1/* openssl/engine.h */ 2/* 3 * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project 4 * 2000. 5 */ 6/* ==================================================================== 7 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59/* ==================================================================== 60 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 61 * ECDH support in OpenSSL originally developed by 62 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 63 */ 64 65#ifndef HEADER_ENGINE_H 66# define HEADER_ENGINE_H 67 68# include <openssl/opensslconf.h> 69 70# ifdef OPENSSL_NO_ENGINE 71# error ENGINE is disabled. 72# endif 73 74# ifndef OPENSSL_NO_DEPRECATED 75# include <openssl/bn.h> 76# ifndef OPENSSL_NO_RSA 77# include <openssl/rsa.h> 78# endif 79# ifndef OPENSSL_NO_DSA 80# include <openssl/dsa.h> 81# endif 82# ifndef OPENSSL_NO_DH 83# include <openssl/dh.h> 84# endif 85# ifndef OPENSSL_NO_ECDH 86# include <openssl/ecdh.h> 87# endif 88# ifndef OPENSSL_NO_ECDSA 89# include <openssl/ecdsa.h> 90# endif 91# include <openssl/rand.h> 92# include <openssl/ui.h> 93# include <openssl/err.h> 94# endif 95 96# include <openssl/ossl_typ.h> 97# include <openssl/symhacks.h> 98 99# include <openssl/x509.h> 100 101#ifdef __cplusplus 102extern "C" { 103#endif 104 105/* 106 * These flags are used to control combinations of algorithm (methods) by 107 * bitwise "OR"ing. 108 */ 109# define ENGINE_METHOD_RSA (unsigned int)0x0001 110# define ENGINE_METHOD_DSA (unsigned int)0x0002 111# define ENGINE_METHOD_DH (unsigned int)0x0004 112# define ENGINE_METHOD_RAND (unsigned int)0x0008 113# define ENGINE_METHOD_ECDH (unsigned int)0x0010 114# define ENGINE_METHOD_ECDSA (unsigned int)0x0020 115# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 116# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 117# define ENGINE_METHOD_STORE (unsigned int)0x0100 118# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 119# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 120/* Obvious all-or-nothing cases. */ 121# define ENGINE_METHOD_ALL (unsigned int)0xFFFF 122# define ENGINE_METHOD_NONE (unsigned int)0x0000 123 124/* 125 * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used 126 * internally to control registration of ENGINE implementations, and can be 127 * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to 128 * initialise registered ENGINEs if they are not already initialised. 129 */ 130# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001 131 132/* ENGINE flags that can be set by ENGINE_set_flags(). */ 133/* Not used */ 134/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ 135 136/* 137 * This flag is for ENGINEs that wish to handle the various 'CMD'-related 138 * control commands on their own. Without this flag, ENGINE_ctrl() handles 139 * these control commands on behalf of the ENGINE using their "cmd_defns" 140 * data. 141 */ 142# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002 143 144/* 145 * This flag is for ENGINEs who return new duplicate structures when found 146 * via "ENGINE_by_id()". When an ENGINE must store state (eg. if 147 * ENGINE_ctrl() commands are called in sequence as part of some stateful 148 * process like key-generation setup and execution), it can set this flag - 149 * then each attempt to obtain the ENGINE will result in it being copied into 150 * a new structure. Normally, ENGINEs don't declare this flag so 151 * ENGINE_by_id() just increments the existing ENGINE's structural reference 152 * count. 153 */ 154# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004 155 156/* 157 * This flag if for an ENGINE that does not want its methods registered as 158 * part of ENGINE_register_all_complete() for example if the methods are not 159 * usable as default methods. 160 */ 161 162# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008 163 164/* 165 * ENGINEs can support their own command types, and these flags are used in 166 * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input 167 * each command expects. Currently only numeric and string input is 168 * supported. If a control command supports none of the _NUMERIC, _STRING, or 169 * _NO_INPUT options, then it is regarded as an "internal" control command - 170 * and not for use in config setting situations. As such, they're not 171 * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() 172 * access. Changes to this list of 'command types' should be reflected 173 * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). 174 */ 175 176/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */ 177# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001 178/* 179 * accepts string input (cast from 'void*' to 'const char *', 4th parameter 180 * to ENGINE_ctrl) 181 */ 182# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002 183/* 184 * Indicates that the control command takes *no* input. Ie. the control 185 * command is unparameterised. 