/* openssl/engine.h *//* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. *//* ==================================================================== * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright *    notice, this list of conditions and the following disclaimer.  * * 2. Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in *    the documentation and/or other materials provided with the *    distribution. * * 3. All advertising materials mentioning features or use of this *    software must display the following acknowledgment: *    "This product includes software developed by the OpenSSL Project *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to *    endorse or promote products derived from this software without *    prior written permission. For written permission, please contact *    licensing@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" *    nor may "OpenSSL" appear in their names without prior written *    permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following *    acknowledgment: *    "This product includes software developed by the OpenSSL Project *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com).  This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * *//* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * ECDH support in OpenSSL originally developed by  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */#ifndef HEADER_ENGINE_H#define HEADER_ENGINE_H#include <openssl/opensslconf.h>#ifdef OPENSSL_NO_ENGINE#error ENGINE is disabled.#endif#ifndef OPENSSL_NO_DEPRECATED#include <openssl/bn.h>#ifndef OPENSSL_NO_RSA#include <openssl/rsa.h>#endif#ifndef OPENSSL_NO_DSA#include <openssl/dsa.h>#endif#ifndef OPENSSL_NO_DH#include <openssl/dh.h>#endif#ifndef OPENSSL_NO_ECDH#include <openssl/ecdh.h>#endif#ifndef OPENSSL_NO_ECDSA#include <openssl/ecdsa.h>#endif#include <openssl/rand.h>#include <openssl/store.h>#include <openssl/ui.h>#include <openssl/err.h>#endif#include <openssl/ossl_typ.h>#include <openssl/symhacks.h>#ifdef  __cplusplusextern "C" {#endif/* These flags are used to control combinations of algorithm (methods) * by bitwise "OR"ing. */#define ENGINE_METHOD_RSA		(unsigned int)0x0001#define ENGINE_METHOD_DSA		(unsigned int)0x0002#define ENGINE_METHOD_DH		(unsigned int)0x0004#define ENGINE_METHOD_RAND		(unsigned int)0x0008#define ENGINE_METHOD_ECDH		(unsigned int)0x0010#define ENGINE_METHOD_ECDSA		(unsigned int)0x0020#define ENGINE_METHOD_CIPHERS		(unsigned int)0x0040#define ENGINE_METHOD_DIGESTS		(unsigned int)0x0080#define ENGINE_METHOD_STORE		(unsigned int)0x0100/* Obvious all-or-nothing cases. */#define ENGINE_METHOD_ALL		(unsigned int)0xFFFF#define ENGINE_METHOD_NONE		(unsigned int)0x0000/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used * internally to control registration of ENGINE implementations, and can be set * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to * initialise registered ENGINEs if they are not already initialised. */#define ENGINE_TABLE_FLAG_NOINIT	(unsigned int)0x0001/* ENGINE flags that can be set by ENGINE_set_flags(). *//* #define ENGINE_FLAGS_MALLOCED	0x0001 */ /* Not used *//* This flag is for ENGINEs that wish to handle the various 'CMD'-related * control commands on their own. Without this flag, ENGINE_ctrl() handles these * control commands on behalf of the ENGINE using their "cmd_defns" data. */#define ENGINE_FLAGS_MANUAL_CMD_CTRL	(int)0x0002/* This flag is for ENGINEs who return new duplicate structures when found via * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl() * commands are called in sequence as part of some stateful process like * key-generation setup and execution), it can set this flag - then each attempt * to obtain the ENGINE will result in it being copied into a new structure. * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments * the existing ENGINE's structural reference count. */#define ENGINE_FLAGS_BY_ID_COPY		(int)0x0004/* ENGINEs can support their own command types, and these flags are used in * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each * command expects. Currently only numeric and string input is supported. If a * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options, * then it is regarded as an "internal" control command - and not for use in * config setting situations. As such, they're not available to the * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to * this list of 'command types' should be reflected carefully in * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). *//* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */#define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to * ENGINE_ctrl) */#define ENGINE_CMD_FLAG_STRING		(unsigned int)0x0002/* Indicates that the control command takes *no* input. Ie. the control command * is unparameterised. */#define ENGINE_CMD_FLAG_NO_INPUT	(unsigned int)0x0004/* Indicates that the control command is internal. This control command won't * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() * function. */#define ENGINE_CMD_FLAG_INTERNAL	(unsigned int)0x0008/* NB: These 3 control commands are deprecated and should not be used. ENGINEs * relying on these commands should compile conditional support for * compatibility (eg. if these symbols are defined) but should also migrate the * same functionality to their own ENGINE-specific control functions that can be * "discovered" by calling applications. The fact these control commands * wouldn't be "executable" (ie. usable by text-based config) doesn't change the * fact that application code can find and use them without requiring per-ENGINE * hacking. *//* These flags are used to tell the ctrl function what should be done. * All command numbers are shared between all engines, even if some don't * make sense to some engines.  