void OPENSSL_init(void)
{
static int done = 0;
if (done)
return;
done = 1;
#ifdef OPENSSL_FIPS
FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata);
FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
RAND_init_fips();
#endif
#if 0
fprintf(stderr, "Called OPENSSL_init\n");
#endif
}
// Constructor
OSSLCryptoFactory::OSSLCryptoFactory()
{
// Multi-thread support
nlocks = CRYPTO_num_locks();
locks = new Mutex*[nlocks];
for (unsigned i = 0; i < nlocks; i++)
{
locks[i] = MutexFactory::i()->getMutex();
}
#ifdef HAVE_PTHREAD_H
CRYPTO_set_id_callback(id_callback);
#endif
CRYPTO_set_locking_callback(lock_callback);
#ifdef WITH_FIPS
// Already in FIPS mode on reenter (avoiding selftests)
if (!FIPS_mode())
{
FipsSelfTestStatus = false;
if (!FIPS_mode_set(1))
{
ERROR_MSG("can't enter into FIPS mode");
return;
}
} else {
// Undo RAND_cleanup()
RAND_init_fips();
}
FipsSelfTestStatus = true;
#endif
// Initialise OpenSSL
OpenSSL_add_all_algorithms();
// Initialise the one-and-only RNG
rng = new OSSLRNG();
#ifdef WITH_GOST
// Load engines
ENGINE_load_builtin_engines();
// Initialise the GOST engine
eg = ENGINE_by_id("gost");
if (eg == NULL)
{
ERROR_MSG("can't get the GOST engine");
return;
}
if (ENGINE_init(eg) <= 0)
{
ENGINE_free(eg);
eg = NULL;
ERROR_MSG("can't initialize the GOST engine");
return;
}
// better than digest_gost
EVP_GOST_34_11 = ENGINE_get_digest(eg, NID_id_GostR3411_94);
if (EVP_GOST_34_11 == NULL)
{
ERROR_MSG("can't get the GOST digest");
goto err;
}
// from the openssl.cnf
if (ENGINE_register_pkey_asn1_meths(eg) <= 0)
{
ERROR_MSG("can't register ASN.1 for the GOST engine");
goto err;
}
if (ENGINE_ctrl_cmd_string(eg,
"CRYPT_PARAMS",
"id-Gost28147-89-CryptoPro-A-ParamSet",
0) <= 0)
{
ERROR_MSG("can't set params of the GOST engine");
goto err;
}
return;
err:
ENGINE_finish(eg);
ENGINE_free(eg);
eg = NULL;
return;
#endif
}
