summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/engine
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/engine')
-rw-r--r--src/lib/libcrypto/engine/README211
-rw-r--r--src/lib/libcrypto/engine/eng_all.c113
-rw-r--r--src/lib/libcrypto/engine/eng_cnf.c242
-rw-r--r--src/lib/libcrypto/engine/eng_ctrl.c391
-rw-r--r--src/lib/libcrypto/engine/eng_dyn.c460
-rw-r--r--src/lib/libcrypto/engine/eng_err.c166
-rw-r--r--src/lib/libcrypto/engine/eng_fat.c147
-rw-r--r--src/lib/libcrypto/engine/eng_init.c157
-rw-r--r--src/lib/libcrypto/engine/eng_int.h185
-rw-r--r--src/lib/libcrypto/engine/eng_lib.c321
-rw-r--r--src/lib/libcrypto/engine/eng_list.c394
-rw-r--r--src/lib/libcrypto/engine/eng_openssl.c361
-rw-r--r--src/lib/libcrypto/engine/eng_pkey.c157
-rw-r--r--src/lib/libcrypto/engine/eng_table.c361
-rw-r--r--src/lib/libcrypto/engine/engine.h729
-rw-r--r--src/lib/libcrypto/engine/tb_cipher.c145
-rw-r--r--src/lib/libcrypto/engine/tb_dh.c120
-rw-r--r--src/lib/libcrypto/engine/tb_digest.c145
-rw-r--r--src/lib/libcrypto/engine/tb_dsa.c120
-rw-r--r--src/lib/libcrypto/engine/tb_rand.c120
-rw-r--r--src/lib/libcrypto/engine/tb_rsa.c120
21 files changed, 0 insertions, 5165 deletions
diff --git a/src/lib/libcrypto/engine/README b/src/lib/libcrypto/engine/README
deleted file mode 100644
index 6b69b70f57..0000000000
--- a/src/lib/libcrypto/engine/README
+++ /dev/null
@@ -1,211 +0,0 @@
1Notes: 2001-09-24
2-----------------
3
4This "description" (if one chooses to call it that) needed some major updating
5so here goes. This update addresses a change being made at the same time to
6OpenSSL, and it pretty much completely restructures the underlying mechanics of
7the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
8for masochists" document *and* a rather extensive commit log message. (I'd get
9lynched for sticking all this in CHANGES or the commit mails :-).
10
11ENGINE_TABLE underlies this restructuring, as described in the internal header
12"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
13tb_rsa.c, tb_dsa.c, etc.
14
15However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
16I'll mention a bit about that first. EVP_CIPHER (and most of this applies
17equally to EVP_MD for digests) is both a "method" and a algorithm/mode
18identifier that, in the current API, "lingers". These cipher description +
19implementation structures can be defined or obtained directly by applications,
20or can be loaded "en masse" into EVP storage so that they can be catalogued and
21searched in various ways, ie. two ways of encrypting with the "des_cbc"
22algorithm/mode pair are;
23
24(i) directly;
25 const EVP_CIPHER *cipher = EVP_des_cbc();
26 EVP_EncryptInit(&ctx, cipher, key, iv);
27 [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
28
29(ii) indirectly;
30 OpenSSL_add_all_ciphers();
31 cipher = EVP_get_cipherbyname("des_cbc");
32 EVP_EncryptInit(&ctx, cipher, key, iv);
33 [ ... etc ... ]
34
35The latter is more generally used because it also allows ciphers/digests to be
36looked up based on other identifiers which can be useful for automatic cipher
37selection, eg. in SSL/TLS, or by user-controllable configuration.
38
39The important point about this is that EVP_CIPHER definitions and structures are
40passed around with impunity and there is no safe way, without requiring massive
41rewrites of many applications, to assume that EVP_CIPHERs can be reference
42counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
43comes from can "safely" be destroyed. Unless of course the way of getting to
44such ciphers is via entirely distinct API calls that didn't exist before.
45However existing API usage cannot be made to understand when an EVP_CIPHER
46pointer, that has been passed to the caller, is no longer being used.
47
48The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
49into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
50ciphers simultaneously registers cipher *types* and cipher *implementations* -
51they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
52hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
53solution is necessarily that ENGINE-provided ciphers simply are not registered,
54stored, or exposed to the caller in the same manner as existing ciphers. This is
55especially necessary considering the fact ENGINE uses reference counts to allow
56for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
57callers in the current API, support no such controls.
58
59Another sticking point for integrating cipher support into ENGINE is linkage.
60Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
61they are available *because* they're part of a giant ENGINE called "openssl".
62Ie. all implementations *have* to come from an ENGINE, but we get round that by
63having a giant ENGINE with all the software support encapsulated. This creates
64linker hassles if nothing else - linking a 1-line application that calls 2 basic
65RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
66ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
67continue with this approach for EVP_CIPHER support (even if it *was* possible)
68we would lose our ability to link selectively by selectively loading certain
69implementations of certain functionality. Touching any part of any kind of
70crypto would result in massive static linkage of everything else. So the
71solution is to change the way ENGINE feeds existing "classes", ie. how the
72hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
73for EVP_CIPHER, and EVP_MD.
74
75The way this is now being done is by mostly reverting back to how things used to
76work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
77was previously replaced by an "ENGINE" pointer and all RSA code that required
78the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
79temporarily get and use the ENGINE's RSA implementation. Apart from being more
80efficient, switching back to each RSA having an RSA_METHOD pointer also allows
81us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
82for a fallback ENGINE that encapsulates default implementations - we can simply
83have our RSA structure pointing its RSA_METHOD pointer to the software
84implementation and have its ENGINE pointer set to NULL.
85
86A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
87turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
88and the existing EVP API functions that return "software" implementations and
89descriptions remain untouched. However, the storage takes more meaning in terms
90of "cipher description" and less meaning in terms of "implementation". When an
91EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
92begin en/decryption, the hooking to ENGINE comes into play. What happens is that
93cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
94reference) for any ENGINE that is registered to perform the algo/mode that the
95provided EVP_CIPHER structure represents. Under normal circumstances, that
96ENGINE code will return NULL because no ENGINEs will have had any cipher
97implementations *registered*. As such, a NULL ENGINE pointer is stored in the
98EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
99context and so is used as the implementation. Pretty much how things work now
100except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
101
102Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
103combination represented by the provided EVP_CIPHER, then a functional reference
104to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
105That functional reference will be stored in the context (and released on
106cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
107definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
108application will actually be replaced by an EVP_CIPHER from the registered
109ENGINE - it will support the same algorithm/mode as the original but will be a
110completely different implementation. Because this EVP_CIPHER isn't stored in the
111EVP storage, nor is it returned to applications from traditional API functions,
112there is no associated problem with it not having reference counts. And of
113course, when one of these "private" cipher implementations is hooked into
114EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
115reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
116safe.
117
118The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
119in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
120EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
121use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
122ENGINE_TABLE essentially provide linker-separation of the classes so that even
123if ENGINEs implement *all* possible algorithms, an application using only
124EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
125ENGINE code that is independant of class, and of course the ENGINE
126implementation that the application loaded. It will *not* however link any
127class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
128other APIs, such as the RSA/DSA/etc library code.
129
130ENGINE_TABLE is a little more complicated than may seem necessary but this is
131mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
132DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
133to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
134example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
135These nids provide the uniquenness of an algorithm/mode - and each nid will hash
136to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
137pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
138caching tricks such that requests on that 'nid' will be cached and all future
139requests will return immediately (well, at least with minimal operation) unless
140a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
141that an application could have support for 10 ENGINEs statically linked
142in, and the machine in question may not have any of the hardware those 10
143ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
144want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
145each of those 10 ENGINEs. Instead, the first such request will try to do that
146and will either return (and cache) a NULL ENGINE pointer or will return a
147functional reference to the first that successfully initialised. In the latter
148case it will also cache an extra functional reference to the ENGINE as a
149"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
150that is unset only if un/registration takes place on that pile. Ie. if
151implementations of "des_cbc" are added or removed. This behaviour can be
152tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
153ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
154try to initialise from the "pile" will be those that are already initialised
155(ie. it's simply an increment of the functional reference count, and no real
156"initialisation" will take place).
157
158RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
159difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
160actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
161not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
162necessarily interoperable and don't have different flavours, only different
163implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
164or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
165represents ENGINEs that implement the single "type" of RSA there is.
166
167Cleanup - the registration and unregistration may pose questions about how
168cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
169application or EVP_CIPHER code releases its last reference to an ENGINE, the
170ENGINE_PILE code may still have references and thus those ENGINEs will stay
171hooked in forever). The way this is handled is via "unregistration". With these
172new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
173is an algorithm-agnostic process. Even if initialised, it will not have
174registered any of its implementations (to do so would link all class "table"
175code despite the fact the application may use only ciphers, for example). This
176is deliberately a distinct step. Moreover, registration and unregistration has
177nothing to do with whether an ENGINE is *functional* or not (ie. you can even
178register an ENGINE and its implementations without it being operational, you may
179not even have the drivers to make it operate). What actually happens with
180respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
181functions. These functions are internal-only and each part of ENGINE code that
182could require cleanup will, upon performing its first allocation, register a
183callback with the "engine_cleanup" code. The other part of this that makes it
184tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
185initialised state. So if RSA code asks for an ENGINE and no ENGINE has
186registered an implementation, the code will simply return NULL and the tb_rsa.c
187state will be unchanged. Thus, no cleanup is required unless registration takes
188place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
189callbacks calling each in turn, and will then internally delete its own storage
190(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
191part of a gracefull restart and the application wants to cleanup all state then
192start again), the internal STACK storage will be freshly allocated. This is much
193the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
194initialised state, so only modification operations (not queries) will cause that
195code to have to register a cleanup.
196
197What else? The bignum callbacks and associated ENGINE functions have been
198removed for two obvious reasons; (i) there was no way to generalise them to the
199mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
200method, and (ii) because of (i), there was no meaningful way for library or
201application code to automatically hook and use ENGINE supplied bignum functions
202anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
203exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
204one and now certainly doesn't make sense in any generalised way. Some of the
205RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
206changes have now, as a consequence, been reverted back. This is because the
207hooking of ENGINE is now automatic (and passive, it can interally use a NULL
208ENGINE pointer to simply ignore ENGINE from then on).
209
210Hell, that should be enough for now ... comments welcome: geoff@openssl.org
211
diff --git a/src/lib/libcrypto/engine/eng_all.c b/src/lib/libcrypto/engine/eng_all.c
deleted file mode 100644
index 0f6992a40d..0000000000
--- a/src/lib/libcrypto/engine/eng_all.c
+++ /dev/null
@@ -1,113 +0,0 @@
1/* crypto/engine/eng_all.c -*- mode: C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/err.h>
60#include <openssl/engine.h>
61#include "eng_int.h"
62
63void ENGINE_load_builtin_engines(void)
64 {
65 /* There's no longer any need for an "openssl" ENGINE unless, one day,
66 * it is the *only* way for standard builtin implementations to be be
67 * accessed (ie. it would be possible to statically link binaries with
68 * *no* builtin implementations). */
69#if 0
70 ENGINE_load_openssl();
71#endif
72 ENGINE_load_dynamic();
73#ifndef OPENSSL_NO_HW
74#ifndef OPENSSL_NO_HW_CSWIFT
75 ENGINE_load_cswift();
76#endif
77#ifndef OPENSSL_NO_HW_NCIPHER
78 ENGINE_load_chil();
79#endif
80#ifndef OPENSSL_NO_HW_ATALLA
81 ENGINE_load_atalla();
82#endif
83#ifndef OPENSSL_NO_HW_NURON
84 ENGINE_load_nuron();
85#endif
86#ifndef OPENSSL_NO_HW_UBSEC
87 ENGINE_load_ubsec();
88#endif
89#ifndef OPENSSL_NO_HW_AEP
90 ENGINE_load_aep();
91#endif
92#ifndef OPENSSL_NO_HW_SUREWARE
93 ENGINE_load_sureware();
94#endif
95#ifndef OPENSSL_NO_HW_4758_CCA
96 ENGINE_load_4758cca();
97#endif
98#if defined(__OpenBSD__) || defined(__FreeBSD__)
99 ENGINE_load_cryptodev();
100#endif
101#endif
102 }
103
104#if defined(__OpenBSD__) || defined(__FreeBSD__)
105void ENGINE_setup_bsd_cryptodev(void) {
106 static int bsd_cryptodev_default_loaded = 0;
107 if (!bsd_cryptodev_default_loaded) {
108 ENGINE_load_cryptodev();
109 ENGINE_register_all_complete();
110 }
111 bsd_cryptodev_default_loaded=1;
112}
113#endif
diff --git a/src/lib/libcrypto/engine/eng_cnf.c b/src/lib/libcrypto/engine/eng_cnf.c
deleted file mode 100644
index cdf670901a..0000000000
--- a/src/lib/libcrypto/engine/eng_cnf.c
+++ /dev/null
@@ -1,242 +0,0 @@
1/* eng_cnf.c */
2/* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2001.
4 */
5/* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <openssl/crypto.h>
61#include "cryptlib.h"
62#include <openssl/conf.h>
63#include <openssl/engine.h>
64
65/* #define ENGINE_CONF_DEBUG */
66
67/* ENGINE config module */
68
69static char *skip_dot(char *name)
70 {
71 char *p;
72 p = strchr(name, '.');
73 if (p)
74 return p + 1;
75 return name;
76 }
77
78static STACK_OF(ENGINE) *initialized_engines = NULL;
79
80static int int_engine_init(ENGINE *e)
81 {
82 if (!ENGINE_init(e))
83 return 0;
84 if (!initialized_engines)
85 initialized_engines = sk_ENGINE_new_null();
86 if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e))
87 {
88 ENGINE_finish(e);
89 return 0;
90 }
91 return 1;
92 }
93
94
95static int int_engine_configure(char *name, char *value, const CONF *cnf)
96 {
97 int i;
98 int ret = 0;
99 long do_init = -1;
100 STACK_OF(CONF_VALUE) *ecmds;
101 CONF_VALUE *ecmd;
102 char *ctrlname, *ctrlvalue;
103 ENGINE *e = NULL;
104 name = skip_dot(name);
105#ifdef ENGINE_CONF_DEBUG
106 fprintf(stderr, "Configuring engine %s\n", name);
107#endif
108 /* Value is a section containing ENGINE commands */
109 ecmds = NCONF_get_section(cnf, value);
110
111 if (!ecmds)
112 {
113 ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_SECTION_ERROR);
114 return 0;
115 }
116
117 for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++)
118 {
119 ecmd = sk_CONF_VALUE_value(ecmds, i);
120 ctrlname = skip_dot(ecmd->name);
121 ctrlvalue = ecmd->value;
122#ifdef ENGINE_CONF_DEBUG
123 fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname, ctrlvalue);
124#endif
125
126 /* First handle some special pseudo ctrls */
127
128 /* Override engine name to use */
129 if (!strcmp(ctrlname, "engine_id"))
130 name = ctrlvalue;
131 /* Load a dynamic ENGINE */
132 else if (!strcmp(ctrlname, "dynamic_path"))
133 {
134 e = ENGINE_by_id("dynamic");
135 if (!e)
136 goto err;
137 if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
138 goto err;
139 if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
140 goto err;
141 if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
142 goto err;
143 }
144 /* ... add other pseudos here ... */
145 else
146 {
147 /* At this point we need an ENGINE structural reference
148 * if we don't already have one.
149 */
150 if (!e)
151 {
152 e = ENGINE_by_id(name);
153 if (!e)
154 return 0;
155 }
156 /* Allow "EMPTY" to mean no value: this allows a valid
157 * "value" to be passed to ctrls of type NO_INPUT
158 */
159 if (!strcmp(ctrlvalue, "EMPTY"))
160 ctrlvalue = NULL;
161 else if (!strcmp(ctrlname, "init"))
162 {
163 if (!NCONF_get_number_e(cnf, value, "init", &do_init))
164 goto err;
165 if (do_init == 1)
166 {
167 if (!int_engine_init(e))
168 goto err;
169 }
170 else if (do_init != 0)
171 {
172 ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE);
173 goto err;
174 }
175 }
176 else if (!strcmp(ctrlname, "default_algorithms"))
177 {
178 if (!ENGINE_set_default_string(e, ctrlvalue))
179 goto err;
180 }
181 else if (!ENGINE_ctrl_cmd_string(e,
182 ctrlname, ctrlvalue, 0))
183 return 0;
184 }
185
186
187
188 }
189 if (e && (do_init == -1) && !int_engine_init(e))
190 goto err;
191 ret = 1;
192 err:
193 if (e)
194 ENGINE_free(e);
195 return ret;
196 }
197
198
199static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
200 {
201 STACK_OF(CONF_VALUE) *elist;
202 CONF_VALUE *cval;
203 int i;
204#ifdef ENGINE_CONF_DEBUG
205 fprintf(stderr, "Called engine module: name %s, value %s\n",
206 CONF_imodule_get_name(md), CONF_imodule_get_value(md));
207#endif
208 /* Value is a section containing ENGINEs to configure */
209 elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
210
211 if (!elist)
212 {
213 ENGINEerr(ENGINE_F_ENGINE_MODULE_INIT, ENGINE_R_ENGINES_SECTION_ERROR);
214 return 0;
215 }
216
217 for (i = 0; i < sk_CONF_VALUE_num(elist); i++)
218 {
219 cval = sk_CONF_VALUE_value(elist, i);
220 if (!int_engine_configure(cval->name, cval->value, cnf))
221 return 0;
222 }
223
224 return 1;
225 }
226
227static void int_engine_module_finish(CONF_IMODULE *md)
228 {
229 ENGINE *e;
230 while ((e = sk_ENGINE_pop(initialized_engines)))
231 ENGINE_finish(e);
232 sk_ENGINE_free(initialized_engines);
233 initialized_engines = NULL;
234 }
235
236
237void ENGINE_add_conf_module(void)
238 {
239 CONF_module_add("engines",
240 int_engine_module_init,
241 int_engine_module_finish);
242 }
diff --git a/src/lib/libcrypto/engine/eng_ctrl.c b/src/lib/libcrypto/engine/eng_ctrl.c
deleted file mode 100644
index 412c73fb0f..0000000000
--- a/src/lib/libcrypto/engine/eng_ctrl.c
+++ /dev/null
@@ -1,391 +0,0 @@
1/* crypto/engine/eng_ctrl.c */
2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/crypto.h>
57#include "cryptlib.h"
58#include "eng_int.h"
59#include <openssl/engine.h>
60
61/* When querying a ENGINE-specific control command's 'description', this string
62 * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
63static const char *int_no_description = "";
64
65/* These internal functions handle 'CMD'-related control commands when the
66 * ENGINE in question has asked us to take care of it (ie. the ENGINE did not
67 * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
68
69static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
70 {
71 if((defn->cmd_num == 0) || (defn->cmd_name == NULL))
72 return 1;
73 return 0;
74 }
75
76static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
77 {
78 int idx = 0;
79 while(!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0))
80 {
81 idx++;
82 defn++;
83 }
84 if(int_ctrl_cmd_is_null(defn))
85 /* The given name wasn't found */
86 return -1;
87 return idx;
88 }
89
90static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
91 {
92 int idx = 0;
93 /* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
94 * our searches don't need to take any longer than necessary. */
95 while(!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num))
96 {
97 idx++;
98 defn++;
99 }
100 if(defn->cmd_num == num)
101 return idx;
102 /* The given cmd_num wasn't found */
103 return -1;
104 }
105
106static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)())
107 {
108 int idx;
109 char *s = (char *)p;
110 /* Take care of the easy one first (eg. it requires no searches) */
111 if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE)
112 {
113 if((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns))
114 return 0;
115 return e->cmd_defns->cmd_num;
116 }
117 /* One or two commands require that "p" be a valid string buffer */
118 if((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
119 (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
120 (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD))
121 {
122 if(s == NULL)
123 {
124 ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
125 ERR_R_PASSED_NULL_PARAMETER);
126 return -1;
127 }
128 }
129 /* Now handle cmd_name -> cmd_num conversion */
130 if(cmd == ENGINE_CTRL_GET_CMD_FROM_NAME)
131 {
132 if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_name(
133 e->cmd_defns, s)) < 0))
134 {
135 ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
136 ENGINE_R_INVALID_CMD_NAME);
137 return -1;
138 }
139 return e->cmd_defns[idx].cmd_num;
140 }
141 /* For the rest of the commands, the 'long' argument must specify a
142 * valie command number - so we need to conduct a search. */
143 if((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
144 (unsigned int)i)) < 0))
145 {
146 ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
147 ENGINE_R_INVALID_CMD_NUMBER);
148 return -1;
149 }
150 /* Now the logic splits depending on command type */
151 switch(cmd)
152 {
153 case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
154 idx++;
155 if(int_ctrl_cmd_is_null(e->cmd_defns + idx))
156 /* end-of-list */
157 return 0;
158 else
159 return e->cmd_defns[idx].cmd_num;
160 case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
161 return strlen(e->cmd_defns[idx].cmd_name);
162 case ENGINE_CTRL_GET_NAME_FROM_CMD:
163 return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1,
164 "%s", e->cmd_defns[idx].cmd_name);
165 case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
166 if(e->cmd_defns[idx].cmd_desc)
167 return strlen(e->cmd_defns[idx].cmd_desc);
168 return strlen(int_no_description);
169 case ENGINE_CTRL_GET_DESC_FROM_CMD:
170 if(e->cmd_defns[idx].cmd_desc)
171 return BIO_snprintf(s,
172 strlen(e->cmd_defns[idx].cmd_desc) + 1,
173 "%s", e->cmd_defns[idx].cmd_desc);
174 return BIO_snprintf(s, strlen(int_no_description) + 1,"%s",
175 int_no_description);
176 case ENGINE_CTRL_GET_CMD_FLAGS:
177 return e->cmd_defns[idx].cmd_flags;
178 }
179 /* Shouldn't really be here ... */
180 ENGINEerr(ENGINE_F_INT_CTRL_HELPER,ENGINE_R_INTERNAL_LIST_ERROR);
181 return -1;
182 }
183
184int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
185 {
186 int ctrl_exists, ref_exists;
187 if(e == NULL)
188 {
189 ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
190 return 0;
191 }
192 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
193 ref_exists = ((e->struct_ref > 0) ? 1 : 0);
194 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
195 ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
196 if(!ref_exists)
197 {
198 ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_REFERENCE);
199 return 0;
200 }
201 /* Intercept any "root-level" commands before trying to hand them on to
202 * ctrl() handlers. */
203 switch(cmd)
204 {
205 case ENGINE_CTRL_HAS_CTRL_FUNCTION:
206 return ctrl_exists;
207 case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
208 case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
209 case ENGINE_CTRL_GET_CMD_FROM_NAME:
210 case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
211 case ENGINE_CTRL_GET_NAME_FROM_CMD:
212 case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
213 case ENGINE_CTRL_GET_DESC_FROM_CMD:
214 case ENGINE_CTRL_GET_CMD_FLAGS:
215 if(ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
216 return int_ctrl_helper(e,cmd,i,p,f);
217 if(!ctrl_exists)
218 {
219 ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
220 /* For these cmd-related functions, failure is indicated
221 * by a -1 return value (because 0 is used as a valid
222 * return in some places). */
223 return -1;
224 }
225 default:
226 break;
227 }
228 /* Anything else requires a ctrl() handler to exist. */
229 if(!ctrl_exists)
230 {
231 ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
232 return 0;
233 }
234 return e->ctrl(e, cmd, i, p, f);
235 }
236
237int ENGINE_cmd_is_executable(ENGINE *e, int cmd)
238 {
239 int flags;
240 if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0)
241 {
242 ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
243 ENGINE_R_INVALID_CMD_NUMBER);
244 return 0;
245 }
246 if(!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
247 !(flags & ENGINE_CMD_FLAG_NUMERIC) &&
248 !(flags & ENGINE_CMD_FLAG_STRING))
249 return 0;
250 return 1;
251 }
252
253int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
254 long i, void *p, void (*f)(), int cmd_optional)
255 {
256 int num;
257
258 if((e == NULL) || (cmd_name == NULL))
259 {
260 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
261 ERR_R_PASSED_NULL_PARAMETER);
262 return 0;
263 }
264 if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
265 ENGINE_CTRL_GET_CMD_FROM_NAME,
266 0, (void *)cmd_name, NULL)) <= 0))
267 {
268 /* If the command didn't *have* to be supported, we fake
269 * success. This allows certain settings to be specified for
270 * multiple ENGINEs and only require a change of ENGINE id
271 * (without having to selectively apply settings). Eg. changing
272 * from a hardware device back to the regular software ENGINE
273 * without editing the config file, etc. */
274 if(cmd_optional)
275 {
276 ERR_clear_error();
277 return 1;
278 }
279 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD,
280 ENGINE_R_INVALID_CMD_NAME);
281 return 0;
282 }
283 /* Force the result of the control command to 0 or 1, for the reasons
284 * mentioned before. */
285 if (ENGINE_ctrl(e, num, i, p, f))
286 return 1;
287 return 0;
288 }
289
290int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
291 int cmd_optional)
292 {
293 int num, flags;
294 long l;
295 char *ptr;
296 if((e == NULL) || (cmd_name == NULL))
297 {
298 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
299 ERR_R_PASSED_NULL_PARAMETER);
300 return 0;
301 }
302 if((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
303 ENGINE_CTRL_GET_CMD_FROM_NAME,
304 0, (void *)cmd_name, NULL)) <= 0))
305 {
306 /* If the command didn't *have* to be supported, we fake
307 * success. This allows certain settings to be specified for
308 * multiple ENGINEs and only require a change of ENGINE id
309 * (without having to selectively apply settings). Eg. changing
310 * from a hardware device back to the regular software ENGINE
311 * without editing the config file, etc. */
312 if(cmd_optional)
313 {
314 ERR_clear_error();
315 return 1;
316 }
317 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
318 ENGINE_R_INVALID_CMD_NAME);
319 return 0;
320 }
321 if(!ENGINE_cmd_is_executable(e, num))
322 {
323 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
324 ENGINE_R_CMD_NOT_EXECUTABLE);
325 return 0;
326 }
327 if((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0)
328 {
329 /* Shouldn't happen, given that ENGINE_cmd_is_executable()
330 * returned success. */
331 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
332 ENGINE_R_INTERNAL_LIST_ERROR);
333 return 0;
334 }
335 /* If the command takes no input, there must be no input. And vice
336 * versa. */
337 if(flags & ENGINE_CMD_FLAG_NO_INPUT)
338 {
339 if(arg != NULL)
340 {
341 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
342 ENGINE_R_COMMAND_TAKES_NO_INPUT);
343 return 0;
344 }
345 /* We deliberately force the result of ENGINE_ctrl() to 0 or 1
346 * rather than returning it as "return data". This is to ensure
347 * usage of these commands is consistent across applications and
348 * that certain applications don't understand it one way, and
349 * others another. */
350 if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
351 return 1;
352 return 0;
353 }
354 /* So, we require input */
355 if(arg == NULL)
356 {
357 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
358 ENGINE_R_COMMAND_TAKES_INPUT);
359 return 0;
360 }
361 /* If it takes string input, that's easy */
362 if(flags & ENGINE_CMD_FLAG_STRING)
363 {
364 /* Same explanation as above */
365 if(ENGINE_ctrl(e, num, 0, (void *)arg, NULL))
366 return 1;
367 return 0;
368 }
369 /* If it doesn't take numeric either, then it is unsupported for use in
370 * a config-setting situation, which is what this function is for. This
371 * should never happen though, because ENGINE_cmd_is_executable() was
372 * used. */
373 if(!(flags & ENGINE_CMD_FLAG_NUMERIC))
374 {
375 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
376 ENGINE_R_INTERNAL_LIST_ERROR);
377 return 0;
378 }
379 l = strtol(arg, &ptr, 10);
380 if((arg == ptr) || (*ptr != '\0'))
381 {
382 ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
383 ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
384 return 0;
385 }
386 /* Force the result of the control command to 0 or 1, for the reasons
387 * mentioned before. */
388 if(ENGINE_ctrl(e, num, l, NULL, NULL))
389 return 1;
390 return 0;
391 }
diff --git a/src/lib/libcrypto/engine/eng_dyn.c b/src/lib/libcrypto/engine/eng_dyn.c
deleted file mode 100644
index 4139a16e76..0000000000
--- a/src/lib/libcrypto/engine/eng_dyn.c
+++ /dev/null
@@ -1,460 +0,0 @@
1/* crypto/engine/eng_dyn.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2001.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include <openssl/crypto.h>
62#include "cryptlib.h"
63#include "eng_int.h"
64#include <openssl/engine.h>
65#include <openssl/dso.h>
66
67/* Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE loader
68 * should implement the hook-up functions with the following prototypes. */
69
70/* Our ENGINE handlers */
71static int dynamic_init(ENGINE *e);
72static int dynamic_finish(ENGINE *e);
73static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
74/* Predeclare our context type */
75typedef struct st_dynamic_data_ctx dynamic_data_ctx;
76/* The implementation for the important control command */
77static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx);
78
79#define DYNAMIC_CMD_SO_PATH ENGINE_CMD_BASE
80#define DYNAMIC_CMD_NO_VCHECK (ENGINE_CMD_BASE + 1)
81#define DYNAMIC_CMD_ID (ENGINE_CMD_BASE + 2)
82#define DYNAMIC_CMD_LIST_ADD (ENGINE_CMD_BASE + 3)
83#define DYNAMIC_CMD_LOAD (ENGINE_CMD_BASE + 4)
84
85/* The constants used when creating the ENGINE */
86static const char *engine_dynamic_id = "dynamic";
87static const char *engine_dynamic_name = "Dynamic engine loading support";
88static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = {
89 {DYNAMIC_CMD_SO_PATH,
90 "SO_PATH",
91 "Specifies the path to the new ENGINE shared library",
92 ENGINE_CMD_FLAG_STRING},
93 {DYNAMIC_CMD_NO_VCHECK,
94 "NO_VCHECK",
95 "Specifies to continue even if version checking fails (boolean)",
96 ENGINE_CMD_FLAG_NUMERIC},
97 {DYNAMIC_CMD_ID,
98 "ID",
99 "Specifies an ENGINE id name for loading",
100 ENGINE_CMD_FLAG_STRING},
101 {DYNAMIC_CMD_LIST_ADD,
102 "LIST_ADD",
103 "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)",
104 ENGINE_CMD_FLAG_NUMERIC},
105 {DYNAMIC_CMD_LOAD,
106 "LOAD",
107 "Load up the ENGINE specified by other settings",
108 ENGINE_CMD_FLAG_NO_INPUT},
109 {0, NULL, NULL, 0}
110 };
111static const ENGINE_CMD_DEFN dynamic_cmd_defns_empty[] = {
112 {0, NULL, NULL, 0}
113 };
114
115/* Loading code stores state inside the ENGINE structure via the "ex_data"
116 * element. We load all our state into a single structure and use that as a
117 * single context in the "ex_data" stack. */
118struct st_dynamic_data_ctx
119 {
120 /* The DSO object we load that supplies the ENGINE code */
121 DSO *dynamic_dso;
122 /* The function pointer to the version checking shared library function */
123 dynamic_v_check_fn v_check;
124 /* The function pointer to the engine-binding shared library function */
125 dynamic_bind_engine bind_engine;
126 /* The default name/path for loading the shared library */
127 const char *DYNAMIC_LIBNAME;
128 /* Whether to continue loading on a version check failure */
129 int no_vcheck;
130 /* If non-NULL, stipulates the 'id' of the ENGINE to be loaded */
131 const char *engine_id;
132 /* If non-zero, a successfully loaded ENGINE should be added to the internal
133 * ENGINE list. If 2, the add must succeed or the entire load should fail. */
134 int list_add_value;
135 /* The symbol name for the version checking function */
136 const char *DYNAMIC_F1;
137 /* The symbol name for the "initialise ENGINE structure" function */
138 const char *DYNAMIC_F2;
139 };
140
141/* This is the "ex_data" index we obtain and reserve for use with our context
142 * structure. */
143static int dynamic_ex_data_idx = -1;
144
145/* Because our ex_data element may or may not get allocated depending on whether
146 * a "first-use" occurs before the ENGINE is freed, we have a memory leak
147 * problem to solve. We can't declare a "new" handler for the ex_data as we
148 * don't want a dynamic_data_ctx in *all* ENGINE structures of all types (this
149 * is a bug in the design of CRYPTO_EX_DATA). As such, we just declare a "free"
150 * handler and that will get called if an ENGINE is being destroyed and there
151 * was an ex_data element corresponding to our context type. */
152static void dynamic_data_ctx_free_func(void *parent, void *ptr,
153 CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
154 {
155 if(ptr)
156 {
157 dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
158 if(ctx->dynamic_dso)
159 DSO_free(ctx->dynamic_dso);
160 if(ctx->DYNAMIC_LIBNAME)
161 OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
162 if(ctx->engine_id)
163 OPENSSL_free((void*)ctx->engine_id);
164 OPENSSL_free(ctx);
165 }
166 }
167
168/* Construct the per-ENGINE context. We create it blindly and then use a lock to
169 * check for a race - if so, all but one of the threads "racing" will have
170 * wasted their time. The alternative involves creating everything inside the
171 * lock which is far worse. */
172static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
173 {
174 dynamic_data_ctx *c;
175 c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
176 if(!c)
177 {
178 ENGINEerr(ENGINE_F_SET_DATA_CTX,ERR_R_MALLOC_FAILURE);
179 return 0;
180 }
181 memset(c, 0, sizeof(dynamic_data_ctx));
182 c->dynamic_dso = NULL;
183 c->v_check = NULL;
184 c->bind_engine = NULL;
185 c->DYNAMIC_LIBNAME = NULL;
186 c->no_vcheck = 0;
187 c->engine_id = NULL;
188 c->list_add_value = 0;
189 c->DYNAMIC_F1 = "v_check";
190 c->DYNAMIC_F2 = "bind_engine";
191 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
192 if((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
193 dynamic_ex_data_idx)) == NULL)
194 {
195 /* Good, we're the first */
196 ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
197 *ctx = c;
198 c = NULL;
199 }
200 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
201 /* If we lost the race to set the context, c is non-NULL and *ctx is the
202 * context of the thread that won. */
203 if(c)
204 OPENSSL_free(c);
205 return 1;
206 }
207
208/* This function retrieves the context structure from an ENGINE's "ex_data", or
209 * if it doesn't exist yet, sets it up. */
210static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
211 {
212 dynamic_data_ctx *ctx;
213 if(dynamic_ex_data_idx < 0)
214 {
215 /* Create and register the ENGINE ex_data, and associate our
216 * "free" function with it to ensure any allocated contexts get
217 * freed when an ENGINE goes underground. */
218 int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL,
219 dynamic_data_ctx_free_func);
220 if(new_idx == -1)
221 {
222 ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX,ENGINE_R_NO_INDEX);
223 return NULL;
224 }
225 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
226 /* Avoid a race by checking again inside this lock */
227 if(dynamic_ex_data_idx < 0)
228 {
229 /* Good, someone didn't beat us to it */
230 dynamic_ex_data_idx = new_idx;
231 new_idx = -1;
232 }
233 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
234 /* In theory we could "give back" the index here if
235 * (new_idx>-1), but it's not possible and wouldn't gain us much
236 * if it were. */
237 }
238 ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx);
239 /* Check if the context needs to be created */
240 if((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx))
241 /* "set_data" will set errors if necessary */
242 return NULL;
243 return ctx;
244 }
245
246static ENGINE *engine_dynamic(void)
247 {
248 ENGINE *ret = ENGINE_new();
249 if(!ret)
250 return NULL;
251 if(!ENGINE_set_id(ret, engine_dynamic_id) ||
252 !ENGINE_set_name(ret, engine_dynamic_name) ||
253 !ENGINE_set_init_function(ret, dynamic_init) ||
254 !ENGINE_set_finish_function(ret, dynamic_finish) ||
255 !ENGINE_set_ctrl_function(ret, dynamic_ctrl) ||
256 !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) ||
257 !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns))
258 {
259 ENGINE_free(ret);
260 return NULL;
261 }
262 return ret;
263 }
264
265void ENGINE_load_dynamic(void)
266 {
267 ENGINE *toadd = engine_dynamic();
268 if(!toadd) return;
269 ENGINE_add(toadd);
270 /* If the "add" worked, it gets a structural reference. So either way,
271 * we release our just-created reference. */
272 ENGINE_free(toadd);
273 /* If the "add" didn't work, it was probably a conflict because it was
274 * already added (eg. someone calling ENGINE_load_blah then calling
275 * ENGINE_load_builtin_engines() perhaps). */
276 ERR_clear_error();
277 }
278
279static int dynamic_init(ENGINE *e)
280 {
281 /* We always return failure - the "dyanamic" engine itself can't be used
282 * for anything. */
283 return 0;
284 }
285
286static int dynamic_finish(ENGINE *e)
287 {
288 /* This should never be called on account of "dynamic_init" always
289 * failing. */
290 return 0;
291 }
292
293static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
294 {
295 dynamic_data_ctx *ctx = dynamic_get_data_ctx(e);
296 int initialised;
297
298 if(!ctx)
299 {
300 ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_NOT_LOADED);
301 return 0;
302 }
303 initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1);
304 /* All our control commands require the ENGINE to be uninitialised */
305 if(initialised)
306 {
307 ENGINEerr(ENGINE_F_DYNAMIC_CTRL,
308 ENGINE_R_ALREADY_LOADED);
309 return 0;
310 }
311 switch(cmd)
312 {
313 case DYNAMIC_CMD_SO_PATH:
314 /* a NULL 'p' or a string of zero-length is the same thing */
315 if(p && (strlen((const char *)p) < 1))
316 p = NULL;
317 if(ctx->DYNAMIC_LIBNAME)
318 OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME);
319 if(p)
320 ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
321 else
322 ctx->DYNAMIC_LIBNAME = NULL;
323 return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
324 case DYNAMIC_CMD_NO_VCHECK:
325 ctx->no_vcheck = ((i == 0) ? 0 : 1);
326 return 1;
327 case DYNAMIC_CMD_ID:
328 /* a NULL 'p' or a string of zero-length is the same thing */
329 if(p && (strlen((const char *)p) < 1))
330 p = NULL;
331 if(ctx->engine_id)
332 OPENSSL_free((void*)ctx->engine_id);
333 if(p)
334 ctx->engine_id = BUF_strdup(p);
335 else
336 ctx->engine_id = NULL;
337 return (ctx->engine_id ? 1 : 0);
338 case DYNAMIC_CMD_LIST_ADD:
339 if((i < 0) || (i > 2))
340 {
341 ENGINEerr(ENGINE_F_DYNAMIC_CTRL,
342 ENGINE_R_INVALID_ARGUMENT);
343 return 0;
344 }
345 ctx->list_add_value = (int)i;
346 return 1;
347 case DYNAMIC_CMD_LOAD:
348 return dynamic_load(e, ctx);
349 default:
350 break;
351 }
352 ENGINEerr(ENGINE_F_DYNAMIC_CTRL,ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
353 return 0;
354 }
355
356static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
357 {
358 ENGINE cpy;
359 dynamic_fns fns;
360
361 if(!ctx->DYNAMIC_LIBNAME || ((ctx->dynamic_dso = DSO_load(NULL,
362 ctx->DYNAMIC_LIBNAME, NULL, 0)) == NULL))
363 {
364 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
365 ENGINE_R_DSO_NOT_FOUND);
366 return 0;
367 }
368 /* We have to find a bind function otherwise it'll always end badly */
369 if(!(ctx->bind_engine = (dynamic_bind_engine)DSO_bind_func(
370 ctx->dynamic_dso, ctx->DYNAMIC_F2)))
371 {
372 ctx->bind_engine = NULL;
373 DSO_free(ctx->dynamic_dso);
374 ctx->dynamic_dso = NULL;
375 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
376 ENGINE_R_DSO_FAILURE);
377 return 0;
378 }
379 /* Do we perform version checking? */
380 if(!ctx->no_vcheck)
381 {
382 unsigned long vcheck_res = 0;
383 /* Now we try to find a version checking function and decide how
384 * to cope with failure if/when it fails. */
385 ctx->v_check = (dynamic_v_check_fn)DSO_bind_func(
386 ctx->dynamic_dso, ctx->DYNAMIC_F1);
387 if(ctx->v_check)
388 vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION);
389 /* We fail if the version checker veto'd the load *or* if it is
390 * deferring to us (by returning its version) and we think it is
391 * too old. */
392 if(vcheck_res < OSSL_DYNAMIC_OLDEST)
393 {
394 /* Fail */
395 ctx->bind_engine = NULL;
396 ctx->v_check = NULL;
397 DSO_free(ctx->dynamic_dso);
398 ctx->dynamic_dso = NULL;
399 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
400 ENGINE_R_VERSION_INCOMPATIBILITY);
401 return 0;
402 }
403 }
404 /* First binary copy the ENGINE structure so that we can roll back if
405 * the hand-over fails */
406 memcpy(&cpy, e, sizeof(ENGINE));
407 /* Provide the ERR, "ex_data", memory, and locking callbacks so the
408 * loaded library uses our state rather than its own. FIXME: As noted in
409 * engine.h, much of this would be simplified if each area of code
410 * provided its own "summary" structure of all related callbacks. It
411 * would also increase opaqueness. */
412 fns.err_fns = ERR_get_implementation();
413 fns.ex_data_fns = CRYPTO_get_ex_data_implementation();
414 CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb,
415 &fns.mem_fns.realloc_cb,
416 &fns.mem_fns.free_cb);
417 fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback();
418 fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback();
419 fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback();
420 fns.lock_fns.dynlock_lock_cb = CRYPTO_get_dynlock_lock_callback();
421 fns.lock_fns.dynlock_destroy_cb = CRYPTO_get_dynlock_destroy_callback();
422 /* Now that we've loaded the dynamic engine, make sure no "dynamic"
423 * ENGINE elements will show through. */
424 engine_set_all_null(e);
425
426 /* Try to bind the ENGINE onto our own ENGINE structure */
427 if(!ctx->bind_engine(e, ctx->engine_id, &fns))
428 {
429 ctx->bind_engine = NULL;
430 ctx->v_check = NULL;
431 DSO_free(ctx->dynamic_dso);
432 ctx->dynamic_dso = NULL;
433 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,ENGINE_R_INIT_FAILED);
434 /* Copy the original ENGINE structure back */
435 memcpy(e, &cpy, sizeof(ENGINE));
436 return 0;
437 }
438 /* Do we try to add this ENGINE to the internal list too? */
439 if(ctx->list_add_value > 0)
440 {
441 if(!ENGINE_add(e))
442 {
443 /* Do we tolerate this or fail? */
444 if(ctx->list_add_value > 1)
445 {
446 /* Fail - NB: By this time, it's too late to
447 * rollback, and trying to do so allows the
448 * bind_engine() code to have created leaks. We
449 * just have to fail where we are, after the
450 * ENGINE has changed. */
451 ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
452 ENGINE_R_CONFLICTING_ENGINE_ID);
453 return 0;
454 }
455 /* Tolerate */
456 ERR_clear_error();
457 }
458 }
459 return 1;
460 }
diff --git a/src/lib/libcrypto/engine/eng_err.c b/src/lib/libcrypto/engine/eng_err.c
deleted file mode 100644
index 814d95ee32..0000000000
--- a/src/lib/libcrypto/engine/eng_err.c
+++ /dev/null
@@ -1,166 +0,0 @@
1/* crypto/engine/eng_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/engine.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67static ERR_STRING_DATA ENGINE_str_functs[]=
68 {
69{ERR_PACK(0,ENGINE_F_DYNAMIC_CTRL,0), "DYNAMIC_CTRL"},
70{ERR_PACK(0,ENGINE_F_DYNAMIC_GET_DATA_CTX,0), "DYNAMIC_GET_DATA_CTX"},
71{ERR_PACK(0,ENGINE_F_DYNAMIC_LOAD,0), "DYNAMIC_LOAD"},
72{ERR_PACK(0,ENGINE_F_ENGINE_ADD,0), "ENGINE_add"},
73{ERR_PACK(0,ENGINE_F_ENGINE_BY_ID,0), "ENGINE_by_id"},
74{ERR_PACK(0,ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,0), "ENGINE_cmd_is_executable"},
75{ERR_PACK(0,ENGINE_F_ENGINE_CTRL,0), "ENGINE_ctrl"},
76{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD,0), "ENGINE_ctrl_cmd"},
77{ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0), "ENGINE_ctrl_cmd_string"},
78{ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0), "ENGINE_finish"},
79{ERR_PACK(0,ENGINE_F_ENGINE_FREE,0), "ENGINE_free"},
80{ERR_PACK(0,ENGINE_F_ENGINE_GET_CIPHER,0), "ENGINE_get_cipher"},
81{ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0), "ENGINE_GET_DEFAULT_TYPE"},
82{ERR_PACK(0,ENGINE_F_ENGINE_GET_DIGEST,0), "ENGINE_get_digest"},
83{ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0), "ENGINE_get_next"},
84{ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0), "ENGINE_get_prev"},
85{ERR_PACK(0,ENGINE_F_ENGINE_INIT,0), "ENGINE_init"},
86{ERR_PACK(0,ENGINE_F_ENGINE_LIST_ADD,0), "ENGINE_LIST_ADD"},
87{ERR_PACK(0,ENGINE_F_ENGINE_LIST_REMOVE,0), "ENGINE_LIST_REMOVE"},
88{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,0), "ENGINE_load_private_key"},
89{ERR_PACK(0,ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,0), "ENGINE_load_public_key"},
90{ERR_PACK(0,ENGINE_F_ENGINE_MODULE_INIT,0), "ENGINE_MODULE_INIT"},
91{ERR_PACK(0,ENGINE_F_ENGINE_NEW,0), "ENGINE_new"},
92{ERR_PACK(0,ENGINE_F_ENGINE_REMOVE,0), "ENGINE_remove"},
93{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_STRING,0), "ENGINE_set_default_string"},
94{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0), "ENGINE_SET_DEFAULT_TYPE"},
95{ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0), "ENGINE_set_id"},
96{ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0), "ENGINE_set_name"},
97{ERR_PACK(0,ENGINE_F_ENGINE_TABLE_REGISTER,0), "ENGINE_TABLE_REGISTER"},
98{ERR_PACK(0,ENGINE_F_ENGINE_UNLOAD_KEY,0), "ENGINE_UNLOAD_KEY"},
99{ERR_PACK(0,ENGINE_F_ENGINE_UP_REF,0), "ENGINE_up_ref"},
100{ERR_PACK(0,ENGINE_F_INT_CTRL_HELPER,0), "INT_CTRL_HELPER"},
101{ERR_PACK(0,ENGINE_F_INT_ENGINE_CONFIGURE,0), "INT_ENGINE_CONFIGURE"},
102{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0), "LOG_MESSAGE"},
103{ERR_PACK(0,ENGINE_F_SET_DATA_CTX,0), "SET_DATA_CTX"},
104{0,NULL}
105 };
106
107static ERR_STRING_DATA ENGINE_str_reasons[]=
108 {
109{ENGINE_R_ALREADY_LOADED ,"already loaded"},
110{ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER ,"argument is not a number"},
111{ENGINE_R_CMD_NOT_EXECUTABLE ,"cmd not executable"},
112{ENGINE_R_COMMAND_TAKES_INPUT ,"command takes input"},
113{ENGINE_R_COMMAND_TAKES_NO_INPUT ,"command takes no input"},
114{ENGINE_R_CONFLICTING_ENGINE_ID ,"conflicting engine id"},
115{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
116{ENGINE_R_DH_NOT_IMPLEMENTED ,"dh not implemented"},
117{ENGINE_R_DSA_NOT_IMPLEMENTED ,"dsa not implemented"},
118{ENGINE_R_DSO_FAILURE ,"DSO failure"},
119{ENGINE_R_DSO_NOT_FOUND ,"dso not found"},
120{ENGINE_R_ENGINES_SECTION_ERROR ,"engines section error"},
121{ENGINE_R_ENGINE_IS_NOT_IN_LIST ,"engine is not in the list"},
122{ENGINE_R_ENGINE_SECTION_ERROR ,"engine section error"},
123{ENGINE_R_FAILED_LOADING_PRIVATE_KEY ,"failed loading private key"},
124{ENGINE_R_FAILED_LOADING_PUBLIC_KEY ,"failed loading public key"},
125{ENGINE_R_FINISH_FAILED ,"finish failed"},
126{ENGINE_R_GET_HANDLE_FAILED ,"could not obtain hardware handle"},
127{ENGINE_R_ID_OR_NAME_MISSING ,"'id' or 'name' missing"},
128{ENGINE_R_INIT_FAILED ,"init failed"},
129{ENGINE_R_INTERNAL_LIST_ERROR ,"internal list error"},
130{ENGINE_R_INVALID_ARGUMENT ,"invalid argument"},
131{ENGINE_R_INVALID_CMD_NAME ,"invalid cmd name"},
132{ENGINE_R_INVALID_CMD_NUMBER ,"invalid cmd number"},
133{ENGINE_R_INVALID_INIT_VALUE ,"invalid init value"},
134{ENGINE_R_INVALID_STRING ,"invalid string"},
135{ENGINE_R_NOT_INITIALISED ,"not initialised"},
136{ENGINE_R_NOT_LOADED ,"not loaded"},
137{ENGINE_R_NO_CONTROL_FUNCTION ,"no control function"},
138{ENGINE_R_NO_INDEX ,"no index"},
139{ENGINE_R_NO_LOAD_FUNCTION ,"no load function"},
140{ENGINE_R_NO_REFERENCE ,"no reference"},
141{ENGINE_R_NO_SUCH_ENGINE ,"no such engine"},
142{ENGINE_R_NO_UNLOAD_FUNCTION ,"no unload function"},
143{ENGINE_R_PROVIDE_PARAMETERS ,"provide parameters"},
144{ENGINE_R_RSA_NOT_IMPLEMENTED ,"rsa not implemented"},
145{ENGINE_R_UNIMPLEMENTED_CIPHER ,"unimplemented cipher"},
146{ENGINE_R_UNIMPLEMENTED_DIGEST ,"unimplemented digest"},
147{ENGINE_R_VERSION_INCOMPATIBILITY ,"version incompatibility"},
148{0,NULL}
149 };
150
151#endif
152
153void ERR_load_ENGINE_strings(void)
154 {
155 static int init=1;
156
157 if (init)
158 {
159 init=0;
160#ifndef OPENSSL_NO_ERR
161 ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_functs);
162 ERR_load_strings(ERR_LIB_ENGINE,ENGINE_str_reasons);
163#endif
164
165 }
166 }
diff --git a/src/lib/libcrypto/engine/eng_fat.c b/src/lib/libcrypto/engine/eng_fat.c
deleted file mode 100644
index 7ccf7022ee..0000000000
--- a/src/lib/libcrypto/engine/eng_fat.c
+++ /dev/null
@@ -1,147 +0,0 @@
1/* crypto/engine/eng_fat.c */
2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/crypto.h>
57#include "cryptlib.h"
58#include "eng_int.h"
59#include <openssl/engine.h>
60#include <openssl/conf.h>
61
62int ENGINE_set_default(ENGINE *e, unsigned int flags)
63 {
64 if((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
65 return 0;
66 if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
67 return 0;
68#ifndef OPENSSL_NO_RSA
69 if((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
70 return 0;
71#endif
72#ifndef OPENSSL_NO_DSA
73 if((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
74 return 0;
75#endif
76#ifndef OPENSSL_NO_DH
77 if((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
78 return 0;
79#endif
80 if((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
81 return 0;
82 return 1;
83 }
84
85/* Set default algorithms using a string */
86
87static int int_def_cb(const char *alg, int len, void *arg)
88 {
89 unsigned int *pflags = arg;
90 if (!strncmp(alg, "ALL", len))
91 *pflags |= ENGINE_METHOD_ALL;
92 else if (!strncmp(alg, "RSA", len))
93 *pflags |= ENGINE_METHOD_RSA;
94 else if (!strncmp(alg, "DSA", len))
95 *pflags |= ENGINE_METHOD_DSA;
96 else if (!strncmp(alg, "DH", len))
97 *pflags |= ENGINE_METHOD_DH;
98 else if (!strncmp(alg, "RAND", len))
99 *pflags |= ENGINE_METHOD_RAND;
100 else if (!strncmp(alg, "CIPHERS", len))
101 *pflags |= ENGINE_METHOD_CIPHERS;
102 else if (!strncmp(alg, "DIGESTS", len))
103 *pflags |= ENGINE_METHOD_DIGESTS;
104 else
105 return 0;
106 return 1;
107 }
108
109
110int ENGINE_set_default_string(ENGINE *e, const char *def_list)
111 {
112 unsigned int flags = 0;
113 if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags))
114 {
115 ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
116 ENGINE_R_INVALID_STRING);
117 ERR_add_error_data(2, "str=",def_list);
118 return 0;
119 }
120 return ENGINE_set_default(e, flags);
121 }
122
123int ENGINE_register_complete(ENGINE *e)
124 {
125 ENGINE_register_ciphers(e);
126 ENGINE_register_digests(e);
127#ifndef OPENSSL_NO_RSA
128 ENGINE_register_RSA(e);
129#endif
130#ifndef OPENSSL_NO_DSA
131 ENGINE_register_DSA(e);
132#endif
133#ifndef OPENSSL_NO_DH
134 ENGINE_register_DH(e);
135#endif
136 ENGINE_register_RAND(e);
137 return 1;
138 }
139
140int ENGINE_register_all_complete(void)
141 {
142 ENGINE *e;
143
144 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
145 ENGINE_register_complete(e);
146 return 1;
147 }
diff --git a/src/lib/libcrypto/engine/eng_init.c b/src/lib/libcrypto/engine/eng_init.c
deleted file mode 100644
index 170c1791b3..0000000000
--- a/src/lib/libcrypto/engine/eng_init.c
+++ /dev/null
@@ -1,157 +0,0 @@
1/* crypto/engine/eng_init.c */
2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/crypto.h>
57#include "cryptlib.h"
58#include "eng_int.h"
59#include <openssl/engine.h>
60
61/* Initialise a engine type for use (or up its functional reference count
62 * if it's already in use). This version is only used internally. */
63int engine_unlocked_init(ENGINE *e)
64 {
65 int to_return = 1;
66
67 if((e->funct_ref == 0) && e->init)
68 /* This is the first functional reference and the engine
69 * requires initialisation so we do it now. */
70 to_return = e->init(e);
71 if(to_return)
72 {
73 /* OK, we return a functional reference which is also a
74 * structural reference. */
75 e->struct_ref++;
76 e->funct_ref++;
77 engine_ref_debug(e, 0, 1)
78 engine_ref_debug(e, 1, 1)
79 }
80 return to_return;
81 }
82
83/* Free a functional reference to a engine type. This version is only used
84 * internally. */
85int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
86 {
87 int to_return = 1;
88
89 /* Reduce the functional reference count here so if it's the terminating
90 * case, we can release the lock safely and call the finish() handler
91 * without risk of a race. We get a race if we leave the count until
92 * after and something else is calling "finish" at the same time -
93 * there's a chance that both threads will together take the count from
94 * 2 to 0 without either calling finish(). */
95 e->funct_ref--;
96 engine_ref_debug(e, 1, -1);
97 if((e->funct_ref == 0) && e->finish)
98 {
99 if(unlock_for_handlers)
100 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
101 to_return = e->finish(e);
102 if(unlock_for_handlers)
103 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
104 if(!to_return)
105 return 0;
106 }
107#ifdef REF_CHECK
108 if(e->funct_ref < 0)
109 {
110 fprintf(stderr,"ENGINE_finish, bad functional reference count\n");
111 abort();
112 }
113#endif
114 /* Release the structural reference too */
115 if(!engine_free_util(e, 0))
116 {
117 ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
118 return 0;
119 }
120 return to_return;
121 }
122
123/* The API (locked) version of "init" */
124int ENGINE_init(ENGINE *e)
125 {
126 int ret;
127 if(e == NULL)
128 {
129 ENGINEerr(ENGINE_F_ENGINE_INIT,ERR_R_PASSED_NULL_PARAMETER);
130 return 0;
131 }
132 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
133 ret = engine_unlocked_init(e);
134 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
135 return ret;
136 }
137
138/* The API (locked) version of "finish" */
139int ENGINE_finish(ENGINE *e)
140 {
141 int to_return = 1;
142
143 if(e == NULL)
144 {
145 ENGINEerr(ENGINE_F_ENGINE_FINISH,ERR_R_PASSED_NULL_PARAMETER);
146 return 0;
147 }
148 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
149 to_return = engine_unlocked_finish(e, 1);
150 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
151 if(!to_return)
152 {
153 ENGINEerr(ENGINE_F_ENGINE_FINISH,ENGINE_R_FINISH_FAILED);
154 return 0;
155 }
156 return to_return;
157 }
diff --git a/src/lib/libcrypto/engine/eng_int.h b/src/lib/libcrypto/engine/eng_int.h
deleted file mode 100644
index 38335f99cd..0000000000
--- a/src/lib/libcrypto/engine/eng_int.h
+++ /dev/null
@@ -1,185 +0,0 @@
1/* crypto/engine/eng_int.h */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_ENGINE_INT_H
60#define HEADER_ENGINE_INT_H
61
62/* Take public definitions from engine.h */
63#include <openssl/engine.h>
64
65#ifdef __cplusplus
66extern "C" {
67#endif
68
69/* If we compile with this symbol defined, then both reference counts in the
70 * ENGINE structure will be monitored with a line of output on stderr for each
71 * change. This prints the engine's pointer address (truncated to unsigned int),
72 * "struct" or "funct" to indicate the reference type, the before and after
73 * reference count, and the file:line-number pair. The "engine_ref_debug"
74 * statements must come *after* the change. */
75#ifdef ENGINE_REF_COUNT_DEBUG
76
77#define engine_ref_debug(e, isfunct, diff) \
78 fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
79 (unsigned int)(e), (isfunct ? "funct" : "struct"), \
80 ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
81 ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
82 (__FILE__), (__LINE__));
83
84#else
85
86#define engine_ref_debug(e, isfunct, diff)
87
88#endif
89
90/* Any code that will need cleanup operations should use these functions to
91 * register callbacks. ENGINE_cleanup() will call all registered callbacks in
92 * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
93 * held (in "write" mode). */
94typedef void (ENGINE_CLEANUP_CB)(void);
95typedef struct st_engine_cleanup_item
96 {
97 ENGINE_CLEANUP_CB *cb;
98 } ENGINE_CLEANUP_ITEM;
99DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
100void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
101void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
102
103/* We need stacks of ENGINEs for use in eng_table.c */
104DECLARE_STACK_OF(ENGINE)
105
106/* If this symbol is defined then engine_table_select(), the function that is
107 * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
108 * functional references (etc), will display debugging summaries to stderr. */
109/* #define ENGINE_TABLE_DEBUG */
110
111/* This represents an implementation table. Dependent code should instantiate it
112 * as a (ENGINE_TABLE *) pointer value set initially to NULL. */
113typedef struct st_engine_table ENGINE_TABLE;
114int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
115 ENGINE *e, const int *nids, int num_nids, int setdefault);
116void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
117void engine_table_cleanup(ENGINE_TABLE **table);
118#ifndef ENGINE_TABLE_DEBUG
119ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
120#else
121ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l);
122#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
123#endif
124
125/* Internal versions of API functions that have control over locking. These are
126 * used between C files when functionality needs to be shared but the caller may
127 * already be controlling of the CRYPTO_LOCK_ENGINE lock. */
128int engine_unlocked_init(ENGINE *e);
129int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
130int engine_free_util(ENGINE *e, int locked);
131
132/* This function will reset all "set"able values in an ENGINE to NULL. This
133 * won't touch reference counts or ex_data, but is equivalent to calling all the
134 * ENGINE_set_***() functions with a NULL value. */
135void engine_set_all_null(ENGINE *e);
136
137/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
138 * in engine.h. */
139
140/* This is a structure for storing implementations of various crypto
141 * algorithms and functions. */
142struct engine_st
143 {
144 const char *id;
145 const char *name;
146 const RSA_METHOD *rsa_meth;
147 const DSA_METHOD *dsa_meth;
148 const DH_METHOD *dh_meth;
149 const RAND_METHOD *rand_meth;
150 /* Cipher handling is via this callback */
151 ENGINE_CIPHERS_PTR ciphers;
152 /* Digest handling is via this callback */
153 ENGINE_DIGESTS_PTR digests;
154
155
156 ENGINE_GEN_INT_FUNC_PTR destroy;
157
158 ENGINE_GEN_INT_FUNC_PTR init;
159 ENGINE_GEN_INT_FUNC_PTR finish;
160 ENGINE_CTRL_FUNC_PTR ctrl;
161 ENGINE_LOAD_KEY_PTR load_privkey;
162 ENGINE_LOAD_KEY_PTR load_pubkey;
163
164 const ENGINE_CMD_DEFN *cmd_defns;
165 int flags;
166 /* reference count on the structure itself */
167 int struct_ref;
168 /* reference count on usability of the engine type. NB: This
169 * controls the loading and initialisation of any functionlity
170 * required by this engine, whereas the previous count is
171 * simply to cope with (de)allocation of this structure. Hence,
172 * running_ref <= struct_ref at all times. */
173 int funct_ref;
174 /* A place to store per-ENGINE data */
175 CRYPTO_EX_DATA ex_data;
176 /* Used to maintain the linked-list of engines. */
177 struct engine_st *prev;
178 struct engine_st *next;
179 };
180
181#ifdef __cplusplus
182}
183#endif
184
185#endif /* HEADER_ENGINE_INT_H */
diff --git a/src/lib/libcrypto/engine/eng_lib.c b/src/lib/libcrypto/engine/eng_lib.c
deleted file mode 100644
index a66d0f08af..0000000000
--- a/src/lib/libcrypto/engine/eng_lib.c
+++ /dev/null
@@ -1,321 +0,0 @@
1/* crypto/engine/eng_lib.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/crypto.h>
60#include "cryptlib.h"
61#include "eng_int.h"
62#include <openssl/rand.h> /* FIXME: This shouldn't be needed */
63#include <openssl/engine.h>
64
65/* The "new"/"free" stuff first */
66
67ENGINE *ENGINE_new(void)
68 {
69 ENGINE *ret;
70
71 ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE));
72 if(ret == NULL)
73 {
74 ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
75 return NULL;
76 }
77 memset(ret, 0, sizeof(ENGINE));
78 ret->struct_ref = 1;
79 engine_ref_debug(ret, 0, 1)
80 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
81 return ret;
82 }
83
84/* Placed here (close proximity to ENGINE_new) so that modifications to the
85 * elements of the ENGINE structure are more likely to be caught and changed
86 * here. */
87void engine_set_all_null(ENGINE *e)
88 {
89 e->id = NULL;
90 e->name = NULL;
91 e->rsa_meth = NULL;
92 e->dsa_meth = NULL;
93 e->dh_meth = NULL;
94 e->rand_meth = NULL;
95 e->ciphers = NULL;
96 e->digests = NULL;
97 e->destroy = NULL;
98 e->init = NULL;
99 e->finish = NULL;
100 e->ctrl = NULL;
101 e->load_privkey = NULL;
102 e->load_pubkey = NULL;
103 e->cmd_defns = NULL;
104 e->flags = 0;
105 }
106
107int engine_free_util(ENGINE *e, int locked)
108 {
109 int i;
110
111 if(e == NULL)
112 {
113 ENGINEerr(ENGINE_F_ENGINE_FREE,
114 ERR_R_PASSED_NULL_PARAMETER);
115 return 0;
116 }
117 if(locked)
118 i = CRYPTO_add(&e->struct_ref,-1,CRYPTO_LOCK_ENGINE);
119 else
120 i = --e->struct_ref;
121 engine_ref_debug(e, 0, -1)
122 if (i > 0) return 1;
123#ifdef REF_CHECK
124 if (i < 0)
125 {
126 fprintf(stderr,"ENGINE_free, bad structural reference count\n");
127 abort();
128 }
129#endif
130 /* Give the ENGINE a chance to do any structural cleanup corresponding
131 * to allocation it did in its constructor (eg. unload error strings) */
132 if(e->destroy)
133 e->destroy(e);
134 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
135 OPENSSL_free(e);
136 return 1;
137 }
138
139int ENGINE_free(ENGINE *e)
140 {
141 return engine_free_util(e, 1);
142 }
143
144/* Cleanup stuff */
145
146/* ENGINE_cleanup() is coded such that anything that does work that will need
147 * cleanup can register a "cleanup" callback here. That way we don't get linker
148 * bloat by referring to all *possible* cleanups, but any linker bloat into code
149 * "X" will cause X's cleanup function to end up here. */
150static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
151static int int_cleanup_check(int create)
152 {
153 if(cleanup_stack) return 1;
154 if(!create) return 0;
155 cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
156 return (cleanup_stack ? 1 : 0);
157 }
158static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb)
159 {
160 ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof(
161 ENGINE_CLEANUP_ITEM));
162 if(!item) return NULL;
163 item->cb = cb;
164 return item;
165 }
166void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
167 {
168 ENGINE_CLEANUP_ITEM *item;
169 if(!int_cleanup_check(1)) return;
170 item = int_cleanup_item(cb);
171 if(item)
172 sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
173 }
174void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
175 {
176 ENGINE_CLEANUP_ITEM *item;
177 if(!int_cleanup_check(1)) return;
178 item = int_cleanup_item(cb);
179 if(item)
180 sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
181 }
182/* The API function that performs all cleanup */
183static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
184 {
185 (*(item->cb))();
186 OPENSSL_free(item);
187 }
188void ENGINE_cleanup(void)
189 {
190 if(int_cleanup_check(0))
191 {
192 sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
193 engine_cleanup_cb_free);
194 cleanup_stack = NULL;
195 }
196 /* FIXME: This should be handled (somehow) through RAND, eg. by it
197 * registering a cleanup callback. */
198 RAND_set_rand_method(NULL);
199 }
200
201/* Now the "ex_data" support */
202
203int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
204 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
205 {
206 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
207 new_func, dup_func, free_func);
208 }
209
210int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
211 {
212 return(CRYPTO_set_ex_data(&e->ex_data, idx, arg));
213 }
214
215void *ENGINE_get_ex_data(const ENGINE *e, int idx)
216 {
217 return(CRYPTO_get_ex_data(&e->ex_data, idx));
218 }
219
220/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
221 * ENGINE structure itself. */
222
223int ENGINE_set_id(ENGINE *e, const char *id)
224 {
225 if(id == NULL)
226 {
227 ENGINEerr(ENGINE_F_ENGINE_SET_ID,
228 ERR_R_PASSED_NULL_PARAMETER);
229 return 0;
230 }
231 e->id = id;
232 return 1;
233 }
234
235int ENGINE_set_name(ENGINE *e, const char *name)
236 {
237 if(name == NULL)
238 {
239 ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
240 ERR_R_PASSED_NULL_PARAMETER);
241 return 0;
242 }
243 e->name = name;
244 return 1;
245 }
246
247int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
248 {
249 e->destroy = destroy_f;
250 return 1;
251 }
252
253int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
254 {
255 e->init = init_f;
256 return 1;
257 }
258
259int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
260 {
261 e->finish = finish_f;
262 return 1;
263 }
264
265int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
266 {
267 e->ctrl = ctrl_f;
268 return 1;
269 }
270
271int ENGINE_set_flags(ENGINE *e, int flags)
272 {
273 e->flags = flags;
274 return 1;
275 }
276
277int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
278 {
279 e->cmd_defns = defns;
280 return 1;
281 }
282
283const char *ENGINE_get_id(const ENGINE *e)
284 {
285 return e->id;
286 }
287
288const char *ENGINE_get_name(const ENGINE *e)
289 {
290 return e->name;
291 }
292
293ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e)
294 {
295 return e->destroy;
296 }
297
298ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e)
299 {
300 return e->init;
301 }
302
303ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e)
304 {
305 return e->finish;
306 }
307
308ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e)
309 {
310 return e->ctrl;
311 }
312
313int ENGINE_get_flags(const ENGINE *e)
314 {
315 return e->flags;
316 }
317
318const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e)
319 {
320 return e->cmd_defns;
321 }
diff --git a/src/lib/libcrypto/engine/eng_list.c b/src/lib/libcrypto/engine/eng_list.c
deleted file mode 100644
index 1cc3217f4c..0000000000
--- a/src/lib/libcrypto/engine/eng_list.c
+++ /dev/null
@@ -1,394 +0,0 @@
1/* crypto/engine/eng_list.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/crypto.h>
60#include "cryptlib.h"
61#include "eng_int.h"
62#include <openssl/engine.h>
63
64/* The linked-list of pointers to engine types. engine_list_head
65 * incorporates an implicit structural reference but engine_list_tail
66 * does not - the latter is a computational niceity and only points
67 * to something that is already pointed to by its predecessor in the
68 * list (or engine_list_head itself). In the same way, the use of the
69 * "prev" pointer in each ENGINE is to save excessive list iteration,
70 * it doesn't correspond to an extra structural reference. Hence,
71 * engine_list_head, and each non-null "next" pointer account for
72 * the list itself assuming exactly 1 structural reference on each
73 * list member. */
74static ENGINE *engine_list_head = NULL;
75static ENGINE *engine_list_tail = NULL;
76
77/* This cleanup function is only needed internally. If it should be called, we
78 * register it with the "ENGINE_cleanup()" stack to be called during cleanup. */
79
80static void engine_list_cleanup(void)
81 {
82 ENGINE *iterator = engine_list_head;
83
84 while(iterator != NULL)
85 {
86 ENGINE_remove(iterator);
87 iterator = engine_list_head;
88 }
89 return;
90 }
91
92/* These static functions starting with a lower case "engine_" always
93 * take place when CRYPTO_LOCK_ENGINE has been locked up. */
94static int engine_list_add(ENGINE *e)
95 {
96 int conflict = 0;
97 ENGINE *iterator = NULL;
98
99 if(e == NULL)
100 {
101 ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
102 ERR_R_PASSED_NULL_PARAMETER);
103 return 0;
104 }
105 iterator = engine_list_head;
106 while(iterator && !conflict)
107 {
108 conflict = (strcmp(iterator->id, e->id) == 0);
109 iterator = iterator->next;
110 }
111 if(conflict)
112 {
113 ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
114 ENGINE_R_CONFLICTING_ENGINE_ID);
115 return 0;
116 }
117 if(engine_list_head == NULL)
118 {
119 /* We are adding to an empty list. */
120 if(engine_list_tail)
121 {
122 ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
123 ENGINE_R_INTERNAL_LIST_ERROR);
124 return 0;
125 }
126 engine_list_head = e;
127 e->prev = NULL;
128 /* The first time the list allocates, we should register the
129 * cleanup. */
130 engine_cleanup_add_last(engine_list_cleanup);
131 }
132 else
133 {
134 /* We are adding to the tail of an existing list. */
135 if((engine_list_tail == NULL) ||
136 (engine_list_tail->next != NULL))
137 {
138 ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
139 ENGINE_R_INTERNAL_LIST_ERROR);
140 return 0;
141 }
142 engine_list_tail->next = e;
143 e->prev = engine_list_tail;
144 }
145 /* Having the engine in the list assumes a structural
146 * reference. */
147 e->struct_ref++;
148 engine_ref_debug(e, 0, 1)
149 /* However it came to be, e is the last item in the list. */
150 engine_list_tail = e;
151 e->next = NULL;
152 return 1;
153 }
154
155static int engine_list_remove(ENGINE *e)
156 {
157 ENGINE *iterator;
158
159 if(e == NULL)
160 {
161 ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
162 ERR_R_PASSED_NULL_PARAMETER);
163 return 0;
164 }
165 /* We need to check that e is in our linked list! */
166 iterator = engine_list_head;
167 while(iterator && (iterator != e))
168 iterator = iterator->next;
169 if(iterator == NULL)
170 {
171 ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
172 ENGINE_R_ENGINE_IS_NOT_IN_LIST);
173 return 0;
174 }
175 /* un-link e from the chain. */
176 if(e->next)
177 e->next->prev = e->prev;
178 if(e->prev)
179 e->prev->next = e->next;
180 /* Correct our head/tail if necessary. */
181 if(engine_list_head == e)
182 engine_list_head = e->next;
183 if(engine_list_tail == e)
184 engine_list_tail = e->prev;
185 engine_free_util(e, 0);
186 return 1;
187 }
188
189/* Get the first/last "ENGINE" type available. */
190ENGINE *ENGINE_get_first(void)
191 {
192 ENGINE *ret;
193
194 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
195 ret = engine_list_head;
196 if(ret)
197 {
198 ret->struct_ref++;
199 engine_ref_debug(ret, 0, 1)
200 }
201 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
202 return ret;
203 }
204
205ENGINE *ENGINE_get_last(void)
206 {
207 ENGINE *ret;
208
209 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
210 ret = engine_list_tail;
211 if(ret)
212 {
213 ret->struct_ref++;
214 engine_ref_debug(ret, 0, 1)
215 }
216 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
217 return ret;
218 }
219
220/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
221ENGINE *ENGINE_get_next(ENGINE *e)
222 {
223 ENGINE *ret = NULL;
224 if(e == NULL)
225 {
226 ENGINEerr(ENGINE_F_ENGINE_GET_NEXT,
227 ERR_R_PASSED_NULL_PARAMETER);
228 return 0;
229 }
230 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
231 ret = e->next;
232 if(ret)
233 {
234 /* Return a valid structural refernce to the next ENGINE */
235 ret->struct_ref++;
236 engine_ref_debug(ret, 0, 1)
237 }
238 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
239 /* Release the structural reference to the previous ENGINE */
240 ENGINE_free(e);
241 return ret;
242 }
243
244ENGINE *ENGINE_get_prev(ENGINE *e)
245 {
246 ENGINE *ret = NULL;
247 if(e == NULL)
248 {
249 ENGINEerr(ENGINE_F_ENGINE_GET_PREV,
250 ERR_R_PASSED_NULL_PARAMETER);
251 return 0;
252 }
253 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
254 ret = e->prev;
255 if(ret)
256 {
257 /* Return a valid structural reference to the next ENGINE */
258 ret->struct_ref++;
259 engine_ref_debug(ret, 0, 1)
260 }
261 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
262 /* Release the structural reference to the previous ENGINE */
263 ENGINE_free(e);
264 return ret;
265 }
266
267/* Add another "ENGINE" type into the list. */
268int ENGINE_add(ENGINE *e)
269 {
270 int to_return = 1;
271 if(e == NULL)
272 {
273 ENGINEerr(ENGINE_F_ENGINE_ADD,
274 ERR_R_PASSED_NULL_PARAMETER);
275 return 0;
276 }
277 if((e->id == NULL) || (e->name == NULL))
278 {
279 ENGINEerr(ENGINE_F_ENGINE_ADD,
280 ENGINE_R_ID_OR_NAME_MISSING);
281 }
282 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
283 if(!engine_list_add(e))
284 {
285 ENGINEerr(ENGINE_F_ENGINE_ADD,
286 ENGINE_R_INTERNAL_LIST_ERROR);
287 to_return = 0;
288 }
289 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
290 return to_return;
291 }
292
293/* Remove an existing "ENGINE" type from the array. */
294int ENGINE_remove(ENGINE *e)
295 {
296 int to_return = 1;
297 if(e == NULL)
298 {
299 ENGINEerr(ENGINE_F_ENGINE_REMOVE,
300 ERR_R_PASSED_NULL_PARAMETER);
301 return 0;
302 }
303 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
304 if(!engine_list_remove(e))
305 {
306 ENGINEerr(ENGINE_F_ENGINE_REMOVE,
307 ENGINE_R_INTERNAL_LIST_ERROR);
308 to_return = 0;
309 }
310 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
311 return to_return;
312 }
313
314static void engine_cpy(ENGINE *dest, const ENGINE *src)
315 {
316 dest->id = src->id;
317 dest->name = src->name;
318#ifndef OPENSSL_NO_RSA
319 dest->rsa_meth = src->rsa_meth;
320#endif
321#ifndef OPENSSL_NO_DSA
322 dest->dsa_meth = src->dsa_meth;
323#endif
324#ifndef OPENSSL_NO_DH
325 dest->dh_meth = src->dh_meth;
326#endif
327 dest->rand_meth = src->rand_meth;
328 dest->ciphers = src->ciphers;
329 dest->digests = src->digests;
330 dest->destroy = src->destroy;
331 dest->init = src->init;
332 dest->finish = src->finish;
333 dest->ctrl = src->ctrl;
334 dest->load_privkey = src->load_privkey;
335 dest->load_pubkey = src->load_pubkey;
336 dest->cmd_defns = src->cmd_defns;
337 dest->flags = src->flags;
338 }
339
340ENGINE *ENGINE_by_id(const char *id)
341 {
342 ENGINE *iterator;
343 if(id == NULL)
344 {
345 ENGINEerr(ENGINE_F_ENGINE_BY_ID,
346 ERR_R_PASSED_NULL_PARAMETER);
347 return NULL;
348 }
349 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
350 iterator = engine_list_head;
351 while(iterator && (strcmp(id, iterator->id) != 0))
352 iterator = iterator->next;
353 if(iterator)
354 {
355 /* We need to return a structural reference. If this is an
356 * ENGINE type that returns copies, make a duplicate - otherwise
357 * increment the existing ENGINE's reference count. */
358 if(iterator->flags & ENGINE_FLAGS_BY_ID_COPY)
359 {
360 ENGINE *cp = ENGINE_new();
361 if(!cp)
362 iterator = NULL;
363 else
364 {
365 engine_cpy(cp, iterator);
366 iterator = cp;
367 }
368 }
369 else
370 {
371 iterator->struct_ref++;
372 engine_ref_debug(iterator, 0, 1)
373 }
374 }
375 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
376 if(iterator == NULL)
377 {
378 ENGINEerr(ENGINE_F_ENGINE_BY_ID,
379 ENGINE_R_NO_SUCH_ENGINE);
380 ERR_add_error_data(2, "id=", id);
381 }
382 return iterator;
383 }
384
385int ENGINE_up_ref(ENGINE *e)
386 {
387 if (e == NULL)
388 {
389 ENGINEerr(ENGINE_F_ENGINE_UP_REF,ERR_R_PASSED_NULL_PARAMETER);
390 return 0;
391 }
392 CRYPTO_add(&e->struct_ref,1,CRYPTO_LOCK_ENGINE);
393 return 1;
394 }
diff --git a/src/lib/libcrypto/engine/eng_openssl.c b/src/lib/libcrypto/engine/eng_openssl.c
deleted file mode 100644
index 54579eea2e..0000000000
--- a/src/lib/libcrypto/engine/eng_openssl.c
+++ /dev/null
@@ -1,361 +0,0 @@
1/* crypto/engine/eng_openssl.c */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stdio.h>
61#include <openssl/crypto.h>
62#include "cryptlib.h"
63#include <openssl/engine.h>
64#include <openssl/dso.h>
65#include <openssl/pem.h>
66#include <openssl/evp.h>
67
68/* This testing gunk is implemented (and explained) lower down. It also assumes
69 * the application explicitly calls "ENGINE_load_openssl()" because this is no
70 * longer automatic in ENGINE_load_builtin_engines(). */
71#define TEST_ENG_OPENSSL_RC4
72#define TEST_ENG_OPENSSL_PKEY
73/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
74#define TEST_ENG_OPENSSL_RC4_P_INIT
75/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
76#define TEST_ENG_OPENSSL_SHA
77/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
78/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
79/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
80/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
81
82/* Now check what of those algorithms are actually enabled */
83#ifdef OPENSSL_NO_RC4
84#undef TEST_ENG_OPENSSL_RC4
85#undef TEST_ENG_OPENSSL_RC4_OTHERS
86#undef TEST_ENG_OPENSSL_RC4_P_INIT
87#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
88#endif
89#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
90#undef TEST_ENG_OPENSSL_SHA
91#undef TEST_ENG_OPENSSL_SHA_OTHERS
92#undef TEST_ENG_OPENSSL_SHA_P_INIT
93#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
94#undef TEST_ENG_OPENSSL_SHA_P_FINAL
95#endif
96
97#ifdef TEST_ENG_OPENSSL_RC4
98static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
99 const int **nids, int nid);
100#endif
101#ifdef TEST_ENG_OPENSSL_SHA
102static int openssl_digests(ENGINE *e, const EVP_MD **digest,
103 const int **nids, int nid);
104#endif
105
106#ifdef TEST_ENG_OPENSSL_PKEY
107static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
108 UI_METHOD *ui_method, void *callback_data);
109#endif
110
111/* The constants used when creating the ENGINE */
112static const char *engine_openssl_id = "openssl";
113static const char *engine_openssl_name = "Software engine support";
114
115/* This internal function is used by ENGINE_openssl() and possibly by the
116 * "dynamic" ENGINE support too */
117static int bind_helper(ENGINE *e)
118 {
119 if(!ENGINE_set_id(e, engine_openssl_id)
120 || !ENGINE_set_name(e, engine_openssl_name)
121#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
122#ifndef OPENSSL_NO_RSA
123 || !ENGINE_set_RSA(e, RSA_get_default_method())
124#endif
125#ifndef OPENSSL_NO_DSA
126 || !ENGINE_set_DSA(e, DSA_get_default_method())
127#endif
128#ifndef OPENSSL_NO_DH
129 || !ENGINE_set_DH(e, DH_get_default_method())
130#endif
131 || !ENGINE_set_RAND(e, RAND_SSLeay())
132#ifdef TEST_ENG_OPENSSL_RC4
133 || !ENGINE_set_ciphers(e, openssl_ciphers)
134#endif
135#ifdef TEST_ENG_OPENSSL_SHA
136 || !ENGINE_set_digests(e, openssl_digests)
137#endif
138#endif
139#ifdef TEST_ENG_OPENSSL_PKEY
140 || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
141#endif
142 )
143 return 0;
144 /* If we add errors to this ENGINE, ensure the error handling is setup here */
145 /* openssl_load_error_strings(); */
146 return 1;
147 }
148
149static ENGINE *engine_openssl(void)
150 {
151 ENGINE *ret = ENGINE_new();
152 if(!ret)
153 return NULL;
154 if(!bind_helper(ret))
155 {
156 ENGINE_free(ret);
157 return NULL;
158 }
159 return ret;
160 }
161
162void ENGINE_load_openssl(void)
163 {
164 ENGINE *toadd = engine_openssl();
165 if(!toadd) return;
166 ENGINE_add(toadd);
167 /* If the "add" worked, it gets a structural reference. So either way,
168 * we release our just-created reference. */
169 ENGINE_free(toadd);
170 ERR_clear_error();
171 }
172
173/* This stuff is needed if this ENGINE is being compiled into a self-contained
174 * shared-library. */
175#ifdef ENGINE_DYNAMIC_SUPPORT
176static int bind_fn(ENGINE *e, const char *id)
177 {
178 if(id && (strcmp(id, engine_openssl_id) != 0))
179 return 0;
180 if(!bind_helper(e))
181 return 0;
182 return 1;
183 }
184IMPLEMENT_DYNAMIC_CHECK_FN()
185IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
186#endif /* ENGINE_DYNAMIC_SUPPORT */
187
188#ifdef TEST_ENG_OPENSSL_RC4
189/* This section of code compiles an "alternative implementation" of two modes of
190 * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
191 * should under normal circumstances go via this support rather than the default
192 * EVP support. There are other symbols to tweak the testing;
193 * TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
194 * we're asked for a cipher we don't support (should not happen).
195 * TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
196 * the "init_key" handler is called.
197 * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
198 */
199#include <openssl/rc4.h>
200#define TEST_RC4_KEY_SIZE 16
201static int test_cipher_nids[] = {NID_rc4,NID_rc4_40};
202static int test_cipher_nids_number = 2;
203typedef struct {
204 unsigned char key[TEST_RC4_KEY_SIZE];
205 RC4_KEY ks;
206 } TEST_RC4_KEY;
207#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
208static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
209 const unsigned char *iv, int enc)
210 {
211#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
212 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
213#endif
214 memcpy(&test(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx));
215 RC4_set_key(&test(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
216 test(ctx)->key);
217 return 1;
218 }
219static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
220 const unsigned char *in, unsigned int inl)
221 {
222#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
223 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
224#endif
225 RC4(&test(ctx)->ks,inl,in,out);
226 return 1;
227 }
228static const EVP_CIPHER test_r4_cipher=
229 {
230 NID_rc4,
231 1,TEST_RC4_KEY_SIZE,0,
232 EVP_CIPH_VARIABLE_LENGTH,
233 test_rc4_init_key,
234 test_rc4_cipher,
235 NULL,
236 sizeof(TEST_RC4_KEY),
237 NULL,
238 NULL,
239 NULL
240 };
241static const EVP_CIPHER test_r4_40_cipher=
242 {
243 NID_rc4_40,
244 1,5 /* 40 bit */,0,
245 EVP_CIPH_VARIABLE_LENGTH,
246 test_rc4_init_key,
247 test_rc4_cipher,
248 NULL,
249 sizeof(TEST_RC4_KEY),
250 NULL,
251 NULL,
252 NULL
253 };
254static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
255 const int **nids, int nid)
256 {
257 if(!cipher)
258 {
259 /* We are returning a list of supported nids */
260 *nids = test_cipher_nids;
261 return test_cipher_nids_number;
262 }
263 /* We are being asked for a specific cipher */
264 if(nid == NID_rc4)
265 *cipher = &test_r4_cipher;
266 else if(nid == NID_rc4_40)
267 *cipher = &test_r4_40_cipher;
268 else
269 {
270#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
271 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
272 "nid %d\n", nid);
273#endif
274 *cipher = NULL;
275 return 0;
276 }
277 return 1;
278 }
279#endif
280
281#ifdef TEST_ENG_OPENSSL_SHA
282/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
283#include <openssl/sha.h>
284static int test_digest_nids[] = {NID_sha1};
285static int test_digest_nids_number = 1;
286static int test_sha1_init(EVP_MD_CTX *ctx)
287 {
288#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
289 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
290#endif
291 return SHA1_Init(ctx->md_data);
292 }
293static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
294 {
295#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
296 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
297#endif
298 return SHA1_Update(ctx->md_data,data,count);
299 }
300static int test_sha1_final(EVP_MD_CTX *ctx,unsigned char *md)
301 {
302#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
303 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
304#endif
305 return SHA1_Final(md,ctx->md_data);
306 }
307static const EVP_MD test_sha_md=
308 {
309 NID_sha1,
310 NID_sha1WithRSAEncryption,
311 SHA_DIGEST_LENGTH,
312 0,
313 test_sha1_init,
314 test_sha1_update,
315 test_sha1_final,
316 NULL,
317 NULL,
318 EVP_PKEY_RSA_method,
319 SHA_CBLOCK,
320 sizeof(EVP_MD *)+sizeof(SHA_CTX),
321 };
322static int openssl_digests(ENGINE *e, const EVP_MD **digest,
323 const int **nids, int nid)
324 {
325 if(!digest)
326 {
327 /* We are returning a list of supported nids */
328 *nids = test_digest_nids;
329 return test_digest_nids_number;
330 }
331 /* We are being asked for a specific digest */
332 if(nid == NID_sha1)
333 *digest = &test_sha_md;
334 else
335 {
336#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
337 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
338 "nid %d\n", nid);
339#endif
340 *digest = NULL;
341 return 0;
342 }
343 return 1;
344 }
345#endif
346
347#ifdef TEST_ENG_OPENSSL_PKEY
348static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
349 UI_METHOD *ui_method, void *callback_data)
350 {
351 BIO *in;
352 EVP_PKEY *key;
353 fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id);
354 in = BIO_new_file(key_id, "r");
355 if (!in)
356 return NULL;
357 key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
358 BIO_free(in);
359 return key;
360 }
361#endif
diff --git a/src/lib/libcrypto/engine/eng_pkey.c b/src/lib/libcrypto/engine/eng_pkey.c
deleted file mode 100644
index 8c69171511..0000000000
--- a/src/lib/libcrypto/engine/eng_pkey.c
+++ /dev/null
@@ -1,157 +0,0 @@
1/* crypto/engine/eng_pkey.c */
2/* ====================================================================
3 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include <openssl/crypto.h>
57#include "cryptlib.h"
58#include "eng_int.h"
59#include <openssl/engine.h>
60
61/* Basic get/set stuff */
62
63int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
64 {
65 e->load_privkey = loadpriv_f;
66 return 1;
67 }
68
69int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
70 {
71 e->load_pubkey = loadpub_f;
72 return 1;
73 }
74
75ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
76 {
77 return e->load_privkey;
78 }
79
80ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
81 {
82 return e->load_pubkey;
83 }
84
85/* API functions to load public/private keys */
86
87EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
88 UI_METHOD *ui_method, void *callback_data)
89 {
90 EVP_PKEY *pkey;
91
92 if(e == NULL)
93 {
94 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
95 ERR_R_PASSED_NULL_PARAMETER);
96 return 0;
97 }
98 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
99 if(e->funct_ref == 0)
100 {
101 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
102 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
103 ENGINE_R_NOT_INITIALISED);
104 return 0;
105 }
106 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
107 if (!e->load_privkey)
108 {
109 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
110 ENGINE_R_NO_LOAD_FUNCTION);
111 return 0;
112 }
113 pkey = e->load_privkey(e, key_id, ui_method, callback_data);
114 if (!pkey)
115 {
116 ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
117 ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
118 return 0;
119 }
120 return pkey;
121 }
122
123EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
124 UI_METHOD *ui_method, void *callback_data)
125 {
126 EVP_PKEY *pkey;
127
128 if(e == NULL)
129 {
130 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
131 ERR_R_PASSED_NULL_PARAMETER);
132 return 0;
133 }
134 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
135 if(e->funct_ref == 0)
136 {
137 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
138 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
139 ENGINE_R_NOT_INITIALISED);
140 return 0;
141 }
142 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
143 if (!e->load_pubkey)
144 {
145 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
146 ENGINE_R_NO_LOAD_FUNCTION);
147 return 0;
148 }
149 pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
150 if (!pkey)
151 {
152 ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
153 ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
154 return 0;
155 }
156 return pkey;
157 }
diff --git a/src/lib/libcrypto/engine/eng_table.c b/src/lib/libcrypto/engine/eng_table.c
deleted file mode 100644
index c69a84a8bf..0000000000
--- a/src/lib/libcrypto/engine/eng_table.c
+++ /dev/null
@@ -1,361 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* This is the type of item in the 'implementation' table. Each 'nid' hashes to
60 * a (potentially NULL) ENGINE_PILE structure which contains a stack of ENGINE*
61 * pointers. These pointers aren't references, because they're inserted and
62 * removed during ENGINE creation and ENGINE destruction. They point to ENGINEs
63 * that *exist* (ie. have a structural reference count greater than zero) rather
64 * than ENGINEs that are *functional*. Each pointer in those stacks are to
65 * ENGINEs that implements the algorithm corresponding to each 'nid'. */
66
67/* The type of the items in the table */
68typedef struct st_engine_pile
69 {
70 /* The 'nid' of the algorithm/mode this ENGINE_PILE structure represents
71 * */
72 int nid;
73 /* A stack of ENGINE pointers for ENGINEs that support this
74 * algorithm/mode. In the event that 'funct' is NULL, the first entry in
75 * this stack that initialises will be set as 'funct' and assumed as the
76 * default for operations of this type. */
77 STACK_OF(ENGINE) *sk;
78 /* The default ENGINE to perform this algorithm/mode. */
79 ENGINE *funct;
80 /* This value optimises engine_table_select(). If it is called it sets
81 * this value to 1. Any changes to this ENGINE_PILE resets it to zero.
82 * As such, no ENGINE_init() thrashing is done unless ENGINEs
83 * continually register (and/or unregister). */
84 int uptodate;
85 } ENGINE_PILE;
86
87/* The type of the hash table of ENGINE_PILE structures such that each are
88 * unique and keyed by the 'nid' value. */
89struct st_engine_table
90 {
91 LHASH piles;
92 }; /* ENGINE_TABLE */
93
94/* This value stores global options controlling behaviour of (mostly) the
95 * engine_table_select() function. It's a bitmask of flag values of the form
96 * ENGINE_TABLE_FLAG_*** (as defined in engine.h) and is controlled by the
97 * ENGINE_[get|set]_table_flags() function. */
98static unsigned int table_flags = 0;
99
100/* API function manipulating 'table_flags' */
101unsigned int ENGINE_get_table_flags(void)
102 {
103 return table_flags;
104 }
105void ENGINE_set_table_flags(unsigned int flags)
106 {
107 table_flags = flags;
108 }
109
110/* Internal functions for the "piles" hash table */
111static unsigned long engine_pile_hash(const ENGINE_PILE *c)
112 {
113 return c->nid;
114 }
115static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
116 {
117 return a->nid - b->nid;
118 }
119static IMPLEMENT_LHASH_HASH_FN(engine_pile_hash, const ENGINE_PILE *)
120static IMPLEMENT_LHASH_COMP_FN(engine_pile_cmp, const ENGINE_PILE *)
121static int int_table_check(ENGINE_TABLE **t, int create)
122 {
123 LHASH *lh;
124 if(*t)
125 return 1;
126 if(!create)
127 return 0;
128 if((lh = lh_new(LHASH_HASH_FN(engine_pile_hash),
129 LHASH_COMP_FN(engine_pile_cmp))) == NULL)
130 return 0;
131 *t = (ENGINE_TABLE *)lh;
132 return 1;
133 }
134
135/* Privately exposed (via eng_int.h) functions for adding and/or removing
136 * ENGINEs from the implementation table */
137int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
138 ENGINE *e, const int *nids, int num_nids, int setdefault)
139 {
140 int ret = 0, added = 0;
141 ENGINE_PILE tmplate, *fnd;
142 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
143 if(!(*table))
144 added = 1;
145 if(!int_table_check(table, 1))
146 goto end;
147 if(added)
148 /* The cleanup callback needs to be added */
149 engine_cleanup_add_first(cleanup);
150 while(num_nids--)
151 {
152 tmplate.nid = *nids;
153 fnd = lh_retrieve(&(*table)->piles, &tmplate);
154 if(!fnd)
155 {
156 fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
157 if(!fnd)
158 goto end;
159 fnd->uptodate = 1;
160 fnd->nid = *nids;
161 fnd->sk = sk_ENGINE_new_null();
162 if(!fnd->sk)
163 {
164 OPENSSL_free(fnd);
165 goto end;
166 }
167 fnd->funct= NULL;
168 lh_insert(&(*table)->piles, fnd);
169 }
170 /* A registration shouldn't add duplciate entries */
171 sk_ENGINE_delete_ptr(fnd->sk, e);
172 /* if 'setdefault', this ENGINE goes to the head of the list */
173 if(!sk_ENGINE_push(fnd->sk, e))
174 goto end;
175 /* "touch" this ENGINE_PILE */
176 fnd->uptodate = 0;
177 if(setdefault)
178 {
179 if(!engine_unlocked_init(e))
180 {
181 ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
182 ENGINE_R_INIT_FAILED);
183 goto end;
184 }
185 if(fnd->funct)
186 engine_unlocked_finish(fnd->funct, 0);
187 fnd->funct = e;
188 }
189 nids++;
190 }
191 ret = 1;
192end:
193 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
194 return ret;
195 }
196static void int_unregister_cb(ENGINE_PILE *pile, ENGINE *e)
197 {
198 int n;
199 /* Iterate the 'c->sk' stack removing any occurance of 'e' */
200 while((n = sk_ENGINE_find(pile->sk, e)) >= 0)
201 {
202 sk_ENGINE_delete(pile->sk, n);
203 /* "touch" this ENGINE_CIPHER */
204 pile->uptodate = 0;
205 }
206 if(pile->funct == e)
207 {
208 engine_unlocked_finish(e, 0);
209 pile->funct = NULL;
210 }
211 }
212static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb,ENGINE_PILE *,ENGINE *)
213void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
214 {
215 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
216 if(int_table_check(table, 0))
217 lh_doall_arg(&(*table)->piles,
218 LHASH_DOALL_ARG_FN(int_unregister_cb), e);
219 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
220 }
221
222static void int_cleanup_cb(ENGINE_PILE *p)
223 {
224 sk_ENGINE_free(p->sk);
225 if(p->funct)
226 engine_unlocked_finish(p->funct, 0);
227 OPENSSL_free(p);
228 }
229static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb,ENGINE_PILE *)
230void engine_table_cleanup(ENGINE_TABLE **table)
231 {
232 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
233 if(*table)
234 {
235 lh_doall(&(*table)->piles, LHASH_DOALL_FN(int_cleanup_cb));
236 lh_free(&(*table)->piles);
237 *table = NULL;
238 }
239 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
240 }
241
242/* Exposed API function to get a functional reference from the implementation
243 * table (ie. try to get a functional reference from the tabled structural
244 * references) for a given cipher 'nid' */
245#ifndef ENGINE_TABLE_DEBUG
246ENGINE *engine_table_select(ENGINE_TABLE **table, int nid)
247#else
248ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
249#endif
250 {
251 ENGINE *ret = NULL;
252 ENGINE_PILE tmplate, *fnd=NULL;
253 int initres, loop = 0;
254
255 /* If 'engine_ciphers' is NULL, then it's absolutely *sure* that no
256 * ENGINEs have registered any implementations! */
257 if(!(*table))
258 {
259#ifdef ENGINE_TABLE_DEBUG
260 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
261 "registered for anything!\n", f, l, nid);
262#endif
263 return NULL;
264 }
265 CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
266 /* Check again inside the lock otherwise we could race against cleanup
267 * operations. But don't worry about a fprintf(stderr). */
268 if(!int_table_check(table, 0))
269 goto end;
270 tmplate.nid = nid;
271 fnd = lh_retrieve(&(*table)->piles, &tmplate);
272 if(!fnd)
273 goto end;
274 if(fnd->funct && engine_unlocked_init(fnd->funct))
275 {
276#ifdef ENGINE_TABLE_DEBUG
277 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
278 "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
279#endif
280 ret = fnd->funct;
281 goto end;
282 }
283 if(fnd->uptodate)
284 {
285 ret = fnd->funct;
286 goto end;
287 }
288trynext:
289 ret = sk_ENGINE_value(fnd->sk, loop++);
290 if(!ret)
291 {
292#ifdef ENGINE_TABLE_DEBUG
293 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
294 "registered implementations would initialise\n",
295 f, l, nid);
296#endif
297 goto end;
298 }
299#if 0
300 /* Don't need to get a reference if we hold the lock. If the locking has
301 * to change in future, that would be different ... */
302 ret->struct_ref++; engine_ref_debug(ret, 0, 1)
303#endif
304 /* Try and initialise the ENGINE if it's already functional *or* if the
305 * ENGINE_TABLE_FLAG_NOINIT flag is not set. */
306 if((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
307 initres = engine_unlocked_init(ret);
308 else
309 initres = 0;
310#if 0
311 /* Release the structural reference */
312 ret->struct_ref--; engine_ref_debug(ret, 0, -1);
313#endif
314 if(initres)
315 {
316 /* If we didn't have a default (functional reference) for this
317 * 'nid' (or we had one but for whatever reason we're now
318 * initialising a different one), use this opportunity to set
319 * 'funct'. */
320 if((fnd->funct != ret) && engine_unlocked_init(ret))
321 {
322 /* If there was a previous default we release it. */
323 if(fnd->funct)
324 engine_unlocked_finish(fnd->funct, 0);
325 /* We got an extra functional reference for the
326 * per-'nid' default */
327 fnd->funct = ret;
328#ifdef ENGINE_TABLE_DEBUG
329 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
330 "setting default to '%s'\n", f, l, nid, ret->id);
331#endif
332 }
333#ifdef ENGINE_TABLE_DEBUG
334 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
335 "newly initialised '%s'\n", f, l, nid, ret->id);
336#endif
337 goto end;
338 }
339 goto trynext;
340end:
341 /* Whatever happened - we should "untouch" our uptodate file seeing as
342 * we have tried our best to find a functional reference for 'nid'. If
343 * it failed, it is unlikely to succeed again until some future
344 * registrations (or unregistrations) have taken place that affect that
345 * 'nid'. */
346 if(fnd)
347 fnd->uptodate = 1;
348#ifdef ENGINE_TABLE_DEBUG
349 if(ret)
350 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
351 "ENGINE '%s'\n", f, l, nid, ret->id);
352 else
353 fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
354 "'no matching ENGINE'\n", f, l, nid);
355#endif
356 CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
357 /* Whatever happened, any failed init()s are not failures in this
358 * context, so clear our error state. */
359 ERR_clear_error();
360 return ret;
361 }
diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h
deleted file mode 100644
index 900f75ce8d..0000000000
--- a/src/lib/libcrypto/engine/engine.h
+++ /dev/null
@@ -1,729 +0,0 @@
1/* openssl/engine.h */
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#ifndef HEADER_ENGINE_H
60#define HEADER_ENGINE_H
61
62#include <openssl/opensslconf.h>
63
64#ifdef OPENSSL_NO_ENGINE
65#error ENGINE is disabled.
66#endif
67
68#include <openssl/ossl_typ.h>
69#include <openssl/bn.h>
70#ifndef OPENSSL_NO_RSA
71#include <openssl/rsa.h>
72#endif
73#ifndef OPENSSL_NO_DSA
74#include <openssl/dsa.h>
75#endif
76#ifndef OPENSSL_NO_DH
77#include <openssl/dh.h>
78#endif
79#include <openssl/rand.h>
80#include <openssl/ui.h>
81#include <openssl/symhacks.h>
82#include <openssl/err.h>
83
84#ifdef __cplusplus
85extern "C" {
86#endif
87
88/* Fixups for missing algorithms */
89#ifdef OPENSSL_NO_RSA
90typedef void RSA_METHOD;
91#endif
92#ifdef OPENSSL_NO_DSA
93typedef void DSA_METHOD;
94#endif
95#ifdef OPENSSL_NO_DH
96typedef void DH_METHOD;
97#endif
98
99/* These flags are used to control combinations of algorithm (methods)
100 * by bitwise "OR"ing. */
101#define ENGINE_METHOD_RSA (unsigned int)0x0001
102#define ENGINE_METHOD_DSA (unsigned int)0x0002
103#define ENGINE_METHOD_DH (unsigned int)0x0004
104#define ENGINE_METHOD_RAND (unsigned int)0x0008
105#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
106#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
107/* Obvious all-or-nothing cases. */
108#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
109#define ENGINE_METHOD_NONE (unsigned int)0x0000
110
111/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
112 * internally to control registration of ENGINE implementations, and can be set
113 * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
114 * initialise registered ENGINEs if they are not already initialised. */
115#define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
116
117/* ENGINE flags that can be set by ENGINE_set_flags(). */
118/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ /* Not used */
119
120/* This flag is for ENGINEs that wish to handle the various 'CMD'-related
121 * control commands on their own. Without this flag, ENGINE_ctrl() handles these
122 * control commands on behalf of the ENGINE using their "cmd_defns" data. */
123#define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
124
125/* This flag is for ENGINEs who return new duplicate structures when found via
126 * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl()
127 * commands are called in sequence as part of some stateful process like
128 * key-generation setup and execution), it can set this flag - then each attempt
129 * to obtain the ENGINE will result in it being copied into a new structure.
130 * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments
131 * the existing ENGINE's structural reference count. */
132#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
133
134/* ENGINEs can support their own command types, and these flags are used in
135 * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
136 * command expects. Currently only numeric and string input is supported. If a
137 * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options,
138 * then it is regarded as an "internal" control command - and not for use in
139 * config setting situations. As such, they're not available to the
140 * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to
141 * this list of 'command types' should be reflected carefully in
142 * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */
143
144/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
145#define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
146/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to
147 * ENGINE_ctrl) */
148#define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
149/* Indicates that the control command takes *no* input. Ie. the control command
150 * is unparameterised. */
151#define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
152/* Indicates that the control command is internal. This control command won't
153 * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
154 * function. */
155#define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
156
157/* NB: These 3 control commands are deprecated and should not be used. ENGINEs
158 * relying on these commands should compile conditional support for
159 * compatibility (eg. if these symbols are defined) but should also migrate the
160 * same functionality to their own ENGINE-specific control functions that can be
161 * "discovered" by calling applications. The fact these control commands
162 * wouldn't be "executable" (ie. usable by text-based config) doesn't change the
163 * fact that application code can find and use them without requiring per-ENGINE
164 * hacking. */
165
166/* These flags are used to tell the ctrl function what should be done.
167 * All command numbers are shared between all engines, even if some don't
168 * make sense to some engines. In such a case, they do nothing but return
169 * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
170#define ENGINE_CTRL_SET_LOGSTREAM 1
171#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
172#define ENGINE_CTRL_HUP 3 /* Close and reinitialise any
173 handles/connections etc. */
174#define ENGINE_CTRL_SET_USER_INTERFACE 4 /* Alternative to callback */
175#define ENGINE_CTRL_SET_CALLBACK_DATA 5 /* User-specific data, used
176 when calling the password
177 callback and the user
178 interface */
179
180/* These control commands allow an application to deal with an arbitrary engine
181 * in a dynamic way. Warn: Negative return values indicate errors FOR THESE
182 * COMMANDS because zero is used to indicate 'end-of-list'. Other commands,
183 * including ENGINE-specific command types, return zero for an error.
184 *
185 * An ENGINE can choose to implement these ctrl functions, and can internally
186 * manage things however it chooses - it does so by setting the
187 * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the
188 * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns
189 * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl()
190 * handler need only implement its own commands - the above "meta" commands will
191 * be taken care of. */
192
193/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then
194 * all the remaining control commands will return failure, so it is worth
195 * checking this first if the caller is trying to "discover" the engine's
196 * capabilities and doesn't want errors generated unnecessarily. */
197#define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
198/* Returns a positive command number for the first command supported by the
199 * engine. Returns zero if no ctrl commands are supported. */
200#define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
201/* The 'long' argument specifies a command implemented by the engine, and the
202 * return value is the next command supported, or zero if there are no more. */
203#define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
204/* The 'void*' argument is a command name (cast from 'const char *'), and the
205 * return value is the command that corresponds to it. */
206#define ENGINE_CTRL_GET_CMD_FROM_NAME 13
207/* The next two allow a command to be converted into its corresponding string
208 * form. In each case, the 'long' argument supplies the command. In the NAME_LEN
209 * case, the return value is the length of the command name (not counting a
210 * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer
211 * large enough, and it will be populated with the name of the command (WITH a
212 * trailing EOL). */
213#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
214#define ENGINE_CTRL_GET_NAME_FROM_CMD 15
215/* The next two are similar but give a "short description" of a command. */
216#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
217#define ENGINE_CTRL_GET_DESC_FROM_CMD 17
218/* With this command, the return value is the OR'd combination of
219 * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
220 * engine-specific ctrl command expects. */
221#define ENGINE_CTRL_GET_CMD_FLAGS 18
222
223/* ENGINE implementations should start the numbering of their own control
224 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
225#define ENGINE_CMD_BASE 200
226
227/* NB: These 2 nCipher "chil" control commands are deprecated, and their
228 * functionality is now available through ENGINE-specific control commands
229 * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
230 * commands should be migrated to the more general command handling before these
231 * are removed. */
232
233/* Flags specific to the nCipher "chil" engine */
234#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
235 /* Depending on the value of the (long)i argument, this sets or
236 * unsets the SimpleForkCheck flag in the CHIL API to enable or
237 * disable checking and workarounds for applications that fork().
238 */
239#define ENGINE_CTRL_CHIL_NO_LOCKING 101
240 /* This prevents the initialisation function from providing mutex
241 * callbacks to the nCipher library. */
242
243/* If an ENGINE supports its own specific control commands and wishes the
244 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
245 * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
246 * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that
247 * supports the stated commands (ie. the "cmd_num" entries as described by the
248 * array). NB: The array must be ordered in increasing order of cmd_num.
249 * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set
250 * to zero and/or cmd_name set to NULL. */
251typedef struct ENGINE_CMD_DEFN_st
252 {
253 unsigned int cmd_num; /* The command number */
254 const char *cmd_name; /* The command name itself */
255 const char *cmd_desc; /* A short description of the command */
256 unsigned int cmd_flags; /* The input the command expects */
257 } ENGINE_CMD_DEFN;
258
259/* Generic function pointer */
260typedef int (*ENGINE_GEN_FUNC_PTR)();
261/* Generic function pointer taking no arguments */
262typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *);
263/* Specific control function pointer */
264typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)());
265/* Generic load_key function pointer */
266typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
267 UI_METHOD *ui_method, void *callback_data);
268/* These callback types are for an ENGINE's handler for cipher and digest logic.
269 * These handlers have these prototypes;
270 * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
271 * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
272 * Looking at how to implement these handlers in the case of cipher support, if
273 * the framework wants the EVP_CIPHER for 'nid', it will call;
274 * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
275 * If the framework wants a list of supported 'nid's, it will call;
276 * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
277 */
278/* Returns to a pointer to the array of supported cipher 'nid's. If the second
279 * parameter is non-NULL it is set to the size of the returned array. */
280typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
281typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
282
283/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
284 * structures where the pointers have a "structural reference". This means that
285 * their reference is to allowed access to the structure but it does not imply
286 * that the structure is functional. To simply increment or decrement the
287 * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not
288 * required when iterating using ENGINE_get_next as it will automatically
289 * decrement the structural reference count of the "current" ENGINE and
290 * increment the structural reference count of the ENGINE it returns (unless it
291 * is NULL). */
292
293/* Get the first/last "ENGINE" type available. */
294ENGINE *ENGINE_get_first(void);
295ENGINE *ENGINE_get_last(void);
296/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
297ENGINE *ENGINE_get_next(ENGINE *e);
298ENGINE *ENGINE_get_prev(ENGINE *e);
299/* Add another "ENGINE" type into the array. */
300int ENGINE_add(ENGINE *e);
301/* Remove an existing "ENGINE" type from the array. */
302int ENGINE_remove(ENGINE *e);
303/* Retrieve an engine from the list by its unique "id" value. */
304ENGINE *ENGINE_by_id(const char *id);
305/* Add all the built-in engines. */
306void ENGINE_load_openssl(void);
307void ENGINE_load_dynamic(void);
308void ENGINE_load_cswift(void);
309void ENGINE_load_chil(void);
310void ENGINE_load_atalla(void);
311void ENGINE_load_nuron(void);
312void ENGINE_load_ubsec(void);
313void ENGINE_load_aep(void);
314void ENGINE_load_sureware(void);
315void ENGINE_load_4758cca(void);
316void ENGINE_load_cryptodev(void);
317void ENGINE_load_builtin_engines(void);
318
319/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
320 * "registry" handling. */
321unsigned int ENGINE_get_table_flags(void);
322void ENGINE_set_table_flags(unsigned int flags);
323
324/* Manage registration of ENGINEs per "table". For each type, there are 3
325 * functions;
326 * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
327 * ENGINE_unregister_***(e) - unregister the implementation from 'e'
328 * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
329 * Cleanup is automatically registered from each table when required, so
330 * ENGINE_cleanup() will reverse any "register" operations. */
331
332int ENGINE_register_RSA(ENGINE *e);
333void ENGINE_unregister_RSA(ENGINE *e);
334void ENGINE_register_all_RSA(void);
335
336int ENGINE_register_DSA(ENGINE *e);
337void ENGINE_unregister_DSA(ENGINE *e);
338void ENGINE_register_all_DSA(void);
339
340int ENGINE_register_DH(ENGINE *e);
341void ENGINE_unregister_DH(ENGINE *e);
342void ENGINE_register_all_DH(void);
343
344int ENGINE_register_RAND(ENGINE *e);
345void ENGINE_unregister_RAND(ENGINE *e);
346void ENGINE_register_all_RAND(void);
347
348int ENGINE_register_ciphers(ENGINE *e);
349void ENGINE_unregister_ciphers(ENGINE *e);
350void ENGINE_register_all_ciphers(void);
351
352int ENGINE_register_digests(ENGINE *e);
353void ENGINE_unregister_digests(ENGINE *e);
354void ENGINE_register_all_digests(void);
355
356/* These functions register all support from the above categories. Note, use of
357 * these functions can result in static linkage of code your application may not
358 * need. If you only need a subset of functionality, consider using more
359 * selective initialisation. */
360int ENGINE_register_complete(ENGINE *e);
361int ENGINE_register_all_complete(void);
362
363/* Send parametrised control commands to the engine. The possibilities to send
364 * down an integer, a pointer to data or a function pointer are provided. Any of
365 * the parameters may or may not be NULL, depending on the command number. In
366 * actuality, this function only requires a structural (rather than functional)
367 * reference to an engine, but many control commands may require the engine be
368 * functional. The caller should be aware of trying commands that require an
369 * operational ENGINE, and only use functional references in such situations. */
370int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
371
372/* This function tests if an ENGINE-specific command is usable as a "setting".
373 * Eg. in an application's config file that gets processed through
374 * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
375 * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */
376int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
377
378/* This function works like ENGINE_ctrl() with the exception of taking a
379 * command name instead of a command number, and can handle optional commands.
380 * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to
381 * use the cmd_name and cmd_optional. */
382int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
383 long i, void *p, void (*f)(), int cmd_optional);
384
385/* This function passes a command-name and argument to an ENGINE. The cmd_name
386 * is converted to a command number and the control command is called using
387 * 'arg' as an argument (unless the ENGINE doesn't support such a command, in
388 * which case no control command is called). The command is checked for input
389 * flags, and if necessary the argument will be converted to a numeric value. If
390 * cmd_optional is non-zero, then if the ENGINE doesn't support the given
391 * cmd_name the return value will be success anyway. This function is intended
392 * for applications to use so that users (or config files) can supply
393 * engine-specific config data to the ENGINE at run-time to control behaviour of
394 * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl()
395 * functions that return data, deal with binary data, or that are otherwise
396 * supposed to be used directly through ENGINE_ctrl() in application code. Any
397 * "return" data from an ENGINE_ctrl() operation in this function will be lost -
398 * the return value is interpreted as failure if the return value is zero,
399 * success otherwise, and this function returns a boolean value as a result. In
400 * other words, vendors of 'ENGINE'-enabled devices should write ENGINE
401 * implementations with parameterisations that work in this scheme, so that
402 * compliant ENGINE-based applications can work consistently with the same
403 * configuration for the same ENGINE-enabled devices, across applications. */
404int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
405 int cmd_optional);
406
407/* These functions are useful for manufacturing new ENGINE structures. They
408 * don't address reference counting at all - one uses them to populate an ENGINE
409 * structure with personalised implementations of things prior to using it
410 * directly or adding it to the builtin ENGINE list in OpenSSL. These are also
411 * here so that the ENGINE structure doesn't have to be exposed and break binary
412 * compatibility! */
413ENGINE *ENGINE_new(void);
414int ENGINE_free(ENGINE *e);
415int ENGINE_up_ref(ENGINE *e);
416int ENGINE_set_id(ENGINE *e, const char *id);
417int ENGINE_set_name(ENGINE *e, const char *name);
418int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
419int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
420int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
421int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
422int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
423int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
424int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
425int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
426int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
427int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
428int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
429int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
430int ENGINE_set_flags(ENGINE *e, int flags);
431int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
432/* These functions (and the "get" function lower down) allow control over any
433 * per-structure ENGINE data. */
434int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
435 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
436int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
437
438/* This function cleans up anything that needs it. Eg. the ENGINE_add() function
439 * automatically ensures the list cleanup function is registered to be called
440 * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure
441 * ENGINE_cleanup() will clean up after them. */
442void ENGINE_cleanup(void);
443
444/* These return values from within the ENGINE structure. These can be useful
445 * with functional references as well as structural references - it depends
446 * which you obtained. Using the result for functional purposes if you only
447 * obtained a structural reference may be problematic! */
448const char *ENGINE_get_id(const ENGINE *e);
449const char *ENGINE_get_name(const ENGINE *e);
450const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
451const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
452const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
453const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
454ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
455ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
456ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
457ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
458ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
459ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
460ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
461ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
462const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
463const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
464const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
465int ENGINE_get_flags(const ENGINE *e);
466void *ENGINE_get_ex_data(const ENGINE *e, int idx);
467
468/* FUNCTIONAL functions. These functions deal with ENGINE structures
469 * that have (or will) be initialised for use. Broadly speaking, the
470 * structural functions are useful for iterating the list of available
471 * engine types, creating new engine types, and other "list" operations.
472 * These functions actually deal with ENGINEs that are to be used. As
473 * such these functions can fail (if applicable) when particular
474 * engines are unavailable - eg. if a hardware accelerator is not
475 * attached or not functioning correctly. Each ENGINE has 2 reference
476 * counts; structural and functional. Every time a functional reference
477 * is obtained or released, a corresponding structural reference is
478 * automatically obtained or released too. */
479
480/* Initialise a engine type for use (or up its reference count if it's
481 * already in use). This will fail if the engine is not currently
482 * operational and cannot initialise. */
483int ENGINE_init(ENGINE *e);
484/* Free a functional reference to a engine type. This does not require
485 * a corresponding call to ENGINE_free as it also releases a structural
486 * reference. */
487int ENGINE_finish(ENGINE *e);
488
489/* The following functions handle keys that are stored in some secondary
490 * location, handled by the engine. The storage may be on a card or
491 * whatever. */
492EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
493 UI_METHOD *ui_method, void *callback_data);
494EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
495 UI_METHOD *ui_method, void *callback_data);
496
497/* This returns a pointer for the current ENGINE structure that
498 * is (by default) performing any RSA operations. The value returned
499 * is an incremented reference, so it should be free'd (ENGINE_finish)
500 * before it is discarded. */
501ENGINE *ENGINE_get_default_RSA(void);
502/* Same for the other "methods" */
503ENGINE *ENGINE_get_default_DSA(void);
504ENGINE *ENGINE_get_default_DH(void);
505ENGINE *ENGINE_get_default_RAND(void);
506/* These functions can be used to get a functional reference to perform
507 * ciphering or digesting corresponding to "nid". */
508ENGINE *ENGINE_get_cipher_engine(int nid);
509ENGINE *ENGINE_get_digest_engine(int nid);
510
511/* This sets a new default ENGINE structure for performing RSA
512 * operations. If the result is non-zero (success) then the ENGINE
513 * structure will have had its reference count up'd so the caller
514 * should still free their own reference 'e'. */
515int ENGINE_set_default_RSA(ENGINE *e);
516int ENGINE_set_default_string(ENGINE *e, const char *def_list);
517/* Same for the other "methods" */
518int ENGINE_set_default_DSA(ENGINE *e);
519int ENGINE_set_default_DH(ENGINE *e);
520int ENGINE_set_default_RAND(ENGINE *e);
521int ENGINE_set_default_ciphers(ENGINE *e);
522int ENGINE_set_default_digests(ENGINE *e);
523
524/* The combination "set" - the flags are bitwise "OR"d from the
525 * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
526 * function, this function can result in unnecessary static linkage. If your
527 * application requires only specific functionality, consider using more
528 * selective functions. */
529int ENGINE_set_default(ENGINE *e, unsigned int flags);
530
531void ENGINE_add_conf_module(void);
532
533/* Deprecated functions ... */
534/* int ENGINE_clear_defaults(void); */
535
536/**************************/
537/* DYNAMIC ENGINE SUPPORT */
538/**************************/
539
540/* Binary/behaviour compatibility levels */
541#define OSSL_DYNAMIC_VERSION (unsigned long)0x00010200
542/* Binary versions older than this are too old for us (whether we're a loader or
543 * a loadee) */
544#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00010200
545
546/* When compiling an ENGINE entirely as an external shared library, loadable by
547 * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure
548 * type provides the calling application's (or library's) error functionality
549 * and memory management function pointers to the loaded library. These should
550 * be used/set in the loaded library code so that the loading application's
551 * 'state' will be used/changed in all operations. */
552typedef void *(*dyn_MEM_malloc_cb)(size_t);
553typedef void *(*dyn_MEM_realloc_cb)(void *, size_t);
554typedef void (*dyn_MEM_free_cb)(void *);
555typedef struct st_dynamic_MEM_fns {
556 dyn_MEM_malloc_cb malloc_cb;
557 dyn_MEM_realloc_cb realloc_cb;
558 dyn_MEM_free_cb free_cb;
559 } dynamic_MEM_fns;
560/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use
561 * these types so we (and any other dependant code) can simplify a bit?? */
562typedef void (*dyn_lock_locking_cb)(int,int,const char *,int);
563typedef int (*dyn_lock_add_lock_cb)(int*,int,int,const char *,int);
564typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(
565 const char *,int);
566typedef void (*dyn_dynlock_lock_cb)(int,struct CRYPTO_dynlock_value *,
567 const char *,int);
568typedef void (*dyn_dynlock_destroy_cb)(struct CRYPTO_dynlock_value *,
569 const char *,int);
570typedef struct st_dynamic_LOCK_fns {
571 dyn_lock_locking_cb lock_locking_cb;
572 dyn_lock_add_lock_cb lock_add_lock_cb;
573 dyn_dynlock_create_cb dynlock_create_cb;
574 dyn_dynlock_lock_cb dynlock_lock_cb;
575 dyn_dynlock_destroy_cb dynlock_destroy_cb;
576 } dynamic_LOCK_fns;
577/* The top-level structure */
578typedef struct st_dynamic_fns {
579 const ERR_FNS *err_fns;
580 const CRYPTO_EX_DATA_IMPL *ex_data_fns;
581 dynamic_MEM_fns mem_fns;
582 dynamic_LOCK_fns lock_fns;
583 } dynamic_fns;
584
585/* The version checking function should be of this prototype. NB: The
586 * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code.
587 * If this function returns zero, it indicates a (potential) version
588 * incompatibility and the loaded library doesn't believe it can proceed.
589 * Otherwise, the returned value is the (latest) version supported by the
590 * loading library. The loader may still decide that the loaded code's version
591 * is unsatisfactory and could veto the load. The function is expected to
592 * be implemented with the symbol name "v_check", and a default implementation
593 * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
594typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
595#define IMPLEMENT_DYNAMIC_CHECK_FN() \
596 unsigned long v_check(unsigned long v) { \
597 if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
598 return 0; }
599
600/* This function is passed the ENGINE structure to initialise with its own
601 * function and command settings. It should not adjust the structural or
602 * functional reference counts. If this function returns zero, (a) the load will
603 * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the
604 * structure, and (c) the shared library will be unloaded. So implementations
605 * should do their own internal cleanup in failure circumstances otherwise they
606 * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that
607 * the loader is looking for. If this is NULL, the shared library can choose to
608 * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared
609 * library must initialise only an ENGINE matching the passed 'id'. The function
610 * is expected to be implemented with the symbol name "bind_engine". A standard
611 * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where
612 * the parameter 'fn' is a callback function that populates the ENGINE structure
613 * and returns an int value (zero for failure). 'fn' should have prototype;
614 * [static] int fn(ENGINE *e, const char *id); */
615typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
616 const dynamic_fns *fns);
617#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
618 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
619 if (ERR_get_implementation() != fns->err_fns) \
620 { \
621 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
622 fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
623 return 0; \
624 CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
625 CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
626 CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
627 CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
628 CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
629 if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
630 return 0; \
631 if(!ERR_set_implementation(fns->err_fns)) return 0; \
632 } \
633 if(!fn(e,id)) return 0; \
634 return 1; }
635
636#if defined(__OpenBSD__) || defined(__FreeBSD__)
637void ENGINE_setup_bsd_cryptodev(void);
638#endif
639
640/* BEGIN ERROR CODES */
641/* The following lines are auto generated by the script mkerr.pl. Any changes
642 * made after this point may be overwritten when the script is next run.
