Remove Obsolete engines
authorMatt Caswell <matt@openssl.org>
Tue, 13 Oct 2015 14:02:47 +0000 (15:02 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 15 Oct 2015 16:02:06 +0000 (17:02 +0100)
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>
34 files changed:
CHANGES
crypto/engine/eng_all.c
doc/crypto/engine.pod
engines/Makefile
engines/e_4758cca.c [deleted file]
engines/e_4758cca.ec [deleted file]
engines/e_4758cca_err.c [deleted file]
engines/e_4758cca_err.h [deleted file]
engines/e_aep.c [deleted file]
engines/e_aep.ec [deleted file]
engines/e_aep_err.c [deleted file]
engines/e_aep_err.h [deleted file]
engines/e_atalla.c [deleted file]
engines/e_atalla.ec [deleted file]
engines/e_atalla_err.c [deleted file]
engines/e_atalla_err.h [deleted file]
engines/e_cswift.c [deleted file]
engines/e_cswift.ec [deleted file]
engines/e_cswift_err.c [deleted file]
engines/e_cswift_err.h [deleted file]
engines/e_nuron.c [deleted file]
engines/e_nuron.ec [deleted file]
engines/e_nuron_err.c [deleted file]
engines/e_nuron_err.h [deleted file]
engines/e_sureware.c [deleted file]
engines/e_sureware.ec [deleted file]
engines/e_sureware_err.c [deleted file]
engines/e_sureware_err.h [deleted file]
engines/makeengines.com
engines/vendor_defns/aep.h [deleted file]
engines/vendor_defns/atalla.h [deleted file]
engines/vendor_defns/cswift.h [deleted file]
engines/vendor_defns/hw_4758_cca.h [deleted file]
engines/vendor_defns/sureware.h [deleted file]

diff --git a/CHANGES b/CHANGES
index cfbb7a7..3408794 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@
 
  Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]
 
+  *) Removed obsolete engines: 4758cca, aep, atalla, cswift, nuron and sureware.
+     [Matt Caswell]
+
   *) New ASN.1 embed macro.
 
      New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the
index 5ab498e..5a36994 100644 (file)
@@ -73,29 +73,11 @@ void ENGINE_load_builtin_engines(void)
     ENGINE_load_dynamic();
 #ifndef OPENSSL_NO_STATIC_ENGINE
 # ifndef OPENSSL_NO_HW
-#  ifndef OPENSSL_NO_HW_4758_CCA
-    ENGINE_load_4758cca();
-#  endif
 /*-
  * These engines have been disabled as they do not currently build
-#ifndef OPENSSL_NO_HW_AEP
-        ENGINE_load_aep();
-#endif
-#ifndef OPENSSL_NO_HW_ATALLA
-        ENGINE_load_atalla();
-#endif
-#ifndef OPENSSL_NO_HW_CSWIFT
-        ENGINE_load_cswift();
-#endif
 #ifndef OPENSSL_NO_HW_NCIPHER
         ENGINE_load_chil();
 #endif
-#ifndef OPENSSL_NO_HW_NURON
-        ENGINE_load_nuron();
-#endif
-#ifndef OPENSSL_NO_HW_SUREWARE
-        ENGINE_load_sureware();
-#endif
 #ifndef OPENSSL_NO_HW_UBSEC
         ENGINE_load_ubsec();
 #endif
index c1be658..9424a7c 100644 (file)
@@ -24,14 +24,8 @@ engine - ENGINE cryptographic module support
  void ENGINE_load_openssl(void);
  void ENGINE_load_dynamic(void);
  #ifndef OPENSSL_NO_STATIC_ENGINE
- void ENGINE_load_4758cca(void);
- void ENGINE_load_aep(void);
- void ENGINE_load_atalla(void);
  void ENGINE_load_chil(void);
- void ENGINE_load_cswift(void);
  void ENGINE_load_gmp(void);
- void ENGINE_load_nuron(void);
- void ENGINE_load_sureware(void);
  void ENGINE_load_ubsec(void);
  #endif
  void ENGINE_load_cryptodev(void);
index 3773e74..5cd2aa2 100644 (file)
@@ -3,7 +3,7 @@
 #
 
 #The following engines have been disabled as they currently do not build
-# aep atalla cswift chil nuron sureware ubsec
+# sureware ubsec
 
 DIR=   engines
 TOP=   ..
@@ -31,13 +31,11 @@ AFLAGS= $(ASFLAGS)
 GENERAL=Makefile engines.com install.com engine_vector.mar
 
 LIB=$(TOP)/libcrypto.a
-LIBNAMES= 4758cca gmp padlock capi
-LIBSRC=        e_4758cca.c \
-       e_gmp.c \
+LIBNAMES= gmp padlock capi
+LIBSRC=        e_gmp.c \
        e_padlock.c \
        e_capi.c
-LIBOBJ= e_4758cca.o \
-       e_gmp.o \
+LIBOBJ= e_gmp.o \
        e_padlock.o \
        e_capi.o \
        $(ENGINES_ASM_OBJ)
@@ -48,11 +46,8 @@ TESTLIBOBJ= e_ossltest.o
 
 SRC= $(LIBSRC)
 
-HEADER=        e_4758cca_err.c e_4758cca_err.h \
-       e_gmp_err.c e_gmp_err.h \
+HEADER=        e_gmp_err.c e_gmp_err.h \
        e_chil_err.c e_chil_err.h \
-       e_nuron_err.c e_nuron_err.h \
-       e_sureware_err.c e_sureware_err.h \
        e_ubsec_err.c e_ubsec_err.h \
        e_capi_err.c e_capi_err.h \
        e_ossltest_err.c e_ossltest_err.h
@@ -159,22 +154,6 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h
-e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
-e_4758cca.o: vendor_defns/hw_4758_cca.h
 e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
 e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
diff --git a/engines/e_4758cca.c b/engines/e_4758cca.c
deleted file mode 100644 (file)
index 396f2c2..0000000
+++ /dev/null
@@ -1,937 +0,0 @@
-/* Author: Maurice Gittens <maurice@gittens.nl>                       */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_4758_CCA
-
-#  ifdef FLAT_INC
-#   include "hw_4758_cca.h"
-#  else
-#   include "vendor_defns/hw_4758_cca.h"
-#  endif
-
-#  include "e_4758cca_err.c"
-
-static int ibm_4758_cca_destroy(ENGINE *e);
-static int ibm_4758_cca_init(ENGINE *e);
-static int ibm_4758_cca_finish(ENGINE *e);
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
-                             void (*f) (void));
-
-/* rsa functions */
-/* -------------*/
-#  ifndef OPENSSL_NO_RSA
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
-                           unsigned char *to, RSA *rsa, int padding);
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
-                            unsigned char *to, RSA *rsa, int padding);
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
-                        unsigned char *sigret, unsigned int *siglen,
-                        const RSA *rsa);
-static int cca_rsa_verify(int dtype, const unsigned char *m,
-                          unsigned int m_len, const unsigned char *sigbuf,
-                          unsigned int siglen, const RSA *rsa);
-
-/* utility functions */
-/* ---------------------*/
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE *, const char *,
-                                       UI_METHOD *ui_method,
-                                       void *callback_data);
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *, const char *,
-                                      UI_METHOD *ui_method,
-                                      void *callback_data);
-
-static int getModulusAndExponent(const unsigned char *token,
-                                 long *exponentLength,
-                                 unsigned char *exponent, long *modulusLength,
-                                 long *modulusFieldLength,
-                                 unsigned char *modulus);
-#  endif
-
-/* RAND number functions */
-/* ---------------------*/
-static int cca_get_random_bytes(unsigned char *, int);
-static int cca_random_status(void);
-
-#  ifndef OPENSSL_NO_RSA
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-                        int idx, long argl, void *argp);
-#  endif
-
-/* Function pointers for CCA verbs */
-/* -------------------------------*/
-#  ifndef OPENSSL_NO_RSA
-static F_KEYRECORDREAD keyRecordRead;
-static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
-static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
-static F_PUBLICKEYEXTRACT publicKeyExtract;
-static F_PKAENCRYPT pkaEncrypt;
-static F_PKADECRYPT pkaDecrypt;
-#  endif
-static F_RANDOMNUMBERGENERATE randomNumberGenerate;
-
-/* static variables */
-/* ----------------*/
-static const char *CCA4758_LIB_NAME = NULL;
-static const char *get_CCA4758_LIB_NAME(void)
-{
-    if (CCA4758_LIB_NAME)
-        return CCA4758_LIB_NAME;
-    return CCA_LIB_NAME;
-}
-
-static void free_CCA4758_LIB_NAME(void)
-{
-    if (CCA4758_LIB_NAME)
-        OPENSSL_free((void *)CCA4758_LIB_NAME);
-    CCA4758_LIB_NAME = NULL;
-}
-
-static long set_CCA4758_LIB_NAME(const char *name)
-{
-    free_CCA4758_LIB_NAME();
-    return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-#  ifndef OPENSSL_NO_RSA
-static const char *n_keyRecordRead = CSNDKRR;
-static const char *n_digitalSignatureGenerate = CSNDDSG;
-static const char *n_digitalSignatureVerify = CSNDDSV;
-static const char *n_publicKeyExtract = CSNDPKX;
-static const char *n_pkaEncrypt = CSNDPKE;
-static const char *n_pkaDecrypt = CSNDPKD;
-#  endif
-static const char *n_randomNumberGenerate = CSNBRNG;
-
-#  ifndef OPENSSL_NO_RSA
-static int hndidx = -1;
-#  endif
-static DSO *dso = NULL;
-
-/* openssl engine initialization structures */
-/* ----------------------------------------*/
-
-#  define CCA4758_CMD_SO_PATH             ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = {
-    {CCA4758_CMD_SO_PATH,
-     "SO_PATH",
-     "Specifies the path to the '4758cca' shared library",
-     ENGINE_CMD_FLAG_STRING},
-    {0, NULL, NULL, 0}
-};
-
-#  ifndef OPENSSL_NO_RSA
-static RSA_METHOD ibm_4758_cca_rsa = {
-    "IBM 4758 CCA RSA method",
-    cca_rsa_pub_enc,
-    NULL,
-    NULL,
-    cca_rsa_priv_dec,
-    NULL,                       /* rsa_mod_exp, */
-    NULL,                       /* mod_exp_mont, */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    RSA_FLAG_SIGN_VER,          /* flags */
-    NULL,                       /* app_data */
-    cca_rsa_sign,               /* rsa_sign */
-    cca_rsa_verify,             /* rsa_verify */
-    NULL                        /* rsa_keygen */
-};
-#  endif
-
-static RAND_METHOD ibm_4758_cca_rand = {
-    /* "IBM 4758 RAND method", */
-    NULL,                       /* seed */
-    cca_get_random_bytes,       /* get random bytes from the card */
-    NULL,                       /* cleanup */
-    NULL,                       /* add */
-    cca_get_random_bytes,       /* pseudo rand */
-    cca_random_status,          /* status */
-};
-
-static const char *engine_4758_cca_id = "4758cca";
-static const char *engine_4758_cca_name =
-    "IBM 4758 CCA hardware engine support";
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-/* Compatibility hack, the dynamic library uses this form in the path */
-static const char *engine_4758_cca_id_alt = "4758_cca";
-#  endif
-
-/* engine implementation */
-/* ---------------------*/
-static int bind_helper(ENGINE *e)
-{
-    if (!ENGINE_set_id(e, engine_4758_cca_id) ||
-        !ENGINE_set_name(e, engine_4758_cca_name) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
-#  endif
-        !ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
-        !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
-        !ENGINE_set_init_function(e, ibm_4758_cca_init) ||
-        !ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
-        !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
-        !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
-#  endif
-        !ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
-        return 0;
-    /* Ensure the error handling is set up */
-    ERR_load_CCA4758_strings();
-    return 1;
-}
-
-#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_4758_cca(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_helper(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_4758cca(void)
-{
-    ENGINE *e_4758 = engine_4758_cca();
-    if (!e_4758)
-        return;
-    ENGINE_add(e_4758);
-    ENGINE_free(e_4758);
-    ERR_clear_error();
-}
-#  endif
-
-static int ibm_4758_cca_destroy(ENGINE *e)
-{
-    ERR_unload_CCA4758_strings();
-    free_CCA4758_LIB_NAME();
-    return 1;
-}
-
-static int ibm_4758_cca_init(ENGINE *e)
-{
-    if (dso) {
-        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_ALREADY_LOADED);
-        goto err;
-    }
-
-    dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
-    if (!dso) {
-        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
-        goto err;
-    }
-#define BINDIT(t, name) (t)DSO_bind_func(dso, name)
-#  ifndef OPENSSL_NO_RSA
-    if ((keyRecordRead = BINDIT(F_KEYRECORDREAD, n_keyRecordRead)) == NULL
-        || (randomNumberGenerate = BINDIT(F_RANDOMNUMBERGENERATE, n_randomNumberGenerate)) == NULL
-        || (digitalSignatureGenerate = BINDIT(F_DIGITALSIGNATUREGENERATE, n_digitalSignatureGenerate)) == NULL
-        || (digitalSignatureVerify = BINDIT(F_DIGITALSIGNATUREVERIFY, n_digitalSignatureVerify)) == NULL
-        || (publicKeyExtract = BINDIT(F_PUBLICKEYEXTRACT, n_publicKeyExtract)) == NULL
-        || (pkaEncrypt = BINDIT(F_PKAENCRYPT, n_pkaEncrypt)) == NULL
-        || (pkaDecrypt = BINDIT(F_PKADECRYPT, n_pkaDecrypt)) == NULL)
-    {
-        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
-        goto err;
-    }
-#  else
-    if ((randomNumberGenerate = BINDIT(F_RANDOMNUMBERGENERATE, n_randomNumberGenerate)) == NULL) {
-        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
-        goto err;
-    }
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-    hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
-                                  NULL, NULL, cca_ex_free);
-#  endif
-
-    return 1;
- err:
-    DSO_free(dso);
-    dso = NULL;
-
-#  ifndef OPENSSL_NO_RSA
-    keyRecordRead = (F_KEYRECORDREAD) 0;
-    digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
-    digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
-    publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
-    pkaEncrypt = (F_PKAENCRYPT) 0;
-    pkaDecrypt = (F_PKADECRYPT) 0;
-#  endif
-    randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
-    return 0;
-}
-
-static int ibm_4758_cca_finish(ENGINE *e)
-{
-    free_CCA4758_LIB_NAME();
-    if (!dso) {
-        CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_NOT_LOADED);
-        return 0;
-    }
-    if (!DSO_free(dso)) {
-        CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_UNIT_FAILURE);
-        return 0;
-    }
-    dso = NULL;
-#  ifndef OPENSSL_NO_RSA
-    keyRecordRead = (F_KEYRECORDREAD) 0;
-    randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
-    digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
-    digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
-    publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
-    pkaEncrypt = (F_PKAENCRYPT) 0;
-    pkaDecrypt = (F_PKADECRYPT) 0;
-#  endif
-    randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
-    return 1;
-}
-
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
-                             void (*f) (void))
-{
-    int initialised = ((dso == NULL) ? 0 : 1);
-    switch (cmd) {
-    case CCA4758_CMD_SO_PATH:
-        if (p == NULL) {
-            CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
-                       ERR_R_PASSED_NULL_PARAMETER);
-            return 0;
-        }
-        if (initialised) {
-            CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, CCA4758_R_ALREADY_LOADED);
-            return 0;
-        }
-        return set_CCA4758_LIB_NAME((const char *)p);
-    default:
-        break;
-    }
-    CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
-               CCA4758_R_COMMAND_NOT_IMPLEMENTED);
-    return 0;
-}
-
-#  ifndef OPENSSL_NO_RSA
-
-#   define MAX_CCA_PKA_TOKEN_SIZE 2500
-
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE *e, const char *key_id,
-                                       UI_METHOD *ui_method,
-                                       void *callback_data)
-{
-    RSA *rtmp = NULL;
-    EVP_PKEY *res = NULL;
-    unsigned char *keyToken = NULL;
-    unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
-    long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
-    long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
-    long returnCode;
-    long reasonCode;
-    long exitDataLength = 0;
-    long ruleArrayLength = 0;
-    unsigned char exitData[8];
-    unsigned char ruleArray[8];
-    unsigned char keyLabel[64];
-    unsigned long keyLabelLength = strlen(key_id);
-    unsigned char modulus[256];
-    long modulusFieldLength = sizeof(modulus);
-    long modulusLength = 0;
-    unsigned char exponent[256];
-    long exponentLength = sizeof(exponent);
-
-    if (keyLabelLength > sizeof(keyLabel)) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
-                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-        return NULL;
-    }
-
-    memset(keyLabel, ' ', sizeof(keyLabel));
-    memcpy(keyLabel, key_id, keyLabelLength);
-
-    keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
-    if (!keyToken) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
-                  exitData, &ruleArrayLength, ruleArray, keyLabel,
-                  &keyTokenLength, keyToken + sizeof(long));
-
-    if (returnCode) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
-                   CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
-        goto err;
-    }
-
-    publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
-                     exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
-                     keyToken + sizeof(long), &pubKeyTokenLength,
-                     pubKeyToken);
-
-    if (returnCode) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
-                   CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
-        goto err;
-    }
-
-    if (!getModulusAndExponent(pubKeyToken, &exponentLength,
-                               exponent, &modulusLength, &modulusFieldLength,
-                               modulus)) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
-                   CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
-        goto err;
-    }
-
-    (*(long *)keyToken) = keyTokenLength;
-    rtmp = RSA_new_method(e);
-    RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
-
-    rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
-    rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
-    rtmp->flags |= RSA_FLAG_EXT_PKEY;
-
-    res = EVP_PKEY_new();
-    EVP_PKEY_assign_RSA(res, rtmp);
-
-    return res;
- err:
-    OPENSSL_free(keyToken);
-    return NULL;
-}
-
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id,
-                                      UI_METHOD *ui_method,
-                                      void *callback_data)
-{
-    RSA *rtmp = NULL;
-    EVP_PKEY *res = NULL;
-    unsigned char *keyToken = NULL;
-    long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
-    long returnCode;
-    long reasonCode;
-    long exitDataLength = 0;
-    long ruleArrayLength = 0;
-    unsigned char exitData[8];
-    unsigned char ruleArray[8];
-    unsigned char keyLabel[64];
-    unsigned long keyLabelLength = strlen(key_id);
-    unsigned char modulus[512];
-    long modulusFieldLength = sizeof(modulus);
-    long modulusLength = 0;
-    unsigned char exponent[512];
-    long exponentLength = sizeof(exponent);
-
-    if (keyLabelLength > sizeof(keyLabel)) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
-                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-        return NULL;
-    }
-
-    memset(keyLabel, ' ', sizeof(keyLabel));
-    memcpy(keyLabel, key_id, keyLabelLength);
-
-    keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
-    if (!keyToken) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
-                  &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
-                  keyToken + sizeof(long));
-
-    if (returnCode) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!getModulusAndExponent(keyToken + sizeof(long), &exponentLength,
-                               exponent, &modulusLength, &modulusFieldLength,
-                               modulus)) {
-        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
-                   CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
-        goto err;
-    }
-
-    (*(long *)keyToken) = keyTokenLength;
-    rtmp = RSA_new_method(e);
-    RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
-    rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
-    rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
-    rtmp->flags |= RSA_FLAG_EXT_PKEY;
-    res = EVP_PKEY_new();
-    EVP_PKEY_assign_RSA(res, rtmp);
-
-    return res;
- err:
-    OPENSSL_free(keyToken);
-    return NULL;
-}
-
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
-                           unsigned char *to, RSA *rsa, int padding)
-{
-    long returnCode;
-    long reasonCode;
-    long lflen = flen;
-    long exitDataLength = 0;
-    unsigned char exitData[8];
-    long ruleArrayLength = 1;
-    unsigned char ruleArray[8] = "PKCS-1.2";
-    long dataStructureLength = 0;
-    unsigned char dataStructure[8];
-    long outputLength = RSA_size(rsa);
-    long keyTokenLength;
-    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
-
-    keyTokenLength = *(long *)keyToken;
-    keyToken += sizeof(long);
-
-    pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
-               &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
-               &dataStructureLength, dataStructure, &keyTokenLength,
-               keyToken, &outputLength, to);
-
-    if (returnCode || reasonCode)
-        return -(returnCode << 16 | reasonCode);
-    return outputLength;
-}
-
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
-                            unsigned char *to, RSA *rsa, int padding)
-{
-    long returnCode;
-    long reasonCode;
-    long lflen = flen;
-    long exitDataLength = 0;
-    unsigned char exitData[8];
-    long ruleArrayLength = 1;
-    unsigned char ruleArray[8] = "PKCS-1.2";
-    long dataStructureLength = 0;
-    unsigned char dataStructure[8];
-    long outputLength = RSA_size(rsa);
-    long keyTokenLength;
-    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
-
-    keyTokenLength = *(long *)keyToken;
-    keyToken += sizeof(long);
-
-    pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
-               &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
-               &dataStructureLength, dataStructure, &keyTokenLength,
-               keyToken, &outputLength, to);
-
-    return (returnCode | reasonCode) ? 0 : 1;
-}
-
-#   define SSL_SIG_LEN 36
-
-static int cca_rsa_verify(int type, const unsigned char *m,
-                          unsigned int m_len, const unsigned char *sigbuf,
-                          unsigned int siglen, const RSA *rsa)
-{
-    long returnCode;
-    long reasonCode;
-    long lsiglen = siglen;
-    long exitDataLength = 0;
-    unsigned char exitData[8];
-    long ruleArrayLength = 1;
-    unsigned char ruleArray[8] = "PKCS-1.1";
-    long keyTokenLength;
-    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
-    long length = SSL_SIG_LEN;
-    long keyLength;
-    unsigned char *hashBuffer = NULL;
-    X509_SIG sig;
-    ASN1_TYPE parameter;
-    X509_ALGOR algorithm;
-    ASN1_OCTET_STRING digest;
-
-    keyTokenLength = *(long *)keyToken;
-    keyToken += sizeof(long);
-
-    if (type == NID_md5 || type == NID_sha1) {
-        sig.algor = &algorithm;
-        algorithm.algorithm = OBJ_nid2obj(type);
-
-        if (!algorithm.algorithm) {
-            CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
-                       CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
-            return 0;
-        }
-
-        if (!OBJ_length(algorithm.algorithm)) {
-            CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
-                       CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
-            return 0;
-        }
-
-        parameter.type = V_ASN1_NULL;
-        parameter.value.ptr = NULL;
-        algorithm.parameter = &parameter;
-
-        sig.digest = &digest;
-        sig.digest->data = (unsigned char *)m;
-        sig.digest->length = m_len;
-
-        length = i2d_X509_SIG(&sig, NULL);
-    }
-
-    keyLength = RSA_size(rsa);
-
-    if (length - RSA_PKCS1_PADDING > keyLength) {
-        CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
-                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-        return 0;
-    }
-
-    switch (type) {
-    case NID_md5_sha1:
-        if (m_len != SSL_SIG_LEN) {
-            CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
-                       CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-            return 0;
-        }
-
-        hashBuffer = (unsigned char *)m;
-        length = m_len;
-        break;
-    case NID_md5:
-        {
-            unsigned char *ptr;
-            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
-            if (!hashBuffer) {
-                CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-
-            i2d_X509_SIG(&sig, &ptr);
-        }
-        break;
-    case NID_sha1:
-        {
-            unsigned char *ptr;
-            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
-            if (!hashBuffer) {
-                CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-            i2d_X509_SIG(&sig, &ptr);
-        }
-        break;
-    default:
-        return 0;
-    }
-
-    digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
-                           exitData, &ruleArrayLength, ruleArray,
-                           &keyTokenLength, keyToken, &length, hashBuffer,
-                           &lsiglen, (unsigned char *)sigbuf);
-
-    if (type == NID_sha1 || type == NID_md5)
-        OPENSSL_clear_free(hashBuffer, keyLength + 1);
-
-    return ((returnCode || reasonCode) ? 0 : 1);
-}
-
-#   define SSL_SIG_LEN 36
-
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
-                        unsigned char *sigret, unsigned int *siglen,
-                        const RSA *rsa)
-{
-    long returnCode;
-    long reasonCode;
-    long exitDataLength = 0;
-    unsigned char exitData[8];
-    long ruleArrayLength = 1;
-    unsigned char ruleArray[8] = "PKCS-1.1";
-    long outputLength = 256;
-    long outputBitLength;
-    long keyTokenLength;
-    unsigned char *hashBuffer = NULL;
-    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
-    long length = SSL_SIG_LEN;
-    long keyLength;
-    X509_SIG sig;
-    ASN1_TYPE parameter;
-    X509_ALGOR algorithm;
-    ASN1_OCTET_STRING digest;
-
-    keyTokenLength = *(long *)keyToken;
-    keyToken += sizeof(long);
-
-    if (type == NID_md5 || type == NID_sha1) {
-        sig.algor = &algorithm;
-        algorithm.algorithm = OBJ_nid2obj(type);
-
-        if (!algorithm.algorithm) {
-            CCA4758err(CCA4758_F_CCA_RSA_SIGN,
-                       CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
-            return 0;
-        }
-
-        if (!OBJ_length(algorithm.algorithm)) {
-            CCA4758err(CCA4758_F_CCA_RSA_SIGN,
-                       CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
-            return 0;
-        }
-
-        parameter.type = V_ASN1_NULL;
