wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

This change replaces the ENGINE's underlying mechanics with the new

Browse source 
ENGINE_TABLE-based stuff - as described in crypto/engine/README.

Associated miscellaneous changes;
 - the previous cipher/digest hooks that hardwired directly to EVP's
   OBJ_NAME-based storage have been backed out. New cipher/digest support
   has been constructed and will be committed shortly.
 - each implementation defines its own ENGINE_load_<name> function now.
 - the "openssl" ENGINE isn't needed or loaded any more.
 - core (not algorithm or class specific) ENGINE code has been split into
   multiple files to increase readability and decrease linker bloat.
 - ENGINE_cpy() has been removed as it wasn't really a good idea in the
   first place and now, because of registration issues, can't be
   meaningfully defined any more.
 - BN_MOD_EXP[_CRT] support is removed as per the README.
 - a bug in enginetest.c has been fixed.

NB: This commit almost certainly breaks compilation until subsequent
changes are committed.
This commit is contained in:
Geoff Thorpe 2001-09-25 20:00:51 +00:00
parent f185e725a0
commit b6d1e52d45
24 changed files with 2156 additions and 1514 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

132
crypto/engine/Makefile.ssl
View file

@ -23,12 +23,16 @@ TEST= enginetest.c
APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= eng_err.c eng_lib.c eng_list.c eng_all.c eng_openssl.c \
eng_dyn.c eng_evp.c \
LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
eng_table.c eng_pkey.c eng_fat.c eng_all.c \
tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c \
eng_openssl.c eng_dyn.c \
hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
hw_openbsd_dev_crypto.c
LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_all.o eng_openssl.o \
eng_dyn.o eng_evp.o \
LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
eng_table.o eng_pkey.o eng_fat.o eng_all.o \
tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o \
eng_openssl.o eng_dyn.o \
hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
hw_openbsd_dev_crypto.o
@ -95,6 +99,18 @@ eng_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
eng_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
eng_all.o: ../../include/openssl/symhacks.h ../../include/openssl/types.h
eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h
eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
eng_ctrl.o: ../../include/openssl/opensslconf.h
eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
eng_ctrl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_ctrl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_ctrl.o: ../../include/openssl/types.h ../../include/openssl/ui.h
eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h
eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@ -117,18 +133,29 @@ eng_err.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
eng_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
eng_err.o: ../../include/openssl/symhacks.h ../../include/openssl/types.h
eng_err.o: ../../include/openssl/ui.h eng_err.c
eng_evp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
eng_evp.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
eng_evp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
eng_evp.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
eng_evp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
eng_evp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
eng_evp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
eng_evp.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
eng_evp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_evp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_evp.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_evp.c
eng_evp.o: eng_int.h
eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
eng_fat.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
eng_fat.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
eng_fat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/types.h
eng_fat.o: ../../include/openssl/ui.h ../cryptlib.h eng_fat.c eng_int.h
eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
eng_init.o: ../../include/openssl/opensslconf.h
eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
eng_init.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_init.o: ../../include/openssl/types.h ../../include/openssl/ui.h
eng_init.o: ../cryptlib.h eng_init.c eng_int.h
eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@ -165,6 +192,31 @@ eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_openssl.o: ../../include/openssl/types.h ../../include/openssl/ui.h
eng_openssl.o: ../cryptlib.h eng_openssl.c
eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
eng_pkey.o: ../../include/openssl/opensslconf.h
eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
eng_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_pkey.o: ../../include/openssl/types.h ../../include/openssl/ui.h
eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c
eng_table.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
eng_table.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
eng_table.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
eng_table.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h
eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
eng_table.o: ../../include/openssl/objects.h
eng_table.o: ../../include/openssl/opensslconf.h
eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
eng_table.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
eng_table.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
eng_table.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h
eng_table.o: eng_table.c
hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h
hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@ -231,3 +283,51 @@ hw_ubsec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
hw_ubsec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
hw_ubsec.o: ../../include/openssl/types.h ../../include/openssl/ui.h
hw_ubsec.o: ../cryptlib.h hw_ubsec.c vendor_defns/hw_ubsec.h
tb_dh.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
tb_dh.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
tb_dh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
tb_dh.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
tb_dh.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h
tb_dh.o: tb_dh.c
tb_dsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
tb_dsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
tb_dsa.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
tb_dsa.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h
tb_dsa.o: tb_dsa.c
tb_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
tb_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
tb_rand.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
tb_rand.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h
tb_rand.o: tb_rand.c
tb_rsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
tb_rsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
tb_rsa.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
tb_rsa.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h
tb_rsa.o: tb_rsa.c

93
crypto/engine/eng_all.c
View file

@ -60,83 +60,34 @@
#include <openssl/engine.h>
#include "eng_int.h"
static int engine_add(ENGINE *e)
{
int toret = 1;
if (!ENGINE_by_id(ENGINE_get_id(e)))
{
(void)ERR_get_error();
toret = ENGINE_add(e);
}
ENGINE_free(e);
return toret;
}
void ENGINE_load_cswift(void)
{
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_CSWIFT
engine_add(ENGINE_cswift());
#endif /* !OPENSSL_NO_HW_CSWIFT */
#endif /* !OPENSSL_NO_HW */
}
void ENGINE_load_chil(void)
{
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_CSWIFT
engine_add(ENGINE_ncipher());
#endif /* !OPENSSL_NO_HW_CSWIFT */
#endif /* !OPENSSL_NO_HW */
}
void ENGINE_load_atalla(void)
{
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_CSWIFT
engine_add(ENGINE_atalla());
#endif /* !OPENSSL_NO_HW_CSWIFT */
#endif /* !OPENSSL_NO_HW */
}
void ENGINE_load_nuron(void)
{
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_CSWIFT
engine_add(ENGINE_nuron());
#endif /* !OPENSSL_NO_HW_CSWIFT */
#endif /* !OPENSSL_NO_HW */
}
void ENGINE_load_ubsec(void)
{
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_UBSEC
engine_add(ENGINE_ubsec());
#endif /* !OPENSSL_NO_HW_UBSEC */
#endif /* !OPENSSL_NO_HW */
}
void ENGINE_load_openbsd_dev_crypto(void)
{
#ifndef OPENSSL_NO_HW
# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
engine_add(ENGINE_openbsd_dev_crypto());
# endif
#endif /* !OPENSSL_NO_HW */
}
void ENGINE_load_builtin_engines(void)
{
static int done=0;
if (done) return;
done=1;
/* There's no longer any need for an "openssl" ENGINE unless, one day,
* it is the *only* way for standard builtin implementations to be be
* accessed (ie. it would be possible to statically link binaries with
* *no* builtin implementations). */
#if 0
ENGINE_load_openssl();
#endif
ENGINE_load_dynamic();
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_CSWIFT
ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_NURON
ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
ENGINE_load_ubsec();
#endif
#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
ENGINE_load_openbsd_dev_crypto();
#endif
#endif
}

387
crypto/engine/eng_ctrl.c Normal file
View file

@ -0,0 +1,387 @@
/* crypto/engine/eng_ctrl.c */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/crypto.h>
#include "cryptlib.h"
#include "eng_int.h"
#include <openssl/engine.h>
/* When querying a ENGINE-specific control command's 'description', this string
* is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
static const char *int_no_description = "";
/* These internal functions handle 'CMD'-related control commands when the
* ENGINE in question has asked us to take care of it (ie. the ENGINE did not
* set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
{
if((defn->cmd_num == 0) || (defn->cmd_name == NULL))
return 1;
return 0;
}
static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
{
int idx = 0;
while(!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0))
{
idx++;
defn++;
}
if(int_ctrl_cmd_is_null(defn))
/* The given name wasn't found */
return -1;
return idx;
}
static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
{
int idx = 0;
/* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
* our searches don't need to take any longer than necessary. */
while(!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num))
{
idx++;
defn++;
}
if(defn->cmd_num == num)
return idx;
/* The given cmd_num wasn't found */
return -1;
}
static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
{
int idx;
char *s = (char *)p;
/* Take care of the easy one first (eg. it requires no searches) */
if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE)
{
if((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns))
return 0;
return e->cmd_defns->cmd_num;
}
/* One or two commands require that "p" be a valid string buffer */
if((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
(cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
(cmd == ENGINE_CTRL_GET_DESC_FROM_CMD))
{
if(s == NULL)
{
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
}
/* Now handle cmd_name -> cmd_num conversion */
if(cmd == ENGINE_CTRL_GET_CMD_FROM_NAME)
{
if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_name(
e->cmd_defns, s)) < 0))
{
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
ENGINE_R_INVALID_CMD_NAME);
return -1;
}
return e->cmd_defns[idx].cmd_num;
}
/* For the rest of the commands, the 'long' argument must specify a
* valie command number - so we need to conduct a search. */
if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
(unsigned int)i)) < 0))
{
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
ENGINE_R_INVALID_CMD_NUMBER);
return -1;
}
/* Now the logic splits depending on command type */
switch(cmd)
{
case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
idx++;
if(int_ctrl_cmd_is_null(e->cmd_defns + idx))
/* end-of-list */
return 0;
else
return e->cmd_defns[idx].cmd_num;
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
return strlen(e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_NAME_FROM_CMD:
return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return strlen(e->cmd_defns[idx].cmd_desc);
return strlen(int_no_description);
case ENGINE_CTRL_GET_DESC_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
return sprintf(s, "%s", int_no_description);
case ENGINE_CTRL_GET_CMD_FLAGS:
return e->cmd_defns[idx].cmd_flags;
}
/* Shouldn't really be here ... */
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,ENGINE_R_INTERNAL_LIST_ERROR);
return -1;
}
int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
{
int ctrl_exists, ref_exists;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ref_exists = ((e->struct_ref > 0) ? 1 : 0);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
if(!ref_exists)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_REFERENCE);
return 0;
}
/* Intercept any "root-level" commands before trying to hand them on to
* ctrl() handlers. */
switch(cmd)
{
case ENGINE_CTRL_HAS_CTRL_FUNCTION:
return ctrl_exists;
case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
case ENGINE_CTRL_GET_CMD_FROM_NAME:
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
case ENGINE_CTRL_GET_NAME_FROM_CMD:
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
case ENGINE_CTRL_GET_DESC_FROM_CMD:
case ENGINE_CTRL_GET_CMD_FLAGS:
if(ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
return int_ctrl_helper(e,cmd,i,p,f);
if(!ctrl_exists)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
/* For these cmd-related functions, failure is indicated
* by a -1 return value (because 0 is used as a valid
* return in some places). */
return -1;
}
default:
break;
}
/* Anything else requires a ctrl() handler to exist. */
if(!ctrl_exists)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
return 0;
}
return e->ctrl(e, cmd, i, p, f);
}
int ENGINE_cmd_is_executable(ENGINE *e, int cmd)
{
int flags;
if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0)
{
ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
ENGINE_R_INVALID_CMD_NUMBER);
return 0;
}
if(!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
!(flags & ENGINE_CMD_FLAG_NUMERIC) &&
!(flags & ENGINE_CMD_FLAG_STRING))
return 0;
return 1;
}
int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
long i, void *p, void (*f)(), int cmd_optional)
{
int num;
if((e == NULL) || (cmd_name == NULL))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
ENGINE_CTRL_GET_CMD_FROM_NAME,
0, (void *)cmd_name, NULL)) <= 0))
{
/* If the command didn't *have* to be supported, we fake
* success. This allows certain settings to be specified for
* multiple ENGINEs and only require a change of ENGINE id
* (without having to selectively apply settings). Eg. changing
* from a hardware device back to the regular software ENGINE
* without editing the config file, etc. */
if(cmd_optional)
{
ERR_clear_error();
return 1;
}
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD,
ENGINE_R_INVALID_CMD_NAME);
return 0;
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
if (ENGINE_ctrl(e, num, i, p, f))
return 1;
return 0;
}
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
int cmd_optional)
{
int num, flags;
long l;
char *ptr;
if((e == NULL) || (cmd_name == NULL))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
ENGINE_CTRL_GET_CMD_FROM_NAME,
0, (void *)cmd_name, NULL)) <= 0))
{
/* If the command didn't *have* to be supported, we fake
* success. This allows certain settings to be specified for
* multiple ENGINEs and only require a change of ENGINE id
* (without having to selectively apply settings). Eg. changing
* from a hardware device back to the regular software ENGINE
* without editing the config file, etc. */
if(cmd_optional)
{
ERR_clear_error();
return 1;
}
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_INVALID_CMD_NAME);
return 0;
}
if(!ENGINE_cmd_is_executable(e, num))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_CMD_NOT_EXECUTABLE);
return 0;
}
if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0)
{
/* Shouldn't happen, given that ENGINE_cmd_is_executable()
* returned success. */
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
/* If the command takes no input, there must be no input. And vice
* versa. */
if(flags & ENGINE_CMD_FLAG_NO_INPUT)
{
if(arg != NULL)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_COMMAND_TAKES_NO_INPUT);
return 0;
}
/* We deliberately force the result of ENGINE_ctrl() to 0 or 1
* rather than returning it as "return data". This is to ensure
* usage of these commands is consistent across applications and
* that certain applications don't understand it one way, and
* others another. */
if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
return 1;
return 0;
}
/* So, we require input */
if(arg == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_COMMAND_TAKES_INPUT);
return 0;
}
/* If it takes string input, that's easy */
if(flags & ENGINE_CMD_FLAG_STRING)
{
/* Same explanation as above */
if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
return 1;
return 0;
}
/* If it doesn't take numeric either, then it is unsupported for use in
* a config-setting situation, which is what this function is for. This
* should never happen though, because ENGINE_cmd_is_executable() was
* used. */
if(!(flags & ENGINE_CMD_FLAG_NUMERIC))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
l = strtol(arg, &ptr, 10);
if((arg == ptr) || (*ptr != '\0'))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
return 0;
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
if(ENGINE_ctrl(e, num, l, NULL, NULL))
return 1;
return 0;
}

