projects / openwrt / staging / chunkeey.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
openssl: bump to 1.1.1l
[openwrt/staging/chunkeey.git] / package / libs / openssl / patches / 410-eng_devcrypto-add-configuration-options.patch
1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2 From: Eneas U de Queiroz <cote2004-github@yahoo.com>
3 Date: Sat, 3 Nov 2018 15:41:10 -0300
4 Subject: eng_devcrypto: add configuration options
5
6 USE_SOFTDRIVERS: whether to use software (not accelerated) drivers
7 CIPHERS: list of ciphers to enable
8 DIGESTS: list of digests to enable
9
10 Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
11
12 Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
13 Reviewed-by: Richard Levitte <levitte@openssl.org>
14 (Merged from https://github.com/openssl/openssl/pull/7585)
15
16 diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
17 --- a/crypto/engine/eng_devcrypto.c
18 +++ b/crypto/engine/eng_devcrypto.c
19 @@ -16,6 +16,7 @@
20 #include <unistd.h>
21 #include <assert.h>
22
23 +#include <openssl/conf.h>
24 #include <openssl/evp.h>
25 #include <openssl/err.h>
26 #include <openssl/engine.h>
27 @@ -36,6 +37,30 @@
28 * saner... why re-open /dev/crypto for every session?
29 */
30 static int cfd;
31 +#define DEVCRYPTO_REQUIRE_ACCELERATED 0 /* require confirmation of acceleration */
32 +#define DEVCRYPTO_USE_SOFTWARE 1 /* allow software drivers */
33 +#define DEVCRYPTO_REJECT_SOFTWARE 2 /* only disallow confirmed software drivers */
34 +
35 +#define DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS DEVCRYPTO_REJECT_SOFTWARE
36 +static int use_softdrivers = DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS;
37 +
38 +/*
39 + * cipher/digest status & acceleration definitions
40 + * Make sure the defaults are set to 0
41 + */
42 +struct driver_info_st {
43 + enum devcrypto_status_t {
44 + DEVCRYPTO_STATUS_UNUSABLE = -1, /* session open failed */
45 + DEVCRYPTO_STATUS_UNKNOWN = 0, /* not tested yet */
46 + DEVCRYPTO_STATUS_USABLE = 1 /* algo can be used */
47 + } status;
48 +
49 + enum devcrypto_accelerated_t {
50 + DEVCRYPTO_NOT_ACCELERATED = -1, /* software implemented */
51 + DEVCRYPTO_ACCELERATION_UNKNOWN = 0, /* acceleration support unkown */
52 + DEVCRYPTO_ACCELERATED = 1 /* hardware accelerated */
53 + } accelerated;
54 +};
55
56 static int clean_devcrypto_session(struct session_op *sess) {
57 if (ioctl(cfd, CIOCFSESSION, &sess->ses) < 0) {
58 @@ -119,13 +144,22 @@ static const struct cipher_data_st {
59 #endif
60 };
61
62 -static size_t get_cipher_data_index(int nid)
63 +static size_t find_cipher_data_index(int nid)
64 {
65 size_t i;
66
67 for (i = 0; i < OSSL_NELEM(cipher_data); i++)
68 if (nid == cipher_data[i].nid)
69 return i;
70 + return (size_t)-1;
71 +}
72 +
73 +static size_t get_cipher_data_index(int nid)
74 +{
75 + size_t i = find_cipher_data_index(nid);
76 +
77 + if (i != (size_t)-1)
78 + return i;
79
80 /*
81 * Code further down must make sure that only NIDs in the table above
82 @@ -333,19 +367,40 @@ static int cipher_cleanup(EVP_CIPHER_CTX *ctx)
83 }
84
85 /*
86 - * Keep a table of known nids and associated methods.
87 + * Keep tables of known nids, associated methods, selected ciphers, and driver
88 + * info.
89 * Note that known_cipher_nids[] isn't necessarily indexed the same way as
90 - * cipher_data[] above, which known_cipher_methods[] is.
91 + * cipher_data[] above, which the other tables are.
92 */
93 static int known_cipher_nids[OSSL_NELEM(cipher_data)];
94 static int known_cipher_nids_amount = -1; /* -1 indicates not yet initialised */
95 static EVP_CIPHER *known_cipher_methods[OSSL_NELEM(cipher_data)] = { NULL, };
96 +static int selected_ciphers[OSSL_NELEM(cipher_data)];
97 +static struct driver_info_st cipher_driver_info[OSSL_NELEM(cipher_data)];
98 +
99 +
100 +static int devcrypto_test_cipher(size_t cipher_data_index)
101 +{
102 + return (cipher_driver_info[cipher_data_index].status == DEVCRYPTO_STATUS_USABLE
103 + && selected_ciphers[cipher_data_index] == 1
104 + && (cipher_driver_info[cipher_data_index].accelerated
105 + == DEVCRYPTO_ACCELERATED
106 + || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
107 + || (cipher_driver_info[cipher_data_index].accelerated
108 + != DEVCRYPTO_NOT_ACCELERATED
109 + && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
110 +}
111
112 static void prepare_cipher_methods(void)
113 {
114 size_t i;
115 struct session_op sess;
116 unsigned long cipher_mode;
117 +#ifdef CIOCGSESSINFO
118 + struct session_info_op siop;
119 +#endif
120 +
121 + memset(&cipher_driver_info, 0, sizeof(cipher_driver_info));
122
123 memset(&sess, 0, sizeof(sess));
124 sess.key = (void *)"01234567890123456789012345678901234567890123456789";
125 @@ -353,15 +408,16 @@ static void prepare_cipher_methods(void)
126 for (i = 0, known_cipher_nids_amount = 0;
127 i < OSSL_NELEM(cipher_data); i++) {
128
129 + selected_ciphers[i] = 1;
130 /*
131 - * Check that the algo is really availably by trying to open and close
132 - * a session.
133 + * Check that the cipher is usable
134 */
135 sess.cipher = cipher_data[i].devcryptoid;
136 sess.keylen = cipher_data[i].keylen;
137 - if (ioctl(cfd, CIOCGSESSION, &sess) < 0
138 - || ioctl(cfd, CIOCFSESSION, &sess.ses) < 0)
139 + if (ioctl(cfd, CIOCGSESSION, &sess) < 0) {
140 + cipher_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
141 continue;
142 + }
143
144 cipher_mode = cipher_data[i].flags & EVP_CIPH_MODE;
145
146 @@ -387,15 +443,41 @@ static void prepare_cipher_methods(void)
147 cipher_cleanup)
148 || !EVP_CIPHER_meth_set_impl_ctx_size(known_cipher_methods[i],
149 sizeof(struct cipher_ctx))) {
150 + cipher_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
151 EVP_CIPHER_meth_free(known_cipher_methods[i]);
152 known_cipher_methods[i] = NULL;
153 } else {
154 + cipher_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
155 +#ifdef CIOCGSESSINFO
156 + siop.ses = sess.ses;
157 + if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0)
158 + cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
159 + else if (!(siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY))
160 + cipher_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
161 + else
162 + cipher_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
163 +#endif /* CIOCGSESSINFO */
164 + }
165 + ioctl(cfd, CIOCFSESSION, &sess.ses);
166 + if (devcrypto_test_cipher(i)) {
167 known_cipher_nids[known_cipher_nids_amount++] =
168 cipher_data[i].nid;
169 }
170 }
171 }
172
173 +static void rebuild_known_cipher_nids(ENGINE *e)
174 +{
175 + size_t i;
176 +
177 + for (i = 0, known_cipher_nids_amount = 0; i < OSSL_NELEM(cipher_data); i++) {
178 + if (devcrypto_test_cipher(i))
179 + known_cipher_nids[known_cipher_nids_amount++] = cipher_data[i].nid;
180 + }
181 + ENGINE_unregister_ciphers(e);
182 + ENGINE_register_ciphers(e);
183 +}
184 +
185 static const EVP_CIPHER *get_cipher_method(int nid)
