-# $OpenBSD: Makefile,v 1.145 2023/07/28 09:46:36 tb Exp $
+# $OpenBSD: Makefile,v 1.146 2023/07/28 09:53:55 tb Exp $
LIB= crypto
LIBREBUILD=y
CFLAGS+= -DHAVE_FUNOPEN
.endif
-# Hardware engines
-CFLAGS+= -DOPENSSL_NO_HW_PADLOCK # XXX enable this?
-
CFLAGS+= -I${LCRYPTO_SRC}
CFLAGS+= -I${LCRYPTO_SRC}/arch/${MACHINE_CPU}
CFLAGS+= -I${LCRYPTO_SRC}/asn1
# engine/
SRCS+= engine_stubs.c
-SRCS+= eng_all.c
-SRCS+= eng_cnf.c
-SRCS+= eng_ctrl.c
-SRCS+= eng_dyn.c
-SRCS+= eng_err.c
-SRCS+= eng_fat.c
-SRCS+= eng_init.c
-SRCS+= eng_lib.c
-SRCS+= eng_list.c
-SRCS+= eng_openssl.c
-SRCS+= eng_pkey.c
-SRCS+= eng_table.c
-SRCS+= tb_asnmth.c
-SRCS+= tb_cipher.c
-SRCS+= tb_dh.c
-SRCS+= tb_digest.c
-SRCS+= tb_dsa.c
-SRCS+= tb_eckey.c
-SRCS+= tb_pkmeth.c
-SRCS+= tb_rand.c
-SRCS+= tb_rsa.c
-SRCS+= tb_store.c
# err/
SRCS+= err.c
EDIPARTYNAME_free
EDIPARTYNAME_it
EDIPARTYNAME_new
-ENGINE_add
-ENGINE_add_conf_module
ENGINE_by_id
ENGINE_cleanup
-ENGINE_cmd_is_executable
-ENGINE_ctrl
ENGINE_ctrl_cmd
ENGINE_ctrl_cmd_string
ENGINE_finish
ENGINE_free
-ENGINE_get_DH
-ENGINE_get_DSA
-ENGINE_get_EC
-ENGINE_get_RAND
-ENGINE_get_RSA
-ENGINE_get_STORE
-ENGINE_get_cipher
-ENGINE_get_cipher_engine
-ENGINE_get_ciphers
-ENGINE_get_cmd_defns
-ENGINE_get_ctrl_function
-ENGINE_get_default_DH
-ENGINE_get_default_DSA
-ENGINE_get_default_EC
-ENGINE_get_default_RAND
ENGINE_get_default_RSA
-ENGINE_get_destroy_function
-ENGINE_get_digest
-ENGINE_get_digest_engine
-ENGINE_get_digests
-ENGINE_get_ex_data
-ENGINE_get_ex_new_index
-ENGINE_get_finish_function
-ENGINE_get_first
-ENGINE_get_flags
ENGINE_get_id
-ENGINE_get_init_function
-ENGINE_get_last
-ENGINE_get_load_privkey_function
-ENGINE_get_load_pubkey_function
ENGINE_get_name
-ENGINE_get_next
-ENGINE_get_pkey_asn1_meth
-ENGINE_get_pkey_asn1_meth_engine
-ENGINE_get_pkey_asn1_meth_str
-ENGINE_get_pkey_asn1_meths
-ENGINE_get_pkey_meth
-ENGINE_get_pkey_meth_engine
-ENGINE_get_pkey_meths
-ENGINE_get_prev
-ENGINE_get_ssl_client_cert_function
-ENGINE_get_static_state
-ENGINE_get_table_flags
ENGINE_init
ENGINE_load_builtin_engines
ENGINE_load_dynamic
ENGINE_load_openssl
ENGINE_load_private_key
ENGINE_load_public_key
-ENGINE_load_ssl_client_cert
ENGINE_new
-ENGINE_pkey_asn1_find_str
-ENGINE_register_DH
-ENGINE_register_DSA
-ENGINE_register_EC
-ENGINE_register_RAND
-ENGINE_register_RSA
-ENGINE_register_STORE
-ENGINE_register_all_DH
-ENGINE_register_all_DSA
-ENGINE_register_all_EC
-ENGINE_register_all_RAND
-ENGINE_register_all_RSA
-ENGINE_register_all_STORE
-ENGINE_register_all_ciphers
ENGINE_register_all_complete
-ENGINE_register_all_digests
-ENGINE_register_all_pkey_asn1_meths
-ENGINE_register_all_pkey_meths
-ENGINE_register_ciphers
-ENGINE_register_complete
-ENGINE_register_digests
-ENGINE_register_pkey_asn1_meths
-ENGINE_register_pkey_meths
-ENGINE_remove
-ENGINE_set_DH
-ENGINE_set_DSA
-ENGINE_set_EC
-ENGINE_set_RAND
-ENGINE_set_RSA
-ENGINE_set_STORE
-ENGINE_set_ciphers
-ENGINE_set_cmd_defns
-ENGINE_set_ctrl_function
ENGINE_set_default
-ENGINE_set_default_DH
-ENGINE_set_default_DSA
-ENGINE_set_default_EC
-ENGINE_set_default_RAND
ENGINE_set_default_RSA
-ENGINE_set_default_ciphers
-ENGINE_set_default_digests
-ENGINE_set_default_pkey_asn1_meths
-ENGINE_set_default_pkey_meths
-ENGINE_set_default_string
-ENGINE_set_destroy_function
-ENGINE_set_digests
-ENGINE_set_ex_data
-ENGINE_set_finish_function
-ENGINE_set_flags
-ENGINE_set_id
-ENGINE_set_init_function
-ENGINE_set_load_privkey_function
-ENGINE_set_load_pubkey_function
-ENGINE_set_load_ssl_client_cert_function
-ENGINE_set_name
-ENGINE_set_pkey_asn1_meths
-ENGINE_set_pkey_meths
-ENGINE_set_table_flags
-ENGINE_unregister_DH
-ENGINE_unregister_DSA
-ENGINE_unregister_EC
-ENGINE_unregister_RAND
-ENGINE_unregister_RSA
-ENGINE_unregister_STORE
-ENGINE_unregister_ciphers
-ENGINE_unregister_digests
-ENGINE_unregister_pkey_asn1_meths
-ENGINE_unregister_pkey_meths
-ENGINE_up_ref
ERR_add_error_data
ERR_add_error_vdata
ERR_asprintf_error_data
ERR_load_DH_strings
ERR_load_DSA_strings
ERR_load_EC_strings
-ERR_load_ENGINE_strings
ERR_load_ERR_strings
ERR_load_EVP_strings
ERR_load_GOST_strings
RAND_poll
RAND_pseudo_bytes
RAND_seed
-RAND_set_rand_engine
RAND_set_rand_method
RAND_status
RAND_write_file
TS_CONF_set_accuracy
TS_CONF_set_certs
TS_CONF_set_clock_precision_digits
-TS_CONF_set_crypto_device
TS_CONF_set_def_policy
-TS_CONF_set_default_engine
TS_CONF_set_digests
TS_CONF_set_ess_cert_id_chain
TS_CONF_set_ordering
_libre_ERR_set_implementation
_libre_RAND_set_rand_method
_libre_RAND_get_rand_method
-_libre_RAND_set_rand_engine
_libre_RAND_SSLeay
_libre_ERR_load_RAND_strings
_libre_ECDSA_SIG_new
_libre_TS_CONF_load_key
_libre_TS_CONF_get_tsa_section
_libre_TS_CONF_set_serial
-_libre_TS_CONF_set_crypto_device
-_libre_TS_CONF_set_default_engine
_libre_TS_CONF_set_signer_cert
_libre_TS_CONF_set_certs
_libre_TS_CONF_set_signer_key
+++ /dev/null
-Notes: 2001-09-24
------------------
-
-This "description" (if one chooses to call it that) needed some major updating
-so here goes. This update addresses a change being made at the same time to
-OpenSSL, and it pretty much completely restructures the underlying mechanics of
-the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
-for masochists" document *and* a rather extensive commit log message. (I'd get
-lynched for sticking all this in CHANGES or the commit mails :-).
-
-ENGINE_TABLE underlies this restructuring, as described in the internal header
-"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
-tb_rsa.c, tb_dsa.c, etc.
-
-However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
-I'll mention a bit about that first. EVP_CIPHER (and most of this applies
-equally to EVP_MD for digests) is both a "method" and a algorithm/mode
-identifier that, in the current API, "lingers". These cipher description +
-implementation structures can be defined or obtained directly by applications,
-or can be loaded "en masse" into EVP storage so that they can be catalogued and
-searched in various ways, ie. two ways of encrypting with the "des_cbc"
-algorithm/mode pair are;
-
-(i) directly;
- const EVP_CIPHER *cipher = EVP_des_cbc();
- EVP_EncryptInit(&ctx, cipher, key, iv);
- [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
-
-(ii) indirectly;
- OpenSSL_add_all_ciphers();
- cipher = EVP_get_cipherbyname("des_cbc");
- EVP_EncryptInit(&ctx, cipher, key, iv);
- [ ... etc ... ]
-
-The latter is more generally used because it also allows ciphers/digests to be
-looked up based on other identifiers which can be useful for automatic cipher
-selection, eg. in SSL/TLS, or by user-controllable configuration.
-
-The important point about this is that EVP_CIPHER definitions and structures are
-passed around with impunity and there is no safe way, without requiring massive
-rewrites of many applications, to assume that EVP_CIPHERs can be reference
-counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
-comes from can "safely" be destroyed. Unless of course the way of getting to
-such ciphers is via entirely distinct API calls that didn't exist before.
-However existing API usage cannot be made to understand when an EVP_CIPHER
-pointer, that has been passed to the caller, is no longer being used.
-
-The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
-into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
-ciphers simultaneously registers cipher *types* and cipher *implementations* -
-they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
-hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
-solution is necessarily that ENGINE-provided ciphers simply are not registered,
-stored, or exposed to the caller in the same manner as existing ciphers. This is
-especially necessary considering the fact ENGINE uses reference counts to allow
-for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
-callers in the current API, support no such controls.
-
-Another sticking point for integrating cipher support into ENGINE is linkage.
-Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
-they are available *because* they're part of a giant ENGINE called "openssl".
-Ie. all implementations *have* to come from an ENGINE, but we get round that by
-having a giant ENGINE with all the software support encapsulated. This creates
-linker hassles if nothing else - linking a 1-line application that calls 2 basic
-RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
-ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
-continue with this approach for EVP_CIPHER support (even if it *was* possible)
-we would lose our ability to link selectively by selectively loading certain
-implementations of certain functionality. Touching any part of any kind of
-crypto would result in massive static linkage of everything else. So the
-solution is to change the way ENGINE feeds existing "classes", ie. how the
-hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
-for EVP_CIPHER, and EVP_MD.
-
-The way this is now being done is by mostly reverting back to how things used to
-work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
-was previously replaced by an "ENGINE" pointer and all RSA code that required
-the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
-temporarily get and use the ENGINE's RSA implementation. Apart from being more
-efficient, switching back to each RSA having an RSA_METHOD pointer also allows
-us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
-for a fallback ENGINE that encapsulates default implementations - we can simply
-have our RSA structure pointing its RSA_METHOD pointer to the software
-implementation and have its ENGINE pointer set to NULL.
-
-A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
-turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
-and the existing EVP API functions that return "software" implementations and
-descriptions remain untouched. However, the storage takes more meaning in terms
-of "cipher description" and less meaning in terms of "implementation". When an
-EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
-begin en/decryption, the hooking to ENGINE comes into play. What happens is that
-cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
-reference) for any ENGINE that is registered to perform the algo/mode that the
-provided EVP_CIPHER structure represents. Under normal circumstances, that
-ENGINE code will return NULL because no ENGINEs will have had any cipher
-implementations *registered*. As such, a NULL ENGINE pointer is stored in the
-EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
-context and so is used as the implementation. Pretty much how things work now
-except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
-
-Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
-combination represented by the provided EVP_CIPHER, then a functional reference
-to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
-That functional reference will be stored in the context (and released on
-cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
-definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
-application will actually be replaced by an EVP_CIPHER from the registered
-ENGINE - it will support the same algorithm/mode as the original but will be a
-completely different implementation. Because this EVP_CIPHER isn't stored in the
-EVP storage, nor is it returned to applications from traditional API functions,
-there is no associated problem with it not having reference counts. And of
-course, when one of these "private" cipher implementations is hooked into
-EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
-reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
-safe.
