自学教程：C++ ENGINE_set_RAND函数代码示例

/* Prepare the ENGINE structure for registration */static int padlock_bind_helper(ENGINE *e){    /* Check available features */    padlock_available();    /*     * RNG is currently disabled for reasons discussed in commentary just     * before padlock_rand_bytes function.     */    padlock_use_rng = 0;    /* Generate a nice engine name with available features */    BIO_snprintf(padlock_name, sizeof(padlock_name),                 "VIA PadLock (%s, %s)",                 padlock_use_rng ? "RNG" : "no-RNG",                 padlock_use_ace ? "ACE" : "no-ACE");    /* Register everything or return with an error */    if (!ENGINE_set_id(e, padlock_id) ||        !ENGINE_set_name(e, padlock_name) ||        !ENGINE_set_init_function(e, padlock_init) ||#   ifndef OPENSSL_NO_AES        (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||#   endif        (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {        return 0;    }    /* Everything looks good */    return 1;}

/* Prepare the ENGINE structure for registration */static intpadlock_bind_helper(ENGINE *e){	/* Check available features */	padlock_available();#if 1	/* disable RNG for now, see commentary in vicinity of RNG code */	padlock_use_rng=0;#endif	/* Generate a nice engine name with available features */	BIO_snprintf(padlock_name, sizeof(padlock_name),		"VIA PadLock (%s, %s)", 		 padlock_use_rng ? "RNG" : "no-RNG",		 padlock_use_ace ? "ACE" : "no-ACE");	/* Register everything or return with an error */ 	if (!ENGINE_set_id(e, padlock_id) ||	    !ENGINE_set_name(e, padlock_name) ||	    !ENGINE_set_init_function(e, padlock_init) ||#ifndef OPENSSL_NO_AES	    (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||#endif	    (padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) {		return 0;	}	/* Everything looks good */	return 1;}

/* ---------------------*/static int bind_helper(ENGINE *e){    if (!ENGINE_set_id(e, engine_cluster_labs_id) ||        !ENGINE_set_name(e, engine_cluster_labs_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &cluster_labs_rsa) ||#  endif#  ifndef OPENSSL_NO_DSA        !ENGINE_set_DSA(e, &cluster_labs_dsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &cluster_labs_dh) ||#  endif        !ENGINE_set_RAND(e, &cluster_labs_rand) ||        !ENGINE_set_destroy_function(e, cluster_labs_destroy) ||        !ENGINE_set_init_function(e, cluster_labs_init) ||        !ENGINE_set_finish_function(e, cluster_labs_finish) ||        !ENGINE_set_ctrl_function(e, cluster_labs_ctrl) ||        !ENGINE_set_cmd_defns(e, cluster_labs_cmd_defns))        return 0;    /* Ensure the error handling is set up */    ERR_load_CL_strings();    return 1;}

static int bind_helper (ENGINE * e){    if (!ENGINE_set_id (e, engine_e_rdrand_id) ||        !ENGINE_set_name (e, engine_e_rdrand_name) ||        !ENGINE_set_flags (e, ENGINE_FLAGS_NO_REGISTER_ALL) ||        !ENGINE_set_init_function (e, rdrand_init) || !ENGINE_set_RAND (e, &rdrand_meth))        return 0;    return 1;}

static int bind_helper(ENGINE *e)	{	if (!ENGINE_set_id(e, engine_e_rdrand_id) ||	    !ENGINE_set_name(e, engine_e_rdrand_name) ||	    !ENGINE_set_init_function(e, rdrand_init) ||	    !ENGINE_set_RAND(e, &rdrand_meth) )		return 0;	return 1;	}

