From 9cea7b85baecb1a02a3ea617de73d9693a9792eb Mon Sep 17 00:00:00 2001 From: markus <> Date: Sun, 11 May 2003 21:36:59 +0000 Subject: import 0.9.7b (without idea and rc5) --- src/lib/libcrypto/engine/enginetest.c | 11 +- src/lib/libcrypto/engine/hw_4758_cca.c | 6 +- src/lib/libcrypto/engine/hw_atalla.c | 2 + src/lib/libcrypto/engine/hw_cryptodev.c | 540 ++++++---- src/lib/libcrypto/engine/hw_cswift.c | 73 ++ src/lib/libcrypto/engine/hw_ncipher.c | 68 +- src/lib/libcrypto/engine/hw_ncipher_err.c | 3 +- src/lib/libcrypto/engine/hw_ncipher_err.h | 1 + src/lib/libcrypto/engine/hw_nuron.c | 2 + src/lib/libcrypto/engine/hw_sureware.c | 1039 ++++++++++++++++++++ src/lib/libcrypto/engine/hw_ubsec.c | 2 + src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h | 100 ++ .../libcrypto/engine/vendor_defns/hwcryptohook.h | 486 +++++++++ src/lib/libcrypto/engine/vendor_defns/sureware.h | 239 +++++ 14 files changed, 2390 insertions(+), 182 deletions(-) create mode 100644 src/lib/libcrypto/engine/hw_sureware.c create mode 100644 src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h create mode 100644 src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h create mode 100644 src/lib/libcrypto/engine/vendor_defns/sureware.h (limited to 'src/lib/libcrypto/engine') diff --git a/src/lib/libcrypto/engine/enginetest.c b/src/lib/libcrypto/engine/enginetest.c index 87fa8c57b7..c2d0297392 100644 --- a/src/lib/libcrypto/engine/enginetest.c +++ b/src/lib/libcrypto/engine/enginetest.c @@ -56,9 +56,17 @@ * */ -#include #include #include + +#ifdef OPENSSL_NO_ENGINE +int main(int argc, char *argv[]) +{ + printf("No ENGINE support\n"); + return(0); +} +#else +#include #include #include #include @@ -272,3 +280,4 @@ end: CRYPTO_mem_leaks_fp(stderr); return to_return; } +#endif diff --git a/src/lib/libcrypto/engine/hw_4758_cca.c b/src/lib/libcrypto/engine/hw_4758_cca.c index bfb80968e2..4f5ae8a46d 100644 --- a/src/lib/libcrypto/engine/hw_4758_cca.c +++ b/src/lib/libcrypto/engine/hw_4758_cca.c @@ -223,6 +223,7 @@ static int bind_helper(ENGINE *e) return 1; } +#ifndef ENGINE_DYNAMIC_SUPPORT static ENGINE *engine_4758_cca(void) { ENGINE *ret = ENGINE_new(); @@ -244,6 +245,7 @@ void ENGINE_load_4758cca(void) ENGINE_free(e_4758); ERR_clear_error(); } +#endif static int ibm_4758_cca_destroy(ENGINE *e) { @@ -715,7 +717,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, if (type == NID_sha1 || type == NID_md5) { - memset(hashBuffer, keyLength+1, 0); + OPENSSL_cleanse(hashBuffer, keyLength+1); OPENSSL_free(hashBuffer); } @@ -838,7 +840,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, if (type == NID_sha1 || type == NID_md5) { - memset(hashBuffer, keyLength+1, 0); + OPENSSL_cleanse(hashBuffer, keyLength+1); OPENSSL_free(hashBuffer); } diff --git a/src/lib/libcrypto/engine/hw_atalla.c b/src/lib/libcrypto/engine/hw_atalla.c index 6151c46902..e9eff9fad1 100644 --- a/src/lib/libcrypto/engine/hw_atalla.c +++ b/src/lib/libcrypto/engine/hw_atalla.c @@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e) return 1; } +#ifndef ENGINE_DYNAMIC_SUPPORT static ENGINE *engine_atalla(void) { ENGINE *ret = ENGINE_new(); @@ -264,6 +265,7 @@ void ENGINE_load_atalla(void) ENGINE_free(toadd); ERR_clear_error(); } +#endif /* This is a process-global DSO handle used for loading and unloading * the Atalla library. NB: This is only set (or unset) during an diff --git a/src/lib/libcrypto/engine/hw_cryptodev.c b/src/lib/libcrypto/engine/hw_cryptodev.c index 7c3728f395..40af97ac24 100644 --- a/src/lib/libcrypto/engine/hw_cryptodev.c +++ b/src/lib/libcrypto/engine/hw_cryptodev.c @@ -1,6 +1,7 @@ /* * Copyright (c) 2002 Bob Beck * Copyright (c) 2002 Theo de Raadt + * Copyright (c) 2002 Markus Friedl * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -28,33 +29,85 @@ * */ -#include +#include +#include +#include + +#if (defined(__unix__) || defined(unix)) && !defined(USG) #include +# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041) +# define HAVE_CRYPTODEV +# endif +# if (OpenBSD >= 200110) +# define HAVE_SYSLOG_R +# endif +#endif + +#ifndef HAVE_CRYPTODEV + +void +ENGINE_load_cryptodev(void) +{ + /* This is a NOP on platforms without /dev/crypto */ + return; +} + +#else + +#include #include #include #include #include #include #include -#include #include -#include -#include -#include +#include +#include +#include -static int cryptodev_fd = -1; -static int cryptodev_sessions = 0; -static u_int32_t cryptodev_symfeat = 0; +struct dev_crypto_state { + struct session_op d_sess; + int d_fd; +}; +static u_int32_t cryptodev_asymfeat = 0; + +static int get_asym_dev_crypto(void); +static int open_dev_crypto(void); +static int get_dev_crypto(void); +static int cryptodev_max_iv(int cipher); +static int cryptodev_key_length_valid(int cipher, int len); +static int cipher_nid_to_cryptodev(int nid); +static int get_cryptodev_ciphers(const int **cnids); +static int get_cryptodev_digests(const int **cnids); +static int cryptodev_usable_ciphers(const int **nids); +static int cryptodev_usable_digests(const int **nids); +static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, unsigned int inl); +static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); +static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx); +static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); +static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, + const int **nids, int nid); static int bn2crparam(const BIGNUM *a, struct crparam *crp); static int crparam2bn(struct crparam *crp, BIGNUM *a); static void zapparams(struct crypt_kop *kop); +static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, + int slen, BIGNUM *s); -static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, + RSA *rsa); +static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, + BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, + BN_CTX *ctx, BN_MONT_CTX *mont); static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len, @@ -64,6 +117,9 @@ static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *m_ctx); static int cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); +static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, + void (*f)()); +void ENGINE_load_cryptodev(void); static const ENGINE_CMD_DEFN cryptodev_defns[] = { { 0, NULL, NULL, 0 } @@ -77,11 +133,10 @@ static struct { } ciphers[] = { { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, }, { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, }, - { CRYPTO_AES_CBC, NID_undef, 8, 24, }, + { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, }, { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, - { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 8, }, + { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, - { CRYPTO_ARC4, NID_rc4, 8, 16, }, { 0, NID_undef, 0, 0, }, }; @@ -99,33 +154,53 @@ static struct { }; /* - * Return 1 if /dev/crypto seems usable, 0 otherwise , also - * does most of the work of initting the device, if not already - * done.. This should leave is with global fd initialized with CRIOGET. + * Return a fd if /dev/crypto seems usable, 0 otherwise. */ static int -check_dev_crypto() +open_dev_crypto(void) { - int fd; + static int fd = -1; - if (cryptodev_fd == -1) { + if (fd == -1) { if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1) - return (0); - if (ioctl(fd, CRIOGET, &cryptodev_fd) == -1) { - close(fd); - return (0); - } - close(fd); + return (-1); /* close on exec */ - if (fcntl(cryptodev_fd, F_SETFD, 1) == -1) { - close(cryptodev_fd); - cryptodev_fd = -1; - return (0); + if (fcntl(fd, F_SETFD, 1) == -1) { + close(fd); + fd = -1; + return (-1); } } - ioctl(cryptodev_fd, CIOCSYMFEAT, &cryptodev_symfeat); + return (fd); +} - return (1); +static int +get_dev_crypto(void) +{ + int fd, retfd; + + if ((fd = open_dev_crypto()) == -1) + return (-1); + if (ioctl(fd, CRIOGET, &retfd) == -1) + return (-1); + + /* close on exec */ + if (fcntl(retfd, F_SETFD, 1) == -1) { + close(retfd); + return (-1); + } + return (retfd); +} + +/* Caching version for asym operations */ +static int +get_asym_dev_crypto(void) +{ + static int fd = -1; + + if (fd == -1) + fd = get_dev_crypto(); + return fd; } /* @@ -183,8 +258,12 @@ get_cryptodev_ciphers(const int **cnids) { static int nids[CRYPTO_ALGORITHM_MAX]; struct session_op sess; - int i, count = 0; + int fd, i, count = 0; + if ((fd = get_dev_crypto()) < 0) { + *nids = NULL; + return (0); + } memset(&sess, 0, sizeof(sess)); sess.key = (caddr_t)"123456781234567812345678"; @@ -194,10 +273,12 @@ get_cryptodev_ciphers(const int **cnids) sess.cipher = ciphers[i].id; sess.keylen = ciphers[i].keylen; sess.mac = 0; - if (ioctl(cryptodev_fd, CIOCGSESSION, &sess) != -1 && - ioctl(cryptodev_fd, CIOCFSESSION, &sess.ses) != -1) + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) nids[count++] = ciphers[i].nid; } + close(fd); + if (count > 0) *cnids = nids; else @@ -216,18 +297,24 @@ get_cryptodev_digests(const int **cnids) { static int nids[CRYPTO_ALGORITHM_MAX]; struct session_op sess; - int i, count = 0; + int fd, i, count = 0; + if ((fd = get_dev_crypto()) < 0) { + *nids = NULL; + return (0); + } memset(&sess, 0, sizeof(sess)); for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) { if (digests[i].nid == NID_undef) continue; sess.mac = digests[i].id; sess.cipher = 0; - if (ioctl(cryptodev_fd, CIOCGSESSION, &sess) != -1 && - ioctl(cryptodev_fd, CIOCFSESSION, &sess.ses) != -1) + if (ioctl(fd, CIOCGSESSION, &sess) != -1 && + ioctl(fd, CIOCFSESSION, &sess.ses) != -1) nids[count++] = digests[i].nid; } + close(fd); + if (count > 0) *cnids = nids; else @@ -256,25 +343,15 @@ get_cryptodev_digests(const int **cnids) * want most of the decisions made about what we actually want * to use from /dev/crypto. */ -int +static int cryptodev_usable_ciphers(const int **nids) { - if (!check_dev_crypto()) { - *nids = NULL; - return (0); - } - - /* find what the device can do. Unfortunately, we don't - * necessarily want all of these yet, because we aren't - * yet set up to do them - */ return (get_cryptodev_ciphers(nids)); } -int +static int cryptodev_usable_digests(const int **nids) { -#if 1 /* * XXXX just disable all digests for now, because it sucks. * we need a better way to decide this - i.e. I may not @@ -289,29 +366,19 @@ cryptodev_usable_digests(const int **nids) */ *nids = NULL; return (0); -#endif - - if (!check_dev_crypto()) { - *nids = NULL; - return (0); - } - return (get_cryptodev_digests(nids)); } - -int +static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { struct crypt_op cryp; - struct session_op *sess = ctx->cipher_data; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; void *iiv; unsigned char save_iv[EVP_MAX_IV_LENGTH]; - struct syslog_data sd = SYSLOG_DATA_INIT; - if (cryptodev_fd == -1) - return (0); - if (sess == NULL) + if (state->d_fd < 0) return (0); if (!inl) return (1); @@ -338,11 +405,10 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } else cryp.iv = NULL; - if (ioctl(cryptodev_fd, CIOCCRYPT, &cryp) == -1) { + if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) { /* XXX need better errror handling * this can fail for a number of different reasons. */ - syslog_r(LOG_ERR, &sd, "CIOCCRYPT failed (%m)"); return (0); } @@ -356,20 +422,17 @@ cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return (1); } -int +static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - struct session_op *sess = ctx->cipher_data; - struct syslog_data sd = SYSLOG_DATA_INIT; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; int cipher; if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef) return (0); - if (!check_dev_crypto()) - return (0); - if (ctx->cipher->iv_len > cryptodev_max_iv(cipher)) return (0); @@ -378,15 +441,18 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, memset(sess, 0, sizeof(struct session_op)); + if ((state->d_fd = get_dev_crypto()) < 0) + return (0); + sess->key = (unsigned char *)key; sess->keylen = ctx->key_len; sess->cipher = cipher; - if (ioctl(cryptodev_fd, CIOCGSESSION, sess) == -1) { - syslog_r(LOG_ERR, &sd, "CIOCGSESSION failed (%m)"); + if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) { + close(state->d_fd); + state->d_fd = -1; return (0); } - cryptodev_sessions++; return (1); } @@ -394,14 +460,14 @@ cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, * free anything we allocated earlier when initting a * session, and close the session. */ -int +static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx) { int ret = 0; - struct session_op *sess = ctx->cipher_data; - struct syslog_data sd = SYSLOG_DATA_INIT; + struct dev_crypto_state *state = ctx->cipher_data; + struct session_op *sess = &state->d_sess; - if (sess == NULL) + if (state->d_fd < 0) return (0); /* XXX if this ioctl fails, someting's wrong. the invoker @@ -415,17 +481,14 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) * print messages to users of the library. hmm.. */ - if (ioctl(cryptodev_fd, CIOCFSESSION, &sess->ses) == -1) { - syslog_r(LOG_ERR, &sd, "CIOCFSESSION failed (%m)"); + if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) { ret = 0; } else { - cryptodev_sessions--; ret = 1; } - if (cryptodev_sessions == 0 && cryptodev_fd != -1 ) { - close(cryptodev_fd); /* XXX should this be closed? */ - cryptodev_fd = -1; - } + close(state->d_fd); + state->d_fd = -1; + return (ret); } @@ -434,20 +497,6 @@ cryptodev_cleanup(EVP_CIPHER_CTX *ctx) * gets called when libcrypto requests a cipher NID. */ -/* ARC4 (16 byte key) */ -const EVP_CIPHER cryptodev_arc4_cipher = { - NID_rc4, - 1, 16, 0, - EVP_CIPH_VARIABLE_LENGTH, - cryptodev_init_key, - cryptodev_cipher, - cryptodev_cleanup, - sizeof(struct session_op), - NULL, - NULL, - NULL -}; - /* DES CBC EVP */ const EVP_CIPHER cryptodev_des_cbc = { NID_des_cbc, @@ -456,7 +505,7 @@ const EVP_CIPHER cryptodev_des_cbc = { cryptodev_init_key, cryptodev_cipher, cryptodev_cleanup, - sizeof(struct session_op), + sizeof(struct dev_crypto_state), EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL @@ -470,19 +519,57 @@ const EVP_CIPHER cryptodev_3des_cbc = { cryptodev_init_key, cryptodev_cipher, cryptodev_cleanup, - sizeof(struct session_op), + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_bf_cbc = { + NID_bf_cbc, + 8, 16, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; + +const EVP_CIPHER cryptodev_cast_cbc = { + NID_cast5_cbc, + 8, 16, 8, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL }; +const EVP_CIPHER cryptodev_aes_cbc = { + NID_aes_128_cbc, + 16, 16, 16, + EVP_CIPH_CBC_MODE, + cryptodev_init_key, + cryptodev_cipher, + cryptodev_cleanup, + sizeof(struct dev_crypto_state), + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL +}; /* * Registered by the ENGINE when used to find out how to deal with * a particular NID in the ENGINE. this says what we'll do at the * top level - note, that list is restricted by what we answer with */ -int +static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) { @@ -490,15 +577,21 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, return (cryptodev_usable_ciphers(nids)); switch (nid) { - case NID_rc4: - *cipher = &cryptodev_arc4_cipher; - break; case NID_des_ede3_cbc: *cipher = &cryptodev_3des_cbc; break; case NID_des_cbc: *cipher = &cryptodev_des_cbc; break; + case NID_bf_cbc: + *cipher = &cryptodev_bf_cbc; + break; + case NID_cast5_cbc: + *cipher = &cryptodev_cast_cbc; + break; + case NID_aes_128_cbc: + *cipher = &cryptodev_aes_cbc; + break; default: *cipher = NULL; break; @@ -506,7 +599,7 @@ cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, return (*cipher != NULL); } -int +static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid) { @@ -524,7 +617,6 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, return (*digest != NULL); } - /* * Convert a BIGNUM to the representation that /dev/crypto needs. * Upon completion of use, the caller is responsible for freeing @@ -533,7 +625,7 @@ cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest, static int bn2crparam(const BIGNUM *a, struct crparam *crp) { - int i, j, n; + int i, j, k; ssize_t words, bytes, bits; u_char *b; @@ -550,17 +642,13 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) crp->crp_p = b; crp->crp_nbits = bits; - words = (bits + BN_BITS2 - 1) / BN_BITS2; - - n = 0; - for (i = 0; i < words && n < bytes; i++) { - BN_ULONG word; - - word = a->d[i]; - for (j = 0 ; j < BN_BYTES && n < bytes; j++, n++) { - *b++ = (word & 0xff); - word >>= 8; + for (i = 0, j = 0; i < a->top; i++) { + for (k = 0; k < BN_BITS2 / 8; k++) { + if ((j + k) >= bytes) + return (0); + b[j + k] = a->d[i] >> (k * 8); } + j += BN_BITS2 / 8; } return (0); } @@ -569,15 +657,22 @@ bn2crparam(const BIGNUM *a, struct crparam *crp) static int crparam2bn(struct crparam *crp, BIGNUM *a) { + u_int8_t *pd; int i, bytes; - bytes = (crp->crp_nbits + 7)/8; + bytes = (crp->crp_nbits + 7) / 8; - BN_zero(a); - for (i = bytes - 1; i >= 0; i--) { - BN_lshift(a, a, 8); - BN_add_word(a, (u_char)crp->crp_p[i]); - } + if (bytes == 0) + return (-1); + + if ((pd = (u_int8_t *) malloc(bytes)) == NULL) + return (-1); + + for (i = 0; i < bytes; i++) + pd[i] = crp->crp_p[bytes - i - 1]; + + BN_bin2bn(pd, bytes, a); + free(pd); return (0); } @@ -596,25 +691,32 @@ zapparams(struct crypt_kop *kop) } static int -cryptodev_sym(struct crypt_kop *kop, BIGNUM *r, BIGNUM *s) +cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s) { - int ret = -1; + int fd, ret = -1; + + if ((fd = get_asym_dev_crypto()) < 0) + return (ret); if (r) { - kop->crk_param[kop->crk_iparams].crp_p = malloc(256); - kop->crk_param[kop->crk_iparams].crp_nbits = 256 * 8; + kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char)); + kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8; kop->crk_oparams++; } if (s) { - kop->crk_param[kop->crk_iparams+1].crp_p = malloc(256); - kop->crk_param[kop->crk_iparams+1].crp_nbits = 256 * 8; + kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char)); + kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8; kop->crk_oparams++; } - if (ioctl(cryptodev_fd, CIOCKEY, &kop) == 0) { - crparam2bn(&kop->crk_param[3], r); + if (ioctl(fd, CIOCKEY, kop) == 0) { + if (r) + crparam2bn(&kop->crk_param[kop->crk_iparams], r); + if (s) + crparam2bn(&kop->crk_param[kop->crk_iparams+1], s); ret = 0; } + return (ret); } @@ -623,38 +725,58 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) { struct crypt_kop kop; - int ret = 0; + int ret = 1; + + /* Currently, we know we can do mod exp iff we can do any + * asymmetric operations at all. + */ + if (cryptodev_asymfeat == 0) { + ret = BN_mod_exp(r, a, p, m, ctx); + return (ret); + } memset(&kop, 0, sizeof kop); kop.crk_op = CRK_MOD_EXP; - /* inputs: a m p */ + /* inputs: a^p % m */ if (bn2crparam(a, &kop.crk_param[0])) goto err; - if (bn2crparam(m, &kop.crk_param[1])) + if (bn2crparam(p, &kop.crk_param[1])) goto err; - if (bn2crparam(p, &kop.crk_param[2])) + if (bn2crparam(m, &kop.crk_param[2])) goto err; kop.crk_iparams = 3; - if (cryptodev_sym(&kop, r, NULL) == -1) { - ret = BN_mod_exp(r, a, p, m, ctx); + if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); } err: zapparams(&kop); return (ret); } +static int +cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +{ + int r; + BN_CTX *ctx; + + ctx = BN_CTX_new(); + r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL); + BN_CTX_free(ctx); + return (r); +} static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { struct crypt_kop kop; - int ret = 0; + int ret = 1; if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { /* XXX 0 means failure?? */ - goto err; + return (0); } memset(&kop, 0, sizeof kop); @@ -674,9 +796,8 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) goto err; kop.crk_iparams = 6; - if (cryptodev_sym(&kop, r0, NULL) == -1) { + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - ret = (*meth->rsa_mod_exp)(r0, I, rsa); } err: @@ -690,8 +811,8 @@ static RSA_METHOD cryptodev_rsa = { NULL, /* rsa_pub_dec */ NULL, /* rsa_priv_enc */ NULL, /* rsa_priv_dec */ - cryptodev_rsa_mod_exp, /* rsa_mod_exp */ - cryptodev_bn_mod_exp, /* bn_mod_exp */ + NULL, + NULL, NULL, /* init */ NULL, /* finish */ 0, /* flags */ @@ -707,6 +828,38 @@ cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx)); } +static int +cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g, + BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p, + BN_CTX *ctx, BN_MONT_CTX *mont) +{ + BIGNUM t2; + int ret = 0; + + BN_init(&t2); + + /* v = ( g^u1 * y^u2 mod p ) mod q */ + /* let t1 = g ^ u1 mod p */ + ret = 0; + + if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont)) + goto err; + + /* let t2 = y ^ u2 mod p */ + if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont)) + goto err; + /* let u1 = t1 * t2 mod p */ + if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx)) + goto err; + + BN_copy(t1,u1); + + ret = 1; +err: + BN_free(&t2); + return(ret); +} + static DSA_SIG * cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { @@ -721,6 +874,7 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) goto err; } + printf("bar\n"); memset(&kop, 0, sizeof kop); kop.crk_op = CRK_DSA_SIGN; @@ -737,13 +891,13 @@ cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) goto err; kop.crk_iparams = 5; - if (cryptodev_sym(&kop, r, s) == 0) { + if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r, + BN_num_bytes(dsa->q), s) == 0) { dsaret = DSA_SIG_new(); dsaret->r = r; dsaret->s = s; } else { const DSA_METHOD *meth = DSA_OpenSSL(); - BN_free(r); BN_free(s); dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa); @@ -759,7 +913,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, DSA_SIG *sig, DSA *dsa) { struct crypt_kop kop; - int dsaret = 0; + int dsaret = 1; memset(&kop, 0, sizeof kop); kop.crk_op = CRK_DSA_VERIFY; @@ -781,7 +935,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, goto err; kop.crk_iparams = 7; - if (cryptodev_sym(&kop, NULL, NULL) == 0) { + if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { dsaret = kop.crk_status; } else { const DSA_METHOD *meth = DSA_OpenSSL(); @@ -796,11 +950,11 @@ err: static DSA_METHOD cryptodev_dsa = { "cryptodev DSA method", - cryptodev_dsa_do_sign, + NULL, NULL, /* dsa_sign_setup */ - cryptodev_dsa_verify, + NULL, NULL, /* dsa_mod_exp */ - cryptodev_dsa_bn_mod_exp, /* bn_mod_exp */ + NULL, NULL, /* init */ NULL, /* finish */ 0, /* flags */ @@ -819,8 +973,14 @@ static int cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { struct crypt_kop kop; - int dhret = 0; - int keylen; + int dhret = 1; + int fd, keylen; + + if ((fd = get_asym_dev_crypto()) < 0) { + const DH_METHOD *meth = DH_OpenSSL(); + + return ((meth->compute_key)(key, pub_key, dh)); + } keylen = BN_num_bits(dh->p); @@ -840,7 +1000,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) kop.crk_param[3].crp_nbits = keylen * 8; kop.crk_oparams = 1; - if (ioctl(cryptodev_fd, CIOCKEY, &kop) == -1) { + if (ioctl(fd, CIOCKEY, &kop) == -1) { const DH_METHOD *meth = DH_OpenSSL(); dhret = (meth->compute_key)(key, pub_key, dh); @@ -854,8 +1014,8 @@ err: static DH_METHOD cryptodev_dh = { "cryptodev DH method", NULL, /* cryptodev_dh_generate_key */ - cryptodev_dh_compute_key, - cryptodev_mod_exp_dh, + NULL, + NULL, NULL, NULL, 0, /* flags */ @@ -869,12 +1029,18 @@ static DH_METHOD cryptodev_dh = { static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) { +#ifdef HAVE_SYSLOG_R struct syslog_data sd = SYSLOG_DATA_INIT; +#endif switch (cmd) { default: +#ifdef HAVE_SYSLOG_R syslog_r(LOG_ERR, &sd, "cryptodev_ctrl: unknown command %d", cmd); +#else + syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd); +#endif break; } return (1); @@ -884,14 +1050,24 @@ void ENGINE_load_cryptodev(void) { ENGINE *engine = ENGINE_new(); - const RSA_METHOD *rsa_meth; - const DH_METHOD *dh_meth; + int fd; if (engine == NULL) return; + if ((fd = get_dev_crypto()) < 0) + return; + + /* + * find out what asymmetric crypto algorithms we support + */ + if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { + close(fd); + return; + } + close(fd); if (!ENGINE_set_id(engine, "cryptodev") || - !ENGINE_set_name(engine, "OpenBSD cryptodev engine") || + !ENGINE_set_name(engine, "BSD cryptodev engine") || !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || !ENGINE_set_digests(engine, cryptodev_engine_digests) || !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || @@ -900,27 +1076,57 @@ ENGINE_load_cryptodev(void) return; } - if ((cryptodev_symfeat & CRSFEAT_RSA) && - ENGINE_set_RSA(engine, &cryptodev_rsa)) { - rsa_meth = RSA_PKCS1_SSLeay(); + if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { + const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); + + cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; + cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; - cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_dec; + cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; + if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_mod_exp; + else + cryptodev_rsa.rsa_mod_exp = + cryptodev_rsa_nocrt_mod_exp; + } } - if ((cryptodev_symfeat & CRSFEAT_DSA) && - ENGINE_set_DSA(engine, &cryptodev_dsa)) { + if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { + const DSA_METHOD *meth = DSA_OpenSSL(); + + memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); + if (cryptodev_asymfeat & CRF_DSA_SIGN) + cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; + cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; + } + if (cryptodev_asymfeat & CRF_DSA_VERIFY) + cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; } - if ((cryptodev_symfeat & CRSFEAT_DH) && - ENGINE_set_DH(engine, &cryptodev_dh)) { - dh_meth = DH_OpenSSL(); + if (ENGINE_set_DH(engine, &cryptodev_dh)){ + const DH_METHOD *dh_meth = DH_OpenSSL(); + cryptodev_dh.generate_key = dh_meth->generate_key; cryptodev_dh.compute_key = dh_meth->compute_key; + cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; + if (cryptodev_asymfeat & CRF_MOD_EXP) { + cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; + if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) + cryptodev_dh.compute_key = + cryptodev_dh_compute_key; + } } ENGINE_add(engine); ENGINE_free(engine); ERR_clear_error(); } + +#endif /* HAVE_CRYPTODEV */ diff --git a/src/lib/libcrypto/engine/hw_cswift.c b/src/lib/libcrypto/engine/hw_cswift.c index f5c897bdbb..f128ee5a68 100644 --- a/src/lib/libcrypto/engine/hw_cswift.c +++ b/src/lib/libcrypto/engine/hw_cswift.c @@ -121,6 +121,10 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); #endif +/* RAND stuff */ +static int cswift_rand_bytes(unsigned char *buf, int num); +static int cswift_rand_status(void); + /* The definitions for control commands specific to this engine */ #define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE static const ENGINE_CMD_DEFN cswift_cmd_defns[] = { @@ -183,6 +187,18 @@ static DH_METHOD cswift_dh = }; #endif +static RAND_METHOD cswift_random = + { + /* "CryptoSwift RAND method", */ + NULL, + cswift_rand_bytes, + NULL, + NULL, + cswift_rand_bytes, + cswift_rand_status, + }; + + /* Constants used when creating the ENGINE */ static const char *engine_cswift_id = "cswift"; static const char *engine_cswift_name = "CryptoSwift hardware engine support"; @@ -208,6 +224,7 @@ static int bind_helper(ENGINE *e) #ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &cswift_dh) || #endif + !ENGINE_set_RAND(e, &cswift_random) || !ENGINE_set_destroy_function(e, cswift_destroy) || !ENGINE_set_init_function(e, cswift_init) || !ENGINE_set_finish_function(e, cswift_finish) || @@ -242,6 +259,7 @@ static int bind_helper(ENGINE *e) return 1; } +#ifndef ENGINE_DYNAMIC_SUPPORT static ENGINE *engine_cswift(void) { ENGINE *ret = ENGINE_new(); @@ -264,6 +282,7 @@ void ENGINE_load_cswift(void) ENGINE_free(toadd); ERR_clear_error(); } +#endif /* This is a process-global DSO handle used for loading and unloading * the CryptoSwift library. NB: This is only set (or unset) during an @@ -905,6 +924,60 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, } #endif +/* Random bytes are good */ +static int cswift_rand_bytes(unsigned char *buf, int num) +{ + SW_CONTEXT_HANDLE hac; + SW_STATUS swrc; + SW_LARGENUMBER largenum; + size_t nbytes = 0; + int acquired = 0; + int to_return = 0; /* assume failure */ + + if (!get_context(&hac)) + { + CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE); + goto err; + } + acquired = 1; + + while (nbytes < (size_t)num) + { + /* tell CryptoSwift how many bytes we want and where we want it. + * Note: - CryptoSwift cannot do more than 4096 bytes at a time. + * - CryptoSwift can only do multiple of 32-bits. */ + largenum.value = (SW_BYTE *) buf + nbytes; + if (4096 > num - nbytes) + largenum.nbytes = num - nbytes; + else + largenum.nbytes = 4096; + + swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1); + if (swrc != SW_OK) + { + char tmpbuf[20]; + CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED); + sprintf(tmpbuf, "%ld", swrc); + ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf); + goto err; + } + + nbytes += largenum.nbytes; + } + to_return = 1; /* success */ + +err: + if (acquired) + release_context(hac); + return to_return; +} + +static int cswift_rand_status(void) +{ + return 1; +} + + /* This stuff is needed if this ENGINE is being compiled into a self-contained * shared-library. */ #ifdef ENGINE_DYNAMIC_SUPPORT diff --git a/src/lib/libcrypto/engine/hw_ncipher.c b/src/lib/libcrypto/engine/hw_ncipher.c index a43d4360f2..0d1c6b8df0 100644 --- a/src/lib/libcrypto/engine/hw_ncipher.c +++ b/src/lib/libcrypto/engine/hw_ncipher.c @@ -91,11 +91,19 @@ static int hwcrhk_init(ENGINE *e); static int hwcrhk_finish(ENGINE *e); static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); -/* Functions to handle mutexes */ +/* Functions to handle mutexes if have dynamic locks */ static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*); static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*); static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*); +#if 1 /* This is a HACK which will disappear in 0.9.8 */ +/* Functions to handle mutexes if only have static locks */ +static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, + HWCryptoHook_CallerContext *c); +static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m); +static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m); +static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m); +#endif /* BIGNUM stuff */ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, @@ -373,6 +381,7 @@ static int bind_helper(ENGINE *e) return 1; } +#ifndef ENGINE_DYNAMIC_SUPPORT static ENGINE *engine_ncipher(void) { ENGINE *ret = ENGINE_new(); @@ -395,6 +404,7 @@ void ENGINE_load_chil(void) ENGINE_free(toadd); ERR_clear_error(); } +#endif /* This is a process-global DSO handle used for loading and unloading * the HWCryptoHook library. NB: This is only set (or unset) during an @@ -558,15 +568,31 @@ static int hwcrhk_init(ENGINE *e) /* Check if the application decided to support dynamic locks, and if it does, use them. */ - if (disable_mutex_callbacks == 0 && - CRYPTO_get_dynlock_create_callback() != NULL && - CRYPTO_get_dynlock_lock_callback() != NULL && - CRYPTO_get_dynlock_destroy_callback() != NULL) + if (disable_mutex_callbacks == 0) { - hwcrhk_globals.mutex_init = hwcrhk_mutex_init; - hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; - hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; - hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; + if (CRYPTO_get_dynlock_create_callback() != NULL && + CRYPTO_get_dynlock_lock_callback() != NULL && + CRYPTO_get_dynlock_destroy_callback() != NULL) + { + hwcrhk_globals.mutex_init = hwcrhk_mutex_init; + hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; + hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; + hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; + } + else if (CRYPTO_get_locking_callback() != NULL) + { + HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING); + ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()"); +#if 1 /* This is a HACK which will disappear in 0.9.8 */ + hwcrhk_globals.maxmutexes = 1; /* Only have one lock */ + hwcrhk_globals.mutex_init = hwcrhk_static_mutex_init; + hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock; + hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock; + hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy; +#else + goto err; +#endif + } } /* Try and get a context - if not, we may have a DSO but no @@ -1020,7 +1046,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) /* Perform the operation */ ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q, - m_dmp1, m_dmq1, m_iqmp, &m_r, NULL); + m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg); /* Convert the response */ r->top = m_r.size / sizeof(BN_ULONG); @@ -1171,6 +1197,26 @@ static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt) CRYPTO_destroy_dynlockid(mt->lockid); } +/* Mutex upcalls to use if the application does not support dynamic locks */ + +static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m, + HWCryptoHook_CallerContext *c) + { + return 0; + } +static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m) + { + CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK); + return 0; + } +static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m) + { + CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK); + } +static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m) + { + } + static int hwcrhk_get_pass(const char *prompt_info, int *len_io, char *buf, HWCryptoHook_PassphraseContext *ppctx, @@ -1318,7 +1364,7 @@ static void hwcrhk_log_message(void *logstr, const char *message) lstream=*(BIO **)logstr; if (lstream) { - BIO_write(lstream, message, strlen(message)); + BIO_printf(lstream, "%s\n", message); } CRYPTO_w_unlock(CRYPTO_LOCK_BIO); } diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.c b/src/lib/libcrypto/engine/hw_ncipher_err.c index 24024cfc6f..5bc94581b7 100644 --- a/src/lib/libcrypto/engine/hw_ncipher_err.c +++ b/src/lib/libcrypto/engine/hw_ncipher_err.c @@ -1,6 +1,6 @@ /* hw_ncipher_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -86,6 +86,7 @@ static ERR_STRING_DATA HWCRHK_str_reasons[]= {HWCRHK_R_CHIL_ERROR ,"chil error"}, {HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, {HWCRHK_R_DSO_FAILURE ,"dso failure"}, +{HWCRHK_R_DYNAMIC_LOCKING_MISSING ,"dynamic locking missing"}, {HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, {HWCRHK_R_NOT_INITIALISED ,"not initialised"}, {HWCRHK_R_NOT_LOADED ,"not loaded"}, diff --git a/src/lib/libcrypto/engine/hw_ncipher_err.h b/src/lib/libcrypto/engine/hw_ncipher_err.h index 4d65b1d470..d232d02319 100644 --- a/src/lib/libcrypto/engine/hw_ncipher_err.h +++ b/src/lib/libcrypto/engine/hw_ncipher_err.h @@ -84,6 +84,7 @@ static void ERR_HWCRHK_error(int function, int reason, char *file, int line); #define HWCRHK_R_CHIL_ERROR 102 #define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103 #define HWCRHK_R_DSO_FAILURE 104 +#define HWCRHK_R_DYNAMIC_LOCKING_MISSING 114 #define HWCRHK_R_MISSING_KEY_COMPONENTS 105 #define HWCRHK_R_NOT_INITIALISED 106 #define HWCRHK_R_NOT_LOADED 107 diff --git a/src/lib/libcrypto/engine/hw_nuron.c b/src/lib/libcrypto/engine/hw_nuron.c index 130b6d8b40..fb9188bfe5 100644 --- a/src/lib/libcrypto/engine/hw_nuron.c +++ b/src/lib/libcrypto/engine/hw_nuron.c @@ -374,6 +374,7 @@ static int bind_helper(ENGINE *e) return 1; } +#ifndef ENGINE_DYNAMIC_SUPPORT static ENGINE *engine_nuron(void) { ENGINE *ret = ENGINE_new(); @@ -396,6 +397,7 @@ void ENGINE_load_nuron(void) ENGINE_free(toadd); ERR_clear_error(); } +#endif /* This stuff is needed if this ENGINE is being compiled into a self-contained * shared-library. */ diff --git a/src/lib/libcrypto/engine/hw_sureware.c b/src/lib/libcrypto/engine/hw_sureware.c new file mode 100644 index 0000000000..fca467e690 --- /dev/null +++ b/src/lib/libcrypto/engine/hw_sureware.c @@ -0,0 +1,1039 @@ +/* Written by Corinne Dive-Reclus(cdive@baltimore.com) +* +* +* Redistribution and use in source and binary forms, with or without +* modification, are permitted provided that the following conditions +* are met: +* +* 1. Redistributions of source code must retain the above copyright +* notice, this list of conditions and the following disclaimer. +* +* 2. Redistributions in binary form must reproduce the above copyright +* notice, this list of conditions and the following disclaimer in +* the documentation and/or other materials provided with the +* distribution. +* +* 3. All advertising materials mentioning features or use of this +* software must display the following acknowledgment: +* "This product includes software developed by the OpenSSL Project +* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" +* +* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +* endorse or promote products derived from this software without +* prior written permission. For written permission, please contact +* licensing@OpenSSL.org. +* +* 5. Products derived from this software may not be called "OpenSSL" +* nor may "OpenSSL" appear in their names without prior written +* permission of the OpenSSL Project. +* +* 6. Redistributions of any form whatsoever must retain the following +* acknowledgment: +* "This product includes software developed by the OpenSSL Project +* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" +* +* Written by Corinne Dive-Reclus(cdive@baltimore.com) +* +* Copyright@2001 Baltimore Technologies Ltd. +* All right Reserved. +* * +* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND * +* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * +* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * +* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE * +* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * +* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * +* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * +* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * +* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * +* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * +* SUCH DAMAGE. * +====================================================================*/ + +#include +#include "cryptlib.h" +#include +#include +#include +#include "eng_int.h" +#include "engine.h" +#include + +#ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_SUREWARE + +#ifdef FLAT_INC +#include "sureware.h" +#else +#include "vendor_defns/sureware.h" +#endif + +#define SUREWARE_LIB_NAME "sureware engine" +#include "hw_sureware_err.c" + +static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); +static int surewarehk_destroy(ENGINE *e); +static int surewarehk_init(ENGINE *e); +static int surewarehk_finish(ENGINE *e); +static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx); + +/* RSA stuff */ +static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to, + RSA *rsa,int padding); +static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to, + RSA *rsa,int padding); + +/* RAND stuff */ +static int surewarehk_rand_bytes(unsigned char *buf, int num); +static void surewarehk_rand_seed(const void *buf, int num); +static void surewarehk_rand_add(const void *buf, int num, double entropy); + +/* KM stuff */ +static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, + UI_METHOD *ui_method, void *callback_data); +static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, + UI_METHOD *ui_method, void *callback_data); +static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, + int idx,long argl, void *argp); +#if 0 +static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, + int idx,long argl, void *argp); +#endif + +#ifndef OPENSSL_NO_RSA +/* This function is aliased to mod_exp (with the mont stuff dropped). */ +static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +{ + return surewarehk_modexp(r, a, p, m, ctx); +} + +/* Our internal RSA_METHOD that we provide pointers to */ +static RSA_METHOD surewarehk_rsa = + { + "SureWare RSA method", + NULL, /* pub_enc*/ + NULL, /* pub_dec*/ + surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc*/ + surewarehk_rsa_priv_dec, /* priv_dec*/ + NULL, /*mod_exp*/ + surewarehk_mod_exp_mont, /*mod_exp_mongomery*/ + NULL, /* init*/ + NULL, /* finish*/ + 0, /* RSA flag*/ + NULL, + NULL, /* OpenSSL sign*/ + NULL /* OpenSSL verify*/ + }; +#endif + +#ifndef OPENSSL_NO_DH +/* Our internal DH_METHOD that we provide pointers to */ +/* This function is aliased to mod_exp (with the dh and mont dropped). */ +static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +{ + return surewarehk_modexp(r, a, p, m, ctx); +} + +static DH_METHOD surewarehk_dh = + { + "SureWare DH method", + NULL,/*gen_key*/ + NULL,/*agree,*/ + surewarehk_modexp_dh, /*dh mod exp*/ + NULL, /* init*/ + NULL, /* finish*/ + 0, /* flags*/ + NULL + }; +#endif + +static RAND_METHOD surewarehk_rand = + { + /* "SureWare RAND method", */ + surewarehk_rand_seed, + surewarehk_rand_bytes, + NULL,/*cleanup*/ + surewarehk_rand_add, + surewarehk_rand_bytes, + NULL,/*rand_status*/ + }; + +#ifndef OPENSSL_NO_DSA +/* DSA stuff */ +static DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); +static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, + BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, + BN_CTX *ctx, BN_MONT_CTX *in_mont) +{ + BIGNUM t; + int to_return = 0; + BN_init(&t); + /* let rr = a1 ^ p1 mod m */ + if (!surewarehk_modexp(rr,a1,p1,m,ctx)) goto end; + /* let t = a2 ^ p2 mod m */ + if (!surewarehk_modexp(&t,a2,p2,m,ctx)) goto end; + /* let rr = rr * t mod m */ + if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end; + to_return = 1; +end: + BN_free(&t); + return to_return; +} + +static DSA_METHOD surewarehk_dsa = + { + "SureWare DSA method", + surewarehk_dsa_do_sign, + NULL,/*sign setup*/ + NULL,/*verify,*/ + surewarehk_dsa_mod_exp,/*mod exp*/ + NULL,/*bn mod exp*/ + NULL, /*init*/ + NULL,/*finish*/ + 0, + NULL, + }; +#endif + +static const char *engine_sureware_id = "sureware"; +static const char *engine_sureware_name = "SureWare hardware engine support"; + +/* Now, to our own code */ + +/* As this is only ever called once, there's no need for locking + * (indeed - the lock will already be held by our caller!!!) */ +static int bind_sureware(ENGINE *e) +{ +#ifndef OPENSSL_NO_RSA + const RSA_METHOD *meth1; +#endif +#ifndef OPENSSL_NO_DSA + const DSA_METHOD *meth2; +#endif +#ifndef OPENSSL_NO_DH + const DH_METHOD *meth3; +#endif + + if(!ENGINE_set_id(e, engine_sureware_id) || + !ENGINE_set_name(e, engine_sureware_name) || +#ifndef OPENSSL_NO_RSA + !ENGINE_set_RSA(e, &surewarehk_rsa) || +#endif +#ifndef OPENSSL_NO_DSA + !ENGINE_set_DSA(e, &surewarehk_dsa) || +#endif +#ifndef OPENSSL_NO_DH + !ENGINE_set_DH(e, &surewarehk_dh) || +#endif + !ENGINE_set_RAND(e, &surewarehk_rand) || + !ENGINE_set_destroy_function(e, surewarehk_destroy) || + !ENGINE_set_init_function(e, surewarehk_init) || + !ENGINE_set_finish_function(e, surewarehk_finish) || + !ENGINE_set_ctrl_function(e, surewarehk_ctrl) || + !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) || + !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey)) + return 0; + +#ifndef OPENSSL_NO_RSA + /* We know that the "PKCS1_SSLeay()" functions hook properly + * to the cswift-specific mod_exp and mod_exp_crt so we use + * those functions. NB: We don't use ENGINE_openssl() or + * anything "more generic" because something like the RSAref + * code may not hook properly, and if you own one of these + * cards then you have the right to do RSA operations on it + * anyway! */ + meth1 = RSA_PKCS1_SSLeay(); + if (meth1) + { + surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; + surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; + } +#endif + +#ifndef OPENSSL_NO_DSA + /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish + * bits. */ + meth2 = DSA_OpenSSL(); + if (meth2) + { + surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify; + } +#endif + +#ifndef OPENSSL_NO_DH + /* Much the same for Diffie-Hellman */ + meth3 = DH_OpenSSL(); + if (meth3) + { + surewarehk_dh.generate_key = meth3->generate_key; + surewarehk_dh.compute_key = meth3->compute_key; + } +#endif + + /* Ensure the sureware error handling is set up */ + ERR_load_SUREWARE_strings(); + return 1; +} + +#ifdef ENGINE_DYNAMIC_SUPPORT +static int bind_helper(ENGINE *e, const char *id) + { + if(id && (strcmp(id, engine_sureware_id) != 0)) + return 0; + if(!bind_sureware(e)) + return 0; + return 1; + } +IMPLEMENT_DYNAMIC_CHECK_FN() +IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) +#else +static ENGINE *engine_sureware(void) + { + ENGINE *ret = ENGINE_new(); + if(!ret) + return NULL; + if(!bind_sureware(ret)) + { + ENGINE_free(ret); + return NULL; + } + return ret; + } + +void ENGINE_load_sureware(void) + { + /* Copied from eng_[openssl|dyn].c */ + ENGINE *toadd = engine_sureware(); + if(!toadd) return; + ENGINE_add(toadd); + ENGINE_free(toadd); + ERR_clear_error(); + } +#endif + +/* This is a process-global DSO handle used for loading and unloading + * the SureWareHook library. NB: This is only set (or unset) during an + * init() or finish() call (reference counts permitting) and they're + * operating with global locks, so this should be thread-safe + * implicitly. */ +static DSO *surewarehk_dso = NULL; +#ifndef OPENSSL_NO_RSA +static int rsaHndidx = -1; /* Index for KM handle. Not really used yet. */ +#endif +#ifndef OPENSSL_NO_DSA +static int dsaHndidx = -1; /* Index for KM handle. Not really used yet. */ +#endif + +/* These are the function pointers that are (un)set when the library has + * successfully (un)loaded. */ +static SureWareHook_Init_t *p_surewarehk_Init = NULL; +static SureWareHook_Finish_t *p_surewarehk_Finish = NULL; +static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL; +static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL; +static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL; +static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL; +static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL; +static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL; +static SureWareHook_Free_t *p_surewarehk_Free=NULL; +static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec=NULL; +static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign=NULL; +static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign=NULL; +static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp=NULL; + +/* Used in the DSO operations. */ +static const char *surewarehk_LIBNAME = "SureWareHook"; +static const char *n_surewarehk_Init = "SureWareHook_Init"; +static const char *n_surewarehk_Finish = "SureWareHook_Finish"; +static const char *n_surewarehk_Rand_Bytes="SureWareHook_Rand_Bytes"; +static const char *n_surewarehk_Rand_Seed="SureWareHook_Rand_Seed"; +static const char *n_surewarehk_Load_Privkey="SureWareHook_Load_Privkey"; +static const char *n_surewarehk_Info_Pubkey="SureWareHook_Info_Pubkey"; +static const char *n_surewarehk_Load_Rsa_Pubkey="SureWareHook_Load_Rsa_Pubkey"; +static const char *n_surewarehk_Load_Dsa_Pubkey="SureWareHook_Load_Dsa_Pubkey"; +static const char *n_surewarehk_Free="SureWareHook_Free"; +static const char *n_surewarehk_Rsa_Priv_Dec="SureWareHook_Rsa_Priv_Dec"; +static const char *n_surewarehk_Rsa_Sign="SureWareHook_Rsa_Sign"; +static const char *n_surewarehk_Dsa_Sign="SureWareHook_Dsa_Sign"; +static const char *n_surewarehk_Mod_Exp="SureWareHook_Mod_Exp"; +static BIO *logstream = NULL; + +/* SureWareHook library functions and mechanics - these are used by the + * higher-level functions further down. NB: As and where there's no + * error checking, take a look lower down where these functions are + * called, the checking and error handling is probably down there. +*/ +static int threadsafe=1; +static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) +{ + int to_return = 1; + + switch(cmd) + { + case ENGINE_CTRL_SET_LOGSTREAM: + { + BIO *bio = (BIO *)p; + CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + if (logstream) + { + BIO_free(logstream); + logstream = NULL; + } + if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1) + logstream = bio; + else + SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,SUREWARE_R_BIO_WAS_FREED); + } + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + break; + /* This will prevent the initialisation function from "installing" + * the mutex-handling callbacks, even if they are available from + * within the library (or were provided to the library from the + * calling application). This is to remove any baggage for + * applications not using multithreading. */ + case ENGINE_CTRL_CHIL_NO_LOCKING: + CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + threadsafe = 0; + CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + break; + + /* The command isn't understood by this engine */ + default: + SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL, + ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); + to_return = 0; + break; + } + + return to_return; +} + +/* Destructor (complements the "ENGINE_surewarehk()" constructor) */ +static int surewarehk_destroy(ENGINE *e) +{ + ERR_unload_SUREWARE_strings(); + return 1; +} + +/* (de)initialisation functions. */ +static int surewarehk_init(ENGINE *e) +{ + char msg[64]="ENGINE_init"; + SureWareHook_Init_t *p1=NULL; + SureWareHook_Finish_t *p2=NULL; + SureWareHook_Rand_Bytes_t *p3=NULL; + SureWareHook_Rand_Seed_t *p4=NULL; + SureWareHook_Load_Privkey_t *p5=NULL; + SureWareHook_Load_Rsa_Pubkey_t *p6=NULL; + SureWareHook_Free_t *p7=NULL; + SureWareHook_Rsa_Priv_Dec_t *p8=NULL; + SureWareHook_Rsa_Sign_t *p9=NULL; + SureWareHook_Dsa_Sign_t *p12=NULL; + SureWareHook_Info_Pubkey_t *p13=NULL; + SureWareHook_Load_Dsa_Pubkey_t *p14=NULL; + SureWareHook_Mod_Exp_t *p15=NULL; + + if(surewarehk_dso != NULL) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_ALREADY_LOADED); + goto err; + } + /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */ + surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0); + if(surewarehk_dso == NULL) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE); + goto err; + } + if(!(p1=(SureWareHook_Init_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Init)) || + !(p2=(SureWareHook_Finish_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Finish)) || + !(p3=(SureWareHook_Rand_Bytes_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Bytes)) || + !(p4=(SureWareHook_Rand_Seed_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Seed)) || + !(p5=(SureWareHook_Load_Privkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Privkey)) || + !(p6=(SureWareHook_Load_Rsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Rsa_Pubkey)) || + !(p7=(SureWareHook_Free_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) || + !(p8=(SureWareHook_Rsa_Priv_Dec_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Priv_Dec)) || + !(p9=(SureWareHook_Rsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Sign)) || + !(p12=(SureWareHook_Dsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Dsa_Sign)) || + !(p13=(SureWareHook_Info_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Info_Pubkey)) || + !(p14=(SureWareHook_Load_Dsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Dsa_Pubkey)) || + !(p15=(SureWareHook_Mod_Exp_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Mod_Exp))) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE); + goto err; + } + /* Copy the pointers */ + p_surewarehk_Init = p1; + p_surewarehk_Finish = p2; + p_surewarehk_Rand_Bytes = p3; + p_surewarehk_Rand_Seed = p4; + p_surewarehk_Load_Privkey = p5; + p_surewarehk_Load_Rsa_Pubkey = p6; + p_surewarehk_Free = p7; + p_surewarehk_Rsa_Priv_Dec = p8; + p_surewarehk_Rsa_Sign = p9; + p_surewarehk_Dsa_Sign = p12; + p_surewarehk_Info_Pubkey = p13; + p_surewarehk_Load_Dsa_Pubkey = p14; + p_surewarehk_Mod_Exp = p15; + /* Contact the hardware and initialises it. */ + if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE); + goto err; + } + if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE); + goto err; + } + /* try to load the default private key, if failed does not return a failure but + wait for an explicit ENGINE_load_privakey */ + surewarehk_load_privkey(e,NULL,NULL,NULL); + + /* Everything's fine. */ +#ifndef OPENSSL_NO_RSA + if (rsaHndidx == -1) + rsaHndidx = RSA_get_ex_new_index(0, + "SureWareHook RSA key handle", + NULL, NULL, surewarehk_ex_free); +#endif +#ifndef OPENSSL_NO_DSA + if (dsaHndidx == -1) + dsaHndidx = DSA_get_ex_new_index(0, + "SureWareHook DSA key handle", + NULL, NULL, surewarehk_ex_free); +#endif + + return 1; +err: + if(surewarehk_dso) + DSO_free(surewarehk_dso); + surewarehk_dso = NULL; + p_surewarehk_Init = NULL; + p_surewarehk_Finish = NULL; + p_surewarehk_Rand_Bytes = NULL; + p_surewarehk_Rand_Seed = NULL; + p_surewarehk_Load_Privkey = NULL; + p_surewarehk_Load_Rsa_Pubkey = NULL; + p_surewarehk_Free = NULL; + p_surewarehk_Rsa_Priv_Dec = NULL; + p_surewarehk_Rsa_Sign = NULL; + p_surewarehk_Dsa_Sign = NULL; + p_surewarehk_Info_Pubkey = NULL; + p_surewarehk_Load_Dsa_Pubkey = NULL; + p_surewarehk_Mod_Exp = NULL; + return 0; +} + +static int surewarehk_finish(ENGINE *e) +{ + int to_return = 1; + if(surewarehk_dso == NULL) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_NOT_LOADED); + to_return = 0; + goto err; + } + p_surewarehk_Finish(); + if(!DSO_free(surewarehk_dso)) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_DSO_FAILURE); + to_return = 0; + goto err; + } + err: + if (logstream) + BIO_free(logstream); + surewarehk_dso = NULL; + p_surewarehk_Init = NULL; + p_surewarehk_Finish = NULL; + p_surewarehk_Rand_Bytes = NULL; + p_surewarehk_Rand_Seed = NULL; + p_surewarehk_Load_Privkey = NULL; + p_surewarehk_Load_Rsa_Pubkey = NULL; + p_surewarehk_Free = NULL; + p_surewarehk_Rsa_Priv_Dec = NULL; + p_surewarehk_Rsa_Sign = NULL; + p_surewarehk_Dsa_Sign = NULL; + p_surewarehk_Info_Pubkey = NULL; + p_surewarehk_Load_Dsa_Pubkey = NULL; + p_surewarehk_Mod_Exp = NULL; + return to_return; +} + +static void surewarehk_error_handling(char *const msg,int func,int ret) +{ + switch (ret) + { + case SUREWAREHOOK_ERROR_UNIT_FAILURE: + ENGINEerr(func,SUREWARE_R_UNIT_FAILURE); + break; + case SUREWAREHOOK_ERROR_FALLBACK: + ENGINEerr(func,SUREWARE_R_REQUEST_FALLBACK); + break; + case SUREWAREHOOK_ERROR_DATA_SIZE: + ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); + break; + case SUREWAREHOOK_ERROR_INVALID_PAD: + ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED); + break; + default: + ENGINEerr(func,SUREWARE_R_REQUEST_FAILED); + break; + case 1:/*nothing*/ + msg[0]='\0'; + } + if (*msg) + { + ERR_add_error_data(1,msg); + if (logstream) + { + CRYPTO_w_lock(CRYPTO_LOCK_BIO); + BIO_write(logstream, msg, strlen(msg)); + CRYPTO_w_unlock(CRYPTO_LOCK_BIO); + } + } +} + +static int surewarehk_rand_bytes(unsigned char *buf, int num) +{ + int ret=0; + char msg[64]="ENGINE_rand_bytes"; + if(!p_surewarehk_Rand_Bytes) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED); + } + else + { + ret = p_surewarehk_Rand_Bytes(msg,buf, num); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_BYTES,ret); + } + return ret==1 ? 1 : 0; +} + +static void surewarehk_rand_seed(const void *buf, int num) +{ + int ret=0; + char msg[64]="ENGINE_rand_seed"; + if(!p_surewarehk_Rand_Seed) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED); + } + else + { + ret = p_surewarehk_Rand_Seed(msg,buf, num); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret); + } +} + +static void surewarehk_rand_add(const void *buf, int num, double entropy) +{ + surewarehk_rand_seed(buf,num); +} + +static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype) +{ + EVP_PKEY *res = NULL; +#ifndef OPENSSL_NO_RSA + RSA *rsatmp = NULL; +#endif +#ifndef OPENSSL_NO_DSA + DSA *dsatmp=NULL; +#endif + char msg[64]="sureware_load_public"; + int ret=0; + if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED); + goto err; + } + switch (keytype) + { +#ifndef OPENSSL_NO_RSA + case 1: /*RSA*/ + /* set private external reference */ + rsatmp = RSA_new_method(e); + RSA_set_ex_data(rsatmp,rsaHndidx,hptr); + rsatmp->flags |= RSA_FLAG_EXT_PKEY; + + /* set public big nums*/ + rsatmp->e = BN_new(); + rsatmp->n = BN_new(); + bn_expand2(rsatmp->e, el/sizeof(BN_ULONG)); + bn_expand2(rsatmp->n, el/sizeof(BN_ULONG)); + if (!rsatmp->e || rsatmp->e->dmax!=(int)(el/sizeof(BN_ULONG))|| + !rsatmp->n || rsatmp->n->dmax!=(int)(el/sizeof(BN_ULONG))) + goto err; + ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el, + (unsigned long *)rsatmp->n->d, + (unsigned long *)rsatmp->e->d); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret); + if (ret!=1) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY); + goto err; + } + /* normalise pub e and pub n */ + rsatmp->e->top=el/sizeof(BN_ULONG); + bn_fix_top(rsatmp->e); + rsatmp->n->top=el/sizeof(BN_ULONG); + bn_fix_top(rsatmp->n); + /* create an EVP object: engine + rsa key */ + res = EVP_PKEY_new(); + EVP_PKEY_assign_RSA(res, rsatmp); + break; +#endif + +#ifndef OPENSSL_NO_DSA + case 2:/*DSA*/ + /* set private/public external reference */ + dsatmp = DSA_new_method(e); + DSA_set_ex_data(dsatmp,dsaHndidx,hptr); + /*dsatmp->flags |= DSA_FLAG_EXT_PKEY;*/ + + /* set public key*/ + dsatmp->pub_key = BN_new(); + dsatmp->p = BN_new(); + dsatmp->q = BN_new(); + dsatmp->g = BN_new(); + bn_expand2(dsatmp->pub_key, el/sizeof(BN_ULONG)); + bn_expand2(dsatmp->p, el/sizeof(BN_ULONG)); + bn_expand2(dsatmp->q, 20/sizeof(BN_ULONG)); + bn_expand2(dsatmp->g, el/sizeof(BN_ULONG)); + if (!dsatmp->pub_key || dsatmp->pub_key->dmax!=(int)(el/sizeof(BN_ULONG))|| + !dsatmp->p || dsatmp->p->dmax!=(int)(el/sizeof(BN_ULONG)) || + !dsatmp->q || dsatmp->q->dmax!=20/sizeof(BN_ULONG) || + !dsatmp->g || dsatmp->g->dmax!=(int)(el/sizeof(BN_ULONG))) + goto err; + + ret=p_surewarehk_Load_Dsa_Pubkey(msg,key_id,el, + (unsigned long *)dsatmp->pub_key->d, + (unsigned long *)dsatmp->p->d, + (unsigned long *)dsatmp->q->d, + (unsigned long *)dsatmp->g->d); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret); + if (ret!=1) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY); + goto err; + } + /* set parameters */ + /* normalise pubkey and parameters in case of */ + dsatmp->pub_key->top=el/sizeof(BN_ULONG); + bn_fix_top(dsatmp->pub_key); + dsatmp->p->top=el/sizeof(BN_ULONG); + bn_fix_top(dsatmp->p); + dsatmp->q->top=20/sizeof(BN_ULONG); + bn_fix_top(dsatmp->q); + dsatmp->g->top=el/sizeof(BN_ULONG); + bn_fix_top(dsatmp->g); + + /* create an EVP object: engine + rsa key */ + res = EVP_PKEY_new(); + EVP_PKEY_assign_DSA(res, dsatmp); + break; +#endif + + default: + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY); + goto err; + } + return res; + err: + if (res) + EVP_PKEY_free(res); +#ifndef OPENSSL_NO_RSA + if (rsatmp) + RSA_free(rsatmp); +#endif +#ifndef OPENSSL_NO_DSA + if (dsatmp) + DSA_free(dsatmp); +#endif + return NULL; +} + +static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, + UI_METHOD *ui_method, void *callback_data) +{ + EVP_PKEY *res = NULL; + int ret=0; + unsigned long el=0; + char *hptr=NULL; + char keytype=0; + char msg[64]="ENGINE_load_privkey"; + + if(!p_surewarehk_Load_Privkey) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED); + } + else + { + ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype); + if (ret!=1) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY); + ERR_add_error_data(1,msg); + } + else + res=sureware_load_public(e,key_id,hptr,el,keytype); + } + return res; +} + +static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, + UI_METHOD *ui_method, void *callback_data) +{ + EVP_PKEY *res = NULL; + int ret=0; + unsigned long el=0; + char *hptr=NULL; + char keytype=0; + char msg[64]="ENGINE_load_pubkey"; + + if(!p_surewarehk_Info_Pubkey) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED); + } + else + { + /* call once to identify if DSA or RSA */ + ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype); + if (ret!=1) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY); + ERR_add_error_data(1,msg); + } + else + res=sureware_load_public(e,key_id,hptr,el,keytype); + } + return res; +} + +/* This cleans up an RSA/DSA KM key(do not destroy the key into the hardware) +, called when ex_data is freed */ +static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, + int idx,long argl, void *argp) +{ + if(!p_surewarehk_Free) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED); + } + else + p_surewarehk_Free((char *)item,0); +} + +#if 0 +/* This cleans up an DH KM key (destroys the key into hardware), +called when ex_data is freed */ +static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, + int idx,long argl, void *argp) +{ + if(!p_surewarehk_Free) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED); + } + else + p_surewarehk_Free((char *)item,1); +} +#endif + +/* +* return number of decrypted bytes +*/ +#ifndef OPENSSL_NO_RSA +static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to, + RSA *rsa,int padding) +{ + int ret=0,tlen; + char *buf=NULL,*hptr=NULL; + char msg[64]="ENGINE_rsa_priv_dec"; + if (!p_surewarehk_Rsa_Priv_Dec) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ENGINE_R_NOT_INITIALISED); + } + /* extract ref to private key */ + else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx))) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_MISSING_KEY_COMPONENTS); + goto err; + } + /* analyse what padding we can do into the hardware */ + if (padding==RSA_PKCS1_PADDING) + { + /* do it one shot */ + ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret); + if (ret!=1) + goto err; + ret=tlen; + } + else /* do with no padding into hardware */ + { + ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_NO_PAD); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret); + if (ret!=1) + goto err; + /* intermediate buffer for padding */ + if ((buf=OPENSSL_malloc(tlen)) == NULL) + { + RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE); + goto err; + } + memcpy(buf,to,tlen);/* transfert to into buf */ + switch (padding) /* check padding in software */ + { +#ifndef OPENSSL_NO_SHA + case RSA_PKCS1_OAEP_PADDING: + ret=RSA_padding_check_PKCS1_OAEP(to,tlen,(unsigned char *)buf,tlen,tlen,NULL,0); + break; +#endif + case RSA_SSLV23_PADDING: + ret=RSA_padding_check_SSLv23(to,tlen,(unsigned char *)buf,flen,tlen); + break; + case RSA_NO_PADDING: + ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen); + break; + default: + RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE); + goto err; + } + if (ret < 0) + RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED); + } +err: + if (buf) + { + OPENSSL_cleanse(buf,tlen); + OPENSSL_free(buf); + } + return ret; +} + +/* +* Does what OpenSSL rsa_priv_enc does. +*/ +static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to, + RSA *rsa,int padding) +{ + int ret=0,tlen; + char *hptr=NULL; + char msg[64]="ENGINE_rsa_sign"; + if (!p_surewarehk_Rsa_Sign) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED); + } + /* extract ref to private key */ + else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx))) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS); + } + else + { + switch (padding) + { + case RSA_PKCS1_PADDING: /* do it in one shot */ + ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret); + break; + case RSA_NO_PADDING: + default: + RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE); + } + } + return ret==1 ? tlen : ret; +} + +#endif + +#ifndef OPENSSL_NO_DSA +/* DSA sign and verify */ +static DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *from, int flen, DSA *dsa) +{ + int ret=0; + char *hptr=NULL; + DSA_SIG *psign=NULL; + char msg[64]="ENGINE_dsa_do_sign"; + if (!p_surewarehk_Dsa_Sign) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ENGINE_R_NOT_INITIALISED); + } + /* extract ref to private key */ + else if (!(hptr=DSA_get_ex_data(dsa, dsaHndidx))) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS); + } + else + { + if((psign = DSA_SIG_new()) == NULL) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ERR_R_MALLOC_FAILURE); + goto err; + } + psign->r=BN_new(); + psign->s=BN_new(); + bn_expand2(psign->r, 20/sizeof(BN_ULONG)); + bn_expand2(psign->s, 20/sizeof(BN_ULONG)); + if (!psign->r || psign->r->dmax!=20/sizeof(BN_ULONG) || + !psign->s || psign->s->dmax!=20/sizeof(BN_ULONG)) + goto err; + ret=p_surewarehk_Dsa_Sign(msg,flen,from, + (unsigned long *)psign->r->d, + (unsigned long *)psign->s->d, + hptr); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ret); + } + psign->r->top=20/sizeof(BN_ULONG); + bn_fix_top(psign->r); + psign->s->top=20/sizeof(BN_ULONG); + bn_fix_top(psign->s); + +err: + if (psign) + { + DSA_SIG_free(psign); + psign=NULL; + } + return psign; +} +#endif + +static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx) +{ + int ret=0; + char msg[64]="ENGINE_modexp"; + if (!p_surewarehk_Mod_Exp) + { + SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED); + } + else + { + bn_expand2(r,m->top); + if (r && r->dmax==m->top) + { + /* do it*/ + ret=p_surewarehk_Mod_Exp(msg, + m->top*sizeof(BN_ULONG), + (unsigned long *)m->d, + p->top*sizeof(BN_ULONG), + (unsigned long *)p->d, + a->top*sizeof(BN_ULONG), + (unsigned long *)a->d, + (unsigned long *)r->d); + surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret); + if (ret==1) + { + /* normalise result */ + r->top=m->top; + bn_fix_top(r); + } + } + } + return ret; +} +#endif /* !OPENSSL_NO_HW_SureWare */ +#endif /* !OPENSSL_NO_HW */ diff --git a/src/lib/libcrypto/engine/hw_ubsec.c b/src/lib/libcrypto/engine/hw_ubsec.c index ed8401ec16..6286dd851c 100644 --- a/src/lib/libcrypto/engine/hw_ubsec.c +++ b/src/lib/libcrypto/engine/hw_ubsec.c @@ -242,6 +242,7 @@ static int bind_helper(ENGINE *e) return 1; } +#ifndef ENGINE_DYNAMIC_SUPPORT static ENGINE *engine_ubsec(void) { ENGINE *ret = ENGINE_new(); @@ -264,6 +265,7 @@ void ENGINE_load_ubsec(void) ENGINE_free(toadd); ERR_clear_error(); } +#endif /* This is a process-global DSO handle used for loading and unloading * the UBSEC library. NB: This is only set (or unset) during an diff --git a/src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h b/src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h new file mode 100644 index 0000000000..b6619d40f2 --- /dev/null +++ b/src/lib/libcrypto/engine/vendor_defns/hw_ubsec.h @@ -0,0 +1,100 @@ +/****************************************************************************** + * + * Copyright 2000 + * Broadcom Corporation + * 16215 Alton Parkway + * PO Box 57013 + * Irvine CA 92619-7013 + * + *****************************************************************************/ +/* + * Broadcom Corporation uBSec SDK + */ +/* + * Character device header file. + */ +/* + * Revision History: + * + * October 2000 JTT Created. + */ + +#define MAX_PUBLIC_KEY_BITS (1024) +#define MAX_PUBLIC_KEY_BYTES (1024/8) +#define SHA_BIT_SIZE (160) +#define MAX_CRYPTO_KEY_LENGTH 24 +#define MAX_MAC_KEY_LENGTH 64 +#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt") +#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey") + +/* Math command types. */ +#define UBSEC_MATH_MODADD 0x0001 +#define UBSEC_MATH_MODSUB 0x0002 +#define UBSEC_MATH_MODMUL 0x0004 +#define UBSEC_MATH_MODEXP 0x0008 +#define UBSEC_MATH_MODREM 0x0010 +#define UBSEC_MATH_MODINV 0x0020 + +typedef long ubsec_MathCommand_t; +typedef long ubsec_RNGCommand_t; + +typedef struct ubsec_crypto_context_s { + unsigned int flags; + unsigned char crypto[MAX_CRYPTO_KEY_LENGTH]; + unsigned char auth[MAX_MAC_KEY_LENGTH]; +} ubsec_crypto_context_t, *ubsec_crypto_context_p; + +/* + * Predeclare the function pointer types that we dynamically load from the DSO. + */ + +typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes); + +typedef int t_UBSEC_ubsec_bits_to_bytes(int bits); + +typedef int t_UBSEC_ubsec_open(unsigned char *device); + +typedef int t_UBSEC_ubsec_close(int fd); + +typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd, + unsigned char *x, int *x_len, unsigned char *y, int *y_len, + unsigned char *g, int g_len, unsigned char *m, int m_len, + unsigned char *userX, int userX_len, int random_bits); + +typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd, + unsigned char *x, int x_len, unsigned char *y, int y_len, + unsigned char *m, int m_len, unsigned char *k, int *k_len); + +typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd, + unsigned char *x, int x_len, unsigned char *m, int m_len, + unsigned char *e, int e_len, unsigned char *y, int *y_len); + +typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd, + unsigned char *x, int x_len, unsigned char *qinv, int qinv_len, + unsigned char *edq, int edq_len, unsigned char *q, int q_len, + unsigned char *edp, int edp_len, unsigned char *p, int p_len, + unsigned char *y, int *y_len); + +typedef int t_UBSEC_dsa_sign_ioctl (int fd, + int hash, unsigned char *data, int data_len, + unsigned char *rndom, int random_len, + unsigned char *p, int p_len, unsigned char *q, int q_len, + unsigned char *g, int g_len, unsigned char *key, int key_len, + unsigned char *r, int *r_len, unsigned char *s, int *s_len); + +typedef int t_UBSEC_dsa_verify_ioctl (int fd, + int hash, unsigned char *data, int data_len, + unsigned char *p, int p_len, unsigned char *q, int q_len, + unsigned char *g, int g_len, unsigned char *key, int key_len, + unsigned char *r, int r_len, unsigned char *s, int s_len, + unsigned char *v, int *v_len); + +typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command, + unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len, + unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len, + unsigned char *Result, int *Result_len); + +typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command, + unsigned char *Result, int *Result_len); + +typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len); diff --git a/src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h b/src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h new file mode 100644 index 0000000000..aaa4d4575e --- /dev/null +++ b/src/lib/libcrypto/engine/vendor_defns/hwcryptohook.h @@ -0,0 +1,486 @@ +/* + * ModExp / RSA (with/without KM) plugin API + * + * The application will load a dynamic library which + * exports entrypoint(s) defined in this file. + * + * This set of entrypoints provides only a multithreaded, + * synchronous-within-each-thread, facility. + * + * + * This file is Copyright 1998-2000 nCipher Corporation Limited. + * + * Redistribution and use in source and binary forms, with opr without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the copyright notice, + * this list of conditions, and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions, and the following + * disclaimer, in the documentation and/or other materials provided + * with the distribution + * + * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR + * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any + * damages arising directly or indirectly from this file, its use or + * this licence. Without prejudice to the generality of the + * foregoing: all liability shall be excluded for direct, indirect, + * special, incidental, consequential or other damages or any loss of + * profits, business, revenue goodwill or anticipated savings; + * liability shall be excluded even if nCipher or anyone else has been + * advised of the possibility of damage. In any event, if the + * exclusion of liability is not effective, the liability of nCipher + * or any author or distributor shall be limited to the lesser of the + * price paid and 1,000 pounds sterling. This licence only fails to + * exclude or limit liability for death or personal injury arising out + * of negligence, and only to the extent that such an exclusion or + * limitation is not effective. + * + * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL + * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not + * limited to, any implied warranties of merchantability, fitness for + * a particular purpose, satisfactory quality, and/or non-infringement + * of any third party rights. + * + * US Government use: This software and documentation is Commercial + * Computer Software and Computer Software Documentation, as defined in + * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in + * Noncommercial Computer Software and Noncommercial Computer Software + * Documentation." Use, duplication or disclosure by the Government is + * subject to the terms and conditions specified here. + * + * By using or distributing this file you will be accepting these + * terms and conditions, including the limitation of liability and + * lack of warranty. If you do not wish to accept these terms and + * conditions, DO NOT USE THE FILE. + * + * + * The actual dynamically loadable plugin, and the library files for + * static linking, which are also provided in some distributions, are + * not covered by the licence described above. You should have + * received a separate licence with terms and conditions for these + * library files; if you received the library files without a licence, + * please contact nCipher. + * + * + * $Id: hwcryptohook.h,v 1.1.1.1 2003/05/11 21:35:16 markus Exp $ + */ + +#ifndef HWCRYPTOHOOK_H +#define HWCRYPTOHOOK_H + +#include +#include + +#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES +#define HWCRYPTOHOOK_DECLARE_APPTYPES 1 +#endif + +#define HWCRYPTOHOOK_ERROR_FAILED -1 +#define HWCRYPTOHOOK_ERROR_FALLBACK -2 +#define HWCRYPTOHOOK_ERROR_MPISIZE -3 + +#if HWCRYPTOHOOK_DECLARE_APPTYPES + +/* These structs are defined by the application and opaque to the + * crypto plugin. The application may define these as it sees fit. + * Default declarations are provided here, but the application may + * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0 + * to prevent these declarations, and instead provide its own + * declarations of these types. (Pointers to them must still be + * ordinary pointers to structs or unions, or the resulting combined + * program will have a type inconsistency.) + */ +typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex; +typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar; +typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext; +typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext; + +#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */ + +/* These next two structs are opaque to the application. The crypto + * plugin will return pointers to them; the caller simply manipulates + * the pointers. + */ +typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle; +typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle; + +typedef struct { + char *buf; + size_t size; +} HWCryptoHook_ErrMsgBuf; +/* Used for error reporting. When a HWCryptoHook function fails it + * will return a sentinel value (0 for pointer-valued functions, or a + * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for + * integer-valued ones). It will, if an ErrMsgBuf is passed, also put + * an error message there. + * + * size is the size of the buffer, and will not be modified. If you + * pass 0 for size you must pass 0 for buf, and nothing will be + * recorded (just as if you passed 0 for the struct pointer). + * Messages written to the buffer will always be null-terminated, even + * when truncated to fit within size bytes. + * + * The contents of the buffer are not defined if there is no error. + */ + +typedef struct HWCryptoHook_MPIStruct { + unsigned char *buf; + size_t size; +} HWCryptoHook_MPI; +/* When one of these is returned, a pointer is passed to the function. + * At call, size is the space available. Afterwards it is updated to + * be set to the actual length (which may be more than the space available, + * if there was not enough room and the result was truncated). + * buf (the pointer) is not updated. + * + * size is in bytes and may be zero at call or return, but must be a + * multiple of the limb size. Zero limbs at the MS end are not + * permitted. + */ + +#define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL +#define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL +/* Enable requesting fallback to software in case of problems with the + * hardware support. This indicates to the crypto provider that the + * application is prepared to fall back to software operation if the + * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK. + * Without this flag those calls will never return + * HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto + * provider to avoid repeatedly attempting to contact dead hardware + * within a short interval, if appropriate. + */ + +#define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL +/* Without _SimpleForkCheck the library is allowed to assume that the + * application will not fork and call the library in the child(ren). + * + * When it is specified, this is allowed. However, after a fork + * neither parent nor child may unload any loaded keys or call + * _Finish. Instead, they should call exit (or die with a signal) + * without calling _Finish. After all the children have died the + * parent may unload keys or call _Finish. + * + * This flag only has any effect on UN*X platforms. + */ + +typedef struct { + unsigned long flags; + void *logstream; /* usually a FILE*. See below. */ + + size_t limbsize; /* bignum format - size of radix type, must be power of 2 */ + int mslimbfirst; /* 0 or 1 */ + int msbytefirst; /* 0 or 1; -1 = native */ + + /* All the callback functions should return 0 on success, or a + * nonzero integer (whose value will be visible in the error message + * put in the buffer passed to the call). + * + * If a callback is not available pass a null function pointer. + * + * The callbacks may not call down again into the crypto plugin. + */ + + /* For thread-safety. Set everything to 0 if you promise only to be + * singlethreaded. maxsimultaneous is the number of calls to + * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to + * put there then say 0 and the hook library will use a default. + * + * maxmutexes is a small limit on the number of simultaneous mutexes + * which will be requested by the library. If there is no small + * limit, set it to 0. If the crypto plugin cannot create the + * advertised number of mutexes the calls to its functions may fail. + * If a low number of mutexes is advertised the plugin will try to + * do the best it can. Making larger numbers of mutexes available + * may improve performance and parallelism by reducing contention + * over critical sections. Unavailability of any mutexes, implying + * single-threaded operation, should be indicated by the setting + * mutex_init et al to 0. + */ + int maxmutexes; + int maxsimultaneous; + size_t mutexsize; + int (*mutex_init)(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext *cactx); + int (*mutex_acquire)(HWCryptoHook_Mutex*); + void (*mutex_release)(HWCryptoHook_Mutex*); + void (*mutex_destroy)(HWCryptoHook_Mutex*); + + /* For greater efficiency, can use condition vars internally for + * synchronisation. In this case maxsimultaneous is ignored, but + * the other mutex stuff must be available. In singlethreaded + * programs, set everything to 0. + */ + size_t condvarsize; + int (*condvar_init)(HWCryptoHook_CondVar*, HWCryptoHook_CallerContext *cactx); + int (*condvar_wait)(HWCryptoHook_CondVar*, HWCryptoHook_Mutex*); + void (*condvar_signal)(HWCryptoHook_CondVar*); + void (*condvar_broadcast)(HWCryptoHook_CondVar*); + void (*condvar_destroy)(HWCryptoHook_CondVar*); + + /* The semantics of acquiring and releasing mutexes and broadcasting + * and waiting on condition variables are expected to be those from + * POSIX threads (pthreads). The mutexes may be (in pthread-speak) + * fast mutexes, recursive mutexes, or nonrecursive ones. + * + * The _release/_signal/_broadcast and _destroy functions must + * always succeed when given a valid argument; if they are given an + * invalid argument then the program (crypto plugin + application) + * has an internal error, and they should abort the program. + */ + + int (*getpassphrase)(const char *prompt_info, + int *len_io, char *buf, + HWCryptoHook_PassphraseContext *ppctx, + HWCryptoHook_CallerContext *cactx); + /* Passphrases and the prompt_info, if they contain high-bit-set + * characters, are UTF-8. The prompt_info may be a null pointer if + * no prompt information is available (it should not be an empty + * string). It will not contain text like `enter passphrase'; + * instead it might say something like `Operator Card for John + * Smith' or `SmartCard in nFast Module #1, Slot #1'. + * + * buf points to a buffer in which to return the passphrase; on + * entry *len_io is the length of the buffer. It should be updated + * by the callback. The returned passphrase should not be + * null-terminated by the callback. + */ + + int (*getphystoken)(const char *prompt_info, + const char *wrong_info, + HWCryptoHook_PassphraseContext *ppctx, + HWCryptoHook_CallerContext *cactx); + /* Requests that the human user physically insert a different + * smartcard, DataKey, etc. The plugin should check whether the + * currently inserted token(s) are appropriate, and if they are it + * should not make this call. + * + * prompt_info is as before. wrong_info is a description of the + * currently inserted token(s) so that the user is told what + * something is. wrong_info, like prompt_info, may be null, but + * should not be an empty string. Its contents should be + * syntactically similar to that of prompt_info. + */ + + /* Note that a single LoadKey operation might cause several calls to + * getpassphrase and/or requestphystoken. If requestphystoken is + * not provided (ie, a null pointer is passed) then the plugin may + * not support loading keys for which authorisation by several cards + * is required. If getpassphrase is not provided then cards with + * passphrases may not be supported. + * + * getpassphrase and getphystoken do not need to check that the + * passphrase has been entered correctly or the correct token + * inserted; the crypto plugin will do that. If this is not the + * case then the crypto plugin is responsible for calling these + * routines again as appropriate until the correct token(s) and + * passphrase(s) are supplied as required, or until any retry limits + * implemented by the crypto plugin are reached. + * + * In either case, the application must allow the user to say `no' + * or `cancel' to indicate that they do not know the passphrase or + * have the appropriate token; this should cause the callback to + * return nonzero indicating error. + */ + + void (*logmessage)(void *logstream, const char *message); + /* A log message will be generated at least every time something goes + * wrong and an ErrMsgBuf is filled in (or would be if one was + * provided). Other diagnostic information may be written there too, + * including more detailed reasons for errors which are reported in an + * ErrMsgBuf. + * + * When a log message is generated, this callback is called. It + * should write a message to the relevant logging arrangements. + * + * The message string passed will be null-terminated and may be of arbitrary + * length. It will not be prefixed by the time and date, nor by the + * name of the library that is generating it - if this is required, + * the logmessage callback must do it. The message will not have a + * trailing newline (though it may contain internal newlines). + * + * If a null pointer is passed for logmessage a default function is + * used. The default function treats logstream as a FILE* which has + * been converted to a void*. If logstream is 0 it does nothing. + * Otherwise it prepends the date and time and library name and + * writes the message to logstream. Each line will be prefixed by a + * descriptive string containing the date, time and identity of the + * crypto plugin. Errors on the logstream are not reported + * anywhere, and the default function doesn't flush the stream, so + * the application must set the buffering how it wants it. + * + * The crypto plugin may also provide a facility to have copies of + * log messages sent elsewhere, and or for adjusting the verbosity + * of the log messages; any such facilities will be configured by + * external means. + */ + +} HWCryptoHook_InitInfo; + +typedef +HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *initinfo, + size_t initinfosize, + const HWCryptoHook_ErrMsgBuf *errors, + HWCryptoHook_CallerContext *cactx); +extern HWCryptoHook_Init_t HWCryptoHook_Init; + +/* Caller should set initinfosize to the size of the HWCryptoHook struct, + * so it can be extended later. + * + * On success, a message for display or logging by the server, + * including the name and version number of the plugin, will be filled + * in into *errors; on failure *errors is used for error handling, as + * usual. + */ + +/* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED + * on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of + * the output MPI buffer(s) was too small; the sizes of all have been + * set to the desired size (and for those where the buffer was large + * enough, the value may have been copied in), and no error message + * has been recorded. + * + * You may pass 0 for the errors struct. In any case, unless you set + * _NoStderr at init time then messages may be reported to stderr. + */ + +/* The RSAImmed* functions (and key managed RSA) only work with + * modules which have an RSA patent licence - currently that means KM + * units; the ModExp* ones work with all modules, so you need a patent + * licence in the software in the US. They are otherwise identical. + */ + +typedef +void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx); +extern HWCryptoHook_Finish_t HWCryptoHook_Finish; +/* You must not have any calls going or keys loaded when you call this. */ + +typedef +int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx, + unsigned char *buf, size_t len, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes; + +typedef +int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx, + HWCryptoHook_MPI a, + HWCryptoHook_MPI p, + HWCryptoHook_MPI n, + HWCryptoHook_MPI *r, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp; + +typedef +int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx, + HWCryptoHook_MPI m, + HWCryptoHook_MPI e, + HWCryptoHook_MPI n, + HWCryptoHook_MPI *r, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub; + +typedef +int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx, + HWCryptoHook_MPI a, + HWCryptoHook_MPI p, + HWCryptoHook_MPI q, + HWCryptoHook_MPI dmp1, + HWCryptoHook_MPI dmq1, + HWCryptoHook_MPI iqmp, + HWCryptoHook_MPI *r, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT; + +typedef +int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx, + HWCryptoHook_MPI m, + HWCryptoHook_MPI p, + HWCryptoHook_MPI q, + HWCryptoHook_MPI dmp1, + HWCryptoHook_MPI dmq1, + HWCryptoHook_MPI iqmp, + HWCryptoHook_MPI *r, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv; + +/* The RSAImmed* and ModExp* functions may return E_FAILED or + * E_FALLBACK for failure. + * + * E_FAILED means the failure is permanent and definite and there + * should be no attempt to fall back to software. (Eg, for some + * applications, which support only the acceleration-only + * functions, the `key material' may actually be an encoded key + * identifier, and doing the operation in software would give wrong + * answers.) + * + * E_FALLBACK means that doing the computation in software would seem + * reasonable. If an application pays attention to this and is + * able to fall back, it should also set the Fallback init flags. + */ + +typedef +int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx, + const char *key_ident, + HWCryptoHook_RSAKeyHandle *keyhandle_r, + const HWCryptoHook_ErrMsgBuf *errors, + HWCryptoHook_PassphraseContext *ppctx); +extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey; +/* The key_ident is a null-terminated string configured by the + * user via the application's usual configuration mechanisms. + * It is provided to the user by the crypto provider's key management + * system. The user must be able to enter at least any string of between + * 1 and 1023 characters inclusive, consisting of printable 7-bit + * ASCII characters. The provider should avoid using + * any characters except alphanumerics and the punctuation + * characters _ - + . / @ ~ (the user is expected to be able + * to enter these without quoting). The string may be case-sensitive. + * The application may allow the user to enter other NULL-terminated strings, + * and the provider must cope (returning an error if the string is not + * valid). + * + * If the key does not exist, no error is recorded and 0 is returned; + * keyhandle_r will be set to 0 instead of to a key handle. + */ + +typedef +int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k, + HWCryptoHook_MPI *n, + HWCryptoHook_MPI *e, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey; +/* The crypto plugin will not store certificates. + * + * Although this function for acquiring the public key value is + * provided, it is not the purpose of this API to deal fully with the + * handling of the public key. + * + * It is expected that the crypto supplier's key generation program + * will provide general facilities for producing X.509 + * self-certificates and certificate requests in PEM format. These + * will be given to the user so that they can configure them in the + * application, send them to CAs, or whatever. + * + * In case this kind of certificate handling is not appropriate, the + * crypto supplier's key generation program should be able to be + * configured not to generate such a self-certificate or certificate + * request. Then the application will need to do all of this, and + * will need to store and handle the public key and certificates + * itself. + */ + +typedef +int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey; +/* Might fail due to locking problems, or other serious internal problems. */ + +typedef +int HWCryptoHook_RSA_t(HWCryptoHook_MPI m, + HWCryptoHook_RSAKeyHandle k, + HWCryptoHook_MPI *r, + const HWCryptoHook_ErrMsgBuf *errors); +extern HWCryptoHook_RSA_t HWCryptoHook_RSA; +/* RSA private key operation (sign or decrypt) - raw, unpadded. */ + +#endif /*HWCRYPTOHOOK_H*/ diff --git a/src/lib/libcrypto/engine/vendor_defns/sureware.h b/src/lib/libcrypto/engine/vendor_defns/sureware.h new file mode 100644 index 0000000000..1d3789219d --- /dev/null +++ b/src/lib/libcrypto/engine/vendor_defns/sureware.h @@ -0,0 +1,239 @@ +/* +* Written by Corinne Dive-Reclus(cdive@baltimore.com) +* +* Copyright@2001 Baltimore Technologies Ltd. +* * +* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND * +* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * +* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * +* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE * +* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * +* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * +* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * +* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * +* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * +* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * +* SUCH DAMAGE. * +* +* +*/ +#ifdef WIN32 +#define SW_EXPORT __declspec ( dllexport ) +#else +#define SW_EXPORT +#endif + +/* +* List of exposed SureWare errors +*/ +#define SUREWAREHOOK_ERROR_FAILED -1 +#define SUREWAREHOOK_ERROR_FALLBACK -2 +#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3 +#define SUREWAREHOOK_ERROR_DATA_SIZE -4 +#define SUREWAREHOOK_ERROR_INVALID_PAD -5 +/* +* -----------------WARNING----------------------------------- +* In all the following functions: +* msg is a string with at least 24 bytes free. +* A 24 bytes string will be concatenated to the existing content of msg. +*/ +/* +* SureWare Initialisation function +* in param threadsafe, if !=0, thread safe enabled +* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success +*/ +typedef int SureWareHook_Init_t(char*const msg,int threadsafe); +extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init; +/* +* SureWare Finish function +*/ +typedef void SureWareHook_Finish_t(); +extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish; +/* +* PRE_CONDITION: +* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE +*/ +/* +* SureWare RAND Bytes function +* In case of failure, the content of buf is unpredictable. +* return 1 if success +* SureWareHOOK_ERROR_FALLBACK if function not available in hardware +* SureWareHOOK_ERROR_FAILED if error while processing +* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure +* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf +* +* in/out param buf : a num bytes long buffer where random bytes will be put +* in param num : the number of bytes into buf +*/ +typedef int SureWareHook_Rand_Bytes_t(char*const msg,unsigned char *buf, int num); +extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes; + +/* +* SureWare RAND Seed function +* Adds some seed to the Hardware Random Number Generator +* return 1 if success +* SureWareHOOK_ERROR_FALLBACK if function not available in hardware +* SureWareHOOK_ERROR_FAILED if error while processing +* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure +* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf +* +* in param buf : the seed to add into the HRNG +* in param num : the number of bytes into buf +*/ +typedef int SureWareHook_Rand_Seed_t(char*const msg,const void *buf, int num); +extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed; + +/* +* SureWare Load Private Key function +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* No hardware is contact for this function. +* +* in param key_id :the name of the private protected key file without the extension + ".sws" +* out param hptr : a pointer to a buffer allocated by SureWare_Hook +* out param num: the effective key length in bytes +* out param keytype: 1 if RSA 2 if DSA +*/ +typedef int SureWareHook_Load_Privkey_t(char*const msg,const char *key_id,char **hptr,unsigned long *num,char *keytype); +extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey; + +/* +* SureWare Info Public Key function +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* No hardware is contact for this function. +* +* in param key_id :the name of the private protected key file without the extension + ".swp" +* out param hptr : a pointer to a buffer allocated by SureWare_Hook +* out param num: the effective key length in bytes +* out param keytype: 1 if RSA 2 if DSA +*/ +typedef int SureWareHook_Info_Pubkey_t(char*const msg,const char *key_id,unsigned long *num, + char *keytype); +extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey; + +/* +* SureWare Load Public Key function +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* No hardware is contact for this function. +* +* in param key_id :the name of the public protected key file without the extension + ".swp" +* in param num : the bytes size of n and e +* out param n: where to write modulus in bn format +* out param e: where to write exponent in bn format +*/ +typedef int SureWareHook_Load_Rsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num, + unsigned long *n, unsigned long *e); +extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey; + +/* +* SureWare Load DSA Public Key function +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* No hardware is contact for this function. +* +* in param key_id :the name of the public protected key file without the extension + ".swp" +* in param num : the bytes size of n and e +* out param pub: where to write pub key in bn format +* out param p: where to write prime in bn format +* out param q: where to write sunprime (length 20 bytes) in bn format +* out param g: where to write base in bn format +*/ +typedef int SureWareHook_Load_Dsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num, + unsigned long *pub, unsigned long *p,unsigned long*q, + unsigned long *g); +extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey; + +/* +* SureWare Free function +* Destroy the key into the hardware if destroy==1 +*/ +typedef void SureWareHook_Free_t(char *p,int destroy); +extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free; + +#define SUREWARE_PKCS1_PAD 1 +#define SUREWARE_ISO9796_PAD 2 +#define SUREWARE_NO_PAD 0 +/* +* SureWare RSA Private Decryption +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure +* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf +* +* in param flen : byte size of from and to +* in param from : encrypted data buffer, should be a not-null valid pointer +* out param tlen: byte size of decrypted data, if error, unexpected value +* out param to : decrypted data buffer, should be a not-null valid pointer +* in param prsa: a protected key pointer, should be a not-null valid pointer +* int padding: padding id as follow +* SUREWARE_PKCS1_PAD +* SUREWARE_NO_PAD +* +*/ +typedef int SureWareHook_Rsa_Priv_Dec_t(char*const msg,int flen,unsigned char *from, + int *tlen,unsigned char *to, + char *prsa,int padding); +extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec; +/* +* SureWare RSA Signature +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure +* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf +* +* in param flen : byte size of from and to +* in param from : encrypted data buffer, should be a not-null valid pointer +* out param tlen: byte size of decrypted data, if error, unexpected value +* out param to : decrypted data buffer, should be a not-null valid pointer +* in param prsa: a protected key pointer, should be a not-null valid pointer +* int padding: padding id as follow +* SUREWARE_PKCS1_PAD +* SUREWARE_ISO9796_PAD +* +*/ +typedef int SureWareHook_Rsa_Sign_t(char*const msg,int flen,unsigned char *from, + int *tlen,unsigned char *to, + char *prsa,int padding); +extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign; +/* +* SureWare DSA Signature +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure +* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf +* +* in param flen : byte size of from and to +* in param from : encrypted data buffer, should be a not-null valid pointer +* out param to : decrypted data buffer, should be a 40bytes valid pointer +* in param pdsa: a protected key pointer, should be a not-null valid pointer +* +*/ +typedef int SureWareHook_Dsa_Sign_t(char*const msg,int flen,const unsigned char *from, + unsigned long *r,unsigned long *s,char *pdsa); +extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign; + + +/* +* SureWare Mod Exp +* return 1 if success +* SureWareHOOK_ERROR_FAILED if error while processing +* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure +* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf +* +* mod and res are mlen bytes long. +* exp is elen bytes long +* data is dlen bytes long +* mlen,elen and dlen are all multiple of sizeof(unsigned long) +*/ +typedef int SureWareHook_Mod_Exp_t(char*const msg,int mlen,const unsigned long *mod, + int elen,const unsigned long *exp, + int dlen,unsigned long *data, + unsigned long *res); +extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp; + -- cgit v1.2.3-55-g6feb