()
292 * accelerator! */ 359 * accelerator! */
293 if(!get_context(&hac)) 360 if(!get_context(&hac))
294 { 361 {
295 ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_UNIT_FAILURE); 362 CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE);
296 goto err; 363 goto err;
297 } 364 }
298 release_context(hac); 365 release_context(hac);
@@ -308,16 +375,16 @@ err:
308 return 0; 375 return 0;
309 } 376 }
310 377
311static int cswift_finish() 378static int cswift_finish(ENGINE *e)
312 { 379 {
313 if(cswift_dso == NULL) 380 if(cswift_dso == NULL)
314 { 381 {
315 ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_NOT_LOADED); 382 CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
316 return 0; 383 return 0;
317 } 384 }
318 if(!DSO_free(cswift_dso)) 385 if(!DSO_free(cswift_dso))
319 { 386 {
320 ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_DSO_FAILURE); 387 CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE);
321 return 0; 388 return 0;
322 } 389 }
323 cswift_dso = NULL; 390 cswift_dso = NULL;
@@ -328,8 +395,33 @@ static int cswift_finish()
328 return 1; 395 return 1;
329 } 396 }
330 397
398static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
399 {
400 int initialised = ((cswift_dso == NULL) ? 0 : 1);
401 switch(cmd)
402 {
403 case CSWIFT_CMD_SO_PATH:
404 if(p == NULL)
405 {
406 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER);
407 return 0;
408 }
409 if(initialised)
410 {
411 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
412 return 0;
413 }
414 CSWIFT_LIBNAME = (const char *)p;
415 return 1;
416 default:
417 break;
418 }
419 CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
420 return 0;
421 }
422
331/* Un petit mod_exp */ 423/* Un petit mod_exp */
332static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 424static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
333 const BIGNUM *m, BN_CTX *ctx) 425 const BIGNUM *m, BN_CTX *ctx)
334 { 426 {
335 /* I need somewhere to store temporary serialised values for 427 /* I need somewhere to store temporary serialised values for
@@ -353,24 +445,25 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
353 445
354 if(!get_context(&hac)) 446 if(!get_context(&hac))
355 { 447 {
356 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_GET_HANDLE_FAILED); 448 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE);
357 goto err; 449 goto err;
358 } 450 }
359 acquired = 1; 451 acquired = 1;
360 /* Prepare the params */ 452 /* Prepare the params */
453 BN_CTX_start(ctx);
361 modulus = BN_CTX_get(ctx); 454 modulus = BN_CTX_get(ctx);
362 exponent = BN_CTX_get(ctx); 455 exponent = BN_CTX_get(ctx);
363 argument = BN_CTX_get(ctx); 456 argument = BN_CTX_get(ctx);
364 result = BN_CTX_get(ctx); 457 result = BN_CTX_get(ctx);
365 if(!modulus || !exponent || !argument || !result) 458 if(!result)
366 { 459 {
367 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_CTX_FULL); 460 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL);
368 goto err; 461 goto err;
369 } 462 }
370 if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) || 463 if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
371 !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) 464 !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top))
372 { 465 {
373 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL); 466 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL);
374 goto err; 467 goto err;
375 } 468 }
376 sw_param.type = SW_ALG_EXP; 469 sw_param.type = SW_ALG_EXP;
@@ -387,13 +480,12 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
387 case SW_OK: 480 case SW_OK:
388 break; 481 break;
389 case SW_ERR_INPUT_SIZE: 482 case SW_ERR_INPUT_SIZE:
390 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP, 483 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE);
391 ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
392 goto err; 484 goto err;
393 default: 485 default:
394 { 486 {
395 char tmpbuf[20]; 487 char tmpbuf[20];
396 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED); 488 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
397 sprintf(tmpbuf, "%ld", sw_status); 489 sprintf(tmpbuf, "%ld", sw_status);
398 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 490 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
399 } 491 }
@@ -410,7 +502,7 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
410 &res, 1)) != SW_OK) 502 &res, 1)) != SW_OK)
411 { 503 {
412 char tmpbuf[20]; 504 char tmpbuf[20];
413 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED); 505 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
414 sprintf(tmpbuf, "%ld", sw_status); 506 sprintf(tmpbuf, "%ld", sw_status);