186 {
187 size_t i = get_cipher_data_index(nid);
188 @@ -438,6 +520,36 @@ static int devcrypto_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
189 return *cipher != NULL;
190 }
191
192 +static void devcrypto_select_all_ciphers(int *cipher_list)
193 +{
194 + size_t i;
195 +
196 + for (i = 0; i < OSSL_NELEM(cipher_data); i++)
197 + cipher_list[i] = 1;
198 +}
199 +
200 +static int cryptodev_select_cipher_cb(const char *str, int len, void *usr)
201 +{
202 + int *cipher_list = (int *)usr;
203 + char *name;
204 + const EVP_CIPHER *EVP;
205 + size_t i;
206 +
207 + if (len == 0)
208 + return 1;
209 + if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
210 + return 0;
211 + EVP = EVP_get_cipherbyname(name);
212 + if (EVP == NULL)
213 + fprintf(stderr, "devcrypto: unknown cipher %s\n", name);
214 + else if ((i = find_cipher_data_index(EVP_CIPHER_nid(EVP))) != (size_t)-1)
215 + cipher_list[i] = 1;
216 + else
217 + fprintf(stderr, "devcrypto: cipher %s not available\n", name);
218 + OPENSSL_free(name);
219 + return 1;
220 +}
221 +
222 /*
223 * We only support digests if the cryptodev implementation supports multiple
224 * data updates and session copying. Otherwise, we would be forced to maintain
225 @@ -493,13 +605,22 @@ static const struct digest_data_st {
226 #endif
227 };
228
229 -static size_t get_digest_data_index(int nid)
230 +static size_t find_digest_data_index(int nid)
231 {
232 size_t i;
233
234 for (i = 0; i < OSSL_NELEM(digest_data); i++)
235 if (nid == digest_data[i].nid)
236 return i;
237 + return (size_t)-1;
238 +}
239 +
240 +static size_t get_digest_data_index(int nid)
241 +{
242 + size_t i = find_digest_data_index(nid);
243 +
244 + if (i != (size_t)-1)
245 + return i;
246
247 /*
248 * Code further down must make sure that only NIDs in the table above
249 @@ -516,8 +637,8 @@ static const struct digest_data_st *get_digest_data(int nid)
250 }
251
252 /*
253 - * Following are the four necessary functions to map OpenSSL functionality
254 - * with cryptodev.
255 + * Following are the five necessary functions to map OpenSSL functionality
256 + * with cryptodev: init, update, final, cleanup, and copy.
257 */
258
259 static int digest_init(EVP_MD_CTX *ctx)
260 @@ -630,52 +751,94 @@ static int digest_cleanup(EVP_MD_CTX *ctx)
261 return clean_devcrypto_session(&digest_ctx->sess);
262 }
263
264 -static int devcrypto_test_digest(size_t digest_data_index)
265 -{
266 - struct session_op sess1, sess2;
267 - struct cphash_op cphash;
268 - int ret=0;
269 -
270 - memset(&sess1, 0, sizeof(sess1));
271 - memset(&sess2, 0, sizeof(sess2));
272 - sess1.mac = digest_data[digest_data_index].devcryptoid;
273 - if (ioctl(cfd, CIOCGSESSION, &sess1) < 0)
274 - return 0;
275 - /* Make sure the driver is capable of hash state copy */
276 - sess2.mac = sess1.mac;
277 - if (ioctl(cfd, CIOCGSESSION, &sess2) >= 0) {
278 - cphash.src_ses = sess1.ses;
279 - cphash.dst_ses = sess2.ses;
280 - if (ioctl(cfd, CIOCCPHASH, &cphash) >= 0)
281 - ret = 1;
282 - ioctl(cfd, CIOCFSESSION, &sess2.ses);
283 - }
284 - ioctl(cfd, CIOCFSESSION, &sess1.ses);
285 - return ret;
286 -}
287 -
288 /*
289 - * Keep a table of known nids and associated methods.
290 + * Keep tables of known nids, associated methods, selected digests, and
291 + * driver info.
292 * Note that known_digest_nids[] isn't necessarily indexed the same way as
293 - * digest_data[] above, which known_digest_methods[] is.
294 + * digest_data[] above, which the other tables are.
295 */
296 static int known_digest_nids[OSSL_NELEM(digest_data)];
297 static int known_digest_nids_amount = -1; /* -1 indicates not yet initialised */
298 static EVP_MD *known_digest_methods[OSSL_NELEM(digest_data)] = { NULL, };
299 +static int selected_digests[OSSL_NELEM(digest_data)];
300 +static struct driver_info_st digest_driver_info[OSSL_NELEM(digest_data)];
301 +
302 +static int devcrypto_test_digest(size_t digest_data_index)
303 +{
304 + return (digest_driver_info[digest_data_index].status == DEVCRYPTO_STATUS_USABLE
305 + && selected_digests[digest_data_index] == 1
306 + && (digest_driver_info[digest_data_index].accelerated
307 + == DEVCRYPTO_ACCELERATED
308 + || use_softdrivers == DEVCRYPTO_USE_SOFTWARE
309 + || (digest_driver_info[digest_data_index].accelerated
310 + != DEVCRYPTO_NOT_ACCELERATED
311 + && use_softdrivers == DEVCRYPTO_REJECT_SOFTWARE)));
312 +}
313 +
314 +static void rebuild_known_digest_nids(ENGINE *e)
315 +{
316 + size_t i;
317 +
318 + for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data); i++) {
319 + if (devcrypto_test_digest(i))
320 + known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
321 + }
322 + ENGINE_unregister_digests(e);
323 + ENGINE_register_digests(e);
324 +}
325
326 static void prepare_digest_methods(void)
327 {
328 size_t i;
329 + struct session_op sess1, sess2;
330 +#ifdef CIOCGSESSINFO
331 + struct session_info_op siop;
332 +#endif
333 + struct cphash_op cphash;
334 +
335 + memset(&digest_driver_info, 0, sizeof(digest_driver_info));
336 +
337 + memset(&sess1, 0, sizeof(sess1));
338 + memset(&sess2, 0, sizeof(sess2));
339
340 for (i = 0, known_digest_nids_amount = 0; i < OSSL_NELEM(digest_data);
341 i++) {
342
343 + selected_digests[i] = 1;
344 +
345 /*
346 - * Check that the algo is usable
347 + * Check that the digest is usable
348 */
349 - if (!devcrypto_test_digest(i))
350 - continue;
351 + sess1.mac = digest_data[i].devcryptoid;
352 + sess2.ses = 0;
353 + if (ioctl(cfd, CIOCGSESSION, &sess1) < 0) {
354 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
355 + goto finish;
356 + }
357
358 +#ifdef CIOCGSESSINFO
359 + /* gather hardware acceleration info from the driver */
360 + siop.ses = sess1.ses;
361 + if (ioctl(cfd, CIOCGSESSINFO, &siop) < 0)
362 + digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATION_UNKNOWN;
363 + else if (siop.flags & SIOP_FLAG_KERNEL_DRIVER_ONLY)
364 + digest_driver_info[i].accelerated = DEVCRYPTO_ACCELERATED;
365 + else
366 + digest_driver_info[i].accelerated = DEVCRYPTO_NOT_ACCELERATED;
367 +#endif
368 +
369 + /* digest must be capable of hash state copy */
370 + sess2.mac = sess1.mac;
371 + if (ioctl(cfd, CIOCGSESSION, &sess2) < 0) {
372 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
373 + goto finish;
374 + }
375 + cphash.src_ses = sess1.ses;
376 + cphash.dst_ses = sess2.ses;
377 + if (ioctl(cfd, CIOCCPHASH, &cphash) < 0) {
378 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
379 + goto finish;
380 + }
381 if ((known_digest_methods[i] = EVP_MD_meth_new(digest_data[i].nid,
382 NID_undef)) == NULL
383 || !EVP_MD_meth_set_input_blocksize(known_digest_methods[i],
384 @@ -689,11 +852,18 @@ static void prepare_digest_methods(void)
385 || !EVP_MD_meth_set_cleanup(known_digest_methods[i], digest_cleanup)
386 || !EVP_MD_meth_set_app_datasize(known_digest_methods[i],
387 sizeof(struct digest_ctx))) {
388 + digest_driver_info[i].status = DEVCRYPTO_STATUS_UNUSABLE;
389 EVP_MD_meth_free(known_digest_methods[i]);
390 known_digest_methods[i] = NULL;
391 - } else {
392 - known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
393 + goto finish;
394 }
395 + digest_driver_info[i].status = DEVCRYPTO_STATUS_USABLE;
396 +finish:
397 + ioctl(cfd, CIOCFSESSION, &sess1.ses);
398 + if (sess2.ses != 0)
399 + ioctl(cfd, CIOCFSESSION, &sess2.ses);
400 + if (devcrypto_test_digest(i))
401 + known_digest_nids[known_digest_nids_amount++] = digest_data[i].nid;
402 }
403 }
404
405 @@ -739,8 +909,154 @@ static int devcrypto_digests(ENGINE *e, const EVP_MD **digest,
406 return *digest != NULL;
407 }
408
409 +static void devcrypto_select_all_digests(int *digest_list)
410 +{
411 + size_t i;
412 +
413 + for (i = 0; i < OSSL_NELEM(digest_data); i++)
414 + digest_list[i] = 1;
415 +}
416 +
417 +static int cryptodev_select_digest_cb(const char *str, int len, void *usr)
418 +{
419 + int *digest_list = (int *)usr;
420 + char *name;
421 + const EVP_MD *EVP;
422 + size_t i;
423 +
424 + if (len == 0)
425 + return 1;
426 + if (usr == NULL || (name = OPENSSL_strndup(str, len)) == NULL)
427 + return 0;
428 + EVP = EVP_get_digestbyname(name);
429 + if (EVP == NULL)
430 + fprintf(stderr, "devcrypto: unknown digest %s\n", name);
431 + else if ((i = find_digest_data_index(EVP_MD_type(EVP))) != (size_t)-1)
432 + digest_list[i] = 1;
433 + else
434 + fprintf(stderr, "devcrypto: digest %s not available\n", name);
435 + OPENSSL_free(name);
436 + return 1;
437 +}
438 +
439 +#endif
440 +
441 +/******************************************************************************
442 + *
443 + * CONTROL COMMANDS
444 + *
445 + *****/
446 +
447 +#define DEVCRYPTO_CMD_USE_SOFTDRIVERS ENGINE_CMD_BASE
448 +#define DEVCRYPTO_CMD_CIPHERS (ENGINE_CMD_BASE + 1)
449 +#define DEVCRYPTO_CMD_DIGESTS (ENGINE_CMD_BASE + 2)
450 +#define DEVCRYPTO_CMD_DUMP_INFO (ENGINE_CMD_BASE + 3)
451 +
452 +/* Helper macros for CPP string composition */
453 +#ifndef OPENSSL_MSTR
454 +# define OPENSSL_MSTR_HELPER(x) #x
455 +# define OPENSSL_MSTR(x) OPENSSL_MSTR_HELPER(x)
456 +#endif
457 +
458 +static const ENGINE_CMD_DEFN devcrypto_cmds[] = {
459 +#ifdef CIOCGSESSINFO
460 + {DEVCRYPTO_CMD_USE_SOFTDRIVERS,
461 + "USE_SOFTDRIVERS",
462 + "specifies whether to use software (not accelerated) drivers ("
463 + OPENSSL_MSTR(DEVCRYPTO_REQUIRE_ACCELERATED) "=use only accelerated drivers, "
464 + OPENSSL_MSTR(DEVCRYPTO_USE_SOFTWARE) "=allow all drivers, "
465 + OPENSSL_MSTR(DEVCRYPTO_REJECT_SOFTWARE)
466 + "=use if acceleration can't be determined) [default="
467 + OPENSSL_MSTR(DEVCRYPTO_DEFAULT_USE_SOFDTRIVERS) "]",
468 + ENGINE_CMD_FLAG_NUMERIC},
469 +#endif
470 +
471 + {DEVCRYPTO_CMD_CIPHERS,
472 + "CIPHERS",
473 + "either ALL, NONE, or a comma-separated list of ciphers to enable [default=ALL]",
474 + ENGINE_CMD_FLAG_STRING},
475 +
476 +#ifdef IMPLEMENT_DIGEST
477 + {DEVCRYPTO_CMD_DIGESTS,
478 + "DIGESTS",
479 + "either ALL, NONE, or a comma-separated list of digests to enable [default=ALL]",
480 + ENGINE_CMD_FLAG_STRING},
481 #endif
482
483 + {0, NULL, NULL, 0}
484 +};
485 +
486 +static int devcrypto_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
487 +{
488 + int *new_list;
489 + switch (cmd) {
490 +#ifdef CIOCGSESSINFO
491 + case DEVCRYPTO_CMD_USE_SOFTDRIVERS:
492 + switch (i) {
493 + case DEVCRYPTO_REQUIRE_ACCELERATED:
494 + case DEVCRYPTO_USE_SOFTWARE:
495 + case DEVCRYPTO_REJECT_SOFTWARE:
496 + break;
497 + default:
498 + fprintf(stderr, "devcrypto: invalid value (%ld) for USE_SOFTDRIVERS\n", i);
499 + return 0;
500 + }
501 + if (use_softdrivers == i)
502 + return 1;
503 + use_softdrivers = i;
504 +#ifdef IMPLEMENT_DIGEST
505 + rebuild_known_digest_nids(e);
506 +#endif
507 + rebuild_known_cipher_nids(e);
508 + return 1;
509 +#endif /* CIOCGSESSINFO */
510 +
511 + case DEVCRYPTO_CMD_CIPHERS:
512 + if (p == NULL)
513 + return 1;
514 + if (strcasecmp((const char *)p, "ALL") == 0) {
515 + devcrypto_select_all_ciphers(selected_ciphers);
516 + } else if (strcasecmp((const char*)p, "NONE") == 0) {
517 + memset(selected_ciphers, 0, sizeof(selected_ciphers));
518 + } else {
519 + new_list=OPENSSL_zalloc(sizeof(selected_ciphers));
520 + if (!CONF_parse_list(p, ',', 1, cryptodev_select_cipher_cb, new_list)) {
521 + OPENSSL_free(new_list);
522 + return 0;
523 + }
524 + memcpy(selected_ciphers, new_list, sizeof(selected_ciphers));
525 + OPENSSL_free(new_list);
526 + }
527 + rebuild_known_cipher_nids(e);
528 + return 1;
529 +
530 +#ifdef IMPLEMENT_DIGEST
531 + case DEVCRYPTO_CMD_DIGESTS:
532 + if (p == NULL)
533 + return 1;
534 + if (strcasecmp((const char *)p, "ALL") == 0) {
535 + devcrypto_select_all_digests(selected_digests);
536 + } else if (strcasecmp((const char*)p, "NONE") == 0) {
537 + memset(selected_digests, 0, sizeof(selected_digests));
538 + } else {
539 + new_list=OPENSSL_zalloc(sizeof(selected_digests));
540 + if (!CONF_parse_list(p, ',', 1, cryptodev_select_digest_cb, new_list)) {
541 + OPENSSL_free(new_list);
542 + return 0;
543 + }
544 + memcpy(selected_digests, new_list, sizeof(selected_digests));
545 + OPENSSL_free(new_list);
546 + }
547 + rebuild_known_digest_nids(e);
548 + return 1;
549 +#endif /* IMPLEMENT_DIGEST */
550 +
551 + default:
552 + break;
553 + }
554 + return 0;
555 +}
556 +
557 /******************************************************************************
558 *
559 * LOAD / UNLOAD
560 @@ -806,6 +1122,8 @@ void engine_load_devcrypto_int()
561
562 if (!ENGINE_set_id(e, "devcrypto")
563 || !ENGINE_set_name(e, "/dev/crypto engine")
564 + || !ENGINE_set_cmd_defns(e, devcrypto_cmds)
565 + || !ENGINE_set_ctrl_function(e, devcrypto_ctrl)
566
567 /*
568 * Asymmetric ciphers aren't well supported with /dev/crypto. Among the BSD
Staging tree of Christian Lamparter