186 */ 187# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004 188/* 189 * Indicates that the control command is internal. This control command won't 190 * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() 191 * function. 192 */ 193# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008 194 195/* 196 * NB: These 3 control commands are deprecated and should not be used. 197 * ENGINEs relying on these commands should compile conditional support for 198 * compatibility (eg. if these symbols are defined) but should also migrate 199 * the same functionality to their own ENGINE-specific control functions that 200 * can be "discovered" by calling applications. The fact these control 201 * commands wouldn't be "executable" (ie. usable by text-based config) 202 * doesn't change the fact that application code can find and use them 203 * without requiring per-ENGINE hacking. 204 */ 205 206/* 207 * These flags are used to tell the ctrl function what should be done. All 208 * command numbers are shared between all engines, even if some don't make 209 * sense to some engines. In such a case, they do nothing but return the 210 * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. 211 */ 212# define ENGINE_CTRL_SET_LOGSTREAM 1 213# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 214# define ENGINE_CTRL_HUP 3/* Close and reinitialise 215 * any handles/connections 216 * etc. */ 217# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */ 218# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used 219 * when calling the password 220 * callback and the user 221 * interface */ 222# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration, 223 * given a string that 224 * represents a file name 225 * or so */ 226# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given 227 * section in the already 228 * loaded configuration */ 229 230/* 231 * These control commands allow an application to deal with an arbitrary 232 * engine in a dynamic way. Warn: Negative return values indicate errors FOR 233 * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other 234 * commands, including ENGINE-specific command types, return zero for an 235 * error. An ENGINE can choose to implement these ctrl functions, and can 236 * internally manage things however it chooses - it does so by setting the 237 * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise 238 * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the 239 * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's 240 * ctrl() handler need only implement its own commands - the above "meta" 241 * commands will be taken care of. 242 */ 243 244/* 245 * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", 246 * then all the remaining control commands will return failure, so it is 247 * worth checking this first if the caller is trying to "discover" the 248 * engine's capabilities and doesn't want errors generated unnecessarily. 249 */ 250# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10 251/* 252 * Returns a positive command number for the first command supported by the 253 * engine. Returns zero if no ctrl commands are supported. 254 */ 255# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11 256/* 257 * The 'long' argument specifies a command implemented by the engine, and the 258 * return value is the next command supported, or zero if there are no more. 259 */ 260# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12 261/* 262 * The 'void*' argument is a command name (cast from 'const char *'), and the 263 * return value is the command that corresponds to it. 264 */ 265# define ENGINE_CTRL_GET_CMD_FROM_NAME 13 266/* 267 * The next two allow a command to be converted into its corresponding string 268 * form. In each case, the 'long' argument supplies the command. In the 269 * NAME_LEN case, the return value is the length of the command name (not 270 * counting a trailing EOL). In the NAME case, the 'void*' argument must be a 271 * string buffer large enough, and it will be populated with the name of the 272 * command (WITH a trailing EOL). 273 */ 274# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14 275# define ENGINE_CTRL_GET_NAME_FROM_CMD 15 276/* The next two are similar but give a "short description" of a command. */ 277# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16 278# define ENGINE_CTRL_GET_DESC_FROM_CMD 17 279/* 280 * With this command, the return value is the OR'd combination of 281 * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given 282 * engine-specific ctrl command expects. 283 */ 284# define ENGINE_CTRL_GET_CMD_FLAGS 18 285 286/* 287 * ENGINE implementations should start the numbering of their own control 288 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). 289 */ 290# define ENGINE_CMD_BASE 200 291 292/* 293 * NB: These 2 nCipher "chil" control commands are deprecated, and their 294 * functionality is now available through ENGINE-specific control commands 295 * (exposed through the above-mentioned 'CMD'-handling). Code using these 2 296 * commands should be migrated to the more general command handling before 297 * these are removed. 