commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1167041 - in /commons/sandbox/runtime/trunk/src/main: java/org/apache/commons/runtime/ssl/Random.java native/modules/openssl/api.c native/modules/openssl/rand.c
Date Fri, 09 Sep 2011 08:36:08 GMT
Author: mturk
Date: Fri Sep  9 08:36:07 2011
New Revision: 1167041

URL: http://svn.apache.org/viewvc?rev=1167041&view=rev
Log:
Make all engine code optional on load time

Modified:
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java?rev=1167041&r1=1167040&r2=1167041&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
Fri Sep  9 08:36:07 2011
@@ -21,6 +21,7 @@ import org.apache.commons.runtime.Status
 import org.apache.commons.runtime.SystemException;
 
 import java.io.File;
+import java.nio.ByteBuffer;
 
 /**
  * Random number gererator
@@ -30,6 +31,7 @@ public final class Random
 
     private byte buf[];
     private int  pos;
+    private int  siz;
 
     /**
      * Creates a new random number generator.
@@ -38,6 +40,7 @@ public final class Random
     {
         buf = new byte[1024];
         pos = 0;
+        siz = 0;
     }
 
     private static native boolean       seed0(String path);
@@ -46,6 +49,10 @@ public final class Random
     private static native String        getdef0();
     private static native void          setdef0(String path);
 
+    private static native int           bytes0(byte[] b, int off, int len);
+    private static native int           bytes1(ByteBuffer b, int off, int len);
+    private static native boolean       seteng0(long ep);
+    
     public static boolean seed(String path)
     {
         return seed0(path);
@@ -57,6 +64,7 @@ public final class Random
     }
 
     private static boolean seed(byte[] b, int off, int len)
+        throws IndexOutOfBoundsException
     {
         if (off < 0 || off + len > b.length)
             throw new IndexOutOfBoundsException();
@@ -81,6 +89,66 @@ public final class Random
         return new File(path);
     }
 
+    public void nextBytes(byte[] bytes, int off, int len)
+        throws IndexOutOfBoundsException
+    {
+        if (off < 0 || off + len > bytes.length)
+            throw new IndexOutOfBoundsException();
+        synchronized(buf) {
+            if (siz > 0) {
+                int n = siz > len ? len : pos;
+                System.arraycopy(buf, pos, bytes, off, n);
+                off += n;
+                len -= n;
+                pos += n;
+                siz -= n;
+            }
+        }
+        if (len > 0)
+            bytes0(bytes, off, len);
+    }
+
+    public void nextBytes(byte[] bytes)
+        throws IndexOutOfBoundsException
+    {
+        nextBytes(bytes, 0, bytes.length);
+    }
+
+    public void nextBytes(ByteBuffer buffer)
+        throws NullPointerException
+    {
+        if (buffer == null)
+            throw new NullPointerException();
+        synchronized(buf) {
+            if (siz > 0) {
+                int s = buffer.remaining();
+                int n = siz > s ? s : pos;
+                buffer.put(buf, pos, n);
+                pos += n;
+                siz -= n;
+            }
+        }
+        if (buffer.remaining() > 0)
+            bytes1(buffer, buffer.position(), buffer.remaining());
+    }
+
+    public byte nextByte()
+    {
+        synchronized(buf) {
+            if (siz == 0) {
+                bytes0(buf, 0, buf.length);
+                pos = 0;
+                siz = buf.length;
+            }
+            siz--;
+            return buf[pos++];
+        }
+    }
 
+    public boolean setEngine(Engine e)
+    {
+        // TODO: Throw error if fails
+        return seteng0(((NativePointer)e).pointer);
+    }
 }
 

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c?rev=1167041&r1=1167040&r2=1167041&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c Fri Sep  9 08:36:07
2011
@@ -107,17 +107,6 @@ struct SSLAPIst {
     DH*                 (*fpDH_new)(void);
     void                (*fpDH_free)(DH *dh);
 
