1 /* openssl/engine.h */ 2 /* 3 * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project 4 * 2000. 5 */ 6 /* ==================================================================== 7 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59 /* ==================================================================== 60 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 61 * ECDH support in OpenSSL originally developed by 62 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 63 */ 64 65 #ifndef HEADER_ENGINE_H 66 # define HEADER_ENGINE_H 67 68 # include <openssl/opensslconf.h> 69 70 # ifdef OPENSSL_NO_ENGINE 71 # error ENGINE is disabled. 72 # endif 73 74 # ifndef OPENSSL_NO_DEPRECATED 75 # include <openssl/bn.h> 76 # ifndef OPENSSL_NO_RSA 77 # include <openssl/rsa.h> 78 # endif 79 # ifndef OPENSSL_NO_DSA 80 # include <openssl/dsa.h> 81 # endif 82 # ifndef OPENSSL_NO_DH 83 # include <openssl/dh.h> 84 # endif 85 # ifndef OPENSSL_NO_ECDH 86 # include <openssl/ecdh.h> 87 # endif 88 # ifndef OPENSSL_NO_ECDSA 89 # include <openssl/ecdsa.h> 90 # endif 91 # include <openssl/rand.h> 92 # include <openssl/ui.h> 93 # include <openssl/err.h> 94 # endif 95 96 # include <openssl/ossl_typ.h> 97 # include <openssl/symhacks.h> 98 99 # include <openssl/x509.h> 100 101 #ifdef __cplusplus 102 extern "C" { 103 #endif 104 105 /* 106 * These flags are used to control combinations of algorithm (methods) by 107 * bitwise "OR"ing. 108 */ 109 # define ENGINE_METHOD_RSA (unsigned int)0x0001 110 # define ENGINE_METHOD_DSA (unsigned int)0x0002 111 # define ENGINE_METHOD_DH (unsigned int)0x0004 112 # define ENGINE_METHOD_RAND (unsigned int)0x0008 113 # define ENGINE_METHOD_ECDH (unsigned int)0x0010 114 # define ENGINE_METHOD_ECDSA (unsigned int)0x0020 115 # define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 116 # define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 117 # define ENGINE_METHOD_STORE (unsigned int)0x0100 118 # define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 119 # define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 120 /* Obvious all-or-nothing cases. */ 121 # define ENGINE_METHOD_ALL (unsigned int)0xFFFF 122 # define ENGINE_METHOD_NONE (unsigned int)0x0000 123 124 /* 125 * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used 126 * internally to control registration of ENGINE implementations, and can be 127 * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to 128 * initialise registered ENGINEs if they are not already initialised. 129 */ 130 # define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001 131 132 /* ENGINE flags that can be set by ENGINE_set_flags(). */ 133 /* Not used */ 134 /* #define ENGINE_FLAGS_MALLOCED 0x0001 */ 135 136 /* 137 * This flag is for ENGINEs that wish to handle the various 'CMD'-related 138 * control commands on their own. Without this flag, ENGINE_ctrl() handles 139 * these control commands on behalf of the ENGINE using their "cmd_defns" 140 * data. 141 */ 142 # define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002 143 144 /* 145 * This flag is for ENGINEs who return new duplicate structures when found 146 * via "ENGINE_by_id()". When an ENGINE must store state (eg. if 147 * ENGINE_ctrl() commands are called in sequence as part of some stateful 148 * process like key-generation setup and execution), it can set this flag - 149 * then each attempt to obtain the ENGINE will result in it being copied into 150 * a new structure. Normally, ENGINEs don't declare this flag so 151 * ENGINE_by_id() just increments the existing ENGINE's structural reference 152 * count. 153 */ 154 # define ENGINE_FLAGS_BY_ID_COPY (int)0x0004 155 156 /* 157 * This flag if for an ENGINE that does not want its methods registered as 158 * part of ENGINE_register_all_complete() for example if the methods are not 159 * usable as default methods. 160 */ 161 162 # define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008 163 164 /* 165 * ENGINEs can support their own command types, and these flags are used in 166 * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input 167 * each command expects. Currently only numeric and string input is 168 * supported. If a control command supports none of the _NUMERIC, _STRING, or 169 * _NO_INPUT options, then it is regarded as an "internal" control command - 170 * and not for use in config setting situations. As such, they're not 171 * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() 172 * access. Changes to this list of 'command types' should be reflected 173 * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). 174 */ 175 176 /* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */ 177 # define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001 178 /* 179 * accepts string input (cast from 'void*' to 'const char *', 4th parameter 180 * to ENGINE_ctrl) 181 */ 182 # define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002 183 /* 184 * Indicates that the control command takes *no* input. Ie. the control 185 * command is unparameterised. 