appropriate code if any of them is defined.
#define HEADER_ENGINE_H
#include <openssl/bn.h>
+#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
+#endif
#include <openssl/rand.h>
#include <openssl/evp.h>
#include <openssl/symhacks.h>
extern "C" {
#endif
+/* Fixups for missing algorithms */
+#ifdef OPENSSL_NO_RSA
+typedef void RSA_METHOD;
+#endif
+#ifdef OPENSSL_NO_DSA
+typedef void DSA_METHOD;
+#endif
+#ifdef OPENSSL_NO_DH
+typedef void DH_METHOD;
+#endif
+
/* These flags are used to control combinations of algorithm (methods)
* by bitwise "OR"ing. */
#define ENGINE_METHOD_RSA (unsigned int)0x0001
#define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
#define ENGINE_F_ENGINE_FINISH 107
#define ENGINE_F_ENGINE_FREE 108
+#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
#define ENGINE_F_ENGINE_GET_NEXT 115
#define ENGINE_F_ENGINE_GET_PREV 116
#define ENGINE_F_ENGINE_INIT 119
#define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
#define ENGINE_R_CONFLICTING_ENGINE_ID 103
#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
+#define ENGINE_R_DH_NOT_IMPLEMENTED 139
+#define ENGINE_R_DSA_NOT_IMPLEMENTED 140
#define ENGINE_R_DSO_FAILURE 104
#define ENGINE_R_DSO_FUNCTION_NOT_FOUND 131
#define ENGINE_R_DSO_NOT_FOUND 132
#define ENGINE_R_NO_REFERENCE 130
#define ENGINE_R_NO_SUCH_ENGINE 116
#define ENGINE_R_NO_UNLOAD_FUNCTION 126
+#define ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED 142
#define ENGINE_R_PROVIDE_PARAMETERS 113
#define ENGINE_R_REQUEST_FAILED 114
#define ENGINE_R_REQUEST_FALLBACK 118
+#define ENGINE_R_RSA_NOT_IMPLEMENTED 141
#define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 122
#define ENGINE_R_UNIT_FAILURE 115
{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0), "ENGINE_ctrl_cmd_string"},
{ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0), "ENGINE_finish"},
{ERR_PACK(0,ENGINE_F_ENGINE_FREE,0), "ENGINE_free"},
+{ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0), "ENGINE_GET_DEFAULT_TYPE"},
{ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0), "ENGINE_get_next"},
{ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0), "ENGINE_get_prev"},
{ERR_PACK(0,ENGINE_F_ENGINE_INIT,0), "ENGINE_init"},
{ENGINE_R_COMMAND_TAKES_NO_INPUT ,"command takes no input"},
{ENGINE_R_CONFLICTING_ENGINE_ID ,"conflicting engine id"},
{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
+{ENGINE_R_DH_NOT_IMPLEMENTED ,"dh not implemented"},
+{ENGINE_R_DSA_NOT_IMPLEMENTED ,"dsa not implemented"},
{ENGINE_R_DSO_FAILURE ,"DSO failure"},
{ENGINE_R_DSO_FUNCTION_NOT_FOUND ,"dso function not found"},
{ENGINE_R_DSO_NOT_FOUND ,"dso not found"},
{ENGINE_R_NO_REFERENCE ,"no reference"},
{ENGINE_R_NO_SUCH_ENGINE ,"no such engine"},
{ENGINE_R_NO_UNLOAD_FUNCTION ,"no unload function"},
+{ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
{ENGINE_R_PROVIDE_PARAMETERS ,"provide parameters"},
{ENGINE_R_REQUEST_FAILED ,"request failed"},
{ENGINE_R_REQUEST_FALLBACK ,"request fallback"},
+{ENGINE_R_RSA_NOT_IMPLEMENTED ,"rsa not implemented"},
{ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"},
{ENGINE_R_UNIT_FAILURE ,"unit failure"},
{0,NULL}
* reference and the caller is responsible for freeing that when they
* are finished with it (with a call to ENGINE_finish() *NOT* just
* ENGINE_free()!!!!!!). */
+#ifndef OPENSSL_NO_RSA
static ENGINE *engine_def_rsa = NULL;
+#endif
+#ifndef OPENSSL_NO_DSA
static ENGINE *engine_def_dsa = NULL;
+#endif
+#ifndef OPENSSL_NO_DH
static ENGINE *engine_def_dh = NULL;
+#endif
static ENGINE *engine_def_rand = NULL;
static ENGINE *engine_def_bn_mod_exp = NULL;
static ENGINE *engine_def_bn_mod_exp_crt = NULL;
goto skip_set_defaults;
/* OK, we got a functional reference, so we get one each
* for the defaults too. */
+#ifndef OPENSSL_NO_RSA
engine_def_check_util(&engine_def_rsa, e);
+#endif
+#ifndef OPENSSL_NO_RSA
engine_def_check_util(&engine_def_dsa, e);
+#endif
+#ifndef OPENSSL_NO_DH
engine_def_check_util(&engine_def_dh, e);
+#endif
engine_def_check_util(&engine_def_rand, e);