isc_result_tdst__openssl_init() {	isc_result_t result;#ifdef  DNS_CRYPTO_LEAKS	CRYPTO_malloc_debug_init();	CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);#endif	CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free);	nlocks = CRYPTO_num_locks();	locks = mem_alloc(sizeof(isc_mutex_t) * nlocks);	if (locks == NULL)		return (ISC_R_NOMEMORY);	result = isc_mutexblock_init(locks, nlocks);	if (result != ISC_R_SUCCESS)		goto cleanup_mutexalloc;	CRYPTO_set_locking_callback(lock_callback);	CRYPTO_set_id_callback(id_callback);	rm = mem_alloc(sizeof(RAND_METHOD));	if (rm == NULL) {		result = ISC_R_NOMEMORY;		goto cleanup_mutexinit;	}	rm->seed = NULL;	rm->bytes = entropy_get;	rm->cleanup = NULL;	rm->add = entropy_add;	rm->pseudorand = entropy_getpseudo;	rm->status = entropy_status;#ifdef USE_ENGINE	e = ENGINE_new();	if (e == NULL) {		result = ISC_R_NOMEMORY;		goto cleanup_rm;	}	ENGINE_set_RAND(e, rm);	RAND_set_rand_method(rm);#else	RAND_set_rand_method(rm);#endif /* USE_ENGINE */	return (ISC_R_SUCCESS);#ifdef USE_ENGINE cleanup_rm:	mem_free(rm);#endif cleanup_mutexinit:	CRYPTO_set_locking_callback(NULL);	DESTROYMUTEXBLOCK(locks, nlocks); cleanup_mutexalloc:	mem_free(locks);	return (result);}

/* * This internal function is used by ENGINE_cswift() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e){#  ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#  endif#  ifndef OPENSSL_NO_DH    const DH_METHOD *meth2;#  endif    if (!ENGINE_set_id(e, engine_cswift_id) ||        !ENGINE_set_name(e, engine_cswift_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &cswift_rsa) ||#  endif#  ifndef OPENSSL_NO_DSA        !ENGINE_set_DSA(e, &cswift_dsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &cswift_dh) ||#  endif        !ENGINE_set_RAND(e, &cswift_random) ||        !ENGINE_set_destroy_function(e, cswift_destroy) ||        !ENGINE_set_init_function(e, cswift_init) ||        !ENGINE_set_finish_function(e, cswift_finish) ||        !ENGINE_set_ctrl_function(e, cswift_ctrl) ||        !ENGINE_set_cmd_defns(e, cswift_cmd_defns))        return 0;#  ifndef OPENSSL_NO_RSA    /*     * We know that the "PKCS1_SSLeay()" functions hook properly to the     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:     * We don't use ENGINE_openssl() or anything "more generic" because     * something like the RSAref code may not hook properly, and if you own     * one of these cards then you have the right to do RSA operations on it     * anyway!     */    meth1 = RSA_PKCS1_SSLeay();    cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;    cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;    cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#  endif#  ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth2 = DH_OpenSSL();    cswift_dh.generate_key = meth2->generate_key;    cswift_dh.compute_key = meth2->compute_key;#  endif    /* Ensure the cswift error handling is set up */    ERR_load_CSWIFT_strings();    return 1;}

static ENGINE *sc_get_engine(void){	static ENGINE *smart_engine = NULL;	if ((smart_engine = ENGINE_new()) == NULL)		fatal("ENGINE_new failed");	ENGINE_set_id(smart_engine, "sectok");	ENGINE_set_name(smart_engine, "libsectok");	ENGINE_set_RSA(smart_engine, sc_get_rsa_method());	ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method());	ENGINE_set_DH(smart_engine, DH_get_default_openssl_method());	ENGINE_set_RAND(smart_engine, RAND_SSLeay());	ENGINE_set_BN_mod_exp(smart_engine, BN_mod_exp);	return smart_engine;}

/* * This internal function is used by ENGINE_openssl() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e){    if (!ENGINE_set_id(e, engine_openssl_id)        || !ENGINE_set_name(e, engine_openssl_name)        || !ENGINE_set_destroy_function(e, openssl_destroy)#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS# ifndef OPENSSL_NO_RSA        || !ENGINE_set_RSA(e, RSA_get_default_method())# endif# ifndef OPENSSL_NO_DSA        || !ENGINE_set_DSA(e, DSA_get_default_method())# endif# ifndef OPENSSL_NO_EC        || !ENGINE_set_EC(e, EC_KEY_OpenSSL())# endif# ifndef OPENSSL_NO_DH        || !ENGINE_set_DH(e, DH_get_default_method())# endif        || !ENGINE_set_RAND(e, RAND_OpenSSL())# ifdef TEST_ENG_OPENSSL_RC4        || !ENGINE_set_ciphers(e, openssl_ciphers)# endif# ifdef TEST_ENG_OPENSSL_SHA        || !ENGINE_set_digests(e, openssl_digests)# endif#endif#ifdef TEST_ENG_OPENSSL_PKEY        || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)#endif#ifdef TEST_ENG_OPENSSL_HMAC        || !ossl_register_hmac_meth()        || !ENGINE_set_pkey_meths(e, ossl_pkey_meths)#endif        )        return 0;    /*     * If we add errors to this ENGINE, ensure the error handling is setup     * here     */    /* openssl_load_error_strings(); */    return 1;}

