hw_zencod.c

开源的ssl算法openssl,版本0.9.8H

static const char *ZENCOD_LIBNAME = ZEN_LIBRARY ;

static const char *ZENCOD_Fct_0 = "test_device" ;
static const char *ZENCOD_Fct_1 = "zenbridge_bytes2bits" ;
static const char *ZENCOD_Fct_2 = "zenbridge_bits2bytes" ;
static const char *ZENCOD_Fct_3 = "zenbridge_new_number" ;
static const char *ZENCOD_Fct_4 = "zenbridge_init_number" ;

static const char *ZENCOD_Fct_exp_1 = "zenbridge_rsa_mod_exp" ;
static const char *ZENCOD_Fct_exp_2 = "zenbridge_rsa_mod_exp_crt" ;
static const char *ZENCOD_Fct_dsa_1 = "zenbridge_dsa_do_sign" ;
static const char *ZENCOD_Fct_dsa_2 = "zenbridge_dsa_do_verify" ;
static const char *ZENCOD_Fct_dh_1 = "zenbridge_dh_generate_key" ;
static const char *ZENCOD_Fct_dh_2 = "zenbridge_dh_compute_key" ;
static const char *ZENCOD_Fct_rand_1 = "zenbridge_rand_bytes" ;
static const char *ZENCOD_Fct_math_1 = "zenbridge_math_mod_exp" ;

static const char *ZENCOD_Fct_md5_1 = "zenbridge_md5_init" ;
static const char *ZENCOD_Fct_md5_2 = "zenbridge_md5_update" ;
static const char *ZENCOD_Fct_md5_3 = "zenbridge_md5_do_final" ;
static const char *ZENCOD_Fct_sha1_1 = "zenbridge_sha1_init" ;
static const char *ZENCOD_Fct_sha1_2 = "zenbridge_sha1_update" ;
static const char *ZENCOD_Fct_sha1_3 = "zenbridge_sha1_do_final" ;

static const char *ZENCOD_Fct_xdes_1 = "zenbridge_xdes_cipher" ;
static const char *ZENCOD_Fct_rc4_1 = "zenbridge_rc4_cipher" ;

/* Destructor (complements the "ENGINE_zencod ()" constructor)
 */
static int zencod_destroy (ENGINE *e )
{

	ERR_unload_ZENCOD_strings () ;

	return 1 ;
}


/* (de)initialisation functions. Control Function
 */
static int zencod_init ( ENGINE *e )
{

	t_zencod_test *ptr_0 ;
	t_zencod_bytes2bits *ptr_1 ;
	t_zencod_bits2bytes *ptr_2 ;
	t_zencod_new_number *ptr_3 ;
	t_zencod_init_number *ptr_4 ;
	t_zencod_rsa_mod_exp *ptr_exp_1 ;
	t_zencod_rsa_mod_exp_crt *ptr_exp_2 ;
	t_zencod_dsa_do_sign *ptr_dsa_1 ;
	t_zencod_dsa_do_verify *ptr_dsa_2 ;
	t_zencod_dh_generate_key *ptr_dh_1 ;
	t_zencod_dh_compute_key *ptr_dh_2 ;
	t_zencod_rand_bytes *ptr_rand_1 ;
	t_zencod_math_mod_exp *ptr_math_1 ;
	t_zencod_md5_init *ptr_md5_1 ;
	t_zencod_md5_update *ptr_md5_2 ;
	t_zencod_md5_do_final *ptr_md5_3 ;
	t_zencod_sha1_init *ptr_sha1_1 ;
	t_zencod_sha1_update *ptr_sha1_2 ;
	t_zencod_sha1_do_final *ptr_sha1_3 ;
	t_zencod_xdes_cipher *ptr_xdes_1 ;
	t_zencod_rc4_cipher *ptr_rc4_1 ;

	CHEESE () ;

	/*
	 * We Should add some tests for non NULL parameters or bad value !!
	 * Stuff to be done ...
	 */

	if ( zencod_dso != NULL ) {
		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_ALREADY_LOADED ) ;
		goto err ;
	}
	/* Trying to load the Library "cryptozen"
	 */
	zencod_dso = DSO_load ( NULL, ZENCOD_LIBNAME, NULL, 0 ) ;
	if ( zencod_dso == NULL ) {
		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE ) ;
		goto err ;
	}

