OLD | NEW |
1 /* crypto/engine/hw_ubsec.c */ | 1 /* crypto/engine/hw_ubsec.c */ |
2 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL | 2 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL |
3 * project 2000. | 3 * project 2000. |
4 * | 4 * |
5 * Cloned shamelessly by Joe Tardo. | 5 * Cloned shamelessly by Joe Tardo. |
6 */ | 6 */ |
7 /* ==================================================================== | 7 /* ==================================================================== |
8 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. | 8 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. |
9 * | 9 * |
10 * Redistribution and use in source and binary forms, with or without | 10 * Redistribution and use in source and binary forms, with or without |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 #include "e_ubsec_err.c" | 88 #include "e_ubsec_err.c" |
89 | 89 |
90 #define FAIL_TO_SOFTWARE -15 | 90 #define FAIL_TO_SOFTWARE -15 |
91 | 91 |
92 static int ubsec_destroy(ENGINE *e); | 92 static int ubsec_destroy(ENGINE *e); |
93 static int ubsec_init(ENGINE *e); | 93 static int ubsec_init(ENGINE *e); |
94 static int ubsec_finish(ENGINE *e); | 94 static int ubsec_finish(ENGINE *e); |
95 static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); | 95 static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); |
96 static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 96 static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
97 const BIGNUM *m, BN_CTX *ctx); | 97 const BIGNUM *m, BN_CTX *ctx); |
| 98 #ifndef OPENSSL_NO_RSA |
98 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 99 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
99 const BIGNUM *q, const BIGNUM *dp, | 100 const BIGNUM *q, const BIGNUM *dp, |
100 const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); | 101 const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); |
101 #ifndef OPENSSL_NO_RSA | |
102 static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
; | 102 static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
; |
103 #endif | |
104 static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 103 static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
105 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | 104 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); |
| 105 #endif |
106 #ifndef OPENSSL_NO_DSA | 106 #ifndef OPENSSL_NO_DSA |
107 #ifdef NOT_USED | 107 #ifdef NOT_USED |
108 static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | 108 static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, |
109 BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | 109 BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, |
110 BN_CTX *ctx, BN_MONT_CTX *in_mont); | 110 BN_CTX *ctx, BN_MONT_CTX *in_mont); |
111 static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | 111 static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, |
112 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 112 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, |
113 BN_MONT_CTX *m_ctx); | 113 BN_MONT_CTX *m_ctx); |
114 #endif | 114 #endif |
115 static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
; | 115 static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
; |
(...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
295 | 295 |
296 static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL; | 296 static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL; |
297 static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL; | 297 static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL; |
298 static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL; | 298 static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL; |
299 static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL; | 299 static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL; |
300 #ifndef OPENSSL_NO_DH | 300 #ifndef OPENSSL_NO_DH |
301 static t_UBSEC_diffie_hellman_generate_ioctl | 301 static t_UBSEC_diffie_hellman_generate_ioctl |
302 *p_UBSEC_diffie_hellman_generate_ioctl = NULL; | 302 *p_UBSEC_diffie_hellman_generate_ioctl = NULL; |
303 static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl =
NULL; | 303 static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl =
NULL; |
304 #endif | 304 #endif |
305 /* #ifndef OPENSSL_NO_RSA */ | 305 #ifndef OPENSSL_NO_RSA |
306 static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; | 306 static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; |
307 static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; | 307 static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; |
308 /* #endif */ | 308 #endif |
309 #ifndef OPENSSL_NO_DSA | 309 #ifndef OPENSSL_NO_DSA |
310 static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; | 310 static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; |
311 static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; | 311 static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; |
312 #endif | 312 #endif |
313 static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL; | 313 static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL; |
314 static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL; | 314 static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL; |
315 static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL; | 315 static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL; |
316 | 316 |
317 static int max_key_len = 1024; /* ??? */ | 317 static int max_key_len = 1024; /* ??? */ |
318 | 318 |
(...skipping 298 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
617 { | 617 { |
618 /* | 618 /* |
619 * Do in software as hardware failed. | 619 * Do in software as hardware failed. |
620 */ | 620 */ |
621 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | 621 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
