hw_zencod.c revision 296465
1/* crypto/engine/hw_zencod.c */ 2 /* 3 * Written by Fred Donnat (frederic.donnat@zencod.com) for "zencod" * engine 4 * integration in order to redirect crypto computing on a crypto * hardware 5 * accelerator zenssl32 ;-) * * Date : 25 jun 2002 * Revision : 17 Ju7 2002 6 * * Version : zencod_engine-0.9.7 7 */ 8 9/* ==================================================================== 10 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 19 * 2. Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in 21 * the documentation and/or other materials provided with the 22 * distribution. 23 * 24 * 3. All advertising materials mentioning features or use of this 25 * software must display the following acknowledgment: 26 * "This product includes software developed by the OpenSSL Project 27 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 28 * 29 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 30 * endorse or promote products derived from this software without 31 * prior written permission. For written permission, please contact 32 * licensing@OpenSSL.org. 33 * 34 * 5. Products derived from this software may not be called "OpenSSL" 35 * nor may "OpenSSL" appear in their names without prior written 36 * permission of the OpenSSL Project. 37 * 38 * 6. Redistributions of any form whatsoever must retain the following 39 * acknowledgment: 40 * "This product includes software developed by the OpenSSL Project 41 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 42 * 43 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 44 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 45 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 46 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 47 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 48 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 49 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 50 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 51 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 52 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 53 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 54 * OF THE POSSIBILITY OF SUCH DAMAGE. 55 * ==================================================================== 56 * 57 * This product includes cryptographic software written by Eric Young 58 * (eay@cryptsoft.com). This product includes software written by Tim 59 * Hudson (tjh@cryptsoft.com). 60 * 61 */ 62 63/* ENGINE general include */ 64#include <stdio.h> 65#include <openssl/crypto.h> 66#include <openssl/dso.h> 67#include <openssl/engine.h> 68 69#ifndef OPENSSL_NO_HW 70# ifndef OPENSSL_NO_HW_ZENCOD 71 72# ifdef FLAT_INC 73# include "hw_zencod.h" 74# else 75# include "vendor_defns/hw_zencod.h" 76# endif 77 78# define ZENCOD_LIB_NAME "zencod engine" 79# include "hw_zencod_err.c" 80 81# define FAIL_TO_SOFTWARE -15 82 83# define ZEN_LIBRARY "zenbridge" 84 85# if 0 86# define PERROR(s) perror(s) 87# define CHEESE() fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr) 88# else 89# define PERROR(s) 90# define CHEESE() 91# endif 92 93/* Sorry ;) */ 94# ifndef WIN32 95static inline void esrever(unsigned char *d, int l) 96{ 97 for (; --l > 0; --l, d++) { 98 *d ^= *(d + l); 99 *(d + l) ^= *d; 100 *d ^= *(d + l); 101 } 102} 103 104static inline void ypcmem(unsigned char *d, const unsigned char *s, int l) 105{ 106 for (d += l; l--;) 107 *--d = *s++; 108} 109# else 110static __inline void esrever(unsigned char *d, int l) 111{ 112 for (; --l > 0; --l, d++) { 113 *d ^= *(d + l); 114 *(d + l) ^= *d; 115 *d ^= *(d + l); 116 } 117} 118 119static __inline void ypcmem(unsigned char *d, const unsigned char *s, int l) 120{ 121 for (d += l; l--;) 122 *--d = *s++; 123} 124# endif 125 126# define BIGNUM2ZEN(n, bn) (ptr_zencod_init_number((n), \ 127 (unsigned long) ((bn)->top * BN_BITS2), \ 128 (unsigned char *) ((bn)->d))) 129 130# define ZEN_BITS(n, bytes) (ptr_zencod_bytes2bits((unsigned char *) (n), (unsigned long) (bytes))) 131# define ZEN_BYTES(bits) (ptr_zencod_bits2bytes((unsigned long) (bits))) 132 133/* Function for ENGINE detection and control */ 134static int zencod_destroy(ENGINE *e); 135static int zencod_init(ENGINE *e); 136static int zencod_finish(ENGINE *e); 137static int zencod_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ()); 138 139/* BIGNUM stuff */ 140static int zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 141 const BIGNUM *m, BN_CTX *ctx); 142 143/* RSA stuff */ 144# ifndef OPENSSL_NO_RSA 145static int RSA_zencod_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); 146static int RSA_zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 147 const BIGNUM *m, BN_CTX *ctx, 148 BN_MONT_CTX *m_ctx); 149# endif 150 151/* DSA stuff */ 152# ifndef OPENSSL_NO_DSA 153static int DSA_zencod_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, 154 const BIGNUM *p, const BIGNUM *m, 155 BN_CTX *ctx, BN_MONT_CTX *m_ctx); 156 157static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen, 158 DSA *dsa); 159static int DSA_zencod_do_verify(const unsigned char *dgst, int dgst_len, 160 DSA_SIG *sig, DSA *dsa); 161# endif 162 163/* DH stuff */ 164# ifndef OPENSSL_NO_DH 165static int DH_zencod_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, 166 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, 167 BN_MONT_CTX *m_ctx); 168static int DH_zencod_generate_key(DH *dh); 169static int DH_zencod_compute_key(unsigned char *key, const BIGNUM *pub_key, 170 DH *dh); 171# endif 172 173/* Rand stuff */ 174static void RAND_zencod_seed(const void *buf, int num); 175static int RAND_zencod_rand_bytes(unsigned char *buf, int num); 176static int RAND_zencod_rand_status(void); 177 178/* Digest Stuff */ 179static int engine_digests(ENGINE *e, const EVP_MD **digest, const int **nids, 180 int nid); 181 182/* Cipher Stuff */ 183static int engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 184 const int **nids, int nid); 185 186# define ZENCOD_CMD_SO_PATH ENGINE_CMD_BASE 187static const ENGINE_CMD_DEFN zencod_cmd_defns[] = { 188 {ZENCOD_CMD_SO_PATH, 189 "SO_PATH", 190 "Specifies the path to the 'zenbridge' shared library", 191 ENGINE_CMD_FLAG_STRING}, 192 {0, NULL, NULL, 0} 193}; 194 195# ifndef OPENSSL_NO_RSA 196/* 197 * Our internal RSA_METHOD specific to zencod ENGINE providing pointers to 198 * our function 199 */ 200static RSA_METHOD zencod_rsa = { 201 "ZENCOD RSA method", 202 NULL, 203 NULL, 204 NULL, 205 NULL, 206 RSA_zencod_rsa_mod_exp, 207 RSA_zencod_bn_mod_exp, 208 