	/* Trying to load Function from the Library
	 */
	if ( ! ( ptr_1 = (t_zencod_bytes2bits*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_1 ) ) ||
			! ( ptr_2 = (t_zencod_bits2bytes*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_2 ) ) ||
			! ( ptr_3 = (t_zencod_new_number*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_3 ) ) ||
			! ( ptr_4 = (t_zencod_init_number*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_4 ) ) ||
			! ( ptr_exp_1 = (t_zencod_rsa_mod_exp*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_exp_1 ) ) ||
			! ( ptr_exp_2 = (t_zencod_rsa_mod_exp_crt*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_exp_2 ) ) ||
			! ( ptr_dsa_1 = (t_zencod_dsa_do_sign*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dsa_1 ) ) ||
			! ( ptr_dsa_2 = (t_zencod_dsa_do_verify*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dsa_2 ) ) ||
			! ( ptr_dh_1 = (t_zencod_dh_generate_key*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dh_1 ) ) ||
			! ( ptr_dh_2 = (t_zencod_dh_compute_key*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_dh_2 ) ) ||
			! ( ptr_rand_1 = (t_zencod_rand_bytes*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_rand_1 ) ) ||
			! ( ptr_math_1 = (t_zencod_math_mod_exp*) DSO_bind_func ( zencod_dso, ZENCOD_Fct_math_1 ) ) ||
			! ( ptr_0 = (t_zencod_test *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_0 ) ) ||
			! ( ptr_md5_1 = (t_zencod_md5_init *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_md5_1 ) ) ||
			! ( ptr_md5_2 = (t_zencod_md5_update *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_md5_2 ) ) ||
			! ( ptr_md5_3 = (t_zencod_md5_do_final *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_md5_3 ) ) ||
			! ( ptr_sha1_1 = (t_zencod_sha1_init *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_sha1_1 ) ) ||
			! ( ptr_sha1_2 = (t_zencod_sha1_update *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_sha1_2 ) ) ||
			! ( ptr_sha1_3 = (t_zencod_sha1_do_final *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_sha1_3 ) ) ||
			! ( ptr_xdes_1 = (t_zencod_xdes_cipher *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_xdes_1 ) ) ||
			! ( ptr_rc4_1 = (t_zencod_rc4_cipher *) DSO_bind_func ( zencod_dso, ZENCOD_Fct_rc4_1 ) ) ) {

		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE ) ;
		goto err ;
	}

	/* The function from "cryptozen" Library have been correctly loaded so copy them
	 */
	ptr_zencod_test = ptr_0 ;
	ptr_zencod_bytes2bits = ptr_1 ;
	ptr_zencod_bits2bytes = ptr_2 ;
	ptr_zencod_new_number = ptr_3 ;
	ptr_zencod_init_number = ptr_4 ;
	ptr_zencod_rsa_mod_exp = ptr_exp_1 ;
	ptr_zencod_rsa_mod_exp_crt = ptr_exp_2 ;
	ptr_zencod_dsa_do_sign = ptr_dsa_1 ;
	ptr_zencod_dsa_do_verify = ptr_dsa_2 ;
	ptr_zencod_dh_generate_key = ptr_dh_1 ;
	ptr_zencod_dh_compute_key = ptr_dh_2 ;
	ptr_zencod_rand_bytes = ptr_rand_1 ;
	ptr_zencod_math_mod_exp = ptr_math_1 ;
	ptr_zencod_test = ptr_0 ;
	ptr_zencod_md5_init = ptr_md5_1 ;
	ptr_zencod_md5_update = ptr_md5_2 ;
	ptr_zencod_md5_do_final = ptr_md5_3 ;
	ptr_zencod_sha1_init = ptr_sha1_1 ;
	ptr_zencod_sha1_update = ptr_sha1_2 ;
	ptr_zencod_sha1_do_final = ptr_sha1_3 ;
	ptr_zencod_xdes_cipher = ptr_xdes_1 ;
	ptr_zencod_rc4_cipher = ptr_rc4_1 ;

	/* We should peform a test to see if there is actually any unit runnig on the system ...
	 * Even if the cryptozen library is loaded the module coul not be loaded on the system ...
	 * For now we may just open and close the device !!
	 */

	if ( ptr_zencod_test () != 0 ) {
		ZENCODerr ( ZENCOD_F_ZENCOD_INIT, ZENCOD_R_UNIT_FAILURE ) ;
		goto err ;
	}