18
crypto/engine/eng_dyn.c
View file

@ -236,9 +236,7 @@ static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
return ctx;
}
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_dynamic(void)
static ENGINE *engine_dynamic(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
@ -257,6 +255,20 @@ ENGINE *ENGINE_dynamic(void)
return ret;
}
void ENGINE_load_dynamic(void)
{
ENGINE *toadd = engine_dynamic();
if(!toadd) return;
ENGINE_add(toadd);
/* If the "add" worked, it gets a structural reference. So either way,
* we release our just-created reference. */
ENGINE_free(toadd);
/* If the "add" didn't work, it was probably a conflict because it was
* already added (eg. someone calling ENGINE_load_blah then calling
* ENGINE_load_builtin_engines() perhaps). */
ERR_clear_error();
}
static int dynamic_init(ENGINE *e)
{
/* We always return failure - the "dyanamic" engine itself can't be used

3
crypto/engine/eng_err.c
View file

@ -1,6 +1,6 @@
/* crypto/engine/eng_err.c */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -90,6 +90,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0), "ENGINE_SET_DEFAULT_TYPE"},
{ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0), "ENGINE_set_id"},
{ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"},
{ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"},
{ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"},
{ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"},
{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"},

100
crypto/engine/eng_evp.c → crypto/engine/eng_fat.c
View file

@ -1,6 +1,6 @@
/* Written by Ben Laurie <ben@algroup.co.uk> August 2001 */
/* crypto/engine/eng_fat.c */
/* ====================================================================
* Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -53,60 +53,50 @@
*
*/
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/crypto.h>
#include "cryptlib.h"
#include "eng_int.h"
#include <string.h>
#include <openssl/engine.h>
int ENGINE_add_cipher(ENGINE *e,const EVP_CIPHER *c)
{
ENGINE_EVP_CIPHER *p;
p=OPENSSL_malloc(sizeof *p);
p->cipher=c;
if(!e->ciphers)
e->ciphers=sk_ENGINE_EVP_CIPHER_new_null();
sk_ENGINE_EVP_CIPHER_push(e->ciphers,p);
return 1;
}
void ENGINE_free_engine_cipher(ENGINE_EVP_CIPHER *p)
{ OPENSSL_free(p); }
int ENGINE_cipher_num(const ENGINE *e)
{ return sk_ENGINE_EVP_CIPHER_num(e->ciphers); }
const EVP_CIPHER *ENGINE_get_cipher(const ENGINE *e, int n)
{ return sk_ENGINE_EVP_CIPHER_value(e->ciphers, n)->cipher; }
void ENGINE_load_ciphers()
{
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
ENGINE_load_engine_ciphers(e);
}
void ENGINE_load_engine_ciphers(ENGINE *e)
{
int n;
for(n=0 ; n < sk_ENGINE_EVP_CIPHER_num(e->ciphers) ; ++n)
EVP_add_cipher(sk_ENGINE_EVP_CIPHER_value(e->ciphers,n)->cipher);
}
const EVP_CIPHER *ENGINE_get_cipher_by_name(ENGINE *e,const char *name)
{
int n;
for(n=0 ; n < ENGINE_cipher_num(e) ; ++n)
int ENGINE_set_default(ENGINE *e, unsigned int flags)
{
const EVP_CIPHER *c=ENGINE_get_cipher(e,n);
if(!strcmp(EVP_CIPHER_name(c),name))
return c;
#ifndef OPENSSL_NO_RSA
if((flags & ENGINE_METHOD_RSA) & !ENGINE_set_default_RSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_DSA
if((flags & ENGINE_METHOD_DSA) & !ENGINE_set_default_DSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_DH
if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e))
return 0;
#endif
if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e))
return 0;
return 1;
}
int ENGINE_register_complete(ENGINE *e)
{
#ifndef OPENSSL_NO_RSA
ENGINE_register_RSA(e);
#endif
#ifndef OPENSSL_NO_DSA
ENGINE_register_DSA(e);
#endif
#ifndef OPENSSL_NO_DH
ENGINE_register_DH(e);
#endif
ENGINE_register_RAND(e);
return 1;
}
int ENGINE_register_all_complete(void)
{
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
ENGINE_register_complete(e);
return 1;
}
return NULL;
}

157
crypto/engine/eng_init.c Normal file
View file

@ -0,0 +1,157 @@
/* crypto/engine/eng_init.c */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/crypto.h>
#include "cryptlib.h"
#include "eng_int.h"
#include <openssl/engine.h>
/* Initialise a engine type for use (or up its functional reference count
* if it's already in use). This version is only used internally. */
int engine_unlocked_init(ENGINE *e)
{
int to_return = 1;
if((e->funct_ref == 0) && e->init)
/* This is the first functional reference and the engine
* requires initialisation so we do it now. */
to_return = e->init(e);
if(to_return)
{
/* OK, we return a functional reference which is also a
* structural reference. */
e->struct_ref++;
e->funct_ref++;
engine_ref_debug(e, 0, 1)
engine_ref_debug(e, 1, 1)
}
return to_return;
}
/* Free a functional reference to a engine type. This version is only used
* internally. */
int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
{
int to_return = 1;
/* Reduce the functional reference count here so if it's the terminating
* case, we can release the lock safely and call the finish() handler
* without risk of a race. We get a race if we leave the count until
* after and something else is calling "finish" at the same time -
* there's a chance that both threads will together take the count from
* 2 to 0 without either calling finish(). */
e->funct_ref--;
engine_ref_debug(e, 1, -1)
if((e->funct_ref == 0) && e->finish)
{
if(unlock_for_handlers)
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
to_return = e->finish(e);
if(unlock_for_handlers)
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(!to_return)
return 0;
}
#ifdef REF_CHECK
if(e->funct_ref < 0)
{
fprintf(stderr,"ENGINE_finish, bad functional reference count\n");
abort();
}
#endif
/* Release the structural reference too */
if(!engine_free_util(e, 0))
{
ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
return 0;
}
return to_return;
}
/* The API (locked) version of "init" */
int ENGINE_init(ENGINE *e)
{
int ret;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_INIT,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ret = engine_unlocked_init(e);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
/* The API (locked) version of "finish" */
int ENGINE_finish(ENGINE *e)
{
int to_return = 1;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_FINISH,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
to_return = engine_unlocked_finish(e, 1);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if(!to_return)
{
ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
return 0;
}
return to_return;
}

88
crypto/engine/eng_int.h
View file

@ -87,14 +87,43 @@ extern "C" {
#endif
typedef struct engine_evp_cipher_st
{
const EVP_CIPHER *cipher;
} ENGINE_EVP_CIPHER;
/* Any code that will need cleanup operations should use these functions to
* register callbacks. ENGINE_cleanup() will call all registered callbacks in
* order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
* held (in "write" mode). */
typedef void (ENGINE_CLEANUP_CB)(void);
DECLARE_STACK_OF(ENGINE_CLEANUP_CB)
void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
DECLARE_STACK_OF(ENGINE_EVP_CIPHER)
/* We need stacks of ENGINEs for use in eng_table.c */
DECLARE_STACK_OF(ENGINE)
void ENGINE_free_engine_cipher(ENGINE_EVP_CIPHER *p);
/* If this symbol is defined then engine_table_select(), the function that is
* used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
* functional references (etc), will display debugging summaries to stderr. */
/* #define ENGINE_TABLE_DEBUG */
/* This represents an implementation table. Dependent code should instantiate it
* as a (ENGINE_TABLE *) pointer value set initially to NULL. */
typedef struct st_engine_table ENGINE_TABLE;
int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
ENGINE *e, const int *nids, int num_nids, int setdefault);
void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
void engine_table_cleanup(ENGINE_TABLE **table);
#ifndef ENGINE_TABLE_DEBUG
ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
#else
ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l);
#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
#endif
/* Internal versions of API functions that have control over locking. These are
* used between C files when functionality needs to be shared but the caller may
* already be controlling of the CRYPTO_LOCK_ENGINE lock. */
int engine_unlocked_init(ENGINE *e);
int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
int engine_free_util(ENGINE *e, int locked);
/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
* in engine.h. */
@ -110,17 +139,14 @@ struct engine_st
const DH_METHOD *dh_meth;
const RAND_METHOD *rand_meth;
BN_MOD_EXP bn_mod_exp;
BN_MOD_EXP_CRT bn_mod_exp_crt;
ENGINE_GEN_INT_FUNC_PTR destroy;
ENGINE_GEN_INT_FUNC_PTR init;
ENGINE_GEN_INT_FUNC_PTR finish;
ENGINE_CTRL_FUNC_PTR ctrl;
ENGINE_LOAD_KEY_PTR load_privkey;
ENGINE_LOAD_KEY_PTR load_pubkey;
STACK_OF(ENGINE_EVP_CIPHER) *ciphers;
const ENGINE_CMD_DEFN *cmd_defns;
int flags;
/* reference count on the structure itself */
@ -138,48 +164,6 @@ struct engine_st
struct engine_st *next;
};
/* BUILT-IN ENGINES. (these functions are only ever called once and
* do not return references - they are purely for bootstrapping). */
/* Returns a structure of software only methods (the default). */
ENGINE *ENGINE_openssl(void);
/* Returns the "dynamic" ENGINE for loading entire ENGINE implementations from
* shared libraries. */
ENGINE *ENGINE_dynamic(void);
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_CSWIFT
/* Returns a structure of cswift methods ... NB: This can exist and be
* "used" even on non-cswift systems because the "init" will fail if the
* card/library are not found. */
ENGINE *ENGINE_cswift(void);
#endif /* !OPENSSL_NO_HW_CSWIFT */
#ifndef OPENSSL_NO_HW_NCIPHER
ENGINE *ENGINE_ncipher(void);
#endif /* !OPENSSL_NO_HW_NCIPHER */
#ifndef OPENSSL_NO_HW_ATALLA
/* Returns a structure of atalla methods. */
ENGINE *ENGINE_atalla(void);
#endif /* !OPENSSL_NO_HW_ATALLA */
#ifndef OPENSSL_NO_HW_NURON
ENGINE *ENGINE_nuron(void);
#endif /* !OPENSSL_NO_HW_NURON */
#ifndef OPENSSL_NO_HW_UBSEC
ENGINE *ENGINE_ubsec(void);
#endif /* !OPENSSL_NO_HW_UBSEC */
#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
ENGINE *ENGINE_openbsd_dev_crypto(void);
#endif
#endif /* !OPENSSL_NO_HW */
#ifdef __cplusplus
}
#endif

949
crypto/engine/eng_lib.c
View file

@ -59,806 +59,227 @@
#include <openssl/crypto.h>
#include "cryptlib.h"
#include "eng_int.h"
#include <openssl/rand.h> /* FIXME: This shouldn't be needed */
#include <openssl/engine.h>
/* These pointers each have their own "functional reference" when they
* are non-NULL. Similarly, when they are retrieved by a call to
* ENGINE_get_default_[RSA|DSA|...] the returned pointer is also a
* reference and the caller is responsible for freeing that when they
* are finished with it (with a call to ENGINE_finish() *NOT* just
* ENGINE_free()!!!!!!). */
#ifndef OPENSSL_NO_RSA
static ENGINE *engine_def_rsa = NULL;
#endif
#ifndef OPENSSL_NO_DSA
static ENGINE *engine_def_dsa = NULL;
#endif
#ifndef OPENSSL_NO_DH
static ENGINE *engine_def_dh = NULL;
#endif
static ENGINE *engine_def_rand = NULL;
static ENGINE *engine_def_bn_mod_exp = NULL;
static ENGINE *engine_def_bn_mod_exp_crt = NULL;
/* A static "once-only" flag used to control if/when the above were
* initialised to suitable start-up defaults. */
static int engine_def_flag = 0;
/* The "new"/"free" stuff first */
/* When querying a ENGINE-specific control command's 'description', this string
* is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
static const char *int_no_description = "";
/* This is used in certain static utility functions to save code
* repetition for per-algorithm functions. */
typedef enum {
ENGINE_TYPE_RSA,
ENGINE_TYPE_DSA,
ENGINE_TYPE_DH,
ENGINE_TYPE_RAND,
ENGINE_TYPE_BN_MOD_EXP,
ENGINE_TYPE_BN_MOD_EXP_CRT
} ENGINE_TYPE;
static void engine_def_check_util(ENGINE **def, ENGINE *val)
ENGINE *ENGINE_new(void)
{
*def = val;
val->struct_ref++;
val->funct_ref++;
engine_ref_debug(val, 0, 1)
engine_ref_debug(val, 1, 1)
}
ENGINE *ret;
/* In a slight break with convention - this static function must be
* called *outside* any locking of CRYPTO_LOCK_ENGINE. */
static void engine_def_check(void)
{
ENGINE *e;
if(engine_def_flag)
return;
e = ENGINE_get_first();
if(e == NULL)
/* The list is empty ... not much we can do! */
return;
/* We have a structural reference, see if getting a functional
* reference is possible. This is done to cope with init errors
* in the engine - the following locked code does a bunch of
* manual "ENGINE_init"s which do *not* allow such an init
* error so this is worth doing. */
if(ENGINE_init(e))
ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE));
if(ret == NULL)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
/* Doing another check here prevents an obvious race
* condition because the whole function itself cannot
* be locked. */
if(engine_def_flag)
goto skip_set_defaults;
/* OK, we got a functional reference, so we get one each
* for the defaults too. */
#ifndef OPENSSL_NO_RSA
engine_def_check_util(&engine_def_rsa, e);
#endif
#ifndef OPENSSL_NO_DSA
engine_def_check_util(&engine_def_dsa, e);
#endif
#ifndef OPENSSL_NO_DH
engine_def_check_util(&engine_def_dh, e);
#endif
engine_def_check_util(&engine_def_rand, e);
engine_def_check_util(&engine_def_bn_mod_exp, e);
engine_def_check_util(&engine_def_bn_mod_exp_crt, e);
engine_def_flag = 1;
skip_set_defaults:
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* The "if" needs to be balanced out. */
ENGINE_finish(e);
ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
/* We need to balance out the fact we obtained a structural
* reference to begin with from ENGINE_get_first(). */
ENGINE_free(e);
}
/* Initialise a engine type for use (or up its functional reference count
* if it's already in use). */
int ENGINE_init(ENGINE *e)
{
int to_return = 1;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_INIT,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if((e->funct_ref == 0) && e->init)
/* This is the first functional reference and the engine
* requires initialisation so we do it now. */
to_return = e->init(e);
if(to_return)
{
/* OK, we return a functional reference which is also a
* structural reference. */
e->struct_ref++;
e->funct_ref++;
engine_ref_debug(e, 0, 1)
engine_ref_debug(e, 1, 1)
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return to_return;
}
/* Free a functional reference to a engine type */
int ENGINE_finish(ENGINE *e)
{
int to_return = 1;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_FINISH,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
/* Reduce the functional reference count here so if it's the terminating
* case, we can release the lock safely and call the finish() handler
* without risk of a race. We get a race if we leave the count until
* after and something else is calling "finish" at the same time -
* there's a chance that both threads will together take the count from
* 2 to 0 without either calling finish(). */
e->funct_ref--;
engine_ref_debug(e, 1, -1)
if((e->funct_ref == 0) && e->finish)
{
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if(!(to_return = e->finish(e)))
{
ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
return 0;
}
}
else
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
#ifdef REF_CHECK
if(e->funct_ref < 0)
{
fprintf(stderr,"ENGINE_finish, bad functional reference count\n");
abort();
}
#endif
/* Release the structural reference too */
if(!ENGINE_free(e))
{
ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
return 0;
}
return to_return;
}
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
EVP_PKEY *pkey;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(e->funct_ref == 0)
{
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_privkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
pkey = e->load_privkey(e, key_id, ui_method, callback_data);
if (!pkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
return 0;
}
return pkey;
}
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
EVP_PKEY *pkey;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(e->funct_ref == 0)
{
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_pubkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
if (!pkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
return 0;
}
return pkey;
}
/* These internal functions handle 'CMD'-related control commands when the
* ENGINE in question has asked us to take care of it (ie. the ENGINE did not
* set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
{
if((defn->cmd_num == 0) || (defn->cmd_name == NULL))
return 1;
return 0;
}
static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
{
int idx = 0;
while(!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0))
{
idx++;
defn++;
}
if(int_ctrl_cmd_is_null(defn))
/* The given name wasn't found */
return -1;
return idx;
}
static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
{
int idx = 0;
/* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
* our searches don't need to take any longer than necessary. */
while(!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num))
{
idx++;
defn++;
}
if(defn->cmd_num == num)
return idx;
/* The given cmd_num wasn't found */
return -1;
}
static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
{
int idx;
char *s = (char *)p;
/* Take care of the easy one first (eg. it requires no searches) */
if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE)
{
if((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns))
return 0;
return e->cmd_defns->cmd_num;
}
/* One or two commands require that "p" be a valid string buffer */
if((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
(cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
(cmd == ENGINE_CTRL_GET_DESC_FROM_CMD))
{
if(s == NULL)
{
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
}
/* Now handle cmd_name -> cmd_num conversion */
if(cmd == ENGINE_CTRL_GET_CMD_FROM_NAME)
{
if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_name(
e->cmd_defns, s)) < 0))
{
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
ENGINE_R_INVALID_CMD_NAME);
return -1;
}
return e->cmd_defns[idx].cmd_num;
}
/* For the rest of the commands, the 'long' argument must specify a
* valie command number - so we need to conduct a search. */
if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
(unsigned int)i)) < 0))
{
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
ENGINE_R_INVALID_CMD_NUMBER);
return -1;
}
/* Now the logic splits depending on command type */
switch(cmd)
{
case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
idx++;
if(int_ctrl_cmd_is_null(e->cmd_defns + idx))
/* end-of-list */
return 0;
else
return e->cmd_defns[idx].cmd_num;
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
return strlen(e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_NAME_FROM_CMD:
return sprintf(s, "%s", e->cmd_defns[idx].cmd_name);
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return strlen(e->cmd_defns[idx].cmd_desc);
return strlen(int_no_description);
case ENGINE_CTRL_GET_DESC_FROM_CMD:
if(e->cmd_defns[idx].cmd_desc)
return sprintf(s, "%s", e->cmd_defns[idx].cmd_desc);
return sprintf(s, "%s", int_no_description);
case ENGINE_CTRL_GET_CMD_FLAGS:
return e->cmd_defns[idx].cmd_flags;
}
/* Shouldn't really be here ... */
ENGINEerr(ENGINE_F_INT_CTRL_HELPER,ENGINE_R_INTERNAL_LIST_ERROR);
return -1;
}
int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
{
int ctrl_exists, ref_exists;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
ref_exists = ((e->struct_ref > 0) ? 1 : 0);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
if(!ref_exists)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_REFERENCE);
return 0;
}
/* Intercept any "root-level" commands before trying to hand them on to
* ctrl() handlers. */
switch(cmd)
{
case ENGINE_CTRL_HAS_CTRL_FUNCTION:
return ctrl_exists;
case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
case ENGINE_CTRL_GET_CMD_FROM_NAME:
case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
case ENGINE_CTRL_GET_NAME_FROM_CMD:
case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
case ENGINE_CTRL_GET_DESC_FROM_CMD:
case ENGINE_CTRL_GET_CMD_FLAGS:
if(ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
return int_ctrl_helper(e,cmd,i,p,f);
if(!ctrl_exists)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
/* For these cmd-related functions, failure is indicated
* by a -1 return value (because 0 is used as a valid
* return in some places). */
return -1;
}
default:
break;
}
/* Anything else requires a ctrl() handler to exist. */
if(!ctrl_exists)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
return 0;
}
return e->ctrl(e, cmd, i, p, f);
}
int ENGINE_cmd_is_executable(ENGINE *e, int cmd)
{
int flags;
if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0)
{
ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
ENGINE_R_INVALID_CMD_NUMBER);
return 0;
}
if(!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
!(flags & ENGINE_CMD_FLAG_NUMERIC) &&
!(flags & ENGINE_CMD_FLAG_STRING))
return 0;
return 1;
}
int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
long i, void *p, void (*f)(), int cmd_optional)
{
int num;
if((e == NULL) || (cmd_name == NULL))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
ENGINE_CTRL_GET_CMD_FROM_NAME,
0, (void *)cmd_name, NULL)) <= 0))
{
/* If the command didn't *have* to be supported, we fake
* success. This allows certain settings to be specified for
* multiple ENGINEs and only require a change of ENGINE id
* (without having to selectively apply settings). Eg. changing
* from a hardware device back to the regular software ENGINE
* without editing the config file, etc. */
if(cmd_optional)
{
ERR_clear_error();
return 1;
}
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD,
ENGINE_R_INVALID_CMD_NAME);
return 0;
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
if (ENGINE_ctrl(e, num, i, p, f))
return 1;
return 0;
}
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
int cmd_optional)
{
int num, flags;
long l;
char *ptr;
if((e == NULL) || (cmd_name == NULL))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
ENGINE_CTRL_GET_CMD_FROM_NAME,
0, (void *)cmd_name, NULL)) <= 0))
{
/* If the command didn't *have* to be supported, we fake
* success. This allows certain settings to be specified for
* multiple ENGINEs and only require a change of ENGINE id
* (without having to selectively apply settings). Eg. changing
* from a hardware device back to the regular software ENGINE
* without editing the config file, etc. */
if(cmd_optional)
{
ERR_clear_error();
return 1;
}
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_INVALID_CMD_NAME);
return 0;
}
if(!ENGINE_cmd_is_executable(e, num))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_CMD_NOT_EXECUTABLE);
return 0;
}
if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0)
{
/* Shouldn't happen, given that ENGINE_cmd_is_executable()
* returned success. */
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
/* If the command takes no input, there must be no input. And vice
* versa. */
if(flags & ENGINE_CMD_FLAG_NO_INPUT)
{
if(arg != NULL)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_COMMAND_TAKES_NO_INPUT);
return 0;
}
/* We deliberately force the result of ENGINE_ctrl() to 0 or 1
* rather than returning it as "return data". This is to ensure
* usage of these commands is consistent across applications and
* that certain applications don't understand it one way, and
* others another. */
if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
return 1;
return 0;
}
/* So, we require input */
if(arg == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_COMMAND_TAKES_INPUT);
return 0;
}
/* If it takes string input, that's easy */
if(flags & ENGINE_CMD_FLAG_STRING)
{
/* Same explanation as above */
if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
return 1;
return 0;
}
/* If it doesn't take numeric either, then it is unsupported for use in
* a config-setting situation, which is what this function is for. This
* should never happen though, because ENGINE_cmd_is_executable() was
* used. */
if(!(flags & ENGINE_CMD_FLAG_NUMERIC))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_INTERNAL_LIST_ERROR);
return 0;
}
l = strtol(arg, &ptr, 10);
if((arg == ptr) || (*ptr != '\0'))
{
ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
return 0;
}
/* Force the result of the control command to 0 or 1, for the reasons
* mentioned before. */
if(ENGINE_ctrl(e, num, l, NULL, NULL))
return 1;
return 0;
}
static ENGINE *engine_get_default_type(ENGINE_TYPE t)
{
ENGINE *ret = NULL;
/* engine_def_check is lean and mean and won't replace any
* prior default engines ... so we must ensure that it is always
* the first function to get to touch the default values. */
engine_def_check();
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
switch(t)
{
#ifndef OPENSSL_NO_RSA
case ENGINE_TYPE_RSA:
ret = engine_def_rsa; break;
#endif
#ifndef OPENSSL_NO_DSA
case ENGINE_TYPE_DSA:
ret = engine_def_dsa; break;
#endif
#ifndef OPENSSL_NO_DH
case ENGINE_TYPE_DH:
ret = engine_def_dh; break;
#endif
case ENGINE_TYPE_RAND:
ret = engine_def_rand; break;
case ENGINE_TYPE_BN_MOD_EXP:
ret = engine_def_bn_mod_exp; break;
case ENGINE_TYPE_BN_MOD_EXP_CRT:
ret = engine_def_bn_mod_exp_crt; break;
default:
break;
}
/* Unforunately we can't do this work outside the lock with a
* call to ENGINE_init() because that would leave a race
* condition open. */
if(ret)
{
ret->struct_ref++;
ret->funct_ref++;
engine_ref_debug(ret, 0, 1)
engine_ref_debug(ret, 1, 1)
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
memset(ret, 0, sizeof(ENGINE));
ret->struct_ref = 1;
engine_ref_debug(ret, 0, 1)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
return ret;
}
#ifndef OPENSSL_NO_RSA
ENGINE *ENGINE_get_default_RSA(void)
int engine_free_util(ENGINE *e, int locked)
{
return engine_get_default_type(ENGINE_TYPE_RSA);
}
#endif
int i;
#ifndef OPENSSL_NO_DSA
ENGINE *ENGINE_get_default_DSA(void)
{
return engine_get_default_type(ENGINE_TYPE_DSA);
}
#endif
#ifndef OPENSSL_NO_DH
ENGINE *ENGINE_get_default_DH(void)
{
return engine_get_default_type(ENGINE_TYPE_DH);
}
#endif
ENGINE *ENGINE_get_default_RAND(void)
{
return engine_get_default_type(ENGINE_TYPE_RAND);
}
ENGINE *ENGINE_get_default_BN_mod_exp(void)
{
return engine_get_default_type(ENGINE_TYPE_BN_MOD_EXP);
}
ENGINE *ENGINE_get_default_BN_mod_exp_crt(void)
{
return engine_get_default_type(ENGINE_TYPE_BN_MOD_EXP_CRT);
}
static int engine_set_default_type(ENGINE_TYPE t, ENGINE *e)
{
ENGINE *old = NULL;
/* engine_def_check is lean and mean and won't replace any
* prior default engines ... so we must ensure that it is always
* the first function to get to touch the default values. */
engine_def_check();
/* Attempt to get a functional reference (we need one anyway, but
* also, 'e' may be just a structural reference being passed in so
* this call may actually be the first). */
if(e && !ENGINE_init(e))
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_TYPE,
ENGINE_R_INIT_FAILED);
ENGINEerr(ENGINE_F_ENGINE_FREE,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
switch(t)
if(locked)
i = CRYPTO_add(&e->struct_ref,-1,CRYPTO_LOCK_ENGINE);
else
i = --e->struct_ref;
engine_ref_debug(e, 0, -1)
if (i > 0) return 1;
#ifdef REF_CHECK
if (i < 0)
{
#ifndef OPENSSL_NO_RSA
case ENGINE_TYPE_RSA:
old = engine_def_rsa;
engine_def_rsa = e; break;
#endif
#ifndef OPENSSL_NO_DSA
case ENGINE_TYPE_DSA:
old = engine_def_dsa;
engine_def_dsa = e; break;
#endif
#ifndef OPENSSL_NO_DH
case ENGINE_TYPE_DH:
old = engine_def_dh;
engine_def_dh = e; break;
#endif
case ENGINE_TYPE_RAND:
old = engine_def_rand;
engine_def_rand = e; break;
case ENGINE_TYPE_BN_MOD_EXP:
old = engine_def_bn_mod_exp;
engine_def_bn_mod_exp = e; break;
case ENGINE_TYPE_BN_MOD_EXP_CRT:
old = engine_def_bn_mod_exp_crt;
engine_def_bn_mod_exp_crt = e; break;
default:
break;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* If we've replaced a previous value, then we need to remove the
* functional reference we had. */
if(old && !ENGINE_finish(old))
{
ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_TYPE,
ENGINE_R_FINISH_FAILED);
return 0;
fprintf(stderr,"ENGINE_free, bad structural reference count\n");
abort();
}
#endif
/* Give the ENGINE a chance to do any structural cleanup corresponding
* to allocation it did in its constructor (eg. unload error strings) */
if(e->destroy)
e->destroy(e);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
OPENSSL_free(e);
return 1;
}
#ifndef OPENSSL_NO_RSA
int ENGINE_set_default_RSA(ENGINE *e)
int ENGINE_free(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_RSA, e);
}
#endif
#ifndef OPENSSL_NO_DSA
int ENGINE_set_default_DSA(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_DSA, e);
}
#endif
#ifndef OPENSSL_NO_DH
int ENGINE_set_default_DH(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_DH, e);
}
#endif
int ENGINE_set_default_RAND(ENGINE *e)
{
return engine_set_default_type(ENGINE_TYPE_RAND, e);
return engine_free_util(e, 1);
}
int ENGINE_set_default_BN_mod_exp(ENGINE *e)
/* Cleanup stuff */
/* ENGINE_cleanup() is coded such that anything that does work that will need
* cleanup can register a "cleanup" callback here. That way we don't get linker
* bloat by referring to all *possible* cleanups, but any linker bloat into code
* "X" will cause X's cleanup function to end up here. */
static STACK_OF(ENGINE_CLEANUP_CB) *cleanup_stack = NULL;
static int int_cleanup_check(int create)
{
return engine_set_default_type(ENGINE_TYPE_BN_MOD_EXP, e);
if(cleanup_stack) return 1;
if(!create) return 0;
cleanup_stack = sk_ENGINE_CLEANUP_CB_new_null();
return (cleanup_stack ? 1 : 0);
}
void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
{
if(!int_cleanup_check(1)) return;
sk_ENGINE_CLEANUP_CB_insert(cleanup_stack, cb, 0);
}
void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
{
if(!int_cleanup_check(1)) return;
sk_ENGINE_CLEANUP_CB_push(cleanup_stack, cb);
}
/* The API function that performs all cleanup */
void ENGINE_cleanup(void)
{
if(int_cleanup_check(0))
{
int loop = 0, num = sk_ENGINE_CLEANUP_CB_num(cleanup_stack);
while(loop < num)
{
ENGINE_CLEANUP_CB *cb = sk_ENGINE_CLEANUP_CB_value(
cleanup_stack, loop++);
(*cb)();
}
sk_ENGINE_CLEANUP_CB_free(cleanup_stack);
cleanup_stack = NULL;
}
/* FIXME: This should be handled (somehow) through RAND, eg. by it
* registering a cleanup callback. */
RAND_set_rand_method(NULL);
}
int ENGINE_set_default_BN_mod_exp_crt(ENGINE *e)
/* Now the "ex_data" support */
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return engine_set_default_type(ENGINE_TYPE_BN_MOD_EXP_CRT, e);
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
new_func, dup_func, free_func);
}
int ENGINE_set_default(ENGINE *e, unsigned int flags)
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
{
#ifndef OPENSSL_NO_RSA
if((flags & ENGINE_METHOD_RSA) && e->rsa_meth &&
!ENGINE_set_default_RSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_DSA
if((flags & ENGINE_METHOD_DSA) && e->dsa_meth &&
!ENGINE_set_default_DSA(e))
return 0;
#endif
#ifndef OPENSSL_NO_DH
if((flags & ENGINE_METHOD_DH) && e->dh_meth &&
!ENGINE_set_default_DH(e))
return 0;
#endif
if((flags & ENGINE_METHOD_RAND) && e->rand_meth &&
!ENGINE_set_default_RAND(e))
return 0;
if((flags & ENGINE_METHOD_BN_MOD_EXP) && e->bn_mod_exp &&
!ENGINE_set_default_BN_mod_exp(e))
return 0;
if((flags & ENGINE_METHOD_BN_MOD_EXP_CRT) && e->bn_mod_exp_crt &&
!ENGINE_set_default_BN_mod_exp_crt(e))
return(CRYPTO_set_ex_data(&e->ex_data, idx, arg));
}
void *ENGINE_get_ex_data(const ENGINE *e, int idx)
{
return(CRYPTO_get_ex_data(&e->ex_data, idx));
}
/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
* ENGINE structure itself. */
int ENGINE_set_id(ENGINE *e, const char *id)
{
if(id == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_SET_ID,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
e->id = id;
return 1;
}
int ENGINE_clear_defaults(void)
int ENGINE_set_name(ENGINE *e, const char *name)
{
/* If the defaults haven't even been set yet, don't bother. Any kind of
* "cleanup" has a kind of implicit race-condition if another thread is
* trying to keep going, so we don't address that with locking. The
* first ENGINE_set_default_*** call will actually *create* a standard
* set of default ENGINEs (including init() and functional reference
* counts aplenty) before the rest of this function undoes them all. So
* save some hassle ... */
if(!engine_def_flag)
return 1;
if((0 == 1) ||
#ifndef OPENSSL_NO_RSA
!ENGINE_set_default_RSA(NULL) ||
#endif
#ifndef OPENSSL_NO_DSA
!ENGINE_set_default_DSA(NULL) ||
#endif
#ifndef OPENSSL_NO_DH
!ENGINE_set_default_DH(NULL) ||
#endif
!ENGINE_set_default_RAND(NULL) ||
!ENGINE_set_default_BN_mod_exp(NULL) ||
!ENGINE_set_default_BN_mod_exp_crt(NULL) ||
!RAND_set_rand_method(NULL))
if(name == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
e->name = name;
return 1;
}
int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
{
e->destroy = destroy_f;
return 1;
}
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
{
e->init = init_f;
return 1;
}
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
{
e->finish = finish_f;
return 1;
}
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
{
e->ctrl = ctrl_f;
return 1;
}
int ENGINE_set_flags(ENGINE *e, int flags)
{
e->flags = flags;
return 1;
}
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
{
e->cmd_defns = defns;
return 1;
}
const char *ENGINE_get_id(const ENGINE *e)
{
return e->id;
}
const char *ENGINE_get_name(const ENGINE *e)
{
return e->name;
}
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e)
{
return e->destroy;
}
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e)
{
return e->init;
}
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e)
{
return e->finish;
}
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e)
{
return e->ctrl;
}
int ENGINE_get_flags(const ENGINE *e)
{
return e->flags;
}
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e)
{
return e->cmd_defns;
}

