wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add the possibility to build without the ENGINE framework.

Browse source 
PR: 287
This commit is contained in:
Richard Levitte 2003-01-30 17:39:26 +00:00
parent 96f7065f63
commit 0b13e9f055
64 changed files with 463 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CHANGES
View file

@ -406,6 +406,9 @@ TODO: bug: pad x with leading zeros if necessary
Changes between 0.9.7 and 0.9.7a [XX xxx 2003]
*) Add the possibility to build without the ENGINE framework.
[Steven Reddie <smr@essemer.com.au> via Richard Levitte]
*) Under Win32 gmtime() can return NULL: check return value in
OPENSSL_gmtime(). Add error code for case where gmtime() fails.
[Steve Henson]

3
Configure
View file

@ -10,7 +10,7 @@ use strict;
# see INSTALL for instructions.
my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-engine] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
# Options:
#
@ -38,6 +38,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
# --test-sanity Make a number of sanity checks on the data in this file.
# This is a debugging tool for OpenSSL developers.
#
# no-engine do not compile in any engine code.
# no-hw-xxx do not compile support for specific crypto hardware.
# Generic OpenSSL-style methods relating to this support
# are always compiled but return NULL if the hardware

8
apps/apps.c
View file

@ -122,7 +122,9 @@
#include <openssl/pkcs12.h>
#include <openssl/ui.h>
#include <openssl/safestack.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifdef OPENSSL_SYS_WINDOWS
#define strcasecmp _stricmp
@ -859,6 +861,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
BIO_printf(err,"no keyfile specified\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
@ -868,6 +871,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
ui_method, &cb_data);
goto end;
}
#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
@ -935,6 +939,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
BIO_printf(err,"no keyfile specified\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
@ -944,6 +949,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
ui_method, &cb_data);
goto end;
}
#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
@ -1329,6 +1335,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
return NULL;
}
#ifndef OPENSSL_NO_ENGINE
/* Try to load an engine in a shareable library */
static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
{
@ -1385,6 +1392,7 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug)
}
return e;
}
#endif
int load_config(BIO *err, CONF *cnf)
{

69
apps/apps.h
View file

@ -121,7 +121,9 @@
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/txt_db.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/ossl_typ.h>
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
@ -179,30 +181,57 @@ extern BIO *bio_err;
do_pipe_sig()
# define apps_shutdown()
#else
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
defined(OPENSSL_SYS_WIN32)
# ifdef _O_BINARY
# define apps_startup() \
do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
# ifndef OPENSSL_NO_ENGINE
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
defined(OPENSSL_SYS_WIN32)
# ifdef _O_BINARY
# define apps_startup() \
do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
# else
# define apps_startup() \
do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
# endif
# else
# define apps_startup() \
do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
setup_ui_method(); } while(0)
# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
EVP_cleanup(); ENGINE_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
ERR_free_strings(); } while(0)
# else
# define apps_startup() \
do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
setup_ui_method(); } while(0)
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
defined(OPENSSL_SYS_WIN32)
# ifdef _O_BINARY
# define apps_startup() \
do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
setup_ui_method(); } while(0)
# else
# define apps_startup() \
do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
setup_ui_method(); } while(0)
# endif
# else
# define apps_startup() \
do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
ERR_load_crypto_strings(); \
setup_ui_method(); } while(0)
# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
EVP_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
ERR_free_strings(); } while(0)
# endif
# define apps_shutdown() \
do { CONF_modules_unload(1); destroy_ui_method(); \
EVP_cleanup(); ENGINE_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
ERR_free_strings(); } while(0)
#endif
typedef struct args_st
@ -248,7 +277,9 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
#ifndef OPENSSL_NO_ENGINE
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
#endif
int load_config(BIO *err, CONF *cnf);
char *make_config_name(void);

8
apps/ca.c
View file

@ -196,7 +196,9 @@ static char *ca_usage[]={
" -extensions .. - Extension section (override value in config file)\n",
" -extfile file - Configuration file with X509v3 extentions to add\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
#endif
" -status serial - Shows certificate status given the serial number\n",
" -updatedb - Updates db for expired certificates\n",
NULL
@ -333,7 +335,9 @@ int MAIN(int argc, char **argv)
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *tofree=NULL;
#ifdef EFENCE
@ -537,11 +541,13 @@ EF_ALIGNMENT=0;
rev_arg = *(++argv);
rev_type = REV_CA_COMPROMISE;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else
{
bad:
@ -562,7 +568,9 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
/*****************************************************************/
tofree=NULL;

8
apps/dgst.c
View file

@ -100,7 +100,9 @@ int MAIN(int argc, char **argv)
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
int siglen = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -166,11 +168,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) break;
keyform=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) break;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-hex") == 0)
out_bin = 0;
else if (strcmp(*argv,"-binary") == 0)
@ -208,7 +212,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n");
BIO_printf(bio_err,"-signature file signature to verify\n");
BIO_printf(bio_err,"-binary output in binary form\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
LN_md5,LN_md5);
@ -228,7 +234,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
bmd=BIO_new(BIO_f_md());

15
apps/dh.c
View file

@ -87,12 +87,17 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog,*engine;
char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
char *engine;
#endif
apps_startup();
@ -103,7 +108,9 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
engine=NULL;
#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
@ -134,11 +141,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
@ -170,13 +179,17 @@ bad:
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());

13
apps/dhparam.c
View file

@ -148,7 +148,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@ -157,7 +159,10 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
char *inrand=NULL,*engine=NULL;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
int num = 0, g = 0;
apps_startup();
@ -199,11 +204,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
@ -249,7 +256,9 @@ bad:
BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n");
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@ -259,7 +268,9 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (g && !num)
num = DEFBITS;

15
apps/dsa.c
View file

@ -90,7 +90,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret=1;
DSA *dsa=NULL;
int i,badops=0;
@ -98,7 +100,10 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL;
int informat,outformat,text=0,noout=0;
int pubin = 0, pubout = 0;
char *infile,*outfile,*prog,*engine;
char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
char *engine;
#endif
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
int modulus=0;
@ -112,7 +117,9 @@ int MAIN(int argc, char **argv)
if (!load_config(bio_err, NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
engine=NULL;
#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
@ -153,11 +160,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-text") == 0)
@ -189,7 +198,9 @@ bad:
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
@ -207,7 +218,9 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

10
apps/dsaparam.c
View file

@ -110,7 +110,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@ -118,7 +120,9 @@ int MAIN(int argc, char **argv)
char *infile,*outfile,*prog,*inrand=NULL;
int numbits= -1,num,genkey=0;
int need_rand=0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
#ifdef GENCB_TEST
int timebomb=0;
#endif
@ -162,11 +166,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if(strcmp(*argv, "-engine") == 0)
{
if (--argc < 1) goto bad;
engine = *(++argv);
}
#endif
#ifdef GENCB_TEST
else if(strcmp(*argv, "-timebomb") == 0)
{
@ -221,7 +227,9 @@ bad:
BIO_printf(bio_err," -noout no output\n");
BIO_printf(bio_err," -genkey generate a DSA key\n");
BIO_printf(bio_err," -rand files to use for random number input\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
#ifdef GENCB_TEST
BIO_printf(bio_err," -timebomb n interrupt keygen after <n> seconds\n");
#endif
@ -268,7 +276,9 @@ bad:
}
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
{

10
apps/enc.c
View file

@ -100,7 +100,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@ -119,7 +121,9 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
apps_startup();
@ -163,11 +167,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passarg= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-d") == 0)
enc=0;
else if (strcmp(*argv,"-p") == 0)
@ -270,7 +276,9 @@ bad:
BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
#endif
BIO_printf(bio_err,"Cipher Types\n");
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
@ -284,7 +292,9 @@ bad:
argv++;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (bufsize != NULL)
{

3
apps/engine.c
View file

@ -56,6 +56,8 @@
*
*/
#ifndef OPENSSL_NO_ENGINE
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -526,3 +528,4 @@ end:
apps_shutdown();
OPENSSL_EXIT(ret);
}
#endif

10
apps/gendh.c
View file

@ -87,13 +87,17 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
char *outfile=NULL;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
BIO *out=NULL;
apps_startup();
@ -121,11 +125,13 @@ int MAIN(int argc, char **argv)
g=3; */
else if (strcmp(*argv,"-5") == 0)
g=5;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -144,14 +150,18 @@ bad:
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());
if (out == NULL)

10
apps/gendsa.c
View file

@ -77,7 +77,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@ -85,7 +87,9 @@ int MAIN(int argc, char **argv)
char *passargout = NULL, *passout = NULL;
BIO *out=NULL,*in=NULL;
const EVP_CIPHER *enc=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -111,11 +115,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -167,7 +173,9 @@ bad:
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@ -176,7 +184,9 @@ bad:
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");

10
apps/genrsa.c
View file

@ -87,7 +87,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret=1;
RSA *rsa=NULL;
int i,num=DEFBITS;
@ -96,7 +98,9 @@ int MAIN(int argc, char **argv)
unsigned long f4=RSA_F4;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
char *inrand=NULL;
BIO *out=NULL;
@ -128,11 +132,13 @@ int MAIN(int argc, char **argv)
f4=3;
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
f4=RSA_F4;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -183,7 +189,9 @@ bad:
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
BIO_printf(bio_err," -3 use 3 for the E value\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@ -197,7 +205,9 @@ bad:
goto err;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (outfile == NULL)
{

2
apps/openssl.c
View file

@ -122,7 +122,9 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
#include "progs.h"
#include "s_apps.h"

8
apps/pkcs12.c
View file

@ -120,7 +120,9 @@ int MAIN(int argc, char **argv)
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
char *CApath = NULL, *CAfile = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -259,11 +261,13 @@ int MAIN(int argc, char **argv)
args++;
CAfile = *args;
} else badarg = 1;
#ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*args,"-engine")) {
if (args[1]) {
args++;
engine = *args;
} else badarg = 1;
#endif
} else badarg = 1;
} else badarg = 1;
@ -311,14 +315,18 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-password p set import/export password source\n");
BIO_printf (bio_err, "-passin p input file pass phrase source\n");
BIO_printf (bio_err, "-passout p output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(passarg) {
if(export_cert) passargout = passarg;

10
apps/pkcs7.c
View file

@ -82,7 +82,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@ -90,7 +92,9 @@ int MAIN(int argc, char **argv)
char *infile,*outfile,*prog;
int print_certs=0,text=0,noout=0;
int ret=1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -134,11 +138,13 @@ int MAIN(int argc, char **argv)
text=1;
else if (strcmp(*argv,"-print_certs") == 0)
print_certs=1;
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
@ -161,14 +167,18 @@ bad:
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
BIO_printf(bio_err," -text print full details of certificates\n");
BIO_printf(bio_err," -noout don't output encoded data\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
ret = 1;
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());

8
apps/pkcs8.c
View file

@ -85,7 +85,9 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey=NULL;
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
@ -145,11 +147,13 @@ int MAIN(int argc, char **argv)
if (!args[1]) goto bad;
passargout= *(++args);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
if (!args[1]) goto bad;
engine= *(++args);
}
#endif
else if (!strcmp (*args, "-in")) {
if (args[1]) {
args++;
@ -182,11 +186,15 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n");
BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
return (1);
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

4
apps/progs.h
View file

@ -37,7 +37,9 @@ extern int pkcs8_main(int argc,char *argv[]);
extern int spkac_main(int argc,char *argv[]);
extern int smime_main(int argc,char *argv[]);
extern int rand_main(int argc,char *argv[]);
#ifndef OPENSSL_NO_ENGINE
extern int engine_main(int argc,char *argv[]);
#endif
extern int ocsp_main(int argc,char *argv[]);
#define FUNC_TYPE_GENERAL 1
@ -119,7 +121,9 @@ FUNCTION functions[] = {
{FUNC_TYPE_GENERAL,"spkac",spkac_main},
{FUNC_TYPE_GENERAL,"smime",smime_main},
{FUNC_TYPE_GENERAL,"rand",rand_main},
#ifndef OPENSSL_NO_ENGINE
{FUNC_TYPE_GENERAL,"engine",engine_main},
#endif
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
#ifndef OPENSSL_NO_MD2
{FUNC_TYPE_MD,"md2",dgst_main},

10
apps/rand.c
View file

@ -76,7 +76,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@ -84,7 +86,9 @@ int MAIN(int argc, char **argv)
int base64 = 0;
BIO *out = NULL;
int num = -1;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -106,6 +110,7 @@ int MAIN(int argc, char **argv)
else
badopt = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(argv[i], "-engine") == 0)
{
if ((argv[i+1] != NULL) && (engine == NULL))
@ -113,6 +118,7 @@ int MAIN(int argc, char **argv)
else
badopt = 1;
}
#endif
else if (strcmp(argv[i], "-rand") == 0)
{
if ((argv[i+1] != NULL) && (inrand == NULL))
@ -150,13 +156,17 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "Usage: rand [options] num\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-out file - write to file\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "-base64 - encode output\n");
goto err;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)

10
apps/req.c
View file

@ -172,7 +172,9 @@ int MAIN(int argc, char **argv)
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
char *extensions = NULL;
char *req_exts = NULL;
const EVP_CIPHER *cipher=NULL;
@ -220,11 +222,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
@ -488,7 +492,9 @@ bad:
BIO_printf(bio_err," -verify verify signature on REQ\n");
BIO_printf(bio_err," -modulus RSA modulus\n");
BIO_printf(bio_err," -nodes don't encrypt the output key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n");
#endif
BIO_printf(bio_err," -subject output the request's subject\n");
BIO_printf(bio_err," -passin private key password source\n");
BIO_printf(bio_err," -key file use the private key contained in file\n");
@ -516,7 +522,7 @@ bad:
BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n");
BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n");
BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
BIO_printf(bio_err," -reqopt arg - various request text options\n\n");
goto end;
}
@ -680,7 +686,9 @@ bad:
if ((in == NULL) || (out == NULL))
goto end;
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (keyfile != NULL)
{

8
apps/rsa.c
View file

@ -104,7 +104,9 @@ int MAIN(int argc, char **argv)
char *infile,*outfile,*prog;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
int modulus=0;
apps_startup();
@ -156,11 +158,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
passargout= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-sgckey") == 0)
sgckey=1;
else if (strcmp(*argv,"-pubin") == 0)
@ -212,13 +216,17 @@ bad:
BIO_printf(bio_err," -check verify key consistency\n");
BIO_printf(bio_err," -pubin expect a public key in input file\n");
BIO_printf(bio_err," -pubout output a public key\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

8
apps/rsautl.c
View file

@ -85,7 +85,9 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
@ -125,9 +127,11 @@ int MAIN(int argc, char **argv)
} else if (strcmp(*argv,"-keyform") == 0) {
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
#ifndef OPENSSL_NO_ENGINE
} else if(!strcmp(*argv, "-engine")) {
if (--argc < 1) badarg = 1;
engine = *(++argv);
#endif
} else if(!strcmp(*argv, "-pubin")) {
key_type = KEY_PUBKEY;
} else if(!strcmp(*argv, "-certin")) {
@ -162,7 +166,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
@ -305,7 +311,9 @@ static void usage()
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
}

8
apps/s_client.c
View file

@ -222,7 +222,9 @@ static void sc_usage(void)
BIO_printf(bio_err," for those protocols that support it, where\n");
BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
BIO_printf(bio_err," only \"smtp\" is supported.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
}
@ -254,8 +256,10 @@ int MAIN(int argc, char **argv)
SSL_METHOD *meth=NULL;
BIO *sbio;
char *inrand=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine_id=NULL;
ENGINE *e=NULL;
#endif
#ifdef OPENSSL_SYS_WINDOWS
struct timeval tv;
#endif
@ -415,11 +419,13 @@ int MAIN(int argc, char **argv)
else
goto bad;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id = *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -444,7 +450,9 @@ bad:
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
#endif
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())

12
apps/s_server.c
View file

@ -255,7 +255,9 @@ static int s_msg=0;
static int s_quiet=0;
static int hack=0;
#ifndef OPENSSL_NO_ENGINE
static char *engine_id=NULL;
#endif
static const char *session_id_prefix=NULL;
#ifdef MONOLITH
@ -280,7 +282,9 @@ static void s_server_init(void)
s_msg=0;
s_quiet=0;
hack=0;
#ifndef OPENSSL_NO_ENGINE
engine_id=NULL;
#endif
}
#endif
@ -337,7 +341,9 @@ static void sv_usage(void)
BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
#endif
BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
}
@ -512,7 +518,9 @@ int MAIN(int argc, char *argv[])
int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
int state=0;
SSL_METHOD *meth=NULL;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e=NULL;
#endif
char *inrand=NULL;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
@ -696,11 +704,13 @@ int MAIN(int argc, char *argv[])
if (--argc < 1) goto bad;
session_id_prefix = *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id= *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@ -725,7 +735,9 @@ bad:
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
#endif
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())

8
apps/smime.c
View file

@ -104,7 +104,9 @@ int MAIN(int argc, char **argv)
int need_rand = 0;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
args = argv + 1;
ret = 1;
@ -176,11 +178,13 @@ int MAIN(int argc, char **argv)
inrand = *args;
} else badarg = 1;
need_rand = 1;
#ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*args,"-engine")) {
if (args[1]) {
args++;
engine = *args;
} else badarg = 1;
#endif
} else if (!strcmp(*args,"-passin")) {
if (args[1]) {
args++;
@ -330,7 +334,9 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf (bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
@ -339,7 +345,9 @@ int MAIN(int argc, char **argv)
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");

6
apps/speed.c
View file

@ -398,7 +398,9 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
@ -731,6 +733,7 @@ int MAIN(int argc, char **argv)
j--; /* Otherwise, -elapsed gets confused with
an algorithm. */
}
#ifndef OPENSSL_NO_ENGINE
else if ((argc > 0) && (strcmp(*argv,"-engine") == 0))
{
argc--;
@ -747,6 +750,7 @@ int MAIN(int argc, char **argv)
means all of them should be run) */
j--;
}
#endif
#ifdef HAVE_FORK
else if ((argc > 0) && (strcmp(*argv,"-multi") == 0))
{
@ -1064,7 +1068,9 @@ int MAIN(int argc, char **argv)
#if defined(TIMES) || defined(USE_TOD)
BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n");
#endif
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
#endif
BIO_printf(bio_err,"-evp e use EVP e.\n");
BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n");
BIO_printf(bio_err,"-mr produce machine readable output.\n");

8
apps/spkac.c
View file

@ -92,7 +92,9 @@ int MAIN(int argc, char **argv)
CONF *conf = NULL;
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
apps_startup();
@ -141,11 +143,13 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
spksect= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-pubkey") == 0)
@ -171,7 +175,9 @@ bad:
BIO_printf(bio_err," -noout don't print SPKAC\n");
BIO_printf(bio_err," -pubkey output public key\n");
BIO_printf(bio_err," -verify verify SPKAC signature\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
#endif
goto end;
}
@ -181,7 +187,9 @@ bad:
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if(keyfile) {
pkey = load_key(bio_err,

12
apps/verify.c
View file

@ -86,7 +86,9 @@ int MAIN(int argc, char **argv)
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
X509_STORE *cert_ctx=NULL;
X509_LOOKUP *lookup=NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
cert_ctx=X509_STORE_new();
if (cert_ctx == NULL) goto end;
@ -142,11 +144,13 @@ int MAIN(int argc, char **argv)
if (argc-- < 1) goto end;
trustfile= *(++argv);
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto end;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-help") == 0)
goto end;
else if (strcmp(*argv,"-ignore_critical") == 0)
@ -170,7 +174,9 @@ int MAIN(int argc, char **argv)
break;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
if (lookup == NULL) abort();
@ -219,7 +225,11 @@ int MAIN(int argc, char **argv)
ret=0;
end:
if (ret == 1) {
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-engine e] cert1 cert2 ...\n");
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," [-engine e]");
#endif
BIO_printf(bio_err," cert1 cert2 ...\n");
BIO_printf(bio_err,"recognized usages:\n");
for(i = 0; i < X509_PURPOSE_get_count(); i++) {
X509_PURPOSE *ptmp;

8
apps/x509.c
View file

@ -131,7 +131,9 @@ static char *x509_usage[]={
" -extensions - section from config file with X509V3 extensions to add\n",
" -clrext - delete extensions before signing and input certificate\n",
" -nameopt arg - various certificate name options\n",
#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
#endif
" -certopt arg - various certificate text options\n",
NULL
};
@ -183,7 +185,9 @@ int MAIN(int argc, char **argv)
int need_rand = 0;
int checkend=0,checkoffset=0;
unsigned long nmflag = 0, certflag = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
reqfile=0;
@ -360,11 +364,13 @@ int MAIN(int argc, char **argv)
alias= *(++argv);
trustout = 1;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
#endif
else if (strcmp(*argv,"-C") == 0)
C= ++num;
else if (strcmp(*argv,"-email") == 0)
@ -450,7 +456,9 @@ bad:
goto end;
}
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
app_RAND_load_file(NULL, bio_err, 0);