-        parameter.value.ptr = NULL;
-        algorithm.parameter = &parameter;
-
-        sig.digest = &digest;
-        sig.digest->data = (unsigned char *)m;
-        sig.digest->length = m_len;
-
-        length = i2d_X509_SIG(&sig, NULL);
-    }
-
-    keyLength = RSA_size(rsa);
-
-    if (length - RSA_PKCS1_PADDING > keyLength) {
-        CCA4758err(CCA4758_F_CCA_RSA_SIGN,
-                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-        return 0;
-    }
-
-    switch (type) {
-    case NID_md5_sha1:
-        if (m_len != SSL_SIG_LEN) {
-            CCA4758err(CCA4758_F_CCA_RSA_SIGN,
-                       CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-            return 0;
-        }
-        hashBuffer = (unsigned char *)m;
-        length = m_len;
-        break;
-    case NID_md5:
-        {
-            unsigned char *ptr;
-            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
-            if (!hashBuffer) {
-                CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-            i2d_X509_SIG(&sig, &ptr);
-        }
-        break;
-    case NID_sha1:
-        {
-            unsigned char *ptr;
-            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
-            if (!hashBuffer) {
-                CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-            i2d_X509_SIG(&sig, &ptr);
-        }
-        break;
-    default:
-        return 0;
-    }
-
-    digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
-                             exitData, &ruleArrayLength, ruleArray,
-                             &keyTokenLength, keyToken, &length, hashBuffer,
-                             &outputLength, &outputBitLength, sigret);
-
-    if (type == NID_sha1 || type == NID_md5)
-        OPENSSL_clear_free(hashBuffer, keyLength + 1);
-
-    *siglen = outputLength;
-
-    return ((returnCode || reasonCode) ? 0 : 1);
-}
-
-static int getModulusAndExponent(const unsigned char *token,
-                                 long *exponentLength,
-                                 unsigned char *exponent, long *modulusLength,
-                                 long *modulusFieldLength,
-                                 unsigned char *modulus)
-{
-    unsigned long len;
-
-    if (*token++ != (char)0x1E) /* internal PKA token? */
-        return 0;
-
-    if (*token++)               /* token version must be zero */
-        return 0;
-
-    len = *token++;
-    len = len << 8;
-    len |= (unsigned char)*token++;
-
-    token += 4;                 /* skip reserved bytes */
-
-    if (*token++ == (char)0x04) {
-        if (*token++)           /* token version must be zero */
-            return 0;
-
-        len = *token++;
-        len = len << 8;
-        len |= (unsigned char)*token++;
-
-        token += 2;             /* skip reserved section */
-
-        len = *token++;
-        len = len << 8;
-        len |= (unsigned char)*token++;
-
-        *exponentLength = len;
-
-        len = *token++;
-        len = len << 8;
-        len |= (unsigned char)*token++;
-
-        *modulusLength = len;
-
-        len = *token++;
-        len = len << 8;
-        len |= (unsigned char)*token++;
-
-        *modulusFieldLength = len;
-
-        memcpy(exponent, token, *exponentLength);
-        token += *exponentLength;
-
-        memcpy(modulus, token, *modulusFieldLength);
-        return 1;
-    }
-    return 0;
-}
-
-#  endif                        /* OPENSSL_NO_RSA */
-
-static int cca_random_status(void)
-{
-    return 1;
-}
-
-static int cca_get_random_bytes(unsigned char *buf, int num)
-{
-    long ret_code;
-    long reason_code;
-    long exit_data_length;
-    unsigned char exit_data[4];
-    unsigned char form[] = "RANDOM  ";
-    unsigned char rand_buf[8];
-
-    while (num >= (int)sizeof(rand_buf)) {
-        randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
-                             exit_data, form, rand_buf);
-        if (ret_code)
-            return 0;
-        num -= sizeof(rand_buf);
-        memcpy(buf, rand_buf, sizeof(rand_buf));
-        buf += sizeof(rand_buf);
-    }
-
-    if (num) {
-        randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
-                             form, rand_buf);
-        if (ret_code)
-            return 0;
-        memcpy(buf, rand_buf, num);
-    }
-
-    return 1;
-}
-
-#  ifndef OPENSSL_NO_RSA
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
-                        long argl, void *argp)
-{
-    OPENSSL_free(item);
-}
-#  endif
-
-/* Goo to handle building as a dynamic engine */
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_4758_cca_id) != 0) &&
-        (strcmp(id, engine_4758_cca_id_alt) != 0))
-        return 0;
-    if (!bind_helper(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif                         /* !OPENSSL_NO_HW_4758_CCA */
-#endif                          /* !OPENSSL_NO_HW */
diff --git a/engines/e_4758cca.ec b/engines/e_4758cca.ec
deleted file mode 100644 (file)
index f30ed02..0000000
+++ /dev/null
@@ -1 +0,0 @@
-L CCA4758      e_4758cca_err.h         e_4758cca_err.c
diff --git a/engines/e_4758cca_err.c b/engines/e_4758cca_err.c
deleted file mode 100644 (file)
index aed7199..0000000
+++ /dev/null
@@ -1,153 +0,0 @@
-/* e_4758cca_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_4758cca_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA CCA4758_str_functs[] = {
-    {ERR_FUNC(CCA4758_F_CCA_RSA_SIGN), "CCA_RSA_SIGN"},
-    {ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY), "CCA_RSA_VERIFY"},
-    {ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL), "IBM_4758_CCA_CTRL"},
-    {ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH), "IBM_4758_CCA_FINISH"},
-    {ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT), "IBM_4758_CCA_INIT"},
-    {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY), "IBM_4758_LOAD_PRIVKEY"},
-    {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY), "IBM_4758_LOAD_PUBKEY"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA CCA4758_str_reasons[] = {
-    {ERR_REASON(CCA4758_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD),
-     "asn1 oid unknown for md"},
-    {ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED),
-     "command not implemented"},
-    {ERR_REASON(CCA4758_R_DSO_FAILURE), "dso failure"},
-    {ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY),
-     "failed loading private key"},
-    {ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY),
-     "failed loading public key"},
-    {ERR_REASON(CCA4758_R_NOT_LOADED), "not loaded"},
-    {ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
-     "size too large or too small"},
-    {ERR_REASON(CCA4758_R_UNIT_FAILURE), "unit failure"},
-    {ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
-    {0, NULL}
-};
-
-#endif
-
-#ifdef CCA4758_LIB_NAME
-static ERR_STRING_DATA CCA4758_lib_name[] = {
-    {0, CCA4758_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int CCA4758_lib_error_code = 0;
-static int CCA4758_error_init = 1;
-
-static void ERR_load_CCA4758_strings(void)
-{
-    if (CCA4758_lib_error_code == 0)
-        CCA4758_lib_error_code = ERR_get_next_error_library();
-
-    if (CCA4758_error_init) {
-        CCA4758_error_init = 0;
-#ifndef OPENSSL_NO_ERR
-        ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_functs);
-        ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
-        CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code, 0, 0);
-        ERR_load_strings(0, CCA4758_lib_name);
-#endif
-    }
-}
-
-static void ERR_unload_CCA4758_strings(void)
-{
-    if (CCA4758_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_functs);
-        ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
-        ERR_unload_strings(0, CCA4758_lib_name);
-#endif
-        CCA4758_error_init = 1;
-    }
-}
-
-static void ERR_CCA4758_error(int function, int reason, char *file, int line)
-{
-    if (CCA4758_lib_error_code == 0)
-        CCA4758_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(CCA4758_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_4758cca_err.h b/engines/e_4758cca_err.h
deleted file mode 100644 (file)
index 2f29d96..0000000
+++ /dev/null
@@ -1,98 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CCA4758_ERR_H
-# define HEADER_CCA4758_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CCA4758_strings(void);
-static void ERR_unload_CCA4758_strings(void);
-static void ERR_CCA4758_error(int function, int reason, char *file, int line);
-# define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CCA4758 functions. */
-
-/* Function codes. */
-# define CCA4758_F_CCA_RSA_SIGN                           105
-# define CCA4758_F_CCA_RSA_VERIFY                         106
-# define CCA4758_F_IBM_4758_CCA_CTRL                      100
-# define CCA4758_F_IBM_4758_CCA_FINISH                    101
-# define CCA4758_F_IBM_4758_CCA_INIT                      102
-# define CCA4758_F_IBM_4758_LOAD_PRIVKEY                  103
-# define CCA4758_F_IBM_4758_LOAD_PUBKEY                   104
-
-/* Reason codes. */
-# define CCA4758_R_ALREADY_LOADED                         100
-# define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD                101
-# define CCA4758_R_COMMAND_NOT_IMPLEMENTED                102
-# define CCA4758_R_DSO_FAILURE                            103
-# define CCA4758_R_FAILED_LOADING_PRIVATE_KEY             104
-# define CCA4758_R_FAILED_LOADING_PUBLIC_KEY              105
-# define CCA4758_R_NOT_LOADED                             106
-# define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL            107
-# define CCA4758_R_UNIT_FAILURE                           108
-# define CCA4758_R_UNKNOWN_ALGORITHM_TYPE                 109
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_aep.c b/engines/e_aep.c
deleted file mode 100644 (file)
index abcdb15..0000000
+++ /dev/null
@@ -1,1182 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <string.h>
-
-#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) || defined(__MINGW32__)
-# include <sys/types.h>
-# include <unistd.h>
-#else
-# include <process.h>
-typedef int pid_t;
-#endif
-
-#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
-# define getpid GetThreadID
-extern int GetThreadID(void);
-#elif defined(_WIN32) && !defined(__WATCOMC__)
-# define getpid _getpid
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/buffer.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_AEP
-#  ifdef FLAT_INC
-#   include "aep.h"
-#  else
-#   include "vendor_defns/aep.h"
-#  endif
-
-#  define AEP_LIB_NAME "aep engine"
-#  define FAIL_TO_SW 0x10101010
-
-#  include "e_aep_err.c"
-
-static int aep_init(ENGINE *e);
-static int aep_finish(ENGINE *e);
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-static int aep_destroy(ENGINE *e);
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection);
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
-
-/* BIGNUM stuff */
-#  ifndef OPENSSL_NO_RSA
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                       const BIGNUM *m, BN_CTX *ctx);
-
-static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *q, const BIGNUM *dmp1,
-                              const BIGNUM *dmq1, const BIGNUM *iqmp,
-                              BN_CTX *ctx);
-#  endif
-
-/* RSA stuff */
-#  ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                           BN_CTX *ctx);
-#  endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-#  ifndef OPENSSL_NO_RSA
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#  endif
-
-/* DSA stuff */
-#  ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-                           BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                           BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                           const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                           BN_MONT_CTX *m_ctx);
-#  endif
-
-/* DH stuff */
-/* This function is aliased to mod_exp (with the DH and mont dropped). */
-#  ifndef OPENSSL_NO_DH
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-                          const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                          BN_MONT_CTX *m_ctx);
-#  endif
-
-/* rand stuff   */
-#  ifdef AEPRAND
-static int aep_rand(unsigned char *buf, int num);
-static int aep_rand_status(void);
-#  endif
-
-/* Bignum conversion stuff */
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize);
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
-                            unsigned char *AEP_BigNum);
-static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize,
-                               unsigned char *AEP_BigNum);
-
-/* The definitions for control commands specific to this engine */
-#  define AEP_CMD_SO_PATH         ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN aep_cmd_defns[] = {
-    {AEP_CMD_SO_PATH,
-     "SO_PATH",
-     "Specifies the path to the 'aep' shared library",
-     ENGINE_CMD_FLAG_STRING},
-    {0, NULL, NULL, 0}
-};
-
-#  ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD aep_rsa = {
-    "Aep RSA method",
-    NULL,                       /* rsa_pub_encrypt */
-    NULL,                       /* rsa_pub_decrypt */
-    NULL,                       /* rsa_priv_encrypt */
-    NULL,                       /* rsa_priv_encrypt */
-    aep_rsa_mod_exp,            /* rsa_mod_exp */
-    aep_mod_exp_mont,           /* bn_mod_exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,                       /* app_data */
-    NULL,                       /* rsa_sign */
-    NULL,                       /* rsa_verify */
-    NULL                        /* rsa_keygen */
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD aep_dsa = {
-    "Aep DSA method",
-    NULL,                       /* dsa_do_sign */
-    NULL,                       /* dsa_sign_setup */
-    NULL,                       /* dsa_do_verify */
-    aep_dsa_mod_exp,            /* dsa_mod_exp */
-    aep_mod_exp_dsa,            /* bn_mod_exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,                       /* app_data */
-    NULL,                       /* dsa_paramgen */
-    NULL                        /* dsa_keygen */
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD aep_dh = {
-    "Aep DH method",
-    NULL,
-    NULL,
-    aep_mod_exp_dh,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL
-};
-#  endif
-
-#  ifdef AEPRAND
-/* our internal RAND_method that we provide pointers to  */
-static RAND_METHOD aep_random = {
-    /*
-     * "AEP RAND method",
-     */
-    NULL,
-    aep_rand,
-    NULL,
-    NULL,
-    aep_rand,
-    aep_rand_status,
-};
-#  endif
-
-/*
- * Define an array of structures to hold connections
- */
-static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS];
-
-/*
- * Used to determine if this is a new process
- */
-static pid_t recorded_pid = 0;
-
-#  ifdef AEPRAND
-static AEP_U8 rand_block[RAND_BLK_SIZE];
-static AEP_U32 rand_block_bytes = 0;
-#  endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_aep_id = "aep";
-static const char *engine_aep_name = "Aep hardware engine support";
-
-static int max_key_len = 2176;
-
-/*
- * This internal function is used by ENGINE_aep() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_aep(ENGINE *e)
-{
-#  ifndef OPENSSL_NO_RSA
-    const RSA_METHOD *meth1;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    const DSA_METHOD *meth2;
-#  endif
-#  ifndef OPENSSL_NO_DH
-    const DH_METHOD *meth3;
-#  endif
-
-    if (!ENGINE_set_id(e, engine_aep_id) ||
-        !ENGINE_set_name(e, engine_aep_name) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_RSA(e, &aep_rsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DSA
-        !ENGINE_set_DSA(e, &aep_dsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DH
-        !ENGINE_set_DH(e, &aep_dh) ||
-#  endif
-#  ifdef AEPRAND
-        !ENGINE_set_RAND(e, &aep_random) ||
-#  endif
-        !ENGINE_set_init_function(e, aep_init) ||
-        !ENGINE_set_destroy_function(e, aep_destroy) ||
-        !ENGINE_set_finish_function(e, aep_finish) ||
-        !ENGINE_set_ctrl_function(e, aep_ctrl) ||
-        !ENGINE_set_cmd_defns(e, aep_cmd_defns))
-        return 0;
-
-#  ifndef OPENSSL_NO_RSA
-    /*
-     * We know that the "PKCS1_SSLeay()" functions hook properly to the
-     * aep-specific mod_exp and mod_exp_crt so we use those functions. NB: We
-     * don't use ENGINE_openssl() or anything "more generic" because
-     * something like the RSAref code may not hook properly, and if you own
-     * one of these cards then you have the right to do RSA operations on it
-     * anyway!
-     */
-    meth1 = RSA_PKCS1_SSLeay();
-    aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-    aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-    aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-    aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-    /*
-     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
-     */
-    meth2 = DSA_OpenSSL();
-    aep_dsa.dsa_do_sign = meth2->dsa_do_sign;
-    aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
-    aep_dsa.dsa_do_verify = meth2->dsa_do_verify;
-
-    aep_dsa = *DSA_get_default_method();
-    aep_dsa.dsa_mod_exp = aep_dsa_mod_exp;
-    aep_dsa.bn_mod_exp = aep_mod_exp_dsa;
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-    /* Much the same for Diffie-Hellman */
-    meth3 = DH_OpenSSL();
-    aep_dh.generate_key = meth3->generate_key;
-    aep_dh.compute_key = meth3->compute_key;
-    aep_dh.bn_mod_exp = meth3->bn_mod_exp;
-#  endif
-
-    /* Ensure the aep error handling is set up */
-    ERR_load_AEPHK_strings();
-
-    return 1;
-}
-
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_helper(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_aep_id) != 0))
-        return 0;
-    if (!bind_aep(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#  else
-static ENGINE *engine_aep(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_aep(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_aep(void)
-{
-    /* Copied from eng_[openssl|dyn].c */
-    ENGINE *toadd = engine_aep();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    ENGINE_free(toadd);
-    ERR_clear_error();
-}
-#  endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the Aep
- * library. NB: This is only set (or unset) during an init() or finish() call
- * (reference counts permitting) and they're operating with global locks, so
- * this should be thread-safe implicitly.
- */
-static DSO *aep_dso = NULL;
-
-/*
- * These are the static string constants for the DSO file name and the
- * function symbol names to bind to.
- */
-static const char *AEP_LIBNAME = NULL;
-static const char *get_AEP_LIBNAME(void)
-{
-    if (AEP_LIBNAME)
-        return AEP_LIBNAME;
-    return "aep";
-}
-
-static void free_AEP_LIBNAME(void)
-{
-    OPENSSL_free(AEP_LIBNAME);
-    AEP_LIBNAME = NULL;
-}
-
-static long set_AEP_LIBNAME(const char *name)
-{
-    free_AEP_LIBNAME();
-    return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
-}
-
-static const char *AEP_F1 = "AEP_ModExp";
-static const char *AEP_F2 = "AEP_ModExpCrt";
-#  ifdef AEPRAND
-static const char *AEP_F3 = "AEP_GenRandom";
-#  endif
-static const char *AEP_F4 = "AEP_Finalize";
-static const char *AEP_F5 = "AEP_Initialize";
-static const char *AEP_F6 = "AEP_OpenConnection";
-static const char *AEP_F7 = "AEP_SetBNCallBacks";
-static const char *AEP_F8 = "AEP_CloseConnection";
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static t_AEP_OpenConnection *p_AEP_OpenConnection = NULL;
-static t_AEP_CloseConnection *p_AEP_CloseConnection = NULL;
-static t_AEP_ModExp *p_AEP_ModExp = NULL;
-static t_AEP_ModExpCrt *p_AEP_ModExpCrt = NULL;
-#  ifdef AEPRAND
-static t_AEP_GenRandom *p_AEP_GenRandom = NULL;
-#  endif
-static t_AEP_Initialize *p_AEP_Initialize = NULL;
-static t_AEP_Finalize *p_AEP_Finalize = NULL;
-static t_AEP_SetBNCallBacks *p_AEP_SetBNCallBacks = NULL;
-
-/* (de)initialisation functions. */
-static int aep_init(ENGINE *e)
-{
-    t_AEP_ModExp *p1;
-    t_AEP_ModExpCrt *p2;
-#  ifdef AEPRAND
-    t_AEP_GenRandom *p3;
-#  endif
-    t_AEP_Finalize *p4;
-    t_AEP_Initialize *p5;
-    t_AEP_OpenConnection *p6;
-    t_AEP_SetBNCallBacks *p7;
-    t_AEP_CloseConnection *p8;
-
-    int to_return = 0;
-
-    if (aep_dso != NULL) {
-        AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_ALREADY_LOADED);
-        goto err;
-    }
-    /* Attempt to load libaep.so. */
-
-    aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
-    if (aep_dso == NULL) {
-        AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED);
-        goto err;
-    }
-
-#define BINDIT(t, name) (t *)DSO_bind_func(aep_dso, name)
-    if ((p1 = BINDIT(t_AEP_ModExp, AEP_F1)) == NULL
-        || (p2 = BINDIT(t_AEP_ModExpCrt, AEP_F2)) == NULL
-#  ifdef AEPRAND
-        || (p3 = BINDIT(t_AEP_GenRandom, AEP_F3)) == NULL
-#  endif
-        || (p4 = BINDIT(t_AEP_Finalize, AEP_F4)) == NULL
-        || (p5 = BINDIT(t_AEP_Initialize, AEP_F5)) == NULL
-        || (p6 = BINDIT(t_AEP_OpenConnection, AEP_F6)) == NULL
-        || (p7 = BINDIT(t_AEP_SetBNCallBacks, AEP_F7)) == NULL
-        || (p8 = BINDIT(t_AEP_CloseConnection, AEP_F8)) == NULL) {
-        AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED);
-        goto err;
-    }
-
-    /* Copy the pointers */
-
-    p_AEP_ModExp = p1;
-    p_AEP_ModExpCrt = p2;
-#  ifdef AEPRAND
-    p_AEP_GenRandom = p3;
-#  endif
-    p_AEP_Finalize = p4;
-    p_AEP_Initialize = p5;
-    p_AEP_OpenConnection = p6;
-    p_AEP_SetBNCallBacks = p7;
-    p_AEP_CloseConnection = p8;
-
-    to_return = 1;
-
-    return to_return;
-
- err:
-
-    DSO_free(aep_dso);
-    aep_dso = NULL;
-
-    p_AEP_OpenConnection = NULL;
-    p_AEP_ModExp = NULL;
-    p_AEP_ModExpCrt = NULL;
-#  ifdef AEPRAND
-    p_AEP_GenRandom = NULL;
-#  endif
-    p_AEP_Initialize = NULL;
-    p_AEP_Finalize = NULL;
-    p_AEP_SetBNCallBacks = NULL;
-    p_AEP_CloseConnection = NULL;
-
-    return to_return;
-}
-
-/* Destructor (complements the "ENGINE_aep()" constructor) */
-static int aep_destroy(ENGINE *e)
-{
-    free_AEP_LIBNAME();
-    ERR_unload_AEPHK_strings();
-    return 1;
-}
-
-static int aep_finish(ENGINE *e)
-{
-    int to_return = 0, in_use;
-    AEP_RV rv;
-
-    if (aep_dso == NULL) {
-        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_NOT_LOADED);
-        goto err;
-    }
-
-    rv = aep_close_all_connections(0, &in_use);
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CLOSE_HANDLES_FAILED);
-        goto err;
-    }
-    if (in_use) {
-        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CONNECTIONS_IN_USE);
-        goto err;
-    }
-
-    rv = p_AEP_Finalize();
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_FINALIZE_FAILED);
-        goto err;
-    }
-
-    if (!DSO_free(aep_dso)) {
-        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_UNIT_FAILURE);
-        goto err;
-    }
-
-    aep_dso = NULL;
-    p_AEP_CloseConnection = NULL;
-    p_AEP_OpenConnection = NULL;
-    p_AEP_ModExp = NULL;
-    p_AEP_ModExpCrt = NULL;
-#  ifdef AEPRAND
-    p_AEP_GenRandom = NULL;
-#  endif
-    p_AEP_Initialize = NULL;
-    p_AEP_Finalize = NULL;
-    p_AEP_SetBNCallBacks = NULL;
-
-    to_return = 1;
- err:
-    return to_return;
-}
-
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-    int initialised = ((aep_dso == NULL) ? 0 : 1);
-    switch (cmd) {
-    case AEP_CMD_SO_PATH:
-        if (p == NULL) {
-            AEPHKerr(AEPHK_F_AEP_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-            return 0;
-        }
-        if (initialised) {
-            AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_ALREADY_LOADED);
-            return 0;
-        }
-        return set_AEP_LIBNAME((const char *)p);
-    default:
-        break;
-    }
-    AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                       const BIGNUM *m, BN_CTX *ctx)
-{
-    int to_return = 0;
-    int r_len = 0;
-    AEP_CONNECTION_HNDL hConnection;
-    AEP_RV rv;
-
-    r_len = BN_num_bits(m);
-
-    /* Perform in software if modulus is too large for hardware. */
-
-    if (r_len > max_key_len) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-        return BN_mod_exp(r, a, p, m, ctx);
-    }
-
-    /*
-     * Grab a connection from the pool
-     */
-    rv = aep_get_connection(&hConnection);
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_GET_HANDLE_FAILED);
-        return BN_mod_exp(r, a, p, m, ctx);
-    }
-
-    /*
-     * To the card with the mod exp
-     */
-    rv = p_AEP_ModExp(hConnection, (void *)a, (void *)p, (void *)m, (void *)r,
-                      NULL);
-
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_MOD_EXP_FAILED);
-        rv = aep_close_connection(hConnection);
-        return BN_mod_exp(r, a, p, m, ctx);
-    }
-
-    /*
-     * Return the connection to the pool
-     */
-    rv = aep_return_connection(hConnection);
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_RETURN_CONNECTION_FAILED);
-        goto err;
-    }
-
-    to_return = 1;
- err:
-    return to_return;
-}
-
-#  ifndef OPENSSL_NO_RSA
-static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *q, const BIGNUM *dmp1,
-                              const BIGNUM *dmq1, const BIGNUM *iqmp,
-                              BN_CTX *ctx)
-{
-    AEP_RV rv = AEP_R_OK;
-    AEP_CONNECTION_HNDL hConnection;
-
-    /*
-     * Grab a connection from the pool
-     */
-    rv = aep_get_connection(&hConnection);
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_GET_HANDLE_FAILED);
-        return FAIL_TO_SW;
-    }
-
-    /*
-     * To the card with the mod exp
-     */
-    rv = p_AEP_ModExpCrt(hConnection, (void *)a, (void *)p, (void *)q,
-                         (void *)dmp1, (void *)dmq1, (void *)iqmp, (void *)r,
-                         NULL);
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_MOD_EXP_CRT_FAILED);
-        rv = aep_close_connection(hConnection);
-        return FAIL_TO_SW;
-    }
-
-    /*
-     * Return the connection to the pool
-     */
-    rv = aep_return_connection(hConnection);
-    if (rv != AEP_R_OK) {
-        AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_RETURN_CONNECTION_FAILED);
-        goto err;
-    }
-
- err:
-    return rv;
-}
-#  endif
-
-#  ifdef AEPRAND
-static int aep_rand(unsigned char *buf, int len)
-{
-    AEP_RV rv = AEP_R_OK;
-    AEP_CONNECTION_HNDL hConnection;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-    /*
-     * Can the request be serviced with what's already in the buffer?