622 to_return = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); | 622 to_return = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); |
623 } | 623 } |
624 err: | 624 err: |
625 return to_return; | 625 return to_return; |
626 } | 626 } |
627 #endif | |
628 | 627 |
629 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 628 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
630 const BIGNUM *q, const BIGNUM *dp, | 629 const BIGNUM *q, const BIGNUM *dp, |
631 const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx) | 630 const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx) |
632 { | 631 { |
633 int y_len, | 632 int y_len, |
634 m_len, | |
635 fd; | 633 fd; |
636 | 634 |
637 m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1; | |
638 y_len = BN_num_bits(p) + BN_num_bits(q); | 635 y_len = BN_num_bits(p) + BN_num_bits(q); |
639 | 636 |
640 /* Check if hardware can't handle this argument. */ | 637 /* Check if hardware can't handle this argument. */ |
641 if (y_len > max_key_len) { | 638 if (y_len > max_key_len) { |
642 UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_SIZE_TOO_LARGE_OR_TO
O_SMALL); | 639 UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_SIZE_TOO_LARGE_OR_TO
O_SMALL); |
643 return FAIL_TO_SOFTWARE; | 640 return FAIL_TO_SOFTWARE; |
644 } | 641 } |
645 | 642 |
646 if (!bn_wexpand(r, p->top + q->top + 1)) { | 643 if (!bn_wexpand(r, p->top + q->top + 1)) { |
647 UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL); | 644 UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL); |
(...skipping 17 matching lines...) Expand all Loading... |
665 UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_REQUEST_FAILED); | 662 UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_REQUEST_FAILED); |
666 p_UBSEC_ubsec_close(fd); | 663 p_UBSEC_ubsec_close(fd); |
667 return FAIL_TO_SOFTWARE; | 664 return FAIL_TO_SOFTWARE; |
668 } | 665 } |
669 | 666 |
670 p_UBSEC_ubsec_close(fd); | 667 p_UBSEC_ubsec_close(fd); |
671 | 668 |
672 r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2; | 669 r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2; |
673 return 1; | 670 return 1; |
674 } | 671 } |
| 672 #endif |
675 | 673 |
676 #ifndef OPENSSL_NO_DSA | 674 #ifndef OPENSSL_NO_DSA |
677 #ifdef NOT_USED | 675 #ifdef NOT_USED |
678 static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, | 676 static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, |
679 BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, | 677 BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, |
680 BN_CTX *ctx, BN_MONT_CTX *in_mont) | 678 BN_CTX *ctx, BN_MONT_CTX *in_mont) |
681 { | 679 { |
682 BIGNUM t; | 680 BIGNUM t; |
683 int to_return = 0; | 681 int to_return = 0; |
684 | 682 |
(...skipping 12 matching lines...) Expand all Loading... |
697 | 695 |
698 static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, | 696 static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, |
699 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 697 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, |
700 BN_MONT_CTX *m_ctx) | 698 BN_MONT_CTX *m_ctx) |
701 { | 699 { |
702 return ubsec_mod_exp(r, a, p, m, ctx); | 700 return ubsec_mod_exp(r, a, p, m, ctx); |
703 } | 701 } |
704 #endif | 702 #endif |
705 #endif | 703 #endif |
706 | 704 |
| 705 #ifndef OPENSSL_NO_RSA |
| 706 |
707 /* | 707 /* |
708 * This function is aliased to mod_exp (with the mont stuff dropped). | 708 * This function is aliased to mod_exp (with the mont stuff dropped). |
709 */ | 709 */ |
710 static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 710 static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
711 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) | 711 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) |
712 { | 712 { |
713 int ret = 0; | 713 int ret = 0; |
714 | 714 |
715 #ifndef OPENSSL_NO_RSA | |
716 /* Do in software if the key is too large for the hardware. */ | 715 /* Do in software if the key is too large for the hardware. */ |
717 if (BN_num_bits(m) > max_key_len) | 716 if (BN_num_bits(m) > max_key_len) |
718 { | 717 { |
719 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); | 718 const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); |
720 ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx); | 719 ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx); |
721 } | 720 } |
722 else | 721 else |
723 #endif | |
724 { | 722 { |
725 ret = ubsec_mod_exp(r, a, p, m, ctx); | 723 ret = ubsec_mod_exp(r, a, p, m, ctx); |
726 } | 724 } |
727 | 725 |
728 return ret; | 726 return ret; |
729 } | 727 } |
| 728 #endif |
730 | 729 |
731 #ifndef OPENSSL_NO_DH | 730 #ifndef OPENSSL_NO_DH |
732 /* This function is aliased to mod_exp (with the dh and mont dropped). */ | 731 /* This function is aliased to mod_exp (with the dh and mont dropped). */ |
733 static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, | 732 static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a, |
734 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, | 733 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, |
735 BN_MONT_CTX *m_ctx) | 734 BN_MONT_CTX *m_ctx) |
736 { | 735 { |
737 return ubsec_mod_exp(r, a, p, m, ctx); | 736 return ubsec_mod_exp(r, a, p, m, ctx); |
738 } | 737 } |
739 #endif | 738 #endif |
(...skipping 321 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1061 if(!bind_helper(e)) | 1060 if(!bind_helper(e)) |
1062 return 0; | 1061 return 0; |
1063 return 1; | 1062 return 1; |
1064 } | 1063 } |
1065 IMPLEMENT_DYNAMIC_CHECK_FN() | 1064 IMPLEMENT_DYNAMIC_CHECK_FN() |
1066 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) | 1065 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) |
1067 #endif /* OPENSSL_NO_DYNAMIC_ENGINE */ | 1066 #endif /* OPENSSL_NO_DYNAMIC_ENGINE */ |
1068 | 1067 |
1069 #endif /* !OPENSSL_NO_HW_UBSEC */ | 1068 #endif /* !OPENSSL_NO_HW_UBSEC */ |
1070 #endif /* !OPENSSL_NO_HW */ | 1069 #endif /* !OPENSSL_NO_HW */ |
OLD | NEW |