diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/conf/conf_mall.c | 4 | ||||
| -rw-r--r-- | crypto/conf/conf_sap.c | 4 | ||||
| -rw-r--r-- | crypto/dh/dh.h | 2 | ||||
| -rw-r--r-- | crypto/dh/dh_key.c | 2 | ||||
| -rw-r--r-- | crypto/dh/dh_lib.c | 10 | ||||
| -rw-r--r-- | crypto/dsa/dsa.h | 2 | ||||
| -rw-r--r-- | crypto/dsa/dsa_lib.c | 10 | ||||
| -rw-r--r-- | crypto/dsa/dsa_ossl.c | 2 | ||||
| -rw-r--r-- | crypto/dsa/dsa_sign.c | 2 | ||||
| -rw-r--r-- | crypto/dsa/dsa_vrf.c | 2 | ||||
| -rw-r--r-- | crypto/dsa/dsatest.c | 2 | ||||
| -rw-r--r-- | crypto/ec/ectest.c | 4 | ||||
| -rw-r--r-- | crypto/engine/engine.h | 5 | ||||
| -rw-r--r-- | crypto/engine/enginetest.c | 11 | ||||
| -rw-r--r-- | crypto/err/err_all.c | 4 | ||||
| -rw-r--r-- | crypto/evp/digest.c | 13 | ||||
| -rw-r--r-- | crypto/evp/evp.h | 4 | ||||
| -rw-r--r-- | crypto/evp/evp_acnf.c | 2 | ||||
| -rw-r--r-- | crypto/evp/evp_enc.c | 10 | ||||
| -rw-r--r-- | crypto/evp/evp_test.c | 9 | ||||
| -rw-r--r-- | crypto/rand/rand.h | 2 | ||||
| -rw-r--r-- | crypto/rand/rand_lib.c | 10 | ||||
| -rw-r--r-- | crypto/rsa/rsa.h | 2 | ||||
| -rw-r--r-- | crypto/rsa/rsa_eay.c | 2 | ||||
| -rw-r--r-- | crypto/rsa/rsa_lib.c | 10 | ||||
| -rw-r--r-- | crypto/rsa/rsa_sign.c | 6 | ||||
| -rw-r--r-- | crypto/rsa/rsa_test.c | 2 |
27 files changed, 136 insertions, 2 deletions
diff --git a/crypto/conf/conf_mall.c b/crypto/conf/conf_mall.c index d702af689b..4ba40cf44c 100644 --- a/crypto/conf/conf_mall.c +++ b/crypto/conf/conf_mall.c @@ -63,7 +63,9 @@ #include <openssl/dso.h> #include <openssl/x509.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif /* Load all OpenSSL builtin modules */ @@ -71,6 +73,8 @@ void OPENSSL_load_builtin_modules(void) { /* Add builtin modules here */ ASN1_add_oid_module(); +#ifndef OPENSSL_NO_ENGINE ENGINE_add_conf_module(); +#endif } diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c index 97fb174303..e15c2e5546 100644 --- a/crypto/conf/conf_sap.c +++ b/crypto/conf/conf_sap.c @@ -63,7 +63,9 @@ #include <openssl/dso.h> #include <openssl/x509.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif /* This is the automatic configuration loader: it is called automatically by * OpenSSL when any of a number of standard initialisation functions are called, @@ -78,8 +80,10 @@ void OPENSSL_config(const char *config_name) return; OPENSSL_load_builtin_modules(); +#ifndef OPENSSL_NO_ENGINE /* Need to load ENGINEs */ ENGINE_load_builtin_engines(); +#endif /* Add others here? */ diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 62dba4055c..38214082f7 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -119,7 +119,9 @@ struct dh_st int references; CRYPTO_EX_DATA ex_data; const DH_METHOD *meth; +#ifndef OPENSSL_NO_ENGINE ENGINE *engine; +#endif }; #define DH_GENERATOR_2 2 diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 5e58e0032f..28c20750bd 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -61,7 +61,9 @@ #include <openssl/bn.h> #include <openssl/rand.h> #include <openssl/dh.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index ba5fd41057..09965ee2ea 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -60,7 +60,9 @@ #include "cryptlib.h" #include <openssl/bn.h> #include <openssl/dh.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; @@ -85,11 +87,13 @@ int DH_set_method(DH *dh, const DH_METHOD *meth) const DH_METHOD *mtmp; mtmp = dh->meth; if (mtmp->finish) mtmp->finish(dh); +#ifndef OPENSSL_NO_ENGINE if (dh->engine) { ENGINE_finish(dh->engine); dh->engine = NULL; } +#endif dh->meth = meth; if (meth->init) meth->init(dh); return 1; @@ -112,6 +116,7 @@ DH *DH_new_method(ENGINE *engine) } ret->meth = DH_get_default_method(); +#ifndef OPENSSL_NO_ENGINE if (engine) { if (!ENGINE_init(engine)) @@ -135,6 +140,7 @@ DH *DH_new_method(ENGINE *engine) return NULL; } } +#endif ret->pad=0; ret->version=0; @@ -154,8 +160,10 @@ DH *DH_new_method(ENGINE *engine) CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { +#ifndef OPENSSL_NO_ENGINE