X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=engines%2Fe_sureware.c;h=424b82fd98f72776046d31d893a7909fd5b15573;hb=f022c177db230e49a4599795a6be2758f350f108;hp=dced97c695a568f3cffed2942e92c8a715321684;hpb=665dc3924d4f7771dbe17b7518ce3c6d3694a352;p=openssl.git

diff --git a/engines/e_sureware.c b/engines/e_sureware.c
index dced97c695..424b82fd98 100644
--- a/engines/e_sureware.c
+++ b/engines/e_sureware.c
@@ -51,10 +51,22 @@
 ====================================================================*/
 
 #include <stdio.h>
+#include <string.h>
 #include <openssl/crypto.h>
 #include <openssl/pem.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
 #ifndef OPENSSL_NO_HW_SUREWARE
@@ -68,7 +80,7 @@
 #define SUREWARE_LIB_NAME "sureware engine"
 #include "e_sureware_err.c"
 
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
+static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
 static int surewarehk_destroy(ENGINE *e);
 static int surewarehk_init(ENGINE *e);
 static int surewarehk_finish(ENGINE *e);
@@ -76,10 +88,12 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	const BIGNUM *m, BN_CTX *ctx);
 
 /* RSA stuff */
+#ifndef OPENSSL_NO_RSA
 static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
 			RSA *rsa,int padding);
 static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
 			    RSA *rsa,int padding);
+#endif
 
 /* RAND stuff */
 static int surewarehk_rand_bytes(unsigned char *buf, int num);
@@ -121,7 +135,8 @@ static RSA_METHOD surewarehk_rsa =
 	0,	/* RSA flag*/
 	NULL, 
 	NULL, /* OpenSSL sign*/
-	NULL  /* OpenSSL verify*/
+	NULL, /* OpenSSL verify*/
+	NULL  /* keygen */
 	};
 #endif
 
@@ -143,7 +158,8 @@ static DH_METHOD surewarehk_dh =
 	NULL, /* init*/
 	NULL, /* finish*/
 	0,    /* flags*/
-	NULL 
+	NULL,
+	NULL
 	};
 #endif
 
@@ -192,6 +208,8 @@ static DSA_METHOD surewarehk_dsa =
 	NULL,/*finish*/
 	0,
 	NULL,
+	NULL,
+	NULL
 	};
 #endif
 
@@ -363,7 +381,7 @@ static BIO *logstream = NULL;
  * called, the checking and error handling is probably down there. 
 */
 static int threadsafe=1;
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
 {
 	int to_return = 1;
 
@@ -575,7 +593,7 @@ static void surewarehk_error_handling(char *const msg,int func,int ret)
 			ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
 			break;
 		case SUREWAREHOOK_ERROR_INVALID_PAD:
-			ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED);
+			ENGINEerr(func,SUREWARE_R_PADDING_CHECK_FAILED);
 			break;
 		default:
 			ENGINEerr(func,SUREWARE_R_REQUEST_FAILED);
@@ -644,7 +662,7 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 	int ret=0;
 	if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_NOT_INITIALISED);
 		goto err;
 	}
 	switch (keytype)
@@ -667,10 +685,10 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 		ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
 						 (unsigned long *)rsatmp->n->d,
 						 (unsigned long *)rsatmp->e->d);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
+		surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
 			goto err;
 		}
 		/* normalise pub e and pub n */
@@ -711,10 +729,10 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 						 (unsigned long *)dsatmp->p->d,
 						 (unsigned long *)dsatmp->q->d,
 						 (unsigned long *)dsatmp->g->d);
-		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
+		surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
 			goto err;
 		}
 		/* set parameters */
@@ -735,7 +753,7 @@ static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,un
 #endif
 
 	default:
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+		SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
 		goto err;
 	}
 	return res;
@@ -765,14 +783,14 @@ static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
 
 	if(!p_surewarehk_Load_Privkey)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 	{
 		ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
 			ERR_add_error_data(1,msg);		
 		}
 		else
@@ -793,7 +811,7 @@ static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
 
 	if(!p_surewarehk_Info_Pubkey)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 	{
@@ -801,7 +819,7 @@ static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
 		ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype);
 		if (ret!=1)
 		{
-			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
 			ERR_add_error_data(1,msg);
 		}
 		else
@@ -832,7 +850,7 @@ static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
 {
 	if(!p_surewarehk_Free)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 		p_surewarehk_Free((char *)item,1);
@@ -878,7 +896,7 @@ static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned c
 		/* intermediate buffer for padding */
 		if ((buf=OPENSSL_malloc(tlen)) == NULL)
 		{
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
 		memcpy(buf,to,tlen);/* transfert to into buf */
@@ -896,16 +914,16 @@ static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned c
 			ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen);
 			break;
 		default:
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_UNKNOWN_PADDING_TYPE);
 			goto err;
 		}
 		if (ret < 0)
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_PADDING_CHECK_FAILED);
 	}
 err:
 	if (buf)
 	{
-		memset(buf,0,tlen);
+		OPENSSL_cleanse(buf,tlen);
 		OPENSSL_free(buf);
 	}
 	return ret;
@@ -922,12 +940,12 @@ static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char
 	char msg[64]="ENGINE_rsa_sign";
 	if (!p_surewarehk_Rsa_Sign)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,ENGINE_R_NOT_INITIALISED);
 	}
 	/* extract ref to private key */
 	else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
 	}
 	else
 	{
@@ -935,11 +953,11 @@ static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char
 		{
 		case RSA_PKCS1_PADDING: /* do it in one shot */
 			ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
-			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret);
+			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_SIGN,ret);
 			break;
 		case RSA_NO_PADDING:
 		default:
-			RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE);
+			SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,SUREWARE_R_UNKNOWN_PADDING_TYPE);
 		}
 	}
 	return ret==1 ? tlen : ret;
@@ -1006,7 +1024,7 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	char msg[64]="ENGINE_modexp";
 	if (!p_surewarehk_Mod_Exp)
 	{
-		SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+		SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP,ENGINE_R_NOT_INITIALISED);
 	}
 	else
 	{
@@ -1022,7 +1040,7 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 						 a->top*sizeof(BN_ULONG),
 						 (unsigned long *)a->d,
 						 (unsigned long *)r->d);
-			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret);
+			surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MODEXP,ret);
 			if (ret==1)
 			{
 				/* normalise result */