/* This internal function is used by ENGINE_atalla() and possibly by the * "dynamic" ENGINE support too */ static int bind_helper(ENGINE *e) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth1; #endif #ifndef OPENSSL_NO_DSA const DSA_METHOD *meth2; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth3; #endif if(!ENGINE_set_id(e, engine_atalla_id) || !ENGINE_set_name(e, engine_atalla_name) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA(e, &atalla_rsa) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA(e, &atalla_dsa) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &atalla_dh) || #endif !ENGINE_set_destroy_function(e, atalla_destroy) || !ENGINE_set_init_function(e, atalla_init) || !ENGINE_set_finish_function(e, atalla_finish) || !ENGINE_set_ctrl_function(e, atalla_ctrl) || !ENGINE_set_cmd_defns(e, atalla_cmd_defns)) return 0; #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the atalla-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth1 = RSA_PKCS1_SSLeay(); atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc; atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec; atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc; atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec; #endif #ifndef OPENSSL_NO_DSA /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish * bits. */ meth2 = DSA_OpenSSL(); atalla_dsa.dsa_do_sign = meth2->dsa_do_sign; atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup; atalla_dsa.dsa_do_verify = meth2->dsa_do_verify; #endif #ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth3 = DH_OpenSSL(); atalla_dh.generate_key = meth3->generate_key; atalla_dh.compute_key = meth3->compute_key; #endif /* Ensure the atalla error handling is set up */ ERR_load_ATALLA_strings(); return 1; }
void ENGINE_load_cryptodev(void) { ENGINE *engine = ENGINE_new(); int fd; if (engine == NULL) return; if ((fd = get_dev_crypto()) < 0) { ENGINE_free(engine); return; } /* * find out what asymmetric crypto algorithms we support */ if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { close(fd); ENGINE_free(engine); return; } close(fd); if (!ENGINE_set_id(engine, "cryptodev") || !ENGINE_set_name(engine, "BSD cryptodev engine") || !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || !ENGINE_set_digests(engine, cryptodev_engine_digests) || !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || !ENGINE_set_cmd_defns(engine, cryptodev_defns)) { ENGINE_free(engine); return; } if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; if (cryptodev_asymfeat & CRF_MOD_EXP) { cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_mod_exp; else cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_nocrt_mod_exp; } } if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { const DSA_METHOD *meth = DSA_OpenSSL(); memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); if (cryptodev_asymfeat & CRF_DSA_SIGN) cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; if (cryptodev_asymfeat & CRF_MOD_EXP) { cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; } if (cryptodev_asymfeat & CRF_DSA_VERIFY) cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; } if (ENGINE_set_DH(engine, &cryptodev_dh)){ const DH_METHOD *dh_meth = DH_OpenSSL(); cryptodev_dh.generate_key = dh_meth->generate_key; cryptodev_dh.compute_key = dh_meth->compute_key; cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; if (cryptodev_asymfeat & CRF_MOD_EXP) { cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) cryptodev_dh.compute_key = cryptodev_dh_compute_key; } } ENGINE_add(engine); ENGINE_free(engine); ERR_clear_error(); }