engine_def_check_util(&engine_def_bn_mod_exp, e);
engine_def_check_util(&engine_def_bn_mod_exp_crt, e);
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
switch(t)
{
+#ifndef OPENSSL_NO_RSA
case ENGINE_TYPE_RSA:
ret = engine_def_rsa; break;
+#endif
+#ifndef OPENSSL_NO_DSA
case ENGINE_TYPE_DSA:
ret = engine_def_dsa; break;
+#endif
+#ifndef OPENSSL_NO_DH
case ENGINE_TYPE_DH:
ret = engine_def_dh; break;
+#endif
case ENGINE_TYPE_RAND:
ret = engine_def_rand; break;
case ENGINE_TYPE_BN_MOD_EXP:
return ret;
}
+#ifndef OPENSSL_NO_RSA
ENGINE *ENGINE_get_default_RSA(void)
{
return engine_get_default_type(ENGINE_TYPE_RSA);
}
+#endif
+#ifndef OPENSSL_NO_DSA
ENGINE *ENGINE_get_default_DSA(void)
{
return engine_get_default_type(ENGINE_TYPE_DSA);
}
+#endif
+#ifndef OPENSSL_NO_DH
ENGINE *ENGINE_get_default_DH(void)
{
return engine_get_default_type(ENGINE_TYPE_DH);
}
+#endif
ENGINE *ENGINE_get_default_RAND(void)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
switch(t)
{
+#ifndef OPENSSL_NO_RSA
case ENGINE_TYPE_RSA:
old = engine_def_rsa;
engine_def_rsa = e; break;
+#endif
+#ifndef OPENSSL_NO_DSA
case ENGINE_TYPE_DSA:
old = engine_def_dsa;
engine_def_dsa = e; break;
+#endif
+#ifndef OPENSSL_NO_DH
case ENGINE_TYPE_DH:
old = engine_def_dh;
engine_def_dh = e; break;
+#endif
case ENGINE_TYPE_RAND:
old = engine_def_rand;
engine_def_rand = e; break;
return 1;
}
+#ifndef OPENSSL_NO_RSA
int ENGINE_set_default_RSA(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_RSA, e);
}
+#endif
+#ifndef OPENSSL_NO_DSA
int ENGINE_set_default_DSA(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_DSA, e);
}
+#endif
+#ifndef OPENSSL_NO_DH
int ENGINE_set_default_DH(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_DH, e);
}
+#endif
int ENGINE_set_default_RAND(ENGINE *e)
{
int ENGINE_set_default(ENGINE *e, unsigned int flags)
{
+#ifndef OPENSSL_NO_RSA
if((flags & ENGINE_METHOD_RSA) && e->rsa_meth &&
!ENGINE_set_default_RSA(e))
return 0;
+#endif
+#ifndef OPENSSL_NO_DSA
if((flags & ENGINE_METHOD_DSA) && e->dsa_meth &&
!ENGINE_set_default_DSA(e))
return 0;
+#endif
+#ifndef OPENSSL_NO_DH
if((flags & ENGINE_METHOD_DH) && e->dh_meth &&
!ENGINE_set_default_DH(e))
return 0;
+#endif
if((flags & ENGINE_METHOD_RAND) && e->rand_meth &&
!ENGINE_set_default_RAND(e))
return 0;
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
{
+#ifndef OPENSSL_NO_RSA
e->rsa_meth = rsa_meth;
return 1;
+#else
+ return 0;
+#endif
}
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
{
+#ifndef OPENSSL_NO_DSA
e->dsa_meth = dsa_meth;
return 1;
+#else
+ return 0;
+#endif
}
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
{
+#ifndef OPENSSL_NO_DH
e->dh_meth = dh_meth;
return 1;
+#else
+ return 0;
+#endif
}
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
{
if(ENGINE_set_id(dest, ENGINE_get_id(src)) &&
ENGINE_set_name(dest, ENGINE_get_name(src)) &&
+#ifndef OPENSSL_NO_RSA
ENGINE_set_RSA(dest, ENGINE_get_RSA(src)) &&
+#endif
+#ifndef OPENSSL_NO_RSA
ENGINE_set_DSA(dest, ENGINE_get_DSA(src)) &&
+#endif
+#ifndef OPENSSL_NO_RSA
ENGINE_set_DH(dest, ENGINE_get_DH(src)) &&
+#endif
ENGINE_set_RAND(dest, ENGINE_get_RAND(src)) &&
ENGINE_set_BN_mod_exp(dest,
ENGINE_get_BN_mod_exp(src)) &&
#include "cryptlib.h"
#include <openssl/engine.h>
#include <openssl/dso.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/dh.h>
-#include <openssl/rand.h>
-#include <openssl/bn.h>
/* This is the only function we need to implement as OpenSSL
* doesn't have a native CRT mod_exp. Perhaps this should be
return NULL;
if(!ENGINE_set_id(ret, engine_openssl_id) ||
!ENGINE_set_name(ret, engine_openssl_name) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, RSA_get_default_openssl_method()) ||
+#endif
+#ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(ret, DSA_get_default_openssl_method()) ||
+#endif
+#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, DH_get_default_openssl_method()) ||
+#endif
!ENGINE_set_RAND(ret, RAND_SSLeay()) ||
!ENGINE_set_BN_mod_exp(ret, BN_mod_exp) ||
!ENGINE_set_BN_mod_exp_crt(ret, openssl_mod_exp_crt))