473
crypto/engine/eng_list.c
View file

@ -73,11 +73,21 @@
* list member. */
static ENGINE *engine_list_head = NULL;
static ENGINE *engine_list_tail = NULL;
/* A boolean switch, used to ensure we only initialise once. This
* is needed because the engine list may genuinely become empty during
* use (so we can't use engine_list_head as an indicator for example. */
static int engine_list_flag = 0;
static int ENGINE_free_util(ENGINE *e, int locked);
/* This cleanup function is only needed internally. If it should be called, we
* register it with the "ENGINE_cleanup()" stack to be called during cleanup. */
static void engine_list_cleanup(void)
{
ENGINE *iterator = engine_list_head;
while(iterator != NULL)
{
ENGINE_remove(iterator);
iterator = engine_list_head;
}
return;
}
/* These static functions starting with a lower case "engine_" always
* take place when CRYPTO_LOCK_ENGINE has been locked up. */
@ -115,6 +125,9 @@ static int engine_list_add(ENGINE *e)
}
engine_list_head = e;
e->prev = NULL;
/* The first time the list allocates, we should register the
* cleanup. */
engine_cleanup_add_last(engine_list_cleanup);
}
else
{
@ -169,66 +182,36 @@ static int engine_list_remove(ENGINE *e)
engine_list_head = e->next;
if(engine_list_tail == e)
engine_list_tail = e->prev;
ENGINE_free_util(e, 0);
return 1;
}
/* This check always takes place with CRYPTO_LOCK_ENGINE locked up
* so we're synchronised, but we can't call anything that tries to
* lock it again! :-) NB: For convenience (and code-clarity) we
* don't output errors for failures of the engine_list_add function
* as it will generate errors itself. */
static int engine_internal_check(void)
{
int toret = 1;
ENGINE *def_engine1, *def_engine2;
if(engine_list_flag)
return 1;
/* This is our first time up, we need to populate the list
* with our statically compiled-in engines. */
def_engine1 = ENGINE_openssl();
def_engine2 = ENGINE_dynamic();
if(!engine_list_add(def_engine1) ||
!engine_list_add(def_engine2))
toret = 0;
else
engine_list_flag = 1;
ENGINE_free_util(def_engine1, 0);
ENGINE_free_util(def_engine2, 0);
engine_free_util(e, 0);
return 1;
}
/* Get the first/last "ENGINE" type available. */
ENGINE *ENGINE_get_first(void)
{
ENGINE *ret = NULL;
ENGINE *ret;
CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
if(engine_internal_check())
ret = engine_list_head;
if(ret)
{
ret = engine_list_head;
if(ret)
{
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
ENGINE *ENGINE_get_last(void)
{
ENGINE *ret = NULL;
ENGINE *ret;
CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
if(engine_internal_check())
{
ret = engine_list_tail;
if(ret)
{
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
if(ret)
{
ret->struct_ref++;
engine_ref_debug(ret, 0, 1)
}
CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
return ret;
@ -257,6 +240,7 @@ ENGINE *ENGINE_get_next(ENGINE *e)
ENGINE_free(e);
return ret;
}
ENGINE *ENGINE_get_prev(ENGINE *e)
{
ENGINE *ret = NULL;
@ -296,7 +280,7 @@ int ENGINE_add(ENGINE *e)
ENGINE_R_ID_OR_NAME_MISSING);
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(!engine_internal_check() || !engine_list_add(e))
if(!engine_list_add(e))
{
ENGINEerr(ENGINE_F_ENGINE_ADD,
ENGINE_R_INTERNAL_LIST_ERROR);
@ -317,7 +301,7 @@ int ENGINE_remove(ENGINE *e)
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(!engine_internal_check() || !engine_list_remove(e))
if(!engine_list_remove(e))
{
ENGINEerr(ENGINE_F_ENGINE_REMOVE,
ENGINE_R_INTERNAL_LIST_ERROR);
@ -327,9 +311,33 @@ int ENGINE_remove(ENGINE *e)
return to_return;
}
static void engine_cpy(ENGINE *dest, const ENGINE *src)
{
dest->id = src->id;
dest->name = src->name;
#ifndef OPENSSL_NO_RSA
dest->rsa_meth = src->rsa_meth;
#endif
#ifndef OPENSSL_NO_DSA
dest->dsa_meth = src->dsa_meth;
#endif
#ifndef OPENSSL_NO_DH
dest->dh_meth = src->dh_meth;
#endif
dest->rand_meth = src->rand_meth;
dest->destroy = src->destroy;
dest->init = src->init;
dest->finish = src->finish;
dest->ctrl = src->ctrl;
dest->load_privkey = src->load_privkey;
dest->load_pubkey = src->load_pubkey;
dest->cmd_defns = src->cmd_defns;
dest->flags = src->flags;
}
ENGINE *ENGINE_by_id(const char *id)
{
ENGINE *iterator = NULL, *cp = NULL;
ENGINE *iterator;
if(id == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_BY_ID,
@ -337,36 +345,30 @@ ENGINE *ENGINE_by_id(const char *id)
return NULL;
}
CRYPTO_r_lock(CRYPTO_LOCK_ENGINE);
if(!engine_internal_check())
ENGINEerr(ENGINE_F_ENGINE_BY_ID,
ENGINE_R_INTERNAL_LIST_ERROR);
else
iterator = engine_list_head;
while(iterator && (strcmp(id, iterator->id) != 0))
iterator = iterator->next;
if(iterator)
{
iterator = engine_list_head;
while(iterator && (strcmp(id, iterator->id) != 0))
iterator = iterator->next;
if(iterator)
/* We need to return a structural reference. If this is an
* ENGINE type that returns copies, make a duplicate - otherwise
* increment the existing ENGINE's reference count. */
if(iterator->flags & ENGINE_FLAGS_BY_ID_COPY)
{
/* We need to return a structural reference. If this is
* a "dynamic" ENGINE type, make a duplicate - otherwise
* increment the existing ENGINE's reference count. */
if(iterator->flags & ENGINE_FLAGS_BY_ID_COPY)
{
cp = ENGINE_new();
if(!cp)
iterator = NULL;
else
{
ENGINE_cpy(cp, iterator);
iterator = cp;
}
}
ENGINE *cp = ENGINE_new();
if(!cp)
iterator = NULL;
else
{
iterator->struct_ref++;
engine_ref_debug(iterator, 0, 1)
engine_cpy(cp, iterator);
iterator = cp;
}
}
else
{
iterator->struct_ref++;
engine_ref_debug(iterator, 0, 1)
}
}
CRYPTO_r_unlock(CRYPTO_LOCK_ENGINE);
if(iterator == NULL)
@ -374,326 +376,3 @@ ENGINE *ENGINE_by_id(const char *id)
ENGINE_R_NO_SUCH_ENGINE);
return iterator;
}
ENGINE *ENGINE_new(void)
{
ENGINE *ret;
ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE));
if(ret == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
memset(ret, 0, sizeof(ENGINE));
ret->struct_ref = 1;
engine_ref_debug(ret, 0, 1)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
return ret;
}
static int ENGINE_free_util(ENGINE *e, int locked)
{
int i;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_FREE,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if(locked)
i = CRYPTO_add(&e->struct_ref,-1,CRYPTO_LOCK_ENGINE);
else
i = --e->struct_ref;
engine_ref_debug(e, 0, -1)
if (i > 0) return 1;
#ifdef REF_CHECK
if (i < 0)
{
fprintf(stderr,"ENGINE_free, bad structural reference count\n");
abort();
}
#endif
/* Give the ENGINE a chance to do any structural cleanup corresponding
* to allocation it did in its constructor (eg. unload error strings) */
if(e->destroy)
e->destroy(e);
sk_ENGINE_EVP_CIPHER_pop_free(e->ciphers,ENGINE_free_engine_cipher);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
OPENSSL_free(e);
return 1;
}
int ENGINE_free(ENGINE *e)
{
return ENGINE_free_util(e, 1);
}
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
new_func, dup_func, free_func);
}
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
{
return(CRYPTO_set_ex_data(&e->ex_data, idx, arg));
}
void *ENGINE_get_ex_data(const ENGINE *e, int idx)
{
return(CRYPTO_get_ex_data(&e->ex_data, idx));
}
void ENGINE_cleanup(void)
{
ENGINE *iterator = engine_list_head;
while(iterator != NULL)
{
ENGINE_remove(iterator);
iterator = engine_list_head;
}
engine_list_flag = 0;
/* Also unset any "default" ENGINEs that may have been set up (a default
* constitutes a functional reference on an ENGINE and there's one for
* each algorithm). */
ENGINE_clear_defaults();
return;
}
int ENGINE_set_id(ENGINE *e, const char *id)
{
if(id == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_SET_ID,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
e->id = id;
return 1;
}
int ENGINE_set_name(ENGINE *e, const char *name)
{
if(name == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
e->name = name;
return 1;
}
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
{
#ifndef OPENSSL_NO_RSA
e->rsa_meth = rsa_meth;
return 1;
#else
return 0;
#endif
}
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
{
#ifndef OPENSSL_NO_DSA
e->dsa_meth = dsa_meth;
return 1;
#else
return 0;
#endif
}
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
{
#ifndef OPENSSL_NO_DH
e->dh_meth = dh_meth;
return 1;
#else
return 0;
#endif
}
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
{
e->rand_meth = rand_meth;
return 1;
}
int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp)
{
e->bn_mod_exp = bn_mod_exp;
return 1;
}
int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt)
{
e->bn_mod_exp_crt = bn_mod_exp_crt;
return 1;
}
int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
{
e->destroy = destroy_f;
return 1;
}
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
{
e->init = init_f;
return 1;
}
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
{
e->finish = finish_f;
return 1;
}
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
{
e->ctrl = ctrl_f;
return 1;
}
int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
{
e->load_privkey = loadpriv_f;
return 1;
}
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
{
e->load_pubkey = loadpub_f;
return 1;
}
int ENGINE_set_flags(ENGINE *e, int flags)
{
e->flags = flags;
return 1;
}
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
{
e->cmd_defns = defns;
return 1;
}
int ENGINE_cpy(ENGINE *dest, const ENGINE *src)
{
if(ENGINE_set_id(dest, ENGINE_get_id(src)) &&
ENGINE_set_name(dest, ENGINE_get_name(src)) &&
#ifndef OPENSSL_NO_RSA
ENGINE_set_RSA(dest, ENGINE_get_RSA(src)) &&
#endif
#ifndef OPENSSL_NO_DSA
ENGINE_set_DSA(dest, ENGINE_get_DSA(src)) &&
#endif
#ifndef OPENSSL_NO_DH
ENGINE_set_DH(dest, ENGINE_get_DH(src)) &&
#endif
ENGINE_set_RAND(dest, ENGINE_get_RAND(src)) &&
ENGINE_set_BN_mod_exp(dest,
ENGINE_get_BN_mod_exp(src)) &&
ENGINE_set_BN_mod_exp_crt(dest,
ENGINE_get_BN_mod_exp_crt(src)) &&
ENGINE_set_init_function(dest,
ENGINE_get_init_function(src)) &&
ENGINE_set_finish_function(dest,
ENGINE_get_finish_function(src)) &&
ENGINE_set_ctrl_function(dest,
ENGINE_get_ctrl_function(src)) &&
ENGINE_set_load_privkey_function(dest,
ENGINE_get_load_privkey_function(src)) &&
ENGINE_set_load_pubkey_function(dest,
ENGINE_get_load_pubkey_function(src)) &&
ENGINE_set_flags(dest, ENGINE_get_flags(src)) &&
ENGINE_set_cmd_defns(dest, ENGINE_get_cmd_defns(src)))
return 1;
return 0;
}
const char *ENGINE_get_id(const ENGINE *e)
{
return e->id;
}
const char *ENGINE_get_name(const ENGINE *e)
{
return e->name;
}
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e)
{
return e->rsa_meth;
}
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e)
{
return e->dsa_meth;
}
const DH_METHOD *ENGINE_get_DH(const ENGINE *e)
{
return e->dh_meth;
}
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e)
{
return e->rand_meth;
}
BN_MOD_EXP ENGINE_get_BN_mod_exp(const ENGINE *e)
{
return e->bn_mod_exp;
}
BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(const ENGINE *e)
{
return e->bn_mod_exp_crt;
}
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e)
{
return e->destroy;
}
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e)
{
return e->init;
}
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e)
{
return e->finish;
}
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e)
{
return e->ctrl;
}
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
{
return e->load_privkey;
}
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
{
return e->load_pubkey;
}
int ENGINE_get_flags(const ENGINE *e)
{
return e->flags;
}
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e)
{
return e->cmd_defns;
}

81
crypto/engine/eng_openssl.c
View file

@ -63,16 +63,9 @@
#include <openssl/engine.h>
#include <openssl/dso.h>
/* This is the only function we need to implement as OpenSSL
* doesn't have a native CRT mod_exp. Perhaps this should be
* BN_mod_exp_crt and moved into crypto/bn/ ?? ... dunno. */
static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
const BIGNUM *iqmp, BN_CTX *ctx);
/* The constants used when creating the ENGINE */
static const char *engine_openssl_id = "openssl";
static const char *engine_openssl_name = "Software default engine support";
static const char *engine_openssl_name = "Software engine support";
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
@ -84,82 +77,18 @@ ENGINE *ENGINE_openssl(void)
if(!ENGINE_set_id(ret, engine_openssl_id) ||
!ENGINE_set_name(ret, engine_openssl_name) ||
#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(ret, RSA_get_default_openssl_method()) ||
!ENGINE_set_RSA(ret, RSA_get_default_method()) ||
#endif
#ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(ret, DSA_get_default_openssl_method()) ||
!ENGINE_set_DSA(ret, DSA_get_default_method()) ||
#endif
#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(ret, DH_get_default_openssl_method()) ||
!ENGINE_set_DH(ret, DH_get_default_method()) ||
#endif
!ENGINE_set_RAND(ret, RAND_SSLeay()) ||
!ENGINE_set_BN_mod_exp(ret, BN_mod_exp) ||
!ENGINE_set_BN_mod_exp_crt(ret, openssl_mod_exp_crt))
!ENGINE_set_RAND(ret, RAND_SSLeay()))
{
ENGINE_free(ret);
return NULL;
}
return ret;
}
/* Chinese Remainder Theorem, taken and adapted from rsa_eay.c */
static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dmp1,
const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
{
BIGNUM r1,m1;
int ret=0;
BN_CTX *bn_ctx;
BIGNUM *temp_bn = NULL;
if (ctx)
bn_ctx = ctx;
else
if ((bn_ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&m1);
BN_init(&r1);
/* BN_mul() cannot accept const BIGNUMs so I use the BN_CTX
* to duplicate what I need. <sigh> */
BN_CTX_start(bn_ctx);
if ((temp_bn = BN_CTX_get(bn_ctx)) == NULL) goto err;
if (!BN_copy(temp_bn, iqmp)) goto err;
if (!BN_mod(&r1, a, q, bn_ctx)) goto err;
if (!BN_mod_exp(&m1, &r1, dmq1, q, bn_ctx))
goto err;
if (!BN_mod(&r1, a, p, bn_ctx)) goto err;
if (!BN_mod_exp(r, &r1, dmp1, p, bn_ctx))
goto err;
if (!BN_sub(r, r, &m1)) goto err;
/* This will help stop the size of r0 increasing, which does
* affect the multiply if it optimised for a power of 2 size */
if (r->neg)
if (!BN_add(r, r, p)) goto err;
if (!BN_mul(&r1, r, temp_bn, bn_ctx)) goto err;
if (!BN_mod(r, &r1, p, bn_ctx)) goto err;
/* If p < q it is occasionally possible for the correction of
* adding 'p' if r is negative above to leave the result still
* negative. This can break the private key operations: the following
* second correction should *always* correct this rare occurrence.
* This will *never* happen with OpenSSL generated keys because
* they ensure p > q [steve]
*/
if (r->neg)
if (!BN_add(r, r, p)) goto err;
/* Again, BN_mul() will need non-const values. */
if (!BN_copy(temp_bn, q)) goto err;
if (!BN_mul(&r1, r, temp_bn, bn_ctx)) goto err;
if (!BN_add(r, &r1, &m1)) goto err;
ret=1;
err:
BN_clear_free(&m1);
BN_clear_free(&r1);
BN_CTX_end(ctx);
if (!ctx)
BN_CTX_free(bn_ctx);
return(ret);
}

157
crypto/engine/eng_pkey.c Normal file
View file

@ -0,0 +1,157 @@
/* crypto/engine/eng_pkey.c */
/* ====================================================================
* Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/crypto.h>
#include "cryptlib.h"
#include "eng_int.h"
#include <openssl/engine.h>
/* Basic get/set stuff */
int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
{
e->load_privkey = loadpriv_f;
return 1;
}
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
{
e->load_pubkey = loadpub_f;
return 1;
}
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
{
return e->load_privkey;
}
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
{
return e->load_pubkey;
}
/* API functions to load public/private keys */
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
EVP_PKEY *pkey;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(e->funct_ref == 0)
{
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_privkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
pkey = e->load_privkey(e, key_id, ui_method, callback_data);
if (!pkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
return 0;
}
return pkey;
}
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
EVP_PKEY *pkey;
if(e == NULL)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(e->funct_ref == 0)
{
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ENGINE_R_NOT_INITIALISED);
return 0;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
if (!e->load_pubkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ENGINE_R_NO_LOAD_FUNCTION);
return 0;
}
pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
if (!pkey)
{
ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
return 0;
}
return pkey;
}

361
crypto/engine/eng_table.c Normal file
View file

@ -0,0 +1,361 @@
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/evp.h>
#include <openssl/engine.h>
#include "eng_int.h"
/* This is the type of item in the 'implementation' table. Each 'nid' hashes to
* a (potentially NULL) ENGINE_PILE structure which contains a stack of ENGINE*
* pointers. These pointers aren't references, because they're inserted and
* removed during ENGINE creation and ENGINE destruction. They point to ENGINEs
* that *exist* (ie. have a structural reference count greater than zero) rather
* than ENGINEs that are *functional*. Each pointer in those stacks are to
* ENGINEs that implements the algorithm corresponding to each 'nid'. */
/* The type of the items in the table */
typedef struct st_engine_pile
{
/* The 'nid' of the algorithm/mode this ENGINE_PILE structure represents
* */
int nid;
/* A stack of ENGINE pointers for ENGINEs that support this
* algorithm/mode. In the event that 'funct' is NULL, the first entry in
* this stack that initialises will be set as 'funct' and assumed as the
* default for operations of this type. */
STACK_OF(ENGINE) *sk;
/* The default ENGINE to perform this algorithm/mode. */
ENGINE *funct;
/* This value optimises engine_table_select(). If it is called it sets
* this value to 1. Any changes to this ENGINE_PILE resets it to zero.
* As such, no ENGINE_init() thrashing is done unless ENGINEs
* continually register (and/or unregister). */
int uptodate;
} ENGINE_PILE;
/* The type of the hash table of ENGINE_PILE structures such that each are
* unique and keyed by the 'nid' value. */
struct st_engine_table
{
LHASH piles;
}; /* ENGINE_TABLE */
/* This value stores global options controlling behaviour of (mostly) the
* engine_table_select() function. It's a bitmask of flag values of the form
* ENGINE_TABLE_FLAG_*** (as defined in engine.h) and is controlled by the
* ENGINE_[get|set]_table_flags() function. */
static unsigned int table_flags = 0;
/* API function manipulating 'table_flags' */
unsigned int ENGINE_get_table_flags(void)
{
return table_flags;
}
void ENGINE_set_table_flags(unsigned int flags)
{
table_flags = flags;
}
/* Internal functions for the "piles" hash table */
static unsigned long engine_pile_hash(const ENGINE_PILE *c)
{
return c->nid;
}
static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
{
return a->nid - b->nid;
}
static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *)
static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *)
static int int_table_check(ENGINE_TABLE **t, int create)
{
LHASH *lh;
if(*t)
return 1;
if(!create)
return 0;
if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash),
LHASH_COMP_FN(engine_pile_cmp))) == NULL)
return 0;
*t = (ENGINE_TABLE *)lh;
return 1;
}
/* Privately exposed (via eng_int.h) functions for adding and/or removing
* ENGINEs from the implementation table */
int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB cleanup,
ENGINE *e, const int *nids, int num_nids, int setdefault)
{
int ret = 0, added = 0;
ENGINE_PILE tmplate, *fnd;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(!(*table))
added = 1;
if(!int_table_check(table, 1))
goto end;
if(added)
/* The cleanup callback needs to be added */
engine_cleanup_add_first(cleanup);
while(num_nids--)
{
tmplate.nid = *nids;
fnd = lh_retrieve(&(*table)->piles, &tmplate);
if(!fnd)
{
fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
if(!fnd)
goto end;
fnd->uptodate = 1;
fnd->nid = *nids;
fnd->sk = sk_ENGINE_new_null();
if(!fnd->sk)
{
OPENSSL_free(fnd);
goto end;
}
fnd->funct= NULL;
lh_insert(&(*table)->piles, fnd);
}
/* A registration shouldn't add duplciate entries */
sk_ENGINE_delete_ptr(fnd->sk, e);
/* if 'setdefault', this ENGINE goes to the head of the list */
if(!sk_ENGINE_push(fnd->sk, e))
goto end;
/* "touch" this ENGINE_PILE */
fnd->uptodate = 0;
if(setdefault)
{
if(!engine_unlocked_init(e))
{
ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
ENGINE_R_INIT_FAILED);
goto end;
}
if(fnd->funct)
engine_unlocked_finish(fnd->funct, 0);
fnd->funct = e;
}
nids++;
}
ret = 1;
end:
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
return ret;
}
static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
{
int n;
/* Iterate the 'c->sk' stack removing any occurance of 'e' */
while((n = sk_ENGINE_find(pile->sk, e)) >= 0)
{
sk_ENGINE_delete(pile->sk, n);
/* "touch" this ENGINE_CIPHER */
pile->uptodate = 0;
}
if(pile->funct == e)
{
engine_unlocked_finish(e, 0);
pile->funct = NULL;
}
}
static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb,ENGINE_PILE *,ENGINE *)
void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(int_table_check(table, 0))
lh_doall_arg(&(*table)->piles,
LHASH_DOALL_ARG_FN(int_unregister_cb), e);
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
}
static void int_cleanup_cb(ENGINE_PILE *p)
{
sk_ENGINE_free(p->sk);
if(p->funct)
engine_unlocked_finish(p->funct, 0);
OPENSSL_free(p);
}
static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb,ENGINE_PILE *)
void engine_table_cleanup(ENGINE_TABLE **table)
{
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if(*table)
{
lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb));
lh_free(&(*table)->piles);
*table = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references) for a given cipher 'nid' */
#ifndef ENGINE_TABLE_DEBUG
ENGINE *engine_table_select(ENGINE_TABLE **table, int nid)
#else
ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
#endif
{
ENGINE *ret = NULL;
ENGINE_PILE tmplate, *fnd;
int initres, loop = 0;
/* If 'engine_ciphers' is NULL, then it's absolutely *sure* that no
* ENGINEs have registered any implementations! */
if(!(*table))
{
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
"registered for anything!\n", f, l, nid);
#endif
return NULL;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
/* Check again inside the lock otherwise we could race against cleanup
* operations. But don't worry about a fprintf(stderr). */
if(!int_table_check(table, 0))
goto end;
tmplate.nid = nid;
fnd = lh_retrieve(&(*table)->piles, &tmplate);
if(!fnd)
goto end;
if(fnd->funct && engine_unlocked_init(fnd->funct))
{
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
"ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
#endif
ret = fnd->funct;
goto end;
}
if(fnd->uptodate)
{
ret = fnd->funct;
goto end;
}
trynext:
ret = sk_ENGINE_value(fnd->sk, loop++);
if(!ret)
{
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
"registered implementations would initialise\n",
f, l, nid);
#endif
goto end;
}
#if 0
/* Don't need to get a reference if we hold the lock. If the locking has
* to change in future, that would be different ... */
ret->struct_ref++; engine_ref_debug(ret, 0, 1)
#endif
/* Try and initialise the ENGINE if it's already functional *or* if the
* ENGINE_TABLE_FLAG_NOINIT flag is not set. */
if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
initres = engine_unlocked_init(ret);
else
initres = 0;
#if 0
/* Release the structural reference */
ret->struct_ref--; engine_ref_debug(ret, 0, -1);
#endif
if(initres)
{
/* If we didn't have a default (functional reference) for this
* 'nid' (or we had one but for whatever reason we're now
* initialising a different one), use this opportunity to set
* 'funct'. */
if((fnd->funct != ret) && engine_unlocked_init(ret))
{
/* If there was a previous default we release it. */
if(fnd->funct)
engine_unlocked_finish(fnd->funct, 0);
/* We got an extra functional reference for the
* per-'nid' default */
fnd->funct = ret;
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
"setting default to '%s'\n", f, l, nid, ret->id);
#endif
}
#ifdef ENGINE_TABLE_DEBUG
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
"newly initialised '%s'\n", f, l, nid, ret->id);
#endif
goto end;
}
goto trynext;
end:
/* Whatever happened - we should "untouch" our uptodate file seeing as
* we have tried our best to find a functional reference for 'nid'. If
* it failed, it is unlikely to succeed again until some future
* registrations (or unregistrations) have taken place that affect that
* 'nid'. */
if(fnd)
fnd->uptodate = 1;
#ifdef ENGINE_TABLE_DEBUG
if(ret)
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
"ENGINE '%s'\n", f, l, nid, ret->id);
else
fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
"'no matching ENGINE'\n", f, l, nid);
#endif
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/* Whatever happened, any failed init()s are not failures in this
* context, so clear our error state. */
ERR_clear_error();
return ret;
}

107
crypto/engine/engine.h
View file

@ -102,6 +102,12 @@ typedef void DH_METHOD;
#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
#define ENGINE_METHOD_NONE (unsigned int)0x0000
/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
* internally to control registration of ENGINE implementations, and can be set
* by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
* initialise registered ENGINEs if they are not already initialised. */
#define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
/* ENGINE flags that can be set by ENGINE_set_flags(). */
/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ /* Not used */
@ -244,21 +250,6 @@ typedef struct ENGINE_CMD_DEFN_st
unsigned int cmd_flags; /* The input the command expects */
} ENGINE_CMD_DEFN;
/* As we're missing a BIGNUM_METHOD, we need a couple of locally
* defined function types that engines can implement. */
/* mod_exp operation, calculates; r = a ^ p mod m
* NB: ctx can be NULL, but if supplied, the implementation may use
* it if it wishes. */
typedef int (*BN_MOD_EXP)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
/* private key operation for RSA, provided seperately in case other
* RSA implementations wish to use it. */
typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
const BIGNUM *iqmp, BN_CTX *ctx);
/* Generic function pointer */
typedef int (*ENGINE_GEN_FUNC_PTR)();
/* Generic function pointer taking no arguments */
@ -291,8 +282,9 @@ int ENGINE_add(ENGINE *e);
int ENGINE_remove(ENGINE *e);
/* Retrieve an engine from the list by its unique "id" value. */
ENGINE *ENGINE_by_id(const char *id);
/* Add all the built-in engines. By default, only the OpenSSL software
engine is loaded */
/* Add all the built-in engines. */
void ENGINE_load_openssl(void);
void ENGINE_load_dynamic(void);
void ENGINE_load_cswift(void);
void ENGINE_load_chil(void);
void ENGINE_load_atalla(void);
@ -301,8 +293,41 @@ void ENGINE_load_ubsec(void);
void ENGINE_load_openbsd_dev_crypto(void);
void ENGINE_load_builtin_engines(void);
/* Load all the currently known ciphers from all engines */
void ENGINE_load_ciphers(void);
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
* "registry" handling. */
unsigned int ENGINE_get_table_flags(void);
void ENGINE_set_table_flags(unsigned int flags);
/* Manage registration of ENGINEs per "table". For each type, there are 3
* functions;
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
* Cleanup is automatically registered from each table when required, so
* ENGINE_cleanup() will reverse any "register" operations. */
int ENGINE_register_RSA(ENGINE *e);
void ENGINE_unregister_RSA(ENGINE *e);
void ENGINE_register_all_RSA(void);
int ENGINE_register_DSA(ENGINE *e);
void ENGINE_unregister_DSA(ENGINE *e);
void ENGINE_register_all_DSA(void);
int ENGINE_register_DH(ENGINE *e);
void ENGINE_unregister_DH(ENGINE *e);
void ENGINE_register_all_DH(void);
int ENGINE_register_RAND(ENGINE *e);
void ENGINE_unregister_RAND(ENGINE *e);
void ENGINE_register_all_RAND(void);
/* These functions register all support from the above categories. Note, use of
* these functions can result in static linkage of code your application may not
* need. If you only need a subset of functionality, consider using more
* selective initialisation. */
int ENGINE_register_complete(ENGINE *e);
int ENGINE_register_all_complete(void);
/* Send parametrised control commands to the engine. The possibilities to send
* down an integer, a pointer to data or a function pointer are provided. Any of
@ -362,8 +387,6 @@ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp);
int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt);
int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
@ -373,20 +396,16 @@ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
int ENGINE_set_flags(ENGINE *e, int flags);
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
int ENGINE_add_cipher(ENGINE *e,const EVP_CIPHER *c);
/* Copies across all ENGINE methods and pointers. NB: This does *not* change
* reference counts however. */
int ENGINE_cpy(ENGINE *dest, const ENGINE *src);
/* These functions (and the "get" function lower down) allow control over any
* per-structure ENGINE data. */
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
/* Cleans the internal engine list. This should only be used when the
* application is about to exit or restart operation (the next operation
* requiring the ENGINE list will re-initialise it with defaults). NB: Dynamic
* ENGINEs will only truly unload (including any allocated data or loaded
* shared-libraries) if all remaining references are released too - so keys,
* certificates, etc all need to be released for an in-use ENGINE to unload. */
/* This function cleans up anything that needs it. Eg. the ENGINE_add() function
* automatically ensures the list cleanup function is registered to be called
* from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure
* ENGINE_cleanup() will clean up after them. */
void ENGINE_cleanup(void);
/* These return values from within the ENGINE structure. These can be useful
@ -399,10 +418,6 @@ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
int ENGINE_cipher_num(const ENGINE *e);
const EVP_CIPHER *ENGINE_get_cipher(const ENGINE *e, int n);
BN_MOD_EXP ENGINE_get_BN_mod_exp(const ENGINE *e);
BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(const ENGINE *e);
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
@ -451,8 +466,6 @@ ENGINE *ENGINE_get_default_RSA(void);
ENGINE *ENGINE_get_default_DSA(void);
ENGINE *ENGINE_get_default_DH(void);
ENGINE *ENGINE_get_default_RAND(void);
ENGINE *ENGINE_get_default_BN_mod_exp(void);
ENGINE *ENGINE_get_default_BN_mod_exp_crt(void);
/* This sets a new default ENGINE structure for performing RSA
* operations. If the result is non-zero (success) then the ENGINE
@ -463,25 +476,16 @@ int ENGINE_set_default_RSA(ENGINE *e);
int ENGINE_set_default_DSA(ENGINE *e);
int ENGINE_set_default_DH(ENGINE *e);
int ENGINE_set_default_RAND(ENGINE *e);
int ENGINE_set_default_BN_mod_exp(ENGINE *e);
int ENGINE_set_default_BN_mod_exp_crt(ENGINE *e);
/* The combination "set" - the flags are bitwise "OR"d from the
* ENGINE_METHOD_*** defines above. */
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
* function, this function can result in unnecessary static linkage. If your
* application requires only specific functionality, consider using more
* selective functions. */
int ENGINE_set_default(ENGINE *e, unsigned int flags);
/* This function resets all the internal "default" ENGINEs (there's one for each
* of the various algorithms) to NULL, releasing any references as appropriate.
* This function is called as part of the ENGINE_cleanup() function, so there's
* no need to call both (although no harm is done). */
int ENGINE_clear_defaults(void);
/* Instruct an engine to load any EVP ciphers it knows of */
/* XXX make this work via defaults? */
void ENGINE_load_engine_ciphers(ENGINE *e);
/* Get a particular cipher from a particular engine - NULL if the engine
* doesn't have it */
const EVP_CIPHER *ENGINE_get_cipher_by_name(ENGINE *e,const char *name);
/* Deprecated functions ... */
/* int ENGINE_clear_defaults(void); */
/**************************/
/* DYNAMIC ENGINE SUPPORT */
@ -613,6 +617,7 @@ void ERR_load_ENGINE_strings(void);
#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
#define ENGINE_F_ENGINE_SET_ID 129
#define ENGINE_F_ENGINE_SET_NAME 130
#define ENGINE_F_ENGINE_TABLE_REGISTER 184
#define ENGINE_F_ENGINE_UNLOAD_KEY 152
#define ENGINE_F_INT_CTRL_HELPER 172
#define ENGINE_F_LOG_MESSAGE 141

