This changes the existing hardware ENGINE implementations to dynamically

author Geoff Thorpe <geoff@openssl.org>

Mon, 3 Sep 2001 21:33:00 +0000 (21:33 +0000)

committer Geoff Thorpe <geoff@openssl.org>

Mon, 3 Sep 2001 21:33:00 +0000 (21:33 +0000)
author Geoff Thorpe <geoff@openssl.org>
Mon, 3 Sep 2001 21:33:00 +0000 (21:33 +0000)
committer Geoff Thorpe <geoff@openssl.org>
Mon, 3 Sep 2001 21:33:00 +0000 (21:33 +0000)
diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h

index 4c03be3ac25a82f4c3fc7deece73cde50584f5a7..149ae9a979b0650327c5eeaa213f76b5f02699c8 100644 (file)
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -561,9 +561,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
                 if(!fn(e,id)) return 0; \
                 return 1; }
  
-/* Obligatory error function. */
-void ERR_load_ENGINE_strings(void);
-
  /* BEGIN ERROR CODES */
  /* The following lines are auto generated by the script mkerr.pl. Any changes
   * made after this point may be overwritten when the script is next run.
@@ -573,19 +570,6 @@ void ERR_load_ENGINE_strings(void);
  /* Error codes for the ENGINE functions. */
  
  /* Function codes. */
-#define ENGINE_F_ATALLA_CTRL                            173
-#define ENGINE_F_ATALLA_FINISH                          159
-#define ENGINE_F_ATALLA_INIT                            160
-#define ENGINE_F_ATALLA_MOD_EXP                                 161
-#define ENGINE_F_ATALLA_RSA_MOD_EXP                     162
-#define ENGINE_F_CSWIFT_CTRL                            174
-#define ENGINE_F_CSWIFT_DSA_SIGN                        133
-#define ENGINE_F_CSWIFT_DSA_VERIFY                      134
-#define ENGINE_F_CSWIFT_FINISH                          100
-#define ENGINE_F_CSWIFT_INIT                            101
-#define ENGINE_F_CSWIFT_MOD_EXP                                 102
-#define ENGINE_F_CSWIFT_MOD_EXP_CRT                     103
-#define ENGINE_F_CSWIFT_RSA_MOD_EXP                     104
  #define ENGINE_F_DYNAMIC_CTRL                           180
  #define ENGINE_F_DYNAMIC_GET_DATA_CTX                   181
  #define ENGINE_F_DYNAMIC_LOAD                           182
@@ -611,32 +595,9 @@ void ERR_load_ENGINE_strings(void);
  #define ENGINE_F_ENGINE_SET_ID                          129
  #define ENGINE_F_ENGINE_SET_NAME                        130
  #define ENGINE_F_ENGINE_UNLOAD_KEY                      152
-#define ENGINE_F_HWCRHK_CTRL                            143
-#define ENGINE_F_HWCRHK_FINISH                          135
-#define ENGINE_F_HWCRHK_GET_PASS                        155
-#define ENGINE_F_HWCRHK_INIT                            136
-#define ENGINE_F_HWCRHK_INSERT_CARD                     179
-#define ENGINE_F_HWCRHK_LOAD_PRIVKEY                    153
-#define ENGINE_F_HWCRHK_LOAD_PUBKEY                     154
-#define ENGINE_F_HWCRHK_MOD_EXP                                 137
-#define ENGINE_F_HWCRHK_MOD_EXP_CRT                     138
-#define ENGINE_F_HWCRHK_RAND_BYTES                      139
-#define ENGINE_F_HWCRHK_RSA_MOD_EXP                     140
  #define ENGINE_F_INT_CTRL_HELPER                        172
  #define ENGINE_F_LOG_MESSAGE                            141
-#define ENGINE_F_NURON_CTRL                             175
-#define ENGINE_F_NURON_FINISH                           157
-#define ENGINE_F_NURON_INIT                             156
-#define ENGINE_F_NURON_MOD_EXP                          158
  #define ENGINE_F_SET_DATA_CTX                           183
-#define ENGINE_F_UBSEC_CTRL                             176
-#define ENGINE_F_UBSEC_DSA_SIGN                                 163
-#define ENGINE_F_UBSEC_DSA_VERIFY                       164
-#define ENGINE_F_UBSEC_FINISH                           165
-#define ENGINE_F_UBSEC_INIT                             166
-#define ENGINE_F_UBSEC_MOD_EXP                          167
-#define ENGINE_F_UBSEC_RSA_MOD_EXP                      168
-#define ENGINE_F_UBSEC_RSA_MOD_EXP_CRT                  169
  
  /* Reason codes. */
  #define ENGINE_R_ALREADY_LOADED                                 100
diff --git a/crypto/engine/engine_dyn.c b/crypto/engine/engine_dyn.c

index 556e9f3a6a53efe5a5dda114ad1e3ca0994addce..d4f00f7b6a57f29867d12b1a78a6a284194a1796 100644 (file)
--- a/crypto/engine/engine_dyn.c
+++ b/crypto/engine/engine_dyn.c
@@ -238,7 +238,7 @@ static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
  
  /* As this is only ever called once, there's no need for locking
   * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_dynamic()
+ENGINE *ENGINE_dynamic(void)
         {
         ENGINE *ret = ENGINE_new();
         if(!ret)
diff --git a/crypto/engine/engine_err.c b/crypto/engine/engine_err.c

index 301415d980069868c7cf7fea0e385818d6d2691e..e76a4e3d4ddd1efc112dd5650201f68f239634a7 100644 (file)
--- a/crypto/engine/engine_err.c
+++ b/crypto/engine/engine_err.c
@@ -66,19 +66,6 @@
  #ifndef OPENSSL_NO_ERR
  static ERR_STRING_DATA ENGINE_str_functs[]=
         {
-{ERR_PACK(0,ENGINE_F_ATALLA_CTRL,0),   "ATALLA_CTRL"},
-{ERR_PACK(0,ENGINE_F_ATALLA_FINISH,0), "ATALLA_FINISH"},
-{ERR_PACK(0,ENGINE_F_ATALLA_INIT,0),   "ATALLA_INIT"},
-{ERR_PACK(0,ENGINE_F_ATALLA_MOD_EXP,0),        "ATALLA_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_ATALLA_RSA_MOD_EXP,0),    "ATALLA_RSA_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_CTRL,0),   "CSWIFT_CTRL"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_DSA_SIGN,0),       "CSWIFT_DSA_SIGN"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_DSA_VERIFY,0),     "CSWIFT_DSA_VERIFY"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_FINISH,0), "CSWIFT_FINISH"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_INIT,0),   "CSWIFT_INIT"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_MOD_EXP,0),        "CSWIFT_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_MOD_EXP_CRT,0),    "CSWIFT_MOD_EXP_CRT"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_RSA_MOD_EXP,0),    "CSWIFT_RSA_MOD_EXP"},
  {ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0),  "DYNAMIC_CTRL"},
  {ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0),  "DYNAMIC_GET_DATA_CTX"},
  {ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0),  "DYNAMIC_LOAD"},
@@ -104,32 +91,9 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
  {ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0), "ENGINE_set_id"},
  {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),       "ENGINE_set_name"},
  {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0),     "ENGINE_UNLOAD_KEY"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_CTRL,0),   "HWCRHK_CTRL"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_FINISH,0), "HWCRHK_FINISH"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_GET_PASS,0),       "HWCRHK_GET_PASS"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_INIT,0),   "HWCRHK_INIT"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_INSERT_CARD,0),    "HWCRHK_INSERT_CARD"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_LOAD_PRIVKEY,0),   "HWCRHK_LOAD_PRIVKEY"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_LOAD_PUBKEY,0),    "HWCRHK_LOAD_PUBKEY"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP,0),        "HWCRHK_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP_CRT,0),    "HWCRHK_MOD_EXP_CRT"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_RAND_BYTES,0),     "HWCRHK_RAND_BYTES"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_RSA_MOD_EXP,0),    "HWCRHK_RSA_MOD_EXP"},
  {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0),       "INT_CTRL_HELPER"},
  {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),   "LOG_MESSAGE"},
-{ERR_PACK(0,ENGINE_F_NURON_CTRL,0),    "NURON_CTRL"},
-{ERR_PACK(0,ENGINE_F_NURON_FINISH,0),  "NURON_FINISH"},
-{ERR_PACK(0,ENGINE_F_NURON_INIT,0),    "NURON_INIT"},
-{ERR_PACK(0,ENGINE_F_NURON_MOD_EXP,0), "NURON_MOD_EXP"},
  {ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0),  "SET_DATA_CTX"},
-{ERR_PACK(0,ENGINE_F_UBSEC_CTRL,0),    "UBSEC_CTRL"},
-{ERR_PACK(0,ENGINE_F_UBSEC_DSA_SIGN,0),        "UBSEC_DSA_SIGN"},
-{ERR_PACK(0,ENGINE_F_UBSEC_DSA_VERIFY,0),      "UBSEC_DSA_VERIFY"},
-{ERR_PACK(0,ENGINE_F_UBSEC_FINISH,0),  "UBSEC_FINISH"},
-{ERR_PACK(0,ENGINE_F_UBSEC_INIT,0),    "UBSEC_INIT"},
-{ERR_PACK(0,ENGINE_F_UBSEC_MOD_EXP,0), "UBSEC_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_UBSEC_RSA_MOD_EXP,0),     "UBSEC_RSA_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_UBSEC_RSA_MOD_EXP_CRT,0), "UBSEC_RSA_MOD_EXP_CRT"},
  {0,NULL}
         };
  
diff --git a/crypto/engine/engine_int.h b/crypto/engine/engine_int.h

index b51d1914c0d1198da3c66966f6d0a39f71d4c96b..90a47a73256c0590b16ad6266e820eb1b5c37b82 100644 (file)
--- a/crypto/engine/engine_int.h
+++ b/crypto/engine/engine_int.h
@@ -141,11 +141,11 @@ struct engine_st
   * do not return references - they are purely for bootstrapping). */
  