4
crypto/conf/conf_mall.c
View file

@ -63,7 +63,9 @@
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* Load all OpenSSL builtin modules */
@ -71,6 +73,8 @@ void OPENSSL_load_builtin_modules(void)
{
/* Add builtin modules here */
ASN1_add_oid_module();
#ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module();
#endif
}

4
crypto/conf/conf_sap.c
View file

@ -63,7 +63,9 @@
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* This is the automatic configuration loader: it is called automatically by
* OpenSSL when any of a number of standard initialisation functions are called,
@ -78,8 +80,10 @@ void OPENSSL_config(const char *config_name)
return;
OPENSSL_load_builtin_modules();
#ifndef OPENSSL_NO_ENGINE
/* Need to load ENGINEs */
ENGINE_load_builtin_engines();
#endif
/* Add others here? */

2
crypto/dh/dh.h
View file

@ -119,7 +119,9 @@ struct dh_st
int references;
CRYPTO_EX_DATA ex_data;
const DH_METHOD *meth;
#ifndef OPENSSL_NO_ENGINE
ENGINE *engine;
#endif
};
#define DH_GENERATOR_2 2

2
crypto/dh/dh_key.c
View file

@ -61,7 +61,9 @@
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/dh.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);

10
crypto/dh/dh_lib.c
View file

@ -60,7 +60,9 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/dh.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
@ -85,11 +87,13 @@ int DH_set_method(DH *dh, const DH_METHOD *meth)
const DH_METHOD *mtmp;
mtmp = dh->meth;
if (mtmp->finish) mtmp->finish(dh);
#ifndef OPENSSL_NO_ENGINE
if (dh->engine)
{
ENGINE_finish(dh->engine);
dh->engine = NULL;
}
#endif
dh->meth = meth;
if (meth->init) meth->init(dh);
return 1;
@ -112,6 +116,7 @@ DH *DH_new_method(ENGINE *engine)
}
ret->meth = DH_get_default_method();
#ifndef OPENSSL_NO_ENGINE
if (engine)
{
if (!ENGINE_init(engine))
@ -135,6 +140,7 @@ DH *DH_new_method(ENGINE *engine)
return NULL;
}
}
#endif
ret->pad=0;
ret->version=0;
@ -154,8 +160,10 @@ DH *DH_new_method(ENGINE *engine)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
@ -182,8 +190,10 @@ void DH_free(DH *r)
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);

2
crypto/dsa/dsa.h
View file

@ -142,8 +142,10 @@ struct dsa_st
int references;
CRYPTO_EX_DATA ex_data;
const DSA_METHOD *meth;
#ifndef OPENSSL_NO_ENGINE
/* functional reference if 'meth' is ENGINE-provided */
ENGINE *engine;
#endif
};
#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \

10
crypto/dsa/dsa_lib.c
View file

@ -63,7 +63,9 @@
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
@ -93,11 +95,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
const DSA_METHOD *mtmp;
mtmp = dsa->meth;
if (mtmp->finish) mtmp->finish(dsa);
#ifndef OPENSSL_NO_ENGINE
if (dsa->engine)
{
ENGINE_finish(dsa->engine);
dsa->engine = NULL;
}
#endif
dsa->meth = meth;
if (meth->init) meth->init(dsa);
return 1;
@ -114,6 +118,7 @@ DSA *DSA_new_method(ENGINE *engine)
return(NULL);
}
ret->meth = DSA_get_default_method();
#ifndef OPENSSL_NO_ENGINE
if (engine)
{
if (!ENGINE_init(engine))
@ -138,6 +143,7 @@ DSA *DSA_new_method(ENGINE *engine)
return NULL;
}
}
#endif
ret->pad=0;
ret->version=0;
@ -158,8 +164,10 @@ DSA *DSA_new_method(ENGINE *engine)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
@ -189,8 +197,10 @@ void DSA_free(DSA *r)
if(r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
if(r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);

2
crypto/dsa/dsa_ossl.c
View file

@ -64,7 +64,9 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);

2
crypto/dsa/dsa_sign.c
View file

@ -64,7 +64,9 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
#include <openssl/asn1.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{

2
crypto/dsa/dsa_vrf.c
View file

@ -65,7 +65,9 @@
#include <openssl/rand.h>
#include <openssl/asn1.h>
#include <openssl/asn1_mac.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)

2
crypto/dsa/dsatest.c
View file

@ -74,7 +74,9 @@
#include <openssl/rand.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifdef OPENSSL_SYS_WINDOWS
#include "../bio/bss_file.c"
#endif

4
crypto/ec/ectest.c
View file

@ -86,7 +86,9 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
#include <openssl/ec.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/objects.h>
@ -1227,7 +1229,9 @@ int main(int argc, char *argv[])
/* test the internal curves */
internal_curve_test();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);

5
crypto/engine/engine.h
View file

@ -65,6 +65,11 @@
#define HEADER_ENGINE_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_ENGINE
#error ENGINE is disabled.
#endif
#include <openssl/ossl_typ.h>
#include <openssl/bn.h>
#ifndef OPENSSL_NO_RSA

11
crypto/engine/enginetest.c
View file

@ -56,9 +56,17 @@
*
*/
#include <openssl/e_os2.h>
#include <stdio.h>
#include <string.h>
#ifdef OPENSSL_NO_ENGINE
int main(int argc, char *argv[])
{
printf("No ENGINE support\n");
return(0);
}
#else
#include <openssl/e_os2.h>
#include <openssl/buffer.h>
#include <openssl/crypto.h>
#include <openssl/engine.h>
@ -272,3 +280,4 @@ end:
CRYPTO_mem_leaks_fp(stderr);
return to_return;
}
#endif

4
crypto/err/err_all.c
View file

@ -88,7 +88,9 @@
#include <openssl/pkcs12.h>
#include <openssl/rand.h>
#include <openssl/dso.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/ocsp.h>
#include <openssl/err.h>
@ -134,7 +136,9 @@ void ERR_load_crypto_strings(void)
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
ERR_load_DSO_strings();
#ifndef OPENSSL_NO_ENGINE
ERR_load_ENGINE_strings();
#endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
#endif

13
crypto/evp/digest.c
View file

@ -113,7 +113,9 @@
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
@ -138,6 +140,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
{
EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
#ifndef OPENSSL_NO_ENGINE
/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
* so this context may already have an ENGINE! Try to avoid releasing
* the previous handle, re-querying for an ENGINE, and having a
@ -183,7 +186,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
else
ctx->engine = NULL;
}
else if(!ctx->digest)
else
#endif
if(!ctx->digest)
{
EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
return 0;
@ -196,7 +201,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
if (type->ctx_size)
ctx->md_data=OPENSSL_malloc(type->ctx_size);
}
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
return ctx->digest->init(ctx);
}
@ -246,12 +253,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED);
return 0;
}
#ifndef OPENSSL_NO_ENGINE
/* Make sure it's safe to copy a digest context using an ENGINE */
if (in->engine && !ENGINE_init(in->engine))
{
EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB);
return 0;
}
#endif
EVP_MD_CTX_cleanup(out);
memcpy(out,in,sizeof *out);
@ -304,10 +313,12 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);
}
#ifndef OPENSSL_NO_ENGINE
if(ctx->engine)
/* The EVP_MD we used belongs to an ENGINE, release the
* functional reference we held for this reason. */
ENGINE_finish(ctx->engine);
#endif
memset(ctx,'\0',sizeof *ctx);
return 1;

4
crypto/evp/evp.h
View file

@ -277,7 +277,9 @@ struct env_md_st
struct env_md_ctx_st
{
const EVP_MD *digest;
#ifndef OPENSSL_NO_ENGINE
ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
#endif
unsigned long flags;
void *md_data;
} /* EVP_MD_CTX */;
@ -349,7 +351,9 @@ typedef struct evp_cipher_info_st
struct evp_cipher_ctx_st
{
const EVP_CIPHER *cipher;
#ifndef OPENSSL_NO_ENGINE
ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
#endif
int encrypt; /* encrypt or decrypt */
int buf_len; /* number we have left */

2
crypto/evp/evp_acnf.c
View file

@ -59,7 +59,9 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/conf.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* Load all algorithms and configure OpenSSL.

10
crypto/evp/evp_enc.c
View file

@ -60,7 +60,9 @@
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include "evp_locl.h"
const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT;
@ -91,6 +93,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
enc = 1;
ctx->encrypt = enc;
}
#ifndef OPENSSL_NO_ENGINE
/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
* so this context may already have an ENGINE! Try to avoid releasing
* the previous handle, re-querying for an ENGINE, and having a
@ -98,6 +101,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
if (ctx->engine && ctx->cipher && (!cipher ||
(cipher && (cipher->nid == ctx->cipher->nid))))
goto skip_to_init;
#endif
if (cipher)
{
/* Ensure a context left lying around from last time is cleared
@ -107,6 +111,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
/* Restore encrypt field: it is zeroed by cleanup */
ctx->encrypt = enc;
#ifndef OPENSSL_NO_ENGINE
if(impl)
{
if (!ENGINE_init(impl))
@ -140,6 +145,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
}
else
ctx->engine = NULL;
#endif
ctx->cipher=cipher;
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
@ -159,7 +165,9 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET);
return 0;
}
#ifndef OPENSSL_NO_ENGINE
skip_to_init:
#endif
/* we assume block size is a power of 2 in *cryptUpdate */
OPENSSL_assert(ctx->cipher->block_size == 1
|| ctx->cipher->block_size == 8
@ -460,10 +468,12 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
}
if (c->cipher_data)
OPENSSL_free(c->cipher_data);
#ifndef OPENSSL_NO_ENGINE
if (c->engine)
/* The EVP_CIPHER we used belongs to an ENGINE, release the
* functional reference we held for this reason. */
ENGINE_finish(c->engine);
#endif
memset(c,0,sizeof(EVP_CIPHER_CTX));
return 1;
}

9
crypto/evp/evp_test.c
View file

@ -53,7 +53,10 @@
#include "../e_os.h"
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include <openssl/conf.h>
static void hexdump(FILE *f,const char *title,const unsigned char *s,int l)
@ -330,11 +333,14 @@ int main(int argc,char **argv)
/* Load up the software EVP_CIPHER and EVP_MD definitions */
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
#ifndef OPENSSL_NO_ENGINE
/* Load all compiled-in ENGINEs */
ENGINE_load_builtin_engines();
#endif
#if 0
OPENSSL_config();
#endif
#ifndef OPENSSL_NO_ENGINE
/* Register all available ENGINE implementations of ciphers and digests.
* This could perhaps be changed to "ENGINE_register_all_complete()"? */
ENGINE_register_all_ciphers();
@ -343,6 +349,7 @@ int main(int argc,char **argv)
* It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if
* they weren't already initialised. */
/* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
#endif
for( ; ; )
{
@ -384,7 +391,9 @@ int main(int argc,char **argv)
}
}
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);

2
crypto/rand/rand.h
View file

@ -87,7 +87,9 @@ extern int rand_predictable;
int RAND_set_rand_method(const RAND_METHOD *meth);
const RAND_METHOD *RAND_get_rand_method(void);
#ifndef OPENSSL_NO_ENGINE
int RAND_set_rand_engine(ENGINE *engine);
#endif
RAND_METHOD *RAND_SSLeay(void);
void RAND_cleanup(void );
int RAND_bytes(unsigned char *buf,int num);

10
crypto/rand/rand_lib.c
View file

@ -60,19 +60,25 @@
#include <time.h>
#include "cryptlib.h"
#include <openssl/rand.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifndef OPENSSL_NO_ENGINE
/* non-NULL if default_RAND_meth is ENGINE-provided */
static ENGINE *funct_ref =NULL;
#endif
static const RAND_METHOD *default_RAND_meth = NULL;
int RAND_set_rand_method(const RAND_METHOD *meth)
{
#ifndef OPENSSL_NO_ENGINE
if(funct_ref)
{
ENGINE_finish(funct_ref);
funct_ref = NULL;
}
#endif
default_RAND_meth = meth;
return 1;
}
@ -81,6 +87,7 @@ const RAND_METHOD *RAND_get_rand_method(void)
{
if (!default_RAND_meth)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = ENGINE_get_default_RAND();
if(e)
{
@ -94,11 +101,13 @@ const RAND_METHOD *RAND_get_rand_method(void)
if(e)
funct_ref = e;
else
#endif
default_RAND_meth = RAND_SSLeay();
}
return default_RAND_meth;
}
#ifndef OPENSSL_NO_ENGINE
int RAND_set_rand_engine(ENGINE *engine)
{
const RAND_METHOD *tmp_meth = NULL;
@ -118,6 +127,7 @@ int RAND_set_rand_engine(ENGINE *engine)
funct_ref = engine;
return 1;
}
#endif
void RAND_cleanup(void)
{

2
crypto/rsa/rsa.h
View file

@ -128,8 +128,10 @@ struct rsa_st
int pad;
long version;
const RSA_METHOD *meth;
#ifndef OPENSSL_NO_ENGINE
/* functional reference if 'meth' is ENGINE-provided */
ENGINE *engine;
#endif
BIGNUM *n;
BIGNUM *e;
BIGNUM *d;

2
crypto/rsa/rsa_eay.c
View file

@ -61,7 +61,9 @@
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#ifndef RSA_NULL

10
crypto/rsa/rsa_lib.c
View file

@ -62,7 +62,9 @@
#include <openssl/lhash.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
@ -108,11 +110,13 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
const RSA_METHOD *mtmp;
mtmp = rsa->meth;
if (mtmp->finish) mtmp->finish(rsa);
#ifndef OPENSSL_NO_ENGINE
if (rsa->engine)
{
ENGINE_finish(rsa->engine);
rsa->engine = NULL;
}
#endif
rsa->meth = meth;
if (meth->init) meth->init(rsa);
return 1;
@ -130,6 +134,7 @@ RSA *RSA_new_method(ENGINE *engine)
}
ret->meth = RSA_get_default_method();
#ifndef OPENSSL_NO_ENGINE
if (engine)
{
if (!ENGINE_init(engine))
@ -154,6 +159,7 @@ RSA *RSA_new_method(ENGINE *engine)
return NULL;
}
}
#endif
ret->pad=0;
ret->version=0;
@ -175,8 +181,10 @@ RSA *RSA_new_method(ENGINE *engine)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
@ -205,8 +213,10 @@ void RSA_free(RSA *r)
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);

6
crypto/rsa/rsa_sign.c
View file

@ -62,7 +62,9 @@
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
/* Size of an SSL signature: MD5+SHA1 */
#define SSL_SIG_LENGTH 36
@ -77,10 +79,12 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
const unsigned char *s = NULL;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
#ifndef OPENSSL_NO_ENGINE
if((rsa->flags & RSA_FLAG_SIGN_VER)
&& ENGINE_get_RSA(rsa->engine)->rsa_sign)
return ENGINE_get_RSA(rsa->engine)->rsa_sign(type,
m, m_len, sigret, siglen, rsa);
#endif
/* Special case: SSL signature, just check the length */
if(type == NID_md5_sha1) {
if(m_len != SSL_SIG_LENGTH) {
@ -155,10 +159,12 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
return(0);
}
#ifndef OPENSSL_NO_ENGINE
if((rsa->flags & RSA_FLAG_SIGN_VER)
&& ENGINE_get_RSA(rsa->engine)->rsa_verify)
return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype,
m, m_len, sigbuf, siglen, rsa);
#endif
s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
if (s == NULL)