-     */
-    if (len <= rand_block_bytes) {
-        memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
-        rand_block_bytes -= len;
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-    } else
-        /*
-         * If not the get another block of random bytes
-         */
-    {
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-        rv = aep_get_connection(&hConnection);
-        if (rv != AEP_R_OK) {
-            AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_HANDLE_FAILED);
-            goto err_nounlock;
-        }
-
-        if (len > RAND_BLK_SIZE) {
-            rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL);
-            if (rv != AEP_R_OK) {
-                AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED);
-                goto err_nounlock;
-            }
-        } else {
-            CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-            rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2,
-                                 &rand_block[0], NULL);
-            if (rv != AEP_R_OK) {
-                AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED);
-
-                goto err;
-            }
-
-            rand_block_bytes = RAND_BLK_SIZE;
-
-            memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
-            rand_block_bytes -= len;
-
-            CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-        }
-
-        rv = aep_return_connection(hConnection);
-        if (rv != AEP_R_OK) {
-            AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_RETURN_CONNECTION_FAILED);
-
-            goto err_nounlock;
-        }
-    }
-
-    return 1;
- err:
-    CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- err_nounlock:
-    return 0;
-}
-
-static int aep_rand_status(void)
-{
-    return 1;
-}
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
-    int to_return = 0;
-    AEP_RV rv = AEP_R_OK;
-
-    if (!aep_dso) {
-        AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_NOT_LOADED);
-        goto err;
-    }
-
-    /*
-     * See if we have all the necessary bits for a crt
-     */
-    if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
-        rv = aep_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1,
-                             rsa->iqmp, ctx);
-
-        if (rv == FAIL_TO_SW) {
-            const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-            to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
-            goto err;
-        } else if (rv != AEP_R_OK)
-            goto err;
-    } else {
-        if (!rsa->d || !rsa->n) {
-            AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_MISSING_KEY_COMPONENTS);
-            goto err;
-        }
-
-        rv = aep_mod_exp(r0, I, rsa->d, rsa->n, ctx);
-        if (rv != AEP_R_OK)
-            goto err;
-
-    }
-
-    to_return = 1;
-
- err:
-    return to_return;
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-                           BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                           BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    BIGNUM t;
-    int to_return = 0;
-    BN_init(&t);
-
-    /* let rr = a1 ^ p1 mod m */
-    if (!aep_mod_exp(rr, a1, p1, m, ctx))
-        goto end;
-    /* let t = a2 ^ p2 mod m */
-    if (!aep_mod_exp(&t, a2, p2, m, ctx))
-        goto end;
-    /* let rr = rr * t mod m */
-    if (!BN_mod_mul(rr, rr, &t, m, ctx))
-        goto end;
-    to_return = 1;
- end:
-    BN_free(&t);
-    return to_return;
-}
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                           const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                           BN_MONT_CTX *m_ctx)
-{
-    return aep_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    return aep_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-                          const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                          BN_MONT_CTX *m_ctx)
-{
-    return aep_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
-{
-    int count;
-    AEP_RV rv = AEP_R_OK;
-
-    /*
-     * Get the current process id
-     */
-    pid_t curr_pid;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
-    curr_pid = getpid();
-
-    /*
-     * Check if this is the first time this is being called from the current
-     * process
-     */
-    if (recorded_pid != curr_pid) {
-        /*
-         * Remember our pid so we can check if we're in a new process
-         */
-        recorded_pid = curr_pid;
-
-        /*
-         * Call Finalize to make sure we have not inherited some data from a
-         * parent process
-         */
-        p_AEP_Finalize();
-
-        /*
-         * Initialise the AEP API
-         */
-        rv = p_AEP_Initialize(NULL);
-
-        if (rv != AEP_R_OK) {
-            AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_INIT_FAILURE);
-            recorded_pid = 0;
-            goto end;
-        }
-
-        /*
-         * Set the AEP big num call back functions
-         */
-        rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum,
-                                  &ConvertAEPBigNum);
-
-        if (rv != AEP_R_OK) {
-            AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,
-                     AEPHK_R_SETBNCALLBACK_FAILURE);
-            recorded_pid = 0;
-            goto end;
-        }
-#  ifdef AEPRAND
-        /*
-         * Reset the rand byte count
-         */
-        rand_block_bytes = 0;
-#  endif
-
-        /*
-         * Init the structures
-         */
-        for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
-            aep_app_conn_table[count].conn_state = NotConnected;
-            aep_app_conn_table[count].conn_hndl = 0;
-        }
-
-        /*
-         * Open a connection
-         */
-        rv = p_AEP_OpenConnection(phConnection);
-
-        if (rv != AEP_R_OK) {
-            AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE);
-            recorded_pid = 0;
-            goto end;
-        }
-
-        aep_app_conn_table[0].conn_state = InUse;
-        aep_app_conn_table[0].conn_hndl = *phConnection;
-        goto end;
-    }
-    /*
-     * Check the existing connections to see if we can find a free one
-     */
-    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
-        if (aep_app_conn_table[count].conn_state == Connected) {
-            aep_app_conn_table[count].conn_state = InUse;
-            *phConnection = aep_app_conn_table[count].conn_hndl;
-            goto end;
-        }
-    }
-    /*
-     * If no connections available, we're going to have to try to open a new
-     * one
-     */
-    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
-        if (aep_app_conn_table[count].conn_state == NotConnected) {
-            /*
-             * Open a connection
-             */
-            rv = p_AEP_OpenConnection(phConnection);
-
-            if (rv != AEP_R_OK) {
-                AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE);
-                goto end;
-            }
-
-            aep_app_conn_table[count].conn_state = InUse;
-            aep_app_conn_table[count].conn_hndl = *phConnection;
-            goto end;
-        }
-    }
-    rv = AEP_R_GENERAL_ERROR;
- end:
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return rv;
-}
-
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection)
-{
-    int count;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
-    /*
-     * Find the connection item that matches this connection handle
-     */
-    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
-        if (aep_app_conn_table[count].conn_hndl == hConnection) {
-            aep_app_conn_table[count].conn_state = Connected;
-            break;
-        }
-    }
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-
-    return AEP_R_OK;
-}
-
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection)
-{
-    int count;
-    AEP_RV rv = AEP_R_OK;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
-    /*
-     * Find the connection item that matches this connection handle
-     */
-    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
-        if (aep_app_conn_table[count].conn_hndl == hConnection) {
-            rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
-            if (rv != AEP_R_OK)
-                goto end;
-            aep_app_conn_table[count].conn_state = NotConnected;
-            aep_app_conn_table[count].conn_hndl = 0;
-            break;
-        }
-    }
-
- end:
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return rv;
-}
-
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use)
-{
-    int count;
-    AEP_RV rv = AEP_R_OK;
-
-    *in_use = 0;
-    if (use_engine_lock)
-        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
-        switch (aep_app_conn_table[count].conn_state) {
-        case Connected:
-            rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
-            if (rv != AEP_R_OK)
-                goto end;
-            aep_app_conn_table[count].conn_state = NotConnected;
-            aep_app_conn_table[count].conn_hndl = 0;
-            break;
-        case InUse:
-            (*in_use)++;
-            break;
-        case NotConnected:
-            break;
-        }
-    }
- end:
-    if (use_engine_lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return rv;
-}
-
-/*
- * BigNum call back functions, used to convert OpenSSL bignums into AEP
- * bignums. Note only 32bit Openssl build support
- */
-
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize)
-{
-    BIGNUM *bn;
-
-    /*
-     * Cast the ArbBigNum pointer to our BIGNUM struct
-     */
-    bn = (BIGNUM *)ArbBigNum;
-
-    *BigNumSize = bn->top * BN_BYTES;
-
-    if (BN_BYTES > sizeof(AEP_U32) && (bn->d[bn->top - 1] >> BN_BITS4) == 0)
-        *BigNumSize -= 4;
-
-    return AEP_R_OK;
-}
-
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
-                            unsigned char *AEP_BigNum)
-{
-    BIGNUM *bn;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    AEP_U32 i, j;
-
-    /*
-     * Cast the ArbBigNum pointer to our BIGNUM struct
-     */
-    bn = (BIGNUM *)ArbBigNum;
-
-    /*
-     * Must copy data into a (monotone) least significant byte first format
-     * performing endian conversion if necessary
-     */
-    if (is_endian.little && sizeof(bn->d[0]) == BN_BYTES)
-        memcpy(AEP_BigNum, bn->d, BigNumSize);
-    else {
-        BN_ULONG di;
-
-        for (i = 0; BigNumSize >= BN_BYTES; i++) {
-            di = bn->d[i];
-            for (j = 0; j < BN_BYTES; j++) {
-                AEP_BigNum[j] = (unsigned char)di;
-                di >>= 8;
-            }
-            AEP_BigNum += BN_BYTES;
-            BigNumSize -= BN_BYTES;
-        }
-
-        if (BigNumSize) {
-            di = bn->d[i];
-            for (j = 0; j < BigNumSize; j++) {
-                AEP_BigNum[j] = (unsigned char)di;
-                di >>= 8;
-            }
-        }
-    }
-
-    return AEP_R_OK;
-}
-
-/*
- * Turn an AEP Big Num back to a user big num
- */
-static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize,
-                               unsigned char *AEP_BigNum)
-{
-    BIGNUM *bn;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    int i, j, top;
-
-    bn = (BIGNUM *)ArbBigNum;
-
-    /*
-     * Expand the result bn so that it can hold our big num. Size is in bits
-     */
-    top = (BigNumSize + BN_BYTES - 1) / BN_BYTES;
-    bn_expand(bn, top);
-    bn->top = top;
-    bn->d[top - 1] = 0;
-
-    if (is_endian.little && sizeof(bn->d[0]) == BN_BYTES)
-        memcpy(bn->d, AEP_BigNum, BigNumSize);
-    else {
-        BN_ULONG di;
-
-        for (i = 0; BigNumSize >= BN_BYTES; i++) {
-            for (di = 0, j = BN_BYTES; j != 0;) {
-                di <<= 8;
-                di |= AEP_BigNum[--j];
-            }
-            bn->d[i] = di;
-            AEP_BigNum += BN_BYTES;
-            BigNumSize -= BN_BYTES;
-        }
-
-        if (BigNumSize) {
-            for (di = 0, j = BigNumSize; j != 0;) {
-                di <<= 8;
-                di |= AEP_BigNum[--j];
-            }
-            bn->d[i] = di;
-        }
-    }
-
-    return AEP_R_OK;
-}
-
-# endif                         /* !OPENSSL_NO_HW_AEP */
-#endif                          /* !OPENSSL_NO_HW */
diff --git a/engines/e_aep.ec b/engines/e_aep.ec
deleted file mode 100644 (file)
index 8eae642..0000000
+++ /dev/null
@@ -1 +0,0 @@
-L AEPHK                e_aep_err.h                     e_aep_err.c
diff --git a/engines/e_aep_err.c b/engines/e_aep_err.c
deleted file mode 100644 (file)
index 718db37..0000000
+++ /dev/null
@@ -1,159 +0,0 @@
-/* e_aep_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_aep_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA AEPHK_str_functs[] = {
-    {ERR_FUNC(AEPHK_F_AEP_CTRL), "AEP_CTRL"},
-    {ERR_FUNC(AEPHK_F_AEP_FINISH), "AEP_FINISH"},
-    {ERR_FUNC(AEPHK_F_AEP_GET_CONNECTION), "AEP_GET_CONNECTION"},
-    {ERR_FUNC(AEPHK_F_AEP_INIT), "AEP_INIT"},
-    {ERR_FUNC(AEPHK_F_AEP_MOD_EXP), "AEP_MOD_EXP"},
-    {ERR_FUNC(AEPHK_F_AEP_MOD_EXP_CRT), "AEP_MOD_EXP_CRT"},
-    {ERR_FUNC(AEPHK_F_AEP_RAND), "AEP_RAND"},
-    {ERR_FUNC(AEPHK_F_AEP_RSA_MOD_EXP), "AEP_RSA_MOD_EXP"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA AEPHK_str_reasons[] = {
-    {ERR_REASON(AEPHK_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(AEPHK_R_CLOSE_HANDLES_FAILED), "close handles failed"},
-    {ERR_REASON(AEPHK_R_CONNECTIONS_IN_USE), "connections in use"},
-    {ERR_REASON(AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),
-     "ctrl command not implemented"},
-    {ERR_REASON(AEPHK_R_FINALIZE_FAILED), "finalize failed"},
-    {ERR_REASON(AEPHK_R_GET_HANDLE_FAILED), "get handle failed"},
-    {ERR_REASON(AEPHK_R_GET_RANDOM_FAILED), "get random failed"},
-    {ERR_REASON(AEPHK_R_INIT_FAILURE), "init failure"},
-    {ERR_REASON(AEPHK_R_MISSING_KEY_COMPONENTS), "missing key components"},
-    {ERR_REASON(AEPHK_R_MOD_EXP_CRT_FAILED), "mod exp crt failed"},
-    {ERR_REASON(AEPHK_R_MOD_EXP_FAILED), "mod exp failed"},
-    {ERR_REASON(AEPHK_R_NOT_LOADED), "not loaded"},
-    {ERR_REASON(AEPHK_R_OK), "ok"},
-    {ERR_REASON(AEPHK_R_RETURN_CONNECTION_FAILED),
-     "return connection failed"},
-    {ERR_REASON(AEPHK_R_SETBNCALLBACK_FAILURE), "setbncallback failure"},
-    {ERR_REASON(AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
-     "size too large or too small"},
-    {ERR_REASON(AEPHK_R_UNIT_FAILURE), "unit failure"},
-    {0, NULL}
-};
-
-#endif
-
-#ifdef AEPHK_LIB_NAME
-static ERR_STRING_DATA AEPHK_lib_name[] = {
-    {0, AEPHK_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int AEPHK_lib_error_code = 0;
-static int AEPHK_error_init = 1;
-
-static void ERR_load_AEPHK_strings(void)
-{
-    if (AEPHK_lib_error_code == 0)
-        AEPHK_lib_error_code = ERR_get_next_error_library();
-
-    if (AEPHK_error_init) {
-        AEPHK_error_init = 0;
-#ifndef OPENSSL_NO_ERR
-        ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_functs);
-        ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
-        AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code, 0, 0);
-        ERR_load_strings(0, AEPHK_lib_name);
-#endif
-    }
-}
-
-static void ERR_unload_AEPHK_strings(void)
-{
-    if (AEPHK_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_functs);
-        ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
-        ERR_unload_strings(0, AEPHK_lib_name);
-#endif
-        AEPHK_error_init = 1;
-    }
-}
-
-static void ERR_AEPHK_error(int function, int reason, char *file, int line)
-{
-    if (AEPHK_lib_error_code == 0)
-        AEPHK_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(AEPHK_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_aep_err.h b/engines/e_aep_err.h
deleted file mode 100644 (file)
index 2ed0114..0000000
+++ /dev/null
@@ -1,106 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_AEPHK_ERR_H
-# define HEADER_AEPHK_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_AEPHK_strings(void);
-static void ERR_unload_AEPHK_strings(void);
-static void ERR_AEPHK_error(int function, int reason, char *file, int line);
-# define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the AEPHK functions. */
-
-/* Function codes. */
-# define AEPHK_F_AEP_CTRL                                 100
-# define AEPHK_F_AEP_FINISH                               101
-# define AEPHK_F_AEP_GET_CONNECTION                       102
-# define AEPHK_F_AEP_INIT                                 103
-# define AEPHK_F_AEP_MOD_EXP                              104
-# define AEPHK_F_AEP_MOD_EXP_CRT                          105
-# define AEPHK_F_AEP_RAND                                 106
-# define AEPHK_F_AEP_RSA_MOD_EXP                          107
-
-/* Reason codes. */
-# define AEPHK_R_ALREADY_LOADED                           100
-# define AEPHK_R_CLOSE_HANDLES_FAILED                     101
-# define AEPHK_R_CONNECTIONS_IN_USE                       102
-# define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED             103
-# define AEPHK_R_FINALIZE_FAILED                          104
-# define AEPHK_R_GET_HANDLE_FAILED                        105
-# define AEPHK_R_GET_RANDOM_FAILED                        106
-# define AEPHK_R_INIT_FAILURE                             107
-# define AEPHK_R_MISSING_KEY_COMPONENTS                   108
-# define AEPHK_R_MOD_EXP_CRT_FAILED                       109
-# define AEPHK_R_MOD_EXP_FAILED                           110
-# define AEPHK_R_NOT_LOADED                               111
-# define AEPHK_R_OK                                       112
-# define AEPHK_R_RETURN_CONNECTION_FAILED                 113
-# define AEPHK_R_SETBNCALLBACK_FAILURE                    114
-# define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL              116
-# define AEPHK_R_UNIT_FAILURE                             115
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_atalla.c b/engines/e_atalla.c
deleted file mode 100644 (file)
index 211f29f..0000000
+++ /dev/null
@@ -1,621 +0,0 @@
-/* crypto/engine/hw_atalla.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_ATALLA
-
-#  ifdef FLAT_INC
-#   include "atalla.h"
-#  else
-#   include "vendor_defns/atalla.h"
-#  endif
-
-#  define ATALLA_LIB_NAME "atalla engine"
-#  include "e_atalla_err.c"
-
-static int atalla_destroy(ENGINE *e);
-static int atalla_init(ENGINE *e);
-static int atalla_finish(ENGINE *e);
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-/* BIGNUM stuff */
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                          const BIGNUM *m, BN_CTX *ctx);
-
-#  ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                              BN_CTX *ctx);
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                               const BIGNUM *m, BN_CTX *ctx,
-                               BN_MONT_CTX *m_ctx);
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-                              BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                              BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                              const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                              BN_MONT_CTX *m_ctx);
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
-                             const BIGNUM *a, const BIGNUM *p,
-                             const BIGNUM *m, BN_CTX *ctx,
-                             BN_MONT_CTX *m_ctx);
-#  endif
-
-/* The definitions for control commands specific to this engine */
-#  define ATALLA_CMD_SO_PATH              ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN atalla_cmd_defns[] = {
-    {ATALLA_CMD_SO_PATH,
-     "SO_PATH",
-     "Specifies the path to the 'atasi' shared library",
-     ENGINE_CMD_FLAG_STRING},
-    {0, NULL, NULL, 0}
-};
-
-#  ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD atalla_rsa = {
-    "Atalla RSA method",
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    atalla_rsa_mod_exp,
-    atalla_mod_exp_mont,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD atalla_dsa = {
-    "Atalla DSA method",
-    NULL,                       /* dsa_do_sign */
-    NULL,                       /* dsa_sign_setup */
-    NULL,                       /* dsa_do_verify */
-    atalla_dsa_mod_exp,         /* dsa_mod_exp */
-    atalla_mod_exp_dsa,         /* bn_mod_exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,                       /* app_data */
-    NULL,                       /* dsa_paramgen */
-    NULL                        /* dsa_keygen */
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD atalla_dh = {
-    "Atalla DH method",
-    NULL,
-    NULL,
-    atalla_mod_exp_dh,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL
-};
-#  endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_atalla_id = "atalla";
-static const char *engine_atalla_name = "Atalla hardware engine support";
-
-/*
- * This internal function is used by ENGINE_atalla() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-#  ifndef OPENSSL_NO_RSA
-    const RSA_METHOD *meth1;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    const DSA_METHOD *meth2;
-#  endif
-#  ifndef OPENSSL_NO_DH
-    const DH_METHOD *meth3;
-#  endif
-    if (!ENGINE_set_id(e, engine_atalla_id) ||
-        !ENGINE_set_name(e, engine_atalla_name) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_RSA(e, &atalla_rsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DSA
-        !ENGINE_set_DSA(e, &atalla_dsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DH
-        !ENGINE_set_DH(e, &atalla_dh) ||
-#  endif
-        !ENGINE_set_destroy_function(e, atalla_destroy) ||
-        !ENGINE_set_init_function(e, atalla_init) ||
-        !ENGINE_set_finish_function(e, atalla_finish) ||
-        !ENGINE_set_ctrl_function(e, atalla_ctrl) ||
-        !ENGINE_set_cmd_defns(e, atalla_cmd_defns))
-        return 0;
-
-#  ifndef OPENSSL_NO_RSA
-    /*
-     * We know that the "PKCS1_SSLeay()" functions hook properly to the
-     * atalla-specific mod_exp and mod_exp_crt so we use those functions. NB:
-     * We don't use ENGINE_openssl() or anything "more generic" because
-     * something like the RSAref code may not hook properly, and if you own
-     * one of these cards then you have the right to do RSA operations on it
-     * anyway!
-     */
-    meth1 = RSA_PKCS1_SSLeay();
-    atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-    atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-    atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-    atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-    /*
-     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
-     */
-    meth2 = DSA_OpenSSL();
-    atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
-    atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
-    atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-    /* Much the same for Diffie-Hellman */
-    meth3 = DH_OpenSSL();
-    atalla_dh.generate_key = meth3->generate_key;
-    atalla_dh.compute_key = meth3->compute_key;
-#  endif
-
-    /* Ensure the atalla error handling is set up */
-    ERR_load_ATALLA_strings();
-    return 1;
-}
-
-#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_atalla(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_helper(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_atalla(void)
-{
-    /* Copied from eng_[openssl|dyn].c */
-    ENGINE *toadd = engine_atalla();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    ENGINE_free(toadd);
-    ERR_clear_error();
-}
-#  endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * Atalla library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *atalla_dso = NULL;
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
-static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
-static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics =
-    NULL;
-
-/*
- * These are the static string constants for the DSO file name and the
- * function symbol names to bind to. Regrettably, the DSO name on *nix
- * appears to be "atasi.so" rather than something more consistent like
- * "libatasi.so". At the time of writing, I'm not sure what the file name on
- * win32 is but clearly native name translation is not possible (eg
- * libatasi.so on *nix, and atasi.dll on win32). For the purposes of testing,
- * I have created a symbollic link called "libatasi.so" so that we can use
- * native name-translation - a better solution will be needed.
- */
-static const char *ATALLA_LIBNAME = NULL;
-static const char *get_ATALLA_LIBNAME(void)
-{
-    if (ATALLA_LIBNAME)
-        return ATALLA_LIBNAME;
-    return "atasi";
-}
-
-static void free_ATALLA_LIBNAME(void)
-{
-    OPENSSL_free(ATALLA_LIBNAME);
-    ATALLA_LIBNAME = NULL;
-}
-
-static long set_ATALLA_LIBNAME(const char *name)
-{
-    free_ATALLA_LIBNAME();
-    return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
-static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
-static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
-
-/* Destructor (complements the "ENGINE_atalla()" constructor) */
-static int atalla_destroy(ENGINE *e)
-{
-    free_ATALLA_LIBNAME();
-    /*
-     * Unload the atalla error strings so any error state including our
-     * functs or reasons won't lead to a segfault (they simply get displayed
-     * without corresponding string data because none will be found).
-     */
-    ERR_unload_ATALLA_strings();
-    return 1;
-}
-
-/* (de)initialisation functions. */
-static int atalla_init(ENGINE *e)
-{
-    tfnASI_GetHardwareConfig *p1;
-    tfnASI_RSAPrivateKeyOpFn *p2;
-    tfnASI_GetPerformanceStatistics *p3;
-    /*
-     * Not sure of the origin of this magic value, but Ben's code had it and
-     * it seemed to have been working for a few people. :-)
-     */
-    unsigned int config_buf[1024];
-
-    if (atalla_dso != NULL) {
-        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_ALREADY_LOADED);
-        goto err;
-    }
-    /*
-     * Attempt to load libatasi.so/atasi.dll/whatever. Needs to be changed
-     * unfortunately because the Atalla drivers don't have standard library
-     * names that can be platform-translated well.