In such a case, they do nothing but return * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */#define ENGINE_CTRL_SET_LOGSTREAM		1#define ENGINE_CTRL_SET_PASSWORD_CALLBACK	2#define ENGINE_CTRL_HUP				3 /* Close and reinitialise any						     handles/connections etc. */#define ENGINE_CTRL_SET_USER_INTERFACE          4 /* Alternative to callback */#define ENGINE_CTRL_SET_CALLBACK_DATA           5 /* User-specific data, used						     when calling the password						     callback and the user						     interface */#define ENGINE_CTRL_LOAD_CONFIGURATION		6 /* Load a configuration, given						     a string that represents a						     file name or so */#define ENGINE_CTRL_LOAD_SECTION		7 /* Load data from a given						     section in the already loaded						     configuration *//* These control commands allow an application to deal with an arbitrary engine * in a dynamic way. Warn: Negative return values indicate errors FOR THESE * COMMANDS because zero is used to indicate 'end-of-list'. Other commands, * including ENGINE-specific command types, return zero for an error. * * An ENGINE can choose to implement these ctrl functions, and can internally * manage things however it chooses - it does so by setting the * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl() * handler need only implement its own commands - the above "meta" commands will * be taken care of. *//* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then * all the remaining control commands will return failure, so it is worth * checking this first if the caller is trying to "discover" the engine's * capabilities and doesn't want errors generated unnecessarily. */#define ENGINE_CTRL_HAS_CTRL_FUNCTION		10/* Returns a positive command number for the first command supported by the * engine. Returns zero if no ctrl commands are supported. */#define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11/* The 'long' argument specifies a command implemented by the engine, and the * return value is the next command supported, or zero if there are no more. */#define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12/* The 'void*' argument is a command name (cast from 'const char *'), and the * return value is the command that corresponds to it. */#define ENGINE_CTRL_GET_CMD_FROM_NAME		13/* The next two allow a command to be converted into its corresponding string * form. In each case, the 'long' argument supplies the command. In the NAME_LEN * case, the return value is the length of the command name (not counting a * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer * large enough, and it will be populated with the name of the command (WITH a * trailing EOL). */#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14#define ENGINE_CTRL_GET_NAME_FROM_CMD		15/* The next two are similar but give a "short description" of a command. */#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16#define ENGINE_CTRL_GET_DESC_FROM_CMD		17/* With this command, the return value is the OR'd combination of * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given * engine-specific ctrl command expects. */#define ENGINE_CTRL_GET_CMD_FLAGS		18/* ENGINE implementations should start the numbering of their own control * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */#define ENGINE_CMD_BASE				200/* NB: These 2 nCipher "chil" control commands are deprecated, and their * functionality is now available through ENGINE-specific control commands * (exposed through the above-mentioned 'CMD'-handling). Code using these 2 * commands should be migrated to the more general command handling before these * are removed. *//* Flags specific to the nCipher "chil" engine */#define ENGINE_CTRL_CHIL_SET_FORKCHECK		100	/* Depending on the value of the (long)i argument, this sets or	 * unsets the SimpleForkCheck flag in the CHIL API to enable or	 * disable checking and workarounds for applications that fork().	 */#define ENGINE_CTRL_CHIL_NO_LOCKING		101	/* This prevents the initialisation function from providing mutex	 * callbacks to the nCipher library. *//* If an ENGINE supports its own specific control commands and wishes the * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that * supports the stated commands (ie. the "cmd_num" entries as described by the * array). NB: The array must be ordered in increasing order of cmd_num. * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set