1/* openssl/engine.h */ 2/* 3 * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project 4 * 2000. 5 */ 6/* ==================================================================== 7 * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59/* ==================================================================== 60 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 61 * ECDH support in OpenSSL originally developed by 62 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 63 */ 64 65#ifndef HEADER_ENGINE_H 66# define HEADER_ENGINE_H 67 68# include <openssl/opensslconf.h> 69 70# ifdef OPENSSL_NO_ENGINE 71# error ENGINE is disabled. 72# endif 73 74# ifndef OPENSSL_NO_DEPRECATED 75# include <openssl/bn.h> 76# ifndef OPENSSL_NO_RSA 77# include <openssl/rsa.h> 78# endif 79# ifndef OPENSSL_NO_DSA 80# include <openssl/dsa.h> 81# endif 82# ifndef OPENSSL_NO_DH 83# include <openssl/dh.h> 84# endif 85# ifndef OPENSSL_NO_ECDH 86# include <openssl/ecdh.h> 87# endif 88# ifndef OPENSSL_NO_ECDSA 89# include <openssl/ecdsa.h> 90# endif 91# include <openssl/rand.h> 92# include <openssl/ui.h> 93# include <openssl/err.h> 94# endif 95 96# include <openssl/ossl_typ.h> 97# include <openssl/symhacks.h> 98 99# include <openssl/x509.h> 100 101#ifdef __cplusplus 102extern "C" { 103#endif 104 105/* 106 * These flags are used to control combinations of algorithm (methods) by 107 * bitwise "OR"ing. 108 */ 109# define ENGINE_METHOD_RSA (unsigned int)0x0001 110# define ENGINE_METHOD_DSA (unsigned int)0x0002 111# define ENGINE_METHOD_DH (unsigned int)0x0004 112# define ENGINE_METHOD_RAND (unsigned int)0x0008 113# define ENGINE_METHOD_ECDH (unsigned int)0x0010 114# define ENGINE_METHOD_ECDSA (unsigned int)0x0020 115# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 116# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 117# define ENGINE_METHOD_STORE (unsigned int)0x0100 118# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 119# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 120/* Obvious all-or-nothing cases. */ 121# define ENGINE_METHOD_ALL (unsigned int)0xFFFF 122# define ENGINE_METHOD_NONE (unsigned int)0x0000 123 124/* 125 * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used 126 * internally to control registration of ENGINE implementations, and can be 127 * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to 128 * initialise registered ENGINEs if they are not already initialised. 129 */ 130# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001 131 132/* ENGINE flags that can be set by ENGINE_set_flags(). */ 133/* Not used */ 134/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ 135 136/* 137 * This flag is for ENGINEs that wish to handle the various 'CMD'-related 138 * control commands on their own. Without this flag, ENGINE_ctrl() handles 139 * these control commands on behalf of the ENGINE using their "cmd_defns" 140 * data. 141 */ 142# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002 143 144/* 145 * This flag is for ENGINEs who return new duplicate structures when found 146 * via "ENGINE_by_id()". When an ENGINE must store state (eg. if 147 * ENGINE_ctrl() commands are called in sequence as part of some stateful 148 * process like key-generation setup and execution), it can set this flag - 149 * then each attempt to obtain the ENGINE will result in it being copied into 150 * a new structure. Normally, ENGINEs don't declare this flag so 151 * ENGINE_by_id() just increments the existing ENGINE's structural reference 152 * count. 153 */ 154# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004 155 156/* 157 * This flag if for an ENGINE that does not want its methods registered as 158 * part of ENGINE_register_all_complete() for example if the methods are not 159 * usable as default methods. 160 */ 161 162# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008 163 164/* 165 * ENGINEs can support their own command types, and these flags are used in 166 * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input 167 * each command expects. Currently only numeric and string input is 168 * supported. If a control command supports none of the _NUMERIC, _STRING, or 169 * _NO_INPUT options, then it is regarded as an "internal" control command - 170 * and not for use in config setting situations. As such, they're not 171 * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() 172 * access. Changes to this list of 'command types' should be reflected 173 * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). 174 */ 175 176/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */ 177# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001 178/* 179 * accepts string input (cast from 'void*' to 'const char *', 4th parameter 180 * to ENGINE_ctrl) 181 */ 182# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002 183/* 184 * Indicates that the control command takes *no* input. Ie. the control 185 * command is unparameterised. 