static int bind_afalg(ENGINE *e)
{
/* Ensure the afalg error handling is set up */
ERR_load_AFALG_strings();
if (!ENGINE_set_id(e, engine_afalg_id)
|| !ENGINE_set_name(e, engine_afalg_name)
|| !ENGINE_set_destroy_function(e, afalg_destroy)
|| !ENGINE_set_init_function(e, afalg_init)
|| !ENGINE_set_finish_function(e, afalg_finish)) {
AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
return 0;
}
/*
* Create _hidden_aes_128_cbc by calling afalg_aes_128_cbc
* now, as bind_aflag can only be called by one thread at a
* time.
*/
if (afalg_aes_128_cbc() == NULL) {
AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
return 0;
}
if (!ENGINE_set_ciphers(e, afalg_ciphers)) {
AFALGerr(AFALG_F_BIND_AFALG, AFALG_R_INIT_FAILED);
return 0;
}
return 1;
}
/* Prepare the ENGINE structure for registration */
static int
padlock_bind_helper(ENGINE *e)
{
/* Check available features */
padlock_available();
#if 1 /* disable RNG for now, see commentary in vicinity of RNG code */
padlock_use_rng=0;
#endif
/* Generate a nice engine name with available features */
BIO_snprintf(padlock_name, sizeof(padlock_name),
"VIA PadLock (%s, %s)",
padlock_use_rng ? "RNG" : "no-RNG",
padlock_use_ace ? "ACE" : "no-ACE");
/* Register everything or return with an error */
if (!ENGINE_set_id(e, padlock_id) ||
!ENGINE_set_name(e, padlock_name) ||
!ENGINE_set_init_function(e, padlock_init) ||
#ifndef OPENSSL_NO_AES
(padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||
#endif
(padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) {
return 0;
}
/* Everything looks good */
return 1;
}
/* This internal function is used by ENGINE_accessl() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
{
#ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
#endif
if(!ENGINE_set_id(e, engine_e_accessl_id) ||
!ENGINE_set_name(e, engine_e_accessl_name) ||
#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &e_accessl_rsa) ||
#endif
!ENGINE_set_destroy_function(e, e_accessl_destroy) ||
!ENGINE_set_init_function(e, e_accessl_init) ||
!ENGINE_set_finish_function(e, e_accessl_finish) ||
!ENGINE_set_ctrl_function(e, e_accessl_ctrl) ||
!ENGINE_set_cmd_defns(e, e_accessl_cmd_defns))
return 0;
#ifndef OPENSSL_NO_RSA
meth1 = RSA_PKCS1_SSLeay();
e_accessl_rsa.bn_mod_exp = meth1->bn_mod_exp;
#endif
/* Ensure the e_accessl error handling is set up */
ERR_load_accessl_strings();
return 1;
}
/* Prepare the ENGINE structure for registration */
static int padlock_bind_helper(ENGINE *e)
{
/* Check available features */
padlock_available();
/*
* RNG is currently disabled for reasons discussed in commentary just
* before padlock_rand_bytes function.
*/
padlock_use_rng = 0;
/* Generate a nice engine name with available features */
BIO_snprintf(padlock_name, sizeof(padlock_name),
"VIA PadLock (%s, %s)",
padlock_use_rng ? "RNG" : "no-RNG",
padlock_use_ace ? "ACE" : "no-ACE");
/* Register everything or return with an error */
if (!ENGINE_set_id(e, padlock_id) ||
!ENGINE_set_name(e, padlock_name) ||
!ENGINE_set_init_function(e, padlock_init) ||
# ifndef OPENSSL_NO_AES
(padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
# endif
(padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
return 0;
}
/* Everything looks good */
return 1;
}
/* ---------------------*/
static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_cluster_labs_id) ||
!ENGINE_set_name(e, engine_cluster_labs_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &cluster_labs_rsa) ||
# endif
# ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(e, &cluster_labs_dsa) ||
# endif
# ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &cluster_labs_dh) ||
# endif
!ENGINE_set_RAND(e, &cluster_labs_rand) ||
!ENGINE_set_destroy_function(e, cluster_labs_destroy) ||
!ENGINE_set_init_function(e, cluster_labs_init) ||
!ENGINE_set_finish_function(e, cluster_labs_finish) ||
!ENGINE_set_ctrl_function(e, cluster_labs_ctrl) ||
!ENGINE_set_cmd_defns(e, cluster_labs_cmd_defns))
return 0;
/* Ensure the error handling is set up */
ERR_load_CL_strings();
return 1;
}
static int bind_helper (ENGINE *e) {
if (!ENGINE_set_id(e, FS_ENGINE_ID) ||
!ENGINE_set_name (e, FS_ENGINE_NAME) ||
!ENGINE_set_destroy_function (e, engine_fs_destroy) ||
!ENGINE_set_finish_function (e, engine_fs_finish) ||
!ENGINE_set_ctrl_function (e, engine_fs_ctrl) ||
!ENGINE_set_load_privkey_function (e, engine_fs_load_private_key) ||
!ENGINE_set_RSA (e, &engine_fs_rsa) /*||
!ENGINE_set_load_pubkey_function (e, engine_fs_load_public_key) ||
!ENGINE_set_init_function (e, engine_fs_init) ||
!ENGINE_set_DSA (e, engine_fs_dsa) ||
!ENGINE_set_ECDH (e, engine_fs_dh) ||
!ENGINE_set_ECDSA (e, engine_fs_dh) ||
!ENGINE_set_DH (e, engine_fs_dh) ||
!ENGINE_set_RAND (e, engine_fs_rand) ||
!ENGINE_set_STORE (e, asn1_i2d_ex_primitiveengine_fs_rand) ||
!ENGINE_set_ciphers (e, engine_fs_syphers_f) ||
!ENGINE_set_digests (e, engine_fs_digest_f) ||
!ENGINE_set_flags (e, engine_fs_flags) ||
!ENGINE_set_cmd_defns (e, engine_fs_cmd_defns)*/) {
return (0);
}
if (!ENGINE_set_RSA (e, &engine_fs_rsa)
|| !register_rsa_methods ()) {
return 0;
}
return (1);
}
static ENGINE* LoadEngine()
{
// This function creates an engine for PKCS#11 and inspired by
// the "ENGINE_load_dynamic" function from OpenSSL, in file
// "crypto/engine/eng_dyn.c"
ENGINE* engine = ENGINE_new();
if (!engine)
{
LOG(ERROR) << "Cannot create an OpenSSL engine for PKCS#11";
throw OrthancException(ErrorCode_InternalError);
}
// Create a PKCS#11 context using libp11
context_ = pkcs11_new();
if (!context_)
{
LOG(ERROR) << "Cannot create a libp11 context for PKCS#11";
ENGINE_free(engine);
throw OrthancException(ErrorCode_InternalError);
}
if (!ENGINE_set_id(engine, PKCS11_ENGINE_ID) ||
!ENGINE_set_name(engine, PKCS11_ENGINE_NAME) ||
!ENGINE_set_cmd_defns(engine, PKCS11_ENGINE_COMMANDS) ||
// Register the callback functions
!ENGINE_set_init_function(engine, EngineInitialize) ||
!ENGINE_set_finish_function(engine, EngineFinalize) ||
!ENGINE_set_destroy_function(engine, EngineDestroy) ||
!ENGINE_set_ctrl_function(engine, EngineControl) ||
!ENGINE_set_load_pubkey_function(engine, EngineLoadPublicKey) ||
!ENGINE_set_load_privkey_function(engine, EngineLoadPrivateKey) ||
!ENGINE_set_RSA(engine, PKCS11_get_rsa_method()) ||
!ENGINE_set_ECDSA(engine, PKCS11_get_ecdsa_method()) ||
!ENGINE_set_ECDH(engine, PKCS11_get_ecdh_method()) ||
#if OPENSSL_VERSION_NUMBER >= 0x10100002L
!ENGINE_set_EC(engine, PKCS11_get_ec_key_method()) ||
#endif
// Make OpenSSL know about our PKCS#11 engine
!ENGINE_add(engine))
{
LOG(ERROR) << "Cannot initialize the OpenSSL engine for PKCS#11";
pkcs11_finish(context_);
ENGINE_free(engine);
throw OrthancException(ErrorCode_InternalError);
}
// If the "ENGINE_add" worked, it gets a structural
// reference. We release our just-created reference.
ENGINE_free(engine);
return ENGINE_by_id(PKCS11_ENGINE_ID);
}
/*
* This internal function is used by ENGINE_ubsec() and possibly by the
* "dynamic" ENGINE support too
*/
static int bind_helper(ENGINE *e)
{
# ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
# endif
# ifndef OPENSSL_NO_DH
# ifndef HAVE_UBSEC_DH
const DH_METHOD *meth3;
# endif /* HAVE_UBSEC_DH */
# endif
if (!ENGINE_set_id(e, engine_ubsec_id) ||
!ENGINE_set_name(e, engine_ubsec_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &ubsec_rsa) ||
# endif
# ifndef OPENSSL_NO_DSA
!ENGINE_set_DSA(e, &ubsec_dsa) ||
# endif
# ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &ubsec_dh) ||
# endif
!ENGINE_set_destroy_function(e, ubsec_destroy) ||
!ENGINE_set_init_function(e, ubsec_init) ||
!ENGINE_set_finish_function(e, ubsec_finish) ||
!ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
!ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
return 0;
# ifndef OPENSSL_NO_RSA
/*
* We know that the "PKCS1_OpenSSL()" functions hook properly to the
* Broadcom-specific mod_exp and mod_exp_crt so we use those functions.
* NB: We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
meth1 = RSA_PKCS1_OpenSSL();
ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
# endif
# ifndef OPENSSL_NO_DH
# ifndef HAVE_UBSEC_DH
/* Much the same for Diffie-Hellman */
meth3 = DH_OpenSSL();
ubsec_dh.generate_key = meth3->generate_key;
ubsec_dh.compute_key = meth3->compute_key;
# endif /* HAVE_UBSEC_DH */
# endif
/* Ensure the ubsec error handling is set up */
ERR_load_UBSEC_strings();
return 1;
}
void
ca_engine_init(void)
{
ENGINE *e;
const char *errstr, *name;
if ((e = ENGINE_get_default_RSA()) == NULL) {
if ((e = ENGINE_new()) == NULL) {
errstr = "ENGINE_new";
goto fail;
}
if (!ENGINE_set_name(e, rsae_method.name)) {
errstr = "ENGINE_set_name";
goto fail;
}
if ((rsa_default = RSA_get_default_method()) == NULL) {
errstr = "RSA_get_default_method";
goto fail;
}
} else if ((rsa_default = ENGINE_get_RSA(e)) == NULL) {
errstr = "ENGINE_get_RSA";
goto fail;
}
if ((name = ENGINE_get_name(e)) == NULL)
name = "unknown RSA engine";
log_debug("debug: %s: using %s", __func__, name);
if (rsa_default->flags & RSA_FLAG_SIGN_VER)
fatalx("unsupported RSA engine");
if (rsa_default->rsa_mod_exp == NULL)
rsae_method.rsa_mod_exp = NULL;
if (rsa_default->bn_mod_exp == NULL)
rsae_method.bn_mod_exp = NULL;
if (rsa_default->rsa_keygen == NULL)
rsae_method.rsa_keygen = NULL;
rsae_method.flags = rsa_default->flags |
RSA_METHOD_FLAG_NO_CHECK;
rsae_method.app_data = rsa_default->app_data;
if (!ENGINE_set_RSA(e, &rsae_method)) {
errstr = "ENGINE_set_RSA";
goto fail;
}
if (!ENGINE_set_default_RSA(e)) {
errstr = "ENGINE_set_default_RSA";
goto fail;
}
return;
fail:
ssl_error(errstr);
fatalx("%s", errstr);
}
static int bind_helper (ENGINE * e)
{
if (!ENGINE_set_id (e, engine_e_rdrand_id) ||
!ENGINE_set_name (e, engine_e_rdrand_name) ||
!ENGINE_set_flags (e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
!ENGINE_set_init_function (e, rdrand_init) || !ENGINE_set_RAND (e, &rdrand_meth))
return 0;
return 1;
}
static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
!ENGINE_set_name(e, engine_e_rdrand_name) ||
!ENGINE_set_init_function(e, rdrand_init) ||
!ENGINE_set_RAND(e, &rdrand_meth) )
return 0;
return 1;
}
static int bind_devcrypto(ENGINE *e) {
if (!ENGINE_set_id(e, engine_devcrypto_id)
|| !ENGINE_set_name(e, "/dev/crypto engine")
|| !ENGINE_set_destroy_function(e, devcrypto_unload)
|| !ENGINE_set_cmd_defns(e, devcrypto_cmds)
|| !ENGINE_set_ctrl_function(e, devcrypto_ctrl))
return 0;
prepare_cipher_methods();
#ifdef IMPLEMENT_DIGEST
prepare_digest_methods();
#endif
return (ENGINE_set_ciphers(e, devcrypto_ciphers)
#ifdef IMPLEMENT_DIGEST
&& ENGINE_set_digests(e, devcrypto_digests)
#endif
/*
* Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD
* implementations, it seems to only exist in FreeBSD, and regarding the
* parameters in its crypt_kop, the manual crypto(4) has this to say:
*
* The semantics of these arguments are currently undocumented.
