]>
Commit | Line | Data |
---|---|---|
3a83462d MC |
1 | /*- |
2 | * Written by Corinne Dive-Reclus(cdive@baltimore.com) | |
0f113f3e | 3 | * |
5572f482 RL |
4 | * |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions | |
7 | * are met: | |
8 | * | |
9 | * 1. Redistributions of source code must retain the above copyright | |
0f113f3e | 10 | * notice, this list of conditions and the following disclaimer. |
5572f482 RL |
11 | * |
12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in | |
14 | * the documentation and/or other materials provided with the | |
15 | * distribution. | |
16 | * | |
17 | * 3. All advertising materials mentioning features or use of this | |
18 | * software must display the following acknowledgment: | |
19 | * "This product includes software developed by the OpenSSL Project | |
20 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
21 | * | |
22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
23 | * endorse or promote products derived from this software without | |
24 | * prior written permission. For written permission, please contact | |
25 | * licensing@OpenSSL.org. | |
26 | * | |
27 | * 5. Products derived from this software may not be called "OpenSSL" | |
28 | * nor may "OpenSSL" appear in their names without prior written | |
29 | * permission of the OpenSSL Project. | |
30 | * | |
31 | * 6. Redistributions of any form whatsoever must retain the following | |
32 | * acknowledgment: | |
33 | * "This product includes software developed by the OpenSSL Project | |
34 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
35 | * | |
36 | * Written by Corinne Dive-Reclus(cdive@baltimore.com) | |
37 | * | |
38 | * Copyright@2001 Baltimore Technologies Ltd. | |
39 | * All right Reserved. | |
b853717f MC |
40 | * * |
41 | * THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND * | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE * | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * | |
51 | * SUCH DAMAGE. * | |
5572f482 RL |
52 | ====================================================================*/ |
53 | ||
54 | #include <stdio.h> | |
5be1264b | 55 | #include <string.h> |
5572f482 RL |
56 | #include <openssl/crypto.h> |
57 | #include <openssl/pem.h> | |
58 | #include <openssl/dso.h> | |
5572f482 | 59 | #include <openssl/engine.h> |
3a87a9b9 | 60 | #include <openssl/rand.h> |
3eeaab4b | 61 | #ifndef OPENSSL_NO_RSA |
0f113f3e | 62 | # include <openssl/rsa.h> |
3eeaab4b NL |
63 | #endif |
64 | #ifndef OPENSSL_NO_DSA | |
0f113f3e | 65 | # include <openssl/dsa.h> |
3eeaab4b NL |
66 | #endif |
67 | #ifndef OPENSSL_NO_DH | |
0f113f3e | 68 | # include <openssl/dh.h> |
3eeaab4b | 69 | #endif |
f15390bd | 70 | #include <openssl/bn.h> |
5572f482 RL |
71 | |
72 | #ifndef OPENSSL_NO_HW | |
0f113f3e | 73 | # ifndef OPENSSL_NO_HW_SUREWARE |
5572f482 | 74 | |
0f113f3e MC |
75 | # ifdef FLAT_INC |
76 | # include "sureware.h" | |
77 | # else | |
78 | # include "vendor_defns/sureware.h" | |
79 | # endif | |
5572f482 | 80 | |
0f113f3e MC |
81 | # define SUREWARE_LIB_NAME "sureware engine" |
82 | # include "e_sureware_err.c" | |
5572f482 | 83 | |
0f113f3e MC |
84 | static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, |
85 | void (*f) (void)); | |
5572f482 RL |
86 | static int surewarehk_destroy(ENGINE *e); |
87 | static int surewarehk_init(ENGINE *e); | |
88 | static int surewarehk_finish(ENGINE *e); | |
89 | static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |
0f113f3e | 90 | const BIGNUM *m, BN_CTX *ctx); |
5572f482 RL |
91 | |
92 | /* RSA stuff */ | |
0f113f3e MC |
93 | # ifndef OPENSSL_NO_RSA |
94 | static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from, | |
95 | unsigned char *to, RSA *rsa, int padding); | |
96 | static int surewarehk_rsa_sign(int flen, const unsigned char *from, | |
97 | unsigned char *to, RSA *rsa, int padding); | |
98 | # endif | |
5572f482 RL |
99 | |
100 | /* RAND stuff */ | |
6343829a | 101 | static int surewarehk_rand_bytes(unsigned char *buf, int num); |
a0b3e0de DSH |
102 | static int surewarehk_rand_seed(const void *buf, int num); |
103 | static int surewarehk_rand_add(const void *buf, int num, double entropy); | |
5572f482 RL |
104 | |
105 | /* KM stuff */ | |
106 | static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, | |
0f113f3e MC |
107 | UI_METHOD *ui_method, |
108 | void *callback_data); | |
5572f482 | 109 | static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, |
0f113f3e MC |
110 | UI_METHOD *ui_method, |
111 | void *callback_data); | |
5572f482 | 112 | static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, |
0f113f3e | 113 | int idx, long argl, void *argp); |
5572f482 | 114 | |
0f113f3e | 115 | # ifndef OPENSSL_NO_RSA |
5572f482 | 116 | /* This function is aliased to mod_exp (with the mont stuff dropped). */ |
0f113f3e MC |
117 | static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, |
118 | const BIGNUM *p, const BIGNUM *m, | |
119 | BN_CTX *ctx, BN_MONT_CTX *m_ctx) | |
5572f482 | 120 | { |
0f113f3e | 121 | return surewarehk_modexp(r, a, p, m, ctx); |
5572f482 RL |
122 | } |
123 | ||
124 | /* Our internal RSA_METHOD that we provide pointers to */ | |
0f113f3e MC |
125 | static RSA_METHOD surewarehk_rsa = { |
126 | "SureWare RSA method", | |
