static void xsyslog (BIO * bp, int priority, const char *string) { LPCSTR lpszStrings[2]; WORD evtype = EVENTLOG_ERROR_TYPE; char pidbuf[DECIMAL_SIZE (DWORD) + 4]; if (bp->ptr == NULL) return; switch (priority) { case LOG_EMERG: case LOG_ALERT: case LOG_CRIT: case LOG_ERR: evtype = EVENTLOG_ERROR_TYPE; break; case LOG_WARNING: evtype = EVENTLOG_WARNING_TYPE; break; case LOG_NOTICE: case LOG_INFO: case LOG_DEBUG: evtype = EVENTLOG_INFORMATION_TYPE; break; default: /* Should never happen, but set it as error anyway. */ evtype = EVENTLOG_ERROR_TYPE; break; } sprintf (pidbuf, "[%u] ", GetCurrentProcessId ()); lpszStrings[0] = pidbuf; lpszStrings[1] = string; ReportEventA (bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL); }
static void xsyslog(BIO *bp, int priority, const char *string) { LPCSTR lpszStrings[2]; WORD evtype= EVENTLOG_ERROR_TYPE; int pid = _getpid(); char pidbuf[DECIMAL_SIZE(pid)+4]; switch (priority) { case LOG_EMERG: case LOG_ALERT: case LOG_CRIT: case LOG_ERR: evtype = EVENTLOG_ERROR_TYPE; break; case LOG_WARNING: evtype = EVENTLOG_WARNING_TYPE; break; case LOG_NOTICE: case LOG_INFO: case LOG_DEBUG: evtype = EVENTLOG_INFORMATION_TYPE; break; default: /* Should never happen, but set it as error anyway. */ evtype = EVENTLOG_ERROR_TYPE; break; } sprintf(pidbuf, "[%d] ", pid); lpszStrings[0] = pidbuf; lpszStrings[1] = string; if(report_event && bp->ptr) report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL); }
static int def_load_bio(CONF *conf, BIO *in, long *line) { /* The macro BUFSIZE conflicts with a system macro in VxWorks */ #define CONFBUFSIZE 512 int bufnum = 0, i, ii; BUF_MEM *buff = NULL; char *s, *p, *end; int again; long eline = 0; char btmp[DECIMAL_SIZE(eline) + 1]; CONF_VALUE *v = NULL, *tv; CONF_VALUE *sv = NULL; char *section = NULL, *buf; char *start, *psection, *pname; void *h = (void *)(conf->data); STACK_OF(BIO) *biosk = NULL; #ifndef OPENSSL_NO_POSIX_IO char *dirpath = NULL; OPENSSL_DIR_CTX *dirctx = NULL; #endif if ((buff = BUF_MEM_new()) == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB); goto err; } section = OPENSSL_strdup("default"); if (section == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } if (_CONF_new_data(conf) == 0) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } sv = _CONF_new_section(conf, section); if (sv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } bufnum = 0; again = 0; for (;;) { if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB); goto err; } p = &(buff->data[bufnum]); *p = '\0'; read_retry: BIO_gets(in, p, CONFBUFSIZE - 1); p[CONFBUFSIZE - 1] = '\0'; ii = i = strlen(p); if (i == 0 && !again) { /* the currently processed BIO is at EOF */ BIO *parent; #ifndef OPENSSL_NO_POSIX_IO /* continue processing with the next file from directory */ if (dirctx != NULL) { BIO *next; if ((next = get_next_file(dirpath, &dirctx)) != NULL) { BIO_vfree(in); in = next; goto read_retry; } else { OPENSSL_free(dirpath); dirpath = NULL; } } #endif /* no more files in directory, continue with processing parent */ if ((parent = sk_BIO_pop(biosk)) == NULL) { /* everything processed get out of the loop */ break; } else { BIO_vfree(in); in = parent; goto read_retry; } } again = 0; while (i > 0) { if ((p[i - 1] != '\r') && (p[i - 1] != '\n')) break; else i--; } /* * we removed some trailing stuff so there is a new line on the end. */ if (ii && i == ii) again = 1; /* long line */ else { p[i] = '\0'; eline++; /* another input line */ } /* we now have a line with trailing \r\n removed */ /* i is the number of bytes */ bufnum += i; v = NULL; /* check for line continuation */ if (bufnum >= 1) { /* * If we have bytes and the last char '\\' and second last char * is not '\\' */ p = &(buff->data[bufnum - 1]); if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) { bufnum--; again = 1; } } if (again) continue; bufnum = 0; buf = buff->data; clear_comments(conf, buf); s = eat_ws(conf, buf); if (IS_EOF(conf, *s)) continue; /* blank line */ if (*s == '[') { char *ss; s++; start = eat_ws(conf, s); ss = start; again: end = eat_alpha_numeric(conf, ss); p = eat_ws(conf, end); if (*p != ']') { if (*p != '\0' && ss != p) { ss = p; goto again; } CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } *end = '\0'; if (!str_copy(conf, NULL, §ion, start)) goto err; if ((sv = _CONF_get_section(conf, section)) == NULL) sv = _CONF_new_section(conf, section); if (sv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } continue; } else { pname = s; end = eat_alpha_numeric(conf, s); if ((end[0] == ':') && (end[1] == ':')) { *end = '\0'; end += 2; psection = pname; pname = end; end = eat_alpha_numeric(conf, end); } else { psection = section; } p = eat_ws(conf, end); if (strncmp(pname, ".include", 8) == 0 && (p != pname + 8 || *p == '=')) { char *include = NULL; BIO *next; if (*p == '=') { p++; p = eat_ws(conf, p); } trim_ws(conf, p); if (!str_copy(conf, psection, &include, p)) goto err; /* get the BIO of the included file */ #ifndef OPENSSL_NO_POSIX_IO next = process_include(include, &dirctx, &dirpath); if (include != dirpath) { /* dirpath will contain include in case of a directory */ OPENSSL_free(include); } #else next = BIO_new_file(include, "r"); OPENSSL_free(include); #endif if (next != NULL) { /* push the currently processing BIO onto stack */ if (biosk == NULL) { if ((biosk = sk_BIO_new_null()) == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } } if (!sk_BIO_push(biosk, in)) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } /* continue with reading from the included BIO */ in = next; } continue; } else if (*p != '=') { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN); goto err; } *end = '\0'; p++; start = eat_ws(conf, p); trim_ws(conf, start); if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } v->name = OPENSSL_strdup(pname); v->value = NULL; if (v->name == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } if (!str_copy(conf, psection, &(v->value), start)) goto err; if (strcmp(psection, section) != 0) { if ((tv = _CONF_get_section(conf, psection)) == NULL) tv = _CONF_new_section(conf, psection); if (tv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } } else tv = sv; if (_CONF_add_string(conf, tv, v) == 0) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } v = NULL; } } BUF_MEM_free(buff); OPENSSL_free(section); /* * No need to pop, since we only get here if the stack is empty. * If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE! */ sk_BIO_free(biosk); return 1; err: BUF_MEM_free(buff); OPENSSL_free(section); /* * Since |in| is the first element of the stack and should NOT be freed * here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one * BIO at a time, making sure that the last one popped isn't. */ while (sk_BIO_num(biosk) > 0) { BIO *popped = sk_BIO_pop(biosk); BIO_vfree(in); in = popped; } sk_BIO_free(biosk); #ifndef OPENSSL_NO_POSIX_IO OPENSSL_free(dirpath); if (dirctx != NULL) OPENSSL_DIR_end(&dirctx); #endif if (line != NULL) *line = eline; BIO_snprintf(btmp, sizeof(btmp), "%ld", eline); ERR_add_error_data(2, "line ", btmp); if (h != conf->data) { CONF_free(conf->data); conf->data = NULL; } if (v != NULL) { OPENSSL_free(v->name); OPENSSL_free(v->value); OPENSSL_free(v); } return 0; }
int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len) { ui->flags &= ~UI_FLAG_REDOABLE; switch (uis->type) { case UIT_PROMPT: case UIT_VERIFY: { char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1]; char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1]; BIO_snprintf(number1, sizeof(number1), "%d", uis->_.string_data.result_minsize); BIO_snprintf(number2, sizeof(number2), "%d", uis->_.string_data.result_maxsize); if (len < uis->_.string_data.result_minsize) { ui->flags |= UI_FLAG_REDOABLE; UIerr(UI_F_UI_SET_RESULT_EX, UI_R_RESULT_TOO_SMALL); ERR_add_error_data(5, "You must type in ", number1, " to ", number2, " characters"); return -1; } if (len > uis->_.string_data.result_maxsize) { ui->flags |= UI_FLAG_REDOABLE; UIerr(UI_F_UI_SET_RESULT_EX, UI_R_RESULT_TOO_LARGE); ERR_add_error_data(5, "You must type in ", number1, " to ", number2, " characters"); return -1; } } if (uis->result_buf == NULL) { UIerr(UI_F_UI_SET_RESULT_EX, UI_R_NO_RESULT_BUFFER); return -1; } memcpy(uis->result_buf, result, len); if (len <= uis->_.string_data.result_maxsize) uis->result_buf[len] = '\0'; uis->result_len = len; break; case UIT_BOOLEAN: { const char *p; if (uis->result_buf == NULL) { UIerr(UI_F_UI_SET_RESULT_EX, UI_R_NO_RESULT_BUFFER); return -1; } uis->result_buf[0] = '\0'; for (p = result; *p; p++) { if (strchr(uis->_.boolean_data.ok_chars, *p)) { uis->result_buf[0] = uis->_.boolean_data.ok_chars[0]; break; } if (strchr(uis->_.boolean_data.cancel_chars, *p)) { uis->result_buf[0] = uis->_.boolean_data.cancel_chars[0]; break; } } } case UIT_NONE: case UIT_INFO: case UIT_ERROR: break; } return 0; }
int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) { int i,idx=0,n=0,len,nid; unsigned long l; unsigned char *p; const char *s; char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); if ((a == NULL) || (a->data == NULL)) { buf[0]='\0'; return(0); } if (no_name || (nid=OBJ_obj2nid(a)) == NID_undef) { len=a->length; p=a->data; idx=0; l=0; while (idx < a->length) { l|=(p[idx]&0x7f); if (!(p[idx] & 0x80)) break; l<<=7L; idx++; } idx++; i=(int)(l/40); if (i > 2) i=2; l-=(long)(i*40); BIO_snprintf(tbuf,sizeof tbuf,"%d.%lu",i,l); i=strlen(tbuf); BUF_strlcpy(buf,tbuf,buf_len); buf_len-=i; buf+=i; n+=i; l=0; for (; idx<len; idx++) { l|=p[idx]&0x7f; if (!(p[idx] & 0x80)) { BIO_snprintf(tbuf,sizeof tbuf,".%lu",l); i=strlen(tbuf); if (buf_len > 0) BUF_strlcpy(buf,tbuf,buf_len); buf_len-=i; buf+=i; n+=i; l=0; } l<<=7L; } } else { s=OBJ_nid2ln(nid); if (s == NULL) s=OBJ_nid2sn(nid); BUF_strlcpy(buf,s,buf_len); n=strlen(s); } return(n); }
int UI_set_result(UI *ui, UI_STRING *uis, const char *result) { int l = strlen(result); ui->flags &= ~UI_FLAG_REDOABLE; if (!uis) return -1; switch (uis->type) { case UIT_PROMPT: case UIT_VERIFY: { char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1]; char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1]; BIO_snprintf(number1, sizeof(number1), "%d", uis->_.string_data.result_minsize); BIO_snprintf(number2, sizeof(number2), "%d", uis->_.string_data.result_maxsize); if (l < uis->_.string_data.result_minsize) { ui->flags |= UI_FLAG_REDOABLE; UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_SMALL); ERR_add_error_data(5, "You must type in ", number1, " to ", number2, " characters"); return -1; } if (l > uis->_.string_data.result_maxsize) { ui->flags |= UI_FLAG_REDOABLE; UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_LARGE); ERR_add_error_data(5, "You must type in ", number1, " to ", number2, " characters"); return -1; } } if (!uis->result_buf) { UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER); return -1; } BUF_strlcpy(uis->result_buf, result, uis->_.string_data.result_maxsize + 1); break; case UIT_BOOLEAN: { const char *p; if (!uis->result_buf) { UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER); return -1; } uis->result_buf[0] = '\0'; for (p = result; *p; p++) { if (strchr(uis->_.boolean_data.ok_chars, *p)) { uis->result_buf[0] = uis->_.boolean_data.ok_chars[0]; break; } if (strchr(uis->_.boolean_data.cancel_chars, *p)) { uis->result_buf[0] = uis->_.boolean_data.cancel_chars[0]; break; } } } default: break; } return 0; }