-
-The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
-in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
-EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
-use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
-ENGINE_TABLE essentially provide linker-separation of the classes so that even
-if ENGINEs implement *all* possible algorithms, an application using only
-EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
-ENGINE code that is independent of class, and of course the ENGINE
-implementation that the application loaded. It will *not* however link any
-class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
-other APIs, such as the RSA/DSA/etc library code.
-
-ENGINE_TABLE is a little more complicated than may seem necessary but this is
-mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
-DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
-to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
-example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
-These nids provide the uniquenness of an algorithm/mode - and each nid will hash
-to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
-pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
-caching tricks such that requests on that 'nid' will be cached and all future
-requests will return immediately (well, at least with minimal operation) unless
-a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
-that an application could have support for 10 ENGINEs statically linked
-in, and the machine in question may not have any of the hardware those 10
-ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
-want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
-each of those 10 ENGINEs. Instead, the first such request will try to do that
-and will either return (and cache) a NULL ENGINE pointer or will return a
-functional reference to the first that successfully initialised. In the latter
-case it will also cache an extra functional reference to the ENGINE as a
-"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
-that is unset only if un/registration takes place on that pile. Ie. if
-implementations of "des_cbc" are added or removed. This behaviour can be
-tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
-ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
-try to initialise from the "pile" will be those that are already initialised
-(ie. it's simply an increment of the functional reference count, and no real
-"initialisation" will take place).
-
-RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
-difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
-actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
-not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
-necessarily interoperable and don't have different flavours, only different
-implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
-or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
-represents ENGINEs that implement the single "type" of RSA there is.
-
-Cleanup - the registration and unregistration may pose questions about how
-cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
-application or EVP_CIPHER code releases its last reference to an ENGINE, the
-ENGINE_PILE code may still have references and thus those ENGINEs will stay
-hooked in forever). The way this is handled is via "unregistration". With these
-new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
-is an algorithm-agnostic process. Even if initialised, it will not have
-registered any of its implementations (to do so would link all class "table"
-code despite the fact the application may use only ciphers, for example). This
-is deliberately a distinct step. Moreover, registration and unregistration has
-nothing to do with whether an ENGINE is *functional* or not (ie. you can even
-register an ENGINE and its implementations without it being operational, you may
-not even have the drivers to make it operate). What actually happens with
-respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
-functions. These functions are internal-only and each part of ENGINE code that
-could require cleanup will, upon performing its first allocation, register a
-callback with the "engine_cleanup" code. The other part of this that makes it
-tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
-initialised state. So if RSA code asks for an ENGINE and no ENGINE has
-registered an implementation, the code will simply return NULL and the tb_rsa.c
-state will be unchanged. Thus, no cleanup is required unless registration takes
-place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
-callbacks calling each in turn, and will then internally delete its own storage
-(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
-part of a graceful restart and the application wants to cleanup all state then
-start again), the internal STACK storage will be freshly allocated. This is much
-the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
-initialised state, so only modification operations (not queries) will cause that
-code to have to register a cleanup.
-
-What else? The bignum callbacks and associated ENGINE functions have been
-removed for two obvious reasons; (i) there was no way to generalise them to the
-mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
-method, and (ii) because of (i), there was no meaningful way for library or
-application code to automatically hook and use ENGINE supplied bignum functions
-anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
-exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
-one and now certainly doesn't make sense in any generalised way. Some of the
-RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
-changes have now, as a consequence, been reverted back. This is because the
-hooking of ENGINE is now automatic (and passive, it can interally use a NULL
-ENGINE pointer to simply ignore ENGINE from then on).
-
-Hell, that should be enough for now ... comments welcome: geoff@openssl.org
-
+++ /dev/null
-/* $OpenBSD: eng_all.c,v 1.30 2018/03/17 16:20:01 beck Exp $ */
-/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <pthread.h>
-
-#include <openssl/opensslconf.h>
-
-#include "cryptlib.h"
-#include "eng_int.h"
-
-void
-ENGINE_load_builtin_engines_internal(void)
-{
-#ifndef OPENSSL_NO_STATIC_ENGINE
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_PADLOCK
- ENGINE_load_padlock();
-#endif
-#endif
-#endif
- ENGINE_register_all_complete();
-}
-
-void
-ENGINE_load_builtin_engines(void)
-{
- static pthread_once_t once = PTHREAD_ONCE_INIT;
-
- /* Prayer and clean living lets you ignore errors, OpenSSL style */
- (void) OPENSSL_init_crypto(0, NULL);
-
- (void) pthread_once(&once, ENGINE_load_builtin_engines_internal);
-}
+++ /dev/null
-/* $OpenBSD: eng_cnf.c,v 1.15 2018/04/14 07:18:37 tb Exp $ */
-/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-#include <openssl/conf.h>
-
-/* #define ENGINE_CONF_DEBUG */
-
-/* ENGINE config module */
-
-static char *
-skip_dot(char *name)
-{
- char *p;
-
- p = strchr(name, '.');
- if (p)
- return p + 1;
- return name;
-}
-
-static STACK_OF(ENGINE) *initialized_engines = NULL;
-
-static int
-int_engine_init(ENGINE *e)
-{
- if (!ENGINE_init(e))
- return 0;
- if (!initialized_engines)
- initialized_engines = sk_ENGINE_new_null();
- if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) {
- ENGINE_finish(e);
- return 0;
- }
- return 1;
-}
-
-
-static int
-int_engine_configure(char *name, char *value, const CONF *cnf)
-{
- int i;
- int ret = 0;
- long do_init = -1;
- STACK_OF(CONF_VALUE) *ecmds;
- CONF_VALUE *ecmd = NULL;
- char *ctrlname, *ctrlvalue;
- ENGINE *e = NULL;
- int soft = 0;
-
- name = skip_dot(name);
-#ifdef ENGINE_CONF_DEBUG
- fprintf(stderr, "Configuring engine %s\n", name);
-#endif
- /* Value is a section containing ENGINE commands */
- ecmds = NCONF_get_section(cnf, value);
-
- if (!ecmds) {
- ENGINEerror(ENGINE_R_ENGINE_SECTION_ERROR);
- return 0;
- }
-
- for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
- ecmd = sk_CONF_VALUE_value(ecmds, i);
- ctrlname = skip_dot(ecmd->name);
- ctrlvalue = ecmd->value;
-#ifdef ENGINE_CONF_DEBUG
- fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n",
- ctrlname, ctrlvalue);
-#endif
-
- /* First handle some special pseudo ctrls */
-
- /* Override engine name to use */
- if (!strcmp(ctrlname, "engine_id"))
- name = ctrlvalue;
- else if (!strcmp(ctrlname, "soft_load"))
- soft = 1;
- /* Load a dynamic ENGINE */
- else if (!strcmp(ctrlname, "dynamic_path")) {
- e = ENGINE_by_id("dynamic");
- if (!e)
- goto err;
- if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
- goto err;
- if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
- goto err;
- if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
- goto err;
- }
- /* ... add other pseudos here ... */
- else {
- /* At this point we need an ENGINE structural reference
- * if we don't already have one.
- */
- if (!e) {
- e = ENGINE_by_id(name);
- if (!e && soft) {
- ERR_clear_error();
- return 1;
- }
- if (!e)
- goto err;
- }
- /* Allow "EMPTY" to mean no value: this allows a valid
- * "value" to be passed to ctrls of type NO_INPUT
- */
- if (!strcmp(ctrlvalue, "EMPTY"))
- ctrlvalue = NULL;
- if (!strcmp(ctrlname, "init")) {
- if (!NCONF_get_number_e(cnf, value, "init",
- &do_init))
- goto err;
- if (do_init == 1) {
- if (!int_engine_init(e))
- goto err;
- } else if (do_init != 0) {
- ENGINEerror(ENGINE_R_INVALID_INIT_VALUE);
- goto err;
- }
- }
- else if (!strcmp(ctrlname, "default_algorithms")) {
- if (!ENGINE_set_default_string(e, ctrlvalue))
- goto err;
- } else if (!ENGINE_ctrl_cmd_string(e,
- ctrlname, ctrlvalue, 0))
- goto err;
- }
- }
- if (e && (do_init == -1) && !int_engine_init(e)) {
- ecmd = NULL;
- goto err;
- }
- ret = 1;
-
-err:
- if (ret != 1) {
- ENGINEerror(ENGINE_R_ENGINE_CONFIGURATION_ERROR);
- if (ecmd)
- ERR_asprintf_error_data(
- "section=%s, name=%s, value=%s",
- ecmd->section, ecmd->name, ecmd->value);
- }
- ENGINE_free(e);
- return ret;
-}
-
-
-static int
-int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
-{
- STACK_OF(CONF_VALUE) *elist;
- CONF_VALUE *cval;
- int i;
-
-#ifdef ENGINE_CONF_DEBUG
- fprintf(stderr, "Called engine module: name %s, value %s\n",
- CONF_imodule_get_name(md), CONF_imodule_get_value(md));
-#endif
- /* Value is a section containing ENGINEs to configure */
- elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
-
- if (!elist) {
- ENGINEerror(ENGINE_R_ENGINES_SECTION_ERROR);
- return 0;
- }
-
- for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
- cval = sk_CONF_VALUE_value(elist, i);
- if (!int_engine_configure(cval->name, cval->value, cnf))
- return 0;
- }
-
- return 1;
-}
-
-static void
-int_engine_module_finish(CONF_IMODULE *md)
-{
- ENGINE *e;
-
- while ((e = sk_ENGINE_pop(initialized_engines)))
- ENGINE_finish(e);
- sk_ENGINE_free(initialized_engines);
- initialized_engines = NULL;
-}
-
-void
-ENGINE_add_conf_module(void)
-{
- CONF_module_add("engines", int_engine_module_init,
- int_engine_module_finish);
-}
+++ /dev/null
-/* $OpenBSD: eng_ctrl.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* When querying a ENGINE-specific control command's 'description', this string
- * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
-static const char *int_no_description = "";
-
-/* These internal functions handle 'CMD'-related control commands when the
- * ENGINE in question has asked us to take care of it (ie. the ENGINE did not
- * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
-
-static int
-int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
-{
- if ((defn->cmd_num == 0) || (defn->cmd_name == NULL))
- return 1;
- return 0;
-}
-
-static int
-int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
-{
- int idx = 0;
- while (!int_ctrl_cmd_is_null(defn) &&
- (strcmp(defn->cmd_name, s) != 0)) {
- idx++;
- defn++;
- }
- if (int_ctrl_cmd_is_null(defn))
- /* The given name wasn't found */
- return -1;
- return idx;
-}
-
-static int
-int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
-{
- int idx = 0;
- /* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
- * our searches don't need to take any longer than necessary. */
- while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) {
- idx++;
- defn++;
- }
- if (defn->cmd_num == num)
- return idx;
- /* The given cmd_num wasn't found */
- return -1;
-}
-
-static int
-int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
-{
- int idx;
- int ret;
- char *s = (char *)p;
-
- /* Take care of the easy one first (eg. it requires no searches) */
- if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) {
- if ((e->cmd_defns == NULL) ||
- int_ctrl_cmd_is_null(e->cmd_defns))
- return 0;
- return e->cmd_defns->cmd_num;
- }
- /* One or two commands require that "p" be a valid string buffer */
- if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
- (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
- (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) {