-     */
-    /*
-     * TODO: Work out how to actually map to the names the Atalla drivers
-     * really use - for now a symbollic link needs to be created on the host
-     * system from libatasi.so to atasi.so on unix variants.
-     */
-    atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
-    if (atalla_dso == NULL) {
-        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
-        goto err;
-    }
-#define BINDIT(t, name) (t *)DSO_bind_func(atalla_dso, name)
-    if ((p1 = BINDIT(tfnASI_GetHardwareConfig, ATALLA_F1)) == NULL
-        || (p2 = BINDIT(tfnASI_RSAPrivateKeyOpFn, ATALLA_F2)) == NULL
-        || (p3 = BINDIT(tfnASI_GetPerformanceStatistics, ATALLA_F3)) == NULL) {
-        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
-        goto err;
-    }
-    /* Copy the pointers */
-    p_Atalla_GetHardwareConfig = p1;
-    p_Atalla_RSAPrivateKeyOpFn = p2;
-    p_Atalla_GetPerformanceStatistics = p3;
-    /*
-     * Perform a basic test to see if there's actually any unit running.
-     */
-    if (p1(0L, config_buf) != 0) {
-        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_UNIT_FAILURE);
-        goto err;
-    }
-    /* Everything's fine. */
-    return 1;
- err:
-    DSO_free(atalla_dso);
-    atalla_dso = NULL;
-    p_Atalla_GetHardwareConfig = NULL;
-    p_Atalla_RSAPrivateKeyOpFn = NULL;
-    p_Atalla_GetPerformanceStatistics = NULL;
-    return 0;
-}
-
-static int atalla_finish(ENGINE *e)
-{
-    free_ATALLA_LIBNAME();
-    if (atalla_dso == NULL) {
-        ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_NOT_LOADED);
-        return 0;
-    }
-    if (!DSO_free(atalla_dso)) {
-        ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_UNIT_FAILURE);
-        return 0;
-    }
-    atalla_dso = NULL;
-    p_Atalla_GetHardwareConfig = NULL;
-    p_Atalla_RSAPrivateKeyOpFn = NULL;
-    p_Atalla_GetPerformanceStatistics = NULL;
-    return 1;
-}
-
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-    int initialised = ((atalla_dso == NULL) ? 0 : 1);
-    switch (cmd) {
-    case ATALLA_CMD_SO_PATH:
-        if (p == NULL) {
-            ATALLAerr(ATALLA_F_ATALLA_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-            return 0;
-        }
-        if (initialised) {
-            ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_ALREADY_LOADED);
-            return 0;
-        }
-        return set_ATALLA_LIBNAME((const char *)p);
-    default:
-        break;
-    }
-    ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                          const BIGNUM *m, BN_CTX *ctx)
-{
-    /*
-     * I need somewhere to store temporary serialised values for use with the
-     * Atalla API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX but
-     * access their arrays directly as byte arrays <grin>. This way I don't
-     * have to clean anything up.
-     */
-    BIGNUM *modulus;
-    BIGNUM *exponent;
-    BIGNUM *argument;
-    BIGNUM *result;
-    RSAPrivateKey keydata;
-    int to_return, numbytes;
-
-    modulus = exponent = argument = result = NULL;
-    to_return = 0;              /* expect failure */
-
-    if (!atalla_dso) {
-        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_NOT_LOADED);
-        goto err;
-    }
-    /* Prepare the params */
-    BN_CTX_start(ctx);
-    modulus = BN_CTX_get(ctx);
-    exponent = BN_CTX_get(ctx);
-    argument = BN_CTX_get(ctx);
-    result = BN_CTX_get(ctx);
-    if (!result) {
-        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_CTX_FULL);
-        goto err;
-    }
-    if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
-        !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) {
-        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    /* Prepare the key-data */
-    memset(&keydata, 0, sizeof(keydata));
-    numbytes = BN_num_bytes(m);
-    memset(exponent->d, 0, numbytes);
-    memset(modulus->d, 0, numbytes);
-    BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
-    BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
-    keydata.privateExponent.data = (unsigned char *)exponent->d;
-    keydata.privateExponent.len = numbytes;
-    keydata.modulus.data = (unsigned char *)modulus->d;
-    keydata.modulus.len = numbytes;
-    /* Prepare the argument */
-    memset(argument->d, 0, numbytes);
-    memset(result->d, 0, numbytes);
-    BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
-    /* Perform the operation */
-    if (p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
-                                   (unsigned char *)argument->d,
-                                   keydata.modulus.len) != 0) {
-        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_REQUEST_FAILED);
-        goto err;
-    }
-    /* Convert the response */
-    BN_bin2bn((unsigned char *)result->d, numbytes, r);
-    to_return = 1;
- err:
-    BN_CTX_end(ctx);
-    return to_return;
-}
-
-#  ifndef OPENSSL_NO_RSA
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                              BN_CTX *ctx)
-{
-    int to_return = 0;
-
-    if (!atalla_dso) {
-        ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP, ATALLA_R_NOT_LOADED);
-        goto err;
-    }
-    if (!rsa->d || !rsa->n) {
-        ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,
-                  ATALLA_R_MISSING_KEY_COMPONENTS);
-        goto err;
-    }
-    to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
- err:
-    return to_return;
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/*
- * This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
- * doesn't have a CRT form for RSA), this function means that an Atalla
- * system running with a DSA server certificate can handshake around 5 or 6
- * times faster/more than an equivalent system running with RSA. Just check
- * out the "signs" statistics from the RSA and DSA parts of "openssl speed
- * -engine atalla dsa1024 rsa1024".
- */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-                              BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                              BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    BIGNUM t;
-    int to_return = 0;
-
-    BN_init(&t);
-    /* let rr = a1 ^ p1 mod m */
-    if (!atalla_mod_exp(rr, a1, p1, m, ctx))
-        goto end;
-    /* let t = a2 ^ p2 mod m */
-    if (!atalla_mod_exp(&t, a2, p2, m, ctx))
-        goto end;
-    /* let rr = rr * t mod m */
-    if (!BN_mod_mul(rr, rr, &t, m, ctx))
-        goto end;
-    to_return = 1;
- end:
-    BN_free(&t);
-    return to_return;
-}
-
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                              const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                              BN_MONT_CTX *m_ctx)
-{
-    return atalla_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                               const BIGNUM *m, BN_CTX *ctx,
-                               BN_MONT_CTX *m_ctx)
-{
-    return atalla_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
-                             const BIGNUM *a, const BIGNUM *p,
-                             const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    return atalla_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_atalla_id) != 0))
-        return 0;
-    if (!bind_helper(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif                         /* !OPENSSL_NO_HW_ATALLA */
-#endif                          /* !OPENSSL_NO_HW */
diff --git a/engines/e_atalla.ec b/engines/e_atalla.ec
deleted file mode 100644 (file)
index 1d735e1..0000000
+++ /dev/null
@@ -1 +0,0 @@
-L ATALLA       e_atalla_err.h                  e_atalla_err.c
diff --git a/engines/e_atalla_err.c b/engines/e_atalla_err.c
deleted file mode 100644 (file)
index ff47322..0000000
+++ /dev/null
@@ -1,145 +0,0 @@
-/* e_atalla_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_atalla_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA ATALLA_str_functs[] = {
-    {ERR_FUNC(ATALLA_F_ATALLA_CTRL), "ATALLA_CTRL"},
-    {ERR_FUNC(ATALLA_F_ATALLA_FINISH), "ATALLA_FINISH"},
-    {ERR_FUNC(ATALLA_F_ATALLA_INIT), "ATALLA_INIT"},
-    {ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP), "ATALLA_MOD_EXP"},
-    {ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP), "ATALLA_RSA_MOD_EXP"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA ATALLA_str_reasons[] = {
-    {ERR_REASON(ATALLA_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(ATALLA_R_BN_CTX_FULL), "bn ctx full"},
-    {ERR_REASON(ATALLA_R_BN_EXPAND_FAIL), "bn expand fail"},
-    {ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED),
-     "ctrl command not implemented"},
-    {ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS), "missing key components"},
-    {ERR_REASON(ATALLA_R_NOT_LOADED), "not loaded"},
-    {ERR_REASON(ATALLA_R_REQUEST_FAILED), "request failed"},
-    {ERR_REASON(ATALLA_R_UNIT_FAILURE), "unit failure"},
-    {0, NULL}
-};
-
-#endif
-
-#ifdef ATALLA_LIB_NAME
-static ERR_STRING_DATA ATALLA_lib_name[] = {
-    {0, ATALLA_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int ATALLA_lib_error_code = 0;
-static int ATALLA_error_init = 1;
-
-static void ERR_load_ATALLA_strings(void)
-{
-    if (ATALLA_lib_error_code == 0)
-        ATALLA_lib_error_code = ERR_get_next_error_library();
-
-    if (ATALLA_error_init) {
-        ATALLA_error_init = 0;
-#ifndef OPENSSL_NO_ERR
-        ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_functs);
-        ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
-        ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code, 0, 0);
-        ERR_load_strings(0, ATALLA_lib_name);
-#endif
-    }
-}
-
-static void ERR_unload_ATALLA_strings(void)
-{
-    if (ATALLA_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_functs);
-        ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
-        ERR_unload_strings(0, ATALLA_lib_name);
-#endif
-        ATALLA_error_init = 1;
-    }
-}
-
-static void ERR_ATALLA_error(int function, int reason, char *file, int line)
-{
-    if (ATALLA_lib_error_code == 0)
-        ATALLA_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(ATALLA_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_atalla_err.h b/engines/e_atalla_err.h
deleted file mode 100644 (file)
index 7b71eff..0000000
+++ /dev/null
@@ -1,94 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ATALLA_ERR_H
-# define HEADER_ATALLA_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_ATALLA_strings(void);
-static void ERR_unload_ATALLA_strings(void);
-static void ERR_ATALLA_error(int function, int reason, char *file, int line);
-# define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the ATALLA functions. */
-
-/* Function codes. */
-# define ATALLA_F_ATALLA_CTRL                             100
-# define ATALLA_F_ATALLA_FINISH                           101
-# define ATALLA_F_ATALLA_INIT                             102
-# define ATALLA_F_ATALLA_MOD_EXP                          103
-# define ATALLA_F_ATALLA_RSA_MOD_EXP                      104
-
-/* Reason codes. */
-# define ATALLA_R_ALREADY_LOADED                          100
-# define ATALLA_R_BN_CTX_FULL                             101
-# define ATALLA_R_BN_EXPAND_FAIL                          102
-# define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
-# define ATALLA_R_MISSING_KEY_COMPONENTS                  104
-# define ATALLA_R_NOT_LOADED                              105
-# define ATALLA_R_REQUEST_FAILED                          106
-# define ATALLA_R_UNIT_FAILURE                            107
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_cswift.c b/engines/e_cswift.c
deleted file mode 100644 (file)
index 5553794..0000000
+++ /dev/null
@@ -1,1081 +0,0 @@
-/* crypto/engine/hw_cswift.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_CSWIFT
-
-/*
- * Attribution notice: Rainbow have generously allowed me to reproduce the
- * necessary definitions here from their API. This means the support can
- * build independently of whether application builders have the API or
- * hardware. This will allow developers to easily produce software that has
- * latent hardware support for any users that have accelerators installed,
- * without the developers themselves needing anything extra. I have only
- * clipped the parts from the CryptoSwift header files that are (or seem)
- * relevant to the CryptoSwift support code. This is simply to keep the file
- * sizes reasonable. [Geoff]
- */
-#  ifdef FLAT_INC
-#   include "cswift.h"
-#  else
-#   include "vendor_defns/cswift.h"
-#  endif
-
-#  define CSWIFT_LIB_NAME "cswift engine"
-#  include "e_cswift_err.c"
-
-#  define DECIMAL_SIZE(type)      ((sizeof(type)*8+2)/3+1)
-
-static int cswift_destroy(ENGINE *e);
-static int cswift_init(ENGINE *e);
-static int cswift_finish(ENGINE *e);
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-#  ifndef OPENSSL_NO_RSA
-static int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in);
-#  endif
-
-/* BIGNUM stuff */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                          const BIGNUM *m, BN_CTX *ctx);
-#  ifndef OPENSSL_NO_RSA
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *q, const BIGNUM *dmp1,
-                              const BIGNUM *dmq1, const BIGNUM *iqmp,
-                              BN_CTX *ctx);
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                              BN_CTX *ctx);
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                               const BIGNUM *m, BN_CTX *ctx,
-                               BN_MONT_CTX *m_ctx);
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen,
-                                DSA *dsa);
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
-                             DSA_SIG *sig, DSA *dsa);
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
-                             const BIGNUM *a, const BIGNUM *p,
-                             const BIGNUM *m, BN_CTX *ctx,
-                             BN_MONT_CTX *m_ctx);
-#  endif
-
-/* RAND stuff */
-static int cswift_rand_bytes(unsigned char *buf, int num);
-static int cswift_rand_status(void);
-
-/* The definitions for control commands specific to this engine */
-#  define CSWIFT_CMD_SO_PATH              ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
-    {CSWIFT_CMD_SO_PATH,
-     "SO_PATH",
-     "Specifies the path to the 'cswift' shared library",
-     ENGINE_CMD_FLAG_STRING},
-    {0, NULL, NULL, 0}
-};
-
-#  ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD cswift_rsa = {
-    "CryptoSwift RSA method",
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    cswift_rsa_mod_exp,
-    cswift_mod_exp_mont,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD cswift_dsa = {
-    "CryptoSwift DSA method",
-    cswift_dsa_sign,
-    NULL,                       /* dsa_sign_setup */
-    cswift_dsa_verify,
-    NULL,                       /* dsa_mod_exp */
-    NULL,                       /* bn_mod_exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,                       /* app_data */
-    NULL,                       /* dsa_paramgen */
-    NULL                        /* dsa_keygen */
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD cswift_dh = {
-    "CryptoSwift DH method",
-    NULL,
-    NULL,
-    cswift_mod_exp_dh,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL
-};
-#  endif
-
-static RAND_METHOD cswift_random = {
-    /* "CryptoSwift RAND method", */
-    NULL,
-    cswift_rand_bytes,
-    NULL,
-    NULL,
-    cswift_rand_bytes,
-    cswift_rand_status,
-};
-
-/* Constants used when creating the ENGINE */
-static const char *engine_cswift_id = "cswift";
-static const char *engine_cswift_name = "CryptoSwift hardware engine support";
-
-/*
- * This internal function is used by ENGINE_cswift() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-#  ifndef OPENSSL_NO_RSA
-    const RSA_METHOD *meth1;
-#  endif
-#  ifndef OPENSSL_NO_DH
-    const DH_METHOD *meth2;
-#  endif
-    if (!ENGINE_set_id(e, engine_cswift_id) ||
-        !ENGINE_set_name(e, engine_cswift_name) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_RSA(e, &cswift_rsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DSA
-        !ENGINE_set_DSA(e, &cswift_dsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DH
-        !ENGINE_set_DH(e, &cswift_dh) ||
-#  endif
-        !ENGINE_set_RAND(e, &cswift_random) ||
-        !ENGINE_set_destroy_function(e, cswift_destroy) ||
-        !ENGINE_set_init_function(e, cswift_init) ||
-        !ENGINE_set_finish_function(e, cswift_finish) ||
-        !ENGINE_set_ctrl_function(e, cswift_ctrl) ||
-        !ENGINE_set_cmd_defns(e, cswift_cmd_defns))
-        return 0;
-
-#  ifndef OPENSSL_NO_RSA
-    /*
-     * We know that the "PKCS1_SSLeay()" functions hook properly to the
-     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
-     * We don't use ENGINE_openssl() or anything "more generic" because
-     * something like the RSAref code may not hook properly, and if you own
-     * one of these cards then you have the right to do RSA operations on it
-     * anyway!
-     */
-    meth1 = RSA_PKCS1_SSLeay();
-    cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-    cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-    cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-    cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-    /* Much the same for Diffie-Hellman */
-    meth2 = DH_OpenSSL();
-    cswift_dh.generate_key = meth2->generate_key;
-    cswift_dh.compute_key = meth2->compute_key;
-#  endif
-
-    /* Ensure the cswift error handling is set up */
-    ERR_load_CSWIFT_strings();
-    return 1;
-}
-
-#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_cswift(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_helper(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_cswift(void)
-{
-    /* Copied from eng_[openssl|dyn].c */
-    ENGINE *toadd = engine_cswift();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    ENGINE_free(toadd);
-    ERR_clear_error();
-}
-#  endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * CryptoSwift library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *cswift_dso = NULL;
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL;
-t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL;
-t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
-t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
-
-/* Used in the DSO operations. */
-static const char *CSWIFT_LIBNAME = NULL;
-static const char *get_CSWIFT_LIBNAME(void)
-{
-    if (CSWIFT_LIBNAME)
-        return CSWIFT_LIBNAME;
-    return "swift";
-}
-
-static void free_CSWIFT_LIBNAME(void)
-{
-    OPENSSL_free(CSWIFT_LIBNAME);
-    CSWIFT_LIBNAME = NULL;
-}
-
-static long set_CSWIFT_LIBNAME(const char *name)
-{
-    free_CSWIFT_LIBNAME();
-    return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *CSWIFT_F1 = "swAcquireAccContext";
-static const char *CSWIFT_F2 = "swAttachKeyParam";
-static const char *CSWIFT_F3 = "swSimpleRequest";
-static const char *CSWIFT_F4 = "swReleaseAccContext";
-
-/*
- * CryptoSwift library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no error
- * checking, take a look lower down where these functions are called, the
- * checking and error handling is probably down there.
- */
-
-/* utility function to obtain a context */
-static int get_context(SW_CONTEXT_HANDLE *hac)
-{
-    SW_STATUS status;
-
-    status = p_CSwift_AcquireAccContext(hac);
-    if (status != SW_OK)
-        return 0;
-    return 1;
-}
-
-/* similarly to release one. */
-static void release_context(SW_CONTEXT_HANDLE hac)
-{
-    p_CSwift_ReleaseAccContext(hac);
-}
-
-/* Destructor (complements the "ENGINE_cswift()" constructor) */
-static int cswift_destroy(ENGINE *e)
-{
-    free_CSWIFT_LIBNAME();
-    ERR_unload_CSWIFT_strings();
-    return 1;
-}
-
-/* (de)initialisation functions. */
-static int cswift_init(ENGINE *e)
-{
-    SW_CONTEXT_HANDLE hac;
-    t_swAcquireAccContext *p1;
-    t_swAttachKeyParam *p2;
-    t_swSimpleRequest *p3;
-    t_swReleaseAccContext *p4;
-
-    if (cswift_dso != NULL) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_ALREADY_LOADED);
-        goto err;
-    }
-    /* Attempt to load libswift.so/swift.dll/whatever. */
-    cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
-    if (cswift_dso == NULL) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED);
-        goto err;
-    }
-
-#define BINDIT(t, name) (t *)DSO_bind_func(cswift_dso, name)
-    if ((p1 = BINDIT(t_swAcquireAccContext, CSWIFT_F1)) == NULL
-        || (p2 = BINDIT(t_swAttachKeyParam, CSWIFT_F2)) == NULL
-        || (p3 = BINDIT(t_swSimpleRequest *) DSO_bind_func(cswift_dso, CSWIFT_F3)) == NULL
-        || (p4 = BINDIT(t_swReleaseAccContext *) DSO_bind_func(cswift_dso, CSWIFT_F4)) == NULL) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED);
-        goto err;
-    }
-    /* Copy the pointers */
-    p_CSwift_AcquireAccContext = p1;
-    p_CSwift_AttachKeyParam = p2;
-    p_CSwift_SimpleRequest = p3;
-    p_CSwift_ReleaseAccContext = p4;
-    /*
-     * Try and get a context - if not, we may have a DSO but no accelerator!
-     */
-    if (!get_context(&hac)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_UNIT_FAILURE);
-        goto err;
-    }
-    release_context(hac);
-    /* Everything's fine. */
-    return 1;
- err:
-    DSO_free(cswift_dso);
-    cswift_dso = NULL;
-    p_CSwift_AcquireAccContext = NULL;
-    p_CSwift_AttachKeyParam = NULL;
-    p_CSwift_SimpleRequest = NULL;
-    p_CSwift_ReleaseAccContext = NULL;
-    return 0;
-}
-
-static int cswift_finish(ENGINE *e)
-{
-    free_CSWIFT_LIBNAME();
-    if (cswift_dso == NULL) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_NOT_LOADED);
-        return 0;
-    }
-    if (!DSO_free(cswift_dso)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_UNIT_FAILURE);
-        return 0;
-    }
-    cswift_dso = NULL;
-    p_CSwift_AcquireAccContext = NULL;
-    p_CSwift_AttachKeyParam = NULL;
-    p_CSwift_SimpleRequest = NULL;
-    p_CSwift_ReleaseAccContext = NULL;
-    return 1;
-}
-
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-    int initialised = ((cswift_dso == NULL) ? 0 : 1);
-    switch (cmd) {
-    case CSWIFT_CMD_SO_PATH:
-        if (p == NULL) {
-            CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-            return 0;
-        }
-        if (initialised) {
-            CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_ALREADY_LOADED);
-            return 0;
-        }
-        return set_CSWIFT_LIBNAME((const char *)p);
-    default:
-        break;
-    }
-    CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-    return 0;
-}
-
-/* Un petit mod_exp */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                          const BIGNUM *m, BN_CTX *ctx)
-{
-    /*
-     * I need somewhere to store temporary serialised values for use with the
-     * CryptoSwift API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX
-     * but access their arrays directly as byte arrays <grin>. This way I
-     * don't have to clean anything up.