298 */ 299 300/* Flags specific to the nCipher "chil" engine */ 301# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 302 /* 303 * Depending on the value of the (long)i argument, this sets or 304 * unsets the SimpleForkCheck flag in the CHIL API to enable or 305 * disable checking and workarounds for applications that fork(). 306 */ 307# define ENGINE_CTRL_CHIL_NO_LOCKING 101 308 /* 309 * This prevents the initialisation function from providing mutex 310 * callbacks to the nCipher library. 311 */ 312 313/* 314 * If an ENGINE supports its own specific control commands and wishes the 315 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on 316 * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN 317 * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl() 318 * handler that supports the stated commands (ie. the "cmd_num" entries as 319 * described by the array). NB: The array must be ordered in increasing order 320 * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element 321 * has cmd_num set to zero and/or cmd_name set to NULL. 322 */ 323typedef struct ENGINE_CMD_DEFN_st { 324 unsigned int cmd_num; /* The command number */ 325 const char *cmd_name; /* The command name itself */ 326 const char *cmd_desc; /* A short description of the command */ 327 unsigned int cmd_flags; /* The input the command expects */ 328} ENGINE_CMD_DEFN; 329 330/* Generic function pointer */ 331typedef int (*ENGINE_GEN_FUNC_PTR) (void); 332/* Generic function pointer taking no arguments */ 333typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *); 334/* Specific control function pointer */ 335typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *, 336 void (*f) (void)); 337/* Generic load_key function pointer */ 338typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, 339 UI_METHOD *ui_method, 340 void *callback_data); 341typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl, 342 STACK_OF(X509_NAME) *ca_dn, 343 X509 **pcert, EVP_PKEY **pkey, 344 STACK_OF(X509) **pother, 345 UI_METHOD *ui_method, 346 void *callback_data); 347/*- 348 * These callback types are for an ENGINE's handler for cipher and digest logic. 349 * These handlers have these prototypes; 350 * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); 351 * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); 352 * Looking at how to implement these handlers in the case of cipher support, if 353 * the framework wants the EVP_CIPHER for 'nid', it will call; 354 * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) 355 * If the framework wants a list of supported 'nid's, it will call; 356 * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) 357 */ 358/* 359 * Returns to a pointer to the array of supported cipher 'nid's. If the 360 * second parameter is non-NULL it is set to the size of the returned array. 361 */ 362typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **, 363 const int **, int); 364typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **, 365 int); 366typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **, 367 const int **, int); 368typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **, 369 const int **, int); 370/* 371 * STRUCTURE functions ... all of these functions deal with pointers to 372 * ENGINE structures where the pointers have a "structural reference". This 373 * means that their reference is to allowed access to the structure but it 374 * does not imply that the structure is functional. To simply increment or 375 * decrement the structural reference count, use ENGINE_by_id and 376 * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next 377 * as it will automatically decrement the structural reference count of the 378 * "current" ENGINE and increment the structural reference count of the 379 * ENGINE it returns (unless it is NULL). 380 */ 381 382/* Get the first/last "ENGINE" type available. */ 383ENGINE *ENGINE_get_first(void); 384ENGINE *ENGINE_get_last(void); 385/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ 386ENGINE *ENGINE_get_next(ENGINE *e); 387ENGINE *ENGINE_get_prev(ENGINE *e); 388/* Add another "ENGINE" type into the array. */ 389int ENGINE_add(ENGINE *e); 390/* Remove an existing "ENGINE" type from the array. */ 391int ENGINE_remove(ENGINE *e); 392/* Retrieve an engine from the list by its unique "id" value. */ 393ENGINE *ENGINE_by_id(const char *id); 394/* Add all the built-in engines. */ 395void ENGINE_load_openssl(void); 396void ENGINE_load_dynamic(void); 397# ifndef OPENSSL_NO_STATIC_ENGINE 398void ENGINE_load_4758cca(void); 399void ENGINE_load_aep(void); 400void ENGINE_load_atalla(void); 401void ENGINE_load_chil(void); 402void ENGINE_load_cswift(void); 403void ENGINE_load_nuron(void); 404void ENGINE_load_sureware(void); 405void ENGINE_load_ubsec(void); 406void ENGINE_load_padlock(void); 407void ENGINE_load_capi(void); 408# ifndef OPENSSL_NO_GMP 409void ENGINE_load_gmp(void); 410# endif 411# ifndef OPENSSL_NO_GOST 412void ENGINE_load_gost(void); 413# endif 414# endif 415void ENGINE_load_cryptodev(void); 416void ENGINE_load_rsax(void); 417void ENGINE_load_rdrand(void); 418void ENGINE_load_builtin_engines(void); 419 420/* 421 * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation 422 * "registry" handling. 