Restructure the openssl lib for both 32 and 64 bit on Mac
This commit is contained in:
parent
ed16db9df6
commit
84c8c891af
|
@ -0,0 +1,149 @@
|
|||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_AES_H
|
||||
# define HEADER_AES_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifdef OPENSSL_NO_AES
|
||||
# error AES is disabled.
|
||||
# endif
|
||||
|
||||
# include <stddef.h>
|
||||
|
||||
# define AES_ENCRYPT 1
|
||||
# define AES_DECRYPT 0
|
||||
|
||||
/*
|
||||
* Because array size can't be a const in C, the following two are macros.
|
||||
* Both sizes are in bytes.
|
||||
*/
|
||||
# define AES_MAXNR 14
|
||||
# define AES_BLOCK_SIZE 16
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* This should be a hidden type, but EVP requires that the size be known */
|
||||
struct aes_key_st {
|
||||
# ifdef AES_LONG
|
||||
unsigned long rd_key[4 * (AES_MAXNR + 1)];
|
||||
# else
|
||||
unsigned int rd_key[4 * (AES_MAXNR + 1)];
|
||||
# endif
|
||||
int rounds;
|
||||
};
|
||||
typedef struct aes_key_st AES_KEY;
|
||||
|
||||
const char *AES_options(void);
|
||||
|
||||
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
|
||||
int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
|
||||
void AES_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key);
|
||||
void AES_decrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key);
|
||||
|
||||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key, const int enc);
|
||||
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num);
|
||||
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char ivec[AES_BLOCK_SIZE],
|
||||
unsigned char ecount_buf[AES_BLOCK_SIZE],
|
||||
unsigned int *num);
|
||||
/* NB: the IV is _two_ blocks long */
|
||||
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
/* NB: the IV is _four_ blocks long */
|
||||
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const AES_KEY *key,
|
||||
const AES_KEY *key2, const unsigned char *ivec,
|
||||
const int enc);
|
||||
|
||||
int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
|
||||
unsigned char *out,
|
||||
const unsigned char *in, unsigned int inlen);
|
||||
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
|
||||
unsigned char *out,
|
||||
const unsigned char *in, unsigned int inlen);
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* !HEADER_AES_H */
|
|
@ -0,0 +1,973 @@
|
|||
/* asn1t.h */
|
||||
/*
|
||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
||||
* 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
#ifndef HEADER_ASN1T_H
|
||||
# define HEADER_ASN1T_H
|
||||
|
||||
# include <stddef.h>
|
||||
# include <openssl/e_os2.h>
|
||||
# include <openssl/asn1.h>
|
||||
|
||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
||||
# undef OPENSSL_EXTERN
|
||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
||||
# endif
|
||||
|
||||
/* ASN1 template defines, structures and functions */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||
|
||||
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
|
||||
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
|
||||
|
||||
/* Macros for start and end of ASN1_ITEM definition */
|
||||
|
||||
# define ASN1_ITEM_start(itname) \
|
||||
OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
|
||||
|
||||
# define ASN1_ITEM_end(itname) \
|
||||
};
|
||||
|
||||
# else
|
||||
|
||||
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
|
||||
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
|
||||
|
||||
/* Macros for start and end of ASN1_ITEM definition */
|
||||
|
||||
# define ASN1_ITEM_start(itname) \
|
||||
const ASN1_ITEM * itname##_it(void) \
|
||||
{ \
|
||||
static const ASN1_ITEM local_it = {
|
||||
|
||||
# define ASN1_ITEM_end(itname) \
|
||||
}; \
|
||||
return &local_it; \
|
||||
}
|
||||
|
||||
# endif
|
||||
|
||||
/* Macros to aid ASN1 template writing */
|
||||
|
||||
# define ASN1_ITEM_TEMPLATE(tname) \
|
||||
static const ASN1_TEMPLATE tname##_item_tt
|
||||
|
||||
# define ASN1_ITEM_TEMPLATE_END(tname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_PRIMITIVE,\
|
||||
-1,\
|
||||
&tname##_item_tt,\
|
||||
0,\
|
||||
NULL,\
|
||||
0,\
|
||||
#tname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
/* This is a ASN1 type which just embeds a template */
|
||||
|
||||
/*-
|
||||
* This pair helps declare a SEQUENCE. We can do:
|
||||
*
|
||||
* ASN1_SEQUENCE(stname) = {
|
||||
* ... SEQUENCE components ...
|
||||
* } ASN1_SEQUENCE_END(stname)
|
||||
*
|
||||
* This will produce an ASN1_ITEM called stname_it
|
||||
* for a structure called stname.
|
||||
*
|
||||
* If you want the same structure but a different
|
||||
* name then use:
|
||||
*
|
||||
* ASN1_SEQUENCE(itname) = {
|
||||
* ... SEQUENCE components ...
|
||||
* } ASN1_SEQUENCE_END_name(stname, itname)
|
||||
*
|
||||
* This will create an item called itname_it using
|
||||
* a structure called stname.
|
||||
*/
|
||||
|
||||
# define ASN1_SEQUENCE(tname) \
|
||||
static const ASN1_TEMPLATE tname##_seq_tt[]
|
||||
|
||||
# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
|
||||
|
||||
# define ASN1_SEQUENCE_END_name(stname, tname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_SEQUENCE,\
|
||||
V_ASN1_SEQUENCE,\
|
||||
tname##_seq_tt,\
|
||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
NULL,\
|
||||
sizeof(stname),\
|
||||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
# define ASN1_NDEF_SEQUENCE(tname) \
|
||||
ASN1_SEQUENCE(tname)
|
||||
|
||||
# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
|
||||
ASN1_SEQUENCE_cb(tname, cb)
|
||||
|
||||
# define ASN1_SEQUENCE_cb(tname, cb) \
|
||||
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
|
||||
ASN1_SEQUENCE(tname)
|
||||
|
||||
# define ASN1_BROKEN_SEQUENCE(tname) \
|
||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
|
||||
ASN1_SEQUENCE(tname)
|
||||
|
||||
# define ASN1_SEQUENCE_ref(tname, cb, lck) \
|
||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
|
||||
ASN1_SEQUENCE(tname)
|
||||
|
||||
# define ASN1_SEQUENCE_enc(tname, enc, cb) \
|
||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
|
||||
ASN1_SEQUENCE(tname)
|
||||
|
||||
# define ASN1_NDEF_SEQUENCE_END(tname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
||||
V_ASN1_SEQUENCE,\
|
||||
tname##_seq_tt,\
|
||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
NULL,\
|
||||
sizeof(tname),\
|
||||
#tname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
|
||||
|
||||
# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
|
||||
|
||||
# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
|
||||
|
||||
# define ASN1_SEQUENCE_END_ref(stname, tname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_SEQUENCE,\
|
||||
V_ASN1_SEQUENCE,\
|
||||
tname##_seq_tt,\
|
||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
&tname##_aux,\
|
||||
sizeof(stname),\
|
||||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
||||
V_ASN1_SEQUENCE,\
|
||||
tname##_seq_tt,\
|
||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
&tname##_aux,\
|
||||
sizeof(stname),\
|
||||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
/*-
|
||||
* This pair helps declare a CHOICE type. We can do:
|
||||
*
|
||||
* ASN1_CHOICE(chname) = {
|
||||
* ... CHOICE options ...
|
||||
* ASN1_CHOICE_END(chname)
|
||||
*
|
||||
* This will produce an ASN1_ITEM called chname_it
|
||||
* for a structure called chname. The structure
|
||||
* definition must look like this:
|
||||
* typedef struct {
|
||||
* int type;
|
||||
* union {
|
||||
* ASN1_SOMETHING *opt1;
|
||||
* ASN1_SOMEOTHER *opt2;
|
||||
* } value;
|
||||
* } chname;
|
||||
*
|
||||
* the name of the selector must be 'type'.
|
||||
* to use an alternative selector name use the
|
||||
* ASN1_CHOICE_END_selector() version.
|
||||
*/
|
||||
|
||||
# define ASN1_CHOICE(tname) \
|
||||
static const ASN1_TEMPLATE tname##_ch_tt[]
|
||||
|
||||
# define ASN1_CHOICE_cb(tname, cb) \
|
||||
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
|
||||
ASN1_CHOICE(tname)
|
||||
|
||||
# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
|
||||
|
||||
# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
|
||||
|
||||
# define ASN1_CHOICE_END_selector(stname, tname, selname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_CHOICE,\
|
||||
offsetof(stname,selname) ,\
|
||||
tname##_ch_tt,\
|
||||
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
NULL,\
|
||||
sizeof(stname),\
|
||||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
# define ASN1_CHOICE_END_cb(stname, tname, selname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_CHOICE,\
|
||||
offsetof(stname,selname) ,\
|
||||
tname##_ch_tt,\
|
||||
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
&tname##_aux,\
|
||||
sizeof(stname),\
|
||||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
/* This helps with the template wrapper form of ASN1_ITEM */
|
||||
|
||||
# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
|
||||
(flags), (tag), 0,\
|
||||
#name, ASN1_ITEM_ref(type) }
|
||||
|
||||
/* These help with SEQUENCE or CHOICE components */
|
||||
|
||||
/* used to declare other types */
|
||||
|
||||
# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
|
||||
(flags), (tag), offsetof(stname, field),\
|
||||
#field, ASN1_ITEM_ref(type) }
|
||||
|
||||
/* used when the structure is combined with the parent */
|
||||
|
||||
# define ASN1_EX_COMBINE(flags, tag, type) { \
|
||||
(flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
|
||||
|
||||
/* implicit and explicit helper macros */
|
||||
|
||||
# define ASN1_IMP_EX(stname, field, type, tag, ex) \
|
||||
ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
|
||||
|
||||
# define ASN1_EXP_EX(stname, field, type, tag, ex) \
|
||||
ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
|
||||
|
||||
/* Any defined by macros: the field used is in the table itself */
|
||||
|
||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
|
||||
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
|
||||
# else
|
||||
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
|
||||
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
|
||||
# endif
|
||||
/* Plain simple type */
|
||||
# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
|
||||
|
||||
/* OPTIONAL simple type */
|
||||
# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
||||
|
||||
/* IMPLICIT tagged simple type */
|
||||
# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
|
||||
|
||||
/* IMPLICIT tagged OPTIONAL simple type */
|
||||
# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
|
||||
|
||||
/* Same as above but EXPLICIT */
|
||||
|
||||
# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
|
||||
# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
|
||||
|
||||
/* SEQUENCE OF type */
|
||||
# define ASN1_SEQUENCE_OF(stname, field, type) \
|
||||
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
|
||||
|
||||
/* OPTIONAL SEQUENCE OF */
|
||||
# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
|
||||
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
||||
|
||||
/* Same as above but for SET OF */
|
||||
|
||||
# define ASN1_SET_OF(stname, field, type) \
|
||||
ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
|
||||
|
||||
# define ASN1_SET_OF_OPT(stname, field, type) \
|
||||
ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
||||
|
||||
/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
|
||||
|
||||
# define ASN1_IMP_SET_OF(stname, field, type, tag) \
|
||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
|
||||
|
||||
# define ASN1_EXP_SET_OF(stname, field, type, tag) \
|
||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
|
||||
|
||||
# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
|
||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
|
||||
|
||||
# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
|
||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
|
||||
|
||||
# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
|
||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
|
||||
|
||||
# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
|
||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
|
||||
|
||||
# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
|
||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
|
||||
|
||||
# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
|
||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
|
||||
|
||||
/* EXPLICIT using indefinite length constructed form */
|
||||
# define ASN1_NDEF_EXP(stname, field, type, tag) \
|
||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
|
||||
|
||||
/* EXPLICIT OPTIONAL using indefinite length constructed form */
|
||||
# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
|
||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
|
||||
|
||||
/* Macros for the ASN1_ADB structure */
|
||||
|
||||
# define ASN1_ADB(name) \
|
||||
static const ASN1_ADB_TABLE name##_adbtbl[]
|
||||
|
||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||
|
||||
# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
|
||||
;\
|
||||
static const ASN1_ADB name##_adb = {\
|
||||
flags,\
|
||||
offsetof(name, field),\
|
||||
app_table,\
|
||||
name##_adbtbl,\
|
||||
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
|
||||
def,\
|
||||
none\
|
||||
}
|
||||
|
||||
# else
|
||||
|
||||
# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
|
||||
;\
|
||||
static const ASN1_ITEM *name##_adb(void) \
|
||||
{ \
|
||||
static const ASN1_ADB internal_adb = \
|
||||
{\
|
||||
flags,\
|
||||
offsetof(name, field),\
|
||||
app_table,\
|
||||
name##_adbtbl,\
|
||||
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
|
||||
def,\
|
||||
none\
|
||||
}; \
|
||||
return (const ASN1_ITEM *) &internal_adb; \
|
||||
} \
|
||||
void dummy_function(void)
|
||||
|
||||
# endif
|
||||
|
||||
# define ADB_ENTRY(val, template) {val, template}
|
||||
|
||||
# define ASN1_ADB_TEMPLATE(name) \
|
||||
static const ASN1_TEMPLATE name##_tt
|
||||
|
||||
/*
|
||||
* This is the ASN1 template structure that defines a wrapper round the
|
||||
* actual type. It determines the actual position of the field in the value
|
||||
* structure, various flags such as OPTIONAL and the field name.
|
||||
*/
|
||||
|
||||
struct ASN1_TEMPLATE_st {
|
||||
unsigned long flags; /* Various flags */
|
||||
long tag; /* tag, not used if no tagging */
|
||||
unsigned long offset; /* Offset of this field in structure */
|
||||
# ifndef NO_ASN1_FIELD_NAMES
|
||||
const char *field_name; /* Field name */
|
||||
# endif
|
||||
ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
|
||||
};
|
||||
|
||||
/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
|
||||
|
||||
# define ASN1_TEMPLATE_item(t) (t->item_ptr)
|
||||
# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
|
||||
|
||||
typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
|
||||
typedef struct ASN1_ADB_st ASN1_ADB;
|
||||
|
||||
struct ASN1_ADB_st {
|
||||
unsigned long flags; /* Various flags */
|
||||
unsigned long offset; /* Offset of selector field */
|
||||
STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
|
||||
const ASN1_ADB_TABLE *tbl; /* Table of possible types */
|
||||
long tblcount; /* Number of entries in tbl */
|
||||
const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
|
||||
const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
|
||||
};
|
||||
|
||||
struct ASN1_ADB_TABLE_st {
|
||||
long value; /* NID for an object or value for an int */
|
||||
const ASN1_TEMPLATE tt; /* item for this value */
|
||||
};
|
||||
|
||||
/* template flags */
|
||||
|
||||
/* Field is optional */
|
||||
# define ASN1_TFLG_OPTIONAL (0x1)
|
||||
|
||||
/* Field is a SET OF */
|
||||
# define ASN1_TFLG_SET_OF (0x1 << 1)
|
||||
|
||||
/* Field is a SEQUENCE OF */
|
||||
# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
|
||||
|
||||
/*
|
||||
* Special case: this refers to a SET OF that will be sorted into DER order
|
||||
* when encoded *and* the corresponding STACK will be modified to match the
|
||||
* new order.
|
||||
*/
|
||||
# define ASN1_TFLG_SET_ORDER (0x3 << 1)
|
||||
|
||||
/* Mask for SET OF or SEQUENCE OF */
|
||||
# define ASN1_TFLG_SK_MASK (0x3 << 1)
|
||||
|
||||
/*
|
||||
* These flags mean the tag should be taken from the tag field. If EXPLICIT
|
||||
* then the underlying type is used for the inner tag.
|
||||
*/
|
||||
|
||||
/* IMPLICIT tagging */
|
||||
# define ASN1_TFLG_IMPTAG (0x1 << 3)
|
||||
|
||||
/* EXPLICIT tagging, inner tag from underlying type */
|
||||
# define ASN1_TFLG_EXPTAG (0x2 << 3)
|
||||
|
||||
# define ASN1_TFLG_TAG_MASK (0x3 << 3)
|
||||
|
||||
/* context specific IMPLICIT */
|
||||
# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
|
||||
|
||||
/* context specific EXPLICIT */
|
||||
# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
|
||||
|
||||
/*
|
||||
* If tagging is in force these determine the type of tag to use. Otherwise
|
||||
* the tag is determined by the underlying type. These values reflect the
|
||||
* actual octet format.
|
||||
*/
|
||||
|
||||
/* Universal tag */
|
||||
# define ASN1_TFLG_UNIVERSAL (0x0<<6)
|
||||
/* Application tag */
|
||||
# define ASN1_TFLG_APPLICATION (0x1<<6)
|
||||
/* Context specific tag */
|
||||
# define ASN1_TFLG_CONTEXT (0x2<<6)
|
||||
/* Private tag */
|
||||
# define ASN1_TFLG_PRIVATE (0x3<<6)
|
||||
|
||||
# define ASN1_TFLG_TAG_CLASS (0x3<<6)
|
||||
|
||||
/*
|
||||
* These are for ANY DEFINED BY type. In this case the 'item' field points to
|
||||
* an ASN1_ADB structure which contains a table of values to decode the
|
||||
* relevant type
|
||||
*/
|
||||
|
||||
# define ASN1_TFLG_ADB_MASK (0x3<<8)
|
||||
|
||||
# define ASN1_TFLG_ADB_OID (0x1<<8)
|
||||
|
||||
# define ASN1_TFLG_ADB_INT (0x1<<9)
|
||||
|
||||
/*
|
||||
* This flag means a parent structure is passed instead of the field: this is
|
||||
* useful is a SEQUENCE is being combined with a CHOICE for example. Since
|
||||
* this means the structure and item name will differ we need to use the
|
||||
* ASN1_CHOICE_END_name() macro for example.
|
||||
*/
|
||||
|
||||
# define ASN1_TFLG_COMBINE (0x1<<10)
|
||||
|
||||
/*
|
||||
* This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
|
||||
* indefinite length constructed encoding to be used if required.
|
||||
*/
|
||||
|
||||
# define ASN1_TFLG_NDEF (0x1<<11)
|
||||
|
||||
/* This is the actual ASN1 item itself */
|
||||
|
||||
struct ASN1_ITEM_st {
|
||||
char itype; /* The item type, primitive, SEQUENCE, CHOICE
|
||||
* or extern */
|
||||
long utype; /* underlying type */
|
||||
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
|
||||
* the contents */
|
||||
long tcount; /* Number of templates if SEQUENCE or CHOICE */
|
||||
const void *funcs; /* functions that handle this type */
|
||||
long size; /* Structure size (usually) */
|
||||
# ifndef NO_ASN1_FIELD_NAMES
|
||||
const char *sname; /* Structure name */
|
||||
# endif
|
||||
};
|
||||
|
||||
/*-
|
||||
* These are values for the itype field and
|
||||
* determine how the type is interpreted.
|
||||
*
|
||||
* For PRIMITIVE types the underlying type
|
||||
* determines the behaviour if items is NULL.
|
||||
*
|
||||
* Otherwise templates must contain a single
|
||||
* template and the type is treated in the
|
||||
* same way as the type specified in the template.
|
||||
*
|
||||
* For SEQUENCE types the templates field points
|
||||
* to the members, the size field is the
|
||||
* structure size.
|
||||
*
|
||||
* For CHOICE types the templates field points
|
||||
* to each possible member (typically a union)
|
||||
* and the 'size' field is the offset of the
|
||||
* selector.
|
||||
*
|
||||
* The 'funcs' field is used for application
|
||||
* specific functions.
|
||||
*
|
||||
* For COMPAT types the funcs field gives a
|
||||
* set of functions that handle this type, this
|
||||
* supports the old d2i, i2d convention.
|
||||
*
|
||||
* The EXTERN type uses a new style d2i/i2d.
|
||||
* The new style should be used where possible
|
||||
* because it avoids things like the d2i IMPLICIT
|
||||
* hack.
|
||||
*
|
||||
* MSTRING is a multiple string type, it is used
|
||||
* for a CHOICE of character strings where the
|
||||
* actual strings all occupy an ASN1_STRING
|
||||
* structure. In this case the 'utype' field
|
||||
* has a special meaning, it is used as a mask
|
||||
* of acceptable types using the B_ASN1 constants.
|
||||
*
|
||||
* NDEF_SEQUENCE is the same as SEQUENCE except
|
||||
* that it will use indefinite length constructed
|
||||
* encoding if requested.
|
||||
*
|
||||
*/
|
||||
|
||||
# define ASN1_ITYPE_PRIMITIVE 0x0
|
||||
|
||||
# define ASN1_ITYPE_SEQUENCE 0x1
|
||||
|
||||
# define ASN1_ITYPE_CHOICE 0x2
|
||||
|
||||
# define ASN1_ITYPE_COMPAT 0x3
|
||||
|
||||
# define ASN1_ITYPE_EXTERN 0x4
|
||||
|
||||
# define ASN1_ITYPE_MSTRING 0x5
|
||||
|
||||
# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
|
||||
|
||||
/*
|
||||
* Cache for ASN1 tag and length, so we don't keep re-reading it for things
|
||||
* like CHOICE
|
||||
*/
|
||||
|
||||
struct ASN1_TLC_st {
|
||||
char valid; /* Values below are valid */
|
||||
int ret; /* return value */
|
||||
long plen; /* length */
|
||||
int ptag; /* class value */
|
||||
int pclass; /* class value */
|
||||
int hdrlen; /* header length */
|
||||
};
|
||||
|
||||
/* Typedefs for ASN1 function pointers */
|
||||
|
||||
typedef ASN1_VALUE *ASN1_new_func(void);
|
||||
typedef void ASN1_free_func(ASN1_VALUE *a);
|
||||
typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
|
||||
long length);
|
||||
typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
|
||||
|
||||
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
||||
ASN1_TLC *ctx);
|
||||
|
||||
typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
||||
const ASN1_ITEM *it, int tag, int aclass);
|
||||
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
|
||||
typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
|
||||
int indent, const char *fname,
|
||||
const ASN1_PCTX *pctx);
|
||||
|
||||
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
|
||||
int *putype, const ASN1_ITEM *it);
|
||||
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
|
||||
int len, int utype, char *free_cont,
|
||||
const ASN1_ITEM *it);
|
||||
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
|
||||
const ASN1_ITEM *it, int indent,
|
||||
const ASN1_PCTX *pctx);
|
||||
|
||||
typedef struct ASN1_COMPAT_FUNCS_st {
|
||||
ASN1_new_func *asn1_new;
|
||||
ASN1_free_func *asn1_free;
|
||||
ASN1_d2i_func *asn1_d2i;
|
||||
ASN1_i2d_func *asn1_i2d;
|
||||
} ASN1_COMPAT_FUNCS;
|
||||
|
||||
typedef struct ASN1_EXTERN_FUNCS_st {
|
||||
void *app_data;
|
||||
ASN1_ex_new_func *asn1_ex_new;
|
||||
ASN1_ex_free_func *asn1_ex_free;
|
||||
ASN1_ex_free_func *asn1_ex_clear;
|
||||
ASN1_ex_d2i *asn1_ex_d2i;
|
||||
ASN1_ex_i2d *asn1_ex_i2d;
|
||||
ASN1_ex_print_func *asn1_ex_print;
|
||||
} ASN1_EXTERN_FUNCS;
|
||||
|
||||
typedef struct ASN1_PRIMITIVE_FUNCS_st {
|
||||
void *app_data;
|
||||
unsigned long flags;
|
||||
ASN1_ex_new_func *prim_new;
|
||||
ASN1_ex_free_func *prim_free;
|
||||
ASN1_ex_free_func *prim_clear;
|
||||
ASN1_primitive_c2i *prim_c2i;
|
||||
ASN1_primitive_i2c *prim_i2c;
|
||||
ASN1_primitive_print *prim_print;
|
||||
} ASN1_PRIMITIVE_FUNCS;
|
||||
|
||||
/*
|
||||
* This is the ASN1_AUX structure: it handles various miscellaneous
|
||||
* requirements. For example the use of reference counts and an informational
|
||||
* callback. The "informational callback" is called at various points during
|
||||
* the ASN1 encoding and decoding. It can be used to provide minor
|
||||
* customisation of the structures used. This is most useful where the
|
||||
* supplied routines *almost* do the right thing but need some extra help at
|
||||
* a few points. If the callback returns zero then it is assumed a fatal
|
||||
* error has occurred and the main operation should be abandoned. If major
|
||||
* changes in the default behaviour are required then an external type is
|
||||
* more appropriate.
