--- /dev/null
+/* openssl/engine.h */\r
+/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL\r
+ * project 2000.\r
+ */\r
+/* ====================================================================\r
+ * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.\r
+ *\r
+ * Redistribution and use in source and binary forms, with or without\r
+ * modification, are permitted provided that the following conditions\r
+ * are met:\r
+ *\r
+ * 1. Redistributions of source code must retain the above copyright\r
+ * notice, this list of conditions and the following disclaimer. \r
+ *\r
+ * 2. Redistributions in binary form must reproduce the above copyright\r
+ * notice, this list of conditions and the following disclaimer in\r
+ * the documentation and/or other materials provided with the\r
+ * distribution.\r
+ *\r
+ * 3. All advertising materials mentioning features or use of this\r
+ * software must display the following acknowledgment:\r
+ * "This product includes software developed by the OpenSSL Project\r
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"\r
+ *\r
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to\r
+ * endorse or promote products derived from this software without\r
+ * prior written permission. For written permission, please contact\r
+ * licensing@OpenSSL.org.\r
+ *\r
+ * 5. Products derived from this software may not be called "OpenSSL"\r
+ * nor may "OpenSSL" appear in their names without prior written\r
+ * permission of the OpenSSL Project.\r
+ *\r
+ * 6. Redistributions of any form whatsoever must retain the following\r
+ * acknowledgment:\r
+ * "This product includes software developed by the OpenSSL Project\r
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"\r
+ *\r
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\r
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\r
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\r
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR\r
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\r
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\r
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\r
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\r
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\r
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\r
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\r
+ * OF THE POSSIBILITY OF SUCH DAMAGE.\r
+ * ====================================================================\r
+ *\r
+ * This product includes cryptographic software written by Eric Young\r
+ * (eay@cryptsoft.com). This product includes software written by Tim\r
+ * Hudson (tjh@cryptsoft.com).\r
+ *\r
+ */\r
+/* ====================================================================\r
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.\r
+ * ECDH support in OpenSSL originally developed by \r
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.\r
+ */\r
+\r
+#ifndef HEADER_ENGINE_H\r
+#define HEADER_ENGINE_H\r
+\r
+#include <openssl/opensslconf.h>\r
+\r
+#ifdef OPENSSL_NO_ENGINE\r
+#error ENGINE is disabled.\r
+#endif\r
+\r
+#ifndef OPENSSL_NO_DEPRECATED\r
+#include <openssl/bn.h>\r
+#ifndef OPENSSL_NO_RSA\r
+#include <openssl/rsa.h>\r
+#endif\r
+#ifndef OPENSSL_NO_DSA\r
+#include <openssl/dsa.h>\r
+#endif\r
+#ifndef OPENSSL_NO_DH\r
+#include <openssl/dh.h>\r
+#endif\r
+#ifndef OPENSSL_NO_ECDH\r
+#include <openssl/ecdh.h>\r
+#endif\r
+#ifndef OPENSSL_NO_ECDSA\r
+#include <openssl/ecdsa.h>\r
+#endif\r
+#include <openssl/rand.h>\r
+#include <openssl/store.h>\r
+#include <openssl/ui.h>\r
+#include <openssl/err.h>\r
+#endif\r
+\r
+#include <openssl/ossl_typ.h>\r
+#include <openssl/symhacks.h>\r
+\r
+#ifdef __cplusplus\r
+extern "C" {\r
+#endif\r
+\r
+/* Fixups for missing algorithms */\r
+#ifdef OPENSSL_NO_RSA\r
+typedef void RSA_METHOD;\r
+#endif\r
+#ifdef OPENSSL_NO_DSA\r
+typedef void DSA_METHOD;\r
+#endif\r
+#ifdef OPENSSL_NO_DH\r
+typedef void DH_METHOD;\r
+#endif\r
+#ifdef OPENSSL_NO_ECDH\r
+typedef void ECDH_METHOD;\r
+#endif\r
+#ifdef OPENSSL_NO_ECDSA\r
+typedef void ECDSA_METHOD;\r
+#endif\r
+\r
+/* These flags are used to control combinations of algorithm (methods)\r
+ * by bitwise "OR"ing. */\r
+#define ENGINE_METHOD_RSA (unsigned int)0x0001\r
+#define ENGINE_METHOD_DSA (unsigned int)0x0002\r
+#define ENGINE_METHOD_DH (unsigned int)0x0004\r
+#define ENGINE_METHOD_RAND (unsigned int)0x0008\r
+#define ENGINE_METHOD_ECDH (unsigned int)0x0010\r
+#define ENGINE_METHOD_ECDSA (unsigned int)0x0020\r
+#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040\r
+#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080\r
+#define ENGINE_METHOD_STORE (unsigned int)0x0100\r
+/* Obvious all-or-nothing cases. */\r
+#define ENGINE_METHOD_ALL (unsigned int)0xFFFF\r
+#define ENGINE_METHOD_NONE (unsigned int)0x0000\r
+\r
+/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used\r
