mirror of
https://github.com/nodejs/node.git
synced 2024-11-30 15:30:56 +01:00
crypto: introduce .setEngine(engine, [flags])
This commit is contained in:
parent
a40b463674
commit
92b6417098
19
deps/openssl/openssl.gyp
vendored
19
deps/openssl/openssl.gyp
vendored
@ -928,7 +928,15 @@
|
||||
'-lgdi32.lib',
|
||||
'-luser32.lib',
|
||||
]
|
||||
}
|
||||
},
|
||||
'defines': [
|
||||
'DSO_WIN32',
|
||||
],
|
||||
}, {
|
||||
'defines': [
|
||||
'DSO_DLFCN',
|
||||
'HAVE_DLFCN_H'
|
||||
],
|
||||
}],
|
||||
['target_arch=="arm"', {
|
||||
'sources': ['openssl/crypto/armcap.c'],
|
||||
@ -1028,7 +1036,14 @@
|
||||
'-luser32.lib',
|
||||
],
|
||||
},
|
||||
}]
|
||||
}],
|
||||
[ 'OS in "linux android"', {
|
||||
'link_settings': {
|
||||
'libraries': [
|
||||
'-ldl',
|
||||
],
|
||||
},
|
||||
}],
|
||||
]
|
||||
}
|
||||
],
|
||||
|
@ -12,6 +12,30 @@ It also offers a set of wrappers for OpenSSL's hash, hmac, cipher,
|
||||
decipher, sign and verify methods.
|
||||
|
||||
|
||||
## crypto.setEngine(engine, [flags])
|
||||
|
||||
Load and set engine for some/all OpenSSL functions (selected by flags).
|
||||
|
||||
`engine` could be either an id or a path to the to the engine's shared library.
|
||||
|
||||
`flags` is optional and has `ENGINE_METHOD_ALL` value by default. It could take
|
||||
one of or mix of following flags (defined in `constants` module):
|
||||
|
||||
* `ENGINE_METHOD_RSA`
|
||||
* `ENGINE_METHOD_DSA`
|
||||
* `ENGINE_METHOD_DH`
|
||||
* `ENGINE_METHOD_RAND`
|
||||
* `ENGINE_METHOD_ECDH`
|
||||
* `ENGINE_METHOD_ECDSA`
|
||||
* `ENGINE_METHOD_CIPHERS`
|
||||
* `ENGINE_METHOD_DIGESTS`
|
||||
* `ENGINE_METHOD_STORE`
|
||||
* `ENGINE_METHOD_PKEY_METH`
|
||||
* `ENGINE_METHOD_PKEY_ASN1_METH`
|
||||
* `ENGINE_METHOD_ALL`
|
||||
* `ENGINE_METHOD_NONE`
|
||||
|
||||
|
||||
## crypto.getCiphers()
|
||||
|
||||
Returns an array with the names of the supported ciphers.
|
||||
|
@ -35,6 +35,7 @@ try {
|
||||
throw new Error('node.js not compiled with openssl crypto support.');
|
||||
}
|
||||
|
||||
var constants = require('constants');
|
||||
var stream = require('stream');
|
||||
var util = require('util');
|
||||
|
||||
@ -621,6 +622,21 @@ Certificate.prototype.exportChallenge = function(object, encoding) {
|
||||
};
|
||||
|
||||
|
||||
exports.setEngine = function setEngine(id, flags) {
|
||||
if (!util.isString(id))
|
||||
throw new TypeError('id should be a string');
|
||||
|
||||
if (flags && !util.isNumber(flags))
|
||||
throw new TypeError('flags should be a number, if present');
|
||||
flags = flags >>> 0;
|
||||
|
||||
// Use provided engine for everything by default
|
||||
if (flags === 0)
|
||||
flags = constants.ENGINE_METHOD_ALL;
|
||||
|
||||
return binding.setEngine(id, flags);
|
||||
};
|
||||
|
||||
exports.randomBytes = randomBytes;
|
||||
exports.pseudoRandomBytes = pseudoRandomBytes;
|
||||
|
||||
|
@ -34,6 +34,9 @@
|
||||
|
||||
#if HAVE_OPENSSL
|
||||
# include <openssl/ssl.h>
|
||||
# ifndef OPENSSL_NO_ENGINE
|
||||
# include <openssl/engine.h>
|
||||
# endif // !OPENSSL_NO_ENGINE
|
||||
#endif
|
||||
|
||||
namespace node {
|
||||
@ -875,6 +878,58 @@ void DefineOpenSSLConstants(Handle<Object> target) {
|
||||
NODE_DEFINE_CONSTANT(target, SSL_OP_TLS_ROLLBACK_BUG);
|
||||
#endif
|
||||
|
||||
# ifndef OPENSSL_NO_ENGINE
|
||||
|
||||
# ifdef ENGINE_METHOD_DSA
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_DSA);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_DH
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_DH);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_RAND
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_RAND);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_ECDH
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_ECDH);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_ECDSA
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_ECDSA);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_CIPHERS
