void ENGINE_register_all_pkey_asn1_meths(void)
{
ENGINE *e;
for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
ENGINE_register_pkey_asn1_meths(e);
}
isc_result_t
dst__opensslgost_init(dst_func_t **funcp) {
REQUIRE(funcp != NULL);
/* check if the gost engine works properly */
e = ENGINE_by_id("gost");
if (e == NULL)
return (DST_R_OPENSSLFAILURE);
if (ENGINE_init(e) <= 0) {
ENGINE_free(e);
e = NULL;
return (DST_R_OPENSSLFAILURE);
}
/* better than to rely on digest_gost symbol */
opensslgost_digest = ENGINE_get_digest(e, NID_id_GostR3411_94);
/* from openssl.cnf */
if ((opensslgost_digest == NULL) ||
(ENGINE_register_pkey_asn1_meths(e) <= 0) ||
(ENGINE_ctrl_cmd_string(e,
"CRYPT_PARAMS",
"id-Gost28147-89-CryptoPro-A-ParamSet",
0) <= 0)) {
ENGINE_finish(e);
ENGINE_free(e);
e = NULL;
return (DST_R_OPENSSLFAILURE);
}
if (*funcp == NULL)
*funcp = &opensslgost_functions;
return (ISC_R_SUCCESS);
}
static int bind_helper(ENGINE * e) {
if (!ENGINE_set_id(e, TEST_ENGINE_ID)
|| !ENGINE_set_name(e, TEST_ENGINE_NAME)
|| !ENGINE_set_ctrl_function(e, test_engine_ctrl)
|| !ENGINE_set_cmd_defns(e, te_cmd_defns)
|| !ENGINE_set_digests(e, te_digests)
|| !ENGINE_set_pkey_meths(e, te_pkey_meths)
|| !ENGINE_set_pkey_asn1_meths(e, te_pkey_asn1_meths) ) {
printf("Engine init failed\n");
return 0;
}
if (!register_ameth_gost(NID_hmac_sha1, &ameth_HMAC_SHA1, "hmac-sha1", "HMAC-SHA1 MAC")
|| !register_pmeth_gost(NID_hmac_sha1, &pmeth_HMAC_SHA1, 0)) {
printf("Internal init failed\n");
return 0;
}
if(!ENGINE_register_digests(e)
|| !ENGINE_register_pkey_meths(e)
|| !ENGINE_register_pkey_asn1_meths(e)
|| !EVP_add_digest(&digest_hmac_sha1)) {
printf("Digest registration failed\n");
return 0;
}
return 1;
}
ENGINE *ENGINE_CTGOST_init(){
LOGGER_FN();
ENGINE *e = ENGINE_CTGOST_get_ptr();
ENGINE_register_pkey_meths(e);
ENGINE_register_pkey_asn1_meths(e);
return e;
}
ERL_NIF_TERM engine_register_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (Engine, EngineMethod) */
#ifdef HAS_ENGINE_SUPPORT
struct engine_ctx *ctx;
unsigned int method;
// Get Engine
ASSERT(argc == 2);
if (!enif_get_resource(env, argv[0], engine_ctx_rtype, (void**)&ctx))
goto bad_arg;
if (!enif_get_uint(env, argv[1], &method))
goto bad_arg;
switch(method)
{
#ifdef ENGINE_METHOD_RSA
case ENGINE_METHOD_RSA:
if (!ENGINE_register_RSA(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_DSA
case ENGINE_METHOD_DSA:
if (!ENGINE_register_DSA(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_DH
case ENGINE_METHOD_DH:
if (!ENGINE_register_DH(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_RAND
case ENGINE_METHOD_RAND:
if (!ENGINE_register_RAND(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_ECDH
case ENGINE_METHOD_ECDH:
if (!ENGINE_register_ECDH(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_ECDSA
case ENGINE_METHOD_ECDSA:
if (!ENGINE_register_ECDSA(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_STORE
case ENGINE_METHOD_STORE:
if (!ENGINE_register_STORE(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_CIPHERS
case ENGINE_METHOD_CIPHERS:
if (!ENGINE_register_ciphers(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_DIGESTS
case ENGINE_METHOD_DIGESTS:
if (!ENGINE_register_digests(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_PKEY_METHS
case ENGINE_METHOD_PKEY_METHS:
if (!ENGINE_register_pkey_meths(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_PKEY_ASN1_METHS
case ENGINE_METHOD_PKEY_ASN1_METHS:
if (!ENGINE_register_pkey_asn1_meths(ctx->engine))
goto failed;
break;
#endif
#ifdef ENGINE_METHOD_EC
case ENGINE_METHOD_EC:
if (!ENGINE_register_EC(ctx->engine))
goto failed;
break;
#endif
default:
return ERROR_Atom(env, "engine_method_not_supported");
}
return atom_ok;
bad_arg:
return enif_make_badarg(env);
failed:
return ERROR_Atom(env, "register_engine_failed");
#else
return atom_notsup;
#endif
}
// Constructor
OSSLCryptoFactory::OSSLCryptoFactory()
{
// Multi-thread support
nlocks = CRYPTO_num_locks();
locks = new Mutex*[nlocks];
for (unsigned i = 0; i < nlocks; i++)
{
locks[i] = MutexFactory::i()->getMutex();
}
#ifdef HAVE_PTHREAD_H
CRYPTO_set_id_callback(id_callback);
#endif
CRYPTO_set_locking_callback(lock_callback);
#ifdef WITH_FIPS
// Already in FIPS mode on reenter (avoiding selftests)
if (!FIPS_mode())
{
FipsSelfTestStatus = false;
if (!FIPS_mode_set(1))
{
ERROR_MSG("can't enter into FIPS mode");
return;
}
} else {
// Undo RAND_cleanup()
RAND_init_fips();
}
FipsSelfTestStatus = true;
#endif
// Initialise OpenSSL
OpenSSL_add_all_algorithms();
// Initialise the one-and-only RNG
rng = new OSSLRNG();
#ifdef WITH_GOST
// Load engines
ENGINE_load_builtin_engines();
// Initialise the GOST engine
eg = ENGINE_by_id("gost");
if (eg == NULL)
{
ERROR_MSG("can't get the GOST engine");
return;
}
if (ENGINE_init(eg) <= 0)
{
ENGINE_free(eg);
eg = NULL;
ERROR_MSG("can't initialize the GOST engine");
return;
}
// better than digest_gost
EVP_GOST_34_11 = ENGINE_get_digest(eg, NID_id_GostR3411_94);
if (EVP_GOST_34_11 == NULL)
{
ERROR_MSG("can't get the GOST digest");
goto err;
}
// from the openssl.cnf
if (ENGINE_register_pkey_asn1_meths(eg) <= 0)
{
ERROR_MSG("can't register ASN.1 for the GOST engine");
goto err;
}
if (ENGINE_ctrl_cmd_string(eg,
"CRYPT_PARAMS",
"id-Gost28147-89-CryptoPro-A-ParamSet",
0) <= 0)
{
ERROR_MSG("can't set params of the GOST engine");
goto err;
}
return;
err:
ENGINE_finish(eg);
ENGINE_free(eg);
eg = NULL;
return;
#endif
}
