This changes the existing hardware ENGINE implementations to dynamically

declare their own error strings so that they can be more easily compiled as
external shared-libraries if desired. Also, each implementation has been
given canonical "dynamic" support at the base of each file and is only
built if the ENGINE_DYNAMIC_SUPPORT symbol is defined.

Also, use "void" prototypes rather than empty prototypes in engine_int.h.

This does not yet;
  (i) remove error strings when unloading,
 (ii) remove the redundant ENGINE_R_*** codes (though ENGINE_F_*** codes
      have gone), or
(iii) provide any instructions on how to build shared-library ENGINEs or
      use them.

All are on their way.

10 files changed, 719 insertions, 357 deletions

diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
index 4c03be3ac2..149ae9a979 100644
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -561,9 +561,6 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
 		if(!fn(e,id)) return 0; \
 		return 1; }
 
-/* Obligatory error function. */
-void ERR_load_ENGINE_strings(void);
-
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -573,19 +570,6 @@ void ERR_load_ENGINE_strings(void);
 /* Error codes for the ENGINE functions. */
 
 /* Function codes. */
-#define ENGINE_F_ATALLA_CTRL				 173
-#define ENGINE_F_ATALLA_FINISH				 159
-#define ENGINE_F_ATALLA_INIT				 160
-#define ENGINE_F_ATALLA_MOD_EXP				 161
-#define ENGINE_F_ATALLA_RSA_MOD_EXP			 162
-#define ENGINE_F_CSWIFT_CTRL				 174
-#define ENGINE_F_CSWIFT_DSA_SIGN			 133
-#define ENGINE_F_CSWIFT_DSA_VERIFY			 134
-#define ENGINE_F_CSWIFT_FINISH				 100
-#define ENGINE_F_CSWIFT_INIT				 101
-#define ENGINE_F_CSWIFT_MOD_EXP				 102
-#define ENGINE_F_CSWIFT_MOD_EXP_CRT			 103
-#define ENGINE_F_CSWIFT_RSA_MOD_EXP			 104
 #define ENGINE_F_DYNAMIC_CTRL				 180
 #define ENGINE_F_DYNAMIC_GET_DATA_CTX			 181
 #define ENGINE_F_DYNAMIC_LOAD				 182
@@ -611,32 +595,9 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_ENGINE_SET_ID				 129
 #define ENGINE_F_ENGINE_SET_NAME			 130
 #define ENGINE_F_ENGINE_UNLOAD_KEY			 152
-#define ENGINE_F_HWCRHK_CTRL				 143
-#define ENGINE_F_HWCRHK_FINISH				 135
-#define ENGINE_F_HWCRHK_GET_PASS			 155
-#define ENGINE_F_HWCRHK_INIT				 136
-#define ENGINE_F_HWCRHK_INSERT_CARD			 179
-#define ENGINE_F_HWCRHK_LOAD_PRIVKEY			 153
-#define ENGINE_F_HWCRHK_LOAD_PUBKEY			 154
-#define ENGINE_F_HWCRHK_MOD_EXP				 137
-#define ENGINE_F_HWCRHK_MOD_EXP_CRT			 138
-#define ENGINE_F_HWCRHK_RAND_BYTES			 139
-#define ENGINE_F_HWCRHK_RSA_MOD_EXP			 140
 #define ENGINE_F_INT_CTRL_HELPER			 172
 #define ENGINE_F_LOG_MESSAGE				 141
-#define ENGINE_F_NURON_CTRL				 175
-#define ENGINE_F_NURON_FINISH				 157
-#define ENGINE_F_NURON_INIT				 156
-#define ENGINE_F_NURON_MOD_EXP				 158
 #define ENGINE_F_SET_DATA_CTX				 183
-#define ENGINE_F_UBSEC_CTRL				 176
-#define ENGINE_F_UBSEC_DSA_SIGN				 163
-#define ENGINE_F_UBSEC_DSA_VERIFY			 164
-#define ENGINE_F_UBSEC_FINISH				 165
-#define ENGINE_F_UBSEC_INIT				 166
-#define ENGINE_F_UBSEC_MOD_EXP				 167
-#define ENGINE_F_UBSEC_RSA_MOD_EXP			 168
-#define ENGINE_F_UBSEC_RSA_MOD_EXP_CRT			 169
 
 /* Reason codes. */
 #define ENGINE_R_ALREADY_LOADED				 100
diff --git a/crypto/engine/engine_dyn.c b/crypto/engine/engine_dyn.c
index 556e9f3a6a..d4f00f7b6a 100644
--- a/crypto/engine/engine_dyn.c
+++ b/crypto/engine/engine_dyn.c
@@ -238,7 +238,7 @@ static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
 
 /* As this is only ever called once, there's no need for locking
  * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_dynamic()
+ENGINE *ENGINE_dynamic(void)
 	{
 	ENGINE *ret = ENGINE_new();
 	if(!ret)
diff --git a/crypto/engine/engine_err.c b/crypto/engine/engine_err.c
index 301415d980..e76a4e3d4d 100644
--- a/crypto/engine/engine_err.c
+++ b/crypto/engine/engine_err.c
@@ -66,19 +66,6 @@
 #ifndef OPENSSL_NO_ERR
 static ERR_STRING_DATA ENGINE_str_functs[]=
 	{
-{ERR_PACK(0,ENGINE_F_ATALLA_CTRL,0),	"ATALLA_CTRL"},
-{ERR_PACK(0,ENGINE_F_ATALLA_FINISH,0),	"ATALLA_FINISH"},
-{ERR_PACK(0,ENGINE_F_ATALLA_INIT,0),	"ATALLA_INIT"},
-{ERR_PACK(0,ENGINE_F_ATALLA_MOD_EXP,0),	"ATALLA_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_ATALLA_RSA_MOD_EXP,0),	"ATALLA_RSA_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_CTRL,0),	"CSWIFT_CTRL"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_DSA_SIGN,0),	"CSWIFT_DSA_SIGN"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_DSA_VERIFY,0),	"CSWIFT_DSA_VERIFY"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_FINISH,0),	"CSWIFT_FINISH"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_INIT,0),	"CSWIFT_INIT"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_MOD_EXP,0),	"CSWIFT_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_MOD_EXP_CRT,0),	"CSWIFT_MOD_EXP_CRT"},
-{ERR_PACK(0,ENGINE_F_CSWIFT_RSA_MOD_EXP,0),	"CSWIFT_RSA_MOD_EXP"},
 {ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0),	"DYNAMIC_CTRL"},
 {ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0),	"DYNAMIC_GET_DATA_CTX"},
 {ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0),	"DYNAMIC_LOAD"},
@@ -104,32 +91,9 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0),	"ENGINE_set_id"},
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),	"ENGINE_set_name"},
 {ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0),	"ENGINE_UNLOAD_KEY"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_CTRL,0),	"HWCRHK_CTRL"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_FINISH,0),	"HWCRHK_FINISH"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_GET_PASS,0),	"HWCRHK_GET_PASS"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_INIT,0),	"HWCRHK_INIT"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_INSERT_CARD,0),	"HWCRHK_INSERT_CARD"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_LOAD_PRIVKEY,0),	"HWCRHK_LOAD_PRIVKEY"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_LOAD_PUBKEY,0),	"HWCRHK_LOAD_PUBKEY"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP,0),	"HWCRHK_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP_CRT,0),	"HWCRHK_MOD_EXP_CRT"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_RAND_BYTES,0),	"HWCRHK_RAND_BYTES"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_RSA_MOD_EXP,0),	"HWCRHK_RSA_MOD_EXP"},
 {ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0),	"INT_CTRL_HELPER"},
 {ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),	"LOG_MESSAGE"},
-{ERR_PACK(0,ENGINE_F_NURON_CTRL,0),	"NURON_CTRL"},
-{ERR_PACK(0,ENGINE_F_NURON_FINISH,0),	"NURON_FINISH"},
-{ERR_PACK(0,ENGINE_F_NURON_INIT,0),	"NURON_INIT"},
-{ERR_PACK(0,ENGINE_F_NURON_MOD_EXP,0),	"NURON_MOD_EXP"},
 {ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0),	"SET_DATA_CTX"},
-{ERR_PACK(0,ENGINE_F_UBSEC_CTRL,0),	"UBSEC_CTRL"},
-{ERR_PACK(0,ENGINE_F_UBSEC_DSA_SIGN,0),	"UBSEC_DSA_SIGN"},
-{ERR_PACK(0,ENGINE_F_UBSEC_DSA_VERIFY,0),	"UBSEC_DSA_VERIFY"},
-{ERR_PACK(0,ENGINE_F_UBSEC_FINISH,0),	"UBSEC_FINISH"},
-{ERR_PACK(0,ENGINE_F_UBSEC_INIT,0),	"UBSEC_INIT"},
-{ERR_PACK(0,ENGINE_F_UBSEC_MOD_EXP,0),	"UBSEC_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_UBSEC_RSA_MOD_EXP,0),	"UBSEC_RSA_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_UBSEC_RSA_MOD_EXP_CRT,0),	"UBSEC_RSA_MOD_EXP_CRT"},
 {0,NULL}
 	};
 
diff --git a/crypto/engine/engine_int.h b/crypto/engine/engine_int.h
index b51d1914c0..90a47a7325 100644
--- a/crypto/engine/engine_int.h
+++ b/crypto/engine/engine_int.h
@@ -141,11 +141,11 @@ struct engine_st
  * do not return references - they are purely for bootstrapping). */
 
 /* Returns a structure of software only methods (the default). */
-ENGINE *ENGINE_openssl();
+ENGINE *ENGINE_openssl(void);
 
 /* Returns the "dynamic" ENGINE for loading entire ENGINE implementations from
  * shared libraries. */
-ENGINE *ENGINE_dynamic();
+ENGINE *ENGINE_dynamic(void);
 
 #ifndef OPENSSL_NO_HW
 
@@ -153,24 +153,24 @@ ENGINE *ENGINE_dynamic();
 /* Returns a structure of cswift methods ... NB: This can exist and be
  * "used" even on non-cswift systems because the "init" will fail if the
  * card/library are not found. */
-ENGINE *ENGINE_cswift();
+ENGINE *ENGINE_cswift(void);
 #endif /* !OPENSSL_NO_HW_CSWIFT */
 
 #ifndef OPENSSL_NO_HW_NCIPHER
-ENGINE *ENGINE_ncipher();
+ENGINE *ENGINE_ncipher(void);
 #endif /* !OPENSSL_NO_HW_NCIPHER */
 
 #ifndef OPENSSL_NO_HW_ATALLA
 /* Returns a structure of atalla methods. */
-ENGINE *ENGINE_atalla();
+ENGINE *ENGINE_atalla(void);
 #endif /* !OPENSSL_NO_HW_ATALLA */
 
 #ifndef OPENSSL_NO_HW_NURON
-ENGINE *ENGINE_nuron();
+ENGINE *ENGINE_nuron(void);
 #endif /* !OPENSSL_NO_HW_NURON */
 
 #ifndef OPENSSL_NO_HW_UBSEC
-ENGINE *ENGINE_ubsec();
+ENGINE *ENGINE_ubsec(void);
 #endif /* !OPENSSL_NO_HW_UBSEC */
 
 #ifdef OPENSSL_OPENBSD_DEV_CRYPTO
diff --git a/crypto/engine/engine_openssl.c b/crypto/engine/engine_openssl.c
index cd885c0409..c353df97d6 100644
--- a/crypto/engine/engine_openssl.c
+++ b/crypto/engine/engine_openssl.c
@@ -76,7 +76,7 @@ static const char *engine_openssl_name = "Software default engine support";
 
 /* As this is only ever called once, there's no need for locking
  * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_openssl()
+ENGINE *ENGINE_openssl(void)
 	{
 	ENGINE *ret = ENGINE_new();
 	if(!ret)
diff --git a/crypto/engine/hw_atalla.c b/crypto/engine/hw_atalla.c
index 5deb2c4382..5716c2f0b9 100644
--- a/crypto/engine/hw_atalla.c
+++ b/crypto/engine/hw_atalla.c
@@ -167,13 +167,66 @@ static DH_METHOD atalla_dh =
 	};
 #endif
 
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in atalla operation */
+#define ATALLA_F_ATALLA_INIT			100
+#define ATALLA_F_ATALLA_FINISH			101
+#define ATALLA_F_ATALLA_CTRL			102
+#define ATALLA_F_ATALLA_MOD_EXP			103
+#define ATALLA_F_ATALLA_RSA_MOD_EXP		104
+/* Error reason codes */
+#define ATALLA_R_ALREADY_LOADED			105
+#define ATALLA_R_NOT_LOADED			106
+#define ATALLA_R_UNIT_FAILURE			107
+#define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED	108
+#define ATALLA_R_BN_CTX_FULL			109
+#define ATALLA_R_BN_EXPAND_FAIL			110
+#define ATALLA_R_REQUEST_FAILED			111
+#define ATALLA_R_MISSING_KEY_COMPONENTS		112
+static ERR_STRING_DATA atalla_str_functs[] =
+	{
+	/* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),				"atalla engine code"},
+{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0),		"atalla_init"},
+{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0),		"atalla_finish"},
+{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0),		"atalla_ctrl"},
+{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0),		"atalla_mod_exp"},
+{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0),"atalla_rsa_mod_exp"},
+{ATALLA_R_ALREADY_LOADED		,"already loaded"},
+{ATALLA_R_UNIT_FAILURE			,"unit failure"},
+{ATALLA_R_NOT_LOADED,			"not loaded"},
+{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED	,"control command not implemented"},
+{ATALLA_R_BN_CTX_FULL			,"BN_CTX full"},
+{ATALLA_R_BN_EXPAND_FAIL		,"BN_expand failed"},
+{ATALLA_R_REQUEST_FAILED		,"request failed"},
+{ATALLA_R_MISSING_KEY_COMPONENTS	,"missing key components"},
+{0,NULL}
+	};
+/* The library number we obtain dynamically from the ERR code */
+static int atalla_err_lib = -1;
+#define ATALLAerr(f,r) ERR_PUT_error(atalla_err_lib,(f),(r),__FILE__,__LINE__)
+static void atalla_load_error_strings(void)
+	{
+	if (atalla_err_lib < 0)
+		{
+		if((atalla_err_lib = ERR_get_next_error_library()) <= 0)
+			return;
+		atalla_str_functs[0].error = ERR_PACK(atalla_err_lib, 0, 0);
+		ERR_load_strings(atalla_err_lib,atalla_str_functs);
+		}
+	}
+#else
+#define ATALLAerr(f,r)					/* NOP */
+static void atalla_load_error_strings(void) { }		/* NOP */
+#endif
+
 /* Constants used when creating the ENGINE */
 static const char *engine_atalla_id = "atalla";
 static const char *engine_atalla_name = "Atalla hardware engine support";
 
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_atalla()
+/* This internal function is used by ENGINE_atalla() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
 	{
 #ifndef OPENSSL_NO_RSA
 	const RSA_METHOD *meth1;
@@ -184,29 +237,23 @@ ENGINE *ENGINE_atalla()
 #ifndef OPENSSL_NO_DH
 	const DH_METHOD *meth3;
 #endif
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!ENGINE_set_id(ret, engine_atalla_id) ||
-			!ENGINE_set_name(ret, engine_atalla_name) ||
+	if(!ENGINE_set_id(e, engine_atalla_id) ||
+			!ENGINE_set_name(e, engine_atalla_name) ||
 #ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(ret, &atalla_rsa) ||
+			!ENGINE_set_RSA(e, &atalla_rsa) ||
 #endif
 #ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(ret, &atalla_dsa) ||
+			!ENGINE_set_DSA(e, &atalla_dsa) ||
 #endif
 #ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(ret, &atalla_dh) ||
+			!ENGINE_set_DH(e, &atalla_dh) ||
 #endif
-			!ENGINE_set_BN_mod_exp(ret, atalla_mod_exp) ||
-			!ENGINE_set_init_function(ret, atalla_init) ||
-			!ENGINE_set_finish_function(ret, atalla_finish) ||
-			!ENGINE_set_ctrl_function(ret, atalla_ctrl) ||
-			!ENGINE_set_cmd_defns(ret, atalla_cmd_defns))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
+			!ENGINE_set_BN_mod_exp(e, atalla_mod_exp) ||
+			!ENGINE_set_init_function(e, atalla_init) ||
+			!ENGINE_set_finish_function(e, atalla_finish) ||
+			!ENGINE_set_ctrl_function(e, atalla_ctrl) ||
+			!ENGINE_set_cmd_defns(e, atalla_cmd_defns))
+		return 0;
 
 #ifndef OPENSSL_NO_RSA
 	/* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -238,6 +285,24 @@ ENGINE *ENGINE_atalla()
 	atalla_dh.generate_key = meth3->generate_key;
 	atalla_dh.compute_key = meth3->compute_key;
 #endif
+
+	/* Ensure the atalla error handling is set up */
+	atalla_load_error_strings();
+	return 1;
+	}
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_atalla(void)
+	{
+	ENGINE *ret = ENGINE_new();
+	if(!ret)
+		return NULL;
+	if(!bind_helper(ret))
+		{
+		ENGINE_free(ret);
+		return NULL;
+		}
 	return ret;
 	}
 
@@ -280,7 +345,7 @@ static int atalla_init(ENGINE *e)
 
 	if(atalla_dso != NULL)
 		{
-		ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_ALREADY_LOADED);
+		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED);
 		goto err;
 		}
 	/* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be
@@ -293,7 +358,7 @@ static int atalla_init(ENGINE *e)
 	atalla_dso = DSO_load(NULL, ATALLA_LIBNAME, NULL, 0);
 	if(atalla_dso == NULL)
 		{
-		ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE);
+		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
 		goto err;
 		}
 	if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func(
@@ -303,7 +368,7 @@ static int atalla_init(ENGINE *e)
 			!(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func(
 				atalla_dso, ATALLA_F3)))
 		{
-		ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_DSO_FAILURE);
+		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
 		goto err;
 		}
 	/* Copy the pointers */
@@ -314,7 +379,7 @@ static int atalla_init(ENGINE *e)
 	 * running. */
 	if(p1(0L, config_buf) != 0)
 		{
-		ENGINEerr(ENGINE_F_ATALLA_INIT,ENGINE_R_UNIT_FAILURE);
+		ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE);
 		goto err;
 		}
 	/* Everything's fine. */
@@ -332,12 +397,12 @@ static int atalla_finish(ENGINE *e)
 	{
 	if(atalla_dso == NULL)
 		{
-		ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_NOT_LOADED);
+		ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
 		return 0;
 		}
 	if(!DSO_free(atalla_dso))
 		{
-		ENGINEerr(ENGINE_F_ATALLA_FINISH,ENGINE_R_DSO_FAILURE);
+		ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE);
 		return 0;
 		}
 	atalla_dso = NULL;
@@ -355,12 +420,12 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
 	case ATALLA_CMD_SO_PATH:
 		if(p == NULL)
 			{
-			ENGINEerr(ENGINE_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+			ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER);
 			return 0;
 			}
 		if(initialised)
 			{
-			ENGINEerr(ENGINE_F_ATALLA_CTRL,ENGINE_R_ALREADY_LOADED);
+			ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
 			return 0;
 			}
 		ATALLA_LIBNAME = (const char *)p;
@@ -368,7 +433,7 @@ static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
 	default:
 		break;
 		}
-	ENGINEerr(ENGINE_F_ATALLA_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+	ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
 	return 0;
 	}
 
@@ -391,10 +456,10 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	to_return = 0; /* expect failure */
 
 	if(!atalla_dso)
-	{
-		ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_NOT_LOADED);
+		{
+		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED);
 		goto err;
-	}
+		}
 	/* Prepare the params */
 	BN_CTX_start(ctx);
 	modulus = BN_CTX_get(ctx);
@@ -402,16 +467,16 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	argument = BN_CTX_get(ctx);
 	result = BN_CTX_get(ctx);
 	if (!result)
-	{
-		ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_CTX_FULL);
+		{
+		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL);
 		goto err;
-	}
+		}
 	if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
 	   !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top))
-	{
-		ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL);
+		{
+		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL);
 		goto err;
-	}
+		}
 	/* Prepare the key-data */
 	memset(&keydata, 0,sizeof keydata);
 	numbytes = BN_num_bytes(m);
@@ -431,11 +496,10 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
 			(unsigned char *)argument->d,
 			keydata.modulus.len) != 0)
-	{
-		ENGINEerr(ENGINE_F_ATALLA_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+		{
+		ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED);
 		goto err;
-	}
-
+		}
 	/* Convert the response */
 	BN_bin2bn((unsigned char *)result->d, numbytes, r);
 	to_return = 1;
@@ -451,15 +515,15 @@ static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 	int to_return = 0;
 
 	if(!atalla_dso)
-	{
-		ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_NOT_LOADED);
+		{
+		ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED);
 		goto err;
-	}
+		}
 	if((ctx = BN_CTX_new()) == NULL)
 		goto err;
 	if(!rsa->d || !rsa->n)
 		{
-		ENGINEerr(ENGINE_F_ATALLA_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS);
+		ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS);
 		goto err;
 		}
 	to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
@@ -523,5 +587,20 @@ static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
 	}
 #endif
 
+/* This stuff is needed if this ENGINE is being compiled into a self-contained
+ * shared-library. */
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+	{
+	if(id && (strcmp(id, engine_atalla_id) != 0))
+		return 0;
+	if(!bind_helper(e))
+		return 0;
+	return 1;
+	}
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif /* ENGINE_DYNAMIC_SUPPORT */
+
 #endif /* !OPENSSL_NO_HW_ATALLA */
 #endif /* !OPENSSL_NO_HW */
diff --git a/crypto/engine/hw_cswift.c b/crypto/engine/hw_cswift.c
index 5471dbe501..4eab0fb769 100644
--- a/crypto/engine/hw_cswift.c
+++ b/crypto/engine/hw_cswift.c
@@ -179,13 +179,75 @@ static DH_METHOD cswift_dh =
 	};
 #endif
 
+#ifndef OPENSSL_NO_ERR
+/* Error function codes for use in cswift operation */
+#define CSWIFT_F_CSWIFT_INIT			100
+#define CSWIFT_F_CSWIFT_FINISH			101
+#define CSWIFT_F_CSWIFT_CTRL			102
+#define CSWIFT_F_CSWIFT_MOD_EXP			103
+#define CSWIFT_F_CSWIFT_MOD_EXP_CRT		104
+#define CSWIFT_F_CSWIFT_RSA_MOD_EXP		105
+#define CSWIFT_F_CSWIFT_DSA_SIGN		106
+#define CSWIFT_F_CSWIFT_DSA_VERIFY		107
+/* Error reason codes */
+#define CSWIFT_R_ALREADY_LOADED			108
+#define CSWIFT_R_NOT_LOADED			109
+#define CSWIFT_R_UNIT_FAILURE			110
+#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED	113
+#define CSWIFT_R_BN_CTX_FULL			115
+#define CSWIFT_R_BN_EXPAND_FAIL			116
+#define CSWIFT_R_BAD_KEY_SIZE			117
+#define CSWIFT_R_REQUEST_FAILED			118
+#define CSWIFT_R_MISSING_KEY_COMPONENTS		120
+static ERR_STRING_DATA cswift_str_functs[] =
+	{
+	/* This first element is changed to match the dynamic 'lib' number */
+{ERR_PACK(0,0,0),				"cswift engine code"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0),		"cswift_init"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0),		"cswift_finish"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0),		"cswift_ctrl"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0),		"cswift_mod_exp"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0),	"cswift_mod_exp_crt"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0),	"cswift_rsa_mod_exp"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0),	"cswift_dsa_sign"},
+{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0),	"cswift_dsa_verify"},
+/* Error reason codes */
+{CSWIFT_R_ALREADY_LOADED		 ,"already loaded"},
+{CSWIFT_R_NOT_LOADED			 ,"not loaded"},
+{CSWIFT_R_UNIT_FAILURE			 ,"unit failure"},
+{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED	 ,"ctrl command not implemented"},
+{CSWIFT_R_BN_CTX_FULL			 ,"BN_CTX full"},
+{CSWIFT_R_BN_EXPAND_FAIL		 ,"bn_expand fail"},
+{CSWIFT_R_BAD_KEY_SIZE			 ,"bad key size"},
+{CSWIFT_R_REQUEST_FAILED		 ,"request failed"},
+{CSWIFT_R_MISSING_KEY_COMPONENTS	 ,"missing key components"},
+{0,NULL}
+	};
+/* The library number we obtain dynamically from the ERR code */
+static int cswift_err_lib = -1;
+#define CSWIFTerr(f,r) ERR_PUT_error(cswift_err_lib,(f),(r),__FILE__,__LINE__)
+static void cswift_load_error_strings(void)
+	{
+	if(cswift_err_lib < 0)
+		{
+		if((cswift_err_lib = ERR_get_next_error_library()) <= 0)
+			return;
+		cswift_str_functs[0].error = ERR_PACK(cswift_err_lib,0,0);
+		ERR_load_strings(cswift_err_lib, cswift_str_functs);
+		}
+	}
+#else
+#define CSWIFTerr(f,r)					/* NOP */
+static void cswift_load_error_strings(void) { }		/* NOP */
+#endif
+
 /* Constants used when creating the ENGINE */
 static const char *engine_cswift_id = "cswift";
 static const char *engine_cswift_name = "CryptoSwift hardware engine support";
 
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-ENGINE *ENGINE_cswift()
+/* This internal function is used by ENGINE_cswift() and possibly by the
+ * "dynamic" ENGINE support too */
+static int bind_helper(ENGINE *e)
 	{
 #ifndef OPENSSL_NO_RSA
 	const RSA_METHOD *meth1;
@@ -193,30 +255,24 @@ ENGINE *ENGINE_cswift()
 #ifndef OPENSSL_NO_DH
 	const DH_METHOD *meth2;
 #endif
-	ENGINE *ret = ENGINE_new();
-	if(!ret)
-		return NULL;
-	if(!ENGINE_set_id(ret, engine_cswift_id) ||
-			!ENGINE_set_name(ret, engine_cswift_name) ||
+	if(!ENGINE_set_id(e, engine_cswift_id) ||
+			!ENGINE_set_name(e, engine_cswift_name) ||
 #ifndef OPENSSL_NO_RSA
-			!ENGINE_set_RSA(ret, &cswift_rsa) ||
+			!ENGINE_set_RSA(e, &cswift_rsa) ||
 #endif
 #ifndef OPENSSL_NO_DSA
-			!ENGINE_set_DSA(ret, &cswift_dsa) ||
+			!ENGINE_set_DSA(e, &cswift_dsa) ||
 #endif
 #ifndef OPENSSL_NO_DH
-			!ENGINE_set_DH(ret, &cswift_dh) ||
+			!ENGINE_set_DH(e, &cswift_dh) ||
 #endif
-			!ENGINE_set_BN_mod_exp(ret, &cswift_mod_exp) ||
-			!ENGINE_set_BN_mod_exp_crt(ret, &cswift_mod_exp_crt) ||
-			!ENGINE_set_init_function(ret, cswift_init) ||
-			!ENGINE_set_finish_function(ret, cswift_finish) ||
-			!ENGINE_set_ctrl_function(ret, cswift_ctrl) ||
-			!ENGINE_set_cmd_defns(ret, cswift_cmd_defns))
-		{
-		ENGINE_free(ret);
-		return NULL;
-		}
+			!ENGINE_set_BN_mod_exp(e, &cswift_mod_exp) ||
+			!ENGINE_set_BN_mod_exp_crt(e, &cswift_mod_exp_crt) ||
+			!ENGINE_set_init_function(e, cswift_init) ||
+			!ENGINE_set_finish_function(e, cswift_finish) ||
+			!ENGINE_set_ctrl_function(e, cswift_ctrl) ||
+			!ENGINE_set_cmd_defns(e, cswift_cmd_defns))
+		return 0;
 
 #ifndef OPENSSL_NO_RSA
 	/* We know that the "PKCS1_SSLeay()" functions hook properly
@@ -239,6 +295,24 @@ ENGINE *ENGINE_cswift()
 	cswift_dh.generate_key = meth2->generate_key;
 	cswift_dh.compute_key = meth2->compute_key;
 #endif
+
+	/* Ensure the cswift error handling is set up */
+	cswift_load_error_strings();
+	return 1;
+	}
+
+/* As this is only ever called once, there's no need for locking
+ * (indeed - the lock will already be held by our caller!!!) */
+ENGINE *ENGINE_cswift(void)
+	{
+	ENGINE *ret = ENGINE_new();
+	if(!ret)
+		return NULL;
+	if(!bind_helper(ret))
+		{
+		ENGINE_free(ret);
+		return NULL;
+		}
 	return ret;
 	}
 
@@ -298,14 +372,14 @@ static int cswift_init(ENGINE *e)
 
 	if(cswift_dso != NULL)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_ALREADY_LOADED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED);
 		goto err;
 		}
 	/* Attempt to load libswift.so/swift.dll/whatever. */
 	cswift_dso = DSO_load(NULL, CSWIFT_LIBNAME, NULL, 0);
 	if(cswift_dso == NULL)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE);
+		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
 		goto err;
 		}
 	if(!(p1 = (t_swAcquireAccContext *)
@@ -317,7 +391,7 @@ static int cswift_init(ENGINE *e)
 			!(p4 = (t_swReleaseAccContext *)
 				DSO_bind_func(cswift_dso, CSWIFT_F4)))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_DSO_FAILURE);
+		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
 		goto err;
 		}
 	/* Copy the pointers */
@@ -329,7 +403,7 @@ static int cswift_init(ENGINE *e)
 	 * accelerator! */
 	if(!get_context(&hac))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_INIT,ENGINE_R_UNIT_FAILURE);
+		CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE);
 		goto err;
 		}
 	release_context(hac);
@@ -349,12 +423,12 @@ static int cswift_finish(ENGINE *e)
 	{
 	if(cswift_dso == NULL)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_NOT_LOADED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
 		return 0;
 		}
 	if(!DSO_free(cswift_dso))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_FINISH,ENGINE_R_DSO_FAILURE);
+		CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE);
 		return 0;
 		}
 	cswift_dso = NULL;
@@ -373,14 +447,12 @@ static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
 	case CSWIFT_CMD_SO_PATH:
 		if(p == NULL)
 			{
-			ENGINEerr(ENGINE_F_CSWIFT_CTRL,
-				ERR_R_PASSED_NULL_PARAMETER);
+			CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER);
 			return 0;
 			}
 		if(initialised)
 			{
-			ENGINEerr(ENGINE_F_CSWIFT_CTRL,
-				ENGINE_R_ALREADY_LOADED);
+			CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
 			return 0;
 			}
 		CSWIFT_LIBNAME = (const char *)p;
@@ -388,7 +460,7 @@ static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
 	default:
 		break;
 		}
-	ENGINEerr(ENGINE_F_CSWIFT_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+	CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
 	return 0;
 	}
 
@@ -417,7 +489,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
  
 	if(!get_context(&hac))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_GET_HANDLE_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE);
 		goto err;
 		}
 	acquired = 1;
@@ -429,13 +501,13 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	result = BN_CTX_get(ctx);
 	if(!result)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_CTX_FULL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL);
 		goto err;
 		}
 	if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
 		!bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_BN_EXPAND_FAIL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL);
 		goto err;
 		}
 	sw_param.type = SW_ALG_EXP;
@@ -452,13 +524,12 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	case SW_OK:
 		break;
 	case SW_ERR_INPUT_SIZE:
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,
-			ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE);
 		goto err;
 	default:
 		{
 		char tmpbuf[20];
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
 		sprintf(tmpbuf, "%ld", sw_status);
 		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
 		}
@@ -475,7 +546,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		&res, 1)) != SW_OK)
 		{
 		char tmpbuf[20];
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP,ENGINE_R_REQUEST_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
 		sprintf(tmpbuf, "%ld", sw_status);
 		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
 		goto err;
@@ -511,7 +582,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
  
 	if(!get_context(&hac))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_GET_HANDLE_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE);
 		goto err;
 		}
 	acquired = 1;
@@ -526,7 +597,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	result = BN_CTX_get(ctx);
 	if(!result)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_CTX_FULL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
 		goto err;
 		}
 	if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
@@ -536,7 +607,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			!bn_wexpand(argument, a->top) ||
 			!bn_wexpand(result, p->top + q->top))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_BN_EXPAND_FAIL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
 		goto err;
 		}
 	sw_param.type = SW_ALG_CRT;
@@ -560,13 +631,12 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	case SW_OK:
 		break;
 	case SW_ERR_INPUT_SIZE:
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,
-			ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE);
 		goto err;
 	default:
 		{
 		char tmpbuf[20];
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
 		sprintf(tmpbuf, "%ld", sw_status);
 		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
 		}
@@ -583,7 +653,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		&res, 1)) != SW_OK)
 		{
 		char tmpbuf[20];
-		ENGINEerr(ENGINE_F_CSWIFT_MOD_EXP_CRT,ENGINE_R_REQUEST_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
 		sprintf(tmpbuf, "%ld", sw_status);
 		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
 		goto err;
@@ -608,7 +678,7 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 		goto err;
 	if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_RSA_MOD_EXP,ENGINE_R_MISSING_KEY_COMPONENTS);
+		CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS);
 		goto err;
 		}
 	to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
@@ -648,7 +718,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 		goto err;
 	if(!get_context(&hac))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_GET_HANDLE_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE);
 		goto err;
 		}
 	acquired = 1;
@@ -661,7 +731,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	result = BN_CTX_get(ctx);
 	if(!result)
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_CTX_FULL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL);
 		goto err;
 		}
 	if(!bn_wexpand(dsa_p, dsa->p->top) ||
@@ -670,7 +740,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 			!bn_wexpand(dsa_key, dsa->priv_key->top) ||
 			!bn_wexpand(result, dsa->p->top))
 		{
-		ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_BN_EXPAND_FAIL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL);
 		goto err;
 		}
 	sw_param.type = SW_ALG_DSA;
@@ -693,13 +763,12 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	case SW_OK:
 		break;
 	case SW_ERR_INPUT_SIZE:
-		ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,
-			ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE);
 		goto err;
 	default:
 		{
 		char tmpbuf[20];
-		ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
 		sprintf(tmpbuf, "%ld", sw_status);
 		ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
 		}
@@ -717,7 +786,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	if(sw_status != SW_OK)
 		{
 		char tmpbuf[20];
-		ENGINEerr(ENGINE_F_CSWIFT_DSA_SIGN,ENGINE_R_REQUEST_FAILED);
+		CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
 		sprintf(tmpbuf, "%ld", sw_status);
 		E