X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fengine%2Fhw_ncipher.c;h=4fef86fcc5519cf22799afb70054927b3b5e8345;hp=da52912462a28b571b949068d3c3770f089d02cf;hb=7b63c0fa8c309bed7848b5ca5810ae9e2f2fb3c1;hpb=b6d1e52d454bb321153c70cf763945d4b0d4f78e diff --git a/crypto/engine/hw_ncipher.c b/crypto/engine/hw_ncipher.c index da52912462..4fef86fcc5 100644 --- a/crypto/engine/hw_ncipher.c +++ b/crypto/engine/hw_ncipher.c @@ -59,9 +59,9 @@ #include #include +#include "cryptlib.h" #include #include -#include "cryptlib.h" #include #include #include @@ -83,6 +83,9 @@ #include "vendor_defns/hwcryptohook.h" #endif +#define HWCRHK_LIB_NAME "hwcrhk engine" +#include "hw_ncipher_err.c" + static int hwcrhk_destroy(ENGINE *e); static int hwcrhk_init(ENGINE *e); static int hwcrhk_finish(ENGINE *e); @@ -211,91 +214,6 @@ static RAND_METHOD hwcrhk_rand = hwcrhk_rand_status, }; -#ifndef OPENSSL_NO_ERR -/* Error function codes for use in hwcrhk operation */ -#define HWCRHK_F_HWCRHK_INIT 100 -#define HWCRHK_F_HWCRHK_FINISH 101 -#define HWCRHK_F_HWCRHK_CTRL 102 -#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 103 -#define HWCRHK_F_HWCRHK_LOAD_PUBKEY 104 -#define HWCRHK_F_HWCRHK_MOD_EXP 105 -#define HWCRHK_F_HWCRHK_RSA_MOD_EXP 106 -#define HWCRHK_F_HWCRHK_RAND_BYTES 107 -#define HWCRHK_F_HWCRHK_GET_PASS 108 -#define HWCRHK_F_HWCRHK_INSERT_CARD 109 -/* Error reason codes */ -#define HWCRHK_R_ALREADY_LOADED 110 -#define HWCRHK_R_DSO_FAILURE 111 -#define HWCRHK_R_UNIT_FAILURE 112 -#define HWCRHK_R_NOT_LOADED 113 -#define HWCRHK_R_BIO_WAS_FREED 114 -#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 115 -#define HWCRHK_R_NOT_INITIALISED 116 -#define HWCRHK_R_CHIL_ERROR 117 -#define HWCRHK_R_NO_KEY 118 -#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 119 -#define HWCRHK_R_REQUEST_FALLBACK 120 -#define HWCRHK_R_REQUEST_FAILED 121 -#define HWCRHK_R_MISSING_KEY_COMPONENTS 122 -#define HWCRHK_R_NO_CALLBACK 123 -static ERR_STRING_DATA hwcrhk_str_functs[] = - { - /* This first element is changed to match the dynamic 'lib' number */ -{ERR_PACK(0,0,0), "hwcrhk engine code"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0), "hwcrhk_init"}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0), ""}, -{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0), ""}, -/* Error reason codes */ -{HWCRHK_R_ALREADY_LOADED ,"already loaded"}, -{HWCRHK_R_DSO_FAILURE ,"DSO failure"}, -{HWCRHK_R_UNIT_FAILURE ,"unit failure"}, -{HWCRHK_R_NOT_LOADED ,"not loaded"}, -{HWCRHK_R_BIO_WAS_FREED ,"BIO was freed"}, -{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"}, -{HWCRHK_R_NOT_INITIALISED ,"not initialised"}, -{HWCRHK_R_CHIL_ERROR ,"'chil' error"}, -{HWCRHK_R_NO_KEY ,"no key"}, -{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"}, -{HWCRHK_R_REQUEST_FALLBACK ,"request fallback"}, -{HWCRHK_R_REQUEST_FAILED ,"request failed"}, -{HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"}, -{HWCRHK_R_NO_CALLBACK ,"no callback"}, -{0,NULL} - }; -/* The library number we obtain dynamically from the ERR code */ -static int hwcrhk_err_lib = -1; -#define HWCRHKerr(f,r) ERR_PUT_error(hwcrhk_err_lib,(f),(r),__FILE__,__LINE__) -static void hwcrhk_load_error_strings(void) - { - if(hwcrhk_err_lib < 0) - { - if((hwcrhk_err_lib = ERR_get_next_error_library()) <= 0) - return; - hwcrhk_str_functs[0].error = ERR_PACK(hwcrhk_err_lib,0,0); - ERR_load_strings(hwcrhk_err_lib, hwcrhk_str_functs); - } - } -static void hwcrhk_unload_error_strings(void) - { - if(hwcrhk_err_lib >= 0) - { - ERR_unload_strings(hwcrhk_err_lib, hwcrhk_str_functs); - hwcrhk_err_lib = -1; - } - } -#else -#define HWCRHKerr(f,r) /* NOP */ -static void hwcrhk_load_error_strings(void) { } /* NOP */ -static void hwcrhk_unload_error_strings(void) { } /* NOP */ -#endif - /* Constants used when creating the ENGINE */ static const char *engine_hwcrhk_id = "chil"; static const char *engine_hwcrhk_name = "nCipher hardware engine support"; @@ -357,7 +275,7 @@ static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL }; /* Stuff to pass to the HWCryptoHook library */ static HWCryptoHook_InitInfo hwcrhk_globals = { - 0, /* Flags */ + HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */ &logstream, /* logstream */ sizeof(BN_ULONG), /* limbsize */ 0, /* mslimb first: false for BNs */ @@ -449,7 +367,7 @@ static int bind_helper(ENGINE *e) #endif /* Ensure the hwcrhk error handling is set up */ - hwcrhk_load_error_strings(); + ERR_load_HWCRHK_strings(); return 1; } @@ -504,8 +422,24 @@ static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL; static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; /* Used in the DSO operations. */ -static const char def_HWCRHK_LIBNAME[] = "nfhwcrhk"; -static const char *HWCRHK_LIBNAME = def_HWCRHK_LIBNAME; +static const char *HWCRHK_LIBNAME = NULL; +static void