-/* Written by Corinne Dive-Reclus(cdive@baltimore.com)
+/*-
+* Written by Corinne Dive-Reclus(cdive@baltimore.com)
*
*
* Redistribution and use in source and binary forms, with or without
#include <openssl/dso.h>
#include <openssl/engine.h>
#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+#include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+#include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_SUREWARE
const BIGNUM *m, BN_CTX *ctx);
/* RSA stuff */
+#ifndef OPENSSL_NO_RSA
static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
RSA *rsa,int padding);
static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
RSA *rsa,int padding);
+#endif
/* RAND stuff */
static int surewarehk_rand_bytes(unsigned char *buf, int num);
-static void surewarehk_rand_seed(const void *buf, int num);
-static void surewarehk_rand_add(const void *buf, int num, double entropy);
+static int surewarehk_rand_seed(const void *buf, int num);
+static int surewarehk_rand_add(const void *buf, int num, double entropy);
/* KM stuff */
static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
break;
case SUREWAREHOOK_ERROR_INVALID_PAD:
- ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED);
+ ENGINEerr(func,SUREWARE_R_PADDING_CHECK_FAILED);
break;
default:
ENGINEerr(func,SUREWARE_R_REQUEST_FAILED);
return ret==1 ? 1 : 0;
}
-static void surewarehk_rand_seed(const void *buf, int num)
+static int surewarehk_rand_seed(const void *buf, int num)
{
int ret=0;
char msg[64]="ENGINE_rand_seed";
if(!p_surewarehk_Rand_Seed)
{
SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED);
+ return 0;
}
else
{
ret = p_surewarehk_Rand_Seed(msg,buf, num);
surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret);
+ if (ret == 1)
+ return 1;
+ else
+ return 0;
}
}
-static void surewarehk_rand_add(const void *buf, int num, double entropy)
+static int surewarehk_rand_add(const void *buf, int num, double entropy)
{
- surewarehk_rand_seed(buf,num);
+ return surewarehk_rand_seed(buf,num);
}
static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype)
int ret=0;
if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
+ SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_NOT_INITIALISED);
goto err;
}
switch (keytype)
ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
(unsigned long *)rsatmp->n->d,
(unsigned long *)rsatmp->e->d);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
+ surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
if (ret!=1)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+ SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
goto err;
}
/* normalise pub e and pub n */
(unsigned long *)dsatmp->p->d,
(unsigned long *)dsatmp->q->d,
(unsigned long *)dsatmp->g->d);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
+ surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
if (ret!=1)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+ SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
goto err;
}
/* set parameters */
#endif
default:
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+ SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
goto err;
}
return res;
err:
- if (res)
- EVP_PKEY_free(res);
#ifndef OPENSSL_NO_RSA
if (rsatmp)
RSA_free(rsatmp);
if(!p_surewarehk_Load_Privkey)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,ENGINE_R_NOT_INITIALISED);
}
else
{
ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype);
if (ret!=1)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
ERR_add_error_data(1,msg);
}
else
if(!p_surewarehk_Info_Pubkey)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,ENGINE_R_NOT_INITIALISED);
}
else
{
ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype);
if (ret!=1)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
ERR_add_error_data(1,msg);
}
else
{
if(!p_surewarehk_Free)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE,ENGINE_R_NOT_INITIALISED);
}
else
p_surewarehk_Free((char *)item,1);
/* intermediate buffer for padding */
if ((buf=OPENSSL_malloc(tlen)) == NULL)
{
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
goto err;
}
memcpy(buf,to,tlen);/* transfert to into buf */
ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen);
break;
default:
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (ret < 0)
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_PADDING_CHECK_FAILED);
}
err:
if (buf)
char msg[64]="ENGINE_rsa_sign";
if (!p_surewarehk_Rsa_Sign)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,ENGINE_R_NOT_INITIALISED);
}
/* extract ref to private key */
else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
}
else
{
{
case RSA_PKCS1_PADDING: /* do it in one shot */
ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret);
+ surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_SIGN,ret);
break;
case RSA_NO_PADDING:
default:
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,SUREWARE_R_UNKNOWN_PADDING_TYPE);
}
}
return ret==1 ? tlen : ret;
if (!p_surewarehk_Dsa_Sign)
{
SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ENGINE_R_NOT_INITIALISED);
+ goto err;
}
/* extract ref to private key */
else if (!(hptr=DSA_get_ex_data(dsa, dsaHndidx)))
{
SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
+ goto err;
}
else
{
char msg[64]="ENGINE_modexp";
if (!p_surewarehk_Mod_Exp)
{
- SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
+ SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP,ENGINE_R_NOT_INITIALISED);
}
else
{
a->top*sizeof(BN_ULONG),
(unsigned long *)a->d,
(unsigned long *)r->d);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret);
+ surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MODEXP,ret);
if (ret==1)
{
/* normalise result */