#include <openssl/objects.h>
#include <openssl/engine.h>
#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
+#endif
#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
+ const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
/* utility functions */
/*-----------------------*/
/* RAND number functions */
/*-----------------------*/
-static int cca_get_random_bytes(unsigned char*, int );
+static int cca_get_random_bytes(unsigned char*, int);
static int cca_random_status(void);
+#ifndef OPENSSL_NO_RSA
static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
int idx,long argl, void *argp);
+#endif
/* Function pointers for CCA verbs */
/*---------------------------------*/
#endif
static const char* n_randomNumberGenerate = CSNBRNG;
+#ifndef OPENSSL_NO_RSA
static int hndidx = -1;
+#endif
static DSO *dso = NULL;
/* openssl engine initialization structures */
!ENGINE_set_init_function(e, ibm_4758_cca_init) ||
!ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
!ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
+#ifndef OPENSSL_NO_RSA
!ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
!ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
+#endif
!ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
return 0;
/* Ensure the error handling is set up */
}
#endif
+#ifndef OPENSSL_NO_RSA
hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
NULL, NULL, cca_ex_free);
+#endif
return 1;
err:
DSO_free(dso);
dso = NULL;
+#ifndef OPENSSL_NO_RSA
keyRecordRead = (F_KEYRECORDREAD)0;
- randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
pkaEncrypt = (F_PKAENCRYPT)0;
pkaDecrypt = (F_PKADECRYPT)0;
+#endif
+ randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
return 0;
}
return 0;
}
dso = NULL;
+#ifndef OPENSSL_NO_RSA
keyRecordRead = (F_KEYRECORDREAD)0;
randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
pkaEncrypt = (F_PKAENCRYPT)0;
pkaDecrypt = (F_PKADECRYPT)0;
+#endif
+ randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
return 1;
}
err:
if (keyToken)
OPENSSL_free(keyToken);
- if (res)
- EVP_PKEY_free(res);
- if (rtmp)
- RSA_free(rtmp);
return NULL;
}
err:
if (keyToken)
OPENSSL_free(keyToken);
- if (res)
- EVP_PKEY_free(res);
- if (rtmp)
- RSA_free(rtmp);
return NULL;
}
#define SSL_SIG_LEN 36
static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
+ const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
{
long returnCode;
long reasonCode;
digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
- keyToken, &length, hashBuffer, &lsiglen, sigbuf);
+ keyToken, &length, hashBuffer, &lsiglen,
+ (unsigned char *)sigbuf);
if (type == NID_sha1 || type == NID_md5)
{
return 1;
}
+#ifndef OPENSSL_NO_RSA
static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
long argl, void *argp)
{
if (item)
OPENSSL_free(item);
}
+#endif
/* Goo to handle building as a dynamic engine */
#ifndef OPENSSL_NO_DYNAMIC_ENGINE