free_HWCRHK_LIBNAME(void) + { + if(HWCRHK_LIBNAME) + OPENSSL_free((void*)HWCRHK_LIBNAME); + HWCRHK_LIBNAME = NULL; + } +static const char *get_HWCRHK_LIBNAME(void) + { + if(HWCRHK_LIBNAME) + return HWCRHK_LIBNAME; + return "nfhwcrhk"; + } +static long set_HWCRHK_LIBNAME(const char *name) + { + free_HWCRHK_LIBNAME(); + return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); + } static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish"; static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp"; @@ -533,7 +467,7 @@ static int get_context(HWCryptoHook_ContextHandle *hac, HWCryptoHook_ErrMsgBuf rmsg; rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, cac); @@ -551,7 +485,8 @@ static void release_context(HWCryptoHook_ContextHandle hac) /* Destructor (complements the "ENGINE_ncipher()" constructor) */ static int hwcrhk_destroy(ENGINE *e) { - hwcrhk_unload_error_strings(); + free_HWCRHK_LIBNAME(); + ERR_unload_HWCRHK_strings(); return 1; } @@ -576,7 +511,7 @@ static int hwcrhk_init(ENGINE *e) goto err; } /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */ - hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0); + hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0); if(hwcrhk_dso == NULL) { HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE); @@ -668,6 +603,7 @@ err: static int hwcrhk_finish(ENGINE *e) { int to_return = 1; + free_HWCRHK_LIBNAME(); if(hwcrhk_dso == NULL) { HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED); @@ -716,8 +652,7 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER); return 0; } - HWCRHK_LIBNAME = (const char *)p; - return 1; + return set_HWCRHK_LIBNAME((const char *)p); case ENGINE_CTRL_SET_LOGSTREAM: { BIO *bio = (BIO *)p; @@ -741,11 +676,13 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); break; case ENGINE_CTRL_SET_USER_INTERFACE: + case HWCRHK_CMD_SET_USER_INTERFACE: CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); password_context.ui_method = (UI_METHOD *)p; CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); break; case ENGINE_CTRL_SET_CALLBACK_DATA: + case HWCRHK_CMD_SET_CALLBACK_DATA: CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); password_context.callback_data = p; CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); @@ -802,10 +739,16 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, HWCryptoHook_RSAKeyHandle *hptr; #endif #if !defined(OPENSSL_NO_RSA) + char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; #endif HWCryptoHook_PassphraseContext ppctx; +#if !defined(OPENSSL_NO_RSA) + rmsg.buf = tempbuf; + rmsg.size = sizeof(tempbuf); +#endif + if(!hwcrhk_context) { HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, @@ -912,9 +855,12 @@ static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, res->pkey.rsa = RSA_new(); res->pkey.rsa->n = rsa->n; res->pkey.rsa->e = rsa->e; + rsa->n = NULL; + rsa->e = NULL; CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); RSA_free(rsa); } + break; #endif default: HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY, @@ -943,7 +889,7 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, to_return = 0; /* expect failure */ rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); if(!hwcrhk_context) { @@ -994,6 +940,9 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) HWCryptoHook_RSAKeyHandle *hptr; int to_return = 0, ret; + rmsg.buf = tempbuf; + rmsg.size = sizeof(tempbuf); + if(!hwcrhk_context) { HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED); @@ -1015,9 +964,6 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) goto err; } - rmsg.buf = tempbuf; - rmsg.size = 1024; - /* Prepare the params */ bn_expand2(r, rsa->n->top); /* Check for error !! */ BN2MPI(m_a, I); @@ -1060,9 +1006,6 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) goto err; } - rmsg.buf = tempbuf; - rmsg.size = 1024; - /* Prepare the params */ bn_expand2(r, rsa->n->top); /* Check for error !! */ BN2MPI(m_a, I); @@ -1131,7 +1074,7 @@ static int hwcrhk_rand_bytes(unsigned char *buf, int num) int ret; rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); if(!hwcrhk_context) { @@ -1183,7 +1126,7 @@ static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, #endif rmsg.buf = tempbuf; - rmsg.size = 1024; + rmsg.size = sizeof(tempbuf); #ifndef OPENSSL_NO_RSA hptr = (HWCryptoHook_RSAKeyHandle *) item; @@ -1204,8 +1147,8 @@ static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt, { mt->lockid = CRYPTO_get_new_dynlockid(); if (mt->lockid == 0) - return -1; - return 0; + return 1; /* failure */ + return 0; /* success */ } static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt) @@ -1214,7 +1157,7 @@ static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt) return 0; } -void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) +static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) { CRYPTO_w_unlock(mt->lockid); }