X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fengine%2Fhw_ncipher.c;h=792893a2fdda55c9485a8cfb95c68cb2b7dc5b71;hp=3e4ec44e86038da0e717c253e2f29eb59bd2017b;hb=59bc3126c5434970844b37c042852ec7aadc2a53;hpb=10e473e93003cf204fb06ee9ebc32aeca3430794 diff --git a/crypto/engine/hw_ncipher.c b/crypto/engine/hw_ncipher.c index 3e4ec44e86..792893a2fd 100644 --- a/crypto/engine/hw_ncipher.c +++ b/crypto/engine/hw_ncipher.c @@ -62,11 +62,10 @@ #include #include "cryptlib.h" #include -#include "engine_int.h" #include -#ifndef NO_HW -#ifndef NO_HW_NCIPHER +#ifndef OPENSSL_NO_HW +#ifndef OPENSSL_NO_HW_NCIPHER /* Attribution notice: nCipher have said several times that it's OK for * us to implement a general interface to their boxes, and recently declared @@ -82,9 +81,9 @@ #include "vendor_defns/hwcryptohook.h" #endif -static int hwcrhk_init(void); -static int hwcrhk_finish(void); -static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()); +static int hwcrhk_init(ENGINE *e); +static int hwcrhk_finish(ENGINE *e); +static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); /* Functions to handle mutexes */ static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*); @@ -104,17 +103,18 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* RAND stuff */ static int hwcrhk_rand_bytes(unsigned char *buf, int num); static int hwcrhk_rand_status(void); /* KM stuff */ -static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, +static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, const char *passphrase); -static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, +static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, const char *passphrase); static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int ind,long argl, void *argp); @@ -168,26 +168,9 @@ static RAND_METHOD hwcrhk_rand = hwcrhk_rand_status, }; -/* Our ENGINE structure. */ -static ENGINE engine_hwcrhk = - { - "chil", - "nCipher hardware engine support", - &hwcrhk_rsa, - NULL, - &hwcrhk_dh, - &hwcrhk_rand, - hwcrhk_mod_exp, - NULL, - hwcrhk_init, - hwcrhk_finish, - hwcrhk_ctrl, - hwcrhk_load_privkey, - hwcrhk_load_pubkey, - 0, /* no flags */ - 0, 0, /* no references */ - NULL, NULL /* unlinked */ - }; +/* Constants used when creating the ENGINE */ +static const char *engine_hwcrhk_id = "chil"; +static const char *engine_hwcrhk_name = "nCipher hardware engine support"; /* Internal stuff for HWCryptoHook */ @@ -291,8 +274,26 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { * (indeed - the lock will already be held by our caller!!!) */ ENGINE *ENGINE_ncipher() { - RSA_METHOD *meth1; - DH_METHOD *meth2; + const RSA_METHOD *meth1; + const DH_METHOD *meth2; + ENGINE *ret = ENGINE_new(); + if(!ret) + return NULL; + if(!ENGINE_set_id(ret, engine_hwcrhk_id) || + !ENGINE_set_name(ret, engine_hwcrhk_name) || + !ENGINE_set_RSA(ret, &hwcrhk_rsa) || + !ENGINE_set_DH(ret, &hwcrhk_dh) || + !ENGINE_set_RAND(ret, &hwcrhk_rand) || + !ENGINE_set_BN_mod_exp(ret, hwcrhk_mod_exp) || + !ENGINE_set_init_function(ret, hwcrhk_init) || + !ENGINE_set_finish_function(ret, hwcrhk_finish) || + !ENGINE_set_ctrl_function(ret, hwcrhk_ctrl) || + !ENGINE_set_load_privkey_function(ret, hwcrhk_load_privkey) || + !ENGINE_set_load_pubkey_function(ret, hwcrhk_load_pubkey)) + { + ENGINE_free(ret); + return NULL; + } /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -311,7 +312,7 @@ ENGINE *ENGINE_ncipher() meth2 = DH_OpenSSL(); hwcrhk_dh.generate_key = meth2->generate_key; hwcrhk_dh.compute_key = meth2->compute_key; - return &engine_hwcrhk; + return ret; } /* This is a process-global DSO handle used for loading and unloading @@ -375,7 +376,7 @@ static void release_context(HWCryptoHook_ContextHandle hac) } /* (de)initialisation functions. */ -static int hwcrhk_init() +static int hwcrhk_init(ENGINE *e) { HWCryptoHook_Init_t *p1; HWCryptoHook_Finish_t *p2; @@ -474,7 +475,7 @@ err: return 0; } -static int hwcrhk_finish() +static int hwcrhk_finish(ENGINE *e) { int to_return = 1; if(hwcrhk_dso == NULL) @@ -506,7 +507,7 @@ static int hwcrhk_finish() return to_return; } -static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()) +static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()) { int to_return = 1; @@ -568,7 +569,7 @@ static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()) return to_return; } -static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, +static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, const char *passphrase) { RSA *rtmp = NULL; @@ -604,7 +605,7 @@ static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, ENGINE_R_NO_KEY); goto err; } - rtmp = RSA_new_method(&engine_hwcrhk); + rtmp = RSA_new_method(eng); RSA_set_ex_data(rtmp, hndidx, (char *)hptr); rtmp->e = BN_new(); rtmp->n = BN_new(); @@ -648,9 +649,10 @@ static EVP_PKEY *hwcrhk_load_privkey(const char *key_id, return NULL; } -static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase) +static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, + const char *passphrase) { - EVP_PKEY *res = hwcrhk_load_privkey(key_id, passphrase); + EVP_PKEY *res = hwcrhk_load_privkey(eng, key_id, passphrase); if (res) switch(res->type) @@ -860,7 +862,8 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); @@ -1014,5 +1017,5 @@ static void hwcrhk_log_message(void *logstr, const char *message) CRYPTO_w_unlock(CRYPTO_LOCK_BIO); } -#endif /* !NO_HW_NCIPHER */ -#endif /* !NO_HW */ +#endif /* !OPENSSL_NO_HW_NCIPHER */ +#endif /* !OPENSSL_NO_HW */