X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=engines%2Fe_chil.c;h=97eacfc31ce378119833336d556e55344e28bc74;hp=68c9145407c81ef26c907d285cccdc82f31e5705;hb=f425f9dcffc4efa13fbdbba34c6883b038409f3f;hpb=c5ba2d990420e1778ca4a90bf882e0f806404af0 diff --git a/engines/e_chil.c b/engines/e_chil.c index 68c9145407..97eacfc31c 100644 --- a/engines/e_chil.c +++ b/engines/e_chil.c @@ -1,4 +1,3 @@ -/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */ /* * Written by Richard Levitte (richard@levitte.org), Geoff Thorpe * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for @@ -95,6 +94,8 @@ # define HWCRHK_LIB_NAME "CHIL engine" # include "e_chil_err.c" +static CRYPTO_RWLOCK *chil_lock; + static int hwcrhk_destroy(ENGINE *e); static int hwcrhk_init(ENGINE *e); static int hwcrhk_finish(ENGINE *e); @@ -245,7 +246,7 @@ static const char *engine_hwcrhk_id_alt = "ncipher"; * into HWCryptoHook_Mutex */ struct HWCryptoHook_MutexValue { - int lockid; + CRYPTO_RWLOCK *lock; }; /* @@ -356,6 +357,11 @@ static int bind_helper(ENGINE *e) # ifndef OPENSSL_NO_DH const DH_METHOD *meth2; # endif + + chil_lock = CRYPTO_THREAD_lock_new(); + if (chil_lock == NULL) + return 0; + if (!ENGINE_set_id(e, engine_hwcrhk_id) || !ENGINE_set_name(e, engine_hwcrhk_name) || # ifndef OPENSSL_NO_RSA @@ -376,14 +382,14 @@ static int bind_helper(ENGINE *e) # ifndef OPENSSL_NO_RSA /* - * We know that the "PKCS1_SSLeay()" functions hook properly to the + * We know that the "PKCS1_OpenSSL()" functions hook properly to the * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB: * We don't use ENGINE_openssl() or anything "more generic" because * something like the RSAref code may not hook properly, and if you own * one of these cards then you have the right to do RSA operations on it * anyway! */ - meth1 = RSA_PKCS1_SSLeay(); + meth1 = RSA_PKCS1_OpenSSL(); hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc; @@ -399,6 +405,7 @@ static int bind_helper(ENGINE *e) /* Ensure the hwcrhk error handling is set up */ ERR_load_HWCRHK_strings(); + return 1; } @@ -406,7 +413,7 @@ static int bind_helper(ENGINE *e) static ENGINE *engine_chil(void) { ENGINE *ret = ENGINE_new(); - if (!ret) + if (ret == NULL) return NULL; if (!bind_helper(ret)) { ENGINE_free(ret); @@ -462,8 +469,7 @@ static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL; static const char *HWCRHK_LIBNAME = NULL; static void free_HWCRHK_LIBNAME(void) { - if (HWCRHK_LIBNAME) - OPENSSL_free((void *)HWCRHK_LIBNAME); + OPENSSL_free(HWCRHK_LIBNAME); HWCRHK_LIBNAME = NULL; } @@ -477,7 +483,7 @@ static const char *get_HWCRHK_LIBNAME(void) static long set_HWCRHK_LIBNAME(const char *name) { free_HWCRHK_LIBNAME(); - return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0); + return (((HWCRHK_LIBNAME = OPENSSL_strdup(name)) != NULL) ? 1 : 0); } static const char *n_hwcrhk_Init = "HWCryptoHook_Init"; @@ -528,6 +534,7 @@ static int hwcrhk_destroy(ENGINE *e) { free_HWCRHK_LIBNAME(); ERR_unload_HWCRHK_strings(); + CRYPTO_THREAD_lock_free(chil_lock); return 1; } @@ -556,26 +563,19 @@ static int hwcrhk_init(ENGINE *e) HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE); goto err; } - if (!(p1 = (HWCryptoHook_Init_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) || - !(p2 = (HWCryptoHook_Finish_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) || - !(p3 = (HWCryptoHook_ModExp_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) || + +#define BINDIT(t, name) (t *)DSO_bind_func(hwcrhk_dso, name) + if ((p1 = BINDIT(HWCryptoHook_Init_t, n_hwcrhk_Init)) == NULL + || (p2 = BINDIT(HWCryptoHook_Finish_t, n_hwcrhk_Finish)) == NULL + || (p3 = BINDIT(HWCryptoHook_ModExp_t, n_hwcrhk_ModExp)) == NULL # ifndef OPENSSL_NO_RSA - !(p4 = (HWCryptoHook_RSA_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) || - !(p5 = (HWCryptoHook_RSALoadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) || - !(p6 = (HWCryptoHook_RSAGetPublicKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) || - !(p7 = (HWCryptoHook_RSAUnloadKey_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) || + || (p4 = BINDIT(HWCryptoHook_RSA_t, n_hwcrhk_RSA)) == NULL + || (p5 = BINDIT(HWCryptoHook_RSALoadKey_t, n_hwcrhk_RSALoadKey)) == NULL + || (p6 = BINDIT(HWCryptoHook_RSAGetPublicKey_t, n_hwcrhk_RSAGetPublicKey)) == NULL + || (p7 = BINDIT(HWCryptoHook_RSAUnloadKey_t, n_hwcrhk_RSAUnloadKey)) == NULL # endif - !(p8 = (HWCryptoHook_RandomBytes_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) || - !