  /* Returns a structure of software only methods (the default). */
-ENGINE *ENGINE_openssl();
+ENGINE *ENGINE_openssl(void);
  
  /* Returns the "dynamic" ENGINE for loading entire ENGINE implementations from
   * shared libraries. */
-ENGINE *ENGINE_dynamic();
+ENGINE *ENGINE_dynamic(void);
  
  #ifndef OPENSSL_NO_HW
  
@@ -153,24 +153,24 @@ ENGINE *ENGINE_dynamic();
  /* Returns a structure of cswift methods ... NB: This can exist and be
   * "used" even on non-cswift systems because the "init" will fail if the
   * card/library are not found. */
-ENGINE *ENGINE_cswift();
+ENGINE *ENGINE_cswift(void);
  #endif /* !OPENSSL_NO_HW_CSWIFT */
  
  #ifndef OPENSSL_NO_HW_NCIPHER
-ENGINE *ENGINE_ncipher();
+ENGINE *ENGINE_ncipher(void);
  #endif /* !OPENSSL_NO_HW_NCIPHER */
  
  #ifndef OPENSSL_NO_HW_ATALLA
  /* Returns a structure of atalla methods. */
-ENGINE *ENGINE_atalla();
+ENGINE *ENGINE_atalla(void);
  #endif /* !OPENSSL_NO_HW_ATALLA */
  
  #ifndef OPENSSL_NO_HW_NURON
-ENGINE *ENGINE_nuron();
+ENGINE *ENGINE_nuron(void);
  #endif /* !OPENSSL_NO_HW_NURON */
  
  #ifndef OPENSSL_NO_HW_UBSEC
-ENGINE *ENGINE_ubsec();
+ENGINE *ENGINE_ubsec(void);
  #endif /* !OPENSSL_NO_HW_UBSEC */
  
  #ifdef OPENSSL_OPENBSD_DEV_CRYPTO
diff --git a/crypto/engine/engine_openssl.c b/crypto/engine/engine_openssl.c

index cd885c04091135d9006069e65383d4d6cb0c64b6..c353df97d697eb488e4bc63ac325522d218da74b 100644 (file)
--- a/crypto/engine/engine_openssl.c
+++ b/crypto/engine/engine_openssl.c
@@ -76,7 +76,7 @@ static const char *engine_openssl_name = "Software default engine support";
  
  /* As this is only ever called once, there's no need for locking
   * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_openssl()
+ENGINE *ENGINE_openssl(void)
         {
         ENGINE *ret = ENGINE_new();
         if(!ret)
diff --git a/crypto/engine/hw_atalla.c b/crypto/engine/hw_atalla.c

index 5deb2c43828803eaf0c3c83f2e7828b47cf9c900..5716c2f0b9dc0366e88ae715e83cf3078af289f5 100644 (file)
--- a/crypto/engine/hw_atalla.c
+++ b/crypto/engine/hw_atalla.c
@@ -167,13 +167,66 @@ static DH_METHOD atalla_dh =
         };
  #endif
  
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in atalla operation */
+#define ATALLA_F_ATALLA_INIT                   100
+#define ATALLA_F_ATALLA_FINISH                 101
+#define ATALLA_F_ATALLA_CTRL                   102
+#define ATALLA_F_ATALLA_MOD_EXP                        103
+#define ATALLA_F_ATALLA_RSA_MOD_EXP            104
+/* Error reason codes */
+#define ATALLA_R_ALREADY_LOADED                        105
+#define ATALLA_R_NOT_LOADED                    106
+#define ATALLA_R_UNIT_FAILURE                  107
+#define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED  108
+#define ATALLA_R_BN_CTX_FULL                   109
+#define ATALLA_R_BN_EXPAND_FAIL                        110
+#define ATALLA_R_REQUEST_FAILED                        111
+#define ATALLA_R_MISSING_KEY_COMPONENTS                112
+static ERR_STRING_DATA atalla_str_functs[] =
+       {
+       /* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),                              "atalla engine code"},
+{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0),           "atalla_init"},
+{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0),         "atalla_finish"},
+{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0),           "atalla_ctrl"},
+{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0),                "atalla_mod_exp"},
+{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0),"atalla_rsa_mod_exp"},
+{ATALLA_R_ALREADY_LOADED               ,"already loaded"},
+{ATALLA_R_UNIT_FAILURE                 ,"unit failure"},
+{ATALLA_R_NOT_LOADED,                  "not loaded"},
+{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"control command not implemented"},
+{ATALLA_R_BN_CTX_FULL                  ,"BN_CTX full"},
+{ATALLA_R_BN_EXPAND_FAIL               ,"BN_expand failed"},
+{ATALLA_R_REQUEST_FAILED               ,"request failed"},
+{ATALLA_R_MISSING_KEY_COMPONENTS       ,"missing key components"},
+{0,NULL}
+       };
+/* The library number we obtain dynamically from the ERR code */
+static int atalla_err_lib = -1;
+#define ATALLAerr(f,r) ERR_PUT_error(atalla_err_lib,(f),(r),__FILE__,__LINE__)
+static void atalla_load_error_strings(void)
+       {
+       if (atalla_err_lib < 0)
+               {
+               if((atalla_err_lib = ERR_get_next_error_library()) <= 0)
+                       return;
+               atalla_str_functs[0].error = ERR_PACK(atalla_err_lib, 0, 0);
+               ERR_load_strings(atalla_err_lib,atalla_str_functs);
+               }
+       }
+#else
+#define ATALLAerr(f,r)                                 /* NOP */
+static void atalla_load_error_strings(void) { }                /* NOP */
+#endif
+
  /* Constants used when creating the ENGINE */
  static const char *engine_atalla_id = "atalla";
  static const char *engine_atalla_name = "Atalla hardware engine support";
  
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_atalla()
+/* This internal function is used by ENGINE_atalla() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
         {
  #ifndef OPENSSL_NO_RSA
         const RSA_METHOD *meth1;
@@ -184,29 +237,23 @@ ENGINE *ENGINE_atalla()
  #ifndef OPENSSL_NO_DH
         const DH_METHOD *meth3;
  #endif
-       ENGINE *ret = ENGINE_new();
-       if(!ret)
-               return NULL;
-       if(!ENGINE_set_id(ret, engine_atalla_id) ||
-                       !ENGINE_set_name(ret, engine_atalla_name) ||
+       if(!ENGINE_set_id(e, engine_atalla_id) ||
+                       !ENGINE_set_name(e, engine_atalla_name) ||
  #ifndef OPENSSL_NO_RSA
-                       !ENGINE_set_RSA(ret, &atalla_rsa) ||
+                       !ENGINE_set_RSA(e, &atalla_rsa) ||
  #endif
  #ifndef OPENSSL_NO_DSA
-                       !ENGINE_set_DSA(ret, &atalla_dsa) ||
+                       !ENGINE_set_DSA(e, &atalla_dsa) ||
  #endif
  #ifndef OPENSSL_NO_DH
-                       !ENGINE_set_DH(ret, &atalla_dh) ||
+                       !ENGINE_set_DH(e, &atalla_dh) ||
  #endif
-                       !ENGINE_set_BN_mod_exp(ret, atalla_mod_exp) ||
-                       !ENGINE_set_init_function(ret, atalla_init) ||
-                       !ENGINE_set_finish_function(ret, atalla_finish) ||
-                       !ENGINE_set_ctrl_function(ret, atalla_ctrl) ||
-                       !ENGINE_set_cmd_defns(ret, atalla_cmd_defns))
-               {
-               ENGINE_free(ret);
-               return NULL;
-               }
+                       !ENGINE_set_BN_mod_exp(e, atalla_mod_exp) ||
+                       !ENGINE_set_init_function(e, atalla_init) ||
+                       !ENGINE_set_finish_function(e, atalla_finish) ||
+                       !ENGINE_set_ctrl_function(e, atalla_ctrl) ||
+                       !ENGINE_set_cmd_defns(e, atalla_cmd_defns))
+               return 0;
  
  #ifndef OPENSSL_NO_RSA
         /* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -238,6 +285,24 @@ ENGINE *ENGINE_atalla()
         atalla_dh.generate_key = meth3->generate_key;
         atalla_dh.compute_key = meth3->compute_key;
  #endif
+
+       /* Ensure the atalla error handling is set up */
+       atalla_load_error_strings();
+       return 1;
+       }
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_atalla(void)
+       {
+       ENGINE *ret = ENGINE_new();
+       if(!ret)
+               return NULL;
+       if(!bind_helper(ret))
+               {
+               ENGINE_free(ret);
+               return NULL;
+               }
         return ret;
         }
  
@@ -280,7 +345,7 @@ static int atalla_init(ENGINE *e)
  
         if(atalla_dso != NULL)
                 {
-               ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_ALREADY_LOADED);
+               ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED);
                 goto err;
                 }
         /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be
@@ -293,7 +358,7 @@ static int atalla_init(ENGINE *e)
         atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, 0);
         if(atalla_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE);
+               ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
                 goto err;
                 }
         if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func(
@@ -303,7 +368,7 @@ static int atalla_init(ENGINE *e)
                         !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func(
                                 atalla_dso, ATALLA_F3)))
                 {
-               ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE);
+               ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
                 goto err;
                 }
         /* Copy the pointers */
@@ -314,7 +379,7 @@ static int atalla_init(ENGINE *e)
          * running. */
         if(p1(0L, config_buf) != 0)
                 {
-               ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_UNIT_FAILURE);
+               ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE);
                 goto err;
                 }
         /* Everything's fine. */
@@ -332,12 +397,12 @@ static int atalla_finish(ENGINE *e)
         {
         if(atalla_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_NOT_LOADED);
+               ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
                 return 0;
                 }
         if(!DSO_free(atalla_dso))
                 {
-               ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_DSO_FAILURE);
+               ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE);
                 return 0;
                 }
         atalla_dso = NULL;
@@ -355,12 +420,12 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         case ATALLA_CMD_SO_PATH:
                 if(p == NULL)
                         {
-                       ENGINEerr(ENGINE_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                       ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER);
                         return 0;
                         }
                 if(initialised)
                         {
-                       ENGINEerr(ENGINE_F_ATALLA_CTRL,ENGINE_R_ALREADY_LOADED);
+                       ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
                         return 0;
                         }
                 ATALLA_LIBNAME = (const char *)p;
@@ -368,7 +433,7 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         default:
                 break;
                 }
-       ENGINEerr(ENGINE_F_ATALLA_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+       ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
         return 0;
         }
  
@@ -391,10 +456,10 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         to_return = 0; /* expect failure */
  
         if(!atalla_dso)
-       {
-               ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_NOT_LOADED);
+               {
+               ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED);
                 goto err;
-       }
+               }
         /* Prepare the params */
         BN_CTX_start(ctx);
         modulus = BN_CTX_get(ctx);
@@ -402,16 +467,16 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         argument = BN_CTX_get(ctx);
         result = BN_CTX_get(ctx);
         if (!result)
-       {
-               ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_CTX_FULL);
+               {
+               ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL);
                 goto err;
-       }
+               }
         if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
            !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top))
-       {
-               ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL);
+               {
+               ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL);
                 goto err;
-       }
+               }
         /* Prepare the key-data */
         memset(&keydata, 0,sizeof keydata);
         numbytes = BN_num_bytes(m);
@@ -431,11 +496,10 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
                         (unsigned char *)argument->d,
                         keydata.modulus.len) != 0)
-       {
-               ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+               {
+               ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED);
                 goto err;
-       }
-
+               }
         /* Convert the response */
         BN_bin2bn((unsigned char *)result->d, numbytes, r);
         to_return = 1;
@@ -451,15 +515,15 @@ static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
         int to_return = 0;
  
         if(!atalla_dso)
-       {
-               ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_NOT_LOADED);
+               {
+               ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED);
                 goto err;
-       }
+               }
         if((ctx = BN_CTX_new()) == NULL)
                 goto err;
         if(!rsa->d || !rsa->n)
                 {
-               ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS);
+               ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS);
                 goto err;
                 }
         to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
@@ -523,5 +587,20 @@ static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
         }
  #endif
  
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+       {
+       if(id && (strcmp(id, engine_atalla_id) != 0))
+               return 0;
+       if(!bind_helper(e))
+               return 0;
+       return 1;
+       }
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
  #endif /* !OPENSSL_NO_HW_ATALLA */
  #endif /* !OPENSSL_NO_HW */
diff --git a/crypto/engine/hw_cswift.c b/crypto/engine/hw_cswift.c

index 5471dbe50112b0c09d43fee4b7536a56da49d366..4eab0fb76949bc594386b8fc087cd38690961e8c 100644 (file)
--- a/crypto/engine/hw_cswift.c
+++ b/crypto/engine/hw_cswift.c
@@ -179,13 +179,75 @@ static DH_METHOD cswift_dh =
         };
  #endif
  
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in cswift operation */
+#define CSWIFT_F_CSWIFT_INIT                   100
+#define CSWIFT_F_CSWIFT_FINISH                 101
+#define CSWIFT_F_CSWIFT_CTRL                   102
+#define CSWIFT_F_CSWIFT_MOD_EXP                        103
+#define CSWIFT_F_CSWIFT_MOD_EXP_CRT            104
+#define CSWIFT_F_CSWIFT_RSA_MOD_EXP            105
+#define CSWIFT_F_CSWIFT_DSA_SIGN               106
+#define CSWIFT_F_CSWIFT_DSA_VERIFY             107
+/* Error reason codes */
+#define CSWIFT_R_ALREADY_LOADED                        108
+#define CSWIFT_R_NOT_LOADED                    109
+#define CSWIFT_R_UNIT_FAILURE                  110
+#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED  113
+#define CSWIFT_R_BN_CTX_FULL                   115
+#define CSWIFT_R_BN_EXPAND_FAIL                        116
+#define CSWIFT_R_BAD_KEY_SIZE                  117
+#define CSWIFT_R_REQUEST_FAILED                        118
+#define CSWIFT_R_MISSING_KEY_COMPONENTS                120
+static ERR_STRING_DATA cswift_str_functs[] =
+       {
+       /* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),                              "cswift engine code"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0),           "cswift_init"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0),         "cswift_finish"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0),           "cswift_ctrl"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0),                "cswift_mod_exp"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0),    "cswift_mod_exp_crt"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0),    "cswift_rsa_mod_exp"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0),       "cswift_dsa_sign"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0),     "cswift_dsa_verify"},
+/* Error reason codes */
+{CSWIFT_R_ALREADY_LOADED                ,"already loaded"},
+{CSWIFT_R_NOT_LOADED                    ,"not loaded"},
+{CSWIFT_R_UNIT_FAILURE                  ,"unit failure"},
+{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED  ,"ctrl command not implemented"},
+{CSWIFT_R_BN_CTX_FULL                   ,"BN_CTX full"},
+{CSWIFT_R_BN_EXPAND_FAIL                ,"bn_expand fail"},
+{CSWIFT_R_BAD_KEY_SIZE                  ,"bad key size"},
+{CSWIFT_R_REQUEST_FAILED                ,"request failed"},
+{CSWIFT_R_MISSING_KEY_COMPONENTS        ,"missing key components"},
+{0,NULL}
+       };
+/* The library number we obtain dynamically from the ERR code */
+static int cswift_err_lib = -1;
+#define CSWIFTerr(f,r) ERR_PUT_error(cswift_err_lib,(f),(r),__FILE__,__LINE__)
+static void cswift_load_error_strings(void)
+       {
+       if(cswift_err_lib < 0)
+               {
+               if((cswift_err_lib = ERR_get_next_error_library()) <= 0)
+                       return;
+               cswift_str_functs[0].error = ERR_PACK(cswift_err_lib,0,0);
+               ERR_load_strings(cswift_err_lib, cswift_str_functs);
+               }
+       }
+#else
+#define CSWIFTerr(f,r)                                 /* NOP */
+static void cswift_load_error_strings(void) { }                /* NOP */
+#endif
+
  /* Constants used when creating the ENGINE */
  static const char *engine_cswift_id = "cswift";
  static const char *engine_cswift_name = "CryptoSwift hardware engine support";
  
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_cswift()
+/* This internal function is used by ENGINE_cswift() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
         {
  #ifndef OPENSSL_NO_RSA
         const RSA_METHOD *meth1;
@@ -193,30 +255,24 @@ ENGINE *ENGINE_cswift()
  #ifndef OPENSSL_NO_DH
         const DH_METHOD *meth2;
  #endif
-       ENGINE *ret = ENGINE_new();
-       if(!ret)
-               return NULL;
-       if(!ENGINE_set_id(ret, engine_cswift_id) ||
-                       !ENGINE_set_name(ret, engine_cswift_name) ||
+       if(!ENGINE_set_id(e, engine_cswift_id) ||
+                       !ENGINE_set_name(e, engine_cswift_name) ||
  #ifndef OPENSSL_NO_RSA
-                       !ENGINE_set_RSA(ret, &cswift_rsa) ||
+                       !ENGINE_set_RSA(e, &cswift_rsa) ||
  #endif
  #ifndef OPENSSL_NO_DSA
-                       !ENGINE_set_DSA(ret, &cswift_dsa) ||
+                       !ENGINE_set_DSA(e, &cswift_dsa) ||
  #endif
  #ifndef OPENSSL_NO_DH
-                       !ENGINE_set_DH(ret, &cswift_dh) ||
+                       !ENGINE_set_DH(e, &cswift_dh) ||
  #endif
-                       !ENGINE_set_BN_mod_exp(ret, &cswift_mod_exp) ||
-                       !ENGINE_set_BN_mod_exp_crt(ret, &cswift_mod_exp_crt) ||
-                       !ENGINE_set_init_function(ret, cswift_init) ||
-                       !ENGINE_set_finish_function(ret, cswift_finish) ||
-                       !ENGINE_set_ctrl_function(ret, cswift_ctrl) ||
-                       !ENGINE_set_cmd_defns(ret, cswift_cmd_defns))
-               {
-               ENGINE_free(ret);
-               return NULL;
-               }
+                       !ENGINE_set_BN_mod_exp(e, &cswift_mod_exp) ||
+                       !ENGINE_set_BN_mod_exp_crt(e, &cswift_mod_exp_crt) ||
+                       !ENGINE_set_init_function(e, cswift_init) ||
+                       !ENGINE_set_finish_function(e, cswift_finish) ||
+                       !ENGINE_set_ctrl_function(e, cswift_ctrl) ||
+                       !ENGINE_set_cmd_defns(e, cswift_cmd_defns))
+               return 0;
  
  #ifndef OPENSSL_NO_RSA
         /* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -239,6 +295,24 @@ ENGINE *ENGINE_cswift()
         cswift_dh.generate_key = meth2->generate_key;
         cswift_dh.compute_key = meth2->compute_key;
  #endif
+
+       /* Ensure the cswift error handling is set up */
+       cswift_load_error_strings();
+       return 1;
+       }
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_cswift(void)
+       {
+       ENGINE *ret = ENGINE_new();
+       if(!ret)
+               return NULL;
+       if(!bind_helper(ret))
+               {
+               ENGINE_free(ret);
+               return NULL;
+               }
         return ret;
         }
  
@@ -298,14 +372,14 @@ static int cswift_init(ENGINE *e)
  
         if(cswift_dso != NULL)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_ALREADY_LOADED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED);
                 goto err;
                 }
         /* Attempt to load libswift.so/swift.dll/whatever. */
         cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0);
         if(cswift_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE);
+               CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
                 goto err;
                 }
         if(!(p1 = (t_swAcquireAccContext *)
@@ -317,7 +391,7 @@ static int cswift_init(ENGINE *e)
                         !(p4 = (t_swReleaseAccContext *)
                                 DSO_bind_func(cswift_dso, CSWIFT_F4)))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE);
+               CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
                 goto err;
                 }
         /* Copy the pointers */
@@ -329,7 +403,7 @@ static int cswift_init(ENGINE *e)
          * accelerator! */
         if(!get_context(&hac))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_UNIT_FAILURE);
+               CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE);
                 goto err;
                 }
         release_context(hac);
@@ -349,12 +423,12 @@ static int cswift_finish(ENGINE *e)
         {
         if(cswift_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_NOT_LOADED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
                 return 0;
                 }
         if(!DSO_free(cswift_dso))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_DSO_FAILURE);
+               CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE);
                 return 0;
                 }
         cswift_dso = NULL;
@@ -373,14 +447,12 @@ static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         case CSWIFT_CMD_SO_PATH:
                 if(p == NULL)
                         {
-                       ENGINEerr(ENGINE_F_CSWIFT_CTRL,
-                               ERR_R_PASSED_NULL_PARAMETER);
+                       CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER);
                         return 0;
                         }
                 if(initialised)
                         {
-                       ENGINEerr(ENGINE_F_CSWIFT_CTRL,
-                               ENGINE_R_ALREADY_LOADED);
+                       CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
                         return 0;
                         }
                 CSWIFT_LIBNAME = (const char *)p;
@@ -388,7 +460,7 @@ static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         default:
                 break;
                 }
-       ENGINEerr(ENGINE_F_CSWIFT_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+       CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
         return 0;
         }
  
@@ -417,7 +489,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
   
         if(!get_context(&hac))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_GET_HANDLE_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE);
                 goto err;
                 }
         acquired = 1;
@@ -429,13 +501,13 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         result = BN_CTX_get(ctx);
         if(!result)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_CTX_FULL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL);
                 goto err;
                 }
         if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
                 !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL);
                 goto err;
                 }
         sw_param.type = SW_ALG_EXP;
@@ -452,13 +524,12 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         case SW_OK:
                 break;
         case SW_ERR_INPUT_SIZE:
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,
-                       ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE);
                 goto err;
         default:
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 }
@@ -475,7 +546,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                 &res, 1)) != SW_OK)
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 goto err;
@@ -511,7 +582,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
   
         if(!get_context(&hac))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_GET_HANDLE_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE);
                 goto err;
                 }
         acquired = 1;
@@ -526,7 +597,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         result = BN_CTX_get(ctx);
         if(!result)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_CTX_FULL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
                 goto err;
                 }
         if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
@@ -536,7 +607,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                         !bn_wexpand(argument, a->top) ||
                         !bn_wexpand(result, p->top + q->top))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_EXPAND_FAIL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
                 goto err;
                 }
         sw_param.type = SW_ALG_CRT;
@@ -560,13 +631,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         case SW_OK:
                 break;
         case SW_ERR_INPUT_SIZE:
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,
-                       ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE);
                 goto err;
         default:
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 }
@@ -583,7 +653,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                 &res, 1)) != SW_OK)
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 goto err;
@@ -608,7 +678,7 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
                 goto err;
         if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS);
+               CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS);
                 goto err;
                 }
         to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
@@ -648,7 +718,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
                 goto err;
         if(!get_context(&hac))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_GET_HANDLE_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE);
                 goto err;
                 }
         acquired = 1;
@@ -661,7 +731,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
         result = BN_CTX_get(ctx);
         if(!result)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_CTX_FULL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL);
                 goto err;
                 }
         if(!bn_wexpand(dsa_p, dsa->p->top) ||
@@ -670,7 +740,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
                         !bn_wexpand(dsa_key, dsa->priv_key->top) ||
                         !bn_wexpand(result, dsa->p->top))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_EXPAND_FAIL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL);
                 goto err;
                 }
         sw_param.type = SW_ALG_DSA;
@@ -693,13 +763,12 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
         case SW_OK:
                 break;
         case SW_ERR_INPUT_SIZE:
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,
-                       ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE);
                 goto err;
         default:
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 }
@@ -717,7 +786,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
         if(sw_status != SW_OK)
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 goto err;
@@ -761,7 +830,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
                 goto err;
         if(!get_context(&hac))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_GET_HANDLE_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE);
                 goto err;
                 }
         acquired = 1;
@@ -774,7 +843,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
         argument = BN_CTX_get(ctx);
         if(!argument)
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_CTX_FULL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL);
                 goto err;
                 }
         if(!bn_wexpand(dsa_p, dsa->p->top) ||
@@ -783,7 +852,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
                         !bn_wexpand(dsa_key, dsa->pub_key->top) ||
                         !bn_wexpand(argument, 40))
                 {
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_BN_EXPAND_FAIL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL);
                 goto err;
                 }
         sw_param.type = SW_ALG_DSA;
@@ -806,13 +875,12 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
         case SW_OK:
                 break;
         case SW_ERR_INPUT_SIZE:
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,
-                       ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE);
                 goto err;
         default:
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 }
@@ -834,7 +902,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
         if(sw_status != SW_OK)
                 {
                 char tmpbuf[20];
-               ENGINEerr(ENGINE_F_CSWIFT_DSA_VERIFY,ENGINE_R_REQUEST_FAILED);
+               CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
                 sprintf(tmpbuf, "%ld", sw_status);
                 ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
                 goto err;
@@ -864,5 +932,20 @@ static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
         }
  #endif
  
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+       {
+       if(id && (strcmp(id, engine_cswift_id) != 0))
+               return 0;
+       if(!bind_helper(e))
+               return 0;
+       return 1;
+       }       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
  #endif /* !OPENSSL_NO_HW_CSWIFT */
  #endif /* !OPENSSL_NO_HW */
diff --git a/crypto/engine/hw_ncipher.c b/crypto/engine/hw_ncipher.c

index 8ae08de5b087d7c48c03ac534e426b9596d8708a..03990c558c338ed0a5ee7417c36ebbd3f4cb9520 100644 (file)
--- a/crypto/engine/hw_ncipher.c
+++ b/crypto/engine/hw_ncipher.c
@@ -210,6 +210,82 @@ static RAND_METHOD hwcrhk_rand =
         hwcrhk_rand_status,
         };
  
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in hwcrhk operation */
+#define HWCRHK_F_HWCRHK_INIT                   100
+#define HWCRHK_F_HWCRHK_FINISH                 101
+#define HWCRHK_F_HWCRHK_CTRL                   102
+#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY           103
+#define HWCRHK_F_HWCRHK_LOAD_PUBKEY            104
+#define HWCRHK_F_HWCRHK_MOD_EXP                        105
+#define HWCRHK_F_HWCRHK_RSA_MOD_EXP            106
+#define HWCRHK_F_HWCRHK_RAND_BYTES             107
+#define HWCRHK_F_HWCRHK_GET_PASS               108
+#define HWCRHK_F_HWCRHK_INSERT_CARD            109
+/* Error reason codes */
+#define HWCRHK_R_ALREADY_LOADED                        110
+#define HWCRHK_R_DSO_FAILURE                   111
+#define HWCRHK_R_UNIT_FAILURE                  112
+#define HWCRHK_R_NOT_LOADED                    113
+#define HWCRHK_R_BIO_WAS_FREED                 114
+#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED  115
+#define HWCRHK_R_NOT_INITIALISED               116
+#define HWCRHK_R_CHIL_ERROR                    117
+#define HWCRHK_R_NO_KEY                                118
+#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 119
+#define HWCRHK_R_REQUEST_FALLBACK              120
+#define HWCRHK_R_REQUEST_FAILED                        121
+#define HWCRHK_R_MISSING_KEY_COMPONENTS                122
+#define HWCRHK_R_NO_CALLBACK                   123
+static ERR_STRING_DATA hwcrhk_str_functs[] =
+       {
+       /* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),                              "hwcrhk engine code"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0),           "hwcrhk_init"},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0),                         ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0),                           ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0),                           ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0),                            ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0),                                ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0),                            ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0),                             ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0),                               ""},
+{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0),                            ""},
+/* Error reason codes */
+{HWCRHK_R_ALREADY_LOADED               ,"already loaded"},
+{HWCRHK_R_DSO_FAILURE                  ,"DSO failure"},
+{HWCRHK_R_UNIT_FAILURE                 ,"unit failure"},
+{HWCRHK_R_NOT_LOADED                   ,"not loaded"},
+{HWCRHK_R_BIO_WAS_FREED                        ,"BIO was freed"},
+{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
+{HWCRHK_R_NOT_INITIALISED              ,"not initialised"},
+{HWCRHK_R_CHIL_ERROR                   ,"'chil' error"},
+{HWCRHK_R_NO_KEY                       ,"no key"},
+{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
+{HWCRHK_R_REQUEST_FALLBACK             ,"request fallback"},
+{HWCRHK_R_REQUEST_FAILED               ,"request failed"},
+{HWCRHK_R_MISSING_KEY_COMPONENTS       ,"missing key components"},
+{HWCRHK_R_NO_CALLBACK                  ,"no callback"},
+{0,NULL}
+       };
+/* The library number we obtain dynamically from the ERR code */
+static int hwcrhk_err_lib = -1;
+#define HWCRHKerr(f,r) ERR_PUT_error(hwcrhk_err_lib,(f),(r),__FILE__,__LINE__)
+static void hwcrhk_load_error_strings(void)
+       {
+       if(hwcrhk_err_lib < 0)
+               {
+               if((hwcrhk_err_lib = ERR_get_next_error_library()) <= 0)
+                       return;
+               hwcrhk_str_functs[0].error = ERR_PACK(hwcrhk_err_lib,0,0);
+               ERR_load_strings(hwcrhk_err_lib, hwcrhk_str_functs);
+               }
+       }
+#else
+#define HWCRHKerr(f,r)                           /* NOP */
+static void hwcrhk_load_error_strings(void) { }         /* NOP */
+#endif
+
  /* Constants used when creating the ENGINE */
  static const char *engine_hwcrhk_id = "chil";
  static const char *engine_hwcrhk_name = "nCipher hardware engine support";
@@ -312,9 +388,9 @@ static HWCryptoHook_InitInfo hwcrhk_globals = {
  
