1109998Smarkm/* openssl/engine.h */ 2280304Sjkim/* 3280304Sjkim * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project 4280304Sjkim * 2000. 5109998Smarkm */ 6109998Smarkm/* ==================================================================== 7160814Ssimon * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 8109998Smarkm * 9109998Smarkm * Redistribution and use in source and binary forms, with or without 10109998Smarkm * modification, are permitted provided that the following conditions 11109998Smarkm * are met: 12109998Smarkm * 13109998Smarkm * 1. Redistributions of source code must retain the above copyright 14280304Sjkim * notice, this list of conditions and the following disclaimer. 15109998Smarkm * 16109998Smarkm * 2. Redistributions in binary form must reproduce the above copyright 17109998Smarkm * notice, this list of conditions and the following disclaimer in 18109998Smarkm * the documentation and/or other materials provided with the 19109998Smarkm * distribution. 20109998Smarkm * 21109998Smarkm * 3. All advertising materials mentioning features or use of this 22109998Smarkm * software must display the following acknowledgment: 23109998Smarkm * "This product includes software developed by the OpenSSL Project 24109998Smarkm * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25109998Smarkm * 26109998Smarkm * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27109998Smarkm * endorse or promote products derived from this software without 28109998Smarkm * prior written permission. For written permission, please contact 29109998Smarkm * licensing@OpenSSL.org. 30109998Smarkm * 31109998Smarkm * 5. Products derived from this software may not be called "OpenSSL" 32109998Smarkm * nor may "OpenSSL" appear in their names without prior written 33109998Smarkm * permission of the OpenSSL Project. 34109998Smarkm * 35109998Smarkm * 6. Redistributions of any form whatsoever must retain the following 36109998Smarkm * acknowledgment: 37109998Smarkm * "This product includes software developed by the OpenSSL Project 38109998Smarkm * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39109998Smarkm * 40109998Smarkm * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41109998Smarkm * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42109998Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43109998Smarkm * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44109998Smarkm * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45109998Smarkm * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46109998Smarkm * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47109998Smarkm * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48109998Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49109998Smarkm * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50109998Smarkm * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51109998Smarkm * OF THE POSSIBILITY OF SUCH DAMAGE. 52109998Smarkm * ==================================================================== 53109998Smarkm * 54109998Smarkm * This product includes cryptographic software written by Eric Young 55109998Smarkm * (eay@cryptsoft.com). This product includes software written by Tim 56109998Smarkm * Hudson (tjh@cryptsoft.com). 57109998Smarkm * 58109998Smarkm */ 59160814Ssimon/* ==================================================================== 60160814Ssimon * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 61280304Sjkim * ECDH support in OpenSSL originally developed by 62160814Ssimon * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 63160814Ssimon */ 64109998Smarkm 65109998Smarkm#ifndef HEADER_ENGINE_H 66280304Sjkim# define HEADER_ENGINE_H 67109998Smarkm 68280304Sjkim# include <openssl/opensslconf.h> 69111147Snectar 70280304Sjkim# ifdef OPENSSL_NO_ENGINE 71280304Sjkim# error ENGINE is disabled. 72280304Sjkim# endif 73111147Snectar 74280304Sjkim# ifndef OPENSSL_NO_DEPRECATED 75280304Sjkim# include <openssl/bn.h> 76280304Sjkim# ifndef OPENSSL_NO_RSA 77280304Sjkim# include <openssl/rsa.h> 78280304Sjkim# endif 79280304Sjkim# ifndef OPENSSL_NO_DSA 80280304Sjkim# include <openssl/dsa.h> 81280304Sjkim# endif 82280304Sjkim# ifndef OPENSSL_NO_DH 83280304Sjkim# include <openssl/dh.h> 84280304Sjkim# endif 85280304Sjkim# ifndef OPENSSL_NO_ECDH 86280304Sjkim# include <openssl/ecdh.h> 87280304Sjkim# endif 88280304Sjkim# ifndef OPENSSL_NO_ECDSA 89280304Sjkim# include <openssl/ecdsa.h> 90280304Sjkim# endif 91280304Sjkim# include <openssl/rand.h> 92280304Sjkim# include <openssl/ui.h> 93280304Sjkim# include <openssl/err.h> 94280304Sjkim# endif 95109998Smarkm 96280304Sjkim# include <openssl/ossl_typ.h> 97280304Sjkim# include <openssl/symhacks.h> 98160814Ssimon 99280304Sjkim# include <openssl/x509.h> 100238405Sjkim 101109998Smarkm#ifdef __cplusplus 102109998Smarkmextern "C" { 103109998Smarkm#endif 104109998Smarkm 105280304Sjkim/* 106280304Sjkim * These flags are used to control combinations of algorithm (methods) by 107280304Sjkim * bitwise "OR"ing. 108280304Sjkim */ 109280304Sjkim# define ENGINE_METHOD_RSA (unsigned int)0x0001 110280304Sjkim# define ENGINE_METHOD_DSA (unsigned int)0x0002 111280304Sjkim# define ENGINE_METHOD_DH (unsigned int)0x0004 112280304Sjkim# define ENGINE_METHOD_RAND (unsigned int)0x0008 113280304Sjkim# define ENGINE_METHOD_ECDH (unsigned int)0x0010 114280304Sjkim# define ENGINE_METHOD_ECDSA (unsigned int)0x0020 115280304Sjkim# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 116280304Sjkim# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 117280304Sjkim# define ENGINE_METHOD_STORE (unsigned int)0x0100 118280304Sjkim# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 119280304Sjkim# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 120109998Smarkm/* Obvious all-or-nothing cases. */ 121280304Sjkim# define ENGINE_METHOD_ALL (unsigned int)0xFFFF 122280304Sjkim# define ENGINE_METHOD_NONE (unsigned int)0x0000 123109998Smarkm 124280304Sjkim/* 125280304Sjkim * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used 126280304Sjkim * internally to control registration of ENGINE implementations, and can be 127280304Sjkim * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to 128280304Sjkim * initialise registered ENGINEs if they are not already initialised. 