423 */ 424unsigned int ENGINE_get_table_flags(void); 425void ENGINE_set_table_flags(unsigned int flags); 426 427/*- Manage registration of ENGINEs per "table". For each type, there are 3 428 * functions; 429 * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) 430 * ENGINE_unregister_***(e) - unregister the implementation from 'e' 431 * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list 432 * Cleanup is automatically registered from each table when required, so 433 * ENGINE_cleanup() will reverse any "register" operations. 434 */ 435 436int ENGINE_register_RSA(ENGINE *e); 437void ENGINE_unregister_RSA(ENGINE *e); 438void ENGINE_register_all_RSA(void); 439 440int ENGINE_register_DSA(ENGINE *e); 441void ENGINE_unregister_DSA(ENGINE *e); 442void ENGINE_register_all_DSA(void); 443 444int ENGINE_register_ECDH(ENGINE *e); 445void ENGINE_unregister_ECDH(ENGINE *e); 446void ENGINE_register_all_ECDH(void); 447 448int ENGINE_register_ECDSA(ENGINE *e); 449void ENGINE_unregister_ECDSA(ENGINE *e); 450void ENGINE_register_all_ECDSA(void); 451 452int ENGINE_register_DH(ENGINE *e); 453void ENGINE_unregister_DH(ENGINE *e); 454void ENGINE_register_all_DH(void); 455 456int ENGINE_register_RAND(ENGINE *e); 457void ENGINE_unregister_RAND(ENGINE *e); 458void ENGINE_register_all_RAND(void); 459 460int ENGINE_register_STORE(ENGINE *e); 461void ENGINE_unregister_STORE(ENGINE *e); 462void ENGINE_register_all_STORE(void); 463 464int ENGINE_register_ciphers(ENGINE *e); 465void ENGINE_unregister_ciphers(ENGINE *e); 466void ENGINE_register_all_ciphers(void); 467 468int ENGINE_register_digests(ENGINE *e); 469void ENGINE_unregister_digests(ENGINE *e); 470void ENGINE_register_all_digests(void); 471 472int ENGINE_register_pkey_meths(ENGINE *e); 473void ENGINE_unregister_pkey_meths(ENGINE *e); 474void ENGINE_register_all_pkey_meths(void); 475 476int ENGINE_register_pkey_asn1_meths(ENGINE *e); 477void ENGINE_unregister_pkey_asn1_meths(ENGINE *e); 478void ENGINE_register_all_pkey_asn1_meths(void); 479 480/* 481 * These functions register all support from the above categories. Note, use 482 * of these functions can result in static linkage of code your application 483 * may not need. If you only need a subset of functionality, consider using 484 * more selective initialisation. 485 */ 486int ENGINE_register_complete(ENGINE *e); 487int ENGINE_register_all_complete(void); 488 489/* 490 * Send parametrised control commands to the engine. The possibilities to 491 * send down an integer, a pointer to data or a function pointer are 492 * provided. Any of the parameters may or may not be NULL, depending on the 493 * command number. In actuality, this function only requires a structural 494 * (rather than functional) reference to an engine, but many control commands 495 * may require the engine be functional. The caller should be aware of trying 496 * commands that require an operational ENGINE, and only use functional 497 * references in such situations. 498 */ 499int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); 500 501/* 502 * This function tests if an ENGINE-specific command is usable as a 503 * "setting". Eg. in an application's config file that gets processed through 504 * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to 505 * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). 506 */ 507int ENGINE_cmd_is_executable(ENGINE *e, int cmd); 508 509/* 510 * This function works like ENGINE_ctrl() with the exception of taking a 511 * command name instead of a command number, and can handle optional 512 * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation 513 * on how to use the cmd_name and cmd_optional. 514 */ 515int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, 516 long i, void *p, void (*f) (void), int cmd_optional); 517 518/* 519 * This function passes a command-name and argument to an ENGINE. The 520 * cmd_name is converted to a command number and the control command is 521 * called using 'arg' as an argument (unless the ENGINE doesn't support such 522 * a command, in which case no control command is called). The command is 523 * checked for input flags, and if necessary the argument will be converted 524 * to a numeric value. If cmd_optional is non-zero, then if the ENGINE 525 * doesn't support the given cmd_name the return value will be success 526 * anyway. This function is intended for applications to use so that users 527 * (or config files) can supply engine-specific config data to the ENGINE at 528 * run-time to control behaviour of specific engines. As such, it shouldn't 529 * be used for calling ENGINE_ctrl() functions that return data, deal with 530 * binary data, or that are otherwise supposed to be used directly through 531 * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl() 532 * operation in this function will be lost - the return value is interpreted 533 * as failure if the return value is zero, success otherwise, and this 534 * function returns a boolean value as a result. In other words, vendors of 535 * 'ENGINE'-enabled devices should write ENGINE implementations with 536 * parameterisations that work in this scheme, so that compliant ENGINE-based 537 * applications can work consistently with the same configuration for the 538 * same ENGINE-enabled devices, across applications. 