-     */
-    BIGNUM *modulus;
-    BIGNUM *exponent;
-    BIGNUM *argument;
-    BIGNUM *result;
-    SW_STATUS sw_status;
-    SW_LARGENUMBER arg, res;
-    SW_PARAM sw_param;
-    SW_CONTEXT_HANDLE hac;
-    int to_return, acquired;
-
-    modulus = exponent = argument = result = NULL;
-    to_return = 0;              /* expect failure */
-    acquired = 0;
-
-    if (!get_context(&hac)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_UNIT_FAILURE);
-        goto err;
-    }
-    acquired = 1;
-    /* Prepare the params */
-    BN_CTX_start(ctx);
-    modulus = BN_CTX_get(ctx);
-    exponent = BN_CTX_get(ctx);
-    argument = BN_CTX_get(ctx);
-    result = BN_CTX_get(ctx);
-    if (!result) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_CTX_FULL);
-        goto err;
-    }
-    if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
-        !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    sw_param.type = SW_ALG_EXP;
-    sw_param.up.exp.modulus.nbytes = BN_bn2bin(m,
-                                               (unsigned char *)modulus->d);
-    sw_param.up.exp.modulus.value = (unsigned char *)modulus->d;
-    sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
-                                                (unsigned char *)exponent->d);
-    sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
-    /* Attach the key params */
-    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-    switch (sw_status) {
-    case SW_OK:
-        break;
-    case SW_ERR_INPUT_SIZE:
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BAD_KEY_SIZE);
-        goto err;
-    default:
-        {
-            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-            CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED);
-            sprintf(tmpbuf, "%ld", sw_status);
-            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        }
-        goto err;
-    }
-    /* Prepare the argument and response */
-    arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
-    arg.value = (unsigned char *)argument->d;
-    res.nbytes = BN_num_bytes(m);
-    memset(result->d, 0, res.nbytes);
-    res.value = (unsigned char *)result->d;
-    /* Perform the operation */
-    if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
-                                            &res, 1)) != SW_OK) {
-        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED);
-        sprintf(tmpbuf, "%ld", sw_status);
-        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        goto err;
-    }
-    /* Convert the response */
-    BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
-    to_return = 1;
- err:
-    if (acquired)
-        release_context(hac);
-    BN_CTX_end(ctx);
-    return to_return;
-}
-
-#  ifndef OPENSSL_NO_RSA
-int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in)
-{
-    int mod;
-    int numbytes = BN_num_bytes(in);
-
-    mod = 0;
-    while (((out->nbytes = (numbytes + mod)) % 32)) {
-        mod++;
-    }
-    out->value = OPENSSL_malloc(out->nbytes);
-    if (!out->value) {
-        return 0;
-    }
-    BN_bn2bin(in, &out->value[mod]);
-    if (mod)
-        memset(out->value, 0, mod);
-
-    return 1;
-}
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-/* Un petit mod_exp chinois */
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *q, const BIGNUM *dmp1,
-                              const BIGNUM *dmq1, const BIGNUM *iqmp,
-                              BN_CTX *ctx)
-{
-    SW_STATUS sw_status;
-    SW_LARGENUMBER arg, res;
-    SW_PARAM sw_param;
-    SW_CONTEXT_HANDLE hac;
-    BIGNUM *result = NULL;
-    BIGNUM *argument = NULL;
-    int to_return = 0;          /* expect failure */
-    int acquired = 0;
-
-    sw_param.up.crt.p.value = NULL;
-    sw_param.up.crt.q.value = NULL;
-    sw_param.up.crt.dmp1.value = NULL;
-    sw_param.up.crt.dmq1.value = NULL;
-    sw_param.up.crt.iqmp.value = NULL;
-
-    if (!get_context(&hac)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_UNIT_FAILURE);
-        goto err;
-    }
-    acquired = 1;
-
-    /* Prepare the params */
-    argument = BN_new();
-    result = BN_new();
-    if (!result || !argument) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_CTX_FULL);
-        goto err;
-    }
-
-    sw_param.type = SW_ALG_CRT;
-        /************************************************************************/
-    /*
-     * 04/02/2003
-     */
-    /*
-     * Modified by Frederic Giudicelli (deny-all.com) to overcome the
-     */
-    /*
-     * limitation of cswift with values not a multiple of 32
-     */
-        /************************************************************************/
-    if (!cswift_bn_32copy(&sw_param.up.crt.p, p)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    if (!cswift_bn_32copy(&sw_param.up.crt.q, q)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    if (!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    if (!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    if (!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    if (!bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-
-    /* Attach the key params */
-    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-    switch (sw_status) {
-    case SW_OK:
-        break;
-    case SW_ERR_INPUT_SIZE:
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BAD_KEY_SIZE);
-        goto err;
-    default:
-        {
-            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-            CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED);
-            sprintf(tmpbuf, "%ld", sw_status);
-            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        }
-        goto err;
-    }
-    /* Prepare the argument and response */
-    arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
-    arg.value = (unsigned char *)argument->d;
-    res.nbytes = 2 * BN_num_bytes(p);
-    memset(result->d, 0, res.nbytes);
-    res.value = (unsigned char *)result->d;
-    /* Perform the operation */
-    if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
-                                            &res, 1)) != SW_OK) {
-        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED);
-        sprintf(tmpbuf, "%ld", sw_status);
-        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        goto err;
-    }
-    /* Convert the response */
-    BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
-    to_return = 1;
- err:
-    OPENSSL_free(sw_param.up.crt.p.value);
-    OPENSSL_free(sw_param.up.crt.q.value);
-    OPENSSL_free(sw_param.up.crt.dmp1.value);
-    OPENSSL_free(sw_param.up.crt.dmq1.value);
-    OPENSSL_free(sw_param.up.crt.iqmp.value);
-    BN_free(result);
-    BN_free(argument);
-    if (acquired)
-        release_context(hac);
-    return to_return;
-}
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                              BN_CTX *ctx)
-{
-    int to_return = 0;
-    const RSA_METHOD *def_rsa_method;
-
-    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,
-                  CSWIFT_R_MISSING_KEY_COMPONENTS);
-        goto err;
-    }
-
-    /* Try the limits of RSA (2048 bits) */
-    if (BN_num_bytes(rsa->p) > 128 ||
-        BN_num_bytes(rsa->q) > 128 ||
-        BN_num_bytes(rsa->dmp1) > 128 ||
-        BN_num_bytes(rsa->dmq1) > 128 || BN_num_bytes(rsa->iqmp) > 128) {
-#   ifdef RSA_NULL
-        def_rsa_method = RSA_null_method();
-#   else
-        def_rsa_method = RSA_PKCS1_SSLeay();
-#   endif
-        if (def_rsa_method)
-            return def_rsa_method->rsa_mod_exp(r0, I, rsa, ctx);
-    }
-
-    to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
-                                   rsa->dmq1, rsa->iqmp, ctx);
- err:
-    return to_return;
-}
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                               const BIGNUM *m, BN_CTX *ctx,
-                               BN_MONT_CTX *m_ctx)
-{
-    const RSA_METHOD *def_rsa_method;
-
-    /* Try the limits of RSA (2048 bits) */
-    if (BN_num_bytes(r) > 256 ||
-        BN_num_bytes(a) > 256 || BN_num_bytes(m) > 256) {
-#   ifdef RSA_NULL
-        def_rsa_method = RSA_null_method();
-#   else
-        def_rsa_method = RSA_PKCS1_SSLeay();
-#   endif
-        if (def_rsa_method)
-            return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
-    }
-
-    return cswift_mod_exp(r, a, p, m, ctx);
-}
-#  endif                        /* OPENSSL_NO_RSA */
-
-#  ifndef OPENSSL_NO_DSA
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
-    SW_CONTEXT_HANDLE hac;
-    SW_PARAM sw_param;
-    SW_STATUS sw_status;
-    SW_LARGENUMBER arg, res;
-    BN_CTX *ctx;
-    BIGNUM *dsa_p = NULL;
-    BIGNUM *dsa_q = NULL;
-    BIGNUM *dsa_g = NULL;
-    BIGNUM *dsa_key = NULL;
-    BIGNUM *result = NULL;
-    DSA_SIG *to_return = NULL;
-    int acquired = 0;
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    if (!get_context(&hac)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_UNIT_FAILURE);
-        goto err;
-    }
-    acquired = 1;
-    /* Prepare the params */
-    BN_CTX_start(ctx);
-    dsa_p = BN_CTX_get(ctx);
-    dsa_q = BN_CTX_get(ctx);
-    dsa_g = BN_CTX_get(ctx);
-    dsa_key = BN_CTX_get(ctx);
-    result = BN_CTX_get(ctx);
-    if (!result) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_CTX_FULL);
-        goto err;
-    }
-    if (!bn_wexpand(dsa_p, dsa->p->top) ||
-        !bn_wexpand(dsa_q, dsa->q->top) ||
-        !bn_wexpand(dsa_g, dsa->g->top) ||
-        !bn_wexpand(dsa_key, dsa->priv_key->top) ||
-        !bn_wexpand(result, dsa->p->top)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    sw_param.type = SW_ALG_DSA;
-    sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d);
-    sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
-    sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d);
-    sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
-    sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d);
-    sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
-    sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
-                                           (unsigned char *)dsa_key->d);
-    sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
-    /* Attach the key params */
-    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-    switch (sw_status) {
-    case SW_OK:
-        break;
-    case SW_ERR_INPUT_SIZE:
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BAD_KEY_SIZE);
-        goto err;
-    default:
-        {
-            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-            CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED);
-            sprintf(tmpbuf, "%ld", sw_status);
-            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        }
-        goto err;
-    }
-    /* Prepare the argument and response */
-    arg.nbytes = dlen;
-    arg.value = (unsigned char *)dgst;
-    res.nbytes = BN_num_bytes(dsa->p);
-    memset(result->d, 0, res.nbytes);
-    res.value = (unsigned char *)result->d;
-    /* Perform the operation */
-    sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
-                                       &res, 1);
-    if (sw_status != SW_OK) {
-        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED);
-        sprintf(tmpbuf, "%ld", sw_status);
-        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        goto err;
-    }
-    /* Convert the response */
-    if ((to_return = DSA_SIG_new()) == NULL)
-        goto err;
-    to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
-    to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL);
-
- err:
-    if (acquired)
-        release_context(hac);
-    if (ctx)
-        BN_CTX_end(ctx);
-    BN_CTX_free(ctx);
-    return to_return;
-}
-
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
-                             DSA_SIG *sig, DSA *dsa)
-{
-    SW_CONTEXT_HANDLE hac;
-    SW_PARAM sw_param;
-    SW_STATUS sw_status;
-    SW_LARGENUMBER arg[2], res;
-    unsigned long sig_result;
-    BN_CTX *ctx;
-    BIGNUM *dsa_p = NULL;
-    BIGNUM *dsa_q = NULL;
-    BIGNUM *dsa_g = NULL;
-    BIGNUM *dsa_key = NULL;
-    BIGNUM *argument = NULL;
-    int to_return = -1;
-    int acquired = 0;
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    if (!get_context(&hac)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_UNIT_FAILURE);
-        goto err;
-    }
-    acquired = 1;
-    /* Prepare the params */
-    BN_CTX_start(ctx);
-    dsa_p = BN_CTX_get(ctx);
-    dsa_q = BN_CTX_get(ctx);
-    dsa_g = BN_CTX_get(ctx);
-    dsa_key = BN_CTX_get(ctx);
-    argument = BN_CTX_get(ctx);
-    if (!argument) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_CTX_FULL);
-        goto err;
-    }
-    if (!bn_wexpand(dsa_p, dsa->p->top) ||
-        !bn_wexpand(dsa_q, dsa->q->top) ||
-        !bn_wexpand(dsa_g, dsa->g->top) ||
-        !bn_wexpand(dsa_key, dsa->pub_key->top) ||
-        !bn_wexpand(argument, 40)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_EXPAND_FAIL);
-        goto err;
-    }
-    sw_param.type = SW_ALG_DSA;
-    sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d);
-    sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
-    sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d);
-    sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
-    sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d);
-    sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
-    sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
-                                           (unsigned char *)dsa_key->d);
-    sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
-    /* Attach the key params */
-    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
-    switch (sw_status) {
-    case SW_OK:
-        break;
-    case SW_ERR_INPUT_SIZE:
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BAD_KEY_SIZE);
-        goto err;
-    default:
-        {
-            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-            CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED);
-            sprintf(tmpbuf, "%ld", sw_status);
-            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        }
-        goto err;
-    }
-    /* Prepare the argument and response */
-    arg[0].nbytes = dgst_len;
-    arg[0].value = (unsigned char *)dgst;
-    arg[1].nbytes = 40;
-    arg[1].value = (unsigned char *)argument->d;
-    memset(arg[1].value, 0, 40);
-    BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r));
-    BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
-    res.nbytes = 4;             /* unsigned long */
-    res.value = (unsigned char *)(&sig_result);
-    /* Perform the operation */
-    sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
-                                       &res, 1);
-    if (sw_status != SW_OK) {
-        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
-        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED);
-        sprintf(tmpbuf, "%ld", sw_status);
-        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-        goto err;
-    }
-    /* Convert the response */
-    to_return = ((sig_result == 0) ? 0 : 1);
-
- err:
-    if (acquired)
-        release_context(hac);
-    if (ctx)
-        BN_CTX_end(ctx);
-    BN_CTX_free(ctx);
-    return to_return;
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
-                             const BIGNUM *a, const BIGNUM *p,
-                             const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    return cswift_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-/* Random bytes are good */
-static int cswift_rand_bytes(unsigned char *buf, int num)
-{
-    SW_CONTEXT_HANDLE hac;
-    SW_STATUS swrc;
-    SW_LARGENUMBER largenum;
-    int acquired = 0;
-    int to_return = 0;          /* assume failure */
-    unsigned char buf32[1024];
-
-    if (!get_context(&hac)) {
-        CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_UNIT_FAILURE);
-        goto err;
-    }
-    acquired = 1;
-
-        /************************************************************************/
-    /*
-     * 04/02/2003
-     */
-    /*
-     * Modified by Frederic Giudicelli (deny-all.com) to overcome the
-     */
-    /*
-     * limitation of cswift with values not a multiple of 32
-     */
-        /************************************************************************/
-
-    while (num >= (int)sizeof(buf32)) {
-        largenum.value = buf;
-        largenum.nbytes = sizeof(buf32);
-        /*-
-         * tell CryptoSwift how many bytes we want and where we want it.
-         * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
-         *       - CryptoSwift can only do multiple of 32-bits.
-         */
-        swrc =
-            p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
-        if (swrc != SW_OK) {
-            char tmpbuf[20];
-            CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
-            sprintf(tmpbuf, "%ld", swrc);
-            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-            goto err;
-        }
-        buf += sizeof(buf32);
-        num -= sizeof(buf32);
-    }
-    if (num) {
-        largenum.nbytes = sizeof(buf32);
-        largenum.value = buf32;
-        swrc =
-            p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
-        if (swrc != SW_OK) {
-            char tmpbuf[20];
-            CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
-            sprintf(tmpbuf, "%ld", swrc);
-            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
-            goto err;
-        }
-        memcpy(buf, largenum.value, num);
-    }
-
-    to_return = 1;              /* success */
- err:
-    if (acquired)
-        release_context(hac);
-
-    return to_return;
-}
-
-static int cswift_rand_status(void)
-{
-    return 1;
-}
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_cswift_id) != 0))
-        return 0;
-    if (!bind_helper(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif                         /* !OPENSSL_NO_HW_CSWIFT */
-#endif                          /* !OPENSSL_NO_HW */
diff --git a/engines/e_cswift.ec b/engines/e_cswift.ec
deleted file mode 100644 (file)
index a7f9d11..0000000
+++ /dev/null
@@ -1 +0,0 @@
-L CSWIFT       e_cswift_err.h                  e_cswift_err.c
diff --git a/engines/e_cswift_err.c b/engines/e_cswift_err.c
deleted file mode 100644 (file)
index f8a2cbb..0000000
+++ /dev/null
@@ -1,150 +0,0 @@
-/* e_cswift_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_cswift_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA CSWIFT_str_functs[] = {
-    {ERR_FUNC(CSWIFT_F_CSWIFT_CTRL), "CSWIFT_CTRL"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_SIGN), "CSWIFT_DSA_SIGN"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_VERIFY), "CSWIFT_DSA_VERIFY"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_FINISH), "CSWIFT_FINISH"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_INIT), "CSWIFT_INIT"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP), "CSWIFT_MOD_EXP"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP_CRT), "CSWIFT_MOD_EXP_CRT"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_RAND_BYTES), "CSWIFT_RAND_BYTES"},
-    {ERR_FUNC(CSWIFT_F_CSWIFT_RSA_MOD_EXP), "CSWIFT_RSA_MOD_EXP"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA CSWIFT_str_reasons[] = {
-    {ERR_REASON(CSWIFT_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(CSWIFT_R_BAD_KEY_SIZE), "bad key size"},
-    {ERR_REASON(CSWIFT_R_BN_CTX_FULL), "bn ctx full"},
-    {ERR_REASON(CSWIFT_R_BN_EXPAND_FAIL), "bn expand fail"},
-    {ERR_REASON(CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED),
-     "ctrl command not implemented"},
-    {ERR_REASON(CSWIFT_R_MISSING_KEY_COMPONENTS), "missing key components"},
-    {ERR_REASON(CSWIFT_R_NOT_LOADED), "not loaded"},
-    {ERR_REASON(CSWIFT_R_REQUEST_FAILED), "request failed"},
-    {ERR_REASON(CSWIFT_R_UNIT_FAILURE), "unit failure"},
-    {0, NULL}
-};
-
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-static ERR_STRING_DATA CSWIFT_lib_name[] = {
-    {0, CSWIFT_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int CSWIFT_lib_error_code = 0;
-static int CSWIFT_error_init = 1;
-
-static void ERR_load_CSWIFT_strings(void)
-{
-    if (CSWIFT_lib_error_code == 0)
-        CSWIFT_lib_error_code = ERR_get_next_error_library();
-
-    if (CSWIFT_error_init) {
-        CSWIFT_error_init = 0;
-#ifndef OPENSSL_NO_ERR
-        ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
-        ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-        CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code, 0, 0);
-        ERR_load_strings(0, CSWIFT_lib_name);
-#endif
-    }
-}
-
-static void ERR_unload_CSWIFT_strings(void)
-{
-    if (CSWIFT_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
-        ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-        ERR_unload_strings(0, CSWIFT_lib_name);
-#endif
-        CSWIFT_error_init = 1;
-    }
-}
-
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
-{
-    if (CSWIFT_lib_error_code == 0)
-        CSWIFT_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(CSWIFT_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_cswift_err.h b/engines/e_cswift_err.h
deleted file mode 100644 (file)
index fde3a82..0000000
+++ /dev/null
@@ -1,99 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CSWIFT_ERR_H
-# define HEADER_CSWIFT_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CSWIFT_strings(void);
-static void ERR_unload_CSWIFT_strings(void);
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
-# define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CSWIFT functions. */
-
-/* Function codes. */
-# define CSWIFT_F_CSWIFT_CTRL                             100
-# define CSWIFT_F_CSWIFT_DSA_SIGN                         101
-# define CSWIFT_F_CSWIFT_DSA_VERIFY                       102
-# define CSWIFT_F_CSWIFT_FINISH                           103
-# define CSWIFT_F_CSWIFT_INIT                             104
-# define CSWIFT_F_CSWIFT_MOD_EXP                          105
-# define CSWIFT_F_CSWIFT_MOD_EXP_CRT                      106
-# define CSWIFT_F_CSWIFT_RAND_BYTES                       108
-# define CSWIFT_F_CSWIFT_RSA_MOD_EXP                      107
-
-/* Reason codes. */
-# define CSWIFT_R_ALREADY_LOADED                          100
-# define CSWIFT_R_BAD_KEY_SIZE                            101
-# define CSWIFT_R_BN_CTX_FULL                             102
-# define CSWIFT_R_BN_EXPAND_FAIL                          103
-# define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED            104
-# define CSWIFT_R_MISSING_KEY_COMPONENTS                  105
-# define CSWIFT_R_NOT_LOADED                              106
-# define CSWIFT_R_REQUEST_FAILED                          107
-# define CSWIFT_R_UNIT_FAILURE                            108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_nuron.c b/engines/e_nuron.c
deleted file mode 100644 (file)
index 01229b0..0000000
+++ /dev/null
@@ -1,435 +0,0 @@
-/* crypto/engine/hw_nuron.c */
-/*
- * Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
- * Thorpe's Atalla implementation.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_NURON
-
-#  define NURON_LIB_NAME "nuron engine"
-#  include "e_nuron_err.c"
-
-static const char *NURON_LIBNAME = NULL;
-static const char *get_NURON_LIBNAME(void)
-{
-    if (NURON_LIBNAME)
-        return NURON_LIBNAME;
-    return "nuronssl";
-}
-
-static void free_NURON_LIBNAME(void)
-{
-    OPENSSL_free(NURON_LIBNAME);
-    NURON_LIBNAME = NULL;
-}
-
-static long set_NURON_LIBNAME(const char *name)
-{
-    free_NURON_LIBNAME();
-    return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
-}
-
-static const char *NURON_F1 = "nuron_mod_exp";
-
-/* The definitions for control commands specific to this engine */
-#  define NURON_CMD_SO_PATH               ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
-    {NURON_CMD_SO_PATH,
-     "SO_PATH",
-     "Specifies the path to the 'nuronssl' shared library",
-     ENGINE_CMD_FLAG_STRING},
-    {0, NULL, NULL, 0}
-};
-
-typedef int tfnModExp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                      const BIGNUM *m);
-static tfnModExp *pfnModExp = NULL;
-
-static DSO *pvDSOHandle = NULL;
-
-static int nuron_destroy(ENGINE *e)
-{
-    free_NURON_LIBNAME();
-    ERR_unload_NURON_strings();
-    return 1;
-}
-
-static int nuron_init(ENGINE *e)
-{
-    if (pvDSOHandle != NULL) {
-        NURONerr(NURON_F_NURON_INIT, NURON_R_ALREADY_LOADED);
-        return 0;
-    }
-
-    pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
-                           DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
-    if (!pvDSOHandle) {
-        NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_NOT_FOUND);
-        return 0;
-    }
-
-    pfnModExp = (tfnModExp *) DSO_bind_func(pvDSOHandle, NURON_F1);
-    if (!pfnModExp) {
-        NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_FUNCTION_NOT_FOUND);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int nuron_finish(ENGINE *e)
-{
-    free_NURON_LIBNAME();
-    if (pvDSOHandle == NULL) {
-        NURONerr(NURON_F_NURON_FINISH, NURON_R_NOT_LOADED);
-        return 0;
-    }
-    if (!DSO_free(pvDSOHandle)) {
-        NURONerr(NURON_F_NURON_FINISH, NURON_R_DSO_FAILURE);
-        return 0;
-    }
-    pvDSOHandle = NULL;
-    pfnModExp = NULL;
-    return 1;
-}
-
-static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-    int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
-    switch (cmd) {
-    case NURON_CMD_SO_PATH:
-        if (p == NULL) {
-            NURONerr(NURON_F_NURON_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-            return 0;
-        }
-        if (initialised) {
-            NURONerr(NURON_F_NURON_CTRL, NURON_R_ALREADY_LOADED);
-            return 0;
-        }
-        return set_NURON_LIBNAME((const char *)p);
-    default:
-        break;
-    }
-    NURONerr(NURON_F_NURON_CTRL, NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static int nuron_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx)
-{
-    if (!pvDSOHandle) {
-        NURONerr(NURON_F_NURON_MOD_EXP, NURON_R_NOT_LOADED);
-        return 0;
-    }
-    return pfnModExp(r, a, p, m);
-}
-
-#  ifndef OPENSSL_NO_RSA
-static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                             BN_CTX *ctx)
-{
-    return nuron_mod_exp(r0, I, rsa->d, rsa->n, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/*
- * This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
- * doesn't have a CRT form for RSA), this function means that an Atalla
- * system running with a DSA server certificate can handshake around 5 or 6
- * times faster/more than an equivalent system running with RSA. Just check
- * out the "signs" statistics from the RSA and DSA parts of "openssl speed
- * -engine atalla dsa1024 rsa1024".
- */
-static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                             BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    BIGNUM t;
-    int to_return = 0;
-
-    BN_init(&t);
-    /* let rr = a1 ^ p1 mod m */
-    if (!nuron_mod_exp(rr, a1, p1, m, ctx))
-        goto end;
-    /* let t = a2 ^ p2 mod m */
-    if (!nuron_mod_exp(&t, a2, p2, m, ctx))
-        goto end;
-    /* let rr = rr * t mod m */
-    if (!BN_mod_mul(rr, rr, &t, m, ctx))
-        goto end;
-    to_return = 1;
- end:
-    BN_free(&t);
-    return to_return;
-}
-
-static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                             BN_MONT_CTX *m_ctx)
-{
-    return nuron_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-#  ifndef OPENSSL_NO_RSA
-static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *m, BN_CTX *ctx,
-                              BN_MONT_CTX *m_ctx)
-{
-    return nuron_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
-                            const BIGNUM *a, const BIGNUM *p,
-                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    return nuron_mod_exp(r, a, p, m, ctx);
-}
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-static RSA_METHOD nuron_rsa = {
-    "Nuron RSA method",
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    nuron_rsa_mod_exp,
-    nuron_mod_exp_mont,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-static DSA_METHOD nuron_dsa = {
-    "Nuron DSA method",
-    NULL,                       /* dsa_do_sign */
-    NULL,                       /* dsa_sign_setup */
-    NULL,                       /* dsa_do_verify */
-    nuron_dsa_mod_exp,          /* dsa_mod_exp */
-    nuron_mod_exp_dsa,          /* bn_mod_exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,                       /* app_data */
-    NULL,                       /* dsa_paramgen */
-    NULL                        /* dsa_keygen */
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-static DH_METHOD nuron_dh = {
-    "Nuron DH method",
-    NULL,
-    NULL,
-    nuron_mod_exp_dh,
-    NULL,
-    NULL,
-    0,
-    NULL,
-    NULL
-};
-#  endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_nuron_id = "nuron";
-static const char *engine_nuron_name = "Nuron hardware engine support";
-
-/*
- * This internal function is used by ENGINE_nuron() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-#  ifndef OPENSSL_NO_RSA
-    const RSA_METHOD *meth1;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    const DSA_METHOD *meth2;
-#  endif
-#  ifndef OPENSSL_NO_DH
-    const DH_METHOD *meth3;
-#  endif
-    if (!ENGINE_set_id(e, engine_nuron_id) ||
-        !ENGINE_set_name(e, engine_nuron_name) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_RSA(e, &nuron_rsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DSA
-        !ENGINE_set_DSA(e, &nuron_dsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DH
-        !ENGINE_set_DH(e, &nuron_dh) ||
-#  endif
-        !ENGINE_set_destroy_function(e, nuron_destroy) ||
-        !ENGINE_set_init_function(e, nuron_init) ||
-        !ENGINE_set_finish_function(e, nuron_finish) ||
-        !ENGINE_set_ctrl_function(e, nuron_ctrl) ||
-        !ENGINE_set_cmd_defns(e, nuron_cmd_defns))
-        return 0;
-
-#  ifndef OPENSSL_NO_RSA
-    /*
-     * We know that the "PKCS1_SSLeay()" functions hook properly to the
-     * nuron-specific mod_exp and mod_exp_crt so we use those functions. NB:
-     * We don't use ENGINE_openssl() or anything "more generic" because
-     * something like the RSAref code may not hook properly, and if you own
-     * one of these cards then you have the right to do RSA operations on it
-     * anyway!