129280304Sjkim */ 130280304Sjkim# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001 131109998Smarkm 132109998Smarkm/* ENGINE flags that can be set by ENGINE_set_flags(). */ 133280304Sjkim/* Not used */ 134280304Sjkim/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ 135109998Smarkm 136280304Sjkim/* 137280304Sjkim * This flag is for ENGINEs that wish to handle the various 'CMD'-related 138280304Sjkim * control commands on their own. Without this flag, ENGINE_ctrl() handles 139280304Sjkim * these control commands on behalf of the ENGINE using their "cmd_defns" 140280304Sjkim * data. 141280304Sjkim */ 142280304Sjkim# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002 143109998Smarkm 144280304Sjkim/* 145280304Sjkim * This flag is for ENGINEs who return new duplicate structures when found 146280304Sjkim * via "ENGINE_by_id()". When an ENGINE must store state (eg. if 147280304Sjkim * ENGINE_ctrl() commands are called in sequence as part of some stateful 148280304Sjkim * process like key-generation setup and execution), it can set this flag - 149280304Sjkim * then each attempt to obtain the ENGINE will result in it being copied into 150280304Sjkim * a new structure. Normally, ENGINEs don't declare this flag so 151280304Sjkim * ENGINE_by_id() just increments the existing ENGINE's structural reference 152280304Sjkim * count. 153280304Sjkim */ 154280304Sjkim# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004 155109998Smarkm 156280304Sjkim/* 157280304Sjkim * This flag if for an ENGINE that does not want its methods registered as 158280304Sjkim * part of ENGINE_register_all_complete() for example if the methods are not 159280304Sjkim * usable as default methods. 160238405Sjkim */ 161238405Sjkim 162280304Sjkim# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008 163238405Sjkim 164280304Sjkim/* 165280304Sjkim * ENGINEs can support their own command types, and these flags are used in 166280304Sjkim * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input 167280304Sjkim * each command expects. Currently only numeric and string input is 168280304Sjkim * supported. If a control command supports none of the _NUMERIC, _STRING, or 169280304Sjkim * _NO_INPUT options, then it is regarded as an "internal" control command - 170280304Sjkim * and not for use in config setting situations. As such, they're not 171280304Sjkim * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() 172280304Sjkim * access. Changes to this list of 'command types' should be reflected 173280304Sjkim * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). 174280304Sjkim */ 175109998Smarkm 176109998Smarkm/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */ 177280304Sjkim# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001 178280304Sjkim/* 179280304Sjkim * accepts string input (cast from 'void*' to 'const char *', 4th parameter 180280304Sjkim * to ENGINE_ctrl) 181280304Sjkim */ 182280304Sjkim# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002 183280304Sjkim/* 184280304Sjkim * Indicates that the control command takes *no* input. Ie. the control 185280304Sjkim * command is unparameterised. 186280304Sjkim */ 187280304Sjkim# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004 188280304Sjkim/* 189280304Sjkim * Indicates that the control command is internal. This control command won't 190109998Smarkm * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() 191280304Sjkim * function. 192280304Sjkim */ 193280304Sjkim# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008 194109998Smarkm 195280304Sjkim/* 196280304Sjkim * NB: These 3 control commands are deprecated and should not be used. 197280304Sjkim * ENGINEs relying on these commands should compile conditional support for 198280304Sjkim * compatibility (eg. if these symbols are defined) but should also migrate 199280304Sjkim * the same functionality to their own ENGINE-specific control functions that 200280304Sjkim * can be "discovered" by calling applications. The fact these control 201280304Sjkim * commands wouldn't be "executable" (ie. usable by text-based config) 202280304Sjkim * doesn't change the fact that application code can find and use them 203280304Sjkim * without requiring per-ENGINE hacking. 204280304Sjkim */ 205109998Smarkm 206280304Sjkim/* 207280304Sjkim * These flags are used to tell the ctrl function what should be done. All 208280304Sjkim * command numbers are shared between all engines, even if some don't make 209280304Sjkim * sense to some engines. In such a case, they do nothing but return the 210280304Sjkim * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. 211280304Sjkim */ 212280304Sjkim# define ENGINE_CTRL_SET_LOGSTREAM 1 213280304Sjkim# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 214280304Sjkim# define ENGINE_CTRL_HUP 3/* Close and reinitialise 215280304Sjkim * any handles/connections 216280304Sjkim * etc. */ 217280304Sjkim# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */ 218280304Sjkim# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used 219280304Sjkim * when calling the password 220280304Sjkim * callback and the user 221280304Sjkim * interface */ 222280304Sjkim# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration, 223280304Sjkim * given a string that 224280304Sjkim * represents a file name 225280304Sjkim * or so */ 226280304Sjkim# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given 227280304Sjkim * section in the already 228280304Sjkim * loaded configuration */ 229109998Smarkm 230280304Sjkim/* 231280304Sjkim * These control commands allow an application to deal with an arbitrary 232280304Sjkim * engine in a dynamic way. Warn: Negative return values indicate errors FOR 233280304Sjkim * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other 234280304Sjkim * commands, including ENGINE-specific command types, return zero for an 235280304Sjkim * error. An ENGINE can choose to implement these ctrl functions, and can 236280304Sjkim * internally manage things however it chooses - it does so by setting the 237280304Sjkim * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise 238280304Sjkim * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the 239280304Sjkim * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's 240280304Sjkim * ctrl() handler need only implement its own commands - the above "meta" 241280304Sjkim * commands will be taken care of. 242280304Sjkim */ 243109998Smarkm 244280304Sjkim/* 245280304Sjkim * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", 246280304Sjkim * then all the remaining control commands will return failure, so it is 247280304Sjkim * worth checking this first if the caller is trying to "discover" the 248280304Sjkim * engine's capabilities and doesn't want errors generated unnecessarily. 249280304Sjkim */ 250280304Sjkim# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10 251280304Sjkim/* 252280304Sjkim * Returns a positive command number for the first command supported by the 253280304Sjkim * engine. Returns zero if no ctrl commands are supported. 