]>
Commit | Line | Data |
---|---|---|
6514dee7 RL |
1 | /* |
2 | * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * Here is a set of wrappers for the ENGINE API, which are no-ops when the | |
12 | * ENGINE API is disabled / removed. | |
13 | * We need to suppress deprecation warnings to make this work. | |
14 | */ | |
15 | #define OPENSSL_SUPPRESS_DEPRECATED | |
16 | ||
192d4b9c RB |
17 | #include <string.h> /* strcmp */ |
18 | ||
6514dee7 | 19 | #include <openssl/types.h> /* Ensure we have the ENGINE type, regardless */ |
0f386f2e | 20 | #include <openssl/err.h> |
6514dee7 RL |
21 | #ifndef OPENSSL_NO_ENGINE |
22 | # include <openssl/engine.h> | |
23 | #endif | |
24 | #include "apps.h" | |
25 | ||
26 | #ifndef OPENSSL_NO_ENGINE | |
27 | /* Try to load an engine in a shareable library */ | |
28 | static ENGINE *try_load_engine(const char *engine) | |
29 | { | |
30 | ENGINE *e = NULL; | |
31 | ||
32 | if ((e = ENGINE_by_id("dynamic")) != NULL) { | |
33 | if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) | |
34 | || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) { | |
35 | ENGINE_free(e); | |
36 | e = NULL; | |
37 | } | |
38 | } | |
39 | return e; | |
40 | } | |
41 | #endif | |
42 | ||
43 | ENGINE *setup_engine_methods(const char *id, unsigned int methods, int debug) | |
44 | { | |
45 | ENGINE *e = NULL; | |
46 | ||
47 | #ifndef OPENSSL_NO_ENGINE | |
48 | if (id != NULL) { | |
49 | if (strcmp(id, "auto") == 0) { | |
50 | BIO_printf(bio_err, "Enabling auto ENGINE support\n"); | |
51 | ENGINE_register_all_complete(); | |
52 | return NULL; | |
53 | } | |
54 | if ((e = ENGINE_by_id(id)) == NULL | |
55 | && (e = try_load_engine(id)) == NULL) { | |
56 | BIO_printf(bio_err, "Invalid engine \"%s\"\n", id); | |
57 | ERR_print_errors(bio_err); | |
58 | return NULL; | |
59 | } | |
60 | if (debug) | |
61 | (void)ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, bio_err, 0); | |
62 | if (!ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, | |
63 | (void *)get_ui_method(), 0, 1) | |
64 | || !ENGINE_set_default(e, methods)) { | |
65 | BIO_printf(bio_err, "Cannot use engine \"%s\"\n", ENGINE_get_id(e)); | |
66 | ERR_print_errors(bio_err); | |
67 | ENGINE_free(e); | |
68 | return NULL; | |
69 | } | |
70 | ||
71 | BIO_printf(bio_err, "Engine \"%s\" set.\n", ENGINE_get_id(e)); | |
72 | } | |
73 | #endif | |
74 | return e; | |
75 | } | |
76 | ||
77 | void release_engine(ENGINE *e) | |
78 | { | |
79 | #ifndef OPENSSL_NO_ENGINE | |
80 | /* Free our "structural" reference. */ | |
81 | ENGINE_free(e); | |
82 | #endif | |
83 | } | |
84 | ||
85 | int init_engine(ENGINE *e) | |
86 | { | |
87 | int rv = 1; | |
88 | ||
89 | #ifndef OPENSSL_NO_ENGINE | |
90 | rv = ENGINE_init(e); | |
91 | #endif | |
92 | return rv; | |
93 | } | |
94 | ||
95 | int finish_engine(ENGINE *e) | |
96 | { | |
97 | int rv = 1; | |
98 | ||
99 | #ifndef OPENSSL_NO_ENGINE | |
100 | rv = ENGINE_finish(e); | |
101 | #endif | |
102 | return rv; | |
103 | } | |
104 | ||
f91d003a | 105 | char *make_engine_uri(ENGINE *e, const char *key_id, const char *desc) |
6514dee7 | 106 | { |
f91d003a | 107 | char *new_uri = NULL; |
6514dee7 RL |
108 | |
109 | #ifndef OPENSSL_NO_ENGINE | |
f91d003a RL |
110 | if (e == NULL) { |
111 | BIO_printf(bio_err, "No engine specified for loading %s\n", desc); | |
112 | } else if (key_id == NULL) { | |
113 | BIO_printf(bio_err, "No engine key id specified for loading %s\n", desc); | |
114 | } else { | |
115 | const char *engineid = ENGINE_get_id(e); | |
116 | size_t uri_sz = | |
117 | sizeof(ENGINE_SCHEME_COLON) - 1 | |
118 | + strlen(engineid) | |
119 | + 1 /* : */ | |
120 | + strlen(key_id) | |
121 | + 1 /* \0 */ | |
122 | ; | |
123 | ||
124 | new_uri = OPENSSL_malloc(uri_sz); | |
125 | if (new_uri != NULL) { | |
126 | OPENSSL_strlcpy(new_uri, ENGINE_SCHEME_COLON, uri_sz); | |
127 | OPENSSL_strlcat(new_uri, engineid, uri_sz); | |
128 | OPENSSL_strlcat(new_uri, ":", uri_sz); | |
129 | OPENSSL_strlcat(new_uri, key_id, uri_sz); | |
130 | } | |
6514dee7 RL |
131 | } |
132 | #else | |
133 | BIO_printf(bio_err, "Engines not supported for loading %s\n", desc); | |
134 | #endif | |
f91d003a | 135 | return new_uri; |
6514dee7 RL |
136 | } |
137 | ||
0f386f2e MC |
138 | int get_legacy_pkey_id(OSSL_LIB_CTX *libctx, const char *algname, ENGINE *e) |
139 | { | |
140 | const EVP_PKEY_ASN1_METHOD *ameth; | |
141 | ENGINE *tmpeng = NULL; | |
142 | int pkey_id = NID_undef; | |
143 | ||
144 | ERR_set_mark(); | |
145 | ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1); | |
146 | ||
147 | #if !defined(OPENSSL_NO_ENGINE) | |
148 | ENGINE_finish(tmpeng); | |
149 | ||
150 | if (ameth == NULL && e != NULL) | |
151 | ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1); | |
152 | else | |
153 | #endif | |
154 | /* We're only interested if it comes from an ENGINE */ | |
155 | if (tmpeng == NULL) | |
156 | ameth = NULL; | |
157 | ||
158 | ERR_pop_to_mark(); | |
159 | if (ameth == NULL) | |
160 | return NID_undef; | |
161 | ||
162 | EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); | |
163 | ||
164 | return pkey_id; | |
165 | } |