if (ret->engine) ENGINE_finish(ret->engine); +#endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); OPENSSL_free(ret); ret=NULL; @@ -182,8 +190,10 @@ void DH_free(DH *r) if (r->meth->finish) r->meth->finish(r); +#ifndef OPENSSL_NO_ENGINE if (r->engine) ENGINE_finish(r->engine); +#endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 6ba79b01df..63fcce9a33 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -142,8 +142,10 @@ struct dsa_st int references; CRYPTO_EX_DATA ex_data; const DSA_METHOD *meth; +#ifndef OPENSSL_NO_ENGINE /* functional reference if 'meth' is ENGINE-provided */ ENGINE *engine; +#endif }; #define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \ diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index 579f73f869..4171af24c6 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -63,7 +63,9 @@ #include <openssl/bn.h> #include <openssl/dsa.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; @@ -93,11 +95,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) const DSA_METHOD *mtmp; mtmp = dsa->meth; if (mtmp->finish) mtmp->finish(dsa); +#ifndef OPENSSL_NO_ENGINE if (dsa->engine) { ENGINE_finish(dsa->engine); dsa->engine = NULL; } +#endif dsa->meth = meth; if (meth->init) meth->init(dsa); return 1; @@ -114,6 +118,7 @@ DSA *DSA_new_method(ENGINE *engine) return(NULL); } ret->meth = DSA_get_default_method(); +#ifndef OPENSSL_NO_ENGINE if (engine) { if (!ENGINE_init(engine)) @@ -138,6 +143,7 @@ DSA *DSA_new_method(ENGINE *engine) return NULL; } } +#endif ret->pad=0; ret->version=0; @@ -158,8 +164,10 @@ DSA *DSA_new_method(ENGINE *engine) CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { +#ifndef OPENSSL_NO_ENGINE if (ret->engine) ENGINE_finish(ret->engine); +#endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); OPENSSL_free(ret); ret=NULL; @@ -189,8 +197,10 @@ void DSA_free(DSA *r) if(r->meth->finish) r->meth->finish(r); +#ifndef OPENSSL_NO_ENGINE if(r->engine) ENGINE_finish(r->engine); +#endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 70d60d9e29..3a8d2bbc35 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -64,7 +64,9 @@ #include <openssl/dsa.h> #include <openssl/rand.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c index e9469ca62f..5cdc8ed851 100644 --- a/crypto/dsa/dsa_sign.c +++ b/crypto/dsa/dsa_sign.c @@ -64,7 +64,9 @@ #include <openssl/dsa.h> #include <openssl/rand.h> #include <openssl/asn1.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c index 066c6b5b28..fffb129f8f 100644 --- a/crypto/dsa/dsa_vrf.c +++ b/crypto/dsa/dsa_vrf.c @@ -65,7 +65,9 @@ #include <openssl/rand.h> #include <openssl/asn1.h> #include <openssl/asn1_mac.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c index c341c1b49c..75eca097a5 100644 --- a/crypto/dsa/dsatest.c +++ b/crypto/dsa/dsatest.c @@ -74,7 +74,9 @@ #include <openssl/rand.h> #include <openssl/bio.h> #include <openssl/err.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #ifdef OPENSSL_SYS_WINDOWS #include "../bio/bss_file.c" #endif diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c index e292da3384..e91c8fffb3 100644 --- a/crypto/ec/ectest.c +++ b/crypto/ec/ectest.c @@ -86,7 +86,9 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur #include <openssl/ec.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #include <openssl/err.h> #include <openssl/obj_mac.h> #include <openssl/objects.h> @@ -1227,7 +1229,9 @@ int main(int argc, char *argv[]) /* test the internal curves */ internal_curve_test(); +#ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); +#endif CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); ERR_remove_state(0); diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 44b3849b25..43500a8676 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -65,6 +65,11 @@ #define HEADER_ENGINE_H #include <openssl/opensslconf.h> + +#ifdef OPENSSL_NO_ENGINE +#error ENGINE is disabled. +#endif + #include <openssl/ossl_typ.h> #include <openssl/bn.h> #ifndef OPENSSL_NO_RSA diff --git a/crypto/engine/enginetest.c