engine_load_openssl_int();
return 1;
}
-# ifndef OPENSSL_NO_DEVCRYPTOENG
-static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT;
-DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto)
-{
-# ifdef OPENSSL_INIT_DEBUG
- fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: "
- "engine_load_devcrypto_int()\n");
-# endif
- engine_load_devcrypto_int();
- return 1;
-}
-# endif
# ifndef OPENSSL_NO_RDRAND
static CRYPTO_ONCE engine_rdrand = CRYPTO_ONCE_STATIC_INIT;
return 1;
}
# ifndef OPENSSL_NO_STATIC_ENGINE
+# ifndef OPENSSL_NO_DEVCRYPTOENG
+static CRYPTO_ONCE engine_devcrypto = CRYPTO_ONCE_STATIC_INIT;
+DEFINE_RUN_ONCE_STATIC(ossl_init_engine_devcrypto)
+{
+# ifdef OPENSSL_INIT_DEBUG
+ fprintf(stderr, "OPENSSL_INIT: ossl_init_engine_devcrypto: "
+ "engine_load_devcrypto_int()\n");
+# endif
+ engine_load_devcrypto_int();
+ return 1;
+}
+# endif
# if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
static CRYPTO_ONCE engine_padlock = CRYPTO_ONCE_STATIC_INIT;
DEFINE_RUN_ONCE_STATIC(ossl_init_engine_padlock)
if ((opts & OPENSSL_INIT_ENGINE_OPENSSL)
&& !RUN_ONCE(&engine_openssl, ossl_init_engine_openssl))
return 0;
-# if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_DEVCRYPTOENG)
- if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
- && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto))
- return 0;
-# endif
# ifndef OPENSSL_NO_RDRAND
if ((opts & OPENSSL_INIT_ENGINE_RDRAND)
&& !RUN_ONCE(&engine_rdrand, ossl_init_engine_rdrand))
&& !RUN_ONCE(&engine_dynamic, ossl_init_engine_dynamic))
return 0;
# ifndef OPENSSL_NO_STATIC_ENGINE
+# ifndef OPENSSL_NO_DEVCRYPTOENG
+ if ((opts & OPENSSL_INIT_ENGINE_CRYPTODEV)
+ && !RUN_ONCE(&engine_devcrypto, ossl_init_engine_devcrypto))
+ return 0;
+# endif
# if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_PADLOCK)
if ((opts & OPENSSL_INIT_ENGINE_PADLOCK)
&& !RUN_ONCE(&engine_padlock, ossl_init_engine_padlock))
* https://www.openssl.org/source/license.html
*/
-#include "e_os.h"
+#include "../e_os.h"
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <openssl/objects.h>
#include <crypto/cryptodev.h>
-#include "internal/engine.h"
-
/* #define ENGINE_DEVCRYPTO_DEBUG */
#ifdef CRYPTO_ALGORITHM_MIN
# define CHECK_BSD_STYLE_MACROS
#endif
+#define engine_devcrypto_id "devcrypto"
+
/*
* ONE global file descriptor for all sessions. This allows operations
* such as digest session data copying (see digest_copy()), but is also
* saner... why re-open /dev/crypto for every session?
*/
-static int cfd;
+static int cfd = -1;
#define DEVCRYPTO_REQUIRE_ACCELERATED 0 /* require confirmation of acceleration */
#define DEVCRYPTO_USE_SOFTWARE 1 /* allow software drivers */
#define DEVCRYPTO_REJECT_SOFTWARE 2 /* only disallow confirmed software drivers */
char *driver_name;
};
+#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+void engine_load_devcrypto_int(void);
+#endif
+
/******************************************************************************
*
* Ciphers
*
*****/
-static int devcrypto_unload(ENGINE *e)
-{
- destroy_all_cipher_methods();
-#ifdef IMPLEMENT_DIGEST
- destroy_all_digest_methods();
-#endif
-
- close(cfd);
-
- return 1;
-}
/*
- * This engine is always built into libcrypto, so it doesn't offer any
- * ability to be dynamically loadable.