NULL, 209 NULL, 210 0, 211 NULL, 212 NULL, 213 NULL 214}; 215# endif 216 217# ifndef OPENSSL_NO_DSA 218/* 219 * Our internal DSA_METHOD specific to zencod ENGINE providing pointers to 220 * our function 221 */ 222static DSA_METHOD zencod_dsa = { 223 "ZENCOD DSA method", 224 DSA_zencod_do_sign, 225 NULL, 226 DSA_zencod_do_verify, 227 NULL, 228 DSA_zencod_bn_mod_exp, 229 NULL, 230 NULL, 231 0, 232 NULL 233}; 234# endif 235 236# ifndef OPENSSL_NO_DH 237/* 238 * Our internal DH_METHOD specific to zencod ENGINE providing pointers to our 239 * function 240 */ 241static DH_METHOD zencod_dh = { 242 "ZENCOD DH method", 243 DH_zencod_generate_key, 244 DH_zencod_compute_key, 245 DH_zencod_bn_mod_exp, 246 NULL, 247 NULL, 248 0, 249 NULL 250}; 251# endif 252 253/* 254 * Our internal RAND_meth specific to zencod ZNGINE providing pointers to our 255 * function 256 */ 257static RAND_METHOD zencod_rand = { 258 RAND_zencod_seed, 259 RAND_zencod_rand_bytes, 260 NULL, 261 NULL, 262 RAND_zencod_rand_bytes, 263 RAND_zencod_rand_status 264}; 265 266/* Constants used when creating the ENGINE */ 267static const char *engine_zencod_id = "zencod"; 268static const char *engine_zencod_name = "ZENCOD hardware engine support"; 269 270/* 271 * This internal function is used by ENGINE_zencod () and possibly by the 272 * "dynamic" ENGINE support too ;-) 273 */ 274static int bind_helper(ENGINE *e) 275{ 276 277# ifndef OPENSSL_NO_RSA 278 const RSA_METHOD *meth_rsa; 279# endif 280# ifndef OPENSSL_NO_DSA 281 const DSA_METHOD *meth_dsa; 282# endif 283# ifndef OPENSSL_NO_DH 284 const DH_METHOD *meth_dh; 285# endif 286 287 const RAND_METHOD *meth_rand; 288 289 if (!ENGINE_set_id(e, engine_zencod_id) || 290 !ENGINE_set_name(e, engine_zencod_name) || 291# ifndef OPENSSL_NO_RSA 292 !ENGINE_set_RSA(e, &zencod_rsa) || 293# endif 294# ifndef OPENSSL_NO_DSA 295 !ENGINE_set_DSA(e, &zencod_dsa) || 296# endif 297# ifndef OPENSSL_NO_DH 298 !ENGINE_set_DH(e, &zencod_dh) || 299# endif 300 !ENGINE_set_RAND(e, &zencod_rand) || 301 !ENGINE_set_destroy_function(e, zencod_destroy) || 302 !ENGINE_set_init_function(e, zencod_init) || 303 !ENGINE_set_finish_function(e, zencod_finish) || 304 !ENGINE_set_ctrl_function(e, zencod_ctrl) || 305 !ENGINE_set_cmd_defns(e, zencod_cmd_defns) || 306 !ENGINE_set_digests(e, engine_digests) || 307 !ENGINE_set_ciphers(e, engine_ciphers)) { 308 return 0; 309 } 310# ifndef OPENSSL_NO_RSA 311 /* 312 * We know that the "PKCS1_SSLeay()" functions hook properly to the 313 * Zencod-specific mod_exp and mod_exp_crt so we use those functions. NB: 314 * We don't use ENGINE_openssl() or anything "more generic" because 315 * something like the RSAref code may not hook properly, and if you own 316 * one of these cards then you have the right to do RSA operations on it 317 * anyway! 318 */ 319 meth_rsa = RSA_PKCS1_SSLeay(); 320 321 zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc; 322 zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec; 323 zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc; 324 zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec; 325 /* meth_rsa->rsa_mod_exp */ 326 /* meth_rsa->bn_mod_exp */ 327 zencod_rsa.init = meth_rsa->init; 328 zencod_rsa.finish = meth_rsa->finish; 329# endif 330 331# ifndef OPENSSL_NO_DSA 332 /* 333 * We use OpenSSL meth to supply what we don't provide ;-*) 334 */ 335 meth_dsa = DSA_OpenSSL(); 336 337 /* meth_dsa->dsa_do_sign */ 338 zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup; 339 /* meth_dsa->dsa_do_verify */ 340 zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp; 341 /* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */ 342 zencod_dsa.init = meth_dsa->init; 343 zencod_dsa.finish = meth_dsa->finish; 344# endif 345 346# ifndef OPENSSL_NO_DH 347 /* 348 * We use OpenSSL meth to supply what we don't provide ;-*) 349 */ 350 meth_dh = DH_OpenSSL(); 351 352 /* zencod_dh.generate_key = meth_dh->generate_key ; */ 353 /* zencod_dh.compute_key = meth_dh->compute_key ; */ 354 /* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */ 355 zencod_dh.init = meth_dh->init; 356 zencod_dh.finish = meth_dh->finish; 357 358# endif 359 360 /* 361 * We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*) 362 */ 363 meth_rand = RAND_SSLeay(); 364 365 /* meth_rand->seed ; */ 366 /* zencod_rand.seed = meth_rand->seed ; */ 367 /* meth_rand->bytes ; */ 368 /* zencod_rand.bytes = meth_rand->bytes ; */ 369 zencod_rand.cleanup = meth_rand->cleanup; 370 zencod_rand.add = meth_rand->add; 371 /* meth_rand->pseudorand ; */ 372 /* zencod_rand.pseudorand = meth_rand->pseudorand ; */ 373 /* zencod_rand.status = meth_rand->status ; */ 374 /* meth_rand->status ; */ 375 376 /* Ensure the zencod error handling is set up */ 377 ERR_load_ZENCOD_strings(); 378 return 1; 379} 380 381/* 382 * As this is only ever called once, there's no need for locking (indeed - 383 * the lock will already be held by our caller!!!) 384 */ 385static ENGINE *ENGINE_zencod(void) 386{ 387 388 ENGINE *eng = ENGINE_new(); 389 390 if (!eng) { 391 return NULL; 392 } 393 if (!bind_helper(eng)) { 394 ENGINE_free(eng); 395 return NULL; 396 } 397 398 return eng; 399} 400 401# ifdef ENGINE_DYNAMIC_SUPPORT 402static 403# endif 404void ENGINE_load_zencod(void) 405{ 406 /* Copied from eng_[openssl|dyn].c */ 407 ENGINE *toadd = ENGINE_zencod(); 408 if (!toadd) 409 return; 410 ENGINE_add(toadd); 411 ENGINE_free(toadd); 412 ERR_clear_error(); 413} 414 415/* 416 * This is a process-global DSO handle used for loading and unloading the 417 * ZENBRIDGE library. NB: This is only set (or unset) during an * init () or 418 * finish () call (reference counts permitting) and they're * operating with 419 * global locks, so this should be thread-safe * implicitly. 