自学教程：C++ DH_OpenSSL函数代码示例

// Create the OpenSSL representation of the keyvoid OSSLDHPublicKey::createOSSLKey(){	if (dh != NULL) return;	dh = DH_new();	if (dh == NULL)	{		ERROR_MSG("Could not create DH object");		return;	}	// Use the OpenSSL implementation and not any engine#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)#ifdef WITH_FIPS	if (FIPS_mode())		DH_set_method(dh, FIPS_dh_openssl());	else		DH_set_method(dh, DH_OpenSSL());#else	DH_set_method(dh, DH_OpenSSL());#endif#else	DH_set_method(dh, DH_OpenSSL());#endif	BIGNUM* bn_p = OSSL::byteString2bn(p);	BIGNUM* bn_g = OSSL::byteString2bn(g);	BIGNUM* bn_pub_key = OSSL::byteString2bn(y);	DH_set0_pqg(dh, bn_p, NULL, bn_g);	DH_set0_key(dh, bn_pub_key, NULL);}

const DH_METHOD *DH_get_default_method(void)	{#ifndef OPERA_SMALL_VERSION	if(!default_DH_method)		default_DH_method = DH_OpenSSL();	return default_DH_method;#else	return DH_OpenSSL();#endif	}

const DH_METHOD *DH_get_default_method (void){    if (!default_DH_method)    {#ifdef OPENSSL_FIPS        if (FIPS_mode ())            return FIPS_dh_openssl ();        else            return DH_OpenSSL ();#else        default_DH_method = DH_OpenSSL ();#endif    }    return default_DH_method;}

const DH_METHOD *DH_get_default_method(void){	if (!default_DH_method)		default_DH_method = DH_OpenSSL();	return default_DH_method;}

DH *DH_new_method(void)	{	DH_METHOD *meth;	DH *ret;	ret=(DH *)rtlglue_malloc(sizeof(DH));	if (ret == NULL)		return(NULL);	ret->meth = DH_OpenSSL();	meth = ret->meth;	ret->pad=0;	ret->version=0;	ret->p=NULL;	ret->g=NULL;	ret->length=0;	ret->pub_key=NULL;	ret->priv_key=NULL;	ret->q=NULL;	ret->j=NULL;	ret->seed = NULL;	ret->seedlen = 0;	ret->counter = NULL;	ret->method_mont_p=NULL;	ret->references = 1;	ret->flags=meth->flags;	return(ret);	}

/* * This internal function is used by ENGINE_ubsec() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e){#  ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#  endif#  ifndef OPENSSL_NO_DH#   ifndef HAVE_UBSEC_DH    const DH_METHOD *meth3;#   endif                       /* HAVE_UBSEC_DH */#  endif    if (!ENGINE_set_id(e, engine_ubsec_id) ||        !ENGINE_set_name(e, engine_ubsec_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &ubsec_rsa) ||#  endif#  ifndef OPENSSL_NO_DSA        !ENGINE_set_DSA(e, &ubsec_dsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &ubsec_dh) ||#  endif        !ENGINE_set_destroy_function(e, ubsec_destroy) ||        !ENGINE_set_init_function(e, ubsec_init) ||        !ENGINE_set_finish_function(e, ubsec_finish) ||        !ENGINE_set_ctrl_function(e, ubsec_ctrl) ||        !ENGINE_set_cmd_defns(e, ubsec_cmd_defns))        return 0;#  ifndef OPENSSL_NO_RSA    /*     * We know that the "PKCS1_OpenSSL()" functions hook properly to the     * Broadcom-specific mod_exp and mod_exp_crt so we use those functions.     * NB: We don't use ENGINE_openssl() or anything "more generic" because     * something like the RSAref code may not hook properly, and if you own     * one of these cards then you have the right to do RSA operations on it     * anyway!     */    meth1 = RSA_PKCS1_OpenSSL();    ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;    ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;    ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#  endif#  ifndef OPENSSL_NO_DH#   ifndef HAVE_UBSEC_DH    /* Much the same for Diffie-Hellman */    meth3 = DH_OpenSSL();    ubsec_dh.generate_key = meth3->generate_key;    ubsec_dh.compute_key = meth3->compute_key;#   endif                       /* HAVE_UBSEC_DH */#  endif    /* Ensure the ubsec error handling is set up */    ERR_load_UBSEC_strings();    return 1;}

static intcryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh){	struct crypt_kop kop;	int dhret = 1;	int fd, keylen;	if ((fd = get_asym_dev_crypto()) < 0) {		const DH_METHOD *meth = DH_OpenSSL();		return ((meth->compute_key)(key, pub_key, dh));	}	keylen = BN_num_bits(dh->p);	memset(&kop, 0, sizeof kop);	kop.crk_op = CRK_DH_COMPUTE_KEY;	/* inputs: dh->priv_key pub_key dh->p key */	if (bn2crparam(dh->priv_key, &kop.crk_param[0]))		goto err;	if (bn2crparam(pub_key, &kop.crk_param[1]))		goto err;	if (bn2crparam(dh->p, &kop.crk_param[2]))		goto err;	kop.crk_iparams = 3;	kop.crk_param[3].crp_p = key;	kop.crk_param[3].crp_nbits = keylen * 8;	kop.crk_oparams = 1;	if (ioctl(fd, CIOCKEY, &kop) == -1) {		const DH_METHOD *meth = DH_OpenSSL();		dhret = (meth->compute_key)(key, pub_key, dh);	}err:	kop.crk_param[3].crp_p = NULL;	zapparams(&kop);	return (dhret);}

DH *FIPS_dh_new(void)	{	DH *ret;	ret = OPENSSL_malloc(sizeof(DH));	if (!ret)		return NULL;	memset(ret, 0, sizeof(DH));	ret->meth = DH_OpenSSL();	if (ret->meth->init)		ret->meth->init(ret);	return ret;	}

/* * This internal function is used by ENGINE_chil() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e){#  ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#  endif#  ifndef OPENSSL_NO_DH    const DH_METHOD *meth2;#  endif    if (!ENGINE_set_id(e, engine_hwcrhk_id) ||        !ENGINE_set_name(e, engine_hwcrhk_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &hwcrhk_rsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &hwcrhk_dh) ||#  endif        !ENGINE_set_RAND(e, &hwcrhk_rand) ||        !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||        !ENGINE_set_init_function(e, hwcrhk_init) ||        !ENGINE_set_finish_function(e, hwcrhk_finish) ||        !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||        !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||        !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||        !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))        return 0;#  ifndef OPENSSL_NO_RSA    /*     * We know that the "PKCS1_SSLeay()" functions hook properly to the     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:     * We don't use ENGINE_openssl() or anything "more generic" because     * something like the RSAref code may not hook properly, and if you own     * one of these cards then you have the right to do RSA operations on it     * anyway!     */    meth1 = RSA_PKCS1_SSLeay();    hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;    hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;    hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#  endif#  ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth2 = DH_OpenSSL();    hwcrhk_dh.generate_key = meth2->generate_key;    hwcrhk_dh.compute_key = meth2->compute_key;#  endif    /* Ensure the hwcrhk error handling is set up */    ERR_load_HWCRHK_strings();    return 1;}

static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh)        {        int      ret      = -1,                 k_len,                 fd;        k_len = BN_num_bits(dh->p);        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)                {                const DH_METHOD *meth;                UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_UNIT_FAILURE);                meth = DH_OpenSSL();                ret = meth->compute_key(key, pub_key, dh);                goto err;                }        if (p_UBSEC_diffie_hellman_agree_ioctl(fd,                                               (unsigned char *)dh->priv_key->d, BN_num_bits(dh->priv_key),                                               (unsigned char *)pub_key->d, BN_num_bits(pub_key),                                               (unsigned char *)dh->p->d, BN_num_bits(dh->p),                                               key, &k_len) != 0)                {                /* Hardware's a no go, failover to software */                const DH_METHOD *meth;                UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);                p_UBSEC_ubsec_close(fd);                meth = DH_OpenSSL();                ret = meth->compute_key(key, pub_key, dh);                goto err;                }        p_UBSEC_ubsec_close(fd);        ret = p_UBSEC_ubsec_bits_to_bytes(k_len);err:        return ret;        }