/* This internal function is used by ENGINE_tpm() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE * e){	if (!ENGINE_set_id(e, engine_tpm_id) ||	    !ENGINE_set_name(e, engine_tpm_name) ||#ifndef OPENSSL_NO_RSA	    !ENGINE_set_RSA(e, &tpm_rsa) ||#endif	    !ENGINE_set_RAND(e, &tpm_rand) ||	    !ENGINE_set_destroy_function(e, tpm_engine_destroy) ||	    !ENGINE_set_init_function(e, tpm_engine_init) ||	    !ENGINE_set_finish_function(e, tpm_engine_finish) ||	    !ENGINE_set_ctrl_function(e, tpm_engine_ctrl) ||	    !ENGINE_set_load_pubkey_function(e, tpm_engine_load_key) ||	    !ENGINE_set_load_privkey_function(e, tpm_engine_load_key) ||	    !ENGINE_set_cmd_defns(e, tpm_cmd_defns))		return 0;	/* Ensure the tpm error handling is set up */	ERR_load_TPM_strings();	return 1;}

/* This internal function is used by ENGINE_openssl() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e)	{	if(!ENGINE_set_id(e, engine_openssl_id)			|| !ENGINE_set_name(e, engine_openssl_name)#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS#ifndef OPENSSL_NO_RSA			|| !ENGINE_set_RSA(e, RSA_get_default_method())#endif#ifndef OPENSSL_NO_DSA			|| !ENGINE_set_DSA(e, DSA_get_default_method())#endif#ifndef OPENSSL_NO_ECDH			|| !ENGINE_set_ECDH(e, ECDH_OpenSSL())#endif#ifndef OPENSSL_NO_ECDSA			|| !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())#endif#ifndef OPENSSL_NO_DH			|| !ENGINE_set_DH(e, DH_get_default_method())#endif			|| !ENGINE_set_RAND(e, RAND_SSLeay())#ifdef TEST_ENG_OPENSSL_RC4			|| !ENGINE_set_ciphers(e, openssl_ciphers)#endif#ifdef TEST_ENG_OPENSSL_SHA			|| !ENGINE_set_digests(e, openssl_digests)#endif#endif//MS:#ifndef OPENSSL_NO_STDIO#ifdef TEST_ENG_OPENSSL_PKEY			|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)#endif#endif			)		return 0;	/* If we add errors to this ENGINE, ensure the error handling is setup here */	/* openssl_load_error_strings(); */	return 1;	}

/* ---------------------*/static int bind_helper(ENGINE *e){    if (!ENGINE_set_id(e, engine_4758_cca_id) ||        !ENGINE_set_name(e, engine_4758_cca_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||#  endif        !ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||        !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||        !ENGINE_set_init_function(e, ibm_4758_cca_init) ||        !ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||        !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||        !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||#  endif        !ENGINE_set_cmd_defns(e, cca4758_cmd_defns))        return 0;    /* Ensure the error handling is set up */    ERR_load_CCA4758_strings();    return 1;}

/* Returns 1 if successfully added, 2 if engine has previously been added,   and 0 for error. */int Cryptography_add_osrandom_engine(void) {    ENGINE *e;    ERR_load_Cryptography_OSRandom_strings();    e = ENGINE_by_id(Cryptography_osrandom_engine_id);    if (e != NULL) {        ENGINE_free(e);        return 2;    } else {        ERR_clear_error();    }    e = ENGINE_new();    if (e == NULL) {        return 0;    }    if (!ENGINE_set_id(e, Cryptography_osrandom_engine_id) ||            !ENGINE_set_name(e, Cryptography_osrandom_engine_name) ||            !ENGINE_set_RAND(e, &osrandom_rand) ||            !ENGINE_set_init_function(e, osrandom_init) ||            !ENGINE_set_finish_function(e, osrandom_finish) ||            !ENGINE_set_cmd_defns(e, osrandom_cmd_defns) ||            !ENGINE_set_ctrl_function(e, osrandom_ctrl)) {        ENGINE_free(e);        return 0;    }    if (!ENGINE_add(e)) {        ENGINE_free(e);        return 0;    }    if (!ENGINE_free(e)) {        return 0;    }    return 1;}