420 */ 421static DSO *zencod_dso = NULL; 422 423static t_zencod_test *ptr_zencod_test = NULL; 424static t_zencod_bytes2bits *ptr_zencod_bytes2bits = NULL; 425static t_zencod_bits2bytes *ptr_zencod_bits2bytes = NULL; 426static t_zencod_new_number *ptr_zencod_new_number = NULL; 427static t_zencod_init_number *ptr_zencod_init_number = NULL; 428 429static t_zencod_rsa_mod_exp *ptr_zencod_rsa_mod_exp = NULL; 430static t_zencod_rsa_mod_exp_crt *ptr_zencod_rsa_mod_exp_crt = NULL; 431static t_zencod_dsa_do_sign *ptr_zencod_dsa_do_sign = NULL; 432static t_zencod_dsa_do_verify *ptr_zencod_dsa_do_verify = NULL; 433static t_zencod_dh_generate_key *ptr_zencod_dh_generate_key = NULL; 434static t_zencod_dh_compute_key *ptr_zencod_dh_compute_key = NULL; 435static t_zencod_rand_bytes *ptr_zencod_rand_bytes = NULL; 436static t_zencod_math_mod_exp *ptr_zencod_math_mod_exp = NULL; 437 438static t_zencod_md5_init *ptr_zencod_md5_init = NULL; 439static t_zencod_md5_update *ptr_zencod_md5_update = NULL; 440static t_zencod_md5_do_final *ptr_zencod_md5_do_final = NULL; 441static t_zencod_sha1_init *ptr_zencod_sha1_init = NULL; 442static t_zencod_sha1_update *ptr_zencod_sha1_update = NULL; 443static t_zencod_sha1_do_final *ptr_zencod_sha1_do_final = NULL; 444 445static t_zencod_xdes_cipher *ptr_zencod_xdes_cipher = NULL; 446static t_zencod_rc4_cipher *ptr_zencod_rc4_cipher = NULL; 447 448/* 449 * These are the static string constants for the DSO file name and the 450 * function symbol names to bind to. 451 */ 452static const char *ZENCOD_LIBNAME = ZEN_LIBRARY; 453 454static const char *ZENCOD_Fct_0 = "test_device"; 455static const char *ZENCOD_Fct_1 = "zenbridge_bytes2bits"; 456static const char *ZENCOD_Fct_2 = "zenbridge_bits2bytes"; 457static const char *ZENCOD_Fct_3 = "zenbridge_new_number"; 458static const char *ZENCOD_Fct_4 = "zenbridge_init_number"; 459 460static const char *ZENCOD_Fct_exp_1 = "zenbridge_rsa_mod_exp"; 461static const char *ZENCOD_Fct_exp_2 = "zenbridge_rsa_mod_exp_crt"; 462static const char *ZENCOD_Fct_dsa_1 = "zenbridge_dsa_do_sign"; 463static const char *ZENCOD_Fct_dsa_2 = "zenbridge_dsa_do_verify"; 464static const char *ZENCOD_Fct_dh_1 = "zenbridge_dh_generate_key"; 465static const char *ZENCOD_Fct_dh_2 = "zenbridge_dh_compute_key"; 466static const char *ZENCOD_Fct_rand_1 = "zenbridge_rand_bytes"; 467static const char *ZENCOD_Fct_math_1 = "zenbridge_math_mod_exp"; 468 469static const char *ZENCOD_Fct_md5_1 = "zenbridge_md5_init"; 470static const char *ZENCOD_Fct_md5_2 = "zenbridge_md5_update"; 471static const char *ZENCOD_Fct_md5_3 = "zenbridge_md5_do_final"; 472static const char *ZENCOD_Fct_sha1_1 = "zenbridge_sha1_init"; 473static const char *ZENCOD_Fct_sha1_2 = "zenbridge_sha1_update"; 474static const char *ZENCOD_Fct_sha1_3 = "zenbridge_sha1_do_final"; 475 476static const char *ZENCOD_Fct_xdes_1 = "zenbridge_xdes_cipher"; 477static const char *ZENCOD_Fct_rc4_1 = "zenbridge_rc4_cipher"; 478 479/* 480 * Destructor (complements the "ENGINE_zencod ()" constructor) 481 */ 482static int zencod_destroy(ENGINE *e) 483{ 484 485 ERR_unload_ZENCOD_strings(); 486 487 return 1; 488} 489 490/* 491 * (de)initialisation functions. Control Function 492 */ 493static int zencod_init(ENGINE *e) 494{ 495 496 t_zencod_test *ptr_0; 497 t_zencod_bytes2bits *ptr_1; 498 t_zencod_bits2bytes *ptr_2; 499 t_zencod_new_number *ptr_3; 500 t_zencod_init_number *ptr_4; 501 t_zencod_rsa_mod_exp *ptr_exp_1; 502 t_zencod_rsa_mod_exp_crt *ptr_exp_2; 503 t_zencod_dsa_do_sign *ptr_dsa_1; 504 t_zencod_dsa_do_verify *ptr_dsa_2; 505 t_zencod_dh_generate_key *ptr_dh_1; 506 t_zencod_dh_compute_key *ptr_dh_2; 507 t_zencod_rand_bytes *ptr_rand_1; 508 t_zencod_math_mod_exp *ptr_math_1; 509 t_zencod_md5_init *ptr_md5_1; 510 t_zencod_md5_update *ptr_md5_2; 511 t_zencod_md5_do_final *ptr_md5_3; 512 t_zencod_sha1_init *ptr_sha1_1; 513 t_zencod_sha1_update *ptr_sha1_2; 514 t_zencod_sha1_do_final *ptr_sha1_3; 515 t_zencod_xdes_cipher *ptr_xdes_1; 516 t_zencod_rc4_cipher *ptr_rc4_1; 517 518 CHEESE(); 519 520 /* 521 * We Should add some tests for non NULL parameters or bad value !! 522 * Stuff to be done ... 523 */ 524 525 if (zencod_dso != NULL) { 526 ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_ALREADY_LOADED); 527 goto err; 528 } 529 /* 530 * Trying to load the Library "cryptozen" 531 */ 532 zencod_dso = DSO_load(NULL, ZENCOD_LIBNAME, NULL, 0); 533 if (zencod_dso == NULL) { 534 ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE); 535 goto err; 536 } 537 538 /* 539 * Trying to load Function from the Library 540 */ 541 if (! 542 (ptr_1 = 543 (t_zencod_bytes2bits *) DSO_bind_func(zencod_dso, ZENCOD_Fct_1)) 544|| !(ptr_2 = (t_zencod_bits2bytes *) DSO_bind_func(zencod_dso, ZENCOD_Fct_2)) 545|| !(ptr_3 = (t_zencod_new_number *) DSO_bind_func(zencod_dso, ZENCOD_Fct_3)) 546|| !(ptr_4 = (t_zencod_init_number *) DSO_bind_func(zencod_dso, ZENCOD_Fct_4)) 547|| !(ptr_exp_1 = 548 (t_zencod_rsa_mod_exp *) DSO_bind_func(zencod_dso, ZENCOD_Fct_exp_1)) 549|| !(ptr_exp_2 = 550 (t_zencod_rsa_mod_exp_crt *) DSO_bind_func(zencod_dso, ZENCOD_Fct_exp_2)) 551|| !(ptr_dsa_1 = 552 (t_zencod_dsa_do_sign *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dsa_1)) 553|| !(ptr_dsa_2 = 554 (t_zencod_dsa_do_verify *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dsa_2)) 555|| !(ptr_dh_1 = 556 (t_zencod_dh_generate_key *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dh_1)) 557|| !(ptr_dh_2 = 558 (t_zencod_dh_compute_key *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dh_2)) 559|| !(ptr_rand_1 = 560 (t_zencod_rand_bytes *) DSO_bind_func(zencod_dso, ZENCOD_Fct_rand_1)) 561|| !(ptr_math_1 = 562 (t_zencod_math_mod_exp *) DSO_bind_func(zencod_dso, ZENCOD_Fct_math_1)) 563|| !(ptr_0 = (t_zencod_test *) DSO_bind_func(zencod_dso, ZENCOD_Fct_0)) 564|| !(ptr_md5_1 = 565 (t_zencod_md5_init *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_1)) 566|| !(ptr_md5_2 = 567 (t_zencod_md5_update *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_2)) 568|| !(ptr_md5_3 = 569 (t_zencod_md5_do_final *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_3)) 570|| !(ptr_sha1_1 = 571 (t_zencod_sha1_init *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_1)) 572|| !(ptr_sha1_2 = 573 (t_zencod_sha1_update *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_2)) 574|| !(ptr_sha1_3 = 575 (t_zencod_sha1_do_final *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_3)) 576|| !(ptr_xdes_1 = 577 (t_zencod_xdes_cipher *) DSO_bind_func(zencod_dso, ZENCOD_Fct_xdes_1)) 578|| !(ptr_rc4_1 = 579 (t_zencod_rc4_cipher *) DSO_bind_func(zencod_dso, ZENCOD_Fct_rc4_1))) { 580 581 ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE); 582 goto err; 583 } 584 585 /* 586 * The function from "cryptozen" Library have been correctly loaded so 587 * copy them 588 */ 589 ptr_zencod_test = ptr_0; 590 ptr_zencod_bytes2bits = ptr_1; 591 ptr_zencod_bits2bytes = ptr_2; 592 ptr_zencod_new_number = ptr_3; 593 ptr_zencod_init_number = ptr_4; 594 ptr_zencod_rsa_mod_exp = ptr_exp_1; 595 ptr_zencod_rsa_mod_exp_crt = ptr_exp_2; 596 ptr_zencod_dsa_do_sign = ptr_dsa_1; 597 ptr_zencod_dsa_do_verify = ptr_dsa_2; 598 ptr_zencod_dh_generate_key = ptr_dh_1; 599 ptr_zencod_dh_compute_key = ptr_dh_2; 600 ptr_zencod_rand_bytes = ptr_rand_1; 601 ptr_zencod_math_mod_exp = ptr_math_1; 602 ptr_zencod_test = ptr_0; 603 ptr_zencod_md5_init = ptr_md5_1; 604 ptr_zencod_md5_update = ptr_md5_2; 605 ptr_zencod_md5_do_final = ptr_md5_3; 606 ptr_zencod_sha1_init = ptr_sha1_1; 607 ptr_zencod_sha1_update = ptr_sha1_2; 608 ptr_zencod_sha1_do_final = ptr_sha1_3; 609 ptr_zencod_xdes_cipher = ptr_xdes_1; 610 ptr_zencod_rc4_cipher = ptr_rc4_1; 611 612 /* 613 * We should peform a test to see if there is actually any unit runnig on 614 * the system ... Even if the cryptozen library is loaded the module coul 615 * not be loaded on the system ... For now we may just open and close the 616 * device !! 