-/* engines/e_capi.c */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
# define CALG_SHA_512 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SHA_512)
# endif
+# ifndef PROV_RSA_AES
+# define PROV_RSA_AES 24
+# endif
+
# include <openssl/engine.h>
# include <openssl/pem.h>
# include <openssl/x509v3.h>
static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
# endif
+void engine_load_capi_internal(void);
+
typedef PCCERT_CONTEXT(WINAPI *CERTDLG) (HCERTSTORE, HWND, LPCWSTR,
LPCWSTR, DWORD, DWORD, void *);
typedef HWND(WINAPI *GETCONSWIN) (void);
case CAPI_CMD_STORE_NAME:
OPENSSL_free(ctx->storename);
- ctx->storename = BUF_strdup(p);
+ ctx->storename = OPENSSL_strdup(p);
CAPI_trace(ctx, "Setting store name to %s\n", p);
break;
break;
case CAPI_CMD_DEBUG_FILE:
- ctx->debug_file = BUF_strdup(p);
+ ctx->debug_file = OPENSSL_strdup(p);
CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
break;
0 /* dsa_keygen */
};
+static int use_aes_csp = 0;
+
static int capi_init(ENGINE *e)
{
CAPI_CTX *ctx;
const RSA_METHOD *ossl_rsa_meth;
const DSA_METHOD *ossl_dsa_meth;
+ HCRYPTPROV hprov;
if (capi_idx < 0) {
capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
}
# endif
+ /* See if we support AES CSP */
+
+ if (CryptAcquireContext(&hprov, NULL, NULL, PROV_RSA_AES,
+ CRYPT_VERIFYCONTEXT)) {
+ use_aes_csp = 1;
+ CryptReleaseContext(hprov, 0);
+ }
+
return 1;
memerr:
return ret;
}
-void ENGINE_load_capi(void)
+void engine_load_capi_internal(void)
{
/* Copied from eng_[openssl|dyn].c */
ENGINE *toadd = engine_capi();
capi_addlasterror();
goto err;
} else {
+ BIGNUM *r = NULL, *s = NULL;
ret = DSA_SIG_new();
if (ret == NULL)
goto err;
- ret->r = BN_new();
- ret->s = BN_new();
- if (ret->r == NULL || ret->s == NULL)
- goto err;
- if (!lend_tobn(ret->r, csigbuf, 20)
- || !lend_tobn(ret->s, csigbuf + 20, 20)) {
+ DSA_SIG_get0(&r, &s, ret);
+ if (!lend_tobn(r, csigbuf, 20)
+ || !lend_tobn(s, csigbuf + 20, 20)) {
DSA_SIG_free(ret);
ret = NULL;
goto err;
if (key == NULL)
return NULL;
- if (sizeof(TCHAR) == sizeof(char))
+ /* If PROV_RSA_AES supported use it instead */
+ if (ptype == PROV_RSA_FULL && use_aes_csp) {
+ provname = NULL;
+ ptype = PROV_RSA_AES;
+ CAPI_trace(ctx, "capi_get_key, contname=%s, RSA_AES_CSP\n", contname);
+ } else if (sizeof(TCHAR) == sizeof(char)) {
CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
contname, provname, ptype);
- else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) {
+ } else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) {
/* above 'if' is optimization to minimize malloc-ations */
char *_contname = wide_to_asc((WCHAR *)contname);
char *_provname = wide_to_asc((WCHAR *)provname);
CryptReleaseContext(hprov, 0);
}
OPENSSL_free(ctx->cspname);
- ctx->cspname = BUF_strdup(pname);
+ ctx->cspname = OPENSSL_strdup(pname);
ctx->csptype = type;
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
# else
-void ENGINE_load_capi(void)
+void engine_load_capi_internal(void);
+void engine_load_capi_internal(void)
{
}
# endif