539 */ 540int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, 541 int cmd_optional); 542 543/* 544 * These functions are useful for manufacturing new ENGINE structures. They 545 * don't address reference counting at all - one uses them to populate an 546 * ENGINE structure with personalised implementations of things prior to 547 * using it directly or adding it to the builtin ENGINE list in OpenSSL. 548 * These are also here so that the ENGINE structure doesn't have to be 549 * exposed and break binary compatibility! 550 */ 551ENGINE *ENGINE_new(void); 552int ENGINE_free(ENGINE *e); 553int ENGINE_up_ref(ENGINE *e); 554int ENGINE_set_id(ENGINE *e, const char *id); 555int ENGINE_set_name(ENGINE *e, const char *name); 556int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); 557int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); 558int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); 559int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); 560int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); 561int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); 562int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); 563int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); 564int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); 565int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); 566int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); 567int ENGINE_set_load_privkey_function(ENGINE *e, 568 ENGINE_LOAD_KEY_PTR loadpriv_f); 569int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); 570int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, 571 ENGINE_SSL_CLIENT_CERT_PTR 572 loadssl_f); 573int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); 574int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); 575int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); 576int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); 577int ENGINE_set_flags(ENGINE *e, int flags); 578int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); 579/* These functions allow control over any per-structure ENGINE data. */ 580int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 581 CRYPTO_EX_dup *dup_func, 582 CRYPTO_EX_free *free_func); 583int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); 584void *ENGINE_get_ex_data(const ENGINE *e, int idx); 585 586/* 587 * This function cleans up anything that needs it. Eg. the ENGINE_add() 588 * function automatically ensures the list cleanup function is registered to 589 * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_*** 590 * functions ensure ENGINE_cleanup() will clean up after them. 591 */ 592void ENGINE_cleanup(void); 593 594/* 595 * These return values from within the ENGINE structure. These can be useful 596 * with functional references as well as structural references - it depends 597 * which you obtained. Using the result for functional purposes if you only 598 * obtained a structural reference may be problematic! 599 */ 600const char *ENGINE_get_id(const ENGINE *e); 601const char *ENGINE_get_name(const ENGINE *e); 602const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); 603const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); 604const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); 605const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); 606const DH_METHOD *ENGINE_get_DH(const ENGINE *e); 607const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); 608const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); 609ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); 610ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); 611ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); 612ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); 613ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); 614ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); 615ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE 616 *e); 617ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); 618ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); 619ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); 620ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); 621const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); 622const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); 