-    /*** ENGINE   ***/
-    ENGINE*             (*fpENGINE_by_id)(const char *);
-    int                 (*fpENGINE_ctrl)(ENGINE *, int, long, void *, void (*)(void));
-    int                 (*fpENGINE_ctrl_cmd)(ENGINE *, const char *, long, void *, void (*)(void),
int);
-    int                 (*fpENGINE_ctrl_cmd_string)(ENGINE *, const char *, const char *,
int);
-    
-    int                 (*fpENGINE_free)(ENGINE *);
-    void                (*fpENGINE_load_builtin_engines)(void);
-    int                 (*fpENGINE_register_all_complete)(void);
-    int                 (*fpENGINE_set_default)(ENGINE *, unsigned int);
-
     /*** ERR      ***/
     void                (*fpERR_error_string_n)(unsigned long, char *, size_t);
     unsigned long       (*fpERR_get_error)(void);
@@ -137,6 +126,7 @@ struct SSLAPIst {
     X509*               (*fpPEM_read_bio_X509)(BIO *, X509 **, pem_password_cb *, void *);
 
     /*** RAND     ***/
+    int                 (*fpRAND_bytes)(unsigned char *, int);
     int                 (*fpRAND_egd)(const char *);
     const char*         (*fpRAND_file_name)(char *, size_t);
     int                 (*fpRAND_load_file)(const char *, long);
@@ -161,6 +151,10 @@ struct SSLAPIst {
     /*** X509     ***/
     void                (*fpX509_free)(X509 *);
     void                (*fpNULL)(void);
+
+    /*** _STACK   ***/
+    void                (*fpsk_pop_free)(_STACK *, void (*)(void *));
+    
 };
 
 struct SSLOPTst {
@@ -171,6 +165,21 @@ struct SSLOPTst {
 #if HAVE_OCSP
 
 #endif
+#ifndef OPENSSL_NO_ENGINE
+    /*** ENGINE   ***/
+    ENGINE*             (*fpENGINE_by_id)(const char *);
+    int                 (*fpENGINE_ctrl)(ENGINE *, int, long, void *, void (*)(void));
+    int                 (*fpENGINE_ctrl_cmd)(ENGINE *, const char *, long, void *, void (*)(void),
int);
+    int                 (*fpENGINE_ctrl_cmd_string)(ENGINE *, const char *, const char *,
int);
+
+    int                 (*fpENGINE_free)(ENGINE *);
+    void                (*fpENGINE_load_builtin_engines)(void);
+    int                 (*fpENGINE_register_all_complete)(void);
+    int                 (*fpENGINE_set_default)(ENGINE *, unsigned int);
+
+    /*** RAND     ***/
+    int                 (*fpRAND_set_rand_engine)(ENGINE *);
+#endif    
     void                (*fpNULL)(void);
 };
 
@@ -238,16 +247,6 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     CRYPTO_FPLOAD(DH_new);
     CRYPTO_FPLOAD(DH_free);
 
-    /*** ENGINE   ***/
-    CRYPTO_FPLOAD(ENGINE_by_id);
-    CRYPTO_FPLOAD(ENGINE_ctrl);
-    CRYPTO_FPLOAD(ENGINE_ctrl_cmd);
-    CRYPTO_FPLOAD(ENGINE_ctrl_cmd_string);
-    CRYPTO_FPLOAD(ENGINE_free);
-    CRYPTO_FPLOAD(ENGINE_load_builtin_engines);
-    CRYPTO_FPLOAD(ENGINE_register_all_complete);
-    CRYPTO_FPLOAD(ENGINE_set_default);
-
     /*** ERR      ***/
     CRYPTO_FPLOAD(ERR_error_string_n);
     CRYPTO_FPLOAD(ERR_get_error);
@@ -267,6 +266,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     CRYPTO_FPLOAD(PEM_read_bio_X509);
 
     /*** RAND     ***/
+    CRYPTO_FPLOAD(RAND_bytes);
     CRYPTO_FPLOAD(RAND_egd);
     CRYPTO_FPLOAD(RAND_file_name);
     CRYPTO_FPLOAD(RAND_load_file);
@@ -279,6 +279,9 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     /*** X509     ***/
     CRYPTO_FPLOAD(X509_free);
 