617 */ 618 619 if (ptr_zencod_test() != 0) { 620 ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_UNIT_FAILURE); 621 goto err; 622 } 623 624 return 1; 625 err: 626 if (zencod_dso) { 627 DSO_free(zencod_dso); 628 } 629 zencod_dso = NULL; 630 ptr_zencod_bytes2bits = NULL; 631 ptr_zencod_bits2bytes = NULL; 632 ptr_zencod_new_number = NULL; 633 ptr_zencod_init_number = NULL; 634 ptr_zencod_rsa_mod_exp = NULL; 635 ptr_zencod_rsa_mod_exp_crt = NULL; 636 ptr_zencod_dsa_do_sign = NULL; 637 ptr_zencod_dsa_do_verify = NULL; 638 ptr_zencod_dh_generate_key = NULL; 639 ptr_zencod_dh_compute_key = NULL; 640 ptr_zencod_rand_bytes = NULL; 641 ptr_zencod_math_mod_exp = NULL; 642 ptr_zencod_test = NULL; 643 ptr_zencod_md5_init = NULL; 644 ptr_zencod_md5_update = NULL; 645 ptr_zencod_md5_do_final = NULL; 646 ptr_zencod_sha1_init = NULL; 647 ptr_zencod_sha1_update = NULL; 648 ptr_zencod_sha1_do_final = NULL; 649 ptr_zencod_xdes_cipher = NULL; 650 ptr_zencod_rc4_cipher = NULL; 651 652 return 0; 653} 654 655static int zencod_finish(ENGINE *e) 656{ 657 658 CHEESE(); 659 660 /* 661 * We Should add some tests for non NULL parameters or bad value !! 662 * Stuff to be done ... 663 */ 664 if (zencod_dso == NULL) { 665 ZENCODerr(ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_NOT_LOADED); 666 return 0; 667 } 668 if (!DSO_free(zencod_dso)) { 669 ZENCODerr(ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_DSO_FAILURE); 670 return 0; 671 } 672 673 zencod_dso = NULL; 674 675 ptr_zencod_bytes2bits = NULL; 676 ptr_zencod_bits2bytes = NULL; 677 ptr_zencod_new_number = NULL; 678 ptr_zencod_init_number = NULL; 679 ptr_zencod_rsa_mod_exp = NULL; 680 ptr_zencod_rsa_mod_exp_crt = NULL; 681 ptr_zencod_dsa_do_sign = NULL; 682 ptr_zencod_dsa_do_verify = NULL; 683 ptr_zencod_dh_generate_key = NULL; 684 ptr_zencod_dh_compute_key = NULL; 685 ptr_zencod_rand_bytes = NULL; 686 ptr_zencod_math_mod_exp = NULL; 687 ptr_zencod_test = NULL; 688 ptr_zencod_md5_init = NULL; 689 ptr_zencod_md5_update = NULL; 690 ptr_zencod_md5_do_final = NULL; 691 ptr_zencod_sha1_init = NULL; 692 ptr_zencod_sha1_update = NULL; 693 ptr_zencod_sha1_do_final = NULL; 694 ptr_zencod_xdes_cipher = NULL; 695 ptr_zencod_rc4_cipher = NULL; 696 697 return 1; 698} 699 700static int zencod_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ()) 701{ 702 703 int initialised = ((zencod_dso == NULL) ? 0 : 1); 704 705 CHEESE(); 706 707 /* 708 * We Should add some tests for non NULL parameters or bad value !! 709 * Stuff to be done ... 710 */ 711 switch (cmd) { 712 case ZENCOD_CMD_SO_PATH: 713 if (p == NULL) { 714 ZENCODerr(ZENCOD_F_ZENCOD_CTRL, ERR_R_PASSED_NULL_PARAMETER); 715 return 0; 716 } 717 if (initialised) { 718 ZENCODerr(ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_ALREADY_LOADED); 719 return 0; 720 } 721 ZENCOD_LIBNAME = (const char *)p; 722 return 1; 723 default: 724 break; 725 } 726 727 ZENCODerr(ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED); 728 729 return 0; 730} 731 732/* 733 * BIGNUM stuff Functions 734 */ 735static int zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 736 const BIGNUM *m, BN_CTX *ctx) 737{ 738 zen_nb_t y, x, e, n; 739 int ret; 740 741 CHEESE(); 742 743 if (!zencod_dso) { 744 ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_NOT_LOADED); 745 return 0; 746 } 747 748 if (!bn_wexpand(r, m->top + 1)) { 749 ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL); 750 return 0; 751 } 752 753 memset(r->d, 0, BN_num_bytes(m)); 754 755 ptr_zencod_init_number(&y, (r->dmax - 1) * sizeof(BN_ULONG) * 8, 756 (unsigned char *)r->d); 757 BIGNUM2ZEN(&x, a); 758 BIGNUM2ZEN(&e, p); 759 BIGNUM2ZEN(&n, m); 760 761 /* Must invert x and e parameter due to BN mod exp prototype ... */ 762 ret = ptr_zencod_math_mod_exp(&y, &e, &x, &n); 763 764 if (ret) { 765 PERROR("zenbridge_math_mod_exp"); 766 ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_REQUEST_FAILED); 767 return 0; 768 } 769 770 r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2; 771 772 return 1; 773} 774 775/* 776 * RSA stuff Functions 777 */ 778# ifndef OPENSSL_NO_RSA 779static int RSA_zencod_rsa_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa) 780{ 781 782 CHEESE(); 783 784 if (!zencod_dso) { 785 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_NOT_LOADED); 786 return 0; 787 } 788 789 if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { 790 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, 791 ZENCOD_R_BAD_KEY_COMPONENTS); 792 return 0; 793 } 794 795 /* Do in software if argument is too large for hardware */ 796 if (RSA_size(rsa) * 8 > ZENBRIDGE_MAX_KEYSIZE_RSA_CRT) { 797 const RSA_METHOD *meth; 798 799 meth = RSA_PKCS1_SSLeay(); 800 return meth->rsa_mod_exp(r0, i, rsa); 801 } else { 802 zen_nb_t y, x, p, q, dmp1, dmq1, iqmp; 803 804 if (!bn_expand(r0, RSA_size(rsa) * 8)) { 805 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, 806 ZENCOD_R_BN_EXPAND_FAIL); 807 return 0; 808 } 809 r0->top = (RSA_size(rsa) * 8 + BN_BITS2 - 1) / BN_BITS2; 810 811 BIGNUM2ZEN(&x, i); 812 BIGNUM2ZEN(&y, r0); 813 BIGNUM2ZEN(&p, rsa->p); 814 BIGNUM2ZEN(&q, rsa->q); 815 BIGNUM2ZEN(&dmp1, rsa->dmp1); 816 BIGNUM2ZEN(&dmq1, rsa->dmq1); 817 BIGNUM2ZEN(&iqmp, rsa->iqmp); 818 819 if (ptr_zencod_rsa_mod_exp_crt(&y, &x, &p, &q, &dmp1, &dmq1, &iqmp) < 820 0) { 821 PERROR("zenbridge_rsa_mod_exp_crt"); 822 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, 823 ZENCOD_R_REQUEST_FAILED); 824 return 0; 825 } 826 827 return 1; 828 } 829} 830 831/* 832 * This function is aliased to RSA_mod_exp (with the mont stuff dropped). 