update gmapi

engines/e_avx2.c

@@ -57,22 +57,12 @@
 static const char *avx2_id = "avx2";
 static const char *avx2_name = "ENGINE with Intel AVX2 Intructions";
 
-#define SDF_CMD_STRING		ENGINE_CMD_BASE
-#define SDF_CMD_NUMERIC		(ENGINE_CMD_BASE + 1)
-#define SDF_CMD_NO_INPUT	(ENGINE_CMD_BASE + 2)
+#define SDF_CMD_CPUID		ENGINE_CMD_BASE
 
 static const ENGINE_CMD_DEFN avx2_cmd_defns[] = {
-	{SDF_CMD_STRING,
-	 "STRING",
-	 "Specifies the path to the vendor's SDF shared library",
-	 ENGINE_CMD_FLAG_STRING},
-	{SDF_CMD_NUMERIC,
-	 "NUMERIC",
-	 "Connect SKF device with device name",
-	 ENGINE_CMD_FLAG_NUMERIC},
-	{SDF_CMD_NO_INPUT,
-	 "NO_INPUT",
-	 "Example NO_INPUT",
+	{SDF_CMD_CPUID,
+	 "CPUID",
+	 "Show CPUID",
 	 ENGINE_CMD_FLAG_NO_INPUT},
 	{0, NULL, NULL, 0},
 };
@@ -80,14 +70,8 @@ static const ENGINE_CMD_DEFN avx2_cmd_defns[] = {
 static int avx2_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
 {
 	switch (cmd) {
-	case SDF_CMD_STRING:
-		printf("cmd = %s\n", (char *)p);
-		break;
-	case SDF_CMD_NUMERIC:
-		printf("cmd = %d\n", (int)i);
-		break;
-	case SDF_CMD_NO_INPUT:
-		printf("cmd = (null)\n");
+	case SDF_CMD_CPUID:
+		printf("not implemented\n");
 		break;
 	default:
 		printf("unknown cmd\n");