b/crypto/engine/enginetest.c index 87fa8c57b7..c2d0297392 100644 --- a/crypto/engine/enginetest.c +++ b/crypto/engine/enginetest.c @@ -56,9 +56,17 @@ * */ -#include <openssl/e_os2.h> #include <stdio.h> #include <string.h> + +#ifdef OPENSSL_NO_ENGINE +int main(int argc, char *argv[]) +{ + printf("No ENGINE support\n"); + return(0); +} +#else +#include <openssl/e_os2.h> #include <openssl/buffer.h> #include <openssl/crypto.h> #include <openssl/engine.h> @@ -272,3 +280,4 @@ end: CRYPTO_mem_leaks_fp(stderr); return to_return; } +#endif diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index 812ab7cbe6..6da4326b2a 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -88,7 +88,9 @@ #include <openssl/pkcs12.h> #include <openssl/rand.h> #include <openssl/dso.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #include <openssl/ocsp.h> #include <openssl/err.h> @@ -134,7 +136,9 @@ void ERR_load_crypto_strings(void) ERR_load_PKCS12_strings(); ERR_load_RAND_strings(); ERR_load_DSO_strings(); +#ifndef OPENSSL_NO_ENGINE ERR_load_ENGINE_strings(); +#endif ERR_load_OCSP_strings(); ERR_load_UI_strings(); #endif diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 33013c41a6..5b2104ac12 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -113,7 +113,9 @@ #include "cryptlib.h" #include <openssl/objects.h> #include <openssl/evp.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { @@ -138,6 +140,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); +#ifndef OPENSSL_NO_ENGINE /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts * so this context may already have an ENGINE! Try to avoid releasing * the previous handle, re-querying for an ENGINE, and having a @@ -183,7 +186,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) else ctx->engine = NULL; } - else if(!ctx->digest) + else +#endif + if(!ctx->digest) { EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET); return 0; @@ -196,7 +201,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if (type->ctx_size) ctx->md_data=OPENSSL_malloc(type->ctx_size); } +#ifndef OPENSSL_NO_ENGINE skip_to_init: +#endif return ctx->digest->init(ctx); } @@ -246,12 +253,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); return 0; } +#ifndef OPENSSL_NO_ENGINE /* Make sure it's safe to copy a digest context using an ENGINE */ if (in->engine && !ENGINE_init(in->engine)) { EVPerr(EVP_F_EVP_MD_CTX_COPY,ERR_R_ENGINE_LIB); return 0; } +#endif EVP_MD_CTX_cleanup(out); memcpy(out,in,sizeof *out); @@ -304,10 +313,12 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); OPENSSL_free(ctx->md_data); } +#ifndef OPENSSL_NO_ENGINE if(ctx->engine) /* The EVP_MD we used belongs to an ENGINE, release the * functional reference we held for this reason. */ ENGINE_finish(ctx->engine); +#endif memset(ctx,'\0',sizeof *ctx); return 1; diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index b084a35809..a58ece3a40 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -277,7 +277,9 @@ struct env_md_st struct env_md_ctx_st { const EVP_MD *digest; +#ifndef OPENSSL_NO_ENGINE ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */ +#endif unsigned long flags; void *md_data; } /* EVP_MD_CTX */; @@ -349,7 +351,9 @@ typedef struct evp_cipher_info_st struct evp_cipher_ctx_st { const EVP_CIPHER *cipher; +#ifndef OPENSSL_NO_ENGINE ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */ +#endif int encrypt; /* encrypt or decrypt */ int buf_len; /* number we have left */ diff --git a/crypto/evp/evp_acnf.c b/crypto/evp/evp_acnf.c index a68b979bdb..54c073ca44 100644 --- a/crypto/evp/evp_acnf.c +++ b/crypto/evp/evp_acnf.c @@ -59,7 +59,9 @@ #include "cryptlib.h" #include <openssl/evp.h> #include <openssl/conf.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif /* Load all algorithms and configure OpenSSL. diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index ccfcc7e1b1..be0758a879 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -60,7 +60,9 @@ #include "cryptlib.h" #include <openssl/evp.h> #include <openssl/err.