623const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); 624const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); 625const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, 626 const char *str, 627 int len); 628const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, 629 const char *str, 630 int len); 631const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); 632int ENGINE_get_flags(const ENGINE *e); 633 634/* 635 * FUNCTIONAL functions. These functions deal with ENGINE structures that 636 * have (or will) be initialised for use. Broadly speaking, the structural 637 * functions are useful for iterating the list of available engine types, 638 * creating new engine types, and other "list" operations. These functions 639 * actually deal with ENGINEs that are to be used. As such these functions 640 * can fail (if applicable) when particular engines are unavailable - eg. if 641 * a hardware accelerator is not attached or not functioning correctly. Each 642 * ENGINE has 2 reference counts; structural and functional. Every time a 643 * functional reference is obtained or released, a corresponding structural 644 * reference is automatically obtained or released too. 645 */ 646 647/* 648 * Initialise a engine type for use (or up its reference count if it's 649 * already in use). This will fail if the engine is not currently operational 650 * and cannot initialise. 651 */ 652int ENGINE_init(ENGINE *e); 653/* 654 * Free a functional reference to a engine type. This does not require a 655 * corresponding call to ENGINE_free as it also releases a structural 656 * reference. 657 */ 658int ENGINE_finish(ENGINE *e); 659 660/* 661 * The following functions handle keys that are stored in some secondary 662 * location, handled by the engine. The storage may be on a card or 663 * whatever. 664 */ 665EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, 666 UI_METHOD *ui_method, void *callback_data); 667EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, 668 UI_METHOD *ui_method, void *callback_data); 669int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, 670 STACK_OF(X509_NAME) *ca_dn, X509 **pcert, 671 EVP_PKEY **ppkey, STACK_OF(X509) **pother, 672 UI_METHOD *ui_method, void *callback_data); 673 674/* 675 * This returns a pointer for the current ENGINE structure that is (by 676 * default) performing any RSA operations. The value returned is an 677 * incremented reference, so it should be free'd (ENGINE_finish) before it is 678 * discarded. 679 */ 680ENGINE *ENGINE_get_default_RSA(void); 681/* Same for the other "methods" */ 682ENGINE *ENGINE_get_default_DSA(void); 683ENGINE *ENGINE_get_default_ECDH(void); 684ENGINE *ENGINE_get_default_ECDSA(void); 685ENGINE *ENGINE_get_default_DH(void); 686ENGINE *ENGINE_get_default_RAND(void); 687/* 688 * These functions can be used to get a functional reference to perform 689 * ciphering or digesting corresponding to "nid". 690 */ 691ENGINE *ENGINE_get_cipher_engine(int nid); 692ENGINE *ENGINE_get_digest_engine(int nid); 693ENGINE *ENGINE_get_pkey_meth_engine(int nid); 694ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); 695 696/* 697 * This sets a new default ENGINE structure for performing RSA operations. If 698 * the result is non-zero (success) then the ENGINE structure will have had 699 * its reference count up'd so the caller should still free their own 700 * reference 'e'. 701 */ 702int ENGINE_set_default_RSA(ENGINE *e); 703int ENGINE_set_default_string(ENGINE *e, const char *def_list); 704/* Same for the other "methods" */ 705int ENGINE_set_default_DSA(ENGINE *e); 706int ENGINE_set_default_ECDH(ENGINE *e); 707int ENGINE_set_default_ECDSA(ENGINE *e); 708int ENGINE_set_default_DH(ENGINE *e); 709int ENGINE_set_default_RAND(ENGINE *e); 710int ENGINE_set_default_ciphers(ENGINE *e); 711int ENGINE_set_default_digests(ENGINE *e); 712int ENGINE_set_default_pkey_meths(ENGINE *e); 713int ENGINE_set_default_pkey_asn1_meths(ENGINE *e); 714 715/* 716 * The combination "set" - the flags are bitwise "OR"d from the 717 * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" 718 * function, this function can result in unnecessary static linkage. If your 719 * application requires only specific functionality, consider using more 720 * selective functions. 