186 */ 187 # define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004 188 /* 189 * Indicates that the control command is internal. This control command won't 190 * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() 191 * function. 192 */ 193 # define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008 194 195 /* 196 * NB: These 3 control commands are deprecated and should not be used. 197 * ENGINEs relying on these commands should compile conditional support for 198 * compatibility (eg. if these symbols are defined) but should also migrate 199 * the same functionality to their own ENGINE-specific control functions that 200 * can be "discovered" by calling applications. The fact these control 201 * commands wouldn't be "executable" (ie. usable by text-based config) 202 * doesn't change the fact that application code can find and use them 203 * without requiring per-ENGINE hacking. 204 */ 205 206 /* 207 * These flags are used to tell the ctrl function what should be done. All 208 * command numbers are shared between all engines, even if some don't make 209 * sense to some engines. In such a case, they do nothing but return the 210 * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. 211 */ 212 # define ENGINE_CTRL_SET_LOGSTREAM 1 213 # define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 214 # define ENGINE_CTRL_HUP 3/* Close and reinitialise 215 * any handles/connections 216 * etc. */ 217 # define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */ 218 # define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used 219 * when calling the password 220 * callback and the user 221 * interface */ 222 # define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration, 223 * given a string that 224 * represents a file name 225 * or so */ 226 # define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given 227 * section in the already 228 * loaded configuration */ 229 230 /* 231 * These control commands allow an application to deal with an arbitrary 232 * engine in a dynamic way. Warn: Negative return values indicate errors FOR 233 * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other 234 * commands, including ENGINE-specific command types, return zero for an 235 * error. An ENGINE can choose to implement these ctrl functions, and can 236 * internally manage things however it chooses - it does so by setting the 237 * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise 238 * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the 239 * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's 240 * ctrl() handler need only implement its own commands - the above "meta" 241 * commands will be taken care of. 242 */ 243 244 /* 245 * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", 246 * then all the remaining control commands will return failure, so it is 247 * worth checking this first if the caller is trying to "discover" the 248 * engine's capabilities and doesn't want errors generated unnecessarily. 249 */ 250 # define ENGINE_CTRL_HAS_CTRL_FUNCTION 10 251 /* 252 * Returns a positive command number for the first command supported by the 253 * engine. Returns zero if no ctrl commands are supported. 254 */ 255 # define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11 256 /* 257 * The 'long' argument specifies a command implemented by the engine, and the 258 * return value is the next command supported, or zero if there are no more. 259 */ 260 # define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12 261 /* 262 * The 'void*' argument is a command name (cast from 'const char *'), and the 263 * return value is the command that corresponds to it. 264 */ 265 # define ENGINE_CTRL_GET_CMD_FROM_NAME 13 266 /* 267 * The next two allow a command to be converted into its corresponding string 268 * form. In each case, the 'long' argument supplies the command. In the 269 * NAME_LEN case, the return value is the length of the command name (not 270 * counting a trailing EOL). In the NAME case, the 'void*' argument must be a 271 * string buffer large enough, and it will be populated with the name of the 272 * command (WITH a trailing EOL). 273 */ 274 # define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14 275 # define ENGINE_CTRL_GET_NAME_FROM_CMD 15 276 /* The next two are similar but give a "short description" of a command. */ 277 # define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16 278 # define ENGINE_CTRL_GET_DESC_FROM_CMD 17 279 /* 280 * With this command, the return value is the OR'd combination of 281 * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given 282 * engine-specific ctrl command expects. 283 */ 284 # define ENGINE_CTRL_GET_CMD_FLAGS 18 285 286 /* 287 * ENGINE implementations should start the numbering of their own control 288 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). 289 */ 290 # define ENGINE_CMD_BASE 200 291 292 /* 293 * NB: These 2 nCipher "chil" control commands are deprecated, and their 294 * functionality is now available through ENGINE-specific control commands 295 * (exposed through the above-mentioned 'CMD'-handling). Code using these 2 296 * commands should be migrated to the more general command handling before 297 * these are removed. 