- if (s == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return -1;
- }
- }
- /* Now handle cmd_name -> cmd_num conversion */
- if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) {
- if ((e->cmd_defns == NULL) ||
- ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) {
- ENGINEerror(ENGINE_R_INVALID_CMD_NAME);
- return -1;
- }
- return e->cmd_defns[idx].cmd_num;
- }
- /* For the rest of the commands, the 'long' argument must specify a
- * valie command number - so we need to conduct a search. */
- if ((e->cmd_defns == NULL) ||
- ((idx = int_ctrl_cmd_by_num(e->cmd_defns, (unsigned int)i)) < 0)) {
- ENGINEerror(ENGINE_R_INVALID_CMD_NUMBER);
- return -1;
- }
- /* Now the logic splits depending on command type */
- switch (cmd) {
- case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
- idx++;
- if (int_ctrl_cmd_is_null(e->cmd_defns + idx))
- /* end-of-list */
- return 0;
- else
- return e->cmd_defns[idx].cmd_num;
- case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
- return strlen(e->cmd_defns[idx].cmd_name);
- case ENGINE_CTRL_GET_NAME_FROM_CMD:
- ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1,
- "%s", e->cmd_defns[idx].cmd_name);
- if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1))
- ret = -1;
- return ret;
- case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
- if (e->cmd_defns[idx].cmd_desc)
- return strlen(e->cmd_defns[idx].cmd_desc);
- return strlen(int_no_description);
- case ENGINE_CTRL_GET_DESC_FROM_CMD:
- if (e->cmd_defns[idx].cmd_desc) {
- ret = snprintf(s,
- strlen(e->cmd_defns[idx].cmd_desc) + 1,
- "%s", e->cmd_defns[idx].cmd_desc);
- if (ret >= strlen(e->cmd_defns[idx].cmd_desc) + 1)
- ret = -1;
- return ret;
- }
- ret = snprintf(s, strlen(int_no_description) + 1, "%s",
- int_no_description);
- if (ret >= strlen(int_no_description) + 1)
- ret = -1;
- return ret;
- case ENGINE_CTRL_GET_CMD_FLAGS:
- return e->cmd_defns[idx].cmd_flags;
- }
-
- /* Shouldn't really be here ... */
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- return -1;
-}
-
-int
-ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
-{
- int ctrl_exists, ref_exists;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- ref_exists = ((e->struct_ref > 0) ? 1 : 0);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
- if (!ref_exists) {
- ENGINEerror(ENGINE_R_NO_REFERENCE);
- return 0;
- }
- /* Intercept any "root-level" commands before trying to hand them on to
- * ctrl() handlers. */
- switch (cmd) {
- case ENGINE_CTRL_HAS_CTRL_FUNCTION:
- return ctrl_exists;
- case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
- case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
- case ENGINE_CTRL_GET_CMD_FROM_NAME:
- case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
- case ENGINE_CTRL_GET_NAME_FROM_CMD:
- case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
- case ENGINE_CTRL_GET_DESC_FROM_CMD:
- case ENGINE_CTRL_GET_CMD_FLAGS:
- if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
- return int_ctrl_helper(e, cmd, i, p, f);
- if (!ctrl_exists) {
- ENGINEerror(ENGINE_R_NO_CONTROL_FUNCTION);
- /* For these cmd-related functions, failure is indicated
- * by a -1 return value (because 0 is used as a valid
- * return in some places). */
- return -1;
- }
- default:
- break;
- }
- /* Anything else requires a ctrl() handler to exist. */
- if (!ctrl_exists) {
- ENGINEerror(ENGINE_R_NO_CONTROL_FUNCTION);
- return 0;
- }
- return e->ctrl(e, cmd, i, p, f);
-}
-
-int
-ENGINE_cmd_is_executable(ENGINE *e, int cmd)
-{
- int flags;
-
- if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd,
- NULL, NULL)) < 0) {
- ENGINEerror(ENGINE_R_INVALID_CMD_NUMBER);
- return 0;
- }
- if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
- !(flags & ENGINE_CMD_FLAG_NUMERIC) &&
- !(flags & ENGINE_CMD_FLAG_STRING))
- return 0;
- return 1;
-}
-
-int
-ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, long i, void *p,
- void (*f)(void), int cmd_optional)
-{
- int num;
-
- if ((e == NULL) || (cmd_name == NULL)) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if ((e->ctrl == NULL) ||
- ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME,
- 0, (void *)cmd_name, NULL)) <= 0)) {
- /* If the command didn't *have* to be supported, we fake
- * success. This allows certain settings to be specified for
- * multiple ENGINEs and only require a change of ENGINE id
- * (without having to selectively apply settings). Eg. changing
- * from a hardware device back to the regular software ENGINE
- * without editing the config file, etc. */
- if (cmd_optional) {
- ERR_clear_error();
- return 1;
- }
- ENGINEerror(ENGINE_R_INVALID_CMD_NAME);
- return 0;
- }
-
- /* Force the result of the control command to 0 or 1, for the reasons
- * mentioned before. */
- if (ENGINE_ctrl(e, num, i, p, f) > 0)
- return 1;
-
- return 0;
-}
-
-int
-ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
- int cmd_optional)
-{
- int num, flags;
- long l;
- char *ptr;
-
- if ((e == NULL) || (cmd_name == NULL)) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if ((e->ctrl == NULL) ||
- ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0,
- (void *)cmd_name, NULL)) <= 0)) {
- /* If the command didn't *have* to be supported, we fake
- * success. This allows certain settings to be specified for
- * multiple ENGINEs and only require a change of ENGINE id
- * (without having to selectively apply settings). Eg. changing
- * from a hardware device back to the regular software ENGINE
- * without editing the config file, etc. */
- if (cmd_optional) {
- ERR_clear_error();
- return 1;
- }
- ENGINEerror(ENGINE_R_INVALID_CMD_NAME);
- return 0;
- }
- if (!ENGINE_cmd_is_executable(e, num)) {
- ENGINEerror(ENGINE_R_CMD_NOT_EXECUTABLE);
- return 0;
- }
- if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
- NULL, NULL)) < 0) {
- /* Shouldn't happen, given that ENGINE_cmd_is_executable()
- * returned success. */
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- return 0;
- }
- /* If the command takes no input, there must be no input. And vice
- * versa. */
- if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
- if (arg != NULL) {
- ENGINEerror(ENGINE_R_COMMAND_TAKES_NO_INPUT);
- return 0;
- }
- /* We deliberately force the result of ENGINE_ctrl() to 0 or 1
- * rather than returning it as "return data". This is to ensure
- * usage of these commands is consistent across applications and
- * that certain applications don't understand it one way, and
- * others another. */
- if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
- return 1;
- return 0;
- }
- /* So, we require input */
- if (arg == NULL) {
- ENGINEerror(ENGINE_R_COMMAND_TAKES_INPUT);
- return 0;
- }
- /* If it takes string input, that's easy */
- if (flags & ENGINE_CMD_FLAG_STRING) {
- /* Same explanation as above */
- if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
- return 1;
- return 0;
- }
- /* If it doesn't take numeric either, then it is unsupported for use in
- * a config-setting situation, which is what this function is for. This
- * should never happen though, because ENGINE_cmd_is_executable() was
- * used. */
- if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) {
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- return 0;
- }
- l = strtol(arg, &ptr, 10);
- if ((arg == ptr) || (*ptr != '\0')) {
- ENGINEerror(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
- return 0;
- }
- /* Force the result of the control command to 0 or 1, for the reasons
- * mentioned before. */
- if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
- return 1;
- return 0;
-}
+++ /dev/null
-/* $OpenBSD: eng_dyn.c,v 1.14 2015/06/19 06:05:11 bcook Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/engine.h>
-
-void
-ENGINE_load_dynamic(void)
-{
-}
+++ /dev/null
-/* $OpenBSD: eng_err.c,v 1.12 2022/07/12 14:42:49 kn Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
-
-static ERR_STRING_DATA ENGINE_str_functs[] = {
- {ERR_FUNC(0xfff), "CRYPTO_internal"},
- {0, NULL}
-};
-
-static ERR_STRING_DATA ENGINE_str_reasons[] = {
- {ERR_REASON(ENGINE_R_ALREADY_LOADED) , "already loaded"},
- {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER), "argument is not a number"},
- {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) , "cmd not executable"},
- {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"},
- {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"},
- {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
- {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED), "ctrl command not implemented"},
- {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) , "dh not implemented"},
- {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
- {ERR_REASON(ENGINE_R_DSO_FAILURE) , "DSO failure"},
- {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) , "dso not found"},
- {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
- {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR), "engine configuration error"},
- {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"},
- {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"},
- {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY), "failed loading private key"},
- {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY), "failed loading public key"},
- {ERR_REASON(ENGINE_R_FINISH_FAILED) , "finish failed"},
- {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) , "could not obtain hardware handle"},
- {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) , "'id' or 'name' missing"},
- {ERR_REASON(ENGINE_R_INIT_FAILED) , "init failed"},
- {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
- {ERR_REASON(ENGINE_R_INVALID_ARGUMENT) , "invalid argument"},
- {ERR_REASON(ENGINE_R_INVALID_CMD_NAME) , "invalid cmd name"},
- {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) , "invalid cmd number"},
- {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) , "invalid init value"},
- {ERR_REASON(ENGINE_R_INVALID_STRING) , "invalid string"},
- {ERR_REASON(ENGINE_R_NOT_INITIALISED) , "not initialised"},
- {ERR_REASON(ENGINE_R_NOT_LOADED) , "not loaded"},
- {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"},
- {ERR_REASON(ENGINE_R_NO_INDEX) , "no index"},
- {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) , "no load function"},
- {ERR_REASON(ENGINE_R_NO_REFERENCE) , "no reference"},
- {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) , "no such engine"},
- {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) , "no unload function"},
- {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) , "provide parameters"},
- {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
- {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
- {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
- {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD), "unimplemented public key method"},
- {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
- {0, NULL}
-};
-
-#endif
-
-void
-ERR_load_ENGINE_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
- if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) {
- ERR_load_strings(0, ENGINE_str_functs);
- ERR_load_strings(0, ENGINE_str_reasons);
- }
-#endif
-}
+++ /dev/null
-/* $OpenBSD: eng_fat.c,v 1.19 2023/07/28 09:22:26 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include "eng_int.h"
-#include <openssl/conf.h>
-
-int
-ENGINE_set_default(ENGINE *e, unsigned int flags)
-{
- if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
- return 0;
- if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
- return 0;
-#ifndef OPENSSL_NO_RSA
- if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
- return 0;
-#endif
-#ifndef OPENSSL_NO_DSA
- if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
- return 0;
-#endif
-#ifndef OPENSSL_NO_DH
- if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
- return 0;
-#endif
-#ifndef OPENSSL_NO_EC
- if ((flags & ENGINE_METHOD_EC) && !ENGINE_set_default_EC(e))
- return 0;
-#endif
- if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
- return 0;
- if ((flags & ENGINE_METHOD_PKEY_METHS) &&
- !ENGINE_set_default_pkey_meths(e))
- return 0;
- if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS) &&
- !ENGINE_set_default_pkey_asn1_meths(e))
- return 0;
- return 1;
-}
-
-/* Set default algorithms using a string */
-
-static int
-int_def_cb(const char *alg, int len, void *arg)
-{
- unsigned int *pflags = arg;
-
- if (!strncmp(alg, "ALL", len))
- *pflags |= ENGINE_METHOD_ALL;
- else if (!strncmp(alg, "RSA", len))
- *pflags |= ENGINE_METHOD_RSA;
- else if (!strncmp(alg, "DSA", len))
- *pflags |= ENGINE_METHOD_DSA;
- else if (!strncmp(alg, "DH", len))
- *pflags |= ENGINE_METHOD_DH;
- else if (strncmp(alg, "EC", len) == 0)
- *pflags |= ENGINE_METHOD_EC;
- else if (!strncmp(alg, "RAND", len))
- *pflags |= ENGINE_METHOD_RAND;
- else if (!strncmp(alg, "CIPHERS", len))
- *pflags |= ENGINE_METHOD_CIPHERS;
- else if (!strncmp(alg, "DIGESTS", len))
- *pflags |= ENGINE_METHOD_DIGESTS;
