e_sureware.c

mediastreamer2是开源的网络传输媒体流的库

static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL;
static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL;
static SureWareHook_Free_t *p_surewarehk_Free=NULL;
static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec=NULL;
static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign=NULL;
static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign=NULL;
static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp=NULL;

/* Used in the DSO operations. */
static const char *surewarehk_LIBNAME = "SureWareHook";
static const char *n_surewarehk_Init = "SureWareHook_Init";
static const char *n_surewarehk_Finish = "SureWareHook_Finish";
static const char *n_surewarehk_Rand_Bytes="SureWareHook_Rand_Bytes";
static const char *n_surewarehk_Rand_Seed="SureWareHook_Rand_Seed";
static const char *n_surewarehk_Load_Privkey="SureWareHook_Load_Privkey";
static const char *n_surewarehk_Info_Pubkey="SureWareHook_Info_Pubkey";
static const char *n_surewarehk_Load_Rsa_Pubkey="SureWareHook_Load_Rsa_Pubkey";
static const char *n_surewarehk_Load_Dsa_Pubkey="SureWareHook_Load_Dsa_Pubkey";
static const char *n_surewarehk_Free="SureWareHook_Free";
static const char *n_surewarehk_Rsa_Priv_Dec="SureWareHook_Rsa_Priv_Dec";
static const char *n_surewarehk_Rsa_Sign="SureWareHook_Rsa_Sign";
static const char *n_surewarehk_Dsa_Sign="SureWareHook_Dsa_Sign";
static const char *n_surewarehk_Mod_Exp="SureWareHook_Mod_Exp";
static BIO *logstream = NULL;

/* SureWareHook library functions and mechanics - these are used by the
 * higher-level functions further down. NB: As and where there's no
 * error checking, take a look lower down where these functions are
 * called, the checking and error handling is probably down there. 
*/
static int threadsafe=1;
static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
{
	int to_return = 1;

	switch(cmd)
	{
		case ENGINE_CTRL_SET_LOGSTREAM:
		{
			BIO *bio = (BIO *)p;
			CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
			if (logstream)
			{
				BIO_free(logstream);
				logstream = NULL;
			}
			if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
				logstream = bio;
			else
				SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,SUREWARE_R_BIO_WAS_FREED);
		}
		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
		break;
	/* This will prevent the initialisation function from "installing"
	 * the mutex-handling callbacks, even if they are available from
	 * within the library (or were provided to the library from the
	 * calling application). This is to remove any baggage for
	 * applications not using multithreading. */
	case ENGINE_CTRL_CHIL_NO_LOCKING:
		CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
		threadsafe = 0;
		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
		break;

	/* The command isn't understood by this engine */
	default:
		SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
			ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
		to_return = 0;
		break;
		}

	return to_return;
}

/* Destructor (complements the "ENGINE_surewarehk()" constructor) */
static int surewarehk_destroy(ENGINE *e)
{
	ERR_unload_SUREWARE_strings();
	return 1;
}

/* (de)initialisation functions. */
static int surewarehk_init(ENGINE *e)
{
	char msg[64]="ENGINE_init";
	SureWareHook_Init_t *p1=NULL;
	SureWareHook_Finish_t *p2=NULL;
	SureWareHook_Rand_Bytes_t *p3=NULL;
	SureWareHook_Rand_Seed_t *p4=NULL;
	SureWareHook_Load_Privkey_t *p5=NULL;
	SureWareHook_Load_Rsa_Pubkey_t *p6=NULL;
	SureWareHook_Free_t *p7=NULL;
	SureWareHook_Rsa_Priv_Dec_t *p8=NULL;
	SureWareHook_Rsa_Sign_t *p9=NULL;
	SureWareHook_Dsa_Sign_t *p12=NULL;
	SureWareHook_Info_Pubkey_t *p13=NULL;
	SureWareHook_Load_Dsa_Pubkey_t *p14=NULL;
	SureWareHook_Mod_Exp_t *p15=NULL;

	if(surewarehk_dso != NULL)
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_ALREADY_LOADED);
		goto err;
	}
	/* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */
	surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0);
	if(surewarehk_dso == NULL)
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE);
		goto err;
	}
	if(!(p1=(SureWareHook_Init_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Init)) ||
	   !(p2=(SureWareHook_Finish_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Finish)) ||
	   !(p3=(SureWareHook_Rand_Bytes_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Bytes)) ||
	   !(p4=(SureWareHook_Rand_Seed_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Seed)) ||
	   !(p5=(SureWareHook_Load_Privkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Privkey)) ||
	   !(p6=(SureWareHook_Load_Rsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Rsa_Pubkey)) ||
	   !(p7=(SureWareHook_Free_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) ||
	   !(p8=(SureWareHook_Rsa_Priv_Dec_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Priv_Dec)) ||
	   !(p9=(SureWareHook_Rsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Sign)) ||
	   !(p12=(SureWareHook_Dsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Dsa_Sign)) ||
	   !(p13=(SureWareHook_Info_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Info_Pubkey)) ||
	   !(p14=(SureWareHook_Load_Dsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Dsa_Pubkey)) ||
	   !(p15=(SureWareHook_Mod_Exp_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Mod_Exp)))
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE);
		goto err;
	}
	/* Copy the pointers */
	p_surewarehk_Init = p1;
	p_surewarehk_Finish = p2;
	p_surewarehk_Rand_Bytes = p3;
	p_surewarehk_Rand_Seed = p4;
	p_surewarehk_Load_Privkey = p5;
	p_surewarehk_Load_Rsa_Pubkey = p6;
	p_surewarehk_Free = p7;
	p_surewarehk_Rsa_Priv_Dec = p8;
	p_surewarehk_Rsa_Sign = p9;
	p_surewarehk_Dsa_Sign = p12;
	p_surewarehk_Info_Pubkey = p13;
	p_surewarehk_Load_Dsa_Pubkey = p14;
	p_surewarehk_Mod_Exp = p15;
	/* Contact the hardware and initialises it. */
	if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE)
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE);
		goto err;
	}
	if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE)
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE);
		goto err;
	}
	/* try to load the default private key, if failed does not return a failure but
           wait for an explicit ENGINE_load_privakey */
	surewarehk_load_privkey(e,NULL,NULL,NULL);

	/* Everything's fine. */
#ifndef OPENSSL_NO_RSA
	if (rsaHndidx == -1)
		rsaHndidx = RSA_get_ex_new_index(0,
						"SureWareHook RSA key handle",
						NULL, NULL, surewarehk_ex_free);
#endif
#ifndef OPENSSL_NO_DSA
	if (dsaHndidx == -1)
		dsaHndidx = DSA_get_ex_new_index(0,
						"SureWareHook DSA key handle",
						NULL, NULL, surewarehk_ex_free);
#endif

	return 1;
err:
	if(surewarehk_dso)
		DSO_free(surewarehk_dso);
	surewarehk_dso = NULL;
	p_surewarehk_Init = NULL;
	p_surewarehk_Finish = NULL;
	p_surewarehk_Rand_Bytes = NULL;
	p_surewarehk_Rand_Seed = NULL;
	p_surewarehk_Load_Privkey = NULL;
	p_surewarehk_Load_Rsa_Pubkey = NULL;
	p_surewarehk_Free = NULL;
	p_surewarehk_Rsa_Priv_Dec = NULL;
	p_surewarehk_Rsa_Sign = NULL;
	p_surewarehk_Dsa_Sign = NULL;
	p_surewarehk_Info_Pubkey = NULL;
	p_surewarehk_Load_Dsa_Pubkey = NULL;
	p_surewarehk_Mod_Exp = NULL;
	return 0;
}

static int surewarehk_finish(ENGINE *e)
{
	int to_return = 1;
	if(surewarehk_dso == NULL)
		{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_NOT_LOADED);
		to_return = 0;
		goto err;
		}
	p_surewarehk_Finish();
	if(!DSO_free(surewarehk_dso))
		{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_DSO_FAILURE);
		to_return = 0;
		goto err;
		}
 err:
	if (logstream)
		BIO_free(logstream);
	surewarehk_dso = NULL;
	p_surewarehk_Init = NULL;
	p_surewarehk_Finish = NULL;
	p_surewarehk_Rand_Bytes = NULL;
	p_surewarehk_Rand_Seed = NULL;
	p_surewarehk_Load_Privkey = NULL;
	p_surewarehk_Load_Rsa_Pubkey = NULL;
	p_surewarehk_Free = NULL;
	p_surewarehk_Rsa_Priv_Dec = NULL;
	p_surewarehk_Rsa_Sign = NULL;
	p_surewarehk_Dsa_Sign = NULL;
	p_surewarehk_Info_Pubkey = NULL;
	p_surewarehk_Load_Dsa_Pubkey = NULL;
	p_surewarehk_Mod_Exp = NULL;
	return to_return;
}

static void surewarehk_error_handling(char *const msg,int func,int ret)
{
	switch (ret)
	{
		case SUREWAREHOOK_ERROR_UNIT_FAILURE:
			ENGINEerr(func,SUREWARE_R_UNIT_FAILURE);
			break;
		case SUREWAREHOOK_ERROR_FALLBACK:
			ENGINEerr(func,SUREWARE_R_REQUEST_FALLBACK);
			break;
		case SUREWAREHOOK_ERROR_DATA_SIZE:
			ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
			break;
		case SUREWAREHOOK_ERROR_INVALID_PAD:
			ENGINEerr(func,SUREWARE_R_PADDING_CHECK_FAILED);
			break;
		default:
			ENGINEerr(func,SUREWARE_R_REQUEST_FAILED);
			break;
		case 1:/*nothing*/
			msg[0]='\0';
	}
	if (*msg)
	{
		ERR_add_error_data(1,msg);
		if (logstream)
		{
			CRYPTO_w_lock(CRYPTO_LOCK_BIO);
			BIO_write(logstream, msg, strlen(msg));
			CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
		}
	}
}

static int surewarehk_rand_bytes(unsigned char *buf, int num)
{
	int ret=0;
	char msg[64]="ENGINE_rand_bytes";
	if(!p_surewarehk_Rand_Bytes)
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED);
	}
	else
	{
		ret = p_surewarehk_Rand_Bytes(msg,buf, num);
		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_BYTES,ret);
	}
	return ret==1 ? 1 : 0;
}

static void surewarehk_rand_seed(const void *buf, int num)
{
	int ret=0;
	char msg[64]="ENGINE_rand_seed";
	if(!p_surewarehk_Rand_Seed)
	{
		SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED);
	}
	else
	{
		ret = p_surewarehk_Rand_Seed(msg,buf, num);
		surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret);
	}
}

static void surewarehk_rand_add(const void *buf, int num, double entropy)
{
	surewarehk_rand_seed(buf,num);
}

static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype)
{
	EVP_PKEY *res = NULL;
#ifndef OPENSSL_NO_RSA
	RSA *rsatmp = NULL;
#endif
#ifndef OPENSSL_NO_DSA
	DSA *dsatmp=NULL;
#endif
	char msg[64]="sureware_load_public";
	int ret=0;
	if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
	{
		SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_NOT_INITIALISED);
		goto err;
	}
	switch (keytype)
	{
#ifndef OPENSSL_NO_RSA
	case 1: /*RSA*/
		/* set private external reference */
		rsatmp = RSA_new_method(e);
		RSA_set_ex_data(rsatmp,rsaHndidx,hptr);
		rsatmp->flags |= RSA_FLAG_EXT_PKEY;

		/* set public big nums*/
		rsatmp->e = BN_new();
		rsatmp->n = BN_new();
		bn_expand2(rsatmp->e, el/sizeof(BN_ULONG));
		bn_expand2(rsatmp->n, el/sizeof(BN_ULONG));
		if (!rsatmp->e || rsatmp->e->dmax!=(int)(el/sizeof(BN_ULONG))|| 
			!rsatmp->n || rsatmp->n->dmax!=(int)(el/sizeof(BN_ULONG)))
			goto err;
		ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
						 (unsigned long *)rsatmp->n->d,
						 (unsigned long *)rsatmp->e->d);
		surewarehk_error_handling(msg,SUREWARE_F_SUREWARE_LOAD_PUBLIC,ret);
		if (ret!=1)
		{
			SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
			goto err;
		}
		/* normalise pub e and pub n */
		rsatmp->e->top=el/sizeof(BN_ULONG);
		bn_fix_top(rsatmp->e);
		rsatmp->n->top=el/sizeof(BN_ULONG);
		bn_fix_top(rsatmp->n);
		/* create an EVP object: engine + rsa key */
		res = EVP_PKEY_new();
		EVP_PKEY_assign_RSA(res, rsatmp);
		break;
#endif