#include <openssl/crypto.h>
#include "cryptlib.h"
#include <openssl/dso.h>
-#include "engine_int.h"
#include <openssl/engine.h>
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_NURON
+static const char def_NURON_LIBNAME[] = "nuronssl";
+static const char *NURON_LIBNAME = def_NURON_LIBNAME;
+static const char *NURON_F1 = "nuron_mod_exp";
+
+/* The definitions for control commands specific to this engine */
+#define NURON_CMD_SO_PATH ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
+ {NURON_CMD_SO_PATH,
+ "SO_PATH",
+ "Specifies the path to the 'nuronssl' shared library",
+ ENGINE_CMD_FLAG_STRING},
+ {0, NULL, NULL, 0}
+ };
+
typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
static tfnModExp *pfnModExp = NULL;
return 0;
}
- pvDSOHandle=DSO_load(NULL,"nuronssl",NULL,
+ pvDSOHandle = DSO_load(NULL, NURON_LIBNAME, NULL,
DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
if(!pvDSOHandle)
{
return 0;
}
- pfnModExp=(tfnModExp *)DSO_bind_func(pvDSOHandle,"nuron_mod_exp");
+ pfnModExp = (tfnModExp *)DSO_bind_func(pvDSOHandle, NURON_F1);
if(!pfnModExp)
{
ENGINEerr(ENGINE_F_NURON_INIT,ENGINE_R_DSO_FUNCTION_NOT_FOUND);
return 1;
}
+static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+ {
+ int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
+ switch(cmd)
+ {
+ case NURON_CMD_SO_PATH:
+ if(p == NULL)
+ {
+ ENGINEerr(ENGINE_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if(initialised)
+ {
+ ENGINEerr(ENGINE_F_NURON_CTRL,ENGINE_R_ALREADY_LOADED);
+ return 0;
+ }
+ NURON_LIBNAME = (const char *)p;
+ return 1;
+ default:
+ break;
+ }
+ ENGINEerr(ENGINE_F_NURON_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+ return 0;
+}
+
static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,
const BIGNUM *m,BN_CTX *ctx)
{
return pfnModExp(r,a,p,m);
}
+#ifndef OPENSSL_NO_RSA
static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
{
return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL);
}
+#endif
+#ifndef OPENSSL_NO_DSA
/* This code was liberated and adapted from the commented-out code in
* dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
* (it doesn't have a CRT form for RSA), this function means that an
{
return nuron_mod_exp(r, a, p, m, ctx);
}
+#endif
/* This function is aliased to mod_exp (with the mont stuff dropped). */
static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return nuron_mod_exp(r, a, p, m, ctx);
}
+#ifndef OPENSSL_NO_DH
/* This function is aliased to mod_exp (with the dh and mont dropped). */
static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
{
return nuron_mod_exp(r, a, p, m, ctx);
}
+#endif
+#ifndef OPENSSL_NO_RSA
static RSA_METHOD nuron_rsa =
{
"Nuron RSA method",
NULL,
NULL
};
+#endif
+#ifndef OPENSSL_NO_DSA
static DSA_METHOD nuron_dsa =
{
"Nuron DSA method",
0, /* flags */
NULL /* app_data */
};
+#endif
+#ifndef OPENSSL_NO_DH
static DH_METHOD nuron_dh =
{
"Nuron DH method",
0,
NULL
};
+#endif
-static ENGINE engine_nuron =
- {
- "nuron",
- "Nuron hardware engine support",
- &nuron_rsa,
- &nuron_dsa,
- &nuron_dh,
- NULL,
- nuron_mod_exp,
- NULL,
- nuron_init,
- nuron_finish,
- NULL, /* no ctrl() */
- NULL, /* no load_privkey() */
- NULL, /* no load_pubkey() */
- 0, /* no flags */
- 0, 0, /* no references */
- NULL, NULL /* unlinked */
- };
+/* Constants used when creating the ENGINE */
+static const char *engine_nuron_id = "nuron";
+static const char *engine_nuron_name = "Nuron hardware engine support";
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_nuron()
{
+#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
+#endif
+#ifndef OPENSSL_NO_DSA
const DSA_METHOD *meth2;
+#endif
+#ifndef OPENSSL_NO_DH
const DH_METHOD *meth3;
+#endif
+ ENGINE *ret = ENGINE_new();
+ if(!ret)
+ return NULL;
+ if(!ENGINE_set_id(ret, engine_nuron_id) ||
+ !ENGINE_set_name(ret, engine_nuron_name) ||
+#ifndef OPENSSL_NO_RSA
+ !ENGINE_set_RSA(ret, &nuron_rsa) ||
+#endif
+#ifndef OPENSSL_NO_DSA
+ !ENGINE_set_DSA(ret, &nuron_dsa) ||
+#endif
+#ifndef OPENSSL_NO_DH
+ !ENGINE_set_DH(ret, &nuron_dh) ||
+#endif
+ !ENGINE_set_BN_mod_exp(ret, nuron_mod_exp) ||
+ !ENGINE_set_init_function(ret, nuron_init) ||
+ !ENGINE_set_finish_function(ret, nuron_finish) ||
+ !ENGINE_set_ctrl_function(ret, nuron_ctrl) ||
+ !ENGINE_set_cmd_defns(ret, nuron_cmd_defns))
+ {
+ ENGINE_free(ret);
+ return NULL;
+ }
+#ifndef OPENSSL_NO_RSA
/* We know that the "PKCS1_SSLeay()" functions hook properly
* to the nuron-specific mod_exp and mod_exp_crt so we use
* those functions. NB: We don't use ENGINE_openssl() or
nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec;
nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc;
nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec;
+#endif
+#ifndef OPENSSL_NO_DSA
/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
* bits. */
meth2=DSA_OpenSSL();
nuron_dsa.dsa_do_sign=meth2->dsa_do_sign;
nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup;
nuron_dsa.dsa_do_verify=meth2->dsa_do_verify;
+#endif
+#ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth3=DH_OpenSSL();
nuron_dh.generate_key=meth3->generate_key;
nuron_dh.compute_key=meth3->compute_key;
- return &engine_nuron;
+#endif
+ return ret;
}
#endif /* !OPENSSL_NO_HW_NURON */