833 */ 834static int RSA_zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 835 const BIGNUM *m, BN_CTX *ctx, 836 BN_MONT_CTX *m_ctx) 837{ 838 839 CHEESE(); 840 841 if (!zencod_dso) { 842 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_NOT_LOADED); 843 return 0; 844 } 845 846 /* Do in software if argument is too large for hardware */ 847 if (BN_num_bits(m) > ZENBRIDGE_MAX_KEYSIZE_RSA) { 848 const RSA_METHOD *meth; 849 850 meth = RSA_PKCS1_SSLeay(); 851 return meth->bn_mod_exp(r, a, p, m, ctx, m_ctx); 852 } else { 853 zen_nb_t y, x, e, n; 854 855 if (!bn_expand(r, BN_num_bits(m))) { 856 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL); 857 return 0; 858 } 859 r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2; 860 861 BIGNUM2ZEN(&x, a); 862 BIGNUM2ZEN(&y, r); 863 BIGNUM2ZEN(&e, p); 864 BIGNUM2ZEN(&n, m); 865 866 if (ptr_zencod_rsa_mod_exp(&y, &x, &n, &e) < 0) { 867 PERROR("zenbridge_rsa_mod_exp"); 868 ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_REQUEST_FAILED); 869 return 0; 870 } 871 872 return 1; 873 } 874} 875# endif /* !OPENSSL_NO_RSA */ 876 877# ifndef OPENSSL_NO_DSA 878/* 879 * DSA stuff Functions 880 */ 881static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen, 882 DSA *dsa) 883{ 884 zen_nb_t p, q, g, x, y, r, s, data; 885 DSA_SIG *sig; 886 BIGNUM *bn_r = NULL; 887 BIGNUM *bn_s = NULL; 888 char msg[20]; 889 890 CHEESE(); 891 892 if (!zencod_dso) { 893 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_NOT_LOADED); 894 goto FAILED; 895 } 896 897 if (dlen > 160) { 898 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED); 899 goto FAILED; 900 } 901 902 /* Do in software if argument is too large for hardware */ 903 if (BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN || 904 BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN) { 905 const DSA_METHOD *meth; 906 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS); 907 meth = DSA_OpenSSL(); 908 return meth->dsa_do_sign(dgst, dlen, dsa); 909 } 910 911 if (!(bn_s = BN_new()) || !(bn_r = BN_new())) { 912 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS); 913 goto FAILED; 914 } 915 916 if (!bn_expand(bn_r, 160) || !bn_expand(bn_s, 160)) { 917 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BN_EXPAND_FAIL); 918 goto FAILED; 919 } 920 921 bn_r->top = bn_s->top = (160 + BN_BITS2 - 1) / BN_BITS2; 922 BIGNUM2ZEN(&p, dsa->p); 923 BIGNUM2ZEN(&q, dsa->q); 924 BIGNUM2ZEN(&g, dsa->g); 925 BIGNUM2ZEN(&x, dsa->priv_key); 926 BIGNUM2ZEN(&y, dsa->pub_key); 927 BIGNUM2ZEN(&r, bn_r); 928 BIGNUM2ZEN(&s, bn_s); 929 q.len = x.len = 160; 930 931 ypcmem(msg, dgst, 20); 932 ptr_zencod_init_number(&data, 160, msg); 933 934 if (ptr_zencod_dsa_do_sign(0, &data, &y, &p, &q, &g, &x, &r, &s) < 0) { 935 PERROR("zenbridge_dsa_do_sign"); 936 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED); 937 goto FAILED; 938 } 939 940 if (!(sig = DSA_SIG_new())) { 941 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED); 942 goto FAILED; 943 } 944 sig->r = bn_r; 945 sig->s = bn_s; 946 return sig; 947 948 FAILED: 949 if (bn_r) 950 BN_free(bn_r); 951 if (bn_s) 952 BN_free(bn_s); 953 return NULL; 954} 955 956static int DSA_zencod_do_verify(const unsigned char *dgst, int dlen, 957 DSA_SIG *sig, DSA *dsa) 958{ 959 zen_nb_t data, p, q, g, y, r, s, v; 960 char msg[20]; 961 char v_data[20]; 962 int ret; 963 964 CHEESE(); 965 966 if (!zencod_dso) { 967 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_VERIFY, ZENCOD_R_NOT_LOADED); 968 return 0; 969 } 970 971 if (dlen > 160) { 972 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED); 973 return 0; 974 } 975 976 /* Do in software if argument is too large for hardware */ 977 if (BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN || 978 BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN) { 979 const DSA_METHOD *meth; 980 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS); 981 meth = DSA_OpenSSL(); 982 return meth->dsa_do_verify(dgst, dlen, sig, dsa); 983 } 984 985 BIGNUM2ZEN(&p, dsa->p); 986 BIGNUM2ZEN(&q, dsa->q); 987 BIGNUM2ZEN(&g, dsa->g); 988 BIGNUM2ZEN(&y, dsa->pub_key); 989 BIGNUM2ZEN(&r, sig->r); 990 BIGNUM2ZEN(&s, sig->s); 991 ptr_zencod_init_number(&v, 160, v_data); 992 ypcmem(msg, dgst, 20); 993 ptr_zencod_init_number(&data, 160, msg); 994 995 if ((ret = 996 ptr_zencod_dsa_do_verify(0, &data, &p, &q, &g, &y, &r, &s, 997 &v)) < 0) { 998 PERROR("zenbridge_dsa_do_verify"); 999 ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_VERIFY, ZENCOD_R_REQUEST_FAILED); 1000 return 0; 1001 } 1002 1003 return ((ret == 0) ? 1 : ret); 1004} 1005 1006static int DSA_zencod_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, 1007 const BIGNUM *p, const BIGNUM *m, 1008 BN_CTX *ctx, BN_MONT_CTX *m_ctx) 1009{ 1010 CHEESE(); 1011 1012 return zencod_bn_mod_exp(r, a, p, m, ctx); 1013} 1014# endif /* !OPENSSL_NO_DSA */ 1015 1016# ifndef OPENSSl_NO_DH 1017/* 1018 * DH stuff Functions 1019 */ 1020static int DH_zencod_generate_key(DH *dh) 1021{ 1022 BIGNUM *bn_prv = NULL; 1023 BIGNUM *bn_pub = NULL; 1024 zen_nb_t y, x, g, p; 1025 int generate_x; 1026 1027 CHEESE(); 1028 1029 if (!zencod_dso) { 1030 ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_NOT_LOADED); 1031 return 0; 1032 } 1033 1034 /* Private key */ 1035 if (dh->priv_key) { 1036 bn_prv = dh->priv_key; 1037 generate_x = 0; 1038 } else { 1039 if (!(bn_prv = BN_new())) { 1040 ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL); 1041 goto FAILED; 1042 } 1043 generate_x = 1; 1044 } 1045 1046 /* Public key */ 1047 if (dh->pub_key) 1048 bn_pub = dh->pub_key; 1049 else if (!(bn_pub = BN_new())) { 1050 ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL); 1051 goto FAILED; 1052 } 1053 1054 /* Expand */ 1055 if (!bn_wexpand(bn_prv, dh->p->dmax) || !bn_wexpand(bn_pub, dh->p->dmax)) { 1056 ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL); 1057 goto FAILED; 1058 } 1059 bn_prv->top = dh->p->top; 1060 bn_pub->top = dh->p->top; 1061 1062 /* Convert all keys */ 1063 BIGNUM2ZEN(&p, dh->p); 1064 BIGNUM2ZEN(&g, dh->g); 1065 BIGNUM2ZEN(&y, bn_pub); 1066 BIGNUM2ZEN(&x, bn_prv); 1067 x.len = DH_size(dh) * 8; 1068 1069 /* Adjust the lengths of P and G */ 1070 p.len = ptr_zencod_bytes2bits(p.data, ZEN_BYTES(p.len)); 1071 g.len = ptr_zencod_bytes2bits(g.data, ZEN_BYTES(g.len)); 1072 1073 /* Send the request to the driver */ 1074 if (ptr_zencod_dh_generate_key(&y, &x, &g, &p, generate_x) < 0) { 1075 perror("zenbridge_dh_generate_key"); 1076 ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_REQUEST_FAILED); 1077 goto FAILED; 1078 } 1079 1080 dh->priv_key = bn_prv; 1081 dh->pub_key = bn_pub; 1082 1083 return 1; 1084 1085 FAILED: 1086 if (!dh->priv_key && bn_prv) 1087 BN_free(bn_prv); 1088 if (!dh->pub_key && bn_pub) 1089 BN_free(bn_pub); 1090 1091 return 0; 1092} 1093 1094static int