static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
/* RSA stuff */
static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#ifndef OPENSSL_NO_DSA
/* DSA stuff */
static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx);
+#endif
+#ifndef OPENSSL_NO_DH
/* DH stuff */
/* This function is alised to mod_exp (with the DH and mont dropped). */
static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
/* The definitions for control commands specific to this engine */
#define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE
{0, NULL, NULL, 0}
};
+#ifndef OPENSSL_NO_RSA
/* Our internal RSA_METHOD that we provide pointers to */
static RSA_METHOD atalla_rsa =
{
NULL,
NULL
};
+#endif
+#ifndef OPENSSL_NO_DSA
/* Our internal DSA_METHOD that we provide pointers to */
static DSA_METHOD atalla_dsa =
{
0, /* flags */
NULL /* app_data */
};
+#endif
+#ifndef OPENSSL_NO_DH
/* Our internal DH_METHOD that we provide pointers to */
static DH_METHOD atalla_dh =
{
0,
NULL
};
+#endif
/* Constants used when creating the ENGINE */
static const char *engine_atalla_id = "atalla";
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_atalla()
{
+#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DSA
const DSA_METHOD *meth2;
+#endif
+#ifndef OPENSSL_NO_DH
const DH_METHOD *meth3;
+#endif
ENGINE *ret = ENGINE_new();
if(!ret)
return NULL;
if(!ENGINE_set_id(ret, engine_atalla_id) ||
!ENGINE_set_name(ret, engine_atalla_name) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, &atalla_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(ret, &atalla_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, &atalla_dh) ||
+#endif
!ENGINE_set_BN_mod_exp(ret, atalla_mod_exp) ||
!ENGINE_set_init_function(ret, atalla_init) ||
!ENGINE_set_finish_function(ret, atalla_finish) ||
return NULL;
}
+#ifndef OPENSSL_NO_RSA
/* We know that the "PKCS1_SSLeay()" functions hook properly
* to the atalla-specific mod_exp and mod_exp_crt so we use
* those functions. NB: We don't use ENGINE_openssl() or
atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#endif
+#ifndef OPENSSL_NO_DSA
/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
* bits. */
meth2 = DSA_OpenSSL();
atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
+#endif
+#ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth3 = DH_OpenSSL();
atalla_dh.generate_key = meth3->generate_key;
atalla_dh.compute_key = meth3->compute_key;
+#endif
return ret;
}
ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
goto err;
}
+
/* Convert the response */
BN_bin2bn((unsigned char *)result->d, numbytes, r);
to_return = 1;
return to_return;
}
+#ifndef OPENSSL_NO_RSA
static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
{
BN_CTX *ctx = NULL;
BN_CTX_free(ctx);
return to_return;
}
+#endif
+#ifndef OPENSSL_NO_DSA
/* This code was liberated and adapted from the commented-out code in
* dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
* (it doesn't have a CRT form for RSA), this function means that an
return to_return;
}
-
static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
return atalla_mod_exp(r, a, p, m, ctx);
}
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return atalla_mod_exp(r, a, p, m, ctx);
}
+#ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
{
return atalla_mod_exp(r, a, p, m, ctx);
}
+#endif
#endif /* !OPENSSL_NO_HW_ATALLA */
#endif /* !OPENSSL_NO_HW */
const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
const BIGNUM *iqmp, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
/* RSA stuff */
static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#ifndef OPENSSL_NO_DSA
/* DSA stuff */
static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
DSA_SIG *sig, DSA *dsa);
+#endif
+#ifndef OPENSSL_NO_DH
/* DH stuff */
/* This function is alised to mod_exp (with the DH and mont dropped). */
static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
/* The definitions for control commands specific to this engine */
#define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE
{0, NULL, NULL, 0}
};