254280304Sjkim */ 255280304Sjkim# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11 256280304Sjkim/* 257280304Sjkim * The 'long' argument specifies a command implemented by the engine, and the 258280304Sjkim * return value is the next command supported, or zero if there are no more. 259280304Sjkim */ 260280304Sjkim# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12 261280304Sjkim/* 262280304Sjkim * The 'void*' argument is a command name (cast from 'const char *'), and the 263280304Sjkim * return value is the command that corresponds to it. 264280304Sjkim */ 265280304Sjkim# define ENGINE_CTRL_GET_CMD_FROM_NAME 13 266280304Sjkim/* 267280304Sjkim * The next two allow a command to be converted into its corresponding string 268280304Sjkim * form. In each case, the 'long' argument supplies the command. In the 269280304Sjkim * NAME_LEN case, the return value is the length of the command name (not 270280304Sjkim * counting a trailing EOL). In the NAME case, the 'void*' argument must be a 271280304Sjkim * string buffer large enough, and it will be populated with the name of the 272280304Sjkim * command (WITH a trailing EOL). 273280304Sjkim */ 274280304Sjkim# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14 275280304Sjkim# define ENGINE_CTRL_GET_NAME_FROM_CMD 15 276109998Smarkm/* The next two are similar but give a "short description" of a command. */ 277280304Sjkim# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16 278280304Sjkim# define ENGINE_CTRL_GET_DESC_FROM_CMD 17 279280304Sjkim/* 280280304Sjkim * With this command, the return value is the OR'd combination of 281109998Smarkm * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given 282280304Sjkim * engine-specific ctrl command expects. 283280304Sjkim */ 284280304Sjkim# define ENGINE_CTRL_GET_CMD_FLAGS 18 285109998Smarkm 286280304Sjkim/* 287280304Sjkim * ENGINE implementations should start the numbering of their own control 288280304Sjkim * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). 289280304Sjkim */ 290280304Sjkim# define ENGINE_CMD_BASE 200 291109998Smarkm 292280304Sjkim/* 293280304Sjkim * NB: These 2 nCipher "chil" control commands are deprecated, and their 294109998Smarkm * functionality is now available through ENGINE-specific control commands 295109998Smarkm * (exposed through the above-mentioned 'CMD'-handling). Code using these 2 296280304Sjkim * commands should be migrated to the more general command handling before 297280304Sjkim * these are removed. 298280304Sjkim */ 299109998Smarkm 300109998Smarkm/* Flags specific to the nCipher "chil" engine */ 301280304Sjkim# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 302280304Sjkim /* 303280304Sjkim * Depending on the value of the (long)i argument, this sets or 304280304Sjkim * unsets the SimpleForkCheck flag in the CHIL API to enable or 305280304Sjkim * disable checking and workarounds for applications that fork(). 306280304Sjkim */ 307280304Sjkim# define ENGINE_CTRL_CHIL_NO_LOCKING 101 308280304Sjkim /* 309280304Sjkim * This prevents the initialisation function from providing mutex 310280304Sjkim * callbacks to the nCipher library. 311280304Sjkim */ 312109998Smarkm 313280304Sjkim/* 314280304Sjkim * If an ENGINE supports its own specific control commands and wishes the 315280304Sjkim * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on 316280304Sjkim * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN 317280304Sjkim * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl() 318280304Sjkim * handler that supports the stated commands (ie. the "cmd_num" entries as 319280304Sjkim * described by the array). NB: The array must be ordered in increasing order 320280304Sjkim * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element 321280304Sjkim * has cmd_num set to zero and/or cmd_name set to NULL. 322280304Sjkim */ 323280304Sjkimtypedef struct ENGINE_CMD_DEFN_st { 324280304Sjkim unsigned int cmd_num; /* The command number */ 325280304Sjkim const char *cmd_name; /* The command name itself */ 326280304Sjkim const char *cmd_desc; /* A short description of the command */ 327280304Sjkim unsigned int cmd_flags; /* The input the command expects */ 328280304Sjkim} ENGINE_CMD_DEFN; 329109998Smarkm 330109998Smarkm/* Generic function pointer */ 331280304Sjkimtypedef int (*ENGINE_GEN_FUNC_PTR) (void); 332109998Smarkm/* Generic function pointer taking no arguments */ 333280304Sjkimtypedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *); 334109998Smarkm/* Specific control function pointer */ 335280304Sjkimtypedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *, 336280304Sjkim void (*f) (void)); 337109998Smarkm/* Generic load_key function pointer */ 338280304Sjkimtypedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, 339280304Sjkim UI_METHOD *ui_method, 340280304Sjkim void *callback_data); 341280304Sjkimtypedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl, 342280304Sjkim STACK_OF(X509_NAME) *ca_dn, 343280304Sjkim X509 **pcert, EVP_PKEY **pkey, 344280304Sjkim STACK_OF(X509) **pother, 345280304Sjkim UI_METHOD *ui_method, 346280304Sjkim void *callback_data); 347280304Sjkim/*- 348280304Sjkim * These callback types are for an ENGINE's handler for cipher and digest logic. 349109998Smarkm * These handlers have these prototypes; 350109998Smarkm * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); 351109998Smarkm * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); 352109998Smarkm * Looking at how to implement these handlers in the case of cipher support, if 353109998Smarkm * the framework wants the EVP_CIPHER for 'nid', it will call; 354109998Smarkm * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) 355109998Smarkm * If the framework wants a list of supported 'nid's, it will call; 356109998Smarkm * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) 357109998Smarkm */ 358280304Sjkim/* 359280304Sjkim * Returns to a pointer to the array of supported cipher 'nid's. If the 360280304Sjkim * second parameter is non-NULL it is set to the size of the returned array. 361280304Sjkim */ 362280304Sjkimtypedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **, 363280304Sjkim const int **, int); 364280304Sjkimtypedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **, 365280304Sjkim int); 366280304Sjkimtypedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **, 367280304Sjkim const int **, int); 368280304Sjkimtypedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **, 369280304Sjkim const int **, int); 370280304Sjkim/* 371280304Sjkim * STRUCTURE functions ... all of these functions deal with pointers to 372280304Sjkim * ENGINE structures where the pointers have a "structural reference". This 373280304Sjkim * means that their reference is to allowed access to the structure but it 374280304Sjkim * does not imply that the structure is functional. To simply increment or 375280304Sjkim * decrement the structural reference count, use ENGINE_by_id and 376280304Sjkim * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next 377280304Sjkim * as it will automatically decrement the structural reference count of the 378280304Sjkim * "current" ENGINE and increment the structural reference count of the 379280304Sjkim * ENGINE it returns (unless it is NULL). 