127 | NULL, /* pub_enc */ | |
128 | NULL, /* pub_dec */ | |
129 | surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc */ | |
130 | surewarehk_rsa_priv_dec, /* priv_dec */ | |
131 | NULL, /* mod_exp */ | |
132 | surewarehk_mod_exp_mont, /* mod_exp_mongomery */ | |
133 | NULL, /* init */ | |
134 | NULL, /* finish */ | |
135 | 0, /* RSA flag */ | |
136 | NULL, | |
137 | NULL, /* OpenSSL sign */ | |
138 | NULL, /* OpenSSL verify */ | |
139 | NULL /* keygen */ | |
140 | }; | |
141 | # endif | |
5572f482 | 142 | |
0f113f3e | 143 | # ifndef OPENSSL_NO_DH |
5572f482 RL |
144 | /* Our internal DH_METHOD that we provide pointers to */ |
145 | /* This function is aliased to mod_exp (with the dh and mont dropped). */ | |
146 | static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | |
0f113f3e MC |
147 | const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, |
148 | BN_MONT_CTX *m_ctx) | |
5572f482 | 149 | { |
0f113f3e | 150 | return surewarehk_modexp(r, a, p, m, ctx); |
5572f482 RL |
151 | } |
152 | ||
0f113f3e MC |
153 | static DH_METHOD surewarehk_dh = { |
154 | "SureWare DH method", | |
155 | NULL, /* gen_key */ | |
156 | NULL, /* agree, */ | |
157 | surewarehk_modexp_dh, /* dh mod exp */ | |
158 | NULL, /* init */ | |
159 | NULL, /* finish */ | |
160 | 0, /* flags */ | |
161 | NULL, | |
162 | NULL | |
163 | }; | |
164 | # endif | |
5572f482 | 165 | |
0f113f3e MC |
166 | static RAND_METHOD surewarehk_rand = { |
167 | /* "SureWare RAND method", */ | |
168 | surewarehk_rand_seed, | |
169 | surewarehk_rand_bytes, | |
170 | NULL, /* cleanup */ | |
171 | surewarehk_rand_add, | |
172 | surewarehk_rand_bytes, | |
173 | NULL, /* rand_status */ | |
174 | }; | |
5572f482 | 175 | |
0f113f3e | 176 | # ifndef OPENSSL_NO_DSA |
5572f482 | 177 | /* DSA stuff */ |
0f113f3e MC |
178 | static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen, |
179 | DSA *dsa); | |
5572f482 | 180 | static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, |
0f113f3e MC |
181 | BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, |
182 | BIGNUM *m, BN_CTX *ctx, | |
183 | BN_MONT_CTX *in_mont) | |
5572f482 | 184 | { |
0f113f3e MC |
185 | BIGNUM t; |
186 | int to_return = 0; | |
187 | BN_init(&t); | |
188 | /* let rr = a1 ^ p1 mod m */ | |
189 | if (!surewarehk_modexp(rr, a1, p1, m, ctx)) | |
190 | goto end; | |
191 | /* let t = a2 ^ p2 mod m */ | |
192 | if (!surewarehk_modexp(&t, a2, p2, m, ctx)) | |
193 | goto end; | |
194 | /* let rr = rr * t mod m */ | |
195 | if (!BN_mod_mul(rr, rr, &t, m, ctx)) | |
196 | goto end; | |
197 | to_return = 1; | |
198 | end: | |
199 | BN_free(&t); | |
200 | return to_return; | |
5572f482 RL |
201 | } |
202 | ||
0f113f3e MC |
203 | static DSA_METHOD surewarehk_dsa = { |
204 | "SureWare DSA method", | |
205 | surewarehk_dsa_do_sign, | |
206 | NULL, /* sign setup */ | |
207 | NULL, /* verify, */ | |
208 | surewarehk_dsa_mod_exp, /* mod exp */ | |
209 | NULL, /* bn mod exp */ | |
210 | NULL, /* init */ | |
211 | NULL, /* finish */ | |
212 | 0, | |
213 | NULL, | |
214 | NULL, | |
215 | NULL | |
216 | }; | |
217 | # endif | |
5572f482 RL |
218 | |
219 | static const char *engine_sureware_id = "sureware"; | |
220 | static const char *engine_sureware_name = "SureWare hardware engine support"; | |
221 | ||
222 | /* Now, to our own code */ | |
223 | ||
0f113f3e MC |
224 | /* |
225 | * As this is only ever called once, there's no need for locking (indeed - | |
226 | * the lock will already be held by our caller!!!) | |
227 | */ | |
5572f482 RL |
228 | static int bind_sureware(ENGINE *e) |
229 | { | |
0f113f3e MC |
230 | # ifndef OPENSSL_NO_RSA |
231 | const RSA_METHOD *meth1; | |
232 | # endif | |
233 | # ifndef OPENSSL_NO_DSA | |
234 | const DSA_METHOD *meth2; | |
235 | # endif | |
236 | # ifndef OPENSSL_NO_DH | |
237 | const DH_METHOD *meth3; | |
238 | # endif | |
5572f482 | 239 | |
0f113f3e MC |
240 | if (!ENGINE_set_id(e, engine_sureware_id) || |
241 | !ENGINE_set_name(e, engine_sureware_name) || | |
242 | # ifndef OPENSSL_NO_RSA | |
243 | !ENGINE_set_RSA(e, &surewarehk_rsa) || | |
244 | # endif | |
245 | # ifndef OPENSSL_NO_DSA | |
246 | !ENGINE_set_DSA(e, &surewarehk_dsa) || | |
247 | # endif | |
248 | # ifndef OPENSSL_NO_DH | |
249 | !ENGINE_set_DH(e, &surewarehk_dh) || | |
250 | # endif | |
251 | !ENGINE_set_RAND(e, &surewarehk_rand) || | |
252 | !ENGINE_set_destroy_function(e, surewarehk_destroy) || | |
253 | !ENGINE_set_init_function(e, surewarehk_init) || | |
254 | !ENGINE_set_finish_function(e, surewarehk_finish) || | |
255 | !ENGINE_set_ctrl_function(e, surewarehk_ctrl) || | |
256 | !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) || | |
257 | !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey)) | |
258 | return 0; | |
5572f482 | 259 | |
0f113f3e MC |
260 | # ifndef OPENSSL_NO_RSA |
261 | /* | |
262 | * We know that the "PKCS1_SSLeay()" functions hook properly to the | |
263 | * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB: | |
264 | * We don't use ENGINE_openssl() or anything "more generic" because | |
265 | * something like the RSAref code may not hook properly, and if you own | |
266 | * one of these cards then you have the right to do RSA operations on it | |
267 | * anyway! | |
268 | */ | |