static int def_load_bio(CONF *conf, BIO *in, long *line) { /* The macro BUFSIZE conflicts with a system macro in VxWorks */ #define CONFBUFSIZE 512 int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again; long eline=0; char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; STACK_OF(CONF_VALUE) *section_sk=NULL,*ts __UNUSED; char *start,*psection,*pname; void *h = (void *)(conf->data); if ((buff=BUF_MEM_new()) == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB); goto err; } section=(char *)OPENSSL_malloc(10); if (section == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); goto err; } BUF_strlcpy(section,"default",10); if (_CONF_new_data(conf) == 0) { CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); goto err; } sv=_CONF_new_section(conf,section); if (sv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } section_sk=(STACK_OF(CONF_VALUE) *)sv->value; bufnum=0; again=0; for (;;) { if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE)) { CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB); goto err; } p= &(buff->data[bufnum]); *p='\0'; BIO_gets(in, p, CONFBUFSIZE-1); p[CONFBUFSIZE-1]='\0'; ii=i=strlen(p); if (i == 0 && !again) break; again=0; while (i > 0) { if ((p[i-1] != '\r') && (p[i-1] != '\n')) break; else i--; } /* we removed some trailing stuff so there is a new * line on the end. */ if (ii && i == ii) again=1; /* long line */ else { p[i]='\0'; eline++; /* another input line */ } /* we now have a line with trailing \r\n removed */ /* i is the number of bytes */ bufnum+=i; v=NULL; /* check for line continuation */ if (bufnum >= 1) { /* If we have bytes and the last char '\\' and * second last char is not '\\' */ p= &(buff->data[bufnum-1]); if (IS_ESC(conf,p[0]) && ((bufnum <= 1) || !IS_ESC(conf,p[-1]))) { bufnum--; again=1; } } if (again) continue; bufnum=0; buf=buff->data; clear_comments(conf, buf); s=eat_ws(conf, buf); if (IS_EOF(conf,*s)) continue; /* blank line */ if (*s == '[') { char *ss; s++; start=eat_ws(conf, s); ss=start; again: end=eat_alpha_numeric(conf, ss); p=eat_ws(conf, end); if (*p != ']') { if (*p != '\0') { ss=p; goto again; } CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } *end='\0'; if (!str_copy(conf,NULL,§ion,start)) goto err; if ((sv=_CONF_get_section(conf,section)) == NULL) sv=_CONF_new_section(conf,section); if (sv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } section_sk=(STACK_OF(CONF_VALUE) *)sv->value; continue; } else {
static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) { SW_CONTEXT_HANDLE hac; SW_PARAM sw_param; SW_STATUS sw_status; SW_LARGENUMBER arg[2], res; unsigned long sig_result; BN_CTX *ctx; BIGNUM *dsa_p = NULL; BIGNUM *dsa_q = NULL; BIGNUM *dsa_g = NULL; BIGNUM *dsa_key = NULL; BIGNUM *argument = NULL; int to_return = -1; int acquired = 0; if((ctx = BN_CTX_new()) == NULL) goto err; if(!get_context(&hac)) { CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ BN_CTX_start(ctx); dsa_p = BN_CTX_get(ctx); dsa_q = BN_CTX_get(ctx); dsa_g = BN_CTX_get(ctx); dsa_key = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); if(!argument) { CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(dsa_p, dsa->p->top) || !bn_wexpand(dsa_q, dsa->q->top) || !bn_wexpand(dsa_g, dsa->g->top) || !bn_wexpand(dsa_key, dsa->pub_key->top) || !bn_wexpand(argument, 40)) { CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_DSA; sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d); sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d; sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d); sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d; sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d); sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d; sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key, (unsigned char *)dsa_key->d); sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d; /* Attach the key params */ sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); switch(sw_status) { case SW_OK: break; case SW_ERR_INPUT_SIZE: CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } goto err; } /* Prepare the argument and response */ arg[0].nbytes = dgst_len; arg[0].value = (unsigned char *)dgst; arg[1].nbytes = 40; arg[1].value = (unsigned char *)argument->d; memset(arg[1].value, 0, 40); BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r)); BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s)); res.nbytes = 4; /* unsigned long */ res.value = (unsigned char *)(&sig_result); /* Perform the operation */ sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2, &res, 1); if(sw_status != SW_OK) { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; } /* Convert the response */ to_return = ((sig_result == 0) ? 0 : 1); err: if(acquired) release_context(hac); if(ctx) { BN_CTX_end(ctx); BN_CTX_free(ctx); } return to_return; }
