/* This internal function is used by ENGINE_pkcs11() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, PKCS11_ENGINE_ID) ||
!ENGINE_set_destroy_function(e, engine_destroy) ||
!ENGINE_set_init_function(e, engine_init) ||
!ENGINE_set_finish_function(e, engine_finish) ||
!ENGINE_set_ctrl_function(e, engine_ctrl) ||
!ENGINE_set_cmd_defns(e, engine_cmd_defns) ||
!ENGINE_set_name(e, PKCS11_ENGINE_NAME) ||
#ifndef OPENSSL_NO_RSA
!ENGINE_set_RSA(e, PKCS11_get_rsa_method()) ||
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10100002L
#ifndef OPENSSL_NO_EC
/* PKCS11_get_ec_key_method combines ECDSA and ECDH */
!ENGINE_set_EC(e, PKCS11_get_ec_key_method()) ||
#endif /* OPENSSL_NO_EC */
#else /* OPENSSL_VERSION_NUMBER */
#ifndef OPENSSL_NO_ECDSA
!ENGINE_set_ECDSA(e, PKCS11_get_ecdsa_method()) ||
#endif
#ifndef OPENSSL_NO_ECDH
!ENGINE_set_ECDH(e, PKCS11_get_ecdh_method()) ||
#endif
#endif /* OPENSSL_VERSION_NUMBER */
!ENGINE_set_load_pubkey_function(e, load_pubkey) ||
!ENGINE_set_load_privkey_function(e, load_privkey)) {
return 0;
} else {
return 1;
}
}
static ENGINE* LoadEngine()
{
// This function creates an engine for PKCS#11 and inspired by
// the "ENGINE_load_dynamic" function from OpenSSL, in file
// "crypto/engine/eng_dyn.c"
ENGINE* engine = ENGINE_new();
if (!engine)
{
LOG(ERROR) << "Cannot create an OpenSSL engine for PKCS#11";
throw OrthancException(ErrorCode_InternalError);
}
// Create a PKCS#11 context using libp11
context_ = pkcs11_new();
if (!context_)
{
LOG(ERROR) << "Cannot create a libp11 context for PKCS#11";
ENGINE_free(engine);
throw OrthancException(ErrorCode_InternalError);
}
if (!ENGINE_set_id(engine, PKCS11_ENGINE_ID) ||
!ENGINE_set_name(engine, PKCS11_ENGINE_NAME) ||
!ENGINE_set_cmd_defns(engine, PKCS11_ENGINE_COMMANDS) ||
// Register the callback functions
!ENGINE_set_init_function(engine, EngineInitialize) ||
!ENGINE_set_finish_function(engine, EngineFinalize) ||
!ENGINE_set_destroy_function(engine, EngineDestroy) ||
!ENGINE_set_ctrl_function(engine, EngineControl) ||
!ENGINE_set_load_pubkey_function(engine, EngineLoadPublicKey) ||
!ENGINE_set_load_privkey_function(engine, EngineLoadPrivateKey) ||
!ENGINE_set_RSA(engine, PKCS11_get_rsa_method()) ||
!ENGINE_set_ECDSA(engine, PKCS11_get_ecdsa_method()) ||
!ENGINE_set_ECDH(engine, PKCS11_get_ecdh_method()) ||
#if OPENSSL_VERSION_NUMBER >= 0x10100002L
!ENGINE_set_EC(engine, PKCS11_get_ec_key_method()) ||
#endif
// Make OpenSSL know about our PKCS#11 engine
!ENGINE_add(engine))
{
LOG(ERROR) << "Cannot initialize the OpenSSL engine for PKCS#11";
pkcs11_finish(context_);
ENGINE_free(engine);
throw OrthancException(ErrorCode_InternalError);
}
// If the "ENGINE_add" worked, it gets a structural
// reference. We release our just-created reference.
ENGINE_free(engine);
return ENGINE_by_id(PKCS11_ENGINE_ID);
}
/* This internal function is used by ENGINE_openssl() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
{
if(!ENGINE_set_id(e, engine_openssl_id)
|| !ENGINE_set_name(e, engine_openssl_name)
#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
#ifndef OPENSSL_NO_RSA
|| !ENGINE_set_RSA(e, RSA_get_default_method())
#endif
#ifndef OPENSSL_NO_DSA
|| !ENGINE_set_DSA(e, DSA_get_default_method())
#endif
#ifndef OPENSSL_NO_ECDH
|| !ENGINE_set_ECDH(e, ECDH_OpenSSL())
#endif
#ifndef OPENSSL_NO_ECDSA
|| !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
#endif
#ifndef OPENSSL_NO_DH
|| !ENGINE_set_DH(e, DH_get_default_method())
#endif
|| !ENGINE_set_RAND(e, RAND_SSLeay())
#ifdef TEST_ENG_OPENSSL_RC4
|| !ENGINE_set_ciphers(e, openssl_ciphers)
#endif
#ifdef TEST_ENG_OPENSSL_SHA
|| !ENGINE_set_digests(e, openssl_digests)
#endif
#endif
//MS:
#ifndef OPENSSL_NO_STDIO
#ifdef TEST_ENG_OPENSSL_PKEY
|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
#endif
#endif
)
return 0;
/* If we add errors to this ENGINE, ensure the error handling is setup here */
/* openssl_load_error_strings(); */
return 1;
}