DH_zencod_compute_key(unsigned char *key, const BIGNUM *pub_key, 1095 DH *dh) 1096{ 1097 zen_nb_t y, x, p, k; 1098 1099 CHEESE(); 1100 1101 if (!zencod_dso) { 1102 ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_NOT_LOADED); 1103 return 0; 1104 } 1105 1106 if (!dh->priv_key) { 1107 ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_BAD_KEY_COMPONENTS); 1108 return 0; 1109 } 1110 1111 /* Convert all keys */ 1112 BIGNUM2ZEN(&y, pub_key); 1113 BIGNUM2ZEN(&x, dh->priv_key); 1114 BIGNUM2ZEN(&p, dh->p); 1115 ptr_zencod_init_number(&k, p.len, key); 1116 1117 /* Adjust the lengths */ 1118 p.len = ptr_zencod_bytes2bits(p.data, ZEN_BYTES(p.len)); 1119 y.len = ptr_zencod_bytes2bits(y.data, ZEN_BYTES(y.len)); 1120 x.len = ptr_zencod_bytes2bits(x.data, ZEN_BYTES(x.len)); 1121 1122 /* Call the hardware */ 1123 if (ptr_zencod_dh_compute_key(&k, &y, &x, &p) < 0) { 1124 ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_REQUEST_FAILED); 1125 return 0; 1126 } 1127 1128 /* The key must be written MSB -> LSB */ 1129 k.len = ptr_zencod_bytes2bits(k.data, ZEN_BYTES(k.len)); 1130 esrever(key, ZEN_BYTES(k.len)); 1131 1132 return ZEN_BYTES(k.len); 1133} 1134 1135static int DH_zencod_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, 1136 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, 1137 BN_MONT_CTX *m_ctx) 1138{ 1139 CHEESE(); 1140 1141 return zencod_bn_mod_exp(r, a, p, m, ctx); 1142} 1143# endif /* !OPENSSL_NO_DH */ 1144 1145/* 1146 * RAND stuff Functions 1147 */ 1148static void RAND_zencod_seed(const void *buf, int num) 1149{ 1150 /* 1151 * Nothing to do cause our crypto accelerator provide a true random 1152 * generator 1153 */ 1154} 1155 1156static int RAND_zencod_rand_bytes(unsigned char *buf, int num) 1157{ 1158 zen_nb_t r; 1159 1160 CHEESE(); 1161 1162 if (!zencod_dso) { 1163 ENGINEerr(ZENCOD_F_ZENCOD_RAND, ZENCOD_R_NOT_LOADED); 1164 return 0; 1165 } 1166 1167 ptr_zencod_init_number(&r, num * 8, buf); 1168 1169 if (ptr_zencod_rand_bytes(&r, ZENBRIDGE_RNG_DIRECT) < 0) { 1170 PERROR("zenbridge_rand_bytes"); 1171 ENGINEerr(ZENCOD_F_ZENCOD_RAND, ZENCOD_R_REQUEST_FAILED); 1172 return 0; 1173 } 1174 1175 return 1; 1176} 1177 1178static int RAND_zencod_rand_status(void) 1179{ 1180 CHEESE(); 1181 1182 return 1; 1183} 1184 1185/* 1186 * This stuff is needed if this ENGINE is being compiled into a 1187 * self-contained shared-library. 1188 */ 1189# ifdef ENGINE_DYNAMIC_SUPPORT 1190static int bind_fn(ENGINE *e, const char *id) 1191{ 1192 1193 if (id && (strcmp(id, engine_zencod_id) != 0)) { 1194 return 0; 1195 } 1196 if (!bind_helper(e)) { 1197 return 0; 1198 } 1199 1200 return 1; 1201} 1202 1203IMPLEMENT_DYNAMIC_CHECK_FN() 1204 IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) 1205# endif /* ENGINE_DYNAMIC_SUPPORT */ 1206 /* 1207 * Adding "Digest" and "Cipher" tools ... 1208 * This is in development ... ;-) 1209 * In orfer to code this, i refer to hw_openbsd_dev_crypto and openssl engine made by Geoff Thorpe (if i'm rigth), 1210 * and evp, sha md5 definitions etc ... 1211 */ 1212/* First add some include ... */ 1213# include <openssl/evp.h> 1214# include <openssl/sha.h> 1215# include <openssl/md5.h> 1216# include <openssl/rc4.h> 1217# include <openssl/des.h> 1218/* Some variables declaration ... */ 1219 /* 1220 * DONS: Disable symetric computation except DES and 3DES, but let part 1221 * of the code 1222 */ 1223/* static int engine_digest_nids [ ] = { NID_sha1, NID_md5 } ; */ 1224static int engine_digest_nids[] = { }; 1225 1226static int engine_digest_nids_num = 0; 1227/* 1228 * static int engine_cipher_nids [ ] = { NID_rc4, NID_rc4_40, NID_des_cbc, 1229 * NID_des_ede3_cbc } ; 1230 */ 1231static int engine_cipher_nids[] = { NID_des_cbc, NID_des_ede3_cbc }; 1232 1233static int engine_cipher_nids_num = 2; 1234 1235/* Function prototype ... */ 1236/* SHA stuff */ 1237static int engine_sha1_init(EVP_MD_CTX *ctx); 1238static int engine_sha1_update(EVP_MD_CTX *ctx, const void *data, 1239 unsigned long count); 1240static int engine_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); 1241 1242/* MD5 stuff */ 1243static int engine_md5_init(EVP_MD_CTX *ctx); 1244static int engine_md5_update(EVP_MD_CTX *ctx, const void *data, 1245 unsigned long count); 1246static int engine_md5_final(EVP_MD_CTX *ctx, unsigned char *md); 1247 1248static int engine_md_cleanup(EVP_MD_CTX *ctx); 1249static int engine_md_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from); 1250 1251/* RC4 Stuff */ 1252static int engine_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 1253 const unsigned char *iv, int enc); 1254static int engine_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1255 const unsigned char *in, unsigned int inl); 1256 1257/* DES Stuff */ 1258static int engine_des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 1259 const unsigned char *iv, int enc); 1260static int engine_des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1261 const unsigned char *in, unsigned int inl); 1262 1263/* 3DES Stuff */ 1264static int engine_des_ede3_init_key(EVP_CIPHER_CTX *ctx, 1265 const unsigned char *key, 1266 const unsigned char *iv, int enc); 1267static int engine_des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1268 const unsigned char *in, 1269 unsigned int inl); 1270 1271static int engine_cipher_cleanup(EVP_CIPHER_CTX *ctx); /* cleanup ctx */ 1272 1273/* The one for SHA ... */ 1274static const EVP_MD engine_sha1_md = { 1275 NID_sha1, 1276 NID_sha1WithRSAEncryption, 1277 SHA_DIGEST_LENGTH, 1278 EVP_MD_FLAG_ONESHOT, 1279 /* 1280 * 0, 1281 *//* 1282 * EVP_MD_FLAG_ONESHOT = x0001 digest can only handle a single block * 1283 * XXX: set according to device info ... 1284 */ 1285 engine_sha1_init, 1286 engine_sha1_update, 1287 engine_sha1_final, 1288 engine_md_copy, /* dev_crypto_sha_copy */ 1289 engine_md_cleanup, /* dev_crypto_sha_cleanup */ 1290 EVP_PKEY_RSA_method, 1291 SHA_CBLOCK, 1292 /* sizeof ( EVP_MD * ) + sizeof ( SHA_CTX ) */ 1293 sizeof(ZEN_MD_DATA) 1294 /* 1295 * sizeof ( MD_CTX_DATA ) The message digest data structure ... 1296 */ 1297}; 1298 1299/* The one for MD5 ... */ 1300static const EVP_MD engine_md5_md = { 1301 NID_md5, 1302 NID_md5WithRSAEncryption, 1303 MD5_DIGEST_LENGTH, 1304 EVP_MD_FLAG_ONESHOT, 1305 /* 1306 * 0, 1307 *//* 1308 * EVP_MD_FLAG_ONESHOT = x0001 digest can only handle a single block * 1309 * XXX: set according to device info ... 1310 */ 1311 engine_md5_init, 1312 engine_md5_update, 1313 engine_md5_final, 1314 engine_md_copy, /* dev_crypto_md5_copy */ 1315 engine_md_cleanup, /* dev_crypto_md5_cleanup */ 1316 EVP_PKEY_RSA_method, 1317 MD5_CBLOCK, 1318 /* sizeof ( EVP_MD * ) + sizeof ( MD5_CTX ) */ 1319 sizeof(ZEN_MD_DATA) 1320 /* 1321 * sizeof ( MD_CTX_DATA ) The message digest data structure ... 1322 */ 1323}; 1324 1325/* The one for RC4 ... */ 1326# define EVP_RC4_KEY_SIZE 16 1327 1328/* Try something static ... */ 1329typedef struct { 1330 unsigned int len; 1331 unsigned int first; 1332 unsigned char rc4_state[260]; 1333} NEW_ZEN_RC4_KEY; 1334 1335# define rc4_data(ctx) ( (EVP_RC4_KEY *) ( ctx )->cipher_data ) 1336 1337static const EVP_CIPHER engine_rc4 = { 1338 NID_rc4, 1339 1, 1340 16, /* EVP_RC4_KEY_SIZE should be 128 bits */ 1341 0, /* FIXME: key should be up to 256 bytes */ 1342 EVP_CIPH_VARIABLE_LENGTH, 1343 engine_rc4_init_key, 1344 engine_rc4_cipher, 1345 engine_cipher_cleanup, 1346 sizeof(NEW_ZEN_RC4_KEY), 1347 NULL, 1348 NULL, 1349 NULL 1350}; 1351 1352/* The one for RC4_40 ... */ 1353static const EVP_CIPHER engine_rc4_40 = { 1354 NID_rc4_40, 1355 1, 1356 5, /* 40 bits */ 1357 0, 1358 EVP_CIPH_VARIABLE_LENGTH, 1359 engine_rc4_init_key, 1360 engine_rc4_cipher, 1361 engine_cipher_cleanup, 1362 sizeof(NEW_ZEN_RC4_KEY), 1363 NULL, 1364 NULL, 1365 NULL 1366}; 1367 1368/* The one for DES ... */ 1369 1370/* Try something static ... */ 1371typedef struct { 1372 unsigned char des_key[24]; 1373 unsigned char des_iv[8]; 1374} ZEN_DES_KEY; 1375 1376static const EVP_CIPHER engine_des_cbc = { 1377 NID_des_cbc, 1378 8, 8, 8, 1379 0 | EVP_CIPH_CBC_MODE, 1380 engine_des_init_key, 1381 engine_des_cbc_cipher, 1382 engine_cipher_cleanup, 1383 sizeof(ZEN_DES_KEY), 1384 EVP_CIPHER_set_asn1_iv, 1385 EVP_CIPHER_get_asn1_iv, 1386 NULL, 1387 NULL 1388}; 1389 1390/* The one for 3DES ... */ 1391 1392/* Try something static ... */ 1393typedef struct { 1394 unsigned char des3_key[24]; 1395 unsigned char des3_iv[8]; 1396} ZEN_3DES_KEY; 1397 1398# define des_data(ctx) ( (DES_EDE_KEY *) ( ctx )->cipher_data ) 1399 1400static const EVP_CIPHER engine_des_ede3_cbc = { 1401 NID_des_ede3_cbc, 1402 8, 8, 8, 1403 0 | EVP_CIPH_CBC_MODE, 1404 engine_des_ede3_init_key, 1405 engine_des_ede3_cbc_cipher, 1406 engine_cipher_cleanup, 1407 sizeof(ZEN_3DES_KEY), 1408 EVP_CIPHER_set_asn1_iv, 1409 EVP_CIPHER_get_asn1_iv, 1410 NULL, 1411 NULL 1412}; 1413 1414/* General function cloned on hw_openbsd_dev_crypto one ... */ 1415static int engine_digests(ENGINE *e, const EVP_MD **digest, const int **nids, 1416 int nid) 1417{ 1418 1419# ifdef DEBUG_ZENCOD_MD 1420 fprintf(stderr, "\t=>Function : static int engine_digests () called !\n"); 1421# endif 1422 1423 if (!digest) { 1424 /* We are returning a list of supported nids */ 1425 *nids = engine_digest_nids; 1426 return engine_digest_nids_num; 1427 } 1428 /* We are being asked for a specific digest */ 1429 if (nid == NID_md5) { 1430 *digest = &engine_md5_md; 1431 } else if (nid == NID_sha1) { 1432 *digest = &engine_sha1_md; 1433 } else { 1434 *digest = NULL; 1435 return 0; 1436 } 1437 return 1; 1438} 1439 1440/* 1441 * SHA stuff Functions 1442 */ 1443static int engine_sha1_init(EVP_MD_CTX *ctx) 1444{ 1445 1446 int to_return = 0; 1447 1448 /* Test with zenbridge library ... */ 1449 to_return = ptr_zencod_sha1_init((ZEN_MD_DATA *)ctx->md_data); 1450 to_return = !to_return; 1451 1452 return to_return; 1453} 1454 1455static int engine_sha1_update(EVP_MD_CTX *ctx, const void *data, 1456 unsigned long count) 1457{ 1458 1459 zen_nb_t input; 1460 int to_return = 0; 1461 1462 /* Convert parameters ... */ 1463 input.len = count; 1464 input.data = (unsigned char *)data; 1465 1466 /* Test with zenbridge library ... */ 1467 to_return = 1468 ptr_zencod_sha1_update((ZEN_MD_DATA *)ctx->md_data, 1469 (const zen_nb_t *)&input); 1470 to_return = !to_return; 1471 1472 return to_return; 1473} 1474 1475static int engine_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) 1476{ 1477 1478 zen_nb_t output; 1479 int to_return = 0; 1480 1481 /* Convert parameters ... */ 1482 output.len = SHA_DIGEST_LENGTH; 1483 output.data = md; 1484 1485 /* Test with zenbridge library ... */ 1486 to_return = 1487 ptr_zencod_sha1_do_final((ZEN_MD_DATA *)ctx->md_data, 1488 (zen_nb_t *) & output); 1489 to_return = !to_return; 1490 1491 return to_return; 1492} 1493 1494/* 1495 * MD5 stuff Functions 1496 */ 1497static int engine_md5_init(EVP_MD_CTX *ctx) 1498{ 1499 1500 int to_return = 0; 1501 1502 /* Test with zenbridge library ... */ 1503 to_return = ptr_zencod_md5_init((ZEN_MD_DATA *)ctx->md_data); 1504 to_return = !to_return; 1505 1506 return to_return; 1507} 1508 1509static int engine_md5_update(EVP_MD_CTX *ctx, const void *data, 1510 unsigned long count) 1511{ 1512 1513 zen_nb_t input; 1514 int to_return = 0; 1515 1516 /* Convert parameters ... */ 1517 input.len = count; 1518 input.data = (unsigned char *)data; 1519 1520 /* Test with zenbridge library ... */ 1521 to_return = 1522 ptr_zencod_md5_update((ZEN_MD_DATA *)ctx->md_data, 1523 (const zen_nb_t *)&input); 1524 to_return = !to_return; 1525 1526 return to_return; 1527} 1528 1529static int engine_md5_final(EVP_MD_CTX *ctx, unsigned char *md) 1530{ 1531 1532 zen_nb_t output; 1533 int to_return = 0; 1534 1535 /* Convert parameters ... */ 1536 output.len = MD5_DIGEST_LENGTH; 1537 output.data = md; 1538 1539 /* Test with zenbridge library ... */ 1540 to_return = 1541 ptr_zencod_md5_do_final((ZEN_MD_DATA *)ctx->md_data, 1542 (zen_nb_t *) & output); 1543 to_return = !to_return; 1544 1545 return to_return; 1546} 1547 1548static int engine_md_cleanup(EVP_MD_CTX *ctx) 1549{ 1550 1551 ZEN_MD_DATA *zen_md_data = (ZEN_MD_DATA *)ctx->md_data; 1552 1553 if (zen_md_data->HashBuffer != NULL) { 1554 OPENSSL_free(zen_md_data->HashBuffer); 1555 zen_md_data->HashBufferSize = 0; 1556 ctx->md_data = NULL; 1557 } 1558 1559 return 1; 1560} 1561 1562static int engine_md_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from) 1563{ 1564 const ZEN_MD_DATA *from_md = (ZEN_MD_DATA *)from->md_data; 1565 ZEN_MD_DATA *to_md = (ZEN_MD_DATA *)to->md_data; 1566 1567 to_md->HashBuffer = OPENSSL_malloc(from_md->HashBufferSize); 1568 memcpy(to_md->HashBuffer, from_md->HashBuffer, from_md->HashBufferSize); 1569 1570 return 1; 1571} 1572 1573/* General function cloned on hw_openbsd_dev_crypto one ... */ 1574static int engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher, 1575 const int **nids, int nid) 1576{ 1577 1578 if (!cipher) { 1579 /* We are returning a list of supported nids */ 1580 *nids = engine_cipher_nids; 1581 return engine_cipher_nids_num; 1582 } 1583 /* We are being asked for a specific cipher */ 1584 if (nid == NID_rc4) { 1585 *cipher = &engine_rc4; 1586 } else if (nid == NID_rc4_40) { 1587 *cipher = &engine_rc4_40; 1588 } else if (nid == NID_des_cbc) { 1589 *cipher = &engine_des_cbc; 1590 } else if (nid == NID_des_ede3_cbc) { 1591 *cipher = &engine_des_ede3_cbc; 1592 } else { 1593 *cipher = NULL; 1594 return 0; 1595 } 1596 1597 return 1; 1598} 1599 1600static int engine_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 1601 const unsigned char *iv, int enc) 1602{ 1603 int to_return = 0; 1604 int i = 0; 1605 int nb = 0; 1606 NEW_ZEN_RC4_KEY *tmp_rc4_key = NULL; 1607 1608 tmp_rc4_key = (NEW_ZEN_RC4_KEY *) (ctx->cipher_data); 1609 tmp_rc4_key->first = 0; 1610 tmp_rc4_key->len = ctx->key_len; 1611 tmp_rc4_key->rc4_state[0] = 0x00; 1612 tmp_rc4_key->rc4_state[2] = 0x00; 1613 nb = 256 / ctx->key_len; 1614 for (i = 0; i < nb; i++) { 1615 memcpy(&(tmp_rc4_key->rc4_state[4 + i * ctx->key_len]), key, 1616 ctx->key_len); 1617 } 1618 1619 to_return = 1; 1620 1621 return to_return; 1622} 1623 1624static int engine_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1625 const unsigned char *in, unsigned int in_len) 1626{ 1627 1628 zen_nb_t output, input; 1629 zen_nb_t rc4key; 1630 int to_return = 0; 1631 NEW_ZEN_RC4_KEY *tmp_rc4_key = NULL; 1632 1633 /* Convert parameters ... */ 1634 input.len = in_len; 1635 input.data = (unsigned char *)in; 1636 output.len = in_len; 1637 output.data = (unsigned char *)out; 1638 1639 tmp_rc4_key = ((NEW_ZEN_RC4_KEY *) (ctx->cipher_data)); 1640 rc4key.len = 260; 1641 rc4key.data = &(tmp_rc4_key->rc4_state[0]); 1642 1643 /* Test with zenbridge library ... */ 1644 to_return = 1645 ptr_zencod_rc4_cipher(&output, &input, (const zen_nb_t *)&rc4key, 1646 &(tmp_rc4_key->rc4_state[0]), 1647 &(tmp_rc4_key->rc4_state[3]), 1648 !tmp_rc4_key->first); 1649 to_return = !to_return; 1650 1651 /* Update encryption state ... */ 1652 tmp_rc4_key->first = 1; 1653 tmp_rc4_key = NULL; 1654 1655 return to_return; 1656} 1657 1658static int engine_des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 1659 const unsigned char *iv, int enc) 1660{ 1661 1662 ZEN_DES_KEY *tmp_des_key = NULL; 1663 int to_return = 0; 1664 1665 tmp_des_key = (ZEN_DES_KEY *) (ctx->cipher_data); 1666 memcpy(&(tmp_des_key->des_key[0]), key, 8); 1667 memcpy(&(tmp_des_key->des_key[8]), key, 8); 1668 memcpy(&(tmp_des_key->des_key[16]), key, 8); 1669 memcpy(&(tmp_des_key->des_iv[0]), iv, 8); 1670 1671 to_return = 1; 1672 1673 return to_return; 1674} 1675 1676static int engine_des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1677 const unsigned char *in, unsigned int inl) 1678{ 1679 1680 zen_nb_t output, input; 1681 zen_nb_t deskey_1, deskey_2, deskey_3, iv; 1682 int to_return = 0; 1683 1684 /* Convert parameters ... */ 1685 input.len = inl; 1686 input.data = (unsigned char *)in; 1687 output.len = inl; 1688 output.data = out; 1689 1690 /* Set key parameters ... */ 1691 deskey_1.len = 8; 1692 deskey_2.len = 8; 1693 deskey_3.len = 8; 1694 deskey_1.data = 1695 (unsigned char *)((ZEN_DES_KEY *) (ctx->cipher_data))->des_key; 1696 deskey_2.data = 1697 (unsigned char *)&((ZEN_DES_KEY *) (ctx->cipher_data))->des_key[8]; 1698 deskey_3.data = 1699 (unsigned char *)&((ZEN_DES_KEY *) (ctx->cipher_data))->des_key[16]; 1700 1701 /* Key correct iv ... */ 1702 memcpy(((ZEN_DES_KEY *) (ctx->cipher_data))->des_iv, ctx->iv, 8); 1703 iv.len = 8; 1704 iv.data = (unsigned char *)((ZEN_DES_KEY *) (ctx->cipher_data))->des_iv; 1705 1706 if (ctx->encrypt == 0) { 1707 memcpy(ctx->iv, &(input.data[input.len - 8]), 8); 1708 } 1709 1710 /* Test with zenbridge library ... */ 1711 to_return = ptr_zencod_xdes_cipher(&output, &input, 1712 (zen_nb_t *) & deskey_1, 1713 (zen_nb_t *) & deskey_2, 1714 (zen_nb_t *) & deskey_3, &iv, 1715 ctx->encrypt); 1716 to_return = !to_return; 1717 1718 /* 1719 * But we need to set up the rigth iv ... Test ENCRYPT or DECRYPT mode to 1720 * set iv ... 1721 */ 1722 if (ctx->encrypt == 1) { 1723 memcpy(ctx->iv, &(output.data[output.len - 8]), 8); 1724 } 1725 1726 return to_return; 1727} 1728 1729static int engine_des_ede3_init_key(EVP_CIPHER_CTX *ctx, 1730 const unsigned char *key, 1731 const unsigned char *iv, int enc) 1732{ 1733 1734 ZEN_3DES_KEY *tmp_3des_key = NULL; 1735 int to_return = 0; 1736 1737 tmp_3des_key = (ZEN_3DES_KEY *) (ctx->cipher_data); 1738 memcpy(&(tmp_3des_key->des3_key[0]), key, 24); 1739 memcpy(&(tmp_3des_key->des3_iv[0]), iv, 8); 1740 1741 to_return = 1; 1742 1743 return to_return; 1744} 1745 1746static int engine_des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 1747 const unsigned char *in, 1748 unsigned int in_len) 1749{ 1750 1751 zen_nb_t output, input; 1752 zen_nb_t deskey_1, deskey_2, deskey_3, iv; 1753 int to_return = 0; 1754 1755 /* Convert parameters ... */ 1756 input.len = in_len; 1757 input.data = (unsigned char *)in; 1758 output.len = in_len; 1759 output.data = out; 1760 1761 /* Set key ... */ 1762 deskey_1.len = 8; 1763 deskey_2.len = 8; 1764 deskey_3.len = 8; 1765 deskey_1.data = 1766 (unsigned char *)((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_key; 1767 deskey_2.data = 1768 (unsigned char *)&((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_key[8]; 1769 deskey_3.data = 1770 (unsigned char *)&((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_key[16]; 1771 1772 /* Key correct iv ... */ 1773 memcpy(((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_iv, ctx->iv, 8); 1774 iv.len = 8; 1775 iv.data = (unsigned char *)((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_iv; 1776 1777 if (ctx->encrypt == 0) { 1778 memcpy(ctx->iv, &(input.data[input.len - 8]), 8); 1779 } 1780 1781 /* Test with zenbridge library ... */ 1782 to_return = ptr_zencod_xdes_cipher(&output, &input, 1783 (zen_nb_t *) & deskey_1, 1784 (zen_nb_t *) & deskey_2, 1785 (zen_nb_t *) & deskey_3, &iv, 1786 ctx->encrypt); 1787 to_return = !to_return; 1788 1789 if (ctx->encrypt == 1) { 1790 memcpy(ctx->iv, &(output.data[output.len - 8]), 8); 1791 } 1792 1793 return to_return; 1794} 1795 1796static int engine_cipher_cleanup(EVP_CIPHER_CTX *ctx) 1797{ 1798 1799 /* Set the key pointer ... */ 1800 if (ctx->cipher->nid == NID_rc4 || ctx->cipher->nid == NID_rc4_40) { 1801 } else if (ctx->cipher->nid == NID_des_cbc) { 1802 } else if (ctx->cipher->nid == NID_des_ede3_cbc) { 1803 } 1804 1805 return 1; 1806} 1807 1808# endif /* !OPENSSL_NO_HW_ZENCOD */ 1809#endif /* !OPENSSL_NO_HW */ 1810