7
crypto/engine/enginetest.c
View file

@ -161,12 +161,7 @@ int main(int argc, char *argv[])
}
else
printf("Remove that should fail did.\n");
if(!ENGINE_remove(new_h1))
{
printf("Remove failed!\n");
goto end;
}
display_engine_list();
ERR_clear_error();
if(!ENGINE_remove(new_h3))
{
printf("Remove failed!\n");

15
crypto/engine/hw_atalla.c
View file

@ -258,7 +258,6 @@ static int bind_helper(ENGINE *e)
#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &atalla_dh) ||
#endif
!ENGINE_set_BN_mod_exp(e, atalla_mod_exp) ||
!ENGINE_set_destroy_function(e, atalla_destroy) ||
!ENGINE_set_init_function(e, atalla_init) ||
!ENGINE_set_finish_function(e, atalla_finish) ||
@ -302,9 +301,7 @@ static int bind_helper(ENGINE *e)
return 1;
}
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_atalla(void)
static ENGINE *engine_atalla(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
@ -317,6 +314,16 @@ ENGINE *ENGINE_atalla(void)
return ret;
}
void ENGINE_load_atalla(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_atalla();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
/* This is a process-global DSO handle used for loading and unloading
* the Atalla library. NB: This is only set (or unset) during an
* init() or finish() call (reference counts permitting) and they're

16
crypto/engine/hw_cswift.c
View file

@ -276,8 +276,6 @@ static int bind_helper(ENGINE *e)
#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &cswift_dh) ||
#endif
!ENGINE_set_BN_mod_exp(e, &cswift_mod_exp) ||
!ENGINE_set_BN_mod_exp_crt(e, &cswift_mod_exp_crt) ||
!ENGINE_set_destroy_function(e, cswift_destroy) ||
!ENGINE_set_init_function(e, cswift_init) ||
!ENGINE_set_finish_function(e, cswift_finish) ||
@ -312,9 +310,7 @@ static int bind_helper(ENGINE *e)
return 1;
}
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_cswift(void)
static ENGINE *engine_cswift(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
@ -327,6 +323,16 @@ ENGINE *ENGINE_cswift(void)
return ret;
}
void ENGINE_load_cswift(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_cswift();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
/* This is a process-global DSO handle used for loading and unloading
* the CryptoSwift library. NB: This is only set (or unset) during an
* init() or finish() call (reference counts permitting) and they're

15
crypto/engine/hw_ncipher.c
View file

@ -417,7 +417,6 @@ static int bind_helper(ENGINE *e)
!ENGINE_set_DH(e, &hwcrhk_dh) ||
#endif
!ENGINE_set_RAND(e, &hwcrhk_rand) ||
!ENGINE_set_BN_mod_exp(e, hwcrhk_mod_exp) ||
!ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
!ENGINE_set_init_function(e, hwcrhk_init) ||
!ENGINE_set_finish_function(e, hwcrhk_finish) ||
@ -454,9 +453,7 @@ static int bind_helper(ENGINE *e)
return 1;
}
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_ncipher(void)
static ENGINE *engine_ncipher(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
@ -469,6 +466,16 @@ ENGINE *ENGINE_ncipher(void)
return ret;
}
void ENGINE_load_chil(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_ncipher();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
/* This is a process-global DSO handle used for loading and unloading
* the HWCryptoHook library. NB: This is only set (or unset) during an
* init() or finish() call (reference counts permitting) and they're

15
crypto/engine/hw_nuron.c
View file

@ -368,7 +368,6 @@ static int bind_helper(ENGINE *e)
#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &nuron_dh) ||
#endif
!ENGINE_set_BN_mod_exp(e, nuron_mod_exp) ||
!ENGINE_set_destroy_function(e, nuron_destroy) ||
!ENGINE_set_init_function(e, nuron_init) ||
!ENGINE_set_finish_function(e, nuron_finish) ||
@ -412,9 +411,7 @@ static int bind_helper(ENGINE *e)
return 1;
}
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_nuron(void)
static ENGINE *engine_nuron(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
@ -427,6 +424,16 @@ ENGINE *ENGINE_nuron(void)
return ret;
}
void ENGINE_load_nuron(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_nuron();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
/* This stuff is needed if this ENGINE is being compiled into a self-contained
* shared-library. */
#ifdef ENGINE_DYNAMIC_SUPPORT

16
crypto/engine/hw_ubsec.c
View file

@ -272,8 +272,6 @@ static int bind_helper(ENGINE *e)
#ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &ubsec_dh) ||
#endif
!ENGINE_set_BN_mod_exp(e, ubsec_mod_exp) ||
!ENGINE_set_BN_mod_exp_crt(e, ubsec_mod_exp_crt) ||
!ENGINE_set_destroy_function(e, ubsec_destroy) ||
!ENGINE_set_init_function(e, ubsec_init) ||
!ENGINE_set_finish_function(e, ubsec_finish) ||
@ -310,9 +308,7 @@ static int bind_helper(ENGINE *e)
return 1;
}
/* As this is only ever called once, there's no need for locking
* (indeed - the lock will already be held by our caller!!!) */
ENGINE *ENGINE_ubsec(void)
static ENGINE *engine_ubsec(void)
{
ENGINE *ret = ENGINE_new();
if(!ret)
@ -325,6 +321,16 @@ ENGINE *ENGINE_ubsec(void)
return ret;
}
void ENGINE_load_ubsec(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_ubsec();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
}
/* This is a process-global DSO handle used for loading and unloading
* the UBSEC library. NB: This is only set (or unset) during an
* init() or finish() call (reference counts permitting) and they're

120
crypto/engine/tb_dh.c Normal file
View file

@ -0,0 +1,120 @@
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/evp.h>
#include <openssl/engine.h>
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_DH(), the function that is
* used by DH to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_DH_DEBUG */
static ENGINE_TABLE *dh_table = NULL;
static const int dummy_nid = 1;
void ENGINE_unregister_DH(ENGINE *e)
{
engine_table_unregister(&dh_table, e);
}
static void engine_unregister_all_DH()
{
engine_table_cleanup(&dh_table);
}
int ENGINE_register_DH(ENGINE *e)
{
if(e->dh_meth)
return engine_table_register(&dh_table,
&engine_unregister_all_DH, e, &dummy_nid, 1, 0);
return 1;
}
void ENGINE_register_all_DH()
{
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
ENGINE_register_DH(e);
}
int ENGINE_set_default_DH(ENGINE *e)
{
if(e->dh_meth)
return engine_table_register(&dh_table,
&engine_unregister_all_DH, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *ENGINE_get_default_DH(void)
{
return engine_table_select(&dh_table, dummy_nid);
}
/* Obtains an DH implementation from an ENGINE functional reference */
const DH_METHOD *ENGINE_get_DH(const ENGINE *e)
{
return e->dh_meth;
}
/* Sets an DH implementation in an ENGINE structure */
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
{
e->dh_meth = dh_meth;
return 1;
}

120
crypto/engine/tb_dsa.c Normal file
View file

@ -0,0 +1,120 @@
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/evp.h>
#include <openssl/engine.h>
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is
* used by DSA to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_DSA_DEBUG */
static ENGINE_TABLE *dsa_table = NULL;
static const int dummy_nid = 1;
void ENGINE_unregister_DSA(ENGINE *e)
{
engine_table_unregister(&dsa_table, e);
}
static void engine_unregister_all_DSA()
{
engine_table_cleanup(&dsa_table);
}
int ENGINE_register_DSA(ENGINE *e)
{
if(e->dsa_meth)
return engine_table_register(&dsa_table,
&engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
return 1;
}
void ENGINE_register_all_DSA()
{
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
ENGINE_register_DSA(e);
}
int ENGINE_set_default_DSA(ENGINE *e)
{
if(e->dsa_meth)
return engine_table_register(&dsa_table,
&engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *ENGINE_get_default_DSA(void)
{
return engine_table_select(&dsa_table, dummy_nid);
}
/* Obtains an DSA implementation from an ENGINE functional reference */
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e)
{
return e->dsa_meth;
}
/* Sets an DSA implementation in an ENGINE structure */
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
{
e->dsa_meth = dsa_meth;
return 1;
}

120
crypto/engine/tb_rand.c Normal file
View file

@ -0,0 +1,120 @@
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/evp.h>
#include <openssl/engine.h>
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is
* used by RAND to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_RAND_DEBUG */
static ENGINE_TABLE *rand_table = NULL;
static const int dummy_nid = 1;
void ENGINE_unregister_RAND(ENGINE *e)
{
engine_table_unregister(&rand_table, e);
}
static void engine_unregister_all_RAND()
{
engine_table_cleanup(&rand_table);
}
int ENGINE_register_RAND(ENGINE *e)
{
if(e->rand_meth)
return engine_table_register(&rand_table,
&engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
return 1;
}
void ENGINE_register_all_RAND()
{
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
ENGINE_register_RAND(e);
}
int ENGINE_set_default_RAND(ENGINE *e)
{
if(e->rand_meth)
return engine_table_register(&rand_table,
&engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *ENGINE_get_default_RAND(void)
{
return engine_table_select(&rand_table, dummy_nid);
}
/* Obtains an RAND implementation from an ENGINE functional reference */
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e)
{
return e->rand_meth;
}
/* Sets an RAND implementation in an ENGINE structure */
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
{
e->rand_meth = rand_meth;
return 1;
}

120
crypto/engine/tb_rsa.c Normal file
View file

@ -0,0 +1,120 @@
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <openssl/evp.h>
#include <openssl/engine.h>
#include "eng_int.h"
/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is
* used by RSA to hook in implementation code and cache defaults (etc), will
* display brief debugging summaries to stderr with the 'nid'. */
/* #define ENGINE_RSA_DEBUG */
static ENGINE_TABLE *rsa_table = NULL;
static const int dummy_nid = 1;
void ENGINE_unregister_RSA(ENGINE *e)
{
engine_table_unregister(&rsa_table, e);
}
static void engine_unregister_all_RSA()
{
engine_table_cleanup(&rsa_table);
}
int ENGINE_register_RSA(ENGINE *e)
{
if(e->rsa_meth)
return engine_table_register(&rsa_table,
&engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
return 1;
}
void ENGINE_register_all_RSA()
{
ENGINE *e;
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
ENGINE_register_RSA(e);
}
int ENGINE_set_default_RSA(ENGINE *e)
{
if(e->rsa_meth)
return engine_table_register(&rsa_table,
&engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
return 1;
}
/* Exposed API function to get a functional reference from the implementation
* table (ie. try to get a functional reference from the tabled structural
* references). */
ENGINE *ENGINE_get_default_RSA(void)
{
return engine_table_select(&rsa_table, dummy_nid);
}
/* Obtains an RSA implementation from an ENGINE functional reference */
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e)
{
return e->rsa_meth;
}
/* Sets an RSA implementation in an ENGINE structure */
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
{
e->rsa_meth = rsa_meth;
return 1;
}