Exemplo n.º 1
0
void ENGINE_load_builtin_engines(void)
{
    /* Some ENGINEs need this */
    OPENSSL_cpuid_setup();
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
# ifdef ENGINE_load_cryptodev
    ENGINE_load_cryptodev();
# endif
#endif
#ifndef OPENSSL_NO_RDRAND
# ifdef ENGINE_load_rdrand
    ENGINE_load_rdrand();
# endif
#endif
# ifdef ENGINE_load_dynamic
    ENGINE_load_dynamic();
# endif
#ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_HW
#  ifndef OPENSSL_NO_HW_PADLOCK
#   ifdef ENGINE_load_padlock
    ENGINE_load_padlock();
#   endif
#  endif
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
#  ifdef ENGINE_load_capi
    ENGINE_load_capi();
#  endif
# endif
#endif
    ENGINE_register_all_complete();
}
Exemplo n.º 2
0
void ENGINE_load_builtin_engines(void)
	{
	/* Some ENGINEs need this */
	OPENSSL_cpuid_setup();
#if 0
	/* There's no longer any need for an "openssl" ENGINE unless, one day,
	 * it is the *only* way for standard builtin implementations to be be
	 * accessed (ie. it would be possible to statically link binaries with
	 * *no* builtin implementations). */
	ENGINE_load_openssl();
#endif
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
	ENGINE_load_cryptodev();
#endif
#ifndef OPENSSL_NO_RSAX
	ENGINE_load_rsax();
#endif
#ifndef OPENSSL_NO_RDRAND
	ENGINE_load_rdrand();
#endif
	ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_PADLOCK
	ENGINE_load_padlock();
#endif
#endif
#ifndef OPENSSL_NO_GOST
	ENGINE_load_gost();
#endif
#endif
	ENGINE_register_all_complete();
	}
Exemplo n.º 3
0
static int load_engine(void **ctx,MESSAGE *msg)
{
	int i;
	ENGINE **e=(ENGINE **)ctx;

	ENGINE_load_dynamic();

	if(!(*e=ENGINE_by_id("dynamic")))goto err1;

	if(!ENGINE_ctrl_cmd_string(*e,"SO_PATH",msg->engine,0))goto err2;
	for(i=0;pkcs11[i].name;i++)
		if(!ENGINE_ctrl_cmd_string(*e,pkcs11[i].name,pkcs11[i].value,0))
			goto err2;
	if(!ENGINE_ctrl_cmd_string(*e,"MODULE_PATH",msg->pkcs11,0))goto err2;
	if(msg->nopin)if(!ENGINE_ctrl_cmd_string(*e,"NOLOGIN","1",0))goto err2;
	if(!ENGINE_ctrl_cmd_string(*e,"PIN",msg->nopin?"":msg->pin,0))goto err2;
	if(!ENGINE_init(*e))
	{
err2:		ENGINE_free(*e);
err1:		ENGINE_cleanup();
		return ENGFAIL;
	}

	ENGINE_free(*e);

	ENGINE_set_default(*e,ENGINE_METHOD_ALL&~ENGINE_METHOD_RAND);

	return OK;
}
DynamicEngine::DynamicEngine( const string & id,
                              const StringList & engineLibPaths )
{
    DEBUG( "dynamic: ctor: loading and configuring dynamic engine" );
    ENGINE_load_dynamic();

    ENGINE * dyn = ENGINE_by_id( "dynamic" );
    if ( ! dyn )
        throw Exception( "dynamic: load failed" );

    m_pEngine = dyn;

    const string engineLibPath( findFirstExisting( engineLibPaths ) );
    if ( engineLibPath.empty() )
        throw Exception( "dynamic: unable to find engine lib path" );

    DEBUG( "dynamic: ctor: so_path=" << QS( engineLibPath ) );
    if ( 1 != ENGINE_ctrl_cmd_string( dyn, "SO_PATH", engineLibPath.c_str(), CMD_MANDATORY ) )
        throw Exception( "dynamic: setting so_path <= " + QS( engineLibPath ) );

