/* pmeth_lib.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
/* ====================================================================
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
#include "asn1_locl.h"
#include "evp_locl.h"
typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
-STACK *app_pkey_methods = NULL;
-extern EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth, ec_pkey_meth;
+DECLARE_STACK_OF(EVP_PKEY_METHOD)
+STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
+
+extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
+extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
static const EVP_PKEY_METHOD *standard_methods[] =
{
+#ifndef OPENSSL_NO_RSA
&rsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DH
&dh_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
&dsa_pkey_meth,
- &ec_pkey_meth
+#endif
+#ifndef OPENSSL_NO_EC
+ &ec_pkey_meth,
+#endif
+ &hmac_pkey_meth,
+ &cmac_pkey_meth
};
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+ pmeth);
+
static int pmeth_cmp(const EVP_PKEY_METHOD * const *a,
- const EVP_PKEY_METHOD * const *b)
+ const EVP_PKEY_METHOD * const *b)
{
return ((*a)->pkey_id - (*b)->pkey_id);
}
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type, ENGINE *e)
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+ pmeth);
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
{
- EVP_PKEY_METHOD tmp, *t = &tmp, **ret;
+ EVP_PKEY_METHOD tmp;
+ const EVP_PKEY_METHOD *t = &tmp, **ret;
tmp.pkey_id = type;
if (app_pkey_methods)
{
int idx;
- idx = sk_find(app_pkey_methods, (char *)&tmp);
+ idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
if (idx >= 0)
- return (EVP_PKEY_METHOD *)
- sk_value(app_pkey_methods, idx);
+ return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
}
- ret = (EVP_PKEY_METHOD **) OBJ_bsearch((char *)&t,
- (char *)standard_methods,
- sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *),
- sizeof(EVP_PKEY_METHOD *),
- (int (*)(const void *, const void *))pmeth_cmp);
+ ret = OBJ_bsearch_pmeth(&t, standard_methods,
+ sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
if (!ret || !*ret)
return NULL;
return *ret;
return NULL;
id = pkey->ameth->pkey_id;
}
- pmeth = EVP_PKEY_meth_find(id, e);
+#ifndef OPENSSL_NO_ENGINE
+ if (pkey && pkey->engine)
+ e = pkey->engine;
+ /* Try to find an ENGINE which implements this method */
+ if (e)
+ {
+ if (!ENGINE_init(e))
+ {
+ EVPerr(EVP_F_INT_CTX_NEW,ERR_R_ENGINE_LIB);
+ return NULL;
+ }
+ }
+ else
+ e = ENGINE_get_pkey_meth_engine(id);
+
+ /* If an ENGINE handled this method look it up. Othewise
+ * use internal tables.
+ */
+
+ if (e)
+ pmeth = ENGINE_get_pkey_meth(e, id);
+ else
+#endif
+ pmeth = EVP_PKEY_meth_find(id);
+
if (pmeth == NULL)
+ {
+ EVPerr(EVP_F_INT_CTX_NEW,EVP_R_UNSUPPORTED_ALGORITHM);
return NULL;
+ }
+
ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+ if (!ret)
+ {
+#ifndef OPENSSL_NO_ENGINE
+ if (e)
+ ENGINE_finish(e);
+#endif
+ EVPerr(EVP_F_INT_CTX_NEW,ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ ret->engine = e;
ret->pmeth = pmeth;
ret->operation = EVP_PKEY_OP_UNDEFINED;
ret->pkey = pkey;
ret->peerkey = NULL;
+ ret->pkey_gencb = 0;
if (pkey)
CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
ret->data = NULL;
return pmeth;
}
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth)
+ {
+ if (ppkey_id)
+ *ppkey_id = meth->pkey_id;
+ if (pflags)