/* * This internal function is used by ENGINE_aep() and possibly by the * "dynamic" ENGINE support too */static int bind_aep(ENGINE *e){#  ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#  endif#  ifndef OPENSSL_NO_DSA    const DSA_METHOD *meth2;#  endif#  ifndef OPENSSL_NO_DH    const DH_METHOD *meth3;#  endif    if (!ENGINE_set_id(e, engine_aep_id) ||        !ENGINE_set_name(e, engine_aep_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &aep_rsa) ||#  endif#  ifndef OPENSSL_NO_DSA        !ENGINE_set_DSA(e, &aep_dsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &aep_dh) ||#  endif#  ifdef AEPRAND        !ENGINE_set_RAND(e, &aep_random) ||#  endif        !ENGINE_set_init_function(e, aep_init) ||        !ENGINE_set_destroy_function(e, aep_destroy) ||        !ENGINE_set_finish_function(e, aep_finish) ||        !ENGINE_set_ctrl_function(e, aep_ctrl) ||        !ENGINE_set_cmd_defns(e, aep_cmd_defns))        return 0;#  ifndef OPENSSL_NO_RSA    /*     * We know that the "PKCS1_SSLeay()" functions hook properly to the     * aep-specific mod_exp and mod_exp_crt so we use those functions. NB: We     * don't use ENGINE_openssl() or anything "more generic" because     * something like the RSAref code may not hook properly, and if you own     * one of these cards then you have the right to do RSA operations on it     * anyway!     */    meth1 = RSA_PKCS1_SSLeay();    aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;    aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;    aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#  endif#  ifndef OPENSSL_NO_DSA    /*     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.     */    meth2 = DSA_OpenSSL();    aep_dsa.dsa_do_sign = meth2->dsa_do_sign;    aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;    aep_dsa.dsa_do_verify = meth2->dsa_do_verify;    aep_dsa = *DSA_get_default_method();    aep_dsa.dsa_mod_exp = aep_dsa_mod_exp;    aep_dsa.bn_mod_exp = aep_mod_exp_dsa;#  endif#  ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth3 = DH_OpenSSL();    aep_dh.generate_key = meth3->generate_key;    aep_dh.compute_key = meth3->compute_key;    aep_dh.bn_mod_exp = meth3->bn_mod_exp;#  endif    /* Ensure the aep error handling is set up */    ERR_load_AEPHK_strings();    return 1;}

/* As this is only ever called once, there's no need for locking * (indeed - the lock will already be held by our caller!!!) */static int bind_sureware(ENGINE *e){#ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#endif#ifndef OPENSSL_NO_DSA    const DSA_METHOD *meth2;#endif#ifndef OPENSSL_NO_DH    const DH_METHOD *meth3;#endif    if(!ENGINE_set_id(e, engine_sureware_id) ||            !ENGINE_set_name(e, engine_sureware_name) ||#ifndef OPENSSL_NO_RSA            !ENGINE_set_RSA(e, &surewarehk_rsa) ||#endif#ifndef OPENSSL_NO_DSA            !ENGINE_set_DSA(e, &surewarehk_dsa) ||#endif#ifndef OPENSSL_NO_DH            !ENGINE_set_DH(e, &surewarehk_dh) ||#endif            !ENGINE_set_RAND(e, &surewarehk_rand) ||            !ENGINE_set_destroy_function(e, surewarehk_destroy) ||            !ENGINE_set_init_function(e, surewarehk_init) ||            !ENGINE_set_finish_function(e, surewarehk_finish) ||            !ENGINE_set_ctrl_function(e, (ENGINE_CTRL_FUNC_PTR)surewarehk_ctrl) ||            !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||            !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))        return 0;#ifndef OPENSSL_NO_RSA    /* We know that the "PKCS1_SSLeay()" functions hook properly     * to the cswift-specific mod_exp and mod_exp_crt so we use     * those functions. NB: We don't use ENGINE_openssl() or     * anything "more generic" because something like the RSAref     * code may not hook properly, and if you own one of these     * cards then you have the right to do RSA operations on it     * anyway! */    meth1 = RSA_PKCS1_SSLeay();    if (meth1)    {        surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;        surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    }#endif#ifndef OPENSSL_NO_DSA    /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish     * bits. */    meth2 = DSA_OpenSSL();    if (meth2)    {        surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;    }#endif#ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth3 = DH_OpenSSL();    if (meth3)    {        surewarehk_dh.generate_key = meth3->generate_key;        surewarehk_dh.compute_key = meth3->compute_key;    }#endif    /* Ensure the sureware error handling is set up */    ERR_load_SUREWARE_strings();    return 1;}