|
||||
*/
|
||||
|
||||
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
|
||||
void *exarg);
|
||||
|
||||
typedef struct ASN1_AUX_st {
|
||||
void *app_data;
|
||||
int flags;
|
||||
int ref_offset; /* Offset of reference value */
|
||||
int ref_lock; /* Lock type to use */
|
||||
ASN1_aux_cb *asn1_cb;
|
||||
int enc_offset; /* Offset of ASN1_ENCODING structure */
|
||||
} ASN1_AUX;
|
||||
|
||||
/* For print related callbacks exarg points to this structure */
|
||||
typedef struct ASN1_PRINT_ARG_st {
|
||||
BIO *out;
|
||||
int indent;
|
||||
const ASN1_PCTX *pctx;
|
||||
} ASN1_PRINT_ARG;
|
||||
|
||||
/* For streaming related callbacks exarg points to this structure */
|
||||
typedef struct ASN1_STREAM_ARG_st {
|
||||
/* BIO to stream through */
|
||||
BIO *out;
|
||||
/* BIO with filters appended */
|
||||
BIO *ndef_bio;
|
||||
/* Streaming I/O boundary */
|
||||
unsigned char **boundary;
|
||||
} ASN1_STREAM_ARG;
|
||||
|
||||
/* Flags in ASN1_AUX */
|
||||
|
||||
/* Use a reference count */
|
||||
# define ASN1_AFLG_REFCOUNT 1
|
||||
/* Save the encoding of structure (useful for signatures) */
|
||||
# define ASN1_AFLG_ENCODING 2
|
||||
/* The Sequence length is invalid */
|
||||
# define ASN1_AFLG_BROKEN 4
|
||||
|
||||
/* operation values for asn1_cb */
|
||||
|
||||
# define ASN1_OP_NEW_PRE 0
|
||||
# define ASN1_OP_NEW_POST 1
|
||||
# define ASN1_OP_FREE_PRE 2
|
||||
# define ASN1_OP_FREE_POST 3
|
||||
# define ASN1_OP_D2I_PRE 4
|
||||
# define ASN1_OP_D2I_POST 5
|
||||
# define ASN1_OP_I2D_PRE 6
|
||||
# define ASN1_OP_I2D_POST 7
|
||||
# define ASN1_OP_PRINT_PRE 8
|
||||
# define ASN1_OP_PRINT_POST 9
|
||||
# define ASN1_OP_STREAM_PRE 10
|
||||
# define ASN1_OP_STREAM_POST 11
|
||||
# define ASN1_OP_DETACHED_PRE 12
|
||||
# define ASN1_OP_DETACHED_POST 13
|
||||
|
||||
/* Macro to implement a primitive type */
|
||||
# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
|
||||
# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
|
||||
ASN1_ITEM_start(itname) \
|
||||
ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
|
||||
ASN1_ITEM_end(itname)
|
||||
|
||||
/* Macro to implement a multi string type */
|
||||
# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
|
||||
ASN1_ITEM_start(itname) \
|
||||
ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
|
||||
ASN1_ITEM_end(itname)
|
||||
|
||||
/* Macro to implement an ASN1_ITEM in terms of old style funcs */
|
||||
|
||||
# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
|
||||
|
||||
# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
|
||||
static const ASN1_COMPAT_FUNCS sname##_ff = { \
|
||||
(ASN1_new_func *)sname##_new, \
|
||||
(ASN1_free_func *)sname##_free, \
|
||||
(ASN1_d2i_func *)d2i_##sname, \
|
||||
(ASN1_i2d_func *)i2d_##sname, \
|
||||
}; \
|
||||
ASN1_ITEM_start(sname) \
|
||||
ASN1_ITYPE_COMPAT, \
|
||||
tag, \
|
||||
NULL, \
|
||||
0, \
|
||||
&sname##_ff, \
|
||||
0, \
|
||||
#sname \
|
||||
ASN1_ITEM_end(sname)
|
||||
|
||||
# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
|
||||
ASN1_ITEM_start(sname) \
|
||||
ASN1_ITYPE_EXTERN, \
|
||||
tag, \
|
||||
NULL, \
|
||||
0, \
|
||||
&fptrs, \
|
||||
0, \
|
||||
#sname \
|
||||
ASN1_ITEM_end(sname)
|
||||
|
||||
/* Macro to implement standard functions in terms of ASN1_ITEM structures */
|
||||
|
||||
# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
|
||||
|
||||
# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
|
||||
|
||||
# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
|
||||
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
|
||||
|
||||
# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
|
||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
|
||||
|
||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
|
||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
|
||||
|
||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
|
||||
pre stname *fname##_new(void) \
|
||||
{ \
|
||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
||||
} \
|
||||
pre void fname##_free(stname *a) \
|
||||
{ \
|
||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
||||
}
|
||||
|
||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
|
||||
stname *fname##_new(void) \
|
||||
{ \
|
||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
||||
} \
|
||||
void fname##_free(stname *a) \
|
||||
{ \
|
||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
||||
}
|
||||
|
||||
# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
|
||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
|
||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
|
||||
|
||||
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
|
||||
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
|
||||
{ \
|
||||
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
|
||||
} \
|
||||
int i2d_##fname(stname *a, unsigned char **out) \
|
||||
{ \
|
||||
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
|
||||
}
|
||||
|
||||
# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
|
||||
int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
|
||||
{ \
|
||||
return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
|
||||
}
|
||||
|
||||
/*
|
||||
* This includes evil casts to remove const: they will go away when full ASN1
|
||||
* constification is done.
|
||||
*/
|
||||
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
|
||||
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
|
||||
{ \
|
||||
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
|
||||
} \
|
||||
int i2d_##fname(const stname *a, unsigned char **out) \
|
||||
{ \
|
||||
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
|
||||
}
|
||||
|
||||
# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
|
||||
stname * stname##_dup(stname *x) \
|
||||
{ \
|
||||
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
|
||||
}
|
||||
|
||||
# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
|
||||
IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
|
||||
|
||||
# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
|
||||
int fname##_print_ctx(BIO *out, stname *x, int indent, \
|
||||
const ASN1_PCTX *pctx) \
|
||||
{ \
|
||||
return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
|
||||
ASN1_ITEM_rptr(itname), pctx); \
|
||||
}
|
||||
|
||||
# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
|
||||
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
|
||||
|
||||
# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
|
||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
|
||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
|
||||
|
||||
/* external definitions for primitive types */
|
||||
|
||||
DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
|
||||
DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
|
||||
DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
|
||||
DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
|
||||
DECLARE_ASN1_ITEM(CBIGNUM)
|
||||
DECLARE_ASN1_ITEM(BIGNUM)
|
||||
DECLARE_ASN1_ITEM(LONG)
|
||||
DECLARE_ASN1_ITEM(ZLONG)
|
||||
|
||||
DECLARE_STACK_OF(ASN1_VALUE)
|
||||
|
||||
/* Functions used internally by the ASN1 code */
|
||||
|
||||
int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
||||
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
|
||||
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
||||
int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
const ASN1_TEMPLATE *tt);
|
||||
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
||||
ASN1_TLC *ctx);
|
||||
|
||||
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
||||
const ASN1_ITEM *it, int tag, int aclass);
|
||||
int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
|
||||
const ASN1_TEMPLATE *tt);
|
||||
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
|
||||
int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
||||
const ASN1_ITEM *it);
|
||||
int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
||||
int utype, char *free_cont, const ASN1_ITEM *it);
|
||||
|
||||
int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
|
||||
const ASN1_ITEM *it);
|
||||
|
||||
ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
||||
|
||||
const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
|
||||
int nullerr);
|
||||
|
||||
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
|
||||
|
||||
void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
|
||||
const ASN1_ITEM *it);
|
||||
int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
|
||||
const ASN1_ITEM *it);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,130 @@
|
|||
/* crypto/bf/blowfish.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_BLOWFISH_H
|
||||
# define HEADER_BLOWFISH_H
|
||||
|
||||
# include <openssl/e_os2.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# ifdef OPENSSL_NO_BF
|
||||
# error BF is disabled.
|
||||
# endif
|
||||
|
||||
# define BF_ENCRYPT 1
|
||||
# define BF_DECRYPT 0
|
||||
|
||||
/*-
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||
* ! BF_LONG_LOG2 has to be defined along. !
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
# if defined(__LP32__)
|
||||
# define BF_LONG unsigned long
|
||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
# define BF_LONG unsigned long
|
||||
# define BF_LONG_LOG2 3
|
||||
/*
|
||||
* _CRAY note. I could declare short, but I have no idea what impact
|
||||
* does it have on performance on none-T3E machines. I could declare
|
||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
||||
* So I've chosen long...
|
||||
* <appro@fy.chalmers.se>
|
||||
*/
|
||||
# else
|
||||
# define BF_LONG unsigned int
|
||||
# endif
|
||||
|
||||
# define BF_ROUNDS 16
|
||||
# define BF_BLOCK 8
|
||||
|
||||
typedef struct bf_key_st {
|
||||
BF_LONG P[BF_ROUNDS + 2];
|
||||
BF_LONG S[4 * 256];
|
||||
} BF_KEY;
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
||||
# endif
|
||||
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
||||
|
||||
void BF_encrypt(BF_LONG *data, const BF_KEY *key);
|
||||
void BF_decrypt(BF_LONG *data, const BF_KEY *key);
|
||||
|
||||
void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const BF_KEY *key, int enc);
|
||||
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
|
||||
const BF_KEY *schedule, unsigned char *ivec, int enc);
|
||||
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const BF_KEY *schedule,
|
||||
unsigned char *ivec, int *num, int enc);
|
||||
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const BF_KEY *schedule,
|
||||
unsigned char *ivec, int *num);
|
||||
const char *BF_options(void);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,132 @@
|
|||
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CAMELLIA_H
|
||||
# define HEADER_CAMELLIA_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifdef OPENSSL_NO_CAMELLIA
|
||||
# error CAMELLIA is disabled.
|
||||
# endif
|
||||
|
||||
# include <stddef.h>
|
||||
|
||||
# define CAMELLIA_ENCRYPT 1
|
||||
# define CAMELLIA_DECRYPT 0
|
||||
|
||||
/*
|
||||
* Because array size can't be a const in C, the following two are macros.
|
||||
* Both sizes are in bytes.
|
||||
*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* This should be a hidden type, but EVP requires that the size be known */
|
||||
|
||||
# define CAMELLIA_BLOCK_SIZE 16
|
||||
# define CAMELLIA_TABLE_BYTE_LEN 272
|
||||
# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
|
||||
|
||||
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
|
||||
* with WORD */
|
||||
|
||||
struct camellia_key_st {
|
||||
union {
|
||||
double d; /* ensures 64-bit align */
|
||||
KEY_TABLE_TYPE rd_key;
|
||||
} u;
|
||||
int grand_rounds;
|
||||
};
|
||||
typedef struct camellia_key_st CAMELLIA_KEY;
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key);
|
||||
# endif
|
||||
int Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key);
|
||||
|
||||
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key);
|
||||
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key);
|
||||
|
||||
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key, const int enc);
|
||||
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num);
|
||||
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
|
||||
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
|
||||
unsigned int *num);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* !HEADER_Camellia_H */
|
|
@ -0,0 +1,107 @@
|
|||
/* crypto/cast/cast.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CAST_H
|
||||
# define HEADER_CAST_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifdef OPENSSL_NO_CAST
|
||||
# error CAST is disabled.
|
||||
# endif
|
||||
|
||||
# define CAST_ENCRYPT 1
|
||||
# define CAST_DECRYPT 0
|
||||
|
||||
# define CAST_LONG unsigned int
|
||||
|
||||
# define CAST_BLOCK 8
|
||||
# define CAST_KEY_LENGTH 16
|
||||
|
||||
typedef struct cast_key_st {
|
||||
CAST_LONG data[32];
|
||||
int short_key; /* Use reduced rounds for short key */
|
||||
} CAST_KEY;
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
||||
# endif
|
||||
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
||||
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAST_KEY *key, int enc);
|
||||
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
|
||||
void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
|
||||
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const CAST_KEY *ks, unsigned char *iv,
|
||||
int enc);
|
||||
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const CAST_KEY *schedule,
|
||||
unsigned char *ivec, int *num, int enc);
|
||||
void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const CAST_KEY *schedule,
|
||||
unsigned char *ivec, int *num);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,82 @@
|
|||
/* crypto/cmac/cmac.h */
|
||||
/*
|
||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CMAC_H
|
||||
# define HEADER_CMAC_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# include <openssl/evp.h>
|
||||
|
||||
/* Opaque */
|
||||
typedef struct CMAC_CTX_st CMAC_CTX;
|
||||
|
||||
CMAC_CTX *CMAC_CTX_new(void);
|
||||
void CMAC_CTX_cleanup(CMAC_CTX *ctx);
|
||||
void CMAC_CTX_free(CMAC_CTX *ctx);
|
||||
EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
|
||||
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
|
||||
|
||||
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||
const EVP_CIPHER *cipher, ENGINE *impl);
|
||||
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
|
||||
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
|
||||
int CMAC_resume(CMAC_CTX *ctx);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,555 @@
|
|||
/* crypto/cms/cms.h */
|
||||
/*
|
||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CMS_H
|
||||
# define HEADER_CMS_H
|
||||
|
||||
# include <openssl/x509.h>
|
||||
|
||||
# ifdef OPENSSL_NO_CMS
|
||||
# error CMS is disabled.
|
||||
# endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
|
||||
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
|
||||
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
|
||||
typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
|
||||
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
|
||||
typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
|
||||
typedef struct CMS_Receipt_st CMS_Receipt;
|
||||
typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
|
||||
typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
|
||||
|
||||
DECLARE_STACK_OF(CMS_SignerInfo)
|
||||
DECLARE_STACK_OF(GENERAL_NAMES)
|
||||
DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
|
||||
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
|
||||
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
|
||||
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
|
||||
|
||||
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
|
||||
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
|
||||
|
||||
# define CMS_RECIPINFO_NONE -1
|
||||
# define CMS_RECIPINFO_TRANS 0
|
||||
# define CMS_RECIPINFO_AGREE 1
|
||||
# define CMS_RECIPINFO_KEK 2
|
||||
# define CMS_RECIPINFO_PASS 3
|
||||
# define CMS_RECIPINFO_OTHER 4
|
||||
|
||||
/* S/MIME related flags */
|
||||
|
||||
# define CMS_TEXT 0x1
|
||||
# define CMS_NOCERTS 0x2
|
||||
# define CMS_NO_CONTENT_VERIFY 0x4
|
||||
# define CMS_NO_ATTR_VERIFY 0x8
|
||||
# define CMS_NOSIGS \
|
||||
(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
|
||||
# define CMS_NOINTERN 0x10
|
||||
# define CMS_NO_SIGNER_CERT_VERIFY 0x20
|
||||
# define CMS_NOVERIFY 0x20
|
||||
# define CMS_DETACHED 0x40
|
||||
# define CMS_BINARY 0x80
|
||||
# define CMS_NOATTR 0x100
|
||||
# define CMS_NOSMIMECAP 0x200
|
||||
# define CMS_NOOLDMIMETYPE 0x400
|
||||
# define CMS_CRLFEOL 0x800
|
||||
# define CMS_STREAM 0x1000
|
||||
# define CMS_NOCRL 0x2000
|
||||
# define CMS_PARTIAL 0x4000
|
||||
# define CMS_REUSE_DIGEST 0x8000
|
||||
# define CMS_USE_KEYID 0x10000
|
||||
# define CMS_DEBUG_DECRYPT 0x20000
|
||||
# define CMS_KEY_PARAM 0x40000
|
||||
|
||||
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
|
||||
|
||||
BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
|
||||
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
|
||||
|
||||
ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
|
||||
int CMS_is_detached(CMS_ContentInfo *cms);
|
||||
int CMS_set_detached(CMS_ContentInfo *cms, int detached);
|
||||
|
||||
# ifdef HEADER_PEM_H
|
||||
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
|
||||
# endif
|
||||
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
|
||||
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
|
||||
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
|
||||
|
||||
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
|
||||
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
|
||||
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
|
||||
int flags);
|
||||
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
|
||||
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
|
||||
|
||||
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
|
||||
unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
|
||||
STACK_OF(X509) *certs, BIO *data,
|
||||
unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
|
||||
X509 *signcert, EVP_PKEY *pkey,
|
||||
STACK_OF(X509) *certs, unsigned int flags);
|
||||
|
||||
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
|
||||
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
|
||||
|
||||
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
||||
unsigned int flags);
|
||||
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
|
||||
unsigned int flags);
|
||||
|
||||
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
|
||||
const unsigned char *key, size_t keylen,
|
||||
BIO *dcont, BIO *out, unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
|
||||
const unsigned char *key,
|
||||
size_t keylen, unsigned int flags);
|
||||
|
||||
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
|
||||
const unsigned char *key, size_t keylen);
|
||||
|
||||
int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
||||
X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
|
||||
|
||||
int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
|
||||
STACK_OF(X509) *certs,
|
||||
X509_STORE *store, unsigned int flags);
|
||||
|
||||
STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
|
||||
|
||||
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
|
||||
const EVP_CIPHER *cipher, unsigned int flags);
|
||||
|
||||
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
|
||||
BIO *dcont, BIO *out, unsigned int flags);
|
||||
|
||||
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
|
||||
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
|
||||
unsigned char *key, size_t keylen,
|
||||
unsigned char *id, size_t idlen);
|
||||
int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
|
||||
unsigned char *pass, ossl_ssize_t passlen);
|
||||
|
||||
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
|
||||
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
|
||||
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
|
||||
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
|
||||
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
|
||||
X509 *recip, unsigned int flags);
|
||||
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
|
||||
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
||||
int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
|
||||
EVP_PKEY **pk, X509 **recip,
|
||||
X509_ALGOR **palg);
|
||||
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
|
||||
ASN1_OCTET_STRING **keyid,
|
||||
X509_NAME **issuer,
|
||||
ASN1_INTEGER **sno);
|
||||
|
||||
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
|
||||
unsigned char *key, size_t keylen,
|
||||
unsigned char *id, size_t idlen,
|
||||
ASN1_GENERALIZEDTIME *date,
|
||||
ASN1_OBJECT *otherTypeId,
|
||||
ASN1_TYPE *otherType);
|
||||
|
||||
int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
|
||||
X509_ALGOR **palg,
|
||||
ASN1_OCTET_STRING **pid,
|
||||
ASN1_GENERALIZEDTIME **pdate,
|
||||
ASN1_OBJECT **potherid,
|
||||
ASN1_TYPE **pothertype);
|
||||
|
||||
int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
|
||||
unsigned char *key, size_t keylen);
|
||||
|
||||
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
|
||||
const unsigned char *id, size_t idlen);
|
||||
|
||||
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
|
||||
unsigned char *pass,
|
||||
ossl_ssize_t passlen);
|
||||
|
||||
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
|
||||
int iter, int wrap_nid,
|
||||
int pbe_nid,
|
||||
unsigned char *pass,
|
||||
ossl_ssize_t passlen,
|
||||
const EVP_CIPHER *kekciph);
|
||||
|
||||
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
||||
int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
||||
|
||||
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
||||
unsigned int flags);
|
||||
CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
|
||||
|
||||
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
|
||||
const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
|
||||
|
||||
CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
|
||||
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
|
||||
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
|
||||
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
|
||||
|
||||
CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
|
||||
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
||||
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
||||
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
|
||||
|
||||
int CMS_SignedData_init(CMS_ContentInfo *cms);
|
||||
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
|
||||
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
|
||||
unsigned int flags);
|
||||
EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
|
||||
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
|
||||
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
|
||||
|
||||
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
|
||||
int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
|
||||
ASN1_OCTET_STRING **keyid,
|
||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
||||
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
|
||||
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
||||
unsigned int flags);
|
||||
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
|
||||
X509 **signer, X509_ALGOR **pdig,
|
||||
X509_ALGOR **psig);
|
||||
ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
|
||||
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
|
||||
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
|
||||
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
|
||||
|
||||
int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
|
||||
int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
|
||||
int algnid, int keysize);
|
||||
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
|
||||
|
||||
int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
|
||||
int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
||||
int lastpos);
|
||||
int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
|
||||
X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
|
||||
int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
||||
int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
||||
const ASN1_OBJECT *obj, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
|
||||
int nid, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
|
||||
const char *attrname, int type,
|
||||
const void *bytes, int len);
|
||||
void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
||||
int lastpos, int type);
|
||||
|
||||
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
|
||||
int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
||||
int lastpos);
|
||||
int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
|
||||
X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
|
||||
int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
||||
int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
||||
const ASN1_OBJECT *obj, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
|
||||
int nid, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
|
||||
const char *attrname, int type,
|
||||
const void *bytes, int len);
|
||||
void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
||||
int lastpos, int type);
|
||||
|
||||
# ifdef HEADER_X509V3_H
|
||||
|
||||
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
|
||||
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
|
||||
int allorfirst,
|
||||
STACK_OF(GENERAL_NAMES)
|
||||
*receiptList, STACK_OF(GENERAL_NAMES)
|
||||
*receiptsTo);
|
||||
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
|
||||
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
|
||||
ASN1_STRING **pcid,
|
||||
int *pallorfirst,
|
||||
STACK_OF(GENERAL_NAMES) **plist,
|
||||
STACK_OF(GENERAL_NAMES) **prto);
|
||||
# endif
|
||||
int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
|
||||
X509_ALGOR **palg,
|
||||
ASN1_OCTET_STRING **pukm);
|
||||
STACK_OF(CMS_RecipientEncryptedKey)
|
||||
*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
|
||||
|
||||
int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
|
||||
X509_ALGOR **pubalg,
|
||||
ASN1_BIT_STRING **pubkey,