static int ubsec_dh_generate_key(DH *dh)        {        int      ret               = 0,                 random_bits       = 0,                 pub_key_len       = 0,                 priv_key_len      = 0,                 fd;        BIGNUM   *pub_key          = NULL;        BIGNUM   *priv_key         = NULL;        /*          *  How many bits should Random x be? dh_key.c         *  sets the range from 0 to num_bits(modulus) ???         */        if (dh->priv_key == NULL)                {                priv_key = BN_new();                if (priv_key == NULL) goto err;                priv_key_len = BN_num_bits(dh->p);                if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err;                do                        if (!BN_rand_range(priv_key, dh->p)) goto err;                while (BN_is_zero(priv_key));                random_bits = BN_num_bits(priv_key);                }        else                {                priv_key = dh->priv_key;                }        if (dh->pub_key == NULL)                {                pub_key = BN_new();                pub_key_len = BN_num_bits(dh->p);                if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;                if(pub_key == NULL) goto err;                }        else                {                pub_key = dh->pub_key;                }        if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)                {                const DH_METHOD *meth;                UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_UNIT_FAILURE);                meth = DH_OpenSSL();                ret = meth->generate_key(dh);                goto err;                }        if (p_UBSEC_diffie_hellman_generate_ioctl(fd,                                                  (unsigned char *)priv_key->d, &priv_key_len,                                                  (unsigned char *)pub_key->d,  &pub_key_len,                                                  (unsigned char *)dh->g->d, BN_num_bits(dh->g),                                                  (unsigned char *)dh->p->d, BN_num_bits(dh->p),                                                  0, 0, random_bits) != 0)                {                /* Hardware's a no go, failover to software */                const DH_METHOD *meth;                UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_REQUEST_FAILED);                p_UBSEC_ubsec_close(fd);                meth = DH_OpenSSL();                ret = meth->generate_key(dh);                goto err;                }        p_UBSEC_ubsec_close(fd);        dh->pub_key = pub_key;        dh->pub_key->top = (pub_key_len + BN_BITS2-1) / BN_BITS2;        dh->priv_key = priv_key;        dh->priv_key->top = (priv_key_len + BN_BITS2-1) / BN_BITS2;        ret = 1;err:        return ret;        }

/* * This internal function is used by ENGINE_nuron() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e){#  ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#  endif#  ifndef OPENSSL_NO_DSA    const DSA_METHOD *meth2;#  endif#  ifndef OPENSSL_NO_DH    const DH_METHOD *meth3;#  endif    if (!ENGINE_set_id(e, engine_nuron_id) ||        !ENGINE_set_name(e, engine_nuron_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &nuron_rsa) ||#  endif#  ifndef OPENSSL_NO_DSA        !ENGINE_set_DSA(e, &nuron_dsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &nuron_dh) ||#  endif        !ENGINE_set_destroy_function(e, nuron_destroy) ||        !ENGINE_set_init_function(e, nuron_init) ||        !ENGINE_set_finish_function(e, nuron_finish) ||        !ENGINE_set_ctrl_function(e, nuron_ctrl) ||        !ENGINE_set_cmd_defns(e, nuron_cmd_defns))        return 0;#  ifndef OPENSSL_NO_RSA    /*     * We know that the "PKCS1_SSLeay()" functions hook properly to the     * nuron-specific mod_exp and mod_exp_crt so we use those functions. NB:     * We don't use ENGINE_openssl() or anything "more generic" because     * something like the RSAref code may not hook properly, and if you own     * one of these cards then you have the right to do RSA operations on it     * anyway!     */    meth1 = RSA_PKCS1_SSLeay();    nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc;    nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc;    nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#  endif#  ifndef OPENSSL_NO_DSA    /*     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.     */    meth2 = DSA_OpenSSL();    nuron_dsa.dsa_do_sign = meth2->dsa_do_sign;    nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup;    nuron_dsa.dsa_do_verify = meth2->dsa_do_verify;#  endif#  ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth3 = DH_OpenSSL();    nuron_dh.generate_key = meth3->generate_key;    nuron_dh.compute_key = meth3->compute_key;#  endif    /* Ensure the nuron error handling is set up */    ERR_load_NURON_strings();    return 1;}

/* As this is only ever called once, there's no need for locking * (indeed - the lock will already be held by our caller!!!) */static int bind_sureware(ENGINE *e){#ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#endif#ifndef OPENSSL_NO_DSA    const DSA_METHOD *meth2;#endif#ifndef OPENSSL_NO_DH    const DH_METHOD *meth3;#endif    if(!ENGINE_set_id(e, engine_sureware_id) ||            !ENGINE_set_name(e, engine_sureware_name) ||#ifndef OPENSSL_NO_RSA            !ENGINE_set_RSA(e, &surewarehk_rsa) ||#endif#ifndef OPENSSL_NO_DSA            !ENGINE_set_DSA(e, &surewarehk_dsa) ||#endif#ifndef OPENSSL_NO_DH            !ENGINE_set_DH(e, &surewarehk_dh) ||#endif            !ENGINE_set_RAND(e, &surewarehk_rand) ||            !ENGINE_set_destroy_function(e, surewarehk_destroy) ||            !ENGINE_set_init_function(e, surewarehk_init) ||            !ENGINE_set_finish_function(e, surewarehk_finish) ||            !ENGINE_set_ctrl_function(e, (ENGINE_CTRL_FUNC_PTR)surewarehk_ctrl) ||            !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||            !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))        return 0;#ifndef OPENSSL_NO_RSA    /* We know that the "PKCS1_SSLeay()" functions hook properly     * to the cswift-specific mod_exp and mod_exp_crt so we use     * those functions. NB: We don't use ENGINE_openssl() or     * anything "more generic" because something like the RSAref     * code may not hook properly, and if you own one of these     * cards then you have the right to do RSA operations on it     * anyway! */    meth1 = RSA_PKCS1_SSLeay();    if (meth1)    {        surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;        surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    }#endif#ifndef OPENSSL_NO_DSA    /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish     * bits. */    meth2 = DSA_OpenSSL();    if (meth2)    {        surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;    }#endif#ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth3 = DH_OpenSSL();    if (meth3)    {        surewarehk_dh.generate_key = meth3->generate_key;        surewarehk_dh.compute_key = meth3->compute_key;    }#endif    /* Ensure the sureware error handling is set up */    ERR_load_SUREWARE_strings();    return 1;}