static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) { SW_CONTEXT_HANDLE hac; SW_PARAM sw_param; SW_STATUS sw_status; SW_LARGENUMBER arg, res; unsigned char *ptr; BN_CTX *ctx; BIGNUM *dsa_p = NULL; BIGNUM *dsa_q = NULL; BIGNUM *dsa_g = NULL; BIGNUM *dsa_key = NULL; BIGNUM *result = NULL; DSA_SIG *to_return = NULL; int acquired = 0; if((ctx = BN_CTX_new()) == NULL) goto err; if(!get_context(&hac)) { CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ BN_CTX_start(ctx); dsa_p = BN_CTX_get(ctx); dsa_q = BN_CTX_get(ctx); dsa_g = BN_CTX_get(ctx); dsa_key = BN_CTX_get(ctx); result = BN_CTX_get(ctx); if(!result) { CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(dsa_p, dsa->p->top) || !bn_wexpand(dsa_q, dsa->q->top) || !bn_wexpand(dsa_g, dsa->g->top) || !bn_wexpand(dsa_key, dsa->priv_key->top) || !bn_wexpand(result, dsa->p->top)) { CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_DSA; sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d); sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d; sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d); sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d; sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d); sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d; sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key, (unsigned char *)dsa_key->d); sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d; /* Attach the key params */ sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); switch(sw_status) { case SW_OK: break; case SW_ERR_INPUT_SIZE: CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } goto err; } /* Prepare the argument and response */ arg.nbytes = dlen; arg.value = (unsigned char *)dgst; res.nbytes = BN_num_bytes(dsa->p); memset(result->d, 0, res.nbytes); res.value = (unsigned char *)result->d; /* Perform the operation */ sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1, &res, 1); if(sw_status != SW_OK) { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; } /* Convert the response */ ptr = (unsigned char *)result->d; if((to_return = DSA_SIG_new()) == NULL) goto err; to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL); to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL); err: if(acquired) release_context(hac); if(ctx) { BN_CTX_end(ctx); BN_CTX_free(ctx); } return to_return; }
/* Un petit mod_exp chinois */ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx) { SW_STATUS sw_status; SW_LARGENUMBER arg, res; SW_PARAM sw_param; SW_CONTEXT_HANDLE hac; BIGNUM *result = NULL; BIGNUM *argument = NULL; int to_return = 0; /* expect failure */ int acquired = 0; sw_param.up.crt.p.value = NULL; sw_param.up.crt.q.value = NULL; sw_param.up.crt.dmp1.value = NULL; sw_param.up.crt.dmq1.value = NULL; sw_param.up.crt.iqmp.value = NULL; if(!get_context(&hac)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ argument = BN_new(); result = BN_new(); if(!result || !argument) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL); goto err; } sw_param.type = SW_ALG_CRT; /************************************************************************/ /* 04/02/2003 */ /* Modified by Frederic Giudicelli (deny-all.com) to overcome the */ /* limitation of cswift with values not a multiple of 32 */ /************************************************************************/ if(!cswift_bn_32copy(&sw_param.up.crt.p, p)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } if(!cswift_bn_32copy(&sw_param.up.crt.q, q)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } if(!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } if(!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } if(!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } if( !bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL); goto err; } /* Attach the key params */ sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); switch(sw_status) { case SW_OK: break; case SW_ERR_INPUT_SIZE: CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } goto err; } /* Prepare the argument and response */ arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d); arg.value = (unsigned char *)argument->d; res.nbytes = 2 * BN_num_bytes(p); memset(result->d, 0, res.nbytes); res.value = (unsigned char *)result->d; /* Perform the operation */ if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, &res, 1)) != SW_OK) { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; } /* Convert the response */ BN_bin2bn((unsigned char *)result->d, res.nbytes, r); to_return = 1; err: if(sw_param.up.crt.p.value) OPENSSL_free(sw_param.up.crt.p.value); if(sw_param.up.crt.q.value) OPENSSL_free(sw_param.up.crt.q.value); if(sw_param.up.crt.dmp1.value) OPENSSL_free(sw_param.up.crt.dmp1.value); if(sw_param.up.crt.dmq1.value) OPENSSL_free(sw_param.up.crt.dmq1.value); if(sw_param.up.crt.iqmp.value) OPENSSL_free(sw_param.up.crt.iqmp.value); if(result) BN_free(result); if(argument) BN_free(argument); if(acquired) release_context(hac); return to_return; }
/* Un petit mod_exp */ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx) { /* I need somewhere to store temporary serialised values for * use with the CryptoSwift API calls. A neat cheat - I'll use * BIGNUMs from the BN_CTX but access their arrays directly as * byte arrays <grin>. This way I don't have to clean anything * up. */ BIGNUM *modulus; BIGNUM *exponent; BIGNUM *argument; BIGNUM *result; SW_STATUS sw_status; SW_LARGENUMBER arg, res; SW_PARAM sw_param; SW_CONTEXT_HANDLE hac; int to_return, acquired; modulus = exponent = argument = result = NULL; to_return = 0; /* expect failure */ acquired = 0; if(!get_context(&hac)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE); goto err; } acquired = 1; /* Prepare the params */ BN_CTX_start(ctx); modulus = BN_CTX_get(ctx); exponent = BN_CTX_get(ctx); argument = BN_CTX_get(ctx); result = BN_CTX_get(ctx); if(!result) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL); goto err; } if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) || !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) { CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL); goto err; } sw_param.type = SW_ALG_EXP; sw_param.up.exp.modulus.nbytes = BN_bn2bin(m, (unsigned char *)modulus->d); sw_param.up.exp.modulus.value = (unsigned char *)modulus->d; sw_param.up.exp.exponent.nbytes = BN_bn2bin(p, (unsigned char *)exponent->d); sw_param.up.exp.exponent.value = (unsigned char *)exponent->d; /* Attach the key params */ sw_status = p_CSwift_AttachKeyParam(hac, &sw_param); switch(sw_status) { case SW_OK: break; case SW_ERR_INPUT_SIZE: CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE); goto err; default: { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); } goto err; } /* Prepare the argument and response */ arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d); arg.value = (unsigned char *)argument->d; res.nbytes = BN_num_bytes(m); memset(result->d, 0, res.nbytes); res.value = (unsigned char *)result->d; /* Perform the operation */ if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, &res, 1)) != SW_OK) { char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); goto err; } /* Convert the response */ BN_bin2bn((unsigned char *)result->d, res.nbytes, r); to_return = 1; err: if(acquired) release_context(hac); BN_CTX_end(ctx); return to_return; }