	return 1 ;
err :
	if ( zencod_dso ) {
		DSO_free ( zencod_dso ) ;
	}
	zencod_dso = NULL ;
	ptr_zencod_bytes2bits = NULL ;
	ptr_zencod_bits2bytes = NULL ;
	ptr_zencod_new_number = NULL ;
	ptr_zencod_init_number = NULL ;
	ptr_zencod_rsa_mod_exp = NULL ;
	ptr_zencod_rsa_mod_exp_crt = NULL ;
	ptr_zencod_dsa_do_sign = NULL ;
	ptr_zencod_dsa_do_verify = NULL ;
	ptr_zencod_dh_generate_key = NULL ;
	ptr_zencod_dh_compute_key = NULL ;
	ptr_zencod_rand_bytes = NULL ;
	ptr_zencod_math_mod_exp = NULL ;
	ptr_zencod_test = NULL ;
	ptr_zencod_md5_init = NULL ;
	ptr_zencod_md5_update = NULL ;
	ptr_zencod_md5_do_final = NULL ;
	ptr_zencod_sha1_init = NULL ;
	ptr_zencod_sha1_update = NULL ;
	ptr_zencod_sha1_do_final = NULL ;
	ptr_zencod_xdes_cipher = NULL ;
	ptr_zencod_rc4_cipher = NULL ;

	return 0 ;
}


static int zencod_finish ( ENGINE *e )
{

	CHEESE () ;

	/*
	 * We Should add some tests for non NULL parameters or bad value !!
	 * Stuff to be done ...
	 */
	if ( zencod_dso == NULL ) {
		ZENCODerr ( ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_NOT_LOADED ) ;
		return 0 ;
	}
	if ( !DSO_free ( zencod_dso ) ) {
		ZENCODerr ( ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_DSO_FAILURE ) ;
		return 0 ;
	}

	zencod_dso = NULL ;

	ptr_zencod_bytes2bits = NULL ;
	ptr_zencod_bits2bytes = NULL ;
	ptr_zencod_new_number = NULL ;
	ptr_zencod_init_number = NULL ;
	ptr_zencod_rsa_mod_exp = NULL ;
	ptr_zencod_rsa_mod_exp_crt = NULL ;
	ptr_zencod_dsa_do_sign = NULL ;
	ptr_zencod_dsa_do_verify = NULL ;
	ptr_zencod_dh_generate_key = NULL ;
	ptr_zencod_dh_compute_key = NULL ;
	ptr_zencod_rand_bytes = NULL ;
	ptr_zencod_math_mod_exp = NULL ;
	ptr_zencod_test = NULL ;
	ptr_zencod_md5_init = NULL ;
	ptr_zencod_md5_update = NULL ;
	ptr_zencod_md5_do_final = NULL ;
	ptr_zencod_sha1_init = NULL ;
	ptr_zencod_sha1_update = NULL ;
	ptr_zencod_sha1_do_final = NULL ;
	ptr_zencod_xdes_cipher = NULL ;
	ptr_zencod_rc4_cipher = NULL ;

	return 1 ;
}


static int zencod_ctrl ( ENGINE *e, int cmd, long i, void *p, void (*f) () )
{

	int initialised = ( ( zencod_dso == NULL ) ? 0 : 1 ) ;

	CHEESE () ;

	/*
	 * We Should add some tests for non NULL parameters or bad value !!
	 * Stuff to be done ...
	 */
	switch ( cmd ) {
	case ZENCOD_CMD_SO_PATH :
		if ( p == NULL ) {
			ZENCODerr ( ZENCOD_F_ZENCOD_CTRL, ERR_R_PASSED_NULL_PARAMETER ) ;
			return 0 ;
		}
		if ( initialised ) {
			ZENCODerr ( ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_ALREADY_LOADED ) ;
			return 0 ;
		}
		ZENCOD_LIBNAME = (const char *) p ;
		return 1 ;
	default :
		break ;
	}

	ZENCODerr ( ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED ) ;

	return 0 ;
}


/* BIGNUM stuff Functions
 */
static int zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx )
{
	zen_nb_t y, x, e, n;
	int ret;

	CHEESE () ;

	if ( !zencod_dso ) {
		ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_NOT_LOADED);
		return 0;
	}

	if ( !bn_wexpand(r, m->top + 1) ) {
		ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL);
		return 0;
	}

	memset(r->d, 0, BN_num_bytes(m));

	ptr_zencod_init_number ( &y, (r->dmax - 1) * sizeof (BN_ULONG) * 8, (unsigned char *) r->d ) ;
	BIGNUM2ZEN ( &x, a ) ;
	BIGNUM2ZEN ( &e, p ) ;
	BIGNUM2ZEN ( &n, m ) ;

	/* Must invert x and e parameter due to BN mod exp prototype ... */
	ret = ptr_zencod_math_mod_exp ( &y, &e, &x, &n ) ;

	if ( ret )  {
		PERROR("zenbridge_math_mod_exp");
		ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_REQUEST_FAILED);
		return 0;
	}

	r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;

	return 1;
}


/* RSA stuff Functions
 */
#ifndef OPENSSL_NO_RSA
static int RSA_zencod_rsa_mod_exp ( BIGNUM *r0, const BIGNUM *i, RSA *rsa )
{

	CHEESE () ;

	if ( !zencod_dso ) {
		ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_NOT_LOADED);
		return 0;
	}

	if ( !rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp ) {
		ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_BAD_KEY_COMPONENTS);
		return 0;
	}

	/* Do in software if argument is too large for hardware */
	if ( RSA_size(rsa) * 8 > ZENBRIDGE_MAX_KEYSIZE_RSA_CRT ) {
		const RSA_METHOD *meth;

		meth = RSA_PKCS1_SSLeay();
		return meth->rsa_mod_exp(r0, i, rsa);
	} else {
		zen_nb_t y, x, p, q, dmp1, dmq1, iqmp;

		if ( !bn_expand(r0, RSA_size(rsa) * 8) ) {
			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_BN_EXPAND_FAIL);
			return 0;
		}
		r0->top = (RSA_size(rsa) * 8 + BN_BITS2 - 1) / BN_BITS2;

		BIGNUM2ZEN ( &x, i ) ;
		BIGNUM2ZEN ( &y, r0 ) ;
		BIGNUM2ZEN ( &p, rsa->p ) ;
		BIGNUM2ZEN ( &q, rsa->q ) ;
		BIGNUM2ZEN ( &dmp1, rsa->dmp1 ) ;
		BIGNUM2ZEN ( &dmq1, rsa->dmq1 ) ;
		BIGNUM2ZEN ( &iqmp, rsa->iqmp ) ;

		if ( ptr_zencod_rsa_mod_exp_crt ( &y, &x, &p, &q, &dmp1, &dmq1, &iqmp ) < 0 ) {
			PERROR("zenbridge_rsa_mod_exp_crt");
			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_REQUEST_FAILED);
			return 0;
		}

		return 1;
	}
}


/* This function is aliased to RSA_mod_exp (with the mont stuff dropped).
 */
static int RSA_zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx )
{

	CHEESE () ;

	if ( !zencod_dso ) {
		ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_NOT_LOADED);
		return 0;
	}

	/* Do in software if argument is too large for hardware */
	if ( BN_num_bits(m) > ZENBRIDGE_MAX_KEYSIZE_RSA ) {
		const RSA_METHOD *meth;

		meth = RSA_PKCS1_SSLeay();
		return meth->bn_mod_exp(r, a, p, m, ctx, m_ctx);
	} else {
		zen_nb_t y, x, e, n;

		if ( !bn_expand(r, BN_num_bits(m)) ) {
			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL);
			return 0;
		}
		r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;

		BIGNUM2ZEN ( &x, a ) ;
		BIGNUM2ZEN ( &y, r ) ;
		BIGNUM2ZEN ( &e, p ) ;
		BIGNUM2ZEN ( &n, m ) ;

		if ( ptr_zencod_rsa_mod_exp ( &y, &x, &n, &e ) < 0 ) {
			PERROR("zenbridge_rsa_mod_exp");
			ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_REQUEST_FAILED);
			return 0;
		}

		return 1;
	}
}
#endif /* !OPENSSL_NO_RSA */


#ifndef OPENSSL_NO_DSA
/* DSA stuff Functions
 */
static DSA_SIG *DSA_zencod_do_sign ( const unsigned char *dgst, int dlen, DSA *dsa )
{
	zen_nb_t p, q, g, x, y, r, s, data;
	DSA_SIG *sig;
	BIGNUM *bn_r = NULL;
	BIGNUM *bn_s = NULL;
	char msg[20];

	CHEESE();

	if ( !zencod_dso ) {
		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_NOT_LOADED);
		goto FAILED;
	}

	if ( dlen > 160 ) {
		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
		goto FAILED;
	}

	/* Do in software if argument is too large for hardware */
	if ( BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ||
		BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ) {
		const DSA_METHOD *meth;
		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
		meth = DSA_OpenSSL();
		return meth->dsa_do_sign(dgst, dlen, dsa);
	}

	if ( !(bn_s = BN_new()) || !(bn_r = BN_new()) ) {
		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
		goto FAILED;
	}

	if ( !bn_expand(bn_r, 160) || !bn_expand(bn_s, 160) ) {
		ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BN_EXPAND_FAIL);