voidENGINE_load_cryptodev(void){	ENGINE *engine = ENGINE_new();	int fd;	if (engine == NULL)		return;	if ((fd = get_dev_crypto()) < 0) {		ENGINE_free(engine);		return;	}	/*	 * find out what asymmetric crypto algorithms we support	 */	if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {		close(fd);		ENGINE_free(engine);		return;	}	close(fd);	if (!ENGINE_set_id(engine, "cryptodev") ||	    !ENGINE_set_name(engine, "BSD cryptodev engine") ||	    !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||	    !ENGINE_set_digests(engine, cryptodev_engine_digests) ||	    !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||	    !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {		ENGINE_free(engine);		return;	}	if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {		const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();		cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;		cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;		cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;		cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;		cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;		cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;		if (cryptodev_asymfeat & CRF_MOD_EXP) {			cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;			if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)				cryptodev_rsa.rsa_mod_exp =				    cryptodev_rsa_mod_exp;			else				cryptodev_rsa.rsa_mod_exp =				    cryptodev_rsa_nocrt_mod_exp;		}	}	if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {		const DSA_METHOD *meth = DSA_OpenSSL();		memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));		if (cryptodev_asymfeat & CRF_DSA_SIGN)			cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;		if (cryptodev_asymfeat & CRF_MOD_EXP) {			cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;			cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;		}		if (cryptodev_asymfeat & CRF_DSA_VERIFY)			cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;	}	if (ENGINE_set_DH(engine, &cryptodev_dh)){		const DH_METHOD *dh_meth = DH_OpenSSL();		cryptodev_dh.generate_key = dh_meth->generate_key;		cryptodev_dh.compute_key = dh_meth->compute_key;		cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;		if (cryptodev_asymfeat & CRF_MOD_EXP) {			cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;			if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)				cryptodev_dh.compute_key =				    cryptodev_dh_compute_key;		}	}	ENGINE_add(engine);	ENGINE_free(engine);	ERR_clear_error();}

/* This internal function is used by ENGINE_aep() and possibly by the * "dynamic" ENGINE support too */static int bind_aep(ENGINE *e)	{#ifndef OPENSSL_NO_RSA	const RSA_METHOD  *meth1;#endif#ifndef OPENSSL_NO_DSA	const DSA_METHOD  *meth2;#endif#ifndef OPENSSL_NO_DH	const DH_METHOD	  *meth3;#endif	if(!ENGINE_set_id(e, engine_aep_id) ||		!ENGINE_set_name(e, engine_aep_name) ||#ifndef OPENSSL_NO_RSA		!ENGINE_set_RSA(e, &aep_rsa) ||#endif#ifndef OPENSSL_NO_DSA		!ENGINE_set_DSA(e, &aep_dsa) ||#endif#ifndef OPENSSL_NO_DH		!ENGINE_set_DH(e, &aep_dh) ||#endif#ifdef AEPRAND		!ENGINE_set_RAND(e, &aep_random) ||#endif		!ENGINE_set_init_function(e, aep_init) ||		!ENGINE_set_destroy_function(e, aep_destroy) ||		!ENGINE_set_finish_function(e, aep_finish) ||		!ENGINE_set_ctrl_function(e, aep_ctrl) ||		!ENGINE_set_cmd_defns(e, aep_cmd_defns))		return 0;#ifndef OPENSSL_NO_RSA	/* We know that the "PKCS1_SSLeay()" functions hook properly	 * to the aep-specific mod_exp and mod_exp_crt so we use	 * those functions. NB: We don't use ENGINE_openssl() or	 * anything "more generic" because something like the RSAref	 * code may not hook properly, and if you own one of these	 * cards then you have the right to do RSA operations on it	 * anyway! */	meth1 = RSA_PKCS1_SSLeay();	aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;	aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;	aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;	aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#endif#ifndef OPENSSL_NO_DSA	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish	 * bits. */	meth2 = DSA_OpenSSL();	aep_dsa.dsa_do_sign    = meth2->dsa_do_sign;	aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;	aep_dsa.dsa_do_verify  = meth2->dsa_do_verify;	aep_dsa = *DSA_get_default_method(); 	aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; 	aep_dsa.bn_mod_exp = aep_mod_exp_dsa;#endif#ifndef OPENSSL_NO_DH	/* Much the same for Diffie-Hellman */	meth3 = DH_OpenSSL();	aep_dh.generate_key = meth3->generate_key;	aep_dh.compute_key  = meth3->compute_key;	aep_dh.bn_mod_exp   = meth3->bn_mod_exp;#endif	/* Ensure the aep error handling is set up */	ERR_load_AEPHK_strings();	return 1;}

/* This internal function is used by ENGINE_zencod () and possibly by the * "dynamic" ENGINE support too   ;-) */static int bind_helper ( ENGINE *e ){#ifndef OPENSSL_NO_RSA	const RSA_METHOD *meth_rsa ;#endif#ifndef OPENSSL_NO_DSA	const DSA_METHOD *meth_dsa ;#endif#ifndef OPENSSL_NO_DH	const DH_METHOD *meth_dh ;#endif	const RAND_METHOD *meth_rand ;	if ( !ENGINE_set_id ( e, engine_zencod_id ) ||			!ENGINE_set_name ( e, engine_zencod_name ) ||#ifndef OPENSSL_NO_RSA			!ENGINE_set_RSA ( e, &zencod_rsa ) ||#endif#ifndef OPENSSL_NO_DSA			!ENGINE_set_DSA ( e, &zencod_dsa ) ||#endif#ifndef OPENSSL_NO_DH			!ENGINE_set_DH ( e, &zencod_dh ) ||#endif			!ENGINE_set_RAND ( e, &zencod_rand ) ||			!ENGINE_set_destroy_function ( e, zencod_destroy ) ||			!ENGINE_set_init_function ( e, zencod_init ) ||			!ENGINE_set_finish_function ( e, zencod_finish ) ||			!ENGINE_set_ctrl_function ( e, zencod_ctrl ) ||			!ENGINE_set_cmd_defns ( e, zencod_cmd_defns ) ||			!ENGINE_set_digests ( e, engine_digests ) ||			!ENGINE_set_ciphers ( e, engine_ciphers ) ) {		return 0 ;	}#ifndef OPENSSL_NO_RSA	/* We know that the "PKCS1_SSLeay()" functions hook properly	 * to the Zencod-specific mod_exp and mod_exp_crt so we use	 * those functions. NB: We don't use ENGINE_openssl() or	 * anything "more generic" because something like the RSAref	 * code may not hook properly, and if you own one of these	 * cards then you have the right to do RSA operations on it	 * anyway!	 */	meth_rsa = RSA_PKCS1_SSLeay () ;	zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc ;	zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec ;	zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc ;	zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec ;	/* meth_rsa->rsa_mod_exp */	/* meth_rsa->bn_mod_exp */	zencod_rsa.init = meth_rsa->init ;	zencod_rsa.finish = meth_rsa->finish ;#endif#ifndef OPENSSL_NO_DSA	/* We use OpenSSL meth to supply what we don't provide ;-*)	 */	meth_dsa = DSA_OpenSSL () ;	/* meth_dsa->dsa_do_sign */	zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup ;	/* meth_dsa->dsa_do_verify */	zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp ;	/* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */	zencod_dsa.init = meth_dsa->init ;	zencod_dsa.finish = meth_dsa->finish ;#endif#ifndef OPENSSL_NO_DH	/* We use OpenSSL meth to supply what we don't provide ;-*)	 */	meth_dh = DH_OpenSSL () ;	/* zencod_dh.generate_key = meth_dh->generate_key ; */	/* zencod_dh.compute_key = meth_dh->compute_key ; */	/* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */	zencod_dh.init = meth_dh->init ;	zencod_dh.finish = meth_dh->finish ;#endif	/* We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*)	 */	meth_rand = RAND_SSLeay () ;	/* meth_rand->seed ; */	/* zencod_rand.seed = meth_rand->seed ; */	/* meth_rand->bytes ; */	/* zencod_rand.bytes = meth_rand->bytes ; */	zencod_rand.cleanup = meth_rand->cleanup ;	zencod_rand.add = meth_rand->add ;//.........这里部分代码省略.........