|
||||
ASN1_OCTET_STRING **keyid,
|
||||
X509_NAME **issuer,
|
||||
ASN1_INTEGER **sno);
|
||||
|
||||
int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
||||
|
||||
int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
|
||||
ASN1_OCTET_STRING **keyid,
|
||||
ASN1_GENERALIZEDTIME **tm,
|
||||
CMS_OtherKeyAttribute **other,
|
||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
||||
int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
|
||||
X509 *cert);
|
||||
int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
|
||||
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
|
||||
int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
|
||||
CMS_RecipientInfo *ri,
|
||||
CMS_RecipientEncryptedKey *rek);
|
||||
|
||||
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
|
||||
ASN1_OCTET_STRING *ukm, int keylen);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_CMS_strings(void);
|
||||
|
||||
/* Error codes for the CMS functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define CMS_F_CHECK_CONTENT 99
|
||||
# define CMS_F_CMS_ADD0_CERT 164
|
||||
# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
|
||||
# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
|
||||
# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
|
||||
# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
|
||||
# define CMS_F_CMS_ADD1_SIGNER 102
|
||||
# define CMS_F_CMS_ADD1_SIGNINGTIME 103
|
||||
# define CMS_F_CMS_COMPRESS 104
|
||||
# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
|
||||
# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
|
||||
# define CMS_F_CMS_COPY_CONTENT 107
|
||||
# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
|
||||
# define CMS_F_CMS_DATA 109
|
||||
# define CMS_F_CMS_DATAFINAL 110
|
||||
# define CMS_F_CMS_DATAINIT 111
|
||||
# define CMS_F_CMS_DECRYPT 112
|
||||
# define CMS_F_CMS_DECRYPT_SET1_KEY 113
|
||||
# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
|
||||
# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
|
||||
# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
|
||||
# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
|
||||
# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
|
||||
# define CMS_F_CMS_DIGEST_VERIFY 118
|
||||
# define CMS_F_CMS_ENCODE_RECEIPT 161
|
||||
# define CMS_F_CMS_ENCRYPT 119
|
||||
# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
|
||||
# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
|
||||
# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
|
||||
# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
|
||||
# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
|
||||
# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
|
||||
# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
|
||||
# define CMS_F_CMS_ENV_ASN1_CTRL 171
|
||||
# define CMS_F_CMS_FINAL 127
|
||||
# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
|
||||
# define CMS_F_CMS_GET0_CONTENT 129
|
||||
# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
|
||||
# define CMS_F_CMS_GET0_ENVELOPED 131
|
||||
# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
|
||||
# define CMS_F_CMS_GET0_SIGNED 133
|
||||
# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
|
||||
# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
|
||||
# define CMS_F_CMS_RECEIPT_VERIFY 160
|
||||
# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
|
||||
# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
|
||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
|
||||
# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
|
||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
|
||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
|
||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
|
||||
# define CMS_F_CMS_SD_ASN1_CTRL 170
|
||||
# define CMS_F_CMS_SET1_IAS 176
|
||||
# define CMS_F_CMS_SET1_KEYID 177
|
||||
# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
|
||||
# define CMS_F_CMS_SET_DETACHED 147
|
||||
# define CMS_F_CMS_SIGN 148
|
||||
# define CMS_F_CMS_SIGNED_DATA_INIT 149
|
||||
# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
|
||||
# define CMS_F_CMS_SIGNERINFO_SIGN 151
|
||||
# define CMS_F_CMS_SIGNERINFO_VERIFY 152
|
||||
# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
|
||||
# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
|
||||
# define CMS_F_CMS_SIGN_RECEIPT 163
|
||||
# define CMS_F_CMS_STREAM 155
|
||||
# define CMS_F_CMS_UNCOMPRESS 156
|
||||
# define CMS_F_CMS_VERIFY 157
|
||||
|
||||
/* Reason codes. */
|
||||
# define CMS_R_ADD_SIGNER_ERROR 99
|
||||
# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
|
||||
# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
|
||||
# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
|
||||
# define CMS_R_CIPHER_INITIALISATION_ERROR 101
|
||||
# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
|
||||
# define CMS_R_CMS_DATAFINAL_ERROR 103
|
||||
# define CMS_R_CMS_LIB 104
|
||||
# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
|
||||
# define CMS_R_CONTENT_NOT_FOUND 105
|
||||
# define CMS_R_CONTENT_TYPE_MISMATCH 171
|
||||
# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
|
||||
# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
|
||||
# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
|
||||
# define CMS_R_CONTENT_VERIFY_ERROR 109
|
||||
# define CMS_R_CTRL_ERROR 110
|
||||
# define CMS_R_CTRL_FAILURE 111
|
||||
# define CMS_R_DECRYPT_ERROR 112
|
||||
# define CMS_R_DIGEST_ERROR 161
|
||||
# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
|
||||
# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
|
||||
# define CMS_R_ERROR_SETTING_KEY 115
|
||||
# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
|
||||
# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
|
||||
# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
|
||||
# define CMS_R_INVALID_KEY_LENGTH 118
|
||||
# define CMS_R_MD_BIO_INIT_ERROR 119
|
||||
# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
|
||||
# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
|
||||
# define CMS_R_MSGSIGDIGEST_ERROR 172
|
||||
# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
|
||||
# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
|
||||
# define CMS_R_NEED_ONE_SIGNER 164
|
||||
# define CMS_R_NOT_A_SIGNED_RECEIPT 165
|
||||
# define CMS_R_NOT_ENCRYPTED_DATA 122
|
||||
# define CMS_R_NOT_KEK 123
|
||||
# define CMS_R_NOT_KEY_AGREEMENT 181
|
||||
# define CMS_R_NOT_KEY_TRANSPORT 124
|
||||
# define CMS_R_NOT_PWRI 177
|
||||
# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
|
||||
# define CMS_R_NO_CIPHER 126
|
||||
# define CMS_R_NO_CONTENT 127
|
||||
# define CMS_R_NO_CONTENT_TYPE 173
|
||||
# define CMS_R_NO_DEFAULT_DIGEST 128
|
||||
# define CMS_R_NO_DIGEST_SET 129
|
||||
# define CMS_R_NO_KEY 130
|
||||
# define CMS_R_NO_KEY_OR_CERT 174
|
||||
# define CMS_R_NO_MATCHING_DIGEST 131
|
||||
# define CMS_R_NO_MATCHING_RECIPIENT 132
|
||||
# define CMS_R_NO_MATCHING_SIGNATURE 166
|
||||
# define CMS_R_NO_MSGSIGDIGEST 167
|
||||
# define CMS_R_NO_PASSWORD 178
|
||||
# define CMS_R_NO_PRIVATE_KEY 133
|
||||
# define CMS_R_NO_PUBLIC_KEY 134
|
||||
# define CMS_R_NO_RECEIPT_REQUEST 168
|
||||
# define CMS_R_NO_SIGNERS 135
|
||||
# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
|
||||
# define CMS_R_RECEIPT_DECODE_ERROR 169
|
||||
# define CMS_R_RECIPIENT_ERROR 137
|
||||
# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
|
||||
# define CMS_R_SIGNFINAL_ERROR 139
|
||||
# define CMS_R_SMIME_TEXT_ERROR 140
|
||||
# define CMS_R_STORE_INIT_ERROR 141
|
||||
# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
|
||||
# define CMS_R_TYPE_NOT_DATA 143
|
||||
# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
|
||||
# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
|
||||
# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
|
||||
# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
|
||||
# define CMS_R_UNKNOWN_CIPHER 148
|
||||
# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
|
||||
# define CMS_R_UNKNOWN_ID 150
|
||||
# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
|
||||
# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
|
||||
# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
|
||||
# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
|
||||
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
|
||||
# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
|
||||
# define CMS_R_UNSUPPORTED_TYPE 156
|
||||
# define CMS_R_UNWRAP_ERROR 157
|
||||
# define CMS_R_UNWRAP_FAILURE 180
|
||||
# define CMS_R_VERIFICATION_FAILURE 158
|
||||
# define CMS_R_WRAP_ERROR 159
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,267 @@
|
|||
/* crypto/conf/conf.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CONF_H
|
||||
# define HEADER_CONF_H
|
||||
|
||||
# include <openssl/bio.h>
|
||||
# include <openssl/lhash.h>
|
||||
# include <openssl/stack.h>
|
||||
# include <openssl/safestack.h>
|
||||
# include <openssl/e_os2.h>
|
||||
|
||||
# include <openssl/ossl_typ.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef struct {
|
||||
char *section;
|
||||
char *name;
|
||||
char *value;
|
||||
} CONF_VALUE;
|
||||
|
||||
DECLARE_STACK_OF(CONF_VALUE)
|
||||
DECLARE_LHASH_OF(CONF_VALUE);
|
||||
|
||||
struct conf_st;
|
||||
struct conf_method_st;
|
||||
typedef struct conf_method_st CONF_METHOD;
|
||||
|
||||
struct conf_method_st {
|
||||
const char *name;
|
||||
CONF *(*create) (CONF_METHOD *meth);
|
||||
int (*init) (CONF *conf);
|
||||
int (*destroy) (CONF *conf);
|
||||
int (*destroy_data) (CONF *conf);
|
||||
int (*load_bio) (CONF *conf, BIO *bp, long *eline);
|
||||
int (*dump) (const CONF *conf, BIO *bp);
|
||||
int (*is_number) (const CONF *conf, char c);
|
||||
int (*to_int) (const CONF *conf, char c);
|
||||
int (*load) (CONF *conf, const char *name, long *eline);
|
||||
};
|
||||
|
||||
/* Module definitions */
|
||||
|
||||
typedef struct conf_imodule_st CONF_IMODULE;
|
||||
typedef struct conf_module_st CONF_MODULE;
|
||||
|
||||
DECLARE_STACK_OF(CONF_MODULE)
|
||||
DECLARE_STACK_OF(CONF_IMODULE)
|
||||
|
||||
/* DSO module function typedefs */
|
||||
typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
|
||||
typedef void conf_finish_func (CONF_IMODULE *md);
|
||||
|
||||
# define CONF_MFLAGS_IGNORE_ERRORS 0x1
|
||||
# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
|
||||
# define CONF_MFLAGS_SILENT 0x4
|
||||
# define CONF_MFLAGS_NO_DSO 0x8
|
||||
# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
|
||||
# define CONF_MFLAGS_DEFAULT_SECTION 0x20
|
||||
|
||||
int CONF_set_default_method(CONF_METHOD *meth);
|
||||
void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
|
||||
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
|
||||
long *eline);
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
||||
long *eline);
|
||||
# endif
|
||||
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
|
||||
long *eline);
|
||||
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
|
||||
const char *section);
|
||||
char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
||||
const char *name);
|
||||
long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
||||
const char *name);
|
||||
void CONF_free(LHASH_OF(CONF_VALUE) *conf);
|
||||
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
|
||||
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
|
||||
|
||||
void OPENSSL_config(const char *config_name);
|
||||
void OPENSSL_no_config(void);
|
||||
|
||||
/*
|
||||
* New conf code. The semantics are different from the functions above. If
|
||||
* that wasn't the case, the above functions would have been replaced
|
||||
*/
|
||||
|
||||
struct conf_st {
|
||||
CONF_METHOD *meth;
|
||||
void *meth_data;
|
||||
LHASH_OF(CONF_VALUE) *data;
|
||||
};
|
||||
|
||||
CONF *NCONF_new(CONF_METHOD *meth);
|
||||
CONF_METHOD *NCONF_default(void);
|
||||
CONF_METHOD *NCONF_WIN32(void);
|
||||
# if 0 /* Just to give you an idea of what I have in
|
||||
* mind */
|
||||
CONF_METHOD *NCONF_XML(void);
|
||||
# endif
|
||||
void NCONF_free(CONF *conf);
|
||||
void NCONF_free_data(CONF *conf);
|
||||
|
||||
int NCONF_load(CONF *conf, const char *file, long *eline);
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
|
||||
# endif
|
||||
int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
|
||||
STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
|
||||
const char *section);
|
||||
char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
|
||||
int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
|
||||
long *result);
|
||||
int NCONF_dump_fp(const CONF *conf, FILE *out);
|
||||
int NCONF_dump_bio(const CONF *conf, BIO *out);
|
||||
|
||||
# if 0 /* The following function has no error
|
||||
* checking, and should therefore be avoided */
|
||||
long NCONF_get_number(CONF *conf, char *group, char *name);
|
||||
# else
|
||||
# define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
|
||||
# endif
|
||||
|
||||
/* Module functions */
|
||||
|
||||
int CONF_modules_load(const CONF *cnf, const char *appname,
|
||||
unsigned long flags);
|
||||
int CONF_modules_load_file(const char *filename, const char *appname,
|
||||
unsigned long flags);
|
||||
void CONF_modules_unload(int all);
|
||||
void CONF_modules_finish(void);
|
||||
void CONF_modules_free(void);
|
||||
int CONF_module_add(const char *name, conf_init_func *ifunc,
|
||||
conf_finish_func *ffunc);
|
||||
|
||||
const char *CONF_imodule_get_name(const CONF_IMODULE *md);
|
||||
const char *CONF_imodule_get_value(const CONF_IMODULE *md);
|
||||
void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
|
||||
void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
|
||||
CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
|
||||
unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
|
||||
void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
|
||||
void *CONF_module_get_usr_data(CONF_MODULE *pmod);
|
||||
void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
|
||||
|
||||
char *CONF_get1_default_config_file(void);
|
||||
|
||||
int CONF_parse_list(const char *list, int sep, int nospc,
|
||||
int (*list_cb) (const char *elem, int len, void *usr),
|
||||
void *arg);
|
||||
|
||||
void OPENSSL_load_builtin_modules(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_CONF_strings(void);
|
||||
|
||||
/* Error codes for the CONF functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define CONF_F_CONF_DUMP_FP 104
|
||||
# define CONF_F_CONF_LOAD 100
|
||||
# define CONF_F_CONF_LOAD_BIO 102
|
||||
# define CONF_F_CONF_LOAD_FP 103
|
||||
# define CONF_F_CONF_MODULES_LOAD 116
|
||||
# define CONF_F_CONF_PARSE_LIST 119
|
||||
# define CONF_F_DEF_LOAD 120
|
||||
# define CONF_F_DEF_LOAD_BIO 121
|
||||
# define CONF_F_MODULE_INIT 115
|
||||
# define CONF_F_MODULE_LOAD_DSO 117
|
||||
# define CONF_F_MODULE_RUN 118
|
||||
# define CONF_F_NCONF_DUMP_BIO 105
|
||||
# define CONF_F_NCONF_DUMP_FP 106
|
||||
# define CONF_F_NCONF_GET_NUMBER 107
|
||||
# define CONF_F_NCONF_GET_NUMBER_E 112
|
||||
# define CONF_F_NCONF_GET_SECTION 108
|
||||
# define CONF_F_NCONF_GET_STRING 109
|
||||
# define CONF_F_NCONF_LOAD 113
|
||||
# define CONF_F_NCONF_LOAD_BIO 110
|
||||
# define CONF_F_NCONF_LOAD_FP 114
|
||||
# define CONF_F_NCONF_NEW 111
|
||||
# define CONF_F_STR_COPY 101
|
||||
|
||||
/* Reason codes. */
|
||||
# define CONF_R_ERROR_LOADING_DSO 110
|
||||
# define CONF_R_LIST_CANNOT_BE_NULL 115
|
||||
# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
|
||||
# define CONF_R_MISSING_EQUAL_SIGN 101
|
||||
# define CONF_R_MISSING_FINISH_FUNCTION 111
|
||||
# define CONF_R_MISSING_INIT_FUNCTION 112
|
||||
# define CONF_R_MODULE_INITIALIZATION_ERROR 109
|
||||
# define CONF_R_NO_CLOSE_BRACE 102
|
||||
# define CONF_R_NO_CONF 105
|
||||
# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
|
||||
# define CONF_R_NO_SECTION 107
|
||||
# define CONF_R_NO_SUCH_FILE 114
|
||||
# define CONF_R_NO_VALUE 108
|
||||
# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
|
||||
# define CONF_R_UNKNOWN_MODULE_NAME 113
|
||||
# define CONF_R_VARIABLE_HAS_NO_VALUE 104
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,89 @@
|
|||
/* conf_api.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CONF_API_H
|
||||
# define HEADER_CONF_API_H
|
||||
|
||||
# include <openssl/lhash.h>
|
||||
# include <openssl/conf.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Up until OpenSSL 0.9.5a, this was new_section */
|
||||
CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
|
||||
/* Up until OpenSSL 0.9.5a, this was get_section */
|
||||
CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
|
||||
/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
|
||||
STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
|
||||
const char *section);
|
||||
|
||||
int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
|
||||
char *_CONF_get_string(const CONF *conf, const char *section,
|
||||
const char *name);
|
||||
long _CONF_get_number(const CONF *conf, const char *section,
|
||||
const char *name);
|
||||
|
||||
int _CONF_new_data(CONF *conf);
|
||||
void _CONF_free_data(CONF *conf);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,257 @@
|
|||
/* crypto/des/des.h */
|
||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_NEW_DES_H
|
||||
# define HEADER_NEW_DES_H
|
||||
|
||||
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
|
||||
* (via openssl/opensslconf.h */
|
||||
|
||||
# ifdef OPENSSL_NO_DES
|
||||
# error DES is disabled.
|
||||
# endif
|
||||
|
||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
||||
# undef OPENSSL_EXTERN
|
||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
||||
# endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef unsigned char DES_cblock[8];
|
||||
typedef /* const */ unsigned char const_DES_cblock[8];
|
||||
/*
|
||||
* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
|
||||
* const_DES_cblock * are incompatible pointer types.
|
||||
*/
|
||||
|
||||
typedef struct DES_ks {
|
||||
union {
|
||||
DES_cblock cblock;
|
||||
/*
|
||||
* make sure things are correct size on machines with 8 byte longs
|
||||
*/
|
||||
DES_LONG deslong[2];
|
||||
} ks[16];
|
||||
} DES_key_schedule;
|
||||
|
||||
# ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
|
||||
# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
|
||||
# define OPENSSL_ENABLE_OLD_DES_SUPPORT
|
||||
# endif
|
||||
# endif
|
||||
|
||||
# ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
|
||||
# include <openssl/des_old.h>
|
||||
# endif
|
||||
|
||||
# define DES_KEY_SZ (sizeof(DES_cblock))
|
||||
# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
|
||||
|
||||
# define DES_ENCRYPT 1
|
||||
# define DES_DECRYPT 0
|
||||
|
||||
# define DES_CBC_MODE 0
|
||||
# define DES_PCBC_MODE 1
|
||||
|
||||
# define DES_ecb2_encrypt(i,o,k1,k2,e) \
|
||||
DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
||||
|
||||
# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
||||
DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
||||
|
||||
# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
||||
DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
||||
|
||||
# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
||||
DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
||||
|
||||
OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
|
||||
# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
|
||||
OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
|
||||
# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
|
||||
|
||||
const char *DES_options(void);
|
||||
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
|
||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
||||
DES_key_schedule *ks3, int enc);
|
||||
DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
|
||||
long length, DES_key_schedule *schedule,
|
||||
const_DES_cblock *ivec);
|
||||
/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
|
||||
void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, int enc);
|
||||
void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, int enc);
|
||||
void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, const_DES_cblock *inw,
|
||||
const_DES_cblock *outw, int enc);
|
||||
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, int enc);
|
||||
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
|
||||
DES_key_schedule *ks, int enc);
|
||||
|
||||
/*
|
||||
* This is the DES encryption function that gets called by just about every
|
||||
* other DES routine in the library. You should not use this function except
|
||||
* to implement 'modes' of DES. I say this because the functions that call
|
||||
* this routine do the conversion from 'char *' to long, and this needs to be
|
||||
* done to make sure 'non-aligned' memory access do not occur. The
|
||||
* characters are loaded 'little endian'. Data is a pointer to 2 unsigned
|
||||
* long's and ks is the DES_key_schedule to use. enc, is non zero specifies
|
||||
* encryption, zero if decryption.
|
||||
*/
|
||||
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
|
||||
|
||||
/*
|
||||
* This functions is the same as DES_encrypt1() except that the DES initial
|
||||
* permutation (IP) and final permutation (FP) have been left out. As for
|
||||
* DES_encrypt1(), you should not use this function. It is used by the
|
||||
* routines in the library that implement triple DES. IP() DES_encrypt2()
|
||||
* DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
|
||||
* DES_encrypt1() DES_encrypt1() except faster :-).
|
||||
*/
|
||||
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
|
||||
|
||||
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2, DES_key_schedule *ks3);
|
||||
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2, DES_key_schedule *ks3);
|
||||
void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
|
||||
long length,
|
||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
||||
DES_key_schedule *ks3, DES_cblock *ivec, int enc);
|
||||
void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length,
|
||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
||||
DES_key_schedule *ks3,
|
||||
DES_cblock *ivec1, DES_cblock *ivec2, int enc);
|
||||
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
||||
DES_cblock *ivec, int *num, int enc);
|
||||
void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
int numbits, long length, DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
||||
DES_cblock *ivec, int enc);
|
||||
void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
||||
DES_cblock *ivec, int *num);
|
||||
# if 0
|
||||
void DES_xwhite_in2out(const_DES_cblock *DES_key, const_DES_cblock *in_white,
|
||||
DES_cblock *out_white);
|
||||
# endif
|
||||
|
||||
int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
|
||||
DES_cblock *iv);
|
||||
int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
|
||||
DES_cblock *iv);
|
||||
char *DES_fcrypt(const char *buf, const char *salt, char *ret);
|
||||
char *DES_crypt(const char *buf, const char *salt);
|
||||
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec);
|
||||
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, int enc);
|
||||
DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
|
||||
long length, int out_count, DES_cblock *seed);
|
||||
int DES_random_key(DES_cblock *ret);
|
||||
void DES_set_odd_parity(DES_cblock *key);
|
||||
int DES_check_key_parity(const_DES_cblock *key);
|
||||
int DES_is_weak_key(const_DES_cblock *key);
|
||||
/*
|
||||
* DES_set_key (= set_key = DES_key_sched = key_sched) calls
|
||||
* DES_set_key_checked if global variable DES_check_key is set,
|
||||
* DES_set_key_unchecked otherwise.
|
||||
*/
|
||||
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
|
||||
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
|
||||
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
|
||||
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
|
||||
# ifdef OPENSSL_FIPS
|
||||
void private_DES_set_key_unchecked(const_DES_cblock *key,
|
||||
DES_key_schedule *schedule);
|
||||
# endif
|
||||
void DES_string_to_key(const char *str, DES_cblock *key);
|
||||
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
|
||||
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, int *num, int enc);
|
||||
void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, DES_key_schedule *schedule,
|
||||
DES_cblock *ivec, int *num);
|
||||
|
||||
int DES_read_password(DES_cblock *key, const char *prompt, int verify);
|
||||
int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
|
||||
const char *prompt, int verify);
|
||||
|
||||
# define DES_fixup_key_parity DES_set_odd_parity
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,497 @@
|
|||
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
|
||||
/*-
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
*
|
||||
* The function names in here are deprecated and are only present to
|
||||
* provide an interface compatible with openssl 0.9.6 and older as
|
||||
* well as libdes. OpenSSL now provides functions where "des_" has
|
||||
* been replaced with "DES_" in the names, to make it possible to
|
||||
* make incompatible changes that are needed for C type security and
|
||||
* other stuff.
|
||||
*
|
||||
* This include files has two compatibility modes:
|
||||
*
|
||||
* - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
|
||||
* that is compatible with libdes and SSLeay.
|
||||
* - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
|
||||
* API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
|
||||
*
|
||||
* Note that these modes break earlier snapshots of OpenSSL, where
|
||||
* libdes compatibility was the only available mode or (later on) the
|
||||
* prefered compatibility mode. However, after much consideration
|
||||
* (and more or less violent discussions with external parties), it
|
||||
* was concluded that OpenSSL should be compatible with earlier versions
|
||||
* of itself before anything else. Also, in all honesty, libdes is
|
||||
* an old beast that shouldn't really be used any more.
|
||||
*
|
||||
* Please consider starting to use the DES_ functions rather than the
|
||||
* des_ ones. The des_ functions will disappear completely before
|
||||
* OpenSSL 1.0!