    DEBUG( "dynamic: ctor: id=" << QS( id ) );
    if ( 1 != ENGINE_ctrl_cmd_string( dyn, "ID", id.c_str(), CMD_MANDATORY ) )
        throw Exception( "dynamic: setting id <= " + QS( id ) );

    DEBUG( "dynamic: ctor: list_add=1" );
    if ( 1 != ENGINE_ctrl_cmd( dyn, "LIST_ADD", 1, NULL, NULL, CMD_MANDATORY ) )
        throw Exception( "dynamic: setting list_add <= 1" );

    DEBUG( "dynamic: ctor: load=1" );
    if ( 1 != ENGINE_ctrl_cmd( dyn, "LOAD", 1, NULL, NULL, CMD_MANDATORY ) )
        throw Exception( "dynamic: setting load <= 1" );

    DEBUG( "dynamic: ctor: done" );
}
Exemplo n.º 5
0
void ENGINE_load_builtin_engines(void)
	{
	/* Some ENGINEs need this */
	OPENSSL_cpuid_setup();
#if 0
	/* There's no longer any need for an "openssl" ENGINE unless, one day,
	 * it is the *only* way for standard builtin implementations to be be
	 * accessed (ie. it would be possible to statically link binaries with
	 * *no* builtin implementations). */
	ENGINE_load_openssl();
#endif
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
	ENGINE_load_cryptodev();
#endif
#ifndef OPENSSL_NO_RDRAND
	ENGINE_load_rdrand();
#endif
	ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_4758_CCA
	ENGINE_load_4758cca();
#endif
#ifndef OPENSSL_NO_HW_AEP
	ENGINE_load_aep();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
	ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_CSWIFT
	ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
	ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_NURON
	ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_SUREWARE
	ENGINE_load_sureware();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
	ENGINE_load_ubsec();
#endif
#ifndef OPENSSL_NO_HW_PADLOCK
	ENGINE_load_padlock();
#endif
#endif
#ifndef OPENSSL_NO_GOST
	ENGINE_load_gost();
#endif
#ifndef OPENSSL_NO_GMP
	ENGINE_load_gmp();
#endif
#if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
	ENGINE_load_capi();
#endif
#endif
	ENGINE_register_all_complete();
	}
Exemplo n.º 6
0
static ENGINE *
InitEnginePKCS11( const char *pkcs11, const char *pin)
{
	ENGINE *e;
	ENGINE_load_dynamic();
	e = ENGINE_by_id("dynamic");
	if (!e){
		SSL_Error(_d("Engine_by_id:\n %s"), GetSSLErrorString());
		return NULL;
	}

	if(!ENGINE_ctrl_cmd_string(e, "SO_PATH", ENGINE_PKCS11_PATH, 0)||
	   !ENGINE_ctrl_cmd_string(e, "ID", "pkcs11", 0) ||
	   !ENGINE_ctrl_cmd_string(e, "LIST_ADD", "1", 0) ||
	   !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0) ||
	   !ENGINE_ctrl_cmd_string(e, "MODULE_PATH", pkcs11, 0) ||
	   !ENGINE_ctrl_cmd_string(e, "PIN", pin, 0) ){
		SSL_Error(_d("Engine_ctrl_cmd_string failure:\n %s"), GetSSLErrorString());
		ENGINE_free(e);
		return NULL;
	}

	if(!ENGINE_init(e)){
		SSL_Error(_d("Engine_init failure:\n %s"), GetSSLErrorString());
		ENGINE_free(e);
		return NULL;
	}

	return e; 
}
Exemplo n.º 7
0
void
sc_pkcs11_register_openssl_mechanisms(struct sc_pkcs11_card *card)
{
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_ENGINE)
	void (*locking_cb)(int, int, const char *, int);
	ENGINE *e;

	locking_cb = CRYPTO_get_locking_callback();
	if (locking_cb)
		CRYPTO_set_locking_callback(NULL);