+ * internally to control registration of ENGINE implementations, and can be set\r
+ * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to\r
+ * initialise registered ENGINEs if they are not already initialised. */\r
+#define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001\r
+\r
+/* ENGINE flags that can be set by ENGINE_set_flags(). */\r
+/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ /* Not used */\r
+\r
+/* This flag is for ENGINEs that wish to handle the various 'CMD'-related\r
+ * control commands on their own. Without this flag, ENGINE_ctrl() handles these\r
+ * control commands on behalf of the ENGINE using their "cmd_defns" data. */\r
+#define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002\r
+\r
+/* This flag is for ENGINEs who return new duplicate structures when found via\r
+ * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl()\r
+ * commands are called in sequence as part of some stateful process like\r
+ * key-generation setup and execution), it can set this flag - then each attempt\r
+ * to obtain the ENGINE will result in it being copied into a new structure.\r
+ * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments\r
+ * the existing ENGINE's structural reference count. */\r
+#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004\r
+\r
+/* ENGINEs can support their own command types, and these flags are used in\r
+ * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each\r
+ * command expects. Currently only numeric and string input is supported. If a\r
+ * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options,\r
+ * then it is regarded as an "internal" control command - and not for use in\r
+ * config setting situations. As such, they're not available to the\r
+ * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to\r
+ * this list of 'command types' should be reflected carefully in\r
+ * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */\r
+\r
+/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */\r
+#define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001\r
+/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to\r
+ * ENGINE_ctrl) */\r
+#define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002\r
+/* Indicates that the control command takes *no* input. Ie. the control command\r
+ * is unparameterised. */\r
+#define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004\r
+/* Indicates that the control command is internal. This control command won't\r
+ * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()\r
+ * function. */\r
+#define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008\r
+\r
+/* NB: These 3 control commands are deprecated and should not be used. ENGINEs\r
+ * relying on these commands should compile conditional support for\r
+ * compatibility (eg. if these symbols are defined) but should also migrate the\r
+ * same functionality to their own ENGINE-specific control functions that can be\r
+ * "discovered" by calling applications. The fact these control commands\r
+ * wouldn't be "executable" (ie. usable by text-based config) doesn't change the\r
+ * fact that application code can find and use them without requiring per-ENGINE\r
+ * hacking. */\r
+\r
+/* These flags are used to tell the ctrl function what should be done.\r
+ * All command numbers are shared between all engines, even if some don't\r
+ * make sense to some engines. In such a case, they do nothing but return\r
+ * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */\r
+#define ENGINE_CTRL_SET_LOGSTREAM 1\r
+#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2\r
+#define ENGINE_CTRL_HUP 3 /* Close and reinitialise any\r
+ handles/connections etc. */\r
+#define ENGINE_CTRL_SET_USER_INTERFACE 4 /* Alternative to callback */\r
+#define ENGINE_CTRL_SET_CALLBACK_DATA 5 /* User-specific data, used\r
+ when calling the password\r
+ callback and the user\r
+ interface */\r
+#define ENGINE_CTRL_LOAD_CONFIGURATION 6 /* Load a configuration, given\r
+ a string that represents a\r
+ file name or so */\r
+#define ENGINE_CTRL_LOAD_SECTION 7 /* Load data from a given\r
+ section in the already loaded\r
+ configuration */\r
+\r
+/* These control commands allow an application to deal with an arbitrary engine\r
+ * in a dynamic way. Warn: Negative return values indicate errors FOR THESE\r
+ * COMMANDS because zero is used to indicate 'end-of-list'. Other commands,\r
+ * including ENGINE-specific command types, return zero for an error.\r
+ *\r
+ * An ENGINE can choose to implement these ctrl functions, and can internally\r
+ * manage things however it chooses - it does so by setting the\r
+ * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the\r
+ * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns\r
+ * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl()\r
+ * handler need only implement its own commands - the above "meta" commands will\r