|
||||
*
|
||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
||||
*/
|
||||
|
||||
/*
|
||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
||||
* 2001.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_DES_H
|
||||
# define HEADER_DES_H
|
||||
|
||||
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
|
||||
|
||||
# ifdef OPENSSL_NO_DES
|
||||
# error DES is disabled.
|
||||
# endif
|
||||
|
||||
# ifndef HEADER_NEW_DES_H
|
||||
# error You must include des.h, not des_old.h directly.
|
||||
# endif
|
||||
|
||||
# ifdef _KERBEROS_DES_H
|
||||
# error <openssl/des_old.h> replaces <kerberos/des.h>.
|
||||
# endif
|
||||
|
||||
# include <openssl/symhacks.h>
|
||||
|
||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
||||
# undef OPENSSL_EXTERN
|
||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
||||
# endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# ifdef _
|
||||
# undef _
|
||||
# endif
|
||||
|
||||
typedef unsigned char _ossl_old_des_cblock[8];
|
||||
typedef struct _ossl_old_des_ks_struct {
|
||||
union {
|
||||
_ossl_old_des_cblock _;
|
||||
/*
|
||||
* make sure things are correct size on machines with 8 byte longs
|
||||
*/
|
||||
DES_LONG pad[2];
|
||||
} ks;
|
||||
} _ossl_old_des_key_schedule[16];
|
||||
|
||||
# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
|
||||
# define des_cblock DES_cblock
|
||||
# define const_des_cblock const_DES_cblock
|
||||
# define des_key_schedule DES_key_schedule
|
||||
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
|
||||
DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
|
||||
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
|
||||
DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
|
||||
# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
|
||||
DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
|
||||
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
|
||||
DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
|
||||
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
|
||||
DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
|
||||
# define des_options()\
|
||||
DES_options()
|
||||
# define des_cbc_cksum(i,o,l,k,iv)\
|
||||
DES_cbc_cksum((i),(o),(l),&(k),(iv))
|
||||
# define des_cbc_encrypt(i,o,l,k,iv,e)\
|
||||
DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
||||
# define des_ncbc_encrypt(i,o,l,k,iv,e)\
|
||||
DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
||||
# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
|
||||
DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
|
||||
# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
|
||||
DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
|
||||
# define des_ecb_encrypt(i,o,k,e)\
|
||||
DES_ecb_encrypt((i),(o),&(k),(e))
|
||||
# define des_encrypt1(d,k,e)\
|
||||
DES_encrypt1((d),&(k),(e))
|
||||
# define des_encrypt2(d,k,e)\
|
||||
DES_encrypt2((d),&(k),(e))
|
||||
# define des_encrypt3(d,k1,k2,k3)\
|
||||
DES_encrypt3((d),&(k1),&(k2),&(k3))
|
||||
# define des_decrypt3(d,k1,k2,k3)\
|
||||
DES_decrypt3((d),&(k1),&(k2),&(k3))
|
||||
# define des_xwhite_in2out(k,i,o)\
|
||||
DES_xwhite_in2out((k),(i),(o))
|
||||
# define des_enc_read(f,b,l,k,iv)\
|
||||
DES_enc_read((f),(b),(l),&(k),(iv))
|
||||
# define des_enc_write(f,b,l,k,iv)\
|
||||
DES_enc_write((f),(b),(l),&(k),(iv))
|
||||
# define des_fcrypt(b,s,r)\
|
||||
DES_fcrypt((b),(s),(r))
|
||||
# if 0
|
||||
# define des_crypt(b,s)\
|
||||
DES_crypt((b),(s))
|
||||
# if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
|
||||
# define crypt(b,s)\
|
||||
DES_crypt((b),(s))
|
||||
# endif
|
||||
# endif
|
||||
# define des_ofb_encrypt(i,o,n,l,k,iv)\
|
||||
DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
|
||||
# define des_pcbc_encrypt(i,o,l,k,iv,e)\
|
||||
DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
||||
# define des_quad_cksum(i,o,l,c,s)\
|
||||
DES_quad_cksum((i),(o),(l),(c),(s))
|
||||
# define des_random_seed(k)\
|
||||
_ossl_096_des_random_seed((k))
|
||||
# define des_random_key(r)\
|
||||
DES_random_key((r))
|
||||
# define des_read_password(k,p,v) \
|
||||
DES_read_password((k),(p),(v))
|
||||
# define des_read_2passwords(k1,k2,p,v) \
|
||||
DES_read_2passwords((k1),(k2),(p),(v))
|
||||
# define des_set_odd_parity(k)\
|
||||
DES_set_odd_parity((k))
|
||||
# define des_check_key_parity(k)\
|
||||
DES_check_key_parity((k))
|
||||
# define des_is_weak_key(k)\
|
||||
DES_is_weak_key((k))
|
||||
# define des_set_key(k,ks)\
|
||||
DES_set_key((k),&(ks))
|
||||
# define des_key_sched(k,ks)\
|
||||
DES_key_sched((k),&(ks))
|
||||
# define des_set_key_checked(k,ks)\
|
||||
DES_set_key_checked((k),&(ks))
|
||||
# define des_set_key_unchecked(k,ks)\
|
||||
DES_set_key_unchecked((k),&(ks))
|
||||
# define des_string_to_key(s,k)\
|
||||
DES_string_to_key((s),(k))
|
||||
# define des_string_to_2keys(s,k1,k2)\
|
||||
DES_string_to_2keys((s),(k1),(k2))
|
||||
# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
|
||||
DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
|
||||
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
|
||||
DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
|
||||
|
||||
# define des_ecb2_encrypt(i,o,k1,k2,e) \
|
||||
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
||||
|
||||
# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
||||
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
||||
|
||||
# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
||||
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
||||
|
||||
# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
||||
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
||||
|
||||
# define des_check_key DES_check_key
|
||||
# define des_rw_mode DES_rw_mode
|
||||
# else /* libdes compatibility */
|
||||
/*
|
||||
* Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
|
||||
* libdes
|
||||
*/
|
||||
# define des_cblock _ossl_old_des_cblock
|
||||
# define des_key_schedule _ossl_old_des_key_schedule
|
||||
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
|
||||
_ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
|
||||
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
|
||||
_ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
|
||||
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
|
||||
_ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
|
||||
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
|
||||
_ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
|
||||
# define des_options()\
|
||||
_ossl_old_des_options()
|
||||
# define des_cbc_cksum(i,o,l,k,iv)\
|
||||
_ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
|
||||
# define des_cbc_encrypt(i,o,l,k,iv,e)\
|
||||
_ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
|
||||
# define des_ncbc_encrypt(i,o,l,k,iv,e)\
|
||||
_ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
|
||||
# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
|
||||
_ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
|
||||
# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
|
||||
_ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
|
||||
# define des_ecb_encrypt(i,o,k,e)\
|
||||
_ossl_old_des_ecb_encrypt((i),(o),(k),(e))
|
||||
# define des_encrypt(d,k,e)\
|
||||
_ossl_old_des_encrypt((d),(k),(e))
|
||||
# define des_encrypt2(d,k,e)\
|
||||
_ossl_old_des_encrypt2((d),(k),(e))
|
||||
# define des_encrypt3(d,k1,k2,k3)\
|
||||
_ossl_old_des_encrypt3((d),(k1),(k2),(k3))
|
||||
# define des_decrypt3(d,k1,k2,k3)\
|
||||
_ossl_old_des_decrypt3((d),(k1),(k2),(k3))
|
||||
# define des_xwhite_in2out(k,i,o)\
|
||||
_ossl_old_des_xwhite_in2out((k),(i),(o))
|
||||
# define des_enc_read(f,b,l,k,iv)\
|
||||
_ossl_old_des_enc_read((f),(b),(l),(k),(iv))
|
||||
# define des_enc_write(f,b,l,k,iv)\
|
||||
_ossl_old_des_enc_write((f),(b),(l),(k),(iv))
|
||||
# define des_fcrypt(b,s,r)\
|
||||
_ossl_old_des_fcrypt((b),(s),(r))
|
||||
# define des_crypt(b,s)\
|
||||
_ossl_old_des_crypt((b),(s))
|
||||
# if 0
|
||||
# define crypt(b,s)\
|
||||
_ossl_old_crypt((b),(s))
|
||||
# endif
|
||||
# define des_ofb_encrypt(i,o,n,l,k,iv)\
|
||||
_ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
|
||||
# define des_pcbc_encrypt(i,o,l,k,iv,e)\
|
||||
_ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
|
||||
# define des_quad_cksum(i,o,l,c,s)\
|
||||
_ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
|
||||
# define des_random_seed(k)\
|
||||
_ossl_old_des_random_seed((k))
|
||||
# define des_random_key(r)\
|
||||
_ossl_old_des_random_key((r))
|
||||
# define des_read_password(k,p,v) \
|
||||
_ossl_old_des_read_password((k),(p),(v))
|
||||
# define des_read_2passwords(k1,k2,p,v) \
|
||||
_ossl_old_des_read_2passwords((k1),(k2),(p),(v))
|
||||
# define des_set_odd_parity(k)\
|
||||
_ossl_old_des_set_odd_parity((k))
|
||||
# define des_is_weak_key(k)\
|
||||
_ossl_old_des_is_weak_key((k))
|
||||
# define des_set_key(k,ks)\
|
||||
_ossl_old_des_set_key((k),(ks))
|
||||
# define des_key_sched(k,ks)\
|
||||
_ossl_old_des_key_sched((k),(ks))
|
||||
# define des_string_to_key(s,k)\
|
||||
_ossl_old_des_string_to_key((s),(k))
|
||||
# define des_string_to_2keys(s,k1,k2)\
|
||||
_ossl_old_des_string_to_2keys((s),(k1),(k2))
|
||||
# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
|
||||
_ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
|
||||
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
|
||||
_ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
|
||||
|
||||
# define des_ecb2_encrypt(i,o,k1,k2,e) \
|
||||
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
||||
|
||||
# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
||||
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
||||
|
||||
# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
||||
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
||||
|
||||
# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
||||
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
||||
|
||||
# define des_check_key DES_check_key
|
||||
# define des_rw_mode DES_rw_mode
|
||||
# endif
|
||||
|
||||
const char *_ossl_old_des_options(void);
|
||||
void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output,
|
||||
_ossl_old_des_key_schedule ks1,
|
||||
_ossl_old_des_key_schedule ks2,
|
||||
_ossl_old_des_key_schedule ks3, int enc);
|
||||
DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec);
|
||||
void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec, int enc);
|
||||
void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec, int enc);
|
||||
void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec,
|
||||
_ossl_old_des_cblock *inw,
|
||||
_ossl_old_des_cblock *outw, int enc);
|
||||
void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
|
||||
int numbits, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec, int enc);
|
||||
void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output,
|
||||
_ossl_old_des_key_schedule ks, int enc);
|
||||
void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
|
||||
int enc);
|
||||
void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
|
||||
int enc);
|
||||
void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
|
||||
_ossl_old_des_key_schedule ks2,
|
||||
_ossl_old_des_key_schedule ks3);
|
||||
void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
|
||||
_ossl_old_des_key_schedule ks2,
|
||||
_ossl_old_des_key_schedule ks3);
|
||||
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
_ossl_old_des_key_schedule ks1,
|
||||
_ossl_old_des_key_schedule ks2,
|
||||
_ossl_old_des_key_schedule ks3,
|
||||
_ossl_old_des_cblock *ivec, int enc);
|
||||
void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
|
||||
long length,
|
||||
_ossl_old_des_key_schedule ks1,
|
||||
_ossl_old_des_key_schedule ks2,
|
||||
_ossl_old_des_key_schedule ks3,
|
||||
_ossl_old_des_cblock *ivec, int *num,
|
||||
int enc);
|
||||
void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
|
||||
long length,
|
||||
_ossl_old_des_key_schedule ks1,
|
||||
_ossl_old_des_key_schedule ks2,
|
||||
_ossl_old_des_key_schedule ks3,
|
||||
_ossl_old_des_cblock *ivec, int *num);
|
||||
# if 0
|
||||
void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
|
||||
_ossl_old_des_cblock (*in_white),
|
||||
_ossl_old_des_cblock (*out_white));
|
||||
# endif
|
||||
|
||||
int _ossl_old_des_enc_read(int fd, char *buf, int len,
|
||||
_ossl_old_des_key_schedule sched,
|
||||
_ossl_old_des_cblock *iv);
|
||||
int _ossl_old_des_enc_write(int fd, char *buf, int len,
|
||||
_ossl_old_des_key_schedule sched,
|
||||
_ossl_old_des_cblock *iv);
|
||||
char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
|
||||
char *_ossl_old_des_crypt(const char *buf, const char *salt);
|
||||
# if !defined(PERL5) && !defined(NeXT)
|
||||
char *_ossl_old_crypt(const char *buf, const char *salt);
|
||||
# endif
|
||||
void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
|
||||
int numbits, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec);
|
||||
void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec, int enc);
|
||||
DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
|
||||
_ossl_old_des_cblock *output, long length,
|
||||
int out_count, _ossl_old_des_cblock *seed);
|
||||
void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
|
||||
void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
|
||||
int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
|
||||
int verify);
|
||||
int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
|
||||
_ossl_old_des_cblock *key2,
|
||||
const char *prompt, int verify);
|
||||
void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
|
||||
int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
|
||||
int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
|
||||
_ossl_old_des_key_schedule schedule);
|
||||
int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
|
||||
_ossl_old_des_key_schedule schedule);
|
||||
void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
|
||||
void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
|
||||
_ossl_old_des_cblock *key2);
|
||||
void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
|
||||
long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec, int *num,
|
||||
int enc);
|
||||
void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
|
||||
long length,
|
||||
_ossl_old_des_key_schedule schedule,
|
||||
_ossl_old_des_cblock *ivec, int *num);
|
||||
|
||||
void _ossl_096_des_random_seed(des_cblock *key);
|
||||
|
||||
/*
|
||||
* The following definitions provide compatibility with the MIT Kerberos
|
||||
* library. The _ossl_old_des_key_schedule structure is not binary
|
||||
* compatible.
|
||||
*/
|
||||
|
||||
# define _KERBEROS_DES_H
|
||||
|
||||
# define KRBDES_ENCRYPT DES_ENCRYPT
|
||||
# define KRBDES_DECRYPT DES_DECRYPT
|
||||
|
||||
# ifdef KERBEROS
|
||||
# define ENCRYPT DES_ENCRYPT
|
||||
# define DECRYPT DES_DECRYPT
|
||||
# endif
|
||||
|
||||
# ifndef NCOMPAT
|
||||
# define C_Block des_cblock
|
||||
# define Key_schedule des_key_schedule
|
||||
# define KEY_SZ DES_KEY_SZ
|
||||
# define string_to_key des_string_to_key
|
||||
# define read_pw_string des_read_pw_string
|
||||
# define random_key des_random_key
|
||||
# define pcbc_encrypt des_pcbc_encrypt
|
||||
# define set_key des_set_key
|
||||
# define key_sched des_key_sched
|
||||
# define ecb_encrypt des_ecb_encrypt
|
||||
# define cbc_encrypt des_cbc_encrypt
|
||||
# define ncbc_encrypt des_ncbc_encrypt
|
||||
# define xcbc_encrypt des_xcbc_encrypt
|
||||
# define cbc_cksum des_cbc_cksum
|
||||
# define quad_cksum des_quad_cksum
|
||||
# define check_parity des_check_key_parity
|
||||
# endif
|
||||
|
||||
# define des_fixup_key_parity DES_fixup_key_parity
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
/* for DES_read_pw_string et al */
|
||||
# include <openssl/ui_compat.h>
|
||||
|
||||
#endif
|
|
@ -0,0 +1,451 @@
|
|||
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_DSO_H
|
||||
# define HEADER_DSO_H
|
||||
|
||||
# include <openssl/crypto.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* These values are used as commands to DSO_ctrl() */
|
||||
# define DSO_CTRL_GET_FLAGS 1
|
||||
# define DSO_CTRL_SET_FLAGS 2
|
||||
# define DSO_CTRL_OR_FLAGS 3
|
||||
|
||||
/*
|
||||
* By default, DSO_load() will translate the provided filename into a form
|
||||
* typical for the platform (more specifically the DSO_METHOD) using the
|
||||
* dso_name_converter function of the method. Eg. win32 will transform "blah"
|
||||
* into "blah.dll", and dlfcn will transform it into "libblah.so". The
|
||||
* behaviour can be overriden by setting the name_converter callback in the
|
||||
* DSO object (using DSO_set_name_converter()). This callback could even
|
||||
* utilise the DSO_METHOD's converter too if it only wants to override
|
||||
* behaviour for one or two possible DSO methods. However, the following flag
|
||||
* can be set in a DSO to prevent *any* native name-translation at all - eg.
|
||||
* if the caller has prompted the user for a path to a driver library so the
|
||||
* filename should be interpreted as-is.
|
||||
*/
|
||||
# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
|
||||
/*
|
||||
* An extra flag to give if only the extension should be added as
|
||||
* translation. This is obviously only of importance on Unix and other
|
||||
* operating systems where the translation also may prefix the name with
|
||||
* something, like 'lib', and ignored everywhere else. This flag is also
|
||||
* ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
|
||||
*/
|
||||
# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
|
||||
|
||||
/*
|
||||
* The following flag controls the translation of symbol names to upper case.
|
||||
* This is currently only being implemented for OpenVMS.
|
||||
*/
|
||||
# define DSO_FLAG_UPCASE_SYMBOL 0x10
|
||||
|
||||
/*
|
||||
* This flag loads the library with public symbols. Meaning: The exported
|
||||
* symbols of this library are public to all libraries loaded after this
|
||||
* library. At the moment only implemented in unix.
|
||||
*/
|
||||
# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
|
||||
|
||||
typedef void (*DSO_FUNC_TYPE) (void);
|
||||
|
||||
typedef struct dso_st DSO;
|
||||
|
||||
/*
|
||||
* The function prototype used for method functions (or caller-provided
|
||||
* callbacks) that transform filenames. They are passed a DSO structure
|
||||
* pointer (or NULL if they are to be used independantly of a DSO object) and
|
||||
* a filename to transform. They should either return NULL (if there is an
|
||||
* error condition) or a newly allocated string containing the transformed
|
||||
* form that the caller will need to free with OPENSSL_free() when done.
|
||||
*/
|
||||
typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
|
||||
/*
|
||||
* The function prototype used for method functions (or caller-provided
|
||||
* callbacks) that merge two file specifications. They are passed a DSO
|
||||
* structure pointer (or NULL if they are to be used independantly of a DSO
|
||||
* object) and two file specifications to merge. They should either return
|
||||
* NULL (if there is an error condition) or a newly allocated string
|
||||
* containing the result of merging that the caller will need to free with
|
||||
* OPENSSL_free() when done. Here, merging means that bits and pieces are
|
||||
* taken from each of the file specifications and added together in whatever
|
||||
* fashion that is sensible for the DSO method in question. The only rule
|
||||
* that really applies is that if the two specification contain pieces of the
|
||||
* same type, the copy from the first string takes priority. One could see
|
||||
* it as the first specification is the one given by the user and the second
|
||||
* being a bunch of defaults to add on if they're missing in the first.
|
||||
*/
|
||||
typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
|
||||
|
||||
typedef struct dso_meth_st {
|
||||
const char *name;
|
||||
/*
|
||||
* Loads a shared library, NB: new DSO_METHODs must ensure that a
|
||||
* successful load populates the loaded_filename field, and likewise a
|
||||
* successful unload OPENSSL_frees and NULLs it out.
|
||||
*/
|
||||
int (*dso_load) (DSO *dso);
|
||||
/* Unloads a shared library */
|
||||
int (*dso_unload) (DSO *dso);
|
||||
/* Binds a variable */
|
||||
void *(*dso_bind_var) (DSO *dso, const char *symname);
|
||||
/*
|
||||
* Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
|
||||
* be cast to the real function prototype by the caller. Platforms that
|
||||
* don't have compatible representations for different prototypes (this
|
||||
* is possible within ANSI C) are highly unlikely to have shared
|
||||
* libraries at all, let alone a DSO_METHOD implemented for them.
|
||||
*/
|
||||
DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
|
||||
/* I don't think this would actually be used in any circumstances. */
|
||||
# if 0
|
||||
/* Unbinds a variable */
|
||||
int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
|
||||
/* Unbinds a function */
|
||||
int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
|
||||
# endif
|
||||
/*
|
||||
* The generic (yuck) "ctrl()" function. NB: Negative return values
|
||||
* (rather than zero) indicate errors.
|
||||
*/
|
||||
long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
|
||||
/*
|
||||
* The default DSO_METHOD-specific function for converting filenames to a
|
||||
* canonical native form.
|
||||
*/
|
||||
DSO_NAME_CONVERTER_FUNC dso_name_converter;
|
||||
/*
|
||||
* The default DSO_METHOD-specific function for converting filenames to a
|
||||
* canonical native form.
|
||||
*/
|
||||
DSO_MERGER_FUNC dso_merger;
|
||||
/* [De]Initialisation handlers. */
|
||||
int (*init) (DSO *dso);
|
||||
int (*finish) (DSO *dso);
|
||||
/* Return pathname of the module containing location */
|
||||
int (*pathbyaddr) (void *addr, char *path, int sz);
|
||||
/* Perform global symbol lookup, i.e. among *all* modules */
|
||||
void *(*globallookup) (const char *symname);
|
||||
} DSO_METHOD;
|
||||
|
||||
/**********************************************************************/
|
||||
/* The low-level handle type used to refer to a loaded shared library */
|
||||
|
||||
struct dso_st {
|
||||
DSO_METHOD *meth;
|
||||
/*
|
||||
* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
|
||||
* anything but will need to cache the filename for use in the dso_bind
|
||||
* handler. All in all, let each method control its own destiny.
|
||||
* "Handles" and such go in a STACK.
|
||||
*/
|
||||
STACK_OF(void) *meth_data;
|
||||
int references;
|
||||
int flags;
|
||||
/*
|
||||
* For use by applications etc ... use this for your bits'n'pieces, don't
|
||||
* touch meth_data!
|
||||
*/
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
/*
|
||||
* If this callback function pointer is set to non-NULL, then it will be
|
||||
* used in DSO_load() in place of meth->dso_name_converter. NB: This
|
||||
* should normally set using DSO_set_name_converter().
|
||||
*/
|
||||
DSO_NAME_CONVERTER_FUNC name_converter;
|
||||
/*
|
||||
* If this callback function pointer is set to non-NULL, then it will be
|
||||
* used in DSO_load() in place of meth->dso_merger. NB: This should
|
||||
* normally set using DSO_set_merger().
|
||||
*/
|
||||
DSO_MERGER_FUNC merger;
|
||||
/*
|
||||
* This is populated with (a copy of) the platform-independant filename
|
||||
* used for this DSO.
|
||||
*/
|
||||
char *filename;
|
||||
/*
|
||||
* This is populated with (a copy of) the translated filename by which
|
||||
* the DSO was actually loaded. It is NULL iff the DSO is not currently
|
||||
* loaded. NB: This is here because the filename translation process may
|
||||
* involve a callback being invoked more than once not only to convert to
|
||||
* a platform-specific form, but also to try different filenames in the
|
||||
* process of trying to perform a load. As such, this variable can be
|
||||
* used to indicate (a) whether this DSO structure corresponds to a
|
||||
* loaded library or not, and (b) the filename with which it was actually
|
||||
* loaded.
|
||||
*/
|
||||
char *loaded_filename;
|
||||
};
|
||||
|
||||
DSO *DSO_new(void);
|
||||
DSO *DSO_new_method(DSO_METHOD *method);
|
||||
int DSO_free(DSO *dso);
|
||||
int DSO_flags(DSO *dso);
|
||||
int DSO_up_ref(DSO *dso);
|
||||
long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
|
||||
|
||||
/*
|
||||
* This function sets the DSO's name_converter callback. If it is non-NULL,
|
||||
* then it will be used instead of the associated DSO_METHOD's function. If
|
||||
* oldcb is non-NULL then it is set to the function pointer value being
|
||||
* replaced. Return value is non-zero for success.
|
||||
*/
|
||||
int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
|
||||
DSO_NAME_CONVERTER_FUNC *oldcb);
|
||||
/*
|
||||
* These functions can be used to get/set the platform-independant filename
|
||||
* used for a DSO. NB: set will fail if the DSO is already loaded.
|
||||
*/
|
||||
const char *DSO_get_filename(DSO *dso);
|
||||
int DSO_set_filename(DSO *dso, const char *filename);
|
||||
/*
|
||||
* This function will invoke the DSO's name_converter callback to translate a
|
||||
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
|
||||
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
|
||||
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
|
||||
* simply duplicated. NB: This function is usually called from within a
|
||||
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so
|
||||
* that caller-created DSO_METHODs can do the same thing. A non-NULL return
|
||||
* value will need to be OPENSSL_free()'d.
|
||||
*/
|
||||
char *DSO_convert_filename(DSO *dso, const char *filename);
|
||||
/*
|
||||
* This function will invoke the DSO's merger callback to merge two file
|
||||
* specifications, or if the callback isn't set it will instead use the
|
||||
* DSO_METHOD's merger. A non-NULL return value will need to be
|
||||
* OPENSSL_free()'d.
|
||||
*/
|
||||
char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
|
||||
/*
|
||||
* If the DSO is currently loaded, this returns the filename that it was
|
||||
* loaded under, otherwise it returns NULL. So it is also useful as a test as
|
||||
* to whether the DSO is currently loaded. NB: This will not necessarily
|
||||
* return the same value as DSO_convert_filename(dso, dso->filename), because
|
||||
* the DSO_METHOD's load function may have tried a variety of filenames (with
|
||||
* and/or without the aid of the converters) before settling on the one it
|
||||
* actually loaded.
|
||||
*/
|
||||
const char *DSO_get_loaded_filename(DSO *dso);
|
||||
|
||||
void DSO_set_default_method(DSO_METHOD *meth);
|
||||
DSO_METHOD *DSO_get_default_method(void);
|
||||
DSO_METHOD *DSO_get_method(DSO *dso);
|
||||
DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
|
||||
|
||||
/*
|
||||
* The all-singing all-dancing load function, you normally pass NULL for the
|
||||
* first and third parameters. Use DSO_up and DSO_free for subsequent
|
||||
* reference count handling. Any flags passed in will be set in the
|
||||
* constructed DSO after its init() function but before the load operation.
|
||||
* If 'dso' is non-NULL, 'flags' is ignored.
|
||||
*/
|
||||
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
|
||||
|
||||
/* This function binds to a variable inside a shared library. */
|
||||
void *DSO_bind_var(DSO *dso, const char *symname);
|
||||
|
||||
/* This function binds to a function inside a shared library. */
|
||||
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
|
||||
|
||||
/*
|
||||
* This method is the default, but will beg, borrow, or steal whatever method
|
||||
* should be the default on any particular platform (including
|
||||
* DSO_METH_null() if necessary).
|
||||
*/
|
||||
DSO_METHOD *DSO_METHOD_openssl(void);
|
||||
|
||||
/*
|
||||
* This method is defined for all platforms - if a platform has no DSO
|
||||
* support then this will be the only method!
|
||||
*/
|
||||
DSO_METHOD *DSO_METHOD_null(void);
|
||||
|
||||
/*
|
||||
* If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
|
||||
* dlclose, dlsym, etc) will be used and incorporated into this method. If
|
||||
* not, this method will return NULL.
|
||||
*/
|
||||
DSO_METHOD *DSO_METHOD_dlfcn(void);
|
||||
|
||||
/*
|
||||
* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
|
||||
* shl_unload, shl_findsym, etc) will be used and incorporated into this
|
||||
* method. If not, this method will return NULL.
|
||||
*/
|
||||
DSO_METHOD *DSO_METHOD_dl(void);
|
||||
|
||||
/* If WIN32 is defined, use DLLs. If not, return NULL. */
|
||||
DSO_METHOD *DSO_METHOD_win32(void);
|
||||
|
||||
/* If VMS is defined, use shared images. If not, return NULL. */
|
||||
DSO_METHOD *DSO_METHOD_vms(void);
|
||||
|
||||
/*
|
||||
* This function writes null-terminated pathname of DSO module containing
|
||||
* 'addr' into 'sz' large caller-provided 'path' and returns the number of
|
||||
* characters [including trailing zero] written to it. If 'sz' is 0 or
|
||||
* negative, 'path' is ignored and required amount of charachers [including
|
||||
* trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
|
||||
* pathname of cryptolib itself is returned. Negative or zero return value
|
||||
* denotes error.
|
||||
*/
|
||||
int DSO_pathbyaddr(void *addr, char *path, int sz);
|
||||
|
||||
/*
|
||||
* This function should be used with caution! It looks up symbols in *all*
|
||||
* loaded modules and if module gets unloaded by somebody else attempt to
|
||||
* dereference the pointer is doomed to have fatal consequences. Primary
|
||||
* usage for this function is to probe *core* system functionality, e.g.
|
||||
* check if getnameinfo(3) is available at run-time without bothering about
|
||||
* OS-specific details such as libc.so.versioning or where does it actually
|
||||
* reside: in libc itself or libsocket.
|
||||
*/
|
||||
void *DSO_global_lookup(const char *name);
|
||||
|
||||
/* If BeOS is defined, use shared images. If not, return NULL. */
|
||||
DSO_METHOD *DSO_METHOD_beos(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_DSO_strings(void);
|
||||
|
||||
/* Error codes for the DSO functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define DSO_F_BEOS_BIND_FUNC 144
|
||||
# define DSO_F_BEOS_BIND_VAR 145
|
||||
# define DSO_F_BEOS_LOAD 146
|
||||
# define DSO_F_BEOS_NAME_CONVERTER 147
|
||||
# define DSO_F_BEOS_UNLOAD 148
|
||||
# define DSO_F_DLFCN_BIND_FUNC 100
|
||||
# define DSO_F_DLFCN_BIND_VAR 101
|
||||
# define DSO_F_DLFCN_LOAD 102
|
||||
# define DSO_F_DLFCN_MERGER 130
|
||||
# define DSO_F_DLFCN_NAME_CONVERTER 123
|
||||
# define DSO_F_DLFCN_UNLOAD 103
|
||||
# define DSO_F_DL_BIND_FUNC 104
|
||||
# define DSO_F_DL_BIND_VAR 105
|
||||
# define DSO_F_DL_LOAD 106
|
||||
# define DSO_F_DL_MERGER 131
|
||||
# define DSO_F_DL_NAME_CONVERTER 124
|
||||
# define DSO_F_DL_UNLOAD 107
|
||||
# define DSO_F_DSO_BIND_FUNC 108
|
||||
# define DSO_F_DSO_BIND_VAR 109
|
||||
# define DSO_F_DSO_CONVERT_FILENAME 126
|
||||
# define DSO_F_DSO_CTRL 110
|
||||
# define DSO_F_DSO_FREE 111
|
||||
# define DSO_F_DSO_GET_FILENAME 127
|
||||
# define DSO_F_DSO_GET_LOADED_FILENAME 128
|
||||
# define DSO_F_DSO_GLOBAL_LOOKUP 139
|
||||
# define DSO_F_DSO_LOAD 112
|
||||
# define DSO_F_DSO_MERGE 132
|
||||
# define DSO_F_DSO_NEW_METHOD 113
|
||||
# define DSO_F_DSO_PATHBYADDR 140
|
||||
# define DSO_F_DSO_SET_FILENAME 129
|
||||
# define DSO_F_DSO_SET_NAME_CONVERTER 122
|
||||
# define DSO_F_DSO_UP_REF 114
|
||||
# define DSO_F_GLOBAL_LOOKUP_FUNC 138
|
||||
# define DSO_F_PATHBYADDR 137
|
||||
# define DSO_F_VMS_BIND_SYM 115
|
||||
# define DSO_F_VMS_LOAD 116
|
||||
# define DSO_F_VMS_MERGER 133
|
||||
# define DSO_F_VMS_UNLOAD 117
|
||||
# define DSO_F_WIN32_BIND_FUNC 118
|
||||
# define DSO_F_WIN32_BIND_VAR 119
|
||||
# define DSO_F_WIN32_GLOBALLOOKUP 142
|
||||
# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
|
||||
# define DSO_F_WIN32_JOINER 135
|
||||
# define DSO_F_WIN32_LOAD 120
|
||||
# define DSO_F_WIN32_MERGER 134
|
||||
# define DSO_F_WIN32_NAME_CONVERTER 125
|
||||
# define DSO_F_WIN32_PATHBYADDR 141
|
||||
# define DSO_F_WIN32_SPLITTER 136
|
||||
# define DSO_F_WIN32_UNLOAD 121
|
||||
|
||||
/* Reason codes. */
|
||||
# define DSO_R_CTRL_FAILED 100
|
||||
# define DSO_R_DSO_ALREADY_LOADED 110
|
||||
# define DSO_R_EMPTY_FILE_STRUCTURE 113
|
||||
# define DSO_R_FAILURE 114
|
||||
# define DSO_R_FILENAME_TOO_BIG 101
|
||||
# define DSO_R_FINISH_FAILED 102
|
||||
# define DSO_R_INCORRECT_FILE_SYNTAX 115
|
||||
# define DSO_R_LOAD_FAILED 103
|
||||
# define DSO_R_NAME_TRANSLATION_FAILED 109
|
||||
# define DSO_R_NO_FILENAME 111
|
||||
# define DSO_R_NO_FILE_SPECIFICATION 116
|
||||
# define DSO_R_NULL_HANDLE 104
|
||||
# define DSO_R_SET_FILENAME_FAILED 112
|
||||
# define DSO_R_STACK_ERROR 105
|
||||
# define DSO_R_SYM_FAILURE 106
|
||||
# define DSO_R_UNLOAD_FAILED 107
|
||||
# define DSO_R_UNSUPPORTED 108
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,26 @@
|
|||
/* crypto/ebcdic.h */
|
||||
|
||||
#ifndef HEADER_EBCDIC_H
|
||||
# define HEADER_EBCDIC_H
|
||||
|
||||
# include <sys/types.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Avoid name clashes with other applications */
|
||||
# define os_toascii _openssl_os_toascii
|
||||
# define os_toebcdic _openssl_os_toebcdic
|
||||
# define ebcdic2ascii _openssl_ebcdic2ascii
|
||||
# define ascii2ebcdic _openssl_ascii2ebcdic
|
||||
|
||||
extern const unsigned char os_toascii[256];
|
||||
extern const unsigned char os_toebcdic[256];
|
||||
void *ebcdic2ascii(void *dest, const void *srce, size_t count);
|
||||
void *ascii2ebcdic(void *dest, const void *srce, size_t count);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,960 @@
|
|||
/* openssl/engine.h */
|
||||
/*
|
||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
||||
* 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||
* ECDH support in OpenSSL originally developed by
|
||||
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
||||
*/
|
||||
|
||||
#ifndef HEADER_ENGINE_H
|
||||
# define HEADER_ENGINE_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifdef OPENSSL_NO_ENGINE
|
||||
# error ENGINE is disabled.
|
||||
# endif
|
||||
|
||||
# ifndef OPENSSL_NO_DEPRECATED
|
||||
# include <openssl/bn.h>
|
||||
# ifndef OPENSSL_NO_RSA
|
||||
# include <openssl/rsa.h>
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_DSA
|
||||
# include <openssl/dsa.h>
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_DH
|
||||
# include <openssl/dh.h>
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_ECDH
|
||||
# include <openssl/ecdh.h>
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_ECDSA
|
||||
# include <openssl/ecdsa.h>
|
||||
# endif
|
||||
# include <openssl/rand.h>
|
||||
# include <openssl/ui.h>
|
||||
# include <openssl/err.h>
|
||||
# endif
|
||||
|
||||
# include <openssl/ossl_typ.h>
|
||||
# include <openssl/symhacks.h>
|
||||
|
||||
# include <openssl/x509.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
* These flags are used to control combinations of algorithm (methods) by
|
||||
* bitwise "OR"ing.
|
||||
*/
|
||||
# define ENGINE_METHOD_RSA (unsigned int)0x0001
|
||||
# define ENGINE_METHOD_DSA (unsigned int)0x0002
|
||||
# define ENGINE_METHOD_DH (unsigned int)0x0004
|
||||
# define ENGINE_METHOD_RAND (unsigned int)0x0008
|
||||
# define ENGINE_METHOD_ECDH (unsigned int)0x0010
|
||||
# define ENGINE_METHOD_ECDSA (unsigned int)0x0020
|
||||
# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
|
||||
# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
|
||||
# define ENGINE_METHOD_STORE (unsigned int)0x0100
|
||||
# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
|
||||
# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
|
||||
/* Obvious all-or-nothing cases. */
|
||||
# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
|
||||
# define ENGINE_METHOD_NONE (unsigned int)0x0000
|
||||
|
||||
/*
|
||||
* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
|
||||
* internally to control registration of ENGINE implementations, and can be
|
||||
* set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
|
||||
* initialise registered ENGINEs if they are not already initialised.
|
||||
*/
|
||||
# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
|
||||
|
||||
/* ENGINE flags that can be set by ENGINE_set_flags(). */
|
||||
/* Not used */
|
||||
/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
|
||||
|
||||
/*
|
||||
* This flag is for ENGINEs that wish to handle the various 'CMD'-related
|
||||
* control commands on their own. Without this flag, ENGINE_ctrl() handles
|
||||
* these control commands on behalf of the ENGINE using their "cmd_defns"
|
||||
* data.
|
||||
*/
|
||||
# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
|
||||
|
||||
/*
|
||||
* This flag is for ENGINEs who return new duplicate structures when found
|
||||
* via "ENGINE_by_id()". When an ENGINE must store state (eg. if
|
||||
* ENGINE_ctrl() commands are called in sequence as part of some stateful
|
||||
* process like key-generation setup and execution), it can set this flag -
|
||||
* then each attempt to obtain the ENGINE will result in it being copied into
|
||||
* a new structure. Normally, ENGINEs don't declare this flag so
|
||||
* ENGINE_by_id() just increments the existing ENGINE's structural reference
|
||||
* count.
|
||||
*/
|
||||
# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
|
||||
|
||||
/*
|
||||
* This flag if for an ENGINE that does not want its methods registered as
|
||||
* part of ENGINE_register_all_complete() for example if the methods are not
|
||||
* usable as default methods.
|
||||
*/
|
||||
|
||||
# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
|
||||
|
||||
/*
|
||||
* ENGINEs can support their own command types, and these flags are used in
|
||||
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
|
||||
* each command expects. Currently only numeric and string input is
|
||||
* supported. If a control command supports none of the _NUMERIC, _STRING, or
|
||||
* _NO_INPUT options, then it is regarded as an "internal" control command -
|
||||
* and not for use in config setting situations. As such, they're not
|
||||
* available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
|
||||
* access. Changes to this list of 'command types' should be reflected
|
||||
* carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
|
||||
*/
|
||||
|
||||
/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
|
||||
# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
|
||||
/*
|
||||
* accepts string input (cast from 'void*' to 'const char *', 4th parameter
|
||||
* to ENGINE_ctrl)
|
||||
*/
|
||||
# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
|
||||
/*
|
||||
* Indicates that the control command takes *no* input. Ie. the control
|
||||
* command is unparameterised.
|
||||
*/
|
||||
# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
|
||||
/*
|
||||
* Indicates that the control command is internal. This control command won't
|
||||
* be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
|
||||
* function.
|
||||
*/
|
||||
# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
|
||||
|
||||
/*
|
||||
* NB: These 3 control commands are deprecated and should not be used.
|
||||
* ENGINEs relying on these commands should compile conditional support for
|
||||
* compatibility (eg. if these symbols are defined) but should also migrate
|
||||
* the same functionality to their own ENGINE-specific control functions that
|
||||
* can be "discovered" by calling applications. The fact these control
|
||||
* commands wouldn't be "executable" (ie. usable by text-based config)
|
||||
* doesn't change the fact that application code can find and use them
|
||||
* without requiring per-ENGINE hacking.
|
||||
*/
|
||||
|
||||
/*
|
||||
* These flags are used to tell the ctrl function what should be done. All
|
||||
* command numbers are shared between all engines, even if some don't make
|
||||
* sense to some engines. In such a case, they do nothing but return the
|
||||
* error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
|
||||
*/
|
||||
# define ENGINE_CTRL_SET_LOGSTREAM 1
|
||||
# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
|
||||
# define ENGINE_CTRL_HUP 3/* Close and reinitialise
|
||||
* any handles/connections
|
||||
* etc. */
|
||||
# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
|
||||
# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
|
||||
* when calling the password
|
||||
* callback and the user
|
||||
* interface */
|
||||
# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
|
||||
* given a string that
|
||||
* represents a file name
|
||||
* or so */
|
||||
# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
|
||||
* section in the already
|
||||
* loaded configuration */
|
||||
|
||||
/*
|
||||
* These control commands allow an application to deal with an arbitrary
|
||||
* engine in a dynamic way. Warn: Negative return values indicate errors FOR
|
||||
* THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
|
||||
* commands, including ENGINE-specific command types, return zero for an
|
||||
* error. An ENGINE can choose to implement these ctrl functions, and can
|
||||
* internally manage things however it chooses - it does so by setting the
|
||||
* ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
|
||||
* the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
|
||||
* cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
|
||||
* ctrl() handler need only implement its own commands - the above "meta"
|
||||
* commands will be taken care of.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
|
||||
* then all the remaining control commands will return failure, so it is
|
||||
* worth checking this first if the caller is trying to "discover" the
|
||||
* engine's capabilities and doesn't want errors generated unnecessarily.
|
||||
*/
|
||||
# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
|
||||
/*
|
||||
* Returns a positive command number for the first command supported by the
|
||||
* engine. Returns zero if no ctrl commands are supported.
|
||||
*/
|
||||
# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
|
||||
/*
|
||||
* The 'long' argument specifies a command implemented by the engine, and the
|
||||
* return value is the next command supported, or zero if there are no more.
|
||||
*/
|
||||
# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
|
||||
/*
|
||||
* The 'void*' argument is a command name (cast from 'const char *'), and the
|
||||
* return value is the command that corresponds to it.
|
||||
*/
|
||||
# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
|
||||
/*
|
||||
* The next two allow a command to be converted into its corresponding string
|
||||
* form. In each case, the 'long' argument supplies the command. In the
|
||||
* NAME_LEN case, the return value is the length of the command name (not
|
||||
* counting a trailing EOL). In the NAME case, the 'void*' argument must be a
|
||||
* string buffer large enough, and it will be populated with the name of the
|
||||
* command (WITH a trailing EOL).
|
||||
*/
|
||||
# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
|
||||
# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
|
||||
/* The next two are similar but give a "short description" of a command. */
|
||||
# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
|
||||
# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
|
||||
/*
|
||||
* With this command, the return value is the OR'd combination of
|
||||
* ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
|
||||
* engine-specific ctrl command expects.
|
||||
*/
|
||||
# define ENGINE_CTRL_GET_CMD_FLAGS 18
|
||||
|
||||
/*
|
||||
* ENGINE implementations should start the numbering of their own control
|
||||
* commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
|
||||
*/
|
||||
# define ENGINE_CMD_BASE 200
|
||||
|
||||
/*
|
||||
* NB: These 2 nCipher "chil" control commands are deprecated, and their
|
||||
* functionality is now available through ENGINE-specific control commands
|
||||
* (exposed through the above-mentioned 'CMD'-handling). Code using these 2
|
||||
* commands should be migrated to the more general command handling before
|
||||
* these are removed.
|
||||
*/
|
||||
|
||||
/* Flags specific to the nCipher "chil" engine */
|
||||
# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
|
||||
/*
|
||||
* Depending on the value of the (long)i argument, this sets or
|
||||
* unsets the SimpleForkCheck flag in the CHIL API to enable or
|
||||
* disable checking and workarounds for applications that fork().
|
||||
*/
|
||||
# define ENGINE_CTRL_CHIL_NO_LOCKING 101
|
||||
/*
|
||||
* This prevents the initialisation function from providing mutex
|
||||
* callbacks to the nCipher library.
|
||||
*/
|
||||
|
||||
/*
|
||||
* If an ENGINE supports its own specific control commands and wishes the
|
||||
* framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
|
||||
* its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
|
||||
* entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
|
||||
* handler that supports the stated commands (ie. the "cmd_num" entries as
|
||||
* described by the array). NB: The array must be ordered in increasing order
|
||||
* of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
|
||||
* has cmd_num set to zero and/or cmd_name set to NULL.
|
||||
*/
|
||||
typedef struct ENGINE_CMD_DEFN_st {
|
||||
unsigned int cmd_num; /* The command number */
|
||||
const char *cmd_name; /* The command name itself */
|
||||
const char *cmd_desc; /* A short description of the command */
|
||||
unsigned int cmd_flags; /* The input the command expects */
|
||||
} ENGINE_CMD_DEFN;
|
||||
|
||||
/* Generic function pointer */
|
||||
typedef int (*ENGINE_GEN_FUNC_PTR) (void);
|
||||
/* Generic function pointer taking no arguments */
|
||||
typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
|
||||
/* Specific control function pointer */
|
||||
typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
|
||||
void (*f) (void));
|
||||
/* Generic load_key function pointer */
|
||||
typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
|
||||
UI_METHOD *ui_method,
|
||||
void *callback_data);
|
||||
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
|
||||
STACK_OF(X509_NAME) *ca_dn,
|
||||
X509 **pcert, EVP_PKEY **pkey,
|
||||
STACK_OF(X509) **pother,
|
||||
UI_METHOD *ui_method,
|
||||
void *callback_data);
|
||||
/*-
|
||||
* These callback types are for an ENGINE's handler for cipher and digest logic.
|
||||
* These handlers have these prototypes;
|
||||
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
|
||||
* int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
|
||||
* Looking at how to implement these handlers in the case of cipher support, if
|
||||
* the framework wants the EVP_CIPHER for 'nid', it will call;
|
||||
* foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
|
||||
* If the framework wants a list of supported 'nid's, it will call;
|
||||
* foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
|
||||
*/
|
||||
/*
|
||||
* Returns to a pointer to the array of supported cipher 'nid's. If the
|
||||
* second parameter is non-NULL it is set to the size of the returned array.
|
||||
*/
|
||||
typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
|
||||
const int **, int);
|
||||
typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
|
||||
int);
|
||||
typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
|
||||
const int **, int);
|
||||
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
|
||||
const int **, int);
|
||||
/*
|
||||
* STRUCTURE functions ... all of these functions deal with pointers to
|
||||
* ENGINE structures where the pointers have a "structural reference". This
|
||||
* means that their reference is to allowed access to the structure but it
|
||||
* does not imply that the structure is functional. To simply increment or
|
||||
* decrement the structural reference count, use ENGINE_by_id and
|
||||
* ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
|
||||
* as it will automatically decrement the structural reference count of the
|
||||
* "current" ENGINE and increment the structural reference count of the
|
||||
* ENGINE it returns (unless it is NULL).
|
||||
*/
|
||||
|
||||
/* Get the first/last "ENGINE" type available. */
|
||||
ENGINE *ENGINE_get_first(void);
|
||||
ENGINE *ENGINE_get_last(void);
|
||||
/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
|
||||
ENGINE *ENGINE_get_next(ENGINE *e);
|
||||
ENGINE *ENGINE_get_prev(ENGINE *e);
|
||||
/* Add another "ENGINE" type into the array. */
|
||||
int ENGINE_add(ENGINE *e);
|
||||
/* Remove an existing "ENGINE" type from the array. */
|
||||
int ENGINE_remove(ENGINE *e);
|
||||
/* Retrieve an engine from the list by its unique "id" value. */
|
||||
ENGINE *ENGINE_by_id(const char *id);
|
||||
/* Add all the built-in engines. */
|
||||
void ENGINE_load_openssl(void);
|
||||
void ENGINE_load_dynamic(void);
|
||||
# ifndef OPENSSL_NO_STATIC_ENGINE
|
||||
void ENGINE_load_4758cca(void);
|
||||
void ENGINE_load_aep(void);
|
||||
void ENGINE_load_atalla(void);
|
||||
void ENGINE_load_chil(void);
|
||||
void ENGINE_load_cswift(void);
|
||||
void ENGINE_load_nuron(void);
|
||||
void ENGINE_load_sureware(void);
|
||||
void ENGINE_load_ubsec(void);
|
||||
void ENGINE_load_padlock(void);
|
||||
void ENGINE_load_capi(void);
|
||||
# ifndef OPENSSL_NO_GMP
|
||||
void ENGINE_load_gmp(void);
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_GOST
|
||||
void ENGINE_load_gost(void);
|
||||
# endif
|
||||
# endif
|
||||
void ENGINE_load_cryptodev(void);
|
||||
void ENGINE_load_rdrand(void);
|
||||
void ENGINE_load_builtin_engines(void);
|
||||
|
||||
/*
|
||||
* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
|
||||
* "registry" handling.
|
||||
*/
|
||||
unsigned int ENGINE_get_table_flags(void);
|
||||
void ENGINE_set_table_flags(unsigned int flags);
|
||||
|
||||
/*- Manage registration of ENGINEs per "table". For each type, there are 3
|
||||
* functions;
|
||||
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
|
||||
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
|
||||
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
|
||||
* Cleanup is automatically registered from each table when required, so
|
||||
* ENGINE_cleanup() will reverse any "register" operations.
|
||||
*/
|
||||
|
||||
int ENGINE_register_RSA(ENGINE *e);
|
||||
void ENGINE_unregister_RSA(ENGINE *e);
|
||||
void ENGINE_register_all_RSA(void);
|
||||
|
||||
int ENGINE_register_DSA(ENGINE *e);
|
||||
void ENGINE_unregister_DSA(ENGINE *e);
|
||||
void ENGINE_register_all_DSA(void);
|
||||
|
||||
int ENGINE_register_ECDH(ENGINE *e);
|
||||
void ENGINE_unregister_ECDH(ENGINE *e);
|
||||
void ENGINE_register_all_ECDH(void);
|
||||
|
||||
int ENGINE_register_ECDSA(ENGINE *e);
|
||||
void ENGINE_unregister_ECDSA(ENGINE *e);
|
||||
void ENGINE_register_all_ECDSA(void);
|
||||
|
||||
int ENGINE_register_DH(ENGINE *e);
|
||||
void ENGINE_unregister_DH(ENGINE *e);
|
||||
void ENGINE_register_all_DH(void);
|
||||
|
||||
int ENGINE_register_RAND(ENGINE *e);
|
||||
void ENGINE_unregister_RAND(ENGINE *e);
|
||||
void ENGINE_register_all_RAND(void);
|
||||
|
||||
int ENGINE_register_STORE(ENGINE *e);
|
||||
void ENGINE_unregister_STORE(ENGINE *e);
|
||||
void ENGINE_register_all_STORE(void);
|
||||
|
||||
int ENGINE_register_ciphers(ENGINE *e);
|
||||
void ENGINE_unregister_ciphers(ENGINE *e);
|
||||
void ENGINE_register_all_ciphers(void);
|
||||
|
||||
int ENGINE_register_digests(ENGINE *e);
|
||||
void ENGINE_unregister_digests(ENGINE *e);
|
||||
void ENGINE_register_all_digests(void);
|
||||
|
||||
int ENGINE_register_pkey_meths(ENGINE *e);
|
||||
void ENGINE_unregister_pkey_meths(ENGINE *e);
|
||||
void ENGINE_register_all_pkey_meths(void);
|
||||
|
||||
int ENGINE_register_pkey_asn1_meths(ENGINE *e);
|
||||
void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
|
||||
void ENGINE_register_all_pkey_asn1_meths(void);
|
||||
|
||||
/*
|
||||
* These functions register all support from the above categories. Note, use
|
||||
* of these functions can result in static linkage of code your application
|
||||
* may not need. If you only need a subset of functionality, consider using
|
||||
* more selective initialisation.
|
||||
*/
|
||||
int ENGINE_register_complete(ENGINE *e);
|
||||
int ENGINE_register_all_complete(void);
|
||||
|
||||
/*
|
||||
* Send parametrised control commands to the engine. The possibilities to
|
||||
* send down an integer, a pointer to data or a function pointer are
|
||||
* provided. Any of the parameters may or may not be NULL, depending on the
|
||||
* command number. In actuality, this function only requires a structural
|
||||
* (rather than functional) reference to an engine, but many control commands
|
||||
* may require the engine be functional. The caller should be aware of trying
|
||||
* commands that require an operational ENGINE, and only use functional
|
||||
* references in such situations.
|
||||
*/
|
||||
int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
|
||||
|
||||
/*
|
||||
* This function tests if an ENGINE-specific command is usable as a
|
||||
* "setting". Eg. in an application's config file that gets processed through
|
||||
* ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
|
||||
* ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
|
||||
*/
|
||||
int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
|
||||
|
||||
/*
|
||||
* This function works like ENGINE_ctrl() with the exception of taking a
|
||||
* command name instead of a command number, and can handle optional
|
||||
* commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
|
||||
* on how to use the cmd_name and cmd_optional.
|
||||
*/
|
||||
int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
|
||||
long i, void *p, void (*f) (void), int cmd_optional);
|
||||
|
||||
/*
|
||||
* This function passes a command-name and argument to an ENGINE. The
|
||||
* cmd_name is converted to a command number and the control command is
|
||||
* called using 'arg' as an argument (unless the ENGINE doesn't support such
|
||||
* a command, in which case no control command is called). The command is
|
||||
* checked for input flags, and if necessary the argument will be converted
|
||||
* to a numeric value. If cmd_optional is non-zero, then if the ENGINE
|
||||
* doesn't support the given cmd_name the return value will be success
|
||||
* anyway. This function is intended for applications to use so that users
|
||||
* (or config files) can supply engine-specific config data to the ENGINE at
|
||||
* run-time to control behaviour of specific engines. As such, it shouldn't
|
||||
* be used for calling ENGINE_ctrl() functions that return data, deal with
|
||||
* binary data, or that are otherwise supposed to be used directly through
|
||||
* ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
|
||||
* operation in this function will be lost - the return value is interpreted
|
||||
* as failure if the return value is zero, success otherwise, and this
|
||||
* function returns a boolean value as a result. In other words, vendors of
|
||||
* 'ENGINE'-enabled devices should write ENGINE implementations with
|
||||
* parameterisations that work in this scheme, so that compliant ENGINE-based
|
||||
* applications can work consistently with the same configuration for the
|
||||
* same ENGINE-enabled devices, across applications.
|
||||
*/
|
||||
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
|
||||
int cmd_optional);
|
||||
|
||||
/*
|
||||
* These functions are useful for manufacturing new ENGINE structures. They
|
||||
* don't address reference counting at all - one uses them to populate an
|
||||
* ENGINE structure with personalised implementations of things prior to
|
||||
* using it directly or adding it to the builtin ENGINE list in OpenSSL.
|
||||
* These are also here so that the ENGINE structure doesn't have to be
|
||||
* exposed and break binary compatibility!
|
||||
*/
|
||||
ENGINE *ENGINE_new(void);
|
||||
int ENGINE_free(ENGINE *e);
|
||||
int ENGINE_up_ref(ENGINE *e);
|
||||
int ENGINE_set_id(ENGINE *e, const char *id);
|
||||
int ENGINE_set_name(ENGINE *e, const char *name);
|
||||
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
|
||||
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
|
||||
int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
|
||||
int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
|
||||
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
|
||||
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
|
||||
int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
|
||||
int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
|
||||
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
|
||||
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
|
||||
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
|
||||
int ENGINE_set_load_privkey_function(ENGINE *e,
|
||||
ENGINE_LOAD_KEY_PTR loadpriv_f);
|
||||
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
|
||||
int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
|
||||
ENGINE_SSL_CLIENT_CERT_PTR
|
||||
loadssl_f);
|
||||
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
|
||||
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
|
||||
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
|
||||
int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
|
||||
int ENGINE_set_flags(ENGINE *e, int flags);
|
||||
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
|
||||
/* These functions allow control over any per-structure ENGINE data. */
|
||||
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||
CRYPTO_EX_dup *dup_func,
|
||||
CRYPTO_EX_free *free_func);
|
||||
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
|
||||
void *ENGINE_get_ex_data(const ENGINE *e, int idx);
|
||||
|
||||
/*
|
||||
* This function cleans up anything that needs it. Eg. the ENGINE_add()
|
||||
* function automatically ensures the list cleanup function is registered to
|
||||
* be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
|
||||
* functions ensure ENGINE_cleanup() will clean up after them.
|
||||
*/
|
||||
void ENGINE_cleanup(void);
|
||||
|
||||
/*
|
||||
* These return values from within the ENGINE structure. These can be useful
|
||||
* with functional references as well as structural references - it depends
|
||||
* which you obtained. Using the result for functional purposes if you only
|
||||
* obtained a structural reference may be problematic!
|
||||
*/
|
||||
const char *ENGINE_get_id(const ENGINE *e);
|
||||
const char *ENGINE_get_name(const ENGINE *e);
|
||||
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
|
||||
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
|
||||
const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
|
||||
const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
|
||||
const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
|
||||
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
|
||||
const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
|
||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
|
||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
|
||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
|
||||
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
|
||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
|
||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
|
||||
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
|
||||
*e);
|
||||
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
|
||||
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
|
||||
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
|
||||
ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
|
||||
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
|
||||
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
|
||||
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
|
||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
|
||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
|
||||
const char *str,
|
||||
int len);
|
||||
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
|
||||
const char *str,
|
||||
int len);
|
||||
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
|
||||
int ENGINE_get_flags(const ENGINE *e);
|
||||
|
||||
/*
|
||||
* FUNCTIONAL functions. These functions deal with ENGINE structures that
|
||||
* have (or will) be initialised for use. Broadly speaking, the structural
|
||||
* functions are useful for iterating the list of available engine types,
|
||||
* creating new engine types, and other "list" operations. These functions
|
||||
* actually deal with ENGINEs that are to be used. As such these functions
|
||||
* can fail (if applicable) when particular engines are unavailable - eg. if
|
||||
* a hardware accelerator is not attached or not functioning correctly. Each
|
||||
* ENGINE has 2 reference counts; structural and functional. Every time a
|
||||
* functional reference is obtained or released, a corresponding structural
|
||||
* reference is automatically obtained or released too.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Initialise a engine type for use (or up its reference count if it's
|
||||
* already in use). This will fail if the engine is not currently operational
|
||||
* and cannot initialise.
|
||||
*/
|
||||
int ENGINE_init(ENGINE *e);
|
||||
/*
|
||||
* Free a functional reference to a engine type. This does not require a
|
||||
* corresponding call to ENGINE_free as it also releases a structural
|
||||
* reference.
|
||||
*/
|
||||
int ENGINE_finish(ENGINE *e);
|
||||
|
||||
/*
|
||||
* The following functions handle keys that are stored in some secondary
|
||||
* location, handled by the engine. The storage may be on a card or
|
||||
* whatever.
|
||||
*/
|
||||
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
|
||||
STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
|
||||
EVP_PKEY **ppkey, STACK_OF(X509) **pother,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
|
||||
/*
|
||||
* This returns a pointer for the current ENGINE structure that is (by
|
||||
* default) performing any RSA operations. The value returned is an
|
||||
* incremented reference, so it should be free'd (ENGINE_finish) before it is
|
||||
* discarded.
|
||||
*/
|
||||
ENGINE *ENGINE_get_default_RSA(void);
|
||||
/* Same for the other "methods" */
|
||||
ENGINE *ENGINE_get_default_DSA(void);
|
||||
ENGINE *ENGINE_get_default_ECDH(void);
|
||||
ENGINE *ENGINE_get_default_ECDSA(void);
|
||||
ENGINE *ENGINE_get_default_DH(void);
|
||||
ENGINE *ENGINE_get_default_RAND(void);
|
||||
/*
|
||||
* These functions can be used to get a functional reference to perform
|
||||
* ciphering or digesting corresponding to "nid".
|
||||
*/
|
||||
ENGINE *ENGINE_get_cipher_engine(int nid);
|
||||
ENGINE *ENGINE_get_digest_engine(int nid);
|
||||
ENGINE *ENGINE_get_pkey_meth_engine(int nid);
|
||||
ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
|
||||
|
||||
/*
|
||||
* This sets a new default ENGINE structure for performing RSA operations. If
|
||||
* the result is non-zero (success) then the ENGINE structure will have had
|
||||
* its reference count up'd so the caller should still free their own
|
||||
* reference 'e'.
|
||||
*/
|
||||
int ENGINE_set_default_RSA(ENGINE *e);
|
||||
int ENGINE_set_default_string(ENGINE *e, const char *def_list);
|
||||
/* Same for the other "methods" */
|
||||
int ENGINE_set_default_DSA(ENGINE *e);
|
||||
int ENGINE_set_default_ECDH(ENGINE *e);
|
||||
int ENGINE_set_default_ECDSA(ENGINE *e);
|
||||
int ENGINE_set_default_DH(ENGINE *e);
|
||||
int ENGINE_set_default_RAND(ENGINE *e);
|
||||
int ENGINE_set_default_ciphers(ENGINE *e);
|
||||
int ENGINE_set_default_digests(ENGINE *e);
|
||||
int ENGINE_set_default_pkey_meths(ENGINE *e);
|
||||
int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
|
||||
|
||||
/*
|
||||
* The combination "set" - the flags are bitwise "OR"d from the
|
||||
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
|
||||
* function, this function can result in unnecessary static linkage. If your
|
||||
* application requires only specific functionality, consider using more
|
||||
* selective functions.
|
||||
*/
|
||||
int ENGINE_set_default(ENGINE *e, unsigned int flags);
|
||||
|
||||
void ENGINE_add_conf_module(void);
|
||||
|
||||
/* Deprecated functions ... */
|
||||
/* int ENGINE_clear_defaults(void); */
|
||||
|
||||
/**************************/
|
||||
/* DYNAMIC ENGINE SUPPORT */
|
||||
/**************************/
|
||||
|
||||
/* Binary/behaviour compatibility levels */
|
||||
# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000
|
||||
/*
|
||||
* Binary versions older than this are too old for us (whether we're a loader
|
||||
* or a loadee)
|
||||
*/
|
||||
# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000
|
||||
|
||||
/*
|
||||
* When compiling an ENGINE entirely as an external shared library, loadable
|
||||
* by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
|
||||
* structure type provides the calling application's (or library's) error
|
||||
* functionality and memory management function pointers to the loaded
|
||||
* library. These should be used/set in the loaded library code so that the
|
||||
* loading application's 'state' will be used/changed in all operations. The
|
||||
* 'static_state' pointer allows the loaded library to know if it shares the
|
||||
* same static data as the calling application (or library), and thus whether
|
||||
* these callbacks need to be set or not.
|
||||
*/
|
||||
typedef void *(*dyn_MEM_malloc_cb) (size_t);
|
||||
typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
|
||||
typedef void (*dyn_MEM_free_cb) (void *);
|
||||
typedef struct st_dynamic_MEM_fns {
|
||||
dyn_MEM_malloc_cb malloc_cb;
|
||||
dyn_MEM_realloc_cb realloc_cb;
|
||||
dyn_MEM_free_cb free_cb;
|
||||
} dynamic_MEM_fns;
|
||||
/*
|
||||
* FIXME: Perhaps the memory and locking code (crypto.h) should declare and
|
||||
* use these types so we (and any other dependant code) can simplify a bit??
|
||||
*/
|
||||
typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
|
||||
typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
|
||||
typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
|
||||
int);
|
||||
typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
|
||||
const char *, int);
|
||||
typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
|
||||
const char *, int);
|
||||
typedef struct st_dynamic_LOCK_fns {
|
||||
dyn_lock_locking_cb lock_locking_cb;
|
||||
dyn_lock_add_lock_cb lock_add_lock_cb;
|
||||
dyn_dynlock_create_cb dynlock_create_cb;
|
||||
dyn_dynlock_lock_cb dynlock_lock_cb;
|
||||
dyn_dynlock_destroy_cb dynlock_destroy_cb;
|
||||
} dynamic_LOCK_fns;
|
||||
/* The top-level structure */
|
||||
typedef struct st_dynamic_fns {
|
||||
void *static_state;
|
||||
const ERR_FNS *err_fns;
|
||||
const CRYPTO_EX_DATA_IMPL *ex_data_fns;
|
||||
dynamic_MEM_fns mem_fns;
|
||||
dynamic_LOCK_fns lock_fns;
|
||||
} dynamic_fns;
|
||||
|
||||
/*
|
||||
* The version checking function should be of this prototype. NB: The
|
||||
* ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
|
||||
* code. If this function returns zero, it indicates a (potential) version
|
||||
* incompatibility and the loaded library doesn't believe it can proceed.
|
||||
* Otherwise, the returned value is the (latest) version supported by the
|
||||
* loading library. The loader may still decide that the loaded code's
|
||||
* version is unsatisfactory and could veto the load. The function is
|
||||
* expected to be implemented with the symbol name "v_check", and a default
|
||||
* implementation can be fully instantiated with
|
||||
* IMPLEMENT_DYNAMIC_CHECK_FN().
|
||||
*/
|
||||
typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
|
||||
# define IMPLEMENT_DYNAMIC_CHECK_FN() \
|
||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
|
||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
|
||||
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
|
||||
return 0; }
|
||||
|
||||
/*
|
||||
* This function is passed the ENGINE structure to initialise with its own
|
||||
* function and command settings. It should not adjust the structural or
|
||||
* functional reference counts. If this function returns zero, (a) the load
|
||||
* will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
|
||||
* the structure, and (c) the shared library will be unloaded. So
|
||||
* implementations should do their own internal cleanup in failure
|
||||
* circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
|
||||
* represents the ENGINE id that the loader is looking for. If this is NULL,
|
||||
* the shared library can choose to return failure or to initialise a
|
||||
* 'default' ENGINE. If non-NULL, the shared library must initialise only an
|
||||
* ENGINE matching the passed 'id'. The function is expected to be
|
||||
* implemented with the symbol name "bind_engine". A standard implementation
|
||||
* can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
|
||||
* 'fn' is a callback function that populates the ENGINE structure and
|
||||
* returns an int value (zero for failure). 'fn' should have prototype;
|
||||
* [static] int fn(ENGINE *e, const char *id);
|
||||
*/
|
||||
typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
|
||||
const dynamic_fns *fns);
|
||||
# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
|
||||
OPENSSL_EXPORT \
|
||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
|
||||
OPENSSL_EXPORT \
|
||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
|
||||
if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
|
||||
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
|
||||
fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
|
||||
return 0; \
|
||||
CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
|
||||
CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
|
||||
CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
|
||||
CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
|
||||
CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
|
||||
if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
|
||||
return 0; \
|
||||
if(!ERR_set_implementation(fns->err_fns)) return 0; \
|
||||
skip_cbs: \
|
||||
if(!fn(e,id)) return 0; \
|
||||
return 1; }
|
||||
|
||||
/*
|
||||
* If the loading application (or library) and the loaded ENGINE library
|
||||
* share the same static data (eg. they're both dynamically linked to the
|
||||
* same libcrypto.so) we need a way to avoid trying to set system callbacks -
|
||||
* this would fail, and for the same reason that it's unnecessary to try. If
|
||||
* the loaded ENGINE has (or gets from through the loader) its own copy of
|
||||
* the libcrypto static data, we will need to set the callbacks. The easiest
|
||||
* way to detect this is to have a function that returns a pointer to some
|
||||
* static data and let the loading application and loaded ENGINE compare
|
||||
* their respective values.
|
||||
*/
|
||||
void *ENGINE_get_static_state(void);
|
||||
|
||||
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
|
||||
void ENGINE_setup_bsd_cryptodev(void);
|
||||
# endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_ENGINE_strings(void);
|
||||
|
||||
/* Error codes for the ENGINE functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define ENGINE_F_DYNAMIC_CTRL 180
|
||||
# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
|
||||
# define ENGINE_F_DYNAMIC_LOAD 182
|
||||
# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
|
||||
# define ENGINE_F_ENGINE_ADD 105
|
||||
# define ENGINE_F_ENGINE_BY_ID 106
|
||||
# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
|
||||
# define ENGINE_F_ENGINE_CTRL 142
|
||||
# define ENGINE_F_ENGINE_CTRL_CMD 178
|
||||
# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
|
||||
# define ENGINE_F_ENGINE_FINISH 107
|
||||
# define ENGINE_F_ENGINE_FREE_UTIL 108
|
||||
# define ENGINE_F_ENGINE_GET_CIPHER 185
|
||||
# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
|
||||
# define ENGINE_F_ENGINE_GET_DIGEST 186
|
||||
# define ENGINE_F_ENGINE_GET_NEXT 115
|
||||
# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
|
||||
# define ENGINE_F_ENGINE_GET_PKEY_METH 192
|
||||
# define ENGINE_F_ENGINE_GET_PREV 116
|
||||
# define ENGINE_F_ENGINE_INIT 119
|
||||
# define ENGINE_F_ENGINE_LIST_ADD 120
|
||||
# define ENGINE_F_ENGINE_LIST_REMOVE 121
|
||||
# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
|
||||
# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
|
||||
# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
|
||||
# define ENGINE_F_ENGINE_NEW 122
|
||||
# define ENGINE_F_ENGINE_REMOVE 123
|
||||
# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
|
||||
# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
|
||||
# define ENGINE_F_ENGINE_SET_ID 129
|
||||
# define ENGINE_F_ENGINE_SET_NAME 130
|
||||
# define ENGINE_F_ENGINE_TABLE_REGISTER 184
|
||||
# define ENGINE_F_ENGINE_UNLOAD_KEY 152
|
||||
# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
|
||||
# define ENGINE_F_ENGINE_UP_REF 190
|
||||
# define ENGINE_F_INT_CTRL_HELPER 172
|
||||
# define ENGINE_F_INT_ENGINE_CONFIGURE 188
|
||||
# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
|
||||
# define ENGINE_F_LOG_MESSAGE 141
|
||||
|
||||
/* Reason codes. */
|
||||
# define ENGINE_R_ALREADY_LOADED 100
|
||||
# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
|
||||
# define ENGINE_R_CMD_NOT_EXECUTABLE 134
|
||||
# define ENGINE_R_COMMAND_TAKES_INPUT 135
|
||||
# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
|
||||
# define ENGINE_R_CONFLICTING_ENGINE_ID 103
|
||||
# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
|
||||
# define ENGINE_R_DH_NOT_IMPLEMENTED 139
|
||||
# define ENGINE_R_DSA_NOT_IMPLEMENTED 140
|
||||
# define ENGINE_R_DSO_FAILURE 104
|
||||
# define ENGINE_R_DSO_NOT_FOUND 132
|
||||
# define ENGINE_R_ENGINES_SECTION_ERROR 148
|
||||
# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
|
||||
# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
|
||||
# define ENGINE_R_ENGINE_SECTION_ERROR 149
|
||||
# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
|
||||
# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
|
||||
# define ENGINE_R_FINISH_FAILED 106
|
||||
# define ENGINE_R_GET_HANDLE_FAILED 107
|
||||
# define ENGINE_R_ID_OR_NAME_MISSING 108
|
||||
# define ENGINE_R_INIT_FAILED 109
|
||||
# define ENGINE_R_INTERNAL_LIST_ERROR 110
|
||||
# define ENGINE_R_INVALID_ARGUMENT 143
|
||||
# define ENGINE_R_INVALID_CMD_NAME 137
|
||||
# define ENGINE_R_INVALID_CMD_NUMBER 138
|
||||
# define ENGINE_R_INVALID_INIT_VALUE 151
|
||||
# define ENGINE_R_INVALID_STRING 150
|
||||
# define ENGINE_R_NOT_INITIALISED 117
|
||||
# define ENGINE_R_NOT_LOADED 112
|
||||
# define ENGINE_R_NO_CONTROL_FUNCTION 120
|
||||
# define ENGINE_R_NO_INDEX 144
|
||||
# define ENGINE_R_NO_LOAD_FUNCTION 125
|
||||
# define ENGINE_R_NO_REFERENCE 130
|
||||
# define ENGINE_R_NO_SUCH_ENGINE 116
|
||||
# define ENGINE_R_NO_UNLOAD_FUNCTION 126
|
||||
# define ENGINE_R_PROVIDE_PARAMETERS 113
|
||||
# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
|
||||
# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
|
||||
# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
|
||||
# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
|
||||
# define ENGINE_R_VERSION_INCOMPATIBILITY 145
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,105 @@
|
|||
/* crypto/idea/idea.h */
|
||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_IDEA_H
|
||||
# define HEADER_IDEA_H
|
||||
|
||||
# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
|
||||
|
||||
# ifdef OPENSSL_NO_IDEA
|
||||
# error IDEA is disabled.
|
||||
# endif
|
||||
|
||||
# define IDEA_ENCRYPT 1
|
||||
# define IDEA_DECRYPT 0
|
||||
|
||||
# define IDEA_BLOCK 8
|
||||
# define IDEA_KEY_LENGTH 16
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef struct idea_key_st {
|
||||
IDEA_INT data[9][6];
|
||||
} IDEA_KEY_SCHEDULE;
|
||||
|
||||
const char *idea_options(void);
|
||||
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
IDEA_KEY_SCHEDULE *ks);
|
||||
# ifdef OPENSSL_FIPS
|
||||
void private_idea_set_encrypt_key(const unsigned char *key,
|
||||
IDEA_KEY_SCHEDULE *ks);
|
||||
# endif
|
||||
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
||||
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
|
||||
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int enc);
|
||||
void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int *num, int enc);
|
||||
void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int *num);
|
||||
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,240 @@
|
|||
/* krb5_asn.h */
|
||||
/*
|
||||
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
|
||||
* using ocsp/{*.h,*asn*.c} as a starting point
|
||||
*/
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_KRB5_ASN_H
|
||||
# define HEADER_KRB5_ASN_H
|
||||
|
||||
/*
|
||||
* #include <krb5.h>
|
||||
*/
|
||||
# include <openssl/safestack.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
* ASN.1 from Kerberos RFC 1510
|
||||
*/
|
||||
|
||||
/*- EncryptedData ::= SEQUENCE {
|
||||
* etype[0] INTEGER, -- EncryptionType
|
||||
* kvno[1] INTEGER OPTIONAL,
|
||||
* cipher[2] OCTET STRING -- ciphertext
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_encdata_st {
|
||||
ASN1_INTEGER *etype;
|
||||
ASN1_INTEGER *kvno;
|
||||
ASN1_OCTET_STRING *cipher;
|
||||
} KRB5_ENCDATA;
|
||||
|
||||
DECLARE_STACK_OF(KRB5_ENCDATA)
|
||||
|
||||
/*- PrincipalName ::= SEQUENCE {
|
||||
* name-type[0] INTEGER,
|
||||
* name-string[1] SEQUENCE OF GeneralString
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_princname_st {
|
||||
ASN1_INTEGER *nametype;
|
||||
STACK_OF(ASN1_GENERALSTRING) *namestring;
|
||||
} KRB5_PRINCNAME;
|
||||
|
||||
DECLARE_STACK_OF(KRB5_PRINCNAME)
|
||||
|
||||
/*- Ticket ::= [APPLICATION 1] SEQUENCE {
|
||||
* tkt-vno[0] INTEGER,
|
||||
* realm[1] Realm,
|
||||
* sname[2] PrincipalName,
|
||||
* enc-part[3] EncryptedData
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_tktbody_st {
|
||||
ASN1_INTEGER *tktvno;
|
||||
ASN1_GENERALSTRING *realm;
|
||||
KRB5_PRINCNAME *sname;
|
||||
KRB5_ENCDATA *encdata;
|
||||
} KRB5_TKTBODY;
|
||||
|
||||
typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
|
||||
DECLARE_STACK_OF(KRB5_TKTBODY)
|
||||
|
||||
/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
|
||||
* pvno[0] INTEGER,
|
||||
* msg-type[1] INTEGER,
|
||||
* ap-options[2] APOptions,
|
||||
* ticket[3] Ticket,
|
||||
* authenticator[4] EncryptedData
|
||||
* }
|
||||
*
|
||||
* APOptions ::= BIT STRING {
|
||||
* reserved(0), use-session-key(1), mutual-required(2) }
|
||||
*/
|
||||
typedef struct krb5_ap_req_st {
|
||||
ASN1_INTEGER *pvno;
|
||||
ASN1_INTEGER *msgtype;
|
||||
ASN1_BIT_STRING *apoptions;
|
||||
KRB5_TICKET *ticket;
|
||||
KRB5_ENCDATA *authenticator;
|
||||
} KRB5_APREQBODY;
|
||||
|
||||
typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
|
||||
DECLARE_STACK_OF(KRB5_APREQBODY)
|
||||
|
||||
/* Authenticator Stuff */
|
||||
|
||||
/*- Checksum ::= SEQUENCE {
|
||||
* cksumtype[0] INTEGER,
|
||||
* checksum[1] OCTET STRING
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_checksum_st {
|
||||
ASN1_INTEGER *ctype;
|
||||
ASN1_OCTET_STRING *checksum;
|
||||
} KRB5_CHECKSUM;
|
||||
|
||||
DECLARE_STACK_OF(KRB5_CHECKSUM)
|
||||
|
||||
/*- EncryptionKey ::= SEQUENCE {
|
||||
* keytype[0] INTEGER,
|
||||
* keyvalue[1] OCTET STRING
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_encryptionkey_st {
|
||||
ASN1_INTEGER *ktype;
|
||||
ASN1_OCTET_STRING *keyvalue;
|
||||
} KRB5_ENCKEY;
|
||||
|
||||
DECLARE_STACK_OF(KRB5_ENCKEY)
|
||||
|
||||
/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
|
||||
* ad-type[0] INTEGER,
|
||||
* ad-data[1] OCTET STRING
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_authorization_st {
|
||||
ASN1_INTEGER *adtype;
|
||||
ASN1_OCTET_STRING *addata;
|
||||
} KRB5_AUTHDATA;
|
||||
|
||||
DECLARE_STACK_OF(KRB5_AUTHDATA)
|
||||
|
||||
/*- -- Unencrypted authenticator
|
||||
* Authenticator ::= [APPLICATION 2] SEQUENCE {
|
||||
* authenticator-vno[0] INTEGER,
|
||||
* crealm[1] Realm,
|
||||
* cname[2] PrincipalName,
|
||||
* cksum[3] Checksum OPTIONAL,
|
||||
* cusec[4] INTEGER,
|
||||
* ctime[5] KerberosTime,
|
||||
* subkey[6] EncryptionKey OPTIONAL,
|
||||
* seq-number[7] INTEGER OPTIONAL,
|
||||
* authorization-data[8] AuthorizationData OPTIONAL
|
||||
* }
|
||||
*/
|
||||
typedef struct krb5_authenticator_st {
|
||||
ASN1_INTEGER *avno;
|
||||
ASN1_GENERALSTRING *crealm;
|
||||
KRB5_PRINCNAME *cname;
|
||||
KRB5_CHECKSUM *cksum;
|
||||
ASN1_INTEGER *cusec;
|
||||
ASN1_GENERALIZEDTIME *ctime;
|
||||
KRB5_ENCKEY *subkey;
|
||||
ASN1_INTEGER *seqnum;
|
||||
KRB5_AUTHDATA *authorization;
|
||||
} KRB5_AUTHENTBODY;
|
||||
|
||||
typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
|
||||
DECLARE_STACK_OF(KRB5_AUTHENTBODY)
|
||||
|
||||
/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
|
||||
* type *name##_new(void);
|
||||
* void name##_free(type *a);
|
||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
|
||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
|
||||
* type *d2i_##name(type **a, const unsigned char **in, long len);
|
||||
* int i2d_##name(type *a, unsigned char **out);
|
||||
* DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
|
||||
*/
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
|
||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,119 @@
|
|||
/* crypto/md4/md4.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_MD4_H
|
||||
# define HEADER_MD4_H
|
||||
|
||||
# include <openssl/e_os2.h>
|
||||
# include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# ifdef OPENSSL_NO_MD4
|
||||
# error MD4 is disabled.
|
||||
# endif
|
||||
|
||||
/*-
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
* ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||
* ! MD4_LONG_LOG2 has to be defined along. !
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
# if defined(__LP32__)
|
||||
# define MD4_LONG unsigned long
|
||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
# define MD4_LONG unsigned long
|
||||
# define MD4_LONG_LOG2 3
|
||||
/*
|
||||
* _CRAY note. I could declare short, but I have no idea what impact
|
||||
* does it have on performance on none-T3E machines. I could declare
|
||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
||||
* So I've chosen long...
|
||||
* <appro@fy.chalmers.se>
|
||||
*/
|
||||
# else
|
||||
# define MD4_LONG unsigned int
|
||||
# endif
|
||||
|
||||
# define MD4_CBLOCK 64
|
||||
# define MD4_LBLOCK (MD4_CBLOCK/4)
|
||||
# define MD4_DIGEST_LENGTH 16
|
||||
|
||||
typedef struct MD4state_st {
|
||||
MD4_LONG A, B, C, D;
|
||||
MD4_LONG Nl, Nh;
|
||||
MD4_LONG data[MD4_LBLOCK];
|
||||
unsigned int num;
|
||||
} MD4_CTX;
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
int private_MD4_Init(MD4_CTX *c);
|
||||
# endif
|
||||
int MD4_Init(MD4_CTX *c);
|
||||
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
|
||||
int MD4_Final(unsigned char *md, MD4_CTX *c);
|
||||
unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
|
||||
void MD4_Transform(MD4_CTX *c, const unsigned char *b);
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,119 @@
|
|||
/* crypto/md5/md5.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_MD5_H
|
||||
# define HEADER_MD5_H
|
||||
|
||||
# include <openssl/e_os2.h>
|
||||
# include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# ifdef OPENSSL_NO_MD5
|
||||
# error MD5 is disabled.
|
||||
# endif
|
||||
|
||||
/*
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
* ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||
* ! MD5_LONG_LOG2 has to be defined along. !
|
||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
# if defined(__LP32__)
|
||||
# define MD5_LONG unsigned long
|
||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
# define MD5_LONG unsigned long
|
||||
# define MD5_LONG_LOG2 3
|
||||
/*
|
||||
* _CRAY note. I could declare short, but I have no idea what impact
|
||||
* does it have on performance on none-T3E machines. I could declare
|
||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
||||
* So I've chosen long...
|
||||
* <appro@fy.chalmers.se>
|
||||
*/
|
||||
# else
|
||||
# define MD5_LONG unsigned int
|
||||
# endif
|
||||
|
||||
# define MD5_CBLOCK 64
|
||||
# define MD5_LBLOCK (MD5_CBLOCK/4)
|
||||
# define MD5_DIGEST_LENGTH 16
|
||||
|
||||
typedef struct MD5state_st {
|
||||
MD5_LONG A, B, C, D;
|
||||
MD5_LONG Nl, Nh;
|
||||
MD5_LONG data[MD5_LBLOCK];
|
||||
unsigned int num;
|
||||
} MD5_CTX;
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
int private_MD5_Init(MD5_CTX *c);
|
||||
# endif
|
||||
int MD5_Init(MD5_CTX *c);
|
||||
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
|
||||
int MD5_Final(unsigned char *md, MD5_CTX *c);
|
||||
unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
|
||||
void MD5_Transform(MD5_CTX *c, const unsigned char *b);
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,94 @@
|
|||
/* crypto/mdc2/mdc2.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_MDC2_H
|
||||
# define HEADER_MDC2_H
|
||||
|
||||
# include <openssl/des.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# ifdef OPENSSL_NO_MDC2
|
||||
# error MDC2 is disabled.
|
||||
# endif
|
||||
|
||||
# define MDC2_BLOCK 8
|
||||
# define MDC2_DIGEST_LENGTH 16
|
||||
|
||||
typedef struct mdc2_ctx_st {
|
||||
unsigned int num;
|
||||
unsigned char data[MDC2_BLOCK];
|
||||
DES_cblock h, hh;
|
||||
int pad_type; /* either 1 or 2, default 1 */
|
||||
} MDC2_CTX;
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
int private_MDC2_Init(MDC2_CTX *c);
|
||||
# endif
|
||||
int MDC2_Init(MDC2_CTX *c);
|
||||
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
|
||||
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
|
||||
unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,163 @@
|
|||
/* ====================================================================
|
||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Rights for redistribution and usage in source and binary
|
||||
* forms are granted according to the OpenSSL license.
|
||||
*/
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
typedef void (*block128_f) (const unsigned char in[16],
|
||||
unsigned char out[16], const void *key);
|
||||
|
||||
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int enc);
|
||||
|
||||
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const void *key,
|
||||
const unsigned char ivec[16]);
|
||||
|
||||
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const void *key,
|
||||
const unsigned char ivec[16],
|
||||
unsigned char cmac[16]);
|
||||
|
||||
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
|
||||
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16],
|
||||
unsigned char ecount_buf[16], unsigned int *num,
|
||||
block128_f block);
|
||||
|
||||
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16],
|
||||
unsigned char ecount_buf[16],
|
||||
unsigned int *num, ctr128_f ctr);
|
||||
|
||||
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
block128_f block);
|
||||
|
||||
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
int enc, block128_f block);
|
||||
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
int enc, block128_f block);
|
||||
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t bits, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
int enc, block128_f block);
|
||||
|
||||
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
const void *key, unsigned char ivec[16],
|
||||
block128_f block);
|
||||
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
const void *key, unsigned char ivec[16],
|
||||
block128_f block);
|
||||
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
|
||||
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
const void *key,
|
||||
unsigned char ivec[16],
|
||||
block128_f block);
|
||||
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
|
||||
unsigned char *out, size_t len,
|
||||
const void *key,
|
||||
unsigned char ivec[16],
|
||||
block128_f block);
|
||||
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
|
||||
typedef struct gcm128_context GCM128_CONTEXT;
|
||||
|
||||
GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
|
||||
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
|
||||
void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len, ctr128_f stream);
|
||||
int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len, ctr128_f stream);
|
||||
int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
|
||||
size_t len);
|
||||
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
||||
void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
|
||||
|
||||
typedef struct ccm128_context CCM128_CONTEXT;
|
||||
|
||||
void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
|
||||
unsigned int M, unsigned int L, void *key,
|
||||
block128_f block);
|
||||
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
|
||||
size_t nlen, size_t mlen);
|
||||
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
|
||||
size_t alen);
|
||||
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
||||
unsigned char *out, size_t len);
|
||||
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
||||
unsigned char *out, size_t len);
|
||||
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
||||
unsigned char *out, size_t len,
|
||||
ccm128_f stream);
|
||||
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
||||
unsigned char *out, size_t len,
|
||||
ccm128_f stream);
|
||||
size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
||||
|
||||
typedef struct xts128_context XTS128_CONTEXT;
|
||||
|
||||
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
|
||||
const unsigned char iv[16],
|
||||
const unsigned char *inp, unsigned char *out,
|
||||
size_t len, int enc);
|
||||
|
||||
size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
|
||||
unsigned char *out,
|
||||
const unsigned char *in, size_t inlen,
|
||||
block128_f block);
|
||||
|
||||
size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
|
||||
unsigned char *out,
|
||||
const unsigned char *in, size_t inlen,
|
||||
block128_f block);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
|
@ -0,0 +1,637 @@
|
|||
/* ocsp.h */
|
||||
/*
|
||||
* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
|
||||
* project.
|
||||
*/
|
||||
|
||||
/*
|
||||
* History: This file was transfered to Richard Levitte from CertCo by Kathy
|
||||
* Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
|
||||
* patch kit.
|
||||
*/
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_OCSP_H
|
||||
# define HEADER_OCSP_H
|
||||
|
||||
# include <openssl/ossl_typ.h>
|
||||
# include <openssl/x509.h>
|
||||
# include <openssl/x509v3.h>
|
||||
# include <openssl/safestack.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Various flags and values */
|
||||
|
||||
# define OCSP_DEFAULT_NONCE_LENGTH 16
|
||||
|
||||
# define OCSP_NOCERTS 0x1
|
||||
# define OCSP_NOINTERN 0x2
|
||||
# define OCSP_NOSIGS 0x4
|
||||
# define OCSP_NOCHAIN 0x8
|
||||
# define OCSP_NOVERIFY 0x10
|
||||
# define OCSP_NOEXPLICIT 0x20
|
||||
# define OCSP_NOCASIGN 0x40
|
||||
# define OCSP_NODELEGATED 0x80
|
||||
# define OCSP_NOCHECKS 0x100
|
||||
# define OCSP_TRUSTOTHER 0x200
|
||||
# define OCSP_RESPID_KEY 0x400
|
||||
# define OCSP_NOTIME 0x800
|
||||
|
||||
/*- CertID ::= SEQUENCE {
|
||||
* hashAlgorithm AlgorithmIdentifier,
|
||||
* issuerNameHash OCTET STRING, -- Hash of Issuer's DN
|
||||
* issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
|
||||
* serialNumber CertificateSerialNumber }
|
||||
*/
|
||||
typedef struct ocsp_cert_id_st {
|
||||
X509_ALGOR *hashAlgorithm;
|
||||
ASN1_OCTET_STRING *issuerNameHash;
|
||||
ASN1_OCTET_STRING *issuerKeyHash;
|
||||
ASN1_INTEGER *serialNumber;
|
||||
} OCSP_CERTID;
|
||||
|
||||
DECLARE_STACK_OF(OCSP_CERTID)
|
||||
|
||||
/*- Request ::= SEQUENCE {
|
||||
* reqCert CertID,
|
||||
* singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_one_request_st {
|
||||
OCSP_CERTID *reqCert;
|
||||
STACK_OF(X509_EXTENSION) *singleRequestExtensions;
|
||||
} OCSP_ONEREQ;
|
||||
|
||||
DECLARE_STACK_OF(OCSP_ONEREQ)
|
||||
DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
|
||||
|
||||
/*- TBSRequest ::= SEQUENCE {
|
||||
* version [0] EXPLICIT Version DEFAULT v1,
|
||||
* requestorName [1] EXPLICIT GeneralName OPTIONAL,
|
||||
* requestList SEQUENCE OF Request,
|
||||
* requestExtensions [2] EXPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_req_info_st {
|
||||
ASN1_INTEGER *version;
|
||||
GENERAL_NAME *requestorName;
|
||||
STACK_OF(OCSP_ONEREQ) *requestList;
|
||||
STACK_OF(X509_EXTENSION) *requestExtensions;
|
||||
} OCSP_REQINFO;
|
||||
|
||||
/*- Signature ::= SEQUENCE {
|
||||
* signatureAlgorithm AlgorithmIdentifier,
|
||||
* signature BIT STRING,
|
||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_signature_st {
|
||||
X509_ALGOR *signatureAlgorithm;
|
||||
ASN1_BIT_STRING *signature;
|
||||
STACK_OF(X509) *certs;
|
||||
} OCSP_SIGNATURE;
|
||||
|
||||
/*- OCSPRequest ::= SEQUENCE {
|
||||
* tbsRequest TBSRequest,
|
||||
* optionalSignature [0] EXPLICIT Signature OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_request_st {
|
||||
OCSP_REQINFO *tbsRequest;
|
||||
OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
|
||||
} OCSP_REQUEST;
|
||||
|
||||
/*- OCSPResponseStatus ::= ENUMERATED {
|
||||
* successful (0), --Response has valid confirmations
|
||||
* malformedRequest (1), --Illegal confirmation request
|
||||
* internalError (2), --Internal error in issuer
|
||||
* tryLater (3), --Try again later
|
||||
* --(4) is not used
|
||||
* sigRequired (5), --Must sign the request
|
||||
* unauthorized (6) --Request unauthorized
|
||||
* }
|
||||
*/
|
||||
# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
|
||||
# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
|
||||
# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
|
||||
# define OCSP_RESPONSE_STATUS_TRYLATER 3
|
||||
# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
|
||||
# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
|
||||
|
||||
/*- ResponseBytes ::= SEQUENCE {
|
||||
* responseType OBJECT IDENTIFIER,
|
||||
* response OCTET STRING }
|
||||
*/
|
||||
typedef struct ocsp_resp_bytes_st {
|
||||
ASN1_OBJECT *responseType;
|
||||
ASN1_OCTET_STRING *response;
|
||||
} OCSP_RESPBYTES;
|
||||
|
||||
/*- OCSPResponse ::= SEQUENCE {
|
||||
* responseStatus OCSPResponseStatus,
|
||||
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
|
||||
*/
|
||||
struct ocsp_response_st {
|
||||
ASN1_ENUMERATED *responseStatus;
|
||||
OCSP_RESPBYTES *responseBytes;
|
||||
};
|
||||
|
||||
/*- ResponderID ::= CHOICE {
|
||||
* byName [1] Name,
|
||||
* byKey [2] KeyHash }
|
||||
*/
|
||||
# define V_OCSP_RESPID_NAME 0
|
||||
# define V_OCSP_RESPID_KEY 1
|
||||
struct ocsp_responder_id_st {
|
||||
int type;
|
||||
union {
|
||||
X509_NAME *byName;
|
||||
ASN1_OCTET_STRING *byKey;
|
||||
} value;
|
||||
};
|
||||
|
||||
DECLARE_STACK_OF(OCSP_RESPID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
||||
|
||||
/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
|
||||
* --(excluding the tag and length fields)
|
||||
*/
|
||||
|
||||
/*- RevokedInfo ::= SEQUENCE {
|
||||
* revocationTime GeneralizedTime,
|
||||
* revocationReason [0] EXPLICIT CRLReason OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_revoked_info_st {
|
||||
ASN1_GENERALIZEDTIME *revocationTime;
|
||||
ASN1_ENUMERATED *revocationReason;
|
||||
} OCSP_REVOKEDINFO;
|
||||
|
||||
/*- CertStatus ::= CHOICE {
|
||||
* good [0] IMPLICIT NULL,
|
||||
* revoked [1] IMPLICIT RevokedInfo,
|
||||
* unknown [2] IMPLICIT UnknownInfo }
|
||||
*/
|
||||
# define V_OCSP_CERTSTATUS_GOOD 0
|
||||
# define V_OCSP_CERTSTATUS_REVOKED 1
|
||||
# define V_OCSP_CERTSTATUS_UNKNOWN 2
|
||||
typedef struct ocsp_cert_status_st {
|
||||
int type;
|
||||
union {
|
||||
ASN1_NULL *good;
|
||||
OCSP_REVOKEDINFO *revoked;
|
||||
ASN1_NULL *unknown;
|
||||
} value;
|
||||
} OCSP_CERTSTATUS;
|
||||
|
||||
/*- SingleResponse ::= SEQUENCE {
|
||||
* certID CertID,
|
||||
* certStatus CertStatus,
|
||||
* thisUpdate GeneralizedTime,
|
||||
* nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
|
||||
* singleExtensions [1] EXPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_single_response_st {
|
||||
OCSP_CERTID *certId;
|
||||
OCSP_CERTSTATUS *certStatus;
|
||||
ASN1_GENERALIZEDTIME *thisUpdate;
|
||||
ASN1_GENERALIZEDTIME *nextUpdate;
|
||||
STACK_OF(X509_EXTENSION) *singleExtensions;
|
||||
} OCSP_SINGLERESP;
|
||||
|
||||
DECLARE_STACK_OF(OCSP_SINGLERESP)
|
||||
DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
|
||||
|
||||
/*- ResponseData ::= SEQUENCE {
|
||||
* version [0] EXPLICIT Version DEFAULT v1,
|
||||
* responderID ResponderID,
|
||||
* producedAt GeneralizedTime,
|
||||
* responses SEQUENCE OF SingleResponse,
|
||||
* responseExtensions [1] EXPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_response_data_st {
|
||||
ASN1_INTEGER *version;
|
||||
OCSP_RESPID *responderId;
|
||||
ASN1_GENERALIZEDTIME *producedAt;
|
||||
STACK_OF(OCSP_SINGLERESP) *responses;
|
||||
STACK_OF(X509_EXTENSION) *responseExtensions;
|
||||
} OCSP_RESPDATA;
|
||||
|
||||
/*- BasicOCSPResponse ::= SEQUENCE {
|
||||
* tbsResponseData ResponseData,
|
||||
* signatureAlgorithm AlgorithmIdentifier,
|
||||
* signature BIT STRING,
|
||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
||||
*/
|
||||
/*
|
||||
* Note 1: The value for "signature" is specified in the OCSP rfc2560 as
|
||||
* follows: "The value for the signature SHALL be computed on the hash of
|
||||
* the DER encoding ResponseData." This means that you must hash the
|
||||
* DER-encoded tbsResponseData, and then run it through a crypto-signing
|
||||
* function, which will (at least w/RSA) do a hash-'n'-private-encrypt
|
||||
* operation. This seems a bit odd, but that's the spec. Also note that
|
||||
* the data structures do not leave anywhere to independently specify the
|
||||
* algorithm used for the initial hash. So, we look at the
|
||||
* signature-specification algorithm, and try to do something intelligent.
|
||||
* -- Kathy Weinhold, CertCo
|
||||
*/
|
||||
/*
|
||||
* Note 2: It seems that the mentioned passage from RFC 2560 (section
|
||||
* 4.2.1) is open for interpretation. I've done tests against another
|
||||
* responder, and found that it doesn't do the double hashing that the RFC
|
||||
* seems to say one should. Therefore, all relevant functions take a flag
|
||||
* saying which variant should be used. -- Richard Levitte, OpenSSL team
|
||||
* and CeloCom
|
||||
*/
|
||||
typedef struct ocsp_basic_response_st {
|
||||
OCSP_RESPDATA *tbsResponseData;
|
||||
X509_ALGOR *signatureAlgorithm;
|
||||
ASN1_BIT_STRING *signature;
|
||||
STACK_OF(X509) *certs;
|
||||
} OCSP_BASICRESP;
|
||||
|
||||
/*-
|
||||
* CRLReason ::= ENUMERATED {
|
||||
* unspecified (0),
|
||||
* keyCompromise (1),
|
||||
* cACompromise (2),
|
||||
* affiliationChanged (3),
|
||||
* superseded (4),
|
||||
* cessationOfOperation (5),
|
||||
* certificateHold (6),
|
||||
* removeFromCRL (8) }
|
||||
*/
|
||||
# define OCSP_REVOKED_STATUS_NOSTATUS -1
|
||||
# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
|
||||
# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
|
||||
# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
|
||||
# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
|
||||
# define OCSP_REVOKED_STATUS_SUPERSEDED 4
|
||||
# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
|
||||
# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
|
||||
# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
|
||||
|
||||
/*-
|
||||
* CrlID ::= SEQUENCE {
|
||||
* crlUrl [0] EXPLICIT IA5String OPTIONAL,
|
||||
* crlNum [1] EXPLICIT INTEGER OPTIONAL,
|
||||
* crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_crl_id_st {
|
||||
ASN1_IA5STRING *crlUrl;
|
||||
ASN1_INTEGER *crlNum;
|
||||
ASN1_GENERALIZEDTIME *crlTime;
|
||||
} OCSP_CRLID;
|
||||
|
||||
/*-
|
||||
* ServiceLocator ::= SEQUENCE {
|
||||
* issuer Name,
|
||||
* locator AuthorityInfoAccessSyntax OPTIONAL }
|
||||
*/
|
||||
typedef struct ocsp_service_locator_st {
|
||||
X509_NAME *issuer;
|
||||
STACK_OF(ACCESS_DESCRIPTION) *locator;
|
||||
} OCSP_SERVICELOC;
|
||||
|
||||
# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
|
||||
# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
|
||||
|
||||
# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
|
||||
|
||||
# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
|
||||
|
||||
# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
|
||||
|
||||
# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
|
||||
(char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
|
||||
|
||||
# define PEM_write_bio_OCSP_REQUEST(bp,o) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
|
||||
bp,(char *)o, NULL,NULL,0,NULL,NULL)
|
||||
|
||||
# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
|
||||
bp,(char *)o, NULL,NULL,0,NULL,NULL)
|
||||
|
||||
# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
|
||||
|
||||
# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
|
||||
|
||||
# define OCSP_REQUEST_sign(o,pkey,md) \
|
||||
ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
|
||||
o->optionalSignature->signatureAlgorithm,NULL,\
|
||||
o->optionalSignature->signature,o->tbsRequest,pkey,md)
|
||||
|
||||
# define OCSP_BASICRESP_sign(o,pkey,md,d) \
|
||||
ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
|
||||
o->signature,o->tbsResponseData,pkey,md)
|
||||
|
||||
# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
|
||||
a->optionalSignature->signatureAlgorithm,\
|
||||
a->optionalSignature->signature,a->tbsRequest,r)
|
||||
|
||||
# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
|
||||
a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
|
||||
|
||||
# define ASN1_BIT_STRING_digest(data,type,md,len) \
|
||||
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
|
||||
|
||||
# define OCSP_CERTSTATUS_dup(cs)\
|
||||
(OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
|
||||
(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
|
||||
|
||||
OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
|
||||
|
||||
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
|
||||
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
|
||||
int maxline);
|
||||
int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
|
||||
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
|
||||
OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
|
||||
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
|
||||
void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
|
||||
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
|
||||
ASN1_VALUE *val);
|
||||
int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
|
||||
const ASN1_ITEM *it);
|
||||
BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
|
||||
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
|
||||
ASN1_VALUE *val);
|
||||
int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
|
||||
int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
|
||||
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
|
||||
const char *name, const char *value);
|
||||
|
||||
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
|
||||
|
||||
OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
|
||||
X509_NAME *issuerName,
|
||||
ASN1_BIT_STRING *issuerKey,
|
||||
ASN1_INTEGER *serialNumber);
|
||||
|
||||
OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
|
||||
|
||||
int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
|
||||
int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
|
||||
int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
|
||||
int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
|
||||
|
||||
int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
|
||||
int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
|
||||
|
||||
int OCSP_request_sign(OCSP_REQUEST *req,
|
||||
X509 *signer,
|
||||
EVP_PKEY *key,
|
||||
const EVP_MD *dgst,
|
||||
STACK_OF(X509) *certs, unsigned long flags);
|
||||
|
||||
int OCSP_response_status(OCSP_RESPONSE *resp);
|
||||
OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
|
||||
|
||||
int OCSP_resp_count(OCSP_BASICRESP *bs);
|
||||
OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
|
||||
int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
|
||||
int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
|
||||
ASN1_GENERALIZEDTIME **revtime,
|
||||
ASN1_GENERALIZEDTIME **thisupd,
|
||||
ASN1_GENERALIZEDTIME **nextupd);
|
||||
int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
|
||||
int *reason,
|
||||
ASN1_GENERALIZEDTIME **revtime,
|
||||
ASN1_GENERALIZEDTIME **thisupd,
|
||||
ASN1_GENERALIZEDTIME **nextupd);
|
||||
int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
|
||||
ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
|
||||
|
||||
int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
|
||||
X509_STORE *store, unsigned long flags);
|
||||
|
||||
int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
|
||||
int *pssl);
|
||||
|
||||
int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
||||
int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
||||
|
||||
int OCSP_request_onereq_count(OCSP_REQUEST *req);
|
||||
OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
|
||||
OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
|
||||
int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
|
||||
ASN1_OCTET_STRING **pikeyHash,
|
||||
ASN1_INTEGER **pserial, OCSP_CERTID *cid);
|
||||
int OCSP_request_is_signed(OCSP_REQUEST *req);
|
||||
OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
|
||||
OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
||||
OCSP_CERTID *cid,
|
||||
int status, int reason,
|
||||
ASN1_TIME *revtime,
|
||||
ASN1_TIME *thisupd,
|
||||
ASN1_TIME *nextupd);
|
||||
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
|
||||
int OCSP_basic_sign(OCSP_BASICRESP *brsp,
|
||||
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
|
||||
STACK_OF(X509) *certs, unsigned long flags);
|
||||
|
||||
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
|
||||
|
||||
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
|
||||
|
||||
X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
|
||||
|
||||
X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
|
||||
|
||||
int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
|
||||
int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
|
||||
int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
|
||||
X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
|
||||
X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
|
||||
void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
|
||||
int *idx);
|
||||
int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
|
||||
unsigned long flags);
|
||||
int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
|
||||
|
||||
int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
|
||||
int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
|
||||
int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
|
||||
int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
|
||||
X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
|
||||
X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
|
||||
void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
|
||||
int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
|
||||
unsigned long flags);
|
||||
int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
|
||||
|
||||
int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
|
||||
int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
|
||||
int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
|
||||
int lastpos);
|
||||
X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
|
||||
X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
|
||||
void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
|
||||
int *idx);
|
||||
int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
|
||||
int crit, unsigned long flags);
|
||||
int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
|
||||
|
||||
int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
|
||||
int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
|
||||
int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
|
||||
int lastpos);
|
||||
X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
|
||||
X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
|
||||
void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
|
||||
int *idx);
|
||||
int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
|
||||
int crit, unsigned long flags);
|
||||
int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
|
||||
|
||||
const char *OCSP_response_status_str(long s);
|
||||
const char *OCSP_cert_status_str(long s);
|
||||
const char *OCSP_crl_reason_str(long s);
|
||||
|
||||
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
|
||||
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
|
||||
|
||||
int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
|
||||
X509_STORE *st, unsigned long flags);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_OCSP_strings(void);
|
||||
|
||||
/* Error codes for the OCSP functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define OCSP_F_ASN1_STRING_ENCODE 100
|
||||
# define OCSP_F_D2I_OCSP_NONCE 102
|
||||
# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
|
||||
# define OCSP_F_OCSP_BASIC_SIGN 104
|
||||
# define OCSP_F_OCSP_BASIC_VERIFY 105
|
||||
# define OCSP_F_OCSP_CERT_ID_NEW 101
|
||||
# define OCSP_F_OCSP_CHECK_DELEGATED 106
|
||||
# define OCSP_F_OCSP_CHECK_IDS 107
|
||||
# define OCSP_F_OCSP_CHECK_ISSUER 108
|
||||
# define OCSP_F_OCSP_CHECK_VALIDITY 115
|
||||
# define OCSP_F_OCSP_MATCH_ISSUERID 109
|
||||
# define OCSP_F_OCSP_PARSE_URL 114
|
||||
# define OCSP_F_OCSP_REQUEST_SIGN 110
|
||||
# define OCSP_F_OCSP_REQUEST_VERIFY 116
|
||||
# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
|
||||
# define OCSP_F_OCSP_SENDREQ_BIO 112
|
||||
# define OCSP_F_OCSP_SENDREQ_NBIO 117
|
||||
# define OCSP_F_PARSE_HTTP_LINE1 118
|
||||
# define OCSP_F_REQUEST_VERIFY 113
|
||||
|
||||
/* Reason codes. */
|
||||
# define OCSP_R_BAD_DATA 100
|
||||
# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
|
||||
# define OCSP_R_DIGEST_ERR 102
|
||||
# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
|
||||
# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
|
||||
# define OCSP_R_ERROR_PARSING_URL 121
|
||||
# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
|
||||
# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
|
||||
# define OCSP_R_NOT_BASIC_RESPONSE 104
|
||||
# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
|
||||
# define OCSP_R_NO_CONTENT 106
|
||||
# define OCSP_R_NO_PUBLIC_KEY 107
|
||||
# define OCSP_R_NO_RESPONSE_DATA 108
|
||||
# define OCSP_R_NO_REVOKED_TIME 109
|
||||
# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
|
||||
# define OCSP_R_REQUEST_NOT_SIGNED 128
|
||||
# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
|
||||
# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
|
||||
# define OCSP_R_SERVER_READ_ERROR 113
|
||||
# define OCSP_R_SERVER_RESPONSE_ERROR 114
|
||||
# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
|
||||
# define OCSP_R_SERVER_WRITE_ERROR 116
|
||||
# define OCSP_R_SIGNATURE_FAILURE 117
|
||||
# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
|
||||
# define OCSP_R_STATUS_EXPIRED 125
|
||||
# define OCSP_R_STATUS_NOT_YET_VALID 126
|
||||
# define OCSP_R_STATUS_TOO_OLD 127
|
||||
# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
|
||||
# define OCSP_R_UNKNOWN_NID 120
|
||||
# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,342 @@
|
|||
/* pkcs12.h */
|
||||
/*
|
||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
||||
* 1999.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_PKCS12_H
|
||||
# define HEADER_PKCS12_H
|
||||
|
||||
# include <openssl/bio.h>
|
||||
# include <openssl/x509.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# define PKCS12_KEY_ID 1
|
||||
# define PKCS12_IV_ID 2
|
||||
# define PKCS12_MAC_ID 3
|
||||
|
||||
/* Default iteration count */
|
||||
# ifndef PKCS12_DEFAULT_ITER
|
||||
# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
|
||||
# endif
|
||||
|
||||
# define PKCS12_MAC_KEY_LENGTH 20
|
||||
|
||||
# define PKCS12_SALT_LEN 8
|
||||
|
||||
/* Uncomment out next line for unicode password and names, otherwise ASCII */
|
||||
|
||||
/*
|
||||
* #define PBE_UNICODE
|
||||
*/
|
||||
|
||||
# ifdef PBE_UNICODE
|
||||
# define PKCS12_key_gen PKCS12_key_gen_uni
|
||||
# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
|
||||
# else
|
||||
# define PKCS12_key_gen PKCS12_key_gen_asc
|
||||
# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
|
||||
# endif
|
||||
|
||||
/* MS key usage constants */
|
||||
|
||||
# define KEY_EX 0x10
|
||||
# define KEY_SIG 0x80
|
||||
|
||||
typedef struct {
|
||||
X509_SIG *dinfo;
|
||||
ASN1_OCTET_STRING *salt;
|
||||
ASN1_INTEGER *iter; /* defaults to 1 */
|
||||
} PKCS12_MAC_DATA;
|
||||
|
||||
typedef struct {
|
||||
ASN1_INTEGER *version;
|
||||
PKCS12_MAC_DATA *mac;
|
||||
PKCS7 *authsafes;
|
||||
} PKCS12;
|
||||
|
||||
typedef struct {
|
||||
ASN1_OBJECT *type;
|
||||
union {
|
||||
struct pkcs12_bag_st *bag; /* secret, crl and certbag */
|
||||
struct pkcs8_priv_key_info_st *keybag; /* keybag */
|
||||
X509_SIG *shkeybag; /* shrouded key bag */
|
||||
STACK_OF(PKCS12_SAFEBAG) *safes;
|
||||
ASN1_TYPE *other;
|
||||
} value;
|
||||
STACK_OF(X509_ATTRIBUTE) *attrib;
|
||||
} PKCS12_SAFEBAG;
|
||||
|
||||
DECLARE_STACK_OF(PKCS12_SAFEBAG)
|
||||
DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
|
||||
DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
|
||||
|
||||
typedef struct pkcs12_bag_st {
|
||||
ASN1_OBJECT *type;
|
||||
union {
|
||||
ASN1_OCTET_STRING *x509cert;
|
||||
ASN1_OCTET_STRING *x509crl;
|
||||
ASN1_OCTET_STRING *octet;
|
||||
ASN1_IA5STRING *sdsicert;
|
||||
ASN1_TYPE *other; /* Secret or other bag */
|
||||
} value;
|
||||
} PKCS12_BAGS;
|
||||
|
||||
# define PKCS12_ERROR 0
|
||||
# define PKCS12_OK 1
|
||||
|
||||
/* Compatibility macros */
|
||||
|
||||
# define M_PKCS12_x5092certbag PKCS12_x5092certbag
|
||||
# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
|
||||
|
||||
# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
|
||||
# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
|
||||
|
||||
# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
|
||||
# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
|
||||
# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
|
||||
# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
|
||||
|
||||
# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
|
||||
# define M_PKCS8_decrypt PKCS8_decrypt
|
||||
|
||||
# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
|
||||
# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
|
||||
# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
|
||||
|
||||
# define PKCS12_get_attr(bag, attr_nid) \
|
||||
PKCS12_get_attr_gen(bag->attrib, attr_nid)
|
||||
|
||||
# define PKCS8_get_attr(p8, attr_nid) \
|
||||
PKCS12_get_attr_gen(p8->attributes, attr_nid)
|
||||
|
||||
# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
|
||||
|
||||
PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
|
||||
PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
|
||||
X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
|
||||
X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
|
||||
|
||||
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
|
||||
int nid1, int nid2);
|
||||
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
|
||||
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
|
||||
int passlen);
|
||||
PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
|
||||
const char *pass, int passlen);
|
||||
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
|
||||
const char *pass, int passlen, unsigned char *salt,
|
||||
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
|
||||
PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
|
||||
int passlen, unsigned char *salt,
|
||||
int saltlen, int iter,
|
||||
PKCS8_PRIV_KEY_INFO *p8);
|
||||
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
|
||||
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
|
||||
PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
|
||||
unsigned char *salt, int saltlen, int iter,
|
||||
STACK_OF(PKCS12_SAFEBAG) *bags);
|
||||
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
|
||||
int passlen);
|
||||
|
||||
int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
|
||||
STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
|
||||
|
||||
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
|
||||
int namelen);
|
||||
int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
|
||||
int namelen);
|
||||
int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
|
||||
int namelen);
|
||||
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
|
||||
const unsigned char *name, int namelen);
|
||||
int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
|
||||
ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
|
||||
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
|
||||
unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
|
||||
int passlen, unsigned char *in, int inlen,
|
||||
unsigned char **data, int *datalen,
|
||||
int en_de);
|
||||
void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
|
||||
const char *pass, int passlen,
|
||||
ASN1_OCTET_STRING *oct, int zbuf);
|
||||
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
|
||||
const ASN1_ITEM *it,
|
||||
const char *pass, int passlen,
|
||||
void *obj, int zbuf);
|
||||
PKCS12 *PKCS12_init(int mode);
|
||||
int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
|
||||
int saltlen, int id, int iter, int n,
|
||||
unsigned char *out, const EVP_MD *md_type);
|
||||
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
|
||||
int saltlen, int id, int iter, int n,
|
||||
unsigned char *out, const EVP_MD *md_type);
|
||||
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
|
||||
ASN1_TYPE *param, const EVP_CIPHER *cipher,
|
||||
const EVP_MD *md_type, int en_de);
|
||||
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
|
||||
unsigned char *mac, unsigned int *maclen);
|
||||
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
|
||||
int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
|
||||
unsigned char *salt, int saltlen, int iter,
|
||||
const EVP_MD *md_type);
|
||||
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
|
||||
int saltlen, const EVP_MD *md_type);
|
||||
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
|
||||
unsigned char **uni, int *unilen);
|
||||
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS12)
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
|
||||
|
||||
DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
|
||||
DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
|
||||
|
||||
void PKCS12_PBE_add(void);
|
||||
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
|
||||
STACK_OF(X509) **ca);
|
||||
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
|
||||
STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
|
||||
int mac_iter, int keytype);
|
||||
|
||||
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
|
||||
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
|
||||
EVP_PKEY *key, int key_usage, int iter,
|
||||
int key_nid, char *pass);
|
||||
int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
|
||||
int safe_nid, int iter, char *pass);
|
||||
PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
|
||||
|
||||
int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
|
||||
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
|
||||
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
|
||||
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
|
||||
int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_PKCS12_strings(void);
|
||||
|
||||
/* Error codes for the PKCS12 functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define PKCS12_F_PARSE_BAG 129
|
||||
# define PKCS12_F_PARSE_BAGS 103
|
||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
|
||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
|
||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
|
||||
# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
|
||||
# define PKCS12_F_PKCS12_CREATE 105
|
||||
# define PKCS12_F_PKCS12_GEN_MAC 107
|
||||
# define PKCS12_F_PKCS12_INIT 109
|
||||
# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
|
||||
# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
|
||||
# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
|
||||
# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
|
||||
# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
|
||||
# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
|
||||
# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
|
||||
# define PKCS12_F_PKCS12_NEWPASS 128
|
||||
# define PKCS12_F_PKCS12_PACK_P7DATA 114
|
||||
# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
|
||||
# define PKCS12_F_PKCS12_PARSE 118
|
||||
# define PKCS12_F_PKCS12_PBE_CRYPT 119
|
||||
# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
|
||||
# define PKCS12_F_PKCS12_SETUP_MAC 122
|
||||
# define PKCS12_F_PKCS12_SET_MAC 123
|
||||
# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
|
||||
# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
|
||||
# define PKCS12_F_PKCS12_VERIFY_MAC 126
|
||||
# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
|
||||
# define PKCS12_F_PKCS8_ENCRYPT 125
|
||||
|
||||
/* Reason codes. */
|
||||
# define PKCS12_R_CANT_PACK_STRUCTURE 100
|
||||
# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
|
||||
# define PKCS12_R_DECODE_ERROR 101
|
||||
# define PKCS12_R_ENCODE_ERROR 102
|
||||
# define PKCS12_R_ENCRYPT_ERROR 103
|
||||
# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
|
||||
# define PKCS12_R_INVALID_NULL_ARGUMENT 104
|
||||
# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
|
||||
# define PKCS12_R_IV_GEN_ERROR 106
|
||||
# define PKCS12_R_KEY_GEN_ERROR 107
|
||||
# define PKCS12_R_MAC_ABSENT 108
|
||||
# define PKCS12_R_MAC_GENERATION_ERROR 109
|
||||
# define PKCS12_R_MAC_SETUP_ERROR 110
|
||||
# define PKCS12_R_MAC_STRING_SET_ERROR 111
|
||||
# define PKCS12_R_MAC_VERIFY_ERROR 112
|
||||
# define PKCS12_R_MAC_VERIFY_FAILURE 113
|
||||
# define PKCS12_R_PARSE_ERROR 114
|
||||
# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
|
||||
# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
|
||||
# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
|
||||
# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
|
||||
# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,150 @@
|
|||
/* crypto/rand/rand.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_RAND_H
|
||||
# define HEADER_RAND_H
|
||||
|
||||
# include <stdlib.h>
|
||||
# include <openssl/ossl_typ.h>
|
||||
# include <openssl/e_os2.h>
|
||||
|
||||
# if defined(OPENSSL_SYS_WINDOWS)
|
||||
# include <windows.h>
|
||||
# endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
# if defined(OPENSSL_FIPS)
|
||||
# define FIPS_RAND_SIZE_T size_t
|
||||
# endif
|
||||
|
||||
/* Already defined in ossl_typ.h */
|
||||
/* typedef struct rand_meth_st RAND_METHOD; */
|
||||
|
||||
struct rand_meth_st {
|
||||
void (*seed) (const void *buf, int num);
|
||||
int (*bytes) (unsigned char *buf, int num);
|
||||
void (*cleanup) (void);
|
||||
void (*add) (const void *buf, int num, double entropy);
|
||||
int (*pseudorand) (unsigned char *buf, int num);
|
||||
int (*status) (void);
|
||||
};
|
||||
|
||||
# ifdef BN_DEBUG
|
||||
extern int rand_predictable;
|
||||
# endif
|
||||
|
||||
int RAND_set_rand_method(const RAND_METHOD *meth);
|
||||
const RAND_METHOD *RAND_get_rand_method(void);
|
||||
# ifndef OPENSSL_NO_ENGINE
|
||||
int RAND_set_rand_engine(ENGINE *engine);
|
||||
# endif
|
||||
RAND_METHOD *RAND_SSLeay(void);
|
||||
void RAND_cleanup(void);
|
||||
int RAND_bytes(unsigned char *buf, int num);
|
||||
int RAND_pseudo_bytes(unsigned char *buf, int num);
|
||||
void RAND_seed(const void *buf, int num);
|
||||
void RAND_add(const void *buf, int num, double entropy);
|
||||
int RAND_load_file(const char *file, long max_bytes);
|
||||
int RAND_write_file(const char *file);
|
||||
const char *RAND_file_name(char *file, size_t num);
|
||||
int RAND_status(void);
|
||||
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
|
||||
int RAND_egd(const char *path);
|
||||
int RAND_egd_bytes(const char *path, int bytes);
|
||||
int RAND_poll(void);
|
||||
|
||||
# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
|
||||
|
||||
void RAND_screen(void);
|
||||
int RAND_event(UINT, WPARAM, LPARAM);
|
||||
|
||||
# endif
|
||||
|
||||
# ifdef OPENSSL_FIPS
|
||||
void RAND_set_fips_drbg_type(int type, int flags);
|
||||
int RAND_init_fips(void);
|
||||
# endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/*
|
||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_RAND_strings(void);
|
||||
|
||||
/* Error codes for the RAND functions. */
|
||||
|
||||
/* Function codes. */
|
||||
# define RAND_F_RAND_GET_RAND_METHOD 101
|
||||
# define RAND_F_RAND_INIT_FIPS 102
|
||||
# define RAND_F_SSLEAY_RAND_BYTES 100
|
||||
|
||||
/* Reason codes. */
|
||||
# define RAND_R_DUAL_EC_DRBG_DISABLED 104
|
||||
# define RAND_R_ERROR_INITIALISING_DRBG 102
|
||||
# define RAND_R_ERROR_INSTANTIATING_DRBG 103
|
||||
# define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
|
||||
# define RAND_R_PRNG_NOT_SEEDED 100
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue