/* (de)initialisation functions. */ static int atalla_init(ENGINE *e) { tfnASI_GetHardwareConfig *p1; tfnASI_RSAPrivateKeyOpFn *p2; tfnASI_GetPerformanceStatistics *p3; /* Not sure of the origin of this magic value, but Ben's code had it * and it seemed to have been working for a few people. :-) */ unsigned int config_buf[1024]; if(atalla_dso != NULL) { ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED); goto err; } /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be * changed unfortunately because the Atalla drivers don't have * standard library names that can be platform-translated well. */ /* TODO: Work out how to actually map to the names the Atalla * drivers really use - for now a symbollic link needs to be * created on the host system from libatasi.so to atasi.so on * unix variants. */ atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0); if(atalla_dso == NULL) { ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); goto err; } if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func( atalla_dso, ATALLA_F1)) || !(p2 = (tfnASI_RSAPrivateKeyOpFn *)DSO_bind_func( atalla_dso, ATALLA_F2)) || !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func( atalla_dso, ATALLA_F3))) { ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED); goto err; } /* Copy the pointers */ p_Atalla_GetHardwareConfig = p1; p_Atalla_RSAPrivateKeyOpFn = p2; p_Atalla_GetPerformanceStatistics = p3; /* Perform a basic test to see if there's actually any unit * running. */ if(p1(0L, config_buf) != 0) { ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE); goto err; } /* Everything's fine. */ return 1; err: if(atalla_dso) DSO_free(atalla_dso); atalla_dso = NULL; p_Atalla_GetHardwareConfig = NULL; p_Atalla_RSAPrivateKeyOpFn = NULL; p_Atalla_GetPerformanceStatistics = NULL; return 0; }
static int atalla_finish(ENGINE *e) { free_ATALLA_LIBNAME(); if (atalla_dso == NULL) { ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_NOT_LOADED); return 0; } if (!DSO_free(atalla_dso)) { ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_UNIT_FAILURE); return 0; } atalla_dso = NULL; p_Atalla_GetHardwareConfig = NULL; p_Atalla_RSAPrivateKeyOpFn = NULL; p_Atalla_GetPerformanceStatistics = NULL; return 1; }
static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { int to_return = 0; if(!atalla_dso) { ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED); goto err; } if(!rsa->d || !rsa->n) { ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS); goto err; } to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); err: return to_return; }
static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) { int initialised = ((atalla_dso == NULL) ? 0 : 1); switch (cmd) { case ATALLA_CMD_SO_PATH: if (p == NULL) { ATALLAerr(ATALLA_F_ATALLA_CTRL, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (initialised) { ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_ALREADY_LOADED); return 0; } return set_ATALLA_LIBNAME((const char *)p); default: break; } ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED); return 0; }
static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx = NULL; int to_return = 0; if(!atalla_dso) { ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED); goto err; } if((ctx = BN_CTX_new()) == NULL) goto err; if(!rsa->d || !rsa->n) { ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS); goto err; } to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); err: if(ctx) BN_CTX_free(ctx); return to_return; }
static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for * use with the Atalla API calls. A neat cheat - I'll use * BIGNUMs from the BN_CTX but access their arrays directly as * byte arrays <grin>. This way I don't have to clean anything * up. */ BIGNUM *modulus; BIGNUM *exponent; BIGNUM *argument; BIGNUM *result; RSAPrivateKey keydata; int to_return, numbytes; modulus = exponent = argument = result = NULL; to_return = 0; /* expect failure */ if(!atalla_dso) { ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED); goto err; } /* Prepare the params */ BN_CTX_start(ctx); modulus = BN_CTX_get(ctx); exponent = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); result = BN_CTX_get(ctx); if (!result) { ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) || !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) { ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL); goto err; } /* Prepare the key-data */ memset(&keydata, 0,sizeof keydata); numbytes = BN_num_bytes(m); memset(exponent->d, 0, numbytes); memset(modulus->d, 0, numbytes); BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p)); BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m)); keydata.privateExponent.data = (unsigned char *)exponent->d; keydata.privateExponent.len = numbytes; keydata.modulus.data = (unsigned char *)modulus->d; keydata.modulus.len = numbytes; /* Prepare the argument */ memset(argument->d, 0, numbytes); memset(result->d, 0, numbytes); BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a)); /* Perform the operation */ if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d, (unsigned char *)argument->d, keydata.modulus.len) != 0) { ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED); goto err; } /* Convert the response */ BN_bin2bn((unsigned char *)result->d, numbytes, r); to_return = 1; err: BN_CTX_end(ctx); return to_return; }