2
crypto/rsa/rsa_test.c
View file

@ -16,7 +16,9 @@ int main(int argc, char *argv[])
}
#else
#include <openssl/rsa.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#define SetKey \
key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \

4
demos/x509/mkcert.c
View file

@ -9,7 +9,9 @@
#include <openssl/pem.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
int add_ext(X509 *cert, int nid, char *value);
@ -35,7 +37,9 @@ int main(int argc, char **argv)
X509_free(x509);
EVP_PKEY_free(pkey);
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
CRYPTO_mem_leaks(bio_err);

4
demos/x509/mkreq.c
View file

@ -8,7 +8,9 @@
#include <openssl/pem.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
int mkreq(X509_REQ **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
int add_ext(STACK_OF(X509_REQUEST) *sk, int nid, char *value);
@ -33,7 +35,9 @@ int main(int argc, char **argv)
X509_REQ_free(req);
EVP_PKEY_free(pkey);
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
CRYPTO_mem_leaks(bio_err);

4
ssl/ssltest.c
View file

@ -133,7 +133,9 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/err.h>
#include <openssl/rand.h>
@ -828,7 +830,9 @@ end:
#ifndef OPENSSL_NO_RSA
free_tmp_rsa();
#endif
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);

2
util/bat.sh
View file

@ -62,6 +62,7 @@ sub var_add
local($dir,$val)=@_;
local(@a,$_,$ret);
return("") if $no_engine && $dir =~ /\/engine/;
return("") if $no_idea && $dir =~ /\/idea/;
return("") if $no_rc2 && $dir =~ /\/rc2/;
return("") if $no_rc4 && $dir =~ /\/rc4/;
@ -116,6 +117,7 @@ sub var_add
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
@a=grep(!/^gendsa$/,@a) if $no_sha1;

8
util/mk1mf.pl
View file

@ -65,6 +65,8 @@ and [options] can be one of
no-krb5 - No KRB5
no-ec - No EC
no-ecdsa - No ECDSA
no-ecdh - No ECDH
no-engine - No engine
nasm - Use NASM for x86 asm
gaswin - Use GNU as with Mingw32
no-socks - No socket code
@ -234,6 +236,8 @@ $cflags.=" -DOPENSSL_NO_ERR" if $no_err;
$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
$cflags.=" -DOPENSSL_NO_EC" if $no_ec;
$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
$cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine;
#$cflags.=" -DRSAref" if $rsaref ne "";
## if ($unix)
@ -663,6 +667,7 @@ sub var_add
local($dir,$val)=@_;
local(@a,$_,$ret);
return("") if $no_engine && $dir =~ /\/engine/;
return("") if $no_idea && $dir =~ /\/idea/;
return("") if $no_aes && $dir =~ /\/aes/;
return("") if $no_rc2 && $dir =~ /\/rc2/;
@ -723,6 +728,7 @@ sub var_add
@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
@a=grep(!/_mdc2$/,@a) if $no_mdc2;
@a=grep(!/^engine$/,@a) if $no_engine;
@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
@a=grep(!/^gendsa$/,@a) if $no_sha1;
@ -925,6 +931,8 @@ sub read_options
elsif (/^no-krb5$/) { $no_krb5=1; }
elsif (/^no-ec$/) { $no_ec=1; }
elsif (/^no-ecdsa$/) { $no_ecdsa=1; }
elsif (/^no-ecdh$/) { $no_ecdh=1; }
elsif (/^no-engine$/) { $no_engine=1; }
elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1;
$no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1;

8
util/mkdef.pl
View file

@ -93,7 +93,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# External "algorithms"
"FP_API", "STDIO", "SOCK", "KRB5",
# Engines
"STATIC_ENGINE",
"STATIC_ENGINE", "ENGINE",
# Deprecated functions
"DEPRECATED" );
@ -111,7 +111,7 @@ my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
my $no_cast;
my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
my $no_ec; my $no_ecdsa; my $no_ecdh;
my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine;
my $no_fp_api; my $no_static_engine; my $no_deprecated;
foreach (@ARGV, split(/ /, $options))
@ -182,6 +182,7 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-comp$/) { $no_comp=1; }
elsif (/^no-dso$/) { $no_dso=1; }
elsif (/^no-krb5$/) { $no_krb5=1; }
elsif (/^no-engine$/) { $no_engine=1; }
}
@ -243,7 +244,7 @@ $crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
$crypto.=" crypto/engine/engine.h";
$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer;
$crypto.=" crypto/bio/bio.h" ; # unless $no_bio;
@ -1065,6 +1066,7 @@ sub is_valid
if ($keyword eq "COMP" && $no_comp) { return 0; }
if ($keyword eq "DSO" && $no_dso) { return 0; }
if ($keyword eq "KRB5" && $no_krb5) { return 0; }
if ($keyword eq "ENGINE" && $no_engine) { return 0; }
if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }