* project 2000.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
#include "vendor_defns/cswift.h"
#endif
+#define CSWIFT_LIB_NAME "cswift engine"
+#include "hw_cswift_err.c"
+
static int cswift_destroy(ENGINE *e);
static int cswift_init(ENGINE *e);
static int cswift_finish(ENGINE *e);
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
#endif
+/* RAND stuff */
+static int cswift_rand_bytes(unsigned char *buf, int num);
+static int cswift_rand_status(void);
+
/* The definitions for control commands specific to this engine */
#define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE
static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
};
#endif
-#ifndef OPENSSL_NO_ERR
-/* Error function codes for use in cswift operation */
-#define CSWIFT_F_CSWIFT_INIT 100
-#define CSWIFT_F_CSWIFT_FINISH 101
-#define CSWIFT_F_CSWIFT_CTRL 102
-#define CSWIFT_F_CSWIFT_MOD_EXP 103
-#define CSWIFT_F_CSWIFT_MOD_EXP_CRT 104
-#define CSWIFT_F_CSWIFT_RSA_MOD_EXP 105
-#define CSWIFT_F_CSWIFT_DSA_SIGN 106
-#define CSWIFT_F_CSWIFT_DSA_VERIFY 107
-/* Error reason codes */
-#define CSWIFT_R_ALREADY_LOADED 108
-#define CSWIFT_R_NOT_LOADED 109
-#define CSWIFT_R_UNIT_FAILURE 110
-#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED 113
-#define CSWIFT_R_BN_CTX_FULL 115
-#define CSWIFT_R_BN_EXPAND_FAIL 116
-#define CSWIFT_R_BAD_KEY_SIZE 117
-#define CSWIFT_R_REQUEST_FAILED 118
-#define CSWIFT_R_MISSING_KEY_COMPONENTS 120
-static ERR_STRING_DATA cswift_str_functs[] =
- {
- /* This first element is changed to match the dynamic 'lib' number */
-{ERR_PACK(0,0,0), "cswift engine code"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0), "cswift_init"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0), "cswift_finish"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0), "cswift_ctrl"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0), "cswift_mod_exp"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0), "cswift_mod_exp_crt"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0), "cswift_rsa_mod_exp"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0), "cswift_dsa_sign"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0), "cswift_dsa_verify"},
-/* Error reason codes */
-{CSWIFT_R_ALREADY_LOADED ,"already loaded"},
-{CSWIFT_R_NOT_LOADED ,"not loaded"},
-{CSWIFT_R_UNIT_FAILURE ,"unit failure"},
-{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{CSWIFT_R_BN_CTX_FULL ,"BN_CTX full"},
-{CSWIFT_R_BN_EXPAND_FAIL ,"bn_expand fail"},
-{CSWIFT_R_BAD_KEY_SIZE ,"bad key size"},
-{CSWIFT_R_REQUEST_FAILED ,"request failed"},
-{CSWIFT_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{0,NULL}
- };
-/* The library number we obtain dynamically from the ERR code */
-static int cswift_err_lib = -1;
-#define CSWIFTerr(f,r) ERR_PUT_error(cswift_err_lib,(f),(r),__FILE__,__LINE__)
-static void cswift_load_error_strings(void)
- {
- if(cswift_err_lib < 0)
- {
- if((cswift_err_lib = ERR_get_next_error_library()) <= 0)
- return;
- cswift_str_functs[0].error = ERR_PACK(cswift_err_lib,0,0);
- ERR_load_strings(cswift_err_lib, cswift_str_functs);
- }
- }
-static void cswift_unload_error_strings(void)
- {
- if(cswift_err_lib >= 0)
- {
- ERR_unload_strings(cswift_err_lib, cswift_str_functs);
- cswift_err_lib = -1;
- }
- }
-#else
-#define CSWIFTerr(f,r) /* NOP */
-static void cswift_load_error_strings(void) { } /* NOP */
-static void cswift_unload_error_strings(void) { } /* NOP */
-#endif
+static RAND_METHOD cswift_random =
+ {
+ /* "CryptoSwift RAND method", */
+ NULL,
+ cswift_rand_bytes,
+ NULL,
+ NULL,
+ cswift_rand_bytes,
+ cswift_rand_status,
+ };
+
/* Constants used when creating the ENGINE */
static const char *engine_cswift_id = "cswift";
#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &cswift_dh) ||
#endif
- !ENGINE_set_BN_mod_exp(e, &cswift_mod_exp) ||
- !ENGINE_set_BN_mod_exp_crt(e, &cswift_mod_exp_crt) ||
+ !ENGINE_set_RAND(e, &cswift_random) ||
!ENGINE_set_destroy_function(e, cswift_destroy) ||
!ENGINE_set_init_function(e, cswift_init) ||
!ENGINE_set_finish_function(e, cswift_finish) ||
#endif
/* Ensure the cswift error handling is set up */
- cswift_load_error_strings();
+ ERR_load_CSWIFT_strings();