+ * Opens /dev/crypto
*/
-void engine_load_devcrypto_int()
+static int open_devcrypto(void)
{
- ENGINE *e = NULL;
+ if (cfd >= 0)
+ return 1;
if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
#ifndef ENGINE_DEVCRYPTO_DEBUG
if (errno != ENOENT)
#endif
fprintf(stderr, "Could not open /dev/crypto: %s\n", strerror(errno));
- return;
+ return 0;
}
- if ((e = ENGINE_new()) == NULL
- || !ENGINE_set_destroy_function(e, devcrypto_unload)) {
- ENGINE_free(e);
- /*
- * We know that devcrypto_unload() won't be called when one of the
- * above two calls have failed, so we close cfd explicitly here to
- * avoid leaking resources.
- */
- close(cfd);
- return;
+ return 1;
+}
+
+static int close_devcrypto(void)
+{
+ if (cfd < 0)
+ return 1;
+ cfd = -1;
+ if (close(cfd) == 0) {
+ fprintf(stderr, "Error closing /dev/crypto: %s\n", strerror(errno));
+ return 0;
}
+ return 1;
+}
- prepare_cipher_methods();
+static int devcrypto_unload(ENGINE *e)
+{
+ destroy_all_cipher_methods();
#ifdef IMPLEMENT_DIGEST
- prepare_digest_methods();
+ destroy_all_digest_methods();
#endif
- if (!ENGINE_set_id(e, "devcrypto")
+ close_devcrypto();
+
+ return 1;
+}
+
+static int bind_devcrypto(ENGINE *e) {
+
+ if (!ENGINE_set_id(e, engine_devcrypto_id)
|| !ENGINE_set_name(e, "/dev/crypto engine")
+ || !ENGINE_set_destroy_function(e, devcrypto_unload)
|| !ENGINE_set_cmd_defns(e, devcrypto_cmds)
- || !ENGINE_set_ctrl_function(e, devcrypto_ctrl)
+ || !ENGINE_set_ctrl_function(e, devcrypto_ctrl))
+ return 0;
+ prepare_cipher_methods();
+#ifdef IMPLEMENT_DIGEST
+ prepare_digest_methods();
+#endif
+
+ return (ENGINE_set_ciphers(e, devcrypto_ciphers)
+#ifdef IMPLEMENT_DIGEST
+ && ENGINE_set_digests(e, devcrypto_digests)
+#endif
/*
* Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD
* implementations, it seems to only exist in FreeBSD, and regarding the
*/
#if 0
# ifndef OPENSSL_NO_RSA
- || !ENGINE_set_RSA(e, devcrypto_rsa)
+ && ENGINE_set_RSA(e, devcrypto_rsa)
# endif
# ifndef OPENSSL_NO_DSA
- || !ENGINE_set_DSA(e, devcrypto_dsa)
+ && ENGINE_set_DSA(e, devcrypto_dsa)
# endif
# ifndef OPENSSL_NO_DH
- || !ENGINE_set_DH(e, devcrypto_dh)
+ && ENGINE_set_DH(e, devcrypto_dh)
# endif
# ifndef OPENSSL_NO_EC
- || !ENGINE_set_EC(e, devcrypto_ec)
+ && ENGINE_set_EC(e, devcrypto_ec)
# endif
#endif
- || !ENGINE_set_ciphers(e, devcrypto_ciphers)
-#ifdef IMPLEMENT_DIGEST
- || !ENGINE_set_digests(e, devcrypto_digests)
-#endif
- ) {
+ );
+}
+
+#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+/*
+ * In case this engine is built into libcrypto, then it doesn't offer any
+ * ability to be dynamically loadable.
+ */
+void engine_load_devcrypto_int(void)
+{
+ ENGINE *e = NULL;
+
+ if (!open_devcrypto())
+ return;
+
+ if ((e = ENGINE_new()) == NULL
+ || !bind_devcrypto(e)) {
+ close_devcrypto();
ENGINE_free(e);
return;
}
ENGINE_free(e); /* Loose our local reference */
ERR_clear_error();
}
+
+#else
+
+static int bind_helper(ENGINE *e, const char *id)
+{
+ if ((id && (strcmp(id, engine_devcrypto_id) != 0))
+ || !open_devcrypto())
+ return 0;
+ if (!bind_devcrypto(e)) {
+ close_devcrypto();
+ return 0;
+ }
+ return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+
+#endif
projects / openssl / commitdiff