  /* Now, to our own code */
  
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_ncipher()
+/* This internal function is used by ENGINE_ncipher() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
         {
  #ifndef OPENSSL_NO_RSA
         const RSA_METHOD *meth1;
@@ -322,29 +398,23 @@ ENGINE *ENGINE_ncipher()
  #ifndef OPENSSL_NO_DH
         const DH_METHOD *meth2;
  #endif
-       ENGINE *ret = ENGINE_new();
-       if(!ret)
-               return NULL;
-       if(!ENGINE_set_id(ret, engine_hwcrhk_id) ||
-                       !ENGINE_set_name(ret, engine_hwcrhk_name) ||
+       if(!ENGINE_set_id(e, engine_hwcrhk_id) ||
+                       !ENGINE_set_name(e, engine_hwcrhk_name) ||
  #ifndef OPENSSL_NO_RSA
-                       !ENGINE_set_RSA(ret, &hwcrhk_rsa) ||
+                       !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
  #endif
  #ifndef OPENSSL_NO_DH
-                       !ENGINE_set_DH(ret, &hwcrhk_dh) ||
+                       !ENGINE_set_DH(e, &hwcrhk_dh) ||
  #endif
-                       !ENGINE_set_RAND(ret, &hwcrhk_rand) ||
-                       !ENGINE_set_BN_mod_exp(ret, hwcrhk_mod_exp) ||
-                       !ENGINE_set_init_function(ret, hwcrhk_init) ||
-                       !ENGINE_set_finish_function(ret, hwcrhk_finish) ||
-                       !ENGINE_set_ctrl_function(ret, hwcrhk_ctrl) ||
-                       !ENGINE_set_load_privkey_function(ret, hwcrhk_load_privkey) ||
-                       !ENGINE_set_load_pubkey_function(ret, hwcrhk_load_pubkey) ||
-                       !ENGINE_set_cmd_defns(ret, hwcrhk_cmd_defns))
-               {
-               ENGINE_free(ret);
-               return NULL;
-               }
+                       !ENGINE_set_RAND(e, &hwcrhk_rand) ||
+                       !ENGINE_set_BN_mod_exp(e, hwcrhk_mod_exp) ||
+                       !ENGINE_set_init_function(e, hwcrhk_init) ||
+                       !ENGINE_set_finish_function(e, hwcrhk_finish) ||
+                       !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
+                       !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
+                       !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
+                       !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
+               return 0;
  
  #ifndef OPENSSL_NO_RSA
         /* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -367,6 +437,24 @@ ENGINE *ENGINE_ncipher()
         hwcrhk_dh.generate_key = meth2->generate_key;
         hwcrhk_dh.compute_key = meth2->compute_key;
  #endif
+
+       /* Ensure the hwcrhk error handling is set up */
+       hwcrhk_load_error_strings();
+       return 1;
+       }
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_ncipher(void)
+       {
+       ENGINE *ret = ENGINE_new();
+       if(!ret)
+               return NULL;
+       if(!bind_helper(ret))
+               {
+               ENGINE_free(ret);
+               return NULL;
+               }
         return ret;
         }
  
@@ -459,14 +547,14 @@ static int hwcrhk_init(ENGINE *e)
  
         if(hwcrhk_dso != NULL)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_ALREADY_LOADED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED);
                 goto err;
                 }
         /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
         hwcrhk_dso = DSO_load(NULL, HWCRHK_LIBNAME, NULL, 0);
         if(hwcrhk_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_DSO_FAILURE);
+               HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
                 goto err;
                 }
         if(!(p1 = (HWCryptoHook_Init_t *)
@@ -490,7 +578,7 @@ static int hwcrhk_init(ENGINE *e)
                 !(p9 = (HWCryptoHook_ModExpCRT_t *)
                         DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT)))
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_DSO_FAILURE);
+               HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
                 goto err;
                 }
         /* Copy the pointers */
@@ -523,7 +611,7 @@ static int hwcrhk_init(ENGINE *e)
          * accelerator! */
         if(!get_context(&hwcrhk_context, &password_context))
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_INIT,ENGINE_R_UNIT_FAILURE);
+               HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE);
                 goto err;
                 }
         /* Everything's fine. */
@@ -557,14 +645,14 @@ static int hwcrhk_finish(ENGINE *e)
         int to_return = 1;
         if(hwcrhk_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_FINISH,ENGINE_R_NOT_LOADED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
                 to_return = 0;
                 goto err;
                 }
         release_context(hwcrhk_context);
         if(!DSO_free(hwcrhk_dso))
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_FINISH,ENGINE_R_DSO_FAILURE);
+               HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE);
                 to_return = 0;
                 goto err;
                 }
@@ -595,12 +683,12 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         case HWCRHK_CMD_SO_PATH:
                 if(hwcrhk_dso)
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_CTRL,ENGINE_R_ALREADY_LOADED);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED);
                         return 0;
                         }
                 if(p == NULL)
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
                         return 0;
                         }
                 HWCRHK_LIBNAME = (const char *)p;
@@ -618,7 +706,7 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
                 if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
                         logstream = bio;
                 else
-                       ENGINEerr(ENGINE_F_HWCRHK_CTRL,ENGINE_R_BIO_WAS_FREED);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED);
                 }
                 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
                 break;
@@ -668,8 +756,8 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
  
         /* The command isn't understood by this engine */
         default:
-               ENGINEerr(ENGINE_F_HWCRHK_CTRL,
-                       ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
+                       HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
                 to_return = 0;
                 break;
                 }
@@ -695,15 +783,15 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
  
         if(!hwcrhk_context)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
-                       ENGINE_R_NOT_INITIALISED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
+                       HWCRHK_R_NOT_INITIALISED);
                 goto err;
                 }
  #ifndef OPENSSL_NO_RSA
         hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
         if (!hptr)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
+               HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
                         ERR_R_MALLOC_FAILURE);
                 goto err;
                 }
@@ -712,15 +800,15 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
         if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr,
                 &rmsg, &ppctx))
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
-                       ENGINE_R_CHIL_ERROR);
+               HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
+                       HWCRHK_R_CHIL_ERROR);
                 ERR_add_error_data(1,rmsg.buf);
                 goto err;
                 }
         if (!*hptr)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_LOAD_PRIVKEY,
-                       ENGINE_R_NO_KEY);
+               HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
+                       HWCRHK_R_NO_KEY);
                 goto err;
                 }
  #endif
@@ -735,7 +823,7 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
         if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
                 != HWCRYPTOHOOK_ERROR_MPISIZE)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,ENGINE_R_CHIL_ERROR);
+               HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,HWCRHK_R_CHIL_ERROR);
                 ERR_add_error_data(1,rmsg.buf);
                 goto err;
                 }
@@ -747,8 +835,8 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
  
         if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
-                       ENGINE_R_CHIL_ERROR);
+               HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+                       HWCRHK_R_CHIL_ERROR);
                 ERR_add_error_data(1,rmsg.buf);
                 goto err;
                 }
@@ -762,8 +850,8 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
  #endif
  
          if (!res)
-                ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
-                        ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
+                HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+                        HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
  
         return res;
   err:
@@ -804,8 +892,8 @@ static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
                         }
  #endif
                 default:
-                       ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
-                               ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+                               HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
                         goto err;
                         }
  
@@ -834,7 +922,7 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
  
         if(!hwcrhk_context)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
                 goto err;
                 }
         /* Prepare the params */
@@ -858,11 +946,11 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                    might be a good thing. */
                 if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_REQUEST_FALLBACK);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK);
                         }
                 else
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED);
                         }
                 ERR_add_error_data(1,rmsg.buf);
                 goto err;
@@ -883,7 +971,7 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
  
         if(!hwcrhk_context)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
                 goto err;
                 }
  
@@ -897,8 +985,8 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
  
                 if(!rsa->n)
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,
-                               ENGINE_R_MISSING_KEY_COMPONENTS);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                               HWCRHK_R_MISSING_KEY_COMPONENTS);
                         goto err;
                         }
  
@@ -924,11 +1012,13 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
                            might be a good thing. */
                         if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
                                 {
-                               ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FALLBACK);
+                               HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                                       HWCRHK_R_REQUEST_FALLBACK);
                                 }
                         else
                                 {
-                               ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                               HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                                       HWCRHK_R_REQUEST_FAILED);
                                 }
                         ERR_add_error_data(1,rmsg.buf);
                         goto err;
@@ -940,8 +1030,8 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
  
                 if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,
-                               ENGINE_R_MISSING_KEY_COMPONENTS);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                               HWCRHK_R_MISSING_KEY_COMPONENTS);
                         goto err;
                         }
  
