-/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */
/*
* Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
* (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/pem.h>
-#include <openssl/dso.h>
+#include "internal/dso.h"
#include <openssl/engine.h>
#include <openssl/ui.h>
#include <openssl/rand.h>
# define HWCRHK_LIB_NAME "CHIL engine"
# include "e_chil_err.c"
+static CRYPTO_RWLOCK *chil_lock;
+
static int hwcrhk_destroy(ENGINE *e);
static int hwcrhk_init(ENGINE *e);
static int hwcrhk_finish(ENGINE *e);
* into HWCryptoHook_Mutex
*/
struct HWCryptoHook_MutexValue {
- int lockid;
+ CRYPTO_RWLOCK *lock;
};
/*
# ifndef OPENSSL_NO_DH
const DH_METHOD *meth2;
# endif
+
+ chil_lock = CRYPTO_THREAD_lock_new();
+ if (chil_lock == NULL)
+ return 0;
+
if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
!ENGINE_set_name(e, engine_hwcrhk_name) ||
# ifndef OPENSSL_NO_RSA
# ifndef OPENSSL_NO_RSA
/*
- * We know that the "PKCS1_SSLeay()" functions hook properly to the
+ * We know that the "PKCS1_OpenSSL()" functions hook properly to the
* cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
* We don't use ENGINE_openssl() or anything "more generic" because
* something like the RSAref code may not hook properly, and if you own
* one of these cards then you have the right to do RSA operations on it
* anyway!
*/
- meth1 = RSA_PKCS1_SSLeay();
+ meth1 = RSA_PKCS1_OpenSSL();
hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
/* Ensure the hwcrhk error handling is set up */
ERR_load_HWCRHK_strings();
+
return 1;
}
static ENGINE *engine_chil(void)
{
ENGINE *ret = ENGINE_new();
- if (!ret)
+ if (ret == NULL)
return NULL;
if (!bind_helper(ret)) {
ENGINE_free(ret);
static const char *HWCRHK_LIBNAME = NULL;
static void free_HWCRHK_LIBNAME(void)
{
- if (HWCRHK_LIBNAME)
- OPENSSL_free((void *)HWCRHK_LIBNAME);
+ OPENSSL_free(HWCRHK_LIBNAME);
HWCRHK_LIBNAME = NULL;
}
static long set_HWCRHK_LIBNAME(const char *name)
{
free_HWCRHK_LIBNAME();
- return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+ return (((HWCRHK_LIBNAME = OPENSSL_strdup(name)) != NULL) ? 1 : 0);
}
static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
{
free_HWCRHK_LIBNAME();
ERR_unload_HWCRHK_strings();
+ CRYPTO_THREAD_lock_free(chil_lock);
return 1;
}
HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
goto err;
}
- if (!(p1 = (HWCryptoHook_Init_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
- !(p2 = (HWCryptoHook_Finish_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
- !(p3 = (HWCryptoHook_ModExp_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
+
+#define BINDIT(t, name) (t *)DSO_bind_func(hwcrhk_dso, name)
+ if ((p1 = BINDIT(HWCryptoHook_Init_t, n_hwcrhk_Init)) == NULL
+ || (p2 = BINDIT(HWCryptoHook_Finish_t, n_hwcrhk_Finish)) == NULL
+ || (p3 = BINDIT(HWCryptoHook_ModExp_t, n_hwcrhk_ModExp)) == NULL
# ifndef OPENSSL_NO_RSA
- !(p4 = (HWCryptoHook_RSA_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
- !(p5 = (HWCryptoHook_RSALoadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
- !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
- !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
+ || (p4 = BINDIT(HWCryptoHook_RSA_t, n_hwcrhk_RSA)) == NULL
+ || (p5 = BINDIT(HWCryptoHook_RSALoadKey_t, n_hwcrhk_RSALoadKey)) == NULL
+ || (p6 = BINDIT(HWCryptoHook_RSAGetPublicKey_t, n_hwcrhk_RSAGetPublicKey)) == NULL
+ || (p7 = BINDIT(HWCryptoHook_RSAUnloadKey_t, n_hwcrhk_RSAUnloadKey)) == NULL
# endif
- !(p8 = (HWCryptoHook_RandomBytes_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
- !(p9 = (HWCryptoHook_ModExpCRT_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) {
+ || (p8 = BINDIT(HWCryptoHook_RandomBytes_t, n_hwcrhk_RandomBytes)) == NULL
+ || (p9 = BINDIT(HWCryptoHook_ModExpCRT_t, n_hwcrhk_ModExpCRT)) == NULL) {
HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
goto err;
}
* does, use them.