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #include "evp_locl.h" const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; @@ -91,6 +93,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp enc = 1; ctx->encrypt = enc; } +#ifndef OPENSSL_NO_ENGINE /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts * so this context may already have an ENGINE! Try to avoid releasing * the previous handle, re-querying for an ENGINE, and having a @@ -98,6 +101,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp if (ctx->engine && ctx->cipher && (!cipher || (cipher && (cipher->nid == ctx->cipher->nid)))) goto skip_to_init; +#endif if (cipher) { /* Ensure a context left lying around from last time is cleared @@ -107,6 +111,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp /* Restore encrypt field: it is zeroed by cleanup */ ctx->encrypt = enc; +#ifndef OPENSSL_NO_ENGINE if(impl) { if (!ENGINE_init(impl)) @@ -140,6 +145,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp } else ctx->engine = NULL; +#endif ctx->cipher=cipher; ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); @@ -159,7 +165,9 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); return 0; } +#ifndef OPENSSL_NO_ENGINE skip_to_init: +#endif /* we assume block size is a power of 2 in *cryptUpdate */ OPENSSL_assert(ctx->cipher->block_size == 1 || ctx->cipher->block_size == 8 @@ -460,10 +468,12 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) } if (c->cipher_data) OPENSSL_free(c->cipher_data); +#ifndef OPENSSL_NO_ENGINE if (c->engine) /* The EVP_CIPHER we used belongs to an ENGINE, release the * functional reference we held for this reason. */ ENGINE_finish(c->engine); +#endif memset(c,0,sizeof(EVP_CIPHER_CTX)); return 1; } diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c index 698aff21dc..28460173f7 100644 --- a/crypto/evp/evp_test.c +++ b/crypto/evp/evp_test.c @@ -53,7 +53,10 @@ #include "../e_os.h" #include <openssl/evp.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif +#include <openssl/err.h> #include <openssl/conf.h> static void hexdump(FILE *f,const char *title,const unsigned char *s,int l) @@ -330,11 +333,14 @@ int main(int argc,char **argv) /* Load up the software EVP_CIPHER and EVP_MD definitions */ OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); +#ifndef OPENSSL_NO_ENGINE /* Load all compiled-in ENGINEs */ ENGINE_load_builtin_engines(); +#endif #if 0 OPENSSL_config(); #endif +#ifndef OPENSSL_NO_ENGINE /* Register all available ENGINE implementations of ciphers and digests. * This could perhaps be changed to "ENGINE_register_all_complete()"? */ ENGINE_register_all_ciphers(); @@ -343,6 +349,7 @@ int main(int argc,char **argv) * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use if * they weren't already initialised. */ /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */ +#endif for( ; ; ) { @@ -384,7 +391,9 @@ int main(int argc,char **argv) } } +#ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); +#endif EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index 66e39991ec..606382dd21 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -87,7 +87,9 @@ extern int rand_predictable; int RAND_set_rand_method(const RAND_METHOD *meth); const RAND_METHOD *RAND_get_rand_method(void); +#ifndef OPENSSL_NO_ENGINE int RAND_set_rand_engine(ENGINE *engine); +#endif RAND_METHOD *RAND_SSLeay(void); void RAND_cleanup(void ); int RAND_bytes(unsigned char *buf,int num); diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 5cf5dc1188..513e338985 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -60,19 +60,25 @@ #include <time.h> #include "cryptlib.h" #include <openssl/rand.