OpenCoverage

eng_openssl.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/engine/eng_openssl.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: eng_openssl.c,v 1.13 2018/04/14 07:18:37 tb Exp $ */-
2/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL-
3 * project 2000.-
4 */-
5/* ====================================================================-
6 * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.-
7 *-
8 * Redistribution and use in source and binary forms, with or without-
9 * modification, are permitted provided that the following conditions-
10 * are met:-
11 *-
12 * 1. Redistributions of source code must retain the above copyright-
13 * notice, this list of conditions and the following disclaimer.-
14 *-
15 * 2. Redistributions in binary form must reproduce the above copyright-
16 * notice, this list of conditions and the following disclaimer in-
17 * the documentation and/or other materials provided with the-
18 * distribution.-
19 *-
20 * 3. All advertising materials mentioning features or use of this-
21 * software must display the following acknowledgment:-
22 * "This product includes software developed by the OpenSSL Project-
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"-
24 *-
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
26 * endorse or promote products derived from this software without-
27 * prior written permission. For written permission, please contact-
28 * licensing@OpenSSL.org.-
29 *-
30 * 5. Products derived from this software may not be called "OpenSSL"-
31 * nor may "OpenSSL" appear in their names without prior written-
32 * permission of the OpenSSL Project.-
33 *-
34 * 6. Redistributions of any form whatsoever must retain the following-
35 * acknowledgment:-
36 * "This product includes software developed by the OpenSSL Project-
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"-
38 *-
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
50 * OF THE POSSIBILITY OF SUCH DAMAGE.-
51 * ====================================================================-
52 *-
53 * This product includes cryptographic software written by Eric Young-
54 * (eay@cryptsoft.com). This product includes software written by Tim-
55 * Hudson (tjh@cryptsoft.com).-
56 *-
57 */-
58/* ====================================================================-
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.-
60 * ECDH support in OpenSSL originally developed by-
61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.-
62 */-
63-
64#include <stdio.h>-
65#include <string.h>-
66-
67#include <openssl/opensslconf.h>-
68-
69#include <openssl/crypto.h>-
70#include <openssl/dso.h>-
71#include <openssl/engine.h>-
72#include <openssl/err.h>-
73#include <openssl/evp.h>-
74#include <openssl/pem.h>-
75#include <openssl/rand.h>-
76-
77#ifndef OPENSSL_NO_DH-
78#include <openssl/dh.h>-
79#endif-
80#ifndef OPENSSL_NO_DSA-
81#include <openssl/dsa.h>-
82#endif-
83#ifndef OPENSSL_NO_RSA-
84#include <openssl/rsa.h>-
85#endif-
86-
87/* This testing gunk is implemented (and explained) lower down. It also assumes-
88 * the application explicitly calls "ENGINE_load_openssl()" because this is no-
89 * longer automatic in ENGINE_load_builtin_engines(). */-
90#define TEST_ENG_OPENSSL_RC4-
91#define TEST_ENG_OPENSSL_PKEY-
92/* #define TEST_ENG_OPENSSL_RC4_OTHERS */-
93#define TEST_ENG_OPENSSL_RC4_P_INIT-
94/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */-
95#define TEST_ENG_OPENSSL_SHA-
96/* #define TEST_ENG_OPENSSL_SHA_OTHERS */-
97/* #define TEST_ENG_OPENSSL_SHA_P_INIT */-
98/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */-
99/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */-
100-
