#include <stdio.h>
#include <string.h>
+#include "cryptlib.h"
#include <openssl/crypto.h>
#include <openssl/pem.h>
-#include "cryptlib.h"
#include <openssl/dso.h>
#include <openssl/engine.h>
#include <openssl/ui.h>
#include "vendor_defns/hwcryptohook.h"
#endif
+#define HWCRHK_LIB_NAME "hwcrhk engine"
+#include "hw_ncipher_err.c"
+
static int hwcrhk_destroy(ENGINE *e);
static int hwcrhk_init(ENGINE *e);
static int hwcrhk_finish(ENGINE *e);
hwcrhk_rand_status,
};
-#ifndef OPENSSL_NO_ERR
-/* Error function codes for use in hwcrhk operation */
-#define HWCRHK_F_HWCRHK_INIT 100
-#define HWCRHK_F_HWCRHK_FINISH 101
-#define HWCRHK_F_HWCRHK_CTRL 102
-#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 103
-#define HWCRHK_F_HWCRHK_LOAD_PUBKEY 104
-#define HWCRHK_F_HWCRHK_MOD_EXP 105
-#define HWCRHK_F_HWCRHK_RSA_MOD_EXP 106
-#define HWCRHK_F_HWCRHK_RAND_BYTES 107
-#define HWCRHK_F_HWCRHK_GET_PASS 108
-#define HWCRHK_F_HWCRHK_INSERT_CARD 109
-/* Error reason codes */
-#define HWCRHK_R_ALREADY_LOADED 110
-#define HWCRHK_R_DSO_FAILURE 111
-#define HWCRHK_R_UNIT_FAILURE 112
-#define HWCRHK_R_NOT_LOADED 113
-#define HWCRHK_R_BIO_WAS_FREED 114
-#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 115
-#define HWCRHK_R_NOT_INITIALISED 116
-#define HWCRHK_R_CHIL_ERROR 117
-#define HWCRHK_R_NO_KEY 118
-#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 119
-#define HWCRHK_R_REQUEST_FALLBACK 120
-#define HWCRHK_R_REQUEST_FAILED 121
-#define HWCRHK_R_MISSING_KEY_COMPONENTS 122
-#define HWCRHK_R_NO_CALLBACK 123
-static ERR_STRING_DATA hwcrhk_str_functs[] =
- {
- /* This first element is changed to match the dynamic 'lib' number */
-{ERR_PACK(0,0,0), "hwcrhk engine code"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0), "hwcrhk_init"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0), ""},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0), ""},
-/* Error reason codes */
-{HWCRHK_R_ALREADY_LOADED ,"already loaded"},
-{HWCRHK_R_DSO_FAILURE ,"DSO failure"},
-{HWCRHK_R_UNIT_FAILURE ,"unit failure"},
-{HWCRHK_R_NOT_LOADED ,"not loaded"},
-{HWCRHK_R_BIO_WAS_FREED ,"BIO was freed"},
-{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{HWCRHK_R_NOT_INITIALISED ,"not initialised"},
-{HWCRHK_R_CHIL_ERROR ,"'chil' error"},
-{HWCRHK_R_NO_KEY ,"no key"},
-{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
-{HWCRHK_R_REQUEST_FALLBACK ,"request fallback"},
-{HWCRHK_R_REQUEST_FAILED ,"request failed"},
-{HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{HWCRHK_R_NO_CALLBACK ,"no callback"},
-{0,NULL}
- };
-/* The library number we obtain dynamically from the ERR code */
-static int hwcrhk_err_lib = -1;
-#define HWCRHKerr(f,r) ERR_PUT_error(hwcrhk_err_lib,(f),(r),__FILE__,__LINE__)
-static void hwcrhk_load_error_strings(void)
- {
- if(hwcrhk_err_lib < 0)
- {
- if((hwcrhk_err_lib = ERR_get_next_error_library()) <= 0)
- return;
- hwcrhk_str_functs[0].error = ERR_PACK(hwcrhk_err_lib,0,0);
- ERR_load_strings(hwcrhk_err_lib, hwcrhk_str_functs);
- }
- }
-static void hwcrhk_unload_error_strings(void)
- {
- if(hwcrhk_err_lib >= 0)
- {
- ERR_unload_strings(hwcrhk_err_lib, hwcrhk_str_functs);
- hwcrhk_err_lib = -1;
- }
- }
-#else
-#define HWCRHKerr(f,r) /* NOP */
-static void hwcrhk_load_error_strings(void) { } /* NOP */
-static void hwcrhk_unload_error_strings(void) { } /* NOP */
-#endif
-
/* Constants used when creating the ENGINE */
static const char *engine_hwcrhk_id = "chil";
static const char *engine_hwcrhk_name = "nCipher hardware engine support";
/* Stuff to pass to the HWCryptoHook library */
static HWCryptoHook_InitInfo hwcrhk_globals = {
- 0, /* Flags */
+ HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
&logstream, /* logstream */
sizeof(BN_ULONG), /* limbsize */
0, /* mslimb first: false for BNs */
#endif
/* Ensure the hwcrhk error handling is set up */
- hwcrhk_load_error_strings();
+ ERR_load_HWCRHK_strings();
return 1;
}
static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
/* Used in the DSO operations. */
-static const char def_HWCRHK_LIBNAME[] = "nfhwcrhk";
-static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME;
+static const char *HWCRHK_LIBNAME = NULL;
+static void free_HWCRHK_LIBNAME(void)
+ {
+ if(HWCRHK_LIBNAME)
+ OPENSSL_free((void*)HWCRHK_LIBNAME);
+ HWCRHK_LIBNAME = NULL;
+ }
+static const char *get_HWCRHK_LIBNAME(void)
+ {
+ if(HWCRHK_LIBNAME)
+ return HWCRHK_LIBNAME;
+ return "nfhwcrhk";
+ }
+static long set_HWCRHK_LIBNAME(const char *name)
+ {
+ free_HWCRHK_LIBNAME();
+ return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ }
static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
HWCryptoHook_ErrMsgBuf rmsg;
rmsg.buf = tempbuf;
- rmsg.size = 1024;
+ rmsg.size = sizeof(tempbuf);
*hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg,
cac);
/* Destructor (complements the "ENGINE_ncipher()" constructor) */
static int hwcrhk_destroy(ENGINE *e)
{
- hwcrhk_unload_error_strings();
+ free_HWCRHK_LIBNAME();
+ ERR_unload_HWCRHK_strings();
return 1;
}
goto err;
}
/* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
- hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0);
+ hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
if(hwcrhk_dso == NULL)
{
HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
static int hwcrhk_finish(ENGINE *e)
{
int to_return = 1;
+ free_HWCRHK_LIBNAME();
if(hwcrhk_dso == NULL)
{
HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- HWCRHK_LIBNAME = (const char *)p;
- return 1;
+ return set_HWCRHK_LIBNAME((const char *)p);
case ENGINE_CTRL_SET_LOGSTREAM:
{
BIO *bio = (BIO *)p;
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
break;
case ENGINE_CTRL_SET_USER_INTERFACE:
+ case HWCRHK_CMD_SET_USER_INTERFACE:
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
password_context.ui_method = (UI_METHOD *)p;
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
break;
case ENGINE_CTRL_SET_CALLBACK_DATA:
+ case HWCRHK_CMD_SET_CALLBACK_DATA:
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
password_context.callback_data = p;
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
HWCryptoHook_RSAKeyHandle *hptr;
#endif
#if !defined(OPENSSL_NO_RSA)
+ char tempbuf[1024];
HWCryptoHook_ErrMsgBuf rmsg;
#endif
HWCryptoHook_PassphraseContext ppctx;
+#if !defined(OPENSSL_NO_RSA)
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+#endif
+
if(!hwcrhk_context)
{
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
res->pkey.rsa = RSA_new();
res->pkey.rsa->n = rsa->n;
res->pkey.rsa->e = rsa->e;
+ rsa->n = NULL;
+ rsa->e = NULL;
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
RSA_free(rsa);
}
+ break;
#endif
default:
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
to_return = 0; /* expect failure */
rmsg.buf = tempbuf;
- rmsg.size = 1024;
+ rmsg.size = sizeof(tempbuf);
if(!hwcrhk_context)
{
HWCryptoHook_RSAKeyHandle *hptr;
int to_return = 0, ret;
+ rmsg.buf = tempbuf;
+ rmsg.size = sizeof(tempbuf);
+
if(!hwcrhk_context)
{
HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
goto err;
}
- rmsg.buf = tempbuf;
- rmsg.size = 1024;
-
/* Prepare the params */
bn_expand2(r, rsa->n->top); /* Check for error !! */
BN2MPI(m_a, I);
goto err;
}
- rmsg.buf = tempbuf;
- rmsg.size = 1024;
-
/* Prepare the params */
bn_expand2(r, rsa->n->top); /* Check for error !! */
BN2MPI(m_a, I);
int ret;
rmsg.buf = tempbuf;
- rmsg.size = 1024;
+ rmsg.size = sizeof(tempbuf);
if(!hwcrhk_context)
{
#endif
rmsg.buf = tempbuf;
- rmsg.size = 1024;
+ rmsg.size = sizeof(tempbuf);
#ifndef OPENSSL_NO_RSA
hptr = (HWCryptoHook_RSAKeyHandle *) item;
{
mt->lockid = CRYPTO_get_new_dynlockid();
if (mt->lockid == 0)
- return -1;
- return 0;
+ return 1; /* failure */
+ return 0; /* success */
}
static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt)
return 0;
}
-void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
+static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
{
CRYPTO_w_unlock(mt->lockid);
}