721 */ 722int ENGINE_set_default(ENGINE *e, unsigned int flags); 723 724void ENGINE_add_conf_module(void); 725 726/* Deprecated functions ... */ 727/* int ENGINE_clear_defaults(void); */ 728 729/**************************/ 730/* DYNAMIC ENGINE SUPPORT */ 731/**************************/ 732 733/* Binary/behaviour compatibility levels */ 734# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 735/* 736 * Binary versions older than this are too old for us (whether we're a loader 737 * or a loadee) 738 */ 739# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 740 741/* 742 * When compiling an ENGINE entirely as an external shared library, loadable 743 * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' 744 * structure type provides the calling application's (or library's) error 745 * functionality and memory management function pointers to the loaded 746 * library. These should be used/set in the loaded library code so that the 747 * loading application's 'state' will be used/changed in all operations. The 748 * 'static_state' pointer allows the loaded library to know if it shares the 749 * same static data as the calling application (or library), and thus whether 750 * these callbacks need to be set or not. 751 */ 752typedef void *(*dyn_MEM_malloc_cb) (size_t); 753typedef void *(*dyn_MEM_realloc_cb) (void *, size_t); 754typedef void (*dyn_MEM_free_cb) (void *); 755typedef struct st_dynamic_MEM_fns { 756 dyn_MEM_malloc_cb malloc_cb; 757 dyn_MEM_realloc_cb realloc_cb; 758 dyn_MEM_free_cb free_cb; 759} dynamic_MEM_fns; 760/* 761 * FIXME: Perhaps the memory and locking code (crypto.h) should declare and 762 * use these types so we (and any other dependant code) can simplify a bit?? 763 */ 764typedef void (*dyn_lock_locking_cb) (int, int, const char *, int); 765typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int); 766typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *, 767 int); 768typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *, 769 const char *, int); 770typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *, 771 const char *, int); 772typedef struct st_dynamic_LOCK_fns { 773 dyn_lock_locking_cb lock_locking_cb; 774 dyn_lock_add_lock_cb lock_add_lock_cb; 775 dyn_dynlock_create_cb dynlock_create_cb; 776 dyn_dynlock_lock_cb dynlock_lock_cb; 777 dyn_dynlock_destroy_cb dynlock_destroy_cb; 778} dynamic_LOCK_fns; 779/* The top-level structure */ 780typedef struct st_dynamic_fns { 781 void *static_state; 782 const ERR_FNS *err_fns; 783 const CRYPTO_EX_DATA_IMPL *ex_data_fns; 784 dynamic_MEM_fns mem_fns; 785 dynamic_LOCK_fns lock_fns; 786} dynamic_fns; 787 788/* 789 * The version checking function should be of this prototype. NB: The 790 * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading 791 * code. If this function returns zero, it indicates a (potential) version 792 * incompatibility and the loaded library doesn't believe it can proceed. 793 * Otherwise, the returned value is the (latest) version supported by the 794 * loading library. The loader may still decide that the loaded code's 795 * version is unsatisfactory and could veto the load. The function is 796 * expected to be implemented with the symbol name "v_check", and a default 797 * implementation can be fully instantiated with 798 * IMPLEMENT_DYNAMIC_CHECK_FN(). 799 */ 800typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version); 801# define IMPLEMENT_DYNAMIC_CHECK_FN() \ 802 OPENSSL_EXPORT unsigned long v_check(unsigned long v); \ 803 OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ 804 if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ 805 return 0; } 806 807/* 808 * This function is passed the ENGINE structure to initialise with its own 809 * function and command settings. It should not adjust the structural or 810 * functional reference counts. If this function returns zero, (a) the load 811 * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto 812 * the structure, and (c) the shared library will be unloaded. So 813 * implementations should do their own internal cleanup in failure 814 * circumstances otherwise they could leak. The 'id' parameter, if non-NULL, 815 * represents the ENGINE id that the loader is looking for. If this is NULL, 816 * the shared library can choose to return failure or to initialise a 817 * 'default' ENGINE. If non-NULL, the shared library must initialise only an 818 * ENGINE matching the passed 'id'. The function is expected to be 819 * implemented with the symbol name "bind_engine". A standard implementation 820 * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter 821 * 'fn' is a callback function that populates the ENGINE structure and 822 * returns an int value (zero for failure). 'fn' should have prototype; 823 * [static] int fn(ENGINE *e, const char *id); 824 */ 825typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id, 826 const dynamic_fns *fns); 827# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ 828 OPENSSL_EXPORT \ 829 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \ 830 OPENSSL_EXPORT \ 831 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ 832 if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ 833 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ 834 fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ 835 return 0; \ 836 CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ 837 CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ 838 CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ 839 CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ 840 CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ 841 if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ 842 return 0; \ 843 if(!ERR_set_implementation(fns->err_fns)) return 