-     */
-    meth1 = RSA_PKCS1_SSLeay();
-    nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-    nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-    nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
-    nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-    /*
-     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
-     */
-    meth2 = DSA_OpenSSL();
-    nuron_dsa.dsa_do_sign = meth2->dsa_do_sign;
-    nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
-    nuron_dsa.dsa_do_verify = meth2->dsa_do_verify;
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-    /* Much the same for Diffie-Hellman */
-    meth3 = DH_OpenSSL();
-    nuron_dh.generate_key = meth3->generate_key;
-    nuron_dh.compute_key = meth3->compute_key;
-#  endif
-
-    /* Ensure the nuron error handling is set up */
-    ERR_load_NURON_strings();
-    return 1;
-}
-
-#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
-static ENGINE *engine_nuron(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_helper(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_nuron(void)
-{
-    /* Copied from eng_[openssl|dyn].c */
-    ENGINE *toadd = engine_nuron();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    ENGINE_free(toadd);
-    ERR_clear_error();
-}
-#  endif
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_fn(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_nuron_id) != 0))
-        return 0;
-    if (!bind_helper(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
-# endif                         /* !OPENSSL_NO_HW_NURON */
-#endif                          /* !OPENSSL_NO_HW */
diff --git a/engines/e_nuron.ec b/engines/e_nuron.ec
deleted file mode 100644 (file)
index cfa430d..0000000
+++ /dev/null
@@ -1 +0,0 @@
-L NURON                e_nuron_err.h                   e_nuron_err.c
diff --git a/engines/e_nuron_err.c b/engines/e_nuron_err.c
deleted file mode 100644 (file)
index a02c4f0..0000000
+++ /dev/null
@@ -1,142 +0,0 @@
-/* e_nuron_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_nuron_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA NURON_str_functs[] = {
-    {ERR_FUNC(NURON_F_NURON_CTRL), "NURON_CTRL"},
-    {ERR_FUNC(NURON_F_NURON_FINISH), "NURON_FINISH"},
-    {ERR_FUNC(NURON_F_NURON_INIT), "NURON_INIT"},
-    {ERR_FUNC(NURON_F_NURON_MOD_EXP), "NURON_MOD_EXP"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA NURON_str_reasons[] = {
-    {ERR_REASON(NURON_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED),
-     "ctrl command not implemented"},
-    {ERR_REASON(NURON_R_DSO_FAILURE), "dso failure"},
-    {ERR_REASON(NURON_R_DSO_FUNCTION_NOT_FOUND), "dso function not found"},
-    {ERR_REASON(NURON_R_DSO_NOT_FOUND), "dso not found"},
-    {ERR_REASON(NURON_R_NOT_LOADED), "not loaded"},
-    {0, NULL}
-};
-
-#endif
-
-#ifdef NURON_LIB_NAME
-static ERR_STRING_DATA NURON_lib_name[] = {
-    {0, NURON_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int NURON_lib_error_code = 0;
-static int NURON_error_init = 1;
-
-static void ERR_load_NURON_strings(void)
-{
-    if (NURON_lib_error_code == 0)
-        NURON_lib_error_code = ERR_get_next_error_library();
-
-    if (NURON_error_init) {
-        NURON_error_init = 0;
-#ifndef OPENSSL_NO_ERR
-        ERR_load_strings(NURON_lib_error_code, NURON_str_functs);
-        ERR_load_strings(NURON_lib_error_code, NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
-        NURON_lib_name->error = ERR_PACK(NURON_lib_error_code, 0, 0);
-        ERR_load_strings(0, NURON_lib_name);
-#endif
-    }
-}
-
-static void ERR_unload_NURON_strings(void)
-{
-    if (NURON_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(NURON_lib_error_code, NURON_str_functs);
-        ERR_unload_strings(NURON_lib_error_code, NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
-        ERR_unload_strings(0, NURON_lib_name);
-#endif
-        NURON_error_init = 1;
-    }
-}
-
-static void ERR_NURON_error(int function, int reason, char *file, int line)
-{
-    if (NURON_lib_error_code == 0)
-        NURON_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(NURON_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_nuron_err.h b/engines/e_nuron_err.h
deleted file mode 100644 (file)
index aa7849c..0000000
+++ /dev/null
@@ -1,91 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_NURON_ERR_H
-# define HEADER_NURON_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_NURON_strings(void);
-static void ERR_unload_NURON_strings(void);
-static void ERR_NURON_error(int function, int reason, char *file, int line);
-# define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the NURON functions. */
-
-/* Function codes. */
-# define NURON_F_NURON_CTRL                               100
-# define NURON_F_NURON_FINISH                             101
-# define NURON_F_NURON_INIT                               102
-# define NURON_F_NURON_MOD_EXP                            103
-
-/* Reason codes. */
-# define NURON_R_ALREADY_LOADED                           100
-# define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED             101
-# define NURON_R_DSO_FAILURE                              102
-# define NURON_R_DSO_FUNCTION_NOT_FOUND                   103
-# define NURON_R_DSO_NOT_FOUND                            104
-# define NURON_R_NOT_LOADED                               105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/engines/e_sureware.c b/engines/e_sureware.c
deleted file mode 100644 (file)
index fb5e55c..0000000
+++ /dev/null
@@ -1,1074 +0,0 @@
-/*-
-*  Written by Corinne Dive-Reclus(cdive@baltimore.com)
-*
-*
-* Redistribution and use in source and binary forms, with or without
-* modification, are permitted provided that the following conditions
-* are met:
-*
-* 1. Redistributions of source code must retain the above copyright
-*    notice, this list of conditions and the following disclaimer.
-*
-* 2. Redistributions in binary form must reproduce the above copyright
-*    notice, this list of conditions and the following disclaimer in
-*    the documentation and/or other materials provided with the
-*    distribution.
-*
-* 3. All advertising materials mentioning features or use of this
-*    software must display the following acknowledgment:
-*    "This product includes software developed by the OpenSSL Project
-*    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-*
-* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-*    endorse or promote products derived from this software without
-*    prior written permission. For written permission, please contact
-*    licensing@OpenSSL.org.
-*
-* 5. Products derived from this software may not be called "OpenSSL"
-*    nor may "OpenSSL" appear in their names without prior written
-*    permission of the OpenSSL Project.
-*
-* 6. Redistributions of any form whatsoever must retain the following
-*    acknowledgment:
-*    "This product includes software developed by the OpenSSL Project
-*    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-*
-* Written by Corinne Dive-Reclus(cdive@baltimore.com)
-*
-* Copyright@2001 Baltimore Technologies Ltd.
-* All right Reserved.
-*                                                                                      *
-*        THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND                 *
-*        ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         *
-*        IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE    *
-*        ARE DISCLAIMED.  IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE           *
-*        FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL    *
-*        DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS       *
-*        OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)         *
-*        HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT    *
-*        LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY     *
-*        OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF        *
-*        SUCH DAMAGE.                                                                  *
-====================================================================*/
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_HW
-# ifndef OPENSSL_NO_HW_SUREWARE
-
-#  ifdef FLAT_INC
-#   include "sureware.h"
-#  else
-#   include "vendor_defns/sureware.h"
-#  endif
-
-#  define SUREWARE_LIB_NAME "sureware engine"
-#  include "e_sureware_err.c"
-
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
-                           void (*f) (void));
-static int surewarehk_destroy(ENGINE *e);
-static int surewarehk_init(ENGINE *e);
-static int surewarehk_finish(ENGINE *e);
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                             const BIGNUM *m, BN_CTX *ctx);
-
-/* RSA stuff */
-#  ifndef OPENSSL_NO_RSA
-static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding);
-static int surewarehk_rsa_sign(int flen, const unsigned char *from,
-                               unsigned char *to, RSA *rsa, int padding);
-#  endif
-
-/* RAND stuff */
-static int surewarehk_rand_bytes(unsigned char *buf, int num);
-static int surewarehk_rand_seed(const void *buf, int num);
-static int surewarehk_rand_add(const void *buf, int num, double entropy);
-
-/* KM stuff */
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
-                                         UI_METHOD *ui_method,
-                                         void *callback_data);
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
-                                        UI_METHOD *ui_method,
-                                        void *callback_data);
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-                               int idx, long argl, void *argp);
-
-#  ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a,
-                                   const BIGNUM *p, const BIGNUM *m,
-                                   BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD surewarehk_rsa = {
-    "SureWare RSA method",
-    NULL,                       /* pub_enc */
-    NULL,                       /* pub_dec */
-    surewarehk_rsa_sign,        /* our rsa_sign is OpenSSL priv_enc */
-    surewarehk_rsa_priv_dec,    /* priv_dec */
-    NULL,                       /* mod_exp */
-    surewarehk_mod_exp_mont,    /* mod_exp_mongomery */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* RSA flag */
-    NULL,
-    NULL,                       /* OpenSSL sign */
-    NULL,                       /* OpenSSL verify */
-    NULL                        /* keygen */
-};
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                                BN_MONT_CTX *m_ctx)
-{
-    return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-static DH_METHOD surewarehk_dh = {
-    "SureWare DH method",
-    NULL,                       /* gen_key */
-    NULL,                       /* agree, */
-    surewarehk_modexp_dh,       /* dh mod exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,
-    NULL
-};
-#  endif
-
-static RAND_METHOD surewarehk_rand = {
-    /* "SureWare RAND method", */
-    surewarehk_rand_seed,
-    surewarehk_rand_bytes,
-    NULL,                       /* cleanup */
-    surewarehk_rand_add,
-    surewarehk_rand_bytes,
-    NULL,                       /* rand_status */
-};
-
-#  ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen,
-                                       DSA *dsa);
-static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
-                                  BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
-                                  BIGNUM *m, BN_CTX *ctx,
-                                  BN_MONT_CTX *in_mont)
-{
-    BIGNUM t;
-    int to_return = 0;
-    BN_init(&t);
-    /* let rr = a1 ^ p1 mod m */
-    if (!surewarehk_modexp(rr, a1, p1, m, ctx))
-        goto end;
-    /* let t = a2 ^ p2 mod m */
-    if (!surewarehk_modexp(&t, a2, p2, m, ctx))
-        goto end;
-    /* let rr = rr * t mod m */
-    if (!BN_mod_mul(rr, rr, &t, m, ctx))
-        goto end;
-    to_return = 1;
- end:
-    BN_free(&t);
-    return to_return;
-}
-
-static DSA_METHOD surewarehk_dsa = {
-    "SureWare DSA method",
-    surewarehk_dsa_do_sign,
-    NULL,                       /* sign setup */
-    NULL,                       /* verify, */
-    surewarehk_dsa_mod_exp,     /* mod exp */
-    NULL,                       /* bn mod exp */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,
-    NULL,
-    NULL,
-    NULL
-};
-#  endif
-
-static const char *engine_sureware_id = "sureware";
-static const char *engine_sureware_name = "SureWare hardware engine support";
-
-/* Now, to our own code */
-
-/*
- * As this is only ever called once, there's no need for locking (indeed -
- * the lock will already be held by our caller!!!)
- */
-static int bind_sureware(ENGINE *e)
-{
-#  ifndef OPENSSL_NO_RSA
-    const RSA_METHOD *meth1;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    const DSA_METHOD *meth2;
-#  endif
-#  ifndef OPENSSL_NO_DH
-    const DH_METHOD *meth3;
-#  endif
-
-    if (!ENGINE_set_id(e, engine_sureware_id) ||
-        !ENGINE_set_name(e, engine_sureware_name) ||
-#  ifndef OPENSSL_NO_RSA
-        !ENGINE_set_RSA(e, &surewarehk_rsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DSA
-        !ENGINE_set_DSA(e, &surewarehk_dsa) ||
-#  endif
-#  ifndef OPENSSL_NO_DH
-        !ENGINE_set_DH(e, &surewarehk_dh) ||
-#  endif
-        !ENGINE_set_RAND(e, &surewarehk_rand) ||
-        !ENGINE_set_destroy_function(e, surewarehk_destroy) ||
-        !ENGINE_set_init_function(e, surewarehk_init) ||
-        !ENGINE_set_finish_function(e, surewarehk_finish) ||
-        !ENGINE_set_ctrl_function(e, surewarehk_ctrl) ||
-        !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||
-        !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))
-        return 0;
-
-#  ifndef OPENSSL_NO_RSA
-    /*
-     * We know that the "PKCS1_SSLeay()" functions hook properly to the
-     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
-     * We don't use ENGINE_openssl() or anything "more generic" because
-     * something like the RSAref code may not hook properly, and if you own
-     * one of these cards then you have the right to do RSA operations on it
-     * anyway!
-     */
-    meth1 = RSA_PKCS1_SSLeay();
-    if (meth1) {
-        surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
-        surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
-    }
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-    /*
-     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
-     */
-    meth2 = DSA_OpenSSL();
-    if (meth2) {
-        surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;
-    }
-#  endif
-
-#  ifndef OPENSSL_NO_DH
-    /* Much the same for Diffie-Hellman */
-    meth3 = DH_OpenSSL();
-    if (meth3) {
-        surewarehk_dh.generate_key = meth3->generate_key;
-        surewarehk_dh.compute_key = meth3->compute_key;
-    }
-#  endif
-
-    /* Ensure the sureware error handling is set up */
-    ERR_load_SUREWARE_strings();
-    return 1;
-}
-
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-static int bind_helper(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_sureware_id) != 0))
-        return 0;
-    if (!bind_sureware(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#  else
-static ENGINE *engine_sureware(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_sureware(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_sureware(void)
-{
-    /* Copied from eng_[openssl|dyn].c */
-    ENGINE *toadd = engine_sureware();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    ENGINE_free(toadd);
-    ERR_clear_error();
-}
-#  endif
-
-/*
- * This is a process-global DSO handle used for loading and unloading the
- * SureWareHook library. NB: This is only set (or unset) during an init() or
- * finish() call (reference counts permitting) and they're operating with
- * global locks, so this should be thread-safe implicitly.
- */
-static DSO *surewarehk_dso = NULL;
-#  ifndef OPENSSL_NO_RSA
-/* Index for KM handle.  Not really used yet. */
-static int rsaHndidx = -1;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-/* Index for KM handle.  Not really used yet. */
-static int dsaHndidx = -1;
-#  endif
-
-/*
- * These are the function pointers that are (un)set when the library has
- * successfully (un)loaded.
- */
-static SureWareHook_Init_t *p_surewarehk_Init = NULL;
-static SureWareHook_Finish_t *p_surewarehk_Finish = NULL;
-static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL;
-static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL;
-static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL;
-static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL;
-static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL;
-static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL;
-static SureWareHook_Free_t *p_surewarehk_Free = NULL;
-static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec = NULL;
-static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign = NULL;
-static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign = NULL;
-static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp = NULL;
-
-/* Used in the DSO operations. */
-static const char *surewarehk_LIBNAME = "SureWareHook";
-static const char *n_surewarehk_Init = "SureWareHook_Init";
-static const char *n_surewarehk_Finish = "SureWareHook_Finish";
-static const char *n_surewarehk_Rand_Bytes = "SureWareHook_Rand_Bytes";
-static const char *n_surewarehk_Rand_Seed = "SureWareHook_Rand_Seed";
-static const char *n_surewarehk_Load_Privkey = "SureWareHook_Load_Privkey";
-static const char *n_surewarehk_Info_Pubkey = "SureWareHook_Info_Pubkey";
-static const char *n_surewarehk_Load_Rsa_Pubkey =
-    "SureWareHook_Load_Rsa_Pubkey";
-static const char *n_surewarehk_Load_Dsa_Pubkey =
-    "SureWareHook_Load_Dsa_Pubkey";
-static const char *n_surewarehk_Free = "SureWareHook_Free";
-static const char *n_surewarehk_Rsa_Priv_Dec = "SureWareHook_Rsa_Priv_Dec";
-static const char *n_surewarehk_Rsa_Sign = "SureWareHook_Rsa_Sign";
-static const char *n_surewarehk_Dsa_Sign = "SureWareHook_Dsa_Sign";
-static const char *n_surewarehk_Mod_Exp = "SureWareHook_Mod_Exp";
-static BIO *logstream = NULL;
-
-/*
- * SureWareHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no error
- * checking, take a look lower down where these functions are called, the
- * checking and error handling is probably down there.
- */
-static int threadsafe = 1;
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
-                           void (*f) (void))
-{
-    int to_return = 1;
-
-    switch (cmd) {
-    case ENGINE_CTRL_SET_LOGSTREAM:
-        {
-            BIO *bio = (BIO *)p;
-            CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-            BIO_free(logstream);
-            logstream = NULL;
-            if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
-                logstream = bio;
-            else
-                SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
-                            SUREWARE_R_BIO_WAS_FREED);
-        }
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        break;
-        /*
-         * This will prevent the initialisation function from "installing"
-         * the mutex-handling callbacks, even if they are available from
-         * within the library (or were provided to the library from the
-         * calling application). This is to remove any baggage for
-         * applications not using multithreading.
-         */
-    case ENGINE_CTRL_CHIL_NO_LOCKING:
-        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-        threadsafe = 0;
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        break;
-
-        /* The command isn't understood by this engine */
-    default:
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
-                    ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-        to_return = 0;
-        break;
-    }
-
-    return to_return;
-}
-
-/* Destructor (complements the "ENGINE_surewarehk()" constructor) */
-static int surewarehk_destroy(ENGINE *e)
-{
-    ERR_unload_SUREWARE_strings();
-    return 1;
-}
-
-/* (de)initialisation functions. */
-static int surewarehk_init(ENGINE *e)
-{
-    char msg[64] = "ENGINE_init";
-    SureWareHook_Init_t *p1 = NULL;
-    SureWareHook_Finish_t *p2 = NULL;
-    SureWareHook_Rand_Bytes_t *p3 = NULL;
-    SureWareHook_Rand_Seed_t *p4 = NULL;
-    SureWareHook_Load_Privkey_t *p5 = NULL;
-    SureWareHook_Load_Rsa_Pubkey_t *p6 = NULL;
-    SureWareHook_Free_t *p7 = NULL;
-    SureWareHook_Rsa_Priv_Dec_t *p8 = NULL;
-    SureWareHook_Rsa_Sign_t *p9 = NULL;
-    SureWareHook_Dsa_Sign_t *p12 = NULL;
-    SureWareHook_Info_Pubkey_t *p13 = NULL;
-    SureWareHook_Load_Dsa_Pubkey_t *p14 = NULL;
-    SureWareHook_Mod_Exp_t *p15 = NULL;
-
-    if (surewarehk_dso != NULL) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_ALREADY_LOADED);
-        goto err;
-    }
-    /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */
-    surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0);
-    if (surewarehk_dso == NULL) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE);
-        goto err;
-    }
-    if (!
-        (p1 =
-         (SureWareHook_Init_t *) DSO_bind_func(surewarehk_dso,
-                                               n_surewarehk_Init))
-|| !(p2 =
-     (SureWareHook_Finish_t *) DSO_bind_func(surewarehk_dso,
-                                             n_surewarehk_Finish))
-|| !(p3 =
-     (SureWareHook_Rand_Bytes_t *) DSO_bind_func(surewarehk_dso,
-                                                 n_surewarehk_Rand_Bytes))
-|| !(p4 =
-     (SureWareHook_Rand_Seed_t *) DSO_bind_func(surewarehk_dso,
-                                                n_surewarehk_Rand_Seed))
-|| !(p5 =
-     (SureWareHook_Load_Privkey_t *) DSO_bind_func(surewarehk_dso,
-                                                   n_surewarehk_Load_Privkey))
-|| !(p6 =
-     (SureWareHook_Load_Rsa_Pubkey_t *) DSO_bind_func(surewarehk_dso,
-                                                      n_surewarehk_Load_Rsa_Pubkey))
-|| !(p7 =
-     (SureWareHook_Free_t *) DSO_bind_func(surewarehk_dso, n_surewarehk_Free))
-|| !(p8 =
-     (SureWareHook_Rsa_Priv_Dec_t *) DSO_bind_func(surewarehk_dso,
-                                                   n_surewarehk_Rsa_Priv_Dec))
-|| !(p9 =
-     (SureWareHook_Rsa_Sign_t *) DSO_bind_func(surewarehk_dso,
-                                               n_surewarehk_Rsa_Sign))
-|| !(p12 =
-     (SureWareHook_Dsa_Sign_t *) DSO_bind_func(surewarehk_dso,
-                                               n_surewarehk_Dsa_Sign))
-|| !(p13 =
-     (SureWareHook_Info_Pubkey_t *) DSO_bind_func(surewarehk_dso,
-                                                  n_surewarehk_Info_Pubkey))
-|| !(p14 =
-     (SureWareHook_Load_Dsa_Pubkey_t *) DSO_bind_func(surewarehk_dso,
-                                                      n_surewarehk_Load_Dsa_Pubkey))
-|| !(p15 =
-     (SureWareHook_Mod_Exp_t *) DSO_bind_func(surewarehk_dso,
-                                              n_surewarehk_Mod_Exp))) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE);
-        goto err;
-    }
-    /* Copy the pointers */
-    p_surewarehk_Init = p1;
-    p_surewarehk_Finish = p2;
-    p_surewarehk_Rand_Bytes = p3;
-    p_surewarehk_Rand_Seed = p4;
-    p_surewarehk_Load_Privkey = p5;
-    p_surewarehk_Load_Rsa_Pubkey = p6;
-    p_surewarehk_Free = p7;
-    p_surewarehk_Rsa_Priv_Dec = p8;
-    p_surewarehk_Rsa_Sign = p9;
-    p_surewarehk_Dsa_Sign = p12;
-    p_surewarehk_Info_Pubkey = p13;
-    p_surewarehk_Load_Dsa_Pubkey = p14;
-    p_surewarehk_Mod_Exp = p15;
-    /* Contact the hardware and initialises it. */
-    if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE);
-        goto err;
-    }
-    if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE);
-        goto err;
-    }
-    /*
-     * try to load the default private key, if failed does not return a
-     * failure but wait for an explicit ENGINE_load_privakey
-     */
-    surewarehk_load_privkey(e, NULL, NULL, NULL);
-
-    /* Everything's fine. */
-#  ifndef OPENSSL_NO_RSA
-    if (rsaHndidx == -1)
-        rsaHndidx = RSA_get_ex_new_index(0,
-                                         "SureWareHook RSA key handle",
-                                         NULL, NULL, surewarehk_ex_free);
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    if (dsaHndidx == -1)
-        dsaHndidx = DSA_get_ex_new_index(0,
-                                         "SureWareHook DSA key handle",
-                                         NULL, NULL, surewarehk_ex_free);
-#  endif
-
-    return 1;
- err:
-    DSO_free(surewarehk_dso);
-    surewarehk_dso = NULL;
-    p_surewarehk_Init = NULL;
-    p_surewarehk_Finish = NULL;
-    p_surewarehk_Rand_Bytes = NULL;
-    p_surewarehk_Rand_Seed = NULL;
-    p_surewarehk_Load_Privkey = NULL;
-    p_surewarehk_Load_Rsa_Pubkey = NULL;
-    p_surewarehk_Free = NULL;
-    p_surewarehk_Rsa_Priv_Dec = NULL;
-    p_surewarehk_Rsa_Sign = NULL;
-    p_surewarehk_Dsa_Sign = NULL;
-    p_surewarehk_Info_Pubkey = NULL;
-    p_surewarehk_Load_Dsa_Pubkey = NULL;
-    p_surewarehk_Mod_Exp = NULL;
-    return 0;
-}
-
-static int surewarehk_finish(ENGINE *e)
-{
-    int to_return = 1;
-    if (surewarehk_dso == NULL) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_NOT_LOADED);
-        to_return = 0;
-        goto err;
-    }
-    p_surewarehk_Finish();
-    if (!DSO_free(surewarehk_dso)) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_DSO_FAILURE);
-        to_return = 0;
-        goto err;
-    }
- err:
-    BIO_free(logstream);
-    surewarehk_dso = NULL;
-    p_surewarehk_Init = NULL;
-    p_surewarehk_Finish = NULL;
-    p_surewarehk_Rand_Bytes = NULL;
-    p_surewarehk_Rand_Seed = NULL;
-    p_surewarehk_Load_Privkey = NULL;
-    p_surewarehk_Load_Rsa_Pubkey = NULL;
-    p_surewarehk_Free = NULL;
-    p_surewarehk_Rsa_Priv_Dec = NULL;
-    p_surewarehk_Rsa_Sign = NULL;
-    p_surewarehk_Dsa_Sign = NULL;
-    p_surewarehk_Info_Pubkey = NULL;
-    p_surewarehk_Load_Dsa_Pubkey = NULL;
-    p_surewarehk_Mod_Exp = NULL;
-    return to_return;
-}
-
-static void surewarehk_error_handling(char *const msg, int func, int ret)
-{
-    switch (ret) {
-    case SUREWAREHOOK_ERROR_UNIT_FAILURE:
-        ENGINEerr(func, SUREWARE_R_UNIT_FAILURE);
-        break;
-    case SUREWAREHOOK_ERROR_FALLBACK:
-        ENGINEerr(func, SUREWARE_R_REQUEST_FALLBACK);
-        break;
-    case SUREWAREHOOK_ERROR_DATA_SIZE:
-        ENGINEerr(func, SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
-        break;
-    case SUREWAREHOOK_ERROR_INVALID_PAD:
-        ENGINEerr(func, SUREWARE_R_PADDING_CHECK_FAILED);
-        break;
-    default:
-        ENGINEerr(func, SUREWARE_R_REQUEST_FAILED);
-        break;
-    case 1:                    /* nothing */
-        msg[0] = '\0';
-    }
-    if (*msg) {
-        ERR_add_error_data(1, msg);
-        if (logstream) {
-            CRYPTO_w_lock(CRYPTO_LOCK_BIO);
-            BIO_write(logstream, msg, strlen(msg));
-            CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
-        }
-    }
-}
-
-static int surewarehk_rand_bytes(unsigned char *buf, int num)
-{
-    int ret = 0;
-    char msg[64] = "ENGINE_rand_bytes";
-    if (!p_surewarehk_Rand_Bytes) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,
-                    ENGINE_R_NOT_INITIALISED);
-    } else {
-        ret = p_surewarehk_Rand_Bytes(msg, buf, num);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_BYTES, ret);
-    }
-    return ret == 1 ? 1 : 0;
-}
-
-static int surewarehk_rand_seed(const void *buf, int num)
-{
-    int ret = 0;
-    char msg[64] = "ENGINE_rand_seed";
-    if (!p_surewarehk_Rand_Seed) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,
-                    ENGINE_R_NOT_INITIALISED);
-        return 0;
-    } else {
-        ret = p_surewarehk_Rand_Seed(msg, buf, num);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_SEED, ret);
-        if (ret == 1)
-            return 1;
-        else
-            return 0;
-    }
-}
-
-static int surewarehk_rand_add(const void *buf, int num, double entropy)
-{
-    return surewarehk_rand_seed(buf, num);
-}
-
-static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
-                                      char *hptr, unsigned long el,
-                                      char keytype)
-{
-    EVP_PKEY *res = NULL;
-#  ifndef OPENSSL_NO_RSA
-    RSA *rsatmp = NULL;
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    DSA *dsatmp = NULL;
-#  endif
-    char msg[64] = "sureware_load_public";
-    int ret = 0;
-    if (!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) {
-        SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
-                    ENGINE_R_NOT_INITIALISED);
-        goto err;
-    }
-    switch (keytype) {
-#  ifndef OPENSSL_NO_RSA
-    case 1:
-         /*RSA*/
-            /* set private external reference */
-            rsatmp = RSA_new_method(e);
-        RSA_set_ex_data(rsatmp, rsaHndidx, hptr);
-        rsatmp->flags |= RSA_FLAG_EXT_PKEY;
-
-        /* set public big nums */
-        rsatmp->e = BN_new();
-        rsatmp->n = BN_new();
-        if (!rsatmp->e || !rsatmp->n)
-            goto err;
-        bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
-        bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
-        if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
-            rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
-            goto err;
-        ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
-                                           (unsigned long *)rsatmp->n->d,
-                                           (unsigned long *)rsatmp->e->d);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret);
-        if (ret != 1) {
-            SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
-                        ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-            goto err;
-        }
-        /* normalise pub e and pub n */
-        rsatmp->e->top = el / sizeof(BN_ULONG);
-        bn_fix_top(rsatmp->e);
-        rsatmp->n->top = el / sizeof(BN_ULONG);
-        bn_fix_top(rsatmp->n);
-        /* create an EVP object: engine + rsa key */
-        res = EVP_PKEY_new();
-        EVP_PKEY_assign_RSA(res, rsatmp);
-        break;
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-    case 2:
-         /*DSA*/
-            /* set private/public external reference */
-            dsatmp = DSA_new_method(e);
-        DSA_set_ex_data(dsatmp, dsaHndidx, hptr);
-        /*
-         * dsatmp->flags |= DSA_FLAG_EXT_PKEY;
-         */
-
-        /* set public key */
-        dsatmp->pub_key = BN_new();
-        dsatmp->p = BN_new();
-        dsatmp->q = BN_new();
-        dsatmp->g = BN_new();
-        if (!dsatmp->pub_key || !dsatmp->p || !dsatmp->q || !dsatmp->g)
-            goto err;
-        bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
-        bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
-        bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
-        bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
-        if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
-            || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
-            || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
-            || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
-            goto err;
-
-        ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
-                                           (unsigned long *)dsatmp->
-                                           pub_key->d,
-                                           (unsigned long *)dsatmp->p->d,
-                                           (unsigned long *)dsatmp->q->d,
-                                           (unsigned long *)dsatmp->g->d);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret);
-        if (ret != 1) {
-            SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
-                        ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-            goto err;
-        }
-        /* set parameters */
-        /* normalise pubkey and parameters in case of */
-        dsatmp->pub_key->top = el / sizeof(BN_ULONG);
-        bn_fix_top(dsatmp->pub_key);
-        dsatmp->p->top = el / sizeof(BN_ULONG);
-        bn_fix_top(dsatmp->p);
-        dsatmp->q->top = 20 / sizeof(BN_ULONG);
-        bn_fix_top(dsatmp->q);
-        dsatmp->g->top = el / sizeof(BN_ULONG);
-        bn_fix_top(dsatmp->g);
-
-        /* create an EVP object: engine + rsa key */
-        res = EVP_PKEY_new();
-        EVP_PKEY_assign_DSA(res, dsatmp);
-        break;
-#  endif
-
-    default:
-        SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
-                    ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-        goto err;
-    }
-    return res;
- err:
-#  ifndef OPENSSL_NO_RSA
-    RSA_free(rsatmp);
-#  endif
-#  ifndef OPENSSL_NO_DSA
-    DSA_free(dsatmp);
-#  endif
-    return NULL;
-}
-
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
-                                         UI_METHOD *ui_method,
-                                         void *callback_data)
-{
-    EVP_PKEY *res = NULL;
-    int ret = 0;
-    unsigned long el = 0;
-    char *hptr = NULL;
-    char keytype = 0;
-    char msg[64] = "ENGINE_load_privkey";
-
-    if (!p_surewarehk_Load_Privkey) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,
-                    ENGINE_R_NOT_INITIALISED);
-    } else {
-        ret = p_surewarehk_Load_Privkey(msg, key_id, &hptr, &el, &keytype);
-        if (ret != 1) {
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,
-                        ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-            ERR_add_error_data(1, msg);
-        } else
-            res = sureware_load_public(e, key_id, hptr, el, keytype);
-    }
-    return res;
-}
-
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
-                                        UI_METHOD *ui_method,
-                                        void *callback_data)
-{
-    EVP_PKEY *res = NULL;
-    int ret = 0;
-    unsigned long el = 0;
-    char *hptr = NULL;
-    char keytype = 0;
-    char msg[64] = "ENGINE_load_pubkey";
-
-    if (!p_surewarehk_Info_Pubkey) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,
-                    ENGINE_R_NOT_INITIALISED);
-    } else {
-        /* call once to identify if DSA or RSA */
-        ret = p_surewarehk_Info_Pubkey(msg, key_id, &el, &keytype);
-        if (ret != 1) {
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,
-                        ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-            ERR_add_error_data(1, msg);
-        } else
-            res = sureware_load_public(e, key_id, hptr, el, keytype);
-    }
-    return res;
-}
-
-/*
- * This cleans up an RSA/DSA KM key(do not destroy the key into the hardware)
- * , called when ex_data is freed
- */
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-                               int idx, long argl, void *argp)
-{
-    if (!p_surewarehk_Free) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE, ENGINE_R_NOT_INITIALISED);
-    } else
-        p_surewarehk_Free((char *)item, 0);
-}
-
-/*
- * return number of decrypted bytes
- */
-#  ifndef OPENSSL_NO_RSA
-static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding)
-{
-    int ret = 0, tlen;
-    char *buf = NULL, *hptr = NULL;
-    char msg[64] = "ENGINE_rsa_priv_dec";
-    if (!p_surewarehk_Rsa_Priv_Dec) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                    ENGINE_R_NOT_INITIALISED);
-    }
-    /* extract ref to private key */
-    else if ((hptr = RSA_get_ex_data(rsa, rsaHndidx)) == NULL) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                    SUREWARE_R_MISSING_KEY_COMPONENTS);
-        goto err;
-    }
-    /* analyse what padding we can do into the hardware */
-    if (padding == RSA_PKCS1_PADDING) {
-        /* do it one shot */
-        ret =
-            p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen,
-                                      to, hptr, SUREWARE_PKCS1_PAD);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                                  ret);
-        if (ret != 1)
-            goto err;
-        ret = tlen;
-    } else {                    /* do with no padding into hardware */
-
-        ret =
-            p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen,
-                                      to, hptr, SUREWARE_NO_PAD);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                                  ret);
-        if (ret != 1)
-            goto err;
-        /* intermediate buffer for padding */
-        if ((buf = OPENSSL_malloc(tlen)) == NULL) {
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                        ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        memcpy(buf, to, tlen);  /* transfert to into buf */
-        switch (padding) {      /* check padding in software */
-        case RSA_PKCS1_OAEP_PADDING:
-            ret =
-                RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf,
-                                             tlen, tlen, NULL, 0);
-            break;
-        case RSA_SSLV23_PADDING:
-            ret =
-                RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen,
-                                         tlen);
-            break;
-        case RSA_NO_PADDING:
-            ret =
-                RSA_padding_check_none(to, tlen, (unsigned char *)buf, flen,
-                                       tlen);
-            break;
-        default:
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                        SUREWARE_R_UNKNOWN_PADDING_TYPE);
-            goto err;
-        }
-        if (ret < 0)
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
-                        SUREWARE_R_PADDING_CHECK_FAILED);
-    }
- err:
-    OPENSSL_clear_free(buf, tlen);
-    return ret;
-}
-
-/*
- * Does what OpenSSL rsa_priv_enc does.
- */
-static int surewarehk_rsa_sign(int flen, const unsigned char *from,
-                               unsigned char *to, RSA *rsa, int padding)
-{
-    int ret = 0, tlen;
-    char *hptr = NULL;
-    char msg[64] = "ENGINE_rsa_sign";
-    if (!p_surewarehk_Rsa_Sign) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, ENGINE_R_NOT_INITIALISED);
-    }
-    /* extract ref to private key */
-    else if ((hptr = RSA_get_ex_data(rsa, rsaHndidx)) == NULL) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
-                    SUREWARE_R_MISSING_KEY_COMPONENTS);
-    } else {
-        switch (padding) {
-        case RSA_PKCS1_PADDING: /* do it in one shot */
-            ret =
-                p_surewarehk_Rsa_Sign(msg, flen, (unsigned char *)from, &tlen,
-                                      to, hptr, SUREWARE_PKCS1_PAD);
-            surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_SIGN,
-                                      ret);
-            break;
-        case RSA_NO_PADDING:
-        default:
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
-                        SUREWARE_R_UNKNOWN_PADDING_TYPE);
-        }
-    }
-    return ret == 1 ? tlen : ret;
-}
-
-#  endif
-
-#  ifndef OPENSSL_NO_DSA
-/* DSA sign and verify */
-static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen,
-                                       DSA *dsa)
-{
-    int ret = 0;
-    char *hptr = NULL;
-    DSA_SIG *psign = NULL;
-    char msg[64] = "ENGINE_dsa_do_sign";
-    if (!p_surewarehk_Dsa_Sign) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
-                    ENGINE_R_NOT_INITIALISED);
-        goto err;
-    }
-    /* extract ref to private key */
-    else if ((hptr = DSA_get_ex_data(dsa, dsaHndidx)) == NULL) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
-                    SUREWARE_R_MISSING_KEY_COMPONENTS);
-        goto err;
-    } else {
-        if ((psign = DSA_SIG_new()) == NULL) {
-            SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
-                        ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        psign->r = BN_new();
-        psign->s = BN_new();
-        if (!psign->r || !psign->s)
-            goto err;
-        bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
-        bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
-        if (psign->r->dmax != 20 / sizeof(BN_ULONG) ||
-            psign->s->dmax != 20 / sizeof(BN_ULONG))
-            goto err;
-        ret = p_surewarehk_Dsa_Sign(msg, flen, from,
-                                    (unsigned long *)psign->r->d,
-                                    (unsigned long *)psign->s->d, hptr);
-        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
-                                  ret);
-    }
-    psign->r->top = 20 / sizeof(BN_ULONG);
-    bn_fix_top(psign->r);
-    psign->s->top = 20 / sizeof(BN_ULONG);
-    bn_fix_top(psign->s);
-
- err:
-    if (psign) {
-        DSA_SIG_free(psign);
-        psign = NULL;
-    }
-    return psign;
-}
-#  endif
-
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                             const BIGNUM *m, BN_CTX *ctx)
-{
-    int ret = 0;
-    char msg[64] = "ENGINE_modexp";
-    if (!p_surewarehk_Mod_Exp) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
-    } else if (r) {
-        bn_expand2(r, m->top);
-        if (r->dmax == m->top) {
-            /* do it */
-            ret = p_surewarehk_Mod_Exp(msg,
-                                       m->top * sizeof(BN_ULONG),
-                                       (unsigned long *)m->d,
-                                       p->top * sizeof(BN_ULONG),
-                                       (unsigned long *)p->d,
-                                       a->top * sizeof(BN_ULONG),
-                                       (unsigned long *)a->d,
-                                       (unsigned long *)r->d);
-            surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_MODEXP, ret);
-            if (ret == 1) {
-                /* normalise result */
-                r->top = m->top;
-                bn_fix_top(r);
-            }
-        }
-    }
-    return ret;
-}
-# endif                         /* !OPENSSL_NO_HW_SUREWARE */
-#endif                          /* !OPENSSL_NO_HW */
diff --git a/engines/e_sureware.ec b/engines/e_sureware.ec
deleted file mode 100644 (file)
index 3d266b8..0000000
+++ /dev/null
@@ -1 +0,0 @@
-L SUREWARE     e_sureware_err.h                e_sureware_err.c
diff --git a/engines/e_sureware_err.c b/engines/e_sureware_err.c
deleted file mode 100644 (file)
index f6f7eff..0000000
+++ /dev/null
@@ -1,154 +0,0 @@
-/* e_sureware_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "e_sureware_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
-static ERR_STRING_DATA SUREWARE_str_functs[] = {
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_CTRL), "SUREWAREHK_CTRL"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_DH_EX_FREE), "SUREWAREHK_DH_EX_FREE"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN), "SUREWAREHK_DSA_DO_SIGN"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_EX_FREE), "SUREWAREHK_EX_FREE"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_FINISH), "SUREWAREHK_FINISH"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_INIT), "SUREWAREHK_INIT"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY), "SUREWAREHK_LOAD_PRIVKEY"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY), "SUREWAREHK_LOAD_PUBKEY"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_MODEXP), "SUREWAREHK_MODEXP"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_BYTES), "SUREWAREHK_RAND_BYTES"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_SEED), "SUREWAREHK_RAND_SEED"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC), "SUREWAREHK_RSA_PRIV_DEC"},
-    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_SIGN), "SUREWAREHK_RSA_SIGN"},
-    {ERR_FUNC(SUREWARE_F_SUREWARE_LOAD_PUBLIC), "SUREWARE_LOAD_PUBLIC"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA SUREWARE_str_reasons[] = {
-    {ERR_REASON(SUREWARE_R_BIO_WAS_FREED), "bio was freed"},
-    {ERR_REASON(SUREWARE_R_MISSING_KEY_COMPONENTS), "missing key components"},
-    {ERR_REASON(SUREWARE_R_PADDING_CHECK_FAILED), "padding check failed"},
-    {ERR_REASON(SUREWARE_R_REQUEST_FAILED), "request failed"},
-    {ERR_REASON(SUREWARE_R_REQUEST_FALLBACK), "request fallback"},
-    {ERR_REASON(SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
-     "size too large or too small"},
-    {ERR_REASON(SUREWARE_R_UNIT_FAILURE), "unit failure"},
-    {ERR_REASON(SUREWARE_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
-    {0, NULL}
-};
-
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-static ERR_STRING_DATA SUREWARE_lib_name[] = {
-    {0, SUREWARE_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int SUREWARE_lib_error_code = 0;
-static int SUREWARE_error_init = 1;
-
-static void ERR_load_SUREWARE_strings(void)
-{
-    if (SUREWARE_lib_error_code == 0)
-        SUREWARE_lib_error_code = ERR_get_next_error_library();
-
-    if (SUREWARE_error_init) {
-        SUREWARE_error_init = 0;
-#ifndef OPENSSL_NO_ERR
-        ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
-        ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-        SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code, 0, 0);
-        ERR_load_strings(0, SUREWARE_lib_name);
-#endif
-    }
-}
-
-static void ERR_unload_SUREWARE_strings(void)
-{
-    if (SUREWARE_error_init == 0) {
-#ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
-        ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-        ERR_unload_strings(0, SUREWARE_lib_name);
-#endif
-        SUREWARE_error_init = 1;
-    }
-}
-
-static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
-{
-    if (SUREWARE_lib_error_code == 0)
-        SUREWARE_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(SUREWARE_lib_error_code, function, reason, file, line);
-}
diff --git a/engines/e_sureware_err.h b/engines/e_sureware_err.h
deleted file mode 100644 (file)
index bef8623..0000000
+++ /dev/null
@@ -1,104 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SUREWARE_ERR_H
-# define HEADER_SUREWARE_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_SUREWARE_strings(void);
-static void ERR_unload_SUREWARE_strings(void);
-static void ERR_SUREWARE_error(int function, int reason, char *file,
-                               int line);
-# define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the SUREWARE functions. */
-
-/* Function codes. */
-# define SUREWARE_F_SUREWAREHK_CTRL                       100
-# define SUREWARE_F_SUREWAREHK_DH_EX_FREE                 112
-# define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN                101
-# define SUREWARE_F_SUREWAREHK_EX_FREE                    102
-# define SUREWARE_F_SUREWAREHK_FINISH                     103
-# define SUREWARE_F_SUREWAREHK_INIT                       104
-# define SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY               105
-# define SUREWARE_F_SUREWAREHK_LOAD_PUBKEY                113
-# define SUREWARE_F_SUREWAREHK_MODEXP                     107
-# define SUREWARE_F_SUREWAREHK_RAND_BYTES                 108
-# define SUREWARE_F_SUREWAREHK_RAND_SEED                  109
-# define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC               110
-# define SUREWARE_F_SUREWAREHK_RSA_SIGN                   111
-# define SUREWARE_F_SUREWARE_LOAD_PUBLIC                  106
-
-/* Reason codes. */
-# define SUREWARE_R_BIO_WAS_FREED                         100
-# define SUREWARE_R_MISSING_KEY_COMPONENTS                105
-# define SUREWARE_R_PADDING_CHECK_FAILED                  106
-# define SUREWARE_R_REQUEST_FAILED                        101
-# define SUREWARE_R_REQUEST_FALLBACK                      102
-# define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL           103
-# define SUREWARE_R_UNIT_FAILURE                          104
-# define SUREWARE_R_UNKNOWN_PADDING_TYPE                  107
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
index a0bd168..944e415 100644 (file)
@@ -94,7 +94,7 @@ $! library that isn't necessarely ported to VMS.
 $!
 $ ENGINES = "," + P6
 $ IF ENGINES .EQS. "," THEN -
-       ENGINES = ",4758cca,padlock,capi,"
+       ENGINES = ",padlock,capi,"
 $!
 $! GOST requires a 64-bit integer type, unavailable on VAX.
 $!
@@ -155,7 +155,6 @@ $   ENGINE_ = "engine_vector.mar"
 $   TV_OBJ_NAME = OBJ_DIR + F$PARSE(ENGINE_,,,"NAME","SYNTAX_ONLY") + ".OBJ"
 $   TV_OBJ = ",''TV_OBJ_NAME'"
 $ ENDIF
-$ ENGINE_4758CCA = "e_4758cca"
 $ ENGINE_padlock = "e_padlock"
 $ ENGINE_capi = "e_capi"
 $ 
diff --git a/engines/vendor_defns/aep.h b/engines/vendor_defns/aep.h
deleted file mode 100644 (file)
index 04ab87e..0000000
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * This header declares the necessary definitions for using the
- * exponentiation acceleration capabilities, and rnd number generation of the
- * AEP card.
- */
-
-/*
- *
- * Some AEP defines
- *
- */
-
-/*
- * Successful return value
- */
-#define AEP_R_OK                                0x00000000
-
-/*
- * Miscelleanous unsuccessful return value
- */
-#define AEP_R_GENERAL_ERROR                     0x10000001
-
-/*
- * Insufficient host memory
- */
-#define AEP_R_HOST_MEMORY                       0x10000002
-
-#define AEP_R_FUNCTION_FAILED                   0x10000006
-
-/*
- * Invalid arguments in function call
- */
-#define AEP_R_ARGUMENTS_BAD                     0x10020000
-
-#define AEP_R_NO_TARGET_RESOURCES                               0x10030000
-
-/*
- * Error occuring on socket operation
- */
-#define AEP_R_SOCKERROR                                                 0x10000010
-
-/*
- * Socket has been closed from the other end
- */
-#define AEP_R_SOCKEOF                                                   0x10000011
-
-/*
- * Invalid handles
- */
-#define AEP_R_CONNECTION_HANDLE_INVALID         0x100000B3
-
-#define AEP_R_TRANSACTION_HANDLE_INVALID                0x10040000
-
-/*
- * Transaction has not yet returned from accelerator
- */
-#define AEP_R_TRANSACTION_NOT_READY                             0x00010000
-
-/*
- * There is already a thread waiting on this transaction
- */
-#define AEP_R_TRANSACTION_CLAIMED                               0x10050000
-
-/*
- * The transaction timed out
- */
-#define AEP_R_TIMED_OUT                                                 0x10060000
-
-#define AEP_R_FXN_NOT_IMPLEMENTED                               0x10070000
-
-#define AEP_R_TARGET_ERROR                                              0x10080000
-
-/*
- * Error in the AEP daemon process
- */
-#define AEP_R_DAEMON_ERROR                                              0x10090000
-
-/*
- * Invalid ctx id
- */
-#define AEP_R_INVALID_CTX_ID                                    0x10009000
-
-#define AEP_R_NO_KEY_MANAGER                                    0x1000a000
-
-/*
- * Error obtaining a mutex
- */
-#define AEP_R_MUTEX_BAD                         0x000001A0
-
-/*
- * Fxn call before AEP_Initialise ot after AEP_Finialise
- */
-#define AEP_R_AEPAPI_NOT_INITIALIZED                    0x10000190
-
-/*
- * AEP_Initialise has already been called
- */
-#define AEP_R_AEPAPI_ALREADY_INITIALIZED                0x10000191
-
-/*
- * Maximum number of connections to daemon reached
- */
-#define AEP_R_NO_MORE_CONNECTION_HNDLS                  0x10000200
-
-/*
- *
- * Some AEP Type definitions
- *
- */
-
-/* an unsigned 8-bit value */
-typedef unsigned char AEP_U8;
-
-/* an unsigned 8-bit character */
-typedef char AEP_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef AEP_U8 AEP_BBOOL;
-
-/*
- * Unsigned value, at least 16 bits long
- */
-typedef unsigned short AEP_U16;
-
-/* an unsigned value, at least 32 bits long */
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned int AEP_U32;
-#else
-typedef unsigned long AEP_U32;
-#endif
-
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned long AEP_U64;
-#else
-typedef struct {
-    unsigned long l1, l2;
-} AEP_U64;
-#endif
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef AEP_U32 AEP_FLAGS;
-
-typedef AEP_U8 *AEP_U8_PTR;
-typedef AEP_CHAR *AEP_CHAR_PTR;
-typedef AEP_U32 *AEP_U32_PTR;
-typedef AEP_U64 *AEP_U64_PTR;
-typedef void *AEP_VOID_PTR;
-
-/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
-typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR;
-
-/*
- * Used to identify an AEP connection handle
- */
-typedef AEP_U32 AEP_CONNECTION_HNDL;
-
-/*
- * Pointer to an AEP connection handle
- */
-typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR;
-
-/*
- * Used by an application (in conjunction with the apps process id) to
- * identify an individual transaction
- */
-typedef AEP_U32 AEP_TRANSACTION_ID;
-
-/*
- * Pointer to an applications transaction identifier
- */
-typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR;
-
-/*
- * Return value type
- */
-typedef AEP_U32 AEP_RV;
-
-#define MAX_PROCESS_CONNECTIONS 256
-
-#define RAND_BLK_SIZE 1024
-
-typedef enum {
-    NotConnected = 0,
-    Connected = 1,
-    InUse = 2
-} AEP_CONNECTION_STATE;
-
-typedef struct AEP_CONNECTION_ENTRY {
-    AEP_CONNECTION_STATE conn_state;
-    AEP_CONNECTION_HNDL conn_hndl;
-} AEP_CONNECTION_ENTRY;
-
-typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
-typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
-
-typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
-                            AEP_VOID_PTR pA, AEP_VOID_PTR pP,
-                            AEP_VOID_PTR pN,
-                            AEP_VOID_PTR pResult,
-                            AEP_TRANSACTION_ID *pidTransID);
-
-typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
-                               AEP_VOID_PTR pA, AEP_VOID_PTR pP,
-                               AEP_VOID_PTR pQ,
-                               AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
-                               AEP_VOID_PTR pIqmp,
-                               AEP_VOID_PTR pResult,
-                               AEP_TRANSACTION_ID *pidTransID);
-
-#ifdef AEPRAND
-typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
-                               AEP_U32 Len,
-                               AEP_U32 Type,
-                               AEP_VOID_PTR pResult,
-                               AEP_TRANSACTION_ID *pidTransID);
-#endif
-
-typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
-typedef AEP_RV t_AEP_Finalize(void);
-typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)
-                                     (AEP_VOID_PTR ArbBigNum,
-                                      AEP_U32 *BigNumSize),
-                                    AEP_RV (*MakeAEPBigNumFunc) (AEP_VOID_PTR
-                                                                 ArbBigNum,
-                                                                 AEP_U32
-                                                                 BigNumSize,
-                                                                 unsigned char
-                                                                 *AEP_BigNum),
-                                    AEP_RV (*ConverAEPBigNumFunc) (void
-                                                                   *ArbBigNum,
-                                                                   AEP_U32
-                                                                   BigNumSize,
-                                                                   unsigned
-                                                                   char
-                                                                   *AEP_BigNum));
diff --git a/engines/vendor_defns/atalla.h b/engines/vendor_defns/atalla.h
deleted file mode 100644 (file)
index 60e7eda..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * This header declares the necessary definitions for using the
- * exponentiation acceleration capabilities of Atalla cards. The only
- * cryptographic operation is performed by "ASI_RSAPrivateKeyOpFn" and this
- * takes a structure that defines an "RSA private key". However, it is really
- * only performing a regular mod_exp using the supplied modulus and exponent
- * - no CRT form is being used. Hence, it is a generic mod_exp function in
- * disguise, and we use it as such. Thanks to the people at Atalla for
- * letting me know these definitions are fine and that they can be reproduced
- * here. Geoff.