(p9 = (HWCryptoHook_ModExpCRT_t *) - DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) { + || (p8 = BINDIT(HWCryptoHook_RandomBytes_t, n_hwcrhk_RandomBytes)) == NULL + || (p9 = BINDIT(HWCryptoHook_ModExpCRT_t, n_hwcrhk_ModExpCRT)) == NULL) { HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE); goto err; } @@ -597,14 +597,10 @@ static int hwcrhk_init(ENGINE *e) * does, use them. */ if (disable_mutex_callbacks == 0) { - if (CRYPTO_get_dynlock_create_callback() != NULL && - CRYPTO_get_dynlock_lock_callback() != NULL && - CRYPTO_get_dynlock_destroy_callback() != NULL) { - hwcrhk_globals.mutex_init = hwcrhk_mutex_init; - hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; - hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; - hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; - } + hwcrhk_globals.mutex_init = hwcrhk_mutex_init; + hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock; + hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock; + hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy; } /* @@ -623,8 +619,7 @@ static int hwcrhk_init(ENGINE *e) # endif return 1; err: - if (hwcrhk_dso) - DSO_free(hwcrhk_dso); + DSO_free(hwcrhk_dso); hwcrhk_dso = NULL; p_hwcrhk_Init = NULL; p_hwcrhk_Finish = NULL; @@ -691,32 +686,32 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) { BIO *bio = (BIO *)p; - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); BIO_free(logstream); logstream = NULL; - if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1) + if (BIO_up_ref(bio) logstream = bio; else HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED); } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; case ENGINE_CTRL_SET_PASSWORD_CALLBACK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); password_context.password_callback = (pem_password_cb *)f; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; case ENGINE_CTRL_SET_USER_INTERFACE: case HWCRHK_CMD_SET_USER_INTERFACE: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); password_context.ui_method = (UI_METHOD *)p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; case ENGINE_CTRL_SET_CALLBACK_DATA: case HWCRHK_CMD_SET_CALLBACK_DATA: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); password_context.callback_data = p; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; /* * this enables or disables the "SimpleForkCheck" flag used in the @@ -724,12 +719,12 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) */ case ENGINE_CTRL_CHIL_SET_FORKCHECK: case HWCRHK_CMD_FORK_CHECK: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); if (i) hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck; else hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; /* * This will prevent the initialisation function from "installing" @@ -739,14 +734,14 @@ static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) * applications not using multithreading. */ case ENGINE_CTRL_CHIL_NO_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); disable_mutex_callbacks = 1; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; case HWCRHK_CMD_THREAD_LOCKING: - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_write_lock(chil_lock); disable_mutex_callbacks = ((i == 0) ? 0 : 1); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); + CRYPTO_THREAD_unlock(chil_lock); break; /* The command isn't understood by this engine */ @@ -788,8 +783,8 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, goto err; } # ifndef OPENSSL_NO_RSA - hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle)); - if (!hptr) { + hptr = OPENSSL_malloc(sizeof(*hptr)); + if (hptr == NULL) { HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE); goto err; } @@ -836,10 +831,14 @@ static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id, bn_fix_top(rtmp->n); res = EVP_PKEY_new(); + if (res == NULL) { + HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR); + goto err; + } EVP_PKEY_assign_RSA(res, rtmp); # endif - if (!res) + if (res == NULL) HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED); @@ -867,14 +866,14 @@ static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id, { RSA *rsa = NULL; - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_THREAD_write_lock(chil_lock); rsa = res->pkey.rsa; res->pkey.rsa = RSA_new(); res->pkey.rsa->n = rsa->n; res->pkey.rsa->e = rsa->e; rsa->n = NULL; rsa->e = NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); + CRYPTO_THREAD_unlock(chil_lock); RSA_free(rsa); } break; @@ -1142,26 +1141,26 @@ static int hwcrhk_rand_status(void) static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt, HWCryptoHook_CallerContext * cactx) { - mt->lockid = CRYPTO_get_new_dynlockid(); - if (mt->lockid == 0) + mt->lock = CRYPTO_THREAD_lock_new(); + if (mt->lock == NULL) return 1; /* failure */ return 0; /* success */ } static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt) { - CRYPTO_w_lock(mt->lockid); + CRYPTO_THREAD_write_lock(mt->lock); return 0; } static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt) { - CRYPTO_w_unlock(mt->lockid); + CRYPTO_THREAD_unlock(mt->lock); } static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt) { - CRYPTO_destroy_dynlockid(mt->lockid); + CRYPTO_THREAD_lock_free(mt->lock); } static int hwcrhk_get_pass(const char *prompt_info, @@ -1303,13 +1302,11 @@ static void hwcrhk_log_message(void *logstr, const char *message) { BIO *lstream = NULL; - CRYPTO_w_lock(CRYPTO_LOCK_BIO); if (logstr) lstream = *(BIO **)logstr; if (lstream) { BIO_printf(lstream, "%s\n", message); } - CRYPTO_w_unlock(CRYPTO_LOCK_BIO); } /*