engine: create missing NIDs

Signed-off-by: Sergei Ianovich <sergei.ianovich@ya.ru>

diff --git a/gost_eng.c b/gost_eng.c
index c128867300c7438ed8787060a9bfaafdc1c1ef6d..f38a6fc5d7113f27ef5c352ef022924d8aea86e1 100644 (file)
--- a/gost_eng.c
+++ b/gost_eng.c
@@ -295,6 +295,8 @@ static int gost_engine_finish(ENGINE* e) {
     return 1;
 }
 
+static void free_NIDs();
+
 static int gost_engine_destroy(ENGINE* e) {
     int i;
 
@@ -312,6 +314,7 @@ static int gost_engine_destroy(ENGINE* e) {
     }
 
     free_cached_groups();
+    free_NIDs();
 
 # ifndef BUILDING_GOST_PROVIDER
     ERR_unload_GOST_strings();
@@ -325,6 +328,33 @@ static int gost_engine_destroy(ENGINE* e) {
  * binds it to OpenSSL libraries
  */
 
+static GOST_NID_JOB *missing_NIDs[] = {
+};
+
+static int create_NIDs() {
+    int i;
+    int new_nid = OBJ_new_nid(OSSL_NELEM(missing_NIDs));
+    for (i = 0; i < OSSL_NELEM(missing_NIDs); i++) {
+        GOST_NID_JOB *job = missing_NIDs[i];
+        ASN1_OBJECT *obj =
+            ASN1_OBJECT_create(new_nid + i, NULL, 0, job->sn, job->ln);
+        job->asn1 = obj;
+        if (!obj || OBJ_add_object(obj) == NID_undef) {
+            OPENSSL_free(obj);
+            return 0;
+        }
+        (*missing_NIDs[i]->callback)(new_nid + i);
+    }
+    return 1;
+}
+
+static void free_NIDs() {
+    int i;
+    for (i = 0; i < OSSL_NELEM(missing_NIDs); i++) {
+        ASN1_OBJECT_free(missing_NIDs[i]->asn1);
+    }
+}
+
 # ifndef BUILDING_GOST_PROVIDER
 static
 # endif
@@ -341,6 +371,10 @@ int populate_gost_engine(ENGINE* e) {
         fprintf(stderr, "ENGINE_set_name failed\n");
         goto end;
     }
+    if (!create_NIDs()) {
+        fprintf(stderr, "NID creation failed\n");
+        goto end;
+    }
     if (!ENGINE_set_digests(e, gost_digests)) {
         fprintf(stderr, "ENGINE_set_digests failed\n");
         goto end;

diff --git a/gost_lcl.h b/gost_lcl.h
index 569f7cfbd3c5c38816eedb34f85cea087a83d67d..d8b894368ed52f7005eab9e72cbfe61858337b11 100644 (file)
--- a/gost_lcl.h
+++ b/gost_lcl.h
@@ -17,6 +17,7 @@
 # include <openssl/x509.h>
 # include <openssl/engine.h>
 # include <openssl/ec.h>
+# include <openssl/asn1.h>
 # include "gost89.h"
 # include "gosthash.h"
 /* Control commands */
@@ -400,5 +401,15 @@ extern GOST_digest kuznyechik_ctracpkm_omac_digest;
 extern const OSSL_ALGORITHM GOST_prov_digests[];
 void GOST_prov_deinit_digests(void);
 
+/* job to initialize a missing NID */
+struct gost_nid_job {
+    const char *sn;
+    const char *ln;
+    void (*callback)(int nid);
+    ASN1_OBJECT *asn1;
+};
+
+typedef struct gost_nid_job GOST_NID_JOB;
+
 #endif
 /* vim: set expandtab cinoptions=\:0,l1,t0,g0,(0 sw=4 : */