/* This internal function is used by ENGINE_zencod () and possibly by the * "dynamic" ENGINE support too ;-) */ static int bind_helper ( ENGINE *e ) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth_rsa ; #endif #ifndef OPENSSL_NO_DSA const DSA_METHOD *meth_dsa ; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth_dh ; #endif const RAND_METHOD *meth_rand ; if ( !ENGINE_set_id ( e, engine_zencod_id ) || !ENGINE_set_name ( e, engine_zencod_name ) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA ( e, &zencod_rsa ) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA ( e, &zencod_dsa ) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH ( e, &zencod_dh ) || #endif !ENGINE_set_RAND ( e, &zencod_rand ) || !ENGINE_set_destroy_function ( e, zencod_destroy ) || !ENGINE_set_init_function ( e, zencod_init ) || !ENGINE_set_finish_function ( e, zencod_finish ) || !ENGINE_set_ctrl_function ( e, zencod_ctrl ) || !ENGINE_set_cmd_defns ( e, zencod_cmd_defns ) || !ENGINE_set_digests ( e, engine_digests ) || !ENGINE_set_ciphers ( e, engine_ciphers ) ) { return 0 ; } #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the Zencod-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth_rsa = RSA_PKCS1_SSLeay () ; zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc ; zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec ; zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc ; zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec ; /* meth_rsa->rsa_mod_exp */ /* meth_rsa->bn_mod_exp */ zencod_rsa.init = meth_rsa->init ; zencod_rsa.finish = meth_rsa->finish ; #endif #ifndef OPENSSL_NO_DSA /* We use OpenSSL meth to supply what we don't provide ;-*) */ meth_dsa = DSA_OpenSSL () ; /* meth_dsa->dsa_do_sign */ zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup ; /* meth_dsa->dsa_do_verify */ zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp ; /* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */ zencod_dsa.init = meth_dsa->init ; zencod_dsa.finish = meth_dsa->finish ; #endif #ifndef OPENSSL_NO_DH /* We use OpenSSL meth to supply what we don't provide ;-*) */ meth_dh = DH_OpenSSL () ; /* zencod_dh.generate_key = meth_dh->generate_key ; */ /* zencod_dh.compute_key = meth_dh->compute_key ; */ /* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */ zencod_dh.init = meth_dh->init ; zencod_dh.finish = meth_dh->finish ; #endif /* We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*) */ meth_rand = RAND_SSLeay () ; /* meth_rand->seed ; */ /* zencod_rand.seed = meth_rand->seed ; */ /* meth_rand->bytes ; */ /* zencod_rand.bytes = meth_rand->bytes ; */ zencod_rand.cleanup = meth_rand->cleanup ; zencod_rand.add = meth_rand->add ; /* meth_rand->pseudorand ; */ /* zencod_rand.pseudorand = meth_rand->pseudorand ; */ /* zencod_rand.status = meth_rand->status ; */ /* meth_rand->status ; */ /* Ensure the zencod error handling is set up */ ERR_load_ZENCOD_strings () ; return 1 ; }
static int bind_gost (ENGINE *e,const char *id) { int ret = 0; if (id && TINYCLR_SSL_STRCMP(id, engine_gost_id)) return 0; if (!ENGINE_set_id(e, engine_gost_id)) { TINYCLR_SSL_PRINTF("ENGINE_set_id failed\n"); goto end; } if (!ENGINE_set_name(e, engine_gost_name)) { TINYCLR_SSL_PRINTF("ENGINE_set_name failed\n"); goto end; } if (!ENGINE_set_digests(e, gost_digests)) { TINYCLR_SSL_PRINTF("ENGINE_set_digests failed\n"); goto end; } if (! ENGINE_set_ciphers(e, gost_ciphers)) { TINYCLR_SSL_PRINTF("ENGINE_set_ciphers failed\n"); goto end; } if (! ENGINE_set_pkey_meths(e, gost_pkey_meths)) { TINYCLR_SSL_PRINTF("ENGINE_set_pkey_meths failed\n"); goto end; } if (! ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) { TINYCLR_SSL_PRINTF("ENGINE_set_pkey_asn1_meths failed\n"); goto end; } /* Control function and commands */ if (!ENGINE_set_cmd_defns(e,gost_cmds)) { TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR,"ENGINE_set_cmd_defns failed\n"); goto end; } if (!ENGINE_set_ctrl_function(e,(ENGINE_CTRL_FUNC_PTR)gost_control_func)) { TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR,"ENGINE_set_ctrl_func failed\n"); goto end; } if ( ! ENGINE_set_destroy_function(e, gost_engine_destroy) || ! ENGINE_set_init_function(e,gost_engine_init) || ! ENGINE_set_finish_function(e,gost_engine_finish)) { goto end; } if (!register_ameth_gost(NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94", "GOST