diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2002-03-06 14:15:13 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2002-03-06 14:15:13 +0000 |
commit | 0dc092334bc785b6fb0c8b568acba3db665b7e22 (patch) | |
tree | 840b102627a53bead4f8e80f34a81f6c1610d05e /crypto/engine | |
parent | 36c194638e86cd46d5da2b3efbe9ae5354e19096 (diff) |
ENGINE module additions.
Add "init" command to control ENGINE
initialization.
Call ENGINE_finish on initialized ENGINEs on exit.
Reorder shutdown in apps.c: modules should be shut
down first.
Add test private key loader to openssl ENGINE: this
just loads a private key in PEM format.
Fix print format for dh length parameter.
Diffstat (limited to 'crypto/engine')
-rw-r--r-- | crypto/engine/eng_cnf.c | 52 | ||||
-rw-r--r-- | crypto/engine/eng_err.c | 1 | ||||
-rw-r--r-- | crypto/engine/eng_openssl.c | 28 | ||||
-rw-r--r-- | crypto/engine/engine.h | 1 |
4 files changed, 80 insertions, 2 deletions
diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c index d8d3092f0d..8c0ae8a1ad 100644 --- a/crypto/engine/eng_cnf.c +++ b/crypto/engine/eng_cnf.c @@ -75,10 +75,28 @@ static char *skip_dot(char *name) return name; } +static STACK_OF(ENGINE) *initialized_engines = NULL; + +static int int_engine_init(ENGINE *e) + { + if (!ENGINE_init(e)) + return 0; + if (!initialized_engines) + initialized_engines = sk_ENGINE_new_null(); + if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) + { + ENGINE_finish(e); + return 0; + } + return 1; + } + + int int_engine_configure(char *name, char *value, const CONF *cnf) { int i; int ret = 0; + long do_init = -1; STACK_OF(CONF_VALUE) *ecmds; CONF_VALUE *ecmd; char *ctrlname, *ctrlvalue; @@ -140,7 +158,22 @@ int int_engine_configure(char *name, char *value, const CONF *cnf) */ if (!strcmp(ctrlvalue, "EMPTY")) ctrlvalue = NULL; - if (!strcmp(ctrlname, "default_algorithms")) + else if (!strcmp(ctrlname, "init")) + { + if (!NCONF_get_number_e(cnf, value, "init", &do_init)) + goto err; + if (do_init == 1) + { + if (!int_engine_init(e)) + goto err; + } + else if (do_init != 0) + { + ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE); + goto err; + } + } + else if (!strcmp(ctrlname, "default_algorithms")) { if (!ENGINE_set_default_string(e, ctrlvalue)) goto err; @@ -151,7 +184,10 @@ int int_engine_configure(char *name, char *value, const CONF *cnf) } + } + if (e && (do_init == -1) && !int_engine_init(e)) + goto err; ret = 1; err: if (e) @@ -188,7 +224,19 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) return 1; } +static void int_engine_module_finish(CONF_IMODULE *md) + { + ENGINE *e; + while ((e = sk_ENGINE_pop(initialized_engines))) + ENGINE_finish(e); + sk_ENGINE_free(initialized_engines); + initialized_engines = NULL; + } + + void ENGINE_add_conf_module(void) { - CONF_module_add("engines", int_engine_module_init, 0); + CONF_module_add("engines", + int_engine_module_init, + int_engine_module_finish); } diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c index fa59c8727c..f6c5630395 100644 --- a/crypto/engine/eng_err.c +++ b/crypto/engine/eng_err.c @@ -129,6 +129,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]= {ENGINE_R_INVALID_ARGUMENT ,"invalid argument"}, {ENGINE_R_INVALID_CMD_NAME ,"invalid cmd name"}, {ENGINE_R_INVALID_CMD_NUMBER ,"invalid cmd number"}, +{ENGINE_R_INVALID_INIT_VALUE ,"invalid init value"}, {ENGINE_R_INVALID_STRING ,"invalid string"}, {ENGINE_R_NOT_INITIALISED ,"not initialised"}, {ENGINE_R_NOT_LOADED ,"not loaded"}, diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index 97642ae230..e9d976f46b 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -62,11 +62,13 @@ #include "cryptlib.h" #include <openssl/engine.h> #include <openssl/dso.h> +#include <openssl/pem.h> /* This testing gunk is implemented (and explained) lower down. It also assumes * the application explicitly calls "ENGINE_load_openssl()" because this is no * longer automatic in ENGINE_load_builtin_engines(). */ #define TEST_ENG_OPENSSL_RC4 +#define TEST_ENG_OPENSSL_PKEY /* #define TEST_ENG_OPENSSL_RC4_OTHERS */ #define TEST_ENG_OPENSSL_RC4_P_INIT /* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */ @@ -85,6 +87,11 @@ static int openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); #endif +#ifdef TEST_ENG_OPENSSL_PKEY +static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, + UI_METHOD *ui_method, void *callback_data); +#endif + /* The constants used when creating the ENGINE */ static const char *engine_openssl_id = "openssl"; static const char *engine_openssl_name = "Software engine support"; @@ -95,6 +102,7 @@ static int bind_helper(ENGINE *e) { if(!ENGINE_set_id(e, engine_openssl_id) || !ENGINE_set_name(e, engine_openssl_name) +#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS #ifndef OPENSSL_NO_RSA || !ENGINE_set_RSA(e, RSA_get_default_method()) #endif @@ -111,6 +119,10 @@ static int bind_helper(ENGINE *e) #ifdef TEST_ENG_OPENSSL_SHA || !ENGINE_set_digests(e, openssl_digests) #endif +#endif +#ifdef TEST_ENG_OPENSSL_PKEY + || !ENGINE_set_load_privkey_function(e, openssl_load_privkey) +#endif ) return 0; /* If we add errors to this ENGINE, ensure the error handling is setup here */ @@ -317,3 +329,19 @@ static int openssl_digests(ENGINE *e, const EVP_MD **digest, return 1; } #endif + +#ifdef TEST_ENG_OPENSSL_PKEY +static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, + UI_METHOD *ui_method, void *callback_data) + { + BIO *in; + EVP_PKEY *key; + fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id); + in = BIO_new_file(key_id, "r"); + if (!in) + return NULL; + key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL); + BIO_free(in); + return key; + } +#endif diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 3a9ad0fe93..6c8b0437f8 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -707,6 +707,7 @@ void ERR_load_ENGINE_strings(void); #define ENGINE_R_INVALID_ARGUMENT 143 #define ENGINE_R_INVALID_CMD_NAME 137 #define ENGINE_R_INVALID_CMD_NUMBER 138 +#define ENGINE_R_INVALID_INIT_VALUE 151 #define ENGINE_R_INVALID_STRING 150 #define ENGINE_R_NOT_INITIALISED 117 #define ENGINE_R_NOT_LOADED 112 |