101/* Now check what of those algorithms are actually enabled */-
102#ifdef OPENSSL_NO_RC4-
103#undef TEST_ENG_OPENSSL_RC4-
104#undef TEST_ENG_OPENSSL_RC4_OTHERS-
105#undef TEST_ENG_OPENSSL_RC4_P_INIT-
106#undef TEST_ENG_OPENSSL_RC4_P_CIPHER-
107#endif-
108#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)-
109#undef TEST_ENG_OPENSSL_SHA-
110#undef TEST_ENG_OPENSSL_SHA_OTHERS-
111#undef TEST_ENG_OPENSSL_SHA_P_INIT-
112#undef TEST_ENG_OPENSSL_SHA_P_UPDATE-
113#undef TEST_ENG_OPENSSL_SHA_P_FINAL-
114#endif-
115-
116#ifdef TEST_ENG_OPENSSL_RC4-
117static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,-
118 const int **nids, int nid);-
119#endif-
120#ifdef TEST_ENG_OPENSSL_SHA-
121static int openssl_digests(ENGINE *e, const EVP_MD **digest,-
122 const int **nids, int nid);-
123#endif-
124-
125#ifdef TEST_ENG_OPENSSL_PKEY-
126static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,-
127 UI_METHOD *ui_method, void *callback_data);-
128#endif-
129-
130/* The constants used when creating the ENGINE */-
131static const char *engine_openssl_id = "openssl";-
132static const char *engine_openssl_name = "Software engine support";-
133-
134/* This internal function is used by ENGINE_openssl() and possibly by the-
135 * "dynamic" ENGINE support too */-
136static int-
137bind_helper(ENGINE *e)-
138{-
139 if (!ENGINE_set_id(e, engine_openssl_id) ||
!ENGINE_set_id...ne_openssl_id)Description
TRUEnever evaluated
FALSEnever evaluated
0
140 !ENGINE_set_name(e, engine_openssl_name)
!ENGINE_set_na..._openssl_name)Description
TRUEnever evaluated
FALSEnever evaluated
0
141#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS-
142#ifndef OPENSSL_NO_RSA-
143 || !ENGINE_set_RSA(e, RSA_get_default_method())
!ENGINE_set_RS...ault_method())Description
TRUEnever evaluated
FALSEnever evaluated
0
144#endif-
145#ifndef OPENSSL_NO_DSA-
146 || !ENGINE_set_DSA(e, DSA_get_default_method())
!ENGINE_set_DS...ault_method())Description
TRUEnever evaluated
FALSEnever evaluated
0
147#endif-
148#ifndef OPENSSL_NO_ECDH-
149 || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
!ENGINE_set_EC...CDH_OpenSSL())Description
TRUEnever evaluated
FALSEnever evaluated
0
150#endif-
151#ifndef OPENSSL_NO_ECDSA-
152 || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
!ENGINE_set_EC...DSA_OpenSSL())Description
TRUEnever evaluated
FALSEnever evaluated
0
153#endif-
154#ifndef OPENSSL_NO_DH-
155 || !ENGINE_set_DH(e, DH_get_default_method())
!ENGINE_set_DH...ault_method())Description
TRUEnever evaluated
FALSEnever evaluated
0
156#endif-
157 || !ENGINE_set_RAND(e, RAND_SSLeay())
!ENGINE_set_RA...RAND_SSLeay())Description
TRUEnever evaluated
FALSEnever evaluated
0
158#ifdef TEST_ENG_OPENSSL_RC4-
159 || !ENGINE_set_ciphers(e, openssl_ciphers)
!ENGINE_set_ci...enssl_ciphers)Description
TRUEnever evaluated
FALSEnever evaluated
0
160#endif-
161#ifdef TEST_ENG_OPENSSL_SHA-
162 || !ENGINE_set_digests(e, openssl_digests)
!ENGINE_set_di...enssl_digests)Description
TRUEnever evaluated
FALSEnever evaluated
0
163#endif-
164#endif-
165#ifdef TEST_ENG_OPENSSL_PKEY-
166 || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
!ENGINE_set_lo..._load_privkey)Description
TRUEnever evaluated
FALSEnever evaluated
0
167#endif-
168 )-
169 return 0;
never executed: return 0;
0
170 /* If we add errors to this ENGINE, ensure the error handling is setup here */-
171 /* openssl_load_error_strings(); */-
172 return 1;
never executed: return 1;
0
173}-
174-
175static ENGINE *-
176engine_openssl(void)-
177{-
178 ENGINE *ret = ENGINE_new();-
179-
180 if (ret == NULL)
ret == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
181 return NULL;
never executed: return ((void *)0) ;
0
182 if (!bind_helper(ret)) {