@@ -973,11 +1063,13 @@ static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
                            might be a good thing. */
                         if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
                                 {
-                               ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FALLBACK);
+                               HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                                       HWCRHK_R_REQUEST_FALLBACK);
                                 }
                         else
                                 {
-                               ENGINEerr(ENGINE_F_HWCRHK_RSA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+                               HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                                       HWCRHK_R_REQUEST_FAILED);
                                 }
                         ERR_add_error_data(1,rmsg.buf);
                         goto err;
@@ -1018,7 +1110,7 @@ static int hwcrhk_rand_bytes(unsigned char *buf, int num)
  
         if(!hwcrhk_context)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED);
+               HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED);
                 goto err;
                 }
  
@@ -1030,11 +1122,13 @@ static int hwcrhk_rand_bytes(unsigned char *buf, int num)
                    might be a good thing. */
                 if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_REQUEST_FALLBACK);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
+                               HWCRHK_R_REQUEST_FALLBACK);
                         }
                 else
                         {
-                       ENGINEerr(ENGINE_F_HWCRHK_RAND_BYTES,ENGINE_R_REQUEST_FAILED);
+                       HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
+                               HWCRHK_R_REQUEST_FAILED);
                         }
                 ERR_add_error_data(1,rmsg.buf);
                 goto err;
@@ -1135,7 +1229,7 @@ static int hwcrhk_get_pass(const char *prompt_info,
                 }
         if (callback == NULL && ui_method == NULL)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_GET_PASS,ENGINE_R_NO_CALLBACK);
+               HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK);
                 return -1;
                 }
  
@@ -1203,44 +1297,45 @@ static int hwcrhk_insert_card(const char *prompt_info,
                 }
         if (ui_method == NULL)
                 {
-               ENGINEerr(ENGINE_F_HWCRHK_INSERT_CARD,ENGINE_R_NO_CALLBACK);
+               HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD,
+                       HWCRHK_R_NO_CALLBACK);
                 return -1;
                 }
  
-        ui = UI_new_method(ui_method);
+       ui = UI_new_method(ui_method);
  
-        if (ui)
-                {
-                char answer;
-                char buf[BUFSIZ];
-
-                if (wrong_info)
-                        BIO_snprintf(buf, sizeof(buf)-1,
-                                "Current card: \"%s\"\n", wrong_info);
-                ok = UI_dup_info_string(ui, buf);
-                if (ok >= 0 && prompt_info)
-                        {
-                        BIO_snprintf(buf, sizeof(buf)-1,
-                                "Insert card \"%s\"", prompt_info);
+       if (ui)
+               {
+               char answer;
+               char buf[BUFSIZ];
+
+               if (wrong_info)
+                       BIO_snprintf(buf, sizeof(buf)-1,
+                               "Current card: \"%s\"\n", wrong_info);
+               ok = UI_dup_info_string(ui, buf);
+               if (ok >= 0 && prompt_info)
+                       {
+                       BIO_snprintf(buf, sizeof(buf)-1,
+                               "Insert card \"%s\"", prompt_info);
                         ok = UI_dup_input_boolean(ui, buf,
                                 "\n then hit <enter> or C<enter> to cancel\n",
                                 "\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer);
-                        }
-                UI_add_user_data(ui, callback_data);
+                       }
+               UI_add_user_data(ui, callback_data);
  
-                if (ok >= 0)
-                        ok = UI_process(ui);
-                UI_free(ui);
+               if (ok >= 0)
+                       ok = UI_process(ui);
+               UI_free(ui);
  
-                if (ok == -2 || (ok >= 0 && answer == 'C'))
-                        ok = 1;
+               if (ok == -2 || (ok >= 0 && answer == 'C'))
+                       ok = 1;
                 else if (ok < 0)
                         ok = -1;
                 else
                         ok = 0;
-                }
-        return ok;
-        }
+               }
+       return ok;
+       }
  
  static void hwcrhk_log_message(void *logstr, const char *message)
         {
@@ -1256,5 +1351,20 @@ static void hwcrhk_log_message(void *logstr, const char *message)
         CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
         }
  
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */     
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+       {
+       if(id && (strcmp(id, engine_hwcrhk_id) != 0))
+               return 0;
+       if(!bind_helper(e))
+               return 0;
+       return 1;
+       }       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
  #endif /* !OPENSSL_NO_HW_NCIPHER */
  #endif /* !OPENSSL_NO_HW */
diff --git a/crypto/engine/hw_nuron.c b/crypto/engine/hw_nuron.c

index 06eafa7176fbbfb6ca6b0a9d4bc73d86616f5379..1a8570c47e4140fd04ccfdd3971b06540310caa9 100644 (file)
--- a/crypto/engine/hw_nuron.c
+++ b/crypto/engine/hw_nuron.c
@@ -80,6 +80,56 @@ static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
         {0, NULL, NULL, 0}
         };
  
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in nuron operation */
+#define NURON_F_NURON_INIT                     100
+#define NURON_F_NURON_FINISH                   101
+#define NURON_F_NURON_CTRL                     102
+#define NURON_F_NURON_MOD_EXP                  103
+/* Error reason codes */
+#define NURON_R_ALREADY_LOADED                 104
+#define NURON_R_DSO_NOT_FOUND                  105
+#define NURON_R_DSO_FUNCTION_NOT_FOUND         106
+#define NURON_R_NOT_LOADED                     107
+#define NURON_R_DSO_FAILURE                    108
+#define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED   109
+#define NURON_R_NOT_LOADED                     110
+static ERR_STRING_DATA nuron_str_functs[] =
+       {
+       /* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),                              "nuron engine code"},
+{ERR_PACK(0,NURON_F_NURON_INIT,0),             "nuron_init"},
+{ERR_PACK(0,NURON_F_NURON_FINISH,0),           "nuron_finish"},
+{ERR_PACK(0,NURON_F_NURON_CTRL,0),             "nuron_ctrl"},
+{ERR_PACK(0,NURON_F_NURON_MOD_EXP,0),          "nuron_mod_exp"},
+/* Error reason codes */
+{NURON_R_ALREADY_LOADED                        ,"already loaded"},
+{NURON_R_DSO_NOT_FOUND                 ,"DSO not found"},
+{NURON_R_DSO_FUNCTION_NOT_FOUND                ,"DSO function not found"},
+{NURON_R_NOT_LOADED                    ,"not loaded"},
+{NURON_R_DSO_FAILURE                   ,"DSO failure"},
+{NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED  ,"ctrl command not implemented"},
+{NURON_R_NOT_LOADED                    ,"not loaded"},
+{0,NULL}
+       };
+/* The library number we obtain dynamically from the ERR code */
+static int nuron_err_lib = -1;
+#define NURONerr(f,r) ERR_PUT_error(nuron_err_lib,(f),(r),__FILE__,__LINE__)
+static void nuron_load_error_strings(void)
+       {
+       if(nuron_err_lib < 0)
+               {
+               if((nuron_err_lib = ERR_get_next_error_library()) <= 0)
+                       return;
+               nuron_str_functs[0].error = ERR_PACK(nuron_err_lib,0,0);
+               ERR_load_strings(nuron_err_lib, nuron_str_functs);
+               }
+       }
+#else
+#define NURONerr(f,r)                            /* NOP */
+static void nuron_load_error_strings(void) { }  /* NOP */
+#endif
+
  typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
  static tfnModExp *pfnModExp = NULL;
  
@@ -89,7 +139,7 @@ static int nuron_init(ENGINE *e)
         {
         if(pvDSOHandle != NULL)
                 {
-               ENGINEerr(ENGINE_F_NURON_INIT,ENGINE_R_ALREADY_LOADED);
+               NURONerr(NURON_F_NURON_INIT,NURON_R_ALREADY_LOADED);
                 return 0;
                 }
  
@@ -97,14 +147,14 @@ static int nuron_init(ENGINE *e)
                 DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
         if(!pvDSOHandle)
                 {
-               ENGINEerr(ENGINE_F_NURON_INIT,ENGINE_R_DSO_NOT_FOUND);
+               NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_NOT_FOUND);
                 return 0;
                 }
  
         pfnModExp = (tfnModExp *)DSO_bind_func(pvDSOHandle, NURON_F1);
         if(!pfnModExp)
                 {
-               ENGINEerr(ENGINE_F_NURON_INIT,ENGINE_R_DSO_FUNCTION_NOT_FOUND);
+               NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_FUNCTION_NOT_FOUND);
                 return 0;
                 }
  
@@ -115,12 +165,12 @@ static int nuron_finish(ENGINE *e)
         {
         if(pvDSOHandle == NULL)
                 {
-               ENGINEerr(ENGINE_F_NURON_FINISH,ENGINE_R_NOT_LOADED);
+               NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
                 return 0;
                 }
         if(!DSO_free(pvDSOHandle))
                 {
-               ENGINEerr(ENGINE_F_NURON_FINISH,ENGINE_R_DSO_FAILURE);
+               NURONerr(NURON_F_NURON_FINISH,NURON_R_DSO_FAILURE);
                 return 0;
                 }
         pvDSOHandle=NULL;
@@ -136,12 +186,12 @@ static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         case NURON_CMD_SO_PATH:
                 if(p == NULL)
                         {
-                       ENGINEerr(ENGINE_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                       NURONerr(NURON_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER);
                         return 0;
                         }
                 if(initialised)
                         {
-                       ENGINEerr(ENGINE_F_NURON_CTRL,ENGINE_R_ALREADY_LOADED);
+                       NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
                         return 0;
                         }
                 NURON_LIBNAME = (const char *)p;
@@ -149,7 +199,7 @@ static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         default:
                 break;
                 }
-       ENGINEerr(ENGINE_F_NURON_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+       NURONerr(NURON_F_NURON_CTRL,NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
         return 0;
  }
  