	e = ENGINE_by_id("gost");
	if (!e)
	{
#if !defined(OPENSSL_NO_STATIC_ENGINE) && !defined(OPENSSL_NO_GOST)
		ENGINE_load_gost();
		e = ENGINE_by_id("gost");
#else
		/* try to load dynamic gost engine */
		e = ENGINE_by_id("dynamic");
		if (!e) {
			ENGINE_load_dynamic();
			e = ENGINE_by_id("dynamic");
		}
		if (e && (!ENGINE_ctrl_cmd_string(e, "SO_PATH", "gost", 0) ||
					!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))) {
			ENGINE_free(e);
			e = NULL;
		}
#endif /* !OPENSSL_NO_STATIC_ENGINE && !OPENSSL_NO_GOST */
	}
	if (e) {
		ENGINE_set_default(e, ENGINE_METHOD_ALL);
		ENGINE_free(e);
	}

	if (locking_cb)
		CRYPTO_set_locking_callback(locking_cb);
#endif /* OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(OPENSSL_NO_ENGINE) */

	openssl_sha1_mech.mech_data = EVP_sha1();
	sc_pkcs11_register_mechanism(card, &openssl_sha1_mech);
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
	openssl_sha256_mech.mech_data = EVP_sha256();
	sc_pkcs11_register_mechanism(card, &openssl_sha256_mech);
	openssl_sha384_mech.mech_data = EVP_sha384();
	sc_pkcs11_register_mechanism(card, &openssl_sha384_mech);
	openssl_sha512_mech.mech_data = EVP_sha512();
	sc_pkcs11_register_mechanism(card, &openssl_sha512_mech);
#endif
	openssl_md5_mech.mech_data = EVP_md5();
	sc_pkcs11_register_mechanism(card, &openssl_md5_mech);
	openssl_ripemd160_mech.mech_data = EVP_ripemd160();
	sc_pkcs11_register_mechanism(card, &openssl_ripemd160_mech);
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
	openssl_gostr3411_mech.mech_data = EVP_get_digestbynid(NID_id_GostR3411_94);
	sc_pkcs11_register_mechanism(card, &openssl_gostr3411_mech);
#endif
}
Exemplo n.º 8
0
int main(int argc, char **argv)
{
#ifdef ANDROID_CHANGES
    int control = android_get_control_and_arguments(&argc, &argv);
    ENGINE *e;
    if (control != -1) {
        pname = "%p";
        monitor_fd(control, NULL);

        ENGINE_load_dynamic();
        e = ENGINE_by_id("keystore");
        if (!e || !ENGINE_init(e)) {
            do_plog(LLV_ERROR, "ipsec-tools: cannot load keystore engine");
            exit(1);
        }
    }
#endif

    do_plog(LLV_INFO, "ipsec-tools 0.7.3 (http://ipsec-tools.sf.net)\n");

    signal(SIGHUP, terminate);
    signal(SIGINT, terminate);
    signal(SIGTERM, terminate);
    signal(SIGPIPE, SIG_IGN);
    atexit(terminated);

    setup(argc, argv);

#ifdef ANDROID_CHANGES
    shutdown(control, SHUT_WR);
    setuid(AID_VPN);
#endif

    while (1) {
        struct timeval *tv = schedular();
        int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000 + 1;

        if (poll(pollfds, monitors, timeout) > 0) {
            int i;
            for (i = 0; i < monitors; ++i) {
                if (pollfds[i].revents & POLLHUP) {
                    do_plog(LLV_ERROR, "Connection is closed\n", pollfds[i].fd);
                    exit(1);
                }
                if (pollfds[i].revents & POLLIN) {
                    callbacks[i](pollfds[i].fd);
                }
            }
        }
    }
#ifdef ANDROID_CHANGES
    if (e) {
        ENGINE_finish(e);
        ENGINE_free(e);
    }
#endif
    return 0;
}
Exemplo n.º 9
0
void ENGINE_load_builtin_engines(void)
{
    /* Some ENGINEs need this */
    OPENSSL_cpuid_setup();
#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
    ENGINE_load_cryptodev();
#endif
#ifndef OPENSSL_NO_RDRAND
    ENGINE_load_rdrand();
#endif
    ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
# ifndef OPENSSL_NO_HW
#  ifndef OPENSSL_NO_HW_4758_CCA
    ENGINE_load_4758cca();
#  endif
/*-
 * These engines have been disabled as they do not currently build
#ifndef OPENSSL_NO_HW_AEP
        ENGINE_load_aep();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
        ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_CSWIFT
        ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
        ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_NURON
        ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_SUREWARE
        ENGINE_load_sureware();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
        ENGINE_load_ubsec();
#endif
*/
#  ifndef OPENSSL_NO_HW_PADLOCK
    ENGINE_load_padlock();
#  endif
# endif
# ifndef OPENSSL_NO_GOST
    ENGINE_load_gost();
# endif
# ifndef OPENSSL_NO_GMP
    ENGINE_load_gmp();
# endif
# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
    ENGINE_load_capi();
# endif
#endif
    ENGINE_register_all_complete();
}
Exemplo n.º 10
0
Arquivo: engine.c Projeto: bjorng/otp
ERL_NIF_TERM engine_load_dynamic_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* () */
#ifdef HAS_ENGINE_SUPPORT
    ASSERT(argc == 0);

    ENGINE_load_dynamic();
    return atom_ok;
#else
    return atom_notsup;
#endif
}
Exemplo n.º 11
0
void ENGINE_load_builtin_engines(void)
	{
	/* There's no longer any need for an "openssl" ENGINE unless, one day,
	 * it is the *only* way for standard builtin implementations to be be
	 * accessed (ie. it would be possible to statically link binaries with
	 * *no* builtin implementations). */
#if 0
	ENGINE_load_openssl();
#endif
#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
	ENGINE_load_padlock();
#endif
	ENGINE_load_dynamic();
#ifndef OPENSSL_NO_STATIC_ENGINE
#ifndef OPENSSL_NO_HW
#ifndef OPENSSL_NO_HW_4758_CCA
	ENGINE_load_4758cca();
#endif
#ifndef OPENSSL_NO_HW_AEP
	ENGINE_load_aep();
#endif
#ifndef OPENSSL_NO_HW_ATALLA
	ENGINE_load_atalla();
#endif
#ifndef OPENSSL_NO_HW_CSWIFT
	ENGINE_load_cswift();
#endif
#ifndef OPENSSL_NO_HW_NCIPHER
	ENGINE_load_chil();
#endif
#ifndef OPENSSL_NO_HW_NURON
	ENGINE_load_nuron();
#endif
#ifndef OPENSSL_NO_HW_SUREWARE
	ENGINE_load_sureware();
#endif
#ifndef OPENSSL_NO_HW_UBSEC
	ENGINE_load_ubsec();
#endif
#endif
#if !defined(OPENSSL_NO_GMP) && !defined(OPENSSL_NO_HW_GMP)
	ENGINE_load_gmp();
#endif
#endif
#ifndef OPENSSL_NO_HW
#if defined(__OpenBSD__) || defined(__FreeBSD__)
	ENGINE_load_cryptodev();
#endif
#endif
	}
Exemplo n.º 12
0
int
sldns_key_EVP_load_gost_id(void)
{
	static int gost_id = 0;
	const EVP_PKEY_ASN1_METHOD* meth;
	ENGINE* e;

	if(gost_id) return gost_id;

	/* see if configuration loaded gost implementation from other engine*/
	meth = EVP_PKEY_asn1_find_str(NULL, "gost2001", -1);
	if(meth) {
		EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
		return gost_id;
	}

	/* see if engine can be loaded already */
	e = ENGINE_by_id("gost");
	if(!e) {
		/* load it ourself, in case statically linked */
		ENGINE_load_builtin_engines();
		ENGINE_load_dynamic();
		e = ENGINE_by_id("gost");
	}
	if(!e) {
		/* no gost engine in openssl */
		return 0;
	}
	if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
		ENGINE_finish(e);
		ENGINE_free(e);
		return 0;
	}

	meth = EVP_PKEY_asn1_find_str(&e, "gost2001", -1);
	if(!meth) {
		/* algo not found */
		ENGINE_finish(e);
		ENGINE_free(e);
		return 0;
	}
        /* Note: do not ENGINE_finish and ENGINE_free the acquired engine
         * on some platforms this frees up the meth and unloads gost stuff */
        sldns_gost_engine = e;
	
	EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
	return gost_id;
} 
Exemplo n.º 13
0
ENGINE *load_engine(const char *so_path, const char *id) {
    ENGINE_load_dynamic();
    ENGINE *de = ENGINE_by_id("dynamic");
    if(de == 0) {
        printf("Unable to load dynamic engine\n");
        return 0;
    }

    if(!ENGINE_ctrl_cmd_string(de, "SO_PATH", so_path, 0)) {
        printf("Unable to load desired engine\n");
        return 0;
    }
    ENGINE_ctrl_cmd_string(de, "LIST_ADD", "2", 0);
    ENGINE_ctrl_cmd_string(de, "LOAD", NULL, 0);
    ENGINE_free(de);
    return ENGINE_by_id(id);
}
Exemplo n.º 14
0
/*
 * 'name' is the name the engine is known by to the dst library.
 * This may or may not match the name the engine is known by to
 * openssl.  It is the name that is stored in the private key file.
 *
 * 'engine_id' is the openssl engine name.
 *
 * pre_cmds and post_cmds a sequence if command argument pairs
 * pre_num and post_num are a count of those pairs.
 *
 * "SO_PATH", PKCS11_SO_PATH ("/usr/local/lib/engines/engine_pkcs11.so")
 * "LOAD", NULL
 * "MODULE_PATH", PKCS11_MODULE_PATH ("/usr/lib/libpkcs11.so")
 */
static isc_result_t
dst__openssl_load_engine(const char *name, const char *engine_id,
			 const char **pre_cmds, int pre_num,
			 const char **post_cmds, int post_num)
{
	ENGINE *e;

	UNUSED(name);

	if (!strcasecmp(engine_id, "dynamic"))
		ENGINE_load_dynamic();
	e = ENGINE_by_id(engine_id);
	if (e == NULL)
		return (ISC_R_NOTFOUND);
	while (pre_num--) {
		if (!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
			ENGINE_free(e);
			return (ISC_R_FAILURE);
		}
		pre_cmds += 2;
	}
	if (!ENGINE_init(e)) {
		ENGINE_free(e);
		return (ISC_R_FAILURE);
	}
	/*
	 * ENGINE_init() returned a functional reference, so free the
	 * structural reference from ENGINE_by_id().
	 */
	ENGINE_free(e);
	while (post_num--) {
		if (!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
			ENGINE_free(e);
			return (ISC_R_FAILURE);
		}
		post_cmds += 2;
	}
	if (he != NULL)
		ENGINE_finish(he);
	he = e;
	return (ISC_R_SUCCESS);
}
Exemplo n.º 15
0
LUA_API int luaopen_openssl(lua_State*L)
{
    char * config_filename;
#ifdef ENABLE_CRYPTO_THREAD 
	CRYPTO_thread_setup();
	CRYPTO_lock(CRYPTO_LOCK,CRYPTO_LOCK_ERR,__FILE__,__LINE__);
#endif
    if(g_init==0)
    {
        g_init =  1;
		

        OpenSSL_add_all_ciphers();
        OpenSSL_add_all_digests();
		SSL_library_init();

        ERR_load_ERR_strings();
        ERR_load_crypto_strings();
        ERR_load_EVP_strings();
		ERR_load_SSL_strings();

		ENGINE_load_dynamic();
		ENGINE_load_openssl();
    }
#ifdef ENABLE_CRYPTO_THREAD 
	CRYPTO_lock(CRYPTO_UNLOCK,CRYPTO_LOCK_ERR,__FILE__,__LINE__);
#endif
    /* Determine default SSL configuration file */
    config_filename = getenv("OPENSSL_CONF");
    if (config_filename == NULL) {
        config_filename = getenv("SSLEAY_CONF");
    }

    /* default to 'openssl.cnf' if no environment variable is set */
    if (config_filename == NULL) {
        snprintf(default_ssl_conf_filename, sizeof(default_ssl_conf_filename), "%s/%s",
                 X509_get_default_cert_area(),
                 "openssl.cnf");
    } else {
        strncpy(default_ssl_conf_filename, config_filename, sizeof(default_ssl_conf_filename));
    }

    openssl_register_pkey(L);
    openssl_register_x509(L);
    openssl_register_csr(L);
    openssl_register_digest(L);
    openssl_register_cipher(L);
    openssl_register_sk_x509(L);
    openssl_register_bio(L);
    openssl_register_crl(L);
#ifdef OPENSSL_HAVE_TS
    openssl_register_ts(L);
#endif
    openssl_register_conf(L);
    openssl_register_pkcs7(L);
    openssl_register_misc(L);
	openssl_register_engine(L);
	openssl_register_ssl(L);
	openssl_register_ocsp(L);

#if LUA_VERSION_NUM==501
    luaL_register(L,"openssl",eay_functions);
#elif LUA_VERSION_NUM==502
    lua_newtable(L);
    luaL_setfuncs(L, eay_functions, 0);
#endif
	setNamedIntegers(L, consts);

	/* third part */
	luaopen_bn(L);
	lua_setfield(L, -2, "bn");

    return 1;
}
Exemplo n.º 16
0
void Engines::loadDynamicEngineSupport()
{
	ENGINE_load_dynamic();
}
Exemplo n.º 17
0
LUALIB_API int luaopen_openssl(lua_State*L)
{
  //CRYPTO_thread_setup();

  OpenSSL_add_all_ciphers();
  OpenSSL_add_all_digests();
  SSL_library_init();

  ERR_load_ERR_strings();
  ERR_load_EVP_strings();
  ERR_load_crypto_strings();

  ENGINE_load_dynamic();
  ENGINE_load_openssl();
#ifdef LOAD_ENGINE_CUSTOM
  LOAD_ENGINE_CUSTOM();
#endif
#ifdef OPENSSL_SYS_WINDOWS
  RAND_screen();
#endif

  lua_newtable(L);
  luaL_setfuncs(L, eay_functions, 0);

  openssl_register_lhash(L);
  openssl_register_engine(L);

  luaopen_bio(L);
  lua_setfield(L, -2, "bio");

  luaopen_asn1(L);
  lua_setfield(L, -2, "asn1");


  luaopen_digest(L);
  lua_setfield(L, -2, "digest");

  luaopen_cipher(L);
  lua_setfield(L, -2, "cipher");

  luaopen_hmac(L);
  lua_setfield(L, -2, "hmac");

  luaopen_pkey(L);
  lua_setfield(L, -2, "pkey");

#ifdef EVP_PKEY_EC
  luaopen_ec(L);
  lua_setfield(L, -2, "ec");
#endif

  luaopen_x509(L);
  lua_setfield(L, -2, "x509");

  luaopen_pkcs7(L);
  lua_setfield(L, -2, "pkcs7");

  luaopen_pkcs12(L);
  lua_setfield(L, -2, "pkcs12");

  luaopen_ocsp(L);
  lua_setfield(L, -2, "ocsp");

#ifdef OPENSSL_HAVE_TS
  /* timestamp handling */
  luaopen_ts(L);
  lua_setfield(L, -2, "ts");
#endif

  luaopen_cms(L);
  lua_setfield(L, -2, "cms");

  luaopen_ssl(L);
  lua_setfield(L, -2, "ssl");

  /* third part */
  luaopen_bn(L);
  lua_setfield(L, -2, "bn");

  luaopen_rsa(L);
  luaopen_dsa(L);
  luaopen_dh(L);

#ifdef ENABLE_OPENSSL_GLOBAL
  lua_pushvalue(L, -1);
  lua_setglobal(L, "openssl");
#endif

  return 1;
}
Exemplo n.º 18
0
ENGINE *scep_engine_init(ENGINE *e) {
	

		ENGINE_load_builtin_engines();
		ENGINE_load_dynamic();
		//if its not dynamic, try to load it directly. If OpenSSL has it already we are good to go!
		if(strcmp(g_char, "dynamic") != 0)
		{
			e = ENGINE_by_id(g_char);
			if ((e==NULL) && v_flag){
				printf("%s: Engine %s could not be loaded. Trying to load dynamically...\n", pname, g_char);
			}
		}

		if(e == NULL)
		{
			ERR_clear_error();
			e = scep_engine_load_dynamic(e);
		}

		if(scep_conf->engine->module_path) {
			if(ENGINE_ctrl_cmd_string(e, "MODULE_PATH", scep_conf->engine->module_path, 0) == 0) {
				fprintf(stderr, "%s: Adding MODULE PATH %s was not successful!\n", pname, scep_conf->engine->module_path);
				sscep_engine_report_error();
				exit (SCEP_PKISTATUS_ERROR);
			}
		}

		//define this engine as a default for all our crypto operations. This way OpenSSL automatically chooses the right functions
		if(ENGINE_set_default(e, ENGINE_METHOD_ALL) == 0) {
				fprintf(stderr, "%s: Error loading on setting defaults\n", pname);
				sscep_engine_report_error();
				exit (SCEP_PKISTATUS_ERROR);
		} else if(v_flag)
			printf("%s: Engine %s made default for all operations\n", pname, g_char);

		//we need a functional reference and as such need to initialize
		if(ENGINE_init(e) == 0) {
			fprintf(stderr, "%s: Engine Init did not work\n", pname);
			sscep_engine_report_error();
			exit (SCEP_PKISTATUS_ERROR);
		} else if(v_flag)
			printf("%s: Engine %s initialized\n", pname, g_char);


		//TODO: remove capi specific part!
		if(v_flag && strncmp(scep_conf->engine->engine_id, "capi", 4) == 0) {
			// set debug level
			if(!ENGINE_ctrl(e, (ENGINE_CMD_BASE + 2), 2, NULL, NULL)) {
				fprintf(stderr, "%s: Could not set debug level to %i\n", pname, 2);
				sscep_engine_report_error();
				exit (SCEP_PKISTATUS_ERROR);
			}
			// set debug file (log)
			if(!ENGINE_ctrl(e, (ENGINE_CMD_BASE + 3), 0, "capi.log", NULL)) {
				fprintf(stderr, "%s: Could not set debug file to %s\n", pname, "capi.log");
				sscep_engine_report_error();
				exit (SCEP_PKISTATUS_ERROR);
			}
		}

		//TODO: remove JKSEngine specific part!
		if(strncmp(scep_conf->engine->engine_id, "jksengine", 9) == 0) {
			if(scep_conf->engine->storepass) {
				if(!ENGINE_ctrl(e, 2, 0, scep_conf->engine->storepass, NULL)) {
					fprintf(stderr, "%s: Could not set %s\n", pname, SCEP_CONFIGURATION_ENGINE_JKSENGINE_KEYSTOREPASS);
					sscep_engine_report_error();
					exit (SCEP_PKISTATUS_ERROR);
				}
			}

			if(scep_conf->engine->jconnpath) {
				if(!ENGINE_ctrl(e, 3, 0, scep_conf->engine->jconnpath, 0)) {
					fprintf(stderr, "%s: Could not set %s\n", pname, SCEP_CONFIGURATION_ENGINE_JKSENGINE_JCONNPATH);
					sscep_engine_report_error();
					exit (SCEP_PKISTATUS_ERROR);
				}
			}

			if(scep_conf->engine->provider) {
				if(!ENGINE_ctrl(e, 4, 0, scep_conf->engine->provider, 0)) {
					fprintf(stderr, "%s: Could not set %s\n", pname, SCEP_CONFIGURATION_ENGINE_JKSENGINE_PROVIDER);
					sscep_engine_report_error();
					exit (SCEP_PKISTATUS_ERROR);
				}
			}

			if(scep_conf->engine->javapath) {
				if(!ENGINE_ctrl(e, 5, 0, scep_conf->engine->javapath, 0)) {
					fprintf(stderr, "%s: Could not set %s\n", pname, SCEP_CONFIGURATION_ENGINE_JKSENGINE_JAVAPATH);
					sscep_engine_report_error();
					exit (SCEP_PKISTATUS_ERROR);
				}
			}
		}

		//TODO: remove pkcs11 specific part!
		if(strncmp(scep_conf->engine->engine_id, "pkcs11", 6) == 0) {
			if(scep_conf->engine->pin) {
				if(!ENGINE_ctrl(e, (ENGINE_CMD_BASE + 2), 0, scep_conf->engine->pin, NULL)) {
					fprintf(stderr, "%s: Could not define PIN\n", pname);
					sscep_engine_report_error();
					exit (SCEP_PKISTATUS_ERROR);
				}
			}
		}


		return e;
}
Exemplo n.º 19
0
LUALIB_API int luaopen_openssl(lua_State*L)
{
  if (atomic_fetch_add(&init, 1) == 0)
  {
#if defined(OPENSSL_THREADS)
    CRYPTO_thread_setup();
#endif

    OpenSSL_add_all_ciphers();
    OpenSSL_add_all_digests();
    SSL_library_init();

    ERR_load_ERR_strings();
    ERR_load_EVP_strings();
    ERR_load_crypto_strings();
    ERR_load_SSL_strings();

    ENGINE_load_dynamic();
    ENGINE_load_openssl();
#ifdef LOAD_ENGINE_CUSTOM
    LOAD_ENGINE_CUSTOM
#endif
#ifdef OPENSSL_SYS_WINDOWS
#if OPENSSL_VERSION_NUMBER < 0x10100000L
    RAND_screen();
#endif
#endif
  }

  lua_newtable(L);

  lua_newtable(L);
  lua_pushcfunction(L, luaclose_openssl);
  lua_setfield(L, -2, "__gc");
  lua_setmetatable(L, -2);

  luaL_setfuncs(L, eay_functions, 0);

  openssl_register_lhash(L);
  openssl_register_engine(L);

  luaopen_bio(L);
  lua_setfield(L, -2, "bio");

  luaopen_asn1(L);
  lua_setfield(L, -2, "asn1");


  luaopen_digest(L);
  lua_setfield(L, -2, "digest");

  luaopen_cipher(L);
  lua_setfield(L, -2, "cipher");

  luaopen_hmac(L);
  lua_setfield(L, -2, "hmac");

  luaopen_pkey(L);
  lua_setfield(L, -2, "pkey");

#ifdef EVP_PKEY_EC
  luaopen_ec(L);
  lua_setfield(L, -2, "ec");
#endif

  luaopen_x509(L);
  lua_setfield(L, -2, "x509");

  luaopen_pkcs7(L);
  lua_setfield(L, -2, "pkcs7");

  luaopen_pkcs12(L);
  lua_setfield(L, -2, "pkcs12");

  luaopen_ocsp(L);
  lua_setfield(L, -2, "ocsp");

#ifdef OPENSSL_HAVE_TS
  /* timestamp handling */
  luaopen_ts(L);
  lua_setfield(L, -2, "ts");
#endif

  luaopen_cms(L);
  lua_setfield(L, -2, "cms");

  luaopen_ssl(L);
  lua_setfield(L, -2, "ssl");

  /* third part */
  luaopen_bn(L);
  lua_setfield(L, -2, "bn");

  luaopen_rsa(L);
  lua_setfield(L, -2, "rsa");
  luaopen_dsa(L);
  lua_setfield(L, -2, "dsa");
  luaopen_dh(L);
  lua_setfield(L, -2, "dh");

#ifndef OPENSSL_NO_SRP
  luaopen_srp(L);
  lua_setfield(L, -2, "srp");
#endif

#ifdef ENABLE_OPENSSL_GLOBAL
  lua_pushvalue(L, -1);
  lua_setglobal(L, "openssl");
#endif

  return 1;
}