Add the possibility to control some engine internals.

crypto/engine/engine.h

@@ -81,6 +81,13 @@ extern "C" {
 #define ENGINE_METHOD_ALL		(unsigned int)0xFFFF
 #define ENGINE_METHOD_NONE		(unsigned int)0x0000
 
+/* These flags are used to tell the ctrl function what should be done.
+ * All command numbers are shared between all engines, even if some don't
+ * make sense to some engines.  In such a case, they do nothing but return
+ * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
+#define ENGINE_CTRL_SET_LOGSTREAM	1
+
+
 /* As we're missing a BIGNUM_METHOD, we need a couple of locally
  * defined function types that engines can implement. */
 
@@ -202,6 +209,12 @@ int ENGINE_init(ENGINE *e);
  * a corresponding call to ENGINE_free as it also releases a structural
  * reference. */
 int ENGINE_finish(ENGINE *e);
+/* Send control parametrised commands to the engine.  The possibilities
+ * to send down an integer, a pointer to data or a function pointer are
+ * provided.  Any of the parameters may or may not be NULL, depending
+ * on the command number */
+/* WARNING: This is currently experimental and may change radically! */
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
 
 /* This returns a pointer for the current ENGINE structure that
  * is (by default) performing any RSA operations. The value returned
@@ -265,6 +278,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_CSWIFT_RSA_MOD_EXP			 104
 #define ENGINE_F_ENGINE_ADD				 105
 #define ENGINE_F_ENGINE_BY_ID				 106
+#define ENGINE_F_ENGINE_CTRL				 142
 #define ENGINE_F_ENGINE_FINISH				 107
 #define ENGINE_F_ENGINE_FREE				 108
 #define ENGINE_F_ENGINE_GET_BN_MOD_EXP			 109
@@ -291,6 +305,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_ENGINE_SET_NAME			 130
 #define ENGINE_F_ENGINE_SET_RAND			 131
 #define ENGINE_F_ENGINE_SET_RSA				 132
+#define ENGINE_F_HWCRHK_CTRL				 143
 #define ENGINE_F_HWCRHK_FINISH				 135
 #define ENGINE_F_HWCRHK_INIT				 136
 #define ENGINE_F_HWCRHK_MOD_EXP				 137
@@ -304,6 +319,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_R_BN_CTX_FULL				 101
 #define ENGINE_R_BN_EXPAND_FAIL				 102
 #define ENGINE_R_CONFLICTING_ENGINE_ID			 103
+#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED		 119
 #define ENGINE_R_DSO_FAILURE				 104
 #define ENGINE_R_ENGINE_IS_NOT_IN_LIST			 105
 #define ENGINE_R_FINISH_FAILED				 106
@@ -314,6 +330,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_R_MISSING_KEY_COMPONENTS			 111
 #define ENGINE_R_NOT_INITIALISED			 117
 #define ENGINE_R_NOT_LOADED				 112
+#define ENGINE_R_NO_CONTROL_FUNCTION			 120
 #define ENGINE_R_NO_SUCH_ENGINE				 116
 #define ENGINE_R_PROVIDE_PARAMETERS			 113
 #define ENGINE_R_REQUEST_FAILED				 114

crypto/engine/engine_err.c

@@ -79,6 +79,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
 {ERR_PACK(0,ENGINE_F_CSWIFT_RSA_MOD_EXP,0),	"CSWIFT_RSA_MOD_EXP"},
 {ERR_PACK(0,ENGINE_F_ENGINE_ADD,0),	"ENGINE_add"},
 {ERR_PACK(0,ENGINE_F_ENGINE_BY_ID,0),	"ENGINE_by_id"},
+{ERR_PACK(0,ENGINE_F_ENGINE_CTRL,0),	"ENGINE_ctrl"},
 {ERR_PACK(0,ENGINE_F_ENGINE_FINISH,0),	"ENGINE_finish"},
 {ERR_PACK(0,ENGINE_F_ENGINE_FREE,0),	"ENGINE_free"},
 {ERR_PACK(0,ENGINE_F_ENGINE_GET_BN_MOD_EXP,0),	"ENGINE_get_BN_mod_exp"},
@@ -105,13 +106,14 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),	"ENGINE_set_name"},
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_RAND,0),	"ENGINE_set_RAND"},
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_RSA,0),	"ENGINE_set_RSA"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_FINISH,0),	"hwcrhk_finish"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_CTRL,0),	"HWCRHK_CTRL"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_INIT,0),	"hwcrhk_init"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_FINISH,0),	"HWCRHK_FINISH"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP,0),	"hwcrhk_mod_exp"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_INIT,0),	"HWCRHK_INIT"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP_CRT,0),	"hwcrhk_mod_exp_crt"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP,0),	"HWCRHK_MOD_EXP"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_RAND_BYTES,0),	"hwcrhk_rand_bytes"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_MOD_EXP_CRT,0),	"HWCRHK_MOD_EXP_CRT"},
-{ERR_PACK(0,ENGINE_F_HWCRHK_RSA_MOD_EXP,0),	"hwcrhk_rsa_mod_exp"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_RAND_BYTES,0),	"HWCRHK_RAND_BYTES"},
-{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),	"log_message"},
+{ERR_PACK(0,ENGINE_F_HWCRHK_RSA_MOD_EXP,0),	"HWCRHK_RSA_MOD_EXP"},
+{ERR_PACK(0,ENGINE_F_LOG_MESSAGE,0),	"LOG_MESSAGE"},
 {0,NULL}
 	};
 
@@ -121,6 +123,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
 {ENGINE_R_BN_CTX_FULL                    ,"BN_CTX full"},
 {ENGINE_R_BN_EXPAND_FAIL                 ,"bn_expand fail"},
 {ENGINE_R_CONFLICTING_ENGINE_ID          ,"conflicting engine id"},
+{ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED   ,"ctrl command not implemented"},
 {ENGINE_R_DSO_FAILURE                    ,"DSO failure"},
 {ENGINE_R_ENGINE_IS_NOT_IN_LIST          ,"engine is not in the list"},
 {ENGINE_R_FINISH_FAILED                  ,"finish failed"},
@@ -131,6 +134,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
 {ENGINE_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
 {ENGINE_R_NOT_INITIALISED                ,"not initialised"},
 {ENGINE_R_NOT_LOADED                     ,"not loaded"},
+{ENGINE_R_NO_CONTROL_FUNCTION            ,"no control function"},
 {ENGINE_R_NO_SUCH_ENGINE                 ,"no such engine"},
 {ENGINE_R_PROVIDE_PARAMETERS             ,"provide parameters"},
 {ENGINE_R_REQUEST_FAILED                 ,"request failed"},

crypto/engine/engine_int.h

@@ -100,8 +100,9 @@ typedef struct engine_st
 	RAND_METHOD *rand_meth;
 	BN_MOD_EXP bn_mod_exp;
 	BN_MOD_EXP_CRT bn_mod_exp_crt;
-	int (*init)();
+	int (*init)(void);
-	int (*finish)();
+	int (*finish)(void);
+	int (*ctrl)(int cmd, long i, void *p, void (*f)());
 	int flags;
 	/* reference count on the structure itself */
 	int struct_ref;

crypto/engine/engine_lib.c

@@ -216,6 +216,30 @@ int ENGINE_finish(ENGINE *e)
 	return to_return;
 	}
 
+/* Initialise a engine type for use (or up its functional reference count
+ * if it's already in use). */
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
+	{
+	if(e == NULL)
+		{
+		ENGINEerr(ENGINE_F_ENGINE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
+		return 0;
+		}
+	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+	if(e->funct_ref == 0)
+		{
+		ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NOT_INITIALISED);
+		return 0;
+		}
+	if (!e->ctrl)
+		{
+		ENGINEerr(ENGINE_F_ENGINE_CTRL,ENGINE_R_NO_CONTROL_FUNCTION);
+		return 0;
+		}
+	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+	return e->ctrl(cmd, i, p, f);
+	}
+
 static ENGINE *engine_get_default_type(ENGINE_TYPE t)
 	{
 	ENGINE *ret = NULL;

crypto/engine/engine_openssl.c

@@ -89,6 +89,7 @@ static ENGINE engine_openssl =
 	openssl_mod_exp_crt,
 	NULL, /* no "init()" */
 	NULL, /* no "finish()" */
+	NULL, /* no "ctrl()" */
 	0, /* no flags */
 	0, 0, /* no references. */
 	NULL, NULL /* unlinked */

crypto/engine/hw_cswift.c

@@ -165,6 +165,7 @@ static ENGINE engine_cswift =
 	cswift_mod_exp_crt,
 	cswift_init,
 	cswift_finish,
+	NULL, /* no ctrl() */
 	0, /* no flags */
 	0, 0, /* no references */
 	NULL, NULL /* unlinked */

crypto/engine/hw_ncipher.c

@@ -78,6 +78,7 @@
 
 static int hwcrhk_init();
 static int hwcrhk_finish();
+static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)()); 
 
 /* Functions to handle mutexes */
 static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*);
@@ -163,6 +164,7 @@ static ENGINE engine_hwcrhk =
 	NULL,
 	hwcrhk_init,
 	hwcrhk_finish,
+	hwcrhk_ctrl,
 	0, /* no flags */
 	0, 0, /* no references */
 	NULL, NULL /* unlinked */
@@ -460,6 +462,24 @@ static int hwcrhk_finish()
 	return to_return;
 	}
 
+static int hwcrhk_ctrl(int cmd, long i, void *p, void (*f)())
+	{
+	int to_return = 1;
+
+	switch(cmd)
+		{
+	case ENGINE_CTRL_SET_LOGSTREAM:
+		logstream = (BIO *)p;
+		break;
+	default:
+		ENGINEerr(ENGINE_F_HWCRHK_CTRL,
+			ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+		to_return = 0;
+		break;
+		}
+
+	return to_return;
+	}
 /* A little mod_exp */
 static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *m, BN_CTX *ctx)

util/libeay.num

@@ -1889,3 +1889,4 @@ DSA_set_default_openssl_method          2464
 ENGINE_add                              2465
 DH_set_default_openssl_method           2466
 ENGINE_get_DSA                          2467
+ENGINE_ctrl                             2468