@@ -158,7 +208,7 @@ static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,
         {
         if(!pvDSOHandle)
                 {
-               ENGINEerr(ENGINE_F_NURON_MOD_EXP,ENGINE_R_NOT_LOADED);
+               NURONerr(NURON_F_NURON_MOD_EXP,NURON_R_NOT_LOADED);
                 return 0;
                 }
         return pfnModExp(r,a,p,m);
@@ -281,9 +331,9 @@ static DH_METHOD nuron_dh =
  static const char *engine_nuron_id = "nuron";
  static const char *engine_nuron_name = "Nuron hardware engine support";
  
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_nuron()
+/* This internal function is used by ENGINE_nuron() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
         {
  #ifndef OPENSSL_NO_RSA
         const RSA_METHOD *meth1;
@@ -294,29 +344,23 @@ ENGINE *ENGINE_nuron()
  #ifndef OPENSSL_NO_DH
         const DH_METHOD *meth3;
  #endif
-       ENGINE *ret = ENGINE_new();
-       if(!ret)
-               return NULL;
-       if(!ENGINE_set_id(ret, engine_nuron_id) ||
-                       !ENGINE_set_name(ret, engine_nuron_name) ||
+       if(!ENGINE_set_id(e, engine_nuron_id) ||
+                       !ENGINE_set_name(e, engine_nuron_name) ||
  #ifndef OPENSSL_NO_RSA
-                       !ENGINE_set_RSA(ret, &nuron_rsa) ||
+                       !ENGINE_set_RSA(e, &nuron_rsa) ||
  #endif
  #ifndef OPENSSL_NO_DSA
-                       !ENGINE_set_DSA(ret, &nuron_dsa) ||
+                       !ENGINE_set_DSA(e, &nuron_dsa) ||
  #endif
  #ifndef OPENSSL_NO_DH
-                       !ENGINE_set_DH(ret, &nuron_dh) ||
+                       !ENGINE_set_DH(e, &nuron_dh) ||
  #endif
-                       !ENGINE_set_BN_mod_exp(ret, nuron_mod_exp) ||
-                       !ENGINE_set_init_function(ret, nuron_init) ||
-                       !ENGINE_set_finish_function(ret, nuron_finish) ||
-                       !ENGINE_set_ctrl_function(ret, nuron_ctrl) ||
-                       !ENGINE_set_cmd_defns(ret, nuron_cmd_defns))
-               {
-               ENGINE_free(ret);
-               return NULL;
-               }
+                       !ENGINE_set_BN_mod_exp(e, nuron_mod_exp) ||
+                       !ENGINE_set_init_function(e, nuron_init) ||
+                       !ENGINE_set_finish_function(e, nuron_finish) ||
+                       !ENGINE_set_ctrl_function(e, nuron_ctrl) ||
+                       !ENGINE_set_cmd_defns(e, nuron_cmd_defns))
+               return 0;
  
  #ifndef OPENSSL_NO_RSA
         /* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -348,8 +392,41 @@ ENGINE *ENGINE_nuron()
         nuron_dh.generate_key=meth3->generate_key;
         nuron_dh.compute_key=meth3->compute_key;
  #endif
+
+       /* Ensure the nuron error handling is set up */
+       nuron_load_error_strings();
+       return 1;
+       }
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_nuron(void)
+       {
+       ENGINE *ret = ENGINE_new();
+       if(!ret)
+               return NULL;
+       if(!bind_helper(ret))
+               {
+               ENGINE_free(ret);
+               return NULL;
+               }
         return ret;
         }
  
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */     
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+       {
+       if(id && (strcmp(id, engine_nuron_id) != 0))
+               return 0;
+       if(!bind_helper(e))
+               return 0;
+       return 1;
+       }       
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
  #endif /* !OPENSSL_NO_HW_NURON */
  #endif /* !OPENSSL_NO_HW */
diff --git a/crypto/engine/hw_ubsec.c b/crypto/engine/hw_ubsec.c

index f8f1d4127c299052aa35243f7ae181da47d74072..f2d5a34a789a4cb05e315fe0109238f76ff36294 100644 (file)
--- a/crypto/engine/hw_ubsec.c
+++ b/crypto/engine/hw_ubsec.c
@@ -173,13 +173,75 @@ static DH_METHOD ubsec_dh =
         };
  #endif
  
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in ubsec operation */
+#define UBSEC_F_UBSEC_INIT                     100
+#define UBSEC_F_UBSEC_FINISH                   101
+#define UBSEC_F_UBSEC_CTRL                     102
+#define UBSEC_F_UBSEC_MOD_EXP                  103
+#define UBSEC_F_UBSEC_RSA_MOD_EXP              104
+#define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT          105
+#define UBSEC_F_UBSEC_DSA_SIGN                 106
+#define UBSEC_F_UBSEC_DSA_VERIFY               107
+/* Error reason codes */
+#define UBSEC_R_ALREADY_LOADED                 108
+#define UBSEC_R_DSO_FAILURE                    109
+#define UBSEC_R_UNIT_FAILURE                   110
+#define UBSEC_R_NOT_LOADED                     111
+#define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED   112
+#define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL    113
+#define UBSEC_R_BN_EXPAND_FAIL                 114
+#define UBSEC_R_REQUEST_FAILED                 115
+#define UBSEC_R_MISSING_KEY_COMPONENTS         116
+static ERR_STRING_DATA ubsec_str_functs[] =
+       {
+       /* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),                              "ubsec engine code"},
+{ERR_PACK(0,UBSEC_F_UBSEC_INIT,0),             "ubsec_init"},
+{ERR_PACK(0,UBSEC_F_UBSEC_FINISH,0),           "ubsec_finish"},
+{ERR_PACK(0,UBSEC_F_UBSEC_CTRL,0),             "ubsec_ctrl"},
+{ERR_PACK(0,UBSEC_F_UBSEC_MOD_EXP,0),          "ubsec_mod_exp"},
+{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP,0),      "ubsec_rsa_mod_exp"},
+{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP_CRT,0),  "ubsec_rsa_mod_exp_crt"},
+{ERR_PACK(0,UBSEC_F_UBSEC_DSA_SIGN,0),         "ubsec_dsa_sign"},
+{ERR_PACK(0,UBSEC_F_UBSEC_DSA_VERIFY,0),       "ubsec_dsa_verify"},
+/* Error reason codes */
+{UBSEC_R_ALREADY_LOADED                        ,"already loaded"},
+{UBSEC_R_DSO_FAILURE                   ,"DSO failure"},
+{UBSEC_R_UNIT_FAILURE                  ,"unit failure"},
+{UBSEC_R_NOT_LOADED                    ,"not loaded"},
+{UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED  ,"ctrl command not implemented"},
+{UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL   ,"size too large or too small"},
+{UBSEC_R_BN_EXPAND_FAIL                        ,"bn_expand fail"},
+{UBSEC_R_REQUEST_FAILED                        ,"request failed"},
+{UBSEC_R_MISSING_KEY_COMPONENTS                ,"missing key components"},
+{0,NULL}
+       };
+/* The library number we obtain dynamically from the ERR code */
+static int ubsec_err_lib = -1;
+#define UBSECerr(f,r) ERR_PUT_error(ubsec_err_lib,(f),(r),__FILE__,__LINE__)
+static void ubsec_load_error_strings(void)
+       {
+       if(ubsec_err_lib < 0)
+               {
+               if((ubsec_err_lib = ERR_get_next_error_library()) <= 0)
+                       return;
+               ubsec_str_functs[0].error = ERR_PACK(ubsec_err_lib,0,0);
+               ERR_load_strings(ubsec_err_lib, ubsec_str_functs);
+               }
+       }
+#else
+#define UBSECerr(f,r)                            /* NOP */
+static void ubsec_load_error_strings(void) { }  /* NOP */
+#endif
+
  /* Constants used when creating the ENGINE */
  static const char *engine_ubsec_id = "ubsec";
  static const char *engine_ubsec_name = "UBSEC hardware engine support";
  
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_ubsec()
+/* This internal function is used by ENGINE_ubsec() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
         {
  #ifndef OPENSSL_NO_RSA
         const RSA_METHOD *meth1;
@@ -189,30 +251,24 @@ ENGINE *ENGINE_ubsec()
         const DH_METHOD *meth3;
  #endif /* HAVE_UBSEC_DH */
  #endif
-       ENGINE *ret = ENGINE_new();
-       if(!ret)
-               return NULL;
-       if(!ENGINE_set_id(ret, engine_ubsec_id) ||
-                       !ENGINE_set_name(ret, engine_ubsec_name) ||
+       if(!ENGINE_set_id(e, engine_ubsec_id) ||
+                       !ENGINE_set_name(e, engine_ubsec_name) ||
  #ifndef OPENSSL_NO_RSA
-                       !ENGINE_set_RSA(ret, &ubsec_rsa) ||
+                       !ENGINE_set_RSA(e, &ubsec_rsa) ||
  #endif
  #ifndef OPENSSL_NO_DSA
-                       !ENGINE_set_DSA(ret, &ubsec_dsa) ||
+                       !ENGINE_set_DSA(e, &ubsec_dsa) ||
  #endif
  #ifndef OPENSSL_NO_DH
-                       !ENGINE_set_DH(ret, &ubsec_dh) ||
-#endif
-                       !ENGINE_set_BN_mod_exp(ret, ubsec_mod_exp) ||
-                       !ENGINE_set_BN_mod_exp_crt(ret, ubsec_mod_exp_crt) ||
-                       !ENGINE_set_init_function(ret, ubsec_init) ||
-                       !ENGINE_set_finish_function(ret, ubsec_finish) ||
-                       !ENGINE_set_ctrl_function(ret, ubsec_ctrl) ||
-                       !ENGINE_set_cmd_defns(ret, ubsec_cmd_defns))
-               {
-               ENGINE_free(ret);
-               return NULL;
-               }
+                       !ENGINE_set_DH(e, &ubsec_dh) ||
+#endif
+                       !ENGINE_set_BN_mod_exp(e, ubsec_mod_exp) ||
+                       !ENGINE_set_BN_mod_exp_crt(e, ubsec_mod_exp_crt) ||
+                       !ENGINE_set_init_function(e, ubsec_init) ||
+                       !ENGINE_set_finish_function(e, ubsec_finish) ||
+                       !ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
+                       !ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
+               return 0;
  