186 */ 187# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004 188/* 189 * Indicates that the control command is internal. This control command won't 190 * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() 191 * function. 192 */ 193# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008 194 195/* 196 * NB: These 3 control commands are deprecated and should not be used. 197 * ENGINEs relying on these commands should compile conditional support for 198 * compatibility (eg. if these symbols are defined) but should also migrate 199 * the same functionality to their own ENGINE-specific control functions that 200 * can be "discovered" by calling applications. The fact these control 201 * commands wouldn't be "executable" (ie. usable by text-based config) 202 * doesn't change the fact that application code can find and use them 203 * without requiring per-ENGINE hacking. 204 */ 205 206/* 207 * These flags are used to tell the ctrl function what should be done. All 208 * command numbers are shared between all engines, even if some don't make 209 * sense to some engines. In such a case, they do nothing but return the 210 * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. 211 */ 212# define ENGINE_CTRL_SET_LOGSTREAM 1 213# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 214# define ENGINE_CTRL_HUP 3/* Close and reinitialise 215 * any handles/connections 216 * etc. */ 217# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */ 218# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used 219 * when calling the password 220 * callback and the user 221 * interface */ 222# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration, 223 * given a string that 224 * represents a file name 225 * or so */ 226# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given 227 * section in the already 228 * loaded configuration */ 229 230/* 231 * These control commands allow an application to deal with an arbitrary 232 * engine in a dynamic way. Warn: Negative return values indicate errors FOR 233 * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other 234 * commands, including ENGINE-specific command types, return zero for an 235 * error. An ENGINE can choose to implement these ctrl functions, and can 236 * internally manage things however it chooses - it does so by setting the 237 * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise 238 * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the 239 * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's 240 * ctrl() handler need only implement its own commands - the above "meta" 241 * commands will be taken care of. 242 */ 243 244/* 245 * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", 246 * then all the remaining control commands will return failure, so it is 247 * worth checking this first if the caller is trying to "discover" the 248 * engine's capabilities and doesn't want errors generated unnecessarily. 249 */ 250# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10 251/* 252 * Returns a positive command number for the first command supported by the 253 * engine. Returns zero if no ctrl commands are supported. 254 */ 255# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11 256/* 257 * The 'long' argument specifies a command implemented by the engine, and the 258 * return value is the next command supported, or zero if there are no more. 259 */ 260# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12 261/* 262 * The 'void*' argument is a command name (cast from 'const char *'), and the 263 * return value is the command that corresponds to it. 264 */ 265# define ENGINE_CTRL_GET_CMD_FROM_NAME 13 266/* 267 * The next two allow a command to be converted into its corresponding string 268 * form. In each case, the 'long' argument supplies the command. In the 269 * NAME_LEN case, the return value is the length of the command name (not 270 * counting a trailing EOL). In the NAME case, the 'void*' argument must be a 271 * string buffer large enough, and it will be populated with the name of the 272 * command (WITH a trailing EOL). 273 */ 274# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14 275# define ENGINE_CTRL_GET_NAME_FROM_CMD 15 276/* The next two are similar but give a "short description" of a command. */ 277# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16 278# define ENGINE_CTRL_GET_DESC_FROM_CMD 17 279/* 280 * With this command, the return value is the OR'd combination of 281 * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given 282 * engine-specific ctrl command expects. 283 */ 284# define ENGINE_CTRL_GET_CMD_FLAGS 18 285 286/* 287 * ENGINE implementations should start the numbering of their own control 288 * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). 289 */ 290# define ENGINE_CMD_BASE 200 291 292/* 293 * NB: These 2 nCipher "chil" control commands are deprecated, and their 294 * functionality is now available through ENGINE-specific control commands 295 * (exposed through the above-mentioned 'CMD'-handling). Code using these 2 296 * commands should be migrated to the more general command handling before 297 * these are removed. 298 */ 299 300/* Flags specific to the nCipher "chil" engine */ 301# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 302 /* 303 * Depending on the value of the (long)i argument, this sets or 304 * unsets the SimpleForkCheck flag in the CHIL API to enable or 305 * disable checking and workarounds for applications that fork(). 306 */ 307# define ENGINE_CTRL_CHIL_NO_LOCKING 101 308 /* 309 * This prevents the initialisation function from providing mutex 310 * callbacks to the nCipher library. 311 */ 312 313/* 314 * If an ENGINE supports its own specific control commands and wishes the 315 * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on 316 * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN 317 * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl() 318 * handler that supports the stated commands (ie. the "cmd_num" entries as 319 * described by the array). NB: The array must be ordered in increasing order 320 * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element 321 * has cmd_num set to zero and/or cmd_name set to NULL. 322 */ 323typedef struct ENGINE_CMD_DEFN_st { 324 unsigned int cmd_num; /* The command number */ 325 const char *cmd_name; /* The command name itself */ 326 const char *cmd_desc; /* A short description of the command */ 327 unsigned int cmd_flags; /* The input the command expects */ 328} ENGINE_CMD_DEFN; 329 330/* Generic function pointer */ 331typedef int (*ENGINE_GEN_FUNC_PTR) (void); 332/* Generic function pointer taking no arguments */ 333typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *); 334/* Specific control function pointer */ 335typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *, 336 void (*f) (void)); 337/* Generic load_key function pointer */ 338typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, 339 UI_METHOD *ui_method, 340 void *callback_data); 341typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl, 342 STACK_OF(X509_NAME) *ca_dn, 343 X509 **pcert, EVP_PKEY **pkey, 344 STACK_OF(X509) **pother, 345 UI_METHOD *ui_method, 346 void *callback_data); 347/*- 348 * These callback types are for an ENGINE's handler for cipher and digest logic. 349 * These handlers have these prototypes; 350 * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); 351 * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); 352 * Looking at how to implement these handlers in the case of cipher support, if 353 * the framework wants the EVP_CIPHER for 'nid', it will call; 354 * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) 355 * If the framework wants a list of supported 'nid's, it will call; 356 * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) 357 */ 358/* 359 * Returns to a pointer to the array of supported cipher 'nid's. If the 360 * second parameter is non-NULL it is set to the size of the returned array. 361 */ 362typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **, 363 const int **, int); 364typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **, 365 int); 366typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **, 367 const int **, int); 368typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **, 369 const int **, int); 370/* 371 * STRUCTURE functions ... all of these functions deal with pointers to 372 * ENGINE structures where the pointers have a "structural reference". This 373 * means that their reference is to allowed access to the structure but it 374 * does not imply that the structure is functional. To simply increment or 375 * decrement the structural reference count, use ENGINE_by_id and 376 * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next 377 * as it will automatically decrement the structural reference count of the 378 * "current" ENGINE and increment the structural reference count of the 379 * ENGINE it returns (unless it is NULL). 380 */ 381 382/* Get the first/last "ENGINE" type available. */ 383ENGINE *ENGINE_get_first(void); 384ENGINE *ENGINE_get_last(void); 385/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ 386ENGINE *ENGINE_get_next(ENGINE *e); 387ENGINE *ENGINE_get_prev(ENGINE *e); 388/* Add another "ENGINE" type into the array. */ 389int ENGINE_add(ENGINE *e); 390/* Remove an existing "ENGINE" type from the array. */ 391int ENGINE_remove(ENGINE *e); 392/* Retrieve an engine from the list by its unique "id" value. */ 393ENGINE *ENGINE_by_id(const char *id); 394/* Add all the built-in engines. */ 395void ENGINE_load_openssl(void); 396void ENGINE_load_dynamic(void); 397# ifndef OPENSSL_NO_STATIC_ENGINE 398void ENGINE_load_4758cca(void); 399void ENGINE_load_aep(void); 400void ENGINE_load_atalla(void); 401void ENGINE_load_chil(void); 402void ENGINE_load_cswift(void); 403void ENGINE_load_nuron(void); 404void ENGINE_load_sureware(void); 405void ENGINE_load_ubsec(void); 406void ENGINE_load_padlock(void); 407void ENGINE_load_capi(void); 408# ifndef OPENSSL_NO_GMP 409void ENGINE_load_gmp(void); 410# endif 411# ifndef OPENSSL_NO_GOST 412void ENGINE_load_gost(void); 413# endif 414# endif 415void ENGINE_load_cryptodev(void); 416void ENGINE_load_rdrand(void); 417void ENGINE_load_builtin_engines(void); 418 419/* 420 * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation 421 * "registry" handling. 422 */ 423unsigned int ENGINE_get_table_flags(void); 424void ENGINE_set_table_flags(unsigned int flags); 425 426/*- Manage registration of ENGINEs per "table". For each type, there are 3 427 * functions; 428 * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) 429 * ENGINE_unregister_***(e) - unregister the implementation from 'e' 430 * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list 431 * Cleanup is automatically registered from each table when required, so 432 * ENGINE_cleanup() will reverse any "register" operations. 433 */ 434 435int ENGINE_register_RSA(ENGINE *e); 436void ENGINE_unregister_RSA(ENGINE *e); 437void ENGINE_register_all_RSA(void); 438 439int ENGINE_register_DSA(ENGINE *e); 440void ENGINE_unregister_DSA(ENGINE *e); 441void ENGINE_register_all_DSA(void); 442 443int ENGINE_register_ECDH(ENGINE *e); 444void ENGINE_unregister_ECDH(ENGINE *e); 445void ENGINE_register_all_ECDH(void); 446 447int ENGINE_register_ECDSA(ENGINE *e); 448void ENGINE_unregister_ECDSA(ENGINE *e); 449void ENGINE_register_all_ECDSA(void); 450 451int ENGINE_register_DH(ENGINE *e); 452void ENGINE_unregister_DH(ENGINE *e); 453void ENGINE_register_all_DH(void); 454 455int ENGINE_register_RAND(ENGINE *e); 456void ENGINE_unregister_RAND(ENGINE *e); 457void ENGINE_register_all_RAND(void); 458 459int ENGINE_register_STORE(ENGINE *e); 460void ENGINE_unregister_STORE(ENGINE *e); 461void ENGINE_register_all_STORE(void); 462 463int ENGINE_register_ciphers(ENGINE *e); 464void ENGINE_unregister_ciphers(ENGINE *e); 465void ENGINE_register_all_ciphers(void); 466 467int ENGINE_register_digests(ENGINE *e); 468void ENGINE_unregister_digests(ENGINE *e); 469void ENGINE_register_all_digests(void); 470 471int ENGINE_register_pkey_meths(ENGINE *e); 472void ENGINE_unregister_pkey_meths(ENGINE *e); 473void ENGINE_register_all_pkey_meths(void); 474 475int ENGINE_register_pkey_asn1_meths(ENGINE *e); 476void ENGINE_unregister_pkey_asn1_meths(ENGINE *e); 477void ENGINE_register_all_pkey_asn1_meths(void); 478 479/* 480 * These functions register all support from the above categories. Note, use 481 * of these functions can result in static linkage of code your application 482 * may not need. If you only need a subset of functionality, consider using 483 * more selective initialisation. 484 */ 485int ENGINE_register_complete(ENGINE *e); 486int ENGINE_register_all_complete(void); 487 488/* 489 * Send parametrised control commands to the engine. The possibilities to 490 * send down an integer, a pointer to data or a function pointer are 491 * provided. Any of the parameters may or may not be NULL, depending on the 492 * command number. In actuality, this function only requires a structural 493 * (rather than functional) reference to an engine, but many control commands 494 * may require the engine be functional. The caller should be aware of trying 495 * commands that require an operational ENGINE, and only use functional 496 * references in such situations. 497 */ 498int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)); 499 500/* 501 * This function tests if an ENGINE-specific command is usable as a 502 * "setting". Eg. in an application's config file that gets processed through 503 * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to 504 * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). 505 */ 506int ENGINE_cmd_is_executable(ENGINE *e, int cmd); 507 508/* 509 * This function works like ENGINE_ctrl() with the exception of taking a 510 * command name instead of a command number, and can handle optional 511 * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation 512 * on how to use the cmd_name and cmd_optional. 513 */ 514int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, 515 long i, void *p, void (*f) (void), int cmd_optional); 516 517/* 518 * This function passes a command-name and argument to an ENGINE. The 519 * cmd_name is converted to a command number and the control command is 520 * called using 'arg' as an argument (unless the ENGINE doesn't support such 521 * a command, in which case no control command is called). The command is 522 * checked for input flags, and if necessary the argument will be converted 523 * to a numeric value. If cmd_optional is non-zero, then if the ENGINE 524 * doesn't support the given cmd_name the return value will be success 525 * anyway. This function is intended for applications to use so that users 526 * (or config files) can supply engine-specific config data to the ENGINE at 527 * run-time to control behaviour of specific engines. As such, it shouldn't 528 * be used for calling ENGINE_ctrl() functions that return data, deal with 529 * binary data, or that are otherwise supposed to be used directly through 530 * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl() 531 * operation in this function will be lost - the return value is interpreted 532 * as failure if the return value is zero, success otherwise, and this 533 * function returns a boolean value as a result. In other words, vendors of 534 * 'ENGINE'-enabled devices should write ENGINE implementations with 535 * parameterisations that work in this scheme, so that compliant ENGINE-based 536 * applications can work consistently with the same configuration for the 537 * same ENGINE-enabled devices, across applications. 538 */ 539int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, 540 int cmd_optional); 541 542/* 543 * These functions are useful for manufacturing new ENGINE structures. They 544 * don't address reference counting at all - one uses them to populate an 545 * ENGINE structure with personalised implementations of things prior to 546 * using it directly or adding it to the builtin ENGINE list in OpenSSL. 547 * These are also here so that the ENGINE structure doesn't have to be 548 * exposed and break binary compatibility! 549 */ 550ENGINE *ENGINE_new(void); 551int ENGINE_free(ENGINE *e); 552int ENGINE_up_ref(ENGINE *e); 553int ENGINE_set_id(ENGINE *e, const char *id); 554int ENGINE_set_name(ENGINE *e, const char *name); 555int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); 556int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); 557int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); 558int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); 559int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); 560int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); 561int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); 562int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); 563int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); 564int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); 565int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); 566int ENGINE_set_load_privkey_function(ENGINE *e, 567 ENGINE_LOAD_KEY_PTR loadpriv_f); 568int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); 569int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, 570 ENGINE_SSL_CLIENT_CERT_PTR 571 loadssl_f); 572int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); 573int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); 574int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); 575int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); 576int ENGINE_set_flags(ENGINE *e, int flags); 577int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); 578/* These functions allow control over any per-structure ENGINE data. */ 579int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 580 CRYPTO_EX_dup *dup_func, 581 CRYPTO_EX_free *free_func); 582int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); 583void *ENGINE_get_ex_data(const ENGINE *e, int idx); 584 585/* 586 * This function cleans up anything that needs it. Eg. the ENGINE_add() 587 * function automatically ensures the list cleanup function is registered to 588 * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_*** 589 * functions ensure ENGINE_cleanup() will clean up after them. 590 */ 591void ENGINE_cleanup(void); 592 593/* 594 * These return values from within the ENGINE structure. These can be useful 595 * with functional references as well as structural references - it depends 596 * which you obtained. Using the result for functional purposes if you only 597 * obtained a structural reference may be problematic! 598 */ 599const char *ENGINE_get_id(const ENGINE *e); 600const char *ENGINE_get_name(const ENGINE *e); 601const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); 602const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); 603const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); 604const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); 605const DH_METHOD *ENGINE_get_DH(const ENGINE *e); 606const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); 607const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); 608ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); 609ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); 610ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); 611ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); 612ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); 613ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); 614ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE 615 *e); 616ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); 617ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); 618ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); 619ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); 620const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); 621const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); 622const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); 623const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); 624const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, 625 const char *str, 626 int len); 627const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, 628 const char *str, 629 int len); 630const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); 631int ENGINE_get_flags(const ENGINE *e); 632 633/* 634 * FUNCTIONAL functions. These functions deal with ENGINE structures that 635 * have (or will) be initialised for use. Broadly speaking, the structural 636 * functions are useful for iterating the list of available engine types, 637 * creating new engine types, and other "list" operations. These functions 638 * actually deal with ENGINEs that are to be used. As such these functions 639 * can fail (if applicable) when particular engines are unavailable - eg. if 640 * a hardware accelerator is not attached or not functioning correctly. Each 641 * ENGINE has 2 reference counts; structural and functional. Every time a 642 * functional reference is obtained or released, a corresponding structural 643 * reference is automatically obtained or released too. 644 */ 645 646/* 647 * Initialise a engine type for use (or up its reference count if it's 648 * already in use). This will fail if the engine is not currently operational 649 * and cannot initialise. 650 */ 651int ENGINE_init(ENGINE *e); 652/* 653 * Free a functional reference to a engine type. This does not require a 654 * corresponding call to ENGINE_free as it also releases a structural 655 * reference. 656 */ 657int ENGINE_finish(ENGINE *e); 658 659/* 660 * The following functions handle keys that are stored in some secondary 661 * location, handled by the engine. The storage may be on a card or 662 * whatever. 663 */ 664EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, 665 UI_METHOD *ui_method, void *callback_data); 666EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, 667 UI_METHOD *ui_method, void *callback_data); 668int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, 669 STACK_OF(X509_NAME) *ca_dn, X509 **pcert, 670 EVP_PKEY **ppkey, STACK_OF(X509) **pother, 671 UI_METHOD *ui_method, void *callback_data); 672 673/* 674 * This returns a pointer for the current ENGINE structure that is (by 675 * default) performing any RSA operations. The value returned is an 676 * incremented reference, so it should be free'd (ENGINE_finish) before it is 677 * discarded. 678 */ 679ENGINE *ENGINE_get_default_RSA(void); 680/* Same for the other "methods" */ 681ENGINE *ENGINE_get_default_DSA(void); 682ENGINE *ENGINE_get_default_ECDH(void); 683ENGINE *ENGINE_get_default_ECDSA(void); 684ENGINE *ENGINE_get_default_DH(void); 685ENGINE *ENGINE_get_default_RAND(void); 686/* 687 * These functions can be used to get a functional reference to perform 688 * ciphering or digesting corresponding to "nid". 689 */ 690ENGINE *ENGINE_get_cipher_engine(int nid); 691ENGINE *ENGINE_get_digest_engine(int nid); 692ENGINE *ENGINE_get_pkey_meth_engine(int nid); 693ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); 694 695/* 696 * This sets a new default ENGINE structure for performing RSA operations. If 697 * the result is non-zero (success) then the ENGINE structure will have had 698 * its reference count up'd so the caller should still free their own 699 * reference 'e'. 700 */ 701int ENGINE_set_default_RSA(ENGINE *e); 702int ENGINE_set_default_string(ENGINE *e, const char *def_list); 703/* Same for the other "methods" */ 704int ENGINE_set_default_DSA(ENGINE *e); 705int ENGINE_set_default_ECDH(ENGINE *e); 706int ENGINE_set_default_ECDSA(ENGINE *e); 707int ENGINE_set_default_DH(ENGINE *e); 708int ENGINE_set_default_RAND(ENGINE *e); 709int ENGINE_set_default_ciphers(ENGINE *e); 710int ENGINE_set_default_digests(ENGINE *e); 711int ENGINE_set_default_pkey_meths(ENGINE *e); 712int ENGINE_set_default_pkey_asn1_meths(ENGINE *e); 713 714/* 715 * The combination "set" - the flags are bitwise "OR"d from the 716 * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" 717 * function, this function can result in unnecessary static linkage. If your 718 * application requires only specific functionality, consider using more 719 * selective functions. 720 */ 721int ENGINE_set_default(ENGINE *e, unsigned int flags); 722 723void ENGINE_add_conf_module(void); 724 725/* Deprecated functions ... */ 726/* int ENGINE_clear_defaults(void); */ 727 728/**************************/ 729/* DYNAMIC ENGINE SUPPORT */ 730/**************************/ 731 732/* Binary/behaviour compatibility levels */ 733# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 734/* 735 * Binary versions older than this are too old for us (whether we're a loader 736 * or a loadee) 737 */ 738# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 739 740/* 741 * When compiling an ENGINE entirely as an external shared library, loadable 742 * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' 743 * structure type provides the calling application's (or library's) error 744 * functionality and memory management function pointers to the loaded 745 * library. These should be used/set in the loaded library code so that the 746 * loading application's 'state' will be used/changed in all operations. The 747 * 'static_state' pointer allows the loaded library to know if it shares the 748 * same static data as the calling application (or library), and thus whether 749 * these callbacks need to be set or not. 750 */ 751typedef void *(*dyn_MEM_malloc_cb) (size_t); 752typedef void *(*dyn_MEM_realloc_cb) (void *, size_t); 753typedef void (*dyn_MEM_free_cb) (void *); 754typedef struct st_dynamic_MEM_fns { 755 dyn_MEM_malloc_cb malloc_cb; 756 dyn_MEM_realloc_cb realloc_cb; 757 dyn_MEM_free_cb free_cb; 758} dynamic_MEM_fns; 759/* 760 * FIXME: Perhaps the memory and locking code (crypto.h) should declare and 761 * use these types so we (and any other dependant code) can simplify a bit?? 762 */ 763typedef void (*dyn_lock_locking_cb) (int, int, const char *, int); 764typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int); 765typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *, 766 int); 767typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *, 768 const char *, int); 769typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *, 770 const char *, int); 771typedef struct st_dynamic_LOCK_fns { 772 dyn_lock_locking_cb lock_locking_cb; 773 dyn_lock_add_lock_cb lock_add_lock_cb; 774 dyn_dynlock_create_cb dynlock_create_cb; 775 dyn_dynlock_lock_cb dynlock_lock_cb; 776 dyn_dynlock_destroy_cb dynlock_destroy_cb; 777} dynamic_LOCK_fns; 778/* The top-level structure */ 779typedef struct st_dynamic_fns { 780 void *static_state; 781 const ERR_FNS *err_fns; 782 const CRYPTO_EX_DATA_IMPL *ex_data_fns; 783 dynamic_MEM_fns mem_fns; 784 dynamic_LOCK_fns lock_fns; 785} dynamic_fns; 786 787/* 788 * The version checking function should be of this prototype. NB: The 789 * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading 790 * code. If this function returns zero, it indicates a (potential) version 791 * incompatibility and the loaded library doesn't believe it can proceed. 792 * Otherwise, the returned value is the (latest) version supported by the 793 * loading library. The loader may still decide that the loaded code's 794 * version is unsatisfactory and could veto the load. The function is 795 * expected to be implemented with the symbol name "v_check", and a default 796 * implementation can be fully instantiated with 797 * IMPLEMENT_DYNAMIC_CHECK_FN(). 798 */ 799typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version); 800# define IMPLEMENT_DYNAMIC_CHECK_FN() \ 801 OPENSSL_EXPORT unsigned long v_check(unsigned long v); \ 802 OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \ 803 if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ 804 return 0; } 805 806/* 807 * This function is passed the ENGINE structure to initialise with its own 808 * function and command settings. It should not adjust the structural or 809 * functional reference counts. If this function returns zero, (a) the load 810 * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto 811 * the structure, and (c) the shared library will be unloaded. So 812 * implementations should do their own internal cleanup in failure 813 * circumstances otherwise they could leak. The 'id' parameter, if non-NULL, 814 * represents the ENGINE id that the loader is looking for. If this is NULL, 815 * the shared library can choose to return failure or to initialise a 816 * 'default' ENGINE. If non-NULL, the shared library must initialise only an 817 * ENGINE matching the passed 'id'. The function is expected to be 818 * implemented with the symbol name "bind_engine". A standard implementation 819 * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter 820 * 'fn' is a callback function that populates the ENGINE structure and 821 * returns an int value (zero for failure). 'fn' should have prototype; 822 * [static] int fn(ENGINE *e, const char *id); 823 */ 824typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id, 825 const dynamic_fns *fns); 826# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ 827 OPENSSL_EXPORT \ 828 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \ 829 OPENSSL_EXPORT \ 830 int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ 831 if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ 832 if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ 833 fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ 834 return 0; \ 835 CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \ 836 CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \ 837 CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \ 838 CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \ 839 CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \ 840 if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ 841 return 0; \ 842 if(!ERR_set_implementation(fns->err_fns)) return 0; \ 843 skip_cbs: \ 844 if(!fn(e,id)) return 0; \ 845 return 1; } 846 847/* 848 * If the loading application (or library) and the loaded ENGINE library 849 * share the same static data (eg. they're both dynamically linked to the 850 * same libcrypto.so) we need a way to avoid trying to set system callbacks - 851 * this would fail, and for the same reason that it's unnecessary to try. If 852 * the loaded ENGINE has (or gets from through the loader) its own copy of 853 * the libcrypto static data, we will need to set the callbacks. The easiest 854 * way to detect this is to have a function that returns a pointer to some 855 * static data and let the loading application and loaded ENGINE compare 856 * their respective values. 857 */ 858void *ENGINE_get_static_state(void); 859 860# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) 861void ENGINE_setup_bsd_cryptodev(void); 862# endif 863 864/* BEGIN ERROR CODES */ 865/* 866 * The following lines are auto generated by the script mkerr.pl. Any changes 867 * made after this point may be overwritten when the script is next run. 868 */ 869void ERR_load_ENGINE_strings(void); 870 871/* Error codes for the ENGINE functions. */ 872 873/* Function codes. */ 874# define ENGINE_F_DYNAMIC_CTRL 180 875# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 876# define ENGINE_F_DYNAMIC_LOAD 182 877# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 878# define ENGINE_F_ENGINE_ADD 105 879# define ENGINE_F_ENGINE_BY_ID 106 880# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 881# define ENGINE_F_ENGINE_CTRL 142 882# define ENGINE_F_ENGINE_CTRL_CMD 178 883# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 884# define ENGINE_F_ENGINE_FINISH 107 885# define ENGINE_F_ENGINE_FREE_UTIL 108 886# define ENGINE_F_ENGINE_GET_CIPHER 185 887# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 888# define ENGINE_F_ENGINE_GET_DIGEST 186 889# define ENGINE_F_ENGINE_GET_NEXT 115 890# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 891# define ENGINE_F_ENGINE_GET_PKEY_METH 192 892# define ENGINE_F_ENGINE_GET_PREV 116 893# define ENGINE_F_ENGINE_INIT 119 894# define ENGINE_F_ENGINE_LIST_ADD 120 895# define ENGINE_F_ENGINE_LIST_REMOVE 121 896# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 897# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 898# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 899# define ENGINE_F_ENGINE_NEW 122 900# define ENGINE_F_ENGINE_REMOVE 123 901# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 902# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 903# define ENGINE_F_ENGINE_SET_ID 129 904# define ENGINE_F_ENGINE_SET_NAME 130 905# define ENGINE_F_ENGINE_TABLE_REGISTER 184 906# define ENGINE_F_ENGINE_UNLOAD_KEY 152 907# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 908# define ENGINE_F_ENGINE_UP_REF 190 909# define ENGINE_F_INT_CTRL_HELPER 172 910# define ENGINE_F_INT_ENGINE_CONFIGURE 188 911# define ENGINE_F_INT_ENGINE_MODULE_INIT 187 912# define ENGINE_F_LOG_MESSAGE 141 913 914/* Reason codes. */ 915# define ENGINE_R_ALREADY_LOADED 100 916# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133 917# define ENGINE_R_CMD_NOT_EXECUTABLE 134 918# define ENGINE_R_COMMAND_TAKES_INPUT 135 919# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136 920# define ENGINE_R_CONFLICTING_ENGINE_ID 103 921# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 922# define ENGINE_R_DH_NOT_IMPLEMENTED 139 923# define ENGINE_R_DSA_NOT_IMPLEMENTED 140 924# define ENGINE_R_DSO_FAILURE 104 925# define ENGINE_R_DSO_NOT_FOUND 132 926# define ENGINE_R_ENGINES_SECTION_ERROR 148 927# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 928# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 929# define ENGINE_R_ENGINE_SECTION_ERROR 149 930# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 931# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 932# define ENGINE_R_FINISH_FAILED 106 933# define ENGINE_R_GET_HANDLE_FAILED 107 934# define ENGINE_R_ID_OR_NAME_MISSING 108 935# define ENGINE_R_INIT_FAILED 109 936# define ENGINE_R_INTERNAL_LIST_ERROR 110 937# define ENGINE_R_INVALID_ARGUMENT 143 938# define ENGINE_R_INVALID_CMD_NAME 137 939# define ENGINE_R_INVALID_CMD_NUMBER 138 940# define ENGINE_R_INVALID_INIT_VALUE 151 941# define ENGINE_R_INVALID_STRING 150 942# define ENGINE_R_NOT_INITIALISED 117 943# define ENGINE_R_NOT_LOADED 112 944# define ENGINE_R_NO_CONTROL_FUNCTION 120 945# define ENGINE_R_NO_INDEX 144 946# define ENGINE_R_NO_LOAD_FUNCTION 125 947# define ENGINE_R_NO_REFERENCE 130 948# define ENGINE_R_NO_SUCH_ENGINE 116 949# define ENGINE_R_NO_UNLOAD_FUNCTION 126 950# define ENGINE_R_PROVIDE_PARAMETERS 113 951# define ENGINE_R_RSA_NOT_IMPLEMENTED 141 952# define ENGINE_R_UNIMPLEMENTED_CIPHER 146 953# define ENGINE_R_UNIMPLEMENTED_DIGEST 147 954# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 955# define ENGINE_R_VERSION_INCOMPATIBILITY 145 956 957#ifdef __cplusplus 958} 959#endif 960#endif 961