*/
if (disable_mutex_callbacks == 0) {
- if (CRYPTO_get_dynlock_create_callback() != NULL &&
- CRYPTO_get_dynlock_lock_callback() != NULL &&
- CRYPTO_get_dynlock_destroy_callback() != NULL) {
- hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
- hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
- hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
- hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
- }
+ hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+ hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+ hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+ hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
}
/*
# endif
return 1;
err:
- if (hwcrhk_dso)
- DSO_free(hwcrhk_dso);
+ DSO_free(hwcrhk_dso);
hwcrhk_dso = NULL;
p_hwcrhk_Init = NULL;
p_hwcrhk_Finish = NULL;
{
BIO *bio = (BIO *)p;
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
BIO_free(logstream);
logstream = NULL;
- if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
+ if (BIO_up_ref(bio)
logstream = bio;
else
HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED);
}
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
password_context.password_callback = (pem_password_cb *)f;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case ENGINE_CTRL_SET_USER_INTERFACE:
case HWCRHK_CMD_SET_USER_INTERFACE:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
password_context.ui_method = (UI_METHOD *)p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case ENGINE_CTRL_SET_CALLBACK_DATA:
case HWCRHK_CMD_SET_CALLBACK_DATA:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
password_context.callback_data = p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
/*
* this enables or disables the "SimpleForkCheck" flag used in the
*/
case ENGINE_CTRL_CHIL_SET_FORKCHECK:
case HWCRHK_CMD_FORK_CHECK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
if (i)
hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck;
else
hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
/*
* This will prevent the initialisation function from "installing"
* applications not using multithreading.
*/
case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
disable_mutex_callbacks = 1;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
case HWCRHK_CMD_THREAD_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_write_lock(chil_lock);
disable_mutex_callbacks = ((i == 0) ? 0 : 1);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+ CRYPTO_THREAD_unlock(chil_lock);
break;
/* The command isn't understood by this engine */
goto err;
}
# ifndef OPENSSL_NO_RSA
- hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
- if (!hptr) {
+ hptr = OPENSSL_malloc(sizeof(*hptr));
+ if (hptr == NULL) {
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
goto err;
}
bn_fix_top(rtmp->n);
res = EVP_PKEY_new();
+ if (res == NULL) {
+ HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+ goto err;
+ }
EVP_PKEY_assign_RSA(res, rtmp);
# endif
- if (!res)
+ if (res == NULL)
HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
{
RSA *rsa = NULL;
- CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+ CRYPTO_THREAD_write_lock(chil_lock);
rsa = res->pkey.rsa;
res->pkey.rsa = RSA_new();
res->pkey.rsa->n = rsa->n;
res->pkey.rsa->e = rsa->e;
rsa->n = NULL;
rsa->e = NULL;
- CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+ CRYPTO_THREAD_unlock(chil_lock);
RSA_free(rsa);
}
break;
static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt,
HWCryptoHook_CallerContext * cactx)
{
- mt->lockid = CRYPTO_get_new_dynlockid();
- if (mt->lockid == 0)
+ mt->lock = CRYPTO_THREAD_lock_new();
+ if (mt->lock == NULL)
return 1; /* failure */
return 0; /* success */
}
static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt)
{
- CRYPTO_w_lock(mt->lockid);
+ CRYPTO_THREAD_write_lock(mt->lock);
return 0;
}
static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
{
- CRYPTO_w_unlock(mt->lockid);
+ CRYPTO_THREAD_unlock(mt->lock);
}
static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt)
{
- CRYPTO_destroy_dynlockid(mt->lockid);
+ CRYPTO_THREAD_lock_free(mt->lock);
}
static int hwcrhk_get_pass(const char *prompt_info,
ui = UI_new_method(ui_method);
if (ui) {
- char answer;
+ char answer = '\0';
char buf[BUFSIZ];
/*
* Despite what the documentation says wrong_info can be an empty
{
BIO *lstream = NULL;
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
if (logstr)
lstream = *(BIO **)logstr;
if (lstream) {
BIO_printf(lstream, "%s\n", message);
}
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
}
/*
projects / openssl.git / blobdiff