+    /*** _STACK   ***/
+    CRYPTO_FPLOAD(sk_pop_free);
+    
     /* Optional functions
      * We could compile with the HAVE_FIPS, but target OpenSSL might not
      * have FIPS support for example.
@@ -288,6 +291,18 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     LIBSSL_LDDOPT(FIPS_mode_set);
 #endif
 
+#ifndef OPENSSL_NO_ENGINE
+    /*** ENGINE   ***/
+    CRYPTO_LDDOPT(ENGINE_by_id);
+    CRYPTO_LDDOPT(ENGINE_ctrl);
+    CRYPTO_LDDOPT(ENGINE_ctrl_cmd);
+    CRYPTO_LDDOPT(ENGINE_ctrl_cmd_string);
+    CRYPTO_LDDOPT(ENGINE_free);
+    CRYPTO_LDDOPT(ENGINE_load_builtin_engines);
+    CRYPTO_LDDOPT(ENGINE_register_all_complete);
+    CRYPTO_LDDOPT(ENGINE_set_default);
+    CRYPTO_LDDOPT(RAND_set_rand_engine);
+#endif    
     return JNI_TRUE;
 failed:
     AcrThrowEx(env, ACR_EX_ENOENT, "Cannot find %s::%s()", dname, fname);
@@ -394,48 +409,81 @@ void  DH_free(DH *dh)
     SSLAPI_CALL(DH_free)(dh);
 }
 
+#ifndef OPENSSL_NO_ENGINE
 ENGINE *ENGINE_by_id(const char *id)
 {
-    return SSLAPI_CALL(ENGINE_by_id)(id);
+    if (SSLOPT_HAVE(ENGINE_by_id))
+        return SSLOPT_CALL(ENGINE_by_id)(id);
+    else
+        return 0;
 }
 
 int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
 {
-    return SSLAPI_CALL(ENGINE_ctrl)(e, cmd, i, p, f);
+    if (SSLOPT_HAVE(ENGINE_ctrl))
+        return SSLOPT_CALL(ENGINE_ctrl)(e, cmd, i, p, f);
+    else
+        return 0;
 }
 
 int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
         long i, void *p, void (*f)(void), int cmd_optional)
 {
-    return SSLAPI_CALL(ENGINE_ctrl_cmd)(e, cmd_name, i, p, f, cmd_optional);
+    if (SSLOPT_HAVE(ENGINE_ctrl_cmd))
+        return SSLOPT_CALL(ENGINE_ctrl_cmd)(e, cmd_name, i, p, f, cmd_optional);
+    else
+        return 0;
 }
 
 int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
                            int cmd_optional)
 {
-    return SSLAPI_CALL(ENGINE_ctrl_cmd_string)(e, cmd_name, arg, cmd_optional);
+    if (SSLOPT_HAVE(ENGINE_ctrl_cmd_string))
+        return SSLOPT_CALL(ENGINE_ctrl_cmd_string)(e, cmd_name, arg, cmd_optional);
+    else
+        return 0;
 }
 
 int ENGINE_free(ENGINE *e)
 {
-    return SSLAPI_CALL(ENGINE_free)(e);
+    if (SSLOPT_HAVE(ENGINE_free))
+        return SSLOPT_CALL(ENGINE_free)(e);
+    else
+        return 0;
 }
 
 void ENGINE_load_builtin_engines(void)
 {
-    SSLAPI_CALL(ENGINE_load_builtin_engines)();
+    if (SSLOPT_HAVE(ENGINE_load_builtin_engines))
+        SSLOPT_CALL(ENGINE_load_builtin_engines)();
 }
 
 int ENGINE_register_all_complete(void)
 {
-    return SSLAPI_CALL(ENGINE_register_all_complete)();
+    if (SSLOPT_HAVE(ENGINE_register_all_complete))
+        return SSLOPT_CALL(ENGINE_register_all_complete)();
+    else
+        return 0;
 }
 
 int ENGINE_set_default(ENGINE *e, unsigned int flags)
 {
-    return SSLAPI_CALL(ENGINE_set_default)(e, flags);
+    if (SSLOPT_HAVE(ENGINE_set_default))
+        return SSLOPT_CALL(ENGINE_set_default)(e, flags);
+    else
+        return 0;
 }
 
+int RAND_set_rand_engine(ENGINE *engine)
+{
+    if (SSLOPT_HAVE(RAND_set_rand_engine))
+        return SSLOPT_CALL(RAND_set_rand_engine)(engine);
+    else
+        return 0;
+}
+
+#endif  /* OPENSSL_NO_ENGINE */
+
 void ERR_error_string_n(unsigned long e, char *buf, size_t len)
 {
     return SSLAPI_CALL(ERR_error_string_n)(e, buf, len);
@@ -486,6 +534,11 @@ X509 *PEM_read_bio_X509(BIO *bp, X509 **
     return SSLAPI_CALL(PEM_read_bio_X509)(bp, x, cb, u);
 }
 
+int RAND_bytes(unsigned char *buf, int num)
+{
+    return SSLAPI_CALL(RAND_bytes)(buf, num);
+}
+
 int RAND_egd(const char *path)
 {
     return SSLAPI_CALL(RAND_egd)(path);
@@ -563,6 +616,11 @@ void X509_free(X509 *x)
     SSLAPI_CALL(X509_free)(x);
 }
 
+void sk_pop_free(_STACK *st, void (*func)(void *))
+{
+    SSLAPI_CALL(sk_pop_free)(st, func);
+}
+
 #if HAVE_FIPS
 int FIPS_mode(void)
 {
@@ -581,4 +639,9 @@ int FIPS_mode_set(int onoff)
 }
 
 #endif /* HAVE_FIPS */
+
+#ifndef OPENSSL_NO_ENGINE
+
+#endif /* HAVE_ENGINE */
+
 #endif /* HAVE_OPENSSL_STATIC */

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c?rev=1167041&r1=1167040&r2=1167041&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c Fri Sep  9 08:36:07
2011
@@ -127,10 +127,11 @@ ACR_SSL_EXPORT(jboolean, Random, seed2)(
     jboolean rv = JNI_FALSE;
     jbyte *sb = (*env)->GetPrimitiveArrayCritical(env, ba, 0);
 
-    if (sb) {
+    if (sb != 0) {
         RAND_seed(sb + off, len);
         if (RAND_status() > 0)
             rv = JNI_TRUE;
+        (*env)->ReleasePrimitiveArrayCritical(env, ba, sb, 0);
     }
     return rv;
 }
@@ -152,3 +153,39 @@ ACR_SSL_EXPORT(void, Random, setdef0)(JN
         strlcpy(ssl_global_rand_file, J2S(path), PATH_MAX);
     } DONE_WITH_STR(path);
 }
+
+ACR_SSL_EXPORT(jint, Random, bytes0)(JNI_STDARGS, jbyteArray ba,
+                                     jint off, jint len)
+{
+    jint rv = -1;
+    unsigned char *sb = (*env)->GetPrimitiveArrayCritical(env, ba, 0);
+
+    if (sb != 0) {
+        rv = RAND_bytes(sb + off, len);
+        (*env)->ReleasePrimitiveArrayCritical(env, ba, sb, 0);
+    }
+    return rv;
+}
+
+ACR_SSL_EXPORT(jint, Random, bytes1)(JNI_STDARGS, jobject bb,
+                                     jint off, jint len)
+{
+    jint rv = -1;
+    unsigned char *sb = (*env)->GetDirectBufferAddress(env, bb);
+
+    if (sb != 0) {
+        rv = RAND_bytes(sb + off, len);
+    }
+    return rv;
+}
+
+ACR_SSL_EXPORT(jboolean, Random, seteng0)(JNI_STDARGS, jlong ep)
+{
+    jboolean rv = JNI_FALSE;
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE *ee = J2P(ep, ENGINE*);
+    if (ee != 0 && RAND_set_rand_engine(ee))
+        rv = JNI_TRUE;
+#endif
+    return rv;
+}



Mime
View raw message