diff options
author | Geoff Thorpe <geoff@openssl.org> | 2001-09-25 20:23:40 +0000 |
---|---|---|
committer | Geoff Thorpe <geoff@openssl.org> | 2001-09-25 20:23:40 +0000 |
commit | cb78486d97328121add07df466b7578076650a90 (patch) | |
tree | 44de53e7516cf07786dcfaa9add109319fad16ac /crypto/dh | |
parent | 9c9aa4f145588500cd2d734d1901a31039f145b9 (diff) |
This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.
Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
Diffstat (limited to 'crypto/dh')
-rw-r--r-- | crypto/dh/dh.h | 21 | ||||
-rw-r--r-- | crypto/dh/dh_key.c | 11 | ||||
-rw-r--r-- | crypto/dh/dh_lib.c | 116 | ||||
-rw-r--r-- | crypto/dh/dhtest.c | 8 |
4 files changed, 63 insertions, 93 deletions
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index fe2da7abe3..65d61e2bb7 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -68,6 +68,7 @@ #endif #include <openssl/bn.h> #include <openssl/crypto.h> +#include <openssl/types.h> #define DH_FLAG_CACHE_MONT_P 0x01 @@ -115,11 +116,8 @@ struct dh_st int references; CRYPTO_EX_DATA ex_data; -#if 0 - DH_METHOD *meth; -#else - struct engine_st *engine; -#endif + const DH_METHOD *meth; + ENGINE *engine; }; #define DH_GENERATOR_2 2 @@ -154,15 +152,10 @@ struct dh_st const DH_METHOD *DH_OpenSSL(void); -void DH_set_default_openssl_method(const DH_METHOD *meth); -const DH_METHOD *DH_get_default_openssl_method(void); -#if 0 -const DH_METHOD *DH_set_method(DH *dh, const DH_METHOD *meth); -DH *DH_new_method(const DH_METHOD *meth); -#else -int DH_set_method(DH *dh, struct engine_st *engine); -DH *DH_new_method(struct engine_st *engine); -#endif +void DH_set_default_method(const DH_METHOD *meth); +const DH_METHOD *DH_get_default_method(void); +int DH_set_method(DH *dh, const DH_METHOD *meth); +DH *DH_new_method(ENGINE *engine); DH * DH_new(void); void DH_free(DH *dh); diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 670727798e..1a0efca2c4 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -74,12 +74,12 @@ static int dh_finish(DH *dh); int DH_generate_key(DH *dh) { - return ENGINE_get_DH(dh->engine)->generate_key(dh); + return dh->meth->generate_key(dh); } int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { - return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); + return dh->meth->compute_key(key, pub_key, dh); } static DH_METHOD dh_ossl = { @@ -140,8 +140,8 @@ static int generate_key(DH *dh) l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ if (!BN_rand(priv_key, l, 0, 0)) goto err; } - if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, - priv_key,dh->p,ctx,mont)) goto err; + if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont)) + goto err; dh->pub_key=pub_key; dh->priv_key=priv_key; @@ -181,8 +181,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) } mont=(BN_MONT_CTX *)dh->method_mont_p; - if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key, - dh->priv_key,dh->p,ctx,mont)) + if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) { DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); goto err; diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 7804bb4fd0..73f1c249f3 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -66,97 +66,67 @@ const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; static const DH_METHOD *default_DH_method = NULL; -void DH_set_default_openssl_method(const DH_METHOD *meth) -{ - ENGINE *e; - /* We'll need to notify the "openssl" ENGINE of this - * change too. We won't bother locking things down at - * our end as there was never any locking in these - * functions! */ - if(default_DH_method != meth) - { - default_DH_method = meth; - e = ENGINE_by_id("openssl"); - if(e) - { - ENGINE_set_DH(e, meth); - ENGINE_free(e); - } - } -} +void DH_set_default_method(const DH_METHOD *meth) + { + default_DH_method = meth; + } -const DH_METHOD *DH_get_default_openssl_method(void) -{ - if(!default_DH_method) default_DH_method = DH_OpenSSL(); +const DH_METHOD *DH_get_default_method(void) + { + if(!default_DH_method) + default_DH_method = DH_OpenSSL(); return default_DH_method; -} + } -#if 0 -DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) -{ - DH_METHOD *mtmp; +int DH_set_method(DH *dh, const DH_METHOD *meth) + { + /* NB: The caller is specifically setting a method, so it's not up to us + * to deal with which ENGINE it comes from. */ + const DH_METHOD *mtmp; mtmp = dh->meth; if (mtmp->finish) mtmp->finish(dh); + if (dh->engine) + { + ENGINE_finish(dh->engine); + dh->engine = NULL; + } dh->meth = meth; if (meth->init) meth->init(dh); - return mtmp; -} -#else -int DH_set_method(DH *dh, ENGINE *engine) -{ - ENGINE *mtmp; - const DH_METHOD *meth; - mtmp = dh->engine; - meth = ENGINE_get_DH(mtmp); - if (!ENGINE_init(engine)) - return 0; - if (meth->finish) meth->finish(dh); - dh->engine= engine; - meth = ENGINE_get_DH(engine); - if (meth->init) meth->init(dh); - /* SHOULD ERROR CHECK THIS!!! */ - ENGINE_finish(mtmp); - return 1; + return 1; } -#endif DH *DH_new(void) -{ + { return DH_new_method(NULL); -} + } -#if 0 -DH *DH_new_method(DH_METHOD *meth) -#else DH *DH_new_method(ENGINE *engine) -#endif { - const DH_METHOD *meth; DH *ret; - ret=(DH *)OPENSSL_malloc(sizeof(DH)); + ret=(DH *)OPENSSL_malloc(sizeof(DH)); if (ret == NULL) { DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); return(NULL); } - if (engine) + ret->meth = DH_get_default_method(); + ret->engine = engine; + if(!ret->engine) + ret->engine = ENGINE_get_default_DH(); + if(ret->engine) { - if(ENGINE_init(engine)) - ret->engine = engine; - else - ret->engine = NULL; - } - else - ret->engine=ENGINE_get_default_DH(); - if(ret->engine == NULL) - { - DHerr(DH_F_DH_NEW,ERR_LIB_ENGINE); - OPENSSL_free(ret); - return NULL; + ret->meth = ENGINE_get_DH(ret->engine); + if(!ret->meth) + { + DHerr(DH_F_DH_NEW,ERR_R_ENGINE_LIB); + ENGINE_finish(ret->engine); + OPENSSL_free(ret); + return NULL; + } } - meth = ENGINE_get_DH(ret->engine); + ret->pad=0; ret->version=0; ret->p=NULL; @@ -171,9 +141,9 @@ DH *DH_new_method(ENGINE *engine) ret->counter = NULL; ret->method_mont_p=NULL; ret->references = 1; - ret->flags=meth->flags; + ret->flags=ret->meth->flags; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); - if ((meth->init != NULL) && !meth->init(ret)) + if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); OPENSSL_free(ret); @@ -184,7 +154,6 @@ DH *DH_new_method(ENGINE *engine) void DH_free(DH *r) { - const DH_METHOD *meth; int i; if(r == NULL) return; i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); @@ -200,9 +169,10 @@ void DH_free(DH *r) } #endif - meth = ENGINE_get_DH(r->engine); - if(meth->finish) meth->finish(r); - ENGINE_finish(r->engine); + if (r->meth->finish) + r->meth->finish(r); + if (r->engine) + ENGINE_finish(r->engine); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c index e90f255f6c..0176436a55 100644 --- a/crypto/dh/dhtest.c +++ b/crypto/dh/dhtest.c @@ -66,6 +66,7 @@ #include <openssl/bio.h> #include <openssl/bn.h> #include <openssl/rand.h> +#include <openssl/err.h> #ifdef OPENSSL_NO_DH int main(int argc, char *argv[]) @@ -99,6 +100,10 @@ int main(int argc, char *argv[]) int i,alen,blen,aout,bout,ret=1; BIO *out; + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + #ifdef OPENSSL_SYS_WIN32 CRYPTO_malloc_init(); #endif @@ -175,6 +180,9 @@ err: if(b != NULL) DH_free(b); if(a != NULL) DH_free(a); BIO_free(out); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + CRYPTO_mem_leaks_fp(stderr); exit(ret); return(ret); } |