269 | meth1 = RSA_PKCS1_SSLeay(); | |
270 | if (meth1) { | |
271 | surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; | |
272 | surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; | |
273 | } | |
274 | # endif | |
5572f482 | 275 | |
0f113f3e MC |
276 | # ifndef OPENSSL_NO_DSA |
277 | /* | |
278 | * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits. | |
279 | */ | |
280 | meth2 = DSA_OpenSSL(); | |
281 | if (meth2) { | |
282 | surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify; | |
283 | } | |
284 | # endif | |
5572f482 | 285 | |
0f113f3e MC |
286 | # ifndef OPENSSL_NO_DH |
287 | /* Much the same for Diffie-Hellman */ | |
288 | meth3 = DH_OpenSSL(); | |
289 | if (meth3) { | |
290 | surewarehk_dh.generate_key = meth3->generate_key; | |
291 | surewarehk_dh.compute_key = meth3->compute_key; | |
292 | } | |
293 | # endif | |
5572f482 | 294 | |
0f113f3e MC |
295 | /* Ensure the sureware error handling is set up */ |
296 | ERR_load_SUREWARE_strings(); | |
297 | return 1; | |
5572f482 RL |
298 | } |
299 | ||
0f113f3e | 300 | # ifndef OPENSSL_NO_DYNAMIC_ENGINE |
5572f482 | 301 | static int bind_helper(ENGINE *e, const char *id) |
0f113f3e MC |
302 | { |
303 | if (id && (strcmp(id, engine_sureware_id) != 0)) | |
304 | return 0; | |
305 | if (!bind_sureware(e)) | |
306 | return 0; | |
307 | return 1; | |
308 | } | |
309 | ||
5572f482 | 310 | IMPLEMENT_DYNAMIC_CHECK_FN() |
0f113f3e MC |
311 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) |
312 | # else | |
5572f482 | 313 | static ENGINE *engine_sureware(void) |
0f113f3e MC |
314 | { |
315 | ENGINE *ret = ENGINE_new(); | |
316 | if (!ret) | |
317 | return NULL; | |
318 | if (!bind_sureware(ret)) { | |
319 | ENGINE_free(ret); | |
320 | return NULL; | |
321 | } | |
322 | return ret; | |
323 | } | |
5572f482 RL |
324 | |
325 | void ENGINE_load_sureware(void) | |
0f113f3e MC |
326 | { |
327 | /* Copied from eng_[openssl|dyn].c */ | |
328 | ENGINE *toadd = engine_sureware(); | |
329 | if (!toadd) | |
330 | return; | |
331 | ENGINE_add(toadd); | |
332 | ENGINE_free(toadd); | |
333 | ERR_clear_error(); | |
334 | } | |
335 | # endif | |
5572f482 | 336 | |
0f113f3e MC |
337 | /* |
338 | * This is a process-global DSO handle used for loading and unloading the | |
339 | * SureWareHook library. NB: This is only set (or unset) during an init() or | |
340 | * finish() call (reference counts permitting) and they're operating with | |
341 | * global locks, so this should be thread-safe implicitly. | |
342 | */ | |
5572f482 | 343 | static DSO *surewarehk_dso = NULL; |
0f113f3e | 344 | # ifndef OPENSSL_NO_RSA |
68d39f3c MC |
345 | /* Index for KM handle. Not really used yet. */ |
346 | static int rsaHndidx = -1; | |
0f113f3e MC |
347 | # endif |
348 | # ifndef OPENSSL_NO_DSA | |
68d39f3c MC |
349 | /* Index for KM handle. Not really used yet. */ |
350 | static int dsaHndidx = -1; | |
0f113f3e | 351 | # endif |
5572f482 | 352 | |
0f113f3e MC |
353 | /* |
354 | * These are the function pointers that are (un)set when the library has | |
355 | * successfully (un)loaded. | |
356 | */ | |
5572f482 RL |
357 | static SureWareHook_Init_t *p_surewarehk_Init = NULL; |
358 | static SureWareHook_Finish_t *p_surewarehk_Finish = NULL; | |
359 | static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL; | |
360 | static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL; | |
361 | static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL; | |
362 | static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL; | |
363 | static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL; | |
364 | static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL; | |
0f113f3e MC |
365 | static SureWareHook_Free_t *p_surewarehk_Free = NULL; |
366 | static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec = NULL; | |
367 | static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign = NULL; | |
368 | static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign = NULL; | |
369 | static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp = NULL; | |
5572f482 RL |
370 | |
371 | /* Used in the DSO operations. */ | |
372 | static const char *surewarehk_LIBNAME = "SureWareHook"; | |
373 | static const char *n_surewarehk_Init = "SureWareHook_Init"; | |
374 | static const char *n_surewarehk_Finish = "SureWareHook_Finish"; | |
0f113f3e MC |
375 | static const char *n_surewarehk_Rand_Bytes = "SureWareHook_Rand_Bytes"; |
376 | static const char *n_surewarehk_Rand_Seed = "SureWareHook_Rand_Seed"; | |
377 | static const char *n_surewarehk_Load_Privkey = "SureWareHook_Load_Privkey"; | |
378 | static const char *n_surewarehk_Info_Pubkey = "SureWareHook_Info_Pubkey"; | |
379 | static const char *n_surewarehk_Load_Rsa_Pubkey = | |
380 | "SureWareHook_Load_Rsa_Pubkey"; | |
381 | static const char *n_surewarehk_Load_Dsa_Pubkey = | |
382 | "SureWareHook_Load_Dsa_Pubkey"; | |
383 | static const char *n_surewarehk_Free = "SureWareHook_Free"; | |
384 | static const char *n_surewarehk_Rsa_Priv_Dec = "SureWareHook_Rsa_Priv_Dec"; | |
385 | static const char *n_surewarehk_Rsa_Sign = "SureWareHook_Rsa_Sign"; | |
386 | static const char *n_surewarehk_Dsa_Sign = "SureWareHook_Dsa_Sign"; | |
387 | static const char *n_surewarehk_Mod_Exp = "SureWareHook_Mod_Exp"; | |
5572f482 RL |
388 | static BIO *logstream = NULL; |
389 | ||
0f113f3e MC |
390 | /* |
391 | * SureWareHook library functions and mechanics - these are used by the | |
392 | * higher-level functions further down. NB: As and where there's no error | |
393 | * checking, take a look lower down where these functions are called, the | |
394 | * checking and error handling is probably down there. | |
395 | */ | |
396 | static int threadsafe = 1; | |
397 | static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, | |
398 | void (*f) (void)) | |
5572f482 | 399 | { |
0f113f3e | 400 | int to_return = 1; |
5572f482 | 401 | |
0f113f3e MC |
402 | switch (cmd) { |
403 | case ENGINE_CTRL_SET_LOGSTREAM: | |
404 | { | |
405 | BIO *bio = (BIO *)p; | |
406 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | |
407 | if (logstream) { | |
408 | BIO_free(logstream); | |
409 | logstream = NULL; | |
410 | } | |
411 | if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1) | |
412 | logstream = bio; | |
413 | else | |
414 | SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL, | |
415 | SUREWARE_R_BIO_WAS_FREED); | |
416 | } | |
417 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | |
418 | break; | |
419 | /* | |
420 | * This will prevent the initialisation function from "installing" | |
421 | * the mutex-handling callbacks, even if they are available from | |
422 | * within the library (or were provided to the library from the | |
423 | * calling application). This is to remove any baggage for | |
424 | * applications not using multithreading. | |
425 | */ | |
426 | case ENGINE_CTRL_CHIL_NO_LOCKING: | |
427 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | |
428 | threadsafe = 0; | |
429 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | |
430 | break; | |
5572f482 | 431 | |
0f113f3e MC |
432 | /* The command isn't understood by this engine */ |
433 | default: | |
434 | SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL, | |
435 | ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); | |
436 | to_return = 0; | |
437 | break; | |
438 | } | |
5572f482 | 439 | |
0f113f3e | 440 | return to_return; |
5572f482 RL |
441 | } |
442 | ||
443 | /* Destructor (complements the "ENGINE_surewarehk()" constructor) */ | |
444 | static int surewarehk_destroy(ENGINE *e) | |
445 | { | |
0f113f3e MC |
446 | ERR_unload_SUREWARE_strings(); |
447 | return 1; | |
5572f482 RL |
448 | } |
449 | ||
450 | /* (de)initialisation functions. */ | |
451 | static int surewarehk_init(ENGINE *e) | |
452 | { | |
0f113f3e MC |
453 | char msg[64] = "ENGINE_init"; |
454 | SureWareHook_Init_t *p1 = NULL; | |
455 | SureWareHook_Finish_t *p2 = NULL; | |
456 | SureWareHook_Rand_Bytes_t *p3 = NULL; | |
457 | SureWareHook_Rand_Seed_t *p4 = NULL; | |
458 | SureWareHook_Load_Privkey_t *p5 = NULL; | |
459 | SureWareHook_Load_Rsa_Pubkey_t *p6 = NULL; | |
460 | SureWareHook_Free_t *p7 = NULL; | |
461 | SureWareHook_Rsa_Priv_Dec_t *p8 = NULL; | |
462 | SureWareHook_Rsa_Sign_t *p9 = NULL; | |
463 | SureWareHook_Dsa_Sign_t *p12 = NULL; | |
464 | SureWareHook_Info_Pubkey_t *p13 = NULL; | |
465 | SureWareHook_Load_Dsa_Pubkey_t *p14 = NULL; | |
466 | SureWareHook_Mod_Exp_t *p15 = NULL; | |
5572f482 | 467 | |
0f113f3e MC |
468 | if (surewarehk_dso != NULL) { |
469 | SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_ALREADY_LOADED); | |
470 | goto err; | |
471 | } | |
472 | /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */ | |
473 | surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0); | |
474 | if (surewarehk_dso == NULL) { | |
475 | SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE); | |
476 | goto err; | |
477 | } | |
478 | if (! | |
479 | (p1 = | |
480 | (SureWareHook_Init_t *) DSO_bind_func(surewarehk_dso, | |
481 | n_surewarehk_Init)) | |
482 | || !(p2 = | |
483 | (SureWareHook_Finish_t *) DSO_bind_func(surewarehk_dso, | |
484 | n_surewarehk_Finish)) | |
485 | || !(p3 = | |
486 | (SureWareHook_Rand_Bytes_t *) DSO_bind_func(surewarehk_dso, | |
487 | n_surewarehk_Rand_Bytes)) | |
488 | || !(p4 = | |
489 | (SureWareHook_Rand_Seed_t *) DSO_bind_func(surewarehk_dso, | |
490 | n_surewarehk_Rand_Seed)) | |
491 | || !(p5 = | |
492 | (SureWareHook_Load_Privkey_t *) DSO_bind_func(surewarehk_dso, | |
493 | n_surewarehk_Load_Privkey)) | |
494 | || !(p6 = | |
495 | (SureWareHook_Load_Rsa_Pubkey_t *) DSO_bind_func(surewarehk_dso, | |
496 | n_surewarehk_Load_Rsa_Pubkey)) | |
497 | || !(p7 = | |
498 | (SureWareHook_Free_t *) DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) | |
499 | || !(p8 = | |
500 | (SureWareHook_Rsa_Priv_Dec_t *) DSO_bind_func(surewarehk_dso, | |
501 | n_surewarehk_Rsa_Priv_Dec)) | |
502 | || !(p9 = | |
503 | (SureWareHook_Rsa_Sign_t *) DSO_bind_func(surewarehk_dso, | |
504 | n_surewarehk_Rsa_Sign)) | |
505 | || !(p12 = | |
506 | (SureWareHook_Dsa_Sign_t *) DSO_bind_func(surewarehk_dso, | |
507 | n_surewarehk_Dsa_Sign)) | |
508 | || !(p13 = | |
509 | (SureWareHook_Info_Pubkey_t *) DSO_bind_func(surewarehk_dso, | |
510 | n_surewarehk_Info_Pubkey)) | |
511 | || !(p14 = | |
512 | (SureWareHook_Load_Dsa_Pubkey_t *) DSO_bind_func(surewarehk_dso, | |
513 | n_surewarehk_Load_Dsa_Pubkey)) | |
514 | || !(p15 = | |
515 | (SureWareHook_Mod_Exp_t *) DSO_bind_func(surewarehk_dso, | |
516 | n_surewarehk_Mod_Exp))) { | |
517 | SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE); | |
518 | goto err; | |
519 | } | |
520 | /* Copy the pointers */ | |
521 | p_surewarehk_Init = p1; | |
522 | p_surewarehk_Finish = p2; | |
523 | p_surewarehk_Rand_Bytes = p3; | |
524 | p_surewarehk_Rand_Seed = p4; | |
525 | p_surewarehk_Load_Privkey = p5; | |
526 | p_surewarehk_Load_Rsa_Pubkey = p6; | |
527 | p_surewarehk_Free = p7; | |
528 | p_surewarehk_Rsa_Priv_Dec = p8; | |
529 | p_surewarehk_Rsa_Sign = p9; | |
530 | p_surewarehk_Dsa_Sign = p12; | |
531 | p_surewarehk_Info_Pubkey = p13; | |
532 | p_surewarehk_Load_Dsa_Pubkey = p14; | |
533 | p_surewarehk_Mod_Exp = p15; | |
534 | /* Contact the hardware and initialises it. */ | |
535 | if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) { | |
536 | SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE); | |
537 | goto err; | |
538 | } | |
539 | if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) { | |
540 | SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE); | |
541 | goto err; | |
542 | } | |
543 | /* | |
544 | * try to load the default private key, if failed does not return a | |
545 | * failure but wait for an explicit ENGINE_load_privakey | |
546 | */ | |
547 | surewarehk_load_privkey(e, NULL, NULL, NULL); | |
5572f482 | 548 | |
0f113f3e MC |
549 | /* Everything's fine. */ |
550 | # ifndef OPENSSL_NO_RSA | |
551 | if (rsaHndidx == -1) | |
552 | rsaHndidx = RSA_get_ex_new_index(0, | |
553 | "SureWareHook RSA key handle", | |
554 | NULL, NULL, surewarehk_ex_free); | |
555 | # endif | |
556 | # ifndef OPENSSL_NO_DSA | |
557 | if (dsaHndidx == -1) | |
558 | dsaHndidx = DSA_get_ex_new_index(0, | |
559 | "SureWareHook DSA key handle", | |
560 | NULL, NULL, surewarehk_ex_free); | |
561 | # endif | |
5572f482 | 562 | |
0f113f3e MC |
563 | return 1; |
564 | err: | |
565 | if (surewarehk_dso) | |
566 | DSO_free(surewarehk_dso); | |
567 | surewarehk_dso = NULL; | |
568 | p_surewarehk_Init = NULL; | |
569 | p_surewarehk_Finish = NULL; | |
570 | p_surewarehk_Rand_Bytes = NULL; | |
571 | p_surewarehk_Rand_Seed = NULL; | |
572 | p_surewarehk_Load_Privkey = NULL; | |
573 | p_surewarehk_Load_Rsa_Pubkey = NULL; | |
574 | p_surewarehk_Free = NULL; | |
575 | p_surewarehk_Rsa_Priv_Dec = NULL; | |
576 | p_surewarehk_Rsa_Sign = NULL; | |
577 | p_surewarehk_Dsa_Sign = NULL; | |
578 | p_surewarehk_Info_Pubkey = NULL; | |
579 | p_surewarehk_Load_Dsa_Pubkey = NULL; | |
580 | p_surewarehk_Mod_Exp = NULL; | |
581 | return 0; | |
5572f482 RL |
582 | } |
583 | ||
584 | static int surewarehk_finish(ENGINE *e) | |
585 | { | |
0f113f3e MC |
586 | int to_return = 1; |
587 | if (surewarehk_dso == NULL) { | |
588 | SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_NOT_LOADED); | |
589 | to_return = 0; | |
590 | goto err; | |
591 | } | |
592 | p_surewarehk_Finish(); | |
593 | if (!DSO_free(surewarehk_dso)) { | |
594 | SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_DSO_FAILURE); | |
595 | to_return = 0; | |
596 | goto err; | |
597 | } | |
5572f482 | 598 | err: |
0f113f3e MC |
599 | if (logstream) |
600 | BIO_free(logstream); | |
601 | surewarehk_dso = NULL; | |
602 | p_surewarehk_Init = NULL; | |
603 | p_surewarehk_Finish = NULL; | |
604 | p_surewarehk_Rand_Bytes = NULL; | |
605 | p_surewarehk_Rand_Seed = NULL; | |
606 | p_surewarehk_Load_Privkey = NULL; | |
607 | p_surewarehk_Load_Rsa_Pubkey = NULL; | |
608 | p_surewarehk_Free = NULL; | |
609 | p_surewarehk_Rsa_Priv_Dec = NULL; | |
610 | p_surewarehk_Rsa_Sign = NULL; | |
611 | p_surewarehk_Dsa_Sign = NULL; | |
612 | p_surewarehk_Info_Pubkey = NULL; | |
613 | p_surewarehk_Load_Dsa_Pubkey = NULL; | |
614 | p_surewarehk_Mod_Exp = NULL; | |
615 | return to_return; | |
5572f482 RL |
616 | } |
617 | ||
0f113f3e | 618 | static void surewarehk_error_handling(char *const msg, int func, int ret) |
5572f482 | 619 | { |
0f113f3e MC |
620 | switch (ret) { |
621 | case SUREWAREHOOK_ERROR_UNIT_FAILURE: | |
622 | ENGINEerr(func, SUREWARE_R_UNIT_FAILURE); | |
623 | break; | |
624 | case SUREWAREHOOK_ERROR_FALLBACK: | |
625 | ENGINEerr(func, SUREWARE_R_REQUEST_FALLBACK); | |
626 | break; | |
627 | case SUREWAREHOOK_ERROR_DATA_SIZE: | |
628 | ENGINEerr(func, SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL); | |
629 | break; | |
630 | case SUREWAREHOOK_ERROR_INVALID_PAD: | |
631 | ENGINEerr(func, SUREWARE_R_PADDING_CHECK_FAILED); | |
632 | break; | |
633 | default: | |
634 | ENGINEerr(func, SUREWARE_R_REQUEST_FAILED); | |
635 | break; | |
636 | case 1: /* nothing */ | |
637 | msg[0] = '\0'; | |
638 | } | |
639 | if (*msg) { | |
640 | ERR_add_error_data(1, msg); | |
641 | if (logstream) { | |
642 | CRYPTO_w_lock(CRYPTO_LOCK_BIO); | |
643 | BIO_write(logstream, msg, strlen(msg)); | |
644 | CRYPTO_w_unlock(CRYPTO_LOCK_BIO); | |
645 | } | |
646 | } | |
5572f482 RL |
647 | } |
648 | ||
6343829a | 649 | static int surewarehk_rand_bytes(unsigned char *buf, int num) |
5572f482 | 650 | { |
0f113f3e MC |
651 | int ret = 0; |
652 | char msg[64] = "ENGINE_rand_bytes"; | |
653 | if (!p_surewarehk_Rand_Bytes) { | |
654 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES, | |
655 | ENGINE_R_NOT_INITIALISED); | |
656 | } else { | |
657 | ret = p_surewarehk_Rand_Bytes(msg, buf, num); | |
658 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_BYTES, ret); | |
659 | } | |
660 | return ret == 1 ? 1 : 0; | |
5572f482 RL |
661 | } |
662 | ||
a0b3e0de | 663 | static int surewarehk_rand_seed(const void *buf, int num) |
5572f482 | 664 | { |
0f113f3e MC |
665 | int ret = 0; |
666 | char msg[64] = "ENGINE_rand_seed"; | |
667 | if (!p_surewarehk_Rand_Seed) { | |
668 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED, | |
669 | ENGINE_R_NOT_INITIALISED); | |
670 | return 0; | |
671 | } else { | |
672 | ret = p_surewarehk_Rand_Seed(msg, buf, num); | |
673 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_SEED, ret); | |
674 | if (ret == 1) | |
675 | return 1; | |
676 | else | |
677 | return 0; | |
678 | } | |
5572f482 RL |
679 | } |
680 | ||
a0b3e0de | 681 | static int surewarehk_rand_add(const void *buf, int num, double entropy) |
5572f482 | 682 | { |
0f113f3e | 683 | return surewarehk_rand_seed(buf, num); |
5572f482 RL |
684 | } |
685 | ||
0f113f3e MC |
686 | static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id, |
687 | char *hptr, unsigned long el, | |
688 | char keytype) | |
5572f482 | 689 | { |
0f113f3e MC |
690 | EVP_PKEY *res = NULL; |
691 | # ifndef OPENSSL_NO_RSA | |
692 | RSA *rsatmp = NULL; | |
693 | # endif | |
694 | # ifndef OPENSSL_NO_DSA | |
695 | DSA *dsatmp = NULL; | |
696 | # endif | |
697 | char msg[64] = "sureware_load_public"; | |
698 | int ret = 0; | |
699 | if (!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) { | |
700 | SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, | |
701 | ENGINE_R_NOT_INITIALISED); | |
702 | goto err; | |
703 | } | |
704 | switch (keytype) { | |
705 | # ifndef OPENSSL_NO_RSA | |
706 | case 1: | |
707 | /*RSA*/ | |
708 | /* set private external reference */ | |
709 | rsatmp = RSA_new_method(e); | |
710 | RSA_set_ex_data(rsatmp, rsaHndidx, hptr); | |
711 | rsatmp->flags |= RSA_FLAG_EXT_PKEY; | |
5572f482 | 712 | |
0f113f3e MC |
713 | /* set public big nums */ |
714 | rsatmp->e = BN_new(); | |
715 | rsatmp->n = BN_new(); | |
716 | bn_expand2(rsatmp->e, el / sizeof(BN_ULONG)); | |
717 | bn_expand2(rsatmp->n, el / sizeof(BN_ULONG)); | |
718 | if (!rsatmp->e || rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) || | |
719 | !rsatmp->n || rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG))) | |
720 | goto err; | |
721 | ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el, | |
722 | (unsigned long *)rsatmp->n->d, | |
723 | (unsigned long *)rsatmp->e->d); | |
724 | surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret); | |
725 | if (ret != 1) { | |
726 | SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, | |
727 | ENGINE_R_FAILED_LOADING_PUBLIC_KEY); | |
728 | goto err; | |
729 | } | |
730 | /* normalise pub e and pub n */ | |
731 | rsatmp->e->top = el / sizeof(BN_ULONG); | |
732 | bn_fix_top(rsatmp->e); | |
733 | rsatmp->n->top = el / sizeof(BN_ULONG); | |
734 | bn_fix_top(rsatmp->n); | |
735 | /* create an EVP object: engine + rsa key */ | |
736 | res = EVP_PKEY_new(); | |
737 | EVP_PKEY_assign_RSA(res, rsatmp); | |
738 | break; | |
739 | # endif | |
5572f482 | 740 | |
0f113f3e MC |
741 | # ifndef OPENSSL_NO_DSA |
742 | case 2: | |
743 | /*DSA*/ | |
744 | /* set private/public external reference */ | |
745 | dsatmp = DSA_new_method(e); | |
746 | DSA_set_ex_data(dsatmp, dsaHndidx, hptr); | |
747 | /* | |
748 | * dsatmp->flags |= DSA_FLAG_EXT_PKEY; | |
749 | */ | |
5572f482 | 750 | |
0f113f3e MC |
751 | /* set public key */ |
752 | dsatmp->pub_key = BN_new(); | |
753 | dsatmp->p = BN_new(); | |
754 | dsatmp->q = BN_new(); | |
755 | dsatmp->g = BN_new(); | |
756 | bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG)); | |
757 | bn_expand2(dsatmp->p, el / sizeof(BN_ULONG)); | |
758 | bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG)); | |
759 | bn_expand2(dsatmp->g, el / sizeof(BN_ULONG)); | |
760 | if (!dsatmp->pub_key | |
761 | || dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG)) | |
762 | || !dsatmp->p || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG)) | |
763 | || !dsatmp->q || dsatmp->q->dmax != 20 / sizeof(BN_ULONG) | |
764 | || !dsatmp->g || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG))) | |
765 | goto err; | |
5572f482 | 766 | |
0f113f3e MC |
767 | ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el, |
768 | (unsigned long *)dsatmp-> | |
769 | pub_key->d, | |
770 | (unsigned long *)dsatmp->p->d, | |
771 | (unsigned long *)dsatmp->q->d, | |
772 | (unsigned long *)dsatmp->g->d); | |
773 | surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret); | |
774 | if (ret != 1) { | |
775 | SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, | |
776 | ENGINE_R_FAILED_LOADING_PUBLIC_KEY); | |
777 | goto err; | |
778 | } | |
779 | /* set parameters */ | |
780 | /* normalise pubkey and parameters in case of */ | |
781 | dsatmp->pub_key->top = el / sizeof(BN_ULONG); | |
782 | bn_fix_top(dsatmp->pub_key); | |
783 | dsatmp->p->top = el / sizeof(BN_ULONG); | |
784 | bn_fix_top(dsatmp->p); | |
785 | dsatmp->q->top = 20 / sizeof(BN_ULONG); | |
786 | bn_fix_top(dsatmp->q); | |
787 | dsatmp->g->top = el / sizeof(BN_ULONG); | |
788 | bn_fix_top(dsatmp->g); | |
5572f482 | 789 | |
0f113f3e MC |
790 | /* create an EVP object: engine + rsa key */ |
791 | res = EVP_PKEY_new(); | |
792 | EVP_PKEY_assign_DSA(res, dsatmp); | |
793 | break; | |
794 | # endif | |
5572f482 | 795 | |
0f113f3e MC |
796 | default: |
797 | SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC, | |
798 | ENGINE_R_FAILED_LOADING_PRIVATE_KEY); | |
799 | goto err; | |
800 | } | |
801 | return res; | |
5572f482 | 802 | err: |
0f113f3e | 803 | # ifndef OPENSSL_NO_RSA |
d6407083 | 804 | RSA_free(rsatmp); |
0f113f3e MC |
805 | # endif |
806 | # ifndef OPENSSL_NO_DSA | |
d6407083 | 807 | DSA_free(dsatmp); |
0f113f3e MC |
808 | # endif |
809 | return NULL; | |
5572f482 RL |
810 | } |
811 | ||
812 | static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id, | |
0f113f3e MC |
813 | UI_METHOD *ui_method, |
814 | void *callback_data) | |
5572f482 | 815 | { |
0f113f3e MC |
816 | EVP_PKEY *res = NULL; |
817 | int ret = 0; | |
818 | unsigned long el = 0; | |
819 | char *hptr = NULL; | |
820 | char keytype = 0; | |
821 | char msg[64] = "ENGINE_load_privkey"; | |
5572f482 | 822 | |
0f113f3e MC |
823 | if (!p_surewarehk_Load_Privkey) { |
824 | SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY, | |
825 | ENGINE_R_NOT_INITIALISED); | |
826 | } else { | |
827 | ret = p_surewarehk_Load_Privkey(msg, key_id, &hptr, &el, &keytype); | |
828 | if (ret != 1) { | |
829 | SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY, | |
830 | ENGINE_R_FAILED_LOADING_PRIVATE_KEY); | |
831 | ERR_add_error_data(1, msg); | |
832 | } else | |
833 | res = sureware_load_public(e, key_id, hptr, el, keytype); | |
834 | } | |
835 | return res; | |
5572f482 RL |
836 | } |
837 | ||
838 | static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id, | |
0f113f3e MC |
839 | UI_METHOD *ui_method, |
840 | void *callback_data) | |
5572f482 | 841 | { |
0f113f3e MC |
842 | EVP_PKEY *res = NULL; |
843 | int ret = 0; | |
844 | unsigned long el = 0; | |
845 | char *hptr = NULL; | |
846 | char keytype = 0; | |
847 | char msg[64] = "ENGINE_load_pubkey"; | |
5572f482 | 848 | |
0f113f3e MC |
849 | if (!p_surewarehk_Info_Pubkey) { |
850 | SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY, | |
851 | ENGINE_R_NOT_INITIALISED); | |
852 | } else { | |
853 | /* call once to identify if DSA or RSA */ | |
854 | ret = p_surewarehk_Info_Pubkey(msg, key_id, &el, &keytype); | |
855 | if (ret != 1) { | |
856 | SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY, | |
857 | ENGINE_R_FAILED_LOADING_PUBLIC_KEY); | |
858 | ERR_add_error_data(1, msg); | |
859 | } else | |
860 | res = sureware_load_public(e, key_id, hptr, el, keytype); | |
861 | } | |
862 | return res; | |
5572f482 RL |
863 | } |
864 | ||
0f113f3e MC |
865 | /* |
866 | * This cleans up an RSA/DSA KM key(do not destroy the key into the hardware) | |
867 | * , called when ex_data is freed | |
868 | */ | |
5572f482 | 869 | static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, |
0f113f3e | 870 | int idx, long argl, void *argp) |
5572f482 | 871 | { |
0f113f3e MC |
872 | if (!p_surewarehk_Free) { |
873 | SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE, ENGINE_R_NOT_INITIALISED); | |
874 | } else | |
875 | p_surewarehk_Free((char *)item, 0); | |
5572f482 RL |
876 | } |
877 | ||
5572f482 | 878 | /* |
0f113f3e MC |
879 | * return number of decrypted bytes |
880 | */ | |
881 | # ifndef OPENSSL_NO_RSA | |
882 | static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from, | |
883 | unsigned char *to, RSA *rsa, int padding) | |
5572f482 | 884 | { |
0f113f3e MC |
885 | int ret = 0, tlen; |
886 | char *buf = NULL, *hptr = NULL; | |
887 | char msg[64] = "ENGINE_rsa_priv_dec"; | |
888 | if (!p_surewarehk_Rsa_Priv_Dec) { | |
889 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
890 | ENGINE_R_NOT_INITIALISED); | |
891 | } | |
892 | /* extract ref to private key */ | |
893 | else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) { | |
894 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
895 | SUREWARE_R_MISSING_KEY_COMPONENTS); | |
896 | goto err; | |
897 | } | |
898 | /* analyse what padding we can do into the hardware */ | |
899 | if (padding == RSA_PKCS1_PADDING) { | |
900 | /* do it one shot */ | |
901 | ret = | |
902 | p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen, | |
903 | to, hptr, SUREWARE_PKCS1_PAD); | |
904 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
905 | ret); | |
906 | if (ret != 1) | |
907 | goto err; | |
908 | ret = tlen; | |
909 | } else { /* do with no padding into hardware */ | |
910 | ||
911 | ret = | |
912 | p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen, | |
913 | to, hptr, SUREWARE_NO_PAD); | |
914 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
915 | ret); | |
916 | if (ret != 1) | |
917 | goto err; | |
918 | /* intermediate buffer for padding */ | |
919 | if ((buf = OPENSSL_malloc(tlen)) == NULL) { | |
920 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
921 | ERR_R_MALLOC_FAILURE); | |
922 | goto err; | |
923 | } | |
924 | memcpy(buf, to, tlen); /* transfert to into buf */ | |
925 | switch (padding) { /* check padding in software */ | |
0f113f3e MC |
926 | case RSA_PKCS1_OAEP_PADDING: |
927 | ret = | |
928 | RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf, | |
929 | tlen, tlen, NULL, 0); | |
930 | break; | |
0f113f3e MC |
931 | case RSA_SSLV23_PADDING: |
932 | ret = | |
933 | RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen, | |
934 | tlen); | |
935 | break; | |
936 | case RSA_NO_PADDING: | |
937 | ret = | |
938 | RSA_padding_check_none(to, tlen, (unsigned char *)buf, flen, | |
939 | tlen); | |
940 | break; | |
941 | default: | |
942 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
943 | SUREWARE_R_UNKNOWN_PADDING_TYPE); | |
944 | goto err; | |
945 | } | |
946 | if (ret < 0) | |
947 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC, | |
948 | SUREWARE_R_PADDING_CHECK_FAILED); | |
949 | } | |
950 | err: | |
951 | if (buf) { | |
952 | OPENSSL_cleanse(buf, tlen); | |
953 | OPENSSL_free(buf); | |
954 | } | |
955 | return ret; | |
5572f482 RL |
956 | } |
957 | ||
958 | /* | |
0f113f3e MC |
959 | * Does what OpenSSL rsa_priv_enc does. |
960 | */ | |
961 | static int surewarehk_rsa_sign(int flen, const unsigned char *from, | |
962 | unsigned char *to, RSA *rsa, int padding) | |
5572f482 | 963 | { |
0f113f3e MC |
964 | int ret = 0, tlen; |
965 | char *hptr = NULL; | |
966 | char msg[64] = "ENGINE_rsa_sign"; | |
967 | if (!p_surewarehk_Rsa_Sign) { | |
968 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, ENGINE_R_NOT_INITIALISED); | |
969 | } | |
970 | /* extract ref to private key */ | |
971 | else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) { | |
972 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, | |
973 | SUREWARE_R_MISSING_KEY_COMPONENTS); | |
974 | } else { | |
975 | switch (padding) { | |
976 | case RSA_PKCS1_PADDING: /* do it in one shot */ | |
977 | ret = | |
978 | p_surewarehk_Rsa_Sign(msg, flen, (unsigned char *)from, &tlen, | |
979 | to, hptr, SUREWARE_PKCS1_PAD); | |
980 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_SIGN, | |
981 | ret); | |
982 | break; | |
983 | case RSA_NO_PADDING: | |
984 | default: | |
985 | SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, | |
986 | SUREWARE_R_UNKNOWN_PADDING_TYPE); | |
987 | } | |
988 | } | |
989 | return ret == 1 ? tlen : ret; | |
5572f482 RL |
990 | } |
991 | ||
0f113f3e | 992 | # endif |
5572f482 | 993 | |
0f113f3e | 994 | # ifndef OPENSSL_NO_DSA |
5572f482 | 995 | /* DSA sign and verify */ |
0f113f3e MC |
996 | static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen, |
997 | DSA *dsa) | |
5572f482 | 998 | { |
0f113f3e MC |
999 | int ret = 0; |
1000 | char *hptr = NULL; | |
1001 | DSA_SIG *psign = NULL; | |
1002 | char msg[64] = "ENGINE_dsa_do_sign"; | |
1003 | if (!p_surewarehk_Dsa_Sign) { | |
1004 | SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, | |
1005 | ENGINE_R_NOT_INITIALISED); | |
1006 | goto err; | |
1007 | } | |
1008 | /* extract ref to private key */ | |
1009 | else if (!(hptr = DSA_get_ex_data(dsa, dsaHndidx))) { | |
1010 | SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, | |
1011 | SUREWARE_R_MISSING_KEY_COMPONENTS); | |
1012 | goto err; | |
1013 | } else { | |
1014 | if ((psign = DSA_SIG_new()) == NULL) { | |
1015 | SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, | |
1016 | ERR_R_MALLOC_FAILURE); | |
1017 | goto err; | |
1018 | } | |
1019 | psign->r = BN_new(); | |
1020 | psign->s = BN_new(); | |
1021 | bn_expand2(psign->r, 20 / sizeof(BN_ULONG)); | |
1022 | bn_expand2(psign->s, 20 / sizeof(BN_ULONG)); | |
1023 | if (!psign->r || psign->r->dmax != 20 / sizeof(BN_ULONG) || | |
1024 | !psign->s || psign->s->dmax != 20 / sizeof(BN_ULONG)) | |
1025 | goto err; | |
1026 | ret = p_surewarehk_Dsa_Sign(msg, flen, from, | |
1027 | (unsigned long *)psign->r->d, | |
1028 | (unsigned long *)psign->s->d, hptr); | |
1029 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_DSA_DO_SIGN, | |
1030 | ret); | |
1031 | } | |
1032 | psign->r->top = 20 / sizeof(BN_ULONG); | |
1033 | bn_fix_top(psign->r); | |
1034 | psign->s->top = 20 / sizeof(BN_ULONG); | |
1035 | bn_fix_top(psign->s); | |
5572f482 | 1036 | |
0f113f3e MC |
1037 | err: |
1038 | if (psign) { | |
1039 | DSA_SIG_free(psign); | |
1040 | psign = NULL; | |
1041 | } | |
1042 | return psign; | |
5572f482 | 1043 | } |
0f113f3e | 1044 | # endif |
5572f482 RL |
1045 | |
1046 | static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |
0f113f3e | 1047 | const BIGNUM *m, BN_CTX *ctx) |
5572f482 | 1048 | { |
0f113f3e MC |
1049 | int ret = 0; |
1050 | char msg[64] = "ENGINE_modexp"; | |
1051 | if (!p_surewarehk_Mod_Exp) { | |
1052 | SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED); | |
1053 | } else { | |
1054 | bn_expand2(r, m->top); | |
1055 | if (r && r->dmax == m->top) { | |
1056 | /* do it */ | |
1057 | ret = p_surewarehk_Mod_Exp(msg, | |
1058 | m->top * sizeof(BN_ULONG), | |
1059 | (unsigned long *)m->d, | |
1060 | p->top * sizeof(BN_ULONG), | |
1061 | (unsigned long *)p->d, | |
1062 | a->top * sizeof(BN_ULONG), | |
1063 | (unsigned long *)a->d, | |
1064 | (unsigned long *)r->d); | |
1065 | surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_MODEXP, ret); | |
1066 | if (ret == 1) { | |
1067 | /* normalise result */ | |
1068 | r->top = m->top; | |
1069 | bn_fix_top(r); | |
1070 | } | |
1071 | } | |
1072 | } | |
1073 | return ret; | |
5572f482 | 1074 | } |
0f113f3e MC |
1075 | # endif /* !OPENSSL_NO_HW_SUREWARE */ |
1076 | #endif /* !OPENSSL_NO_HW */ |