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_CIPHERS);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_DIGESTS
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_DIGESTS);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_STORE
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_STORE);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_PKEY_METHS
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_PKEY_METHS);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_PKEY_ASN1_METHS
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_PKEY_ASN1_METHS);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_ALL
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_ALL);
|
||||
# endif
|
||||
|
||||
# ifdef ENGINE_METHOD_NONE
|
||||
NODE_DEFINE_CONSTANT(target, ENGINE_METHOD_NONE);
|
||||
# endif
|
||||
|
||||
# endif // !OPENSSL_NO_ENGINE
|
||||
|
||||
#ifdef OPENSSL_NPN_NEGOTIATED
|
||||
#define NPN_ENABLED 1
|
||||
NODE_DEFINE_CONSTANT(target, NPN_ENABLED);
|
||||
|
@ -4069,9 +4069,56 @@ void InitCryptoOnce() {
|
||||
sk_SSL_COMP_zero(comp_methods);
|
||||
assert(sk_SSL_COMP_num(comp_methods) == 0);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
ERR_load_ENGINE_strings();
|
||||
ENGINE_load_builtin_engines();
|
||||
#endif // !OPENSSL_NO_ENGINE
|
||||
}
|
||||
|
||||
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
void SetEngine(const FunctionCallbackInfo<Value>& args) {
|
||||
CHECK(args.Length() >= 2 && args[0]->IsString());
|
||||
unsigned int flags = args[1]->Uint32Value();
|
||||
|
||||
ClearErrorOnReturn clear_error_on_return;
|
||||
(void) &clear_error_on_return; // Silence compiler warning.
|
||||
|
||||
const String::Utf8Value engine_id(args[0]);
|
||||
ENGINE* engine = ENGINE_by_id(*engine_id);
|
||||
|
||||
// Engine not found, try loading dynamically
|
||||
if (engine == NULL) {
|
||||
engine = ENGINE_by_id("dynamic");
|
||||
if (engine != NULL) {
|
||||
if (!ENGINE_ctrl_cmd_string(engine, "SO_PATH", *engine_id, 0) ||
|
||||
!ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0)) {
|
||||
ENGINE_free(engine);
|
||||
engine = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (engine == NULL) {
|
||||
int err = ERR_get_error();
|
||||
if (err == 0) {
|
||||
char tmp[1024];
|
||||
snprintf(tmp, sizeof(tmp), "Engine \"%s\" was not found", *engine_id);
|
||||
return ThrowError(tmp);
|
||||
} else {
|
||||
return ThrowCryptoError(err);
|
||||
}
|
||||
}
|
||||
|
||||
int r = ENGINE_set_default(engine, flags);
|
||||
ENGINE_free(engine);
|
||||
if (r == 0)
|
||||
return ThrowCryptoError(ERR_get_error());
|
||||
}
|
||||
#endif // !OPENSSL_NO_ENGINE
|
||||
|
||||
|
||||
// FIXME(bnoordhuis) Handle global init correctly.
|
||||
void InitCrypto(Handle<Object> target,
|
||||
Handle<Value> unused,
|
||||
@ -4090,6 +4137,9 @@ void InitCrypto(Handle<Object> target,
|
||||
Verify::Initialize(env, target);
|
||||
Certificate::Initialize(target);
|
||||
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
NODE_SET_METHOD(target, "setEngine", SetEngine);
|
||||
#endif // !OPENSSL_NO_ENGINE
|
||||
NODE_SET_METHOD(target, "PBKDF2", PBKDF2);
|
||||
NODE_SET_METHOD(target, "randomBytes", RandomBytes<false>);
|
||||
NODE_SET_METHOD(target, "pseudoRandomBytes", RandomBytes<true>);
|
||||
|
@ -39,6 +39,9 @@
|
||||
#include "v8.h"
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
# include <openssl/engine.h>
|
||||
#endif // !OPENSSL_NO_ENGINE
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/pem.h>
|
||||
@ -574,6 +577,9 @@ class Certificate : public AsyncWrap {
|
||||
};
|
||||
|
||||
bool EntropySource(unsigned char* buffer, size_t length);
|
||||
#ifndef OPENSSL_NO_ENGINE
|
||||
void SetEngine(const v8::FunctionCallbackInfo<v8::Value>& args);
|
||||
#endif // !OPENSSL_NO_ENGINE
|
||||
void InitCrypto(v8::Handle<v8::Object> target);
|
||||
|
||||
} // namespace crypto
|
||||
|
Loading…
Reference in New Issue
Block a user