- */
-
-typedef struct ItemStr {
-    unsigned char *data;
-    int len;
-} Item;
-
-typedef struct RSAPrivateKeyStr {
-    void *reserved;
-    Item version;
-    Item modulus;
-    Item publicExponent;
-    Item privateExponent;
-    Item prime[2];
-    Item exponent[2];
-    Item coefficient;
-} RSAPrivateKey;
-
-/*
- * Predeclare the function pointer types that we dynamically load from the
- * DSO. These use the same names and form that Ben's original support code
- * had (in crypto/bn/bn_exp.c) unless of course I've inadvertently changed
- * the style somewhere along the way!
- */
-
-typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
-                                            unsigned int *ret_buf);
-
-typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
-
-typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
-                                     unsigned char *output,
-                                     unsigned char *input,
-                                     unsigned int modulus_len);
diff --git a/engines/vendor_defns/cswift.h b/engines/vendor_defns/cswift.h
deleted file mode 100644 (file)
index a5af762..0000000
+++ /dev/null
@@ -1,223 +0,0 @@
-/*
- * Attribution notice: Rainbow have generously allowed me to reproduce the
- * necessary definitions here from their API. This means the support can
- * build independently of whether application builders have the API or
- * hardware. This will allow developers to easily produce software that has
- * latent hardware support for any users that have accelertors installed,
- * without the developers themselves needing anything extra. I have only
- * clipped the parts from the CryptoSwift header files that are (or seem)
- * relevant to the CryptoSwift support code. This is simply to keep the file
- * sizes reasonable. [Geoff]
- */
-
-/*
- * NB: These type widths do *not* seem right in general, in particular
- * they're not terribly friendly to 64-bit architectures (unsigned long) will
- * be 64-bit on IA-64 for a start. I'm leaving these alone as they agree with
- * Rainbow's API and this will only be called into question on platforms with
- * Rainbow support anyway! ;-)
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif                          /* __cplusplus */
-
-    typedef long SW_STATUS;     /* status */
-    typedef unsigned char SW_BYTE; /* 8 bit byte */
-    typedef unsigned short SW_U16; /* 16 bit number */
-#if defined(_IRIX)
-# include <sgidefs.h>
-    typedef __uint32_t SW_U32;
-#else
-    typedef unsigned long SW_U32; /* 32 bit integer */
-#endif
-
-#if defined(OPENSSL_SYS_WIN32)
-    typedef struct _SW_U64 {
-        SW_U32 low32;
-        SW_U32 high32;
-    } SW_U64;                   /* 64 bit integer */
-#else                           /* Unix variants */
-    typedef struct _SW_U64 {
-        SW_U32 low32;
-        SW_U32 high32;
-    } SW_U64;                   /* 64 bit integer */
-#endif
-
-/* status codes */
-#define SW_OK                 (0L)
-#define SW_ERR_BASE           (-10000L)
-#define SW_ERR_NO_CARD        (SW_ERR_BASE-1) /* The Card is not present */
-#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */
-    /*    up yet                 */
-#define SW_ERR_TIME_OUT       (SW_ERR_BASE-3) /* Execution of a command */
-    /*    time out               */
-#define SW_ERR_NO_EXECUTE     (SW_ERR_BASE-4) /* The Card failed to */
-    /*    execute the command    */
-#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */
-    /*    NULL                   */
-#define SW_ERR_INPUT_SIZE     (SW_ERR_BASE-6) /* size is invalid, too */
-    /*    small, too large.      */
-#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */
-    /*    handle                 */
-#define SW_ERR_PENDING        (SW_ERR_BASE-8) /* A request is already out- */
-    /*    standing at this       */
-    /*    context handle         */
-#define SW_ERR_AVAILABLE      (SW_ERR_BASE-9) /* A result is available.  */
-#define SW_ERR_NO_PENDING     (SW_ERR_BASE-10) /* No request is pending.  */
-#define SW_ERR_NO_MEMORY      (SW_ERR_BASE-11) /* Not enough memory */
-#define SW_ERR_BAD_ALGORITHM  (SW_ERR_BASE-12) /* Invalid algorithm type */
-    /*    in SW_PARAM structure  */
-#define SW_ERR_MISSING_KEY    (SW_ERR_BASE-13) /* No key is associated with */
-    /*    context.               */
-    /*    swAttachKeyParam() is  */
-    /*    not called.            */
-#define SW_ERR_KEY_CMD_MISMATCH \
-                              (SW_ERR_BASE-14) /* Cannot perform requested */
-    /*    SW_COMMAND_CODE since  */
-    /*    key attached via       */
-    /*    swAttachKeyParam()     */
-    /*    cannot be used for this */
-    /*    SW_COMMAND_CODE.       */
-#define SW_ERR_NOT_IMPLEMENTED \
-                              (SW_ERR_BASE-15) /* Not implemented */
-#define SW_ERR_BAD_COMMAND    (SW_ERR_BASE-16) /* Bad command code */
-#define SW_ERR_BAD_ITEM_SIZE  (SW_ERR_BASE-17) /* too small or too large in */
-    /*    the "initems" or       */
-    /*    "outitems".            */
-#define SW_ERR_BAD_ACCNUM     (SW_ERR_BASE-18) /* Bad accelerator number */
-#define SW_ERR_SELFTEST_FAIL  (SW_ERR_BASE-19) /* At least one of the self */
-    /*    test fail, look at the */
-    /*    selfTestBitmap in      */
-    /*    SW_ACCELERATOR_INFO for */
-    /*    details.               */
-#define SW_ERR_MISALIGN       (SW_ERR_BASE-20) /* Certain alogrithms require */
-    /*    key materials aligned  */
-    /*    in certain order, e.g. */
-    /*    128 bit for CRT        */
-#define SW_ERR_OUTPUT_NULL_PTR \
-                              (SW_ERR_BASE-21) /* a required pointer is */
-    /*    NULL                   */
-#define SW_ERR_OUTPUT_SIZE \
-                              (SW_ERR_BASE-22) /* size is invalid, too */
-    /*    small, too large.      */
-#define SW_ERR_FIRMWARE_CHECKSUM \
-                              (SW_ERR_BASE-23) /* firmware checksum mismatch */
-    /*    download failed.       */
-#define SW_ERR_UNKNOWN_FIRMWARE \
-                              (SW_ERR_BASE-24) /* unknown firmware error */
-#define SW_ERR_INTERRUPT      (SW_ERR_BASE-25) /* request is abort when */
-    /*    it's waiting to be     */
-    /*    completed.             */
-#define SW_ERR_NVWRITE_FAIL   (SW_ERR_BASE-26) /* error in writing to Non- */
-    /*    volatile memory        */
-#define SW_ERR_NVWRITE_RANGE  (SW_ERR_BASE-27) /* out of range error in */
-    /*    writing to NV memory   */
-#define SW_ERR_RNG_ERROR      (SW_ERR_BASE-28) /* Random Number Generation */
-    /*    failure                */
-#define SW_ERR_DSS_FAILURE    (SW_ERR_BASE-29) /* DSS Sign or Verify failure */
-#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30) /* Failure in various math */
-    /*    calculations           */
-#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31) /* Error in accessing on - */
-    /*    board memory           */
-#define SW_ERR_FIRMWARE_VERSION \
-                              (SW_ERR_BASE-32) /* Wrong version in firmware */
-    /*    update                 */
-#define SW_ERR_ZERO_WORKING_ACCELERATOR \
-                              (SW_ERR_BASE-44) /* All accelerators are bad */
-
-    /* algorithm type */
-#define SW_ALG_CRT          1
-#define SW_ALG_EXP          2
-#define SW_ALG_DSA          3
-#define SW_ALG_NVDATA       4
-
-    /* command code */
-#define SW_CMD_MODEXP_CRT   1   /* perform Modular Exponentiation using */
-    /*  Chinese Remainder Theorem (CRT)      */
-#define SW_CMD_MODEXP       2   /* perform Modular Exponentiation */
-#define SW_CMD_DSS_SIGN     3   /* perform DSS sign */
-#define SW_CMD_DSS_VERIFY   4   /* perform DSS verify */
-#define SW_CMD_RAND         5   /* perform random number generation */
-#define SW_CMD_NVREAD       6   /* perform read to nonvolatile RAM */
-#define SW_CMD_NVWRITE      7   /* perform write to nonvolatile RAM */
-
-    typedef SW_U32 SW_ALGTYPE;  /* alogrithm type */
-    typedef SW_U32 SW_STATE;    /* state */
-    typedef SW_U32 SW_COMMAND_CODE; /* command code */
-    typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */
-
-    typedef struct _SW_LARGENUMBER {
-        SW_U32 nbytes;          /* number of bytes in the buffer "value" */
-        SW_BYTE *value;         /* the large integer as a string of */
-        /*   bytes in network (big endian) order  */
-    } SW_LARGENUMBER;
-
-#if defined(OPENSSL_SYS_WIN32)
-# include <windows.h>
-    typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
-# define SW_OS_INVALID_HANDLE  INVALID_HANDLE_VALUE
-# define SW_CALLCONV _stdcall
-#else                           /* Unix variants */
-    typedef int SW_OSHANDLE;    /* handle to driver */
-# define SW_OS_INVALID_HANDLE  (-1)
-# define SW_CALLCONV
-#endif
-
-    typedef struct _SW_CRT {
-        SW_LARGENUMBER p;       /* prime number p */
-        SW_LARGENUMBER q;       /* prime number q */
-        SW_LARGENUMBER dmp1;    /* exponent1 */
-        SW_LARGENUMBER dmq1;    /* exponent2 */
-        SW_LARGENUMBER iqmp;    /* CRT coefficient */
-    } SW_CRT;
-
-    typedef struct _SW_EXP {
-        SW_LARGENUMBER modulus; /* modulus */
-        SW_LARGENUMBER exponent; /* exponent */
-    } SW_EXP;
-
-    typedef struct _SW_DSA {
-        SW_LARGENUMBER p;       /* */
-        SW_LARGENUMBER q;       /* */
-        SW_LARGENUMBER g;       /* */
-        SW_LARGENUMBER key;     /* private/public key */
-    } SW_DSA;
-
-    typedef struct _SW_NVDATA {
-        SW_U32 accnum;          /* accelerator board number */
-        SW_U32 offset;          /* offset in byte */
-    } SW_NVDATA;
-
-    typedef struct _SW_PARAM {
-        SW_ALGTYPE type;        /* type of the alogrithm */
-        union {
-            SW_CRT crt;
-            SW_EXP exp;
-            SW_DSA dsa;
-            SW_NVDATA nvdata;
-        } up;
-    } SW_PARAM;
-
-    typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
-
-    /*
-     * Now the OpenSSL bits, these function types are the for the function
-     * pointers that will bound into the Rainbow shared libraries.
-     */
-    typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE
-                                                        *hac);
-    typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
-                                                     SW_PARAM *key_params);
-    typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
-                                                    SW_COMMAND_CODE cmd,
-                                                    SW_LARGENUMBER pin[],
-                                                    SW_U32 pin_count,
-                                                    SW_LARGENUMBER pout[],
-                                                    SW_U32 pout_count);
-    typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE
-                                                        hac);
-
-#ifdef __cplusplus
-}
-#endif                          /* __cplusplus */
diff --git a/engines/vendor_defns/hw_4758_cca.h b/engines/vendor_defns/hw_4758_cca.h
deleted file mode 100644 (file)
index 235543a..0000000
+++ /dev/null
@@ -1,150 +0,0 @@
-/**********************************************************************/
-/*                                                                    */
-/*  Prototypes of the CCA verbs used by the 4758 CCA openssl driver   */
-/*                                                                    */
-/*  Maurice Gittens <maurice@gittens.nl>                              */
-/*                                                                    */
-/**********************************************************************/
-
-#ifndef __HW_4758_CCA__
-# define __HW_4758_CCA__
-
-/*
- *  Only WIN32 support for now
- */
-# if defined(WIN32)
-
-#  define CCA_LIB_NAME "CSUNSAPI"
-
-#  define CSNDPKX   "CSNDPKX_32"
-#  define CSNDKRR   "CSNDKRR_32"
-#  define CSNDPKE   "CSNDPKE_32"
-#  define CSNDPKD   "CSNDPKD_32"
-#  define CSNDDSV   "CSNDDSV_32"
-#  define CSNDDSG   "CSNDDSG_32"
-#  define CSNBRNG   "CSNBRNG_32"
-
-#  define SECURITYAPI __stdcall
-# else
-    /*
-     * Fixme!! Find out the values of these constants for other platforms.
-     */
-#  define CCA_LIB_NAME "CSUNSAPI"
-
-#  define CSNDPKX   "CSNDPKX"
-#  define CSNDKRR   "CSNDKRR"
-#  define CSNDPKE   "CSNDPKE"
-#  define CSNDPKD   "CSNDPKD"
-#  define CSNDDSV   "CSNDDSV"
-#  define CSNDDSG   "CSNDDSG"
-#  define CSNBRNG   "CSNBRNG"
-
-#  define SECURITYAPI
-# endif
-
-/*
- * security API prototypes
- */
-
-/* PKA Key Record Read */
-typedef void (SECURITYAPI * F_KEYRECORDREAD)
- (long *return_code,
-  long *reason_code,
-  long *exit_data_length,
-  unsigned char *exit_data,
-  long *rule_array_count,
-  unsigned char *rule_array,
-  unsigned char *key_label, long *key_token_length, unsigned char *key_token);
-
-/* Random Number Generate */
-typedef void (SECURITYAPI * F_RANDOMNUMBERGENERATE)
- (long *return_code,
-  long *reason_code,
-  long *exit_data_length,
-  unsigned char *exit_data,
-  unsigned char *form, unsigned char *random_number);
-
-/* Digital Signature Generate */
-typedef void (SECURITYAPI * F_DIGITALSIGNATUREGENERATE)
- (long *return_code,
-  long *reason_code,
-  long *exit_data_length,
-  unsigned char *exit_data,
-  long *rule_array_count,
-  unsigned char *rule_array,
-  long *PKA_private_key_id_length,
-  unsigned char *PKA_private_key_id,
-  long *hash_length,
-  unsigned char *hash,
-  long *signature_field_length,
-  long *signature_bit_length, unsigned char *signature_field);
-
-/* Digital Signature Verify */
-typedef void (SECURITYAPI * F_DIGITALSIGNATUREVERIFY) (long *return_code,
-                                                       long *reason_code,
-                                                       long *exit_data_length,
-                                                       unsigned char
-                                                       *exit_data,
-                                                       long *rule_array_count,
-                                                       unsigned char
-                                                       *rule_array,
-                                                       long
-                                                       *PKA_public_key_id_length,
-                                                       unsigned char
-                                                       *PKA_public_key_id,
-                                                       long *hash_length,
-                                                       unsigned char *hash,
-                                                       long
-                                                       *signature_field_length,
-                                                       unsigned char
-                                                       *signature_field);
-
-/* PKA Public Key Extract */
-typedef void (SECURITYAPI * F_PUBLICKEYEXTRACT) (long *return_code,
-                                                 long *reason_code,
-                                                 long *exit_data_length,
-                                                 unsigned char *exit_data,
-                                                 long *rule_array_count,
-                                                 unsigned char *rule_array,
-                                                 long
-                                                 *source_key_identifier_length,
-                                                 unsigned char
-                                                 *source_key_identifier,
-                                                 long
-                                                 *target_key_token_length,
-                                                 unsigned char
-                                                 *target_key_token);
-
-/* PKA Encrypt */
-typedef void (SECURITYAPI * F_PKAENCRYPT)
- (long *return_code,
-  long *reason_code,
-  long *exit_data_length,
-  unsigned char *exit_data,
-  long *rule_array_count,
-  unsigned char *rule_array,
-  long *key_value_length,
-  unsigned char *key_value,
-  long *data_struct_length,
-  unsigned char *data_struct,
-  long *RSA_public_key_length,
-  unsigned char *RSA_public_key,
-  long *RSA_encipher_length, unsigned char *RSA_encipher);
-
-/* PKA Decrypt */
-typedef void (SECURITYAPI * F_PKADECRYPT)
- (long *return_code,
-  long *reason_code,
-  long *exit_data_length,
-  unsigned char *exit_data,
-  long *rule_array_count,
-  unsigned char *rule_array,
-  long *enciphered_key_length,
-  unsigned char *enciphered_key,
-  long *data_struct_length,
-  unsigned char *data_struct,
-  long *RSA_private_key_length,
-  unsigned char *RSA_private_key,
-  long *key_value_length, unsigned char *key_value);
-
-#endif
diff --git a/engines/vendor_defns/sureware.h b/engines/vendor_defns/sureware.h
deleted file mode 100644 (file)
index b1423e1..0000000
+++ /dev/null
@@ -1,250 +0,0 @@
-/*-
- * Written by Corinne Dive-Reclus(cdive@baltimore.com)
- *
- * Copyright@2001 Baltimore Technologies Ltd.
- *
- * THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef WIN32
-# define SW_EXPORT       __declspec ( dllexport )
-#else
-# define SW_EXPORT
-#endif
-
-/*
- *       List of exposed SureWare errors
- */
-#define SUREWAREHOOK_ERROR_FAILED               -1
-#define SUREWAREHOOK_ERROR_FALLBACK             -2
-#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
-#define SUREWAREHOOK_ERROR_DATA_SIZE -4
-#define SUREWAREHOOK_ERROR_INVALID_PAD -5
-/*-
-* -----------------WARNING-----------------------------------
-* In all the following functions:
-* msg is a string with at least 24 bytes free.
-* A 24 bytes string will be concatenated to the existing content of msg.
-*/
-/*-
-*       SureWare Initialisation function
-*       in param threadsafe, if !=0, thread safe enabled
-*       return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
-*/
-typedef int SureWareHook_Init_t(char *const msg, int threadsafe);
-extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
-/*-
-*       SureWare Finish function
-*/
-typedef void SureWareHook_Finish_t(void);
-extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
-/*-
-*        PRE_CONDITION:
-*               DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
-*/
-/*-
-*       SureWare RAND Bytes function
-*       In case of failure, the content of buf is unpredictable.
-*       return 1 if success
-*                       SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*       in/out param buf : a num bytes long buffer where random bytes will be put
-*       in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Bytes_t(char *const msg, unsigned char *buf,
-                                      int num);
-extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
-
-/*-
-*       SureWare RAND Seed function
-*       Adds some seed to the Hardware Random Number Generator
-*       return 1 if success
-*                       SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*       in param buf : the seed to add into the HRNG
-*       in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Seed_t(char *const msg, const void *buf,
-                                     int num);
-extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
-
-/*-
-*       SureWare Load Private Key function
-*       return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*       No hardware is contact for this function.
-*
-*       in param key_id :the name of the private protected key file without the extension
-                                                ".sws"
-*       out param hptr : a pointer to a buffer allocated by SureWare_Hook
-*       out param num: the effective key length in bytes
-*       out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Load_Privkey_t(char *const msg, const char *key_id,
-                                        char **hptr, unsigned long *num,
-                                        char *keytype);
-extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
-
-/*-
-*       SureWare Info Public Key function
-*       return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*       No hardware is contact for this function.
-*
-*       in param key_id :the name of the private protected key file without the extension
-                                                ".swp"
-*       out param hptr : a pointer to a buffer allocated by SureWare_Hook
-*       out param num: the effective key length in bytes
-*       out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Info_Pubkey_t(char *const msg, const char *key_id,
-                                       unsigned long *num, char *keytype);
-extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
-
-/*-
-*       SureWare Load Public Key function
-*       return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*       No hardware is contact for this function.
-*
-*       in param key_id :the name of the public protected key file without the extension
-                                                ".swp"
-*       in param num : the bytes size of n and e
-*       out param n: where to write modulus in bn format
-*       out param e: where to write exponent in bn format
-*/
-typedef int SureWareHook_Load_Rsa_Pubkey_t(char *const msg,
-                                           const char *key_id,
-                                           unsigned long num,
-                                           unsigned long *n,
-                                           unsigned long *e);
-extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
-
-/*-
-*       SureWare Load DSA Public Key function
-*       return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*       No hardware is contact for this function.
-*
-*       in param key_id :the name of the public protected key file without the extension
-                                                ".swp"
-*       in param num : the bytes size of n and e
-*       out param pub: where to write pub key in bn format
-*       out param p: where to write prime in bn format
-*       out param q: where to write sunprime (length 20 bytes) in bn format
-*       out param g: where to write base in bn format
-*/
-typedef int SureWareHook_Load_Dsa_Pubkey_t(char *const msg,
-                                           const char *key_id,
-                                           unsigned long num,
-                                           unsigned long *pub,
-                                           unsigned long *p, unsigned long *q,
-                                           unsigned long *g);
-extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
-
-/*-
-*       SureWare Free function
-*       Destroy the key into the hardware if destroy==1
-*/
-typedef void SureWareHook_Free_t(char *p, int destroy);
-extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
-
-#define SUREWARE_PKCS1_PAD 1
-#define SUREWARE_ISO9796_PAD 2
-#define SUREWARE_NO_PAD 0
-/*-
-* SureWare RSA Private Decryption
-* return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*       in param flen : byte size of from and to
-*       in param from : encrypted data buffer, should be a not-null valid pointer
-*       out param tlen: byte size of decrypted data, if error, unexpected value
-*       out param to : decrypted data buffer, should be a not-null valid pointer
-*   in param prsa: a protected key pointer, should be a not-null valid pointer
-*   int padding: padding id as follow
-*                                       SUREWARE_PKCS1_PAD
-*                                       SUREWARE_NO_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Priv_Dec_t(char *const msg, int flen,
-                                        unsigned char *from, int *tlen,
-                                        unsigned char *to, char *prsa,
-                                        int padding);
-extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
-/*-
-* SureWare RSA Signature
-* return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*       in param flen : byte size of from and to
-*       in param from : encrypted data buffer, should be a not-null valid pointer
-*       out param tlen: byte size of decrypted data, if error, unexpected value
-*       out param to : decrypted data buffer, should be a not-null valid pointer
-*   in param prsa: a protected key pointer, should be a not-null valid pointer
-*   int padding: padding id as follow
-*                                       SUREWARE_PKCS1_PAD
-*                                       SUREWARE_ISO9796_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Sign_t(char *const msg, int flen,
-                                    unsigned char *from, int *tlen,
-                                    unsigned char *to, char *prsa,
-                                    int padding);
-extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
-/*-
-* SureWare DSA Signature
-* return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*       in param flen : byte size of from and to
-*       in param from : encrypted data buffer, should be a not-null valid pointer
-*       out param to : decrypted data buffer, should be a 40bytes valid pointer
-*   in param pdsa: a protected key pointer, should be a not-null valid pointer
-*
-*/
-typedef int SureWareHook_Dsa_Sign_t(char *const msg, int flen,
-                                    const unsigned char *from,
-                                    unsigned long *r, unsigned long *s,
-                                    char *pdsa);
-extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
-
-/*-
-* SureWare Mod Exp
-* return 1 if success
-*                       SureWareHOOK_ERROR_FAILED if error while processing
-*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-*       mod and res are mlen bytes long.
-*       exp is elen bytes long
-*       data is dlen bytes long
-*       mlen,elen and dlen are all multiple of sizeof(unsigned long)
-*/
-typedef int SureWareHook_Mod_Exp_t(char *const msg, int mlen,
-                                   const unsigned long *mod, int elen,
-                                   const unsigned long *exponent, int dlen,
-                                   unsigned long *data, unsigned long *res);
-extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;