+#ifndef OPENSSL_NO_RSA
/* Our internal RSA_METHOD that we provide pointers to */
static RSA_METHOD cswift_rsa =
{
NULL,
NULL
};
+#endif
+#ifndef OPENSSL_NO_DSA
/* Our internal DSA_METHOD that we provide pointers to */
static DSA_METHOD cswift_dsa =
{
0, /* flags */
NULL /* app_data */
};
+#endif
+#ifndef OPENSSL_NO_DH
/* Our internal DH_METHOD that we provide pointers to */
static DH_METHOD cswift_dh =
{
0,
NULL
};
+#endif
/* Constants used when creating the ENGINE */
static const char *engine_cswift_id = "cswift";
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_cswift()
{
+#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DH
const DH_METHOD *meth2;
+#endif
ENGINE *ret = ENGINE_new();
if(!ret)
return NULL;
if(!ENGINE_set_id(ret, engine_cswift_id) ||
!ENGINE_set_name(ret, engine_cswift_name) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, &cswift_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(ret, &cswift_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, &cswift_dh) ||
+#endif
!ENGINE_set_BN_mod_exp(ret, &cswift_mod_exp) ||
!ENGINE_set_BN_mod_exp_crt(ret, &cswift_mod_exp_crt) ||
!ENGINE_set_init_function(ret, cswift_init) ||
return NULL;
}
+#ifndef OPENSSL_NO_RSA
/* We know that the "PKCS1_SSLeay()" functions hook properly
* to the cswift-specific mod_exp and mod_exp_crt so we use
* those functions. NB: We don't use ENGINE_openssl() or
cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#endif
+#ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth2 = DH_OpenSSL();
cswift_dh.generate_key = meth2->generate_key;
cswift_dh.compute_key = meth2->compute_key;
+#endif
return ret;
}
return to_return;
}
+#ifndef OPENSSL_NO_RSA
static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
{
BN_CTX *ctx;
BN_CTX_free(ctx);
return to_return;
}
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return cswift_mod_exp(r, a, p, m, ctx);
}
+#ifndef OPENSSL_NO_DSA
static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
SW_CONTEXT_HANDLE hac;
}
return to_return;
}
+#endif
+#ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
{
return cswift_mod_exp(r, a, p, m, ctx);
}
+#endif
#endif /* !OPENSSL_NO_HW_CSWIFT */
#endif /* !OPENSSL_NO_HW */
static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
/* RSA stuff */
static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa);
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
{0, NULL, NULL, 0}
};
+#ifndef OPENSSL_NO_RSA
/* Our internal RSA_METHOD that we provide pointers to */
static RSA_METHOD hwcrhk_rsa =
{
NULL,
NULL
};
+#endif
+#ifndef OPENSSL_NO_DH
/* Our internal DH_METHOD that we provide pointers to */
static DH_METHOD hwcrhk_dh =
{
0,
NULL
};
+#endif
static RAND_METHOD hwcrhk_rand =
{
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_ncipher()
{
+#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DH
const DH_METHOD *meth2;
+#endif
ENGINE *ret = ENGINE_new();
if(!ret)
return NULL;
if(!ENGINE_set_id(ret, engine_hwcrhk_id) ||
!ENGINE_set_name(ret, engine_hwcrhk_name) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, &hwcrhk_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, &hwcrhk_dh) ||
+#endif
!ENGINE_set_RAND(ret, &hwcrhk_rand) ||
!ENGINE_set_BN_mod_exp(ret, hwcrhk_mod_exp) ||
!ENGINE_set_init_function(ret, hwcrhk_init) ||
return NULL;
}
+#ifndef OPENSSL_NO_RSA
/* We know that the "PKCS1_SSLeay()" functions hook properly
* to the cswift-specific mod_exp and mod_exp_crt so we use
* those functions. NB: We don't use ENGINE_openssl() or
hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#endif
+#ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth2 = DH_OpenSSL();
hwcrhk_dh.generate_key = meth2->generate_key;
hwcrhk_dh.compute_key = meth2->compute_key;
+#endif
return ret;
}
* implicitly. */
static DSO *hwcrhk_dso = NULL;
static HWCryptoHook_ContextHandle hwcrhk_context = 0;
-static int hndidx = -1; /* Index for KM handle. Not really used yet. */
+#ifndef OPENSSL_NO_RSA
+static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */
+#endif