- else if (!strncmp(alg, "PKEY", len))
- *pflags |= ENGINE_METHOD_PKEY_METHS |
- ENGINE_METHOD_PKEY_ASN1_METHS;
- else if (!strncmp(alg, "PKEY_CRYPTO", len))
- *pflags |= ENGINE_METHOD_PKEY_METHS;
- else if (!strncmp(alg, "PKEY_ASN1", len))
- *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
- else
- return 0;
- return 1;
-}
-
-int
-ENGINE_set_default_string(ENGINE *e, const char *def_list)
-{
- unsigned int flags = 0;
-
- if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) {
- ENGINEerror(ENGINE_R_INVALID_STRING);
- ERR_asprintf_error_data("str=%s",def_list);
- return 0;
- }
- return ENGINE_set_default(e, flags);
-}
-
-int
-ENGINE_register_complete(ENGINE *e)
-{
- ENGINE_register_ciphers(e);
- ENGINE_register_digests(e);
-#ifndef OPENSSL_NO_RSA
- ENGINE_register_RSA(e);
-#endif
-#ifndef OPENSSL_NO_DSA
- ENGINE_register_DSA(e);
-#endif
-#ifndef OPENSSL_NO_DH
- ENGINE_register_DH(e);
-#endif
-#ifndef OPENSSL_NO_EC
- ENGINE_register_EC(e);
-#endif
- ENGINE_register_RAND(e);
- ENGINE_register_pkey_meths(e);
- return 1;
-}
-
-int
-ENGINE_register_all_complete(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
- ENGINE_register_complete(e);
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: eng_init.c,v 1.9 2018/04/14 07:09:21 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* Initialise a engine type for use (or up its functional reference count
- * if it's already in use). This version is only used internally. */
-int
-engine_unlocked_init(ENGINE *e)
-{
- int to_return = 1;
-
- if ((e->funct_ref == 0) && e->init)
- /* This is the first functional reference and the engine
- * requires initialisation so we do it now. */
- to_return = e->init(e);
- if (to_return) {
- /* OK, we return a functional reference which is also a
- * structural reference. */
- e->struct_ref++;
- e->funct_ref++;
- engine_ref_debug(e, 0, 1)
- engine_ref_debug(e, 1, 1)
- }
- return to_return;
-}
-
-/* Free a functional reference to a engine type. This version is only used
- * internally. */
-int
-engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
-{
- int to_return = 1;
-
- /* Reduce the functional reference count here so if it's the terminating
- * case, we can release the lock safely and call the finish() handler
- * without risk of a race. We get a race if we leave the count until
- * after and something else is calling "finish" at the same time -
- * there's a chance that both threads will together take the count from
- * 2 to 0 without either calling finish(). */
- e->funct_ref--;
- engine_ref_debug(e, 1, -1);
- if ((e->funct_ref == 0) && e->finish) {
- if (unlock_for_handlers)
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- to_return = e->finish(e);
- if (unlock_for_handlers)
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (!to_return)
- return 0;
- }
-
- /* Release the structural reference too */
- if (!engine_free_util(e, 0)) {
- ENGINEerror(ENGINE_R_FINISH_FAILED);
- return 0;
- }
- return to_return;
-}
-
-/* The API (locked) version of "init" */
-int
-ENGINE_init(ENGINE *e)
-{
- int ret;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- ret = engine_unlocked_init(e);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return ret;
-}
-
-/* The API (locked) version of "finish" */
-int
-ENGINE_finish(ENGINE *e)
-{
- int to_return = 1;
-
- if (e == NULL)
- return 1;
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- to_return = engine_unlocked_finish(e, 1);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- if (!to_return) {
- ENGINEerror(ENGINE_R_FINISH_FAILED);
- return 0;
- }
- return to_return;
-}
+++ /dev/null
-/* $OpenBSD: eng_int.h,v 1.12 2023/07/28 09:22:26 tb Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_INT_H
-#define HEADER_ENGINE_INT_H
-
-/* Take public definitions from engine.h */
-#include <openssl/engine.h>
-
-__BEGIN_HIDDEN_DECLS
-
-/* If we compile with this symbol defined, then both reference counts in the
- * ENGINE structure will be monitored with a line of output on stderr for each
- * change. This prints the engine's pointer address (truncated to unsigned int),
- * "struct" or "funct" to indicate the reference type, the before and after
- * reference count, and the file:line-number pair. The "engine_ref_debug"
- * statements must come *after* the change. */
-#ifdef ENGINE_REF_COUNT_DEBUG
-
-#define engine_ref_debug(e, isfunct, diff) \
- fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
- (unsigned int)(e), (isfunct ? "funct" : "struct"), \
- ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
- ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
- (__FILE__), (__LINE__));
-
-#else
-
-#define engine_ref_debug(e, isfunct, diff)
-
-#endif
-
-/* Any code that will need cleanup operations should use these functions to
- * register callbacks. ENGINE_cleanup() will call all registered callbacks in
- * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
- * held (in "write" mode). */
-typedef void (ENGINE_CLEANUP_CB)(void);
-typedef struct st_engine_cleanup_item {
- ENGINE_CLEANUP_CB *cb;
-} ENGINE_CLEANUP_ITEM;
-DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
-
-/* We need stacks of ENGINEs for use in eng_table.c */
-DECLARE_STACK_OF(ENGINE)
-
-/* If this symbol is defined then engine_table_select(), the function that is
- * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
- * functional references (etc), will display debugging summaries to stderr. */
-/* #define ENGINE_TABLE_DEBUG */
-
-/* This represents an implementation table. Dependent code should instantiate it
- * as a (ENGINE_TABLE *) pointer value set initially to NULL. */
-typedef struct st_engine_table ENGINE_TABLE;
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
- ENGINE *e, const int *nids, int num_nids, int setdefault);
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
-void engine_table_cleanup(ENGINE_TABLE **table);
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
-#else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
- int l);
-#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
-#endif
-typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk,
- ENGINE *def, void *arg);
-void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
- void *arg);
-
-/* Internal versions of API functions that have control over locking. These are
- * used between C files when functionality needs to be shared but the caller may
- * already be controlling of the CRYPTO_LOCK_ENGINE lock. */
-int engine_unlocked_init(ENGINE *e);
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
-int engine_free_util(ENGINE *e, int locked);
-
-/* This function will reset all "set"able values in an ENGINE to NULL. This
- * won't touch reference counts or ex_data, but is equivalent to calling all the
- * ENGINE_set_***() functions with a NULL value. */
-void engine_set_all_null(ENGINE *e);
-
-/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
- * in engine.h. */
-
-/* Free up dynamically allocated public key methods associated with ENGINE */
-
-void engine_pkey_meths_free(ENGINE *e);
-void engine_pkey_asn1_meths_free(ENGINE *e);
-
-/* This is a structure for storing implementations of various crypto
- * algorithms and functions. */
-struct engine_st {
- const char *id;
- const char *name;
- const RSA_METHOD *rsa_meth;
- const DSA_METHOD *dsa_meth;
- const DH_METHOD *dh_meth;
- const EC_KEY_METHOD *ec_meth;
- const RAND_METHOD *rand_meth;
- const STORE_METHOD *store_meth;
- /* Cipher handling is via this callback */
- ENGINE_CIPHERS_PTR ciphers;
- /* Digest handling is via this callback */
- ENGINE_DIGESTS_PTR digests;
- /* Public key handling via this callback */
- ENGINE_PKEY_METHS_PTR pkey_meths;
- /* ASN1 public key handling via this callback */
- ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
-
- ENGINE_GEN_INT_FUNC_PTR destroy;
-
- ENGINE_GEN_INT_FUNC_PTR init;
- ENGINE_GEN_INT_FUNC_PTR finish;
- ENGINE_CTRL_FUNC_PTR ctrl;
- ENGINE_LOAD_KEY_PTR load_privkey;
- ENGINE_LOAD_KEY_PTR load_pubkey;
-
- ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
-
- const ENGINE_CMD_DEFN *cmd_defns;
- int flags;
- /* reference count on the structure itself */
- int struct_ref;
- /* reference count on usability of the engine type. NB: This
- * controls the loading and initialisation of any functionlity
- * required by this engine, whereas the previous count is
- * simply to cope with (de)allocation of this structure. Hence,
- * running_ref <= struct_ref at all times. */
- int funct_ref;
- /* A place to store per-ENGINE data */
- CRYPTO_EX_DATA ex_data;
- /* Used to maintain the linked-list of engines. */
- struct engine_st *prev;
- struct engine_st *next;
-};
-
-__END_HIDDEN_DECLS
-
-#endif /* HEADER_ENGINE_INT_H */
+++ /dev/null
-/* $OpenBSD: eng_lib.c,v 1.14 2018/04/14 07:18:37 tb Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#include "eng_int.h"
-
-/* The "new"/"free" stuff first */
-
-ENGINE *
-ENGINE_new(void)
-{
- ENGINE *ret;
-
- if (!OPENSSL_init_crypto(0, NULL))
- return NULL;
-
- ret = malloc(sizeof(ENGINE));
- if (ret == NULL) {
- ENGINEerror(ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- memset(ret, 0, sizeof(ENGINE));
- ret->struct_ref = 1;
- engine_ref_debug(ret, 0, 1)
- CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
- return ret;
-}
-
-/* Placed here (close proximity to ENGINE_new) so that modifications to the
- * elements of the ENGINE structure are more likely to be caught and changed
- * here. */
-void
-engine_set_all_null(ENGINE *e)
-{
- e->id = NULL;
- e->name = NULL;
- e->rsa_meth = NULL;
- e->dsa_meth = NULL;
- e->dh_meth = NULL;
- e->rand_meth = NULL;
- e->store_meth = NULL;
- e->ciphers = NULL;
- e->digests = NULL;
- e->destroy = NULL;
- e->init = NULL;
- e->finish = NULL;
- e->ctrl = NULL;
- e->load_privkey = NULL;
- e->load_pubkey = NULL;
- e->cmd_defns = NULL;
- e->flags = 0;
-}
-
-int
-engine_free_util(ENGINE *e, int locked)
-{
- int i;
-
- if (e == NULL)
- return 1;
- if (locked)
- i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
- else
- i = --e->struct_ref;
- engine_ref_debug(e, 0, -1)
- if (i > 0)
- return 1;
-
- /* Free up any dynamically allocated public key methods */
- engine_pkey_meths_free(e);
- engine_pkey_asn1_meths_free(e);
- /* Give the ENGINE a chance to do any structural cleanup corresponding
- * to allocation it did in its constructor (eg. unload error strings) */
- if (e->destroy)
- e->destroy(e);
- CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
- free(e);
- return 1;
-}
-
-int
-ENGINE_free(ENGINE *e)
-{
- return engine_free_util(e, 1);
-}
-
-/* Cleanup stuff */
-
-/* ENGINE_cleanup() is coded such that anything that does work that will need
- * cleanup can register a "cleanup" callback here. That way we don't get linker
- * bloat by referring to all *possible* cleanups, but any linker bloat into code
- * "X" will cause X's cleanup function to end up here. */
-static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
-static int
-int_cleanup_check(int create)
-{
- if (cleanup_stack)
- return 1;
- if (!create)
- return 0;
- cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
- return (cleanup_stack ? 1 : 0);
-}
-
-static ENGINE_CLEANUP_ITEM *
-int_cleanup_item(ENGINE_CLEANUP_CB *cb)
-{
- ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM));
-
- if (!item)
- return NULL;
- item->cb = cb;
- return item;
-}
-
-void
-engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
-{
- ENGINE_CLEANUP_ITEM *item;
-
- if (!int_cleanup_check(1))
- return;
- item = int_cleanup_item(cb);
- if (item)
- sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
-}
-
-void
-engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
-{
- ENGINE_CLEANUP_ITEM *item;
-
- if (!int_cleanup_check(1))
- return;
- item = int_cleanup_item(cb);
- if (item)
- sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
-}
-/* The API function that performs all cleanup */
-static void
-engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
-{
- (*(item->cb))();
- free(item);
-}
-
-void
-ENGINE_cleanup(void)
-{
- if (int_cleanup_check(0)) {
- sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
- engine_cleanup_cb_free);
- cleanup_stack = NULL;
- }
- /* FIXME: This should be handled (somehow) through RAND, eg. by it
- * registering a cleanup callback. */
- RAND_set_rand_method(NULL);
-}
-
-/* Now the "ex_data" support */
-
-int
-ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
- return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
- new_func, dup_func, free_func);
-}
-
-int
-ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
-{
- return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
-}
-
-void *
-ENGINE_get_ex_data(const ENGINE *e, int idx)
-{
- return (CRYPTO_get_ex_data(&e->ex_data, idx));
-}
-
-/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
- * ENGINE structure itself. */
-
-int
-ENGINE_set_id(ENGINE *e, const char *id)
-{
- if (id == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- e->id = id;
- return 1;
-}
-
-int