!bind_helper(ret)Description
TRUEnever evaluated
FALSEnever evaluated
0
183 ENGINE_free(ret);-
184 return NULL;
never executed: return ((void *)0) ;
0
185 }-
186 return ret;
never executed: return ret;
0
187}-
188-
189void-
190ENGINE_load_openssl(void)-
191{-
192 ENGINE *toadd = engine_openssl();-
193-
194 if (toadd == NULL)
toadd == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
195 return;
never executed: return;
0
196 (void) ENGINE_add(toadd);-
197 /* If the "add" worked, it gets a structural reference. So either way,-
198 * we release our just-created reference. */-
199 ENGINE_free(toadd);-
200 ERR_clear_error();-
201}
never executed: end of block
0
202-
203/* This stuff is needed if this ENGINE is being compiled into a self-contained-
204 * shared-library. */-
205#ifdef ENGINE_DYNAMIC_SUPPORT-
206static int-
207bind_fn(ENGINE *e, const char *id)-
208{-
209 if (id && (strcmp(id, engine_openssl_id) != 0))-
210 return 0;-
211 if (!bind_helper(e))-
212 return 0;-
213 return 1;-
214}-
215IMPLEMENT_DYNAMIC_CHECK_FN()-
216IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)-
217#endif /* ENGINE_DYNAMIC_SUPPORT */-
218-
219#ifdef TEST_ENG_OPENSSL_RC4-
220/* This section of code compiles an "alternative implementation" of two modes of-
221 * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"-
222 * should under normal circumstances go via this support rather than the default-
223 * EVP support. There are other symbols to tweak the testing;-
224 * TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time-
225 * we're asked for a cipher we don't support (should not happen).-
226 * TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time-
227 * the "init_key" handler is called.-
228 * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.-
229 */-
230#include <openssl/rc4.h>-
231#define TEST_RC4_KEY_SIZE 16-
232static int test_cipher_nids[] = {NID_rc4, NID_rc4_40};-
233static int test_cipher_nids_number = 2;-
234-
235typedef struct {-
236 unsigned char key[TEST_RC4_KEY_SIZE];-
237 RC4_KEY ks;-
238} TEST_RC4_KEY;-
239-
240#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)-
241static int-
242test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,-
243 const unsigned char *iv, int enc)-
244{-
245#ifdef TEST_ENG_OPENSSL_RC4_P_INIT-
246 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");-
247#endif-
248 memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));-
249 RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),-
250 test(ctx)->key);-
251 return 1;
never executed: return 1;
0
252}-
253-
254static int-
255test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,-
256 const unsigned char *in, size_t inl)-
257{-
258#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER-
259 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");-
260#endif-
261 RC4(&test(ctx)->ks, inl, in, out);-
262 return 1;
never executed: return 1;
0
263}-
264-
265static const EVP_CIPHER test_r4_cipher = {-
266 NID_rc4,-
267 1, TEST_RC4_KEY_SIZE, 0,-
268 EVP_CIPH_VARIABLE_LENGTH,-
269 test_rc4_init_key,-
270 test_rc4_cipher,-
271 NULL,-
272 sizeof(TEST_RC4_KEY),-
273 NULL,-
274 NULL,-
275 NULL,-
276 NULL-
277};-
278-
279static const EVP_CIPHER test_r4_40_cipher = {-
280 NID_rc4_40,-
281 1,5 /* 40 bit */,0,-
282 EVP_CIPH_VARIABLE_LENGTH,-
283 test_rc4_init_key,-
284 test_rc4_cipher,-
285 NULL,-
286 sizeof(TEST_RC4_KEY),-
287 NULL,-
288 NULL,-
289 NULL,-
290 NULL-
291};-
292-
293static int-
294openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)-
295{-
296 if (!cipher) {
!cipherDescription
TRUEnever evaluated
FALSEnever evaluated
0
297 /* We are returning a list of supported nids */-
298 *nids = test_cipher_nids;-
299 return test_cipher_nids_number;
never executed: return test_cipher_nids_number;
0
300 }-
301 /* We are being asked for a specific cipher */-
302 if (nid == NID_rc4)
nid == 5Description
TRUEnever evaluated
FALSEnever evaluated
0
303 *cipher = &test_r4_cipher;
never executed: *cipher = &test_r4_cipher;
0
304 else if (nid == NID_rc4_40)
nid == 97Description
TRUEnever evaluated
FALSEnever evaluated
0
305 *cipher = &test_r4_40_cipher;
never executed: *cipher = &test_r4_40_cipher;
0
306 else {-
307#ifdef TEST_ENG_OPENSSL_RC4_OTHERS-
308 fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "-
309 "nid %d\n", nid);-
310#endif-
311 *cipher = NULL;-
312 return 0;
never executed: return 0;
0
313 }-
314 return 1;
never executed: return 1;
0
315}-
316#endif-
317-
318#ifdef TEST_ENG_OPENSSL_SHA-
319/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */-
320#include <openssl/sha.h>-
321static int test_digest_nids[] = {NID_sha1};-
322static int test_digest_nids_number = 1;-
323-
324static int-
325test_sha1_init(EVP_MD_CTX *ctx)-
326{-
327#ifdef TEST_ENG_OPENSSL_SHA_P_INIT-
328 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");-
329#endif-
330 return SHA1_Init(ctx->md_data);
never executed: return SHA1_Init(ctx->md_data);
0
331}-
332-
333static int-
334test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)-
335{-
336#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE-
337 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");-
338#endif-
339 return SHA1_Update(ctx->md_data, data, count);
never executed: return SHA1_Update(ctx->md_data, data, count);
0
340}-
341-
342static int-
343test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)-
344{-
345#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL-
346 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");-
347#endif-
348 return SHA1_Final(md, ctx->md_data);
never executed: return SHA1_Final(md, ctx->md_data);
0
349}-
350-
351static const EVP_MD test_sha_md = {-
352 NID_sha1,-
353 NID_sha1WithRSAEncryption,-
354 SHA_DIGEST_LENGTH,-
355 0,-
356 test_sha1_init,-
357 test_sha1_update,-
358 test_sha1_final,-
359 NULL,-
360 NULL,-
361 EVP_PKEY_RSA_method,-
362 SHA_CBLOCK,-
363 sizeof(EVP_MD *) + sizeof(SHA_CTX),-
364};-
365-
366static int-
367openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid)-
368{-
369 if (!digest) {
!digestDescription
TRUEnever evaluated
FALSEnever evaluated
0
370 /* We are returning a list of supported nids */-
371 *nids = test_digest_nids;-
372 return test_digest_nids_number;
never executed: return test_digest_nids_number;
0
373 }-
374 /* We are being asked for a specific digest */-
375 if (nid == NID_sha1)
nid == 64Description
TRUEnever evaluated
FALSEnever evaluated
0
376 *digest = &test_sha_md;
never executed: *digest = &test_sha_md;
0
377 else {-
378#ifdef TEST_ENG_OPENSSL_SHA_OTHERS-
379 fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "-
380 "nid %d\n", nid);-
381#endif-
382 *digest = NULL;-
383 return 0;
never executed: return 0;
0
384 }-
385 return 1;
never executed: return 1;
0
386}-
387#endif-
388-
389#ifdef TEST_ENG_OPENSSL_PKEY-
390static EVP_PKEY *-
391openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method,-
392 void *callback_data)-
393{-
394 BIO *in;-
395 EVP_PKEY *key;-
396-
397 fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",-
398 key_id);-
399 in = BIO_new_file(key_id, "r");-
400 if (!in)
!inDescription
TRUEnever evaluated
FALSEnever evaluated
0
401 return NULL;
never executed: return ((void *)0) ;
0
402 key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);-
403 BIO_free(in);-
404 return key;
never executed: return key;
0
405}-
406#endif-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2