+ * be taken care of. */\r
+\r
+/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then\r
+ * all the remaining control commands will return failure, so it is worth\r
+ * checking this first if the caller is trying to "discover" the engine's\r
+ * capabilities and doesn't want errors generated unnecessarily. */\r
+#define ENGINE_CTRL_HAS_CTRL_FUNCTION 10\r
+/* Returns a positive command number for the first command supported by the\r
+ * engine. Returns zero if no ctrl commands are supported. */\r
+#define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11\r
+/* The 'long' argument specifies a command implemented by the engine, and the\r
+ * return value is the next command supported, or zero if there are no more. */\r
+#define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12\r
+/* The 'void*' argument is a command name (cast from 'const char *'), and the\r
+ * return value is the command that corresponds to it. */\r
+#define ENGINE_CTRL_GET_CMD_FROM_NAME 13\r
+/* The next two allow a command to be converted into its corresponding string\r
+ * form. In each case, the 'long' argument supplies the command. In the NAME_LEN\r
+ * case, the return value is the length of the command name (not counting a\r
+ * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer\r
+ * large enough, and it will be populated with the name of the command (WITH a\r
+ * trailing EOL). */\r
+#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14\r
+#define ENGINE_CTRL_GET_NAME_FROM_CMD 15\r
+/* The next two are similar but give a "short description" of a command. */\r
+#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16\r
+#define ENGINE_CTRL_GET_DESC_FROM_CMD 17\r
+/* With this command, the return value is the OR'd combination of\r
+ * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given\r
+ * engine-specific ctrl command expects. */\r
+#define ENGINE_CTRL_GET_CMD_FLAGS 18\r
+\r
+/* ENGINE implementations should start the numbering of their own control\r
+ * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */\r
+#define ENGINE_CMD_BASE 200\r
+\r
+/* NB: These 2 nCipher "chil" control commands are deprecated, and their\r
+ * functionality is now available through ENGINE-specific control commands\r
+ * (exposed through the above-mentioned 'CMD'-handling). Code using these 2\r
+ * commands should be migrated to the more general command handling before these\r
+ * are removed. */\r
+\r
+/* Flags specific to the nCipher "chil" engine */\r
+#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100\r
+ /* Depending on the value of the (long)i argument, this sets or\r
+ * unsets the SimpleForkCheck flag in the CHIL API to enable or\r
+ * disable checking and workarounds for applications that fork().\r
+ */\r
+#define ENGINE_CTRL_CHIL_NO_LOCKING 101\r
+ /* This prevents the initialisation function from providing mutex\r
+ * callbacks to the nCipher library. */\r
+\r
+/* If an ENGINE supports its own specific control commands and wishes the\r
+ * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its\r
+ * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries\r
+ * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that\r
+ * supports the stated commands (ie. the "cmd_num" entries as described by the\r
+ * array). NB: The array must be ordered in increasing order of cmd_num.\r
+ * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set\r
+ * to zero and/or cmd_name set to NULL. */\r
+typedef struct ENGINE_CMD_DEFN_st\r
+ {\r
+ unsigned int cmd_num; /* The command number */\r
+ const char *cmd_name; /* The command name itself */\r
+ const char *cmd_desc; /* A short description of the command */\r
+ unsigned int cmd_flags; /* The input the command expects */\r
+ } ENGINE_CMD_DEFN;\r
+\r
+/* Generic function pointer */\r
+typedef int (*ENGINE_GEN_FUNC_PTR)(void);\r
+/* Generic function pointer taking no arguments */\r
+typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *);\r
+/* Specific control function pointer */\r
+typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void));\r
+/* Generic load_key function pointer */\r
+typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,\r
+ UI_METHOD *ui_method, void *callback_data);\r
+/* These callback types are for an ENGINE's handler for cipher and digest logic.\r
+ * These handlers have these prototypes;\r
+ * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);\r
+ * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);\r
+ * Looking at how to implement these handlers in the case of cipher support, if\r
+ * the framework wants the EVP_CIPHER for 'nid', it will call;\r
+ * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)\r
+ * If the framework wants a list of supported 'nid's, it will call;\r
+ * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)\r
+ */\r
+/* Returns to a pointer to the array of supported cipher 'nid's. If the second\r