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif +#ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref =NULL; +#endif static const RAND_METHOD *default_RAND_meth = NULL; int RAND_set_rand_method(const RAND_METHOD *meth) { +#ifndef OPENSSL_NO_ENGINE if(funct_ref) { ENGINE_finish(funct_ref); funct_ref = NULL; } +#endif default_RAND_meth = meth; return 1; } @@ -81,6 +87,7 @@ const RAND_METHOD *RAND_get_rand_method(void) { if (!default_RAND_meth) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = ENGINE_get_default_RAND(); if(e) { @@ -94,11 +101,13 @@ const RAND_METHOD *RAND_get_rand_method(void) if(e) funct_ref = e; else +#endif default_RAND_meth = RAND_SSLeay(); } return default_RAND_meth; } +#ifndef OPENSSL_NO_ENGINE int RAND_set_rand_engine(ENGINE *engine) { const RAND_METHOD *tmp_meth = NULL; @@ -118,6 +127,7 @@ int RAND_set_rand_engine(ENGINE *engine) funct_ref = engine; return 1; } +#endif void RAND_cleanup(void) { diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index b005b4b0b3..68696f8219 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -128,8 +128,10 @@ struct rsa_st int pad; long version; const RSA_METHOD *meth; +#ifndef OPENSSL_NO_ENGINE /* functional reference if 'meth' is ENGINE-provided */ ENGINE *engine; +#endif BIGNUM *n; BIGNUM *e; BIGNUM *d; diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index cab34847df..d4e30647d1 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -61,7 +61,9 @@ #include <openssl/bn.h> #include <openssl/rsa.h> #include <openssl/rand.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #ifndef RSA_NULL diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 93235744f7..889c36d3a6 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -62,7 +62,9 @@ #include <openssl/lhash.h> #include <openssl/bn.h> #include <openssl/rsa.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; @@ -108,11 +110,13 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) const RSA_METHOD *mtmp; mtmp = rsa->meth; if (mtmp->finish) mtmp->finish(rsa); +#ifndef OPENSSL_NO_ENGINE if (rsa->engine) { ENGINE_finish(rsa->engine); rsa->engine = NULL; } +#endif rsa->meth = meth; if (meth->init) meth->init(rsa); return 1; @@ -130,6 +134,7 @@ RSA *RSA_new_method(ENGINE *engine) } ret->meth = RSA_get_default_method(); +#ifndef OPENSSL_NO_ENGINE if (engine) { if (!ENGINE_init(engine)) @@ -154,6 +159,7 @@ RSA *RSA_new_method(ENGINE *engine) return NULL; } } +#endif ret->pad=0; ret->version=0; @@ -175,8 +181,10 @@ RSA *RSA_new_method(ENGINE *engine) CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { +#ifndef OPENSSL_NO_ENGINE if (ret->engine) ENGINE_finish(ret->engine); +#endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); OPENSSL_free(ret); ret=NULL; @@ -205,8 +213,10 @@ void RSA_free(RSA *r) if (r->meth->finish) r->meth->finish(r); +#ifndef OPENSSL_NO_ENGINE if (r->engine) ENGINE_finish(r->engine); +#endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 4ac2de3407..9dd62ac956 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -62,7 +62,9 @@ #include <openssl/rsa.h> #include <openssl/objects.h> #include <openssl/x509.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif /* Size of an SSL signature: MD5+SHA1 */ #define SSL_SIG_LENGTH 36 @@ -77,10 +79,12 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, const unsigned char *s = NULL; X509_ALGOR algor; ASN1_OCTET_STRING digest; +#ifndef OPENSSL_NO_ENGINE if((rsa->flags & RSA_FLAG_SIGN_VER) && ENGINE_get_RSA(rsa->engine)->rsa_sign) return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, m, m_len, sigret, siglen, rsa); +#endif /* Special case: SSL signature, just check the length */ if(type == NID_md5_sha1) { if(m_len != SSL_SIG_LENGTH) { @@ -155,10 +159,12 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, return(0); } +#ifndef OPENSSL_NO_ENGINE if((rsa->flags & RSA_FLAG_SIGN_VER) && ENGINE_get_RSA(rsa->engine)->rsa_verify) return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); +#endif s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c index b8b462d33b..99abb1fde7 100644 --- a/crypto/rsa/rsa_test.c +++ b/crypto/rsa/rsa_test.c @@ -16,7 +16,9 @@ int main(int argc, char *argv[]) } #else #include <openssl/rsa.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #define SetKey \ key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ |