/* Document-method: OpenSSL::Engine#finish
*
* Releases all internal structural references for this engine.
*
* May raise an EngineError if the engine is unavailable
*/
static VALUE
ossl_engine_finish(VALUE self)
{
ENGINE *e;
GetEngine(self, e);
if(!ENGINE_finish(e)) ossl_raise(eEngineError, NULL);
return Qnil;
}
int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
const char *algname, ENGINE *e, int do_param)
{
EVP_PKEY_CTX *ctx = NULL;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *tmpeng = NULL;
int pkey_id;
if (*pctx) {
BIO_puts(err, "Algorithm already set!\n");
return 0;
}
ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
#ifndef OPENSSL_NO_ENGINE
if (!ameth && e)
ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
#endif
if (!ameth) {
BIO_printf(bio_err, "Algorithm %s not found\n", algname);
return 0;
}
ERR_clear_error();
EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
#ifndef OPENSSL_NO_ENGINE
if (tmpeng)
ENGINE_finish(tmpeng);
#endif
ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
if (!ctx)
goto err;
if (do_param) {
if (EVP_PKEY_paramgen_init(ctx) <= 0)
goto err;
} else {
if (EVP_PKEY_keygen_init(ctx) <= 0)
goto err;
}
*pctx = ctx;
return 1;
err:
BIO_printf(err, "Error initializing %s context\n", algname);
ERR_print_errors(err);
if (ctx)
EVP_PKEY_CTX_free(ctx);
return 0;
}
static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
{
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *e = NULL;
if (pkey) {
if (pkey->pkey.ptr)
EVP_PKEY_free_it(pkey);
/*
* If key type matches and a method exists then this lookup has
* succeeded once so just indicate success.
*/
if ((type == pkey->save_type) && pkey->ameth)
return 1;
#ifndef OPENSSL_NO_ENGINE
/* If we have an ENGINE release it */
if (pkey->engine) {
ENGINE_finish(pkey->engine);
pkey->engine = NULL;
}
#endif
}
if (str)
ameth = EVP_PKEY_asn1_find_str(&e, str, len);
else
ameth = EVP_PKEY_asn1_find(&e, type);
#ifndef OPENSSL_NO_ENGINE
if (!pkey && e)
ENGINE_finish(e);
#endif
if (!ameth) {
EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
return 0;
}
if (pkey) {
pkey->ameth = ameth;
pkey->engine = e;
pkey->type = pkey->ameth->pkey_id;
pkey->save_type = type;
}
return 1;
}
static void EVP_PKEY_free_it(EVP_PKEY *x)
{
if (x->ameth && x->ameth->pkey_free)
x->ameth->pkey_free(x);
#ifndef OPENSSL_NO_ENGINE
if (x->engine)
{
ENGINE_finish(x->engine);
x->engine = NULL;
}
#endif
}
int
DH_set_method(DH *dh, const DH_METHOD *method)
{
(*dh->meth->finish)(dh);
if (dh->engine) {
ENGINE_finish(dh->engine);
dh->engine = NULL;
}
dh->meth = method;
(*dh->meth->init)(dh);
return 1;
}
void ecdh_data_free(void *data)
{
ECDH_DATA *r = (ECDH_DATA *)data;
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
OPENSSL_clear_free((void *)r, sizeof(ECDH_DATA));
}
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
{
if (ctx == NULL)
return;
if (ctx->pmeth && ctx->pmeth->cleanup)
ctx->pmeth->cleanup(ctx);
EVP_PKEY_free(ctx->pkey);
EVP_PKEY_free(ctx->peerkey);
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(ctx->engine);
#endif
OPENSSL_free(ctx);
}
int
RAND_set_rand_method(const RAND_METHOD *meth)
{
const RAND_METHOD *old = selected_meth;
selected_meth = meth;
if (old)
(*old->cleanup)();
if (selected_engine) {
ENGINE_finish(selected_engine);
selected_engine = NULL;
}
return 1;
}
static int get_optional_pkey_id(const char *pkey_name)
{
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *tmpeng = NULL;
int pkey_id=0;
ameth = EVP_PKEY_asn1_find_str(&tmpeng,pkey_name,-1);
if (ameth)
{
EVP_PKEY_asn1_get0_info(&pkey_id, NULL,NULL,NULL,NULL,ameth);
}
if (tmpeng) ENGINE_finish(tmpeng);
return pkey_id;
}
static int int_engine_init(ENGINE *e)
{
if (!ENGINE_init(e))
return 0;
if (!initialized_engines)
initialized_engines = sk_ENGINE_new_null();
if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e))
{
ENGINE_finish(e);
return 0;
}
return 1;
}
void uninitEngine(void)
{
// finish
printf("**** Finish engine ****\n");
ck_assert_msg(ENGINE_finish(_pkcs12_engine), "Failed to finish engine");
printf("**** Free engine ****\n");
ck_assert_msg(ENGINE_free(_pkcs12_engine), "Failed to free engine");
ENGINE_cleanup();
qeo_openssl_engine_destroy();
free(_engine_id);
}
/*
* This function is called when the 'data' struct is going away. Close
* down everything and free all resources!
*/
int Curl_ossl_close_all(struct SessionHandle *data)
{
#ifdef HAVE_OPENSSL_ENGINE_H
if(data->state.engine) {
ENGINE_finish(data->state.engine);
ENGINE_free(data->state.engine);
data->state.engine = NULL;
}
#else
(void)data;
#endif
return 0;
}
int RAND_set_rand_method(const RAND_METHOD *meth)
{
if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init))
return 0;
CRYPTO_THREAD_write_lock(rand_meth_lock);
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(funct_ref);
funct_ref = NULL;
#endif
default_RAND_meth = meth;
CRYPTO_THREAD_unlock(rand_meth_lock);
return 1;
}
int
RSA_set_method(RSA *rsa, const RSA_METHOD *method)
{
(*rsa->meth->finish)(rsa);
if (rsa->engine) {
ENGINE_finish(rsa->engine);
rsa->engine = NULL;
}
rsa->meth = method;
(*rsa->meth->init)(rsa);
return 1;
}
void
RAND_cleanup(void)
{
const RAND_METHOD *meth = selected_meth;
ENGINE *engine = selected_engine;
selected_meth = NULL;
selected_engine = NULL;
if (meth)
(*meth->cleanup)();
if (engine)
ENGINE_finish(engine);
}
int EVP_PKEY_type(int type)
{
int ret;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *e;
ameth = EVP_PKEY_asn1_find(&e, type);
if (ameth)
ret = ameth->pkey_id;
else
ret = NID_undef;
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(e);
#endif
return ret;
}
int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
{
if (!ENGINE_init(e)) {
SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
return 0;
}
if (!ENGINE_get_ssl_client_cert_function(e)) {
SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
SSL_R_NO_CLIENT_CERT_METHOD);
ENGINE_finish(e);
return 0;
}
ctx->client_cert_engine = e;
return 1;
}
static void
ecdsa_data_free(void *data)
{
ECDSA_DATA *r = (ECDSA_DATA *)data;
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
explicit_bzero((void *)r, sizeof(ECDSA_DATA));
free(r);
}
static int do_evp_md_engine_full(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)
{
if (*ptype)
{
/* Ensure an ENGINE left lying around from last time is cleared
* (the previous check attempted to avoid this if the same
* ENGINE and EVP_MD could be used). */
if(ctx->engine)
ENGINE_finish(ctx->engine);
if(impl)
{
if (!ENGINE_init(impl))
{
EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR);
return 0;
}
}
else
/* Ask if an ENGINE is reserved for this job */
impl = ENGINE_get_digest_engine((*ptype)->type);
if(impl)
{
/* There's an ENGINE for this job ... (apparently) */
const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type);
if(!d)
{
/* Same comment from evp_enc.c */
EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR);
return 0;
}
/* We'll use the ENGINE's private digest definition */
*ptype = d;
/* Store the ENGINE functional reference so we know
* 'type' came from an ENGINE and we need to release
* it when done. */
ctx->engine = impl;
}
else
ctx->engine = NULL;
}
else
if(!ctx->digest)
{
EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_NO_DIGEST_SET);
return 0;
}
return 1;
}
int DH_set_method(DH *dh, const DH_METHOD *meth)
{
/* NB: The caller is specifically setting a method, so it's not up to us
* to deal with which ENGINE it comes from. */
const DH_METHOD *mtmp;
mtmp = dh->meth;
if (mtmp->finish) mtmp->finish(dh);
if (dh->engine)
{
ENGINE_finish(dh->engine);
dh->engine = NULL;
}
dh->meth = meth;
if (meth->init) meth->init(dh);
return 1;
}
STORE *STORE_new_engine(ENGINE *engine)
{
STORE *ret = NULL;
ENGINE *e = engine;
const STORE_METHOD *meth = 0;
#ifdef OPENSSL_NO_ENGINE
e = NULL;
#else
if (engine)
{
if (!ENGINE_init(engine))
{
STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
return NULL;
}
e = engine;
}
else
{
STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if(e)
{
meth = ENGINE_get_STORE(e);
if(!meth)
{
STOREerr(STORE_F_STORE_NEW_ENGINE,
ERR_R_ENGINE_LIB);
ENGINE_finish(e);
return NULL;
}
}
#endif
ret = STORE_new_method(meth);
if (ret == NULL)
{
STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
return NULL;
}
ret->engine = e;
return(ret);
}
void DH_free (DH * r)
{
int i;
if (r == NULL)
return;
i = CRYPTO_add (&r->references, -1, CRYPTO_LOCK_DH);
#ifdef REF_PRINT
REF_PRINT ("DH", r);
#endif
if (i > 0)
return;
#ifdef REF_CHECK
if (i < 0)
{
fprintf (stderr, "DH_free, bad reference count\n");
abort ();
}
#endif
if (r->meth->finish)
r->meth->finish (r);
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish (r->engine);
#endif
CRYPTO_free_ex_data (CRYPTO_EX_INDEX_DH, r, &r->ex_data);
if (r->p != NULL)
BN_clear_free (r->p);
if (r->g != NULL)
BN_clear_free (r->g);
if (r->q != NULL)
BN_clear_free (r->q);
if (r->j != NULL)
BN_clear_free (r->j);
if (r->seed)
OPENSSL_free (r->seed);
if (r->counter != NULL)
BN_clear_free (r->counter);
if (r->pub_key != NULL)
BN_clear_free (r->pub_key);
if (r->priv_key != NULL)
BN_clear_free (r->priv_key);
OPENSSL_free (r);
}
int RAND_set_rand_engine(ENGINE *engine)
{
const RAND_METHOD *tmp_meth = NULL;
if (engine) {
if (!ENGINE_init(engine))
return 0;
tmp_meth = ENGINE_get_RAND(engine);
if (!tmp_meth) {
ENGINE_finish(engine);
return 0;
}
}
/* This function releases any prior ENGINE so call it first */
RAND_set_rand_method(tmp_meth);
funct_ref = engine;
return 1;
}
static void
int_engine_module_finish(CONF_IMODULE *md)
{
ENGINE *e;
while ((e = sk_ENGINE_pop(initialized_engines)))
ENGINE_finish(e);
sk_ENGINE_free(initialized_engines);
initialized_engines = NULL;
}
/* Free memory for the hardware engine */
static void unload_hardware_engine () {
if (!reng)
return;
ENGINE_finish (reng);
ENGINE_free (reng);
ENGINE_cleanup ();
reng = NULL;
rand_loaded = 0;
}
int eng_RAND_set_rand_method(const RAND_METHOD *meth, const RAND_METHOD **pmeth)
{
if(funct_ref)
{
ENGINE_finish(funct_ref);
funct_ref = NULL;
}
*pmeth = meth;
return 1;
}
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
* @param f The context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
static apr_status_t crypto_cleanup(apr_crypto_t *f)
{
if (f->config->engine) {
ENGINE_finish(f->config->engine);
ENGINE_free(f->config->engine);
f->config->engine = NULL;
}
return APR_SUCCESS;
}
int RAND_set_rand_method(const RAND_METHOD *meth)
{
#ifndef OPENSSL_NO_ENGINE
if (funct_ref) {
ENGINE_finish(funct_ref);
funct_ref = NULL;
}
#endif
default_RAND_meth = meth;
return 1;
}
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
{
EVP_PKEY *ret;
const unsigned char *p = *pp;
if ((a == NULL) || (*a == NULL)) {
if ((ret = EVP_PKEY_new()) == NULL) {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
return (NULL);
}
} else {
ret = *a;
#ifndef OPENSSL_NO_ENGINE
if (ret->engine) {
ENGINE_finish(ret->engine);
ret->engine = NULL;
}
#endif
}
if (!EVP_PKEY_set_type(ret, type)) {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
goto err;
}
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &p, length)) {
if (ret->ameth->priv_decode) {
EVP_PKEY *tmp;
PKCS8_PRIV_KEY_INFO *p8 = NULL;
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (!p8)
goto err;
tmp = EVP_PKCS82PKEY(p8);
PKCS8_PRIV_KEY_INFO_free(p8);
if (tmp == NULL)
goto err;
EVP_PKEY_free(ret);
ret = tmp;
} else {
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
goto err;
}
}
*pp = p;
if (a != NULL)
(*a) = ret;
return (ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
EVP_PKEY_free(ret);
return (NULL);
}
static void EVP_PKEY_free_it(EVP_PKEY *x)
{
/* internal function; x is never NULL */
if (x->ameth && x->ameth->pkey_free) {
x->ameth->pkey_free(x);
x->pkey.ptr = NULL;
}
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(x->engine);
x->engine = NULL;
#endif
}
