OLD | NEW |
1 /* Author: Maurice Gittens <maurice@gittens.nl> */ | 1 /* Author: Maurice Gittens <maurice@gittens.nl> */ |
2 /* ==================================================================== | 2 /* ==================================================================== |
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | 3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
7 * are met: | 7 * are met: |
8 * | 8 * |
9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
85 /* rsa functions */ | 85 /* rsa functions */ |
86 /*---------------*/ | 86 /*---------------*/ |
87 #ifndef OPENSSL_NO_RSA | 87 #ifndef OPENSSL_NO_RSA |
88 static int cca_rsa_pub_enc(int flen, const unsigned char *from, | 88 static int cca_rsa_pub_enc(int flen, const unsigned char *from, |
89 unsigned char *to, RSA *rsa,int padding); | 89 unsigned char *to, RSA *rsa,int padding); |
90 static int cca_rsa_priv_dec(int flen, const unsigned char *from, | 90 static int cca_rsa_priv_dec(int flen, const unsigned char *from, |
91 unsigned char *to, RSA *rsa,int padding); | 91 unsigned char *to, RSA *rsa,int padding); |
92 static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, | 92 static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, |
93 unsigned char *sigret, unsigned int *siglen, const RSA *rsa); | 93 unsigned char *sigret, unsigned int *siglen, const RSA *rsa); |
94 static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, | 94 static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, |
95 » » unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); | 95 » const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa); |
96 | 96 |
97 /* utility functions */ | 97 /* utility functions */ |
98 /*-----------------------*/ | 98 /*-----------------------*/ |
99 static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*, | 99 static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*, |
100 UI_METHOD *ui_method, void *callback_data); | 100 UI_METHOD *ui_method, void *callback_data); |
101 static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*, | 101 static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*, |
102 UI_METHOD *ui_method, void *callback_data); | 102 UI_METHOD *ui_method, void *callback_data); |
103 | 103 |
104 static int getModulusAndExponent(const unsigned char *token, long *exponentLengt
h, | 104 static int getModulusAndExponent(const unsigned char *token, long *exponentLengt
h, |
105 unsigned char *exponent, long *modulusLength, | 105 unsigned char *exponent, long *modulusLength, |
106 long *modulusFieldLength, unsigned char *modulus); | 106 long *modulusFieldLength, unsigned char *modulus); |
107 #endif | 107 #endif |
108 | 108 |
109 /* RAND number functions */ | 109 /* RAND number functions */ |
110 /*-----------------------*/ | 110 /*-----------------------*/ |
111 static int cca_get_random_bytes(unsigned char*, int ); | 111 static int cca_get_random_bytes(unsigned char*, int); |
112 static int cca_random_status(void); | 112 static int cca_random_status(void); |
113 | 113 |
114 #ifndef OPENSSL_NO_RSA | 114 #ifndef OPENSSL_NO_RSA |
115 static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, | 115 static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, |
116 int idx,long argl, void *argp); | 116 int idx,long argl, void *argp); |
117 #endif | 117 #endif |
118 | 118 |
119 /* Function pointers for CCA verbs */ | 119 /* Function pointers for CCA verbs */ |
120 /*---------------------------------*/ | 120 /*---------------------------------*/ |
121 #ifndef OPENSSL_NO_RSA | 121 #ifndef OPENSSL_NO_RSA |
(...skipping 353 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
475 rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); | 475 rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); |
476 rtmp->flags |= RSA_FLAG_EXT_PKEY; | 476 rtmp->flags |= RSA_FLAG_EXT_PKEY; |
477 | 477 |
478 res = EVP_PKEY_new(); | 478 res = EVP_PKEY_new(); |
479 EVP_PKEY_assign_RSA(res, rtmp); | 479 EVP_PKEY_assign_RSA(res, rtmp); |
480 | 480 |
481 return res; | 481 return res; |
482 err: | 482 err: |
483 if (keyToken) | 483 if (keyToken) |
484 OPENSSL_free(keyToken); | 484 OPENSSL_free(keyToken); |
485 if (res) | |
486 EVP_PKEY_free(res); | |
487 if (rtmp) | |
488 RSA_free(rtmp); | |
489 return NULL; | 485 return NULL; |
490 } | 486 } |
491 | 487 |
492 static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id, | 488 static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id, |
493 UI_METHOD *ui_method, void *callback_data) | 489 UI_METHOD *ui_method, void *callback_data) |
494 { | 490 { |
495 RSA *rtmp = NULL; | 491 RSA *rtmp = NULL; |
496 EVP_PKEY *res = NULL; | 492 EVP_PKEY *res = NULL; |
497 unsigned char* keyToken = NULL; | 493 unsigned char* keyToken = NULL; |