//.........这里部分代码省略.........	}	rm->seed = NULL;	rm->bytes = entropy_get;	rm->cleanup = NULL;	rm->add = entropy_add;	rm->pseudorand = entropy_getpseudo;	rm->status = entropy_status;#ifdef USE_ENGINE	OPENSSL_config(NULL);#ifdef USE_PKCS11#ifndef PKCS11_SO_PATH#define PKCS11_SO_PATH		"/usr/local/lib/engines/engine_pkcs11.so"#endif#ifndef PKCS11_MODULE_PATH#define PKCS11_MODULE_PATH	"/usr/lib/libpkcs11.so"#endif	{		/*		 * to use this to config the PIN, add in openssl.cnf:		 *  - at the beginning: "openssl_conf = openssl_def"		 *  - at any place these sections:		 * [ openssl_def ]		 * engines = engine_section		 * [ engine_section ]		 * pkcs11 = pkcs11_section		 * [ pkcs11_section ]		 * PIN = my___pin		 */		const char *pre_cmds[] = {			"SO_PATH", PKCS11_SO_PATH,			"LOAD", NULL,			"MODULE_PATH", PKCS11_MODULE_PATH		};		const char *post_cmds[] = {			/* "PIN", "my___pin" */		};		result = dst__openssl_load_engine("pkcs11", "pkcs11",						  pre_cmds, 0,						  post_cmds, /*1*/ 0);		if (result != ISC_R_SUCCESS)			goto cleanup_rm;	}#endif /* USE_PKCS11 */	if (engine_id != NULL) {		e = ENGINE_by_id(engine_id);		if (e == NULL) {			result = ISC_R_NOTFOUND;			goto cleanup_rm;		}		if (!ENGINE_init(e)) {			result = ISC_R_FAILURE;			ENGINE_free(e);			goto cleanup_rm;		}		ENGINE_set_default(e, ENGINE_METHOD_ALL);		ENGINE_free(e);	} else {		ENGINE_register_all_complete();		for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {			/*			 * Something weird here. If we call ENGINE_finish()			 * ENGINE_get_default_RAND() will fail.			 */			if (ENGINE_init(e)) {				if (he == NULL)					he = e;			}		}	}	re = ENGINE_get_default_RAND();	if (re == NULL) {		re = ENGINE_new();		if (re == NULL) {			result = ISC_R_NOMEMORY;			goto cleanup_rm;		}		ENGINE_set_RAND(re, rm);		ENGINE_set_default_RAND(re);		ENGINE_free(re);	} else		ENGINE_finish(re);#else	RAND_set_rand_method(rm);#endif /* USE_ENGINE */	return (ISC_R_SUCCESS);#ifdef USE_ENGINE cleanup_rm:	mem_free(rm);#endif cleanup_mutexinit:	CRYPTO_set_locking_callback(NULL);	DESTROYMUTEXBLOCK(locks, nlocks); cleanup_mutexalloc:	mem_free(locks);	return (result);}

