diff options
author | djm <> | 2010-10-01 22:54:21 +0000 |
---|---|---|
committer | djm <> | 2010-10-01 22:54:21 +0000 |
commit | 829fd51d4f8dde4a7f3bf54754f3c1d1a502f5e2 (patch) | |
tree | e03b9f1bd051e844b971936729e9df549a209130 /src/lib/libcrypto/engine | |
parent | e6b755d2a53d3cac7a344dfdd6bf7c951cac754c (diff) | |
download | openbsd-829fd51d4f8dde4a7f3bf54754f3c1d1a502f5e2.tar.gz openbsd-829fd51d4f8dde4a7f3bf54754f3c1d1a502f5e2.tar.bz2 openbsd-829fd51d4f8dde4a7f3bf54754f3c1d1a502f5e2.zip |
import OpenSSL-1.0.0a
Diffstat (limited to 'src/lib/libcrypto/engine')
-rw-r--r-- | src/lib/libcrypto/engine/eng_all.c | 19 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_cnf.c | 17 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_ctrl.c | 8 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_dyn.c | 14 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_err.c | 6 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_fat.c | 14 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_int.h | 12 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_lib.c | 3 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_list.c | 2 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_openssl.c | 2 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/eng_table.c | 72 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/engine.h | 55 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/tb_asnmth.c | 246 | ||||
-rw-r--r-- | src/lib/libcrypto/engine/tb_pkmeth.c | 167 |
14 files changed, 580 insertions, 57 deletions
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c index d29cd57dc2..22c120454f 100644 --- a/src/lib/libcrypto/engine/eng_all.c +++ b/src/lib/libcrypto/engine/eng_all.c | |||
@@ -61,15 +61,15 @@ | |||
61 | 61 | ||
62 | void ENGINE_load_builtin_engines(void) | 62 | void ENGINE_load_builtin_engines(void) |
63 | { | 63 | { |
64 | #if 0 | ||
64 | /* There's no longer any need for an "openssl" ENGINE unless, one day, | 65 | /* There's no longer any need for an "openssl" ENGINE unless, one day, |
65 | * it is the *only* way for standard builtin implementations to be be | 66 | * it is the *only* way for standard builtin implementations to be be |
66 | * accessed (ie. it would be possible to statically link binaries with | 67 | * accessed (ie. it would be possible to statically link binaries with |
67 | * *no* builtin implementations). */ | 68 | * *no* builtin implementations). */ |
68 | #if 0 | ||
69 | ENGINE_load_openssl(); | 69 | ENGINE_load_openssl(); |
70 | #endif | 70 | #endif |
71 | #if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK) | 71 | #if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)) |
72 | ENGINE_load_padlock(); | 72 | ENGINE_load_cryptodev(); |
73 | #endif | 73 | #endif |
74 | ENGINE_load_dynamic(); | 74 | ENGINE_load_dynamic(); |
75 | #ifndef OPENSSL_NO_STATIC_ENGINE | 75 | #ifndef OPENSSL_NO_STATIC_ENGINE |
@@ -98,14 +98,15 @@ void ENGINE_load_builtin_engines(void) | |||
98 | #ifndef OPENSSL_NO_HW_UBSEC | 98 | #ifndef OPENSSL_NO_HW_UBSEC |
99 | ENGINE_load_ubsec(); | 99 | ENGINE_load_ubsec(); |
100 | #endif | 100 | #endif |
101 | #ifndef OPENSSL_NO_HW_PADLOCK | ||
102 | ENGINE_load_padlock(); | ||
101 | #endif | 103 | #endif |
102 | #if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP) | ||
103 | ENGINE_load_gmp(); | ||
104 | #endif | 104 | #endif |
105 | #ifndef OPENSSL_NO_GOST | ||
106 | ENGINE_load_gost(); | ||
105 | #endif | 107 | #endif |
106 | #ifndef OPENSSL_NO_HW | 108 | #ifndef OPENSSL_NO_GMP |
107 | #if defined(__OpenBSD__) || defined(__FreeBSD__) | 109 | ENGINE_load_gmp(); |
108 | ENGINE_load_cryptodev(); | ||
109 | #endif | 110 | #endif |
110 | #if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | 111 | #if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) |
111 | ENGINE_load_capi(); | 112 | ENGINE_load_capi(); |
@@ -113,7 +114,7 @@ void ENGINE_load_builtin_engines(void) | |||
113 | #endif | 114 | #endif |
114 | } | 115 | } |
115 | 116 | ||
116 | #if defined(__OpenBSD__) || defined(__FreeBSD__) | 117 | #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) |
117 | void ENGINE_setup_bsd_cryptodev(void) { | 118 | void ENGINE_setup_bsd_cryptodev(void) { |
118 | static int bsd_cryptodev_default_loaded = 0; | 119 | static int bsd_cryptodev_default_loaded = 0; |
119 | if (!bsd_cryptodev_default_loaded) { | 120 | if (!bsd_cryptodev_default_loaded) { |
diff --git a/src/lib/libcrypto/engine/eng_cnf.c b/src/lib/libcrypto/engine/eng_cnf.c index 08066cea59..95c4070015 100644 --- a/src/lib/libcrypto/engine/eng_cnf.c +++ b/src/lib/libcrypto/engine/eng_cnf.c | |||
@@ -95,7 +95,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) | |||
95 | int ret = 0; | 95 | int ret = 0; |
96 | long do_init = -1; | 96 | long do_init = -1; |
97 | STACK_OF(CONF_VALUE) *ecmds; | 97 | STACK_OF(CONF_VALUE) *ecmds; |
98 | CONF_VALUE *ecmd; | 98 | CONF_VALUE *ecmd = NULL; |
99 | char *ctrlname, *ctrlvalue; | 99 | char *ctrlname, *ctrlvalue; |
100 | ENGINE *e = NULL; | 100 | ENGINE *e = NULL; |
101 | int soft = 0; | 101 | int soft = 0; |
@@ -157,7 +157,7 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) | |||
157 | return 1; | 157 | return 1; |
158 | } | 158 | } |
159 | if (!e) | 159 | if (!e) |
160 | return 0; | 160 | goto err; |
161 | } | 161 | } |
162 | /* Allow "EMPTY" to mean no value: this allows a valid | 162 | /* Allow "EMPTY" to mean no value: this allows a valid |
163 | * "value" to be passed to ctrls of type NO_INPUT | 163 | * "value" to be passed to ctrls of type NO_INPUT |
@@ -186,16 +186,27 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) | |||
186 | } | 186 | } |
187 | else if (!ENGINE_ctrl_cmd_string(e, | 187 | else if (!ENGINE_ctrl_cmd_string(e, |
188 | ctrlname, ctrlvalue, 0)) | 188 | ctrlname, ctrlvalue, 0)) |
189 | return 0; | 189 | goto err; |
190 | } | 190 | } |
191 | 191 | ||
192 | 192 | ||
193 | 193 | ||
194 | } | 194 | } |
195 | if (e && (do_init == -1) && !int_engine_init(e)) | 195 | if (e && (do_init == -1) && !int_engine_init(e)) |
196 | { | ||
197 | ecmd = NULL; | ||
196 | goto err; | 198 | goto err; |
199 | } | ||
197 | ret = 1; | 200 | ret = 1; |
198 | err: | 201 | err: |
202 | if (ret != 1) | ||
203 | { | ||
204 | ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_CONFIGURATION_ERROR); | ||
205 | if (ecmd) | ||
206 | ERR_add_error_data(6, "section=", ecmd->section, | ||
207 | ", name=", ecmd->name, | ||
208 | ", value=", ecmd->value); | ||
209 | } | ||
199 | if (e) | 210 | if (e) |
200 | ENGINE_free(e); | 211 | ENGINE_free(e); |
201 | return ret; | 212 | return ret; |
diff --git a/src/lib/libcrypto/engine/eng_ctrl.c b/src/lib/libcrypto/engine/eng_ctrl.c index 95b6b455aa..5ce25d92ec 100644 --- a/src/lib/libcrypto/engine/eng_ctrl.c +++ b/src/lib/libcrypto/engine/eng_ctrl.c | |||
@@ -280,7 +280,7 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, | |||
280 | } | 280 | } |
281 | /* Force the result of the control command to 0 or 1, for the reasons | 281 | /* Force the result of the control command to 0 or 1, for the reasons |
282 | * mentioned before. */ | 282 | * mentioned before. */ |
283 | if (ENGINE_ctrl(e, num, i, p, f)) | 283 | if (ENGINE_ctrl(e, num, i, p, f) > 0) |
284 | return 1; | 284 | return 1; |
285 | return 0; | 285 | return 0; |
286 | } | 286 | } |
@@ -345,7 +345,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, | |||
345 | * usage of these commands is consistent across applications and | 345 | * usage of these commands is consistent across applications and |
346 | * that certain applications don't understand it one way, and | 346 | * that certain applications don't understand it one way, and |
347 | * others another. */ | 347 | * others another. */ |
348 | if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL)) | 348 | if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) |
349 | return 1; | 349 | return 1; |
350 | return 0; | 350 | return 0; |
351 | } | 351 | } |
@@ -360,7 +360,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, | |||
360 | if(flags & ENGINE_CMD_FLAG_STRING) | 360 | if(flags & ENGINE_CMD_FLAG_STRING) |
361 | { | 361 | { |
362 | /* Same explanation as above */ | 362 | /* Same explanation as above */ |
363 | if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL)) | 363 | if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) |
364 | return 1; | 364 | return 1; |
365 | return 0; | 365 | return 0; |
366 | } | 366 | } |
@@ -383,7 +383,7 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, | |||
383 | } | 383 | } |
384 | /* Force the result of the control command to 0 or 1, for the reasons | 384 | /* Force the result of the control command to 0 or 1, for the reasons |
385 | * mentioned before. */ | 385 | * mentioned before. */ |
386 | if(ENGINE_ctrl(e, num, l, NULL, NULL)) | 386 | if(ENGINE_ctrl(e, num, l, NULL, NULL) > 0) |
387 | return 1; | 387 | return 1; |
388 | return 0; | 388 | return 0; |
389 | } | 389 | } |
diff --git a/src/lib/libcrypto/engine/eng_dyn.c b/src/lib/libcrypto/engine/eng_dyn.c index acb30c34d8..807da7a5eb 100644 --- a/src/lib/libcrypto/engine/eng_dyn.c +++ b/src/lib/libcrypto/engine/eng_dyn.c | |||
@@ -146,14 +146,14 @@ struct st_dynamic_data_ctx | |||
146 | * 'dirs' for loading. Default is to use 'dirs' as a fallback. */ | 146 | * 'dirs' for loading. Default is to use 'dirs' as a fallback. */ |
147 | int dir_load; | 147 | int dir_load; |
148 | /* A stack of directories from which ENGINEs could be loaded */ | 148 | /* A stack of directories from which ENGINEs could be loaded */ |
149 | STACK *dirs; | 149 | STACK_OF(OPENSSL_STRING) *dirs; |
150 | }; | 150 | }; |
151 | 151 | ||
152 | /* This is the "ex_data" index we obtain and reserve for use with our context | 152 | /* This is the "ex_data" index we obtain and reserve for use with our context |
153 | * structure. */ | 153 | * structure. */ |
154 | static int dynamic_ex_data_idx = -1; | 154 | static int dynamic_ex_data_idx = -1; |
155 | 155 | ||
156 | static void int_free_str(void *s) { OPENSSL_free(s); } | 156 | static void int_free_str(char *s) { OPENSSL_free(s); } |
157 | /* Because our ex_data element may or may not get allocated depending on whether | 157 | /* Because our ex_data element may or may not get allocated depending on whether |
158 | * a "first-use" occurs before the ENGINE is freed, we have a memory leak | 158 | * a "first-use" occurs before the ENGINE is freed, we have a memory leak |
159 | * problem to solve. We can't declare a "new" handler for the ex_data as we | 159 | * problem to solve. We can't declare a "new" handler for the ex_data as we |
@@ -174,7 +174,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, | |||
174 | if(ctx->engine_id) | 174 | if(ctx->engine_id) |
175 | OPENSSL_free((void*)ctx->engine_id); | 175 | OPENSSL_free((void*)ctx->engine_id); |
176 | if(ctx->dirs) | 176 | if(ctx->dirs) |
177 | sk_pop_free(ctx->dirs, int_free_str); | 177 | sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str); |
178 | OPENSSL_free(ctx); | 178 | OPENSSL_free(ctx); |
179 | } | 179 | } |
180 | } | 180 | } |
@@ -203,7 +203,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) | |||
203 | c->DYNAMIC_F1 = "v_check"; | 203 | c->DYNAMIC_F1 = "v_check"; |
204 | c->DYNAMIC_F2 = "bind_engine"; | 204 | c->DYNAMIC_F2 = "bind_engine"; |
205 | c->dir_load = 1; | 205 | c->dir_load = 1; |
206 | c->dirs = sk_new_null(); | 206 | c->dirs = sk_OPENSSL_STRING_new_null(); |
207 | if(!c->dirs) | 207 | if(!c->dirs) |
208 | { | 208 | { |
209 | ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); | 209 | ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); |
@@ -393,7 +393,7 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) | |||
393 | ERR_R_MALLOC_FAILURE); | 393 | ERR_R_MALLOC_FAILURE); |
394 | return 0; | 394 | return 0; |
395 | } | 395 | } |
396 | sk_insert(ctx->dirs, tmp_str, -1); | 396 | sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1); |
397 | } | 397 | } |
398 | return 1; | 398 | return 1; |
399 | default: | 399 | default: |
@@ -411,11 +411,11 @@ static int int_load(dynamic_data_ctx *ctx) | |||
411 | ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) | 411 | ctx->DYNAMIC_LIBNAME, NULL, 0)) != NULL) |
412 | return 1; | 412 | return 1; |
413 | /* If we're not allowed to use 'dirs' or we have none, fail */ | 413 | /* If we're not allowed to use 'dirs' or we have none, fail */ |
414 | if(!ctx->dir_load || ((num = sk_num(ctx->dirs)) < 1)) | 414 | if(!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1) |
415 | return 0; | 415 | return 0; |
416 | for(loop = 0; loop < num; loop++) | 416 | for(loop = 0; loop < num; loop++) |
417 | { | 417 | { |
418 | const char *s = sk_value(ctx->dirs, loop); | 418 | const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop); |
419 | char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); | 419 | char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s); |
420 | if(!merge) | 420 | if(!merge) |
421 | return 0; | 421 | return 0; |
diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c index 574ffbb5c0..81c70acfa8 100644 --- a/src/lib/libcrypto/engine/eng_err.c +++ b/src/lib/libcrypto/engine/eng_err.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* crypto/engine/eng_err.c */ | 1 | /* crypto/engine/eng_err.c */ |
2 | /* ==================================================================== | 2 | /* ==================================================================== |
3 | * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. |
4 | * | 4 | * |
5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
@@ -86,6 +86,8 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
86 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, | 86 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"}, |
87 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, | 87 | {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"}, |
88 | {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, | 88 | {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"}, |
89 | {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH), "ENGINE_get_pkey_asn1_meth"}, | ||
90 | {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"}, | ||
89 | {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, | 91 | {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"}, |
90 | {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, | 92 | {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"}, |
91 | {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, | 93 | {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"}, |
@@ -124,6 +126,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= | |||
124 | {ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"}, | 126 | {ERR_REASON(ENGINE_R_DSO_FAILURE) ,"DSO failure"}, |
125 | {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"}, | 127 | {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) ,"dso not found"}, |
126 | {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"}, | 128 | {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR),"engines section error"}, |
129 | {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),"engine configuration error"}, | ||
127 | {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"}, | 130 | {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST),"engine is not in the list"}, |
128 | {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"}, | 131 | {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR),"engine section error"}, |
129 | {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"}, | 132 | {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),"failed loading private key"}, |
@@ -150,6 +153,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= | |||
150 | {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"}, | 153 | {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED),"rsa not implemented"}, |
151 | {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"}, | 154 | {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER),"unimplemented cipher"}, |
152 | {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"}, | 155 | {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST),"unimplemented digest"}, |
156 | {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),"unimplemented public key method"}, | ||
153 | {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"}, | 157 | {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY),"version incompatibility"}, |
154 | {0,NULL} | 158 | {0,NULL} |
155 | }; | 159 | }; |
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c index 27c1662f62..db66e62350 100644 --- a/src/lib/libcrypto/engine/eng_fat.c +++ b/src/lib/libcrypto/engine/eng_fat.c | |||
@@ -89,6 +89,12 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) | |||
89 | #endif | 89 | #endif |
90 | if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) | 90 | if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) |
91 | return 0; | 91 | return 0; |
92 | if((flags & ENGINE_METHOD_PKEY_METHS) | ||
93 | && !ENGINE_set_default_pkey_meths(e)) | ||
94 | return 0; | ||
95 | if((flags & ENGINE_METHOD_PKEY_ASN1_METHS) | ||
96 | && !ENGINE_set_default_pkey_asn1_meths(e)) | ||
97 | return 0; | ||
92 | return 1; | 98 | return 1; |
93 | } | 99 | } |
94 | 100 | ||
@@ -115,6 +121,13 @@ static int int_def_cb(const char *alg, int len, void *arg) | |||
115 | *pflags |= ENGINE_METHOD_CIPHERS; | 121 | *pflags |= ENGINE_METHOD_CIPHERS; |
116 | else if (!strncmp(alg, "DIGESTS", len)) | 122 | else if (!strncmp(alg, "DIGESTS", len)) |
117 | *pflags |= ENGINE_METHOD_DIGESTS; | 123 | *pflags |= ENGINE_METHOD_DIGESTS; |
124 | else if (!strncmp(alg, "PKEY", len)) | ||
125 | *pflags |= | ||
126 | ENGINE_METHOD_PKEY_METHS|ENGINE_METHOD_PKEY_ASN1_METHS; | ||
127 | else if (!strncmp(alg, "PKEY_CRYPTO", len)) | ||
128 | *pflags |= ENGINE_METHOD_PKEY_METHS; | ||
129 | else if (!strncmp(alg, "PKEY_ASN1", len)) | ||
130 | *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS; | ||
118 | else | 131 | else |
119 | return 0; | 132 | return 0; |
120 | return 1; | 133 | return 1; |
@@ -154,6 +167,7 @@ int ENGINE_register_complete(ENGINE *e) | |||
154 | ENGINE_register_ECDSA(e); | 167 | ENGINE_register_ECDSA(e); |
155 | #endif | 168 | #endif |
156 | ENGINE_register_RAND(e); | 169 | ENGINE_register_RAND(e); |
170 | ENGINE_register_pkey_meths(e); | ||
157 | return 1; | 171 | return 1; |
158 | } | 172 | } |
159 | 173 | ||
diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h index a66f107a44..451ef8feb8 100644 --- a/src/lib/libcrypto/engine/eng_int.h +++ b/src/lib/libcrypto/engine/eng_int.h | |||
@@ -127,6 +127,8 @@ ENGINE *engine_table_select(ENGINE_TABLE **table, int nid); | |||
127 | ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l); | 127 | ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l); |
128 | #define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__) | 128 | #define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__) |
129 | #endif | 129 | #endif |
130 | typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg); | ||
131 | void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg); | ||
130 | 132 | ||
131 | /* Internal versions of API functions that have control over locking. These are | 133 | /* Internal versions of API functions that have control over locking. These are |
132 | * used between C files when functionality needs to be shared but the caller may | 134 | * used between C files when functionality needs to be shared but the caller may |
@@ -143,6 +145,11 @@ void engine_set_all_null(ENGINE *e); | |||
143 | /* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed | 145 | /* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed |
144 | * in engine.h. */ | 146 | * in engine.h. */ |
145 | 147 | ||
148 | /* Free up dynamically allocated public key methods associated with ENGINE */ | ||
149 | |||
150 | void engine_pkey_meths_free(ENGINE *e); | ||
151 | void engine_pkey_asn1_meths_free(ENGINE *e); | ||
152 | |||
146 | /* This is a structure for storing implementations of various crypto | 153 | /* This is a structure for storing implementations of various crypto |
147 | * algorithms and functions. */ | 154 | * algorithms and functions. */ |
148 | struct engine_st | 155 | struct engine_st |
@@ -160,7 +167,10 @@ struct engine_st | |||
160 | ENGINE_CIPHERS_PTR ciphers; | 167 | ENGINE_CIPHERS_PTR ciphers; |
161 | /* Digest handling is via this callback */ | 168 | /* Digest handling is via this callback */ |
162 | ENGINE_DIGESTS_PTR digests; | 169 | ENGINE_DIGESTS_PTR digests; |
163 | 170 | /* Public key handling via this callback */ | |
171 | ENGINE_PKEY_METHS_PTR pkey_meths; | ||
172 | /* ASN1 public key handling via this callback */ | ||
173 | ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths; | ||
164 | 174 | ||
165 | ENGINE_GEN_INT_FUNC_PTR destroy; | 175 | ENGINE_GEN_INT_FUNC_PTR destroy; |
166 | 176 | ||
diff --git a/src/lib/libcrypto/engine/eng_lib.c b/src/lib/libcrypto/engine/eng_lib.c index 5815b867f4..18a6664645 100644 --- a/src/lib/libcrypto/engine/eng_lib.c +++ b/src/lib/libcrypto/engine/eng_lib.c | |||
@@ -125,6 +125,9 @@ int engine_free_util(ENGINE *e, int locked) | |||
125 | abort(); | 125 | abort(); |
126 | } | 126 | } |
127 | #endif | 127 | #endif |
128 | /* Free up any dynamically allocated public key methods */ | ||
129 | engine_pkey_meths_free(e); | ||
130 | engine_pkey_asn1_meths_free(e); | ||
128 | /* Give the ENGINE a chance to do any structural cleanup corresponding | 131 | /* Give the ENGINE a chance to do any structural cleanup corresponding |
129 | * to allocation it did in its constructor (eg. unload error strings) */ | 132 | * to allocation it did in its constructor (eg. unload error strings) */ |
130 | if(e->destroy) | 133 | if(e->destroy) |
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c index bd511944ba..27846edb1e 100644 --- a/src/lib/libcrypto/engine/eng_list.c +++ b/src/lib/libcrypto/engine/eng_list.c | |||
@@ -336,6 +336,7 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) | |||
336 | dest->store_meth = src->store_meth; | 336 | dest->store_meth = src->store_meth; |
337 | dest->ciphers = src->ciphers; | 337 | dest->ciphers = src->ciphers; |
338 | dest->digests = src->digests; | 338 | dest->digests = src->digests; |
339 | dest->pkey_meths = src->pkey_meths; | ||
339 | dest->destroy = src->destroy; | 340 | dest->destroy = src->destroy; |
340 | dest->init = src->init; | 341 | dest->init = src->init; |
341 | dest->finish = src->finish; | 342 | dest->finish = src->finish; |
@@ -412,6 +413,7 @@ ENGINE *ENGINE_by_id(const char *id) | |||
412 | return iterator; | 413 | return iterator; |
413 | } | 414 | } |
414 | notfound: | 415 | notfound: |
416 | ENGINE_free(iterator); | ||
415 | ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE); | 417 | ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE); |
416 | ERR_add_error_data(2, "id=", id); | 418 | ERR_add_error_data(2, "id=", id); |
417 | return NULL; | 419 | return NULL; |
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c index 7c139ae2ef..9abb95cc22 100644 --- a/src/lib/libcrypto/engine/eng_openssl.c +++ b/src/lib/libcrypto/engine/eng_openssl.c | |||
@@ -238,7 +238,7 @@ static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
238 | return 1; | 238 | return 1; |
239 | } | 239 | } |
240 | static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | 240 | static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
241 | const unsigned char *in, unsigned int inl) | 241 | const unsigned char *in, size_t inl) |
242 | { | 242 | { |
243 | #ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER | 243 | #ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER |
244 | fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n"); | 244 | fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n"); |
diff --git a/src/lib/libcrypto/engine/eng_table.c b/src/lib/libcrypto/engine/eng_table.c index 8879a267d1..4fde948185 100644 --- a/src/lib/libcrypto/engine/eng_table.c +++ b/src/lib/libcrypto/engine/eng_table.c | |||
@@ -70,12 +70,22 @@ typedef struct st_engine_pile | |||
70 | int uptodate; | 70 | int uptodate; |
71 | } ENGINE_PILE; | 71 | } ENGINE_PILE; |
72 | 72 | ||
73 | DECLARE_LHASH_OF(ENGINE_PILE); | ||
74 | |||
73 | /* The type exposed in eng_int.h */ | 75 | /* The type exposed in eng_int.h */ |
74 | struct st_engine_table | 76 | struct st_engine_table |
75 | { | 77 | { |
76 | LHASH piles; | 78 | LHASH_OF(ENGINE_PILE) piles; |
77 | }; /* ENGINE_TABLE */ | 79 | }; /* ENGINE_TABLE */ |
78 | 80 | ||
81 | |||
82 | typedef struct st_engine_pile_doall | ||
83 | { | ||
84 | engine_table_doall_cb *cb; | ||
85 | void *arg; | ||
86 | } ENGINE_PILE_DOALL; | ||
87 | |||
88 | |||
79 | /* Global flags (ENGINE_TABLE_FLAG_***). */ | 89 | /* Global flags (ENGINE_TABLE_FLAG_***). */ |
80 | static unsigned int table_flags = 0; | 90 | static unsigned int table_flags = 0; |
81 | 91 | ||
@@ -84,6 +94,7 @@ unsigned int ENGINE_get_table_flags(void) | |||
84 | { | 94 | { |
85 | return table_flags; | 95 | return table_flags; |
86 | } | 96 | } |
97 | |||
87 | void ENGINE_set_table_flags(unsigned int flags) | 98 | void ENGINE_set_table_flags(unsigned int flags) |
88 | { | 99 | { |
89 | table_flags = flags; | 100 | table_flags = flags; |
@@ -94,19 +105,21 @@ static unsigned long engine_pile_hash(const ENGINE_PILE *c) | |||
94 | { | 105 | { |
95 | return c->nid; | 106 | return c->nid; |
96 | } | 107 | } |
108 | |||
97 | static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b) | 109 | static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b) |
98 | { | 110 | { |
99 | return a->nid - b->nid; | 111 | return a->nid - b->nid; |
100 | } | 112 | } |
101 | static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *) | 113 | static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE) |
102 | static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *) | 114 | static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE) |
115 | |||
103 | static int int_table_check(ENGINE_TABLE **t, int create) | 116 | static int int_table_check(ENGINE_TABLE **t, int create) |
104 | { | 117 | { |
105 | LHASH *lh; | 118 | LHASH_OF(ENGINE_PILE) *lh; |
119 | |||
106 | if(*t) return 1; | 120 | if(*t) return 1; |
107 | if(!create) return 0; | 121 | if(!create) return 0; |
108 | if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash), | 122 | if((lh = lh_ENGINE_PILE_new()) == NULL) |
109 | LHASH_COMP_FN(engine_pile_cmp))) == NULL) | ||
110 | return 0; | 123 | return 0; |
111 | *t = (ENGINE_TABLE *)lh; | 124 | *t = (ENGINE_TABLE *)lh; |
112 | return 1; | 125 | return 1; |
@@ -130,7 +143,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, | |||
130 | while(num_nids--) | 143 | while(num_nids--) |
131 | { | 144 | { |
132 | tmplate.nid = *nids; | 145 | tmplate.nid = *nids; |
133 | fnd = lh_retrieve(&(*table)->piles, &tmplate); | 146 | fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); |
134 | if(!fnd) | 147 | if(!fnd) |
135 | { | 148 | { |
136 | fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); | 149 | fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); |
@@ -144,7 +157,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, | |||
144 | goto end; | 157 | goto end; |
145 | } | 158 | } |
146 | fnd->funct = NULL; | 159 | fnd->funct = NULL; |
147 | lh_insert(&(*table)->piles, fnd); | 160 | (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); |
148 | } | 161 | } |
149 | /* A registration shouldn't add duplciate entries */ | 162 | /* A registration shouldn't add duplciate entries */ |
150 | (void)sk_ENGINE_delete_ptr(fnd->sk, e); | 163 | (void)sk_ENGINE_delete_ptr(fnd->sk, e); |
@@ -173,7 +186,7 @@ end: | |||
173 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | 186 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
174 | return ret; | 187 | return ret; |
175 | } | 188 | } |
176 | static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e) | 189 | static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) |
177 | { | 190 | { |
178 | int n; | 191 | int n; |
179 | /* Iterate the 'c->sk' stack removing any occurance of 'e' */ | 192 | /* Iterate the 'c->sk' stack removing any occurance of 'e' */ |
@@ -188,31 +201,35 @@ static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e) | |||
188 | pile->funct = NULL; | 201 | pile->funct = NULL; |
189 | } | 202 | } |
190 | } | 203 | } |
191 | static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb,ENGINE_PILE *,ENGINE *) | 204 | static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE) |
205 | |||
192 | void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e) | 206 | void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e) |
193 | { | 207 | { |
194 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 208 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
195 | if(int_table_check(table, 0)) | 209 | if(int_table_check(table, 0)) |
196 | lh_doall_arg(&(*table)->piles, | 210 | lh_ENGINE_PILE_doall_arg(&(*table)->piles, |
197 | LHASH_DOALL_ARG_FN(int_unregister_cb), e); | 211 | LHASH_DOALL_ARG_FN(int_unregister_cb), |
212 | ENGINE, e); | ||
198 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | 213 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
199 | } | 214 | } |
200 | 215 | ||
201 | static void int_cleanup_cb(ENGINE_PILE *p) | 216 | static void int_cleanup_cb_doall(ENGINE_PILE *p) |
202 | { | 217 | { |
203 | sk_ENGINE_free(p->sk); | 218 | sk_ENGINE_free(p->sk); |
204 | if(p->funct) | 219 | if(p->funct) |
205 | engine_unlocked_finish(p->funct, 0); | 220 | engine_unlocked_finish(p->funct, 0); |
206 | OPENSSL_free(p); | 221 | OPENSSL_free(p); |
207 | } | 222 | } |
208 | static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb,ENGINE_PILE *) | 223 | static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE) |
224 | |||
209 | void engine_table_cleanup(ENGINE_TABLE **table) | 225 | void engine_table_cleanup(ENGINE_TABLE **table) |
210 | { | 226 | { |
211 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 227 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
212 | if(*table) | 228 | if(*table) |
213 | { | 229 | { |
214 | lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb)); | 230 | lh_ENGINE_PILE_doall(&(*table)->piles, |
215 | lh_free(&(*table)->piles); | 231 | LHASH_DOALL_FN(int_cleanup_cb)); |
232 | lh_ENGINE_PILE_free(&(*table)->piles); | ||
216 | *table = NULL; | 233 | *table = NULL; |
217 | } | 234 | } |
218 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | 235 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
@@ -237,12 +254,13 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in | |||
237 | #endif | 254 | #endif |
238 | return NULL; | 255 | return NULL; |
239 | } | 256 | } |
257 | ERR_set_mark(); | ||
240 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | 258 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); |
241 | /* Check again inside the lock otherwise we could race against cleanup | 259 | /* Check again inside the lock otherwise we could race against cleanup |
242 | * operations. But don't worry about a fprintf(stderr). */ | 260 | * operations. But don't worry about a fprintf(stderr). */ |
243 | if(!int_table_check(table, 0)) goto end; | 261 | if(!int_table_check(table, 0)) goto end; |
244 | tmplate.nid = nid; | 262 | tmplate.nid = nid; |
245 | fnd = lh_retrieve(&(*table)->piles, &tmplate); | 263 | fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); |
246 | if(!fnd) goto end; | 264 | if(!fnd) goto end; |
247 | if(fnd->funct && engine_unlocked_init(fnd->funct)) | 265 | if(fnd->funct && engine_unlocked_init(fnd->funct)) |
248 | { | 266 | { |
@@ -310,6 +328,24 @@ end: | |||
310 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | 328 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); |
311 | /* Whatever happened, any failed init()s are not failures in this | 329 | /* Whatever happened, any failed init()s are not failures in this |
312 | * context, so clear our error state. */ | 330 | * context, so clear our error state. */ |
313 | ERR_clear_error(); | 331 | ERR_pop_to_mark(); |
314 | return ret; | 332 | return ret; |
315 | } | 333 | } |
334 | |||
335 | /* Table enumeration */ | ||
336 | |||
337 | static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall) | ||
338 | { | ||
339 | dall->cb(pile->nid, pile->sk, pile->funct, dall->arg); | ||
340 | } | ||
341 | static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE,ENGINE_PILE_DOALL) | ||
342 | |||
343 | void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, | ||
344 | void *arg) | ||
345 | { | ||
346 | ENGINE_PILE_DOALL dall; | ||
347 | dall.cb = cb; | ||
348 | dall.arg = arg; | ||
349 | lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb), | ||
350 | ENGINE_PILE_DOALL, &dall); | ||
351 | } | ||
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h index f503595ece..7fbd95f634 100644 --- a/src/lib/libcrypto/engine/engine.h +++ b/src/lib/libcrypto/engine/engine.h | |||
@@ -88,16 +88,15 @@ | |||
88 | #include <openssl/ecdsa.h> | 88 | #include <openssl/ecdsa.h> |
89 | #endif | 89 | #endif |
90 | #include <openssl/rand.h> | 90 | #include <openssl/rand.h> |
91 | #include <openssl/store.h> | ||
92 | #include <openssl/ui.h> | 91 | #include <openssl/ui.h> |
93 | #include <openssl/err.h> | 92 | #include <openssl/err.h> |
94 | #endif | 93 | #endif |
95 | 94 | ||
96 | #include <openssl/x509.h> | ||
97 | |||
98 | #include <openssl/ossl_typ.h> | 95 | #include <openssl/ossl_typ.h> |
99 | #include <openssl/symhacks.h> | 96 | #include <openssl/symhacks.h> |
100 | 97 | ||
98 | #include <openssl/x509.h> | ||
99 | |||
101 | #ifdef __cplusplus | 100 | #ifdef __cplusplus |
102 | extern "C" { | 101 | extern "C" { |
103 | #endif | 102 | #endif |
@@ -113,6 +112,8 @@ extern "C" { | |||
113 | #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 | 112 | #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 |
114 | #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 | 113 | #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 |
115 | #define ENGINE_METHOD_STORE (unsigned int)0x0100 | 114 | #define ENGINE_METHOD_STORE (unsigned int)0x0100 |
115 | #define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 | ||
116 | #define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 | ||
116 | /* Obvious all-or-nothing cases. */ | 117 | /* Obvious all-or-nothing cases. */ |
117 | #define ENGINE_METHOD_ALL (unsigned int)0xFFFF | 118 | #define ENGINE_METHOD_ALL (unsigned int)0xFFFF |
118 | #define ENGINE_METHOD_NONE (unsigned int)0x0000 | 119 | #define ENGINE_METHOD_NONE (unsigned int)0x0000 |
@@ -297,7 +298,8 @@ typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl, | |||
297 | * parameter is non-NULL it is set to the size of the returned array. */ | 298 | * parameter is non-NULL it is set to the size of the returned array. */ |
298 | typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int); | 299 | typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int); |
299 | typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int); | 300 | typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int); |
300 | 301 | typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int); | |
302 | typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int); | ||
301 | /* STRUCTURE functions ... all of these functions deal with pointers to ENGINE | 303 | /* STRUCTURE functions ... all of these functions deal with pointers to ENGINE |
302 | * structures where the pointers have a "structural reference". This means that | 304 | * structures where the pointers have a "structural reference". This means that |
303 | * their reference is to allowed access to the structure but it does not imply | 305 | * their reference is to allowed access to the structure but it does not imply |
@@ -329,19 +331,20 @@ void ENGINE_load_aep(void); | |||
329 | void ENGINE_load_atalla(void); | 331 | void ENGINE_load_atalla(void); |
330 | void ENGINE_load_chil(void); | 332 | void ENGINE_load_chil(void); |
331 | void ENGINE_load_cswift(void); | 333 | void ENGINE_load_cswift(void); |
332 | #ifndef OPENSSL_NO_GMP | ||
333 | void ENGINE_load_gmp(void); | ||
334 | #endif | ||
335 | void ENGINE_load_nuron(void); | 334 | void ENGINE_load_nuron(void); |
336 | void ENGINE_load_sureware(void); | 335 | void ENGINE_load_sureware(void); |
337 | void ENGINE_load_ubsec(void); | 336 | void ENGINE_load_ubsec(void); |
338 | #endif | ||
339 | void ENGINE_load_cryptodev(void); | ||
340 | void ENGINE_load_padlock(void); | 337 | void ENGINE_load_padlock(void); |
341 | void ENGINE_load_builtin_engines(void); | ||
342 | #ifndef OPENSSL_NO_CAPIENG | ||
343 | void ENGINE_load_capi(void); | 338 | void ENGINE_load_capi(void); |
339 | #ifndef OPENSSL_NO_GMP | ||
340 | void ENGINE_load_gmp(void); | ||
341 | #endif | ||
342 | #ifndef OPENSSL_NO_GOST | ||
343 | void ENGINE_load_gost(void); | ||
344 | #endif | ||
344 | #endif | 345 | #endif |
346 | void ENGINE_load_cryptodev(void); | ||
347 | void ENGINE_load_builtin_engines(void); | ||
345 | 348 | ||
346 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation | 349 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation |
347 | * "registry" handling. */ | 350 | * "registry" handling. */ |
@@ -392,6 +395,14 @@ int ENGINE_register_digests(ENGINE *e); | |||
392 | void ENGINE_unregister_digests(ENGINE *e); | 395 | void ENGINE_unregister_digests(ENGINE *e); |
393 | void ENGINE_register_all_digests(void); | 396 | void ENGINE_register_all_digests(void); |
394 | 397 | ||
398 | int ENGINE_register_pkey_meths(ENGINE *e); | ||
399 | void ENGINE_unregister_pkey_meths(ENGINE *e); | ||
400 | void ENGINE_register_all_pkey_meths(void); | ||
401 | |||
402 | int ENGINE_register_pkey_asn1_meths(ENGINE *e); | ||
403 | void ENGINE_unregister_pkey_asn1_meths(ENGINE *e); | ||
404 | void ENGINE_register_all_pkey_asn1_meths(void); | ||
405 | |||
395 | /* These functions register all support from the above categories. Note, use of | 406 | /* These functions register all support from the above categories. Note, use of |
396 | * these functions can result in static linkage of code your application may not | 407 | * these functions can result in static linkage of code your application may not |
397 | * need. If you only need a subset of functionality, consider using more | 408 | * need. If you only need a subset of functionality, consider using more |
@@ -471,6 +482,8 @@ int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, | |||
471 | ENGINE_SSL_CLIENT_CERT_PTR loadssl_f); | 482 | ENGINE_SSL_CLIENT_CERT_PTR loadssl_f); |
472 | int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); | 483 | int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); |
473 | int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); | 484 | int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); |
485 | int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); | ||
486 | int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); | ||
474 | int ENGINE_set_flags(ENGINE *e, int flags); | 487 | int ENGINE_set_flags(ENGINE *e, int flags); |
475 | int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); | 488 | int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); |
476 | /* These functions allow control over any per-structure ENGINE data. */ | 489 | /* These functions allow control over any per-structure ENGINE data. */ |
@@ -507,8 +520,16 @@ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); | |||
507 | ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e); | 520 | ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e); |
508 | ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); | 521 | ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); |
509 | ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); | 522 | ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); |
523 | ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); | ||
524 | ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); | ||
510 | const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); | 525 | const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); |
511 | const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); | 526 | const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); |
527 | const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); | ||
528 | const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); | ||
529 | const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, | ||
530 | const char *str, int len); | ||
531 | const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, | ||
532 | const char *str, int len); | ||
512 | const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); | 533 | const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); |
513 | int ENGINE_get_flags(const ENGINE *e); | 534 | int ENGINE_get_flags(const ENGINE *e); |
514 | 535 | ||
@@ -560,6 +581,8 @@ ENGINE *ENGINE_get_default_RAND(void); | |||
560 | * ciphering or digesting corresponding to "nid". */ | 581 | * ciphering or digesting corresponding to "nid". */ |
561 | ENGINE *ENGINE_get_cipher_engine(int nid); | 582 | ENGINE *ENGINE_get_cipher_engine(int nid); |
562 | ENGINE *ENGINE_get_digest_engine(int nid); | 583 | ENGINE *ENGINE_get_digest_engine(int nid); |
584 | ENGINE *ENGINE_get_pkey_meth_engine(int nid); | ||
585 | ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); | ||
563 | 586 | ||
564 | /* This sets a new default ENGINE structure for performing RSA | 587 | /* This sets a new default ENGINE structure for performing RSA |
565 | * operations. If the result is non-zero (success) then the ENGINE | 588 | * operations. If the result is non-zero (success) then the ENGINE |
@@ -575,6 +598,8 @@ int ENGINE_set_default_DH(ENGINE *e); | |||
575 | int ENGINE_set_default_RAND(ENGINE *e); | 598 | int ENGINE_set_default_RAND(ENGINE *e); |
576 | int ENGINE_set_default_ciphers(ENGINE *e); | 599 | int ENGINE_set_default_ciphers(ENGINE *e); |
577 | int ENGINE_set_default_digests(ENGINE *e); | 600 | int ENGINE_set_default_digests(ENGINE *e); |
601 | int ENGINE_set_default_pkey_meths(ENGINE *e); | ||
602 | int ENGINE_set_default_pkey_asn1_meths(ENGINE *e); | ||
578 | 603 | ||
579 | /* The combination "set" - the flags are bitwise "OR"d from the | 604 | /* The combination "set" - the flags are bitwise "OR"d from the |
580 | * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" | 605 | * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" |
@@ -703,7 +728,7 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, | |||
703 | * values. */ | 728 | * values. */ |
704 | void *ENGINE_get_static_state(void); | 729 | void *ENGINE_get_static_state(void); |
705 | 730 | ||
706 | #if defined(__OpenBSD__) || defined(__FreeBSD__) | 731 | #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) |
707 | void ENGINE_setup_bsd_cryptodev(void); | 732 | void ENGINE_setup_bsd_cryptodev(void); |
708 | #endif | 733 | #endif |
709 | 734 | ||
@@ -732,13 +757,15 @@ void ERR_load_ENGINE_strings(void); | |||
732 | #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 | 757 | #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 |
733 | #define ENGINE_F_ENGINE_GET_DIGEST 186 | 758 | #define ENGINE_F_ENGINE_GET_DIGEST 186 |