498 long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; | 494 long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE; |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
553 rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); | 549 rtmp->e = BN_bin2bn(exponent, exponentLength, NULL); |
554 rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); | 550 rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL); |
555 rtmp->flags |= RSA_FLAG_EXT_PKEY; | 551 rtmp->flags |= RSA_FLAG_EXT_PKEY; |
556 res = EVP_PKEY_new(); | 552 res = EVP_PKEY_new(); |
557 EVP_PKEY_assign_RSA(res, rtmp); | 553 EVP_PKEY_assign_RSA(res, rtmp); |
558 | 554 |
559 return res; | 555 return res; |
560 err: | 556 err: |
561 if (keyToken) | 557 if (keyToken) |
562 OPENSSL_free(keyToken); | 558 OPENSSL_free(keyToken); |
563 if (res) | |
564 EVP_PKEY_free(res); | |
565 if (rtmp) | |
566 RSA_free(rtmp); | |
567 return NULL; | 559 return NULL; |
568 } | 560 } |
569 | 561 |
570 static int cca_rsa_pub_enc(int flen, const unsigned char *from, | 562 static int cca_rsa_pub_enc(int flen, const unsigned char *from, |
571 unsigned char *to, RSA *rsa,int padding) | 563 unsigned char *to, RSA *rsa,int padding) |
572 { | 564 { |
573 long returnCode; | 565 long returnCode; |
574 long reasonCode; | 566 long reasonCode; |
575 long lflen = flen; | 567 long lflen = flen; |
576 long exitDataLength = 0; | 568 long exitDataLength = 0; |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
619 &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from, | 611 &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from, |
620 &dataStructureLength, dataStructure, &keyTokenLength, | 612 &dataStructureLength, dataStructure, &keyTokenLength, |
621 keyToken, &outputLength, to); | 613 keyToken, &outputLength, to); |
622 | 614 |
623 return (returnCode | reasonCode) ? 0 : 1; | 615 return (returnCode | reasonCode) ? 0 : 1; |
624 } | 616 } |
625 | 617 |
626 #define SSL_SIG_LEN 36 | 618 #define SSL_SIG_LEN 36 |
627 | 619 |
628 static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, | 620 static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, |
629 » » unsigned char *sigbuf, unsigned int siglen, const RSA *rsa) | 621 » const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa) |
630 { | 622 { |
631 long returnCode; | 623 long returnCode; |
632 long reasonCode; | 624 long reasonCode; |
633 long lsiglen = siglen; | 625 long lsiglen = siglen; |
634 long exitDataLength = 0; | 626 long exitDataLength = 0; |
635 unsigned char exitData[8]; | 627 unsigned char exitData[8]; |
636 long ruleArrayLength = 1; | 628 long ruleArrayLength = 1; |
637 unsigned char ruleArray[8] = "PKCS-1.1"; | 629 unsigned char ruleArray[8] = "PKCS-1.1"; |
638 long keyTokenLength; | 630 long keyTokenLength; |
639 unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); | 631 unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx); |
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
728 } | 720 } |
729 i2d_X509_SIG(&sig, &ptr); | 721 i2d_X509_SIG(&sig, &ptr); |
730 } | 722 } |
731 break; | 723 break; |
732 default: | 724 default: |
733 return 0; | 725 return 0; |
734 } | 726 } |
735 | 727 |
736 digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength, | 728 digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength, |
737 exitData, &ruleArrayLength, ruleArray, &keyTokenLength, | 729 exitData, &ruleArrayLength, ruleArray, &keyTokenLength, |
738 » » keyToken, &length, hashBuffer, &lsiglen, sigbuf); | 730 » » keyToken, &length, hashBuffer, &lsiglen, |
| 731 » » » » » » (unsigned char *)sigbuf); |
739 | 732 |
740 if (type == NID_sha1 || type == NID_md5) | 733 if (type == NID_sha1 || type == NID_md5) |
741 { | 734 { |
742 OPENSSL_cleanse(hashBuffer, keyLength+1); | 735 OPENSSL_cleanse(hashBuffer, keyLength+1); |
743 OPENSSL_free(hashBuffer); | 736 OPENSSL_free(hashBuffer); |
744 } | 737 } |
745 | 738 |
746 return ((returnCode || reasonCode) ? 0 : 1); | 739 return ((returnCode || reasonCode) ? 0 : 1); |
747 } | 740 } |
748 | 741 |
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
985 if(!bind_helper(e)) | 978 if(!bind_helper(e)) |
986 return 0; | 979 return 0; |
987 return 1; | 980 return 1; |
988 } | 981 } |
989 IMPLEMENT_DYNAMIC_CHECK_FN() | 982 IMPLEMENT_DYNAMIC_CHECK_FN() |
990 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) | 983 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) |
991 #endif /* OPENSSL_NO_DYNAMIC_ENGINE */ | 984 #endif /* OPENSSL_NO_DYNAMIC_ENGINE */ |
992 | 985 |
993 #endif /* !OPENSSL_NO_HW_4758_CCA */ | 986 #endif /* !OPENSSL_NO_HW_4758_CCA */ |
994 #endif /* !OPENSSL_NO_HW */ | 987 #endif /* !OPENSSL_NO_HW */ |
OLD | NEW |