-/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */
/*
- * Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
- * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for
- * the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/pem.h>
-#include <openssl/dso.h>
+#include "internal/dso.h"
#include <openssl/engine.h>
#include <openssl/ui.h>
#include <openssl/rand.h>
# define HWCRHK_LIB_NAME "CHIL engine"
# include "e_chil_err.c"
+static CRYPTO_RWLOCK *chil_lock;
+
static int hwcrhk_destroy(ENGINE *e);
static int hwcrhk_init(ENGINE *e);
static int hwcrhk_finish(ENGINE *e);
* into HWCryptoHook_Mutex
*/
struct HWCryptoHook_MutexValue {
- int lockid;
+ CRYPTO_RWLOCK *lock;
};
/*
# ifndef OPENSSL_NO_DH
const DH_METHOD *meth2;
# endif
+
+ chil_lock = CRYPTO_THREAD_lock_new();
+ if (chil_lock == NULL) {
+ HWCRHKerr(HWCRHK_F_BIND_HELPER, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
!ENGINE_set_name(e, engine_hwcrhk_name) ||
# ifndef OPENSSL_NO_RSA
# ifndef OPENSSL_NO_RSA
/*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
+ * We know that the "PKCS1_OpenSSL()" functions hook properly to the
* cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
* We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
- meth1 = RSA_PKCS1_SSLeay();
+ meth1 = RSA_PKCS1_OpenSSL();
hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
/* Ensure the hwcrhk error handling is set up */
ERR_load_HWCRHK_strings();
+
return 1;
}
static ENGINE *engine_chil(void)
{
ENGINE *ret = ENGINE_new();
- if (!ret)
+ if (ret == NULL)
return NULL;
if (!bind_helper(ret)) {
ENGINE_free(ret);
static long set_HWCRHK_LIBNAME(const char *name)
{
free_HWCRHK_LIBNAME();
- return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ return (((HWCRHK_LIBNAME = OPENSSL_strdup(name)) != NULL) ? 1 : 0);
}
static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
{
free_HWCRHK_LIBNAME();
ERR_unload_HWCRHK_strings();
+ CRYPTO_THREAD_lock_free(chil_lock);
return 1;
}
* does, use them.
*/
if (disable_mutex_callbacks == 0) {
- if (CRYPTO_get_dynlock_create_callback() != NULL &&
- CRYPTO_get_dynlock_lock_callback() != NULL &&
- CRYPTO_get_dynlock_destroy_callback() != NULL) {
- hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
- hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
- hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
- hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
- }
+ hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+ hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+ hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+ hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
}
/*
{
BIO *bio = (BIO *)p;
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
BIO_free(logstream);
logstream = NULL;
- if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
+ if (BIO_up_ref(bio))
logstream = bio;
else
HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED);
}
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
password_context.password_callback = (pem_password_cb *)f;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case ENGINE_CTRL_SET_USER_INTERFACE:
case HWCRHK_CMD_SET_USER_INTERFACE:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
password_context.ui_method = (UI_METHOD *)p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case ENGINE_CTRL_SET_CALLBACK_DATA:
case HWCRHK_CMD_SET_CALLBACK_DATA:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
password_context.callback_data = p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
/*
* this enables or disables the "SimpleForkCheck" flag used in the
*/
case ENGINE_CTRL_CHIL_SET_FORKCHECK:
case HWCRHK_CMD_FORK_CHECK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
if (i)
hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck;
else
hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
/*
* This will prevent the initialisation function from "installing"
* applications not using multithreading.
*/
case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
disable_mutex_callbacks = 1;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case HWCRHK_CMD_THREAD_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
disable_mutex_callbacks = ((i == 0) ? 0 : 1);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
/* The command isn't understood by this engine */
}
# ifndef OPENSSL_NO_RSA
hptr = OPENSSL_malloc(sizeof(*hptr));
- if (!hptr) {
+ if (hptr == NULL) {
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
bn_fix_top(rtmp->n);
res = EVP_PKEY_new();
+ if (res == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ goto err;
+ }
EVP_PKEY_assign_RSA(res, rtmp);
# endif
- if (!res)
+ if (res == NULL)
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
{
RSA *rsa = NULL;
- CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+ CRYPTO_THREAD_write_lock(chil_lock);
rsa = res->pkey.rsa;
res->pkey.rsa = RSA_new();
res->pkey.rsa->n = rsa->n;
res->pkey.rsa->e = rsa->e;
rsa->n = NULL;
rsa->e = NULL;
- CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+ CRYPTO_THREAD_unlock(chil_lock);
RSA_free(rsa);
}
break;
static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt,
HWCryptoHook_CallerContext * cactx)
{
- mt->lockid = CRYPTO_get_new_dynlockid();
- if (mt->lockid == 0)
+ mt->lock = CRYPTO_THREAD_lock_new();
+ if (mt->lock == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_MUTEX_INIT, ERR_R_MALLOC_FAILURE);
return 1; /* failure */
+ }
return 0; /* success */
}
static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt)
{
- CRYPTO_w_lock(mt->lockid);
+ CRYPTO_THREAD_write_lock(mt->lock);
return 0;
}
static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
{
- CRYPTO_w_unlock(mt->lockid);
+ CRYPTO_THREAD_unlock(mt->lock);
}
static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt)
{
- CRYPTO_destroy_dynlockid(mt->lockid);
+ CRYPTO_THREAD_lock_free(mt->lock);
}
static int hwcrhk_get_pass(const char *prompt_info,
ui = UI_new_method(ui_method);
if (ui) {
- char answer;
+ char answer = '\0';
char buf[BUFSIZ];
/*
* Despite what the documentation says wrong_info can be an empty
{
BIO *lstream = NULL;
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
if (logstr)
lstream = *(BIO **)logstr;
if (lstream) {
BIO_printf(lstream, "%s\n", message);
}
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
}
/*
projects / openssl.git / blobdiff