734 | #define ENGINE_F_ENGINE_GET_NEXT 115 | 759 | #define ENGINE_F_ENGINE_GET_NEXT 115 |
760 | #define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 | ||
761 | #define ENGINE_F_ENGINE_GET_PKEY_METH 192 | ||
735 | #define ENGINE_F_ENGINE_GET_PREV 116 | 762 | #define ENGINE_F_ENGINE_GET_PREV 116 |
736 | #define ENGINE_F_ENGINE_INIT 119 | 763 | #define ENGINE_F_ENGINE_INIT 119 |
737 | #define ENGINE_F_ENGINE_LIST_ADD 120 | 764 | #define ENGINE_F_ENGINE_LIST_ADD 120 |
738 | #define ENGINE_F_ENGINE_LIST_REMOVE 121 | 765 | #define ENGINE_F_ENGINE_LIST_REMOVE 121 |
739 | #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 | 766 | #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 |
740 | #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 | 767 | #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 |
741 | #define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 192 | 768 | #define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 |
742 | #define ENGINE_F_ENGINE_NEW 122 | 769 | #define ENGINE_F_ENGINE_NEW 122 |
743 | #define ENGINE_F_ENGINE_REMOVE 123 | 770 | #define ENGINE_F_ENGINE_REMOVE 123 |
744 | #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 | 771 | #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 |
@@ -767,6 +794,7 @@ void ERR_load_ENGINE_strings(void); | |||
767 | #define ENGINE_R_DSO_FAILURE 104 | 794 | #define ENGINE_R_DSO_FAILURE 104 |
768 | #define ENGINE_R_DSO_NOT_FOUND 132 | 795 | #define ENGINE_R_DSO_NOT_FOUND 132 |
769 | #define ENGINE_R_ENGINES_SECTION_ERROR 148 | 796 | #define ENGINE_R_ENGINES_SECTION_ERROR 148 |
797 | #define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 | ||
770 | #define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 | 798 | #define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 |
771 | #define ENGINE_R_ENGINE_SECTION_ERROR 149 | 799 | #define ENGINE_R_ENGINE_SECTION_ERROR 149 |
772 | #define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 | 800 | #define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 |
@@ -793,6 +821,7 @@ void ERR_load_ENGINE_strings(void); | |||
793 | #define ENGINE_R_RSA_NOT_IMPLEMENTED 141 | 821 | #define ENGINE_R_RSA_NOT_IMPLEMENTED 141 |
794 | #define ENGINE_R_UNIMPLEMENTED_CIPHER 146 | 822 | #define ENGINE_R_UNIMPLEMENTED_CIPHER 146 |
795 | #define ENGINE_R_UNIMPLEMENTED_DIGEST 147 | 823 | #define ENGINE_R_UNIMPLEMENTED_DIGEST 147 |
824 | #define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 | ||
796 | #define ENGINE_R_VERSION_INCOMPATIBILITY 145 | 825 | #define ENGINE_R_VERSION_INCOMPATIBILITY 145 |
797 | 826 | ||
798 | #ifdef __cplusplus | 827 | #ifdef __cplusplus |
diff --git a/src/lib/libcrypto/engine/tb_asnmth.c b/src/lib/libcrypto/engine/tb_asnmth.c new file mode 100644 index 0000000000..75090339f7 --- /dev/null +++ b/src/lib/libcrypto/engine/tb_asnmth.c | |||
@@ -0,0 +1,246 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2006 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * licensing@OpenSSL.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * ==================================================================== | ||
48 | * | ||
49 | * This product includes cryptographic software written by Eric Young | ||
50 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
51 | * Hudson (tjh@cryptsoft.com). | ||
52 | * | ||
53 | */ | ||
54 | |||
55 | #include "eng_int.h" | ||
56 | #include "asn1_locl.h" | ||
57 | #include <openssl/evp.h> | ||
58 | |||
59 | /* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the | ||
60 | * function that is used by EVP to hook in pkey_asn1_meth code and cache | ||
61 | * defaults (etc), will display brief debugging summaries to stderr with the | ||
62 | * 'nid'. */ | ||
63 | /* #define ENGINE_PKEY_ASN1_METH_DEBUG */ | ||
64 | |||
65 | static ENGINE_TABLE *pkey_asn1_meth_table = NULL; | ||
66 | |||
67 | void ENGINE_unregister_pkey_asn1_meths(ENGINE *e) | ||
68 | { | ||
69 | engine_table_unregister(&pkey_asn1_meth_table, e); | ||
70 | } | ||
71 | |||
72 | static void engine_unregister_all_pkey_asn1_meths(void) | ||
73 | { | ||
74 | engine_table_cleanup(&pkey_asn1_meth_table); | ||
75 | } | ||
76 | |||
77 | int ENGINE_register_pkey_asn1_meths(ENGINE *e) | ||
78 | { | ||
79 | if(e->pkey_asn1_meths) | ||
80 | { | ||
81 | const int *nids; | ||
82 | int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0); | ||
83 | if(num_nids > 0) | ||
84 | return engine_table_register(&pkey_asn1_meth_table, | ||
85 | engine_unregister_all_pkey_asn1_meths, e, nids, | ||
86 | num_nids, 0); | ||
87 | } | ||
88 | return 1; | ||
89 | } | ||
90 | |||
91 | void ENGINE_register_all_pkey_asn1_meths(void) | ||
92 | { | ||
93 | ENGINE *e; | ||
94 | |||
95 | for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e)) | ||
96 | ENGINE_register_pkey_asn1_meths(e); | ||
97 | } | ||
98 | |||
99 | int ENGINE_set_default_pkey_asn1_meths(ENGINE *e) | ||
100 | { | ||
101 | if(e->pkey_asn1_meths) | ||
102 | { | ||
103 | const int *nids; | ||
104 | int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0); | ||
105 | if(num_nids > 0) | ||
106 | return engine_table_register(&pkey_asn1_meth_table, | ||
107 | engine_unregister_all_pkey_asn1_meths, e, nids, | ||
108 | num_nids, 1); | ||
109 | } | ||
110 | return 1; | ||
111 | } | ||
112 | |||
113 | /* Exposed API function to get a functional reference from the implementation | ||
114 | * table (ie. try to get a functional reference from the tabled structural | ||
115 | * references) for a given pkey_asn1_meth 'nid' */ | ||
116 | ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid) | ||
117 | { | ||
118 | return engine_table_select(&pkey_asn1_meth_table, nid); | ||
119 | } | ||
120 | |||
121 | /* Obtains a pkey_asn1_meth implementation from an ENGINE functional reference */ | ||
122 | const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid) | ||
123 | { | ||
124 | EVP_PKEY_ASN1_METHOD *ret; | ||
125 | ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e); | ||
126 | if(!fn || !fn(e, &ret, NULL, nid)) | ||
127 | { | ||
128 | ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH, | ||
129 | ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD); | ||
130 | return NULL; | ||
131 | } | ||
132 | return ret; | ||
133 | } | ||
134 | |||
135 | /* Gets the pkey_asn1_meth callback from an ENGINE structure */ | ||
136 | ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e) | ||
137 | { | ||
138 | return e->pkey_asn1_meths; | ||
139 | } | ||
140 | |||
141 | /* Sets the pkey_asn1_meth callback in an ENGINE structure */ | ||
142 | int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f) | ||
143 | { | ||
144 | e->pkey_asn1_meths = f; | ||
145 | return 1; | ||
146 | } | ||
147 | |||
148 | /* Internal function to free up EVP_PKEY_ASN1_METHOD structures before an | ||
149 | * ENGINE is destroyed | ||
150 | */ | ||
151 | |||
152 | void engine_pkey_asn1_meths_free(ENGINE *e) | ||
153 | { | ||
154 | int i; | ||
155 | EVP_PKEY_ASN1_METHOD *pkm; | ||
156 | if (e->pkey_asn1_meths) | ||
157 | { | ||
158 | const int *pknids; | ||
159 | int npknids; | ||
160 | npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0); | ||
161 | for (i = 0; i < npknids; i++) | ||
162 | { | ||
163 | if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) | ||
164 | { | ||
165 | EVP_PKEY_asn1_free(pkm); | ||
166 | } | ||
167 | } | ||
168 | } | ||
169 | } | ||
170 | |||
171 | /* Find a method based on a string. This does a linear search through | ||
172 | * all implemented algorithms. This is OK in practice because only | ||
173 | * a small number of algorithms are likely to be implemented in an engine | ||
174 | * and it is not used for speed critical operations. | ||
175 | */ | ||
176 | |||
177 | const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, | ||
178 | const char *str, int len) | ||
179 | { | ||
180 | int i, nidcount; | ||
181 | const int *nids; | ||
182 | EVP_PKEY_ASN1_METHOD *ameth; | ||
183 | if (!e->pkey_asn1_meths) | ||
184 | return NULL; | ||
185 | if (len == -1) | ||
186 | len = strlen(str); | ||
187 | nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0); | ||
188 | for (i = 0; i < nidcount; i++) | ||
189 | { | ||
190 | e->pkey_asn1_meths(e, &ameth, NULL, nids[i]); | ||
191 | if (((int)strlen(ameth->pem_str) == len) && | ||
192 | !strncasecmp(ameth->pem_str, str, len)) | ||
193 | return ameth; | ||
194 | } | ||
195 | return NULL; | ||
196 | } | ||
197 | |||
198 | typedef struct | ||
199 | { | ||
200 | ENGINE *e; | ||
201 | const EVP_PKEY_ASN1_METHOD *ameth; | ||
202 | const char *str; | ||
203 | int len; | ||
204 | } ENGINE_FIND_STR; | ||
205 | |||
206 | static void look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg) | ||
207 | { | ||
208 | ENGINE_FIND_STR *lk = arg; | ||
209 | int i; | ||
210 | if (lk->ameth) | ||
211 | return; | ||
212 | for (i = 0; i < sk_ENGINE_num(sk); i++) | ||
213 | { | ||
214 | ENGINE *e = sk_ENGINE_value(sk, i); | ||
215 | EVP_PKEY_ASN1_METHOD *ameth; | ||
216 | e->pkey_asn1_meths(e, &ameth, NULL, nid); | ||
217 | if (((int)strlen(ameth->pem_str) == lk->len) && | ||
218 | !strncasecmp(ameth->pem_str, lk->str, lk->len)) | ||
219 | { | ||
220 | lk->e = e; | ||
221 | lk->ameth = ameth; | ||
222 | return; | ||
223 | } | ||
224 | } | ||
225 | } | ||
226 | |||
227 | const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, | ||
228 | const char *str, int len) | ||
229 | { | ||
230 | ENGINE_FIND_STR fstr; | ||
231 | fstr.e = NULL; | ||
232 | fstr.ameth = NULL; | ||
233 | fstr.str = str; | ||
234 | fstr.len = len; | ||
235 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | ||
236 | engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr); | ||
237 | /* If found obtain a structural reference to engine */ | ||
238 | if (fstr.e) | ||
239 | { | ||
240 | fstr.e->struct_ref++; | ||
241 | engine_ref_debug(fstr.e, 0, 1) | ||
242 | } | ||
243 | *pe = fstr.e; | ||
244 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | ||
245 | return fstr.ameth; | ||
246 | } | ||
diff --git a/src/lib/libcrypto/engine/tb_pkmeth.c b/src/lib/libcrypto/engine/tb_pkmeth.c new file mode 100644 index 0000000000..1cdb967f25 --- /dev/null +++ b/src/lib/libcrypto/engine/tb_pkmeth.c | |||
@@ -0,0 +1,167 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2006 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * licensing@OpenSSL.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * ==================================================================== | ||
48 | * | ||
49 | * This product includes cryptographic software written by Eric Young | ||
50 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
51 | * Hudson (tjh@cryptsoft.com). | ||
52 | * | ||
53 | */ | ||
54 | |||
55 | #include "eng_int.h" | ||
56 | #include <openssl/evp.h> | ||
57 | |||
58 | /* If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function | ||
59 | * that is used by EVP to hook in pkey_meth code and cache defaults (etc), will | ||
60 | * display brief debugging summaries to stderr with the 'nid'. */ | ||
61 | /* #define ENGINE_PKEY_METH_DEBUG */ | ||
62 | |||
63 | static ENGINE_TABLE *pkey_meth_table = NULL; | ||
64 | |||
65 | void ENGINE_unregister_pkey_meths(ENGINE *e) | ||
66 | { | ||
67 | engine_table_unregister(&pkey_meth_table, e); | ||
68 | } | ||
69 | |||
70 | static void engine_unregister_all_pkey_meths(void) | ||
71 | { | ||
72 | engine_table_cleanup(&pkey_meth_table); | ||
73 | } | ||
74 | |||
75 | int ENGINE_register_pkey_meths(ENGINE *e) | ||
76 | { | ||
77 | if(e->pkey_meths) | ||
78 | { | ||
79 | const int *nids; | ||
80 | int num_nids = e->pkey_meths(e, NULL, &nids, 0); | ||
81 | if(num_nids > 0) | ||
82 | return engine_table_register(&pkey_meth_table, | ||
83 | engine_unregister_all_pkey_meths, e, nids, | ||
84 | num_nids, 0); | ||
85 | } | ||
86 | return 1; | ||
87 | } | ||
88 | |||
89 | void ENGINE_register_all_pkey_meths() | ||
90 | { | ||
91 | ENGINE *e; | ||
92 | |||
93 | for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e)) | ||
94 | ENGINE_register_pkey_meths(e); | ||
95 | } | ||
96 | |||
97 | int ENGINE_set_default_pkey_meths(ENGINE *e) | ||
98 | { | ||
99 | if(e->pkey_meths) | ||
100 | { | ||
101 | const int *nids; | ||
102 | int num_nids = e->pkey_meths(e, NULL, &nids, 0); | ||
103 | if(num_nids > 0) | ||
104 | return engine_table_register(&pkey_meth_table, | ||
105 | engine_unregister_all_pkey_meths, e, nids, | ||
106 | num_nids, 1); | ||
107 | } | ||
108 | return 1; | ||
109 | } | ||
110 | |||
111 | /* Exposed API function to get a functional reference from the implementation | ||
112 | * table (ie. try to get a functional reference from the tabled structural | ||
113 | * references) for a given pkey_meth 'nid' */ | ||
114 | ENGINE *ENGINE_get_pkey_meth_engine(int nid) | ||
115 | { | ||
116 | return engine_table_select(&pkey_meth_table, nid); | ||
117 | } | ||
118 | |||
119 | /* Obtains a pkey_meth implementation from an ENGINE functional reference */ | ||
120 | const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid) | ||
121 | { | ||
122 | EVP_PKEY_METHOD *ret; | ||
123 | ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e); | ||
124 | if(!fn || !fn(e, &ret, NULL, nid)) | ||
125 | { | ||
126 | ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_METH, | ||
127 | ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD); | ||
128 | return NULL; | ||
129 | } | ||
130 | return ret; | ||
131 | } | ||
132 | |||
133 | /* Gets the pkey_meth callback from an ENGINE structure */ | ||
134 | ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e) | ||
135 | { | ||
136 | return e->pkey_meths; | ||
137 | } | ||
138 | |||
139 | /* Sets the pkey_meth callback in an ENGINE structure */ | ||
140 | int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f) | ||
141 | { | ||
142 | e->pkey_meths = f; | ||
143 | return 1; | ||
144 | } | ||
145 | |||
146 | /* Internal function to free up EVP_PKEY_METHOD structures before an | ||
147 | * ENGINE is destroyed | ||
148 | */ | ||
149 | |||
150 | void engine_pkey_meths_free(ENGINE *e) | ||
151 | { | ||
152 | int i; | ||
153 | EVP_PKEY_METHOD *pkm; | ||
154 | if (e->pkey_meths) | ||
155 | { | ||
156 | const int *pknids; | ||
157 | int npknids; | ||
158 | npknids = e->pkey_meths(e, NULL, &pknids, 0); | ||
159 | for (i = 0; i < npknids; i++) | ||
160 | { | ||
161 | if (e->pkey_meths(e, &pkm, NULL, pknids[i])) | ||
162 | { | ||
163 | EVP_PKEY_meth_free(pkm); | ||
164 | } | ||
165 | } | ||
166 | } | ||
167 | } | ||