380280304Sjkim */ 381109998Smarkm 382109998Smarkm/* Get the first/last "ENGINE" type available. */ 383109998SmarkmENGINE *ENGINE_get_first(void); 384109998SmarkmENGINE *ENGINE_get_last(void); 385109998Smarkm/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ 386109998SmarkmENGINE *ENGINE_get_next(ENGINE *e); 387109998SmarkmENGINE *ENGINE_get_prev(ENGINE *e); 388109998Smarkm/* Add another "ENGINE" type into the array. */ 389109998Smarkmint ENGINE_add(ENGINE *e); 390109998Smarkm/* Remove an existing "ENGINE" type from the array. */ 391109998Smarkmint ENGINE_remove(ENGINE *e); 392109998Smarkm/* Retrieve an engine from the list by its unique "id" value. */ 393109998SmarkmENGINE *ENGINE_by_id(const char *id); 394109998Smarkm/* Add all the built-in engines. */ 395109998Smarkmvoid ENGINE_load_openssl(void); 396109998Smarkmvoid ENGINE_load_dynamic(void); 397280304Sjkim# ifndef OPENSSL_NO_STATIC_ENGINE 398160814Ssimonvoid ENGINE_load_4758cca(void); 399160814Ssimonvoid ENGINE_load_aep(void); 400160814Ssimonvoid ENGINE_load_atalla(void); 401160814Ssimonvoid ENGINE_load_chil(void); 402109998Smarkmvoid ENGINE_load_cswift(void); 403109998Smarkmvoid ENGINE_load_nuron(void); 404160814Ssimonvoid ENGINE_load_sureware(void); 405109998Smarkmvoid ENGINE_load_ubsec(void); 406160814Ssimonvoid ENGINE_load_padlock(void); 407194206Ssimonvoid ENGINE_load_capi(void); 408280304Sjkim# ifndef OPENSSL_NO_GMP 409238405Sjkimvoid ENGINE_load_gmp(void); 410280304Sjkim# endif 411280304Sjkim# ifndef OPENSSL_NO_GOST 412238405Sjkimvoid ENGINE_load_gost(void); 413280304Sjkim# endif 414280304Sjkim# endif 415238405Sjkimvoid ENGINE_load_cryptodev(void); 416238405Sjkimvoid ENGINE_load_rsax(void); 417238405Sjkimvoid ENGINE_load_rdrand(void); 418238405Sjkimvoid ENGINE_load_builtin_engines(void); 419109998Smarkm 420280304Sjkim/* 421280304Sjkim * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation 422280304Sjkim * "registry" handling. 423280304Sjkim */ 424109998Smarkmunsigned int ENGINE_get_table_flags(void); 425109998Smarkmvoid ENGINE_set_table_flags(unsigned int flags); 426109998Smarkm 427280304Sjkim/*- Manage registration of ENGINEs per "table". For each type, there are 3 428109998Smarkm * functions; 429109998Smarkm * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) 430109998Smarkm * ENGINE_unregister_***(e) - unregister the implementation from 'e' 431109998Smarkm * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list 432109998Smarkm * Cleanup is automatically registered from each table when required, so 433280304Sjkim * ENGINE_cleanup() will reverse any "register" operations. 434280304Sjkim */ 435109998Smarkm 436109998Smarkmint ENGINE_register_RSA(ENGINE *e); 437109998Smarkmvoid ENGINE_unregister_RSA(ENGINE *e); 438109998Smarkmvoid ENGINE_register_all_RSA(void); 439109998Smarkm 440109998Smarkmint ENGINE_register_DSA(ENGINE *e); 441109998Smarkmvoid ENGINE_unregister_DSA(ENGINE *e); 442109998Smarkmvoid ENGINE_register_all_DSA(void); 443109998Smarkm 444160814Ssimonint ENGINE_register_ECDH(ENGINE *e); 445160814Ssimonvoid ENGINE_unregister_ECDH(ENGINE *e); 446160814Ssimonvoid ENGINE_register_all_ECDH(void); 447160814Ssimon 448160814Ssimonint ENGINE_register_ECDSA(ENGINE *e); 449160814Ssimonvoid ENGINE_unregister_ECDSA(ENGINE *e); 450160814Ssimonvoid ENGINE_register_all_ECDSA(void); 451160814Ssimon 452109998Smarkmint ENGINE_register_DH(ENGINE *e); 453109998Smarkmvoid ENGINE_unregister_DH(ENGINE *e); 454109998Smarkmvoid ENGINE_register_all_DH(void); 455109998Smarkm 456109998Smarkmint ENGINE_register_RAND(ENGINE *e); 457109998Smarkmvoid ENGINE_unregister_RAND(ENGINE *e); 458109998Smarkmvoid ENGINE_register_all_RAND(void); 459109998Smarkm 460160814Ssimonint ENGINE_register_STORE(ENGINE *e); 461160814Ssimonvoid ENGINE_unregister_STORE(ENGINE *e); 462160814Ssimonvoid ENGINE_register_all_STORE(void); 463160814Ssimon 464109998Smarkmint ENGINE_register_ciphers(ENGINE *e); 465109998Smarkmvoid ENGINE_unregister_ciphers(ENGINE *e); 466109998Smarkmvoid ENGINE_register_all_ciphers(void); 467109998Smarkm 468109998Smarkmint ENGINE_register_digests(ENGINE *e); 469109998Smarkmvoid ENGINE_unregister_digests(ENGINE *e); 470109998Smarkmvoid ENGINE_register_all_digests(void); 471109998Smarkm 472238405Sjkimint ENGINE_register_pkey_meths(ENGINE *e); 473238405Sjkimvoid ENGINE_unregister_pkey_meths(ENGINE *e); 474238405Sjkimvoid ENGINE_register_all_pkey_meths(void); 475238405Sjkim 476238405Sjkimint ENGINE_register_pkey_asn1_meths(ENGINE *e); 477238405Sjkimvoid ENGINE_unregister_pkey_asn1_meths(ENGINE *e); 478238405Sjkimvoid ENGINE_register_all_pkey_asn1_meths(void); 479238405Sjkim 480280304Sjkim/* 481280304Sjkim * These functions register all support from the above categories. Note, use 482280304Sjkim * of these functions can result in static linkage of code your application 483280304Sjkim * may not need. If you only need a subset of functionality, consider using 484280304Sjkim * more selective initialisation. 485280304Sjkim */ 486109998Smarkmint ENGINE_register_complete(ENGINE *e); 487109998Smarkmint ENGINE_register_all_complete(void); 488109998Smarkm 489280304Sjkim/* 490280304Sjkim * Send parametrised control commands to the engine. The possibilities to 491280304Sjkim * send down an integer, a pointer to data or a function pointer are 492280304Sjkim * provided. Any of the parameters may or may not be NULL, depending on the 493280304Sjkim * command number. In actuality, this function only requires a structural 494280304Sjkim * (rather than functional) reference to an engine, but many control commands 495280304Sjkim * may require the engine be functional. The caller should be aware of trying 496280304Sjkim * commands that require an operational ENGINE, and only use functional 497280304Sjkim * references in such situations. 498280304Sjkim */ 499280304Sjkimint ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); 500109998Smarkm 501280304Sjkim/* 502280304Sjkim * This function tests if an ENGINE-specific command is usable as a 503280304Sjkim * "setting". Eg. in an application's config file that gets processed through 504109998Smarkm * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to 505280304Sjkim * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). 506280304Sjkim */ 507109998Smarkmint ENGINE_cmd_is_executable(ENGINE *e, int cmd); 508109998Smarkm 509280304Sjkim/* 510280304Sjkim * This function works like ENGINE_ctrl() with the exception of taking a 511280304Sjkim * command name instead of a command number, and can handle optional 512280304Sjkim * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation 513280304Sjkim * on how to use the cmd_name and cmd_optional. 514280304Sjkim */ 515109998Smarkmint ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, 516280304Sjkim long i, void *p, void (*f) (void), int cmd_optional); 517109998Smarkm 518280304Sjkim/* 519280304Sjkim * This function passes a command-name and argument to an ENGINE. The 520280304Sjkim * cmd_name is converted to a command number and the control command is 521280304Sjkim * called using 'arg' as an argument (unless the ENGINE doesn't support such 522280304Sjkim * a command, in which case no control command is called). The command is 523280304Sjkim * checked for input flags, and if necessary the argument will be converted 524280304Sjkim * to a numeric value. If cmd_optional is non-zero, then if the ENGINE 525280304Sjkim * doesn't support the given cmd_name the return value will be success 526280304Sjkim * anyway. This function is intended for applications to use so that users 527280304Sjkim * (or config files) can supply engine-specific config data to the ENGINE at 528280304Sjkim * run-time to control behaviour of specific engines. As such, it shouldn't 529280304Sjkim * be used for calling ENGINE_ctrl() functions that return data, deal with 530280304Sjkim * binary data, or that are otherwise supposed to be used directly through 531280304Sjkim * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl() 532280304Sjkim * operation in this function will be lost - the return value is interpreted 533280304Sjkim * as failure if the return value is zero, success otherwise, and this 534280304Sjkim * function returns a boolean value as a result. In other words, vendors of 535280304Sjkim * 'ENGINE'-enabled devices should write ENGINE implementations with 536280304Sjkim * parameterisations that work in this scheme, so that compliant ENGINE-based 537280304Sjkim * applications can work consistently with the same configuration for the 538280304Sjkim * same ENGINE-enabled devices, across applications. 539280304Sjkim */ 540109998Smarkmint ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, 541280304Sjkim int cmd_optional); 542109998Smarkm 543280304Sjkim/* 544280304Sjkim * These functions are useful for manufacturing new ENGINE structures. They 545280304Sjkim * don't address reference counting at all - one uses them to populate an 546280304Sjkim * ENGINE structure with personalised implementations of things prior to 547280304Sjkim * using it directly or adding it to the builtin ENGINE list in OpenSSL. 548280304Sjkim * These are also here so that the ENGINE structure doesn't have to be 549280304Sjkim * exposed and break binary compatibility! 550280304Sjkim */ 551109998SmarkmENGINE *ENGINE_new(void); 552109998Smarkmint ENGINE_free(ENGINE *e); 553109998Smarkmint ENGINE_up_ref(ENGINE *e); 554109998Smarkmint ENGINE_set_id(ENGINE *e, const char *id); 555109998Smarkmint ENGINE_set_name(ENGINE *e, const char *name); 556109998Smarkmint ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); 557109998Smarkmint ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); 558160814Ssimonint ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); 559160814Ssimonint ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); 560109998Smarkmint ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); 561109998Smarkmint ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); 562160814Ssimonint ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); 563109998Smarkmint ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); 564109998Smarkmint ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); 565109998Smarkmint ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); 566109998Smarkmint ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); 567280304Sjkimint ENGINE_set_load_privkey_function(ENGINE *e, 568280304Sjkim ENGINE_LOAD_KEY_PTR loadpriv_f); 569109998Smarkmint ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); 570194206Ssimonint ENGINE_set_load_ssl_client_cert_function(ENGINE *e, 571280304Sjkim ENGINE_SSL_CLIENT_CERT_PTR 572280304Sjkim loadssl_f); 573109998Smarkmint ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); 574109998Smarkmint ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); 575238405Sjkimint ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); 576238405Sjkimint ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); 577109998Smarkmint ENGINE_set_flags(ENGINE *e, int flags); 578109998Smarkmint ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); 579160814Ssimon/* These functions allow control over any per-structure ENGINE data. */ 580109998Smarkmint ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 581280304Sjkim CRYPTO_EX_dup *dup_func, 582280304Sjkim CRYPTO_EX_free *free_func); 583109998Smarkmint ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); 584160814Ssimonvoid *ENGINE_get_ex_data(const ENGINE *e, int idx); 585109998Smarkm 586280304Sjkim/* 587280304Sjkim * This function cleans up anything that needs it. Eg. the ENGINE_add() 588280304Sjkim * function automatically ensures the list cleanup function is registered to 589280304Sjkim * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_*** 590280304Sjkim * functions ensure ENGINE_cleanup() will clean up after them. 591280304Sjkim */ 592109998Smarkmvoid ENGINE_cleanup(void); 593109998Smarkm 594280304Sjkim/* 595280304Sjkim * These return values from within the ENGINE structure. These can be useful 596109998Smarkm * with functional references as well as structural references - it depends 597109998Smarkm * which you obtained. Using the result for functional purposes if you only 598280304Sjkim * obtained a structural reference may be problematic! 599280304Sjkim */ 600109998Smarkmconst char *ENGINE_get_id(const ENGINE *e); 601109998Smarkmconst char *ENGINE_get_name(const ENGINE *e); 602109998Smarkmconst RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); 603109998Smarkmconst DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); 604160814Ssimonconst ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); 605160814Ssimonconst ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); 606109998Smarkmconst DH_METHOD *ENGINE_get_DH(const ENGINE *e); 607109998Smarkmconst RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); 608160814Ssimonconst STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); 609109998SmarkmENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); 610109998SmarkmENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); 611109998SmarkmENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); 612109998SmarkmENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); 613109998SmarkmENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); 614109998SmarkmENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); 615280304SjkimENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE 616280304Sjkim *e); 617109998SmarkmENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); 618109998SmarkmENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); 619238405SjkimENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); 620238405SjkimENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); 621109998Smarkmconst EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); 622109998Smarkmconst EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); 623238405Sjkimconst EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); 624238405Sjkimconst EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); 625238405Sjkimconst EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, 626280304Sjkim const char *str, 627280304Sjkim int len); 628238405Sjkimconst EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, 629280304Sjkim const char *str, 630280304Sjkim int len); 631109998Smarkmconst ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); 632109998Smarkmint ENGINE_get_flags(const ENGINE *e); 633109998Smarkm 634280304Sjkim/* 635280304Sjkim * FUNCTIONAL functions. These functions deal with ENGINE structures that 636280304Sjkim * have (or will) be initialised for use. Broadly speaking, the structural 637280304Sjkim * functions are useful for iterating the list of available engine types, 638280304Sjkim * creating new engine types, and other "list" operations. These functions 639280304Sjkim * actually deal with ENGINEs that are to be used. As such these functions 640280304Sjkim * can fail (if applicable) when particular engines are unavailable - eg. if 641280304Sjkim * a hardware accelerator is not attached or not functioning correctly. Each 642280304Sjkim * ENGINE has 2 reference counts; structural and functional. Every time a 643280304Sjkim * functional reference is obtained or released, a corresponding structural 644280304Sjkim * reference is automatically obtained or released too. 645280304Sjkim */ 646109998Smarkm 647280304Sjkim/* 648280304Sjkim * Initialise a engine type for use (or up its reference count if it's 649280304Sjkim * already in use). This will fail if the engine is not currently operational 650280304Sjkim * and cannot initialise. 651280304Sjkim */ 652109998Smarkmint ENGINE_init(ENGINE *e); 653280304Sjkim/* 654280304Sjkim * Free a functional reference to a engine type. This does not require a 655280304Sjkim * corresponding call to ENGINE_free as it also releases a structural 656280304Sjkim * reference. 657280304Sjkim */ 658109998Smarkmint ENGINE_finish(ENGINE *e); 659109998Smarkm 660280304Sjkim/* 661280304Sjkim * The following functions handle keys that are stored in some secondary 662109998Smarkm * location, handled by the engine. The storage may be on a card or 663280304Sjkim * whatever. 664280304Sjkim */ 665109998SmarkmEVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, 666280304Sjkim UI_METHOD *ui_method, void *callback_data); 667109998SmarkmEVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, 668280304Sjkim UI_METHOD *ui_method, void *callback_data); 669194206Ssimonint ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, 670280304Sjkim STACK_OF(X509_NAME) *ca_dn, X509 **pcert, 671280304Sjkim EVP_PKEY **ppkey, STACK_OF(X509) **pother, 672280304Sjkim UI_METHOD *ui_method, void *callback_data); 673109998Smarkm 674280304Sjkim/* 675280304Sjkim * This returns a pointer for the current ENGINE structure that is (by 676280304Sjkim * default) performing any RSA operations. The value returned is an 677280304Sjkim * incremented reference, so it should be free'd (ENGINE_finish) before it is 678280304Sjkim * discarded. 679280304Sjkim */ 680109998SmarkmENGINE *ENGINE_get_default_RSA(void); 681109998Smarkm/* Same for the other "methods" */ 682109998SmarkmENGINE *ENGINE_get_default_DSA(void); 683160814SsimonENGINE *ENGINE_get_default_ECDH(void); 684160814SsimonENGINE *ENGINE_get_default_ECDSA(void); 685109998SmarkmENGINE *ENGINE_get_default_DH(void); 686109998SmarkmENGINE *ENGINE_get_default_RAND(void); 687280304Sjkim/* 688280304Sjkim * These functions can be used to get a functional reference to perform 689280304Sjkim * ciphering or digesting corresponding to "nid". 690280304Sjkim */ 691109998SmarkmENGINE *ENGINE_get_cipher_engine(int nid); 692109998SmarkmENGINE *ENGINE_get_digest_engine(int nid); 693238405SjkimENGINE *ENGINE_get_pkey_meth_engine(int nid); 694238405SjkimENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); 695109998Smarkm 696280304Sjkim/* 697280304Sjkim * This sets a new default ENGINE structure for performing RSA operations. If 698280304Sjkim * the result is non-zero (success) then the ENGINE structure will have had 699280304Sjkim * its reference count up'd so the caller should still free their own 700280304Sjkim * reference 'e'. 701280304Sjkim */ 702109998Smarkmint ENGINE_set_default_RSA(ENGINE *e); 703127128Snectarint ENGINE_set_default_string(ENGINE *e, const char *def_list); 704109998Smarkm/* Same for the other "methods" */ 705109998Smarkmint ENGINE_set_default_DSA(ENGINE *e); 706160814Ssimonint ENGINE_set_default_ECDH(ENGINE *e); 707160814Ssimonint ENGINE_set_default_ECDSA(ENGINE *e); 708109998Smarkmint ENGINE_set_default_DH(ENGINE *e); 709109998Smarkmint ENGINE_set_default_RAND(ENGINE *e); 710109998Smarkmint ENGINE_set_default_ciphers(ENGINE *e); 711109998Smarkmint ENGINE_set_default_digests(ENGINE *e); 712238405Sjkimint ENGINE_set_default_pkey_meths(ENGINE *e); 713238405Sjkimint ENGINE_set_default_pkey_asn1_meths(ENGINE *e); 714109998Smarkm 715280304Sjkim/* 716280304Sjkim * The combination "set" - the flags are bitwise "OR"d from the 717109998Smarkm * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" 718109998Smarkm * function, this function can result in unnecessary static linkage. If your 719109998Smarkm * application requires only specific functionality, consider using more 720280304Sjkim * selective functions. 721280304Sjkim */ 722109998Smarkmint ENGINE_set_default(ENGINE *e, unsigned int flags); 723109998Smarkm 724109998Smarkmvoid ENGINE_add_conf_module(void); 725109998Smarkm 726109998Smarkm/* Deprecated functions ... */ 727109998Smarkm/* int ENGINE_clear_defaults(void); */ 728109998Smarkm 729109998Smarkm/**************************/ 730109998Smarkm/* DYNAMIC ENGINE SUPPORT */ 731109998Smarkm/**************************/ 732109998Smarkm 733109998Smarkm/* Binary/behaviour compatibility levels */ 734280304Sjkim# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 735280304Sjkim/* 736280304Sjkim * Binary versions older than this are too old for us (whether we're a loader 737280304Sjkim * or a loadee) 738280304Sjkim */ 739280304Sjkim# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 740109998Smarkm 741280304Sjkim/* 742280304Sjkim * When compiling an ENGINE entirely as an external shared library, loadable 743280304Sjkim * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' 744280304Sjkim * structure type provides the calling application's (or library's) error 745280304Sjkim * functionality and memory management function pointers to the loaded 746280304Sjkim * library. These should be used/set in the loaded library code so that the 747280304Sjkim * loading application's 'state' will be used/changed in all operations. The 748280304Sjkim * 'static_state' pointer allows the loaded library to know if it shares the 749280304Sjkim * same static data as the calling application (or library), and thus whether 750280304Sjkim * these callbacks need to be set or not. 751280304Sjkim */ 752280304Sjkimtypedef void *(*dyn_MEM_malloc_cb) (size_t); 753280304Sjkimtypedef void *(*dyn_MEM_realloc_cb) (void *, size_t); 754280304Sjkimtypedef void (*dyn_MEM_free_cb) (void *); 755109998Smarkmtypedef struct st_dynamic_MEM_fns { 756280304Sjkim dyn_MEM_malloc_cb malloc_cb; 757280304Sjkim dyn_MEM_realloc_cb realloc_cb; 758280304Sjkim dyn_MEM_free_cb free_cb; 759280304Sjkim} dynamic_MEM_fns; 760280304Sjkim/* 761280304Sjkim * FIXME: Perhaps the memory and locking code (crypto.h) should declare and 762280304Sjkim * use these types so we (and any other dependant code) can simplify a bit?? 763280304Sjkim */ 764280304Sjkimtypedef void (*dyn_lock_locking_cb) (int, int, const char *, int); 765280304Sjkimtypedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int); 766280304Sjkimtypedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *, 767280304Sjkim int); 768280304Sjkimtypedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *, 769280304Sjkim const char *, int); 770280304Sjkimtypedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *, 771280304Sjkim const char *, int); 772109998Smarkmtypedef struct st_dynamic_LOCK_fns { 773280304Sjkim dyn_lock_locking_cb lock_locking_cb; 774280304Sjkim dyn_lock_add_lock_cb lock_add_lock_cb; 775280304Sjkim dyn_dynlock_create_cb dynlock_create_cb; 776280304Sjkim dyn_dynlock_lock_cb dynlock_lock_cb; 777280304Sjkim dyn_dynlock_destroy_cb dynlock_destroy_cb; 778280304Sjkim} dynamic_LOCK_fns; 779109998Smarkm/* The top-level structure */ 780109998Smarkmtypedef struct st_dynamic_fns { 781280304Sjkim void *static_state; 782280304Sjkim const ERR_FNS *err_fns; 783280304Sjkim const CRYPTO_EX_DATA_IMPL *ex_data_fns; 784280304Sjkim dynamic_MEM_fns mem_fns; 785280304Sjkim dynamic_LOCK_fns lock_fns; 786280304Sjkim} dynamic_fns; 787109998Smarkm 788280304Sjkim/* 789280304Sjkim * The version checking function should be of this prototype. NB: The 790280304Sjkim * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading 791280304Sjkim * code. If this function returns zero, it indicates a (potential) version 792109998Smarkm * incompatibility and the loaded library doesn't believe it can proceed. 793109998Smarkm * Otherwise, the returned value is the (latest) version supported by the 794280304Sjkim * loading library. The loader may still decide that the loaded code's 795280304Sjkim * version is unsatisfactory and could veto the load. The function is 796280304Sjkim * expected to be implemented with the symbol name "v_check", and a default 797280304Sjkim * implementation can be fully instantiated with 798280304Sjkim * IMPLEMENT_DYNAMIC_CHECK_FN(). 799280304Sjkim */ 800280304Sjkimtypedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version); 801280304Sjkim# define IMPLEMENT_DYNAMIC_CHECK_FN() \ 802280304Sjkim OPENSSL_EXPORT unsigned long v_check(unsigned long v); \ 803280304Sjkim OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ 804280304Sjkim if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ 805280304Sjkim return 0; } 806109998Smarkm 807280304Sjkim/* 808280304Sjkim * This function is passed the ENGINE structure to initialise with its own 809109998Smarkm * function and command settings. It should not adjust the structural or 810280304Sjkim * functional reference counts. If this function returns zero, (a) the load 811280304Sjkim * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto 812280304Sjkim * the structure, and (c) the shared library will be unloaded. So 813280304Sjkim * implementations should do their own internal cleanup in failure 814280304Sjkim * circumstances otherwise they could leak. The 'id' parameter, if non-NULL, 815280304Sjkim * represents the ENGINE id that the loader is looking for. If this is NULL, 816280304Sjkim * the shared library can choose to return failure or to initialise a 817280304Sjkim * 'default' ENGINE. If non-NULL, the shared library must initialise only an 818280304Sjkim * ENGINE matching the passed 'id'. The function is expected to be 819280304Sjkim * implemented with the symbol name "bind_engine". A standard implementation 820280304Sjkim * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter 821280304Sjkim * 'fn' is a callback function that populates the ENGINE structure and 822280304Sjkim * returns an int value (zero for failure). 'fn' should have prototype; 823280304Sjkim * [static] int fn(ENGINE *e, const char *id); 824280304Sjkim */ 825280304Sjkimtypedef int (*dynamic_bind_engine) (ENGINE *e, const char *id, 826280304Sjkim const dynamic_fns *fns); 827280304Sjkim# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ 828280304Sjkim OPENSSL_EXPORT \ 829280304Sjkim int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \ 830280304Sjkim OPENSSL_EXPORT \ 831280304Sjkim int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ 832280304Sjkim if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ 833280304Sjkim if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ 834280304Sjkim fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ 835280304Sjkim return 0; \ 836280304Sjkim CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ 837280304Sjkim CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ 838280304Sjkim CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ 839280304Sjkim CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ 840280304Sjkim CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ 841280304Sjkim if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ 842280304Sjkim return 0; \ 843280304Sjkim if(!ERR_set_implementation(fns->err_fns)) return 0; \ 844280304Sjkim skip_cbs: \ 845280304Sjkim if(!fn(e,id)) return 0; \ 846280304Sjkim return 1; } 847109998Smarkm 848280304Sjkim/* 849280304Sjkim * If the loading application (or library) and the loaded ENGINE library 850280304Sjkim * share the same static data (eg. they're both dynamically linked to the 851280304Sjkim * same libcrypto.so) we need a way to avoid trying to set system callbacks - 852280304Sjkim * this would fail, and for the same reason that it's unnecessary to try. If 853280304Sjkim * the loaded ENGINE has (or gets from through the loader) its own copy of 854280304Sjkim * the libcrypto static data, we will need to set the callbacks. The easiest 855280304Sjkim * way to detect this is to have a function that returns a pointer to some 856280304Sjkim * static data and let the loading application and loaded ENGINE compare 857280304Sjkim * their respective values. 858280304Sjkim */ 859160814Ssimonvoid *ENGINE_get_static_state(void); 860160814Ssimon 861280304Sjkim# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) 862120631Snectarvoid ENGINE_setup_bsd_cryptodev(void); 863280304Sjkim# endif 864120631Snectar 865109998Smarkm/* BEGIN ERROR CODES */ 866280304Sjkim/* 867280304Sjkim * The following lines are auto generated by the script mkerr.pl. Any changes 868109998Smarkm * made after this point may be overwritten when the script is next run. 869109998Smarkm */ 870109998Smarkmvoid ERR_load_ENGINE_strings(void); 871109998Smarkm 872109998Smarkm/* Error codes for the ENGINE functions. */ 873109998Smarkm 874109998Smarkm/* Function codes. */ 875280304Sjkim# define ENGINE_F_DYNAMIC_CTRL 180 876280304Sjkim# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 877280304Sjkim# define ENGINE_F_DYNAMIC_LOAD 182 878280304Sjkim# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 879280304Sjkim# define ENGINE_F_ENGINE_ADD 105 880280304Sjkim# define ENGINE_F_ENGINE_BY_ID 106 881280304Sjkim# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 882280304Sjkim# define ENGINE_F_ENGINE_CTRL 142 883280304Sjkim# define ENGINE_F_ENGINE_CTRL_CMD 178 884280304Sjkim# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 885280304Sjkim# define ENGINE_F_ENGINE_FINISH 107 886280304Sjkim# define ENGINE_F_ENGINE_FREE_UTIL 108 887280304Sjkim# define ENGINE_F_ENGINE_GET_CIPHER 185 888280304Sjkim# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 889280304Sjkim# define ENGINE_F_ENGINE_GET_DIGEST 186 890280304Sjkim# define ENGINE_F_ENGINE_GET_NEXT 115 891280304Sjkim# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 892280304Sjkim# define ENGINE_F_ENGINE_GET_PKEY_METH 192 893280304Sjkim# define ENGINE_F_ENGINE_GET_PREV 116 894280304Sjkim# define ENGINE_F_ENGINE_INIT 119 895280304Sjkim# define ENGINE_F_ENGINE_LIST_ADD 120 896280304Sjkim# define ENGINE_F_ENGINE_LIST_REMOVE 121 897280304Sjkim# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 898280304Sjkim# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 899280304Sjkim# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 900280304Sjkim# define ENGINE_F_ENGINE_NEW 122 901280304Sjkim# define ENGINE_F_ENGINE_REMOVE 123 902280304Sjkim# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 903280304Sjkim# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 904280304Sjkim# define ENGINE_F_ENGINE_SET_ID 129 905280304Sjkim# define ENGINE_F_ENGINE_SET_NAME 130 906280304Sjkim# define ENGINE_F_ENGINE_TABLE_REGISTER 184 907280304Sjkim# define ENGINE_F_ENGINE_UNLOAD_KEY 152 908280304Sjkim# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 909280304Sjkim# define ENGINE_F_ENGINE_UP_REF 190 910280304Sjkim# define ENGINE_F_INT_CTRL_HELPER 172 911280304Sjkim# define ENGINE_F_INT_ENGINE_CONFIGURE 188 912280304Sjkim# define ENGINE_F_INT_ENGINE_MODULE_INIT 187 913280304Sjkim# define ENGINE_F_LOG_MESSAGE 141 914109998Smarkm 915109998Smarkm/* Reason codes. */ 916280304Sjkim# define ENGINE_R_ALREADY_LOADED 100 917280304Sjkim# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133 918280304Sjkim# define ENGINE_R_CMD_NOT_EXECUTABLE 134 919280304Sjkim# define ENGINE_R_COMMAND_TAKES_INPUT 135 920280304Sjkim# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136 921280304Sjkim# define ENGINE_R_CONFLICTING_ENGINE_ID 103 922280304Sjkim# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 923280304Sjkim# define ENGINE_R_DH_NOT_IMPLEMENTED 139 924280304Sjkim# define ENGINE_R_DSA_NOT_IMPLEMENTED 140 925280304Sjkim# define ENGINE_R_DSO_FAILURE 104 926280304Sjkim# define ENGINE_R_DSO_NOT_FOUND 132 927280304Sjkim# define ENGINE_R_ENGINES_SECTION_ERROR 148 928280304Sjkim# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 929280304Sjkim# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 930280304Sjkim# define ENGINE_R_ENGINE_SECTION_ERROR 149 931280304Sjkim# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 932280304Sjkim# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 933280304Sjkim# define ENGINE_R_FINISH_FAILED 106 934280304Sjkim# define ENGINE_R_GET_HANDLE_FAILED 107 935280304Sjkim# define ENGINE_R_ID_OR_NAME_MISSING 108 936280304Sjkim# define ENGINE_R_INIT_FAILED 109 937280304Sjkim# define ENGINE_R_INTERNAL_LIST_ERROR 110 938280304Sjkim# define ENGINE_R_INVALID_ARGUMENT 143 939280304Sjkim# define ENGINE_R_INVALID_CMD_NAME 137 940280304Sjkim# define ENGINE_R_INVALID_CMD_NUMBER 138 941280304Sjkim# define ENGINE_R_INVALID_INIT_VALUE 151 942280304Sjkim# define ENGINE_R_INVALID_STRING 150 943280304Sjkim# define ENGINE_R_NOT_INITIALISED 117 944280304Sjkim# define ENGINE_R_NOT_LOADED 112 945280304Sjkim# define ENGINE_R_NO_CONTROL_FUNCTION 120 946280304Sjkim# define ENGINE_R_NO_INDEX 144 947280304Sjkim# define ENGINE_R_NO_LOAD_FUNCTION 125 948280304Sjkim# define ENGINE_R_NO_REFERENCE 130 949280304Sjkim# define ENGINE_R_NO_SUCH_ENGINE 116 950280304Sjkim# define ENGINE_R_NO_UNLOAD_FUNCTION 126 951280304Sjkim# define ENGINE_R_PROVIDE_PARAMETERS 113 952280304Sjkim# define ENGINE_R_RSA_NOT_IMPLEMENTED 141 953280304Sjkim# define ENGINE_R_UNIMPLEMENTED_CIPHER 146 954280304Sjkim# define ENGINE_R_UNIMPLEMENTED_DIGEST 147 955280304Sjkim# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 956280304Sjkim# define ENGINE_R_VERSION_INCOMPATIBILITY 145 957109998Smarkm 958109998Smarkm#ifdef __cplusplus 959109998Smarkm} 960109998Smarkm#endif 961109998Smarkm#endif 962