643 */
644void ERR_load_ENGINE_strings(void);
645
646/* Error codes for the ENGINE functions. */
647
648/* Function codes. */
649#define ENGINE_F_DYNAMIC_CTRL 180
650#define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
651#define ENGINE_F_DYNAMIC_LOAD 182
652#define ENGINE_F_ENGINE_ADD 105
653#define ENGINE_F_ENGINE_BY_ID 106
654#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
655#define ENGINE_F_ENGINE_CTRL 142
656#define ENGINE_F_ENGINE_CTRL_CMD 178
657#define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
658#define ENGINE_F_ENGINE_FINISH 107
659#define ENGINE_F_ENGINE_FREE 108
660#define ENGINE_F_ENGINE_GET_CIPHER 185
661#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
662#define ENGINE_F_ENGINE_GET_DIGEST 186
663#define ENGINE_F_ENGINE_GET_NEXT 115
664#define ENGINE_F_ENGINE_GET_PREV 116
665#define ENGINE_F_ENGINE_INIT 119
666#define ENGINE_F_ENGINE_LIST_ADD 120
667#define ENGINE_F_ENGINE_LIST_REMOVE 121
668#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
669#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
670#define ENGINE_F_ENGINE_MODULE_INIT 187
671#define ENGINE_F_ENGINE_NEW 122
672#define ENGINE_F_ENGINE_REMOVE 123
673#define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
674#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
675#define ENGINE_F_ENGINE_SET_ID 129
676#define ENGINE_F_ENGINE_SET_NAME 130
677#define ENGINE_F_ENGINE_TABLE_REGISTER 184
678#define ENGINE_F_ENGINE_UNLOAD_KEY 152
679#define ENGINE_F_ENGINE_UP_REF 190
680#define ENGINE_F_INT_CTRL_HELPER 172
681#define ENGINE_F_INT_ENGINE_CONFIGURE 188
682#define ENGINE_F_LOG_MESSAGE 141
683#define ENGINE_F_SET_DATA_CTX 183
684
685/* Reason codes. */
686#define ENGINE_R_ALREADY_LOADED 100
687#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
688#define ENGINE_R_CMD_NOT_EXECUTABLE 134
689#define ENGINE_R_COMMAND_TAKES_INPUT 135
690#define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
691#define ENGINE_R_CONFLICTING_ENGINE_ID 103
692#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
693#define ENGINE_R_DH_NOT_IMPLEMENTED 139
694#define ENGINE_R_DSA_NOT_IMPLEMENTED 140
695#define ENGINE_R_DSO_FAILURE 104
696#define ENGINE_R_DSO_NOT_FOUND 132
697#define ENGINE_R_ENGINES_SECTION_ERROR 148
698#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
699#define ENGINE_R_ENGINE_SECTION_ERROR 149
700#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
701#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
702#define ENGINE_R_FINISH_FAILED 106
703#define ENGINE_R_GET_HANDLE_FAILED 107
704#define ENGINE_R_ID_OR_NAME_MISSING 108
705#define ENGINE_R_INIT_FAILED 109
706#define ENGINE_R_INTERNAL_LIST_ERROR 110
707#define ENGINE_R_INVALID_ARGUMENT 143
708#define ENGINE_R_INVALID_CMD_NAME 137
709#define ENGINE_R_INVALID_CMD_NUMBER 138
710#define ENGINE_R_INVALID_INIT_VALUE 151
711#define ENGINE_R_INVALID_STRING 150
712#define ENGINE_R_NOT_INITIALISED 117
713#define ENGINE_R_NOT_LOADED 112
714#define ENGINE_R_NO_CONTROL_FUNCTION 120
715#define ENGINE_R_NO_INDEX 144
716#define ENGINE_R_NO_LOAD_FUNCTION 125
717#define ENGINE_R_NO_REFERENCE 130
718#define ENGINE_R_NO_SUCH_ENGINE 116
719#define ENGINE_R_NO_UNLOAD_FUNCTION 126
720#define ENGINE_R_PROVIDE_PARAMETERS 113
721#define ENGINE_R_RSA_NOT_IMPLEMENTED 141
722#define ENGINE_R_UNIMPLEMENTED_CIPHER 146
723#define ENGINE_R_UNIMPLEMENTED_DIGEST 147
724#define ENGINE_R_VERSION_INCOMPATIBILITY 145
725
726#ifdef __cplusplus
727}
728#endif
729#endif
diff --git a/src/lib/libcrypto/engine/tb_cipher.c b/src/lib/libcrypto/engine/tb_cipher.c
deleted file mode 100644
index 50b3cec1fa..0000000000
--- a/src/lib/libcrypto/engine/tb_cipher.c
+++ /dev/null
@@ -1,145 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that
60 * is used by EVP to hook in cipher code and cache defaults (etc), will display
61 * brief debugging summaries to stderr with the 'nid'. */
62/* #define ENGINE_CIPHER_DEBUG */
63
64static ENGINE_TABLE *cipher_table = NULL;
65
66void ENGINE_unregister_ciphers(ENGINE *e)
67 {
68 engine_table_unregister(&cipher_table, e);
69 }
70
71static void engine_unregister_all_ciphers(void)
72 {
73 engine_table_cleanup(&cipher_table);
74 }
75
76int ENGINE_register_ciphers(ENGINE *e)
77 {
78 if(e->ciphers)
79 {
80 const int *nids;
81 int num_nids = e->ciphers(e, NULL, &nids, 0);
82 if(num_nids > 0)
83 return engine_table_register(&cipher_table,
84 engine_unregister_all_ciphers, e, nids,
85 num_nids, 0);
86 }
87 return 1;
88 }
89
90void ENGINE_register_all_ciphers()
91 {
92 ENGINE *e;
93
94 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
95 ENGINE_register_ciphers(e);
96 }
97
98int ENGINE_set_default_ciphers(ENGINE *e)
99 {
100 if(e->ciphers)
101 {
102 const int *nids;
103 int num_nids = e->ciphers(e, NULL, &nids, 0);
104 if(num_nids > 0)
105 return engine_table_register(&cipher_table,
106 engine_unregister_all_ciphers, e, nids,
107 num_nids, 1);
108 }
109 return 1;
110 }
111
112/* Exposed API function to get a functional reference from the implementation
113 * table (ie. try to get a functional reference from the tabled structural
114 * references) for a given cipher 'nid' */
115ENGINE *ENGINE_get_cipher_engine(int nid)
116 {
117 return engine_table_select(&cipher_table, nid);
118 }
119
120/* Obtains a cipher implementation from an ENGINE functional reference */
121const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid)
122 {
123 const EVP_CIPHER *ret;
124 ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
125 if(!fn || !fn(e, &ret, NULL, nid))
126 {
127 ENGINEerr(ENGINE_F_ENGINE_GET_CIPHER,
128 ENGINE_R_UNIMPLEMENTED_CIPHER);
129 return NULL;
130 }
131 return ret;
132 }
133
134/* Gets the cipher callback from an ENGINE structure */
135ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e)
136 {
137 return e->ciphers;
138 }
139
140/* Sets the cipher callback in an ENGINE structure */
141int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
142 {
143 e->ciphers = f;
144 return 1;
145 }
diff --git a/src/lib/libcrypto/engine/tb_dh.c b/src/lib/libcrypto/engine/tb_dh.c
deleted file mode 100644
index e290e1702b..0000000000
--- a/src/lib/libcrypto/engine/tb_dh.c
+++ /dev/null
@@ -1,120 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* If this symbol is defined then ENGINE_get_default_DH(), the function that is
60 * used by DH to hook in implementation code and cache defaults (etc), will
61 * display brief debugging summaries to stderr with the 'nid'. */
62/* #define ENGINE_DH_DEBUG */
63
64static ENGINE_TABLE *dh_table = NULL;
65static const int dummy_nid = 1;
66
67void ENGINE_unregister_DH(ENGINE *e)
68 {
69 engine_table_unregister(&dh_table, e);
70 }
71
72static void engine_unregister_all_DH(void)
73 {
74 engine_table_cleanup(&dh_table);
75 }
76
77int ENGINE_register_DH(ENGINE *e)
78 {
79 if(e->dh_meth)
80 return engine_table_register(&dh_table,
81 engine_unregister_all_DH, e, &dummy_nid, 1, 0);
82 return 1;
83 }
84
85void ENGINE_register_all_DH()
86 {
87 ENGINE *e;
88
89 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
90 ENGINE_register_DH(e);
91 }
92
93int ENGINE_set_default_DH(ENGINE *e)
94 {
95 if(e->dh_meth)
96 return engine_table_register(&dh_table,
97 engine_unregister_all_DH, e, &dummy_nid, 1, 1);
98 return 1;
99 }
100
101/* Exposed API function to get a functional reference from the implementation
102 * table (ie. try to get a functional reference from the tabled structural
103 * references). */
104ENGINE *ENGINE_get_default_DH(void)
105 {
106 return engine_table_select(&dh_table, dummy_nid);
107 }
108
109/* Obtains an DH implementation from an ENGINE functional reference */
110const DH_METHOD *ENGINE_get_DH(const ENGINE *e)
111 {
112 return e->dh_meth;
113 }
114
115/* Sets an DH implementation in an ENGINE structure */
116int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
117 {
118 e->dh_meth = dh_meth;
119 return 1;
120 }
diff --git a/src/lib/libcrypto/engine/tb_digest.c b/src/lib/libcrypto/engine/tb_digest.c
deleted file mode 100644
index e82d2a17c9..0000000000
--- a/src/lib/libcrypto/engine/tb_digest.c
+++ /dev/null
@@ -1,145 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* If this symbol is defined then ENGINE_get_digest_engine(), the function that
60 * is used by EVP to hook in digest code and cache defaults (etc), will display
61 * brief debugging summaries to stderr with the 'nid'. */
62/* #define ENGINE_DIGEST_DEBUG */
63
64static ENGINE_TABLE *digest_table = NULL;
65
66void ENGINE_unregister_digests(ENGINE *e)
67 {
68 engine_table_unregister(&digest_table, e);
69 }
70
71static void engine_unregister_all_digests(void)
72 {
73 engine_table_cleanup(&digest_table);
74 }
75
76int ENGINE_register_digests(ENGINE *e)
77 {
78 if(e->digests)
79 {
80 const int *nids;
81 int num_nids = e->digests(e, NULL, &nids, 0);
82 if(num_nids > 0)
83 return engine_table_register(&digest_table,
84 engine_unregister_all_digests, e, nids,
85 num_nids, 0);
86 }
87 return 1;
88 }
89
90void ENGINE_register_all_digests()
91 {
92 ENGINE *e;
93
94 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
95 ENGINE_register_digests(e);
96 }
97
98int ENGINE_set_default_digests(ENGINE *e)
99 {
100 if(e->digests)
101 {
102 const int *nids;
103 int num_nids = e->digests(e, NULL, &nids, 0);
104 if(num_nids > 0)
105 return engine_table_register(&digest_table,
106 engine_unregister_all_digests, e, nids,
107 num_nids, 1);
108 }
109 return 1;
110 }
111
112/* Exposed API function to get a functional reference from the implementation
113 * table (ie. try to get a functional reference from the tabled structural
114 * references) for a given digest 'nid' */
115ENGINE *ENGINE_get_digest_engine(int nid)
116 {
117 return engine_table_select(&digest_table, nid);
118 }
119
120/* Obtains a digest implementation from an ENGINE functional reference */
121const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid)
122 {
123 const EVP_MD *ret;
124 ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
125 if(!fn || !fn(e, &ret, NULL, nid))
126 {
127 ENGINEerr(ENGINE_F_ENGINE_GET_DIGEST,
128 ENGINE_R_UNIMPLEMENTED_DIGEST);
129 return NULL;
130 }
131 return ret;
132 }
133
134/* Gets the digest callback from an ENGINE structure */
135ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e)
136 {
137 return e->digests;
138 }
139
140/* Sets the digest callback in an ENGINE structure */
141int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
142 {
143 e->digests = f;
144 return 1;
145 }
diff --git a/src/lib/libcrypto/engine/tb_dsa.c b/src/lib/libcrypto/engine/tb_dsa.c
deleted file mode 100644
index 80170591f2..0000000000
--- a/src/lib/libcrypto/engine/tb_dsa.c
+++ /dev/null
@@ -1,120 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is
60 * used by DSA to hook in implementation code and cache defaults (etc), will
61 * display brief debugging summaries to stderr with the 'nid'. */
62/* #define ENGINE_DSA_DEBUG */
63
64static ENGINE_TABLE *dsa_table = NULL;
65static const int dummy_nid = 1;
66
67void ENGINE_unregister_DSA(ENGINE *e)
68 {
69 engine_table_unregister(&dsa_table, e);
70 }
71
72static void engine_unregister_all_DSA(void)
73 {
74 engine_table_cleanup(&dsa_table);
75 }
76
77int ENGINE_register_DSA(ENGINE *e)
78 {
79 if(e->dsa_meth)
80 return engine_table_register(&dsa_table,
81 engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
82 return 1;
83 }
84
85void ENGINE_register_all_DSA()
86 {
87 ENGINE *e;
88
89 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
90 ENGINE_register_DSA(e);
91 }
92
93int ENGINE_set_default_DSA(ENGINE *e)
94 {
95 if(e->dsa_meth)
96 return engine_table_register(&dsa_table,
97 engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
98 return 1;
99 }
100
101/* Exposed API function to get a functional reference from the implementation
102 * table (ie. try to get a functional reference from the tabled structural
103 * references). */
104ENGINE *ENGINE_get_default_DSA(void)
105 {
106 return engine_table_select(&dsa_table, dummy_nid);
107 }
108
109/* Obtains an DSA implementation from an ENGINE functional reference */
110const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e)
111 {
112 return e->dsa_meth;
113 }
114
115/* Sets an DSA implementation in an ENGINE structure */
116int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
117 {
118 e->dsa_meth = dsa_meth;
119 return 1;
120 }
diff --git a/src/lib/libcrypto/engine/tb_rand.c b/src/lib/libcrypto/engine/tb_rand.c
deleted file mode 100644
index 69b67111bc..0000000000
--- a/src/lib/libcrypto/engine/tb_rand.c
+++ /dev/null
@@ -1,120 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is
60 * used by RAND to hook in implementation code and cache defaults (etc), will
61 * display brief debugging summaries to stderr with the 'nid'. */
62/* #define ENGINE_RAND_DEBUG */
63
64static ENGINE_TABLE *rand_table = NULL;
65static const int dummy_nid = 1;
66
67void ENGINE_unregister_RAND(ENGINE *e)
68 {
69 engine_table_unregister(&rand_table, e);
70 }
71
72static void engine_unregister_all_RAND(void)
73 {
74 engine_table_cleanup(&rand_table);
75 }
76
77int ENGINE_register_RAND(ENGINE *e)
78 {
79 if(e->rand_meth)
80 return engine_table_register(&rand_table,
81 engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
82 return 1;
83 }
84
85void ENGINE_register_all_RAND()
86 {
87 ENGINE *e;
88
89 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
90 ENGINE_register_RAND(e);
91 }
92
93int ENGINE_set_default_RAND(ENGINE *e)
94 {
95 if(e->rand_meth)
96 return engine_table_register(&rand_table,
97 engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
98 return 1;
99 }
100
101/* Exposed API function to get a functional reference from the implementation
102 * table (ie. try to get a functional reference from the tabled structural
103 * references). */
104ENGINE *ENGINE_get_default_RAND(void)
105 {
106 return engine_table_select(&rand_table, dummy_nid);
107 }
108
109/* Obtains an RAND implementation from an ENGINE functional reference */
110const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e)
111 {
112 return e->rand_meth;
113 }
114
115/* Sets an RAND implementation in an ENGINE structure */
116int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
117 {
118 e->rand_meth = rand_meth;
119 return 1;
120 }
diff --git a/src/lib/libcrypto/engine/tb_rsa.c b/src/lib/libcrypto/engine/tb_rsa.c
deleted file mode 100644
index fee4867f52..0000000000
--- a/src/lib/libcrypto/engine/tb_rsa.c
+++ /dev/null
@@ -1,120 +0,0 @@
1/* ====================================================================
2 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * 3. All advertising materials mentioning features or use of this
17 * software must display the following acknowledgment:
18 * "This product includes software developed by the OpenSSL Project
19 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
20 *
21 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For written permission, please contact
24 * licensing@OpenSSL.org.
25 *
26 * 5. Products derived from this software may not be called "OpenSSL"
27 * nor may "OpenSSL" appear in their names without prior written
28 * permission of the OpenSSL Project.
29 *
30 * 6. Redistributions of any form whatsoever must retain the following
31 * acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
34 *
35 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46 * OF THE POSSIBILITY OF SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This product includes cryptographic software written by Eric Young
50 * (eay@cryptsoft.com). This product includes software written by Tim
51 * Hudson (tjh@cryptsoft.com).
52 *
53 */
54
55#include <openssl/evp.h>
56#include <openssl/engine.h>
57#include "eng_int.h"
58
59/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is
60 * used by RSA to hook in implementation code and cache defaults (etc), will
61 * display brief debugging summaries to stderr with the 'nid'. */
62/* #define ENGINE_RSA_DEBUG */
63
64static ENGINE_TABLE *rsa_table = NULL;
65static const int dummy_nid = 1;
66
67void ENGINE_unregister_RSA(ENGINE *e)
68 {
69 engine_table_unregister(&rsa_table, e);
70 }
71
72static void engine_unregister_all_RSA(void)
73 {
74 engine_table_cleanup(&rsa_table);
75 }
76
77int ENGINE_register_RSA(ENGINE *e)
78 {
79 if(e->rsa_meth)
80 return engine_table_register(&rsa_table,
81 engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
82 return 1;
83 }
84
85void ENGINE_register_all_RSA()
86 {
87 ENGINE *e;
88
89 for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
90 ENGINE_register_RSA(e);
91 }
92
93int ENGINE_set_default_RSA(ENGINE *e)
94 {
95 if(e->rsa_meth)
96 return engine_table_register(&rsa_table,
97 engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
98 return 1;
99 }
100
101/* Exposed API function to get a functional reference from the implementation
102 * table (ie. try to get a functional reference from the tabled structural
103 * references). */
104ENGINE *ENGINE_get_default_RSA(void)
105 {
106 return engine_table_select(&rsa_table, dummy_nid);
107 }
108
109/* Obtains an RSA implementation from an ENGINE functional reference */
110const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e)
111 {
112 return e->rsa_meth;
113 }
114
115/* Sets an RSA implementation in an ENGINE structure */
116int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
117 {
118 e->rsa_meth = rsa_meth;
119 return 1;
120 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 21:45:05 +0000