415 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 507 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
416 goto err; 508 goto err;
@@ -421,15 +513,12 @@ static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
421err: 513err:
422 if(acquired) 514 if(acquired)
423 release_context(hac); 515 release_context(hac);
424 if(modulus) ctx->tos--; 516 BN_CTX_end(ctx);
425 if(exponent) ctx->tos--;
426 if(argument) ctx->tos--;
427 if(result) ctx->tos--;
428 return to_return; 517 return to_return;
429 } 518 }
430 519
431/* Un petit mod_exp chinois */ 520/* Un petit mod_exp chinois */
432static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 521static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
433 const BIGNUM *q, const BIGNUM *dmp1, 522 const BIGNUM *q, const BIGNUM *dmp1,
434 const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) 523 const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
435 { 524 {
@@ -449,11 +538,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
449 538
450 if(!get_context(&hac)) 539 if(!get_context(&hac))
451 { 540 {
452 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_GET_HANDLE_FAILED); 541 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE);
453 goto err; 542 goto err;
454 } 543 }
455 acquired = 1; 544 acquired = 1;
456 /* Prepare the params */ 545 /* Prepare the params */
546 BN_CTX_start(ctx);
457 rsa_p = BN_CTX_get(ctx); 547 rsa_p = BN_CTX_get(ctx);
458 rsa_q = BN_CTX_get(ctx); 548 rsa_q = BN_CTX_get(ctx);
459 rsa_dmp1 = BN_CTX_get(ctx); 549 rsa_dmp1 = BN_CTX_get(ctx);
@@ -461,10 +551,9 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
461 rsa_iqmp = BN_CTX_get(ctx); 551 rsa_iqmp = BN_CTX_get(ctx);
462 argument = BN_CTX_get(ctx); 552 argument = BN_CTX_get(ctx);
463 result = BN_CTX_get(ctx); 553 result = BN_CTX_get(ctx);
464 if(!rsa_p || !rsa_q || !rsa_dmp1 || !rsa_dmq1 || !rsa_iqmp || 554 if(!result)
465 !argument || !result)
466 { 555 {
467 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_CTX_FULL); 556 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
468 goto err; 557 goto err;
469 } 558 }
470 if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) || 559 if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
@@ -474,7 +563,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
474 !bn_wexpand(argument, a->top) || 563 !bn_wexpand(argument, a->top) ||
475 !bn_wexpand(result, p->top + q->top)) 564 !bn_wexpand(result, p->top + q->top))
476 { 565 {
477 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_EXPAND_FAIL); 566 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
478 goto err; 567 goto err;
479 } 568 }
480 sw_param.type = SW_ALG_CRT; 569 sw_param.type = SW_ALG_CRT;
@@ -498,13 +587,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
498 case SW_OK: 587 case SW_OK:
499 break; 588 break;
500 case SW_ERR_INPUT_SIZE: 589 case SW_ERR_INPUT_SIZE:
501 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT, 590 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE);
502 ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
503 goto err; 591 goto err;
504 default: 592 default:
505 { 593 {
506 char tmpbuf[20]; 594 char tmpbuf[20];
507 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED); 595 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
508 sprintf(tmpbuf, "%ld", sw_status); 596 sprintf(tmpbuf, "%ld", sw_status);
509 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 597 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
510 } 598 }
@@ -521,7 +609,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
521 &res, 1)) != SW_OK) 609 &res, 1)) != SW_OK)
522 { 610 {
523 char tmpbuf[20]; 611 char tmpbuf[20];
524 ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED); 612 CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
525 sprintf(tmpbuf, "%ld", sw_status); 613 sprintf(tmpbuf, "%ld", sw_status);
526 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 614 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
527 goto err; 615 goto err;
@@ -532,17 +620,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
532err: 620err:
533 if(acquired) 621 if(acquired)
534 release_context(hac); 622 release_context(hac);
535 if(rsa_p) ctx->tos--; 623 BN_CTX_end(ctx);
536 if(rsa_q) ctx->tos--;
537 if(rsa_dmp1) ctx->tos--;
538 if(rsa_dmq1) ctx->tos--;
539 if(rsa_iqmp) ctx->tos--;
540 if(argument) ctx->tos--;
541 if(result) ctx->tos--;
542 return to_return; 624 return to_return;
543 } 625 }
544 626
545static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) 627#ifndef OPENSSL_NO_RSA
628static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
546 { 629 {
547 BN_CTX *ctx; 630 BN_CTX *ctx;
548 int to_return = 0; 631 int to_return = 0;
@@ -551,7 +634,7 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
551 goto err; 634 goto err;
552 if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) 635 if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
553 { 636 {
554 ENGINEerr(ENGINE_F_CSWIFT_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS); 637 CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS);
555 goto err; 638 goto err;
556 } 639 }
557 to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, 640 to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
@@ -561,14 +644,16 @@ err:
561 BN_CTX_free(ctx); 644 BN_CTX_free(ctx);
562 return to_return; 645 return to_return;
563 } 646 }
647#endif
564 648
565/* This function is aliased to mod_exp (with the mont stuff dropped). */ 649/* This function is aliased to mod_exp (with the mont stuff dropped). */
566static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, 650static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
567 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) 651 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
568 { 652 {
569 return cswift_mod_exp(r, a, p, m, ctx); 653 return cswift_mod_exp(r, a, p, m, ctx);
570 } 654 }
571 655
656#ifndef OPENSSL_NO_DSA
572static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) 657static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
573 { 658 {
574 SW_CONTEXT_HANDLE hac; 659 SW_CONTEXT_HANDLE hac;
@@ -589,19 +674,20 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
589 goto err; 674 goto err;
590 if(!get_context(&hac)) 675 if(!get_context(&hac))
591 { 676 {
592 ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_GET_HANDLE_FAILED); 677 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE);
593 goto err; 678 goto err;
594 } 679 }
595 acquired = 1; 680 acquired = 1;
596 /* Prepare the params */ 681 /* Prepare the params */
682 BN_CTX_start(ctx);
597 dsa_p = BN_CTX_get(ctx); 683 dsa_p = BN_CTX_get(ctx);
598 dsa_q = BN_CTX_get(ctx); 684 dsa_q = BN_CTX_get(ctx);
599 dsa_g = BN_CTX_get(ctx); 685 dsa_g = BN_CTX_get(ctx);
600 dsa_key = BN_CTX_get(ctx); 686 dsa_key = BN_CTX_get(ctx);
601 result = BN_CTX_get(ctx); 687 result = BN_CTX_get(ctx);
602 if(!dsa_p || !dsa_q || !dsa_g || !dsa_key || !result) 688 if(!result)
603 { 689 {
604 ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_CTX_FULL); 690 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL);
605 goto err; 691 goto err;
606 } 692 }
607 if(!bn_wexpand(dsa_p, dsa->p->top) || 693 if(!bn_wexpand(dsa_p, dsa->p->top) ||
@@ -610,7 +696,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
610 !bn_wexpand(dsa_key, dsa->priv_key->top) || 696 !bn_wexpand(dsa_key, dsa->priv_key->top) ||
611 !bn_wexpand(result, dsa->p->top)) 697 !bn_wexpand(result, dsa->p->top))
612 { 698 {
613 ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_EXPAND_FAIL); 699 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL);
614 goto err; 700 goto err;
615 } 701 }
616 sw_param.type = SW_ALG_DSA; 702 sw_param.type = SW_ALG_DSA;
@@ -633,13 +719,12 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
633 case SW_OK: 719 case SW_OK:
634 break; 720 break;
635 case SW_ERR_INPUT_SIZE: 721 case SW_ERR_INPUT_SIZE:
636 ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN, 722 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE);
637 ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
638 goto err; 723 goto err;
639 default: 724 default:
640 { 725 {
641 char tmpbuf[20]; 726 char tmpbuf[20];
642 ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED); 727 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
643 sprintf(tmpbuf, "%ld", sw_status); 728 sprintf(tmpbuf, "%ld", sw_status);
644 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 729 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
645 } 730 }
@@ -657,7 +742,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
657 if(sw_status != SW_OK) 742 if(sw_status != SW_OK)
658 { 743 {
659 char tmpbuf[20]; 744 char tmpbuf[20];
660 ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED); 745 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
661 sprintf(tmpbuf, "%ld", sw_status); 746 sprintf(tmpbuf, "%ld", sw_status);
662 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 747 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
663 goto err; 748 goto err;
@@ -672,13 +757,11 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
672err: 757err:
673 if(acquired) 758 if(acquired)
674 release_context(hac); 759 release_context(hac);
675 if(dsa_p) ctx->tos--;
676 if(dsa_q) ctx->tos--;
677 if(dsa_g) ctx->tos--;
678 if(dsa_key) ctx->tos--;
679 if(result) ctx->tos--;
680 if(ctx) 760 if(ctx)
761 {
762 BN_CTX_end(ctx);
681 BN_CTX_free(ctx); 763 BN_CTX_free(ctx);
764 }
682 return to_return; 765 return to_return;
683 } 766 }
684 767
@@ -703,19 +786,20 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
703 goto err; 786 goto err;
704 if(!get_context(&hac)) 787 if(!get_context(&hac))
705 { 788 {
706 ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_GET_HANDLE_FAILED); 789 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE);
707 goto err; 790 goto err;
708 } 791 }
709 acquired = 1; 792 acquired = 1;
710 /* Prepare the params */ 793 /* Prepare the params */
794 BN_CTX_start(ctx);
711 dsa_p = BN_CTX_get(ctx); 795 dsa_p = BN_CTX_get(ctx);
712 dsa_q = BN_CTX_get(ctx); 796 dsa_q = BN_CTX_get(ctx);
713 dsa_g = BN_CTX_get(ctx); 797 dsa_g = BN_CTX_get(ctx);
714 dsa_key = BN_CTX_get(ctx); 798 dsa_key = BN_CTX_get(ctx);
715 argument = BN_CTX_get(ctx); 799 argument = BN_CTX_get(ctx);
716 if(!dsa_p || !dsa_q || !dsa_g || !dsa_key || !argument) 800 if(!argument)
717 { 801 {
718 ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_CTX_FULL); 802 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL);
719 goto err; 803 goto err;
720 } 804 }
721 if(!bn_wexpand(dsa_p, dsa->p->top) || 805 if(!bn_wexpand(dsa_p, dsa->p->top) ||
@@ -724,7 +808,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
724 !bn_wexpand(dsa_key, dsa->pub_key->top) || 808 !bn_wexpand(dsa_key, dsa->pub_key->top) ||
725 !bn_wexpand(argument, 40)) 809 !bn_wexpand(argument, 40))
726 { 810 {
727 ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_EXPAND_FAIL); 811 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL);
728 goto err; 812 goto err;
729 } 813 }
730 sw_param.type = SW_ALG_DSA; 814 sw_param.type = SW_ALG_DSA;
@@ -747,13 +831,12 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
747 case SW_OK: 831 case SW_OK:
748 break; 832 break;
749 case SW_ERR_INPUT_SIZE: 833 case SW_ERR_INPUT_SIZE:
750 ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY, 834 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE);
751 ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
752 goto err; 835 goto err;
753 default: 836 default:
754 { 837 {
755 char tmpbuf[20]; 838 char tmpbuf[20];
756 ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED); 839 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
757 sprintf(tmpbuf, "%ld", sw_status); 840 sprintf(tmpbuf, "%ld", sw_status);
758 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 841 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
759 } 842 }
@@ -775,7 +858,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
775 if(sw_status != SW_OK) 858 if(sw_status != SW_OK)
776 { 859 {
777 char tmpbuf[20]; 860 char tmpbuf[20];
778 ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED); 861 CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
779 sprintf(tmpbuf, "%ld", sw_status); 862 sprintf(tmpbuf, "%ld", sw_status);
780 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); 863 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
781 goto err; 864 goto err;
@@ -786,22 +869,39 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
786err: 869err:
787 if(acquired) 870 if(acquired)
788 release_context(hac); 871 release_context(hac);
789 if(dsa_p) ctx->tos--;
790 if(dsa_q) ctx->tos--;
791 if(dsa_g) ctx->tos--;
792 if(dsa_key) ctx->tos--;
793 if(argument) ctx->tos--;
794 if(ctx) 872 if(ctx)
873 {
874 BN_CTX_end(ctx);
795 BN_CTX_free(ctx); 875 BN_CTX_free(ctx);
876 }
796 return to_return; 877 return to_return;
797 } 878 }
879#endif
798 880
881#ifndef OPENSSL_NO_DH
799/* This function is aliased to mod_exp (with the dh and mont dropped). */ 882/* This function is aliased to mod_exp (with the dh and mont dropped). */
800static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 883static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
884 const BIGNUM *a, const BIGNUM *p,
801 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) 885 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
802 { 886 {
803 return cswift_mod_exp(r, a, p, m, ctx); 887 return cswift_mod_exp(r, a, p, m, ctx);
804 } 888 }
889#endif
890
891/* This stuff is needed if this ENGINE is being compiled into a self-contained
892 * shared-library. */
893#ifdef ENGINE_DYNAMIC_SUPPORT
894static int bind_fn(ENGINE *e, const char *id)
895 {
896 if(id && (strcmp(id, engine_cswift_id) != 0))
897 return 0;
898 if(!bind_helper(e))
899 return 0;
900 return 1;
901 }
902IMPLEMENT_DYNAMIC_CHECK_FN()
903IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
904#endif /* ENGINE_DYNAMIC_SUPPORT */
805 905
806#endif /* !NO_HW_CSWIFT */ 906#endif /* !OPENSSL_NO_HW_CSWIFT */
807#endif /* !NO_HW */ 907#endif /* !OPENSSL_NO_HW */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 11:39:40 +0000