From: Geoff Thorpe Date: Tue, 25 Sep 2001 21:28:40 +0000 (+0000) Subject: This change adds cipher and digest support into ENGINE using the X-Git-Tag: OpenSSL_0_9_6c~26^2~193 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b370230b786eed9b73c9a1f5c0a5e008e8009989;p=oweals%2Fopenssl.git This change adds cipher and digest support into ENGINE using the ENGING_TABLE mechanism. The necessary hooks from crypto/evp/ to use this will be committed shortly. --- diff --git a/crypto/engine/Makefile.ssl b/crypto/engine/Makefile.ssl index 95311d6e60..22d297da5d 100644 --- a/crypto/engine/Makefile.ssl +++ b/crypto/engine/Makefile.ssl @@ -25,13 +25,13 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \ eng_table.c eng_pkey.c eng_fat.c eng_all.c \ - tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c \ + tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \ eng_openssl.c eng_dyn.c \ hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \ hw_openbsd_dev_crypto.c LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \ eng_table.o eng_pkey.o eng_fat.o eng_all.o \ - tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o \ + tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \ eng_openssl.o eng_dyn.o \ hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \ hw_openbsd_dev_crypto.o @@ -185,10 +185,12 @@ eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h eng_openssl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h eng_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h -eng_openssl.o: ../../include/openssl/lhash.h +eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h eng_openssl.o: ../../include/openssl/opensslconf.h eng_openssl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h -eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +eng_openssl.o: ../../include/openssl/rc4.h ../../include/openssl/rsa.h +eng_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h eng_openssl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h eng_openssl.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_openssl.o: ../cryptlib.h eng_openssl.c @@ -283,6 +285,19 @@ hw_ubsec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h hw_ubsec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h hw_ubsec.o: ../../include/openssl/types.h ../../include/openssl/ui.h hw_ubsec.o: ../cryptlib.h hw_ubsec.c vendor_defns/hw_ubsec.h +tb_cipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +tb_cipher.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h +tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_cipher.o: ../../include/openssl/objects.h +tb_cipher.o: ../../include/openssl/opensslconf.h +tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +tb_cipher.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +tb_cipher.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_cipher.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h +tb_cipher.o: tb_cipher.c tb_dh.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h tb_dh.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h @@ -295,6 +310,19 @@ tb_dh.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h tb_dh.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h tb_dh.o: tb_dh.c +tb_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +tb_digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h +tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h +tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tb_digest.o: ../../include/openssl/objects.h +tb_digest.o: ../../include/openssl/opensslconf.h +tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +tb_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +tb_digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tb_digest.o: ../../include/openssl/types.h ../../include/openssl/ui.h eng_int.h +tb_digest.o: tb_digest.c tb_dsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h tb_dsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c index 48b774344f..2fe4c05d45 100644 --- a/crypto/engine/eng_err.c +++ b/crypto/engine/eng_err.c @@ -77,7 +77,9 @@ static ERR_STRING_DATA ENGINE_str_functs[]= {ERR_PACK(0,ENGINE_F_ENGINE_CTRL_CMD_STRING,0), "ENGINE_ctrl_cmd_string"}, {ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0), "ENGINE_finish"}, {ERR_PACK(0,ENGINE_F_ENGINE_FREE,0), "ENGINE_free"}, +{ERR_PACK(0,ENGINE_F_ENGINE_GET_CIPHER,0), "ENGINE_get_cipher"}, {ERR_PACK(0,ENGINE_F_ENGINE_GET_DEFAULT_TYPE,0), "ENGINE_GET_DEFAULT_TYPE"}, +{ERR_PACK(0,ENGINE_F_ENGINE_GET_DIGEST,0), "ENGINE_get_digest"}, {ERR_PACK(0,ENGINE_F_ENGINE_GET_NEXT,0), "ENGINE_get_next"}, {ERR_PACK(0,ENGINE_F_ENGINE_GET_PREV,0), "ENGINE_get_prev"}, {ERR_PACK(0,ENGINE_F_ENGINE_INIT,0), "ENGINE_init"}, @@ -144,6 +146,8 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= {ENGINE_R_REQUEST_FALLBACK ,"request fallback"}, {ENGINE_R_RSA_NOT_IMPLEMENTED ,"rsa not implemented"}, {ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"}, +{ENGINE_R_UNIMPLEMENTED_CIPHER ,"unimplemented cipher"}, +{ENGINE_R_UNIMPLEMENTED_DIGEST ,"unimplemented digest"}, {ENGINE_R_UNIT_FAILURE ,"unit failure"}, {ENGINE_R_VERSION_INCOMPATIBILITY ,"version incompatibility"}, {0,NULL} diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c index e99b52e034..3fb379f37c 100644 --- a/crypto/engine/eng_fat.c +++ b/crypto/engine/eng_fat.c @@ -60,6 +60,10 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) { + if((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e)) + return 0; + if((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) + return 0; #ifndef OPENSSL_NO_RSA if((flags & ENGINE_METHOD_RSA) & !ENGINE_set_default_RSA(e)) return 0; @@ -79,6 +83,8 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags) int ENGINE_register_complete(ENGINE *e) { + ENGINE_register_ciphers(e); + ENGINE_register_digests(e); #ifndef OPENSSL_NO_RSA ENGINE_register_RSA(e); #endif diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h index e07da813b6..65ba9d43a6 100644 --- a/crypto/engine/eng_int.h +++ b/crypto/engine/eng_int.h @@ -138,6 +138,11 @@ struct engine_st const DSA_METHOD *dsa_meth; const DH_METHOD *dh_meth; const RAND_METHOD *rand_meth; + /* Cipher handling is via this callback */ + ENGINE_CIPHERS_PTR ciphers; + /* Digest handling is via this callback */ + ENGINE_DIGESTS_PTR digests; + ENGINE_GEN_INT_FUNC_PTR destroy; @@ -157,7 +162,7 @@ struct engine_st * simply to cope with (de)allocation of this structure. Hence, * running_ref <= struct_ref at all times. */ int funct_ref; - /* A place to store per-key data */ + /* A place to store per-ENGINE data */ CRYPTO_EX_DATA ex_data; /* Used to maintain the linked-list of engines. */ struct engine_st *prev; diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index b730f130b0..c76e6ad897 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -325,6 +325,8 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src) dest->dh_meth = src->dh_meth; #endif dest->rand_meth = src->rand_meth; + dest->ciphers = src->ciphers; + dest->digests = src->digests; dest->destroy = src->destroy; dest->init = src->init; dest->finish = src->finish; diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index cf59451fda..51c108ec24 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -74,6 +74,7 @@ #include #include #include +#include #ifdef __cplusplus extern "C" { @@ -96,8 +97,8 @@ typedef void DH_METHOD; #define ENGINE_METHOD_DSA (unsigned int)0x0002 #define ENGINE_METHOD_DH (unsigned int)0x0004 #define ENGINE_METHOD_RAND (unsigned int)0x0008 -#define ENGINE_METHOD_BN_MOD_EXP (unsigned int)0x0010 -#define ENGINE_METHOD_BN_MOD_EXP_CRT (unsigned int)0x0020 +#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 +#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 /* Obvious all-or-nothing cases. */ #define ENGINE_METHOD_ALL (unsigned int)0xFFFF #define ENGINE_METHOD_NONE (unsigned int)0x0000 @@ -259,6 +260,20 @@ typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)()); /* Generic load_key function pointer */ typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, UI_METHOD *ui_method, void *callback_data); +/* These callback types are for an ENGINE's handler for cipher and digest logic. + * These handlers have these prototypes; + * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); + * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); + * Looking at how to implement these handlers in the case of cipher support, if + * the framework wants the EVP_CIPHER for 'nid', it will call; + * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) + * If the framework wants a list of supported 'nid's, it will call; + * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) + */ +/* Returns to a pointer to the array of supported cipher 'nid's. If the second + * parameter is non-NULL it is set to the size of the returned array. */ +typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int); +typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int); /* STRUCTURE functions ... all of these functions deal with pointers to ENGINE * structures where the pointers have a "structural reference". This means that @@ -322,6 +337,14 @@ int ENGINE_register_RAND(ENGINE *e); void ENGINE_unregister_RAND(ENGINE *e); void ENGINE_register_all_RAND(void); +int ENGINE_register_ciphers(ENGINE *e); +void ENGINE_unregister_ciphers(ENGINE *e); +void ENGINE_register_all_ciphers(void); + +int ENGINE_register_digests(ENGINE *e); +void ENGINE_unregister_digests(ENGINE *e); +void ENGINE_register_all_digests(void); + /* These functions register all support from the above categories. Note, use of * these functions can result in static linkage of code your application may not * need. If you only need a subset of functionality, consider using more @@ -393,9 +416,10 @@ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f); int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); +int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); +int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); int ENGINE_set_flags(ENGINE *e, int flags); int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); -int ENGINE_add_cipher(ENGINE *e,const EVP_CIPHER *c); /* These functions (and the "get" function lower down) allow control over any * per-structure ENGINE data. */ int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, @@ -424,6 +448,10 @@ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); +ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); +ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); +const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); +const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); int ENGINE_get_flags(const ENGINE *e); void *ENGINE_get_ex_data(const ENGINE *e, int idx); @@ -466,6 +494,10 @@ ENGINE *ENGINE_get_default_RSA(void); ENGINE *ENGINE_get_default_DSA(void); ENGINE *ENGINE_get_default_DH(void); ENGINE *ENGINE_get_default_RAND(void); +/* These functions can be used to get a functional reference to perform + * ciphering or digesting corresponding to "nid". */ +ENGINE *ENGINE_get_cipher_engine(int nid); +ENGINE *ENGINE_get_digest_engine(int nid); /* This sets a new default ENGINE structure for performing RSA * operations. If the result is non-zero (success) then the ENGINE @@ -476,6 +508,8 @@ int ENGINE_set_default_RSA(ENGINE *e); int ENGINE_set_default_DSA(ENGINE *e); int ENGINE_set_default_DH(ENGINE *e); int ENGINE_set_default_RAND(ENGINE *e); +int ENGINE_set_default_ciphers(ENGINE *e); +int ENGINE_set_default_digests(ENGINE *e); /* The combination "set" - the flags are bitwise "OR"d from the * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" @@ -604,7 +638,9 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 #define ENGINE_F_ENGINE_FINISH 107 #define ENGINE_F_ENGINE_FREE 108 +#define ENGINE_F_ENGINE_GET_CIPHER 185 #define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 +#define ENGINE_F_ENGINE_GET_DIGEST 186 #define ENGINE_F_ENGINE_GET_NEXT 115 #define ENGINE_F_ENGINE_GET_PREV 116 #define ENGINE_F_ENGINE_INIT 119 @@ -668,6 +704,8 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_R_REQUEST_FALLBACK 118 #define ENGINE_R_RSA_NOT_IMPLEMENTED 141 #define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 122 +#define ENGINE_R_UNIMPLEMENTED_CIPHER 146 +#define ENGINE_R_UNIMPLEMENTED_DIGEST 147 #define ENGINE_R_UNIT_FAILURE 115 #define ENGINE_R_VERSION_INCOMPATIBILITY 145 diff --git a/crypto/engine/tb_cipher.c b/crypto/engine/tb_cipher.c new file mode 100644 index 0000000000..2716ed7a50 --- /dev/null +++ b/crypto/engine/tb_cipher.c @@ -0,0 +1,145 @@ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include +#include "eng_int.h" + +/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that + * is used by EVP to hook in cipher code and cache defaults (etc), will display + * brief debugging summaries to stderr with the 'nid'. */ +/* #define ENGINE_CIPHER_DEBUG */ + +static ENGINE_TABLE *cipher_table = NULL; + +void ENGINE_unregister_ciphers(ENGINE *e) + { + engine_table_unregister(&cipher_table, e); + } + +static void engine_unregister_all_ciphers() + { + engine_table_cleanup(&cipher_table); + } + +int ENGINE_register_ciphers(ENGINE *e) + { + if(e->ciphers) + { + const int *nids; + int num_nids = e->ciphers(e, NULL, &nids, 0); + if(num_nids > 0) + return engine_table_register(&cipher_table, + &engine_unregister_all_ciphers, e, nids, + num_nids, 0); + } + return 1; + } + +void ENGINE_register_all_ciphers() + { + ENGINE *e; + + for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e)) + ENGINE_register_ciphers(e); + } + +int ENGINE_set_default_ciphers(ENGINE *e) + { + if(e->ciphers) + { + const int *nids; + int num_nids = e->ciphers(e, NULL, &nids, 0); + if(num_nids > 0) + return engine_table_register(&cipher_table, + &engine_unregister_all_ciphers, e, nids, + num_nids, 1); + } + return 1; + } + +/* Exposed API function to get a functional reference from the implementation + * table (ie. try to get a functional reference from the tabled structural + * references) for a given cipher 'nid' */ +ENGINE *ENGINE_get_cipher_engine(int nid) + { + return engine_table_select(&cipher_table, nid); + } + +/* Obtains a cipher implementation from an ENGINE functional reference */ +const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid) + { + const EVP_CIPHER *ret; + ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e); + if(!fn || !fn(e, &ret, NULL, nid)) + { + ENGINEerr(ENGINE_F_ENGINE_GET_CIPHER, + ENGINE_R_UNIMPLEMENTED_CIPHER); + return NULL; + } + return ret; + } + +/* Gets the cipher callback from an ENGINE structure */ +ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e) + { + return e->ciphers; + } + +/* Sets the cipher callback in an ENGINE structure */ +int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f) + { + e->ciphers = f; + return 1; + } diff --git a/crypto/engine/tb_digest.c b/crypto/engine/tb_digest.c new file mode 100644 index 0000000000..d2f502e1c8 --- /dev/null +++ b/crypto/engine/tb_digest.c @@ -0,0 +1,145 @@ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include +#include "eng_int.h" + +/* If this symbol is defined then ENGINE_get_digest_engine(), the function that + * is used by EVP to hook in digest code and cache defaults (etc), will display + * brief debugging summaries to stderr with the 'nid'. */ +/* #define ENGINE_DIGEST_DEBUG */ + +static ENGINE_TABLE *digest_table = NULL; + +void ENGINE_unregister_digests(ENGINE *e) + { + engine_table_unregister(&digest_table, e); + } + +static void engine_unregister_all_digests() + { + engine_table_cleanup(&digest_table); + } + +int ENGINE_register_digests(ENGINE *e) + { + if(e->digests) + { + const int *nids; + int num_nids = e->digests(e, NULL, &nids, 0); + if(num_nids > 0) + return engine_table_register(&digest_table, + &engine_unregister_all_digests, e, nids, + num_nids, 0); + } + return 1; + } + +void ENGINE_register_all_digests() + { + ENGINE *e; + + for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e)) + ENGINE_register_digests(e); + } + +int ENGINE_set_default_digests(ENGINE *e) + { + if(e->digests) + { + const int *nids; + int num_nids = e->digests(e, NULL, &nids, 0); + if(num_nids > 0) + return engine_table_register(&digest_table, + &engine_unregister_all_digests, e, nids, + num_nids, 1); + } + return 1; + } + +/* Exposed API function to get a functional reference from the implementation + * table (ie. try to get a functional reference from the tabled structural + * references) for a given digest 'nid' */ +ENGINE *ENGINE_get_digest_engine(int nid) + { + return engine_table_select(&digest_table, nid); + } + +/* Obtains a digest implementation from an ENGINE functional reference */ +const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid) + { + const EVP_MD *ret; + ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e); + if(!fn || !fn(e, &ret, NULL, nid)) + { + ENGINEerr(ENGINE_F_ENGINE_GET_DIGEST, + ENGINE_R_UNIMPLEMENTED_DIGEST); + return NULL; + } + return ret; + } + +/* Gets the digest callback from an ENGINE structure */ +ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e) + { + return e->digests; + } + +/* Sets the digest callback in an ENGINE structure */ +int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f) + { + e->digests = f; + return 1; + }