+ * parameter is non-NULL it is set to the size of the returned array. */\r
+typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);\r
+typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);\r
+\r
+/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE\r
+ * structures where the pointers have a "structural reference". This means that\r
+ * their reference is to allowed access to the structure but it does not imply\r
+ * that the structure is functional. To simply increment or decrement the\r
+ * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not\r
+ * required when iterating using ENGINE_get_next as it will automatically\r
+ * decrement the structural reference count of the "current" ENGINE and\r
+ * increment the structural reference count of the ENGINE it returns (unless it\r
+ * is NULL). */\r
+\r
+/* Get the first/last "ENGINE" type available. */\r
+ENGINE *ENGINE_get_first(void);\r
+ENGINE *ENGINE_get_last(void);\r
+/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */\r
+ENGINE *ENGINE_get_next(ENGINE *e);\r
+ENGINE *ENGINE_get_prev(ENGINE *e);\r
+/* Add another "ENGINE" type into the array. */\r
+int ENGINE_add(ENGINE *e);\r
+/* Remove an existing "ENGINE" type from the array. */\r
+int ENGINE_remove(ENGINE *e);\r
+/* Retrieve an engine from the list by its unique "id" value. */\r
+ENGINE *ENGINE_by_id(const char *id);\r
+/* Add all the built-in engines. */\r
+void ENGINE_load_openssl(void);\r
+void ENGINE_load_dynamic(void);\r
+#ifndef OPENSSL_NO_STATIC_ENGINE\r
+void ENGINE_load_4758cca(void);\r
+void ENGINE_load_aep(void);\r
+void ENGINE_load_atalla(void);\r
+void ENGINE_load_chil(void);\r
+void ENGINE_load_cswift(void);\r
+#ifndef OPENSSL_NO_GMP\r
+void ENGINE_load_gmp(void);\r
+#endif\r
+void ENGINE_load_nuron(void);\r
+void ENGINE_load_sureware(void);\r
+void ENGINE_load_ubsec(void);\r
+#endif\r
+void ENGINE_load_cryptodev(void);\r
+void ENGINE_load_padlock(void);\r
+void ENGINE_load_builtin_engines(void);\r
+\r
+/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation\r
+ * "registry" handling. */\r
+unsigned int ENGINE_get_table_flags(void);\r
+void ENGINE_set_table_flags(unsigned int flags);\r
+\r
+/* Manage registration of ENGINEs per "table". For each type, there are 3\r
+ * functions;\r
+ * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)\r
+ * ENGINE_unregister_***(e) - unregister the implementation from 'e'\r
+ * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list\r
+ * Cleanup is automatically registered from each table when required, so\r
+ * ENGINE_cleanup() will reverse any "register" operations. */\r
+\r
+int ENGINE_register_RSA(ENGINE *e);\r
+void ENGINE_unregister_RSA(ENGINE *e);\r
+void ENGINE_register_all_RSA(void);\r
+\r
+int ENGINE_register_DSA(ENGINE *e);\r
+void ENGINE_unregister_DSA(ENGINE *e);\r
+void ENGINE_register_all_DSA(void);\r
+\r
+int ENGINE_register_ECDH(ENGINE *e);\r
+void ENGINE_unregister_ECDH(ENGINE *e);\r
+void ENGINE_register_all_ECDH(void);\r
+\r
+int ENGINE_register_ECDSA(ENGINE *e);\r
+void ENGINE_unregister_ECDSA(ENGINE *e);\r
+void ENGINE_register_all_ECDSA(void);\r
+\r
+int ENGINE_register_DH(ENGINE *e);\r
+void ENGINE_unregister_DH(ENGINE *e);\r
+void ENGINE_register_all_DH(void);\r
+\r
+int ENGINE_register_RAND(ENGINE *e);\r
+void ENGINE_unregister_RAND(ENGINE *e);\r
+void ENGINE_register_all_RAND(void);\r
+\r
+int ENGINE_register_STORE(ENGINE *e);\r
+void ENGINE_unregister_STORE(ENGINE *e);\r
+void ENGINE_register_all_STORE(void);\r
+\r
+int ENGINE_register_ciphers(ENGINE *e);\r
+void ENGINE_unregister_ciphers(ENGINE *e);\r
+void ENGINE_register_all_ciphers(void);\r
+\r
+int ENGINE_register_digests(ENGINE *e);\r
+void ENGINE_unregister_digests(ENGINE *e);\r
+void ENGINE_register_all_digests(void);\r
+\r
+/* These functions register all support from the above categories. Note, use of\r
+ * these functions can result in static linkage of code your application may not\r
+ * need. If you only need a subset of functionality, consider using more\r
+ * selective initialisation. */\r
+int ENGINE_register_complete(ENGINE *e);\r
+int ENGINE_register_all_complete(void);\r
+\r
+/* Send parametrised control commands to the engine. The possibilities to send\r
+ * down an integer, a pointer to data or a function pointer are provided. Any of\r
+ * the parameters may or may not be NULL, depending on the command number. In\r
+ * actuality, this function only requires a structural (rather than functional)\r
+ * reference to an engine, but many control commands may require the engine be\r
+ * functional. The caller should be aware of trying commands that require an\r
+ * operational ENGINE, and only use functional references in such situations. */\r
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));\r
+\r
+/* This function tests if an ENGINE-specific command is usable as a "setting".\r
+ * Eg. in an application's config file that gets processed through\r
+ * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to\r
+ * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */\r
+int ENGINE_cmd_is_executable(ENGINE *e, int cmd);\r
+\r
+/* This function works like ENGINE_ctrl() with the exception of taking a\r
+ * command name instead of a command number, and can handle optional commands.\r
+ * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to\r
+ * use the cmd_name and cmd_optional. */\r
+int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,\r
+ long i, void *p, void (*f)(void), int cmd_optional);\r
+\r
+/* This function passes a command-name and argument to an ENGINE. The cmd_name\r
+ * is converted to a command number and the control command is called using\r
+ * 'arg' as an argument (unless the ENGINE doesn't support such a command, in\r
+ * which case no control command is called). The command is checked for input\r
+ * flags, and if necessary the argument will be converted to a numeric value. If\r
+ * cmd_optional is non-zero, then if the ENGINE doesn't support the given\r
+ * cmd_name the return value will be success anyway. This function is intended\r
+ * for applications to use so that users (or config files) can supply\r
+ * engine-specific config data to the ENGINE at run-time to control behaviour of\r
+ * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl()\r
+ * functions that return data, deal with binary data, or that are otherwise\r
+ * supposed to be used directly through ENGINE_ctrl() in application code. Any\r
+ * "return" data from an ENGINE_ctrl() operation in this function will be lost -\r
+ * the return value is interpreted as failure if the return value is zero,\r
+ * success otherwise, and this function returns a boolean value as a result. In\r
+ * other words, vendors of 'ENGINE'-enabled devices should write ENGINE\r
+ * implementations with parameterisations that work in this scheme, so that\r
+ * compliant ENGINE-based applications can work consistently with the same\r
+ * configuration for the same ENGINE-enabled devices, across applications. */\r
+int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,\r
+ int cmd_optional);\r
+\r
+/* These functions are useful for manufacturing new ENGINE structures. They\r
+ * don't address reference counting at all - one uses them to populate an ENGINE\r
+ * structure with personalised implementations of things prior to using it\r
+ * directly or adding it to the builtin ENGINE list in OpenSSL. These are also\r
+ * here so that the ENGINE structure doesn't have to be exposed and break binary\r
+ * compatibility! */\r
+ENGINE *ENGINE_new(void);\r
+int ENGINE_free(ENGINE *e);\r
+int ENGINE_up_ref(ENGINE *e);\r
+int ENGINE_set_id(ENGINE *e, const char *id);\r
+int ENGINE_set_name(ENGINE *e, const char *name);\r
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);\r
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);\r
+int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);\r
+int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);\r
+int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);\r
+int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);\r
+int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);\r
+int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);\r
+int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);\r
+int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);\r
+int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);\r
+int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);\r
+int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);\r
+int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);\r
+int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);\r
+int ENGINE_set_flags(ENGINE *e, int flags);\r
+int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);\r
+/* These functions allow control over any per-structure ENGINE data. */\r
+int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,\r
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);\r
+int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);\r
+void *ENGINE_get_ex_data(const ENGINE *e, int idx);\r
+\r
+/* This function cleans up anything that needs it. Eg. the ENGINE_add() function\r
+ * automatically ensures the list cleanup function is registered to be called\r
+ * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure\r
+ * ENGINE_cleanup() will clean up after them. */\r
+void ENGINE_cleanup(void);\r
+\r
+/* These return values from within the ENGINE structure. These can be useful\r
+ * with functional references as well as structural references - it depends\r
+ * which you obtained. Using the result for functional purposes if you only\r
+ * obtained a structural reference may be problematic! */\r
+const char *ENGINE_get_id(const ENGINE *e);\r
+const char *ENGINE_get_name(const ENGINE *e);\r
+const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);\r
+const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);\r
+const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);\r
+const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);\r
+const DH_METHOD *ENGINE_get_DH(const ENGINE *e);\r
+const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);\r
+const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);\r
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);\r
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);\r
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);\r
+ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);\r
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);\r
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);\r
+ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);\r
+ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);\r
+const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);\r
+const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);\r
+const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);\r
+int ENGINE_get_flags(const ENGINE *e);\r
+\r
+/* FUNCTIONAL functions. These functions deal with ENGINE structures\r
+ * that have (or will) be initialised for use. Broadly speaking, the\r
+ * structural functions are useful for iterating the list of available\r
+ * engine types, creating new engine types, and other "list" operations.\r
+ * These functions actually deal with ENGINEs that are to be used. As\r
+ * such these functions can fail (if applicable) when particular\r
+ * engines are unavailable - eg. if a hardware accelerator is not\r
+ * attached or not functioning correctly. Each ENGINE has 2 reference\r
+ * counts; structural and functional. Every time a functional reference\r
+ * is obtained or released, a corresponding structural reference is\r
+ * automatically obtained or released too. */\r
+\r
+/* Initialise a engine type for use (or up its reference count if it's\r
+ * already in use). This will fail if the engine is not currently\r
+ * operational and cannot initialise. */\r
+int ENGINE_init(ENGINE *e);\r
+/* Free a functional reference to a engine type. This does not require\r
+ * a corresponding call to ENGINE_free as it also releases a structural\r
+ * reference. */\r
+int ENGINE_finish(ENGINE *e);\r
+\r
+/* The following functions handle keys that are stored in some secondary\r
+ * location, handled by the engine. The storage may be on a card or\r
+ * whatever. */\r
+EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,\r
+ UI_METHOD *ui_method, void *callback_data);\r
+EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,\r
+ UI_METHOD *ui_method, void *callback_data);\r
+\r
+/* This returns a pointer for the current ENGINE structure that\r
+ * is (by default) performing any RSA operations. The value returned\r
+ * is an incremented reference, so it should be free'd (ENGINE_finish)\r
+ * before it is discarded. */\r
+ENGINE *ENGINE_get_default_RSA(void);\r
+/* Same for the other "methods" */\r
+ENGINE *ENGINE_get_default_DSA(void);\r
+ENGINE *ENGINE_get_default_ECDH(void);\r
+ENGINE *ENGINE_get_default_ECDSA(void);\r
+ENGINE *ENGINE_get_default_DH(void);\r
+ENGINE *ENGINE_get_default_RAND(void);\r
+/* These functions can be used to get a functional reference to perform\r
+ * ciphering or digesting corresponding to "nid". */\r
+ENGINE *ENGINE_get_cipher_engine(int nid);\r
+ENGINE *ENGINE_get_digest_engine(int nid);\r
+\r
+/* This sets a new default ENGINE structure for performing RSA\r
+ * operations. If the result is non-zero (success) then the ENGINE\r
+ * structure will have had its reference count up'd so the caller\r
+ * should still free their own reference 'e'. */\r
+int ENGINE_set_default_RSA(ENGINE *e);\r
+int ENGINE_set_default_string(ENGINE *e, const char *def_list);\r
+/* Same for the other "methods" */\r
+int ENGINE_set_default_DSA(ENGINE *e);\r
+int ENGINE_set_default_ECDH(ENGINE *e);\r
+int ENGINE_set_default_ECDSA(ENGINE *e);\r
+int ENGINE_set_default_DH(ENGINE *e);\r
+int ENGINE_set_default_RAND(ENGINE *e);\r
+int ENGINE_set_default_ciphers(ENGINE *e);\r
+int ENGINE_set_default_digests(ENGINE *e);\r
+\r
+/* The combination "set" - the flags are bitwise "OR"d from the\r
+ * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"\r
+ * function, this function can result in unnecessary static linkage. If your\r
+ * application requires only specific functionality, consider using more\r
+ * selective functions. */\r
+int ENGINE_set_default(ENGINE *e, unsigned int flags);\r
+\r
+void ENGINE_add_conf_module(void);\r
+\r
+/* Deprecated functions ... */\r
+/* int ENGINE_clear_defaults(void); */\r
+\r
+/**************************/\r
+/* DYNAMIC ENGINE SUPPORT */\r
+/**************************/\r
+\r
+/* Binary/behaviour compatibility levels */\r
+#define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000\r
+/* Binary versions older than this are too old for us (whether we're a loader or\r
+ * a loadee) */\r
+#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000\r
+\r
+/* When compiling an ENGINE entirely as an external shared library, loadable by\r
+ * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure\r
+ * type provides the calling application's (or library's) error functionality\r
+ * and memory management function pointers to the loaded library. These should\r
+ * be used/set in the loaded library code so that the loading application's\r
+ * 'state' will be used/changed in all operations. The 'static_state' pointer\r
+ * allows the loaded library to know if it shares the same static data as the\r
+ * calling application (or library), and thus whether these callbacks need to be\r
+ * set or not. */\r
+typedef void *(*dyn_MEM_malloc_cb)(size_t);\r
+typedef void *(*dyn_MEM_realloc_cb)(void *, size_t);\r
+typedef void (*dyn_MEM_free_cb)(void *);\r
+typedef struct st_dynamic_MEM_fns {\r
+ dyn_MEM_malloc_cb malloc_cb;\r
+ dyn_MEM_realloc_cb realloc_cb;\r
+ dyn_MEM_free_cb free_cb;\r
+ } dynamic_MEM_fns;\r
+/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use\r
+ * these types so we (and any other dependant code) can simplify a bit?? */\r
+typedef void (*dyn_lock_locking_cb)(int,int,const char *,int);\r
+typedef int (*dyn_lock_add_lock_cb)(int*,int,int,const char *,int);\r
+typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(\r
+ const char *,int);\r
+typedef void (*dyn_dynlock_lock_cb)(int,struct CRYPTO_dynlock_value *,\r
+ const char *,int);\r
+typedef void (*dyn_dynlock_destroy_cb)(struct CRYPTO_dynlock_value *,\r
+ const char *,int);\r
+typedef struct st_dynamic_LOCK_fns {\r
+ dyn_lock_locking_cb lock_locking_cb;\r
+ dyn_lock_add_lock_cb lock_add_lock_cb;\r
+ dyn_dynlock_create_cb dynlock_create_cb;\r
+ dyn_dynlock_lock_cb dynlock_lock_cb;\r
+ dyn_dynlock_destroy_cb dynlock_destroy_cb;\r
+ } dynamic_LOCK_fns;\r
+/* The top-level structure */\r
+typedef struct st_dynamic_fns {\r
+ void *static_state;\r
+ const ERR_FNS *err_fns;\r
+ const CRYPTO_EX_DATA_IMPL *ex_data_fns;\r
+ dynamic_MEM_fns mem_fns;\r
+ dynamic_LOCK_fns lock_fns;\r
+ } dynamic_fns;\r
+\r
+/* The version checking function should be of this prototype. NB: The\r
+ * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code.\r
+ * If this function returns zero, it indicates a (potential) version\r
+ * incompatibility and the loaded library doesn't believe it can proceed.\r
+ * Otherwise, the returned value is the (latest) version supported by the\r
+ * loading library. The loader may still decide that the loaded code's version\r
+ * is unsatisfactory and could veto the load. The function is expected to\r
+ * be implemented with the symbol name "v_check", and a default implementation\r
+ * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */\r
+typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);\r
+#define IMPLEMENT_DYNAMIC_CHECK_FN() \\r
+ unsigned long v_check(unsigned long v) { \\r
+ if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \\r
+ return 0; }\r
+\r
+/* This function is passed the ENGINE structure to initialise with its own\r
+ * function and command settings. It should not adjust the structural or\r
+ * functional reference counts. If this function returns zero, (a) the load will\r
+ * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the\r
+ * structure, and (c) the shared library will be unloaded. So implementations\r
+ * should do their own internal cleanup in failure circumstances otherwise they\r
+ * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that\r
+ * the loader is looking for. If this is NULL, the shared library can choose to\r
+ * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared\r
+ * library must initialise only an ENGINE matching the passed 'id'. The function\r
+ * is expected to be implemented with the symbol name "bind_engine". A standard\r
+ * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where\r
+ * the parameter 'fn' is a callback function that populates the ENGINE structure\r
+ * and returns an int value (zero for failure). 'fn' should have prototype;\r
+ * [static] int fn(ENGINE *e, const char *id); */\r
+typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,\r
+ const dynamic_fns *fns);\r
+#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \\r
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \\r
+ if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \\r
+ if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \\r
+ fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \\r
+ return 0; \\r
+ CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \\r
+ CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \\r
+ CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \\r
+ CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \\r
+ CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \\r
+ if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \\r
+ return 0; \\r
+ if(!ERR_set_implementation(fns->err_fns)) return 0; \\r
+ skip_cbs: \\r
+ if(!fn(e,id)) return 0; \\r
+ return 1; }\r
+\r
+/* If the loading application (or library) and the loaded ENGINE library share\r
+ * the same static data (eg. they're both dynamically linked to the same\r
+ * libcrypto.so) we need a way to avoid trying to set system callbacks - this\r
+ * would fail, and for the same reason that it's unnecessary to try. If the\r
+ * loaded ENGINE has (or gets from through the loader) its own copy of the\r
+ * libcrypto static data, we will need to set the callbacks. The easiest way to\r
+ * detect this is to have a function that returns a pointer to some static data\r
+ * and let the loading application and loaded ENGINE compare their respective\r
+ * values. */\r
+void *ENGINE_get_static_state(void);\r
+\r
+#if defined(__OpenBSD__) || defined(__FreeBSD__)\r
+void ENGINE_setup_bsd_cryptodev(void);\r
+#endif\r
+\r
+/* BEGIN ERROR CODES */\r
+/* The following lines are auto generated by the script mkerr.pl. Any changes\r
+ * made after this point may be overwritten when the script is next run.\r
+ */\r
+void ERR_load_ENGINE_strings(void);\r
+\r
+/* Error codes for the ENGINE functions. */\r
+\r
+/* Function codes. */\r
+#define ENGINE_F_DYNAMIC_CTRL 180\r
+#define ENGINE_F_DYNAMIC_GET_DATA_CTX 181\r
+#define ENGINE_F_DYNAMIC_LOAD 182\r
+#define ENGINE_F_DYNAMIC_SET_DATA_CTX 183\r
+#define ENGINE_F_ENGINE_ADD 105\r
+#define ENGINE_F_ENGINE_BY_ID 106\r
+#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170\r
+#define ENGINE_F_ENGINE_CTRL 142\r
+#define ENGINE_F_ENGINE_CTRL_CMD 178\r
+#define ENGINE_F_ENGINE_CTRL_CMD_STRING 171\r
+#define ENGINE_F_ENGINE_FINISH 107\r
+#define ENGINE_F_ENGINE_FREE_UTIL 108\r
+#define ENGINE_F_ENGINE_GET_CIPHER 185\r
+#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177\r
+#define ENGINE_F_ENGINE_GET_DIGEST 186\r
+#define ENGINE_F_ENGINE_GET_NEXT 115\r
+#define ENGINE_F_ENGINE_GET_PREV 116\r
+#define ENGINE_F_ENGINE_INIT 119\r
+#define ENGINE_F_ENGINE_LIST_ADD 120\r
+#define ENGINE_F_ENGINE_LIST_REMOVE 121\r
+#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150\r
+#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151\r
+#define ENGINE_F_ENGINE_NEW 122\r
+#define ENGINE_F_ENGINE_REMOVE 123\r
+#define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189\r
+#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126\r
+#define ENGINE_F_ENGINE_SET_ID 129\r
+#define ENGINE_F_ENGINE_SET_NAME 130\r
+#define ENGINE_F_ENGINE_TABLE_REGISTER 184\r
+#define ENGINE_F_ENGINE_UNLOAD_KEY 152\r
+#define ENGINE_F_ENGINE_UNLOCKED_FINISH 191\r
+#define ENGINE_F_ENGINE_UP_REF 190\r
+#define ENGINE_F_INT_CTRL_HELPER 172\r
+#define ENGINE_F_INT_ENGINE_CONFIGURE 188\r
+#define ENGINE_F_INT_ENGINE_MODULE_INIT 187\r
+#define ENGINE_F_LOG_MESSAGE 141\r
+\r
+/* Reason codes. */\r
+#define ENGINE_R_ALREADY_LOADED 100\r
+#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133\r
+#define ENGINE_R_CMD_NOT_EXECUTABLE 134\r
+#define ENGINE_R_COMMAND_TAKES_INPUT 135\r
+#define ENGINE_R_COMMAND_TAKES_NO_INPUT 136\r
+#define ENGINE_R_CONFLICTING_ENGINE_ID 103\r
+#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119\r
+#define ENGINE_R_DH_NOT_IMPLEMENTED 139\r
+#define ENGINE_R_DSA_NOT_IMPLEMENTED 140\r
+#define ENGINE_R_DSO_FAILURE 104\r
+#define ENGINE_R_DSO_NOT_FOUND 132\r
+#define ENGINE_R_ENGINES_SECTION_ERROR 148\r
+#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105\r
+#define ENGINE_R_ENGINE_SECTION_ERROR 149\r
+#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128\r
+#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129\r
+#define ENGINE_R_FINISH_FAILED 106\r
+#define ENGINE_R_GET_HANDLE_FAILED 107\r
+#define ENGINE_R_ID_OR_NAME_MISSING 108\r
+#define ENGINE_R_INIT_FAILED 109\r
+#define ENGINE_R_INTERNAL_LIST_ERROR 110\r
+#define ENGINE_R_INVALID_ARGUMENT 143\r
+#define ENGINE_R_INVALID_CMD_NAME 137\r
+#define ENGINE_R_INVALID_CMD_NUMBER 138\r
+#define ENGINE_R_INVALID_INIT_VALUE 151\r
+#define ENGINE_R_INVALID_STRING 150\r
+#define ENGINE_R_NOT_INITIALISED 117\r
+#define ENGINE_R_NOT_LOADED 112\r
+#define ENGINE_R_NO_CONTROL_FUNCTION 120\r
+#define ENGINE_R_NO_INDEX 144\r
+#define ENGINE_R_NO_LOAD_FUNCTION 125\r
+#define ENGINE_R_NO_REFERENCE 130\r
+#define ENGINE_R_NO_SUCH_ENGINE 116\r
+#define ENGINE_R_NO_UNLOAD_FUNCTION 126\r
+#define ENGINE_R_PROVIDE_PARAMETERS 113\r
+#define ENGINE_R_RSA_NOT_IMPLEMENTED 141\r
+#define ENGINE_R_UNIMPLEMENTED_CIPHER 146\r
+#define ENGINE_R_UNIMPLEMENTED_DIGEST 147\r
+#define ENGINE_R_VERSION_INCOMPATIBILITY 145\r
+\r
+#ifdef __cplusplus\r
+}\r
+#endif\r
+#endif\r
projects / lab.git / blobdiff