static int def_load_bio(CONF *conf, BIO *in, long *line) { /* The macro BUFSIZE conflicts with a system macro in VxWorks */ #define CONFBUFSIZE 512 int bufnum = 0, i, ii; BUF_MEM *buff = NULL; char *s, *p, *end; int again; long eline = 0; char btmp[DECIMAL_SIZE(eline) + 1]; CONF_VALUE *v = NULL, *tv; CONF_VALUE *sv = NULL; char *section = NULL, *buf; char *start, *psection, *pname; void *h = (void *)(conf->data); if ((buff = BUF_MEM_new()) == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB); goto err; } section = (char *)OPENSSL_malloc(10); if (section == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } BUF_strlcpy(section, "default", 10); if (_CONF_new_data(conf) == 0) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } sv = _CONF_new_section(conf, section); if (sv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } bufnum = 0; again = 0; for (;;) { if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB); goto err; } p = &(buff->data[bufnum]); *p = '\0'; BIO_gets(in, p, CONFBUFSIZE - 1); p[CONFBUFSIZE - 1] = '\0'; ii = i = sgx_strlen(p); if (i == 0 && !again) break; again = 0; while (i > 0) { if ((p[i - 1] != '\r') && (p[i - 1] != '\n')) break; else i--; } /* * we removed some trailing stuff so there is a new line on the end. */ if (ii && i == ii) again = 1; /* long line */ else { p[i] = '\0'; eline++; /* another input line */ } /* we now have a line with trailing \r\n removed */ /* i is the number of bytes */ bufnum += i; v = NULL; /* check for line continuation */ if (bufnum >= 1) { /* * If we have bytes and the last char '\\' and second last char * is not '\\' */ p = &(buff->data[bufnum - 1]); if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) { bufnum--; again = 1; } } if (again) continue; bufnum = 0; buf = buff->data; clear_comments(conf, buf); s = eat_ws(conf, buf); if (IS_EOF(conf, *s)) continue; /* blank line */ if (*s == '[') { char *ss; s++; start = eat_ws(conf, s); ss = start; again: end = eat_alpha_numeric(conf, ss); p = eat_ws(conf, end); if (*p != ']') { if (*p != '\0' && ss != p) { ss = p; goto again; } CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); goto err; } *end = '\0'; if (!str_copy(conf, NULL, §ion, start)) goto err; if ((sv = _CONF_get_section(conf, section)) == NULL) sv = _CONF_new_section(conf, section); if (sv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } continue; } else { pname = s; psection = NULL; end = eat_alpha_numeric(conf, s); if ((end[0] == ':') && (end[1] == ':')) { *end = '\0'; end += 2; psection = pname; pname = end; end = eat_alpha_numeric(conf, end); } p = eat_ws(conf, end); if (*p != '=') { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN); goto err; } *end = '\0'; p++; start = eat_ws(conf, p); while (!IS_EOF(conf, *p)) p++; p--; while ((p != start) && (IS_WS(conf, *p))) p--; p++; *p = '\0'; if (!(v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } if (psection == NULL) psection = section; v->name = (char *)OPENSSL_malloc(strlen(pname) + 1); v->value = NULL; if (v->name == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } BUF_strlcpy(v->name, pname, sgx_strlen(pname) + 1); if (!str_copy(conf, psection, &(v->value), start)) goto err; if (sgx_strcmp(psection, section) != 0) { if ((tv = _CONF_get_section(conf, psection)) == NULL) tv = _CONF_new_section(conf, psection); if (tv == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } } else tv = sv; #if 1 if (_CONF_add_string(conf, tv, v) == 0) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } #else v->section = tv->section; if (!sk_CONF_VALUE_push(ts, v)) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } vv = (CONF_VALUE *)lh_insert(conf->data, v); if (vv != NULL) { sk_CONF_VALUE_delete_ptr(ts, vv); OPENSSL_free(vv->name); OPENSSL_free(vv->value); OPENSSL_free(vv); } #endif v = NULL; } } if (buff != NULL) BUF_MEM_free(buff); if (section != NULL) OPENSSL_free(section); return (1); err: if (buff != NULL) BUF_MEM_free(buff); if (section != NULL) OPENSSL_free(section); if (line != NULL) *line = eline; BIO_snprintf(btmp, sizeof btmp, "%ld", eline); ERR_add_error_data(2, "line ", btmp); if ((h != conf->data) && (conf->data != NULL)) { CONF_free(conf->data); conf->data = NULL; } if (v != NULL) { if (v->name != NULL) OPENSSL_free(v->name); if (v->value != NULL) OPENSSL_free(v->value); if (v != NULL) OPENSSL_free(v); } return (0); }