298 */ 299 300 /* Flags specific to the nCipher "chil" engine */ 301 # define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 302 /* 303 * Depending on the value of the (long)i argument, this sets or 304 * unsets the SimpleForkCheck flag in the CHIL API to enable or 305 * disable checking and workarounds for applications that fork(). 306 */ 307 # define ENGINE_CTRL_CHIL_NO_LOCKING 101 308 /* 309 * This prevents the initialisation function from providing mutex 310 * callbacks to the nCipher library. 311 */ 312 313 /* 314 * If an ENGINE supports its own specific control commands and wishes the 315 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on 316 * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN 317 * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl() 318 * handler that supports the stated commands (ie. the "cmd_num" entries as 319 * described by the array). NB: The array must be ordered in increasing order 320 * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element 321 * has cmd_num set to zero and/or cmd_name set to NULL. 322 */ 323 typedef struct ENGINE_CMD_DEFN_st { 324 unsigned int cmd_num; /* The command number */ 325 const char *cmd_name; /* The command name itself */ 326 const char *cmd_desc; /* A short description of the command */ 327 unsigned int cmd_flags; /* The input the command expects */ 328 } ENGINE_CMD_DEFN; 329 330 /* Generic function pointer */ 331 typedef int (*ENGINE_GEN_FUNC_PTR) (void); 332 /* Generic function pointer taking no arguments */ 333 typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *); 334 /* Specific control function pointer */ 335 typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *, 336 void (*f) (void)); 337 /* Generic load_key function pointer */ 338 typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, 339 UI_METHOD *ui_method, 340 void *callback_data); 341 typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl, 342 STACK_OF(X509_NAME) *ca_dn, 343 X509 **pcert, EVP_PKEY **pkey, 344 STACK_OF(X509) **pother, 345 UI_METHOD *ui_method, 346 void *callback_data); 347 /*- 348 * These callback types are for an ENGINE's handler for cipher and digest logic. 349 * These handlers have these prototypes; 350 * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); 351 * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); 352 * Looking at how to implement these handlers in the case of cipher support, if 353 * the framework wants the EVP_CIPHER for 'nid', it will call; 354 * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) 355 * If the framework wants a list of supported 'nid's, it will call; 356 * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) 357 */ 358 /* 359 * Returns to a pointer to the array of supported cipher 'nid's. If the 360 * second parameter is non-NULL it is set to the size of the returned array. 361 */ 362 typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **, 363 const int **, int); 364 typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **, 365 int); 366 typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **, 367 const int **, int); 368 typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **, 369 const int **, int); 370 /* 371 * STRUCTURE functions ... all of these functions deal with pointers to 372 * ENGINE structures where the pointers have a "structural reference". This 373 * means that their reference is to allowed access to the structure but it 374 * does not imply that the structure is functional. To simply increment or 375 * decrement the structural reference count, use ENGINE_by_id and 376 * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next 377 * as it will automatically decrement the structural reference count of the 378 * "current" ENGINE and increment the structural reference count of the 379 * ENGINE it returns (unless it is NULL). 380 */ 381 382 /* Get the first/last "ENGINE" type available. */ 383 ENGINE *ENGINE_get_first(void); 384 ENGINE *ENGINE_get_last(void); 385 /* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ 386 ENGINE *ENGINE_get_next(ENGINE *e); 387 ENGINE *ENGINE_get_prev(ENGINE *e); 388 /* Add another "ENGINE" type into the array. */ 389 int ENGINE_add(ENGINE *e); 390 /* Remove an existing "ENGINE" type from the array. */ 391 int ENGINE_remove(ENGINE *e); 392 /* Retrieve an engine from the list by its unique "id" value. */ 393 ENGINE *ENGINE_by_id(const char *id); 394 /* Add all the built-in engines. */ 395 void ENGINE_load_openssl(void); 396 void ENGINE_load_dynamic(void); 397 # ifndef OPENSSL_NO_STATIC_ENGINE 398 void ENGINE_load_4758cca(void); 399 void ENGINE_load_aep(void); 400 void ENGINE_load_atalla(void); 401 void ENGINE_load_chil(void); 402 void ENGINE_load_cswift(void); 403 void ENGINE_load_nuron(void); 404 void ENGINE_load_sureware(void); 405 void ENGINE_load_ubsec(void); 406 void ENGINE_load_padlock(void); 407 void ENGINE_load_capi(void); 408 # ifndef OPENSSL_NO_GMP 409 void ENGINE_load_gmp(void); 410 # endif 411 # ifndef OPENSSL_NO_GOST 412 void ENGINE_load_gost(void); 413 # endif 414 # endif 415 void ENGINE_load_cryptodev(void); 416 void ENGINE_load_rdrand(void); 417 void ENGINE_load_builtin_engines(void); 418 419 /* 420 * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation 421 * "registry" handling. 