provider init

configure.ac

@@ -38,6 +38,7 @@ opensslversion="$( \
 case "$opensslversion" in
 	3.*) # Engines directory prefix for OpenSSL 3.x
 	    LIBP11_LT_OLDEST="3"
+	    LIBP11_OSSL_PROVIDER="yes"
 	    debian_ssl_prefix="engines-3";;
 	1.1.*) # Engines directory prefix for OpenSSL 1.1.x
 	    LIBP11_LT_OLDEST="3"
@@ -50,6 +51,13 @@ case "$opensslversion" in
 	    debian_ssl_prefix="ssl/engines";;
 esac
 
+case "$OSSL_PKG_VERSION" in
+	3.*)
+		AC_MSG_NOTICE([3.*])
+		LIBP11_OSSL_PROVIDER="yes";;
+esac
+
+AM_CONDITIONAL([LIBP11_OSSL_PROVIDER], [test x$LIBP11_OSSL_PROVIDER = xyes])
 
 # LT Version numbers, remember to change them just *before* a release.
 #   (Code changed:                      REVISION++)
@@ -156,6 +164,29 @@ AC_ARG_ENABLE(
 	[enable_static_engine="no"]
 )
 
+AC_ARG_WITH(
+	[providersdir],
+	[AS_HELP_STRING([--with-providersdir], [OpenSSL3 providers directory])],
+	[providersexecdir="${withval}"],
+	[
+		providersexecdir="`$PKG_CONFIG --variable=providersdir --silence-errors libcrypto`"
+		if test "${providersexecdir}" = ""; then
+		    libcryptodir="`$PKG_CONFIG --variable=libdir --silence-errors libcrypto || \
+			$PKG_CONFIG --variable=libdir openssl`"
+		    if test -d "$libcryptodir/$debian_ssl_prefix/ossl-modules"; then
+			# Debian-based OpenSSL package (for example Ubuntu)
+			providersexecdir="$libcryptodir/$debian_ssl_prefix/ossl-modules"
+		    else # Default OpenSSL providers directory
+			providersexecdir="$libcryptodir/ossl-modules"
+		    fi
+		    if test "${prefix}" != "NONE" -o "${exec_prefix}" != "NONE"; then
+			# Override the autodetected value with the default
+			providersexecdir="\$(libdir)"
+		    fi
+		fi
+	]
+)
+
 AC_ARG_WITH(
 	[pkcs11-module],
 	[AS_HELP_STRING([--with-pkcs11-module], [default PKCS11 module])],
@@ -220,6 +251,7 @@ pkgconfigdir="\$(libdir)/pkgconfig"
 AC_SUBST([pkgconfigdir])
 AC_SUBST([apidocdir])
 AC_SUBST([enginesexecdir])
+AC_SUBST([providersexecdir])
 AC_SUBST([LIBP11_VERSION_MAJOR])
 AC_SUBST([LIBP11_VERSION_MINOR])
 AC_SUBST([LIBP11_VERSION_FIX])
@@ -262,6 +294,7 @@ AC_CONFIG_FILES([
 	src/libp11.pc
 	src/libp11.rc
 	src/pkcs11.rc
+	src/pkcs11prov.rc
 	doc/Makefile
 	doc/doxygen.conf
 	examples/Makefile
@@ -289,6 +322,7 @@ libp11 has been configured with the following options:
 Version:                 ${PACKAGE_VERSION}
 libp11 directory:        $(eval eval eval echo "${libdir}")
 Engine directory:        ${enginesexecdir}
+Provider directory:      ${providersexecdir}
 Default PKCS11 module:   ${pkcs11_module}
 API doc support:         ${enable_api_doc}
 Static PKCS#11 engine    ${enable_static_engine}

src/Makefile.am

@@ -14,6 +14,11 @@ endif
 enginesexec_LTLIBRARIES = pkcs11.la
 pkgconfig_DATA = libp11.pc
 
+if LIBP11_OSSL_PROVIDER
+EXTRA_DIST += pkcs11prov.rc.in
+providersexec_LTLIBRARIES = pkcs11prov.la
+endif
+
 SHARED_EXT=@SHARED_EXT@
 
 libp11_la_SOURCES = libpkcs11.c p11_attr.c p11_cert.c p11_err.c p11_ckr.c \
@@ -67,6 +72,9 @@ check-local: $(LTLIBRARIES)
 
 install-exec-hook:
 	cd '$(DESTDIR)$(enginesexecdir)' && $(LN_S) -f pkcs11$(SHARED_EXT) libpkcs11$(SHARED_EXT)
+if LIBP11_OSSL_PROVIDER
+	cd '$(DESTDIR)$(providersexecdir)' && $(LN_S) -f pkcs11prov$(SHARED_EXT) libpkcs11$(SHARED_EXT)
+endif
 
 if WIN32
 # def file required for MS users to build library
@@ -79,6 +87,20 @@ RCCOMPILE = $(RC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
 	$(AM_CPPFLAGS) $(CPPFLAGS)
 LTRCCOMPILE = $(LIBTOOL) --mode=compile --tag=RC $(RCCOMPILE)
 
+# openssl PKCS#11 provider
+pkcs11prov_la_SOURCES = prov_back.c prov_front.c prov.exports
+if WIN32
+pkcs11prov_la_SOURCES += pkcs11prov.rc
+else
+dist_noinst_DATA += pkcs11prov.rc
+endif
+pkcs11prov_la_CFLAGS = $(AM_CFLAGS) $(OPENSSL_EXTRA_CFLAGS) $(OPENSSL_CFLAGS)
+pkcs11prov_la_LIBADD = $(libp11_la_OBJECTS) $(OPENSSL_LIBS)
+
+# We intentionally not version symbols in this module because no
+# application links with it. It is dynamically opened.
+pkcs11prov_la_LDFLAGS = $(AM_LDFLAGS) -module -shared -shrext $(SHARED_EXT) \
+	-avoid-version -export-symbols "$(srcdir)/prov.exports"
 .rc.lo:
 	$(LTRCCOMPILE) -i "$<" -o "$@"
 

src/pkcs11prov.rc.in

@@ -0,0 +1,38 @@
+#include <winresrc.h>
+
+VS_VERSION_INFO VERSIONINFO
+	FILEVERSION @LIBP11_VERSION_MAJOR@,@LIBP11_VERSION_MINOR@,@LIBP11_VERSION_FIX@,0
+	PRODUCTVERSION @LIBP11_VERSION_MAJOR@,@LIBP11_VERSION_MINOR@,@LIBP11_VERSION_FIX@,0
+	FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+	FILEFLAGS 0x21L
+#else
+	FILEFLAGS 0x20L
+#endif
+	FILEOS 0x40004L
+	FILETYPE VFT_DLL
+	FILESUBTYPE 0x0L
+BEGIN
+	BLOCK "StringFileInfo"
+	BEGIN
+		BLOCK "040904b0"
+		BEGIN
+			VALUE "Comments", "Provided under the terms of the GNU General Public License (LGPLv2.1+).\0"
+			VALUE "CompanyName", "OpenSC Project\0"
+			VALUE "FileDescription", "OpenSSL PKCS#11 provider\0"
+			VALUE "FileVersion", "@LIBP11_VERSION_MAJOR@.@LIBP11_VERSION_MINOR@.@LIBP11_VERSION_FIX@.0\0"
+			VALUE "InternalName", "@PACKAGE_NAME@\0"
+			VALUE "LegalCopyright", "OpenSC Project\0"
+			VALUE "LegalTrademarks", "\0"
+			VALUE "OriginalFilename", "pkcs11prov.dll\0"
+			VALUE "PrivateBuild", "\0"
+			VALUE "ProductName", "@PACKAGE_NAME@\0"
+			VALUE "ProductVersion", "@LIBP11_VERSION_MAJOR@.@LIBP11_VERSION_MINOR@.@LIBP11_VERSION_FIX@.0\0"
+			VALUE "SpecialBuild", "\0"
+		END
+	END
+	BLOCK "VarFileInfo"
+	BEGIN
+		VALUE "Translation", 0x409, 1200
+	END
+END

src/prov.exports

@@ -0,0 +1 @@
+OSSL_provider_init