/*
* Construct the per-ENGINE context. We create it blindly and then use a lock
* to check for a race - if so, all but one of the threads "racing" will have
* wasted their time. The alternative involves creating everything inside the
* lock which is far worse.
*/
static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
{
dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c));
if (c == NULL) {
ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
return 0;
}
c->dirs = sk_OPENSSL_STRING_new_null();
if (c->dirs == NULL) {
ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
OPENSSL_free(c);
return 0;
}
c->DYNAMIC_F1 = "v_check";
c->DYNAMIC_F2 = "bind_engine";
c->dir_load = 1;
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
dynamic_ex_data_idx))
== NULL) {
/* Good, we're the first */
ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
*ctx = c;
c = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/*
* If we lost the race to set the context, c is non-NULL and *ctx is the
* context of the thread that won.
*/
OPENSSL_free(c);
return 1;
}
static int capi_init(ENGINE *e)
{
CAPI_CTX *ctx;
const RSA_METHOD *ossl_rsa_meth;
const DSA_METHOD *ossl_dsa_meth;
if (capi_idx < 0) {
capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
if (capi_idx < 0)
goto memerr;
cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0);
/* Setup RSA_METHOD */
rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
ossl_rsa_meth = RSA_PKCS1_SSLeay();
capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc;
capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec;
capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp;
capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp;
/* Setup DSA Method */
dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
ossl_dsa_meth = DSA_OpenSSL();
capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify;
capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp;
capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp;
}
ctx = capi_ctx_new();
if (!ctx)
goto memerr;
ENGINE_set_ex_data(e, capi_idx, ctx);
# ifdef OPENSSL_CAPIENG_DIALOG
{
HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL"));
HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL"));
if (cryptui)
ctx->certselectdlg =
(CERTDLG) GetProcAddress(cryptui,
"CryptUIDlgSelectCertificateFromStore");
if (kernel)
ctx->getconswindow =
(GETCONSWIN) GetProcAddress(kernel, "GetConsoleWindow");
if (cryptui && !OPENSSL_isservice())
ctx->client_cert_select = cert_select_dialog;
}
# endif
return 1;
memerr:
CAPIerr(CAPI_F_CAPI_INIT, ERR_R_MALLOC_FAILURE);
return 0;
return 1;
}
static int capi_finish(ENGINE *e)
{
CAPI_CTX *ctx;
ctx = ENGINE_get_ex_data(e, capi_idx);
capi_ctx_free(ctx);
ENGINE_set_ex_data(e, capi_idx, NULL);
return 1;
}
/* Destroy the context allocated with pkcs11_new() */
static int engine_destroy(ENGINE *engine)
{
ENGINE_CTX *ctx;
int rv;
ctx = get_ctx(engine);
if (ctx == NULL)
return 0;
rv = pkcs11_destroy(ctx);
ENGINE_set_ex_data(engine, pkcs11_idx, NULL);
return rv;
}
static EVP_PKEY *hw_load_privkey(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data)
{
//将密钥id放在ENGINE的扩展数据中
int index;
printf("call hw_load_privkey\n");
index = 0;
ENGINE_set_ex_data(e, index, (char *)key_id);
return NULL;
}
/*
* Construct the per-ENGINE context. We create it blindly and then use a lock
* to check for a race - if so, all but one of the threads "racing" will have
* wasted their time. The alternative involves creating everything inside the
* lock which is far worse.
*/
static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
{
dynamic_data_ctx *c;
c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
if (!c) {
ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
return 0;
}
memset(c, 0, sizeof(dynamic_data_ctx));
c->dynamic_dso = NULL;
c->v_check = NULL;
c->bind_engine = NULL;
c->DYNAMIC_LIBNAME = NULL;
c->no_vcheck = 0;
c->engine_id = NULL;
c->list_add_value = 0;
c->DYNAMIC_F1 = "v_check";
c->DYNAMIC_F2 = "bind_engine";
c->dir_load = 1;
c->dirs = sk_OPENSSL_STRING_new_null();
if (!c->dirs) {
ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
OPENSSL_free(c);
return 0;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
dynamic_ex_data_idx))
== NULL) {
/* Good, we're the first */
ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
*ctx = c;
c = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
/*
* If we lost the race to set the context, c is non-NULL and *ctx is the
* context of the thread that won.
*/
if (c) {
sk_OPENSSL_STRING_free(c->dirs);
OPENSSL_free(c);
}
return 1;
}
static ENGINE_CTX *get_ctx(ENGINE *engine)
{
ENGINE_CTX *ctx;
if (pkcs11_idx < 0) {
pkcs11_idx = ENGINE_get_ex_new_index(0, "pkcs11", NULL, NULL, 0);
if (pkcs11_idx < 0)
return NULL;
ctx = NULL;
} else {
ctx = ENGINE_get_ex_data(engine, pkcs11_idx);
}
if (ctx == NULL) {
ctx = pkcs11_new();
ENGINE_set_ex_data(engine, pkcs11_idx, ctx);
}
return ctx;
}