/* These are the function pointers that are (un)set when the library has
* successfully (un)loaded. */
static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
+#ifndef OPENSSL_NO_RSA
static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
+#endif
static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
+#ifndef OPENSSL_NO_RSA
static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
+#endif
static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
/* Used in the DSO operations. */
static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
+#ifndef OPENSSL_NO_RSA
static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
+#endif
static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
+#ifndef OPENSSL_NO_RSA
static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
+#endif
static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
/* HWCryptoHook library functions and mechanics - these are used by the
HWCryptoHook_Init_t *p1;
HWCryptoHook_Finish_t *p2;
HWCryptoHook_ModExp_t *p3;
+#ifndef OPENSSL_NO_RSA
HWCryptoHook_RSA_t *p4;
HWCryptoHook_RSALoadKey_t *p5;
HWCryptoHook_RSAGetPublicKey_t *p6;
HWCryptoHook_RSAUnloadKey_t *p7;
+#endif
HWCryptoHook_RandomBytes_t *p8;
HWCryptoHook_ModExpCRT_t *p9;
DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
!(p3 = (HWCryptoHook_ModExp_t *)
DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
+#ifndef OPENSSL_NO_RSA
!(p4 = (HWCryptoHook_RSA_t *)
DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
!(p5 = (HWCryptoHook_RSALoadKey_t *)
DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
!(p7 = (HWCryptoHook_RSAUnloadKey_t *)
DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
+#endif
!(p8 = (HWCryptoHook_RandomBytes_t *)
DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
!(p9 = (HWCryptoHook_ModExpCRT_t *)
p_hwcrhk_Init = p1;
p_hwcrhk_Finish = p2;
p_hwcrhk_ModExp = p3;
+#ifndef OPENSSL_NO_RSA
p_hwcrhk_RSA = p4;
p_hwcrhk_RSALoadKey = p5;
p_hwcrhk_RSAGetPublicKey = p6;
p_hwcrhk_RSAUnloadKey = p7;
+#endif
p_hwcrhk_RandomBytes = p8;
p_hwcrhk_ModExpCRT = p9;
goto err;
}
/* Everything's fine. */
- if (hndidx == -1)
- hndidx = RSA_get_ex_new_index(0,
+#ifndef OPENSSL_NO_RSA
+ if (hndidx_rsa == -1)
+ hndidx_rsa = RSA_get_ex_new_index(0,
"nFast HWCryptoHook RSA key handle",
NULL, NULL, hwcrhk_ex_free);
+#endif
return 1;
err:
if(hwcrhk_dso)
p_hwcrhk_Init = NULL;
p_hwcrhk_Finish = NULL;
p_hwcrhk_ModExp = NULL;
+#ifndef OPENSSL_NO_RSA
p_hwcrhk_RSA = NULL;
p_hwcrhk_RSALoadKey = NULL;
p_hwcrhk_RSAGetPublicKey = NULL;
p_hwcrhk_RSAUnloadKey = NULL;
+#endif
p_hwcrhk_ModExpCRT = NULL;
p_hwcrhk_RandomBytes = NULL;
return 0;
p_hwcrhk_Init = NULL;
p_hwcrhk_Finish = NULL;
p_hwcrhk_ModExp = NULL;
+#ifndef OPENSSL_NO_RSA
p_hwcrhk_RSA = NULL;
p_hwcrhk_RSALoadKey = NULL;
p_hwcrhk_RSAGetPublicKey = NULL;
p_hwcrhk_RSAUnloadKey = NULL;
+#endif
p_hwcrhk_ModExpCRT = NULL;
p_hwcrhk_RandomBytes = NULL;
return to_return;
static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
const char *passphrase)
{
+#ifndef OPENSSL_NO_RSA
RSA *rtmp = NULL;
+#endif
EVP_PKEY *res = NULL;
+#ifndef OPENSSL_NO_RSA
HWCryptoHook_MPI e, n;
HWCryptoHook_RSAKeyHandle *hptr;
+#endif
+#if !defined(OPENSSL_NO_RSA)
HWCryptoHook_ErrMsgBuf rmsg;
+#endif
if(!hwcrhk_context)
{
ENGINE_R_NOT_INITIALISED);
goto err;
}
+#ifndef OPENSSL_NO_RSA
hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
if (!hptr)
{
ENGINE_R_NO_KEY);
goto err;
}
+#endif
+#ifndef OPENSSL_NO_RSA
rtmp = RSA_new_method(eng);
- RSA_set_ex_data(rtmp, hndidx, (char *)hptr);
+ RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
rtmp->e = BN_new();
rtmp->n = BN_new();
rtmp->flags |= RSA_FLAG_EXT_PKEY;
ERR_add_error_data(1,rmsg.buf);
goto err;
}
-
+
bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG));
bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG));
MPI2BN(rtmp->e, e);
res = EVP_PKEY_new();
EVP_PKEY_assign_RSA(res, rtmp);
+#endif
+
+ if (!res)
+ ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
+ ENGINE_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
return res;
err:
if (res)
EVP_PKEY_free(res);
+#ifndef OPENSSL_NO_RSA
if (rtmp)
RSA_free(rtmp);
+#endif
return NULL;
}
static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
const char *passphrase)
{
- EVP_PKEY *res = hwcrhk_load_privkey(eng, key_id, passphrase);
+ EVP_PKEY *res = NULL;
+
+#ifndef OPENSSL_NO_RSA
+ res = hwcrhk_load_privkey(eng, key_id, passphrase);
+#endif
if (res)
switch(res->type)
{
+#ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
{
RSA *rsa = NULL;
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
RSA_free(rsa);
}
+#endif
default:
ENGINEerr(ENGINE_F_HWCRHK_LOAD_PUBKEY,
ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
err:
return to_return;
}
-
+
+#ifndef OPENSSL_NO_RSA
static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
{
char tempbuf[1024];
/* This provides support for nForce keys. Since that's opaque data
all we do is provide a handle to the proper key and let HWCryptoHook
take care of the rest. */
- if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx))
+ if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
!= NULL)
{
HWCryptoHook_MPI m_a, m_r;
err:
return to_return;
}
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
{
char tempbuf[1024];
HWCryptoHook_ErrMsgBuf rmsg;
+#ifndef OPENSSL_NO_RSA
HWCryptoHook_RSAKeyHandle *hptr;
+#endif
+#if !defined(OPENSSL_NO_RSA)
int ret;
+#endif
rmsg.buf = tempbuf;
rmsg.size = 1024;
+#ifndef OPENSSL_NO_RSA
hptr = (HWCryptoHook_RSAKeyHandle *) item;
- if(!hptr) return;
- ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
- OPENSSL_free(hptr);
+ if(hptr)
+ {
+ ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+ OPENSSL_free(hptr);
+ }
+#endif
}
/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
return pfnModExp(r,a,p,m);
}
+#ifndef OPENSSL_NO_RSA
static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
{
return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL);
}
+#endif
+#ifndef OPENSSL_NO_DSA
/* This code was liberated and adapted from the commented-out code in
* dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
* (it doesn't have a CRT form for RSA), this function means that an
{
return nuron_mod_exp(r, a, p, m, ctx);
}
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return nuron_mod_exp(r, a, p, m, ctx);
}
+#ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
{
return nuron_mod_exp(r, a, p, m, ctx);
}
+#endif
+#ifndef OPENSSL_NO_RSA
static RSA_METHOD nuron_rsa =
{
"Nuron RSA method",
NULL,
NULL
};
+#endif
+#ifndef OPENSSL_NO_DSA
static DSA_METHOD nuron_dsa =
{
"Nuron DSA method",
0, /* flags */
NULL /* app_data */
};
+#endif
+#ifndef OPENSSL_NO_DH
static DH_METHOD nuron_dh =
{
"Nuron DH method",
0,
NULL
};
+#endif
/* Constants used when creating the ENGINE */
static const char *engine_nuron_id = "nuron";
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_nuron()
{
+#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DSA
const DSA_METHOD *meth2;
+#endif
+#ifndef OPENSSL_NO_DH
const DH_METHOD *meth3;
+#endif
ENGINE *ret = ENGINE_new();
if(!ret)
return NULL;
if(!ENGINE_set_id(ret, engine_nuron_id) ||
!ENGINE_set_name(ret, engine_nuron_name) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, &nuron_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(ret, &nuron_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, &nuron_dh) ||
+#endif
!ENGINE_set_BN_mod_exp(ret, nuron_mod_exp) ||
!ENGINE_set_init_function(ret, nuron_init) ||
!ENGINE_set_finish_function(ret, nuron_finish) ||
return NULL;
}
+#ifndef OPENSSL_NO_RSA
/* We know that the "PKCS1_SSLeay()" functions hook properly
* to the nuron-specific mod_exp and mod_exp_crt so we use
* those functions. NB: We don't use ENGINE_openssl() or
nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec;
nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc;
nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec;
+#endif
+#ifndef OPENSSL_NO_DSA
/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
* bits. */
meth2=DSA_OpenSSL();
nuron_dsa.dsa_do_sign=meth2->dsa_do_sign;
nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup;
nuron_dsa.dsa_do_verify=meth2->dsa_do_verify;
+#endif
+#ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth3=DH_OpenSSL();
nuron_dh.generate_key=meth3->generate_key;
nuron_dh.compute_key=meth3->compute_key;
+#endif
return ret;
}
static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dp,
const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#endif
static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#ifndef OPENSSL_NO_DSA
#if NOT_USED
static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
DSA_SIG *sig, DSA *dsa);
+#endif
+#ifndef OPENSSL_NO_DH
static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx);
static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
static int ubsec_dh_generate_key(DH *dh);
+#endif
#if NOT_USED
static int ubsec_rand_bytes(unsigned char *buf, int num);
{0, NULL, NULL, 0}
};
+#ifndef OPENSSL_NO_RSA
/* Our internal RSA_METHOD that we provide pointers to */
-
static RSA_METHOD ubsec_rsa =
{
"UBSEC RSA method",
NULL,
NULL
};
+#endif
+#ifndef OPENSSL_NO_DSA
/* Our internal DSA_METHOD that we provide pointers to */
static DSA_METHOD ubsec_dsa =
{
0, /* flags */
NULL /* app_data */
};
+#endif
+#ifndef OPENSSL_NO_DH
/* Our internal DH_METHOD that we provide pointers to */
static DH_METHOD ubsec_dh =
{
0,
NULL
};
+#endif
/* Constants used when creating the ENGINE */
static const char *engine_ubsec_id = "ubsec";
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_ubsec()
{
+#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DH
#ifndef HAVE_UBSEC_DH
const DH_METHOD *meth3;
#endif /* HAVE_UBSEC_DH */
+#endif
ENGINE *ret = ENGINE_new();
if(!ret)
return NULL;
if(!ENGINE_set_id(ret, engine_ubsec_id) ||
!ENGINE_set_name(ret, engine_ubsec_name) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, &ubsec_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(ret, &ubsec_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, &ubsec_dh) ||
+#endif
!ENGINE_set_BN_mod_exp(ret, ubsec_mod_exp) ||
!ENGINE_set_BN_mod_exp_crt(ret, ubsec_mod_exp_crt) ||
!ENGINE_set_init_function(ret, ubsec_init) ||
return NULL;
}
+#ifndef OPENSSL_NO_RSA
/* We know that the "PKCS1_SSLeay()" functions hook properly
* to the Broadcom-specific mod_exp and mod_exp_crt so we use
* those functions. NB: We don't use ENGINE_openssl() or
ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#endif
+#ifndef OPENSSL_NO_DH
#ifndef HAVE_UBSEC_DH
/* Much the same for Diffie-Hellman */
meth3 = DH_OpenSSL();
ubsec_dh.generate_key = meth3->generate_key;
ubsec_dh.compute_key = meth3->compute_key;
#endif /* HAVE_UBSEC_DH */
+#endif
return ret;
}
static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL;
static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL;
static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL;
+#ifndef OPENSSL_NO_DH
static t_UBSEC_diffie_hellman_generate_ioctl
*p_UBSEC_diffie_hellman_generate_ioctl = NULL;
static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#endif
+/* #ifndef OPENSSL_NO_RSA */
static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+/* #endif */
+#ifndef OPENSSL_NO_DSA
static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
+#endif
static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL;
static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL;
static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
static const char *UBSEC_F3 = "ubsec_open";
static const char *UBSEC_F4 = "ubsec_close";
+#ifndef OPENSSL_NO_DH
static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl";
static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl";
+#endif
+/* #ifndef OPENSSL_NO_RSA */
static const char *UBSEC_F7 = "rsa_mod_exp_ioctl";
static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl";
+/* #endif */
+#ifndef OPENSSL_NO_DSA
static const char *UBSEC_F9 = "dsa_sign_ioctl";
static const char *UBSEC_F10 = "dsa_verify_ioctl";
+#endif
static const char *UBSEC_F11 = "math_accelerate_ioctl";
static const char *UBSEC_F12 = "rng_ioctl";
t_UBSEC_ubsec_bits_to_bytes *p2;
t_UBSEC_ubsec_open *p3;
t_UBSEC_ubsec_close *p4;
+#ifndef OPENSSL_NO_DH
t_UBSEC_diffie_hellman_generate_ioctl *p5;
t_UBSEC_diffie_hellman_agree_ioctl *p6;
+#endif
+/* #ifndef OPENSSL_NO_RSA */
t_UBSEC_rsa_mod_exp_ioctl *p7;
t_UBSEC_rsa_mod_exp_crt_ioctl *p8;
+/* #endif */
+#ifndef OPENSSL_NO_DSA
t_UBSEC_dsa_sign_ioctl *p9;
t_UBSEC_dsa_verify_ioctl *p10;
+#endif
t_UBSEC_math_accelerate_ioctl *p11;
t_UBSEC_rng_ioctl *p12;
int fd = 0;
!(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) ||
!(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) ||
!(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) ||
+#ifndef OPENSSL_NO_DH
!(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *)
DSO_bind_func(ubsec_dso, UBSEC_F5)) ||
!(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *)
DSO_bind_func(ubsec_dso, UBSEC_F6)) ||
+#endif
+/* #ifndef OPENSSL_NO_RSA */
!(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) ||
!(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) ||
+/* #endif */
+#ifndef OPENSSL_NO_DSA
!(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) ||
!(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) ||
+#endif
!(p11 = (t_UBSEC_math_accelerate_ioctl *)
DSO_bind_func(ubsec_dso, UBSEC_F11)) ||
!(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)))
p_UBSEC_ubsec_bits_to_bytes = p2;
p_UBSEC_ubsec_open = p3;
p_UBSEC_ubsec_close = p4;
+#ifndef OPENSSL_NO_DH
p_UBSEC_diffie_hellman_generate_ioctl = p5;
p_UBSEC_diffie_hellman_agree_ioctl = p6;
+#endif
+#ifndef OPENSSL_NO_RSA
p_UBSEC_rsa_mod_exp_ioctl = p7;
p_UBSEC_rsa_mod_exp_crt_ioctl = p8;
+#endif
+#ifndef OPENSSL_NO_DSA
p_UBSEC_dsa_sign_ioctl = p9;
p_UBSEC_dsa_verify_ioctl = p10;
+#endif
p_UBSEC_math_accelerate_ioctl = p11;
p_UBSEC_rng_ioctl = p12;
p_UBSEC_ubsec_bits_to_bytes = NULL;
p_UBSEC_ubsec_open = NULL;
p_UBSEC_ubsec_close = NULL;
+#ifndef OPENSSL_NO_DH
p_UBSEC_diffie_hellman_generate_ioctl = NULL;
p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_RSA
p_UBSEC_rsa_mod_exp_ioctl = NULL;
p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_DSA
p_UBSEC_dsa_sign_ioctl = NULL;
p_UBSEC_dsa_verify_ioctl = NULL;
+#endif
p_UBSEC_math_accelerate_ioctl = NULL;
p_UBSEC_rng_ioctl = NULL;
p_UBSEC_ubsec_bits_to_bytes = NULL;
p_UBSEC_ubsec_open = NULL;
p_UBSEC_ubsec_close = NULL;
+#ifndef OPENSSL_NO_DH
p_UBSEC_diffie_hellman_generate_ioctl = NULL;
p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_RSA
p_UBSEC_rsa_mod_exp_ioctl = NULL;
p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#endif
+#ifndef OPENSSL_NO_DSA
p_UBSEC_dsa_sign_ioctl = NULL;
p_UBSEC_dsa_verify_ioctl = NULL;
+#endif
p_UBSEC_math_accelerate_ioctl = NULL;
p_UBSEC_rng_ioctl = NULL;
return 1;
return 1;
}
+#ifndef OPENSSL_NO_RSA
static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
{
BN_CTX *ctx;
BN_CTX_free(ctx);
return to_return;
}
+#endif
static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dp,
return 1;
}
+#ifndef OPENSSL_NO_DSA
#if NOT_USED
static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
return ubsec_mod_exp(r, a, p, m, ctx);
}
#endif
+#endif
/*
* This function is aliased to mod_exp (with the mont stuff dropped).
*/
static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
+ {
int ret = 0;
+#ifndef OPENSSL_NO_RSA
/* Do in software if the key is too large for the hardware. */
- if (BN_num_bits(m) > 1024) {
+ if (BN_num_bits(m) > 1024)
+ {
const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
- } else {
+ }
+ else
+#endif
+ {
ret = ubsec_mod_exp(r, a, p, m, ctx);
- }
+ }
return ret;
-}
+ }
+#ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
{
return ubsec_mod_exp(r, a, p, m, ctx);
}
+#endif
+#ifndef OPENSSL_NO_DSA
static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
DSA_SIG *to_return = NULL;
BN_clear_free(&v);
return to_return;
}
+#endif
+#ifndef OPENSSL_NO_DSA
static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh)
{
return 0;
{
return 0;
}
+#endif
#ifdef NOT_USED
static int ubsec_rand_bytes(unsigned char *buf, int num)
projects / openssl.git / commitdiff