422 */ 423 unsigned int ENGINE_get_table_flags(void); 424 void ENGINE_set_table_flags(unsigned int flags); 425 426 /*- Manage registration of ENGINEs per "table". For each type, there are 3 427 * functions; 428 * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) 429 * ENGINE_unregister_***(e) - unregister the implementation from 'e' 430 * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list 431 * Cleanup is automatically registered from each table when required, so 432 * ENGINE_cleanup() will reverse any "register" operations. 433 */ 434 435 int ENGINE_register_RSA(ENGINE *e); 436 void ENGINE_unregister_RSA(ENGINE *e); 437 void ENGINE_register_all_RSA(void); 438 439 int ENGINE_register_DSA(ENGINE *e); 440 void ENGINE_unregister_DSA(ENGINE *e); 441 void ENGINE_register_all_DSA(void); 442 443 int ENGINE_register_ECDH(ENGINE *e); 444 void ENGINE_unregister_ECDH(ENGINE *e); 445 void ENGINE_register_all_ECDH(void); 446 447 int ENGINE_register_ECDSA(ENGINE *e); 448 void ENGINE_unregister_ECDSA(ENGINE *e); 449 void ENGINE_register_all_ECDSA(void); 450 451 int ENGINE_register_DH(ENGINE *e); 452 void ENGINE_unregister_DH(ENGINE *e); 453 void ENGINE_register_all_DH(void); 454 455 int ENGINE_register_RAND(ENGINE *e); 456 void ENGINE_unregister_RAND(ENGINE *e); 457 void ENGINE_register_all_RAND(void); 458 459 int ENGINE_register_STORE(ENGINE *e); 460 void ENGINE_unregister_STORE(ENGINE *e); 461 void ENGINE_register_all_STORE(void); 462 463 int ENGINE_register_ciphers(ENGINE *e); 464 void ENGINE_unregister_ciphers(ENGINE *e); 465 void ENGINE_register_all_ciphers(void); 466 467 int ENGINE_register_digests(ENGINE *e); 468 void ENGINE_unregister_digests(ENGINE *e); 469 void ENGINE_register_all_digests(void); 470 471 int ENGINE_register_pkey_meths(ENGINE *e); 472 void ENGINE_unregister_pkey_meths(ENGINE *e); 473 void ENGINE_register_all_pkey_meths(void); 474 475 int ENGINE_register_pkey_asn1_meths(ENGINE *e); 476 void ENGINE_unregister_pkey_asn1_meths(ENGINE *e); 477 void ENGINE_register_all_pkey_asn1_meths(void); 478 479 /* 480 * These functions register all support from the above categories. Note, use 481 * of these functions can result in static linkage of code your application 482 * may not need. If you only need a subset of functionality, consider using 483 * more selective initialisation. 484 */ 485 int ENGINE_register_complete(ENGINE *e); 486 int ENGINE_register_all_complete(void); 487 488 /* 489 * Send parametrised control commands to the engine. The possibilities to 490 * send down an integer, a pointer to data or a function pointer are 491 * provided. Any of the parameters may or may not be NULL, depending on the 492 * command number. In actuality, this function only requires a structural 493 * (rather than functional) reference to an engine, but many control commands 494 * may require the engine be functional. The caller should be aware of trying 495 * commands that require an operational ENGINE, and only use functional 496 * references in such situations. 497 */ 498 int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); 499 500 /* 501 * This function tests if an ENGINE-specific command is usable as a 502 * "setting". Eg. in an application's config file that gets processed through 503 * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to 504 * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). 505 */ 506 int ENGINE_cmd_is_executable(ENGINE *e, int cmd); 507 508 /* 509 * This function works like ENGINE_ctrl() with the exception of taking a 510 * command name instead of a command number, and can handle optional 511 * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation 512 * on how to use the cmd_name and cmd_optional. 513 */ 514 int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, 515 long i, void *p, void (*f) (void), int cmd_optional); 516 517 /* 518 * This function passes a command-name and argument to an ENGINE. The 519 * cmd_name is converted to a command number and the control command is 520 * called using 'arg' as an argument (unless the ENGINE doesn't support such 521 * a command, in which case no control command is called). The command is 522 * checked for input flags, and if necessary the argument will be converted 523 * to a numeric value. If cmd_optional is non-zero, then if the ENGINE 524 * doesn't support the given cmd_name the return value will be success 525 * anyway. This function is intended for applications to use so that users 526 * (or config files) can supply engine-specific config data to the ENGINE at 527 * run-time to control behaviour of specific engines. As such, it shouldn't 528 * be used for calling ENGINE_ctrl() functions that return data, deal with 529 * binary data, or that are otherwise supposed to be used directly through 530 * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl() 531 * operation in this function will be lost - the return value is interpreted 532 * as failure if the return value is zero, success otherwise, and this 533 * function returns a boolean value as a result. In other words, vendors of 534 * 'ENGINE'-enabled devices should write ENGINE implementations with 535 * parameterisations that work in this scheme, so that compliant ENGINE-based 536 * applications can work consistently with the same configuration for the 537 * same ENGINE-enabled devices, across applications. 538 */ 539 int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, 540 int cmd_optional); 541 542 /* 543 * These functions are useful for manufacturing new ENGINE structures. They 544 * don't address reference counting at all - one uses them to populate an 545 * ENGINE structure with personalised implementations of things prior to 546 * using it directly or adding it to the builtin ENGINE list in OpenSSL. 547 * These are also here so that the ENGINE structure doesn't have to be 548 * exposed and break binary compatibility! 549 */ 550 ENGINE *ENGINE_new(void); 551 int ENGINE_free(ENGINE *e); 552 int ENGINE_up_ref(ENGINE *e); 553 int ENGINE_set_id(ENGINE *e, const char *id); 554 int ENGINE_set_name(ENGINE *e, const char *name); 555 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); 556 int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); 557 int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); 558 int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); 559 int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); 560 int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); 561 int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); 562 int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); 563 int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); 564 int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); 565 int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); 566 int ENGINE_set_load_privkey_function(ENGINE *e, 567 ENGINE_LOAD_KEY_PTR loadpriv_f); 568 int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); 569 int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, 570 ENGINE_SSL_CLIENT_CERT_PTR 571 loadssl_f); 572 int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); 573 int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); 574 int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); 575 int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); 576 int ENGINE_set_flags(ENGINE *e, int flags); 577 int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); 578 /* These functions allow control over any per-structure ENGINE data. */ 579 int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 580 CRYPTO_EX_dup *dup_func, 581 CRYPTO_EX_free *free_func); 582 int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); 583 void *ENGINE_get_ex_data(const ENGINE *e, int idx); 584 585 /* 586 * This function cleans up anything that needs it. Eg. the ENGINE_add() 587 * function automatically ensures the list cleanup function is registered to 588 * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_*** 589 * functions ensure ENGINE_cleanup() will clean up after them. 590 */ 591 void ENGINE_cleanup(void); 592 593 /* 594 * These return values from within the ENGINE structure. These can be useful 595 * with functional references as well as structural references - it depends 596 * which you obtained. Using the result for functional purposes if you only 597 * obtained a structural reference may be problematic! 598 */ 599 const char *ENGINE_get_id(const ENGINE *e); 600 const char *ENGINE_get_name(const ENGINE *e); 601 const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); 602 const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); 603 const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); 604 const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); 605 const DH_METHOD *ENGINE_get_DH(const ENGINE *e); 606 const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); 607 const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); 608 ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); 609 ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); 610 ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); 611 ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); 612 ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); 613 ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); 614 ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE 615 *e); 616 ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); 617 ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); 618 ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); 619 ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); 620 const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); 621 const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); 622 const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); 623 const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); 624 const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, 625 const char *str, 626 int len); 627 const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, 628 const char *str, 629 int len); 630 const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); 631 int ENGINE_get_flags(const ENGINE *e); 632 633 /* 634 * FUNCTIONAL functions. These functions deal with ENGINE structures that 635 * have (or will) be initialised for use. Broadly speaking, the structural 636 * functions are useful for iterating the list of available engine types, 637 * creating new engine types, and other "list" operations. These functions 638 * actually deal with ENGINEs that are to be used. As such these functions 639 * can fail (if applicable) when particular engines are unavailable - eg. if 640 * a hardware accelerator is not attached or not functioning correctly. Each 641 * ENGINE has 2 reference counts; structural and functional. Every time a 642 * functional reference is obtained or released, a corresponding structural 643 * reference is automatically obtained or released too. 644 */ 645 646 /* 647 * Initialise a engine type for use (or up its reference count if it's 648 * already in use). This will fail if the engine is not currently operational 649 * and cannot initialise. 650 */ 651 int ENGINE_init(ENGINE *e); 652 /* 653 * Free a functional reference to a engine type. This does not require a 654 * corresponding call to ENGINE_free as it also releases a structural 655 * reference. 656 */ 657 int ENGINE_finish(ENGINE *e); 658 659 /* 660 * The following functions handle keys that are stored in some secondary 661 * location, handled by the engine. The storage may be on a card or 662 * whatever. 663 */ 664 EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, 665 UI_METHOD *ui_method, void *callback_data); 666 EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, 667 UI_METHOD *ui_method, void *callback_data); 668 int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, 669 STACK_OF(X509_NAME) *ca_dn, X509 **pcert, 670 EVP_PKEY **ppkey, STACK_OF(X509) **pother, 671 UI_METHOD *ui_method, void *callback_data); 672 673 /* 674 * This returns a pointer for the current ENGINE structure that is (by 675 * default) performing any RSA operations. The value returned is an 676 * incremented reference, so it should be free'd (ENGINE_finish) before it is 677 * discarded. 678 */ 679 ENGINE *ENGINE_get_default_RSA(void); 680 /* Same for the other "methods" */ 681 ENGINE *ENGINE_get_default_DSA(void); 682 ENGINE *ENGINE_get_default_ECDH(void); 683 ENGINE *ENGINE_get_default_ECDSA(void); 684 ENGINE *ENGINE_get_default_DH(void); 685 ENGINE *ENGINE_get_default_RAND(void); 686 /* 687 * These functions can be used to get a functional reference to perform 688 * ciphering or digesting corresponding to "nid". 689 */ 690 ENGINE *ENGINE_get_cipher_engine(int nid); 691 ENGINE *ENGINE_get_digest_engine(int nid); 692 ENGINE *ENGINE_get_pkey_meth_engine(int nid); 693 ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); 694 695 /* 696 * This sets a new default ENGINE structure for performing RSA operations. If 697 * the result is non-zero (success) then the ENGINE structure will have had 698 * its reference count up'd so the caller should still free their own 699 * reference 'e'. 700 */ 701 int ENGINE_set_default_RSA(ENGINE *e); 702 int ENGINE_set_default_string(ENGINE *e, const char *def_list); 703 /* Same for the other "methods" */ 704 int ENGINE_set_default_DSA(ENGINE *e); 705 int ENGINE_set_default_ECDH(ENGINE *e); 706 int ENGINE_set_default_ECDSA(ENGINE *e); 707 int ENGINE_set_default_DH(ENGINE *e); 708 int ENGINE_set_default_RAND(ENGINE *e); 709 int ENGINE_set_default_ciphers(ENGINE *e); 710 int ENGINE_set_default_digests(ENGINE *e); 711 int ENGINE_set_default_pkey_meths(ENGINE *e); 712 int ENGINE_set_default_pkey_asn1_meths(ENGINE *e); 713 714 /* 715 * The combination "set" - the flags are bitwise "OR"d from the 716 * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" 717 * function, this function can result in unnecessary static linkage. If your 718 * application requires only specific functionality, consider using more 719 * selective functions. 720 */ 721 int ENGINE_set_default(ENGINE *e, unsigned int flags); 722 723 void ENGINE_add_conf_module(void); 724 725 /* Deprecated functions ... */ 726 /* int ENGINE_clear_defaults(void); */ 727 728 /**************************/ 729 /* DYNAMIC ENGINE SUPPORT */ 730 /**************************/ 731 732 /* Binary/behaviour compatibility levels */ 733 # define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 734 /* 735 * Binary versions older than this are too old for us (whether we're a loader 736 * or a loadee) 737 */ 738 # define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 739 740 /* 741 * When compiling an ENGINE entirely as an external shared library, loadable 742 * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' 743 * structure type provides the calling application's (or library's) error 744 * functionality and memory management function pointers to the loaded 745 * library. These should be used/set in the loaded library code so that the 746 * loading application's 'state' will be used/changed in all operations. The 747 * 'static_state' pointer allows the loaded library to know if it shares the 748 * same static data as the calling application (or library), and thus whether 749 * these callbacks need to be set or not. 750 */ 751 typedef void *(*dyn_MEM_malloc_cb) (size_t); 752 typedef void *(*dyn_MEM_realloc_cb) (void *, size_t); 753 typedef void (*dyn_MEM_free_cb) (void *); 754 typedef struct st_dynamic_MEM_fns { 755 dyn_MEM_malloc_cb malloc_cb; 756 dyn_MEM_realloc_cb realloc_cb; 757 dyn_MEM_free_cb free_cb; 758 } dynamic_MEM_fns; 759 /* 760 * FIXME: Perhaps the memory and locking code (crypto.h) should declare and 761 * use these types so we (and any other dependant code) can simplify a bit?? 762 */ 763 typedef void (*dyn_lock_locking_cb) (int, int, const char *, int); 764 typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int); 765 typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *, 766 int); 767 typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *, 768 const char *, int); 769 typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *, 770 const char *, int); 771 typedef struct st_dynamic_LOCK_fns { 772 dyn_lock_locking_cb lock_locking_cb; 773 dyn_lock_add_lock_cb lock_add_lock_cb; 774 dyn_dynlock_create_cb dynlock_create_cb; 775 dyn_dynlock_lock_cb dynlock_lock_cb; 776 dyn_dynlock_destroy_cb dynlock_destroy_cb; 777 } dynamic_LOCK_fns; 778 /* The top-level structure */ 779 typedef struct st_dynamic_fns { 780 void *static_state; 781 const ERR_FNS *err_fns; 782 const CRYPTO_EX_DATA_IMPL *ex_data_fns; 783 dynamic_MEM_fns mem_fns; 784 dynamic_LOCK_fns lock_fns; 785 } dynamic_fns; 786 787 /* 788 * The version checking function should be of this prototype. NB: The 789 * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading 790 * code. If this function returns zero, it indicates a (potential) version 791 * incompatibility and the loaded library doesn't believe it can proceed. 792 * Otherwise, the returned value is the (latest) version supported by the 793 * loading library. The loader may still decide that the loaded code's 794 * version is unsatisfactory and could veto the load. The function is 795 * expected to be implemented with the symbol name "v_check", and a default 796 * implementation can be fully instantiated with 797 * IMPLEMENT_DYNAMIC_CHECK_FN(). 798 */ 799 typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version); 800 # define IMPLEMENT_DYNAMIC_CHECK_FN() \ 801 OPENSSL_EXPORT unsigned long v_check(unsigned long v); \ 802 OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ 803 if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ 804 return 0; } 805 806 /* 807 * This function is passed the ENGINE structure to initialise with its own 808 * function and command settings. It should not adjust the structural or 809 * functional reference counts. If this function returns zero, (a) the load 810 * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto 811 * the structure, and (c) the shared library will be unloaded. So 812 * implementations should do their own internal cleanup in failure 813 * circumstances otherwise they could leak. The 'id' parameter, if non-NULL, 814 * represents the ENGINE id that the loader is looking for. If this is NULL, 815 * the shared library can choose to return failure or to initialise a 816 * 'default' ENGINE. If non-NULL, the shared library must initialise only an 817 * ENGINE matching the passed 'id'. The function is expected to be 818 * implemented with the symbol name "bind_engine". A standard implementation 819 * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter 820 * 'fn' is a callback function that populates the ENGINE structure and 821 * returns an int value (zero for failure). 'fn' should have prototype; 822 * [static] int fn(ENGINE *e, const char *id); 823 */ 824 typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id, 825 const dynamic_fns *fns); 826 # define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ 827 OPENSSL_EXPORT \ 828 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \ 829 OPENSSL_EXPORT \ 830 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ 831 if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ 832 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ 833 fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ 834 return 0; \ 835 CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ 836 CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ 837 CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ 838 CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ 839 CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ 840 if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ 841 return 0; \ 842 if(!ERR_set_implementation(fns->err_fns)) return 0; \ 843 skip_cbs: \ 844 if(!fn(e,id)) return 0; \ 845 return 1; } 846 847 /* 848 * If the loading application (or library) and the loaded ENGINE library 849 * share the same static data (eg. they're both dynamically linked to the 850 * same libcrypto.so) we need a way to avoid trying to set system callbacks - 851 * this would fail, and for the same reason that it's unnecessary to try. If 852 * the loaded ENGINE has (or gets from through the loader) its own copy of 853 * the libcrypto static data, we will need to set the callbacks. The easiest 854 * way to detect this is to have a function that returns a pointer to some 855 * static data and let the loading application and loaded ENGINE compare 856 * their respective values. 857 */ 858 void *ENGINE_get_static_state(void); 859 860 # if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) 861 void ENGINE_setup_bsd_cryptodev(void); 862 # endif 863 864 /* BEGIN ERROR CODES */ 865 /* 866 * The following lines are auto generated by the script mkerr.pl. Any changes 867 * made after this point may be overwritten when the script is next run. 868 */ 869 void ERR_load_ENGINE_strings(void); 870 871 /* Error codes for the ENGINE functions. */ 872 873 /* Function codes. */ 874 # define ENGINE_F_DYNAMIC_CTRL 180 875 # define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 876 # define ENGINE_F_DYNAMIC_LOAD 182 877 # define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 878 # define ENGINE_F_ENGINE_ADD 105 879 # define ENGINE_F_ENGINE_BY_ID 106 880 # define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 881 # define ENGINE_F_ENGINE_CTRL 142 882 # define ENGINE_F_ENGINE_CTRL_CMD 178 883 # define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 884 # define ENGINE_F_ENGINE_FINISH 107 885 # define ENGINE_F_ENGINE_FREE_UTIL 108 886 # define ENGINE_F_ENGINE_GET_CIPHER 185 887 # define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 888 # define ENGINE_F_ENGINE_GET_DIGEST 186 889 # define ENGINE_F_ENGINE_GET_NEXT 115 890 # define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 891 # define ENGINE_F_ENGINE_GET_PKEY_METH 192 892 # define ENGINE_F_ENGINE_GET_PREV 116 893 # define ENGINE_F_ENGINE_INIT 119 894 # define ENGINE_F_ENGINE_LIST_ADD 120 895 # define ENGINE_F_ENGINE_LIST_REMOVE 121 896 # define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 897 # define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 898 # define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 899 # define ENGINE_F_ENGINE_NEW 122 900 # define ENGINE_F_ENGINE_REMOVE 123 901 # define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 902 # define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 903 # define ENGINE_F_ENGINE_SET_ID 129 904 # define ENGINE_F_ENGINE_SET_NAME 130 905 # define ENGINE_F_ENGINE_TABLE_REGISTER 184 906 # define ENGINE_F_ENGINE_UNLOAD_KEY 152 907 # define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 908 # define ENGINE_F_ENGINE_UP_REF 190 909 # define ENGINE_F_INT_CTRL_HELPER 172 910 # define ENGINE_F_INT_ENGINE_CONFIGURE 188 911 # define ENGINE_F_INT_ENGINE_MODULE_INIT 187 912 # define ENGINE_F_LOG_MESSAGE 141 913 914 /* Reason codes. */ 915 # define ENGINE_R_ALREADY_LOADED 100 916 # define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133 917 # define ENGINE_R_CMD_NOT_EXECUTABLE 134 918 # define ENGINE_R_COMMAND_TAKES_INPUT 135 919 # define ENGINE_R_COMMAND_TAKES_NO_INPUT 136 920 # define ENGINE_R_CONFLICTING_ENGINE_ID 103 921 # define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 922 # define ENGINE_R_DH_NOT_IMPLEMENTED 139 923 # define ENGINE_R_DSA_NOT_IMPLEMENTED 140 924 # define ENGINE_R_DSO_FAILURE 104 925 # define ENGINE_R_DSO_NOT_FOUND 132 926 # define ENGINE_R_ENGINES_SECTION_ERROR 148 927 # define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 928 # define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 929 # define ENGINE_R_ENGINE_SECTION_ERROR 149 930 # define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 931 # define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 932 # define ENGINE_R_FINISH_FAILED 106 933 # define ENGINE_R_GET_HANDLE_FAILED 107 934 # define ENGINE_R_ID_OR_NAME_MISSING 108 935 # define ENGINE_R_INIT_FAILED 109 936 # define ENGINE_R_INTERNAL_LIST_ERROR 110 937 # define ENGINE_R_INVALID_ARGUMENT 143 938 # define ENGINE_R_INVALID_CMD_NAME 137 939 # define ENGINE_R_INVALID_CMD_NUMBER 138 940 # define ENGINE_R_INVALID_INIT_VALUE 151 941 # define ENGINE_R_INVALID_STRING 150 942 # define ENGINE_R_NOT_INITIALISED 117 943 # define ENGINE_R_NOT_LOADED 112 944 # define ENGINE_R_NO_CONTROL_FUNCTION 120 945 # define ENGINE_R_NO_INDEX 144 946 # define ENGINE_R_NO_LOAD_FUNCTION 125 947 # define ENGINE_R_NO_REFERENCE 130 948 # define ENGINE_R_NO_SUCH_ENGINE 116 949 # define ENGINE_R_NO_UNLOAD_FUNCTION 126 950 # define ENGINE_R_PROVIDE_PARAMETERS 113 951 # define ENGINE_R_RSA_NOT_IMPLEMENTED 141 952 # define ENGINE_R_UNIMPLEMENTED_CIPHER 146 953 # define ENGINE_R_UNIMPLEMENTED_DIGEST 147 954 # define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 955 # define ENGINE_R_VERSION_INCOMPATIBILITY 145 956 957 #ifdef __cplusplus 958 } 959 #endif 960 #endif 961