R 34.10-94")) goto end; if (!register_ameth_gost(NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001", "GOST R 34.10-2001")) goto end; if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC, "GOST-MAC", "GOST 28147-89 MAC")) goto end; if (!register_pmeth_gost(NID_id_GostR3410_94, &pmeth_GostR3410_94, 0)) goto end; if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0)) goto end; if (!register_pmeth_gost(NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0)) goto end; if ( ! ENGINE_register_ciphers(e) || ! ENGINE_register_digests(e) || ! ENGINE_register_pkey_meths(e) /* These two actually should go in LIST_ADD command */ || ! EVP_add_cipher(&cipher_gost) || ! EVP_add_cipher(&cipher_gost_cpacnt) || ! EVP_add_digest(&digest_gost) || ! EVP_add_digest(&imit_gost_cpa) ) { goto end; } ERR_load_GOST_strings(); ret = 1; end: return ret; }
/****************************************************************************** * function: * bind_qat(ENGINE *e, * const char *id) * * @param e [IN] - OpenSSL engine pointer * @param id [IN] - engine id * * description: * Connect Qat engine to OpenSSL engine library ******************************************************************************/ static int bind_qat(ENGINE *e, const char *id) { int ret = 0; #ifndef OPENSSL_ENABLE_QAT_UPSTREAM_DRIVER int upstream_flags = 0; unsigned int devmasks[] = { 0, 0, 0, 0, 0 }; #endif QAT_DEBUG_LOG_INIT(); WARN("QAT Warnings enabled.\n"); DEBUG("QAT Debug enabled.\n"); DEBUG("id=%s\n", id); if (access(QAT_DEV, F_OK) != 0) { WARN("Qat memory driver not present\n"); QATerr(QAT_F_BIND_QAT, QAT_R_MEM_DRV_NOT_PRESENT); goto end; } #ifndef OPENSSL_ENABLE_QAT_UPSTREAM_DRIVER if (!getDevices(devmasks, &upstream_flags)) { WARN("Qat device not present\n"); QATerr(QAT_F_BIND_QAT, QAT_R_QAT_DEV_NOT_PRESENT); goto end; } #endif if (id && (strcmp(id, engine_qat_id) != 0)) { WARN("ENGINE_id defined already!\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_ID_ALREADY_DEFINED); goto end; } if (!ENGINE_set_id(e, engine_qat_id)) { WARN("ENGINE_set_id failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_ID_FAILURE); goto end; } if (!ENGINE_set_name(e, engine_qat_name)) { WARN("ENGINE_set_name failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_NAME_FAILURE); goto end; } /* Ensure the QAT error handling is set up */ ERR_load_QAT_strings(); /* * Create static structures for ciphers now * as this function will be called by a single thread. */ qat_create_ciphers(); if (!ENGINE_set_RSA(e, qat_get_RSA_methods())) { WARN("ENGINE_set_RSA failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_RSA_FAILURE); goto end; } if (!ENGINE_set_DSA(e, qat_get_DSA_methods())) { WARN("ENGINE_set_DSA failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_DSA_FAILURE); goto end; } if (!ENGINE_set_DH(e, qat_get_DH_methods())) { WARN("ENGINE_set_DH failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_DH_FAILURE); goto end; } if (!ENGINE_set_EC(e, qat_get_EC_methods())) { WARN("ENGINE_set_EC failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_EC_FAILURE); goto end; } if (!ENGINE_set_ciphers(e, qat_ciphers)) { WARN("ENGINE_set_ciphers failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_CIPHER_FAILURE); goto end; } if (!ENGINE_set_pkey_meths(e, qat_PRF_pkey_methods)) { WARN("ENGINE_set_pkey_meths failed\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_SET_PKEY_FAILURE); goto end; } pthread_atfork(engine_finish_before_fork_handler, NULL, engine_init_child_at_fork_handler); ret = 1; ret &= ENGINE_set_destroy_function(e, qat_engine_destroy); ret &= ENGINE_set_init_function(e, qat_engine_init); ret &= ENGINE_set_finish_function(e, qat_engine_finish); ret &= ENGINE_set_ctrl_function(e, qat_engine_ctrl); ret &= ENGINE_set_cmd_defns(e, qat_cmd_defns); if (ret == 0) { WARN("Engine failed to register init, finish or destroy functions\n"); QATerr(QAT_F_BIND_QAT, QAT_R_ENGINE_REGISTER_FUNC_FAILURE); } end: return ret; }