/* * Construct the per-ENGINE context. We create it blindly and then use a lock * to check for a race - if so, all but one of the threads "racing" will have * wasted their time. The alternative involves creating everything inside the * lock which is far worse. */ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) { dynamic_data_ctx *c = OPENSSL_zalloc(sizeof(*c)); if (c == NULL) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); return 0; } c->dirs = sk_OPENSSL_STRING_new_null(); if (c->dirs == NULL) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); OPENSSL_free(c); return 0; } c->DYNAMIC_F1 = "v_check"; c->DYNAMIC_F2 = "bind_engine"; c->dir_load = 1; CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx)) == NULL) { /* Good, we're the first */ ENGINE_set_ex_data(e, dynamic_ex_data_idx, c); *ctx = c; c = NULL; } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* * If we lost the race to set the context, c is non-NULL and *ctx is the * context of the thread that won. */ OPENSSL_free(c); return 1; }
static int capi_init(ENGINE *e) { CAPI_CTX *ctx; const RSA_METHOD *ossl_rsa_meth; const DSA_METHOD *ossl_dsa_meth; if (capi_idx < 0) { capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); if (capi_idx < 0) goto memerr; cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0); /* Setup RSA_METHOD */ rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0); ossl_rsa_meth = RSA_PKCS1_SSLeay(); capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc; capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec; capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp; capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp; /* Setup DSA Method */ dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0); ossl_dsa_meth = DSA_OpenSSL(); capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify; capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp; capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp; } ctx = capi_ctx_new(); if (!ctx) goto memerr; ENGINE_set_ex_data(e, capi_idx, ctx); # ifdef OPENSSL_CAPIENG_DIALOG { HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL")); HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL")); if (cryptui) ctx->certselectdlg = (CERTDLG) GetProcAddress(cryptui, "CryptUIDlgSelectCertificateFromStore"); if (kernel) ctx->getconswindow = (GETCONSWIN) GetProcAddress(kernel, "GetConsoleWindow"); if (cryptui && !OPENSSL_isservice()) ctx->client_cert_select = cert_select_dialog; } # endif return 1; memerr: CAPIerr(CAPI_F_CAPI_INIT, ERR_R_MALLOC_FAILURE); return 0; return 1; }
static int capi_finish(ENGINE *e) { CAPI_CTX *ctx; ctx = ENGINE_get_ex_data(e, capi_idx); capi_ctx_free(ctx); ENGINE_set_ex_data(e, capi_idx, NULL); return 1; }
/* Destroy the context allocated with pkcs11_new() */ static int engine_destroy(ENGINE *engine) { ENGINE_CTX *ctx; int rv; ctx = get_ctx(engine); if (ctx == NULL) return 0; rv = pkcs11_destroy(ctx); ENGINE_set_ex_data(engine, pkcs11_idx, NULL); return rv; }
static EVP_PKEY *hw_load_privkey(ENGINE *e, const char *key_id, UI_METHOD *ui_method, void *callback_data) { //将密钥id放在ENGINE的扩展数据中 int index; printf("call hw_load_privkey\n"); index = 0; ENGINE_set_ex_data(e, index, (char *)key_id); return NULL; }
/* * Construct the per-ENGINE context. We create it blindly and then use a lock * to check for a race - if so, all but one of the threads "racing" will have * wasted their time. The alternative involves creating everything inside the * lock which is far worse. */ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) { dynamic_data_ctx *c; c = OPENSSL_malloc(sizeof(dynamic_data_ctx)); if (!c) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); return 0; } memset(c, 0, sizeof(dynamic_data_ctx)); c->dynamic_dso = NULL; c->v_check = NULL; c->bind_engine = NULL; c->DYNAMIC_LIBNAME = NULL; c->no_vcheck = 0; c->engine_id = NULL; c->list_add_value = 0; c->DYNAMIC_F1 = "v_check"; c->DYNAMIC_F2 = "bind_engine"; c->dir_load = 1; c->dirs = sk_OPENSSL_STRING_new_null(); if (!c->dirs) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE); OPENSSL_free(c); return 0; } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx)) == NULL) { /* Good, we're the first */ ENGINE_set_ex_data(e, dynamic_ex_data_idx, c); *ctx = c; c = NULL; } CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); /* * If we lost the race to set the context, c is non-NULL and *ctx is the * context of the thread that won. */ if (c) { sk_OPENSSL_STRING_free(c->dirs); OPENSSL_free(c); } return 1; }
static ENGINE_CTX *get_ctx(ENGINE *engine) { ENGINE_CTX *ctx; if (pkcs11_idx < 0) { pkcs11_idx = ENGINE_get_ex_new_index(0, "pkcs11", NULL, NULL, 0); if (pkcs11_idx < 0) return NULL; ctx = NULL; } else { ctx = ENGINE_get_ex_data(engine, pkcs11_idx); } if (ctx == NULL) { ctx = pkcs11_new(); ENGINE_set_ex_data(engine, pkcs11_idx, ctx); } return ctx; }