return 1;
}
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_cswift(void)
+static ENGINE *engine_cswift(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
return ret;
}
+void ENGINE_load_cswift(void)
+ {
+ /* Copied from eng_[openssl|dyn].c */
+ ENGINE *toadd = engine_cswift();
+ if(!toadd) return;
+ ENGINE_add(toadd);
+ ENGINE_free(toadd);
+ ERR_clear_error();
+ }
+
/* This is a process-global DSO handle used for loading and unloading
* the CryptoSwift library. NB: This is only set (or unset) during an
* init() or finish() call (reference counts permitting) and they're
t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
/* Used in the DSO operations. */
-static const char def_CSWIFT_LIBNAME[] = "swift";
-static const char *CSWIFT_LIBNAME = def_CSWIFT_LIBNAME;
+static const char *CSWIFT_LIBNAME = NULL;
+static const char *get_CSWIFT_LIBNAME(void)
+ {
+ if(CSWIFT_LIBNAME)
+ return CSWIFT_LIBNAME;
+ return "swift";
+ }
+static void free_CSWIFT_LIBNAME(void)
+ {
+ if(CSWIFT_LIBNAME)
+ OPENSSL_free((void*)CSWIFT_LIBNAME);
+ CSWIFT_LIBNAME = NULL;
+ }
+static long set_CSWIFT_LIBNAME(const char *name)
+ {
+ free_CSWIFT_LIBNAME();
+ return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *CSWIFT_F1 = "swAcquireAccContext";
static const char *CSWIFT_F2 = "swAttachKeyParam";
static const char *CSWIFT_F3 = "swSimpleRequest";
/* Destructor (complements the "ENGINE_cswift()" constructor) */
static int cswift_destroy(ENGINE *e)
{
- cswift_unload_error_strings();
+ free_CSWIFT_LIBNAME();
+ ERR_unload_CSWIFT_strings();
return 1;
}
goto err;
}
/* Attempt to load libswift.so/swift.dll/whatever. */
- cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0);
+ cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
if(cswift_dso == NULL)
{
CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
static int cswift_finish(ENGINE *e)
{
+ free_CSWIFT_LIBNAME();
if(cswift_dso == NULL)
{
CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
return 0;
}
- CSWIFT_LIBNAME = (const char *)p;
- return 1;
+ return set_CSWIFT_LIBNAME((const char *)p);
default:
break;
}
goto err;
default:
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
&res, 1)) != SW_OK)
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
goto err;
default:
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
&res, 1)) != SW_OK)
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
goto err;
default:
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
&res, 1);
if(sw_status != SW_OK)
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
goto err;
default:
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
&res, 1);
if(sw_status != SW_OK)
{
- char tmpbuf[20];
+ char tmpbuf[DECIMAL_SIZE(sw_status)+1];
CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
sprintf(tmpbuf, "%ld", sw_status);
ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
}
#endif
+/* Random bytes are good */
+static int cswift_rand_bytes(unsigned char *buf, int num)
+{
+ SW_CONTEXT_HANDLE hac;
+ SW_STATUS swrc;
+ SW_LARGENUMBER largenum;
+ size_t nbytes = 0;
+ int acquired = 0;
+ int to_return = 0; /* assume failure */
+
+ if (!get_context(&hac))
+ {
+ CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE);
+ goto err;
+ }
+ acquired = 1;
+
+ while (nbytes < num)
+ {
+ /* tell CryptoSwift how many bytes we want and where we want it.
+ * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
+ * - CryptoSwift can only do multiple of 32-bits. */
+ largenum.value = (SW_BYTE *) buf + nbytes;
+ if (4096 > num - nbytes)
+ largenum.nbytes = num - nbytes;
+ else
+ largenum.nbytes = 4096;
+
+ swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
+ if (swrc != SW_OK)
+ {
+ char tmpbuf[20];
+ CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
+ sprintf(tmpbuf, "%ld", swrc);
+ ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+ goto err;
+ }
+
+ nbytes += largenum.nbytes;
+ }
+ to_return = 1; /* success */
+
+err:
+ if (acquired)
+ release_context(hac);
+ return to_return;
+}
+
+static int cswift_rand_status(void)
+{
+ return 1;
+}
+
+
/* This stuff is needed if this ENGINE is being compiled into a self-contained
* shared-library. */
#ifdef ENGINE_DYNAMIC_SUPPORT