-ENGINE_set_name(ENGINE *e, const char *name)
-{
- if (name == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- e->name = name;
- return 1;
-}
-
-int
-ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
-{
- e->destroy = destroy_f;
- return 1;
-}
-
-int
-ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
-{
- e->init = init_f;
- return 1;
-}
-
-int
-ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
-{
- e->finish = finish_f;
- return 1;
-}
-
-int
-ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
-{
- e->ctrl = ctrl_f;
- return 1;
-}
-
-int
-ENGINE_set_flags(ENGINE *e, int flags)
-{
- e->flags = flags;
- return 1;
-}
-
-int
-ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
-{
- e->cmd_defns = defns;
- return 1;
-}
-
-const char *
-ENGINE_get_id(const ENGINE *e)
-{
- return e->id;
-}
-
-const char *
-ENGINE_get_name(const ENGINE *e)
-{
- return e->name;
-}
-
-ENGINE_GEN_INT_FUNC_PTR
-ENGINE_get_destroy_function(const ENGINE *e)
-{
- return e->destroy;
-}
-
-ENGINE_GEN_INT_FUNC_PTR
-ENGINE_get_init_function(const ENGINE *e)
-{
- return e->init;
-}
-
-ENGINE_GEN_INT_FUNC_PTR
-ENGINE_get_finish_function(const ENGINE *e)
-{
- return e->finish;
-}
-
-ENGINE_CTRL_FUNC_PTR
-ENGINE_get_ctrl_function(const ENGINE *e)
-{
- return e->ctrl;
-}
-
-int
-ENGINE_get_flags(const ENGINE *e)
-{
- return e->flags;
-}
-
-const ENGINE_CMD_DEFN *
-ENGINE_get_cmd_defns(const ENGINE *e)
-{
- return e->cmd_defns;
-}
-
-/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so
- * put the "static_state" hack here. */
-
-static int internal_static_hack = 0;
-
-void *
-ENGINE_get_static_state(void)
-{
- return &internal_static_hack;
-}
+++ /dev/null
-/* $OpenBSD: eng_list.c,v 1.27 2023/07/28 09:22:26 tb Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "cryptlib.h"
-#include "eng_int.h"
-
-/* The linked-list of pointers to engine types. engine_list_head
- * incorporates an implicit structural reference but engine_list_tail
- * does not - the latter is a computational niceity and only points
- * to something that is already pointed to by its predecessor in the
- * list (or engine_list_head itself). In the same way, the use of the
- * "prev" pointer in each ENGINE is to save excessive list iteration,
- * it doesn't correspond to an extra structural reference. Hence,
- * engine_list_head, and each non-null "next" pointer account for
- * the list itself assuming exactly 1 structural reference on each
- * list member. */
-static ENGINE *engine_list_head = NULL;
-static ENGINE *engine_list_tail = NULL;
-
-/* This cleanup function is only needed internally. If it should be called, we
- * register it with the "ENGINE_cleanup()" stack to be called during cleanup. */
-
-static void
-engine_list_cleanup(void)
-{
- ENGINE *iterator = engine_list_head;
-
- while (iterator != NULL && ENGINE_remove(iterator))
- iterator = engine_list_head;
-}
-
-/* These static functions starting with a lower case "engine_" always
- * take place when CRYPTO_LOCK_ENGINE has been locked up. */
-static int
-engine_list_add(ENGINE *e)
-{
- int conflict = 0;
- ENGINE *iterator = NULL;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- iterator = engine_list_head;
- while (iterator && !conflict) {
- conflict = (strcmp(iterator->id, e->id) == 0);
- iterator = iterator->next;
- }
- if (conflict) {
- ENGINEerror(ENGINE_R_CONFLICTING_ENGINE_ID);
- return 0;
- }
- if (engine_list_head == NULL) {
- /* We are adding to an empty list. */
- if (engine_list_tail) {
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- return 0;
- }
- engine_list_head = e;
- e->prev = NULL;
- /* The first time the list allocates, we should register the
- * cleanup. */
- engine_cleanup_add_last(engine_list_cleanup);
- } else {
- /* We are adding to the tail of an existing list. */
- if ((engine_list_tail == NULL) ||
- (engine_list_tail->next != NULL)) {
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- return 0;
- }
- engine_list_tail->next = e;
- e->prev = engine_list_tail;
- }
- /* Having the engine in the list assumes a structural
- * reference. */
- e->struct_ref++;
- engine_ref_debug(e, 0, 1)
- /* However it came to be, e is the last item in the list. */
- engine_list_tail = e;
- e->next = NULL;
- return 1;
-}
-
-static int
-engine_list_remove(ENGINE *e)
-{
- ENGINE *iterator;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- /* We need to check that e is in our linked list! */
- iterator = engine_list_head;
- while (iterator && (iterator != e))
- iterator = iterator->next;
- if (iterator == NULL) {
- ENGINEerror(ENGINE_R_ENGINE_IS_NOT_IN_LIST);
- return 0;
- }
- /* un-link e from the chain. */
- if (e->next)
- e->next->prev = e->prev;
- if (e->prev)
- e->prev->next = e->next;
- /* Correct our head/tail if necessary. */
- if (engine_list_head == e)
- engine_list_head = e->next;
- if (engine_list_tail == e)
- engine_list_tail = e->prev;
- engine_free_util(e, 0);
- return 1;
-}
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *
-ENGINE_get_first(void)
-{
- ENGINE *ret;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- ret = engine_list_head;
- if (ret) {
- ret->struct_ref++;
- engine_ref_debug(ret, 0, 1)
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return ret;
-}
-
-ENGINE *
-ENGINE_get_last(void)
-{
- ENGINE *ret;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- ret = engine_list_tail;
- if (ret) {
- ret->struct_ref++;
- engine_ref_debug(ret, 0, 1)
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return ret;
-}
-
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *
-ENGINE_get_next(ENGINE *e)
-{
- ENGINE *ret = NULL;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- ret = e->next;
- if (ret) {
- /* Return a valid structural reference to the next ENGINE */
- ret->struct_ref++;
- engine_ref_debug(ret, 0, 1)
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- /* Release the structural reference to the previous ENGINE */
- ENGINE_free(e);
- return ret;
-}
-
-ENGINE *
-ENGINE_get_prev(ENGINE *e)
-{
- ENGINE *ret = NULL;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- ret = e->prev;
- if (ret) {
- /* Return a valid structural reference to the next ENGINE */
- ret->struct_ref++;
- engine_ref_debug(ret, 0, 1)
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- /* Release the structural reference to the previous ENGINE */
- ENGINE_free(e);
- return ret;
-}
-
-/* Add another "ENGINE" type into the list. */
-int
-ENGINE_add(ENGINE *e)
-{
- int to_return = 1;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if ((e->id == NULL) || (e->name == NULL)) {
- ENGINEerror(ENGINE_R_ID_OR_NAME_MISSING);
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (!engine_list_add(e)) {
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- to_return = 0;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return to_return;
-}
-
-/* Remove an existing "ENGINE" type from the array. */
-int
-ENGINE_remove(ENGINE *e)
-{
- int to_return = 1;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (!engine_list_remove(e)) {
- ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR);
- to_return = 0;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return to_return;
-}
-
-static void
-engine_cpy(ENGINE *dest, const ENGINE *src)
-{
- dest->id = src->id;
- dest->name = src->name;
-#ifndef OPENSSL_NO_RSA
- dest->rsa_meth = src->rsa_meth;
-#endif
-#ifndef OPENSSL_NO_DSA
- dest->dsa_meth = src->dsa_meth;
-#endif
-#ifndef OPENSSL_NO_DH
- dest->dh_meth = src->dh_meth;
-#endif
-#ifndef OPENSSL_NO_EC
- dest->ec_meth = src->ec_meth;
-#endif
- dest->rand_meth = src->rand_meth;
- dest->store_meth = src->store_meth;
- dest->ciphers = src->ciphers;
- dest->digests = src->digests;
- dest->pkey_meths = src->pkey_meths;
- dest->destroy = src->destroy;
- dest->init = src->init;
- dest->finish = src->finish;
- dest->ctrl = src->ctrl;
- dest->load_privkey = src->load_privkey;
- dest->load_pubkey = src->load_pubkey;
- dest->cmd_defns = src->cmd_defns;
- dest->flags = src->flags;
-}
-
-ENGINE *
-ENGINE_by_id(const char *id)
-{
- ENGINE *iterator;
-
- if (id == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- iterator = engine_list_head;
- while (iterator && (strcmp(id, iterator->id) != 0))
- iterator = iterator->next;
- if (iterator) {
- /* We need to return a structural reference. If this is an
- * ENGINE type that returns copies, make a duplicate - otherwise
- * increment the existing ENGINE's reference count. */
- if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) {
- ENGINE *cp = ENGINE_new();
- if (!cp)
- iterator = NULL;
- else {
- engine_cpy(cp, iterator);
- iterator = cp;
- }
- } else {
- iterator->struct_ref++;
- engine_ref_debug(iterator, 0, 1)
- }
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-
- if (iterator == NULL) {
- ENGINEerror(ENGINE_R_NO_SUCH_ENGINE);
- ERR_asprintf_error_data("id=%s", id);
- }
- return iterator;
-}
-
-int
-ENGINE_up_ref(ENGINE *e)
-{
- int refs;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- refs = CRYPTO_add(&e->struct_ref, 1, CRYPTO_LOCK_ENGINE);
- return refs > 1 ? 1 : 0;
-}
+++ /dev/null
-/* $OpenBSD: eng_openssl.c,v 1.19 2023/07/28 09:22:26 tb Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/engine.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#include "evp_local.h"
-
-/* This testing gunk is implemented (and explained) lower down. It also assumes
- * the application explicitly calls "ENGINE_load_openssl()" because this is no
- * longer automatic in ENGINE_load_builtin_engines(). */
-#define TEST_ENG_OPENSSL_RC4
-#define TEST_ENG_OPENSSL_PKEY
-/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
-#define TEST_ENG_OPENSSL_RC4_P_INIT
-/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
-#define TEST_ENG_OPENSSL_SHA
-/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
-/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
-/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
-/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
-
-/* Now check what of those algorithms are actually enabled */
-#ifdef OPENSSL_NO_RC4
-#undef TEST_ENG_OPENSSL_RC4
-#undef TEST_ENG_OPENSSL_RC4_OTHERS
-#undef TEST_ENG_OPENSSL_RC4_P_INIT
-#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
-#endif
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)
-#undef TEST_ENG_OPENSSL_SHA
-#undef TEST_ENG_OPENSSL_SHA_OTHERS
-#undef TEST_ENG_OPENSSL_SHA_P_INIT
-#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
-#undef TEST_ENG_OPENSSL_SHA_P_FINAL
-#endif
-
-#ifdef TEST_ENG_OPENSSL_RC4
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid);
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-#endif
-
-/* The constants used when creating the ENGINE */
-static const char *engine_openssl_id = "openssl";
-static const char *engine_openssl_name = "Software engine support";
-
-/* This internal function is used by ENGINE_openssl() and possibly by the
- * "dynamic" ENGINE support too */
-static int
-bind_helper(ENGINE *e)
-{
- if (!ENGINE_set_id(e, engine_openssl_id) ||
- !ENGINE_set_name(e, engine_openssl_name)
-#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
-#ifndef OPENSSL_NO_RSA
- || !ENGINE_set_RSA(e, RSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_DSA
- || !ENGINE_set_DSA(e, DSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_DH
- || !ENGINE_set_DH(e, DH_get_default_method())
-#endif
- || !ENGINE_set_RAND(e, RAND_SSLeay())
-#ifdef TEST_ENG_OPENSSL_RC4
- || !ENGINE_set_ciphers(e, openssl_ciphers)
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
- || !ENGINE_set_digests(e, openssl_digests)
-#endif
-#endif
-#ifdef TEST_ENG_OPENSSL_PKEY
- || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
-#endif
- )
- return 0;
- /* If we add errors to this ENGINE, ensure the error handling is setup here */
- /* openssl_load_error_strings(); */
- return 1;
-}
-
-static ENGINE *
-engine_openssl(void)
-{
- ENGINE *ret = ENGINE_new();
-
- if (ret == NULL)
- return NULL;
- if (!bind_helper(ret)) {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
-}
-
-void
-ENGINE_load_openssl(void)
-{
- ENGINE *toadd = engine_openssl();
-
- if (toadd == NULL)
- return;
- (void) ENGINE_add(toadd);
- /* If the "add" worked, it gets a structural reference. So either way,
- * we release our just-created reference. */
- ENGINE_free(toadd);
- ERR_clear_error();
-}
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int
-bind_fn(ENGINE *e, const char *id)
-{
- if (id && (strcmp(id, engine_openssl_id) != 0))
- return 0;
- if (!bind_helper(e))
- return 0;
- return 1;
-}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#ifdef TEST_ENG_OPENSSL_RC4
-/* This section of code compiles an "alternative implementation" of two modes of
- * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
- * should under normal circumstances go via this support rather than the default
- * EVP support. There are other symbols to tweak the testing;
- * TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
- * we're asked for a cipher we don't support (should not happen).
- * TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
- * the "init_key" handler is called.
- * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
- */
-#include <openssl/rc4.h>
-#define TEST_RC4_KEY_SIZE 16
-static int test_cipher_nids[] = {NID_rc4, NID_rc4_40};
-static int test_cipher_nids_number = 2;
-
-typedef struct {
- unsigned char key[TEST_RC4_KEY_SIZE];
- RC4_KEY ks;
-} TEST_RC4_KEY;
-
-#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
-static int
-test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
-#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
- fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
-#endif
- memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
- RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
- test(ctx)->key);
- return 1;
-}
-
-static int
-test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl)
-{
-#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
- fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
-#endif
- RC4(&test(ctx)->ks, inl, in, out);
- return 1;
-}
-
-static const EVP_CIPHER test_r4_cipher = {
- NID_rc4,
- 1, TEST_RC4_KEY_SIZE, 0,
- EVP_CIPH_VARIABLE_LENGTH,
- test_rc4_init_key,
- test_rc4_cipher,
- NULL,
- sizeof(TEST_RC4_KEY),
- NULL,
- NULL,
- NULL,
- NULL
-};
-
-static const EVP_CIPHER test_r4_40_cipher = {
- NID_rc4_40,
- 1,5 /* 40 bit */,0,
- EVP_CIPH_VARIABLE_LENGTH,
- test_rc4_init_key,
- test_rc4_cipher,
- NULL,
- sizeof(TEST_RC4_KEY),
- NULL,
- NULL,
- NULL,
- NULL
-};
-
-static int
-openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
-{
- if (!cipher) {
- /* We are returning a list of supported nids */
- *nids = test_cipher_nids;
- return test_cipher_nids_number;
- }
- /* We are being asked for a specific cipher */
- if (nid == NID_rc4)
- *cipher = &test_r4_cipher;
- else if (nid == NID_rc4_40)
- *cipher = &test_r4_40_cipher;
- else {
-#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
- fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
- "nid %d\n", nid);
-#endif
- *cipher = NULL;
- return 0;
- }
- return 1;
-}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_SHA
-/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
-#include <openssl/sha.h>
-static int test_digest_nids[] = {NID_sha1};
-static int test_digest_nids_number = 1;
-
-static int
-test_sha1_init(EVP_MD_CTX *ctx)
-{
-#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
-#endif
- return SHA1_Init(ctx->md_data);
-}
-
-static int
-test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
-#endif
- return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
-#endif
- return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD test_sha_md = {
- .type = NID_sha1,
- .pkey_type = NID_sha1WithRSAEncryption,
- .md_size = SHA_DIGEST_LENGTH,
- .flags = 0,
- .init = test_sha1_init,
- .update = test_sha1_update,
- .final = test_sha1_final,
- .copy = NULL,
- .cleanup = NULL,
- .block_size = SHA_CBLOCK,
- .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-static int
-openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
-{
- if (!digest) {
- /* We are returning a list of supported nids */
- *nids = test_digest_nids;
- return test_digest_nids_number;
- }
- /* We are being asked for a specific digest */
- if (nid == NID_sha1)
- *digest = &test_sha_md;
- else {
-#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
- "nid %d\n", nid);
-#endif
- *digest = NULL;
- return 0;
- }
- return 1;
-}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *
-openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method,
- void *callback_data)
-{
- BIO *in;
- EVP_PKEY *key;
-
- fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
- key_id);
- in = BIO_new_file(key_id, "r");
- if (!in)
- return NULL;
- key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
- BIO_free(in);
- return key;
-}
-#endif
+++ /dev/null
-/* $OpenBSD: eng_pkey.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* Basic get/set stuff */
-
-int
-ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
-{
- e->load_privkey = loadpriv_f;
- return 1;
-}
-
-int
-ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
-{
- e->load_pubkey = loadpub_f;
- return 1;
-}
-
-int
-ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
- ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
-{
- e->load_ssl_client_cert = loadssl_f;
- return 1;
-}
-
-ENGINE_LOAD_KEY_PTR
-ENGINE_get_load_privkey_function(const ENGINE *e)
-{
- return e->load_privkey;
-}
-
-ENGINE_LOAD_KEY_PTR
-ENGINE_get_load_pubkey_function(const ENGINE *e)
-{
- return e->load_pubkey;
-}
-
-ENGINE_SSL_CLIENT_CERT_PTR
-ENGINE_get_ssl_client_cert_function(const ENGINE *e)
-{
- return e->load_ssl_client_cert;
-}
-
-/* API functions to load public/private keys */
-
-EVP_PKEY *
-ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
- void *callback_data)
-{
- EVP_PKEY *pkey;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (e->funct_ref == 0) {
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- ENGINEerror(ENGINE_R_NOT_INITIALISED);
- return 0;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- if (!e->load_privkey) {
- ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION);
- return 0;
- }
- pkey = e->load_privkey(e, key_id, ui_method, callback_data);
- if (!pkey) {
- ENGINEerror(ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
- return 0;
- }
- return pkey;
-}
-
-EVP_PKEY *
-ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
- void *callback_data)
-{
- EVP_PKEY *pkey;
-
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (e->funct_ref == 0) {
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- ENGINEerror(ENGINE_R_NOT_INITIALISED);
- return 0;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- if (!e->load_pubkey) {
- ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION);
- return 0;
- }
- pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
- if (!pkey) {
- ENGINEerror(ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- return 0;
- }
- return pkey;
-}
-
-int
-ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
- X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother,
- UI_METHOD *ui_method, void *callback_data)
-{
- if (e == NULL) {
- ENGINEerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (e->funct_ref == 0) {
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- ENGINEerror(ENGINE_R_NOT_INITIALISED);
- return 0;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- if (!e->load_ssl_client_cert) {
- ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION);
- return 0;
- }
- return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
- ui_method, callback_data);
-}
+++ /dev/null
-/* $OpenBSD: eng_table.c,v 1.10 2022/12/26 07:18:52 jmc Exp $ */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/lhash.h>
-
-#include "eng_int.h"
-
-/* The type of the items in the table */
-typedef struct st_engine_pile {
- /* The 'nid' of this algorithm/mode */
- int nid;
- /* ENGINEs that implement this algorithm/mode. */
- STACK_OF(ENGINE) *sk;
- /* The default ENGINE to perform this algorithm/mode. */
- ENGINE *funct;
- /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */
- int uptodate;
-} ENGINE_PILE;
-
-DECLARE_LHASH_OF(ENGINE_PILE);
-
-/* The type exposed in eng_int.h */
-struct st_engine_table {
- LHASH_OF(ENGINE_PILE) piles;
-}; /* ENGINE_TABLE */
-
-typedef struct st_engine_pile_doall {
- engine_table_doall_cb *cb;
- void *arg;
-} ENGINE_PILE_DOALL;
-
-/* Global flags (ENGINE_TABLE_FLAG_***). */
-static unsigned int table_flags = 0;
-
-/* API function manipulating 'table_flags' */
-unsigned int
-ENGINE_get_table_flags(void)
-{
- return table_flags;
-}
-
-void
-ENGINE_set_table_flags(unsigned int flags)
-{
- table_flags = flags;
-}
-
-/* Internal functions for the "piles" hash table */
-static unsigned long
-engine_pile_hash(const ENGINE_PILE *c)
-{
- return c->nid;
-}
-
-static int
-engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
-{
- return a->nid - b->nid;
-}
-static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
-static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
-
-static int
-int_table_check(ENGINE_TABLE **t, int create)
-{
- LHASH_OF(ENGINE_PILE) *lh;
-
- if (*t)
- return 1;
- if (!create)
- return 0;
- if ((lh = lh_ENGINE_PILE_new()) == NULL)
- return 0;
- *t = (ENGINE_TABLE *)lh;
- return 1;
-}
-
-/* Privately exposed (via eng_int.h) functions for adding and/or removing
- * ENGINEs from the implementation table */
-int
-engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
- ENGINE *e, const int *nids, int num_nids, int setdefault)
-{
- int ret = 0, added = 0;
- ENGINE_PILE tmplate, *fnd;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (!(*table))
- added = 1;
- if (!int_table_check(table, 1))
- goto end;
- if (added)
- /* The cleanup callback needs to be added */
- engine_cleanup_add_first(cleanup);
- while (num_nids--) {
- tmplate.nid = *nids;
- fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
- if (!fnd) {
- fnd = malloc(sizeof(ENGINE_PILE));
- if (!fnd)
- goto end;
- fnd->uptodate = 1;
- fnd->nid = *nids;
- fnd->sk = sk_ENGINE_new_null();
- if (!fnd->sk) {
- free(fnd);
- goto end;
- }
- fnd->funct = NULL;
- (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
- }
- /* A registration shouldn't add duplicate entries */
- (void)sk_ENGINE_delete_ptr(fnd->sk, e);
- /* if 'setdefault', this ENGINE goes to the head of the list */
- if (!sk_ENGINE_push(fnd->sk, e))
- goto end;
- /* "touch" this ENGINE_PILE */
- fnd->uptodate = 0;
- if (setdefault) {
- if (!engine_unlocked_init(e)) {
- ENGINEerror(ENGINE_R_INIT_FAILED);
- goto end;
- }
- if (fnd->funct)
- engine_unlocked_finish(fnd->funct, 0);
- fnd->funct = e;
- fnd->uptodate = 1;
- }
- nids++;
- }
- ret = 1;
-end:
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return ret;
-}
-
-static void
-int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
-{
- int n;
-
- /* Iterate the 'c->sk' stack removing any occurrence of 'e' */
- while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
- (void)sk_ENGINE_delete(pile->sk, n);
- pile->uptodate = 0;
- }
- if (pile->funct == e) {
- engine_unlocked_finish(e, 0);
- pile->funct = NULL;
- }
-}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
-
-void
-engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
-{
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (int_table_check(table, 0))
- lh_ENGINE_PILE_doall_arg(&(*table)->piles,
- LHASH_DOALL_ARG_FN(int_unregister_cb), ENGINE, e);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-}
-
-static void
-int_cleanup_cb_doall(ENGINE_PILE *p)
-{
- sk_ENGINE_free(p->sk);
- if (p->funct)
- engine_unlocked_finish(p->funct, 0);
- free(p);
-}
-static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
-
-void
-engine_table_cleanup(ENGINE_TABLE **table)
-{
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (*table) {
- lh_ENGINE_PILE_doall(&(*table)->piles,
- LHASH_DOALL_FN(int_cleanup_cb));
- lh_ENGINE_PILE_free(&(*table)->piles);
- *table = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-}
-
-/* return a functional reference for a given 'nid' */
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *
-engine_table_select(ENGINE_TABLE **table, int nid)
-#else
-ENGINE *
-engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
-#endif
-{
- ENGINE *ret = NULL;
- ENGINE_PILE tmplate, *fnd = NULL;
- int initres, loop = 0;
-
- if (!(*table)) {
-#ifdef ENGINE_TABLE_DEBUG
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
- "registered!\n", f, l, nid);
-#endif
- return NULL;
- }
- ERR_set_mark();
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- /* Check again inside the lock otherwise we could race against cleanup
- * operations. But don't worry about a fprintf(stderr). */