  #ifndef OPENSSL_NO_RSA
         /* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -238,6 +294,23 @@ ENGINE *ENGINE_ubsec()
  #endif /* HAVE_UBSEC_DH */
  #endif
  
+       /* Ensure the ubsec error handling is set up */
+       ubsec_load_error_strings();
+       return 1;
+       }
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_ubsec(void)
+       {
+       ENGINE *ret = ENGINE_new();
+       if(!ret)
+               return NULL;
+       if(!bind_helper(ret))
+               {
+               ENGINE_free(ret);
+               return NULL;
+               }
         return ret;
         }
  
@@ -322,7 +395,7 @@ static int ubsec_init(ENGINE *e)
  
         if(ubsec_dso != NULL)
                 {
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_ALREADY_LOADED);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED);
                 goto err;
                 }
         /* 
@@ -331,7 +404,7 @@ static int ubsec_init(ENGINE *e)
         ubsec_dso = DSO_load(NULL, UBSEC_LIBNAME, NULL, 0);
         if(ubsec_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_DSO_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
                 goto err;
                 }
  
@@ -358,7 +431,7 @@ static int ubsec_init(ENGINE *e)
                                 DSO_bind_func(ubsec_dso, UBSEC_F11)) ||
         !(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)))
                 {
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_DSO_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
                 goto err;
                 }
  
@@ -390,7 +463,7 @@ static int ubsec_init(ENGINE *e)
                 }
         else
                 {
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_UNIT_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
                 }
  
  err:
@@ -422,12 +495,12 @@ static int ubsec_finish(ENGINE *e)
         {
         if(ubsec_dso == NULL)
                 {
-               ENGINEerr(ENGINE_F_UBSEC_FINISH, ENGINE_R_NOT_LOADED);
+               UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
                 return 0;
                 }
         if(!DSO_free(ubsec_dso))
                 {
-               ENGINEerr(ENGINE_F_UBSEC_FINISH, ENGINE_R_DSO_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE);
                 return 0;
                 }
         ubsec_dso = NULL;
@@ -460,12 +533,12 @@ static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         case UBSEC_CMD_SO_PATH:
                 if(p == NULL)
                         {
-                       ENGINEerr(ENGINE_F_UBSEC_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+                       UBSECerr(UBSEC_F_UBSEC_CTRL,ERR_R_PASSED_NULL_PARAMETER);
                         return 0;
                         }
                 if(initialised)
                         {
-                       ENGINEerr(ENGINE_F_UBSEC_CTRL,ENGINE_R_ALREADY_LOADED);
+                       UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
                         return 0;
                         }
                 UBSEC_LIBNAME = (const char *)p;
@@ -473,7 +546,7 @@ static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
         default:
                 break;
                 }
-       ENGINEerr(ENGINE_F_UBSEC_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+       UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED);
         return 0;
         }
  
@@ -485,27 +558,27 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
  
         if(ubsec_dso == NULL)
         {
-               ENGINEerr(ENGINE_F_UBSEC_MOD_EXP, ENGINE_R_NOT_LOADED);
+               UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED);
                 return 0;
         }
  
         /* Check if hardware can't handle this argument. */
         y_len = BN_num_bits(m);
         if (y_len > 1024) {
-               ENGINEerr(ENGINE_F_UBSEC_MOD_EXP, ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+               UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
                 return 0;
         } 
  
         if(!bn_wexpand(r, m->top))
         {
-               ENGINEerr(ENGINE_F_UBSEC_MOD_EXP, ENGINE_R_BN_EXPAND_FAIL);
+               UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
                 return 0;
         }
         memset(r->d, 0, BN_num_bytes(m));
  
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                 fd = 0;
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_UNIT_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
                 return 0;
         }
  
@@ -513,7 +586,7 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                 (unsigned char *)m->d, BN_num_bits(m), (unsigned char *)p->d, 
                 BN_num_bits(p), (unsigned char *)r->d, &y_len) != 0)
         {
-               ENGINEerr(ENGINE_F_UBSEC_MOD_EXP, ENGINE_R_REQUEST_FAILED);
+               UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
                 return 0;
         }
  
@@ -534,7 +607,7 @@ static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
  
         if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
                 {
-               ENGINEerr(ENGINE_F_UBSEC_RSA_MOD_EXP, ENGINE_R_MISSING_KEY_COMPONENTS);
+               UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS);
                 goto err;
                 }
  
@@ -568,18 +641,18 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
  
         /* Check if hardware can't handle this argument. */
         if (y_len > 1024) {
-               ENGINEerr(ENGINE_F_UBSEC_MOD_EXP, ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+               UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
                 return 0;
         } 
  
         if (!bn_wexpand(r, p->top + q->top + 1)) {
-               ENGINEerr(ENGINE_F_UBSEC_RSA_MOD_EXP_CRT, ENGINE_R_BN_EXPAND_FAIL);
+               UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
                 return 0;
         }
  
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                 fd = 0;
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_UNIT_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
                 return 0;
         }
  
@@ -591,7 +664,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                 (unsigned char *)dq->d, BN_num_bits(dq),
                 (unsigned char *)q->d, BN_num_bits(q),
                 (unsigned char *)r->d,  &y_len) != 0) {
-               ENGINEerr(ENGINE_F_UBSEC_MOD_EXP, ENGINE_R_REQUEST_FAILED);
+               UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
                 return 0;
         }
  
@@ -684,18 +757,18 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
  
          if(!bn_wexpand(r, (160+BN_BITS2-1)/BN_BITS2) ||
                    (!bn_wexpand(s, (160+BN_BITS2-1)/BN_BITS2))) {
-               ENGINEerr(ENGINE_F_UBSEC_DSA_SIGN, ENGINE_R_BN_EXPAND_FAIL);
+               UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
                 goto err;
         }
  
         if (BN_bin2bn(dgst,dlen,&m) == NULL) {
-               ENGINEerr(ENGINE_F_UBSEC_DSA_SIGN, ENGINE_R_BN_EXPAND_FAIL);
+               UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
                 goto err;
         } 
  
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                 fd = 0;
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_UNIT_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
                 return 0;
         }
  
@@ -708,7 +781,7 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
                 (unsigned char *)dsa->priv_key->d, BN_num_bits(dsa->priv_key),
                 (unsigned char *)r->d, &r_len,
                 (unsigned char *)s->d, &s_len ) != 0) {
-               ENGINEerr(ENGINE_F_UBSEC_DSA_SIGN, ENGINE_R_REQUEST_FAILED);
+               UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_REQUEST_FAILED);
                 goto err;
         }
  
@@ -719,7 +792,7 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
  
         to_return = DSA_SIG_new();
         if(to_return == NULL) {
-               ENGINEerr(ENGINE_F_UBSEC_DSA_SIGN, ENGINE_R_BN_EXPAND_FAIL);
+               UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
                 goto err;
         }
  
@@ -746,7 +819,7 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
         BN_init(&v);
  
         if(!bn_wexpand(&v, dsa->p->top)) {
-               ENGINEerr(ENGINE_F_UBSEC_DSA_VERIFY ,ENGINE_R_BN_EXPAND_FAIL);
+               UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY ,UBSEC_R_BN_EXPAND_FAIL);
                 goto err;
         }
  
@@ -756,7 +829,7 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
  
         if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
                 fd = 0;
-               ENGINEerr(ENGINE_F_UBSEC_INIT, ENGINE_R_UNIT_FAILURE);
+               UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
                 return 0;
         }
  
@@ -769,7 +842,7 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
                 (unsigned char *)sig->r->d, BN_num_bits(sig->r),
                 (unsigned char *)sig->s->d, BN_num_bits(sig->s),
                 (unsigned char *)v.d, &v_len) != 0) {
-               ENGINEerr(ENGINE_F_UBSEC_DSA_VERIFY , ENGINE_R_REQUEST_FAILED);
+               UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY , UBSEC_R_REQUEST_FAILED);
                 goto err;
         }
  
@@ -806,5 +879,20 @@ static int ubsec_rand_status(void)
         }
  #endif
  
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+       {
+       if(id && (strcmp(id, engine_ubsec_id) != 0))
+               return 0;
+       if(!bind_helper(e))
+               return 0;
+       return 1;
+       }
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
  #endif /* !OPENSSL_NO_HW_UBSEC */
  #endif /* !OPENSSL_NO_HW */
author	Geoff Thorpe <geoff@openssl.org>
	Mon, 3 Sep 2001 21:33:00 +0000 (21:33 +0000)
committer	Geoff Thorpe <geoff@openssl.org>
	Mon, 3 Sep 2001 21:33:00 +0000 (21:33 +0000)
crypto/engine/engine.h		patch \| blob \| history
crypto/engine/engine_dyn.c		patch \| blob \| history
crypto/engine/engine_err.c		patch \| blob \| history
crypto/engine/engine_int.h		patch \| blob \| history
crypto/engine/engine_openssl.c		patch \| blob \| history
crypto/engine/hw_atalla.c		patch \| blob \| history
crypto/engine/hw_cswift.c		patch \| blob \| history
crypto/engine/hw_ncipher.c		patch \| blob \| history
crypto/engine/hw_nuron.c		patch \| blob \| history
crypto/engine/hw_ubsec.c		patch \| blob \| history