engines/e_sdf.c

@@ -0,0 +1,299 @@
+/* ====================================================================
+ * Copyright (c) 2016 The GmSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the GmSSL Project.
+ *    (http://gmssl.org/)"
+ *
+ * 4. The name "GmSSL Project" must not be used to endorse or promote
+ *    products derived from this software without prior written
+ *    permission. For written permission, please contact
+ *    guanzhi1980@gmail.com.
+ *
+ * 5. Products derived from this software may not be called "GmSSL"
+ *    nor may "GmSSL" appear in their names without prior written
+ *    permission of the GmSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the GmSSL Project
+ *    (http://gmssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <openssl/ec.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+#include <openssl/engine.h>
+
+
+static const SDF_METHOD *sdf_meth;
+
+static const char *sdf_id = "sdf";
+static const char *sdf_name = "ENGINE connect to SDF Devices";
+
+#define SDF_CMD_SO_PATH		ENGINE_CMD_BASE
+
+static const ENGINE_CMD_DEFN sdf_cmd_defns[] = {
+	{SDF_CMD_SO_PATH,
+	 "SO_PATH",
+	 "Specifies the path to the vendor's SDF shared library",
+	 ENGINE_CMD_FLAG_STRING},
+	{0, NULL, NULL, 0},
+};
+
+static int sdf_load_library(const char *so_path)
+{
+	sdf_meth = SDF_METHOD_load_library(so_path);
+	return 1;
+}
+
+static int sdf_open_device()
+{
+	int rv;
+	if ((rv = sdf_meth->OpenDevice(&hDevice)) != SDR_OK) {
+		ESDFerr(ESDF_F_SDF_OPEN_DEVICE, ESDF_R_OPEN_DEVICE_FAILURE);
+		fprintf(stderr, "so_path: %s\n", SDF_GetErrorString(rv));
+		return 0;
+	}
+	if ((rv = sdf_meth->OpenSession(hDevice, &hSession)) != SDR_OK) {
+		ESDFerr(ESDF_F_SDF_OPEN_DEVICE, ESDF_R_OPEN_SESSION_FAILURE);
+		fprintf(stderr, "so_path: %s\n", SDF_GetErrorString(rv));
+		return 0;
+	}
+
+	return 1;
+}
+
+static int sdf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
+{
+	switch (cmd) {
+	case SDF_CMD_SO_PATH:
+		so_path = (char *)p;
+		sdf_load_library(so_path);
+		break;
+	default:
+		printf("unknown cmd\n");
+		return 0;
+	}
+	return 1;
+}
+
+static int sdf_ec_idx = -1;
+static const EC_KEY_METHOD *sdf_ec_method = NULL;
+
+static ECDSA_SIG *sdf_ec_sign_sig(const unsigned char *dgst, int dgstlen,
+	const BIGNUM *kinv, const BIGNUM *r,
+	EC_KEY *ec_key)
+{
+	unsigned int key_index;
+	ECCSignature sigbuf;
+
+	rv = sdf_meth->InternalSign_ECC(
+		hSession,
+		key_index,
+		dgst,
+		dgstlen,
+		&sigbuf);
+
+	return ret;
+}
+
+const EC_KEY_METHOD *sdf_get_ec_method(void)
+{
+	EC_KEY_METHOD *ret = NULL;
+
+	if (sdf_ec_method) {
+		return sdf_ec_method;
+	}
+
+	if (!(ret = EC_KEY_METHOD_new(EC_KEY_OpenSSL()))) {
+		return NULL;
+	}
+
+	EC_KEY_METHOD_set_sign(ret, NULL, NULL, sdf_ec_sign_sig);
+
+	sdf_ec_method = ret;
+	return ret;
+}
+
+static EVP_PKEY *sdf_load_privkey(ENGINE *e, const char *key_id,
+	UI_METHOD *ui_method, void *callback_data)
+{
+	UI *ui = NULL;
+	char buf1[256];
+	char buf2[256];
+	int r;
+	char *password;
+	ECCrefPublicKey keybuf;
+
+	ui = UI_new_method(ui_method);
+
+	if ((r = UI_add_input_string(ui, "> ", 0, buf1, 0, sizeof(buf1)-1)) < 0) {
+		goto end;
+	}
+	if (UI_process(ui) < 0) {
+	}
+
+	password = UI_get0_result(ui, 0);
+
+
+	sdf_meth->GetPrivateKeyAccessRight(
+		hSession,
+		key_index,
+		password,
+		strlen(password));
+
+	sdf_meth->ExportSignPublicKey_ECC(
+		hSession,
+		key_index,
+		&keybuf);
+
+	ec_key = EC_KEY_new_by_ECCrefPublicKey(&keybuf);
+
+	EVP_PKEY_set0_EC(ret, ec_key);
+
+	return NULL;
+}
+
+static EVP_PKEY *sdf_load_pubkey(ENGINE *e, const char *key_id,
+	UI_METHOD *ui_method, void *callback_data)
+{
+	EVP_PKEY *ret = NULL;
+	int rv;
+
+	unsigned int index;
+	int is_sign_key;
+	RSArefPublicKey publicKey;
+
+	parse_key_id(key_id, &index, &is_sign_key);
+
+	rv = SDF_OpenSession(hDevice, &hSession);
+
+	if (is_sign_key) {
+		rv = SDF_ExportSignPublicKey_RSA(hSession, index, &publicKey);
+	} else {
+		rv = SDF_ExportEncPublicKey_RSA(hSession, index, &publicKey);
+	}
+
+	return NULL;
+}
+
+static int sdf_destroy(ENGINE *e)
+{
+	return 1;
+}
+
+static void *hDevice = NULL;
+static void *hSession = NULL;
+
+static int sdf_init(ENGINE *e)
+{
+	sdf_meth = NULL;
+	return 1;
+}
+
+static int sdf_finish(ENGINE *e)
+{
+	if (hSession) {
+		sdf_meth->CloseSession(hSession);
+		hSession = NULL;
+	}
+
+	if (hDevice) {
+		sdf_meth->CloseDevice(hDevice);
+	}
+	return 1;
+}
+
+static int bind_sdf(ENGINE *e)
+{
+	if (!ENGINE_set_id(e, sdf_id)
+		|| !ENGINE_set_name(e, sdf_name)
+		|| !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
+		|| !ENGINE_set_cmd_defns(e, sdf_cmd_defns)
+		|| !ENGINE_set_ctrl_function(e, sdf_ctrl)
+		|| !ENGINE_set_init_function(e, sdf_init)
+		|| !ENGINE_set_finish_function(e, sdf_finish)
+		|| !ENGINE_set_destroy_function(e, sdf_destroy)
+		|| !ENGINE_set_load_privkey_function(e, sdf_load_privkey)
+		|| !ENGINE_set_load_pubkey_function(e, sdf_load_pubkey)
+		|| !ENGINE_set_EC(e, sdf_get_ec_method())) {
+		return 0;
+	}
+
+	return 1;
+}
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+	if (id && strcmp(id, sdf_id) != 0) {
+		return 0;
+	}
+	if (!bind_sdf(e)) {
+		return 0;
+	}
+	return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+
+#else
+
+static ENGINE *engine_sdf(void)
+{
+	ENGINE *ret = NULL;
+	if (!(ret = ENGINE_new())) {
+		return NULL;
+	}
+	if (!bind_sdf(ret)) {
+		ENGINE_free(ret);
+		return NULL;
+	}
+	return ret;
+}
+
+void engine_load_sdf_int(void)
+{
+	ENGINE *eng = NULL;
+	if (!(eng = engine_sdf())) {
+		return;
+	}
+	ENGINE_add(eng);
+	ENGINE_free(eng);
+	ERR_clear_error();
+}
+#endif /* OPENSSL_NO_DYNAMIC_ENGINE */

engines/e_sdf.ec

@@ -0,0 +1 @@
+L       ESDF    e_sdf_err.h e_sdf_err.c

engines/e_sdf_err.c

@@ -0,0 +1,86 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_sdf_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA ESDF_str_functs[] = {
+    {ERR_FUNC(ESDF_F_SDF_OPEN_DEVICE), "sdf_open_device"},
+    {ERR_FUNC(ESDF_F_SDF_RAND_BYTES), "sdf_rand_bytes"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ESDF_str_reasons[] = {
+    {ERR_REASON(ESDF_R_OPEN_DEVICE_FAILURE), "open device failure"},
+    {ERR_REASON(ESDF_R_OPEN_SESSION_FAILURE), "open session failure"},
+    {ERR_REASON(ESDF_R_OPERATION_FAILURE), "operation failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef ESDF_LIB_NAME
+static ERR_STRING_DATA ESDF_lib_name[] = {
+    {0, ESDF_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int ESDF_lib_error_code = 0;
+static int ESDF_error_init = 1;
+
+static int ERR_load_ESDF_strings(void)
+{
+    if (ESDF_lib_error_code == 0)
+        ESDF_lib_error_code = ERR_get_next_error_library();
+
+    if (ESDF_error_init) {
+        ESDF_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(ESDF_lib_error_code, ESDF_str_functs);
+        ERR_load_strings(ESDF_lib_error_code, ESDF_str_reasons);
+#endif
+
+#ifdef ESDF_LIB_NAME
+        ESDF_lib_name->error = ERR_PACK(ESDF_lib_error_code, 0, 0);
+        ERR_load_strings(0, ESDF_lib_name);
+#endif
+    }
+    return 1;
+}
+
+static void ERR_unload_ESDF_strings(void)
+{
+    if (ESDF_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(ESDF_lib_error_code, ESDF_str_functs);
+        ERR_unload_strings(ESDF_lib_error_code, ESDF_str_reasons);
+#endif
+
+#ifdef ESDF_LIB_NAME
+        ERR_unload_strings(0, ESDF_lib_name);
+#endif
+        ESDF_error_init = 1;
+    }
+}
+
+static void ERR_ESDF_error(int function, int reason, char *file, int line)
+{
+    if (ESDF_lib_error_code == 0)
+        ESDF_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(ESDF_lib_error_code, function, reason, file, line);
+}

engines/e_sdf_err.h

@@ -0,0 +1,42 @@
+/*
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_ESDF_ERR_H
+# define HEADER_ESDF_ERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+
+static int ERR_load_ESDF_strings(void);
+static void ERR_unload_ESDF_strings(void);
+static void ERR_ESDF_error(int function, int reason, char *file, int line);
+# define ESDFerr(f,r) ERR_ESDF_error((f),(r),OPENSSL_FILE,OPENSSL_LINE)
+
+/* Error codes for the ESDF functions. */
+
+/* Function codes. */
+# define ESDF_F_SDF_OPEN_DEVICE                           100
+# define ESDF_F_SDF_RAND_BYTES                            101
+
+/* Reason codes. */
+# define ESDF_R_OPEN_DEVICE_FAILURE                       100
+# define ESDF_R_OPEN_SESSION_FAILURE                      101
+# define ESDF_R_OPERATION_FAILURE                         102
+
+# ifdef  __cplusplus
+}
+# endif
+#endif

engines/e_skf.c

@@ -0,0 +1,293 @@
+/* ====================================================================
+ * Copyright (c) 2016 The GmSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the GmSSL Project.
+ *    (http://gmssl.org/)"
+ *
+ * 4. The name "GmSSL Project" must not be used to endorse or promote
+ *    products derived from this software without prior written
+ *    permission. For written permission, please contact
+ *    guanzhi1980@gmail.com.
+ *
+ * 5. Products derived from this software may not be called "GmSSL"
+ *    nor may "GmSSL" appear in their names without prior written
+ *    permission of the GmSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the GmSSL Project
+ *    (http://gmssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE GmSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <openssl/ec.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+#include <openssl/engine.h>
+
+
+static const SDF_METHOD *sdf_meth;
+
+static const char *sdf_id = "sdf";
+static const char *sdf_name = "ENGINE connect to SDF Devices";
+
+#define SDF_CMD_SO_PATH		ENGINE_CMD_BASE
+
+static const ENGINE_CMD_DEFN sdf_cmd_defns[] = {
+	{SDF_CMD_SO_PATH,
+	 "SO_PATH",
+	 "Specifies the path to the vendor's SDF shared library",
+	 ENGINE_CMD_FLAG_STRING},
+	{0, NULL, NULL, 0},
+};
+
+static int sdf_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
+{
+	switch (cmd) {
+	case SDF_CMD_SO_PATH:
+		so_path = (char *)p;
+		sdf_load_library(so_path);
+		break;
+	default:
+		printf("unknown cmd\n");
+		return 0;
+	}
+	return 1;
+}
+
+static int sdf_rand_bytes(unsigned char *out, int outlen)
+{
+	if (sdf_meth->GenerateRandom) {
+		if ((sdf_meth->GenerateRandom(hSession, out, outlen)) != SDR_OK) {
+			ESDFerr(ESDF_F_SDF_RAND_BYTES, ESDF_R_OPERATION_FAILURE);
+			return 0;
+		}
+	}
+	return 1;
+}
+
+static int sdf_rand_status(void)
+{
+	return 1;
+}
+
+static RAND_METHOD sdf_rand_method = {
+	NULL,
+	sdf_rand_bytes,
+	NULL,
+	NULL,
+	sdf_rand_bytes,
+	sdf_rand_status,
+};
+
+const RAND_METHOD *sdf_get_rand_method(void)
+{
+	return &sdf_rand_method;
+}
+
+static int sdf_ec_idx = -1;
+static const EC_KEY_METHOD *sdf_ec_method = NULL;
+
+static int sdf_ec_sign(int type, const unsigned char *dgst, int dgstlen,
+	unsigned char *sig, unsigned int *siglen,
+	const BIGNUM *kinv, const BIGNUM *r,
+	EC_KEY *ec_key)
+{
+	printf(" call %s()\n", __func__);
+	return 1;
+}
+
+static int sdf_ec_sign_setup(EC_KEY *ec_key, BN_CTX *ctx,
+	BIGNUM **kinvp, BIGNUM **rp)
+{
+	printf(" call %s()\n", __func__);
+	return 1;
+}
+
+static ECDSA_SIG *sdf_ec_sign_sig(const unsigned char *dgst, int dgstlen,
+	const BIGNUM *kinv, const BIGNUM *r,
+	EC_KEY *ec_key)
+{
+	ECDSA_SIG *ret = ECDSA_SIG_new();
+	printf(" call %s()\n", __func__);
+	return ret;
+}
+
+const EC_KEY_METHOD *sdf_get_ec_method(void)
+{
+	EC_KEY_METHOD *ret = NULL;
+
+	if (sdf_ec_method) {
+		return sdf_ec_method;
+	}
+
+	if (!(ret = EC_KEY_METHOD_new(EC_KEY_OpenSSL()))) {
+		return NULL;
+	}
+
+	EC_KEY_METHOD_set_sign(ret, sdf_ec_sign, sdf_ec_sign_setup, sdf_ec_sign_sig);
+
+	sdf_ec_method = ret;
+	return ret;
+}
+
+static EVP_PKEY *sdf_load_privkey(ENGINE *e, const char *key_id,
+	UI_METHOD *ui_method, void *callback_data)
+{
+	UI *ui = NULL;
+	char buf1[256];
+	char buf2[256];
+	int r;
+
+	ui = UI_new_method(ui_method);
+
+	r = UI_add_input_string(ui, "> ", 0, buf1, 0, sizeof(buf1)-1);
+	assert(r >= 0);
+	r = UI_process(ui);
+	assert(r >= 0);
+
+	printf("password = %s\n", UI_get0_result(ui, 0));
+
+	printf("%s\n", __func__);
+	return NULL;
+}
+
+static EVP_PKEY *sdf_load_pubkey(ENGINE *e, const char *key_id,
+	UI_METHOD *ui_method, void *callback_data)
+{
+	unsigned int index;
+	int is_sign_key;
+	RSArefPublicKey publicKey;
+
+	parse_key_id(key_id, &index, &is_sign_key);
+
+	rv = SDF_OpenSession(hDevice, &hSession);
+
+	if (is_sign_key) {
+		rv = SDF_ExportSignPublicKey_RSA(hSession, index, &publicKey);
+	} else {
+		rv = SDF_ExportEncPublicKey_RSA(hSession, index, &publicKey);
+	}
+
+	printf("%s\n", __func__);
+	return NULL;
+}
+
+/****************************************************************************/
+
+static int sdf_destroy(ENGINE *e)
+{
+	return 1;
+}
+
+static void *hDevice = NULL;
+static void *hSession = NULL;
+
+static int sdf_init(ENGINE *e)
+{
+	int rv;
+	rv = sdf_meth->OpenDevice(&hDevice);
+	rv = sdf_meth->OpenSession(hDevice, &hSession);
+	return 1;
+}
+
+static int sdf_finish(ENGINE *e)
+{
+	sdf_meth->CloseSession(hSession);
+	sdf_meth->CloseDevice(hDevice);
+	return 1;
+}
+
+static int bind_sdf(ENGINE *e)
+{
+	if (!ENGINE_set_id(e, sdf_id)
+		|| !ENGINE_set_name(e, sdf_name)
+		|| !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
+		|| !ENGINE_set_cmd_defns(e, sdf_cmd_defns)
+		|| !ENGINE_set_ctrl_function(e, sdf_ctrl)
+		|| !ENGINE_set_init_function(e, sdf_init)
+		|| !ENGINE_set_finish_function(e, sdf_finish)
+		|| !ENGINE_set_destroy_function(e, sdf_destroy)
+		|| !ENGINE_set_load_privkey_function(e, sdf_load_privkey)
+		|| !ENGINE_set_load_pubkey_function(e, sdf_load_pubkey)
+		|| !ENGINE_set_RAND(e, sdf_get_rand_method())
+		|| !ENGINE_set_EC(e, sdf_get_ec_method())) {
+		return 0;
+	}
+
+	return 1;
+}
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+	if (id && strcmp(id, sdf_id) != 0) {
+		return 0;
+	}
+	if (!bind_sdf(e)) {
+		return 0;
+	}
+	return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+
+#else
+
+static ENGINE *engine_sdf(void)
+{
+	ENGINE *ret = NULL;
+	if (!(ret = ENGINE_new())) {
+		return NULL;
+	}
+	if (!bind_sdf(ret)) {
+		ENGINE_free(ret);
+		return NULL;
+	}
+	return ret;
+}
+
+void engine_load_sdf_int(void)
+{
+	ENGINE *eng = NULL;
+	if (!(eng = engine_sdf())) {
+		return;
+	}
+	ENGINE_add(eng);
+	ENGINE_free(eng);
+	ERR_clear_error();
+}
+#endif /* OPENSSL_NO_DYNAMIC_ENGINE */

engines/e_skf.ec

@@ -0,0 +1 @@
+L       ESKF    e_skf_err.h e_skf_err.c