- if (!int_table_check(table, 0))
- goto end;
- tmplate.nid = nid;
- fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
- if (!fnd)
- goto end;
- if (fnd->funct && engine_unlocked_init(fnd->funct)) {
-#ifdef ENGINE_TABLE_DEBUG
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
- "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
-#endif
- ret = fnd->funct;
- goto end;
- }
- if (fnd->uptodate) {
- ret = fnd->funct;
- goto end;
- }
-trynext:
- ret = sk_ENGINE_value(fnd->sk, loop++);
- if (!ret) {
-#ifdef ENGINE_TABLE_DEBUG
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
- "registered implementations would initialise\n", f, l, nid);
-#endif
- goto end;
- }
- /* Try to initialise the ENGINE? */
- if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
- initres = engine_unlocked_init(ret);
- else
- initres = 0;
- if (initres) {
- /* Update 'funct' */
- if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
- /* If there was a previous default we release it. */
- if (fnd->funct)
- engine_unlocked_finish(fnd->funct, 0);
- fnd->funct = ret;
-#ifdef ENGINE_TABLE_DEBUG
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
- "setting default to '%s'\n", f, l, nid, ret->id);
-#endif
- }
-#ifdef ENGINE_TABLE_DEBUG
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
- "newly initialised '%s'\n", f, l, nid, ret->id);
-#endif
- goto end;
- }
- goto trynext;
-end:
- /* If it failed, it is unlikely to succeed again until some future
- * registrations have taken place. In all cases, we cache. */
- if (fnd)
- fnd->uptodate = 1;
-#ifdef ENGINE_TABLE_DEBUG
- if (ret)
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
- "ENGINE '%s'\n", f, l, nid, ret->id);
- else
- fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
- "'no matching ENGINE'\n", f, l, nid);
-#endif
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- /* Whatever happened, any failed init()s are not failures in this
- * context, so clear our error state. */
- ERR_pop_to_mark();
- return ret;
-}
-
-/* Table enumeration */
-
-static void
-int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
-{
- dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
-}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
-
-void
-engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg)
-{
- ENGINE_PILE_DOALL dall;
-
- dall.cb = cb;
- dall.arg = arg;
- lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb),
- ENGINE_PILE_DOALL, &dall);
-}
+++ /dev/null
-/* $OpenBSD: tb_asnmth.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-#include "asn1_local.h"
-#include <openssl/evp.h>
-
-/* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
- * function that is used by EVP to hook in pkey_asn1_meth code and cache
- * defaults (etc), will display brief debugging summaries to stderr with the
- * 'nid'. */
-/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
-
-static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
-
-void
-ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
-{
- engine_table_unregister(&pkey_asn1_meth_table, e);
-}
-
-static void
-engine_unregister_all_pkey_asn1_meths(void)
-{
- engine_table_cleanup(&pkey_asn1_meth_table);
-}
-
-int
-ENGINE_register_pkey_asn1_meths(ENGINE *e)
-{
- if (e->pkey_asn1_meths) {
- const int *nids;
- int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&pkey_asn1_meth_table,
- engine_unregister_all_pkey_asn1_meths, e, nids,
- num_nids, 0);
- }
- return 1;
-}
-
-void
-ENGINE_register_all_pkey_asn1_meths(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_pkey_asn1_meths(e);
-}
-
-int
-ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
-{
- if (e->pkey_asn1_meths) {
- const int *nids;
- int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&pkey_asn1_meth_table,
- engine_unregister_all_pkey_asn1_meths, e, nids,
- num_nids, 1);
- }
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given pkey_asn1_meth 'nid' */
-ENGINE *
-ENGINE_get_pkey_asn1_meth_engine(int nid)
-{
- return engine_table_select(&pkey_asn1_meth_table, nid);
-}
-
-/* Obtains a pkey_asn1_meth implementation from an ENGINE functional reference */
-const EVP_PKEY_ASN1_METHOD *
-ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
-{
- EVP_PKEY_ASN1_METHOD *ret;
- ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
-
- if (!fn || !fn(e, &ret, NULL, nid)) {
- ENGINEerror(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
- return NULL;
- }
- return ret;
-}
-
-/* Gets the pkey_asn1_meth callback from an ENGINE structure */
-ENGINE_PKEY_ASN1_METHS_PTR
-ENGINE_get_pkey_asn1_meths(const ENGINE *e)
-{
- return e->pkey_asn1_meths;
-}
-
-/* Sets the pkey_asn1_meth callback in an ENGINE structure */
-int
-ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
-{
- e->pkey_asn1_meths = f;
- return 1;
-}
-
-/* Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
- * ENGINE is destroyed
- */
-
-void
-engine_pkey_asn1_meths_free(ENGINE *e)
-{
- int i;
- EVP_PKEY_ASN1_METHOD *pkm;
-
- if (e->pkey_asn1_meths) {
- const int *pknids;
- int npknids;
- npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
- for (i = 0; i < npknids; i++) {
- if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) {
- EVP_PKEY_asn1_free(pkm);
- }
- }
- }
-}
-
-/* Find a method based on a string. This does a linear search through
- * all implemented algorithms. This is OK in practice because only
- * a small number of algorithms are likely to be implemented in an engine
- * and it is not used for speed critical operations.
- */
-
-const EVP_PKEY_ASN1_METHOD *
-ENGINE_get_pkey_asn1_meth_str(ENGINE *e, const char *str, int len)
-{
- int i, nidcount;
- const int *nids;
- EVP_PKEY_ASN1_METHOD *ameth;
-
- if (!e->pkey_asn1_meths)
- return NULL;
- if (len == -1)
- len = strlen(str);
- nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
- for (i = 0; i < nidcount; i++) {
- e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
- if (((int)strlen(ameth->pem_str) == len) &&
- !strncasecmp(ameth->pem_str, str, len))
- return ameth;
- }
- return NULL;
-}
-
-typedef struct {
- ENGINE *e;
- const EVP_PKEY_ASN1_METHOD *ameth;
- const char *str;
- int len;
-} ENGINE_FIND_STR;
-
-static void
-look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
-{
- ENGINE_FIND_STR *lk = arg;
- int i;
-
- if (lk->ameth)
- return;
- for (i = 0; i < sk_ENGINE_num(sk); i++) {
- ENGINE *e = sk_ENGINE_value(sk, i);
- EVP_PKEY_ASN1_METHOD *ameth;
- e->pkey_asn1_meths(e, &ameth, NULL, nid);
- if (((int)strlen(ameth->pem_str) == lk->len) &&
- !strncasecmp(ameth->pem_str, lk->str, lk->len)) {
- lk->e = e;
- lk->ameth = ameth;
- return;
- }
- }
-}
-
-const EVP_PKEY_ASN1_METHOD *
-ENGINE_pkey_asn1_find_str(ENGINE **pe, const char *str, int len)
-{
- ENGINE_FIND_STR fstr;
-
- fstr.e = NULL;
- fstr.ameth = NULL;
- fstr.str = str;
- fstr.len = len;
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
- /* If found obtain a structural reference to engine */
- if (fstr.e) {
- fstr.e->struct_ref++;
- engine_ref_debug(fstr.e, 0, 1)
- }
- *pe = fstr.e;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return fstr.ameth;
-}
+++ /dev/null
-/* $OpenBSD: tb_cipher.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that
- * is used by EVP to hook in cipher code and cache defaults (etc), will display
- * brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_CIPHER_DEBUG */
-
-static ENGINE_TABLE *cipher_table = NULL;
-
-void
-ENGINE_unregister_ciphers(ENGINE *e)
-{
- engine_table_unregister(&cipher_table, e);
-}
-
-static void
-engine_unregister_all_ciphers(void)
-{
- engine_table_cleanup(&cipher_table);
-}
-
-int
-ENGINE_register_ciphers(ENGINE *e)
-{
- if (e->ciphers) {
- const int *nids;
- int num_nids = e->ciphers(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&cipher_table,
- engine_unregister_all_ciphers, e, nids,
- num_nids, 0);
- }
- return 1;
-}
-
-void
-ENGINE_register_all_ciphers(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_ciphers(e);
-}
-
-int
-ENGINE_set_default_ciphers(ENGINE *e)
-{
- if (e->ciphers) {
- const int *nids;
- int num_nids = e->ciphers(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&cipher_table,
- engine_unregister_all_ciphers, e, nids,
- num_nids, 1);
- }
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given cipher 'nid' */
-ENGINE *
-ENGINE_get_cipher_engine(int nid)
-{
- return engine_table_select(&cipher_table, nid);
-}
-
-/* Obtains a cipher implementation from an ENGINE functional reference */
-const EVP_CIPHER *
-ENGINE_get_cipher(ENGINE *e, int nid)
-{
- const EVP_CIPHER *ret;
- ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
-
- if (!fn || !fn(e, &ret, NULL, nid)) {
- ENGINEerror(ENGINE_R_UNIMPLEMENTED_CIPHER);
- return NULL;
- }
- return ret;
-}
-
-/* Gets the cipher callback from an ENGINE structure */
-ENGINE_CIPHERS_PTR
-ENGINE_get_ciphers(const ENGINE *e)
-{
- return e->ciphers;
-}
-
-/* Sets the cipher callback in an ENGINE structure */
-int
-ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
-{
- e->ciphers = f;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_dh.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_DH(), the function that is
- * used by DH to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DH_DEBUG */
-
-static ENGINE_TABLE *dh_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_DH(ENGINE *e)
-{
- engine_table_unregister(&dh_table, e);
-}
-
-static void
-engine_unregister_all_DH(void)
-{
- engine_table_cleanup(&dh_table);
-}
-
-int
-ENGINE_register_DH(ENGINE *e)
-{
- if (e->dh_meth)
- return engine_table_register(&dh_table,
- engine_unregister_all_DH, e, &dummy_nid, 1, 0);
- return 1;
-}
-
-void
-ENGINE_register_all_DH(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_DH(e);
-}
-
-int
-ENGINE_set_default_DH(ENGINE *e)
-{
- if (e->dh_meth)
- return engine_table_register(&dh_table,
- engine_unregister_all_DH, e, &dummy_nid, 1, 1);
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_DH(void)
-{
- return engine_table_select(&dh_table, dummy_nid);
-}
-
-/* Obtains an DH implementation from an ENGINE functional reference */
-const DH_METHOD *
-ENGINE_get_DH(const ENGINE *e)
-{
- return e->dh_meth;
-}
-
-/* Sets an DH implementation in an ENGINE structure */
-int
-ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
-{
- e->dh_meth = dh_meth;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_digest.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_digest_engine(), the function that
- * is used by EVP to hook in digest code and cache defaults (etc), will display
- * brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DIGEST_DEBUG */
-
-static ENGINE_TABLE *digest_table = NULL;
-
-void
-ENGINE_unregister_digests(ENGINE *e)
-{
- engine_table_unregister(&digest_table, e);
-}
-
-static void
-engine_unregister_all_digests(void)
-{
- engine_table_cleanup(&digest_table);
-}
-
-int
-ENGINE_register_digests(ENGINE *e)
-{
- if (e->digests) {
- const int *nids;
- int num_nids = e->digests(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&digest_table,
- engine_unregister_all_digests, e, nids,
- num_nids, 0);
- }
- return 1;
-}
-
-void
-ENGINE_register_all_digests(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_digests(e);
-}
-
-int
-ENGINE_set_default_digests(ENGINE *e)
-{
- if (e->digests) {
- const int *nids;
- int num_nids = e->digests(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&digest_table,
- engine_unregister_all_digests, e, nids,
- num_nids, 1);
- }
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given digest 'nid' */
-ENGINE *
-ENGINE_get_digest_engine(int nid)
-{
- return engine_table_select(&digest_table, nid);
-}
-
-/* Obtains a digest implementation from an ENGINE functional reference */
-const EVP_MD *
-ENGINE_get_digest(ENGINE *e, int nid)
-{
- const EVP_MD *ret;
- ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
-
- if (!fn || !fn(e, &ret, NULL, nid)) {
- ENGINEerror(ENGINE_R_UNIMPLEMENTED_DIGEST);
- return NULL;
- }
- return ret;
-}
-
-/* Gets the digest callback from an ENGINE structure */
-ENGINE_DIGESTS_PTR
-ENGINE_get_digests(const ENGINE *e)
-{
- return e->digests;
-}
-
-/* Sets the digest callback in an ENGINE structure */
-int
-ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
-{
- e->digests = f;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_dsa.c,v 1.7 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is
- * used by DSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DSA_DEBUG */
-
-static ENGINE_TABLE *dsa_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_DSA(ENGINE *e)
-{
- engine_table_unregister(&dsa_table, e);
-}
-
-static void
-engine_unregister_all_DSA(void)
-{
- engine_table_cleanup(&dsa_table);
-}
-
-int
-ENGINE_register_DSA(ENGINE *e)
-{
- if (e->dsa_meth)
- return engine_table_register(&dsa_table,
- engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
- return 1;
-}
-
-void
-ENGINE_register_all_DSA(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_DSA(e);
-}
-
-int
-ENGINE_set_default_DSA(ENGINE *e)
-{
- if (e->dsa_meth)
- return engine_table_register(&dsa_table,
- engine_unregister_all_DSA, e, &dummy_nid, 1, 1);
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_DSA(void)
-{
- return engine_table_select(&dsa_table, dummy_nid);
-}
-
-/* Obtains an DSA implementation from an ENGINE functional reference */
-const DSA_METHOD *
-ENGINE_get_DSA(const ENGINE *e)
-{
- return e->dsa_meth;
-}
-
-/* Sets an DSA implementation in an ENGINE structure */
-int
-ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
-{
- e->dsa_meth = dsa_meth;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_eckey.c,v 1.2 2019/01/19 01:18:56 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-static ENGINE_TABLE *ec_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_EC(ENGINE *e)
-{
- engine_table_unregister(&ec_table, e);
-}
-
-static void
-engine_unregister_all_EC(void)
-{
- engine_table_cleanup(&ec_table);
-}
-
-int
-ENGINE_register_EC(ENGINE *e)
-{
- if (e->ec_meth)
- return engine_table_register(&ec_table,
- engine_unregister_all_EC, e, &dummy_nid, 1, 0);
- return 1;
-}
-
-void
-ENGINE_register_all_EC(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
- ENGINE_register_EC(e);
-}
-
-int
-ENGINE_set_default_EC(ENGINE *e)
-{
- if (e->ec_meth != NULL)
- return engine_table_register(&ec_table,
- engine_unregister_all_EC, e, &dummy_nid, 1, 1);
- return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *
-ENGINE_get_default_EC(void)
-{
- return engine_table_select(&ec_table, dummy_nid);
-}
-
-/* Obtains an EC_KEY implementation from an ENGINE functional reference */
-const EC_KEY_METHOD *
-ENGINE_get_EC(const ENGINE *e)
-{
- return e->ec_meth;
-}
-
-/* Sets an EC_KEY implementation in an ENGINE structure */
-int
-ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth)
-{
- e->ec_meth = ec_meth;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_pkmeth.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-#include <openssl/evp.h>
-
-/* If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
- * that is used by EVP to hook in pkey_meth code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_PKEY_METH_DEBUG */
-
-static ENGINE_TABLE *pkey_meth_table = NULL;
-
-void
-ENGINE_unregister_pkey_meths(ENGINE *e)
-{
- engine_table_unregister(&pkey_meth_table, e);
-}
-
-static void
-engine_unregister_all_pkey_meths(void)
-{
- engine_table_cleanup(&pkey_meth_table);
-}
-
-int
-ENGINE_register_pkey_meths(ENGINE *e)
-{
- if (e->pkey_meths) {
- const int *nids;
- int num_nids = e->pkey_meths(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&pkey_meth_table,
- engine_unregister_all_pkey_meths, e, nids,
- num_nids, 0);
- }
- return 1;
-}
-
-void
-ENGINE_register_all_pkey_meths(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_pkey_meths(e);
-}
-
-int
-ENGINE_set_default_pkey_meths(ENGINE *e)
-{
- if (e->pkey_meths) {
- const int *nids;
- int num_nids = e->pkey_meths(e, NULL, &nids, 0);
- if (num_nids > 0)
- return engine_table_register(&pkey_meth_table,
- engine_unregister_all_pkey_meths, e, nids,
- num_nids, 1);
- }
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given pkey_meth 'nid' */
-ENGINE *
-ENGINE_get_pkey_meth_engine(int nid)
-{
- return engine_table_select(&pkey_meth_table, nid);
-}
-
-/* Obtains a pkey_meth implementation from an ENGINE functional reference */
-const EVP_PKEY_METHOD *
-ENGINE_get_pkey_meth(ENGINE *e, int nid)
-{
- EVP_PKEY_METHOD *ret;
- ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
-
- if (!fn || !fn(e, &ret, NULL, nid)) {
- ENGINEerror(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
- return NULL;
- }
- return ret;
-}
-
-/* Gets the pkey_meth callback from an ENGINE structure */
-ENGINE_PKEY_METHS_PTR
-ENGINE_get_pkey_meths(const ENGINE *e)
-{
- return e->pkey_meths;
-}
-
-/* Sets the pkey_meth callback in an ENGINE structure */
-int
-ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
-{
- e->pkey_meths = f;
- return 1;
-}
-
-/* Internal function to free up EVP_PKEY_METHOD structures before an
- * ENGINE is destroyed
- */
-
-void
-engine_pkey_meths_free(ENGINE *e)
-{
- int i;
- EVP_PKEY_METHOD *pkm;
-
- if (e->pkey_meths) {
- const int *pknids;
- int npknids;
- npknids = e->pkey_meths(e, NULL, &pknids, 0);
- for (i = 0; i < npknids; i++) {
- if (e->pkey_meths(e, &pkm, NULL, pknids[i])) {
- EVP_PKEY_meth_free(pkm);
- }
- }
- }
-}
+++ /dev/null
-/* $OpenBSD: tb_rand.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is
- * used by RAND to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_RAND_DEBUG */
-
-static ENGINE_TABLE *rand_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_RAND(ENGINE *e)
-{
- engine_table_unregister(&rand_table, e);
-}
-
-static void
-engine_unregister_all_RAND(void)
-{
- engine_table_cleanup(&rand_table);
-}
-
-int
-ENGINE_register_RAND(ENGINE *e)
-{
- if (e->rand_meth)
- return engine_table_register(&rand_table,
- engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
- return 1;
-}
-
-void
-ENGINE_register_all_RAND(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_RAND(e);
-}
-
-int
-ENGINE_set_default_RAND(ENGINE *e)
-{
- if (e->rand_meth)
- return engine_table_register(&rand_table,
- engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_RAND(void)
-{
- return engine_table_select(&rand_table, dummy_nid);
-}
-
-/* Obtains an RAND implementation from an ENGINE functional reference */
-const RAND_METHOD *
-ENGINE_get_RAND(const ENGINE *e)
-{
- return e->rand_meth;
-}
-
-/* Sets an RAND implementation in an ENGINE structure */
-int
-ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
-{
- e->rand_meth = rand_meth;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_rsa.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is
- * used by RSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_RSA_DEBUG */
-
-static ENGINE_TABLE *rsa_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_RSA(ENGINE *e)
-{
- engine_table_unregister(&rsa_table, e);
-}
-
-static void
-engine_unregister_all_RSA(void)
-{
- engine_table_cleanup(&rsa_table);
-}
-
-int
-ENGINE_register_RSA(ENGINE *e)
-{
- if (e->rsa_meth)
- return engine_table_register(&rsa_table,
- engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
- return 1;
-}
-
-void
-ENGINE_register_all_RSA(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_RSA(e);
-}
-
-int
-ENGINE_set_default_RSA(ENGINE *e)
-{
- if (e->rsa_meth)
- return engine_table_register(&rsa_table,
- engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
- return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_RSA(void)
-{
- return engine_table_select(&rsa_table, dummy_nid);
-}
-
-/* Obtains an RSA implementation from an ENGINE functional reference */
-const RSA_METHOD *
-ENGINE_get_RSA(const ENGINE *e)
-{
- return e->rsa_meth;
-}
-
-/* Sets an RSA implementation in an ENGINE structure */
-int
-ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
-{
- e->rsa_meth = rsa_meth;
- return 1;
-}
+++ /dev/null
-/* $OpenBSD: tb_store.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_STORE(), the function that is
- * used by STORE to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_STORE_DEBUG */
-
-static ENGINE_TABLE *store_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_STORE(ENGINE *e)
-{
- engine_table_unregister(&store_table, e);
-}
-
-static void
-engine_unregister_all_STORE(void)
-{
- engine_table_cleanup(&store_table);
-}
-
-int
-ENGINE_register_STORE(ENGINE *e)
-{
- if (e->store_meth)
- return engine_table_register(&store_table,
- engine_unregister_all_STORE, e, &dummy_nid, 1, 0);
- return 1;
-}
-
-void
-ENGINE_register_all_STORE(void)
-{
- ENGINE *e;
-
- for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
- ENGINE_register_STORE(e);
-}
-
-/* Obtains an STORE implementation from an ENGINE functional reference */
-const STORE_METHOD *
-ENGINE_get_STORE(const ENGINE *e)
-{
- return e->store_meth;
-}
-
-/* Sets an STORE implementation in an ENGINE structure */
-int
-ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth)
-{
- e->store_meth = store_meth;
- return 1;
-}
-/* $OpenBSD: rand.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
+/* $OpenBSD: rand.h,v 1.3 2023/07/28 09:53:55 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
LCRYPTO_USED(RAND_set_rand_method);
LCRYPTO_USED(RAND_get_rand_method);
-LCRYPTO_USED(RAND_set_rand_engine);
LCRYPTO_USED(RAND_SSLeay);
LCRYPTO_USED(ERR_load_RAND_strings);
-/* $OpenBSD: ts.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
+/* $OpenBSD: ts.h,v 1.3 2023/07/28 09:53:55 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
LCRYPTO_USED(TS_CONF_load_key);
LCRYPTO_USED(TS_CONF_get_tsa_section);
LCRYPTO_USED(TS_CONF_set_serial);
-LCRYPTO_USED(TS_CONF_set_crypto_device);
-LCRYPTO_USED(TS_CONF_set_default_engine);
LCRYPTO_USED(TS_CONF_set_signer_cert);
LCRYPTO_USED(TS_CONF_set_certs);
LCRYPTO_USED(TS_CONF_set_signer_key);
-/* $OpenBSD: opensslfeatures.h,v 1.40 2023/07/28 09:46:36 tb Exp $ */
+/* $OpenBSD: opensslfeatures.h,v 1.41 2023/07/28 09:53:55 tb Exp $ */
/*
* Feature flags for LibreSSL... so you can actually tell when things
* are enabled, rather than not being able to tell when things are
/* #define OPENSSL_NO_EC */
#define OPENSSL_NO_EC_NISTP_64_GCC_128
#define OPENSSL_NO_EGD
-/* #define OPENSSL_NO_ENGINE */
+#define OPENSSL_NO_ENGINE
/* #define OPENSSL_NO_ERR */
/* #define OPENSSL_NO_FUZZ_AFL */
/* #define OPENSSL_NO_FUZZ_LIBFUZZER */
-/* $OpenBSD: ts.h,v 1.21 2023/04/25 17:52:54 tb Exp $ */
+/* $OpenBSD: ts.h,v 1.22 2023/07/28 09:53:55 tb Exp $ */
/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
* project 2002, 2003, 2004.
*/
const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
TS_RESP_CTX *ctx);
+#ifndef OPENSSL_NO_ENGINE
int TS_CONF_set_crypto_device(CONF *conf, const char *section,
const char *device);
int TS_CONF_set_default_engine(const char *name);
+#endif
int TS_CONF_set_signer_cert(CONF *conf, const char *section,
const char *cert, TS_RESP_CTX *ctx);
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
-SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
-/* $OpenBSD: ssl.h,v 1.3 2023/07/08 16:40:14 beck Exp $ */
+/* $OpenBSD: ssl.h,v 1.4 2023/07/28 09:53:55 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
LSSL_USED(SSL_CTX_get_info_callback);
LSSL_USED(SSL_CTX_set_client_cert_cb);
LSSL_USED(SSL_CTX_get_client_cert_cb);
-LSSL_USED(SSL_CTX_set_client_cert_engine);
LSSL_USED(SSL_CTX_set_cookie_generate_cb);
LSSL_USED(SSL_CTX_set_cookie_verify_cb);
LSSL_USED(SSL_CTX_set_next_protos_advertised_cb);
projects / openbsd / commitdiff