*
* Reading through the FreeBSD source code doesn't give much more than
* their CRK_MOD_EXP implementation for ubsec.
*
* It doesn't look much better with cryptodev-linux. They have the crypt_kop
* structure as well as the command (CRK_*) in cryptodev.h, but no support
* seems to be implemented at all for the moment.
*
* At the time of writing, it seems impossible to write proper support for
* FreeBSD's asym features without some very deep knowledge and access to
* specific kernel modules.
*
* /Richard Levitte, 2017-05-11
*/
#if 0
# ifndef OPENSSL_NO_RSA
&& ENGINE_set_RSA(e, devcrypto_rsa)
# endif
# ifndef OPENSSL_NO_DSA
&& ENGINE_set_DSA(e, devcrypto_dsa)
# endif
# ifndef OPENSSL_NO_DH
&& ENGINE_set_DH(e, devcrypto_dh)
# endif
# ifndef OPENSSL_NO_EC
&& ENGINE_set_EC(e, devcrypto_ec)
# endif
#endif
);
}
int bind_helper(ENGINE * e, const char *id)
{
if (!ENGINE_set_id(e, engine_Everest_id) ||
!ENGINE_set_name(e, engine_Everest_name) ||
!ENGINE_set_init_function(e,Everest_init) ||
!ENGINE_set_pkey_meths(e, Everest_pkey_meths)
)
return 0;
return 1;
}
/*
* This internal function is used by ENGINE_chil() and possibly by the
* "dynamic" ENGINE support too
*/
static int bind_helper(ENGINE *e)
{
# ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
# endif
# ifndef OPENSSL_NO_DH
const DH_METHOD *meth2;
# endif
if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
!ENGINE_set_name(e, engine_hwcrhk_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &hwcrhk_rsa) ||
# endif
# ifndef OPENSSL_NO_DH
!ENGINE_set_DH(e, &hwcrhk_dh) ||
# endif
!ENGINE_set_RAND(e, &hwcrhk_rand) ||
!ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
!ENGINE_set_init_function(e, hwcrhk_init) ||
!ENGINE_set_finish_function(e, hwcrhk_finish) ||
!ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
!ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
!ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
!ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
return 0;
# ifndef OPENSSL_NO_RSA
/*
* We know that the "PKCS1_SSLeay()" functions hook properly to the
* cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
* We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
meth1 = RSA_PKCS1_SSLeay();
hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
# endif
# ifndef OPENSSL_NO_DH
/* Much the same for Diffie-Hellman */
meth2 = DH_OpenSSL();
hwcrhk_dh.generate_key = meth2->generate_key;
hwcrhk_dh.compute_key = meth2->compute_key;
# endif
/* Ensure the hwcrhk error handling is set up */
ERR_load_HWCRHK_strings();
return 1;
}
static int openssl_engine_name(lua_State*L){
ENGINE* eng = CHECK_OBJECT(1,ENGINE,"openssl.engine");
const char*id = NULL;
int ret = 0;
if(lua_isstring(L, 2)){
id = luaL_checkstring(L, 2);
ret = ENGINE_set_name(eng,id);
lua_pushboolean(L, ret);
return 1;
}
lua_pushstring(L, ENGINE_get_name(eng));
return 1;
}
static int cuda_bind_helper(ENGINE * e) {
if (!ENGINE_set_id(e, CUDA_ENGINE_ID) ||
!ENGINE_set_init_function(e, cuda_init) ||
!ENGINE_set_finish_function(e, cuda_finish) ||
!ENGINE_set_ctrl_function(e, cuda_engine_ctrl) ||
!ENGINE_set_cmd_defns(e, cuda_cmd_defns) ||
!ENGINE_set_name(e, CUDA_ENGINE_NAME) ||
!ENGINE_set_ciphers (e, cuda_ciphers)) {
return 0;
} else {
return 1;
}
}
/* Prepare the ENGINE structure for registration */
static int
aesni_bind_helper(ENGINE *e)
{
int engage = (OPENSSL_ia32cap_P[1] & (1 << (57-32))) != 0;
/* Register everything or return with an error */
if (!ENGINE_set_id(e, aesni_id) ||
!ENGINE_set_name(e, engage ? aesni_name : no_aesni_name) ||
!ENGINE_set_init_function(e, aesni_init) ||
(engage && !ENGINE_set_ciphers (e, aesni_ciphers))
)
return 0;
/* Everything looks good */
return 1;
}
static ENGINE *engine_dynamic(void)
{
ENGINE *ret = ENGINE_new();
if (ret == NULL)
return NULL;
if (!ENGINE_set_id(ret, engine_dynamic_id) ||
!ENGINE_set_name(ret, engine_dynamic_name) ||
!ENGINE_set_init_function(ret, dynamic_init) ||
!ENGINE_set_finish_function(ret, dynamic_finish) ||
!ENGINE_set_ctrl_function(ret, dynamic_ctrl) ||
!ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) ||
!ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) {
ENGINE_free(ret);
return NULL;
}
return ret;
}
static int bind_helper(ENGINE *e)
{
fprintf(stderr, "arrive at bind_helper\n");
if(!ENGINE_set_id(e, engine_hwdev_id) ||
!ENGINE_set_name(e, engine_hwdev_name) ||
!ENGINE_set_ECDH(e, &ecdh_meth) ||
!ENGINE_set_destroy_function(e, hwdev_destroy) ||
!ENGINE_set_init_function(e, hwdev_init) ||
!ENGINE_set_finish_function(e, hwdev_finish) ||
!ENGINE_set_ctrl_function(e, hwdev_ctrl) ||
!ENGINE_set_load_privkey_function(e, hwdev_load_privkey) ||
!ENGINE_set_load_pubkey_function(e, hwdev_load_pubkey) ||
!ENGINE_set_cmd_defns(e, hwdev_cmd_defns))
return 0;
return 1;
}
static int bind_ossltest(ENGINE *e)
{
/* Ensure the ossltest error handling is set up */
ERR_load_OSSLTEST_strings();
if (!ENGINE_set_id(e, engine_ossltest_id)
|| !ENGINE_set_name(e, engine_ossltest_name)
|| !ENGINE_set_digests(e, ossltest_digests)
|| !ENGINE_set_ciphers(e, ossltest_ciphers)
|| !ENGINE_set_destroy_function(e, ossltest_destroy)
|| !ENGINE_set_init_function(e, ossltest_init)
|| !ENGINE_set_finish_function(e, ossltest_finish)) {
OSSLTESTerr(OSSLTEST_F_BIND_OSSLTEST, OSSLTEST_R_INIT_FAILED);
return 0;
}
return 1;
}
static int bind_dasync(ENGINE *e)
{
/* Ensure the dasync error handling is set up */
ERR_load_DASYNC_strings();
if (!ENGINE_set_id(e, engine_dasync_id)
|| !ENGINE_set_name(e, engine_dasync_name)
|| !ENGINE_set_RSA(e, &dasync_rsa_method)
|| !ENGINE_set_digests(e, dasync_digests)
|| !ENGINE_set_destroy_function(e, dasync_destroy)
|| !ENGINE_set_init_function(e, dasync_init)
|| !ENGINE_set_finish_function(e, dasync_finish)) {
DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED);
return 0;
}
return 1;
}
static ENGINE *
sc_get_engine(void)
{
static ENGINE *smart_engine = NULL;
if ((smart_engine = ENGINE_new()) == NULL)
fatal("ENGINE_new failed");
ENGINE_set_id(smart_engine, "sectok");
ENGINE_set_name(smart_engine, "libsectok");
ENGINE_set_RSA(smart_engine, sc_get_rsa_method());
ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method());
ENGINE_set_DH(smart_engine, DH_get_default_openssl_method());
ENGINE_set_RAND(smart_engine, RAND_SSLeay());
ENGINE_set_BN_mod_exp(smart_engine, BN_mod_exp);
return smart_engine;
}
static int bind_rsaref(ENGINE *e)
{
const RSA_METHOD *meth1;
if(!ENGINE_set_id(e, engine_rsaref_id)
|| !ENGINE_set_name(e, engine_rsaref_name)
|| !ENGINE_set_RSA(e, &rsaref_rsa)
|| !ENGINE_set_ciphers(e, rsaref_ciphers)
|| !ENGINE_set_digests(e, rsaref_digests)
|| !ENGINE_set_destroy_function(e, rsaref_destroy)
|| !ENGINE_set_init_function(e, rsaref_init)
|| !ENGINE_set_finish_function(e, rsaref_finish)
/* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
/* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
return 0;
/* Ensure the rsaref error handling is set up */
ERR_load_RSAREF_strings();
return 1;
}
/*
* This internal function is used by ENGINE_openssl() and possibly by the
* "dynamic" ENGINE support too
*/
static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_openssl_id)
|| !ENGINE_set_name(e, engine_openssl_name)
|| !ENGINE_set_destroy_function(e, openssl_destroy)
#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
# ifndef OPENSSL_NO_RSA
|| !ENGINE_set_RSA(e, RSA_get_default_method())
# endif
# ifndef OPENSSL_NO_DSA
|| !ENGINE_set_DSA(e, DSA_get_default_method())
# endif
# ifndef OPENSSL_NO_EC
|| !ENGINE_set_EC(e, EC_KEY_OpenSSL())
# endif
# ifndef OPENSSL_NO_DH
|| !ENGINE_set_DH(e, DH_get_default_method())
# endif
|| !ENGINE_set_RAND(e, RAND_OpenSSL())
# ifdef TEST_ENG_OPENSSL_RC4
|| !ENGINE_set_ciphers(e, openssl_ciphers)
# endif
# ifdef TEST_ENG_OPENSSL_SHA
|| !ENGINE_set_digests(e, openssl_digests)
# endif
#endif
#ifdef TEST_ENG_OPENSSL_PKEY
|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
#endif
#ifdef TEST_ENG_OPENSSL_HMAC
|| !ossl_register_hmac_meth()
|| !ENGINE_set_pkey_meths(e, ossl_pkey_meths)
#endif
)
return 0;
/*
* If we add errors to this ENGINE, ensure the error handling is setup
* here
*/
/* openssl_load_error_strings(); */
return 1;
}
static int bind_capi(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_capi_id)
|| !ENGINE_set_name(e, engine_capi_name)
|| !ENGINE_set_init_function(e, capi_init)
|| !ENGINE_set_finish_function(e, capi_finish)
|| !ENGINE_set_destroy_function(e, capi_destroy)
|| !ENGINE_set_RSA(e, &capi_rsa_method)
|| !ENGINE_set_DSA(e, &capi_dsa_method)
|| !ENGINE_set_load_privkey_function(e, capi_load_privkey)
|| !ENGINE_set_load_ssl_client_cert_function(e,
capi_load_ssl_client_cert)
|| !ENGINE_set_cmd_defns(e, capi_cmd_defns)
|| !ENGINE_set_ctrl_function(e, capi_ctrl))
return 0;
ERR_load_CAPI_strings();
return 1;
}
/* This internal function is used by ENGINE_tpm() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE * e)
{
if (!ENGINE_set_id(e, engine_tpm_id) ||
!ENGINE_set_name(e, engine_tpm_name) ||
#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &tpm_rsa) ||
#endif
!ENGINE_set_RAND(e, &tpm_rand) ||
!ENGINE_set_destroy_function(e, tpm_engine_destroy) ||
!ENGINE_set_init_function(e, tpm_engine_init) ||
!ENGINE_set_finish_function(e, tpm_engine_finish) ||
!ENGINE_set_ctrl_function(e, tpm_engine_ctrl) ||
!ENGINE_set_load_pubkey_function(e, tpm_engine_load_key) ||
!ENGINE_set_load_privkey_function(e, tpm_engine_load_key) ||
!ENGINE_set_cmd_defns(e, tpm_cmd_defns))
return 0;
/* Ensure the tpm error handling is set up */
ERR_load_TPM_strings();
return 1;
}
/* This internal function is used by ENGINE_openssl() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
{
if(!ENGINE_set_id(e, engine_openssl_id)
|| !ENGINE_set_name(e, engine_openssl_name)
#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
#ifndef OPENSSL_NO_RSA
|| !ENGINE_set_RSA(e, RSA_get_default_method())
#endif
#ifndef OPENSSL_NO_DSA
|| !ENGINE_set_DSA(e, DSA_get_default_method())
#endif
#ifndef OPENSSL_NO_ECDH
|| !ENGINE_set_ECDH(e, ECDH_OpenSSL())
#endif
#ifndef OPENSSL_NO_ECDSA
|| !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
#endif
#ifndef OPENSSL_NO_DH
|| !ENGINE_set_DH(e, DH_get_default_method())
#endif
|| !ENGINE_set_RAND(e, RAND_SSLeay())
#ifdef TEST_ENG_OPENSSL_RC4
|| !ENGINE_set_ciphers(e, openssl_ciphers)
#endif
#ifdef TEST_ENG_OPENSSL_SHA
|| !ENGINE_set_digests(e, openssl_digests)
#endif
#endif
//MS:
#ifndef OPENSSL_NO_STDIO
#ifdef TEST_ENG_OPENSSL_PKEY
|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
#endif
#endif
)
return 0;
/* If we add errors to this ENGINE, ensure the error handling is setup here */
/* openssl_load_error_strings(); */
return 1;
}
/*
* This internal function is used by ENGINE_skf() and possibly by the
* "dynamic" ENGINE support too
*/
static int bind_helper(ENGINE *e)
{
# ifndef OPENSSL_NO_RSA
const RSA_METHOD *meth1;
# endif
if (!ENGINE_set_id(e, engine_hwskf_id) ||
!ENGINE_set_name(e, engine_hwskf_name) ||
!ENGINE_set_destroy_function(e, hwskf_destroy) ||
!ENGINE_set_init_function(e, hwskf_init) ||
!ENGINE_set_finish_function(e, hwskf_finish) ||
!ENGINE_set_ctrl_function(e, hwskf_ctrl) ||
!ENGINE_set_load_privkey_function(e, hwskf_load_privkey) ||
!ENGINE_set_load_pubkey_function(e, hwskf_load_pubkey) ||
!ENGINE_set_cmd_defns(e, hwskf_cmd_defns))
return 0;
# ifndef OPENSSL_NO_RSA
/*
* We know that the "PKCS1_SSLeay()" functions hook properly to the
* cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
* We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
/*
meth1 = RSA_PKCS1_SSLeay();
hwskf_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
hwskf_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
hwskf_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
hwskf_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
*/
# endif
/* Ensure the hwcrhk error handling is set up */
//ERR_load_HWSKF_strings();
return 1;
}
/* ---------------------*/
static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_4758_cca_id) ||
!ENGINE_set_name(e, engine_4758_cca_name) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
# endif
!ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
!ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
!ENGINE_set_init_function(e, ibm_4758_cca_init) ||
!ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
!ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
# ifndef OPENSSL_NO_RSA
!ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
!ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
# endif
!ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
return 0;
/* Ensure the error handling is set up */
ERR_load_CCA4758_strings();
return 1;
}
/* Returns 1 if successfully added, 2 if engine has previously been added,
and 0 for error. */
int Cryptography_add_osrandom_engine(void) {
ENGINE *e;
ERR_load_Cryptography_OSRandom_strings();
e = ENGINE_by_id(Cryptography_osrandom_engine_id);
if (e != NULL) {
ENGINE_free(e);
return 2;
} else {
ERR_clear_error();
}
e = ENGINE_new();
if (e == NULL) {
return 0;
}
if (!ENGINE_set_id(e, Cryptography_osrandom_engine_id) ||
!ENGINE_set_name(e, Cryptography_osrandom_engine_name) ||
!ENGINE_set_RAND(e, &osrandom_rand) ||
!ENGINE_set_init_function(e, osrandom_init) ||
!ENGINE_set_finish_function(e, osrandom_finish) ||
!ENGINE_set_cmd_defns(e, osrandom_cmd_defns) ||
!ENGINE_set_ctrl_function(e, osrandom_ctrl)) {
ENGINE_free(e);
return 0;
}
if (!ENGINE_add(e)) {
ENGINE_free(e);
return 0;
}
if (!ENGINE_free(e)) {
return 0;
}
return 1;
}