+ *pflags = meth->flags;
+ }
+
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
+ {
+
+ dst->init = src->init;
+ dst->copy = src->copy;
+ dst->cleanup = src->cleanup;
+
+ dst->paramgen_init = src->paramgen_init;
+ dst->paramgen = src->paramgen;
+
+ dst->keygen_init = src->keygen_init;
+ dst->keygen = src->keygen;
+
+ dst->sign_init = src->sign_init;
+ dst->sign = src->sign;
+
+ dst->verify_init = src->verify_init;
+ dst->verify = src->verify;
+
+ dst->verify_recover_init = src->verify_recover_init;
+ dst->verify_recover = src->verify_recover;
+
+ dst->signctx_init = src->signctx_init;
+ dst->signctx = src->signctx;
+
+ dst->verifyctx_init = src->verifyctx_init;
+ dst->verifyctx = src->verifyctx;
+
+ dst->encrypt_init = src->encrypt_init;
+ dst->encrypt = src->encrypt;
+
+ dst->decrypt_init = src->decrypt_init;
+ dst->decrypt = src->decrypt;
+
+ dst->derive_init = src->derive_init;
+ dst->derive = src->derive;
+
+ dst->ctrl = src->ctrl;
+ dst->ctrl_str = src->ctrl_str;
+ }
+
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
EVP_PKEY_CTX *rctx;
if (!pctx->pmeth || !pctx->pmeth->copy)
return NULL;
+#ifndef OPENSSL_NO_ENGINE
+ /* Make sure it's safe to copy a pkey context using an ENGINE */
+ if (pctx->engine && !ENGINE_init(pctx->engine))
+ {
+ EVPerr(EVP_F_EVP_PKEY_CTX_DUP,ERR_R_ENGINE_LIB);
+ return 0;
+ }
+#endif
rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
if (!rctx)
return NULL;
rctx->pmeth = pctx->pmeth;
+#ifndef OPENSSL_NO_ENGINE
+ rctx->engine = pctx->engine;
+#endif
if (pctx->pkey)
- {
CRYPTO_add(&pctx->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
- rctx->pkey = pctx->pkey;
- }
+
+ rctx->pkey = pctx->pkey;
if (pctx->peerkey)
- {
CRYPTO_add(&pctx->peerkey->references,1,CRYPTO_LOCK_EVP_PKEY);
- rctx->peerkey = pctx->peerkey;
- }
+
+ rctx->peerkey = pctx->peerkey;
rctx->data = NULL;
rctx->app_data = NULL;
rctx->operation = pctx->operation;
if (pctx->pmeth->copy(rctx, pctx) > 0)
- return pctx;
+ return rctx;
EVP_PKEY_CTX_free(rctx);
return NULL;
{
if (app_pkey_methods == NULL)
{
- app_pkey_methods = sk_new((sk_cmp_fn_type *)pmeth_cmp);
+ app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
if (!app_pkey_methods)
return 0;
}
- if (!sk_push(app_pkey_methods, (char *)pmeth))
+ if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
return 0;
- sk_sort(app_pkey_methods);
+ sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
return 1;
}
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
{
+ if (ctx == NULL)
+ return;
if (ctx->pmeth && ctx->pmeth->cleanup)
ctx->pmeth->cleanup(ctx);
if (ctx->pkey)
EVP_PKEY_free(ctx->pkey);
if (ctx->peerkey)
EVP_PKEY_free(ctx->peerkey);
+#ifndef OPENSSL_NO_ENGINE
+ if(ctx->engine)
+ /* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
+ * functional reference we held for this reason. */
+ ENGINE_finish(ctx->engine);
+#endif
OPENSSL_free(ctx);
}
return ctx->pkey;
}
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
+ {
+ return ctx->peerkey;
+ }
+
void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
{
ctx->app_data = data;
void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encrypt_init)(EVP_PKEY_CTX *ctx),
- int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen))
{
pmeth->encrypt_init = encrypt_init;
- pmeth->encrypt = encrypt;
+ pmeth->encrypt = encryptfn;
}
void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
projects / openssl.git / blobdiff