0; \ 844 skip_cbs: \ 845 if(!fn(e,id)) return 0; \ 846 return 1; } 847 848/* 849 * If the loading application (or library) and the loaded ENGINE library 850 * share the same static data (eg. they're both dynamically linked to the 851 * same libcrypto.so) we need a way to avoid trying to set system callbacks - 852 * this would fail, and for the same reason that it's unnecessary to try. If 853 * the loaded ENGINE has (or gets from through the loader) its own copy of 854 * the libcrypto static data, we will need to set the callbacks. The easiest 855 * way to detect this is to have a function that returns a pointer to some 856 * static data and let the loading application and loaded ENGINE compare 857 * their respective values. 858 */ 859void *ENGINE_get_static_state(void); 860 861# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) 862void ENGINE_setup_bsd_cryptodev(void); 863# endif 864 865/* BEGIN ERROR CODES */ 866/* 867 * The following lines are auto generated by the script mkerr.pl. Any changes 868 * made after this point may be overwritten when the script is next run. 869 */ 870void ERR_load_ENGINE_strings(void); 871 872/* Error codes for the ENGINE functions. */ 873 874/* Function codes. */ 875# define ENGINE_F_DYNAMIC_CTRL 180 876# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 877# define ENGINE_F_DYNAMIC_LOAD 182 878# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 879# define ENGINE_F_ENGINE_ADD 105 880# define ENGINE_F_ENGINE_BY_ID 106 881# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 882# define ENGINE_F_ENGINE_CTRL 142 883# define ENGINE_F_ENGINE_CTRL_CMD 178 884# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 885# define ENGINE_F_ENGINE_FINISH 107 886# define ENGINE_F_ENGINE_FREE_UTIL 108 887# define ENGINE_F_ENGINE_GET_CIPHER 185 888# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 889# define ENGINE_F_ENGINE_GET_DIGEST 186 890# define ENGINE_F_ENGINE_GET_NEXT 115 891# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 892# define ENGINE_F_ENGINE_GET_PKEY_METH 192 893# define ENGINE_F_ENGINE_GET_PREV 116 894# define ENGINE_F_ENGINE_INIT 119 895# define ENGINE_F_ENGINE_LIST_ADD 120 896# define ENGINE_F_ENGINE_LIST_REMOVE 121 897# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 898# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 899# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 900# define ENGINE_F_ENGINE_NEW 122 901# define ENGINE_F_ENGINE_REMOVE 123 902# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 903# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 904# define ENGINE_F_ENGINE_SET_ID 129 905# define ENGINE_F_ENGINE_SET_NAME 130 906# define ENGINE_F_ENGINE_TABLE_REGISTER 184 907# define ENGINE_F_ENGINE_UNLOAD_KEY 152 908# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 909# define ENGINE_F_ENGINE_UP_REF 190 910# define ENGINE_F_INT_CTRL_HELPER 172 911# define ENGINE_F_INT_ENGINE_CONFIGURE 188 912# define ENGINE_F_INT_ENGINE_MODULE_INIT 187 913# define ENGINE_F_LOG_MESSAGE 141 914 915/* Reason codes. */ 916# define ENGINE_R_ALREADY_LOADED 100 917# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133 918# define ENGINE_R_CMD_NOT_EXECUTABLE 134 919# define ENGINE_R_COMMAND_TAKES_INPUT 135 920# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136 921# define ENGINE_R_CONFLICTING_ENGINE_ID 103 922# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 923# define ENGINE_R_DH_NOT_IMPLEMENTED 139 924# define ENGINE_R_DSA_NOT_IMPLEMENTED 140 925# define ENGINE_R_DSO_FAILURE 104 926# define ENGINE_R_DSO_NOT_FOUND 132 927# define ENGINE_R_ENGINES_SECTION_ERROR 148 928# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 929# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 930# define ENGINE_R_ENGINE_SECTION_ERROR 149 931# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 932# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 933# define ENGINE_R_FINISH_FAILED 106 934# define ENGINE_R_GET_HANDLE_FAILED 107 935# define ENGINE_R_ID_OR_NAME_MISSING 108 936# define ENGINE_R_INIT_FAILED 109 937# define ENGINE_R_INTERNAL_LIST_ERROR 110 938# define ENGINE_R_INVALID_ARGUMENT 143 939# define ENGINE_R_INVALID_CMD_NAME 137 940# define ENGINE_R_INVALID_CMD_NUMBER 138 941# define ENGINE_R_INVALID_INIT_VALUE 151 942# define ENGINE_R_INVALID_STRING 150 943# define ENGINE_R_NOT_INITIALISED 117 944# define ENGINE_R_NOT_LOADED 112 945# define ENGINE_R_NO_CONTROL_FUNCTION 120 946# define ENGINE_R_NO_INDEX 144 947# define ENGINE_R_NO_LOAD_FUNCTION 125 948# define ENGINE_R_NO_REFERENCE 130 949# define ENGINE_R_NO_SUCH_ENGINE 116 950# define ENGINE_R_NO_UNLOAD_FUNCTION 126 951# define ENGINE_R_PROVIDE_PARAMETERS 113 952# define ENGINE_R_RSA_NOT_IMPLEMENTED 141 953# define ENGINE_R_UNIMPLEMENTED_CIPHER 146 954# define ENGINE_R_UNIMPLEMENTED_DIGEST 147 955# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 956# define ENGINE_R_VERSION_INCOMPATIBILITY 145 957 958#ifdef __cplusplus 959} 960#endif 961#endif 962