/* * This internal function is used by ENGINE_chil() and possibly by the * "dynamic" ENGINE support too */static int bind_helper(ENGINE *e){#  ifndef OPENSSL_NO_RSA    const RSA_METHOD *meth1;#  endif#  ifndef OPENSSL_NO_DH    const DH_METHOD *meth2;#  endif    chil_lock = CRYPTO_THREAD_lock_new();    if (chil_lock == NULL) {        HWCRHKerr(HWCRHK_F_BIND_HELPER, ERR_R_MALLOC_FAILURE);        return 0;    }    if (!ENGINE_set_id(e, engine_hwcrhk_id) ||        !ENGINE_set_name(e, engine_hwcrhk_name) ||#  ifndef OPENSSL_NO_RSA        !ENGINE_set_RSA(e, &hwcrhk_rsa) ||#  endif#  ifndef OPENSSL_NO_DH        !ENGINE_set_DH(e, &hwcrhk_dh) ||#  endif        !ENGINE_set_RAND(e, &hwcrhk_rand) ||        !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||        !ENGINE_set_init_function(e, hwcrhk_init) ||        !ENGINE_set_finish_function(e, hwcrhk_finish) ||        !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||        !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||        !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||        !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))        return 0;#  ifndef OPENSSL_NO_RSA    /*     * We know that the "PKCS1_OpenSSL()" functions hook properly to the     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:     * We don't use ENGINE_openssl() or anything "more generic" because     * something like the RSAref code may not hook properly, and if you own     * one of these cards then you have the right to do RSA operations on it     * anyway!     */    meth1 = RSA_PKCS1_OpenSSL();    hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;    hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;    hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;    hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#  endif#  ifndef OPENSSL_NO_DH    /* Much the same for Diffie-Hellman */    meth2 = DH_OpenSSL();    hwcrhk_dh.generate_key = meth2->generate_key;    hwcrhk_dh.compute_key = meth2->compute_key;#  endif    /* Ensure the hwcrhk error handling is set up */    ERR_load_HWCRHK_strings();    return 1;}

static int bind_helper(ENGINE *e)	{#ifndef OPENSSL_NO_RSA	const RSA_METHOD *meth1;#endif#ifndef OPENSSL_NO_DSA	const DSA_METHOD *meth2;#endif#ifndef OPENSSL_NO_DH	const DH_METHOD *meth3;#endif	if(!ENGINE_set_id(e, engine_ibmca_id) ||		!ENGINE_set_name(e, engine_ibmca_name) ||#ifndef OPENSSL_NO_RSA		!ENGINE_set_RSA(e, &ibmca_rsa) ||#endif#ifndef OPENSSL_NO_DSA		!ENGINE_set_DSA(e, &ibmca_dsa) ||#endif#ifndef OPENSSL_NO_DH		!ENGINE_set_DH(e, &ibmca_dh) ||#endif		!ENGINE_set_RAND(e, &ibmca_rand) ||		!ENGINE_set_destroy_function(e, ibmca_destroy) ||		!ENGINE_set_init_function(e, ibmca_init) ||		!ENGINE_set_finish_function(e, ibmca_finish) ||		!ENGINE_set_ctrl_function(e, ibmca_ctrl) ||		!ENGINE_set_cmd_defns(e, ibmca_cmd_defns))		return 0;#ifndef OPENSSL_NO_RSA	/* We know that the "PKCS1_SSLeay()" functions hook properly	 * to the ibmca-specific mod_exp and mod_exp_crt so we use	 * those functions. NB: We don't use ENGINE_openssl() or	 * anything "more generic" because something like the RSAref	 * code may not hook properly, and if you own one of these	 * cards then you have the right to do RSA operations on it	 * anyway! */ 	meth1 = RSA_PKCS1_SSLeay();	ibmca_rsa.rsa_pub_enc = meth1->rsa_pub_enc;	ibmca_rsa.rsa_pub_dec = meth1->rsa_pub_dec;	ibmca_rsa.rsa_priv_enc = meth1->rsa_priv_enc;	ibmca_rsa.rsa_priv_dec = meth1->rsa_priv_dec;#endif#ifndef OPENSSL_NO_DSA	/* Use the DSA_OpenSSL() method and just hook the mod_exp-ish	 * bits. */	meth2 = DSA_OpenSSL();	ibmca_dsa.dsa_do_sign = meth2->dsa_do_sign;//.........这里部分代码省略.........

isc_result_tdst__openssl_init(const char *engine) {	isc_result_t result;#ifdef USE_ENGINE	ENGINE *re;#else	UNUSED(engine);#endif#ifdef  DNS_CRYPTO_LEAKS	CRYPTO_malloc_debug_init();	CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);#endif	CRYPTO_set_mem_functions(mem_alloc, mem_realloc, mem_free);	nlocks = CRYPTO_num_locks();	locks = mem_alloc(sizeof(isc_mutex_t) * nlocks);	if (locks == NULL)		return (ISC_R_NOMEMORY);	result = isc_mutexblock_init(locks, nlocks);	if (result != ISC_R_SUCCESS)		goto cleanup_mutexalloc;	CRYPTO_set_locking_callback(lock_callback);#if OPENSSL_VERSION_NUMBER < 0x10100000L	CRYPTO_set_id_callback(id_callback);#endif	ERR_load_crypto_strings();	rm = mem_alloc(sizeof(RAND_METHOD));	if (rm == NULL) {		result = ISC_R_NOMEMORY;		goto cleanup_mutexinit;	}	rm->seed = NULL;	rm->bytes = entropy_get;	rm->cleanup = NULL;	rm->add = entropy_add;	rm->pseudorand = entropy_getpseudo;	rm->status = entropy_status;#ifdef USE_ENGINE	OPENSSL_config(NULL);	if (engine != NULL && *engine == '/0')		engine = NULL;	if (engine != NULL) {		e = ENGINE_by_id(engine);		if (e == NULL) {			result = DST_R_NOENGINE;			goto cleanup_rm;		}		/* This will init the engine. */		if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {			result = DST_R_NOENGINE;			goto cleanup_rm;		}	}	re = ENGINE_get_default_RAND();	if (re == NULL) {		re = ENGINE_new();		if (re == NULL) {			result = ISC_R_NOMEMORY;			goto cleanup_rm;		}		ENGINE_set_RAND(re, rm);		ENGINE_set_default_RAND(re);		ENGINE_free(re);	} else		ENGINE_finish(re);#else	RAND_set_rand_method(rm);#endif /* USE_ENGINE */	return (ISC_R_SUCCESS);#ifdef USE_ENGINE cleanup_rm:	if (e != NULL)		ENGINE_free(e);	e = NULL;	mem_free(rm);	rm = NULL;#endif cleanup_mutexinit:	CRYPTO_set_locking_callback(NULL);	DESTROYMUTEXBLOCK(locks, nlocks); cleanup_mutexalloc:	mem_free(locks);	locks = NULL;	return (result);}

//.........这里部分代码省略.........         * But since 'max' is an int and INT_MAX is <= UINT_MAX / 2,         * in the worst case we discard 25% - 1 r's.         */        if (r < (UINT64_MAX - (UINT64_MAX % max))) {            return r % max;        }    }    return -1;}#ifndef OPENSSL_IS_BORINGSSLint s2n_openssl_compat_rand(unsigned char *buf, int num){    struct s2n_blob out = {.data = buf, .size = num};    if(s2n_get_private_random_data(&out) < 0) {        return 0;    }    return 1;}int s2n_openssl_compat_status(void){    return 1;}int s2n_openssl_compat_init(ENGINE *unused){    return 1;}RAND_METHOD s2n_openssl_rand_method = {    .seed = NULL,    .bytes = s2n_openssl_compat_rand,    .cleanup = NULL,    .add = NULL,    .pseudorand = s2n_openssl_compat_rand,    .status = s2n_openssl_compat_status};#endifint s2n_init(void){    GUARD(s2n_mem_init());    OPEN:    entropy_fd = open(ENTROPY_SOURCE, O_RDONLY);    if (entropy_fd == -1) {        if (errno == EINTR) {            goto OPEN;        }        S2N_ERROR(S2N_ERR_OPEN_RANDOM);    }#if defined(MAP_INHERIT_ZERO)    if ((zero_if_forked_ptr = mmap(NULL, sizeof(int), PROT_READ|PROT_WRITE,                                   MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) {        S2N_ERROR(S2N_ERR_OPEN_RANDOM);    }    if (minherit(zero_if_forked_ptr, sizeof(int), MAP_INHERIT_ZERO) == -1) {        S2N_ERROR(S2N_ERR_OPEN_RANDOM);    }#else    if (pthread_atfork(NULL, NULL, s2n_on_fork) != 0) {        S2N_ERROR(S2N_ERR_OPEN_RANDOM);    }#endif    GUARD(s2n_check_fork());#ifndef OPENSSL_IS_BORINGSSL    /* Create an engine */    ENGINE *e = ENGINE_new();    if (e == NULL ||        ENGINE_set_id(e, "s2n") != 1 ||        ENGINE_set_name(e, "s2n entropy generator") != 1 ||        ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) != 1 ||        ENGINE_set_init_function(e, s2n_openssl_compat_init) != 1 ||        ENGINE_set_RAND(e, &s2n_openssl_rand_method) != 1 ||        ENGINE_add(e) != 1 ||        ENGINE_free(e) != 1) {        S2N_ERROR(S2N_ERR_OPEN_RANDOM);    }    /* Use that engine for rand() */    e = ENGINE_by_id("s2n");    if (e == NULL ||        ENGINE_init(e) != 1 ||        ENGINE_set_default(e, ENGINE_METHOD_RAND) != 1) {        S2N_ERROR(S2N_ERR_OPEN_RANDOM);    }#endif    return 0;}

/* This internal function is used by ENGINE_zencod () and possibly by the * "dynamic" ENGINE support too   ;-) */static int bind_helper ( ENGINE *e ){#ifndef OPENSSL_NO_RSA	const RSA_METHOD *meth_rsa ;#endif#ifndef OPENSSL_NO_DSA	const DSA_METHOD *meth_dsa ;#endif#ifndef OPENSSL_NO_DH	const DH_METHOD *meth_dh ;#endif	const RAND_METHOD *meth_rand ;	if ( !ENGINE_set_id ( e, engine_zencod_id ) ||			!ENGINE_set_name ( e, engine_zencod_name ) ||#ifndef OPENSSL_NO_RSA			!ENGINE_set_RSA ( e, &zencod_rsa ) ||#endif#ifndef OPENSSL_NO_DSA			!ENGINE_set_DSA ( e, &zencod_dsa ) ||#endif#ifndef OPENSSL_NO_DH			!ENGINE_set_DH ( e, &zencod_dh ) ||#endif			!ENGINE_set_RAND ( e, &zencod_rand ) ||			!ENGINE_set_destroy_function ( e, zencod_destroy ) ||			!ENGINE_set_init_function ( e, zencod_init ) ||			!ENGINE_set_finish_function ( e, zencod_finish ) ||			!ENGINE_set_ctrl_function ( e, zencod_ctrl ) ||			!ENGINE_set_cmd_defns ( e, zencod_cmd_defns ) ||			!ENGINE_set_digests ( e, engine_digests ) ||			!ENGINE_set_ciphers ( e, engine_ciphers ) ) {		return 0 ;	}#ifndef OPENSSL_NO_RSA	/* We know that the "PKCS1_SSLeay()" functions hook properly	 * to the Zencod-specific mod_exp and mod_exp_crt so we use	 * those functions. NB: We don't use ENGINE_openssl() or	 * anything "more generic" because something like the RSAref	 * code may not hook properly, and if you own one of these	 * cards then you have the right to do RSA operations on it	 * anyway!	 */	meth_rsa = RSA_PKCS1_SSLeay () ;	zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc ;	zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec ;	zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc ;	zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec ;	/* meth_rsa->rsa_mod_exp */	/* meth_rsa->bn_mod_exp */	zencod_rsa.init = meth_rsa->init ;	zencod_rsa.finish = meth_rsa->finish ;#endif#ifndef OPENSSL_NO_DSA	/* We use OpenSSL meth to supply what we don't provide ;-*)	 */	meth_dsa = DSA_OpenSSL () ;	/* meth_dsa->dsa_do_sign */	zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup ;	/* meth_dsa->dsa_do_verify */	zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp ;	/* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */	zencod_dsa.init = meth_dsa->init ;	zencod_dsa.finish = meth_dsa->finish ;#endif#ifndef OPENSSL_NO_DH	/* We use OpenSSL meth to supply what we don't provide ;-*)	 */	meth_dh = DH_OpenSSL () ;	/* zencod_dh.generate_key = meth_dh->generate_key ; */	/* zencod_dh.compute_key = meth_dh->compute_key ; */	/* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */	zencod_dh.init = meth_dh->init ;	zencod_dh.finish = meth_dh->finish ;#endif	/* We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*)	 */	meth_rand = RAND_SSLeay () ;	/* meth_rand->seed ; */	/* zencod_rand.seed = meth_rand->seed ; */	/* meth_rand->bytes ; */	/* zencod_rand.bytes = meth_rand->bytes ; */	zencod_rand.cleanup = meth_rand->cleanup ;	zencod_rand.add = meth_rand->add ;//.........这里部分代码省略.........